Commit ec69d3820f (package/lighttpd: bump to version 1.4.52) bumped the
lighttpd version but forgot to adjust the upstream hash comment.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit b99b09caee)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 78f0c1fe4a)
[Peter: drop 4.19.x/4.20.x, linux / hash changes]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
As xenomai release tarballs ship with a configure script, there is only a
need for autoreconfiguring when patches are applied.
The last patch was removed with git commit
de993bc23a but the AUTORECONF line remained.
Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 4219c58c38)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Upstream CHANGELOG entry for 4.3.0 lists these fixes:
- CVE-2018-18408 use-after-free in post_args (#489)
- CVE-2018-18407 heap-buffer-overflow csum_replace4 (#488)
- CVE-2018-17974 heap-buffer-overflow dlt_en10mb_encode (#486)
- CVE-2018-17580 heap-buffer-overflow fast_edit_packet (#485)
- CVE-2018-17582 heap-buffer-overflow in get_next_packet (#484)
- CVE-2018-13112 heap-buffer-overflow in get_l2len (#477 dup #408)
Drop tr_cv_libpcap_version and ac_cv_have_bpf; unused in current
configure script.
Make configure script use pcap-config to list library dependencies.
Unfortunately, pcap-config is not entirely correct, so we still need to
set the LIBS variable for static linking.
Use the smaller tar.xz archive.
Add license file hash.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit f5961ff56a)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes an out-of-bounds read, the parsing of some a malformed URIs and a
function that reported 1 more byte than actually needed for IPv4 address
URIs. For additional datails, see
https://github.com/uriparser/uriparser/blob/uriparser-0.9.1/ChangeLog
Signed-off-by: Carlos Santos <casantos@datacom.com.br>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 518eb53ec5)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Happy 2019!
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 8e928a8389)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit 62d5558f76 (utils/get-developers: make it callable from elsewhere
than the toplevel directory) tried to fix this by passing in the toplevel
directory when the DEVELOPERS file is parsed.
Unfortunately this is not enough, as E.G. also the paths listed in the
patches are relative to the toplevel directory, causing it to not match the
entries in the DEVELOPERS file.
In concept this can be fixed by also passing the toplevel directory to the
Developers class, but the simplest solution is just to chdir to the toplevel
Buildroot directory before calling any of the getdeveloperlib functions.
This does require us to finish parsing command line arguments (which opens
the provided patch files) to not get into trouble with relative paths to
patches before chdir'ing / initializing getdeveloperlib.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 45aabcddc5)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This reverts commit 62d5558f76.
This actually does not work, as patches contain paths relative to the
toplevel directory as well.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 74fbc20504)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes regressions introduced by the v8.14.0 security release. From the
announcement:
The 8.14.0 security release introduced some unexpected breakages on the 8.x
release line. This is a special release to fix a regression in the HTTP
binary upgrade response body and add a missing CLI flag to adjust the max
header size of the http parser.
https://github.com/nodejs/node/blob/master/doc/changelogs/CHANGELOG_V8.md#8.15.0
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 6f68e5cf72)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Needed by nodejs v8.15.0+
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit a02ce33aa5)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The script is utils/get-developers but the manual refers to get-developer in
several places.
Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 81aeab60cd)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Explain how this can be used with git send-email, and how git can be
configured to use it automatically.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 507d56a6be)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 5bbc472463)
[Peter: drop 4.19.x, linux / hash changes]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The Config.in comment of lua-msgpack-native only indicates that it
needs Lua 5.1, while the package can actually build with LuaJIT. This
commit adjusts the comment to match the reality.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 6141506760)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Before this commit, the grub configuration file was copied to the
TARGET_DIR in a post-image hook, after the filesystem has been
generated. It was kinda working because the board/pc's grub
configuration and the default one are the same and the later was
copied during the build process of the grub2 package.
This commit ensures the custom board/pc grub configuration is copied at
the right time.
Signed-off-by: Grégoire Delattre <gregoire.delattre@gmail.com>
Reviewed-by: Matt Weber <matthew.weber@rockwellcollin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 0b28397a9b)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The following vulnerabilities have been fixed:
- wnpa-sec-2018-51 The Wireshark dissection engine could crash. Bug 14466. CVE-2018-19625.
- wnpa-sec-2018-52 The DCOM dissector could crash. Bug 15130. CVE-2018-19626.
- wnpa-sec-2018-53 The LBMPDM dissector could crash. Bug 15132. CVE-2018-19623.
- wnpa-sec-2018-54 The MMSE dissector could go into an infinite loop. Bug 15250. CVE-2018-19622.
- wnpa-sec-2018-55 The IxVeriWave file parser could crash. Bug 15279. CVE-2018-19627.
- wnpa-sec-2018-56 The PVFS dissector could crash. Bug 15280. CVE-2018-19624.
- wnpa-sec-2018-57 The ZigBee ZCL dissector could crash. Bug 15281. CVE-2018-19628.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 2ec38321d6)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Don't give a path in --with-pcap option otherwise PCAP_CONFIG won't be
used (see AC_WIRESHARK_PCAP_CHECK in acinclude.m4) to retrieve pcap
static dependencies such as -lnl-3 and as a result pcap detection will
fail
Fixes:
- http://autobuild.buildroot.org/results/084354a33825cf4e723e0a9f1e9656ad2a212a15
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit fecf82a166)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
- Remove first patch (inet_pton test removed since version 2.5.0 and
12d63c428f)
- Remove second patch (already in version, since
3761ef3785)
- Remove WIRESHARK_AUTORECONF=yes as configure.ac is not patched anymore
- gcrypt is a mandatory dependency since version 2.4.0 and
6b84ddee83
- geoip support has been replaced by maxminddb since version 2.5.0 and
a1da75c554
- Drop includedir "hack", this is not needed anymore and wireshark is
now installing files in target. With this hack, build fails on:
wireshark: installs files in /home/fabrice/buildroot/output/target//home/fabrice/buildroot/output
package/pkg-generic.mk:310: recipe for target '/home/fabrice/buildroot/output/build/wireshark-2.6.4/.stamp_target_installed' failed
- Disable all new optional features
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[Arnout: keep optional dependencies alphabetic on Config.in name;
add comment of libgcrypt -> libgpg-error dependency.]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
(cherry picked from commit 72bafd5e45)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
- lua 5.3 or luajit is not supported
- Don't specify the path to find lua as pkgconfig is used for lua
(this is not the case for the other options)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit fb59a8857e)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
- Optional dependency to libssh has been added with version 2.2.1 and
d6da95231e
- Specify the path to found libssh as this is done for other options
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 69c38e27a8)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
In order to provide info about a bundle file, e.g. running "rauc info
bundle.raucb", rauc needs to use the unsquashfs progam from the squashfs
package.
This was not documented until upstream commit 10c501c12752 ("docs:
integration: document need for 'unsquashfs' tool for 'rauc info'"), but
is already present in rauc.
Signed-off-by: Trent Piepho <tpiepho@impinj.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 4a4dba21b9)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes CVE-2018-20346: SQLite before 3.25.3, when the FTS3 extension is
enabled, encounters an integer overflow (and resultant buffer overflow) for
FTS3 queries that occur after crafted changes to FTS3 shadow tables,
allowing remote attackers to execute arbitrary code by leveraging the
ability to run arbitrary SQL statements (such as in certain WebSQL use
cases), aka Magellan.
For more details, see:
https://blade.tencent.com/magellan/index_en.htmlhttps://www.sqlite.org/releaselog/3_25_3.htmlhttps://www.mail-archive.com/sqlite-users@mailinglists.sqlite.org/msg113218.html
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit c4475c0a57)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
If threads are not available, set SQLITE_THREADSAFE to 0.
Indeed, since version 3.25.0, the following line:
THREADSAFE_FLAGS=-DSQLITE_THREADSAFE=0
has been removed from configure.ac
As a result, SQLITE_THREADSAFE will be set to a default value of 1 even
if --disable-threadsafe is set
Fixes:
- http://autobuild.buildroot.org/results/70b1582edcb787746e4483e80b27f86ac781f0fa
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit d3143409ac)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Ferdinand van Aartsen <ferdinand@ombud.nl>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 5a5102c428)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Make use of https for sqlite.org.
Signed-off-by: Ferdinand van Aartsen <ferdinand@ombud.nl>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit acd7fec2c8)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
sqlite3 refuses to be built with -ffast-math (a side effect of -Ofast) when it
falls back to implementing its own isnan() function.
sqlite3.c: In function ‘sqlite3IsNaN’:
sqlite3.c:28554:3: error: #error SQLite will not work correctly with the -ffast-math option of GCC.
To work around this, when -Ofast is used replace with -O3.
Signed-off-by: Joshua Henderson <joshua.henderson@microchip.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 83781f11dc)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Scott Fan <fancp2007@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit f83d92b60f)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Just like the target acpica package needs host-flex and host-bison,
the host variant also needs the same dependencies. This allows to fix
the build of "make host-acpica", which was detected thanks to
per-package directory support.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 8681430628)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Since gcc-8, falkor and qdf24xx have been available only as
AArch64. Indeed, according to upstream commit [1], the released HW has
never supported AArch32.
[1] https://gcc.gnu.org/git/?p=gcc.git;a=commit;h=96a411453d39e6583fa4d7008761a1977cdbe7fa
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
[Thomas: improve commit log]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit d9e8c74f0f)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The isadump and isaset tools are built for x86 targets only.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 31379277f7)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Since commit aa556e2035
("utils/genrandconfig: test with BR2_OPTIMIZE_2=y"), we are doing
builds at -O2 instead of -Os. This has unveiled an issue in the
strsep.c file:
strsep.c:65:23: error: register name not specified for 'delim'
register const char *delim;
This strsep.c compatibility code is compiled in if HAVE_STRSEP is not
defined, but dhcpdump does not use any kind of configure script to
detect the availability of strsep(). Therefore by default, it gets
compiled in, and the "register" specifier used for some variable
declarations in strsep.c cause build issues at -O2.
A previous commit in Buildroot from
c2a7f0d605 ("dhcpdump: Fix strsep()
feature test"), attempted to fix this problem by changing the test on
HAVE_STRSEP by a test on _BSD_SOURCE.
Unfortunately, _BSD_SOURCE is not meant to be tested: it's a feature
macro that is meant to be *defined* by some code to tell the C library
headers to expose (or not) some given functionality.
So instead, we basically revert commit
c2a7f0d605 by dropping the patch, and
pass -DHAVE_STRSEP in the CFLAGS when building dhcpdump.
Fixes:
http://autobuild.buildroot.net/results/7231170d3d3e3637f02382c1a0a96009b0527618/
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 136c8862cf)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Building a minimal defconfig such as:
BR2_arm=y
BR2_TOOLCHAIN_EXTERNAL=y
BR2_TOOLCHAIN_EXTERNAL_CUSTOM=y
BR2_TOOLCHAIN_EXTERNAL_DOWNLOAD=y
BR2_TOOLCHAIN_EXTERNAL_URL="http://autobuild.buildroot.org/toolchains/tarballs/br-arm-full-2018.05.tar.bz2"
BR2_TOOLCHAIN_EXTERNAL_GCC_4_9=y
BR2_TOOLCHAIN_EXTERNAL_HEADERS_4_1=y
BR2_TOOLCHAIN_EXTERNAL_LOCALE=y
BR2_TOOLCHAIN_EXTERNAL_CXX=y
BR2_INIT_NONE=y
BR2_SYSTEM_BIN_SH_NONE=y
BR2_PACKAGE_XORG7=y
BR2_PACKAGE_XAPP_RGB=y
by running "make xapp_rgb" gives the following build failure:
checking for RGB... configure: error: in `/home/test/buildroot/output/build/xapp_rgb-1.0.6':
configure: error: The pkg-config script could not be found or is too old. Make sure it
is in your PATH or set the PKG_CONFIG environment variable to the full
path to pkg-config.
Alternatively, you may set the environment variables RGB_CFLAGS
and RGB_LIBS to avoid the need to call pkg-config.
See the pkg-config man page for more details.
The configure script uses pkg-config, but host-pkgconf is missing in
the list of dependencies.
This issue was detected thanks to per-package directory support.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 401b7b94a3)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The first stage bootloader on LEGO MINDSTORMS EV3 only loads the first
256K of the flash memory (this is hard-coded in an EEPROM). So, the
second stage bootloader (U-Boot) cannot exceed this size.
Signed-off-by: David Lechner <david@lechnology.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit b2e5014af5)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit e969f82541)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The build fails with 'Unable to find' swig.swg and python.swg when
using cmake version 3.12.
This commit adds a patch from upstream libftdi.
Fixes:
http://autobuild.buildroot.net/results/cc54fec0cd6e35e99dde2f43e0eb28b9d628cd19
Signed-off-by: Mark Corbin <mark.corbin@embecosm.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit f5e8120314)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
python 2.7 is required by the cmake stuff.
bison & flex are not used in the webkitgtk tree.
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Acked-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 188da35eda)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
fixed upstream by https://trac.webkit.org/changeset/220007/webkit
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Acked-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit bd52bed3a4)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
>From the release notes:
If per_listener_settings is set to true, then the acl_file setting was
ignored for the "default listener" only. This has been fixed. This does
not affect any listeners defined with the listener option.
https://mosquitto.org/blog/2018/12/version-155-released/
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 726be29277)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes CVE-2018-1160: Netatalk before 3.1.12 is vulnerable to an out of
bounds write in dsi_opensess.c. This is due to lack of bounds checking on
attacker controlled data. A remote unauthenticated attacker can leverage
this vulnerability to achieve arbitrary code execution.
For more details, see the release notes:
http://netatalk.sourceforge.net/3.1/ReleaseNotes3.1.12.html
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 8aaf05916c)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
shairport-sync creates its pidfile at /var/run/shairport-sync/, so pass
that path to start-stop-daemon in the stop operation.
Also pass the executable path, allowing start-stop-daemon to check if
the PID matches the shairport-sync process, preventing killing some
other inocent daemon.
Fixes:
https://bugs.busybox.net/show_bug.cgi?id=11566
Reported-by: Bin Zhang <yangtze31@gmail.com>
Signed-off-by: Carlos Santos <casantos@datacom.com.br>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 6568b93929)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security issues:
AST-2018-009: Remote crash vulnerability in HTTP websocket upgrade
There is a stack overflow vulnerability in the res_http_websocket.so module of
Asterisk that allows an attacker to crash Asterisk via a specially crafted
HTTP request to upgrade the connection to a websocket. The attacker’s
request causes Asterisk to run out of stack space and crash.
For more details, see the announcement:
https://www.asterisk.org/downloads/asterisk-news/asterisk-13231-1478-1561-and-1321-cert3-now-available-security-release
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
[Peter: mark as security fix, extend commit message]
(cherry picked from commit 19b64c2286)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
