The version bump doesn't inherently fix the security issues, however the
added CVE patches do, which fix:
CVE-2016-2147 - out of bounds write (heap) due to integer underflow in
udhcpc.
CVE-2016-2148 - heap-based buffer overflow in OPTION_6RD parsing.
Drop patches that are upstream as well.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The target name is qt5base, not qt5.
[Peter: extend commit message]
Signed-off-by: David Picard <davepiq@yahoo.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
It was accidentaly dropped in the loaders cache rework, shame on me.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
0003-thread-Posix-Mutex-Cond-use-constexpr-only-with-glib.patch is
upstream so remove it.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This version of Qwt is compatible with both Qt and Qt5. This patch
adds the option to compile it for Qt5.
Signed-off-by: David Picard <davepiq@yahoo.fr>
[Thomas: slightly adjust the OpenGL dependencies.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Rework the selection of Qt options in the qwt package to make it
easier to support other versions of Qt than just Qt4. Instead of
depending on Qt options, we select the ones we need, and simply have a
global "depends on BR2_PACKAGE_QT". This also allows to remove a
comment that becomes useless.
Signed-off-by: David Picard <davepiq@yahoo.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
There were two readme files (one for flashing on NAND and one to create a
SD card) in different places. Merge them and update the SD card
generation part since all Xplained boards are supported and the -u
option of sfdisk is obsolete on latest versions.
Signed-off-by: Ludovic Desroches <ludovic.desroches@atmel.com>
[Thomas: adjust the explanations, move the SD card section after the
NAND flash section.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
This defconfig allows to build all the components to boot from a sd card on a
SAMA5D2 Xplained board. For more details, please read the
board/atmel/readme.txt file.
Signed-off-by: Ludovic Desroches <ludovic.desroches@atmel.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
This variant of SAMA5D4 Xplained defconfig file allows to boot from a SD
card.
Signed-off-by: Ludovic Desroches <ludovic.desroches@atmel.com>
[Thomas: remove host-samba from the package selection, not needed when
booting from SD card.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Unify and update the defconfig files for Atmel Xplained boards:
- use at91bootstrap as first stage bootloader instead of u-boot spl
- build all dtb variants
- bump to linux4sam_5.2
Signed-off-by: Ludovic Desroches <ludovic.desroches@atmel.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
After the commit f67a4f50e2 "gcc: preserve CXXFLAGS_FOR_TARGET"
target CFLAGS are passed to all libraries bundled with gcc. This breaks
libsanitizer on gcc-4.9.x when building with _FILE_OFFSET_BITS=64:
error: size of array ‘assertion_failed__837’ is negative
...
libsanitizer/sanitizer_common/sanitizer_platform_limits_posix.cc:837:1:
note: in expansion of macro ‘CHECK_SIZE_AND_OFFSET’
CHECK_SIZE_AND_OFFSET(dirent, d_ino);
This issue is fixed in the libsanitizer mainline and in gcc-5.x.
There's no issue with gcc-4.8.x and earlier.
Reported-by: Julien CORJON <corjon.j@ecagroup.com>
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Backported from: https://llvm.org/svn/llvm-project/compiler-rt/trunk@220328
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
0006-fix-Error-allocating-memory-for-pkgDataFlags.-compil.patch is
upstream so drop it.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Create the gdk pixbuf loaders cache file at build time rather than run
time, since the root filesytem can be read-only.
We also didn't cater for systemd-based systems, so this solves two
issues at once.
The only side-effect is that we must now pull host-gdk-pixbuf into
target gdk-pixbuf dependencies, but generally users will have gdk-pixbuf
selected if they use libgtk2/3 which already pull in host-gdk-pixbuf.
And remove initscript correspondingly.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
libaio support is now automatic so drop the enable/disable (it will fall
back to pthread aio if libaio is not present).
0002-build-improve-stack-protector-check.patch is upstream so remove it.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
packages shouldn't select libgtk3 directly, just depend on it, like for
libgtk2.
In the past libgtk3 didn't require any *GL backend and the dead-end
solution/last resort was the broadway (networked) gdk backend - though
not very useful it didn't require any funky dependencies.
But now we do. Fixes:
http://autobuild.buildroot.net/results/794/794c7ed221432e46a810fc281732ba417cd4cda3/
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
DES is terribly outdated and a security vulnerability.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>