Version 0.9.3 is a fix-up to 0.9.2. Combined, releases 0.9.2 and 0.9.3
feature:
- Migration from GNU autotools to CMake
- Link fixes for use of uriparser from C++ code
- Library visibility fixes / introduction of -fvisibility=hidden
For more details please check the change log at
https://github.com/uriparser/uriparser/blob/uriparser-0.9.3/ChangeLog
Signed-off-by: Carlos Santos <unixmania@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Drop patches; issues fixed upstream.
Update license file hash due to copyright year update.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Drop patches 0001 and 0002 which are included in the new version.
Add hash for the license file.
Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
It must be "tpm2-totp", not "tpm2-tools" (probably a copy/paste issue).
Signed-off-by: Carlos Santos <unixmania@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This patch bumps CIP to the latest SLTS version v4.19.13-cip1.
Kernel based on 4.4 is not deprecated, it will continue to be supported
as planned by the CIP foundation.
If the 4.4 version is needed, it should be selected manually.
Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security issue:
CVE-2019-9928: GStreamer before 1.16.0 has a heap-based buffer overflow in
the RTSP connection parser via a crafted response from a server
For more details, see the advisory:
https://gstreamer.freedesktop.org/security/sa-2019-0001.html
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes a number of issues discovered since 1.12.1. From the release notes:
go1.12.2 (released 2019/04/05) includes fixes to the compiler, the go
command, the runtime, and the doc, net, net/http/httputil, and os packages.
See the Go 1.12.2 milestone on our issue tracker for details.
go1.12.3 (released 2019/04/08) was accidentally released without its
intended fix. It is identical to go1.12.2, except for its version number.
The intended fix is in go1.12.4.
go1.12.4 (released 2019/04/11) fixes an issue where using the prebuilt
binary releases on older versions of GNU/Linux led to failures when linking
programs that used cgo. Only Linux users who hit this issue need to update.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security issues:
- CVE-2019-9956: In ImageMagick 7.0.8-35 Q16, there is a stack-based buffer
overflow in the function PopHexPixel of coders/ps.c, which allows an
attacker to cause a denial of service or code execution via a crafted
image file.
- CVE-2019-10650: In ImageMagick 7.0.8-36 Q16, there is a heap-based buffer
over-read in the function WriteTIFFImage of coders/tiff.c, which allows an
attacker to cause a denial of service or information disclosure via a
crafted image file.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 3b4b3e7cd4)
[Peter: drop Makefile changes]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
A check for python-ply has been added as this is a dependency of the
dnssec-keymgr script so install host-python-ply to avoid a build failure
if python-ply is not installed on host
Fixes:
- http://autobuild.buildroot.org/results/96815b1300547c976443bf74b762febdfcc8d3ba
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
qemu uses TARGET_DIR internally, and it is at least used to display the
shortened compiling commands, like (with a TARGET_DIR=/path/to/target):
CC /path/to/targetblock/write-threshold.o
VS
CC block/write-threshold.o
There does not seem to be any adverse effect to that, but this is very
confusing to see, especially when building the host variant.
Fix that by unsetting TARGET_DIR prior to building.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
In 7672234200 (gst1-plugins-base: bump version to 1.12.0), the unknown
options were removed, but the comment associated to --disable-gio_unix_2_0
was left out.
Drop it now.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
In 1d42d0acca (binutils: ensure TARGET_CONFIGURE_ARGS is taken into
consideration for subdirs), the whole BUILD_CMDS was overriden in an
attempt to ensure that the target configure args (in fact, environment
variables) are indeed passed in the environment of the build command.
However, there is no reason to override the whole command, when we can
simply specify additional environment variables, as supported by the
autotools infra.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Build failures due to:
`fatal error: sys/auxv.h: No such file or directory`
have been fixed upstream.
Fixes:
http://autobuild.buildroot.net/results/158/158950190141b4f1b0a3d7813322d3971bb8ba75/
Signed-off-by: Giulio Benetti <giulio.benetti@micronovasrl.com>
Acked-by: Kieran Bingham <kieran.bingham@ideasonboard.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fixes the following security vulnerabilities:
EAP-pwd implementation in hostapd (EAP server) and wpa_supplicant (EAP
peer) was discovered not to validate fragmentation reassembly state
properly for a case where an unexpected fragment could be received. This
could result in process termination due to NULL pointer dereference.
For details, see the advisory:
https://w1.fi/security/2019-5/eap-pwd-message-reassembly-issue-with-unexpected-fragment.txt
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security vulnerabilities:
EAP-pwd implementation in hostapd (EAP server) and wpa_supplicant (EAP
peer) was discovered not to validate fragmentation reassembly state
properly for a case where an unexpected fragment could be received. This
could result in process termination due to NULL pointer dereference.
For details, see the advisory:
https://w1.fi/security/2019-5/eap-pwd-message-reassembly-issue-with-unexpected-fragment.txt
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security issue:
CVE-2019-7317: png_image_free in png.c in libpng 1.6.36 has a use-after-free
because png_image_free_function is called under png_safe_execute.
Update license hash for a change in copyright year and typo fixes.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fixes the following security issues:
- CVE-2018-5743: Limiting simultaneous TCP clients is ineffective
https://kb.isc.org/docs/cve-2018-5743
- CVE-2019-6467: An error in the nxdomain redirect feature can cause
BIND to exit with an INSIST assertion failure in query.c
https://kb.isc.org/docs/cve-2019-6467
- CVE-2019-6468: BIND Supported Preview Edition can exit with an
assertion failure if nxdomain-redirect is used
https://kb.isc.org/docs/cve-2019-6468
Add an upstream patch to fix building on architectures where bind does not
implement isc_atomic_*.
Upstream moved to a 2019 signing key, so update comment in .hash file.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
NetworkManager now has an internal DHCP client. Therefor, there is no
need to select either the DHCPCD or DHCP_CLIENT package to get DHCP.
Remove the forced select of one of those packages.
The internal DHCP client has become NetworkManager's preferred DHCP
client, so it seems reasonable that it effectively becomes the default,
unless DHCPCD or DHCP_CLIENT are intentionally enabled.
Signed-off-by: Trent Piepho <tpiepho@impinj.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This commit bumps Linux & Linux-headers to 5.0 and U-Boot to version 2019.01
Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io>
Signed-off-by: Pierre-Jean Texier <a class="moz-txt-link-rfc2396E" href="mailto:pjtexier@koncepto.io"><pjtexier@koncepto.io></a>
Reviewed-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fixes the following security issue:
* CVE-2019-10691: Trying to login with 8bit username containing
invalid UTF8 input causes auth process to crash if auth policy is
enabled. This could be used rather easily to cause a DoS. Similar
crash also happens during mail delivery when using invalid UTF8 in
From or Subject header when OX push notification driver is used.
https://dovecot.org/pipermail/dovecot-news/2019-April/000406.html
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fixes the following security issue:
- CVE-2019-11324: The urllib3 library before 1.24.2 for Python mishandles
certain cases where the desired set of CA certificates is different from
the OS store of CA certificates, which results in SSL connections
succeeding in situations where a verification failure is the correct
outcome. This is related to use of the ssl_context, ca_certs, or
ca_certs_dir argument.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
LibreSSL 2.9.1 now has a test that requires libtls.a, however, when building a
shared library only build, the --disable-static flag is passed to libressl,
which prevents the building of libtls.a.
With libtls.a not being built, the following error occurs:
libressl-2.9.1/tls/.libs/libtls.a', needed by 'handshake_table'. Stop.
There are three options to fix this:
1) Stick with autotools, and provide a patch that removes building anything in
the tests folder.
2) Pass --enable-static to LIBRESSL_CONF_OPTS
3) Change the package type to cmake, as a cmake build does not have this issue.
Changing the package type to cmake is the least impactful, it also has the added
benefit of being able to remove the 0001-remove-test-z-DESTDIR-from-ltmain.patch
file.
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Remove upstream patch 0001-Fix-3091.patch.
Add enet, libsquish and nettle new dependencies.
Add host-pkgconf since the CMakeLists.txt now use pkg-config
for enet.
Make sure that glew and wiiuse libraries from staging are
used instead of bundled versions.
See:
http://blog.supertuxkart.net/2019/04/supertuxkart-10-release.html
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
