See here for complete changelogs:
https://botan.randombit.net/news.html#version-3-5-0-2024-07-08https://botan.randombit.net/news.html#version-3-4-0-2024-04-08
CVE-2024-34702: Fix a DoS caused by excessive name constraints. (GH
CVE-2024-39312: Fix a name constraint processing error, where if
permitted and excluded rules both applied to a certificate, only the
permitted rules would be checked.
The License hash changed because the year was updated from 2023 to 2024.
Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 3ba9ac62052c99d7557adf2bbad1bab0c5577a81)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
See here for a ChangeLog:
https://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-20-current.md
20.8.1 contains a fix for CVE-2024-35190. However, the vulnerability
was introduced in commit 68a49128253f677f9e1b235c70d2316342372f7d
between 20.7.0 and 20.8.0, and Buildroot was using 20.7.0, so we were
not affected by this vulnerability.
Patch 0005 is applied upstream.
Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 622957a2adb224b8a666472c3a58bc1ade8a2040)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit 8f88a644ed "support/scripts/apply-patches.sh: set the maximum
fuzz factor to 0" reduced the fuzz factor.
Due to this change, asterisk fails to build with output:
Applying 0004-install-samples-need-the-data-files.patch using patch:
patching file Makefile
Hunk #1 FAILED at 779.
1 out of 1 hunk FAILED -- saving rejects to file Makefile.rej
This commit rebase the package patches on the current package version.
Note: the patch 0005 is unchanged, as it is correct in its current
state.
Fixes:
- http://autobuild.buildroot.org/results/92d/92d58ecb67f11a6eb74695bc1efcc672f69a57a9
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit a6fabd961058a77622a725e7d58ac3ffb05ce5b6)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix the following uclibc-ng build failure raised since bump to version
20.7.0 in commit 0e6d4d2171 and
2694792e13:
stasis/control.c: In function 'exec_command_on_condition':
stasis/control.c:313:3: warning: implicit declaration of function 'pthread_kill'; did you mean 'pthread_yield'? [-Wimplicit-function-declaration]
313 | pthread_kill(control->control_thread, SIGURG);
| ^~~~~~~~~~~~
| pthread_yield
stasis/control.c:313:41: error: 'SIGURG' undeclared (first use in this function)
313 | pthread_kill(control->control_thread, SIGURG);
| ^~~~~~
Fixes: 0e6d4d2171
- http://autobuild.buildroot.org/results/d16e4ca4bd26234f84d17da24c04a8c19faba6c5
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit ebd44d7c5b)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix a compile issue when libyuv and libjpeg is enabled.
Detection of following function fails:
checking for pjsip_dlg_create_uas_and_inc_lock in -lpjsip... no
In config.log you see that libjpeg is missing.
Fixes:
http://autobuild.buildroot.net/results/7bed9fc68fc9331ad12942c3eab9742ee8a7a4c4
Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 07b7d8708d)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
See here for changes:
https://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-20-current.md
There is still an open issue reported upstream:
https://github.com/asterisk/asterisk/issues/671
But it seems it is not reproducible by the asterisk developers, so
update the package so others can make use of it.
Use the external pjsip package, instead of the bundled one.
Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
(cherry picked from commit 0e6d4d2171)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Botan commit 313e439c786d68bcf374b2cb0edfe3ffd891db94 added a
dependency to pthread.h. Add a dependency to thread support.
Fixes:
- http://autobuild.buildroot.org/results/205/205d7505803990508bbd545393902789063ababd
Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit ad6e6f5d598a9311fc9141e4b9b08820562d1792)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Tweaking this variable should allow us to get better coverage of
packages with larger dependency trees.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit ea6bb507b1d3841be052525936121f7e88c43fbd)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit 2f260084d577 (utils/genrandconfig: remove support for toolchain
CSV) kept the --no-toolchains-csv option, but in the rework forgot to
keep it as a bool, while argparse default is to expect a string.
Rather than re-introduce the action="store_true" which implies the
argument is a bool, explicit make it a bool.
Fixes: 2f260084d5771728f3340ff6a86a23391133a635
Reported-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 4dbb87bb6676b82f34981f6adedccfa03a9667cd)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Right now, genrandconfig just spits out the random messages from the
different make invocations, which isn't terribly useful. Instead,
let's redirect the output of make invocations to oblivion, and add
some more high level logging.
As part of this logging, we're interested to see how many iterations
were needed to find a valid configuration, so changed the loop logic
to count from 0 to 100 instead of from 100 to 0 so that we can easily
show the iteration number.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit ce3dedc26b9080399c44d86e14aa1704f7bf563a)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
In order to test that upstream sites are still working, we need to NOT
fallback to sources.buildroot.net for some builds.
As there is anyway a local cache in the autobuilder instances, we need
to do quite a lot of builds without any BR2_BACKUP_SITE configured to
have a chance to catch issues, which is why a 50% chance is used to
unset BR2_BACKUP_SITE.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit da5c25c9f91b17a3c00ff0b35164881f2d1aa425)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Before calling randpackageconfig/randconfig, we were pre-generating a
snippet of .config with:
(1) minimal.config
(2) BR2_CURL/BR2_WGET settings
(3) some random selection of init system, debug, runtime debug, etc
(4) enabling BR2_REPRODUCIBLE=y when diffoscope was found
Now that we only use randconfig, this whole fine-tuning is completely
irrelevant, as it gets overridden by "make randconfig".
(1) and (3) above are useless, as randconfig does all the
randomization that is needed.
However, we want to preserve (2) and (4) above, so we re-implement
those fixups, but *after* randconfig has done its job.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 3d33d394c2c9659f8c487929bf45f7daf673e521)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Now that the support for generating a fully random configuration has
been well-tested, the whole mechanism based on a toolchain CSV isn't
really useful anymore, so let's drop it to simplify the logic.
Note that the autobuilder code still uses --{,no-}toolchains-csv, so we
can't remove those or the autobuilders would fail. Once all supported
branches no longer use those argumetns, we can drop them from the
autobuilder code, then ask people to update their runners, and we will
finally be able to drop those arguments. Eventually.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
[yann.morin.1998@free.fr: keep --{,no-}toolchains-csv and explain why]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 2f260084d5771728f3340ff6a86a23391133a635)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
We have accumulated a whole bunch of very old fixups to avoid issues
with super old CT-NG toolchains, which we are not testing anymore, so
remove those fixups.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 9e3388256811c943d8312db289959b74cae9536e)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The LICENSE file gets installed directly to the root of $(TARGET_DIR),
which clashes with other packages:
FileExistsError: File already exists: /home/autobuild/autobuild/instance-3/output-1/target/LICENSE
This commit fixes this issue for the python-unittest-xml-reporting
package. Other fixes will be needed for the other patches.
The issue in python-unittest-xml-reporting was introduced in upstream
commit c43427611390fba83ca13fbb5311bd8fece5048f, which first appeared
in v3.1.0. We switched from a pre-3.1.0 version to 3.2.0 in Buildroot
in commit 69ba1562d5, which was merged
in 2023.02.
Fixes:
http://autobuild.buildroot.net/results/2c91243b440087bbc7d051d65f553f59d05dd207/
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 182d3556a6838c01b0d1f4e6a36da84260605298)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The python-huepy has an incorrect data_files statement in its
setup.py, causing the LICENSE file to be installed directly as
$(TARGET_DIR)/LICENSE. This was detected because several packages were
doing this, and the second package doing
it (python-unittest-xml-reporting, fixed separately) was erroring out
when trying to overwrite this already existing file.
This commit fixes the case of python-huepy by adding a patch that has
been submitted upstream.
There are no autobuilder failures related to python-huepy, but this
was detected while fixing
http://autobuild.buildroot.net/results/2c91243b440087bbc7d051d65f553f59d05dd207/
for python-unittest-xml-reporting.
This bug has been in huepy since at least 2018, so this patch can be
backported to previous Buildroot versions.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 4e78b2c8b1109d8a456e426ccf03a02df5f2ee2c)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
lib/print.c in gnu-efi contains some floating point computation. On
ARM soft-float configurations, these floating point operations
generate calls to __eabi_*() functions that are provided by
gcc. However, gnu-efi builds some freestanding code, so it doesn't
link with libgcc, and therefore the build fails with:
arm-buildroot-linux-gnueabi-ld: /output-1/build/gnu-efi-3.0.18//lib/print.c:1431:(.text+0x78c): undefined reference to `__aeabi_i2d'
arm-buildroot-linux-gnueabi-ld: /output-1/build/gnu-efi-3.0.18//lib/print.c:1431:(.text+0x7a0): undefined reference to `__aeabi_dsub'
arm-buildroot-linux-gnueabi-ld: /output-1/build/gnu-efi-3.0.18//lib/print.c:1431:(.text+0x7a4): undefined reference to `__aeabi_d2f'
arm-buildroot-linux-gnueabi-ld: /output-1/build/gnu-efi-3.0.18//lib/print.c:1432:(.text+0x7b4): undefined reference to `__aeabi_fcmplt'
arm-buildroot-linux-gnueabi-ld: /output-1/build/gnu-efi-3.0.18//lib/print.c:1438:(.text+0x7c8): undefined reference to `__aeabi_fmul'
arm-buildroot-linux-gnueabi-ld: /output-1/build/gnu-efi-3.0.18//lib/print.c:1440:(.text+0x7d4): undefined reference to `__aeabi_fcmpeq'
arm-buildroot-linux-gnueabi-ld: /output-1/build/gnu-efi-3.0.18//lib/print.c:1444:(.text+0x7f8): undefined reference to `__aeabi_fmul'
arm-buildroot-linux-gnueabi-ld: /output-1/build/gnu-efi-3.0.18//lib/print.c:1440:(.text+0x808): undefined reference to `__aeabi_fcmpeq'
arm-buildroot-linux-gnueabi-ld: /output-1/build/gnu-efi-3.0.18//lib/print.c:1440:(.text+0x818): undefined reference to `__aeabi_f2iz'
arm-buildroot-linux-gnueabi-ld: /output-1/build/gnu-efi-3.0.18//lib/print.c:1451:(.text+0x834): undefined reference to `__aeabi_i2f'
arm-buildroot-linux-gnueabi-ld: /output-1/build/gnu-efi-3.0.18//lib/print.c:1451:(.text+0x840): undefined reference to `__aeabi_fcmpeq'
arm-buildroot-linux-gnueabi-ld: /output-1/build/gnu-efi-3.0.18//lib/print.c:1453:(.text+0x858): undefined reference to `__aeabi_fmul'
arm-buildroot-linux-gnueabi-ld: /output-1/build/gnu-efi-3.0.18//lib/print.c:1451:(.text+0x860): undefined reference to `__aeabi_f2iz'
arm-buildroot-linux-gnueabi-ld: /output-1/build/gnu-efi-3.0.18//lib/print.c:1451:(.text+0x868): undefined reference to `__aeabi_i2f'
arm-buildroot-linux-gnueabi-ld: /output-1/build/gnu-efi-3.0.18//lib/print.c:1451:(.text+0x870): undefined reference to `__aeabi_fcmpeq'
arm-buildroot-linux-gnueabi-ld: /output-1/build/gnu-efi-3.0.18//lib/print.c:1451:(.text+0x89c): undefined reference to `__aeabi_f2iz'
Since we don't care about gnu-efi support on ARM soft-float
configurations, let's disable such configurations.
Note that we have chosen to use BR2_ARM_SOFT_FLOAT as we're for now
making this specific to ARM as we're not sure what is the situation on
other CPU architectures (for example RISC-V without FPU maybe). This
can be revisited once we get more data on the behavior on other CPU
architectures that can support soft-float.
Fixes:
http://autobuild.buildroot.net/results/98d955fd2fcf4a3db1ab46e4f553447031a23b92/
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit b62f2f7f12a381c2e8d4aeb9562b6dfc87728589)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Since the bump of gnu-efi to version 3.0.17 in Buildroot commit
fa9893ad8f, the build of gnu-efi fails
on ARM big endian and AArch64 big endian.
Indeed, since that bump, gnu-efi builds some "apps", using a special
linker file part of gnu-efi that explicitly sets the architecture:
OUTPUT_FORMAT("elf32-littlearm", "elf32-littlearm", "elf32-littlearm")
OUTPUT_FORMAT("elf64-littleaarch64", "elf64-littleaarch64", "elf64-littleaarch64")
Due to this, big endian builds are now failing:
armeb-buildroot-linux-gnueabi-ld: ../gnuefi/crt0-efi-arm.o: compiled for a big endian system and target is little endian
armeb-buildroot-linux-gnueabi-ld: failed to merge target specific data of file ../gnuefi/crt0-efi-arm.o
Since we are not really interested in supporting gnu-efi on ARM big
endian and AArch64 big endian and it is not supported upstream, let's
disabled on those architectures.
Fixes:
http://autobuild.buildroot.org/results/4d385d6759346e19664d0bded1e419f004f82b47/ (ARM big endian)
http://autobuild.buildroot.net/results/b6df43408ca4cd469962c96d49d9ac7935b6dbe9/ (AArch64 big endian)
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 308d2c992714520844b2dd96a4d79d688afcd28a)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Import a patch that has been accepted upstream and fixes build failures
caused by a missing explicit cast to EGLNativeWindowType.
Fixes: http://autobuild.buildroot.net/results/92c5cc3134e92c263a0cbb4c05ef8956569e434b/
Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 0904d3a2ee4132b2611a86d14da60285080d1adb)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Changes with nginx 1.26.2 14 Aug 2024
*) Security: processing of a specially crafted mp4 file by the
ngx_http_mp4_module might cause a worker process crash
(CVE-2024-7347).
Thanks to Nils Bars.
Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 8f31fea6d038c3390ab480e4c27837b8c720597b)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Compilation with -Os triggers this assembler problem.
The problematic C code contains a long switch statement, so
everything looks like GCC Bug 104028 is triggered.
Fixes:
- http://autobuild.buildroot.net/results/db5/db58215fb3c7f30b6c0f0764a84271010346edfb
Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 6362dd1d1416949cfccb2469f4da4c52b4ac8491)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Without the unbound user the daemon does not start on bootup.
Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 67e6d0a3f1a0893183885b947f4472ef4c04bfc4)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security issues:
- gh-115398: Allow controlling Expat >=2.6.0 reparse deferral
(CVE-2023-52425) by adding five new methods:
xml.etree.ElementTree.XMLParser.flush()
xml.etree.ElementTree.XMLPullParser.flush()
xml.parsers.expat.xmlparser.GetReparseDeferralEnabled()
xml.parsers.expat.xmlparser.SetReparseDeferralEnabled()
xml.sax.expatreader.ExpatParser.flush()
- gh-115243: Fix possible crashes in collections.deque.index() when the
deque is concurrently modified.
- gh-114572: ssl.SSLContext.cert_store_stats() and
ssl.SSLContext.get_ca_certs() now correctly lock access to the certificate
store, when the ssl.SSLContext is shared across multiple threads.
For more details, see the changelog:
https://docs.python.org/release/3.11.9/whatsnew/changelog.html#python-3-11-9
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This commit backports an upstream patch to fix CVE-2024-39936.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This commit backports two upstream patches needed to fix
CVE-2023-34410. According to the CVE details, both patches are needed
for the fix.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This commit backports upstream patches that are needed to fix
CVE-2023-37369. The second one is the actual CVE fix, the first one is
needed to only backporting the second patch in a reasonable way.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This commit backports upstream patches that are needed to fix
CVE-2023-51714. The second one is the actual CVE fix, the first one is
needed to only backporting the second patch in a reasonable way.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This commit backports an upstream patch to fix CVE-2023-38197, which
requires 3 other patches to be backported in order to work properly.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This commit backports some upstream commits to fix CVE-2023-32763.
To backport the CVE fix, we had to backport two other related patches
to make the backport reasonably clean/straightforward.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This commit backports an upstream patch that fixes CVE-2023-32762.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This commit backports an upstream patch that fixes CVE-2023-33285.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This commit backports an upstream patch fixing CVE-2023-32573.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes:
http://autobuild.buildroot.net/results/94fd27ea48c4128033ad10cf0dc5dba3f5d97a02/
Commit 4aff9fae45 (package/am335x-pru-package: fix download
issue) updated the filename and hash of the package, but something went
wrong when adjusting the hash for 2024.02.x.
Investigating the local tarball shows that the permissions in the tarball were
were wrong:
diffoscope old-dl/am335x-pru-package/am335x-pru-package-5f374*-br1.tar.gz \
dl/am335x-pru-package/am335x-pru-package-5f374*-br1.tar.gz | \
grep 96/.gitignore
│ │ --rw-rw-rw- 0 0 0 199 2016-02-10 20:56:25.000000 am335x-pru-package-5f374ad57cc195f28bf5e585c3d446aba6ee7096/.gitignore
│ │ +-rw-r--r-- 0 0 0 199 2016-02-10 20:56:25.000000 am335x-pru-package-5f374ad57cc195f28bf5e585c3d446aba6ee7096/.gitignore
And indeed, the file does have mode 666 in the git repo:
ls -lah old-dl/am335x-pru-package/git/.gitignore
-rw-rw-rw- 1 peko peko 199 Aug 31 18:16 old-dl/am335x-pru-package/git/.gitignore
It is unclear how this happened, maybe an issue with switching between
master/2024.05.x/2024.02.x.
Adjust the hash to match what is should have been instead.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The download and homepage URL for this project have been
updated. The old site no longer works.
Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 2a547e2c424ac08d8741dc557aee968f1b659735)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Removed patch which is included in this release, autoreconf is not needed
anymore.
Updated license hash due to copyright year bump:
7b947051d5
Fixes CVE-2024-26306.
Release notes:
https://github.com/esnet/iperf/releases/tag/3.17.1https://github.com/esnet/iperf/releases/tag/3.17
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 9d9a0db3d8b471ccf1721312450337ff53ed4a35)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit 9f94b3b354 "package/iperf3: bump to version 3.16" updated
the package but forgot to reflect a breaking change mentioned in
the release note [1], "iperf3 now requires pthreads and C atomic
variables to compile and run".
When the toolchain has no atomic support, or the libatomic is not
added in the linker flags, the compilation now fail with output:
arm-buildroot-linux-gnueabi/bin/ld: ./.libs/libiperf.so: undefined reference to '__atomic_load_8'
This issue can be seen when running the iperf3 runtime test, with
command:
support/testing/run-tests \
-d dl -o output_test \
tests.package.test_iperf3
This commit fixes the issue by adding a dependency on
BR2_TOOLCHAIN_HAS_ATOMIC and by adding an upstream patch to detect
if linking to libatomic is needed.
Fixes: [2]
[1] https://github.com/esnet/iperf/releases/tag/3.16
[2] https://gitlab.com/buildroot.org/buildroot/-/jobs/6466933622
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit f10488a411)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes:
http://autobuild.buildroot.net/results/e613fc777051be6325d7e3c088d5f723fab518fa/
Signed-off-by: J. Neuschäfer <j.neuschaefer@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 2a700617cc1aa14deb9f4e4f5c63e19c77901389)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: José Luis Salvador Rufo <salvador.joseluis@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 08edb3c22a61b6de28e1472faceaebc3399b6537)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
<ariel@vanguardiasur.com.ar>: host aspmx.l.google.com[2a00:1450:400c:c07::1a]
said: 550-5.2.1 The email account that you tried to reach is inactive. For
more 550-5.2.1 information, go to 550 5.2.1
https://support.google.com/mail/?p=DisabledUser
ffacd0b85a97d-36bbd075381si7797549f8f.548 - gsmtp (in reply to RCPT TO
command)
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 53116d091562fb260460382fa295738323decf3d)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Django 5.0.7 fixes the following CVEs:
* CVE-2024-38875: Potential denial-of-service vulnerability in django.utils.html.urlize()
* CVE-2024-39329: Username enumeration through timing difference for users with unusable passwords
* CVE-2024-39330: Potential directory-traversal via Storage.save()
* CVE-2024-39614: Potential denial-of-service vulnerability in get_supported_language_variant()
Django 5.0.8 fixes the following CVEs:
* CVE-2024-41989: Memory exhaustion in django.utils.numberformat.floatformat()
* CVE-2024-41990: Potential denial-of-service vulnerability in django.utils.html.urlize()
* CVE-2024-41991: Potential denial-of-service vulnerability in django.utils.html.urlize() and AdminURLFieldWidget
* CVE-2024-42005: Potential SQL injection in QuerySet.values() and values_list()
Further release Notes: https://docs.djangoproject.com/en/5.0/releases/
Signed-off-by: Marcus Hoffmann <buildroot@bubu1.eu>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit f777ce1fd6b9e0537593a70940dc23f4ca177054)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
