This brings to the swupdate package two fixes [2][3] that have also
been backported in the meta-swupdate Yocto layer, see [1].
[1]: 3fccf23e28
[2]: 1078af97a5
[3]: e3a6b120ff
Signed-off-by: Joris Offouga <offougajoris@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
gtkvncviewer has been added since version 0.9.13 and
2650cfc17b,
disable it as it is only an example
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
go1.13.13 (released 2020/07/14) includes security fixes to the
crypto/x509 and net/http packages.
Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Add support for imx6ullevk_defconfig that allows booting a mainline
kernel and mainline U-Boot.
Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Separate the fields in the hash file by two spaces and remove hash of
old version.
Signed-off-by: Sergio Prado <sergio.prado@e-labworks.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Separate the fields in the hash file by two spaces.
Change the hash of the license:
- Copyright message changed from 2018,2019 to 2019,2020
Signed-off-by: Sergio Prado <sergio.prado@e-labworks.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Change the hash of the license:
- Copyright message changed from 'present' to 2020
- Link to BSD 2-Clause License changed from http to https
Signed-off-by: Sergio Prado <sergio.prado@e-labworks.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Also separate the fields in the hash file by two spaces.
Signed-off-by: Sergio Prado <sergio.prado@e-labworks.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Also separate the fields in the hash file by two spaces.
Signed-off-by: Sergio Prado <sergio.prado@e-labworks.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Without this backslash, any attempt to run make will result in the error:
package/mender/mender.mk:44: *** recipe commences before first target. Stop
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Mender has support for performing other types of updates other than
just overwriting the rootfs partition that isn't currently in use on
the target.
Some of the default provided modules provide support for:
- Updating a docker container.
- Running a script.
- Installing an RPM.
- Overwriting a directory.
- Updating a single-file.
The single-file update module is used by upstream for onboarding a new
device to a server, and this fails with Buildroot devices because the
modules are currently not installed.
Install the directory, script, and single-file modules by default, and
install the docker or rpm script if their respective packages are
selected.
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Version 3 scripts have been supported since version 2.0 and should be the
default.
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Update the following license file hashes due to copyright year changes:
- vendor/github.com/mendersoftware/mendertesting/LICENSE
- vendor/github.com/mendersoftware/mender-artifact/LICENSE
Remove hashes for the the following removed files:
- vendor/github.com/mendersoftware/log/LICENSE
- vendor/github.com/mendersoftware/scopestack/LICENSE
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Update the following license file hashes due to copyright year changes:
- vendor/github.com/mendersoftware/mendertesting/LICENSE
- vendor/github.com/davecgh/go-spew/LICENSE
- vendor/github.com/stretchr/testify/LICENSE
Add hashes for the the following new files:
- vendor/github.com/minio/sha256-simd/LICENSE
- vendor/gopkg.in/yaml.v2/LICENSE
- vendor/github.com/klauspost/compress/LICENSE
- vendor/github.com/russross/blackfriday/v2/LICENSE.txt
- vendor/github.com/klauspost/pgzip/LICENSE
- vendor/github.com/cpuguy83/go-md2man/v2/LICENSE.md
- vendor/github.com/shurcooL/sanitized_anchor_name/LICENSE
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Build will fail if gobject-introspection is built before network-manager
but python-gobject is not:
configure: error: "--enable-introspection aims to build the settings documentation. This requires GObject introspection for python (pygobject)
To avoid this build failure and because we don't need documentation,
just disable introspection
Fixes:
- http://autobuild.buildroot.org/results/d3b1bc2fa7559e66465033c455176761d6e184d1
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
- drop patch included in version
- update hash file formatting (2 spaces)
Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Since commit 35e240105f, gvfs needs
dynamic library as it uses shared_module to build libgvfs_dbus and
libgioremote_volume_monitor
Fixes:
- http://autobuild.buildroot.org/results/89a02fda05e75bfc9bd4fa17fea3bec23fd5da3d
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Acked-by: Christian Stewart <christian@paral.in>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bump U-Boot to 2020.07 and kernel to version 5.7.8
Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
python-networkx wasn't upgraded for a while due to incompatibilities
with setools not supporting versions above 1.11. With the recent version
bump of setools this is no longer true and we can bump python-networkx
to 2.4.
The license checksum had to be updated while bumping the package, but
only the year of the copyright has changed.
Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
libfuse3 is an optional dependency since version 1.41.1 and
7a0a06186b
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fix the following security issues:
- SERVER-45514 [FLE] Reject document validators with encryption-related
keywords if the validationAction is “warn”
- SERVER-48039 Unrecognized option: net.ssl.clusterCertificateSelector
in MongoDB v4.2
- SERVER-45803 mongodecrypt needs a ServiceContext
- SERVER-46834 Use monotonic time in UserCacheInvalidator
- SERVER-47113 LDAP connection pool acquisition state should own host
list
https://docs.mongodb.com/manual/release-notes/4.2
Also:
- Update indentation in hash file (two spaces)
- Tweak version to be "compliant" with https://release-monitoring.org
- Use official tarball
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
setools is no longer hosted on https://github.com/TresysTechnology/setools/.
Update the source location to its new home,
https://github.com/SELinuxProject/setools/.
Refresh patches 0001-remove-werror-flag-from-setup.patch and
0002-Do-not-export-use-setools.InfoFlowAnalysis-and-setoo.patch for
4.3.0 and remove patch 0003-setup.py-drop-path-prefix-from-man-install.patch
that is now upstream.
Add a new dependency on host-python-cython, as setup.py now depends on
it.
Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Patch 0001-checkpolicy-remove-unused-te_assertions.patch is now part of
the upstream release 20200710.
Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Refresh patch 0002-Do-not-use-PYCEXT-and-rely-on-the-installed-file-nam.patch
for 3.1; and remove patch 0003-fix-building-against-musl-and-uclibc-libraries.patch
that is now upstream.
Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com>
Reviewed-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Patches 0002-libsepol-fix-CIL_KEY_-build-errors-with-fno-common.patch
and 0003-libsepol-remove-leftovers-of-cil_mem_error_handler.patch are
now upstream.
Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
oracle-mysql won't built its own bundled zlib since commit
6fed83a030 so don't unconditionally link
with zlib instead use mysql_config to retrieve cflags and libs as
suggested by Thomas Petazzoni in review of first iteration
Fixes:
- No autobuilder failures yet
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Add the new SAMA5D27 WLSOM1 Evaluation Kit with linux4sam_6.2
components. Update README file with new defconfigs and new
packages/website.
Signed-off-by: Eugen Hristev <eugen.hristev@microchip.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This includes the following changes:
86bd30a Restore ability to feed script file via stdin, using `-s -`.
Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
- Retrieve first patch from upstream (BUILD_EXAMPLES is already in
CMakeLists.txt)
- Update indentation in hash file (two spaces)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
- Drop all patches (already in version)
- Fix CVE-2018-21247: An issue was discovered in LibVNCServer before
0.9.13. There is an information leak (of uninitialized memory contents)
in the libvncclient/rfbproto.c ConnectToRFBRepeater function.
- Fix CVE-2019-20839: libvncclient/sockets.c in LibVNCServer before
0.9.13 has a buffer overflow via a long socket filename.
- Fix CVE-2019-20840: An issue was discovered in LibVNCServer before
0.9.13. libvncserver/ws_decode.c can lead to a crash because of
unaligned accesses in hybiReadAndDecode.
- Fix CVE-2020-14396: An issue was discovered in LibVNCServer before
0.9.13. libvncclient/tls_openssl.c has a NULL pointer dereference.
- Fix CVE-2020-14397: An issue was discovered in LibVNCServer before
0.9.13. libvncserver/rfbregion.c has a NULL pointer dereference.
- Fix CVE-2020-14398: An issue was discovered in LibVNCServer before
0.9.13. An improperly closed TCP connection causes an infinite loop in
libvncclient/sockets.c.
- Fix CVE-2020-14399: An issue was discovered in LibVNCServer before
0.9.13. Byte-aligned data is accessed through uint32_t pointers in
libvncclient/rfbproto.c.
- Fix CVE-2020-14400: An issue was discovered in LibVNCServer before
0.9.13. Byte-aligned data is accessed through uint16_t pointers in
libvncserver/translate.c.
- Fix CVE-2020-14401: An issue was discovered in LibVNCServer before
0.9.13. libvncserver/scale.c has a pixel_value integer overflow.
- Fix CVE-2020-14402: An issue was discovered in LibVNCServer before
0.9.13. libvncserver/corre.c allows out-of-bounds access via
encodings.
- Fix CVE-2020-14403: An issue was discovered in LibVNCServer before
0.9.13. libvncserver/hextile.c allows out-of-bounds access via
encodings.
- Fix CVE-2020-14404: An issue was discovered in LibVNCServer before
0.9.13. libvncserver/rre.c allows out-of-bounds access via encodings.
- Fix CVE-2020-14405: An issue was discovered in LibVNCServer before
0.9.13. libvncclient/rfbproto.c does not limit TextChat size.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
- Fix CVE-2020-14148: The Server-Server protocol implementation in
ngIRCd before 26~rc2 allows an out-of-bounds access, as demonstrated
by the IRC_NJOIN() function.
- Fix a static build failure with openssl thanks to
ad86a41eee
- Update indentation in hash file (two spaces)
Fixes:
- http://autobuild.buildroot.org/results/078a7afc432786316a1d2ea03f96444ff741b942
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fixes the following security issue:
* CVE-2020-8619: It was possible to trigger an INSIST failure when a
zone with an interior wildcard label was queried in a certain
pattern.
Release notes:
https://ftp.isc.org/isc/bind9/cur/9.11/RELEASE-NOTES-bind-9.11.20.txt
Signed-off-by: Stefan Sørensen <stefan.sorensen@spectralink.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
