fio does not have any special conditions since version 2.2.6 indeed
MORAL-LICENSE has been updated to replace "promising" by "encouraged"
and "must" by "should":
67f4822ce3
So fix LICENSE, add MORAL-LICENSE to LICENSE_FILES and add hash for both
licenses
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit c4f923176a)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Daniel Alvarez (1):
getifaddrs: Don't return ifa entries with NULL names [BZ #21812]
Florian Weimer (8):
libio: Avoid _allocate_buffer, _free_buffer function pointers [BZ #23236]
Use _STRUCT_TIMESPEC as guard in <bits/types/struct_timespec.h> [BZ #23349]
libio: Disable vtable validation in case of interposition [BZ #23313]
NEWS: Reorder out-of-order bugs
Synchronize support/ infrastructure with master
libio: Add tst-vtables, tst-vtables-interposed
stdio-common/tst-printf.c: Remove part under a non-free license [BZ #23363]
conform/conformtest.pl: Escape literal braces in regular expressions
Gabriel F. T. Gomes (1):
Fix parameter type in C++ version of iseqsig (bug 23171)
H.J. Lu (2):
x86: Correct index_cpu_LZCNT [BZ #23456]
x86: Populate COMMON_CPUID_INDEX_80000001 for Intel CPUs [BZ #23459]
Martin Kuchta (1):
pthread_cond_broadcast: Fix waiters-after-spinning case [BZ #23538]
Stefan Liebler (1):
Fix segfault in maybe_script_execute.
Steve Ellcey (1):
Check length of ifname before copying it into to ifreq structure.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes CVE-2018-14618: NTLM password overflow via integer overflow
For more details, see the advisory:
https://curl.haxx.se/docs/CVE-2018-14618.html
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 87d58cccf1)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Little CMS (aka Little Color Management System) 2.9 has an integer overflow
in the AllocateDataSet function in cmscgats.c, leading to a heap-based
buffer overflow in the SetData function via a crafted file in the second
argument to cmsIT8LoadFromFile.
For more details, see:
https://github.com/mm2/Little-CMS/issues/171https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16435
The upstream fix unfortunately includes a number of unrelated changes, but
thse files are not used when building for Linux.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 9f81f578eb)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
- Remove two patches (already in version)
- Add hash for license file
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit b2561d0844)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Build fails with:
In file included from dyncall_callback.c:35:0:
dyncall_callback_ppc64.c: In function 'dcbNewCallback':
dyncall_callback_ppc64.c:42:13: warning: implicit declaration of function 'dcAllocWX' [-Wimplicit-function-declaration]
int err = dcAllocWX(sizeof(DCCallback), (void**) &pcb);
^~~~~~~~~
dyncall_callback_ppc64.c: In function 'dcbFreeCallback':
dyncall_callback_ppc64.c:53:3: warning: implicit declaration of function 'dcFreeWX' [-Wimplicit-function-declaration]
dcFreeWX(pcb, sizeof(DCCallback));
^~~~~~~~
dyncall_callback_ppc64.S: Assembler messages:
dyncall_callback_ppc64.S:180: Error: operand out of range (3 is not between 0 and 1)
So select BR2_PACKAGE_LIBFFI for BR2_powerpc64 and BR2_powerpc64le as it
is already done for MIPS
Fixes:
- http://autobuild.buildroot.org/results/97b53a74d9847c07f26178daeb1daff3b6c24813
- http://autobuild.buildroot.org/results/c35ac4bbc5fb04aabf5a719eddeedf55f7f1f4eb
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit b1b35eb9c5)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
/usr/lfs/v0/rc-buildroot-test/scripts/instance-2/output/host/bin/arm-none-linux-gnueabi-gcc -c -I. -I. -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -DETCSCREENRC='"/usr/etc/screenrc"' -DSCREENENCODINGS='"/usr/share/screen/utf8encodings"' -DHAVE_CONFIG_H -DGIT_REV=\"\" \
-D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -Os -D_GNU_SOURCE list_display.c
In file included from screen.h:150:0,
from list_display.c:36:
display.h:154:19: error: 'T_N' undeclared here (not in a function)
union tcu d_tcs[T_N]; /* terminal capabilities */
Macro T_N is defined in header file term.h but it may not be created
then fails. Backport patch to make sure term.h is created before compile
other source codes.
Fixes:
- http://autobuild.buildroot.org/results/a62bea1fd32246526d59f029df3dca60f1cd710f
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit d496329a19)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Since glibc 2.28, sys/sysmacros.h is no longer included from sys/types.h
This patch fixes the resulting build error by explicitly including
sys/sysmacros.h
See also https://github.com/plougher/squashfs-tools/pull/52
Signed-off-by: Richard Kunze <richard.kunze@web.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit ed0e55675e)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 10d4c1222a)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The configure script enables the DirectFB video driver, but forgets to
enable the renderer driver, causing SDL_CreateRenderer() to fail. Add an upstream patch to fix this.
[Peter: reword/extend commit text,
add git formatted patch from https://github.com/spurious/SDL-mirror]
Signed-off-by: Peter Thompson <peter.macleod.thompson@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit d114494456)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
For consistency with chromium-lts.inc, rename chromium.inc to
chromium-latest.inc.
Signed-off-by: Laurent Hartanerot <laurent.hartanerot@atos.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit b36fd21f2c)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The qtwebengine package used by Qt LTS has a different set of license
files for chromium, so this commit introduces a separate
chromium-lts.inc with the right contents.
This fixes legal-info of qt5webengine with Qt LTS.
Signed-off-by: Laurent Hartanerot <laurent.hartanerot@atos.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit b105dc2b0b)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
In minicom package hash file lacks sha256 entry for COPYING file even if
it is added to MINICOM_LICENSE_FILES.
Add COPYING sha256 entry to minicom.hash file.
Signed-off-by: Giulio Benetti <giulio.benetti@micronovasrl.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 6edfa41a0a)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add kconfig help text that explains how to manually specify an
official Linux version to use for the kernel headers.
Signed-off-by: Mark Corbin <mark.corbin@embecosm.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 3beba26d76)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Similarly to c48f8a6462 (package/m4: fix build on host with glibc-2.28),
backport the two fixes fromn gnulib upstream, that allows building
host-bison on systems using glibc 2.28.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Reported-by: c32 on IRC
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 373ac58b82)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes:
http://autobuild.buildroot.net/results/9326cb85c8ce4f98aa9d0a1238ffdab3e9829637/
Similar in spirit to commit 83d33f76 (qt5quickcontrols: update license file
names for Qt 5.6 version), but on 2018.02.x the list of files was correct
for the 5.6 version but not the 5.9 version.
Also add hashes for these licese files.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes:
http://autobuild.buildroot.net/results/69cf9326539c8df8fa50c5e7acb2ce3bb985ede2/
The PDO mysql extension also needs the hash extension - so select it,
similar to how it was done for the mysqli extension in commit 65f9645263
(php: fix build with mysqli).
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 45215ffc8a)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Depending on the configuration, the cpp output may contain the string 'yes'
in a comment if built under a path containing 'yes', confusing the _AIX
test:
${CROSS}-cpp conftest.h
\# 1 "conftest.h"
\# 1 "<built-in>"
\# 1 "<command-line>"
\# 31 "<command-line>"
\# 1 "/home/peko/source/buildroot/output-yes/host/x86_64-buildroot-linux-gnu/sysroot/usr/include/stdc-predef.h"
\# 32 "<command-line>" 2
\# 1 "conftest.txt"
If misdetected, the configure script adds -lc128 to LIBS, causing the
AC_CHECKS_FUNCS check for stat64 to fail, which in turn causes compilation
errors about redefinition of symbols:
In file included from ./src/include/pv-internal.h:9:0,
from src/pv/file.c:5:
./src/include/config.h:76:18: error: redefinition of 'struct stat'
# define stat64 stat
^
Fix it by only matching on 'yes' on a line by itself.
As pv doesn't cleanly autoreconf (it doesn't use automake and configure.in
is located in subdir), instead directly patch configure.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 994a47649b)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes CVE-2018-15473: user enumeration vulnerability due to not delaying
bailout for an invalid authenticating user until after the packet
containing the request has been fully parsed.
Some OpenSSH developers don't consider this a security issue:
https://lists.mindrot.org/pipermail/openssh-unix-dev/2018-August/037138.html
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 5ef5b39bd4)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Drop upstream patches, renumber the rest.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit a08cd50e98)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This script is useful to copy SSH keys between client and server [1] and
installed on most distributions (for example on debian: [2]).
[1] https://www.ssh.com/ssh/copy-id
[2] https://packages.debian.org/fr/jessie/armhf/openssh-client/filelist
Signed-off-by: Julien BOIBESSOT <julien.boibessot@armadeus.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
[Thomas: use full destination path.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 0552b7fc38)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes CVE-2018-12910: The get_cookies function in soup-cookie-jar.c in
libsoup 2.63.2 allows attackers to have unspecified impact via an empty
hostname.
Cc: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 8a4536b2dd)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes:
http://autobuild.buildroot.net/results/d6d/d6dc9a640aa1f6650a3e7b9397f2fe2ae3433f4d/http://autobuild.buildroot.net/results/ab5/ab5a58ea7845f9f378454ee1aa7e872448618ba9/
ebx was recently added to the x86 inline asm MULADDC_STOP clobber list to
fix#1550, but this causes the build to fail with GCC < 5 when building in
PIC mode with errors like:
include/mbedtls/bn_mul.h:46:13: error: PIC register clobbered by ‘ebx’ in ‘asm’
This is because older GCC versions treated the x86 ebx register (which is
used for the GOT) as a fixed reserved register when building as PIC.
This is fixed by an improved register allocator in GCC 5+. From the release
notes:
Register allocation improvements: Reuse of the PIC hard register, instead of
using a fixed register, was implemented on x86/x86-64 targets. This
improves generated PIC code performance as more hard registers can be used.
https://www.gnu.org/software/gcc/gcc-5/changes.html
As a workaround, add a patch to detect this situation and disable the inline
assembly, similar to the MULADDC_CANNOT_USE_R7 logic.
Patch submitted upstream: https://github.com/ARMmbed/mbedtls/pull/1986
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 11241ac656)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This fixes autobuild failures like
http://autobuild.buildroot.net/results/3288b742cee650ee47a41c5b4d6aaef1fe67bff1
php compile breaks with:
ext/mysqlnd/mysqlnd_auth.o: In function `php_mysqlnd_scramble_sha2':
mysqlnd_auth.c:(.text+0x1054): undefined reference to `PHP_SHA256Init'
mysqlnd_auth.c:(.text+0x1064): undefined reference to `PHP_SHA256Update'
mysqlnd_auth.c:(.text+0x1070): undefined reference to `PHP_SHA256Final'
mysqlnd_auth.c:(.text+0x1078): undefined reference to `PHP_SHA256Init'
mysqlnd_auth.c:(.text+0x1088): undefined reference to `PHP_SHA256Update'
mysqlnd_auth.c:(.text+0x1094): undefined reference to `PHP_SHA256Final'
mysqlnd_auth.c:(.text+0x109c): undefined reference to `PHP_SHA256Init'
mysqlnd_auth.c:(.text+0x10ac): undefined reference to `PHP_SHA256Update'
mysqlnd_auth.c:(.text+0x10bc): undefined reference to `PHP_SHA256Update'
mysqlnd_auth.c:(.text+0x10c8): undefined reference to `PHP_SHA256Final'
It looks like the php mysqli extension needs the hash extension to work. This
seems to be a php Make dependany bug. This patch works around it until the
upstream maintainers can fix it.
Signed-off-by: Christopher McCrory <chrismcc@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 65f9645263)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
dropbear is affected by an user enumeration vulnerability similar to the
recent issue in openssh (CVE-2018-15473). Add an upstream patch fixing the
issue.
For more details, see the discussion on the mailing list:
http://lists.ucc.gu.uwa.edu.au/pipermail/dropbear/2018q3/002110.html
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 4a3b0ba38f)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Dropbear 2018.76 now uses the --enable-static option to indicate that a static
binary should be built. This will incorrectly pick up the generic buildroot
option intended for building static libraries, causing an unwanted static
binary build with BR2_SHARED_STATIC_LIBS.
Fix by appending an --disable-static configure flag, overriding the buildroot
default.
Signed-off-by: Stefan Sørensen <stefan.sorensen@spectralink.com>
Reviewed-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit c9922a4d2f)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Dropbear 2018.76 changed the default ecdsa host key size form 521 to 256
bits, but this breaks systems with an existing 521 bit key, blocking ssh
logins.
Apply the upstream fix from https://secure.ucc.asn.au/hg/dropbear/rev/0dc3103a5900 :
Only advertise a single server ecdsa key when -R (generate as required) is
specified. Fixes -R now that default ecdsa key size has changed.
[Peter: apply-patches.sh does not like suffix-less filename, so include
patch in Buildroot]
Signed-off-by: Stefan Sørensen <stefan.sorensen@spectralink.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 8a38d7cc9a)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
DROPBEAR_SMALL_CODE could be only honored with bundled libtomcrypt
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit cf9b5522d1)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
By default, Dropbear's configure script enables hardening
flags. Unfortunately, the check for SSP only uses AC_COMPILE_IFELSE(),
and therefore doesn't properly test for the availability of libssp,
visible only at link time.
In addition, Buildroot passes its own hardening flags, depending on
various global options. So, we simply disable hardening flags in
Dropbear.
This fixes a build failure with non-SSP capable toolchains happening
since the bump to 2018.76.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit b0aafef619)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
with this new version:
- "configure --enable-static" should now be used instead of
"make STATIC=1"
- any customised options should be put in localoptions.h
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 2e035a9aec)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
brltty has a very inventive buildsystem, where it internall runs
./configure for the build machine In doing so, it generates a list
of make variables to define what the build machine supports, like
it does for the target.
However, the build variables are generated with a convoluted sed
script that scans the target list, and appends _FOR_BUILD to each
target variables. Then, both lists are included from the Makefile,
on the assumption that the build variables will not clash with the
target variables.
Where it gets interesting, is that that sed script considers the
variables names to match '[A-Za-z][A-Za-z0-9_]*'
And there we see why ATSPI2_PACKAGE does not match: it contains a
digit.
So, some build variables will inevitably override target ones.
Fix that by simply expanding the matching regexp to allow digits
in variable names.
Fixes:
http://autobuild.buildroot.org/results/a37/a37782b3cfc1a96cc129db8fade20a36a7b2d470/http://autobuild.buildroot.org/results/97e/97edc6a47d2140968e84b409cdc960604e5896f2/
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Mario Lang <mlang@blind.guru>
Cc: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 8909897ab3)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Thomas De Schampheleire <patrickdepinguin@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit a2e0003141)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security issues:
- CVE-2018-0497: Remote plaintext recovery on use of CBC based ciphersuites
through a timing side-channel
- CVE-2018-0498: Plaintext recovery on use of CBC based ciphersuites through
a cache based side-channel
For more info, see the advisory:
https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2018-02
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 7a7a159135)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
We can't carry a mercurial patch, because the luarocks package is not
organised with the same layout as the upstream package source tree is.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Marcin Niestroj <m.niestroj@grinn-global.com>
Cc: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 27e0cad2da)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
