This patch bumps Linux CIP to version 5.10.83-cip1.
Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
This is needed for watchdogd to work with SELinux.
Signed-off-by: Adam Duskett <aduskett@gmail.com>
Acked-by: Joachim Wiberg <troglobit@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
This is needed for polkit to work with SELinux.
Signed-off-by: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
In Keepalived through 2.2.4, the D-Bus policy does not sufficiently
restrict the message destination, allowing any user to inspect and
manipulate any property. This leads to access-control bypass in some
situations in which an unrelated D-Bus system service has a settable
(writable) property
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
zlib is optional, not mandatory since version 6.1 and
00e464afc3
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
libpng is optional, not mandatory since version 6.1 and
eb13d515fb
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fix the following build failure raised since bump of xserver_xorg-server
to version 21.1.1 in commit d9185c6ba3:
In file included from trident_bank.c:37:
trident.h:41:10: fatal error: xf86RamDac.h: No such file or directory
41 | #include "xf86RamDac.h"
| ^~~~~~~~~~~~~~
Fixes:
- http://autobuild.buildroot.org/results/c81ac8075af257e8626d9d097270be7a7b4a1496
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Changelog ([1]):
- fix some HAVE_IPV6 conditional changes
- fix SO_TIMEOUT regressiony
- ren sockets.c to socket_io.c
- fix compile breakage per abs() returning an int instead of float
- support for gettcpinfo on Mac OS X (tested on both M1 and x86 silicon)
- move setsock_blocking from sockets into PerfSocket.cpp
- don't require -V for v6, instead try v6 when v4 hostname lookup fails,
client only
- add assert in writen
- add tcp RTT variance to client output
- use setsockopt to get the nagle status
- show Nagle and TOS settings on client
- more on connect-only testing
- sample and output the initial rtt and cwnd in the connect report
- fix multiple fullduplex regressions
- fix for HAVE_TCP_STATS in configure, then linux compile
- writen can have more than one write, fix accounting when this occurs
- fix tos with --reverse and --full-duplex
- add support for --tos-override <value> on server
- add support for --tcp-drain, add mmm stats, histograms - experimental
feature
- multiple man page updates
- fix partial histogram print to not show (f)
- some new scripts in python flows
- fixes to incr-srcport
- fixes for --incr-dstport
- fix regression on very first UDP packet having transit latency of zero
- fix --reverse and --isochronous when --trip-times not set
- fix client_init regression, pull out tcp_shutdown
- fix reporter startup race and one second delay by setting the threads
ready predicate and issuing the signal under a lock
- fix first send accounting for small -n
- fix configure.ac to use '=' instead of '=='
[1] https://sourceforge.net/projects/iperf2/files/readme.txt/download
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Remove patches which are now included in version 2.2.0 and no longer
needed.
Signed-off-by: Andreas Klinger <ak@it-klinger.de>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
This new release includes a number of improvements. Release notes:
https://wpewebkit.org/release/cog-0.12.0.html
Small tweaks were needed due to the "fdo" platform backend being renamed
as "wl"; the symbol is kept as BR2_PACKAGE_COG_PLATFORM_FDO to avoid
breaking existing configurations. Also the new version supports building
with libsoup3, which is not yet packaged in Buildroot, so -DUSE_SOUP2=ON
is always passed to CMake.
Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Tested-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
* update patch 0001 to match changed target code
* BSD-3c and MPL-2.0 licenses were added to LICENSE
Signed-off-by: Michael Nosthoff <buildroot@heine.tech>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Some of the third party code is BSD-licensed. In addition, the roots.pem
certificate store is MPL-licensed.
This was probably already the case in earlier versions as well, but it
was only noticed while updating to 1.42.0 because the LICENSE file was
adapted for it.
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Update to the the next minor release, which fixes an scrolling issue and
incorporated a patch that can now be removed from Buildroot. Release
notes:
https://wpewebkit.org/release/wpewebkit-2.34.2.html
Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Tested-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
In case Qt support is enabled use '-std=gnu++11' instead of '-std=c++11' to
enable c++11 support and gain support of the typeof GNU extension.
Fixes:
- http://autobuild.buildroot.net/results/2d58906a1eefdf921b42f6c0d9fd680ef2ad6e27
In file included from v4l2-ctl-streaming.cpp:14:
../../utils/common/v4l2-tpg.h: In function 'void tpg_s_hue(tpg_data*, s16)':
../../utils/common/v4l2-tpg.h:49:2: error: 'typeof' was not declared in this scope
49 | typeof(val) __val = (val); \
| ^~~~~~
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
It is possible that some users of buildroot have put it in a repository
and call into it from another Makefile such as:
.DEFAULT:
$(MAKE) O=$(abspath $(O)) -C buildroot $(@)
This technique works well except that Make tells us that it changes into
the buildroot directory:
make[1]: Entering directory 'buildroot'
Because this line doesn't have an equals within it, python raises a
ValueError exception within pkg-stats.
This patch has python tell the invoked make not to print directories
Signed-off-by: Cyril Bur <cyrilbur@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
First patch is not needed since bump to version 0.99.1 in commit
2c8e5dd69f and
6890053176
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
- Comment out iface setting, usually not what you want
- Update DynDNS example, show use of multiple hostnames
- Add FreeDNS sample config, free and stable service
- Add link to syntax and examples
Signed-off-by: Joachim Wiberg <troglobit@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Currently, by following the instructions in the manual and querying for
developers for a patch that changes path
package/foobar
the script reports both developers that have these entries in the
DEVELOPERS file:
F: package/foo/
F: package/foobar/
Starting from commit "afc112b0e4 utils/getdeveloperlib.py: fix issue
with hasfile()" get-developers script uses os.path.abspath() and
os.path.relpath().
The catch is that those functions return the absolute path and the
relative path without the trailing slash.
When the paths associated to a developer are then compared to the paths
a patch touches, using the string.startswith(), any substring returns
True, leading to developers for package/foo/ being wrongly reported
for package/foobar/ .
Fix this by re-adding the trailing slash after using relpath().
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Cc: Heiko Thiery <heiko.thiery@gmail.com>
Cc: James Knight <james.d.knight@live.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Since a long time, we have a check-package check for patches. Make sure
that this check runs in 'make check-package', by including *.patch in
the find expression.
There are still a number of patches without SoB, and these are not so
trivial to fix, so for now, disable the SoB check.
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
[Ricardo: do not run check for SoB for now]
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
As reported by check-package (by calling it directly):
generate your patches with 'git format-patch -N'
Change all affected files using this command:
$ sed 's,^\(Subject: *\[PATCH\)[^]]*,\1,g' \
-i $(find * -name '*.patch' -type f)
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
As reported by check-package (by calling it directly):
use name <number>-<description>.patch
Output of:
make screen-dirclean screen-patch | grep 'Patching\|Applying'
Before:
>>> screen 4.8.0 Patching
Applying 0001-no-memcpy-fallback.patch using patch:
Applying 0002-install-no-backup-binary.patch using patch:
Applying 0003-install-always-chmod.patch using patch:
Applying 0004-install-nonversioned-binary.patch using patch:
Applying 0005-rename-sched_h.patch using patch:
Applying 0006-comm-h-now-depends-on-term-h.patch using patch:
Applying 0007-comm.h-needed-for-list_-display-generic-.o.patch using patch:
Applying 0008_CVE-2021-26937.patch using patch:
After:
>>> screen 4.8.0 Patching
Applying 0001-no-memcpy-fallback.patch using patch:
Applying 0002-install-no-backup-binary.patch using patch:
Applying 0003-install-always-chmod.patch using patch:
Applying 0004-install-nonversioned-binary.patch using patch:
Applying 0005-rename-sched_h.patch using patch:
Applying 0006-comm-h-now-depends-on-term-h.patch using patch:
Applying 0007-comm.h-needed-for-list_-display-generic-.o.patch using patch:
Applying 0008-CVE-2021-26937.patch using patch:
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
As reported by check-package (by calling it directly):
use name <number>-<description>.patch
Output of:
make lpc32xxcdl-dirclean lpc32xxcdl-patch | grep 'Patching\|Applying'
Before:
>>> lpc32xxcdl 2.11 Patching
Applying lpc32xxcdl-2.11-compiler_name.patch using patch:
Applying lpc32xxcdl-2.11-delete_redundant_files.patch using patch:
Applying lpc32xxcdl-2.11-libnosys_gnu.patch using patch:
Applying lpc32xxcdl-2.11-slashes.patch using patch:
After:
>>> lpc32xxcdl 2.11 Patching
Applying 0001-compiler_name.patch using patch:
Applying 0002-delete_redundant_files.patch using patch:
Applying 0003-libnosys_gnu.patch using patch:
Applying 0004-slashes.patch using patch:
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Drop patch (already in version).
Add new dependencies:
- host-autoconf-archive
- libevdev
- upower
- xz (liblzma)
Create a pre-configure hook to avoid this error when reconfiguring:
automake: error: cannot open < gtk-doc.make: No such file or directory
Based on the solution used in 178eb1d7ea.
During the build gtk-doc is already disabled by pkg-autotools.
Create a post-patch hook to avoid this error when reconfiguring:
aclocal: error: couldn't open directory 'm4': No such file or directory
Based on the solution used in 6bf74ce3db.
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
U-Boot implements a boot count scheme that can be used to detect
multiple failed attempts to boot Linux. On Davinci platform (TI AM 335x)
the `bootcount' value is stored in the RTC SCRATCH2 register. This tool
allows to read and write this register from userspace.
Signed-off-by: Dario Binacchi <dariobin@libero.it>
[Arnout: use github helper, add license hash, remove unnecessary
defaults, add autoreconf comment]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fix CVE-2021-4069: vim is vulnerable to Use After Free
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fix CVE-2021-43784: runc is a CLI tool for spawning and running
containers on Linux according to the OCI specification. In runc, netlink
is used internally as a serialization system for specifying the relevant
container configuration to the `C` portion of the code (responsible for
the based namespace setup of containers). In all versions of runc prior
to 1.0.3, the encoder did not handle the possibility of an integer
overflow in the 16-bit length field for the byte array attribute type,
meaning that a large enough malicious byte array attribute could result
in the length overflowing and the attribute contents being parsed as
netlink messages for container configuration. This vulnerability
requires the attacker to have some control over the configuration of the
container and would allow the attacker to bypass the namespace
restrictions of the container by simply adding their own netlink payload
which disables all namespaces. The main users impacted are those who
allow untrusted images with untrusted configurations to run on their
machines (such as with shared cloud infrastructure). runc version 1.0.3
contains a fix for this bug. As a workaround, one may try disallowing
untrusted namespace paths from your container. It should be noted that
untrusted namespace paths would allow the attacker to disable namespace
protections entirely even in the absence of this bug.
https://github.com/opencontainers/runc/releases/tag/v1.0.3
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Currently this .mk snippet results in unexpected behavior from
check-package:
|VAR_1 = VALUE1
|ifeq (condition)
|VAR_1 := $(VAR_1), VALUE2
|endif
Fix commit "163f160a8e utils/{check-package, checkpackagelib}:
consistently use raw strings for re.compile" that ended up doing this:
- CONCATENATING = re.compile("^([A-Z0-9_]+)\s*(\+|:|)=\s*\$\(\\1\)")
+ CONCATENATING = re.compile(r"^([A-Z0-9_]+)\s*(\+|:|)=\s*\$\(\\1\)")
But raw strings do not expect escaping when referencing \1 and the
pattern ends up searching for a raw '\\1' instead of an occurrence of
the first pattern inside parenthesis.
|$ python3
|Python 3.8.10 (default, Sep 28 2021, 16:10:42)
|[GCC 9.3.0] on linux
|Type "help", "copyright", "credits" or "license" for more information.
|>>> import re
|>>> p1 = re.compile('(foo)bar\\1')
|>>> p2 = re.compile(r'(foo)bar\\1')
|>>> p3 = re.compile(r'(foo)bar\1')
|>>> s1 = 'foobarfoo'
|>>> s2 = 'foobar\\1'
|>>> print(p1.search(s1))
|<re.Match object; span=(0, 9), match='foobarfoo'>
|>>> print(p2.search(s1))
|None
|>>> print(p3.search(s1))
|<re.Match object; span=(0, 9), match='foobarfoo'>
|>>> print(p1.search(s2))
|None
|>>> print(p2.search(s2))
|<re.Match object; span=(0, 8), match='foobar\\1'>
|>>> print(p3.search(s2))
|None
|>>>
So use '\1' instead of '\\1' in the raw string.
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Titouan Christophe <titouan.christophe@railnova.eu>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
