Signed-off-by: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit c670ab1e6c)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit ddfac826ae)
[Peter: drop 5.10.x/5.11.x bump]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Changes:
* Check for an image containing no samples in the PGX
decoder. (#271, #272, #273, #274, #275, #276, #281)
* Check for dimensions of zero in the JPC and JPEG decoders.
* Fix an arguably incorrect type for an integer literal
in the PGX decoder. (#270)
* Check for an invalid component reference in the
JP2 decoder. (#269)
* Check on integer size in JP2 decoder. (#278)
Signed-off-by: Michael Vetter <jubalh@iodoru.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 34743fadba)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes CVE-2021-21300:
On case-insensitive file systems with support for symbolic links, if Git is
configured globally to apply delay-capable clean/smudge filters (such as Git
LFS), Git could be fooled into running remote code during a clone.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
When a --transform expression is provided, it is by default also applied
to the target of a symlink.
When we create tarballs (from git or svn checkouts), we use a --transform
expression to replace the leading ./ with the package name and version.
This causes issues when a package contains symlinks that points to
./something, as the leading './' is also replaced.
Fix that by using the 'S' transformation scope flag, as described in the
tar manual:
https://www.gnu.org/software/tar/manual/html_node/transform.html#transform
In addition, several transformation scope flags are supported, that
control to what files transformations apply. These are:
‘r’ Apply transformation to regular archive members.
‘R’ Do not apply transformation to regular archive members.
‘s’ Apply transformation to symbolic link targets.
‘S’ Do not apply transformation to symbolic link targets.
‘h’ Apply transformation to hard link targets.
‘H’ Do not apply transformation to hard link targets.
Default is ‘rsh’ [...].
Fixes: #13616
Signed-off-by: Jean-pierre Cartal <jpcartal@free.fr>
Tested-by: Yann E. MORIN <yann.morin.1998@free.fr>
Acked-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix CVE-2021-24032: Beginning in v1.4.1 and prior to v1.4.9, due to an
incomplete fix for CVE-2021-24031, the Zstandard command-line utility
created output files with default permissions and restricted those
permissions immediately afterwards. Output files could therefore
momentarily be readable or writable to unintended parties.
https://github.com/facebook/zstd/releases/tag/v1.4.9
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 74ed1b5ca0)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Nicolas Serafini <nicolas.serafini@ik.me>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit cd9ffd9473)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This is a bugfix release and include a minor security fix.
Read the announcement on https://mosquitto.org/blog/2021/03/version-2-0-9-released/
Signed-off-by: Titouan Christophe <titouanchristophe@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit e8b1eeb2f3 (package/batman-adv: fix compile with
BR2_PACKAGE_BATMAN_ADV_BATMAN_V disabled) was tested against an RPi4
linux kernel already enabling the build-in batman-adv module inlcusive
batman-v, hence it missed the case where the in-tree module is not
enabled.
Taking a deeper look at the configure script gen-compat-autoconf.sh
reveals that the batman feature options must be explicitly set to 'y' or
'n' to work as expected.
Fixes:
ERROR: modpost: "batadv_v_mesh_free" [.../build/batman-adv-2021.0/net/batman-adv/batman-adv.ko] undefined!
ERROR: modpost: "batadv_v_mesh_init" [.../build/batman-adv-2021.0/net/batman-adv/batman-adv.ko] undefined!
ERROR: modpost: "batadv_v_hardif_init" [.../build/batman-adv-2021.0/net/batman-adv/batman-adv.ko] undefined!
ERROR: modpost: "batadv_v_init" [.../build/batman-adv-2021.0/net/batman-adv/batman-adv.ko] undefined!
Reported-by: Christian Stewart <christian@paral.in>
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
[yann.morin.1998@free.fr: add blurb about tests on previous commit]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 20b9724ee2)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
In Makefiles, variables are split, filtered, and otherwise mangled on
a space as a separator. In a shell, they will also be split on TABs.
We split and filter and iterate on variables in a lot of places, and
most importantly, spaces in PATH is very seldom tested, if at all, so
a lot of packages will not be working properly in such a situation.
For example, the config.guess contains constructs that are not resilient
to a space in PATH:
PATH=$PATH:/.attbin ; export PATH
Also, our fakedate will iterate over PATH:
for P in `echo $PATH | tr ':' ' '`; do
Those are only two cases, but the first means basically all
autotools-based packages are susceptible to subtle breakage.
Furthermore, Buildroot itself does not support that the top-level or
output directories are in a path with spaces anyway.
So, instead of chasing all cases that might be potentially broken,
let's just detect the case and bail out, like we already do when PATH
contains a \n, or when it contains the current working directory.
Reported-by: Dan Raymond <draymond@foxvalley.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit e36974d9e8)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
pcre is optional not mandatory since
98ec61436c
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 754633fe8c)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Drop Magick++-config, lettuce and ui options which are
not recognized since latest bump in commit
ca17e0c7a0 (back in 2018).
Indeed:
- Magick++-config is not used since
b025999b8a
- Experimental UI and lettuce modules have been dropped since
ccc1efdb89
Moreover, replace sconesite-image by image (broken since 2013 and
7693301fdb)
As UI and lettuce options are broken since a long time, it does not seem
useful to add entries in Config.in.legacy
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit d3b818c3cf)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This package is affected from binutils bug 21464, since there is no
workaround, let's disable it.
Fixes:
http://autobuild.buildroot.net/results/908/9084cd777aefe0fa8235514c33767d8640ad7a5b/
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 9e71b6e2cb)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The OpenRISC binutils is affected by a linker bug (binutils bug 21464)
for which no workaround exists. This causes build breakage in a number
of packages, so this commit introduces a
BR2_TOOLCHAIN_HAS_BINUTILS_BUG_21464 option to identify this bug. As
all binutils versions are affected, this option is true whenever the
configuration targets OpenRISC.
The bug was already reported and it's been recently updated:
https://sourceware.org/bugzilla/show_bug.cgi?id=21464
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 227cefef41)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Ryan Barnett <ryan.barnett@rockwellcollins.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit c994860de5)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Security fix for CVE-2021-21334:
https://github.com/containerd/containerd/security/advisories/GHSA-6g2q-w5j3-fwh4
Other changes:
- Fix container create in CRI to prevent possible environment variable leak between containers
- Update shim server to return grpc NotFound error
- Add bounds on max oom_score_adj value for shim's AdjustOOMScore
- Update task manager to use fresh context when calling shim shutdown
- Update Docker resolver to avoid possible concurrent map access panic
- Update shim's log file open flags to avoid containerd hang on syscall open
- Fix incorrect usage calculation
Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 43a766e92d)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The license is BSD-2-Clause, not MIT.
Signed-off-by: Grzegorz Blach <grzegorz@blach.pl>
[yann.morin.1998@free.fr: split off into its own commit]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 7b5d624bb6)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Details: https://lists.gnu.org/archive/html/grub-devel/2021-03/msg00007.html
As detailed in commit 7e64a050fb, it is
difficult to utilize the upstream patches directly, so a number of
patches include changes to generated files so that we don't need invoke
the gentpl.py script.
In addition to the security fixes, these required patches has been
backported:
f76a27996 efi: Make shim_lock GUID and protocol type public
04ae030d0 efi: Return grub_efi_status_t from grub_efi_get_variable()
ac5c93675 efi: Add a function to read EFI variables with attributes
d7e54b2e5 efi: Add secure boot detection
The following security issues are fixed:
CVE-2020-14372 grub2: The acpi command allows privileged user to load crafted
ACPI tables when Secure Boot is enabled
CWE-184
7.5/CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
GRUB2 enables the use of the command acpi even when Secure Boot is signaled by
the firmware. An attacker with local root privileges to can drop a small SSDT
in /boot/efi and modify grub.cfg to instruct grub to load said SSDT. The SSDT
then gets run by the kernel and it overwrites the kernel lock down configuration
enabling the attacker to load unsigned kernel modules and kexec unsigned code.
Reported-by: Máté Kukri
*******************************************************************************
CVE-2020-25632 grub2: Use-after-free in rmmod command
CWE-416
7.5/CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
The rmmod implementation for GRUB2 is flawed, allowing an attacker to unload
a module used as dependency without checking if any other dependent module is
still loaded. This leads to an use-after-free scenario possibly allowing an
attacker to execute arbitrary code and by-pass Secure Boot protections.
Reported-by: Chris Coulson (Canonical)
*******************************************************************************
CVE-2020-25647 grub2: Out-of-bound write in grub_usb_device_initialize()
CWE-787
6.9/CVSS:3.1/AV:P/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
grub_usb_device_initialize() is called to handle USB device initialization. It
reads out the descriptors it needs from the USB device and uses that data to
fill in some USB data structures. grub_usb_device_initialize() performs very
little bounds checking and simply assumes the USB device provides sane values.
This behavior can trigger memory corruption. If properly exploited, this would
lead to arbitrary code execution allowing the attacker to by-pass Secure Boot
mechanism.
Reported-by: Joseph Tartaro (IOActive) and Ilja van Sprundel (IOActive)
*******************************************************************************
CVE-2020-27749 grub2: Stack buffer overflow in grub_parser_split_cmdline
CWE-121
7.5/CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
grub_parser_split_cmdline() expands variable names present in the supplied
command line in to their corresponding variable contents and uses a 1kB stack
buffer for temporary storage without sufficient bounds checking. If the
function is called with a command line that references a variable with a
sufficiently large payload, it is possible to overflow the stack buffer,
corrupt the stack frame and control execution. An attacker may use this to
circumvent Secure Boot protections.
Reported-by: Chris Coulson (Canonical)
*******************************************************************************
CVE-2020-27779 grub2: The cutmem command allows privileged user to remove
memory regions when Secure Boot is enabled
CWE-285
7.5/CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
The GRUB2's cutmem command does not honor Secure Boot locking. This allows an
privileged attacker to remove address ranges from memory creating an
opportunity to circumvent Secure Boot protections after proper triage about
grub's memory layout.
Reported-by: Teddy Reed
*******************************************************************************
CVE-2021-3418 - grub2: GRUB 2.05 reintroduced CVE-2020-15705
CWE-281
6.4/CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
The GRUB2 upstream reintroduced the CVE-2020-15705. This refers to a distro
specific flaw which made upstream in the mentioned version.
If certificates that signed GRUB2 are installed into db, GRUB2 can be booted
directly. It will then boot any kernel without signature validation. The booted
kernel will think it was booted in Secure Boot mode and will implement lock
down, yet it could have been tampered.
This flaw only affects upstream and distributions using the shim_lock verifier.
Reported-by: Dimitri John Ledkov (Canonical)
*******************************************************************************
CVE-2021-20225 grub2: Heap out-of-bounds write in short form option parser
CWE-787
7.5/CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
The option parser in GRUB2 allows an attacker to write past the end of
a heap-allocated buffer by calling certain commands with a large number
of specific short forms of options.
Reported-by: Daniel Axtens (IBM)
*******************************************************************************
CVE-2021-20233 grub2: Heap out-of-bound write due to mis-calculation of
space required for quoting
CWE-787
7.5/CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
There's a flaw on GRUB2 menu rendering code setparam_prefix() in the menu
rendering code performs a length calculation on the assumption that expressing
a quoted single quote will require 3 characters, while it actually requires
4 characters. This allow an attacker to corrupt memory by one byte for each
quote in the input.
Reported-by: Daniel Axtens (IBM)
*******************************************************************************
Signed-off-by: Stefan Sørensen <stefan.sorensen@spectralink.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 1bad507220)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
If PER_PACKAGE_DIRECTORIES=Y and using host-make package (because
BR2_FORCE_HOST_BUILD=Y or local make is too old) .stamp_dotconfig
target needs per-package/uboot/host/bin/host-make that doesn't
exist yet.
Add host-make into UBOOT_KCONFIG_DEPENDENCIES.
Signed-off-by: Nicolas Toromanoff <nicolas.toromanoff@foss.st.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 3cf8173e5c)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
opkg-utils is a collection of bash and python scripts which require
additional commands/tools be available for the bash scripts. The full
list of dependencies that the opkg-util scripts require is:
bash
binutils
bzip2
coreutils
diffutils
findutils
grep
gzip
lz4
python3
sed
tar
xz
The Buildroot manual requires a few packages (bash, binutils, bzip2,
gzip, sed and tar) to be installed on the host system, so we need not
add those. Additionally, and even though they are not in that list,
that grep and find are also required (we already make extensive use of
both everywhere, so it is as good as them being in the list).
We have a host variant for coreutils, but only for systems that do not
already have a recent-enough one, i.e. that provides 'realpath' and
'ln --relative'. opkg-utils uses neither, so can rely on the ones on the
system.
Only add dependencies on the remaining host tools: diffutils, lz4, and
xz.
Signed-off-by: Ryan Barnett <ryan.barnett@rockwellcollins.com>
[yann.morin.1998@free.fr:
- drop excessive dependencies,
- reword the commit log accordingly
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 9521492bd0)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Ryan Barnett <ryan.barnett@rockwellcollins.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 819637e0e9)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
opkg-utils is a package that only provides bash and python scripts.
Upon further inspection of the Makefile for the package, invoking
`make` only ever builds the manpage. The previous commit dropped the
installation of the manpage. This makes the build step unnecessary so
remove it.
Add a comment to explain the situation
Signed-off-by: Ryan Barnett <ryan.barnett@rockwellcollins.com>
[yann.morin.1998@free.fr: reword commit log]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 05bf014f56)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
When `make install` is run to install the opkg-utils scripts, it also
invokes building of the man page for opkg-build. The generation of the
man page requires `pod2man` executable which is a part of perl.
Since buildroot does not support man pages in the host directory,
patch the opkg-utils Makefile to separate the installation of man
pages and utility scripts.
With the options to install man pages and utils separately, only
install the opkg-utils scripts.
Signed-off-by: Ryan Barnett <ryan.barnett@rockwellcollins.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 0424eee0ee)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Aufs has been deprecated for the purposes of Docker/containers since overlay2
became the mainline kernel module of choice.
Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 8a99b47ec2)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
- Fix a buffer overflow in mbedtls_mpi_sub_abs() when calculating
|A| - |B| where |B| is larger than |A| and has more limbs (so the
function should return MBEDTLS_ERR_MPI_NEGATIVE_VALUE). Only
applications calling mbedtls_mpi_sub_abs() directly are affected:
all calls inside the library were safe since this function is
only called with |A| >= |B|.
- Fix an errorneous estimation for an internal buffer in
mbedtls_pk_write_key_pem(). If MBEDTLS_MPI_MAX_SIZE is set to an odd
value the function might fail to write a private RSA keys of the
largest supported size.
- Fix a stack buffer overflow with mbedtls_net_poll() and
mbedtls_net_recv_timeout() when given a file descriptor that is
beyond FD_SETSIZE.
- Guard against strong local side channel attack against base64 tables
by making access aceess to them use constant flow code.
https://github.com/ARMmbed/mbedtls/releases/tag/v2.16.10
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[yann.morin.1998@free.fr: fix the hash after upstream mess-up]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 694c7d3ece)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
With the start-stop-daemon enabled (instead of the busybox applet),
stopping transmission emits spurious warnings:
$ /etc/init.d/S92transmission stop
Stopping bittorrent client transmission-daemon...
start-stop-daemon: warning: this system is not able to track process names
longer than 15 characters, please use --exec instead of --name.
Update our startup script to match what was done upstream 9 years ago:
https://trac.transmissionbt.com/ticket/4724https://trac.transmissionbt.com/wiki/Scripts/initd?action=diff&version=24&old_version=23
Partially fixes:
- https://bugs.busybox.net/show_bug.cgi?id=13576
Reported-by: ingineru_de_sistem@yahoo.com
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
[yann.morin.1998@free.fr:
- reword commit log
- add reference to upstream ticket and changeset
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 45d326a08c)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
In Buildroot, the SSP flags are passed via the wrapper, and only flags
supported by the toolchain will be used.
Add patch to remove '-fstack-protector-strong' compile flag.
Fixes:
.../aarch64-buildroot-linux-uclibc/bin/ld: runlevel.o: in function `main':
runlevel.c:(.text.startup+0x4): undefined reference to `__stack_chk_guard'
.../aarch64-buildroot-linux-uclibc/bin/ld: cannot find -lssp_nonshared
.../aarch64-buildroot-linux-uclibc/bin/ld: cannot find -lssp
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 50cbac5099)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix CVE-2021-3336: DoTls13CertificateVerify in tls13.c in wolfSSL before
4.7.0 does not cease processing for certain anomalous peer behavior
(sending an ED22519, ED448, ECC, or RSA signature without the
corresponding certificate). The client side is affected because
man-in-the-middle attackers can impersonate TLS 1.3 servers.
https://github.com/wolfSSL/wolfssl/releases/tag/v4.7.0-stable
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 238b5df775)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit b83184de67 (package/libjpeg: switch to s.b.o. as source site)
improperly added a trailing slash '/' at the end of LIBJPEG_SITE,
causing builds to fail:
package/libjpeg/libjpeg.mk:35: *** LIBJPEG_SITE (http://sources.buildroot.org/libjpeg/) cannot have a trailing slash. Stop.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 308f4428c8)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The asterisk package exhibits gcc bug 93847 when built for the Nios2
architecture with optimization enabled, which causes a build failure.
As done for other packages in Buildroot work around this gcc bug by
setting optimization to -O0 if BR2_TOOLCHAIN_HAS_GCC_BUG_93847=y.
Fixes:
http://autobuild.buildroot.net/results/24c0a6ca3b272711a1e6ceaa033925182d0d49c4
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 830fb82822)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Actually asterisk package gets built with -O3 cflag since it's defaulted
into its sources, but it's not what we want, so let's empty its OPTIMIZE
Makefile variable letting Buildroot CFLAGS to take place instead.
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit eaba3c8e13)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes#13581
The tarball for version 9d, released 2020-01-12, has been silently
replaced upstream (a unicode BOM was removed from a few files),
causing hash mismatch.
This means that all our versions since 2020.02 will fail the hash
check, and fallback to using s.b.o. so we can't update the copy we
have on s.b.o.
As a consequence, we can't update the hash in master (soon 2021.02)
otherwise it would not match what we have on s.b.o.
This means that users will see hash mismatch by default, which is not
very nice. Although we can't do anything for all previous releases,
we can still try to paper over the problem for the future ones, like
2021.02, by switching the upstream to be s.b.o.
Sigh... :-(
Reported-by: Nick Shaforostov <mshaforostov@airmusictech.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Cc: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit b83184de67)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Changes:
* Fix JP2 decoder bug that can cause a null pointer dereference for
some invalid CDEF boxes. (#268)
Signed-off-by: Michael Vetter <jubalh@iodoru.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 5742a0f33e)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This build failure is raised since bump to
7524160b29a476f7e87bc14fddf12d349f9a3c5e
Fixes:
- http://autobuild.buildroot.org/results/d96f27cd96926060046e2e1115777f5bceda3741
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
(cherry picked from commit 183d583fb5)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix CVE-2021-3405: A flaw was found in libebml before 1.4.2. A heap
overflow bug exists in the implementation of EbmlString::ReadData and
EbmlUnicodeString::ReadData in libebml.
https://github.com/Matroska-Org/libebml/blob/release-1.4.2/ChangeLog
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit ff18652b42)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security issue:
- wpa_supplicant P2P provision discovery processing vulnerability (no CVE
yet)
A vulnerability was discovered in how wpa_supplicant processes P2P
(Wi-Fi Direct) provision discovery requests. Under a corner case
condition, an invalid Provision Discovery Request frame could end up
reaching a state where the oldest peer entry needs to be removed. With
a suitably constructed invalid frame, this could result in use
(read+write) of freed memory. This can result in an attacker within
radio range of the device running P2P discovery being able to cause
unexpected behavior, including termination of the wpa_supplicant process
and potentially code execution.
For more details, see the advisory:
https://w1.fi/security/2021-1/wpa_supplicant-p2p-provision-discovery-processing-vulnerability.txt
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
[yann.morin.1998@free.fr: actually add the patch URL to the patch list]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 9ada4eb2f1)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix CVE-2020-14343: A vulnerability was discovered in the PyYAML library
in versions before 5.4, where it is susceptible to arbitrary code
execution when it processes untrusted YAML files through the full_load
method or with the FullLoader loader. Applications that use the library
to process untrusted input may be vulnerable to this flaw. This flaw
allows an attacker to execute arbitrary code on the system by abusing
the python/object/new constructor. This flaw is due to an incomplete fix
for CVE-2020-1747.
Update hash of LICENSE file (update in year:
58d0cb7ee0)
https://github.com/yaml/pyyaml/blob/5.4.1/CHANGES
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit de43a9775d)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
References:
https://github.com/redis/redis/security/advisories/GHSA-hgj8-vff2-7cjfhttps://nvd.nist.gov/vuln/detail/CVE-2021-21309
"Impact:
An integer overflow bug in 32-bit Redis version 4.0 or newer could be
exploited to corrupt the heap and potentially result with remote code
execution.
Redis 4.0 or newer uses a configurable limit for the maximum supported
bulk input size. By default, it is 512MB which is a safe value for all
platforms.
If the limit is significantly increased, receiving a large request from
a client may trigger several integer overflow scenarios, which would
result with buffer overflow and heap corruption. We believe this could
in certain conditions be exploited for remote code execution.
By default, authenticated Redis users have access to all configuration
parameters and can therefore use the “CONFIG SET proto-max-bulk-len” to
change the safe default, making the system vulnerable.
This problem only affects 32-bit Redis (on a 32-bit system, or as a
32-bit executable running on a 64-bit system).
Patches
The problem is fixed in version 6.2, and the fix is back ported to
6.0.11 and 5.0.11. Make sure you use one of these versions if you're
running 32-bit Redis.
"
Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
[Peter: update to 5.0.12 to fix build on !glibc]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
