A memory corruption issue was found in Artifex Ghostscript 9.50 and
9.52. Use of a non-standard PostScript operator can allow overriding of
file access controls. The 'rsearch' calculation for the 'post' size
resulted in a size that was too large, and could underflow to max
uint32_t. This was fixed in commit
5d499272b95a6b890a1397e11d20937de000d31b.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Changes since v2.1.3:
https://github.com/FluidSynth/fluidsynth/releases/tag/v2.1.4
- fix an uninitialized memory access possibly triggering an FPE trap
- fix several regressions introduced in 2.1.3:
- fluid_synth_start() failed for certain presets
- fix a NULL dereference in jack driver
- fix a stack-based overflow when creating the synth
Signed-off-by: Julien Olivain <juju@cotds.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This will fix the build with gcc 10 due to the library codebase being
switched to C++11.
It should be noted that bumping the C++ requirement from C++11 to C++14
is not needed for this bump as this change is not yet in this version:
f6a0b004e0
Also update indentation in hash file (two spaces)
Fixes:
- http://autobuild.buildroot.org/results/4546ce4f176164462b0e73c387bc45c9771f98f7
Signed-off-by: André Hentschel <nerv@dawncrow.de>
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The live555 source code includes both a COPYING file (with the GPL-3.0
license text) and a COPYING.LESSER file (with the LGPL-3.0 license
text). However, all source files indicate a LGPL-3.0 license, and none
of them indicate a GPL-3.0 license. In addition,
http://live555.com/liveMedia/faq.html#copyright-and-license says the
source code is under the LGPL.
So, we:
- Bump LGPL License to 3.0+
- Add a comment about the GPL-3.0 license
Fixes:
- https://bugs.busybox.net/show_bug.cgi?id=13156
Signed-off-by: Michael Nosthoff <buildroot@heine.tech>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Dropped patches from this release.
List of commits between 1.3 and 1.3.1:
97b912a7277747db1aca74c7d922e37d41b4f9a8 Release version 1.3.1
62534f212798c540c46e9f362e1d84845175d42e Rename "--validate" to "--ignore-violations"
5b58f475708a6a0c2e70a5d98bbe3f530217d1e1 Drop the ima_measurement "--verify" option
8e2738dd44c0aad2e11f995b802a4d6dcde6b505 extend ima_measurement --pcrs option to support per-bank pcr files
79ab82f55f14839d6b9ba6af78af3367370146bb Rename "Changelog" to "NEWS"
7f9a59c6c613ed8da2947b5e0078a8b75c4e7197 Fix missing {u,g}id_t typedef on musl
1f4e423e7c1d8d5ae85e12368065dec2dc4e87fb pcr_tss: Fix compilation for old compilers
Signed-off-by: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Commit 9ffcd9279e wrongly added a
linux-headers dependency when switching to meson.
Remove it as headers are always provided by the toolchain.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Acked-by: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
- Fix CVE-2017-6312: Integer overflow in io-ico.c in gdk-pixbuf allows
context-dependent attackers to cause a denial of service (segmentation
fault and application crash) via a crafted image entry offset in an
ICO file, which triggers an out-of-bounds read, related to compiler
optimizations.
- Fix CVE-2017-6313: Integer underflow in the load_resources function in
io-icns.c in gdk-pixbuf allows context-dependent attackers to cause a
denial of service (out-of-bounds read and program crash) via a crafted
image entry size in an ICO file.
- Fix CVE-2017-6314: The make_available_at_least function in io-tiff.c
in gdk-pixbuf allows context-dependent attackers to cause a denial of
service (infinite loop) via a large TIFF file.
Also update indentation in hash file (two spaces)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/674933582
Signed-off-by: Michael Durrant <mdurrant@arcturusnetworks.com>
Signed-off-by: Oleksandr G Zhadan <Oleks@ArcturusNetworks.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The vendor kernel we are currently selecting no longer builds,
and fails with a ton of:
from include/linux/list.h:8,
from include/linux/module.h:9,
from arch/mips/jz4740/prom.c:16:
include/linux/log2.h:22:1: error: ignoring attribute 'noreturn' because it conflicts with attribute 'const' [-Werror=a
ttributes]
22 | int ____ilog2_NaN(void);
| ^~~
We can't afford to fix that, so let's just move to upstream
kernel and bootloader. It doesn't make much sense to keep
using an unsupported kernel and bootloader at this point.
This means we will be missing some of the features supported
by the vendor (such as HDMI support), but it is what it is.
Linux v5.7 and v5.4 have been tested to boot fine, the latter
is picked for the defconfig as it is an LTS version.
Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/674933782
Reported-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Ezequiel Garcia <ezequiel@collabora.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Since 948666dfde, librtlsdr in Buildroot is no longer
built from an official release, but from a commit on the master branch. However, the
commit that was referenced has a broken pkgconfig file templating, such that
other packages using `pkgconfig --libs librtlsdr` as part of their build process
(such as dump1090) could not be built anymore:
Before 948666dfde:
$ cat staging/usr/lib/pkgconfig/librtlsdr.pc
prefix=/usr
exec_prefix=${prefix}
libdir=${exec_prefix}/lib
includedir=${prefix}/include
Name: RTL-SDR Library
Description: C Utility Library
Version: 0.6.0
Cflags: -I${includedir}/
Libs: -L${libdir} -lrtlsdr -lusb-1.0
Libs.private:
On 948666dfde:
$ cat staging/usr/lib/pkgconfig/librtlsdr.pc
prefix=
exec_prefix=
libdir=
includedir=
Name: RTL-SDR Library
Description: C Utility Library
Version: 7082
Cflags: -I${includedir}/
Libs: -L${libdir} -lrtlsdr
Libs.private: -lusb-1.0
In the meantime, upstream released a bugfix for that ([1]), so we bump to that
commit as well, and update the only patch for shared libs accordingly, because
upstream also added a new tool called `rtl_biast` in the meantime.
Finaly, we update the hash file to the two-spaces convention.
Fixes: http://autobuild.buildroot.net/results/b4c/b4cdcb59cc61c51c024197a64865ad4b60023d0c/
[1]: ed0317e6a5
Signed-off-by: Titouan Christophe <titouan.christophe@railnova.eu>
Tested-by: Heiko Thiery <heiko.thiery@gmail.com>
Tested-by: Gwenhael Goavec-Merou <gwenhael.goavec-merou@trabucayre.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Even though librtlsdr was initially introduced by Jason Pruitt in
2014, and Jason is still listed in the DEVELOPERS file for this
package, in recent times it's mainly Gwenhael who has been taking of
this package. Let's reflect that in the DEVELOPERS file so that
Gwenhael gets notified when there are librtlsdr issues.
Cc: Jason Pruitt <jrspruitt@gmail.com>
Cc: Gwenhael Goavec-Merou <gwenhael.goavec-merou@trabucayre.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
librtlsdr currently fails to build on the autobuilders, as it fails
for out of tree builds. Indeed, there is some CMake logic in librtlsdr
that determines the version using Git. This works fine when librtlsdr
is fetched from Git of course. But in the context of Buildroot,
librtlsdr is extracted from a tarball.
For an in-tree build, the "git describe" invocation goes all the way
up to the Buildroot .git/ metadata, and uses that as the librtlsdr
version (it's of course wrong, but the build works). In an out-of-tree
build, there is no parent directory with .git/ metadata, so Git fails,
the VERSION variable is empty and later CMake aborts the build because
of that.
We fix that by adjusting the version retrieving logic to only use Git
if a .git/ metadata folder is found at the root of the librtlsdr
source tree. The patch has been submitted upstream.
Fixes:
http://autobuild.buildroot.net/results/ea52be1da8ed03272db06679d5a0a441ffe6ea0c/
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Drop patch (already in version). The commit list between 3.9.2 and
3.9.4 is just made of fixes:
db9b4fa148e6c22c0d4b4c567fa65d1cd5368152 Released 3.9.4
50cbca799c1f9b010fabaa0dd4a387f29d140873 fuse_send_data_iov(): correctly calculate total buffer size.
7b3e3899157566875280a8b860eb5ad5c73eadc1 Define fuse_session_loop_mt as a macro on uclibc and MacOS (#532)
c5e8684b5a2f3400af6d7a3edcaeb3ce8ffc51b5 Fixed typo in command to compile program (#536)
e8a9e84672dcaa892d4708c163f768dc177b6d4c Doc fixes (#537)
d1deae6968c49d83334e874c33abfe15824c4548 Fix FreeBSD CI (#539)
48450411647ca0818821af7b05b819ceff92ae7c Fix: crash on failure to set locale (#529)
9e1c2a4959c16c0b50090dd822389ad9acb08111 fuse_lowlevel: Move assert for se before dereferencing it with se->debug (#530)
7471156354002c6547aa6c3a4f39a3262f435ba4 Fixed minor print alignment issue in iconv_help(), replacing tab with space (#519)
9fa4dc1661f085d4e89a54d75acc3347d52f33fa Fix the typo "filed" -> "field" in fuse manpage (#524)
717c8b8b3ed815f14e5607a995d0113446e3fb0b README: Correct the directory name from 'examples' to 'example' (#526)
032db1ab298d62c4d0c5be1f9fb2df299aec2346 docs: Replace `mesonconf` with `meson configure` (#528)
06342ca60ed822b856990915f127d8beddc0d1f6 libfuse: Assign NULL to "old" to avoid free it twice (#522)
5021d6a0a100d4987be126e87b7ee5fbfc17bbdc Typo fixed. (#520)
Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This commit slightly improves the output of pkg-stats by showing the
progress of the upstream URL checks and latest version retrieval, on a
package basis:
Checking URL status
[0001/0062] curlpp
[0002/0062] cmocka
[0003/0062] snappy
[0004/0062] nload
[...]
[0060/0062] librtas
[0061/0062] libsilk
[0062/0062] jhead
Getting latest versions ...
[0001/0064] libglob
[0002/0064] perl-http-daemon
[0003/0064] shadowsocks-libev
[...]
[0061/0064] lua-flu
[0062/0064] python-aiohttp-security
[0063/0064] ljlinenoise
[0064/0064] matchbox-lib
Note that the above sample was run on 64 packages. Only 62 packages
appear for the URL status check, because packages that do not have any
URL in their Config.in file, or don't have any Config.in file at all,
are not checked and therefore not accounted.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This commit reworks the code that checks if the upstream URL of each
package (specified by its Config.in file) using the aiohttp
module. This makes the implementation much more elegant, and avoids
the problematic multiprocessing Pool which is causing issues in some
situations.
Suggested-by: Titouan Christophe <titouan.christophe@railnova.eu>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This commit reworks the code that retrieves the latest upstream
version of each package from release-monitoring.org using the aiohttp
module. This makes the implementation much more elegant, and avoids
the problematic multiprocessing Pool which is causing issues in some
situations.
Since we're now using some async functionality, the script is Python
3.x only, so the shebang is changed to make this clear.
Suggested-by: Titouan Christophe <titouan.christophe@railnova.eu>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Since the bump of ATF to 2.2 for the ATF Vexpress test case in commit
fc3d6a3ed0
("support/testing/tests/boot/test_atf: update U-Boot/ATF use in
TestATFVexpress"), DTC is now needed otherwise the build fails with:
make[2]: dtc: Command not found
Makefile:873: recipe for target 'build/juno/release/fdts/juno_tb_fw_config.dtb' failed
Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/674934470
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The libabseil-cpp package fails to build on a number of CPU
architectures in our autobuilders.
On most CPU architectures, the first issue looked like this:
libabseil-cpp-20200225/absl/base/internal/direct_mmap.h: In function 'void* absl::lts_2020_02_25::base_internal::DirectMmap(void*, size_t, int, int, int, off64_t)':
libabseil-cpp-20200225/absl/base/internal/direct_mmap.h:121:39: error: static assertion failed: Platform is not 64-bit
121 | static_assert(sizeof(unsigned long) == 8, "Platform is not 64-bit");
| ~~~~~~~~~~~~~~~~~~~~~~^~~~
libabseil-cpp-20200225/absl/base/internal/direct_mmap.h:123:15: error: 'SYS_mmap' was not declared in this scope; did you mean 'SYS_mmap2'?
123 | syscall(SYS_mmap, start, length, prot, flags, fd, offset));
| ^~~~~~~~
| SYS_mmap2
Indeed, on 32-bit architectures, libabseil-cpp has some special code
to use the mmap2() system call, and it white-lists the supported
architectures. It is therefore trivial to add support for more
architectures.
However, once this is fixed, another issue arises:
absl/debugging/internal/examine_stack.cc uses the ucontext data
structures, which are not provided by uClibc-ng on all CPU
architectures, and even the code of libabseil-cpp does not exist for
all CPU architectures.
So, this commit solves that by simply making libabseil-cpp available
on architectures/C libraries where it is supported: it needs ucontext
support in the toolchain + a CPU architecture where
absl/debugging/internal/examine_stack.cc has the appropriate logic.
This new dependency is propagated to the reverse dependencies of
libabseil-cpp.
With this commit, libabseil-cpp passes a test-pkg -a test (so all
external toolchains used by the autobuilders):
andes-nds32 [ 1/45]: SKIPPED
arm-aarch64 [ 2/45]: OK
br-aarch64-glibc [ 3/45]: OK
br-arcle-hs38 [ 4/45]: SKIPPED
br-arm-basic [ 5/45]: SKIPPED
br-arm-cortex-a9-glibc [ 6/45]: OK
br-arm-cortex-a9-musl [ 7/45]: OK
br-arm-cortex-m4-full [ 8/45]: SKIPPED
br-arm-full [ 9/45]: OK
br-arm-full-nothread [10/45]: SKIPPED
br-arm-full-static [11/45]: SKIPPED
br-i386-pentium4-full [12/45]: OK
br-i386-pentium-mmx-musl [13/45]: OK
br-m68k-5208-full [14/45]: SKIPPED
br-m68k-68040-full [15/45]: SKIPPED
br-microblazeel-full [16/45]: SKIPPED
br-mips32r6-el-hf-glibc [17/45]: OK
br-mips64-n64-full [18/45]: OK
br-mips64r6-el-hf-glibc [19/45]: OK
br-mipsel-o32-full [20/45]: OK
br-nios2-glibc [21/45]: SKIPPED
br-openrisc-uclibc [22/45]: SKIPPED
br-powerpc-603e-basic-cpp [23/45]: SKIPPED
br-powerpc64le-power8-glibc [24/45]: OK
br-powerpc64-power7-glibc [25/45]: OK
br-powerpc-e500mc-full [26/45]: SKIPPED
br-riscv32 [27/45]: OK
br-riscv64 [28/45]: OK
br-riscv64-musl [29/45]: OK
br-sh4-full [30/45]: SKIPPED
br-sparc64-glibc [31/45]: SKIPPED
br-sparc-uclibc [32/45]: SKIPPED
br-x86-64-core2-full [33/45]: OK
br-x86-64-musl [34/45]: OK
br-xtensa-full [35/45]: SKIPPED
linaro-aarch64-be [36/45]: OK
linaro-aarch64 [37/45]: OK
linaro-arm [38/45]: OK
sourcery-arm-armv4t [39/45]: OK
sourcery-arm [40/45]: OK
sourcery-arm-thumb2 [41/45]: OK
sourcery-mips64 [42/45]: OK
sourcery-mips [43/45]: OK
sourcery-nios2 [44/45]: SKIPPED
sourcery-x86-64 [45/45]: OK
45 builds, 18 skipped, 0 build failed, 0 legal-info failed
Fixes:
http://autobuild.buildroot.net/results/ead663b4b67b0b57ed003a46db3182d95cc01bc0/
(and many similar build failures)
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Bump to a later version of ATF and cleanup the Python
configuration. Previously this configuration had to work around Python
3 issues with OP-TEE. Now this relies on OP-TEE properly building
itself with host-python3.
Signed-off-by: Dick Olsson <hi@senzilla.io>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Recent versions of OP-TEE depend on Python 3. Currently, OP-TEE is
building with the Python interpreter provided by the user. This patch
includes an upstream patch that makes the interpreter configurable,
and makes use of this configuration with host-python3.
Signed-off-by: Dick Olsson <hi@senzilla.io>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This package will ensure that pycryptodomex is built for Python 3.
Comments in both python-pycryptodome and python3-pycryptodomex are
added to ensure they stay in sync.
Signed-off-by: Dick Olsson <hi@senzilla.io>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The luabitop package is only available with Lua 5.1. LuaJIT, Lua 5.3
or more recent versions of Lua have this functionality built-in.
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
In preparation for the introduction of Lua 5.4, clarify the dependency
of luabitop: it only makes sense when used with Lua 5.1.
Also update the comment to no longer mention Lua 5.2, since we don't
support Lua 5.2 in Buildroot anymore.
Note that as explained in https://luajit.org/extensions.html, LuaJit
already implements luabitop functions, so luabitop is really for Lua
5.1 only, not for all Lua interpreters that implemented the 5.1 ABI.
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
setools needs python3 since version 4.2.0 and
e292a77c52
However today in Buildroot, when no target python is selected, or when
BR2_PACKAGE_PYTHON=y, all host python modules are installed for
host-python, i.e Python 2. But this module won't install in Python 2,
so let's force its host variant to be installed with Python 3 on the
host. Of course, for that to work, its dependency must also be built
for host-python3, so we change it to the newly introduced
host-python3-cython package.
Fixes:
- http://autobuild.buildroot.org/results/c2febcea5fbd8a21709721524ae9e9b5fc0896f9
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Tested-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The host-setools package needs to be built for the host-python3, even
when the target Python is not necessarily Python 3.x. Since it depends
on host-python-cython, we need a Python 3 variant of it, which this
patch introduces.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Tested-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Changelog of this bugfix release:
https://www.php.net/ChangeLog-7.php#7.4.9
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
