Pending PR is now merged[1] and it fixes Linux >= 5.13 building. So let's
bump xr819-xradio version.
[1]: https://github.com/fifteenhex/xradio/pull/15
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Tested-by: Sergey Kuzminov <kuzminov.sergey81@gmail.com>
Tested-by: Sergey Kuzminov <kuzminov.sergey81@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The FP setting is not used for aarch64 in buildroot. The FPU options are
set implicit.
Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5.15.2 is the last public release of 5.15 and does not contain this CVE
fix. However, >=6.1.2 and >5.12.12 all contain the necessary patches so
let's port them to 5.15.2.
Technically only the first two patches are required to patch the CVE.
However, the second patch introduces a regression that is fixed in the third
patch.
The patches are taken from KDE kde/5.15 git branch.
Cc: Quentin Schulz <foss+buildroot@0leil.net>
Signed-off-by: Quentin Schulz <quentin.schulz@theobroma-systems.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
After update of the U-Boot [1] we were missing dependency on Python3,
and so were seeing failures like in [2]:
------------------------->8--------------------
HOSTLD scripts/dtc/dtc
scripts/dtc/pylibfdt/libfdt_wrap.c:154:11: fatal error: Python.h: No such file or directory
154 | # include <Python.h>
| ^~~~~~~~~~
compilation terminated.
error: command '/usr/bin/gcc' failed with exit code 1
------------------------->8--------------------
So that get fixed with "BR2_TARGET_UBOOT_NEEDS_PYTHON3=y".
And then once we use Python3, we also need OpenSSL, similarly to [3]
and the likes. So do it with "BR2_TARGET_UBOOT_NEEDS_OPENSSL=y".
Hopefully now all starts to build w/o any issues.
And while at it let's add a bit more structure to the config!
[1] https://git.buildroot.net/buildroot/commit/?id=06f10a88f30b73aaea5c0e0888d7ba9d9a6420f3
[2] https://gitlab.com/buildroot.org/buildroot/-/jobs/1946650570
[3] https://git.buildroot.net/buildroot/commit/?id=cf2a7663ccc6089e98e0d6ec39fa8623749c0c24
Signed-off-by: Alexey Brodkin <abrodkin@synopsys.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
[yann.morin.1998@free.fr: also change in Config.in]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Move rpi-bt-firmware and rpi-wifi-firmware packages to the new
brcmfmac_sdio-firmware-rpi one (as they are the same upstream
package).
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
[yann.morin.1998@free.fr:
- fix check-package
- legacy symbols still depend on arm || aarch64
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
- add cypress files
- update links
Chanelog (since 3888ba2):
- Sync with RPi-Distro repo
Switch to "bullseye" branch which moved several firmware files to
the cypress dir.
Add 43438 firmware 7.45.98.118 + external clm_blob
Add 43455 firmware 7.45.241 and clm_blob
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Chanelog (since 3888ba2):
- Sync with RPi-Distro repo
Switch to "bullseye" branch which moved several firmware files to
the cypress dir.
Add 43438 firmware 7.45.98.118 + external clm_blob
Add 43455 firmware 7.45.241 and clm_blob
- README.md: update link to RPi-distro repo wifi firmware files
- Merge pull request #19 from HiassofT/2021-12
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Changelog:
f5404b2 raspicam: Check system is running legacy camera stack
14b90ff mmal: Hack to make mmal core register VideoCore components
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Changelog:
095deea759 kernel: overlays: vc4-kms-v3d: Change composite handling
2e9b609e53c kernel: Bump to 5.10.79
12bc6e36773 firmware: dtoverlay: Rebase aliases in overlays like labels
24d966d35bb kernel: Bump to 5.10.81
ca52e7c1303 kernel: edt-ft5x06 touchscreen fixes
1a0297bfbf7 kernel: Bump to 5.10.82
0a1a871d04c kernel: Fix for IN Token of USB Endpoint 1 stopping occasionally on Pi 4
303d0012cd7 kernel: Bump to 5.10.83
bd8b6d5dc8e kernel: Bump to 5.10.85
56f1b8bbc88 kernel: Bump to 5.10.87
536baf33ae9 kernel: Bump to 5.10.88
ce71e3e9b34 kernel: Bump to 5.10.89
19b570d0d6a firmware: arm-loader: Fix kernel8.img selection on 2837 with arm_64bit=1
fbbde90b709 kernel: drm/vc4: fix non-working audio on RPi3 and no video with DVI
165bd7bc562 firmware: improve firmware camera detection
318e3373496 kernel: Bump to 5.10.90
175984a6dc4 kernel: drm/vc4: Add alpha_blend_mode property to each plane
20c5829b0af kernel: Bump to 5.10.92
3f20b832b27 firmware: arm_loader: Only clip min/max to the same value for turbo clocks
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Commit 593683b45f (package/tpm2-tss: remove unused dependency)
removed the build-time dependency (in the .mk), but forgot to
remove it from the Config.in.
Signed-off-by: Tilman Keskinöz <arved@arved.at>
[yann.morin.1998@free.fr: reword commit log]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Set --with-boost to avoid the following build failure when a non working
boost version is installed on host. This failure is raised since the
addition of the package in commit
ea033cecf9:
configure:5559: error: Could not find a version of the Boost::Asio library!
Fixes:
- http://autobuild.buildroot.org/results/855b66b86d979cc922b947da932b0e2388481263
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fixes the following security issues:
Improper handling of URI Subject Alternative Names (Medium)(CVE-2021-44531)
Accepting arbitrary Subject Alternative Name (SAN) types, unless a PKI is
specifically defined to use a particular SAN type, can result in bypassing
name-constrained intermediates. Node.js was accepting URI SAN types, which
PKIs are often not defined to use. Additionally, when a protocol allows URI
SANs, Node.js did not match the URI correctly.
Certificate Verification Bypass via String Injection (Medium)(CVE-2021-44532)
Node.js converts SANs (Subject Alternative Names) to a string format. It
uses this string to check peer certificates against hostnames when
validating connections. The string format was subject to an injection
vulnerability when name constraints were used within a certificate chain,
allowing the bypass of these name constraints.
Incorrect handling of certificate subject and issuer fields (Medium)(CVE-2021-44533)
Node.js did not handle multi-value Relative Distinguished Names correctly.
Attackers could craft certificate subjects containing a single-value
Relative Distinguished Name that would be interpreted as a multi-value
Relative Distinguished Name, for example, in order to inject a Common Name
that would allow bypassing the certificate subject verification.
Prototype pollution via console.table properties (Low)(CVE-2022-21824)
Due to the formatting logic of the console.table() function it was not safe
to allow user controlled input to be passed to the properties parameter
while simultaneously passing a plain object with at least one property as
the first parameter, which could be __proto__. The prototype pollution has
very limited control, in that it only allows an empty string to be assigned
numerical keys of the object prototype.
For details, see the advisory:
https://nodejs.org/en/blog/vulnerability/jan-2022-security-releases/
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Since Qemu 6.0.0 [1], a warning appear in the log if a short-form
boolean option is used.
[1] https://git.qemu.org/?p=qemu.git;a=commitdiff;h=ccd3b3b8112b670fdccf8a392b8419b173ffccb4
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Etienne Carriere <etienne.carriere@linaro.org>
Cc: Dick Olsson <hi@senzilla.io>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Ghostscript GhostPDL 9.50 through 9.54.0 has a heap-based buffer
overflow in sampled_data_finish (called from sampled_data_continue and
interp).
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Ghostscript GhostPDL 9.50 through 9.53.3 has a use-after-free in
sampled_data_sample (called from sampled_data_continue and interp).
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fix CVE-2020-13867: Open-iSCSI targetcli-fb through 2.1.52 has weak
permissions for /etc/target (and for the backup directory and backup
files).
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
freeipmi is an optional dependency which is enabled by default
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
boost system (which provides boost asio) is needed by host-riscv-isa-sim
since its addition in commit ea033cecf9:
configure: error: Could not find a version of the Boost::Asio library!
Fixes:
- http://autobuild.buildroot.org/results/6c33a66386ab2171454d8ea8c1bd17a5582e21dd
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fix CVE-2021-4192: vim is vulnerable to Use After Free
Fix CVE-2021-4193: vim is vulnerable to Out-of-bounds Read
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The commit 2f50686401 added a patch for
util-linux, but forgot to create a symlink to util-linux-libs. This
results in inconsistent libblkid.so builds from util-linux and
util-linux-libs.
If you enable BR2_PER_PACKAGE_DIRECTORIES, you will find that different
libblkid.so is used in different
$(BASE_DIR)/per-package/$(PKG)_NAME/target.
Signed-off-by: TIAN Yuanhao <tianyuanhao3@163.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The CM4 IO Board is equipped with an on-board RTC connected over I2C,
and has USB 2.0 host ports.
This commit loads the appropriate overlays to enable both. The USB 2.0
interface is by default disabled on CM4 to reduce the power
consumption so it needs to be explicitly enabled on the CM4 IO Board
to use the USB ports.
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
