Fixes:
CVE-2015-0255 - Information leak in the XkbSetGeometry request of X servers
http://www.x.org/wiki/Development/Security/Advisory-2015-02-10/
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
- Bump version to 1.7.0
- Add a hash file
libinput is now a required dependency:
configure: WARNING: unrecognized options: --disable-libinput-backend
checking for LIBINPUT_BACKEND... no
configure: error: Package requirements (libinput >= 0.8.0) were not met:
Package libinput was not found in the pkg-config search path.
Perhaps you should add the directory containing `libinput.pc'
to the PKG_CONFIG_PATH environment variable
No package 'libinput' found
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
- Bump version to 1.7.0
- Add a hash file
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
- Bump version to 0.10.0
- Update the hash file
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
libunwind support was broken for MIPS variants with 32-bit pointers so
we disabled it:
http://lists.busybox.net/pipermail/buildroot/2014-December/114404.html
But now we have a patch to fix that problem so we can enable it again.
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Assaf Inbal <shmuelzon@gmail.com>
Acked-by: Samuel Martin <s.martin49@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
NETSNMP_CAN_USE_SYSCTL is for BSD systems, setting it to yes on
Linux systems breaks compilation when the mibII mib is enabled.
Prior to commit 30bb1bdca4 ("netsnmp:
bump version") from November 2008, this variable was already set to
no, and was changed to yes by the commit, with no explanation. And the
previous code indeed had a comment saying:
# We set CAN_USE_SYSCTL to no and use /proc since the sysctl code
# in this thing is apparently intended for freebsd or some such
# thing...
[Thomas: improved commit log.]
Signed-off-by: Stefan Sørensen <stefan.sorensen@spectralink.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
For now we can only support glibc.
Signed-off-by: Ezequiel Garcia <ezequiel@vanguardiasur.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Versions older than Linux v3.19 do not support the Nios-II architecture
so disable them.
Signed-off-by: Ezequiel Garcia <ezequiel@vanguardiasur.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Versions previous to glibc v2.21 do not support the Nios-II architecture
so disable them.
Signed-off-by: Ezequiel Garcia <ezequiel@vanguardiasur.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Versions older than GCC v4.9 do not support the Nios-II architecture
so disable them.
Signed-off-by: Ezequiel Garcia <ezequiel@vanguardiasur.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Versions previous to binutils v2.25 do not support the Nios-II architecture,
so disable them.
Signed-off-by: Ezequiel Garcia <ezequiel@vanguardiasur.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
This commit adds a patch to gcc removing a unistd.h header include
in libgcc/config/nios2/linux-atomic.c
The file is built as part of GCC first stage (host-gcc-initial),
and so the header is not accesible. Given the header is not needed
it's fine to simply remove it.
Signed-off-by: Ezequiel Garcia <ezequiel@vanguardiasur.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
If a target user is asigned a UID (e.g. 1000) that happens to also exist
on the build machine, tar will happily store the username for that user.
This can be seen by some as potential information disclosure.
Instruct tar to just store the numeric uid/gid.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Also add hash file and build fix patch (upstream) for kernels >=3.19.
Drop old patches that were upstream.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
- Bump version to 219
- Update the hash file
- Remove non-existent configure options
- Adapt patch to make it apply on version 219
Packages depending on systemd (bluez5-utils, dbus, liblogging,
pulseaudio) have been built successfully with this new version.
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Includes the previous CVE-2015-1182 fix (patch dropped) and other fixes
(security and non) from the 1.3 branch (no CVEs yet), see release notes:
https://polarssl.org/tech-updates/releases/polarssl-1.2.13-released
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Fixes:
CVE-2015-0273 - Use after free vulnerability in unserialize() with
DateTimeZone.
CVE-2015-0235 - Mitigation for GHOST: glibc gethostbyname buffer
overflow.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Fixes CVE-2015-1349 - Revoking a managed trust anchor and supplying an
untrusted replacement could cause namedto crash with an assertion
failure.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
This package needs to load plugins to do its job. Those plugins are
shared objects (.so) which are loaded using 'dlopen()', so it makes no
sense to enable this package when doing static builds where 'dlopen()'
is not available.
Fixes:
http://autobuild.buildroot.net/results/cd5/cd52b739370d57b5ecbc6472b8c7f1126700e85f/
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Some Erlang packages provide a bin directory for programs that are to be
invoked from the command line. An example of such a package is the Lisp
Flavored Erlang compiler. The Erlang OTP library includes several more
examples (it doesn't use rebar, though.) This change makes sure that the
bin directory gets installed too.
Signed-off-by: Frank Hunleth <fhunleth@troodon-software.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix HOSTCC typo that would cause host-rebar builds to fail.
Signed-off-by: Frank Hunleth <fhunleth@troodon-software.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Disable the 'load' operation for static builds since it needs dlopen and
friends. Otherwise it will fail with an error message like this one:
load.o: In function `load_file':
load.c:(.text+0x2a8): undefined reference to `dlopen'
load.c:(.text+0x2c4): undefined reference to `dlerror'
load.c:(.text+0x308): undefined reference to `dlsym'
load.c:(.text+0x33c): undefined reference to `dlopen'
load.c:(.text+0x35c): undefined reference to `dlsym'
load.c:(.text+0x380): undefined reference to `dlopen'
load.c:(.text+0x39c): undefined reference to `dlopen'
load.c:(.text+0x3a0): undefined reference to `dlerror'
load.c:(.text+0x42c): undefined reference to `dlsym'
load.c:(.text+0x470): undefined reference to `dlsym'
load.c:(.text+0x48c): undefined reference to `dlerror'
load.o: In function `unload_file':
load.c:(.text+0x63c): undefined reference to `dlclose'
collect2: error: ld returned 1 exit status
Fixes:
http://autobuild.buildroot.net/results/9e3/9e39039b6db79a46990cd9bdcb179289e38d9f31/
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Don't use anymore the alternate download site beacause it does not
conatins anymore older versions, instead use the official download site
because now it contains even the older versions.
Signed-off-by: Fabio Porcedda <Fabio.Porcedda@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Fixes CVE-2014-9680 - A user with sudo access may be able to exploit
parsing bugs in the time zone parsing functions of the system's C
library functions. The user may also be able to read arbitrary files,
potentially causing changes in system behavior when reading certain
device special files or simply causing the program run via sudo to
block.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Just like we're passing --with-libpthread-prefix, we also need to pass
--with-librt-prefix in order to avoid having the gnutls build system
detect the librt in /usr/lib, and pass -L/usr/lib to the linker flags.
Fixes:
http://autobuild.buildroot.org/results/fa5/fa58602cb78ffe3ae4ee389ef5cf5a37b7657c4c/
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Fixes http://autobuild.buildroot.net/results/92c/92c3fb4ddb934115b228652bb8c972bb7459bb40/
While the -fuse-ld=gold flag is related to linking, it is an argument to the
compiler driver to tell it what linker to execute, NOT an option to tell the
linker to behave differently.
So it shouldn't get prefixed with -Wl when passed though the compiler driver.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
