An out-of-bounds array read in the apr_time_exp*() functions was fixed
in the Apache Portable Runtime 1.6.3 release (CVE-2017-12613). The fix
for this issue was not carried forward to the APR 1.7.x branch, and
hence version 1.7.0 regressed compared to 1.6.3 and is vulnerable to the
same issue.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fix the following build failure with uclibc-ng and grpc raised on arm
and ppc:
/home/buildroot/autobuild/instance-0/output-1/host/opt/ext-toolchain/bin/../lib/gcc/arm-buildroot-linux-uclibcgnueabi/10.3.0/../../../../arm-buildroot-linux-uclibcgnueabi/bin/ld: /home/buildroot/autobuild/instance-0/output-1/host/arm-buildroot-linux-uclibcgnueabi/sysroot/usr/lib/libabsl_random_internal_randen_hwaes.so.2111.0.0: undefined reference to `getauxval'
Strangely enough it seems there is only one autobuilder failure despite
the fact that libabseil-cpp is unconditionally using getauxval since its
addition in commit 93568440ed:
https://github.com/abseil/abseil-cpp/blob/20200225/absl/random/internal/randen_detect.cc
Perhaps this build failure is an unexpected side effect of commit
8251d8c255
Fixes:
- http://autobuild.buildroot.org/results/775f3ca3dedebff29e212b29dfa896b7613b7a02
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
gobject-introspection is an optional dependency which is enabled by
default since
0d7bf34ed6
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fix the following build failure raised since bump to version 1.50.5 in
commit 68b0efbae4:
../utils/viewer-cairo.c: In function 'cairo_vector_view_create':
../utils/viewer-cairo.c:228:5: error: suggest braces around empty body in an 'if' statement [-Werror=empty-body]
;
^
Fixes:
- http://autobuild.buildroot.org/results/dee3d631474f83b345f22eb26c59a305c32258f8
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
wireshark needs C++ since switch to cmake-package in commit
7cb7fb8191:
CMake Error at CMakeLists.txt:32 (project):
No CMAKE_CXX_COMPILER could be found.
Fixes:
- http://autobuild.buildroot.org/results/1ce9bc2a2330e27dfaceae682139d222feb806ae
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
moved under the hat of https://github.com/lunarmodules
remove upstream patch
diff LICENSE:
-The MIT License (MIT)
-Copyright (c) 2013 Tomás Guisasola
+Copyright (C) 2003-2007 The Kepler Project, 2013-2022 Matthew Wild
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Acked-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Handle WITH_POWER8 to fix the following build failure with powerpc and
libglib2 raised since bump to version 1.9.9-b1 in commit
1f7b12a0b4 and
b81f4ee96d:
/home/autobuild/autobuild/instance-9/output-1/host/lib/gcc/powerpc-buildroot-linux-musl/11.2.0/../../../../powerpc-buildroot-linux-musl/bin/ld: /home/autobuild/autobuild/instance-9/output-1/host/powerpc-buildroot-linux-musl/sysroot/usr/lib/libz.a(adler32_power8.c.o): in function `adler32_power8':
/home/autobuild/autobuild/instance-9/output-1/build/zlib-ng-2.0.6/arch/power/adler32_power8.c:106: undefined reference to `vec_sumsu'
Fixes:
- http://autobuild.buildroot.org/results/f864a0e2307e25342b45c90a5b4fb57a0f5c1c93
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Disable tests which are enabled by default in debug mode since bump to
version 2.0.0 in commit 2a3edc5e00 and
e84f12fc5e
as they will raise the following build failure if cmocka is built before
libyang:
In file included from /home/buildroot/autobuild/instance-0/output-1/host/riscv64-buildroot-linux-musl/sysroot/usr/include/stdint.h:20,
from /home/buildroot/autobuild/instance-0/output-1/host/opt/ext-toolchain/lib/gcc/riscv64-buildroot-linux-musl/10.3.0/include/stdint.h:9,
from /home/buildroot/autobuild/instance-0/output-1/build/libyang-2.0.112/src/libyang.h:18,
from /home/buildroot/autobuild/instance-0/output-1/build/libyang-2.0.112/tests/utests/utests.h:30,
from /home/buildroot/autobuild/instance-0/output-1/build/libyang-2.0.112/tests/utests/extensions/test_yangdata.c:15:
/home/buildroot/autobuild/instance-0/output-1/host/riscv64-buildroot-linux-musl/sysroot/usr/include/bits/alltypes.h:53:24: error: conflicting types for 'uintptr_t'
53 | typedef unsigned _Addr uintptr_t;
| ^~~~~~~~~
Fixes:
- http://autobuild.buildroot.org/results/7ae21fbb28b1a69183c5d8ed87cf5f5cbf055026
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Commit 2a3edc5e00 forgot to drop
ENABLE_LYD_PRIV and GEN_PYTHON_BINDINGS options which are not recognized
anymore
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fix the following build failure with libressl raised since bump to
version 6.4.29 in commit ba6fd52195 and
340d00bf99:
configure: error: fetchmail cannot legally be linked against LibreSSL for lack of GPL2 clause 2b exception. See COPYING.
Fixes:
- http://autobuild.buildroot.org/results/95ca66091efa0dafb7c4e8e8c7da1f929ef32d76
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Allow to build the BCM2835 bitbang interface on aarch64.
Signed-off-by: Stefan Agner <stefan@agner.ch>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
In 7130bcb44c (package/linux-firmware: Add Intel WiFi
3945ABG/BG/4965AGN), I improperly fixed the two drivers names...
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Add Intel WiFi 3945ABG/BG and 4965AGN firmware. This firmware is
required for the iwl4965 and iwl3945 kernel driver.
Signed-off-by: Stefan Agner <stefan@agner.ch>
[yann.morin.1998@free.fr: fix driver names in help texts]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
- Update indentation in hash file (two spaces)
- This bump will fix the following build failure if python2 is not
available on host (while at it, add host-python3 dependency):
Traceback (most recent call last):
File "/home/autobuild/autobuild/instance-4/output-1/build/cppcms-1.2.1/bin/cppcms_tmpl_cc", line 14, in <module>
import StringIO
ModuleNotFoundError: No module named 'StringIO'
http://cppcms.com/wikipp/en/page/cppcms_2_0_whats_new
Fixes:
- http://autobuild.buildroot.org/results/00482ee24deae95a91f8499f499b18e15f14b51a
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
openssl is an optional dependency since version 1.0.5 and
7cfdc9f703
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
If libgcrypt (or openssl) is not enabled, aes_encryptor is disabled
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
zlib is not mandatory since at least version 1.0.5 and
fc1c25f9c7
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fix the following static build failure with hwloc raised since commit
c83bf97206:
checking for hwloc_get_proc_cpubind in -lhwloc... no
configure: error: can not find required library libhwloc
Fixes:
- http://autobuild.buildroot.org/results/5d815ec08c580005a863df6ac9ac29deff7d4128
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
As reported by [1], python-twisted and python-treq must use the same
version because its the same project:
https://github.com/twisted/twistedhttps://github.com/twisted/treq
We have to update python-treq to version 22.2.0 [2] otherwise we have
a runtime issue:
Traceback (most recent call last):
File "/root/sample_python_treq.py", line 2, in <module>
import treq
File "/usr/lib/python3.10/site-packages/treq/__init__.py", line 5, in <module>
File "/usr/lib/python3.10/site-packages/treq/api.py", line 5, in <module>
File "/usr/lib/python3.10/site-packages/treq/client.py", line 11, in <module>
ImportError: cannot import name '_PY3' from 'twisted.python.compat' (unknown
location)
The comment should avoid forgeting one of them while upgrading or
backporting version bump.
[1] http://lists.busybox.net/pipermail/buildroot/2022-February/637505.html
[2] https://github.com/twisted/treq/releases/tag/release-22.2.0
[3] https://gitlab.com/buildroot.org/buildroot/-/jobs/2179206653
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Use /usr target/staging prefix and / host prefix.
This allows the Python interpreter to find packages built via the new
Flit infrastructure.
Fixes: #14721
Signed-off-by: Emile Cormier <emile.cormier.jr@gmail.com>
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Replace the remaining git:// URLs with their https:// equivalents as
this is more secure and also more palatable to corporate firewalls.
Signed-off-by: Markus Mayer <mmayer@broadcom.com>
[yann.morin.1998@free.fr: convert dahdi-linux too]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
pkg-stats currently uses the services from support/scripts/cpedb.py to
match the CPE identifiers of packages with the official CPE database.
Unfortunately, the cpedb.py code uses regular ElementTree parsing,
which involves loading the full XML tree into memory. This causes the
pkg-stats process to consume a huge amount of memory:
thomas 1310458 85.2 21.4 3708952 3450164 pts/5 R+ 16:04 0:33 | | \_ python3 ./support/scripts/pkg-stats
So, 3.7 GB of VSZ and 3.4 GB of RSS are used by the pkg-stats
process. This is causing the OOM killer to kick-in on machines with
relatively low memory.
This commit reimplements the XML parsing needed to do the CPE matching
directly in pkg-stats, using the XmlParser functionality of
ElementTree, also called "streaming parsing". Thanks to this, we never
load the entire XML tree in RAM, but only stream it through the
parser, and construct a very simple list of all CPE identifiers. The
max memory consumption of pkg-stats is now:
thomas 1317511 74.2 0.9 381104 152224 pts/5 R+ 16:08 0:17 | | \_ python3 ./support/scripts/pkg-stats
So, 381 MB of VSZ and 152 MB of RSS, which is obviously much better.
The JSON output of pkg-stats for the full package set, before and after
this commit, is exactly identical.
Now, one will probably wonder why this isn't directly changed in
cpedb.py. The reason is simple: cpedb.py is also used by
support/scripts/missing-cpe, which (for now) heavily relies on having
in memory the ElementTree objects, to re-generate a snippet of XML
that allows us to submit to NIST new CPE entries.
So, future work could include one of those two options:
(1) Re-integrate cpedb.py into missing-cpe directly, and live with
two different ways of processing the CPE database.
(2) Rewrite the missing-cpe logic to also be compatible with a
streaming parsing, which would allow this logic to be again
shared between pkg-stats and missing-cpe.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
[yann.morin.1998@free.fr:
- add missing import of requests
- import CPEDB_URL from cpedb, instead of duplicating it
- fix flake8 errors
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Some upstream sites are very slow to respond, and the default timeout
of 300 seconds of the aiohttp.ClientSession() is too long. Let's
reduce it to 15 seconds.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
This is useful when debugging/developing the pkg-stats script.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
This is useful when debugging/developing the pkg-stats script.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fix CVE-2022-24302: Creation of new private key files using PKey
subclasses was subject to a race condition between file creation & mode
modification, which could be exploited by an attacker with knowledge of
where the Paramiko-using code would write out such files.
https://github.com/paramiko/paramiko/blob/2.10.3/sites/www/changelog.rst
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
- License has been changed from GPL to LGPL or BSD-3-Clause
- Drop upstream patches
Signed-off-by: Daniel Lang <d.lang@abatec.at>
[Arnout: license is actually LGPL-3.0+, not LGPL-3.0]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
When libxkbcommon is disabled, QT_CONFIG(xkbcommon) is not defined which
means the variable and function pointer in this patch are compiled out
from the header, but the cpp code actually still made use of it. This
patch fixes the build issue when libxkbcommon package is not to be
built.
This patch was taken from (merged):
https://codereview.qt-project.org/c/qt/qtwayland/+/344916
Cc: Quentin Schulz <foss+buildroot@0leil.net>
Signed-off-by: Quentin Schulz <quentin.schulz@theobroma-systems.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
qt5wayland package currently has a bug if the xkbcommon Qt config is not
enabled which highlighted a race issues between qt5base, libxkbcommon
and qt5wayland.
qt5wayland has a dependency on libxkbcommon package if it's enabled.
qt5base only has a dependency on libxkbcommon if xcb support is to be
enabled.
If libxkbcommon package is built before qt5base, qt5base will detect it
during its configure step and enable the Qt config accordingly. This
will make it available to qt5wayland afterwards, even if xcb support is
not enabled in Buildroot Kconfig.
However, if qt5base is built before libxkbcommon is, qt5base will not
advertise support of xbcommon feature to qt5wayland (which will fail its
build because of a bug in the source code).
Since the package build order should not impact the outcome of the
build, let's explicit the dependency if and only if libxkbcommon package
is to be compiled at some point in time so that at least this feature is
not susceptible to races.
Move the xkbcommon entries out of the BR2_PACKAGE_QT5BASE_XCB condition,
instead make them depend on BR2_PACKAGE_LIBXKBCOMMON. Since
BR2_PACKAGE_QT5BASE_XCB selects BR2_PACKAGE_LIBXKBCOMMON they are still
included if xcb is selected.
Cc: Quentin Schulz <foss+buildroot@0leil.net>
Signed-off-by: Quentin Schulz <quentin.schulz@theobroma-systems.com>
[Arnout: remove the already existing xkbcommon entries]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
The patches aren't in Buildroot anymore but in the qt5base sources
directly, so let's give the commit hash of the fixes instead.
Cc: Quentin Schulz <foss+buildroot@0leil.net>
Signed-off-by: Quentin Schulz <quentin.schulz@theobroma-systems.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>