igh-ethercat comes with a small number of patched Linux kernel network
drivers, which aim at replacing the ones available in upstream Linux
kernel. All those drivers are provided only for specific kernel
releases. For example:
r8169-2.6.24-ethercat.c
r8169-2.6.24-orig.c
r8169-2.6.27-ethercat.c
r8169-2.6.27-orig.c
r8169-2.6.28-ethercat.c
r8169-2.6.28-orig.c
r8169-2.6.29-ethercat.c
r8169-2.6.29-orig.c
r8169-2.6.31-ethercat.c
r8169-2.6.31-orig.c
r8169-2.6.32-ethercat.c
r8169-2.6.32-orig.c
r8169-2.6.33-ethercat.c
r8169-2.6.33-orig.c
r8169-2.6.35-ethercat.c
r8169-2.6.35-orig.c
r8169-2.6.36-ethercat.c
r8169-2.6.36-orig.c
r8169-2.6.37-ethercat.c
r8169-2.6.37-orig.c
r8169-3.10-ethercat.c
r8169-3.10-orig.c
r8169-3.12-ethercat.c
r8169-3.12-orig.c
r8169-3.14-ethercat.c
r8169-3.14-orig.c
r8169-3.16-ethercat.c
r8169-3.16-orig.c
r8169-3.2-ethercat.c
r8169-3.2-orig.c
r8169-3.4-ethercat.c
r8169-3.4-orig.c
r8169-3.6-ethercat.c
r8169-3.6-orig.c
r8169-3.8-ethercat.c
r8169-3.8-orig.c
r8169-4.4-ethercat.c
r8169-4.4-orig.c
Obviously, this doesn't play well with the random configuration
testing done by utils/genrandconfig. This commit avoids this issue by
making sure we never build any of those drivers as part of the
genrandconfig generated configurations.
Fixes:
http://autobuild.buildroot.net/results/07b7475d780c067d99ee5618a5fd2bb024a5b4e7/
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The current version 1.5.2 dates back from 2013, so it is extremely
old. The latest master branch of igh-ethercat contains numerous fixes,
including fixes to ensure that it builds with recent Linux kernel
releases. Backporting the individual patches fixing those issues on a
9 year old release would be too much effort, so we propose to simply
bump the version to the latest available in the Git master branch.
Fixes:
http://autobuild.buildroot.net/results/4dc9b71c805a8156bcf8f398edd3a30f2b6ac6da/
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
SDL v1.2 was discovered to contain a use-after-free via the XFree function
at /src/video/x11/SDL_x11yuv.c.
https://github.com/advisories/GHSA-wr7h-5wm3-p3h4
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fixes#6421
Backport from: da9ba3a2a1536017e4ce1ee0f4276578d1ce6e29
Signed-off-by: Michael Fischer <mf@go-sys.de>
[yann.morin.1998@free.fr: make it an actual backport]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fix the following runtime failure raised since bump of popt to version
1.19 in commit 895bfba93f:
Problem opening for reading! Error is 2.
The specified file does not exist!
Fixes:
- No autobuilder failure
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Reported-by: Florian Fainelli <f.fainelli@gmail.com>
Tested-by: Florian Fainelli <f.fainelli@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fixes the following security issue:
- CVE-2022-42898: Samba buffer overflow vulnerabilities on 32-bit systems
https://www.samba.org/samba/security/CVE-2022-42898.html
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fixes the following security issue:
- CVE-2022-3821: An off-by-one Error issue was discovered in Systemd in
format_timespan() function of time-util.c. An attacker could supply
specific values for time and accuracy that leads to buffer overrun in
format_timespan(), leading to a Denial of Service.
https://github.com/systemd/systemd/issues/23928
Drop now upstream 0001-missing-syscall-define-MOVE_MOUNT_T_EMPTY_PATH-if-mi.patch
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Z3, also known as the Z3 Theorem Prover, is a cross-platform
satisfiability modulo theories (SMT) solver.
https://github.com/Z3Prover/z3
Signed-off-by: Julien Olivain <ju.o@free.fr>
[yann.morin.1998@free.fr:
- python bindings 'depends on' python, not 'select' it
- fix check-package in test_z3.py
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fix CVE-2022-39377: sysstat is a set of system performance tools for the
Linux operating system. On 32 bit systems, in versions 9.1.16 and newer
but prior to 12.7.1, allocate_structures contains a size_t overflow in
sa_common.c. The allocate_structures function insufficiently checks
bounds before arithmetic multiplication, allowing for an overflow in the
size allocated for the buffer representing system activities. This issue
may lead to Remote Code Execution (RCE).
Despite what is written above in the CVE announcement, and as written in
the Changelog, the fix is also included in version 12.6.1 (12.7.1 is a
development version):
c1e631eddc
As a consequence, 12.6.1 is still reported as being affected. Until the
NVD is updated appropriately, we mark the CVE as ignored with a comment
that explains why.
Note: that commit is not reachable from any branch in the sysstat
repository, and Github warns about that, but the commit does belong to
the upstream repository and is reachable from the 12.6.1 tag (it looks
like sysstat only pushes tags-with-history for fix releases).
https://github.com/sysstat/sysstat/security/advisories/GHSA-q8r6-g56f-9w7xhttps://github.com/sysstat/sysstat/blob/v12.6.1/CHANGES
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[yann.morin.1998@free.fr:
- ignore the CVE, explain why
- explain why github warns about the fix commit
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
This adds a separate opencv4_contrib package to manage
downloading/unpacking that repository. These extra modules
are useful for a lot of applications, but not necessary
for minimal installs, so they are all given dedicated Kconfig
options
It's important to note that the opencv4-contrib package
downloads extra source that is compiled as a part of
the opencv4 package. This is why it is a dependency
of opencv4, and not the other way around
Signed-off-by: Woodrow Douglass <wdouglass@carnegierobotics.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
commit e37c110 ("package/gnuradio: bump version to 3.10.4.0")
included two numbered patches. Those are generating
"make check-package" warnings.
Fixes:
make check-package
package/gnuradio/0001-blocks-Including-missing-vector-in-blockinterleaver.patch:4: generate your patches with 'git format-patch -N'
package/gnuradio/0002-blocks-blockinterleaving.h-add-missing-cstddef-heade.patch:4: generate your patches with 'git format-patch -N'
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fixes the following security issue:
CVE-2022-45063: xterm before 375 allows code execution via font ops, e.g.,
because an OSC 50 response may have Ctrl-g and therefore lead to command
execution within the vi line-editing mode of Zsh:
https://www.openwall.com/lists/oss-security/2022/11/10/1
Additionally, patch 376 fixes a null pointer access issue:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1022942
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fixes the following security issue:
DNS rebinding in --inspect via invalid octal IP address (Medium) (CVE-2022-43548)
The Node.js rebinding protector for --inspect still allows invalid IP
address, specifically, the octal format. An example of an octal IP address
is 1.09.0.0, the 09 octet is invalid because 9 is not a number in the base 8
number system. Browsers such as Firefox (tested on latest version m105)
will still attempt to resolve this invalid octal address via DNS. When
combined with an active --inspect session, such as when using VSCode, an
attacker can perform DNS rebinding and execute arbitrary code
Update license hash for an update of base64 (MIT license) and a change in
copyright year:
8ea9a71b159f14dc1a8f
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
A severe bug has been found in Libksba , the library used by GnuPG for parsing
the ASN.1 structures as used by S/MIME. The bug affects all versions of Libksba
before 1.6.2 and may be used for remote code execution.
Fix CVE-2022-3515
Signed-off-by: Michael Fischer <mf@go-sys.de>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Rename configure options to avoid the following build failure raised
since bump to version 3.2.5 in commit
ae2807821d:
./simd-checksum-x86_64.cpp: In function 'uint32_t get_checksum1_cpp(char*, int32_t)':
./simd-checksum-x86_64.cpp:89:52: error: multiversioning needs 'ifunc' which is not supported on this target
89 | __attribute__ ((target("default"))) MVSTATIC int32 get_checksum1_avx2_64(schar* buf, int32 len, int32 i, uint32* ps1, uint32* ps2) { return i; }
| ^~~~~~~~~~~~~~~~~~~~~
./simd-checksum-x86_64.cpp:480:1: error: use of multiversioned function without a default
480 | }
| ^
If you can't fix the issue, re-run ./configure with --disable-roll-simd.
Fixes:
- http://autobuild.buildroot.org/results/069da8e585da2e51bfd4f475cc12b9a134954b08
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit d036dc6ec8)
[Peter: drop Makefile/Vagrantfile changes]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 25680e6aa8)
[Peter: drop Makefile changes]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This is a header only library which is required by the latest version
of zxing-cpp.
Include paths and pc file are based off of debian libstb package.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Current python-automat version 20.2.0 no longer work with Python 3.11
updated in commit 738500c296.
Running package runtime test with command:
support/testing/run-tests \
-d dl \
-o output_folder \
tests.package.test_python_automat.TestPythonPy3Automat
Fails with output:
Traceback (most recent call last):
File "/root/sample_python_automat.py", line 27, in <module>
led.turn_on()
^^^^^^^^^^^
File "/usr/lib/python3.11/site-packages/automat/_methodical.py", line 232, in __get__
File "/usr/lib/python3.11/site-packages/automat/_introspection.py", line 43, in decorator
File "/usr/lib/python3.11/site-packages/automat/_introspection.py", line 35, in copyfunction
File "/usr/lib/python3.11/site-packages/automat/_introspection.py", line 23, in copycode
TypeError: code() argument 13 must be str, not int
This commit fixes this issue by updating the package to the latest
version.
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Replaced patches with upstream patch which fixes both problems.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Add support for new optional bluez5-backend-native-mm and readline
config options.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
- remove all no more required patches
- backport 2 patches to fix failures induces by missing headers
- add dependency to SPDLOG
- add pybind dependency where python is set
Note:
- Since gnuradio 3.10 swig was replaced by pybind. Now python libraries,
bindings and python wrappers are produces using pybind: this
why python-pybind is a buildtime dependency. As mentionned in [1], this one
is a stagging only package: headers must be into staging directory, so it
can't be host and at the same time since this package provides only headers
and .cmake files nothing has to be installed into the target directory. A
select is required because it's not an host package and
GNURADIO_DEPENDENCIES is updated with python-pybind to have pybind present
before gnuradio's build.
- host-python-numpy is now required since some cpp bindings uses numpy's
functions directly. python-numpy (target package) is left required because
python blocks and wrappers needs this library at runtime.
[1] http://lists.busybox.net/pipermail/buildroot/2022-October/653030.html
Signed-off-by: Gwenhael Goavec-Merou <gwenhael.goavec-merou@trabucayre.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
libsndfile is only needed by the sbctester utility and the library can
be built without this dependency.
Add a config option to cover not just sbctester but the command-line
utilities as well. While the utilities may be useful for debugging,
normal usage will only need libsbc and these applications can be
omitted.
Signed-off-by: John Keeping <john@metanate.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This is the latest point release in the stable 2.13 branch (currently
the latest stable branch available).
Cc: Clément Léger <clement.leger@bootlin.com>
Reported-by: Clément Léger <clement.leger@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The build of lttng-modules will fail if the kernel does not have
CONFIG_TRACEPOINTS enabled. However, CONFIG_TRACEPOINTS is a
prompt-less option, and the most generic option that does enable
CONFIG_TRACEPOINTS is CONFIG_FTRACE.
In addition, CONFIG_FTRACE will also enable CONFIG_STACKTRACE, which
is needed on CPU architectures that don't provide the STACKWALK
mechanism in the kernel, as is the case on ARM 32-bit for example.
Therefore, let's enable CONFIG_FTRACE when building lttng-modules.
Cc: Clément Léger <clement.leger@bootlin.com>
Reported-by: Clément Léger <clement.leger@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This patch fixes the kv260.sh to generate a working u-boot.itb
now that the CONFIG_MULTI_DTB_FIT u-boot option is no longer used.
This is a follow-up fix of
515319b86f ("board/zynqmp/kria/kv260/uboot.fragment:
remove unnecessary CONFIG_MULTI_DTB_FIT option") to fix the build of:
https://gitlab.com/buildroot.org/buildroot/-/jobs/3310463281
Signed-off-by: Neal Frager <neal.frager@amd.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
libvncclient v0.9.13 was discovered to contain a memory leak via the
function rfbClientCleanup().
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This is stable bugfix release of libmdbx, in Family Glory and
in memory of Boris Yuriev (the inventor of Helicopter and
Swashplate in 1911) on his 133rd birthday.
It is reasonable to backport this patch to all applicable releases/branches of Buildroot.
Release notes for v0.11.13
--------------------------
Fixes:
- Fixed builds with older libc versions after using `fcntl64()` (backport).
- Fixed builds with older `stdatomic.h` versions,
where the `ATOMIC_*_LOCK_FREE` macros mistakenly redefined using functions (backport).
- Added workaround for `mremap()` defect to avoid assertion failure (backport).
- Workaround for `encryptfs` bug(s) in the `copy_file_range` implementation (backport).
- Fixed unexpected `MDBX_BUSY` from `mdbx_env_set_option()`, `mdbx_env_set_syncbytes()`
and `mdbx_env_set_syncperiod()` (backport).
- CMake requirements lowered to version 3.0.2 (backport).
- Added admonition of insecure for RISC-V (backport).
Minors:
- Minor clarification output of `--help` for `mdbx_test` (backport).
- Added admonition of insecure for RISC-V (backport).
- Stochastic scripts and CMake files synchronized with the `devel` branch.
- Use `--dont-check-ram-size` for small-tests make-targets (backport).
The complete ChangeLog: https://gitflic.ru/project/erthink/libmdbx/blob?file=ChangeLog.md
Signed-off-by: Леонид Юрьев (Leonid Yuriev) <leo@yuriev.ru>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
