- Fix CVE-2021-45386: tcpreplay 4.3.4 has a Reachable Assertion in
add_tree_ipv6() at tree.c
- Fix CVE-2021-45387: tcpreplay 4.3.4 has a Reachable Assertion in
add_tree_ipv4() at tree.c.
https://github.com/appneta/tcpreplay/blob/v4.4.1/docs/CHANGELOG
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
PJSIP is a free and open source multimedia communication library written
in C language implementing standard based protocols such as SIP, SDP,
RTP, STUN, TURN, and ICE. In versions prior to and including 2.12.1 a
stack buffer overflow vulnerability affects PJSIP users that use STUN in
their applications, either by: setting a STUN server in their
account/media config in PJSUA/PJSUA2 level, or directly using
`pjlib-util/stun_simple` API.
https://github.com/pjsip/pjproject/security/advisories/GHSA-26j7-ww69-c4qj
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Reviewed-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Bump to syslog-ng 3.37.1 and update sample config.
Signed-off-by: Chris Packham <judge.packham@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
- Switch to meson-package
- Add inih mandatory dependency
- COPYING has been removed because it was redundant with LICENSE file:
39a9c4bbda
- Update indentation in hash file (two spaces)
https://github.com/tio/tio/blob/v1.40/ChangeLog
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
doc and examples can be disabled since
6e1c66a94c
so set BUILD_SANDBOX=OFF as BUILD_DOC=OFF is already passed by
cmake-infrastructure
https://github.com/USCiLab/cereal/releases/tag/v1.3.2
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
- Renumber patch
- Update hash of README.md (changes not related to license)
- FPIN support is fixed by setting LINUX_HEADERS_INCDIR and
63aa47d032
FPIN support is (wrongly) enabled if ELS_DTAG_LNK_INTEGRITY is defined
in /usr/include/scsi/fc/fc_els.h since bump to version 0.8.9 in commit
b790ff27d5 and
cfff03efbc
resulting in the following build failure:
In file included from /nvmedata/autobuild/instance-7/output-1/host/nios2-buildroot-linux-gnu/sysroot/usr/include/scsi/scsi_netlink_fc.h:25,
from fpin_handlers.c:6:
/nvmedata/autobuild/instance-7/output-1/host/nios2-buildroot-linux-gnu/sysroot/usr/include/scsi/scsi_netlink.h:44:2: error: unknown type name 'uint8_t'
44 | uint8_t version;
| ^~~~~~~
https://github.com/opensvc/multipath-tools/compare/0.8.9...0.9.0
Fixes:
- http://autobuild.buildroot.org/results/32f4ada6c49261924ca78f62dee43241bda379a3
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix the following guile build failure without NPTL raised since the
addition of bdwgc in commit b0476427f6 and
7896408d41:
configure:60776: checking for GC_is_heap_ptr
configure:60776: /home/buildroot/autobuild/instance-2/output-1/host/bin/arm-buildroot-linux-uclibcgnueabi-gcc -std=gnu11 -o conftest -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -O1 -g0 -DHAVE_GC_SET_FINALIZER_NOTIFIER -DHAVE_GC_GET_HEAP_USAGE_SAFE -DHAVE_GC_GET_FREE_SPACE_DIVISOR -DHAVE_GC_SET_FINALIZE_ON_DEMAND -flto -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 conftest.c -L/home/buildroot/autobuild/instance-2/output-1/host/bin/../arm-buildroot-linux-uclibcgnueabi/sysroot/usr/lib -latomic_ops -lgc -lpthread -ldl -latomic -lm >&5
/home/buildroot/autobuild/instance-2/output-1/host/lib/gcc/arm-buildroot-linux-uclibcgnueabi/10.3.0/../../../../arm-buildroot-linux-uclibcgnueabi/bin/ld: /home/buildroot/autobuild/instance-2/output-1/host/bin/../arm-buildroot-linux-uclibcgnueabi/sysroot/usr/lib/libgc.so: undefined reference to `pthread_getattr_np'
[...]
In file included from ../libguile/alist.h:26,
from ../libguile.h:31,
from guile.c:38:
../libguile/pairs.h:205:1: error: conflicting types for 'GC_is_heap_ptr'
205 | GC_is_heap_ptr (void *ptr)
| ^~~~~~~~~~~~~~
In file included from ../libguile/bdw-gc.h:48,
from ../libguile/gc.h:142,
from ../libguile/pairs.h:26,
from ../libguile/alist.h:26,
from ../libguile.h:31,
from guile.c:38:
/home/buildroot/autobuild/instance-2/output-1/host/arm-buildroot-linux-uclibcgnueabi/sysroot/usr/include/gc/gc.h:551:20: note: previous declaration of 'GC_is_heap_ptr' was here
551 | GC_API int GC_CALL GC_is_heap_ptr(const void *);
| ^~~~~~~~~~~~~~
Fixes:
- http://autobuild.buildroot.org/results/819f231a60fc81f9a8dd07bf5411aa9d8f78c3bb
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Removed patch, not needed anymore due to upstream removal of astrobwt:
22d6a7525e
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
For now only latest release and custom git repository was supported.
This patch adds support for custom tarball URL.
It also adds configuration verification for custom git repository and
tarball URL.
Signed-off-by: Kory Maincent <kory.maincent@bootlin.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.rog> for the v2.
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
The kernel is from upstream with a few extras to reduce the size of
the 'aspeed_g5' zImage because it is too big for the flash layout.
Mainline U-Boot has enough support to load the kernel from the flash
device and from network but it is still behind the OpenBMC branch
where most the development is done.
The main resulting file from the build is a flash image. The partition
layout matches the OpenBMC one for 32M chips. It makes it easier to
update the different partitions from Linux. Intermediate files can be
used to boot from U-Boot over the network or to boot QEMU using
-kernel/-initrd/-dtb.
Reviewed-by: Joel Stanley <joel@jms.id.au>
Signed-off-by: Cédric Le Goater <clg@kaod.org>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
The kernel is from upstream and U-Boot is from the OpenBMC branch
because mainline doesn't have the required support for HW, yet.
The main resulting file from the build is a flash image. The partition
layout matches the OpenBMC one for 64M chips. It makes it easier to
update the different partitions from Linux. Intermediate files can be
used to boot from U-boot over the network or to boot QEMU using
-kernel/-initrd/-dtb.
Signed-off-by: Cédric Le Goater <clg@kaod.org>
Reviewed-by: Joel Stanley <joel@jms.id.au>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fix the following security issues:
- Heap buffer overflow in wavlike_ima_decode_block()
- Heap buffer overflow in msadpcm_decode_block()
- Heap buffer overflow in psf_binheader_readf()
- Index out of bounds in psf_nms_adpcm_decode_block()
- Heap buffer overflow in flac_buffer_copy()
- Heap buffer overflow in copyPredictorTo24()
- Uninitialized variable in psf_binheader_readf()
Drop patch (already in version)
While at it, also drop mention of CVE-2018-13419 which is correctly
tagged as only affecting version 1.0.28 in NVD NIST database:
https://nvd.nist.gov/vuln/detail/CVE-2018-13419https://github.com/libsndfile/libsndfile/releases/tag/1.1.0
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
- Use official tarball and so drop autoreconf
- Update hash of COPYING (trailing white space removed:
68311d4678)
https://gitlab.xiph.org/xiph/speexdsp/-/tags/SpeexDSP-1.2.1
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
- Drop patch (already in version) and so also drop autoreconf
- Update indentation in hash file (two spaces)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
- Drop patch (already in version) and so also drop autoreconf
- Update indentation in hash file (two spaces)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
