Fixes a number of issues discovered post-2.1.1. For details, see:
https://github.com/tpm2-software/tpm2-tss/releases/tag/2.1.2
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
On version bump to 0.7.3 SITE has been modified to use github
instead of http tarball. Github tarball doesn't contain ./configure file
differently from 0.7.2 http tarball, so need to autoreconf and generate
it.
Add BIOSDEVNAME_AUTORECONF = YES to package recipe.
Fixes:
http://autobuild.buildroot.net/results/3fc/3fc31982af87210b66cbe412410d11c85c9cebd6/
Signed-off-by: Giulio Benetti <giulio.benetti@micronovasrl.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2.22.7 contains a number of bugfixes. From the announcement:
- Fix rendering of glyphs in Hebrew (and possibly other languages) when
Unicode NFC normalization is used.
- Fix several crashes and race conditions.
https://webkitgtk.org/2019/03/01/webkitgtk2.22.7-released.html
Change SITE to https as the webserver uses HSTS.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Contains a number of fixes for issues discovered post-2.9.8. From the
release notes:
- Fixed readdir bug when non-zero offsets are given to filler and the
filesystem client, after reading a whole directory, re-reads it from a
non-zero offset e.g. by calling seekdir followed by readdir.
https://github.com/libfuse/libfuse/releases/tag/fuse-2.9.9
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
No point in installing udev rules if nothing will use it.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
PIE breaks the build on m68k, so add an upstream patch to disable PIE.
Obviously, when we start seriously testing the BR2_RELRO_FULL option, we
will realize that it is broken on some architectures, and will probably
disable it on m68k.
Fixes:
- http://autobuild.buildroot.org/results/25985bbc160e3d62b23c4c613b2a81f3711621e3
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
it was replaced by its fork lunitx which supports all versions of Lua.
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
From NEWS:
* Changes in Wget 1.20.2
** Fixed a buffer overflow vulnerability
For more details, see the announcement:
https://lists.gnu.org/archive/html/info-gnu/2019-04/msg00000.html
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Drop upstream patch 0001, which is included in the new version.
Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fixes the following security vulnerabilities:
*) SECURITY: CVE-2019-0197 (cve.mitre.org)
mod_http2: fixes a possible crash when HTTP/2 was enabled for a http:
host or H2Upgrade was enabled for h2 on a https: host. An Upgrade
request from http/1.1 to http/2 that was not the first request on a
connection could lead to a misconfiguration and crash. Servers that
never enabled the h2 protocol or only enabled it for https: and
did not set "H2Upgrade on" are unaffected by this issue.
[Stefan Eissing]
*) SECURITY: CVE-2019-0196 (cve.mitre.org)
mod_http2: using fuzzed network input, the http/2 request
handling could be made to access freed memory in string
comparision when determining the method of a request and
thus process the request incorrectly. [Stefan Eissing]
*) SECURITY: CVE-2019-0211 (cve.mitre.org)
MPMs unix: Fix a local priviledge escalation vulnerability by not
maintaining each child's listener bucket number in the scoreboard,
preventing unprivileged code like scripts run by/on the server (e.g. via
mod_php) from modifying it persistently to abuse the priviledged main
process. [Charles Fol <folcharles gmail.com>, Yann Ylavic]
*) SECURITY: CVE-2019-0196 (cve.mitre.org)
mod_http2: using fuzzed network input, the http/2 request
handling could be made to access freed memory in string
comparision when determining the method of a request and
thus process the request incorrectly. [Stefan Eissing]
*) SECURITY: CVE-2019-0217 (cve.mitre.org)
mod_auth_digest: Fix a race condition checking user credentials which
could allow a user with valid credentials to impersonate another,
under a threaded MPM. PR 63124. [Simon Kappel <simon.kappel axis.com>]
*) SECURITY: CVE-2019-0215 (cve.mitre.org)
mod_ssl: Fix access control bypass for per-location/per-dir client
certificate verification in TLSv1.3.
*) SECURITY: CVE-2019-0220 (cve.mitre.org)
Merge consecutive slashes in URL's. Opt-out with
`MergeSlashes OFF`. [Eric Covener]
For more details, see the CHANGES file:
https://www.apache.org/dist/httpd/CHANGES_2.4.39
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Loop relaxation logic in xtensa gas may produce code in which LEND
register doesn't match actual zero overhead loop end. Fix relaxation
code so that it produces a literal or a pair of const16 instructions
with associated relocation record that works correctly in the presence
of other relaxations. This fixes crash in X11 server caused by window
movement.
Loop relaxation has limited of 32K range, this fix removes this
limitation.
Fixes:
http://autobuild.buildroot.net/results/e05522ce540f4ac23f9a3a8fec724694d9a23101/
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
ftp is blocked on some (corporate) networks.
Signed-off-by: Nityananda Padhan <ntneitin@gmail.com>
Reviewed-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
ftp is blocked on some (corporate) networks.
Signed-off-by: Nityananda Padhan <ntneitin@gmail.com>
Reviewed-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit cc41950950 added the GST_OMX_VARIANT option which gets a default
value that gets overridden by subsequent conditions. check-package
doesn't like that, so instead make the three cases explicitly mutually
exclusive.
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Cc: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Currently, host-xz and host-lzip are built as soon as the
corresponding tools are not provided by the system, independently of
whether they are really needed by the Buildroot configuration. This is
particularly annoying for host-lzip, which is only needed for very few
packages.
This commit modifies the generic package infrastructure to only add
host-lzip and host-xz as dependencies when really needed.
Signed-off-by: Norbert Lange <nolange79@gmail.com>
[Thomas:
- improve commit log
- as suggested by Yann E. Morin, make the lzip case similar to the xz
case]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
target defaults to none, which isn't a legal target:
configure: Using none as OpenMAX IL target
configure: error: invalid OpenMAX IL target, you must specify one of --with-omx-target={generic,rpi,bellagio,tizonia,zynqultrascaleplus}
Instead default to 'generic', fixing the build with E.G. nvidia-tegra23.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Don't enable openldap in static build because openldap has too many
optional dependencies (gmp, gnutls, nss, openssl, ...) and openldap
doesn't provide a pkg-config file (and does not want to do it:
http://www.openldap.org/lists/openldap-bugs/201406/msg00020.html)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This bumps to linux/linux-headers 5.0.
Signed-off-by: Shyam Saini <shyam.saini@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
In u-boot v2017.09 release, configs/imx6qdl_icore_rqs_mmc_defconfig
was renamed to configs/imx6qdl_icore_rqs_defconfig. So use correct
defconfig file name.
Signed-off-by: Shyam Saini <shyam.saini@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This bumps to linux/linux-headers 5.0.
Signed-off-by: Shyam Saini <shyam.saini@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
In u-boot v2018.03 release, configs/imx6ul_isiot_mmc_defconfig was
removed and afterwards both emmc and mmc use the same
imx6ul_isiot_emmc_defconfig file so fix the same.
Signed-off-by: Shyam Saini <shyam.saini@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This bumps to linux/linux-headers 5.0.
Signed-off-by: Shyam Saini <shyam.saini@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fixes the following security issues:
- CVE-2019-6256: A Denial of Service issue was discovered in the LIVE555
Streaming Media libraries as used in Live555 Media Server 0.93. It can
cause an RTSPServer crash in handleHTTPCmd_TunnelingPOST, when
RTSP-over-HTTP tunneling is supported, via x-sessioncookie HTTP headers in
a GET request and a POST request within the same TCP session. This occurs
because of a call to an incorrect virtual function pointer in the
readSocket function in GroupsockHelper.cpp.
- CVE-2019-7314: liblivemedia in Live555 before 2019.02.03 mishandles the
termination of an RTSP stream after RTP/RTCP-over-RTSP has been set up,
which could lead to a Use-After-Free error that causes the RTSP server to
crash (Segmentation fault) or possibly have unspecified other impact.
- CVE-2019-9215: n Live555 before 2019.02.27, malformed headers lead to
invalid memory access in the parseAuthorizationHeader function.
The normal live555 web site is temporarily unavailable, so use an
alternative _SITE / drop upstream hash.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The hash of the README changed for reasons unrelated to licensing: a
new "ENVIRONMENT" section was added to the README.
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
[Thomas: re-add license file, explain in the commit log why its hash
changed]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The license file hash changed due to a copyright year update:
-Copyright (C) 2011-2018 by Salvador Fandino (salva@cpan.org).
+Copyright (C) 2011-2019 by Salvador Fandino (salva@cpan.org).
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
[Thomas: explain why the license file hash is changed]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The license file is changed from README, which contained just the
following license details:
"""
This library is free software; you can redistribute it and/or modify it
under the same terms as Perl itself.
"""
to the more complete LICENSE file, which didn't exist back in the 6.02
version. This LICENSE file contains the usual GPL or Artistic license
text.
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
[Thomas: add details about the license file change]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
