vte also provides libvte, a library that can be linked to by other
programs, so install it in staging.
Signed-off-by: Rainer Jonsson <rainbox2k12@msgsafe.io>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The hash of the LICENSING file is modified due to changes in file
paths listed in that file. No impact on the licensing terms.
Signed-off-by: Guillaume W. Bres <guillaume.bressaix@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
rdgif.c, cderror.h: add sanity check for GIF image dimensions.
Thank to Casper Sun for cjpeg potential vulnerability report.
- Update hash of README (changes not related to license)
- Update indentation in hash file (two spaces)
https://jpegclub.org/reference/reference-sources/
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This fixes the compile errors that were present with the previous
kernel version (4.19):
https://gitlab.com/buildroot.org/buildroot/-/jobs/1970084022
Additionally, the defconfig file was refactored: Configuration
values are now grouped logically, thus increasing readability and
maintainability.
Signed-off-by: Danilo Bargen <mail@dbrgn.ch>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Pending PR is now merged[1] and it fixes Linux >= 5.13 building. So let's
bump xr819-xradio version.
[1]: https://github.com/fifteenhex/xradio/pull/15
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Tested-by: Sergey Kuzminov <kuzminov.sergey81@gmail.com>
Tested-by: Sergey Kuzminov <kuzminov.sergey81@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The FP setting is not used for aarch64 in buildroot. The FPU options are
set implicit.
Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5.15.2 is the last public release of 5.15 and does not contain this CVE
fix. However, >=6.1.2 and >5.12.12 all contain the necessary patches so
let's port them to 5.15.2.
Technically only the first two patches are required to patch the CVE.
However, the second patch introduces a regression that is fixed in the third
patch.
The patches are taken from KDE kde/5.15 git branch.
Cc: Quentin Schulz <foss+buildroot@0leil.net>
Signed-off-by: Quentin Schulz <quentin.schulz@theobroma-systems.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
After update of the U-Boot [1] we were missing dependency on Python3,
and so were seeing failures like in [2]:
------------------------->8--------------------
HOSTLD scripts/dtc/dtc
scripts/dtc/pylibfdt/libfdt_wrap.c:154:11: fatal error: Python.h: No such file or directory
154 | # include <Python.h>
| ^~~~~~~~~~
compilation terminated.
error: command '/usr/bin/gcc' failed with exit code 1
------------------------->8--------------------
So that get fixed with "BR2_TARGET_UBOOT_NEEDS_PYTHON3=y".
And then once we use Python3, we also need OpenSSL, similarly to [3]
and the likes. So do it with "BR2_TARGET_UBOOT_NEEDS_OPENSSL=y".
Hopefully now all starts to build w/o any issues.
And while at it let's add a bit more structure to the config!
[1] https://git.buildroot.net/buildroot/commit/?id=06f10a88f30b73aaea5c0e0888d7ba9d9a6420f3
[2] https://gitlab.com/buildroot.org/buildroot/-/jobs/1946650570
[3] https://git.buildroot.net/buildroot/commit/?id=cf2a7663ccc6089e98e0d6ec39fa8623749c0c24
Signed-off-by: Alexey Brodkin <abrodkin@synopsys.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
[yann.morin.1998@free.fr: also change in Config.in]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Move rpi-bt-firmware and rpi-wifi-firmware packages to the new
brcmfmac_sdio-firmware-rpi one (as they are the same upstream
package).
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
[yann.morin.1998@free.fr:
- fix check-package
- legacy symbols still depend on arm || aarch64
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
- add cypress files
- update links
Chanelog (since 3888ba2):
- Sync with RPi-Distro repo
Switch to "bullseye" branch which moved several firmware files to
the cypress dir.
Add 43438 firmware 7.45.98.118 + external clm_blob
Add 43455 firmware 7.45.241 and clm_blob
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Chanelog (since 3888ba2):
- Sync with RPi-Distro repo
Switch to "bullseye" branch which moved several firmware files to
the cypress dir.
Add 43438 firmware 7.45.98.118 + external clm_blob
Add 43455 firmware 7.45.241 and clm_blob
- README.md: update link to RPi-distro repo wifi firmware files
- Merge pull request #19 from HiassofT/2021-12
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Changelog:
f5404b2 raspicam: Check system is running legacy camera stack
14b90ff mmal: Hack to make mmal core register VideoCore components
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Changelog:
095deea759 kernel: overlays: vc4-kms-v3d: Change composite handling
2e9b609e53c kernel: Bump to 5.10.79
12bc6e36773 firmware: dtoverlay: Rebase aliases in overlays like labels
24d966d35bb kernel: Bump to 5.10.81
ca52e7c1303 kernel: edt-ft5x06 touchscreen fixes
1a0297bfbf7 kernel: Bump to 5.10.82
0a1a871d04c kernel: Fix for IN Token of USB Endpoint 1 stopping occasionally on Pi 4
303d0012cd7 kernel: Bump to 5.10.83
bd8b6d5dc8e kernel: Bump to 5.10.85
56f1b8bbc88 kernel: Bump to 5.10.87
536baf33ae9 kernel: Bump to 5.10.88
ce71e3e9b34 kernel: Bump to 5.10.89
19b570d0d6a firmware: arm-loader: Fix kernel8.img selection on 2837 with arm_64bit=1
fbbde90b709 kernel: drm/vc4: fix non-working audio on RPi3 and no video with DVI
165bd7bc562 firmware: improve firmware camera detection
318e3373496 kernel: Bump to 5.10.90
175984a6dc4 kernel: drm/vc4: Add alpha_blend_mode property to each plane
20c5829b0af kernel: Bump to 5.10.92
3f20b832b27 firmware: arm_loader: Only clip min/max to the same value for turbo clocks
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Commit 593683b45f (package/tpm2-tss: remove unused dependency)
removed the build-time dependency (in the .mk), but forgot to
remove it from the Config.in.
Signed-off-by: Tilman Keskinöz <arved@arved.at>
[yann.morin.1998@free.fr: reword commit log]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Set --with-boost to avoid the following build failure when a non working
boost version is installed on host. This failure is raised since the
addition of the package in commit
ea033cecf9:
configure:5559: error: Could not find a version of the Boost::Asio library!
Fixes:
- http://autobuild.buildroot.org/results/855b66b86d979cc922b947da932b0e2388481263
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fixes the following security issues:
Improper handling of URI Subject Alternative Names (Medium)(CVE-2021-44531)
Accepting arbitrary Subject Alternative Name (SAN) types, unless a PKI is
specifically defined to use a particular SAN type, can result in bypassing
name-constrained intermediates. Node.js was accepting URI SAN types, which
PKIs are often not defined to use. Additionally, when a protocol allows URI
SANs, Node.js did not match the URI correctly.
Certificate Verification Bypass via String Injection (Medium)(CVE-2021-44532)
Node.js converts SANs (Subject Alternative Names) to a string format. It
uses this string to check peer certificates against hostnames when
validating connections. The string format was subject to an injection
vulnerability when name constraints were used within a certificate chain,
allowing the bypass of these name constraints.
Incorrect handling of certificate subject and issuer fields (Medium)(CVE-2021-44533)
Node.js did not handle multi-value Relative Distinguished Names correctly.
Attackers could craft certificate subjects containing a single-value
Relative Distinguished Name that would be interpreted as a multi-value
Relative Distinguished Name, for example, in order to inject a Common Name
that would allow bypassing the certificate subject verification.
Prototype pollution via console.table properties (Low)(CVE-2022-21824)
Due to the formatting logic of the console.table() function it was not safe
to allow user controlled input to be passed to the properties parameter
while simultaneously passing a plain object with at least one property as
the first parameter, which could be __proto__. The prototype pollution has
very limited control, in that it only allows an empty string to be assigned
numerical keys of the object prototype.
For details, see the advisory:
https://nodejs.org/en/blog/vulnerability/jan-2022-security-releases/
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Since Qemu 6.0.0 [1], a warning appear in the log if a short-form
boolean option is used.
[1] https://git.qemu.org/?p=qemu.git;a=commitdiff;h=ccd3b3b8112b670fdccf8a392b8419b173ffccb4
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Etienne Carriere <etienne.carriere@linaro.org>
Cc: Dick Olsson <hi@senzilla.io>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Ghostscript GhostPDL 9.50 through 9.54.0 has a heap-based buffer
overflow in sampled_data_finish (called from sampled_data_continue and
interp).
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Ghostscript GhostPDL 9.50 through 9.53.3 has a use-after-free in
sampled_data_sample (called from sampled_data_continue and interp).
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fix CVE-2020-13867: Open-iSCSI targetcli-fb through 2.1.52 has weak
permissions for /etc/target (and for the backup directory and backup
files).
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
freeipmi is an optional dependency which is enabled by default
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
