sdlcam test includes jpeglib.h so add a patch to disable it if jpeg is
disabled
Fixes:
- http://autobuild.buildroot.net/results/1eded8b44cc369550566c6ce0b3c042f1aec8d44
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit d92d3ddeb1)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The configure.ac script simply uses PKG_CHECK_MODULES(), so there is
not --enable/--disable option.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit b1ef2944a3)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
When the host has a DB library installed, namely LMDB, host-heimdal
will detect it and try to use, resulting in a build failure due to
missing symbols.
Really disable all the DB backends, we don't need them.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 07d4d97171)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
A blank space is missing.
Signed-off-by: Gaël PORTAY <gael.portay@savoirfairelinux.com>
Reviewed-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 7544295d30)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The compiler g++ reports an error when the header arm_acle.h is
included from version 7.
This patch backports the bugfix upstreamed [1] for gcc-7 and gcc-8.
Fixes:
In file included from ../../include/QtCore/5.10.1/QtCore/private/../../../../../src/corelib/tools/qsimd_p.h:333,
from ../../include/QtCore/5.10.1/QtCore/private/qsimd_p.h:1,
from global/qlogging.cpp:58:
/home/gportay/src/buildroot/output/host/lib/gcc/arm-buildroot-linux-gnueabihf/8.1.0/include/arm_acle.h: In function ‘void __arm_ldc(unsigned int, unsigned int, const void*)’:
/home/gportay/src/buildroot/output/host/lib/gcc/arm-buildroot-linux-gnueabihf/8.1.0/include/arm_acle.h:48:46: error: invalid conversion from ‘const void*’ to ‘const int*’ [-fpermissive]
return __builtin_arm_ldc (__coproc, __CRd, __p);
^~~
<built-in>: note: initializing argument 3 of ‘void __builtin_arm_ldc(unsigned int, unsigned int, const int*)’
...
Makefile:196: recipe for target 'sub-corelib-make_first' failed
make[3]: *** [sub-corelib-make_first] Error 2
Makefile:48: recipe for target 'sub-src-make_first' failed
make[2]: *** [sub-src-make_first] Error 2
package/pkg-generic.mk:229: recipe for target '/home/gportay/src/buildroot/output/build/qt5base-5.10.1/.stamp_built' failed
make[1]: *** [/home/gportay/src/buildroot/output/build/qt5base-5.10.1/.stamp_built] Error 2
Makefile:16: recipe for target '_all' failed
make: *** [_all] Error 2
[1]: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=81497
[Peter: drop gcc-8.x patch]
Signed-off-by: Gaël PORTAY <gael.portay@savoirfairelinux.com>
Reviewed-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 78af2a6362)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes following linking error with uClibc-ng:
/home/peko/autobuild/instance-0/output/host/lib/gcc/powerpc-buildroot-linux-uclibc/7.3.0/libgcc.a(unwind-dw2-fde-dip.o):
In function `_Unwind_Find_FDE':
/home/peko/autobuild/instance-0/output/build/host-gcc-final-7.3.0/build/powerpc-buildroot-linux-uclibc/libgcc/../../../libgcc/unwind-dw2-fde-dip.c:469:
undefined reference to `dl_iterate_phdr'
collect2: error: ld returned 1 exit status
Since uClibc-ng 1.0.18 a circular dependency between libc and libgcc
exist, when static linking is used. It can be resolved by the compiler
when -static is correctly passed in the linking step.
So use TARGET_CONFIGURE_OPTS to pass CC as well as LDFLAGS to make
Fixes:
- http://autobuild.buildroot.net/results/d9f0311538c8db1196839e36af3f6ef4e403be2b
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit b28d859c06)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Hidapi source uses iconv_open UTF-16 conversion [1] which requires
gconv libararies when buiding with glibc in order to successfully
find serial number, manufacturer and product strings [2].
Use select in the config file to autmatically select gconv libararies
for inclusion on the target when building with glibc
Tested with ./utils/test-pkg -c hidapi.cfg -p hidapi and hidapi.cfg file
contents:
BR2_PACKAGE_HIDAPI=y
BR2_PACKAGE_EUDEV=y
BR2_ROOTFS_DEVICE_CREATION_DYNAMIC_EUDEV=y
BR2_USE_MMU=y
BR2_USE_WCHAR=y
Also tested on x86-64 build target with application using hidapi
[1]: a6a622ffb6/libusb/hid.c (L446)
[2]: https://www.silabs.com/community/interface/forum.topic.html/cp2114_linux_sta-RtWg
Signed-off-by: Dan Walkes <danwalkes@trellis-logic.com>
Tested-by: Dan Walkes <danwalkes@trellis-logic.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit a7404a79c6)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This commit adds a patch to the host package patchelf to fix an issue
with endianness when the --make-rpath-relative option is
specified. Currently, patchelf does not take into account the
architecture of the target ELF when it performs the fixup on the
RPATH. Thus, if it differs from the host in endianness, the RUNPATH
field will be invalid. The patch fixes the bug reported here:
https://bugs.busybox.net/show_bug.cgi?id=11101
Signed-off-by: Bryce Ferguson <bryce.ferguson@rockwellcollins.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 17c9810fe7)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The special gdb version used for ARC is based on GDB 8.0, so it needs
C++11 support.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit cec133e873)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This commit finally bumps ARC tools to the most recent arc-2018.03
release version.
ARC GNU tools of version arc-2018.03 bring some quite significant
changes like:
* Binutils v2.29.51 with additional ARC patches
* GCC 7.3.1 with additional ARC patches
* GDB 8.0.50 with ARC patches
More information on this release could be found here:
https://github.com/foss-for-synopsys-dwc-arc-processors/toolchain/releases/tag/arc-2018.03-release
Signed-off-by: Evgeniy Didin <didin@synopsys.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: arc-buildroot@synopsys.com
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 68503bac9c)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
As we are about to switch to 8.0 as the default gdb version, we
need to adjust how the gdb dependencies are handled. Indeed, from 8.0
onwards, gdb needs a C++11 capable compiler, i.e at least gcc 4.8.
Until now, Config.in.host was making sure that gdb 8.0 was not
selectable if the cross-compilation toolchain did not have C++ support
with gcc >= 4.8. This worked fine because the default version of gdb,
used as the target gdb version when no host gdb is built, was 7.11,
and did not require C++11.
With the switch to 8.0 as the default version, when target gdb is
enabled but not host gdb, 8.0 is used, which means we need a C++11
capable compiler. The dependencies in Config.in.host are no longer
sufficient.
So instead, we remove the target-related dependencies from
Config.in.host and move them properly to Config.in. The overall logic
is the following:
- In Config.in.host, BR2_PACKAGE_HOST_GDB_ARCH_SUPPORTS ensures that
we have at least host gcc 4.8 if we're on ARC, because the ARC gdb
needs C++11. We remove the target toolchain related dependencies
from here.
- In Config.in.host, the version selection ensures that 8.0 cannot be
selected if the host toolchain does not have at least gcc 4.8. We
remove the target toolchain related dependencies from here.
- In Config.in.host, we introduce a BR2_PACKAGE_GDB_NEEDS_CXX11
option, that indicates whether the currently selected version of
gdb requires C++11 support in the toolchain to build the target
variant. Even though this option is more related to the target
variant of gdb, we keep it in Config.in.host so that it appears
next to the definition of BR2_GDB_VERSION, to make sure they are
kept in sync.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 1e3738db42)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
So the host ncurses includes and library are used instead of a mix of both,
causing corrupted characters. Similar to the linux fix in commit
6d3d09e232 (linux: don't override HOSTCC for kconfig), except that we
pass the linker flags in HOSTLDFLAGS.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Acked-by: Jagan Teki <jagan@amarulasolutions.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 9255fd9fc7)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
- Since version 5.5, daemon is licensed under MIT:
889e5e6bd5
- Plugins are licensed under MIT, GPL-2.0 or LGPL-2.1
- Add libltdl/COPYING.LIB to license files to have a copy of LGPL-2.1 as
it is not in COPYING
- Add hash for both license files
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit d5fa317f2d)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
As for strace [1], when <sys/reg.h> is included after <linux/ptrace.h>,
the build fails on m68k with the following diagnostics:
In file included from ./../nat/linux-ptrace.h:28:0,
from linux-low.h:27,
from linux-m68k-low.c:20:
[...]/usr/include/sys/reg.h:26:3: error: expected identifier before numeric constant
PT_D1 = 0,
^
[...]usr/include/sys/reg.h:26:3: error: expected « } » before numeric constant
[...]usr/include/sys/reg.h:26:3: error: expected unqualified-id before numeric constant
In file included from linux-m68k-low.c:27:0:
[...]usr/include/sys/reg.h:99:1: error: expected declaration before « } » token
};
^
Fix this by moving <sys/reg.h> on top of "linux-low.h".
Fixes:
https://gitlab.com/free-electrons/toolchains-builder/-/jobs/72006385
[1] 6ebf6c4f9e
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Waldemar Brodkorb <wbx@openadk.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 8646a7fae9)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
edid-decode moved to linuxtv.org. Update homepage link and download
site.
https://www.spinics.net/lists/linux-media/msg136517.html
Cc: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 7817f9f036)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Contains a fix for a crash when forwarding packets from devices that use
flow offloading and a x86 FPU issue on -rt kernels.
Also add a post-release upstream patch fixing a compilation issue related to
memcpy().
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 630fd8785b)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Contains a number of fixes, including fixes for building with GCC 8.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit f6b9d59f61)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
gcc-8.1 for xtensa miscompiles uClibc dynamic linker due to gcc PR
target/65416. The build completes successfully, but the binary is
non-functional because the following fragment in the _dl_get_ready_to_run
in ld-uClibc.so overwrites register spill area on stack causing register
corruption in the previous call frame and a subsequent crash:
419f: f0c1b2 addi a11, a1, -16
41a2: 1ba9 s32i.n a10, a11, 4
41a4: 0bc9 s32i.n a12, a11, 0
41a6: 5127f2 l32i a15, a7, 0x144
41a9: 1765b2 s32i a11, a5, 92
41ac: 4e2782 l32i a8, a7, 0x138
41af: 146af2 s32i a15, a10, 80
41b2: 001b10 movsp a1, a11
The crash terminates the init process and causes kernel panic.
The fix prevents reordering of movsp opcode and any access to the stack
frame memory and is applicable to all existing gcc versions.
[Peter: drop gcc-8.x patch]
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 91e0fc0bf4)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
On some architectures, atomic binutils are provided by the libatomic
library from gcc. Linking with libatomic is therefore necessary,
otherwise the build fails with:
sparc-buildroot-linux-uclibc/sysroot/lib/libatomic.so.1: error adding symbols: DSO missing from command line
This is often for example the case on sparcv8 32 bit.
Fixes:
http://autobuild.buildroot.net/results/fd6bee70ff20bee9607a9f6f557a3a793d00cd9f
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[Thomas: use LIBS instead of LDFLAGS.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 265e25834f)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Both plugins `geometryloaders' and `renderplugins' are available since
Qt 5.9.
Fixes:
>>> qt53d 5.6.3 Installing to target
cp -dpf /home/gportay/src/buildroot/output/host/arm-buildroot-linux-gnueabihf/sysroot/usr/lib/libQt53D*.so.*
/home/gportay/src/buildroot/output/target/usr/lib
cp -dpfr /home/gportay/src/buildroot/output/host/arm-buildroot-linux-gnueabihf/sysroot/usr/lib/qt/plugins/geometryloaders
/home/gportay/src/buildroot/output/target/usr/lib/qt/plugins
cp: cannot stat '/home/gportay/src/buildroot/output/host/arm-buildroot-linux-gnueabihf/sysroot/usr/lib/qt/plugins/geometryloaders': No such file or directory
package/pkg-generic.mk:310: recipe for target '/home/gportay/src/buildroot/output/build/qt53d-5.6.3/.stamp_target_installed' failed
make[2]: *** [/home/gportay/src/buildroot/output/build/qt53d-5.6.3/.stamp_target_installed] Error 1
Signed-off-by: Gaël PORTAY <gael.portay@savoirfairelinux.com>
Signed-off-by: Gaël PORTAY <<a href="mailto:gael.portay@savoirfairelinux.com" target="_blank" rel="noreferrer">gael.portay@savoirfairelinux.com</a>><br>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit e922bbc7ae)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Adds WTF platform support for the 32-bits armv8-a architectures.
Fixes:
In file included from ../3rdparty/javascriptcore/JavaScriptCore/config.h:26,
from ../3rdparty/javascriptcore/JavaScriptCore/pcre/pcre_compile.cpp:44:
../3rdparty/javascriptcore/JavaScriptCore/wtf/Platform.h:370:6: error: #error "Not supported ARM architecture"
# error "Not supported ARM architecture"
^~~~~
The patch is based on two upstream fixes in WebKit[1][2].
See also commit cea7aa873a.
[1]: 313d9fc4bd
[2]: 98f0de0709
Signed-off-by: Gaël PORTAY <gael.portay@savoirfairelinux.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 15706f86ba)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security issues:
- (CVE-2018-7167): Fixes Denial of Service vulnerability where calling
Buffer.fill() could hang
- (CVE-2018-7161): Fixes Denial of Service vulnerability by updating the
http2 implementation to not crash under certain circumstances during
cleanup
- (CVE-2018-1000168): Fixes Denial of Service vulnerability by upgrading
nghttp2 to 1.32.0
See https://nodejs.org/en/blog/release/v8.11.3/ for more details
Signed-off-by: Martin Bark <martin@barkynet.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 64baf3def7)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
>From the release notes:
================================================================================
Redis 3.2.12 Released Wed Jun 13 12:43:01 CEST 2018
================================================================================
Upgrade urgency CRITICAL:
* Multilple security issues fixed.
* Backport of an older AOF fsync=always fix. Check 4.x release notes.
* Backport of a *SCAN bug. Sometimes elements could be missing from the scan.
* Other minor things.
https://raw.githubusercontent.com/antirez/redis/3.2/00-RELEASENOTES
For more details about the lua related security issues, see the blog:
http://antirez.com/news/119
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 3bf2745a0f)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
scancpan is now in utils not in supports/scripts
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit f4b4f77e84)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes CVE-2018-10360: The do_core_note function in readelf.c in
libmagic.a in file 5.33 allows remote attackers to cause a denial of
service (out-of-bounds read and application crash) via a crafted ELF
file.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 89be4c7b0e)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Added license hashes, added optional dependency to libseccomp provided
by upstream in this version bump.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit eacca09a8a)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes CVE-2018-12015 - In Perl through 5.26.2, the Archive::Tar module
allows remote attackers to bypass a directory-traversal protection
mechanism, and overwrite arbitrary files, via an archive file containing a
symlink and a regular file with the same name.
Patch from
ae65651eab
with path rewritten to match perl tarball.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 66760f2734)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
triggerhappy uses pkg-config to detect the systemd library. Make sure it
uses the target pkg-config, not the host one.
Fixes build failure when the host has systemd pkg-config files:
.../host/bin/arm-linux-gcc -static th-cmd.o cmdsocket.o -lsystemd -o th-cmd
.../host/opt/ext-toolchain/bin/../lib/gcc/arm-buildroot-linux-uclibcgnueabi/6.4.0/../../../../arm-buildroot-linux-uclibcgnueabi/bin/ld: cannot find -lsystemd
Cc: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit b4a7145b0b)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes CVE-2018-12020: Unsanitized file names might cause injection of
terminal control characters into the status output of gnupg.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 0647268416)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes CVE-2018-12020: Unsanitized file names might cause injection of
terminal control characters into the status output of gnupg.
Cc: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit b78a365b56)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes CVE-2018-7225 - An issue was discovered in LibVNCServer through
0.9.11. rfbProcessClientNormalMessage() in rfbserver.c does not sanitize
msg.cct.length, leading to access to uninitialized and potentially sensitive
data or possibly unspecified other impact (e.g., an integer overflow) via
specially crafted VNC packets.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit a4f7700f0b)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Version 1.25.4 fixes CVE-2017-9545, for details see release notes:
http://www.mpg123.org/cgi-bin/news.cgi
Added upstream hashes.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit cb67c1d55b)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Release notes: https://mariadb.com/kb/en/mariadb-10133-release-notes/
Changelog: https://mariadb.com/kb/en/mariadb-10133-changelog/
Fixes the following security vulnerabilities:
CVE-2018-2782 - Vulnerability in the MySQL Server component of Oracle MySQL
(subcomponent: InnoDB). Supported versions that are affected are 5.6.39 and
prior and 5.7.21 and prior. Easily exploitable vulnerability allows low
privileged attacker with network access via multiple protocols to compromise
MySQL Server. Successful attacks of this vulnerability can result in
unauthorized ability to cause a hang or frequently repeatable crash
(complete DOS) of MySQL Server.
CVE-2018-2784 - Vulnerability in the MySQL Server component of Oracle MySQL
(subcomponent: InnoDB). Supported versions that are affected are 5.6.39 and
prior and 5.7.21 and prior. Easily exploitable vulnerability allows low
privileged attacker with network access via multiple protocols to compromise
MySQL Server. Successful attacks of this vulnerability can result in
unauthorized ability to cause a hang or frequently repeatable crash
(complete DOS) of MySQL Server.
CVE-2018-2787 - Vulnerability in the MySQL Server component of Oracle MySQL
(subcomponent: InnoDB). Supported versions that are affected are 5.6.39 and
prior and 5.7.21 and prior. Easily exploitable vulnerability allows high
privileged attacker with network access via multiple protocols to compromise
MySQL Server. Successful attacks of this vulnerability can result in
unauthorized ability to cause a hang or frequently repeatable crash
(complete DOS) of MySQL Server as well as unauthorized update, insert or
delete access to some of MySQL Server accessible data.
CVE-2018-2766 - Vulnerability in the MySQL Server component of Oracle MySQL
(subcomponent: InnoDB). Supported versions that are affected are 5.6.39 and
prior and 5.7.21 and prior. Easily exploitable vulnerability allows high
privileged attacker with network access via multiple protocols to compromise
MySQL Server. Successful attacks of this vulnerability can result in
unauthorized ability to cause a hang or frequently repeatable crash
(complete DOS) of MySQL Server.
CVE-2018-2755 - Vulnerability in the MySQL Server component of Oracle MySQL
(subcomponent: Server: Replication). Supported versions that are affected
are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Difficult to
exploit vulnerability allows unauthenticated attacker with logon to the
infrastructure where MySQL Server executes to compromise MySQL Server.
Successful attacks require human interaction from a person other than the
attacker and while the vulnerability is in MySQL Server, attacks may
significantly impact additional products. Successful attacks of this
vulnerability can result in takeover of MySQL Server.
CVE-2018-2819 - Vulnerability in the MySQL Server component of Oracle MySQL
(subcomponent: InnoDB). Supported versions that are affected are 5.5.59 and
prior, 5.6.39 and prior and 5.7.21 and prior. Easily exploitable
vulnerability allows low privileged attacker with network access via
multiple protocols to compromise MySQL Server. Successful attacks of this
vulnerability can result in unauthorized ability to cause a hang or
frequently repeatable crash (complete DOS) of MySQL Server.
CVE-2018-2817 - Vulnerability in the MySQL Server component of Oracle MySQL
(subcomponent: Server: DDL). Supported versions that are affected are
5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Easily exploitable
vulnerability allows low privileged attacker with network access via
multiple protocols to compromise MySQL Server. Successful attacks of this
vulnerability can result in unauthorized ability to cause a hang or
frequently repeatable crash (complete DOS) of MySQL Server.
CVE-2018-2761 - Vulnerability in the MySQL Server component of Oracle MySQL
(subcomponent: Client programs). Supported versions that are affected are
5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Difficult to
exploit vulnerability allows unauthenticated attacker with network access
via multiple protocols to compromise MySQL Server. Successful attacks of
this vulnerability can result in unauthorized ability to cause a hang or
frequently repeatable crash (complete DOS) of MySQL Server.
CVE-2018-2781 - Vulnerability in the MySQL Server component of Oracle MySQL
(subcomponent: Server: Optimizer). Supported versions that are affected are
5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Easily exploitable
vulnerability allows high privileged attacker with network access via
multiple protocols to compromise MySQL Server. Successful attacks of this
vulnerability can result in unauthorized ability to cause a hang or
frequently repeatable crash (complete DOS) of MySQL Server.
CVE-2018-2771 - Vulnerability in the MySQL Server component of Oracle MySQL
(subcomponent: Server: Locking). Supported versions that are affected are
5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Difficult to
exploit vulnerability allows high privileged attacker with network access
via multiple protocols to compromise MySQL Server. Successful attacks of
this vulnerability can result in unauthorized ability to cause a hang or
frequently repeatable crash (complete DOS) of MySQL Server.
CVE-2018-2813 - Vulnerability in the MySQL Server component of Oracle MySQL
(subcomponent: Server: DDL). Supported versions that are affected are
5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Easily exploitable
vulnerability allows low privileged attacker with network access via
multiple protocols to compromise MySQL Server. Successful attacks of this
vulnerability can result in unauthorized read access to a subset of MySQL
Server accessible data.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Acked-by: Ryan Coe <bluemrp9@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 5fbacdd59f)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
- Fix CVE-2017-5029
- Remove first patch (already in version)
- Add a dependency to host-pkgconf and remove libxml2 options: see
abf537ebb2
- Add hash for license file
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit eca8704dcf)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Prior to commit 2dccb4f2fe
("package/docker-containerd: convert to golang infrastructure"), the
containerd binary was installed as docker-containerd. Following the
conversion to the golang package infrastructure, the binary is now
installed as "containerd", which breaks some use cases.
Let's add a symlink link docker-containerd -> containerd to fix such
use cases.
Fixes: https://bugs.busybox.net/show_bug.cgi?id=11076
Signed-off-by: Sam Lancia <sam@gpsm.co.uk>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit ded50f69c6)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The package recipe uses a post-install hook to remove useless files from
$(TARGET_DIR)/etc/rc.d/init.d and $(TARGET_DIR)/etc/sysconfig. This may
damage packages that install useful files on those directories (such as
netplug, which installs $(TARGET_DIR)/etc/rc.d/init.d/netplugd).
In the future[1] we will reorganize the init scripts and possibly get
rid of /etc/rc.d and /etc/sysconfig but for the moment let's restrict
the file removal to those installed by audit.
1. http://lists.busybox.net/pipermail/buildroot/2018-May/221549.html
Signed-off-by: Carlos Santos <casantos@datacom.com.br>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 49844baf2f)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
'+' is a valid character in a url. The current dl-wrapper gets the
URI scheme by dropping everything after the last '+' character, with
the intension of finding 'git' from e.g. 'git+https://uri'.
If a uri has a '+' anywhere in it, it ends up using too much of the
string as a scheme, and fails to match the handler properly.
An example of where this form of URI is used is when using deploy tokens
in gitlab. It uses a form like https://<username>:<password>@gitlab.com/<group>/<repo.git>
where username for deploy token is of the form 'gitlab+deploy-token-<number>'.
Use the %% operator to search backwards until the last '+' character when
dropping the rest of the string as we know that the first '+'
in the string should be the scheme.
Signed-off-by: Robert Beckett <bbeckett@netvu.org.uk>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit a5ba72946e)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Since version 1.8.0, php-amqp needs a rabbitmq-c with openssl support:
https://github.com/pdezwart/php-amqp/issues/310
SSL support is disabled in rabbitmq-c if BR2_STATIC_LIBS is set however
don't add an unneeded !BR2_STATIC_LIBS dependency in Config.in as all
PHP External Extensions depends on !BR2_STATIC_LIBS
(see package/Config.in)
Fixes:
- http://autobuild.buildroot.net/results/b7c89bbbd0ca1df08dd7cbfc90c7b45dcf1fad05
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit d93305744b)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Don't rely on a random host package to create the include/ directory for
us. Some packages do the wrong thing since they implicitly assume that
this directory exists already. Commit a557aedad2 (zstd: fix host headers
installation) shows an example of that.
Cc: Maxime Hadjinlian <maxime.hadjinlian@gmail.com>
Cc: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Acked-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 967d302e8b)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Use Python 3 style print calls, in order to make pkg-stats Python 3
compliant.
Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Reviewed-by: Ricardo Martincoski <ricardo.martincoski@datacom.ind.br>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit eb04235783)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
See https://nodejs.org/en/blog/release/v8.11.2/
Signed-off-by: Martin Bark <martin@barkynet.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 1d4eb844e3)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This patch updates Linux kernel version to 4.14.47 for HSDK board.
Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/71727022
Signed-off-by: Evgeniy Didin <didin@synopsys.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Peter Korsgaard <peter@korsgaard.com>
Cc: arc-buildroot@synopsys.com
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
