- Use official tarball and so drop autoreconf
- libcap is an optional dependency since
923f123a28https://github.com/royhills/arp-scan/releases/tag/1.10.0
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix the following security issues:
- Fix potential heap buffer overread and overwrite in DTLS if
MBEDTLS_SSL_DTLS_CONNECTION_ID is enabled and
MBEDTLS_SSL_CID_IN_LEN_MAX > 2 * MBEDTLS_SSL_CID_OUT_LEN_MAX.
- An adversary with access to precise enough information about memory
accesses (typically, an untrusted operating system attacking a secure
enclave) could recover an RSA private key after observing the victim
performing a single private-key operation if the window size used for
the exponentiation was 3 or smaller.
Drop patch (already in version:
9d9d45c6b2)
https://github.com/Mbed-TLS/mbedtls/releases/tag/v2.28.2
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
remove merged patch
diff LICENSE.md
- Copyright (C) 1995-2017 Jean-loup Gailly and Mark Adler
+ Copyright (C) 1995-2022 Jean-loup Gailly and Mark Adler
- Copyright (c) 2008-2018, Dave Benson and the protobuf-c authors.
+ Copyright (c) 2008-2022, Dave Benson and the protobuf-c authors.
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
When creating a filesystem, mkfs.ext will chose the inode size depending
on the size of the filesystem. Small filesystem get 128-bytes inodes,
while bigger filesystems use 256-byte inodes (inode must be a power of 2
larger or equal to 128, and smaller or equal to the blocksize).
However, 128-byte inodes can't store timestamps past the dreaded
2038-01-19 03:14:07Z deadline, while inodes larger than or equal to 256
do not have the issue.
It turns out that the tipping point to decide whether a filesystem is
small or big, is about around the size of the filesystems we generate
for our runtime tests. This causes the kernel to emit warning like:
ext2 filesystem being remounted at / supports timestamps until 2038 (0x7fffffff)
We add a new option to our ext2 filesystem, so that user can specify the
size of the inode. That new option defaults to 256 to be resilient to
the Y2K38 problem.
Note: it was already possible for users to explicitly pass the -I
option, through BR2_TARGET_ROOTFS_EXT2_MKFS_OPTIONS. We could have
chosen to extend the existing value with a -I 256, but that is not
satisfactory. Indeed, we do want to ensure that the default is now
Y2K38-OK, even for existing configurations that did not have explicit
setting.
We also pass that new option before the user-specified arbitrary ones,
so that BR2_TARGET_ROOTFS_EXT2_MKFS_OPTIONS still wins (in case -I was
set there).
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
[Peter: tweak help text]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add an upstream patch to fix CVE-2020-35492:
A flaw was found in cairo's image-compositor.c in all versions prior to
1.17.4. This flaw allows an attacker who can provide a crafted input
file to cairo's image-compositor (for example, by convincing a user to
open a file in an application using cairo, or if an application uses
cairo on untrusted input) to cause a stack buffer overflow ->
out-of-bounds WRITE. The highest impact from this vulnerability is to
confidentiality, integrity, as well as system availability.
Important note: this is not the exact upstream patch. Indeed, the
upstream patch[1] contains a png file which appears as a binary diff
inside the patch. The `patch` tool which is used by Buildroot to apply
patches does not handle that kind of diff. Since it is just a test, it
shouldn't impact the quality of the CVE fix and all changes related to
the test are removed from the patch.
[1] 03a820b173
Cc: Quentin Schulz <foss+buildroot@0leil.net>
Signed-off-by: Quentin Schulz <quentin.schulz@theobroma-systems.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add an upstream patch to fix CVE-2019-6462:
An issue was discovered in cairo 1.16.0. There is an infinite loop in
the function _arc_error_normalized in the file cairo-arc.c, related to
_arc_max_angle_for_tolerance_normalized.
Cc: Quentin Schulz <foss+buildroot@0leil.net>
Signed-off-by: Quentin Schulz <quentin.schulz@theobroma-systems.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This is now based on Linux 6.1-rc3. We don't have an option for 6.1 yes, so
mark it as 6.0 headers.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The D1 support is now upstream, so we can use the upstream 1.1 release
instead of a custom version.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This is now based on U-Boot 2022.10 and has gained SPL support, so use that
instead of sun20-d1-spl. With this we can also drop the u-boot patch and
patch directory.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Release notes:
https://github.com/ebiggers/libdeflate/blob/master/NEWS.md
Switch to cmake.
Added CFLAGS to fix uClibc build:
/home/bernd/buildroot/output/build/libdeflate-1.15/programs/gzip.c:367:10:
error: 'const struct stat' has no member named 'st_atim'; did you mean 'st_atime'?
/home/bernd/buildroot/output/build/libdeflate-1.15/programs/gzip.c:367:26:
error: 'const struct stat' has no member named 'st_mtim'; did you mean 'st_mtime'?
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Changelog:
https://code.videolan.org/videolan/libbluray/-/blob/1.3.4/ChangeLog
Added a configure option to build without external libudfread introduced
in version 1.3.4:
2f10fb73b8
Using --with-external-libudfread is broken so this option was not added.
Since the default to build with optional libudfread support was kept
upstream there is no change in behaviour.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
libmbim library is licensed under LGPL-2.1+ since at least version 1.8.0
and
25cc3ed88d
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Since the bump of python-mistune to version 2.0.4 in commit
ead539c27d, the python-m2r package fails
to build: it is no longer maintained and no longer compatible with
recent versions of python-mistune.
Since the only user of python-m2r, python-automat, no longer needs it,
we can safely drop this package.
Fixes:
http://autobuild.buildroot.net/results/9041acc5be4d2b33dee9ff0ad66dcd41d4dbfba1
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Since version 22.10.0, used since Buildroot commit
12c430f880, python-automat no longer
needs host-python-m2r, so let's drop this dependency.
This is needed as host-python-m2r is about to be removed from
Buildroot, due to incompatibility with its dependencies.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Update to the latest upstream version, to which a few fixes were added
to fix build failures with Aarch64 and Linux 5.18/5.19/6.0
Fixes:
http://autobuild.buildroot.net/results/6f073fea149533a294dd838ce8373185236fe1d4/
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Mostly fixes for build and runtime failures; no new features.
Standard directory for default database and cache changed from ~/.cache to
~/.cache/mpd.
Full change log:
https://raw.githubusercontent.com/MusicPlayerDaemon/MPD/v0.23.11/NEWS
Signed-off-by: Andreas Ziegler <br015@umbiko.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
As tomli is no longer required for bootstrapping our pep517 toolchain
we no longer need to use flit-bootstrap for the host package.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This is a separate U-Boot package that allows to build the
intermediate SPL binary for the Cortex-R5 core on TI's k3
platforms. Usually, the resulting SPL will be used for k3-image-gen to
build the full R5 boot binary tiboot3.bin.
Signed-off-by: Xuanhao Shi <x-shi@ti.com>
Signed-off-by: Anand Gadiyar <gadiyar@ti.com>
Reviewed-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Acked-by: Andrew Davis <afd@ti.com>
Tested-by: Bryan Brattlof <bb@ti.com>
Cc: Romain Naour <romain.naour@gmail.com>
Cc: Francois Perrad <francois.perrad@gadz.org>
Reviewed-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
[Bernd:
- switched to actively maintained fork
- package/Config.in: moved to "Hardware handling" (Peter)
- added toolchain dependencies (Thomas)
- added license hash
- fixed build errors related to iconv and execinfo (Peter)
- removed hook HDDTEMP_REMOVE_MAN (Thomas)
- install hddtemp.db to target
- added build/install _CMDS due to
https://github.com/vitlav/hddtemp/issues/5]
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
[yann.morin.1998@free.fr:
- use GETTEXTIZE=YES, drop host-gettext from _DEPENDENCIES
- drop custom build and install commands now that we gettextize
- explicitly specify the DB path, introduce HDDTEMP_DB_PATH
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
