This is a minor release which includes fixes for CVE-2019-8644,
CVE-2019-8649, CVE-2019-8658, CVE-2019-8669, CVE-2019-8676,
CVE-2019-8678, CVE-2019-8680, CVE-2019-8683, CVE-2019-8684, and
CVE-2019-8688.
This release also contains many build fixes, a few media playback
improvements, and a Web compatibility fix. For a complete list,
the full release notes at:
https://webkitgtk.org/2019/08/28/webkitgtk2.24.4-released.html
The detailed security advisory can be found at:
https://webkitgtk.org/security/WSA-2019-0004.html
Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 046b09f776)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
An issue was discovered in urllib2 in Python 2.x through 2.7.16 and urllib
in Python 3.x through 3.7.3. CRLF injection is possible if the attacker
controls a url parameter, as demonstrated by the first argument to
urllib.request.urlopen with \r\n (specifically in the query string after a ?
character) followed by an HTTP header or a Redis command.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit e941599f69)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security issues:
CVE-2018-16872: A flaw was found in qemu Media Transfer Protocol (MTP). The
code opening files in usb_mtp_get_object and usb_mtp_get_partial_object and
directories in usb_mtp_object_readdir doesn't consider that the underlying
filesystem may have changed since the time lstat(2) was called in
usb_mtp_object_alloc, a classical TOCTTOU problem. An attacker with write
access to the host filesystem shared with a guest can use this property to
navigate the host filesystem in the context of the QEMU process and read any
file the QEMU process has access to. Access to the filesystem may be local
or via a network share protocol such as CIFS.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit a0b032ad85)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Release notes: https://www.videolan.org/developers/vlc-branch/NEWS
Fixes the following security bugs:
* Fix a buffer overflow in the MKV demuxer (CVE-2019-14970)
* Fix a read buffer overflow in the avcodec decoder (CVE-2019-13962)
* Fix a read buffer overflow in the FAAD decoder
* Fix a read buffer overflow in the OGG demuxer (CVE-2019-14437, CVE-2019-14438)
* Fix a read buffer overflow in the ASF demuxer (CVE-2019-14776)
* Fix a use after free in the MKV demuxer (CVE-2019-14777, CVE-2019-14778)
* Fix a use after free in the ASF demuxer (CVE-2019-14533)
* Fix a couple of integer underflows in the MP4 demuxer (CVE-2019-13602)
* Fix a null dereference in the dvdnav demuxer
* Fix a null dereference in the ASF demuxer (CVE-2019-14534)
* Fix a null dereference in the AVI demuxer
* Fix a division by zero in the CAF demuxer (CVE-2019-14498)
* Fix a division by zero in the ASF demuxer (CVE-2019-14535)
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit ad9efda578)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
- Add a patch to fix cross-compilation
- Fix the following CVEs:
- SQUID-2019:6 (CVE-2019-13345), Jul 12, 2019
Fixed from 4.8
Multiple Cross-Site Scripting issues in cachemgr.cgi
- SQUID-2019:5 (CVE-2019-12527), Jul 12, 2019
Fixed from 4.8
Heap Overflow issue in HTTP Basic Authentication processing
- SQUID-2019:3 (CVE-2019-12525), Jul 12, 2019
Fixed from 4.8
Denial of Service in HTTP Digest Authentication processing
- SQUID-2019:2 (CVE-2019-12529), Jul 12, 2019
Fixed from 4.8
Denial of Service in HTTP Basic Authentication processing
- SQUID-2019:1 (CVE-2019-12824), Jul 12, 2019
Fixed from 4.8
Denial of Service issue in cachemgr.cgi
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 7792c4f1bc)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
/etc/quagga is listed in QUAGGA_PERMISSIONS, but is only created when
some of the quagga sub-options are enabled. When none of those
sub-options are enabled, /etc/quagga is not created, causing a build
failure when the filesystem images are created:
makedevs: line 1: recursive failed for /home/thomas/projets/outputs/quagga-minimal/build/buildroot-fs/tar/target/etc/quagga: No such file or directory
Since it is too cumbersome to maintain which sub-options exactly lead
to /etc/quagga being created, simply create /etc/quagga
unconditionally. It will simply be empty when the quagga package
doesn't install anything in it.
For the record, here is the list of files installed in /etc/quagga
when all quagga sub-options are enabled:
bgpd.conf.sample bgpd.conf.sample2 isisd.conf.sample
ospf6d.conf.sample ospfd.conf.sample pimd.conf.sample
ripd.conf.sample ripngd.conf.sample vtysh.conf.sample
zebra.conf.sample
Fixes:
http://autobuild.buildroot.net/results/cdb66589909fd3996186f7db7d1f19a3b03d58a0/
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 939c0187ca)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
- Fix CVE-2018-11490: The DGifDecompressLine function in dgif_lib.c in
GIFLIB (possibly version 3.0.x), as later shipped in cgif.c in sam2p
0.49.4, has a heap-based buffer overflow because a certain
"Private->RunningCode - 2" array index is not checked. This will lead
to a denial of service or possibly unspecified other impact.
- Fix CVE-2019-15133: In GIFLIB before 2019-02-16, a malformed GIF file
triggers a divide-by-zero exception in the decoder function DGifSlurp
in dgif_lib.c if the height field of the ImageSize data structure is
equal to zero.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit d7926d7cb5)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
In commit 3e5926555b ("package/{mesa3d,
mesa3d-headers}: bump version to 17.1.2"), the dependency of VC4 on
BR2_arm was changed to BR2_ARM_CPU_HAS_NEON, which the reasoning that
upstream commit
https://cgit.freedesktop.org/mesa/mesa/commit/?h=17.1&id=4d30024238efa829cabc72c1601beeee18c3dbf2
made NEON mandatory. However, this commit (including its commit log)
clearly shows that there is compile-time detection on whether you're
using ARMv6 or ARMv7, and simply says there is no runtime detection
for that (which usually isn't very important in the context of
Buildroot). So, the VC4 driver can be used on ARMv6
RaspberryPis. Therefore, this commit reverts to the BR2_arm
dependency.
Note: while there are some ARMv7 without NEONs, all ARMv7 RaspberryPi
platforms do have NEON, so the compile-time checks done in the VC4
driver are good enough.
Fixes:
https://bugs.busybox.net/show_bug.cgi?id=12126
Cc: Sahaj Sarup <sahajsarup@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 350cb0d32e)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
On July 3, 2019, Let's Encrypt deployed new ACME server software that no
longer returns the 'id' field in the account information JSON.
Dehydrated relied on this field, even though it is not specified by RFC
8555. Because of this, dehydrated can no longer create a new account on
Let's Encrypt.
This was fixed by upstream commits be13dcd and 4f358e2. But the latter
broke ACMEv1 support so was fixed again in commit f60f2f8.
Cherry-picking this correctly is tricky, so instead just bump the
version. There are quite a few non-bugfix changes that are included this
way, but it's more risky to try to cherry-pick.
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 539f86571f)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
As spotted by Danomi during review of "libssh2: security bump to version
1.9.0" (https://patchwork.ozlabs.org/patch/1148776), it seems that
the tarball from github and libssh2.org/download are not the same. One
of the difference is that LIBSSH2_VERSION in include/libssh2.h is set to
"1.9.0_DEV" in github tarball whereas it is set to "1.9.0" in
libssh2.org/download.
So switch site to https://www.libssh2.org/download to get "official"
release
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit cc3da232e4)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix CVE-2019-13115: In libssh2 before 1.9.0,
kex_method_diffie_hellman_group_exchange_sha256_key_exchange in kex.c
has an integer overflow that could lead to an out-of-bounds read in the
way packets are read from the server. A remote attacker who compromises
a SSH server may be able to disclose sensitive information or cause a
denial of service condition on the client system when a user connects to
the server. This is related to an _libssh2_check_length mistake, and is
different from the various issues fixed in 1.8.1, such as CVE-2019-3855.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit dea6f1f303)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security issues:
A carefully constructed commit object with a very large number
of parents may lead to potential out-of-bounds writes or
potential denial of service.
The ProgramData configuration file is always read for compatibility
with Git for Windows and Portable Git installations. The ProgramData
location is not necessarily writable only by administrators, so we
now ensure that the configuration file is owned by the administrator
or the current user.
Signed-off-by: Nicolas Cavallari <nicolas.cavallari@green-communications.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit bee5ab6c9d)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
For post-1.12.8 fixes. From the release notes:
go1.12.9 (released 2019/08/15) includes fixes to the linker, and the os and
math/big packages.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit b84261e5ca)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
go1.12.6 (released 2019/06/11) includes fixes to the compiler, the linker, the
go command, and the crypto/x509, net/http, and os packages.
go1.12.7 (released 2019/07/08) includes fixes to cgo, the compiler, and the
linker.
go1.12.8 (released 2019/08/13) includes security fixes to the net/http and
net/url packages.
https://golang.org/doc/devel/release.html
Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 81b164c537)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
<scjthm@live.com>: host live-com.olc.protection.outlook.com[104.47.5.33] said:
550 5.5.0 Requested action not taken: mailbox unavailable.
[HE1EUR02FT033.eop-EUR02.prod.protection.outlook.com] (in reply to RCPT TO
command)
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 9b0dde4073)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
<eswierk@skyportsystems.com>: host aspmx.l.google.com[108.177.127.27] said:
550-5.1.1 The email account that you tried to reach does not exist. Please
try 550-5.1.1 double-checking the recipient's email address for typos or
550-5.1.1 unnecessary spaces. Learn more at 550 5.1.1
https://support.google.com/mail/?p=NoSuchUser 33si1105652eds.275 - gsmtp
(in reply to RCPT TO command)
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 6906b53d41)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
His e-mail address @imgtec.com is bouncing:
<abhilash.tuse@imgtec.com>: host
mxa-00376f01.gslb.pphosted.com[185.132.180.163] said: 550 5.1.1 User
Unknown (in reply to RCPT TO command)
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit e78528f8a9)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
qt5enginio requires SSL support in qt5base. However, the SSL support
in qt5base is a bit annoying: while it can be provided by either
openssl or libressl for Qt latest, it can only be provided by
libressl for Qt 5.6.
Fabrice Fontaine initially proposed [0] a dependency on
BR2_PACKAGE_QT5BASE_OPENSSL, and a long discussion
followed. Ultimately, we found the dependency to not be nice, as it
required users to know that they need to enable some SSL
implementation to be able to enable qt5enginio.
The current solution enables BR2_PACKAGE_OPENSSL (the virtual
package), which can be either openssl or libressl. This choice was
done under the assumption that we anyway don't test Qt 5.6 in the
autobuilders. However, this is incorrect: Qt latest needs gcc >= 4.8
on host and target, and we have configurations in the autobuilders
that don't meet this requirement, and therefore build Qt 5.6, and face
a build issue due to OpenSSL being used instead of LibreSSL.
After additional thinking, this commit simply gets back to the
original solution proposed by Fabrice: a "depends on". We simply add
Config.in comments to help the user in knowing what is missing to
enable qt5enginio.
An alternate solution would have been to disallow selecting qt5enginio
when Qt 5.6 is used. But fixing the qt5enginio build is also needed
for the LTS branch, and we can't drop qt5enginio on Qt 5.6 in the LTS
branch, as that could bother users.
Fixes:
http://autobuild.buildroot.net/results/227d4b9e2b48c5b3f2dcf0fad9eefa2816c1eb0c/
[0] https://patchwork.ozlabs.org/patch/1053883/
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 035540b64a)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
>From the release notes:
- Fix an out-of-bounds read of maximal two bytes for truncated RVA2 frames
(oss-fuzz-bug 15975). The earlier fix around the same location needed
one thought more. Actually, another though was needed, oss-fuzz-bug 16009
documents the incomplete fix.
- Fix an invalid write of one zero byte for empty ID3v2 frames that demand
de-unsyncing (oss-fuzz-bug 16050).
- Fix dynamic build with gcc -fsanitize=address (check for all dl functions
before deciding that separate -ldl is not needed).
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit b907d344d8)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
>From https://www.mpg123.de/cgi-bin/news.cgi:
Fixes a number of bugs found by OSS-Fuzz:
* Fix out-of-bounds reads in ID3 parser for unsynced frames.
(oss-fuzz-bug 15852)
* Fix out-of-bounds read for RVA2 frames with non-delimited identifier.
(oss-fuzz-bug 15852)
* Fix implementation-defined parsing of RVA2 values.
(oss-fuzz-bug 15862)
* Fix undefined parsing of APE header for skipping. Also prevent endless loop
on premature end of supposed APE header. (oss-fuzz-bug 15864)
* Fix some syntax to make pedantic compiler happy.
The serious bugs trigger Denial of Service either via the nasty endless loop in
supposed APE tags or by crashes if the invalid reads hit a diagnostic by the OS
or, more likely, a security mechanism like the sanitizer instrumentation that
enabled finding the bugs.
I do not have CVE numbers for these bugs. I rather fix the bugs than name them.
Just update, will you?
Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 7291360fd8)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Document that along with the server we install omshell, an interactive
tool to connect to, query, and possibly change, the server's state via
the Object Management API (OMAPI).
Signed-off-by: Carlos Santos <unixmania@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 79ba55df5a)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
We don't use "make install" for target installation because we build all
utilities (server, relay, client) but install only the selected ones.
The utilities, however, require the shared libraries to work, so use the
"install-exec" make target to install them. This also installs static
libraries but they are removed later by target-finalize.
With this change the omshell utility is installed if server is selected.
We keep it, since it is small and may be useful at run-time.
Fixes:
https://bugs.busybox.net/show_bug.cgi?id=12086
Signed-off-by: Carlos Santos <unixmania@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit a404d48e7e)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes CVE-2019-13224: A use-after-free in onig_new_deluxe() in regext.c
in Oniguruma 6.9.2 allows attackers to potentially cause information
disclosure, denial of service, or possibly code execution by providing a
crafted regular expression. The attacker provides a pair of a regex
pattern and a string, with a multi-byte encoding that gets handled by
onig_new_deluxe().
Fixes CVE-2019-13225: A NULL Pointer Dereference in match_at() in
regexec.c in Oniguruma 6.9.2 allows attackers to potentially cause
denial of service by providing a crafted regular expression.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 281871e6b0)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Neil Brown no longer maintains mdadm. The old website refers to a stale
git repository. There is nothing else but this wiki page to serve as a
website.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 036dee02cd)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The following additional bugs are fixed:
[16573] malloc: Set and reset all hooks for tracing
[18035] Fix pldd hang
[20568] Fix crash in _IO_wfile_sync
[24228] old x86 applications that use legacy libio crash on exit
[24476] dlfcn: Guard __dlerror_main_freeres with __libc_once_get (once)
[24744] io: Remove the copy_file_range emulation
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Reviewed-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 840ecb29f5)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security issue:
- CVE-2017-7401: Incorrect interaction of the parse_packet() and
parse_part_sign_sha256() functions in network.c in collectd 5.7.1 and
earlier allows remote attackers to cause a denial of service (infinite
loop) of a collectd instance (configured with "SecurityLevel None" and
with empty "AuthFile" options) via a crafted UDP packet
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
When no filesystem is enabled, the $BINARIES_DIR is not created. Yet,
the post-image scripts are still run. When those want to generate an
image in there, they may fail as the dirctory does not exist (it did
exist before we started applying preparatory changes for top-level
parallel build, so scripts got to rely on that assumption).
Do in target-post-image as we do in the sdk rule: create the directory
before calling the scripts.
Signed-off-by: Brent Generous <bgenerous@impinj.com>
[yann.morin.1998@free.fr:
- create the directory before calling the scripts
- don't drop the creation in the sdk rule
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit d57e73078a)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
When BR2_KERNEL_HEADERS_AS_KERNEL=y, we expect that the Linux kernel
headers code will be exactly the same as the Linux kernel code
itself. The code currently takes into account the patches defined by
BR2_LINUX_KERNEL_PATCH, but not the kernel patches that are stored in
linux's BR2_GLOBAL_PATCH_DIR.
So for example, the current qemu_riscv32_virt_defconfig has:
BR2_GLOBAL_PATCH_DIR="board/qemu/riscv32-virt/patches/"
With:
board/qemu/riscv32-virt/patches/
└── linux
└── 0001-Revert-riscv-Use-latest-system-call-ABI.patch
This patch gets properly applied when the Linux kernel is built, but
not when the linux-headers package is built.
This commit fixes that by making sure patches stored in the "linux"
BR2_GLOBAL_PATCH_DIR subdirectory are taken into account.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Acked-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 6f79cebe6a)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
python3 nowadays appends the triplet to the config-<version>m directory:
echo target/usr/lib/python3.7/config-*
target/usr/lib/python3.7/config-3.7m-powerpc-linux-gnu
Likewise, there is no longer a pyconfig.h:
ls target/usr/lib/python3.7/config-3.7m-powerpc-linux-gnu
config.c config.c.in install-sh libpython3.7m.a Makefile
makesetup python-config.py python.o Setup Setup.local
So adjust the removal logic to match. Use a wildcard rather than
$GNU_TARGET_NAME as buildroot and python3's idea of the triplet doesn't
always match (E.G. for musl/uclibc).
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
(cherry picked from commit b3424c8fc9)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes:
http://autobuild.buildroot.net/results/cb4/cb49c539501342e45cbe5ade82e588fcdf51f05b
GCC commit 6834b83784dcf0364eb820e8 (multiarch support for non-glibc linux
systems), which is part of GCC 8+, changed the multiarch logic to use
$arch-linux-musl / $arch-linux-uclibc rather than $arch-linux-gnu.
This then causes the python3 configure script to error out:
checking for the platform triplet based on compiler characteristics... powerpc-linux-gnu
configure: error: internal configure error for the platform triplet, please file a bug report
http://autobuild.buildroot.net/results/cb4/cb49c539501342e45cbe5ade82e588fcdf51f05b
As it requires that the --print-multiarch output (if not empty) matches the
deduced triplet (which always uses -linux-gnu).
It isn't quite clear why --print-multiarch returns something for a
non-multiarch toolchain on some architectures (E.G. PowerPC), but as a
workaround, add a patch to rewrite the --print-multiarch output to match
older GCC versions to keep the configure script happy.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
(cherry picked from commit 38b28e48d8)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Some packages test for CMAKE_SYSTEM explicitly[1]
CMAKE_SYSTEM is comprised of CMAKE_SYSTEM_NAME and CMAKE_SYSTEM_VERSION.
It defaults to CMAKE_SYSTEM_NAME if CMAKE_SYSTEM_VERSION is not set[2]
At the point CMAKE_SYSTEM_NAME is set to "Linux" CMAKE_SYSTEM is already
constructed. Setting it explicitly ensures that it is the correct value.
This is because we do set CMAKE_SYSTEM_NAME twice, in fact:
- first in toolchainfile.cmake, so that we tell cmake to use the
"Buildroot" platform,
- second, in the Buildroot.cmake platform definition itself, so that
we eventually behave like the Linux platform.
We also set CMAKE_SYSTEM_VERSION to 1, and so the real CMAKE_SYSTEM
value should be set to Linux-1 if we were to follow the documentation to
the letter.
However, for Linux, the version does not matter, and in some situations
may even be harmful (that was reported in one of the commits that
introduce Buildroot.cmake and toolchainfile.cmake).
[1] Fluidsynth 0cd44d00e1/CMakeLists.txt (L80)
[2] https://cmake.org/cmake/help/git-master/variable/CMAKE_SYSTEM.html#variable:CMAKE_SYSTEM
Signed-off-by: Frank Vanbever <frank.vanbever@mind.be>
Acked-by: Yann E. MORIN <yann.morin.1998@free.fr>
[Peter: update commit message with description from Yann]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 07f31ee263)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The domain search option is from RFC3397, not RFC3359 (which is about TLV
codepoints), so fix that.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 67a52f6fc9)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This is useful in networks with internal resources as it allows
to use much shorter names.
E.g. instead of "server.internal.company.com" it's possible
to use just "server" if DHCP server is configured with:
---------------------------->8-----------------------
option domain-search "internal.company.com";
---------------------------->8-----------------------
This improvement consists of 2 parts:
1. Enable handling of RFC3397 so DHCP client is ready for processing
corresponding data from DHCP server.
2. Some DHCP servers always send out search list if it is set in server's
configuration and some servers only provide search list if client
asks for that (sending list of options it expects to get).
And exactly for those stubborn DHCP servers we need to add "-O search"
to udhcp's command line via CONFIG_IFUPDOWN_UDHCPC_CMD_OPTIONS.
Signed-off-by: Alexey Brodkin <abrodkin@synopsys.com>
Cc: Ignacy Gawedzki <ignacy.gawedzki@green-communications.fr>
Cc: Peter Korsgaard <peter@korsgaard.com>
Acked-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 80291c3e9c)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes CVE-2018-18310: An invalid memory address dereference was
discovered in dwfl_segment_report_module.c in libdwfl in elfutils
through v0.174. The vulnerability allows attackers to cause a denial of
service (application crash) with a crafted ELF file, as demonstrated by
consider_notes.
Fixes CVE-2018-18520: An Invalid Memory Address Dereference exists in
the function elf_end in libelf in elfutils through v0.174. Although
eu-size is intended to support ar files inside ar files,
handle_ar in size.c closes the outer ar file before handling all inner
entries. The vulnerability allows attackers to cause a denial of service
(application crash) with a crafted ELF file.
Fixes CVE-2018-18521: Divide-by-zero vulnerabilities in the function
arlib_add_symbols() in arlib.c in elfutils 0.174 allow remote attackers
to cause a denial of service (application crash) with a crafted ELF
file, as demonstrated by eu-ranlib, because a zero sh_entsize is
mishandled.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 725531fc32)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Package prboom builds using -O2 flag ignoring Buildroot settings, this
is due to the fact that -O2 is appended at the end of compiler flags.
Remove -O2 from 'configure.ac' file and set PRBOOM_AUTORECONF to YES,
this way CFLAGS_OPTS will contain Buildroot TARGET_CFLAGS.
Signed-off-by: Giulio Benetti <giulio.benetti@micronovasrl.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 34bcc4c6b0)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
With a C library which does not provide fenv.h, it won't work at runtime:
Crash after an "import numpy" on python.
Since numpy v1.16.0:
"Alpine Linux (and other musl c library distros) support
We now default to use fenv.h for floating point status error reporting.
Previously we had a broken default that sometimes would not report
underflow, overflow, and invalid floating point operations. Now we can
support non-glibc distrubutions like Alpine Linux as long as they ship
fenv.h."
Disable python-numpy for uClibc to avoid the runtime errors.
ARC's glibc used to have an incomplete fenv.h, but this has been fixed
since commit be0aaaaecd ("toolchain: bump ARC tools to arc-2019.03
release"), so we don't need an exception for ARC.
Two patches attempted to fix the build for uclibc and glibc for ARC, but
didn't fix the runtime issue. Remove those patches.
Signed-off-by: Damien DUVAL <damien.duval@smile.fr>
Signed-off-by: Alexandre PAYEN <alexandre.payen@smile.fr>
Cc: Alexey Brodkin <Alexey.Brodkin@synopsys.com>
Signed-off-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
(cherry picked from commit 1aa59097e6)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Qt5 has predefined optimization flags depending if you're building for
size, for debug etc. These flags are defined in
mkspecs/common/gcc-base.conf:
QMAKE_CFLAGS_OPTIMIZE = -O2
QMAKE_CFLAGS_OPTIMIZE_FULL = -O3
QMAKE_CFLAGS_OPTIMIZE_DEBUG = -Og
QMAKE_CFLAGS_OPTIMIZE_SIZE = -Os
Then, in common/features/default_post.prf, they add those flags to
QMAKE_CFLAGS_RELEASE/QMAKE_CXXFLAGS_RELEASE depending on various build
options (optimize_size, optimize_full, optimize_debug):
optimize_size {
!isEmpty(QMAKE_CFLAGS_OPTIMIZE):!isEmpty(QMAKE_CFLAGS_OPTIMIZE_SIZE) {
QMAKE_CFLAGS_RELEASE -= $$QMAKE_CFLAGS_OPTIMIZE
QMAKE_CXXFLAGS_RELEASE -= $$QMAKE_CFLAGS_OPTIMIZE
QMAKE_CFLAGS_RELEASE += $$QMAKE_CFLAGS_OPTIMIZE_SIZE
QMAKE_CXXFLAGS_RELEASE += $$QMAKE_CFLAGS_OPTIMIZE_SIZE
}
} else: optimize_full {
!isEmpty(QMAKE_CFLAGS_OPTIMIZE):!isEmpty(QMAKE_CFLAGS_OPTIMIZE_FULL) {
QMAKE_CFLAGS_RELEASE -= $$QMAKE_CFLAGS_OPTIMIZE
QMAKE_CXXFLAGS_RELEASE -= $$QMAKE_CFLAGS_OPTIMIZE
QMAKE_CFLAGS_RELEASE += $$QMAKE_CFLAGS_OPTIMIZE_FULL
QMAKE_CXXFLAGS_RELEASE += $$QMAKE_CFLAGS_OPTIMIZE_FULL
}
}
Since this default_post.prf is included *after* our qmake.conf file,
these flags override our optimizations flags, which is not good.
However, our qmake.conf file is included *after* gcc-base.conf, so we
can simply reset those variables to have the empty value, and our
optimization flags will be used.
Signed-off-by: Giulio Benetti <giulio.benetti@micronovasrl.com>
[Thomas: completely change the approach, by simply resetting the
QMAKE_CFLAGS_OPTIMIZE_* variables in qmake.conf]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 7c0aa83527)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
In qmake.conf.in has been left 'QMAKE_CXXFLAGS_RELEASE += -O3' but this
leads to not use Buildroot CXXFLAGS when building in release
mode(without debugging symbols). So let's remove it to let Qt5 to follow
Buildroot optimization flags like other packages do.
Signed-off-by: Giulio Benetti <giulio.benetti@micronovasrl.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 0650c4c7a3)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The numpy build system attempts to find lapack/blas at build time. It
tries a lot of different implementations, e.g. lapack, openblas, atlas,
... It is possible to help this automatic discovery by specifying
libraries to load in site.cfg and/or by setting environment variables
BLAS and LAPACK.
Unfortunately, the build system's logic is really hard to understand and
it's fragile. For example, regardless of what is specified as libraries
to load, it *will* try to find libblas.so and liblapack.so. However,
when something is specified explicitly in site.cfg, it will use a
different code path.
It turns out that when we specified the blas and lapack libraries
explicitly, as is done now, the build system logic will assume (without
checking) that cblas is used. This causes calls to cblas_* to be linked
in - again without checking, because numpy contains a copy of the header
and it uses dlopen to load it. clapack, however, does *not* provide
cblas (although it does provide a library libblas.so, but no
libcblas.so). Therefore, when importing numpy at runtime, we get an
error like:
ImportError: /usr/lib/python3.7/site-packages/numpy/core/_multiarray_umath.cpython-37m-arm-linux-gnueabihf.so: undefined symbol: cblas_sgemm
The initial attempt to fix this added cblas to the libraries. This
happens to work because apparently the entire libraries line is ignored
when a non-existing library is added to it (remember, clapack does not
provide libcblas).
Another attempt was to set BLAS=None in the environment. This didn't
have any effect. Setting both BLAS=None and LAPACK=None does disable
lapack and blas, but then we don't use clapack at all.
In fact, it is not necessary to provide a libraries line at all: the
build system will attempt to find liblapack, libblas and libcblas
without any help.
Therefore, remove the libraries line from site.cfg and remove
PYTHON_NUMPY_SITE_CFG_LIBS.
Note that the paths to staging's /usr/include and /usr/lib need to be
specified explicitly. Indeed, the numpy build system doesn't use the
compiler to check the presence/absence of includes and libraries; it
searches the paths itself. It also hardcodes paths to /usr/lib etc, but
this is something that will be tackled in a separate commit.
Note that there is another problem: both lapack and clapack provide
libblas.so and liblapack.so. This will be handled in a later commit.
Also, openblas provides a cblas implementation in libopenblas.so, so
there should be a dependency on openblas to make sure numpy can find it.
This part is not entirely clear yet, so it will also be handled in a
separate commit.
Runtime testing is essential to be able to track this kind of issue, so
that is something that will be added in a separate commit as well.
Fixes:
http://lists.busybox.net/pipermail/buildroot/2019-June/252380.html
Initial patch from Giulio Benetti :
[v1] http://patchwork.ozlabs.org/patch/1100100/
[v2] http://patchwork.ozlabs.org/patch/1100208/
Signed-off-by: Alexandre PAYEN <alexandre.payen@smile.fr>
Cc: Giulio Benetti <giulio.benetti@micronovasrl.com>
Signed-off-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
(cherry picked from commit 4c2b6978f6)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Detected by check-package, which gets confused by it.
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
(cherry picked from commit 651524db3a)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security vulnerability:
CVE-2019-9740: An issue was discovered in urllib2 in Python 2.x through
2.7.16 and urllib in Python 3.x through 3.7.3. CRLF injection is possible
if the attacker controls a url parameter, as demonstrated by the first
argument to urllib.request.urlopen with \r\n (specifically in the query
string after a ? character) followed by an HTTP header or a Redis command.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
quagga has its own copy of getopt_long() instead of using the system's,
and this copy also defines the opterr and optind variables. Obviously,
this is only apparent when linking statically.
This problem can easily be avoided by making sure that getopt() itself
is defined too. This way, there is no reason any more to pull in libc's
getopt() and the corresponding definitions of opterr and optind. Note
that getopt() itself is pulled in by netsnmp, not by quagga itself.
Fortunately, there's a REALLY_NEED_PLAIN_GETOPT flag that we can define
to make sure getopt() does get built by quagga. We can safely do this
unconditionally (instead of only when BR2_PACKAGE_QUAGGA_SNMP and
BR2_STATIC_LIBS are enabled): without netsnmp, getopt() will simply not
be used, and with dynamic libs there's no risk of conflicts anyway.
Fixes:
http://autobuild.buildroot.net/results/0ac598c2259a8d7e8b72d4e8ed95079675b31b84
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Cc: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit d7215f2bbb)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
host-cloop needs _GNU_SOURCE for loff_t otherwise build fails with gcc
8.3.0 on:
extract_compressed_fs.c: In function 'main':
extract_compressed_fs.c:55:2: error: unknown type name 'loff_t'; did you mean 'off_t'?
loff_t *offsets;
Fixes:
- No autobuilder failures
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit edf97df877)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix the build of host-qemu with virtfs enabled: fix a typo in makefile
conditional and add a dependency on host-libcap as that is a dependency of
virtfs support:
if test "$virtfs" != no && test "$cap" = yes && test "$attr" = yes ; then
virtfs=yes
The virtfs configuration option was added by commit e0f49e6484
("package/qemu: add option to enable virtual filesystem in host qemu").
Signed-off-by: Vincent Stehlé <vincent.stehle@arm.com>
Cc: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 499dfc9410)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security issues:
CVE-2019-14232: Denial-of-service possibility in django.utils.text.Truncator
If django.utils.text.Truncator's chars() and words() methods were passed the
html=True argument, they were extremely slow to evaluate certain inputs due
to a catastrophic backtracking vulnerability in a regular expression. The
chars() and words() methods are used to implement the truncatechars_html and
truncatewords_html template filters, which were thus vulnerable.
The regular expressions used by Truncator have been simplified in order to
avoid potential backtracking issues. As a consequence, trailing punctuation
may now at times be included in the truncated output.
CVE-2019-14233: Denial-of-service possibility in strip_tags()
Due to the behavior of the underlying HTMLParser,
django.utils.html.strip_tags() would be extremely slow to evaluate certain
inputs containing large sequences of nested incomplete HTML entities. The
strip_tags() method is used to implement the corresponding striptags
template filter, which was thus also vulnerable.
strip_tags() now avoids recursive calls to HTMLParser when progress removing
tags, but necessarily incomplete HTML entities, stops being made.
Remember that absolutely NO guarantee is provided about the results of
strip_tags() being HTML safe. So NEVER mark safe the result of a
strip_tags() call without escaping it first, for example with
django.utils.html.escape().
CVE-2019-14234: SQL injection possibility in key and index lookups for
JSONField/HStoreField
Key and index lookups for django.contrib.postgres.fields.JSONField and key
lookups for django.contrib.postgres.fields.HStoreField were subject to SQL
injection, using a suitably crafted dictionary, with dictionary expansion,
as the **kwargs passed to QuerySet.filter().
CVE-2019-14235: Potential memory exhaustion in
django.utils.encoding.uri_to_iri()
If passed certain inputs, django.utils.encoding.uri_to_iri could lead to
significant memory usage due to excessive recursion when re-percent-encoding
invalid UTF-8 octet sequences.
uri_to_iri() now avoids recursion when re-percent-encoding invalid UTF-8
octet sequences.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
We don't use "make install" for the target installation so we must pick
the executables from the ".libs" directories on which libtool generates
them otherwise we install the automatically generated wrapper scripts.
This was not necessary before the upgrade to version 4.4.1.
Fixes: https://bugs.busybox.net/show_bug.cgi?id=12051
Signed-off-by: Carlos Santos <unixmania@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit ffe5fcadfc)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Currently libnss is configured with BUILD_OPT=1 and due to that that
it doesn't take into account Buildroot TARGET_CFLAGS nor
TARGET_LDFLAGS resulting in pre-chosen optimizations and debugging
symbols being used.
We can't pass TARGET_CFLAGS through CFLAGS or similar otherwise other
internal libnss one will be overwritten (i.e. -fPIC), so we prefer to
append TARGET_CFLAGS at the end of Linux.mk as well as TARGET_LDFLAGS
according to internal libnss Makefile system's names. And obviously
remove BUILD_OPT=1 from BUILD_VARS.
This reveals hidden bugs when building with -Os due to bogus
uninitialized warnings from gcc turned into errors because of -Werror,
so we explicitly pass NSS_ENABLE_WERROR=0 to avoid the use of -Werror.
Signed-off-by: Giulio Benetti <giulio.benetti@micronovasrl.com>
[Thomas: drop the libnss patches, and pass NSS_ENABLE_WERROR instead]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 5e787b0014)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The 4.11.2 release brings a large number of fixes:
https://xenproject.org/downloads/xen-project-archives/xen-project-4-11-series/xen-project-4-11-2/
Including a number of security fixes:
XSA-284: grant table transfer issues on large hosts
XSA-285: race with pass-through device hotplug
XSA-287: x86: steal_page violates page_struct access discipline
XSA-288: x86: Inconsistent PV IOMMU discipline
XSA-290: missing preemption in x86 PV page table unvalidation
XSA-291: x86/PV: page type reference counting issue with failed IOMMU update
XSA-292: x86: insufficient TLB flushing when using PCID
XSA-293: x86: PV kernel context switch corruption
XSA-294: x86 shadow: Insufficient TLB flushing when using PCID
XSA-295: Unlimited Arm Atomics Operations
XSA-297: Microarchitectural Data Sampling speculative side channel
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 2905569284)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
[Arnout: rebase after change of version formatting]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
(cherry picked from commit 7e99d1de50)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security issues:
CVE-2019-12827: A specially crafted SIP in-dialog MESSAGE message can cause
Asterisk to crash:
https://downloads.asterisk.org/pub/security/AST-2019-002.html
CVE-2019-13161: When T.38 faxing is done in Asterisk a T.38 reinvite may be
sent to an endpoint to switch it to T.38. If the endpoint responds with an
improperly formatted SDP answer including both a T.38 UDPTL stream and an
audio or video stream containing only codecs not allowed on the SIP peer or
user a crash will occur. The code incorrectly assumes that there will be at
least one common codec when T.38 is also in the SDP answer:
https://downloads.asterisk.org/pub/security/AST-2019-003.html
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 2cb389deca)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
openvmtools detects and uses an external RPC library if RPC is not
supported by the toolchain C library, so let's select package/libtirpc
when necessary.
Signed-off-by: Simon Rowe <simon.rowe@citrix.com>
[Thomas: add missing dependency on libtirpc]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit d006737faa)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Since version 3.4.1 [1], opencv disable pkg-config while cross-compiling to
avoid host headers/libraries poisoning.
Due to this, opencv fail to detect ffmpeg, gstreamer and gtk dependencies
even if the corresponding support is requested by
BR2_PACKAGE_OPENCV3_WITH_{FFMPEG,GSTREAMER,GTK2,GTK3}.
Maybe other dependencies are affected by this issue...
While configuring opencv we can notice the following messages:
"-- OpenCV disables pkg-config to avoid using of host libraries. Consider using PKG_CONFIG_LIBDIR to specify target SYSROOT"
"-- Can't find ffmpeg - 'pkg-config' utility is missing"
As the result ffmpeg and gstreamer are not enabled:
-- Video I/O:
-- FFMPEG: NO
-- avcodec: NO
-- avformat: NO
-- avutil: NO
-- swscale: NO
-- avresample: NO
-- GStreamer: NO
-- libv4l/libv4l2: NO
-- v4l/v4l2: linux/videodev2.h
We can fixes this by adding a new option OPENCV_ENABLE_PKG_CONFIG=ON
-- Video I/O:
-- FFMPEG: YES
-- avcodec: YES (ver 58.35.100)
-- avformat: YES (ver 58.20.100)
-- avutil: YES (ver 56.22.100)
-- swscale: YES (ver 5.3.100)
-- avresample: YES (ver 4.0.0)
-- GStreamer:
-- base: YES (ver 1.16.0)
-- video: YES (ver 1.16.0)
-- app: YES (ver 1.16.0)
-- riff: YES (ver 1.16.0)
-- pbutils: YES (ver 1.16.0)
-- libv4l/libv4l2: NO
-- v4l/v4l2: linux/videodev2.h
Add host-pkgconf in the dependencies.
If there is a path poisoning issue, it will be detected by the toolchain
paranoid wrapper.
[1] c4f9ff0285
Signed-off-by: Romain Naour <romain.naour@smile.fr>
Cc: Samuel Martin <s.martin49@gmail.com>
Cc: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Cc: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 41f5ee957c)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The licensing information, and especially the name of the license file,
is known only for the official v1.4 version. For example, in later
versions, the license file has been renamed.
Since we can't be sure of the licensing information for custom versions,
or for versions from git, define that only for the known v1.4 version.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Adam Duskett <aduskett@gmail.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit d1a61703f7)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
idna requires unicodedata:
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
File "usr/lib/python3.7/site-packages/idna/__init__.py", line 2, in <module>
File "usr/lib/python3.7/site-packages/idna/core.py", line 3, in <module>
ModuleNotFoundError: No module named 'unicodedata'
Signed-off-by: Alex Xu <alex_y_xu@yahoo.ca>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 9177475111)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
We export GZIP = -n so that GZIP does not record original
name and timestamps. However..
GZIP environment variable is deprecated and soon will not be
supported in future GZIP versions. GZIP suggests the use of a
wrapper to pass options globally but it might be difficult to
implement in Buildroot. For now, we don't export the variable
and fix reproducibility issues per package as they show up in
Autobuilder.
Signed-off-by: Atharva Lele <itsatharva@gmail.com>
Acked-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit d590b37633)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Using the GZIP environment variable to pass gzip options is
deprecated, and therefore we are going to remove the "GZIP = -n"
definition from the main Buildroot Makefile. In preparation for this,
we explicitly add the -n argument to the gzip call in fs/common.mk to
ensure reproducibility.
Signed-off-by: Atharva Lele <itsatharva@gmail.com>
Acked-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 44d17dd128)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
When -Dintrospection=false is not passed, the meson script
auto-detects the host g-ir-scanner, which is not usable in a
cross-compile environment.
Signed-off-by: Alex Xu <alex_y_xu@yahoo.ca>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 6afc3edd41)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security issue:
CVE-2019-13132: a remote, unauthenticated client connecting to a
libzmq application, running with a socket listening with CURVE
encryption/authentication enabled, may cause a stack overflow and
overwrite the stack with arbitrary data, due to a buffer overflow in
the library. Users running public servers with the above configuration
are highly encouraged to upgrade as soon as possible, as there are no
known mitigations. All versions from 4.0.0 and upwards are affected.
Thank you Fang-Pen Lin for finding the issue and reporting it!
Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
[Peter: mention security impact]
(cherry picked from commit 45e5cd5a2b)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix the URL and add three new patches. Quoting changelog [1]:
unzip (6.0-24) unstable; urgency=medium
* Apply two patches by Mark Adler:
- Fix bug in undefer_input() that misplaced the input state.
- Detect and reject a zip bomb using overlapped entries. Closes: #931433.
Bug discovered by David Fifield. For reference, this is CVE-2019-13232.
-- Santiago Vila <sanvila@debian.org> Thu, 11 Jul 2019 18:03:34 +0200
unzip (6.0-23) unstable; urgency=medium
* Fix lame code in fileio.c which parsed 64-bit values incorrectly.
Thanks to David Fifield for the report. Closes: #929502.
-- Santiago Vila <sanvila@debian.org> Wed, 29 May 2019 00:24:08 +0200
[1] https://sources.debian.org/data/main/u/unzip/6.0-24/debian/changelog
Signed-off-by: Sébastien Szymanski <sebastien.szymanski@armadeus.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 009c59a261)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Since we use --xattrs-include='*' to include all extended attributes,
tar creates a PAX formatted archive. The archive metadata captures atime
and ctime of files. To fix this, GNU recommends that we pass this added
argument to tar to create binary reproducible packages. Setting of mtime
is handled in fs/common.mk using touch on all files.
Diffoscope output pre-change: https://gitlab.com/snippets/1871111
Diffoscope output after change is blank i.e. binary reproducibile rootfs
is created.
GNU Recommendation: https://www.gnu.org/software/tar/manual/tar.html#SEC147
Signed-off-by: Atharva Lele <itsatharva@gmail.com>
Reviewed-by: Matt Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 9c449f9dd8)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Apparently, patchwork only recognizes the 'Fixes' tag if it is followed
by a colon. So make sure the manual documents it as such.
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Cc: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit e875c2ffd2)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security issues:
- bpo-37463: ssl.match_hostname() no longer accepts IPv4 addresses with
additional text after the address and only quad-dotted notation without
trailing whitespaces. Some inet_aton() implementations ignore whitespace
and all data after whitespace, e.g. ‘127.0.0.1 whatever’.
- bpo-35907: CVE-2019-9948: Avoid file reading by disallowing local-file://
and local_file:// URL schemes in URLopener().open() and
URLopener().retrieve() of urllib.request.
- bpo-30458: Address CVE-2019-9740 by disallowing URL paths with embedded
whitespace or control characters through into the underlying http client
request. Such potentially malicious header injection URLs now cause an
http.client.InvalidURL exception to be raised.
- bpo-33529: Prevent fold function used in email header encoding from
entering infinite loop when there are too many non-ASCII characters in a
header.
- bpo-35755: shutil.which() now uses os.confstr("CS_PATH") if available and
if the PATH environment variable is not set. Remove also the current
directory from posixpath.defpath. On Unix, shutil.which() and the
subprocess module no longer search the executable in the current directory
if the PATH environment variable is not set.
Also remove the following upstreamed patches:
- 0033-bpo-36742-Fixes-handling-of-pre-normalization-charac.patch
- 0034-bpo-36742-Corrects-fix-to-handle-decomposition-in-us.patch
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
[Peter: mention security fixes]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 906ed044aa)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Version 2.24.3 is a minor update which contains many bugfixes.
>From the announcement:
- Fix previous/next gestures in RTL mode.
- Fix rendering artifacts in popular sites (YouTube, GitHub, etc.)
- Fix media playback annoyances (volume randomly changing, HLS streams
starting too slowly, some audio streams would not play, etc.)
- Fix build with audio and video disabled.
https://webkitgtk.org/2019/07/02/webkitgtk2.24.3-released.html
Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 3ff05d9094)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
When running in a CI system, stat messages become white noise. Introduce
an option to suppress non-error, non-warning, messages.
Signed-off-by: Brandon Maier <brandon.maier@rockwellcollins.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
(cherry picked from commit 44af8386f8)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Barebox starting from 2019.02 no longer ships flex/bison generated
parser. Add conditional kconfig dependencies, same as we did for kernel
and uboot.
Signed-off-by: Marcin Niestroj <m.niestroj@grinn-global.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
(cherry picked from commit e7d8d9a765)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
When TARGET_CFLAGS (or _LDFLAGS or _CXXFLAGS) are empty, but were
constructed by appending other variables, like:
TARGET_CFLAGS = $(SOMETHING) $(SOMETHING_ELSE)
and both variables are empty, then $(TARGET_CFLAGS) is _not_ the
null-string; it's value is a string made of a single space.
This means that the construct:
$(if $(TARGET_CFLAGS),true,false)
will in fact return 'true'.
In our case, it means that we will call:
`printf '"%s", ' `
which expands to just:
"",
which we are then happy to insert as-is in the generated
cross-compilation.conf.
Then meson, will happily call the compiler with an empty argument.
The compiler is less happy, though:
arm-none-linux-gnueabi-gcc: error: : No such file or directory
And this is not even trivial to debug either... The only clue being that
there seems to be something missing between ': :'
We fix that testing the $(strip)ed value. We can still pass the
non-$(strip) expansion, because the shell will just do it for us, and we
are then sure there is at least one non-blank word in there.
Thanks a lot to Adam for his invaluable help debugging this!
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Adam Duskett <aduskett@gmail.com>
Cc: Eric Le Bihan <eric.le.bihan.dev@free.fr>
Cc: Arnout Vandecappelle <arnout@mind.be>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
(cherry picked from commit e9de6d9e0a)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security vulnerabilites:
CVE-2018-20843: In libexpat in Expat before 2.2.7, XML input including XML
names that contain a large number of colons could make the XML parser
consume a high amount of RAM and CPU resources while processing (enough to
be usable for denial-of-service attacks).
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
(cherry picked from commit 84fd08cf4f)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes CVE-2018-15664: API endpoints behind the 'docker cp' command are
vulnerable to a symlink-exchange attack with Directory Traversal, giving
attackers arbitrary read-write access to the host filesystem with root
privileges, because daemon/archive.go does not do archive operations on a
frozen filesystem (or from within a chroot).
And includes additional post-18.09.6 fixes:
Builder
- Fixed a panic error when building dockerfiles that contain only comments.
moby/moby#38487
- Added a workaround for GCR authentication issue. moby/moby#38246
- Builder-next: Fixed a bug in the GCR token cache implementation
workaround. moby/moby#39183
Runtime
- Added performance optimizations in aufs and layer store that helps in
massively parallel container creation and removal. moby/moby#39107,
moby/moby#39135
- daemon: fixed a mirrors validation issue. moby/moby#38991
- Docker no longer supports sorting UID and GID ranges in ID maps.
moby/moby#39288
Logging
- Added a fix that now allows large log lines for logger plugins.
moby/moby#39038
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
(cherry picked from commit cdbb3ced00)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes CVE-2018-15664: API endpoints behind the 'docker cp' command are
vulnerable to a symlink-exchange attack with Directory Traversal, giving
attackers arbitrary read-write access to the host filesystem with root
privileges, because daemon/archive.go does not do archive operations on a
frozen filesystem (or from within a chroot).
And includes additional post-18.09.6 fixes:
Builder
- Fixed a panic error when building dockerfiles that contain only comments.
moby/moby#38487
- Added a workaround for GCR authentication issue. moby/moby#38246
- Builder-next: Fixed a bug in the GCR token cache implementation
workaround. moby/moby#39183
Runtime
- Added performance optimizations in aufs and layer store that helps in
massively parallel container creation and removal. moby/moby#39107,
moby/moby#39135
- daemon: fixed a mirrors validation issue. moby/moby#38991
- Docker no longer supports sorting UID and GID ranges in ID maps.
moby/moby#39288
Logging
- Added a fix that now allows large log lines for logger plugins.
moby/moby#39038
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
(cherry picked from commit 13cf6f0c0b)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Buildroots autobuild identified a failure on GCC v6.2 and GCC v6.3,
producing the following warning (reported as error due to -Werror):
event_dispatcher_poll.cpp:231:13: error: types may not be defined
in a for-range-declaration [-Werror]
for (const struct pollfd &pfd : pollfds) {
^~~~~~
cc1plus: all warnings being treated as errors
A fix has been integrated upstream, bump the package to incorporate it.
Fixes: http://autobuild.buildroot.net/results/f6dd4c60c04892c8b1669e6000fce7edb2b6349e/
Signed-off-by: Kieran Bingham <kieran.bingham@ideasonboard.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 1db7890e0a)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
On my machine, it happens once in a while that the virtualised machine
boots too fast for the rootfs to be available at the time the kernel
tries to mount it.
For example, board/qemu/arm-vexpress/readme.txt suggested changing
"-smp 1" up to "-smp 4". But doing so here causes a kernel panic:
VFS: Cannot open root device "mmcblk0" or unknown-block(0,0): error -6
Please append a correct "root=" boot option; here are the available partitions:
1f00 131072 mtdblock0
(driver?)
1f01 32768 mtdblock1
(driver?)
Kernel panic - not syncing: VFS: Unable to mount root fs on
unknown-block(0,0)
So, add the oh-so-useful 'rootwait' option to all kernel command lines
for qemu defconfigs.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Joel Stanley <joel@jms.id.au>
Cc: Mark Corbin <mark.corbin@embecosm.com>
Cc: Matt Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 626c9705d2)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes CVE-2019-12450: file_copy_fallback in gio/gfile.c in GNOME GLib 2.15.0
through 2.61.1 does not properly restrict file permissions while a copy
operation is in progress. Instead, default permissions are used.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
test-pkg will use gigabytes of space when testing all toolchains.
Nevertheless, you are normally only interested in the actual build / host
tree when there is a build failure.
Do a 'make clean' for successful builds to save disk space, unless the new
option '-k/--keep' is set.
Note that the logfile and configuration is always retained for inspection.
Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Acked-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 72bf48606c)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The long option parsing of test-pkg is broken because:
- some long options are not declared
- there should be a comma between long options, the colon does not replace
it.
This change also revealed that the declaration of 'toolchains-dir' should
have been 'toolchains-csv', originally introduced in commit ed59f81a3c.
Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Acked-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 989cda12ba)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
>From patch [1] included in kernel >= 5.0:
"The upcoming GCC 9 release extends the -Wmissing-attributes warnings
(enabled by -Wall) to C and aliases: it warns when particular function
attributes are missing in the aliases but not in their target.
In particular, it triggers for all the init/cleanup_module
aliases in the kernel (defined by the module_init/exit macros),
ending up being very noisy.
These aliases point to the __init/__exit functions of a module,
which are defined as __cold (among other attributes). However,
the aliases themselves do not have the __cold attribute.
Since the compiler behaves differently when compiling a __cold
function as well as when compiling paths leading to calls
to __cold functions, the warning is trying to point out
the possibly-forgotten attribute in the alias."
Werror is set by default while building ppc kernel [2], but
some warning can be introduced while building current kernel with
newer compiler (for example building kernel 4.19 with gcc 9.1).
For the same reason why we remove Werror in packages's compiler
flags. Building with Werror is not bulletproof when we start
using a newer compiler that introduce new warnings.
This is the case here.
Also this option is a bit strange since it's specific to ppc kernels:
"The intention is to make it harder for people to inadvertantly
introduce warnings in the arch/powerpc code."
Other kernel developers on other arch may be interested by a
similar/more generic option.
So, It's clearly intended for kernel developers.
Instead of backporting this patch [1] to kernel 4.19, select
unconditionally the Kconfig option CONFIG_PPC_DISABLE_WERROR
that allow to disable Werror.
Fixes:
https://gitlab.com/kubu93/toolchains-builder/-/jobs/205435741
[1] https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=a6e60d84989fa0e91db7f236eda40453b0e44afa
[2] https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=ba55bd74360ea4b8b95e73ed79474d37ff482b36
[3] https://gitlab.com/bootlin/toolchains-builder
Fix-suggested-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Giulio Benetti <giulio.benetti@micronovasrl.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 1713c3c344)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Starting from Qt5 5.9.0, -optimize-debug is enabled by default for
debug builds causing -Og flag to be appended to CFLAGS and
consequently override TARGET_CFLAGS. We don't want this so let's pass
-no-optimize-debug to QT5BASE_CONFIGURE_OPTS if QT5_VERSION_LATEST=y.
Signed-off-by: Giulio Benetti <giulio.benetti@micronovasrl.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 5857ab6a96)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
We want to install the lmbench script along with the other executables,
so we add it to the appropriate list.
Signed-off-by: Markus Mayer <mmayer@broadcom.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 1956fbe5a4)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
scripts/build makes use of the "+=" operator which is not supported by
a pure POSIX shell. We switch to /bin/bash in order to avoid errors of
the form:
../scripts/build: 21: ../scripts/build: LDLIBS+= -lm: not found
Signed-off-by: Markus Mayer <mmayer@broadcom.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 037d5ffcb6)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
jimtcl, perl, usb_modeswitch and x264 are registering
UPDATE_CONFIG_HOOK as a post patch hook to get their gnuconfig files
updated. lmbench is the only package calling CONFIG_UPDATE directly,
so for consistency, let's make it use the same logic as jimtcl, perl,
usb_modeswitch and x264.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 2b8b6767ab)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Package tvheadend builds using '-pie' linker flag in any case. This
leads to linking failure if toolchain doesn't support 'pie'.
Add patch to fix tvheadend's Makefile bug where '-pie' flag is hardcoded
making it depend on '--disable-pie' as compiler's flags already are
treated.
Signed-off-by: Giulio Benetti <giulio.benetti@micronovasrl.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit dd0907d465)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add hash for COPYING file
Fixes:
$: make haveged-legal-info
>>> haveged 1.9.4 Collecting legal info
ERROR: No hash found for COPYING
Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 0ae29b98d1)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit b3bba8e425 (package/linux-headers: drop support 4.20 headers)
removed the option for 4.20.x kernel headers, but forgot to add a legacy
option. Add that now.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 8f60d30829)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
In glibc 2.27 the following change occurred:
"Statically compiled applications attempting to load locales compiled
for the GNU C Library version 2.27 will fail and fall back to the
builtin C/POSIX locale."
This impacts us since upstream buildroot uses a localdef built against
an older eglibc release, as reported at [0].
This is a combination of my patch to move to glibc and Peter Seiderer's
patch to avoid building all of glibc just for localedef.
[0] https://bugs.busybox.net/show_bug.cgi?id=11096
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
[localedef build & fixups:]
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
[Thomas: share the tarball with the glibc package]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 0ec7169e6c)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add hash for COPYING file
Fixes:
$: make logrotate-legal-info
>>> logrotate 3.15.0 Collecting legal info
ERROR: No hash found for COPYING
Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 38626b4b63)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security issues:
- CVE-2019-12749: Do not attempt to carry out DBUS_COOKIE_SHA1
authentication for identities that differ from the user running the
DBusServer. Previously, a local attacker could manipulate symbolic links
in their own home directory to bypass authentication and connect to a
DBusServer with elevated privileges. The standard system and session
dbus-daemons in their default configuration were immune to this attack
because they did not allow DBUS_COOKIE_SHA1, but third-party users of
DBusServer such as Upstart could be vulnerable. Thanks to Joe Vennix of
Apple Information Security.
For details, see the advisory:
https://www.openwall.com/lists/oss-security/2019/06/11/2
Also contains a number of other smaller fixes, including fixes for memory
leaks. For details, see NEWS:
https://gitlab.freedesktop.org/dbus/dbus/blob/dbus-1.12/NEWS
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 992b106d1d)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Nehalem, the predecessor to westmere, is best match for westmere
architecture in current openblas.
Signed-off-by: Esben Haabendal <esben@geanix.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit b04f1deab3)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The westmere line of x86_64 targets lies between nehalem (corei7) and
sandybridge (corei7-avx). Allowing use of -march=westmere enables use of
AES instruction set on these targets.
Signed-off-by: Esben Haabendal <esben@geanix.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 97651ce275)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The licensing text in README.md has changed slightly. The reference to
COPYING.LESSER has been removed. The file itself has been gone for awhile
now. COPYING.thirdparty has also been renamed to THIRDPARTY.
Release notes:
https://mariadb.com/kb/en/library/mariadb-10315-release-notes/
Changelog:
https://mariadb.com/kb/en/mariadb-10315-changelog/
Fixes the following security vulnerabilities:
CVE-2019-2614 - Vulnerability in the MySQL Server component of Oracle MySQL
(subcomponent: Server: Replication). Supported versions that are affected
are 5.6.43 and prior, 5.7.25 and prior and 8.0.15 and prior. Difficult to
exploit vulnerability allows high privileged attacker with network access
via multiple protocols to compromise MySQL Server. Successful attacks of
this vulnerability can result in unauthorized ability to cause a hang or
frequently repeatable crash (complete DOS) of MySQL Server.
CVE-2019-2627 - Vulnerability in the MySQL Server component of Oracle MySQL
(subcomponent: Server: Security: Privileges). Supported versions that are
affected are 5.6.43 and prior, 5.7.25 and prior and 8.0.15 and prior.
Easily exploitable vulnerability allows high privileged attacker with
network access via multiple protocols to compromise MySQL Server.
Successful attacks of this vulnerability can result in unauthorized ability
to cause a hang or frequently repeatable crash (complete DOS) of MySQL
Server.
CVE-2019-2628 - Vulnerability in the MySQL Server component of Oracle MySQL
(subcomponent: InnoDB). Supported versions that are affected are 5.7.25 and
prior and 8.0.15 and prior. Easily exploitable vulnerability allows high
privileged attacker with network access via multiple protocols to
compromise MySQL Server. Successful attacks of this vulnerability can
result in unauthorized ability to cause a hang or frequently repeatable
crash (complete DOS) of MySQL Server.
Signed-off-by: Ryan Coe <bluemrp9@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 033844c44d)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security issues:
* Fix multiple buffer overflows in the ps demuxer
* Fix a buffer overflow when copying a biplanar YUV image
* Fix multiple buffer overflows in the faad decoder
* Fix buffer overflow in the svcdsub decoder
* Fix buffer overflows in the ogg muxer & demuxer
* Fix buffer overflows in libavformat demuxer
* Fix multiple buffer overflows in the MKV demuxer
* Fix a buffer overflow in the MP4 demuxer
* Fix a buffer overflow in the textst decoder
* Fix a buffer overflow in the webvtt decoder
* Fix a buffer overflow in the ASF demux
* Fix a buffer overflow in the UPNP SD
* Fix use after free in the ogg demuxer
* Fix multiple use after free in the MKV demuxer
* Fix multiple use after free in the DMO decoder
* Fix integer underflow in the MKV demuxer
* Fix an updater NULL pointer dereference on invalid signing keys
* Fix NULL pointer dereference in the MKV demuxer
* Fix an integer overflow in the spudec decoder
* Fix an integer overflow in the nsc demuxer
* Fix an integer overflow in the avi demuxer
* Fix reads of uninitialized pointers in the MKV demuxer
* Fix a floating point exception in the MKV demuxer
* Fix an infinite loop in the flac packetizer
For more details, see the NEWS file:
https://www.videolan.org/developers/vlc-branch/NEWS
Removed patch 0010, applied upstream.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
(cherry picked from commit 04efb17c86)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add an from from upstream to fix linking Gerbera with taglib. The patch
fixes the following issue:
When cross-compiling CMakes `find_program()` will search for binaries on the
host. This is typically correct, e.g. when search for compilers or shells.
When cross-compiling, searching for `taglib-config` using `find_program` should
not find the binary on the host, instead it should find the binary in the sysroot
directory, as the host `taglib-config` will output the wrong host paths
and libs, whereas the sysroot `taglib-config` will output the correct sysroot
paths and libs.
Therefore, use the `CMAKE_FIND_ROOT_PATH_MODE_PROGRAM` variable when
cross-compiling. This variable controls whether the `CMAKE_FIND_ROOT_PATH`
and `CMAKE_SYSROOT` are used by find_program().
Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
(cherry picked from commit 6d52768315)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The current taglib-config program does not work when cross-compiling as it only
returns paths to the host, which breaks building programs which link against
taglib.
For example gerbera uses `taglib-config` and it fails with:
```
[..]
-- Found TagLib: -L/usr/lib -ltag
[..]
arm-linux-gnueabihf-g++: ERROR: unsafe header/library path used in cross-compilation: '-L/usr/lib'
```
Before the patch the output of `taglib-config` is:
```
$ ./output/host/arm-buildroot-linux-gnueabihf/sysroot/usr/bin/taglib-config --libs
-L/usr/lib -ltag
```
Add a patch from upstream which fixes taglib-config.
After applying the fix, the pkg-config file is correct:
```
$ ./output/host/arm-buildroot-linux-gnueabihf/sysroot/usr/bin/taglib-config --libs
-L/home/joerg/Development/git/buildroot/output/host/arm-buildroot-linux-gnueabihf/sysroot/usr/lib -ltag
```
Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
(cherry picked from commit ad29cd6224)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The current logic will set the "-static" flag when building go
host packages if BR2_STATIC_LIBS is set, this will not work as
there is no support to link host packages statically.
Fix this by applying this logic only for target builds.
Signed-off-by: Mirza Krak <mirza.krak@northern.tech>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
(cherry picked from commit 60d455f20b)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
PATH must be set to $(BR_PATH) thanks to $(TARGET_MAKE_ENV) before
calling make otherwise build fails on:
/bin/bash: gawk: command not found
When build fails, config.log contains the following line:
configure:13709: checking for gawk
configure:13725: found /home/buildroot/autobuild/run/instance-3/output/host/bin/gawk
configure:13736: result: gawk
[...]
ac_cv_prog_AWK=gawk
Fixes:
- http://autobuild.buildroot.org/results/43c5d08f599e8f44b59a576d243ae1c7b27de7a3
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
(cherry picked from commit 10aa85ac8a)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The build fails if libintl.h is found but xgettext is not available:
Has header "libintl.h" : YES
Library intl found: NO
po/meson.build:28:5: ERROR: Can not do gettext because xgettext is not installed.
This is because enable_nls defaults to true if libintl.h is found. Use
the nls option to enable/disable NLS explicitly, depending on
BR2_SYSTEM_ENABLE_NLS,
Also, fix the second patch to always look for libintl, even if NLS is
not enabled. The enable_nls option disables processing the po files, but
the gettext calls in the source are still there, so we need to link with
libintl anyway.
Fixes:
- http://autobuild.buildroot.org/results/0ab0a42fd4c5c9fd5891f3b84287bd788f763ba4
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
(cherry picked from commit 56fb7401b9)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixing the following list of issues (fixed in 0.27.6 and 0.27.5):
The function family git__strtol is used to parse integers
from a buffer. As the functions do not take a buffer length as
argument, they will scan either until the end of the current
number or until a NUL byte is encountered. Many callers have
been misusing the function and called it on potentially
non-NUL-terminated buffers, resulting in possible out-of-bounds
reads. Callers have been fixed to use git__strntol functions
instead and git__strtol functions were removed.
The function git__strntol64 relied on the undefined behavior
of signed integer overflows. While the code tried to detect
such overflows after they have happened, this is unspecified
behavior and may lead to weird behavior on uncommon platforms.
In the case where git__strntol32 was unable to parse an
integer because it doesn't fit into an int32_t, it printed an
error message containing the string that is currently being
parsed. The code didn't truncate the string though, which
caused it to print the complete string until a NUL byte is
encountered and not only the currently parsed number. In case
where the string was not NUL terminated, this could have lead
to an out-of-bounds read.
When parsing tags, all unknown fields that appear before the
tag message are skipped. This skipping is done by using a plain
strstr(buffer, "\n\n") to search for the two newlines that
separate tag fields from tag message. As it is not possible to
supply a buffer length to strstr, this call may skip over the
buffer's end and thus result in an out of bounds read. As
strstr may return a pointer that is out of bounds, the
following computation of buffer_end - buffer will overflow
and result in an allocation of an invalid length. Note that
when reading objects from the object database, we make sure to
always NUL terminate them, making the use of strstr safe.
When parsing the "encoding" field of a commit, we may perform
an out of bounds read due to using git__prefixcmp instead of
git__prefixncmp. This can result in the parsed commit object
containing uninitialized data in both its message encoding and
message fields. Note that when reading objects from the object
database, we make sure to always NUL terminate them, making the
use of strstr safe.
Submodule URLs and paths with a leading "-" are now ignored.
This is due to the recently discovered CVE-2018-17456, which
can lead to arbitrary code execution in upstream git. While
libgit2 itself is not vulnerable, it can be used to inject
options in an implementation which performs a recursive clone
by executing an external command.
When running repack while doing repo writes,
packfile_load__cb() could see some temporary files in the
directory that were bigger than the usual, and makes memcmp
overflow on the p->pack_name string. This issue was reported
and fixed by bisho.
The configuration file parser used unbounded recursion to parse
multiline variables, which could lead to a stack overflow. The
issue was reported by the oss-fuzz project, issue 10048 and
fixed by Nelson Elhage.
The fix to the unbounded recursion introduced a memory leak in
the config parser. While this leak was never in a public
release, the oss-fuzz project reported this as issue 10127. The
fix was implemented by Nelson Elhage and Patrick Steinhardt.
When parsing "ok" packets received via the smart protocol, our
parsing code did not correctly verify the bounds of the
packets, which could result in a heap-buffer overflow. The
issue was reported by the oss-fuzz project, issue 9749 and
fixed by Patrick Steinhardt.
The parsing code for the smart protocol has been tightened in
general, fixing heap-buffer overflows when parsing the packet
type as well as for "ACK" and "unpack" packets. The issue was
discovered and fixed by Patrick Steinhardt.
Fixed potential integer overflows on platforms with 16 bit
integers when parsing packets for the smart protocol. The issue
was discovered and fixed by Patrick Steinhardt.
Fixed potential NULL pointer dereference when parsing
configuration files which have "include.path" or
"includeIf..path" statements without a value.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
(cherry picked from commit 02afc9db7a)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
We have some internal packages which automatically bake a version string
from the git checkout, and we usually combine these with a
*_OVERRIDE_SRCDIR. I would like to let Buildroot *not* skip the .git
directory when picking up sources from the local checkout. It turns out
that the existing mechanism (*_OVERRIDE_SRCDIR_RSYNC_EXCLUSIONS) only
supports adding to the exclude list because `rsync` simply uses the
first match from the provided filtering rules.
Solve this by using the user-provided values first. If they match, then
`rsync` won't exclude stuff based on the generic VCS exclude patterns.
Signed-off-by: Jan Kundrát <jan.kundrat@cesnet.cz>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
(cherry picked from commit a27078d32d)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Drop third patch which is not upstreamable and set XSLTPROC to false
instead to disable documentation
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
(cherry picked from commit 48a9848cd6)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This patch is not needed since version 4.9.0 and
859698d29b
which solved the issue by avoiding calling this function.
Also renumber the remaining patches.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
(cherry picked from commit df859a83f6)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
mpd can't be built statically with tremor and vorbis, build fails on:
block.c:(.text+0x11c): multiple definition of `vorbis_block_init'
/usr/lfs/v0/rc-buildroot-test/scripts/instance-2/output/host/bin/../sparc-buildroot-linux-uclibc/sysroot/usr/lib/libvorbisidec.a(block.o):block.c:(.text+0x0): first defined here
/usr/lfs/v0/rc-buildroot-test/scripts/instance-2/output/host/opt/ext-toolchain/bin/../lib/gcc/sparc-buildroot-linux-uclibc/7.4.0/../../../../sparc-buildroot-linux-uclibc/bin/ld: Disabling relaxation: it will not work with multiple definitions
/usr/lfs/v0/rc-buildroot-test/scripts/instance-2/output/host/bin/../sparc-buildroot-linux-uclibc/sysroot/usr/lib/libvorbis.a(block.o): In function `_vorbis_block_alloc':
Fix this by making both options mutually exclusive
It should be noted that upstream explicitly removed the possibility to
enable tremor and vorbis at the same time since version 0.21.6 and
c18cd941aa
Since we only have 0.20.23, it is still possible to build them together,
but there is clearly no need to allow it.
Fixes:
- http://autobuild.buildroot.org/results/60c721a82ffd668bebf02d80bca83780d6cdb2f2
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
(cherry picked from commit 5395b1ca45)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Drop tremor select added by commit
d428dddf68
Indeed, nowadays, mpd can be built successfully even if there is no
input plugin selected.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
(cherry picked from commit 5d4ee34c39)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
If a go host package is built using cgo, it needs access
to HOST_CFLAGS/HOST_LDFLAGS to utilize host packages it
might depend on.
Signed-off-by: Mirza Krak <mirza.krak@northern.tech>
Acked-by: Adam Duskett <aduskett@gmail.com>
Tested-by: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
(cherry picked from commit d65b6b337b)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security issues:
CVE-2019-12308: AdminURLFieldWidget XSS¶
The clickable "Current URL" link generated by AdminURLFieldWidget displayed
the provided value without validating it as a safe URL. Thus, an
unvalidated value stored in the database, or a value provided as a URL query
parameter payload, could result in an clickable JavaScript link.
AdminURLFieldWidget now validates the provided value using URLValidator
before displaying the clickable link. You may customize the validator by
passing a validator_class kwarg to AdminURLFieldWidget.__init__(), e.g.
when using formfield_overrides.
Patched bundled jQuery for CVE-2019-11358: Prototype pollution¶
jQuery before 3.4.0, mishandles jQuery.extend(true, {}, ...) because of
Object.prototype pollution. If an unsanitized source object contained an
enumerable __proto__ property, it could extend the native Object.prototype.
The bundled version of jQuery used by the Django admin has been patched to
allow for the select2 library’s use of jQuery.extend().
For more details, see the release notes:
https://docs.djangoproject.com/en/dev/releases/2.1.9/
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 426084e25f)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
dosfstools and busybox may each install mkfs.vfat, so dosfstools must
be installed before busybox.
Signed-off-by: Markus Mayer <mmayer@broadcom.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit ca42df2111)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Some files were not shown because too many files have changed in this diff
Show More
Reference in New Issue
Block a user
Blocking a user prevents them from interacting with repositories, such as opening or commenting on pull requests or issues. Learn more about blocking a user.
