Commit 4cbf733691 ("arch/xtensa: custom
configuration requires an overlay") added a check in
arch/arch.mk.xtensa to bail out if a custom Xtensa core is selected
but not overlay file is provided. While this is indeed a perfectly
valid check to make when building an internal toolchain, with an
external toolchain it's entirely possible to build with no overlay
file: the toolchain already exists, and there's no overlay to be
applied in the context of the Buildroot build.
And indeed commit 4cbf733691 broke some
of the runtime test cases that use a custom Xtensa core configuration,
with no overlay, to test the toolchains.bootlin.com Xtensa external
toolchain. By relaxing the check to only apply to internal toolchain
configurations, we fix those test cases.
It is to be noted that this still allows a configuration where gdb gets
built for a custom core, but with no overlay, so basically that means
the fsf variant, which can lead to build or run failures that
4cbf733691 attempted to fix to begin with. This still covers the
most common cases.
Finally, it also means being able to build a kernel with no overlay, but
this is offset by the fact that the kernel may be already patched with
an overlay (as it is possible to specify a custom kernel), which is most
probably what people using a custom core would have.
Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/3282261966https://gitlab.com/buildroot.org/buildroot/-/jobs/3282261963
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
[yann.morin.1998@free.fr: extend commit log with last two paragraphs]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 6465c79166)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix CVE-2022-40284: A buffer overflow was discovered in NTFS-3G before
2022.10.3. Crafted metadata in an NTFS image can cause code execution. A
local attacker can exploit this if the ntfs-3g binary is setuid root. A
physically proximate attacker can exploit this if NTFS-3G software is
configured to execute upon attachment of an external storage device.
https://github.com/tuxera/ntfs-3g/security/advisories/GHSA-v4w8-jv3w-7prmhttps://github.com/tuxera/ntfs-3g/releases/tag/2022.10.3
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 6facb6fa10)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Since v14 in 2018, audit support has needed libcap-ng.
Fixes:
http://autobuild.buildroot.org/results/43abdb85cc2f386d427cec1cfa876e20e3509cb8/
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Norbert Lange <nolange79@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 2f0e82c4ef)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
matchbox-startup-monitor is an ageing package, and uses an old
configure.ac with archaic constructs. This had generated a configure
script that incorrectly tries to look for and validate a C++ compiler:
checking for powerpc64le-buildroot-linux-gnu-g++... no
checking whether we are using the GNU C++ compiler... no
checking whether no accepts -g... no
checking dependency style of no... none
checking how to run the C++ preprocessor... /lib/cpp
configure: error: C++ preprocessor "/lib/cpp" fails sanity check
Calling autoreconf fixes the issue, as the generated configure no longer
tries to look for a C++ compiler at all anymore. Running autoreconf does
not add any new dependency, as they are already in the dependency chain
via other packages.
Fixes:
http://autobuild.buildroot.org/results/223/223f43dd76ee907c5f25c4fee94a0f5d75614dd5/
See also similar changes:
9993a36f5e package/pamtester: fix build without C++
c05cc5de86 package/madplay: needs autoreconf
eae18d01ab libmad: needs autoreconf
43274dd3e0 package/libid3tag: needs autoreconf
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit b44f6c2f30)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
ATF version 2.2 and older does not disable SSP when
ENABLE_STACK_PROTECTOR is not set. This is because the compiler enables
SSP by default, and ATF does not pass -fno-stack-protector to the
compiler. Upstream commit 7af195e29a42 ("Disable stack protection
explicitly") fixed the issue for v2.3 and newer.
Add -fno-stack-protector in CFLAGS when
BR2_TARGET_ARM_TRUSTED_FIRMWARE_SSP is not set to fix older ATF
versions.
Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/3301821171
Cc: Dick Olsson <hi@senzilla.io>
Cc: Sergey Matyukevich <geomatsi@gmail.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 5e330ff030)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Since upstream commit
07f3b487f9
(which first appeared in version 7.1.0-47), ImageMagick forces the
need of a C++ compiler to build its utilities. Despite the request of
Bernd Kuhls to revert this change, upstream declined.
Since this change is causing build failures in our autobuilders, our
only choice is to follow the choice of upstream, and disable building
the utilities when C++ support is not available.
Fixes:
http://autobuild.buildroot.net/results/4283235d697408cf2e70be5e3769dbe6ebb9ddae/
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 0910ada70b)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
sudo's configure script looks up on the host to determine the path where
to install its systemd tmpfiles. That is incorrect in cross-compilation.
We can explicitly tell sudo where to install its tmpfiles, which we do
when systemd is enabled (in Buildroot, systemd-tmpfiles is always
enabled when systemd is), or we can tell it not to install tmpfiles at
all, which we do otherwise.
Signed-off-by: Nuno Gonçalves <nunog@fr24.com>
[yann.morin.1998@free.fr: reword and extend commit log]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 9c333176a3)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
sudo's configure script looks up on the host to determine the path to
the timezone data location. That fails in cross-compilation.
This is used to sanitise the TZ envirnment variable at runtime, and is
not used at buildtime (except to be stored as a string in the program).
We can tell sudo where the tz data will be, which we do when the tzdata
package is enabled, and we can tell it not to use it at all (to not pass
TZ down to sudo-ed executions) othwerwise.
Signed-off-by: Nuno Gonçalves <nunog@fr24.com>
[yann.morin.1998@free.fr: rewrite and extend commit log]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 51d3902af7)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit 223516b51e (configs/kontron_bl_imx8mm: U-Boot needs util-linux)
added the needed dependency against host-util-linux, but missed an
earlier comment about u-boot still failing [0]
The U-Boot makefile for the host tools does not handle the
compiler/linker options properly. There are some patches [1][2] that fixes
that issue already applied in the newer U-Boot version 2022.10. So we have to
bump U-Boot to fix an autobuilder failure.
Fixes: https://gitlab.com/buildroot.org/buildroot/-/jobs/3267233833
[0] https://lore.kernel.org/buildroot/CAEyMn7Y3UgT-8dYY5rbnzcPfbGmqRVXG=joWx1fSSCC=WiFzbg@mail.gmail.com/
[1] U-Boot: a638bd349ea43825 (kbuild: add KBUILD_HOSTLDFLAGS to cmd_host-csingle)
[2] U-Boot: 31a7688cbe0ed5ed (tools: mkeficapsule: use pkg-config to get -luuid and -lgnutls)
Cc: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
[yann.morin.1998@free.fr:
- update commit log with reference to [0]
- slightly tweak commit log
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 4e63809d8d)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix the following build failure raised since bump to version 0.9.4 in
commit 5cae1a0d67:
In file included from iw_if.h:26:0,
from conf.c:19:
/home/buildroot/autobuild/instance-1/output-1/host/mips-buildroot-linux-gnu/sysroot/usr/include/linux/if.h:71:2: error: redeclaration of enumerator 'IFF_UP'
IFF_UP = 1<<0, /* sysfs */
^
/home/buildroot/autobuild/instance-1/output-1/host/mips-buildroot-linux-gnu/sysroot/usr/include/net/if.h:44:5: note: previous definition of 'IFF_UP' was here
IFF_UP = 0x1, /* Interface is up. */
^
Fixes:
- http://autobuild.buildroot.org/results/cbdf3e0cf0bee8f1b076581768c24155afc320d9
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 57a1ce00a2)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes:
/usr/bin/ld: cannot find -lgnutls
/usr/bin/ld: cannot find -luuid
collect2: error: ld returned 1 exit status
when building U-Boot.
Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/3301821264
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 223516b51e)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The name of the tool in udisks2 is udisksctl.
Signed-off-by: Wolfgang Grandegger <wg@grandegger.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 593c64eaf9)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Pass TARGET_LDFLAGS (which contains -static) to fix the following static
build failures with gpio, iio and pci:
LINK lsgpio
/home/autobuild/autobuild/instance-8/output-1/host/lib/gcc/arm-buildroot-linux-musleabi/10.4.0/../../../../arm-buildroot-linux-musleabi/bin/ld: /home/autobuild/autobuild/instance-8/output-1/host/lib/gcc/arm-buildroot-linux-musleabi/10.4.0/libgcc.a(_dvmd_lnx.o): in function `__aeabi_ldiv0':
/home/autobuild/autobuild/instance-8/output-1/build/host-gcc-final-10.4.0/build/arm-buildroot-linux-musleabi/libgcc/../../../libgcc/config/arm/lib1funcs.S:1499: undefined reference to `raise'
[...]
LINK iio_event_monitor
/home/thomas/autobuild/instance-2/output-1/host/lib/gcc/microblazeel-buildroot-linux-musl/11.3.0/../../../../microblazeel-buildroot-linux-musl/bin/ld: /home/thomas/autobuild/instance-2/output-1/host/lib/gcc/microblazeel-buildroot-linux-musl/11.3.0/libgcc.a(unwind-dw2.o): in function `size_of_encoded_value':
/home/thomas/autobuild/instance-2/output-1/build/host-gcc-final-11.3.0/build/microblazeel-buildroot-linux-musl/libgcc/../../../libgcc/unwind-pe.h:88: undefined reference to `abort'
Fixes:
- http://autobuild.buildroot.org/results/f202eb843ef331939f5f12325bdbf2d0d664a7ce
- http://autobuild.buildroot.org/results/504ec8be1ebd15c5da09f8b90bb723a58d4c58c5
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit a29e7fb676)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix the following static build failure with popt and iconv raised since
bump to version 1.0.9 in commit 69015ce94a
and
122b58ad82
(which added an unified Makefile):
/home/autobuild/autobuild/instance-0/output-1/host/bin/mips64el-buildroot-linux-uclibc-g++ crc32.o support.o guid.o gptpart.o mbrpart.o basicmbr.o mbr.o gpt.o bsd.o parttypes.o attributes.o diskio.o diskio-unix.o sgdisk.o gptcl.o -static -liconv -lpopt -o sgdisk
/home/autobuild/autobuild/instance-0/output-1/host/lib/gcc/mips64el-buildroot-linux-uclibc/11.3.0/../../../../mips64el-buildroot-linux-uclibc/bin/ld: /home/autobuild/autobuild/instance-0/output-1/host/mips64el-buildroot-linux-uclibc/sysroot/usr/lib64/../lib64/libpopt.a(poptint.o): in function `strdup_locale_from_utf8':
poptint.c:(.text+0x113c): undefined reference to `libiconv_open'
As can be seen above, this build failure is raised because -liconv is
added before -lpopt so use pkgconfig and SGDISK_LDLIBS
The addition of -liconv in LDLIBS could probably be removed in a
follow-up patch for next branch
Fixes:
- http://autobuild.buildroot.org/results/c9f2c9e737c2dd1cd4c1a08a5e8a48165179282d
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit a38682dd54)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
A Floating point exception (division-by-zero) flaw was found in Mupdf
for zero width pages in muraster.c. It is fixed in Mupdf-1.20.0-rc1
upstream.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 3ddca0ccb9)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix the following build failure without NEON probably raised since bump
to version 1.9.9-b1 in commit 1f7b12a0b4
and
ec02ecf104:
In file included from /home/autobuild/autobuild/instance-4/output-1/build/zlib-ng-2.0.6/arch/arm/adler32_neon.c:11:
/home/autobuild/autobuild/instance-4/output-1/host/lib/gcc/arm-buildroot-linux-uclibcgnueabi/10.3.0/include/arm_neon.h:31:2: error: #error "NEON intrinsics not available with the soft-float ABI. Please use -mfloat-abi=softfp or -mfloat-abi=hard"
31 | #error "NEON intrinsics not available with the soft-float ABI. Please use -mfloat-abi=softfp or -mfloat-abi=hard"
| ^~~~~
Fixes:
- http://autobuild.buildroot.org/results/8260762632cde9eb5bc2154084680b5bec034aa6
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 88d2135a7a)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Building ca-certificates with a newer cryptography is breaking because
python-cryptography's x509 API changed to accept only bytes, not str.
Carry a patch that has been submitted upstream [0] but has not yet been
applied [1]. Minor changes to account for 0001-*.patch.
[0] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1008244
[1] https://salsa.debian.org/debian/ca-certificates
Signed-off-by: Justin Wood <jwood@starry.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 0fc1bf137e)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
socat's configure script does not take the zlib dependency into
account when linking with libssl, and therefore fails at detecting
libssl in BR2_STATIC_LIBS=y configurations.
Since there is no easy way to add the zlib dependency, just disable
openssl support for static builds.
This is not fixing a build failure: libssl was not detected in
BR2_STATIC_LIBS=y configurations, so what this commit does is make it
explicit.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 934ec83e9d)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
socal configure uses AC_TRY_RUN to detect printf features. This does
not work for cross compilation.
All C libraries we use support C99 snprintf. Only glibc and uClibc
support the deprecated Z modifier.
These issues were noticed by an inspection of configure.ac.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 1ca100c2d2)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix the following build failure with wolfssl raised since bump to
version 5.2.0 in commit 14e0c4de71 and
33cb823148:
/home/buildroot/autobuild/instance-0/output-1/build/libuhttpd-3.14.1/src/ssl/openssl.c: In function 'handle_wolfssl_asn_error':
/home/buildroot/autobuild/instance-0/output-1/build/libuhttpd-3.14.1/src/ssl/openssl.c:339:10: error: 'ASN_NTRU_KEY_E' undeclared (first use in this function); did you mean 'ASN_ECC_KEY_E'?
339 | case ASN_NTRU_KEY_E:
| ^~~~~~~~~~~~~~
| ASN_ECC_KEY_E
Fixes:
- http://autobuild.buildroot.org/results/3261b0035c8aadd1b62538b53e03af1cd8a7b312
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit ca6f38a340)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix the following build failure raised (at least) since linux 4.0 and
459a3df76c:
CC /home/autobuild/autobuild/instance-2/output-1/build/linux-6.0.1/tools/perf/builtin-bench.o
In file included from builtin-bench.c:22:
bench/bench.h:66:10: fatal error: pthread.h: No such file or directory
66 | #include <pthread.h>
| ^~~~~~~~~~~
Fies:
- http://autobuild.buildroot.org/results/b6abd641f528101e74f9af33e54ccefe0731148f
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 958c166837)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix the following powerpc build failures on:
- musl raised because fpu_control.h is not available:
In file included from fp.c:8:
fp-gnuppc.c:21:10: fatal error: fpu_control.h: No such file or directory
21 | #include <fpu_control.h>
| ^~~~~~~~~~~~~~~
- glibc raised because _FPU_RC_NEAREST is undefined if _SOFT_FLOAT is
set:
In file included from fp.c:8:
fp-gnuppc.c: In function 'gsl_ieee_set_mode':
fp-gnuppc.c:53:15: error: '_FPU_RC_NEAREST' undeclared (first use in this function)
53 | mode |= _FPU_RC_NEAREST ;
| ^~~~~~~~~~~~~~~
These build failures are raised since the addition of the package in
commit 9d9f7feba4
Fixes:
- http://autobuild.buildroot.org/results/d73e116c81bf16d2e55fced215d6bd3b382fef10
- http://autobuild.buildroot.org/results/48403946bb4cda9013e51db59c1b2ffdcf4e2854
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 94e47000c2)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix for possible buffer zeroization overrun introduced at the end of
v5.5.2 release cycle in GitHub pull request 5743 (#5743) and fixed in
pull request 5757 (#5757). In the case where a specific memory
allocation failed or a hardware fault happened there was the potential
for an overrun of 0’s when masking the buffer used for (D)TLS 1.2 and
lower operations. (D)TLS 1.3 only and crypto only users are not affected
by the issue. This is not related in any way to recent issues reported
in OpenSSL.
https://github.com/wolfSSL/wolfssl/releases/tag/v5.5.3-stable
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 34b681cfef)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit 0b4a993012 ("package/swupdate:
specify SWU_VER during build") forgot a backslash.
Fixes the following check-package warning:
package/swupdate/swupdate.mk:213: unexpected indent with tabs
and obviously makes the code correct.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit b21e2f216b)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
add host-python3 dependency to avoid the following build failure raised
since the addition of the package in commit
e43da7bb32:
(cd /home/autobuild/autobuild/instance-19/output-1/build/botan-2.19.2; PATH="/home/autobuild/autobuild/instance-19/output-1/host/bin:/home/autobuild/autobuild/instance-19/output-1/host/sbin:/home/autobuild/make:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" ./configure.py --cpu="m68k" --disable-cc-tests --os=linux --cc=gcc --cc-bin="/home/autobuild/autobuild/instance-19/output-1/host/bin/m68k-linux-g++" --prefix=/usr --without-documentation --extra-libs=atomic --disable-shared-library --enable-static-library --no-autoload --without-stack-protector --without-os-feature=getauxval --with-boost --with-sqlite --with-zlib --disable-altivec --disable-neon)
/usr/bin/env: 'python': No such file or directory
Fixes:
- http://autobuild.buildroot.org/results/91eb6d03ee899bc1034efc5ac7d1fe78961d37ca
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 0ad4301f60)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The swupdate build process uses SWU_VER as part of the build commandline
for compiling objects to define the value for use in globals.h (see also
Makefile.flags).
This value is also used to communicate capabilities to lua handlers
(see upstream 0f38ff186e76c55c8d00ccb53739a29bcca91445).
When swupdate gets built, SWU_VER defaults to using `git describe` to
determine the version. This, unfortunately, picks up the version of the
Buildroot checkout and not the actual version of swupdate.
Now, specify SWU_VER as part of the make options to override the
calculated value so the proper version is reported.
Signed-off-by: Vincent Fazio <vfazio@xes-inc.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 0b4a993012)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The openssl configure script disables the afalg engine when it detects
cross-compilation, but the detection missfires because it is based on
the CROSS_COMPILE environment variable, which we do not set (as we pass
fully qualified CC et al.).
So, the afalg engine is built, but it is built for the host, not the
target, so it does not make sense to build and install it. Besides, it
leaks build host info.
Signed-off-by: Nuno Gonçalves <nunog@fr24.com>
[yann.morin.1998@free.fr: extend commit log]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit adc1c5d8f1)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Sudo 1.8.0 through 1.9.12, with the crypt() password backend, contains a
plugins/sudoers/auth/passwd.c array-out-of-bounds error that can result
in a heap-based buffer over-read. This can be triggered by arbitrary
local users with access to Sudo by entering a password of seven
characters or fewer. The impact could vary depending on the compiler and
processor architecture.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 2663449036)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
We know the system will have a modern-enough C library that implements
the required snprintf() functionality. Since the configure stage can't
detect the system's capabilities (because it is cross-compiling), let's
hard-code the decision.
As a result, rsync won't be linking in its own copy of snprintf().
Signed-off-by: Markus Mayer <mmayer@broadcom.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 0b17cd017e)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The CPIO filesystem generated by the test_python_crossbar test is too
large, and doesn't fit as an initramfs in the 256MB of RAM available
in the versatilepb machine. This causes a "Initramfs unpacking failed:
write error" when booting, and many files being missing from the root
filesystem, ultimately causing the test to fail.
It would make sense to switch all test cases to use ext2 + a
hard-drive, but for now, let's fix the few test cases that are causing
problems.
Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/3249828587
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit e7930708a3)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
It seems like on Gitlab CI, the runners are quite slow, and the Flask
server does not startup in the 15 seconds we give it. So increase this
to 30 seconds before trying to contact the Flask server.
Hopefully fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/3249828594
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 3884cfc057)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security issues:
- CVE-2022-41974: Authorization bypass
- CVE-2022-41973: Symlink attack
For more details, see the writeup:
https://www.qualys.com/2022/10/24/leeloo-multipath/leeloo-multipath.txt
Update README.md hash after license-unrelated changes:
git shortlog 0.9.0..0.9.3 -- README.md
Konstantin Kharlamov (1):
README.md: mention libreadline and libedit optional deps
Xose Vazquez Perez (4):
multipath-tools: update devel repo info in README.md
multipath-tools: add ALUA info to README.md
multipath-tools: add basic info on how to use multipath-tools with NVMe devices
multipath-tools: add more info for NetApp RDAC arrays
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 0a7a564159)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix the following build failure with libunistring raised since the
addition of the package in commit
ffb85a4a16:
/home/autobuild/autobuild/instance-2/output-1/per-package/libidn2/host/bin/../lib/gcc/aarch64-buildroot-linux-gnu/11.3.0/../../../../aarch64-buildroot-linux-gnu/bin/ld: warning: libunistring.so.2, needed by ../lib/.libs/libidn2.so, not found (try using -rpath or -rpath-link)
/home/autobuild/autobuild/instance-2/output-1/per-package/libidn2/host/bin/../lib/gcc/aarch64-buildroot-linux-gnu/11.3.0/../../../../aarch64-buildroot-linux-gnu/bin/ld: ../lib/.libs/libidn2.so: undefined reference to `u8_strconv_to_encoding'
[...]
aarch64-buildroot-linux-gnu-gcc: ERROR: unsafe header/library path used in cross-compilation: '-L/usr/lib'
Fixes:
- http://autobuild.buildroot.org/results/30ac50512cd4b4cb3ecc97514a72d1f316a1b33a
- http://autobuild.buildroot.org/results/c225ff4ef007b9a3ca56e6b601687aaa33699675
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit a9e5b0255d)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix the following build failure without __NR_pidfd_open raised since
bump to version 3.3.17 in commit
cc28c7aa6d and
c8384e682c:
pgrep.c: In function 'pidfd_open':
pgrep.c:748:17: error: '__NR_pidfd_open' undeclared (first use in this function); did you mean 'pidfd_open'?
748 | return syscall(__NR_pidfd_open, pid, flags);
| ^~~~~~~~~~~~~~~
| pidfd_open
Fixes:
- http://autobuild.buildroot.org/results/f23a5156e641b2ebdd673973dec0f9c87760c688
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit c07caa732b)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The HELLO_ examples fail to run because the librevision.so
library build by the userland package is not included
in the image.
Include this library if BR2_PACKAGE_RPI_USERLAND_HELLO
is selected.
Signed-off-by: Tim Gover <tim.gover@raspberrypi.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 5044928bae)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
update ATF analog to pine64_sopine config.
Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/3234499154
Signed-off-by: Michael Nosthoff <buildroot@heine.tech>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 8e45766058)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
In a private e-mail, Emile said "Hi Thomas. Please remove me from the
DEVELOPERS file. I am no longer interested in the packages under my
name."
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 5bec3b67f4)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
UDisks2 provides a Library API [1] for accessing the UDisks2 service
via "libudisks2.so". For development of UDisks2 clients, install to
staging as well!
[1] http://storaged.org/doc/udisks2-api/2.9.4/ref-library.html
Signed-off-by: Wolfgang Grandegger <wg@grandegger.com>
Reviewed-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit f66221589f)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
openssl is optional, not mandatory, since the addition of the package in
commit 0393f5d344
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 1d79789247)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
a10disp will raise the following build failure with a mainline kernel:
cp: cannot stat '/home/autobuild/autobuild/instance-0/output-1/build/linux-5.17.15/include/video/sunxi_disp_ioctl.h': No such file or directory
Fixes:
- http://autobuild.buildroot.org/results/1f2607d6adece4d5dfe17fbdb032a2d228fc030f
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit bada3ae53f)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Hostapd/wpa_s uses 'crc32' name for IEEE802.11 CRC-32 routine. This name
is too generic. Buildroot autobuilder detected configurations that failed
to build due to the naming conflict with zlib-ng.
Add wpa_supplicant part of the upstream patch that renames 'crc32'
function to a less generic 'ieee80211_crc32' name.
Fixes: http://autobuild.buildroot.net/results/ac19975f0bf77f4a8ca574c374092ba81cd5a332/
Signed-off-by: Sergey Matyukevich <geomatsi@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 27e66d77c1)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Hostapd uses 'crc32' name for IEEE802.11 CRC-32 routine. This name is
too generic. Buildroot autobuilder detected configurations that failed
to build due to the naming conflict with zlib-ng.
Add hostapd part of the upstream patch that renames 'crc32' function
to a less generic 'ieee80211_crc32' name.
Fixes: http://autobuild.buildroot.net/results/9901df820d3afa4cde78e8ad6d62cb8ce7e69fdb/
Signed-off-by: Sergey Matyukevich <geomatsi@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 7d920f9d40)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
- Fixed a security problem in msmtpd: mail addresses starting with '-' could be
interpreted as options of the pipe command.
https://github.com/marlam/msmtp-mirror/blob/msmtp-1.8.22/NEWS
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 9a294be424)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
