Fixes the following security vulnerablities:
- CVE-2018-1000222: Libgd version 2.2.5 contains a Double Free Vulnerability
vulnerability in gdImageBmpPtr Function that can result in Remote Code
Execution . This attack appear to be exploitable via Specially Crafted
Jpeg Image can trigger double free
- CVE-2018-5711: gd_gif_in.c in the GD Graphics Library (aka libgd), as used
in PHP before 5.6.33, 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x
before 7.2.1, has an integer signedness error that leads to an infinite
loop via a crafted GIF file, as demonstrated by a call to the
imagecreatefromgif or imagecreatefromstring PHP function
- CVE-2019-11038: When using the gdImageCreateFromXbm() function in the GD
Graphics Library (aka LibGD) 2.2.5, as used in the PHP GD extension in PHP
versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6, it
is possible to supply data that will cause the function to use the value
of uninitialized variable. This may lead to disclosing contents of the
stack that has been left there by previous code
- CVE-2019-6978: The GD Graphics Library (aka LibGD) 2.2.5 has a double free
in the gdImage*Ptr() functions in gd_gif_out.c, gd_jpeg.c, and gd_wbmp.c
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 505a70edbe)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
NSS_ENABLE_ECC is not supported anymore, then remove it from our
libnss.mk file.
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
(cherry picked from commit 8223904643)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security issues:
CVE-2019-11756: Remove refcounting from sftk_FreeSession
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 551d81c079)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This release fixes CVE-2019-9740, CVE-2019-9948, CVE-2019-15903.
Adjust 0002-Fix-get_python_inc-for-cross-compilation.patch for 2.7.17.
Remove the following patches (now on upstream):
* 0035-bpo-35907-CVE-2019-9948-urllib-rejects-local_file-sc.patch
* 0036-bpo-36216-Add-check-for-characters-in-netloc-that-no.patch
* 0037-3.7-bpo-36216-Only-print-test-messages-when-verbose-.patch
* 0038-bpo-36742-Fixes-handling-of-pre-normalization-charac.patch
* 0039-bpo-36742-Corrects-fix-to-handle-decomposition-in-us.patch
* 0040-2.7-bpo-36742-Fix-urlparse.urlsplit-error-message-fo.patch
* 0041-bpo-30458-Disallow-control-chars-in-http-URLs-GH-127.patch
Full release details at:
https://github.com/python/cpython/blob/v2.7.17/Misc/NEWS.d/2.7.17rc1.rst
run-tests results:
10:30:20 TestPython2 Starting
10:30:21 TestPython2 Building
10:37:37 TestPython2 Building done
10:37:47 TestPython2 Cleaning up
.
----------------------------------------------------------------------
Ran 1 test in 448.616s
OK
Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 7df07cb611)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
On uClibc up to at least v1.0.32, syscall() for x86_64 is defined in
libc/sysdeps/linux/x86_64/syscall.S as
syscall:
movq %rdi, %rax /* Syscall number -> rax. */
movq %rsi, %rdi /* shift arg1 - arg5. */
movq %rdx, %rsi
movq %rcx, %rdx
movq %r8, %r10
movq %r9, %r8
movq 8(%rsp),%r9 /* arg6 is on the stack. */
syscall /* Do the system call. */
cmpq $-4095, %rax /* Check %rax for error. */
jae __syscall_error /* Branch forward if it failed. */
ret /* Return to caller. */
And __syscall_error is defined in
libc/sysdeps/linux/x86_64/__syscall_error.c as
int __syscall_error(void) attribute_hidden;
int __syscall_error(void)
{
register int err_no __asm__ ("%rcx");
__asm__ ("mov %rax, %rcx\n\t"
"neg %rcx");
__set_errno(err_no);
return -1;
}
Notice that __syscall_error returns -1 as a 32-bit int in %rax, a 64-bit
register i.e. 0x00000000ffffffff (decimal 4294967295). When this value
is compared to -1 in _sys_chk_seccomp_flag_kernel() the result is false,
leading the function to always return 0.
Prevent the error by coercing the return value of syscall() to int in a
temporary variable before comparing it to -1. We could use just an (int)
cast but the variable makes the code more readable and the machine code
generated by the compiler is the same in both cases.
All other syscall() invocations were inspected and they either already
coerce the result to int or do not compare it to -1.
The same problem probably occurs on other 64-bit systems but so far only
x86_64 was tested.
A bug report is being submitted to uClibc.
Upstream status: https://github.com/seccomp/libseccomp/pull/175
Signed-off-by: Carlos Santos <unixmania@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
(cherry picked from commit 440c7a9d9e)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes a BPF generation bug where the optimizer mistakenly identified
duplicate BPF code blocks.
Signed-off-by: Carlos Santos <unixmania@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit d5787d1ab1)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Version 0.53 has a fix for INVALIDATE and SHUTDOWN requests being
ignored.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Doug Kehn <rdkehn@yahoo.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 2de1289282)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
These patches are already in qemu upstream under:
- 184943d827ce09375284e6fbb9fd5eeb9e369529
- 71ba74f67eaca21b0cc9d96f534ad3b9a7161400
They rename gettid() to sys_gettid() to avoid clash with glibc
Signed-off-by: Paulo Matos <pmatos@igalia.com>
Tested-by: Carlos Santos <unixmania@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 9dcca3ae40)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Required since the bump from 3.1.1.
Signed-off-by: Carlos Santos <unixmania@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 1ef6d39565)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
On uClibc-ng sysconf(_SC_LEVEL1_{I,D}CACHE_LINESIZE) returns -1, which
is a valid result, meaning that the limit is indeterminate. Add a patch
that handles this situation using fallback values instead of crashing
due to an assertion failure.
Upstream status:
https://lists.nongnu.org/archive/html/qemu-devel/2019-10/msg04115.html
Signed-off-by: Carlos Santos <unixmania@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 5e968678fd)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes a couple of important things and among other things the build of
pvrdma code:
----------------------->8---------------------
In function 'create_qp':
hw/rdma/vmw/pvrdma_cmd.c:517:16: error: 'rc' undeclared
----------------------->8---------------------
Bumped into this build problem while building vanilla
qemu_arm_versatile_defconfig.
Signed-off-by: Alexey Brodkin <abrodkin@synopsys.com>
Cc: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Cc: Peter Korsgaard <peter@korsgaard.com>
Cc: Alexander Dahl <post@lespocky.de>
Cc: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 4bed6dbec9)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit e440f7d86c)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 62dbc17ef4)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes CVE-2019-14287: a sudo user may be able to run a command as root
when the Runas specification explicitly disallows root access as long as
the ALL keyword is listed first.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 4a96d62749)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Update hash of license file:
- update in year
- add arc4random.c, arc4random_uniform.c and getentropy.c license (ISC)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 276072dbd4)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security vulnerability:
CVE-2019-13503: mq_parse_http in mongoose.c in Mongoose 6.15
has a heap-based buffer over-read.
See https://github.com/cesanta/mongoose/releases/tag/6.16
Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
(cherry picked from commit aeee0b9bd7)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Back in commit 025b863e6f, the option
BR2_PACKAGE_HOST_RUSTC_TARGET_ARCH_SUPPORTS was introduced, to
separate the option that host packages needing Rust should depend on
(BR2_PACKAGE_HOST_RUSTC_ARCH_SUPPORTS) from the option that target
packages needing Rust should depend on
(BR2_PACKAGE_HOST_RUSTC_TARGET_ARCH_SUPPORTS).
Since the example in the manual is showing a target package, we must
use BR2_PACKAGE_HOST_RUSTC_TARGET_ARCH_SUPPORTS.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Sam Voss <sam.voss@gmail.com>
Cc: Eric Le Bihan <eric.le.bihan.dev@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit edee45b843)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This commit modifies the main() function so that it returns the sum of
build and legal errors, making sure the overall test-pkg script exists
with a non-zero error code upon failure.
Signed-off-by: Heiko Thiery <heiko.thiery@kontron.com>
[Thomas: improved commit log]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 5093435f66)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Build sometimes fails on:
Fatal error: can't create build/load_aiff.o: No such file or directory
Fixes:
- http://autobuild.buildroot.org/results/c800ef60d8af0cd76f2f1de9aff573120ebd8ada
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit fcc22749e8)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The license file for this application is BSD-2-Clause and not
BSD-3-Clause as we currently state in the _LICENSE variable.
Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 1eb8252cce)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Ash is no longer working at Savoir-faire Linux. Update his email
address in the DEVELOPERS file.
Signed-off-by: Vivien Didelot <vivien.didelot@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit e32e92233f)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
WITH_LUAVER must be set with a value depending of Lua interpreter,
by this way, the module is installed in the correct location
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Tested-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit f2d1ec39e4)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Morgan's e-mail is bouncing:
"""
This message was created automatically by mail delivery software.
A message that you sent could not be delivered to one or more of its
recipients. This is a permanent error. The following address(es) failed:
m.delestre@sinters.fr
retry timeout exceeded
"""
And I was confirmed by CORJON Julien <CORJON.J@ecagroup.com> that
Morgan is no longer at ECA/Sinters.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 6015b46865)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
In a private e-mail answering one of our notifications about packages
being outdated, Jonathan replied:
"""
I switched from Buildroot to OpenEmbedded in 2013 so am no longer actively
involved with Buildroot.
Please unsubscribe me from outdated package notifications.
"""
So let's remove him from the DEVELOPERS file.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 175c3f8b2d)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Newer versions of lua-http require entropy.
Switch to use armv5 builtin kernel that already provides entropy for all
lua tests.
Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/269139374https://gitlab.com/buildroot.org/buildroot/-/jobs/269139376
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Cc: Francois Perrad <francois.perrad@gadz.org>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit eb6b0fd87a)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Newer versions of perl-io-socket-ssl require entropy.
Switch to use armv5 builtin kernel that already provides entropy for all
perl tests.
Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/269139402
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Cc: Francois Perrad <francois.perrad@gadz.org>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit a565917046)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
More and more packages being tested by the test infra, e.g. syslog-ng,
need entropy at startup, usually reading from /dev/random.
Some test cases can also depend on a kernel version newer than the
builtin ones already provided by the test infra:
- 3.11.0 for armv5;
- 4.0.0 for armv7.
Add a new builtin kernel to be used by such test cases.
Add it for armv5 so most test cases that switch to use this kernel can
keep using BASIC_TOOLCHAIN_CONFIG.
Use the same kernel version and kernel config as qemu_arm_versatile plus
HW_RANDOM_VIRTIO for VirtIORNG to be usable.
Copy the actual binary file from the syslog-ng runtime test at current
master @ 29e1cb8884.
Since there is already a 'kernel-versatile' file on autobuild.buildroot.net
and we must keep it with this name for reproducibility purposes, create a
simple naming convention for newer builtin kernel images and dtb files:
kernel-<defconfig>-<kernel_series_version>
<dtb_name>-<kernel_series_version>.dtb
Pass '-device virtio-rng-pci' to qemu when this kernel is used.
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Cc: Peter Korsgaard <peter@korsgaard.com>
Cc: Romain Naour <romain.naour@gmail.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
[Peter: use this new kernel instead of the old builtin/armv5 kernel]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 7acb32dabb)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following (low severity) security vulnerabilities:
4.0.9:
- CVE-2019-2386: After user deletion in MongoDB Server the improper
invalidation of authorization sessions allows an authenticated user's
session to persist and become conflated with new accounts, if those
accounts reuse the names of deleted ones
https://jira.mongodb.org/browse/SERVER-38984
4.0.11:
- CVE-2019-2389: Incorrect scoping of kill operations in MongoDB Server's
packaged SysV init scripts allow users with write access to the PID file
to insert arbitrary PIDs to be killed when the root user stops the MongoDB
process via SysV init
https://jira.mongodb.org/browse/SERVER-40563
- CVE-2019-2390: An unprivileged user or program on Microsoft Windows which
can create OpenSSL configuration files in a fixed location may cause
utility programs shipped with MongoDB server versions less than 4.0.11
https://jira.mongodb.org/browse/SERVER-42233
Plus a number of other bugfixes. For details, see the release notes:
https://docs.mongodb.com/manual/release-notes/4.0/
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 165e9c163c)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Drop upstream patches.
Remove autoreconf; we no longer patch configure.ac.
Cc: Alexander Dahl <post@lespocky.de>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 2047dd9d22)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 04e9fdb1c6)
[Peter: drop 5.x bump]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: André Hentschel <nerv@dawncrow.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit fbc54866a3)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
