Fixes the following security vulnerability:
CVE-2019-9740: An issue was discovered in urllib2 in Python 2.x through
2.7.16 and urllib in Python 3.x through 3.7.3. CRLF injection is possible
if the attacker controls a url parameter, as demonstrated by the first
argument to urllib.request.urlopen with \r\n (specifically in the query
string after a ? character) followed by an HTTP header or a Redis command.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
quagga has its own copy of getopt_long() instead of using the system's,
and this copy also defines the opterr and optind variables. Obviously,
this is only apparent when linking statically.
This problem can easily be avoided by making sure that getopt() itself
is defined too. This way, there is no reason any more to pull in libc's
getopt() and the corresponding definitions of opterr and optind. Note
that getopt() itself is pulled in by netsnmp, not by quagga itself.
Fortunately, there's a REALLY_NEED_PLAIN_GETOPT flag that we can define
to make sure getopt() does get built by quagga. We can safely do this
unconditionally (instead of only when BR2_PACKAGE_QUAGGA_SNMP and
BR2_STATIC_LIBS are enabled): without netsnmp, getopt() will simply not
be used, and with dynamic libs there's no risk of conflicts anyway.
Fixes:
http://autobuild.buildroot.net/results/0ac598c2259a8d7e8b72d4e8ed95079675b31b84
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Cc: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit d7215f2bbb)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
host-cloop needs _GNU_SOURCE for loff_t otherwise build fails with gcc
8.3.0 on:
extract_compressed_fs.c: In function 'main':
extract_compressed_fs.c:55:2: error: unknown type name 'loff_t'; did you mean 'off_t'?
loff_t *offsets;
Fixes:
- No autobuilder failures
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit edf97df877)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix the build of host-qemu with virtfs enabled: fix a typo in makefile
conditional and add a dependency on host-libcap as that is a dependency of
virtfs support:
if test "$virtfs" != no && test "$cap" = yes && test "$attr" = yes ; then
virtfs=yes
The virtfs configuration option was added by commit e0f49e6484
("package/qemu: add option to enable virtual filesystem in host qemu").
Signed-off-by: Vincent Stehlé <vincent.stehle@arm.com>
Cc: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 499dfc9410)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security issues:
CVE-2019-14232: Denial-of-service possibility in django.utils.text.Truncator
If django.utils.text.Truncator's chars() and words() methods were passed the
html=True argument, they were extremely slow to evaluate certain inputs due
to a catastrophic backtracking vulnerability in a regular expression. The
chars() and words() methods are used to implement the truncatechars_html and
truncatewords_html template filters, which were thus vulnerable.
The regular expressions used by Truncator have been simplified in order to
avoid potential backtracking issues. As a consequence, trailing punctuation
may now at times be included in the truncated output.
CVE-2019-14233: Denial-of-service possibility in strip_tags()
Due to the behavior of the underlying HTMLParser,
django.utils.html.strip_tags() would be extremely slow to evaluate certain
inputs containing large sequences of nested incomplete HTML entities. The
strip_tags() method is used to implement the corresponding striptags
template filter, which was thus also vulnerable.
strip_tags() now avoids recursive calls to HTMLParser when progress removing
tags, but necessarily incomplete HTML entities, stops being made.
Remember that absolutely NO guarantee is provided about the results of
strip_tags() being HTML safe. So NEVER mark safe the result of a
strip_tags() call without escaping it first, for example with
django.utils.html.escape().
CVE-2019-14234: SQL injection possibility in key and index lookups for
JSONField/HStoreField
Key and index lookups for django.contrib.postgres.fields.JSONField and key
lookups for django.contrib.postgres.fields.HStoreField were subject to SQL
injection, using a suitably crafted dictionary, with dictionary expansion,
as the **kwargs passed to QuerySet.filter().
CVE-2019-14235: Potential memory exhaustion in
django.utils.encoding.uri_to_iri()
If passed certain inputs, django.utils.encoding.uri_to_iri could lead to
significant memory usage due to excessive recursion when re-percent-encoding
invalid UTF-8 octet sequences.
uri_to_iri() now avoids recursion when re-percent-encoding invalid UTF-8
octet sequences.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The bump of webkitgtk to 2.24.3 in commit
3ff05d9094 forgot to drop a patch that
was upstreamed, and is now part of 2.24.3, causing a build failure, so
let's drop this patch.
Fixes:
http://autobuild.buildroot.net/results/4d7bffd20344f06ca719b7c8083b81053b255aa5/
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit d069301d63)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
With Microblaze Gcc version < 8.x the build hangs due to gcc bug
85180: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85180. The bug
shows up when building git with optimization but not when building with
-O0. To work around this, if BR2_TOOLCHAIN_HAS_GCC_BUG_85180=y we force
using -O0.
Fixes:
http://autobuild.buildroot.net/results/7ad/7adff001631053ae5a3cb3e176d321f6a2d3cceb/
Signed-off-by: Giulio Benetti <giulio.benetti@micronovasrl.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 7c7c0e4406)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The proj package exhibits gcc bug 68485 when built for the Microblaze
architecture with optimization enabled, which causes a build failure.
As done for other packages in Buildroot work around this gcc bug by
setting optimization to -O0 if BR2_TOOLCHAIN_HAS_GCC_BUG_68485=y.
Fixes:
http://autobuild.buildroot.net/results/e61/e61bd55067071415223e523a81de3c2e9cafea6f/
Signed-off-by: Giulio Benetti <giulio.benetti@micronovasrl.com>
Tested-by: Zoltan Gyarmati <zgyarmati@zgyarmati.de>
Acked-by: Zoltan Gyarmati <zgyarmati@zgyarmati.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit c99665cde7)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Currently libnss is configured with BUILD_OPT=1 and due to that that
it doesn't take into account Buildroot TARGET_CFLAGS nor
TARGET_LDFLAGS resulting in pre-chosen optimizations and debugging
symbols being used.
We can't pass TARGET_CFLAGS through CFLAGS or similar otherwise other
internal libnss one will be overwritten (i.e. -fPIC), so we prefer to
append TARGET_CFLAGS at the end of Linux.mk as well as TARGET_LDFLAGS
according to internal libnss Makefile system's names. And obviously
remove BUILD_OPT=1 from BUILD_VARS.
This reveals hidden bugs when building with -Os due to bogus
uninitialized warnings from gcc turned into errors because of -Werror,
so we explicitly pass NSS_ENABLE_WERROR=0 to avoid the use of -Werror.
Signed-off-by: Giulio Benetti <giulio.benetti@micronovasrl.com>
[Thomas: drop the libnss patches, and pass NSS_ENABLE_WERROR instead]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 5e787b0014)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Move site from http to https as HTTP URL now returns
"301 Moved Permanently"
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit e7609a80b6)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* exp_inter.c: [https://sourceforge.net/p/expect/patches/22/]
Fix interact bug - handle reads of 0 length on
non-blocking channels by explicitly checking if the channel
is non-blocking. Fix by Jack Bates.
* expect.c: [https://sourceforge.net/p/expect/patches/21/]
Fix eof bug introduced with previous bug fix - ensure that data
received just before an eof is processed. Fix by Sergei Golovan.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 6fffbffb6f)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Upstream pushes their delivery archives in to places:
https://download.qt.io/official_releases/https://download.qt.io/archive/
After a while, only the latter remains, whith the former being pruned
actively to contain only officially supported versions.
Switch to using the archive location, as it has everything, even the
latest versions.
Signed-off-by: "Yann E. MORIN" <yann.morin@orange.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 675d38dd65)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The 4.11.2 release brings a large number of fixes:
https://xenproject.org/downloads/xen-project-archives/xen-project-4-11-series/xen-project-4-11-2/
Including a number of security fixes:
XSA-284: grant table transfer issues on large hosts
XSA-285: race with pass-through device hotplug
XSA-287: x86: steal_page violates page_struct access discipline
XSA-288: x86: Inconsistent PV IOMMU discipline
XSA-290: missing preemption in x86 PV page table unvalidation
XSA-291: x86/PV: page type reference counting issue with failed IOMMU update
XSA-292: x86: insufficient TLB flushing when using PCID
XSA-293: x86: PV kernel context switch corruption
XSA-294: x86 shadow: Insufficient TLB flushing when using PCID
XSA-295: Unlimited Arm Atomics Operations
XSA-297: Microarchitectural Data Sampling speculative side channel
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 2905569284)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security issues:
CVE-2019-12827: A specially crafted SIP in-dialog MESSAGE message can cause
Asterisk to crash:
https://downloads.asterisk.org/pub/security/AST-2019-002.html
CVE-2019-13161: When T.38 faxing is done in Asterisk a T.38 reinvite may be
sent to an endpoint to switch it to T.38. If the endpoint responds with an
improperly formatted SDP answer including both a T.38 UDPTL stream and an
audio or video stream containing only codecs not allowed on the SIP peer or
user a crash will occur. The code incorrectly assumes that there will be at
least one common codec when T.38 is also in the SDP answer:
https://downloads.asterisk.org/pub/security/AST-2019-003.html
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 2cb389deca)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit cb60af6002)
[Peter: drop 5.x bump]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes CVE-2019-13917:
http://www.exim.org/static/doc/security/CVE-2019-13917.txtd185889f47
added new code to "Prebuild the data structure for builtin macros".
This function needs a host-built binary called macro_predef, it depends
on host-berkeleydb, host-pcre and optionally on host-openssl.
With an openssl-enabled exim the host build of macro_predef will fail
if host-openssl is missing:
/usr/bin/gcc -DMACRO_PREDEF macro_predef.c
In file included from hash.h:14,
from exim.h:485,
from macro_predef.c:11:
sha_ver.h:37:12: fatal error: openssl/ssl.h: No such file or directory
because macro_predef also has the an optional dependency on openssl:
https://github.com/Exim/exim/blob/exim-4.92%2Bfixes/src/src/macro_predef.c#L130
Removed patches applied upstream:
0004: 98913c8ea2
0005: cf3cd30606
0007: 7ea1237c78 (diff-58af16fe62ea674adf1730edc078d175R6243)
Added patch to fix uClibc build.
Added license hash, switched _SITE to https.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 1d3fe88d08)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Needed for the upcoming Exim security version bump.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit d4ec3c1596)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
openvmtools detects and uses an external RPC library if RPC is not
supported by the toolchain C library, so let's select package/libtirpc
when necessary.
Signed-off-by: Simon Rowe <simon.rowe@citrix.com>
[Thomas: add missing dependency on libtirpc]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit d006737faa)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Since version 3.4.1 [1], opencv disable pkg-config while cross-compiling to
avoid host headers/libraries poisoning.
Due to this, opencv fail to detect ffmpeg, gstreamer and gtk dependencies
even if the corresponding support is requested by
BR2_PACKAGE_OPENCV3_WITH_{FFMPEG,GSTREAMER,GTK2,GTK3}.
Maybe other dependencies are affected by this issue...
While configuring opencv we can notice the following messages:
"-- OpenCV disables pkg-config to avoid using of host libraries. Consider using PKG_CONFIG_LIBDIR to specify target SYSROOT"
"-- Can't find ffmpeg - 'pkg-config' utility is missing"
As the result ffmpeg and gstreamer are not enabled:
-- Video I/O:
-- FFMPEG: NO
-- avcodec: NO
-- avformat: NO
-- avutil: NO
-- swscale: NO
-- avresample: NO
-- GStreamer: NO
-- libv4l/libv4l2: NO
-- v4l/v4l2: linux/videodev2.h
We can fixes this by adding a new option OPENCV_ENABLE_PKG_CONFIG=ON
-- Video I/O:
-- FFMPEG: YES
-- avcodec: YES (ver 58.35.100)
-- avformat: YES (ver 58.20.100)
-- avutil: YES (ver 56.22.100)
-- swscale: YES (ver 5.3.100)
-- avresample: YES (ver 4.0.0)
-- GStreamer:
-- base: YES (ver 1.16.0)
-- video: YES (ver 1.16.0)
-- app: YES (ver 1.16.0)
-- riff: YES (ver 1.16.0)
-- pbutils: YES (ver 1.16.0)
-- libv4l/libv4l2: NO
-- v4l/v4l2: linux/videodev2.h
Add host-pkgconf in the dependencies.
If there is a path poisoning issue, it will be detected by the toolchain
paranoid wrapper.
[1] c4f9ff0285
Signed-off-by: Romain Naour <romain.naour@smile.fr>
Cc: Samuel Martin <s.martin49@gmail.com>
Cc: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Cc: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 41f5ee957c)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The licensing information, and especially the name of the license file,
is known only for the official v1.4 version. For example, in later
versions, the license file has been renamed.
Since we can't be sure of the licensing information for custom versions,
or for versions from git, define that only for the known v1.4 version.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Adam Duskett <aduskett@gmail.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit d1a61703f7)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
With Microblaze Gcc version < 8.x the build hangs due to gcc bug
85180: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85180. The bug
shows up when building xlib_libXfont with optimization but not when
building with -O0. To work around this, if
BR2_TOOLCHAIN_HAS_GCC_BUG_85180=y we force using -O0.
Fixes:
http://autobuild.buildroot.net/results/7c6/7c64becbf06a1e00e41b7ddb95dd0c65bf364eb7/
Signed-off-by: Giulio Benetti <giulio.benetti@micronovasrl.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 6910e723a9)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
A very small fix for the progress meter regression in 7.65.2.
See https://curl.haxx.se/mail/lib-2019-07/0052.html
Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 3fac250944)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Contains a number of fixes for issues discovered post-7.65.1.
For details, see full changelog:
https://curl.haxx.se/changes.html#7_65_2
Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 28e91cf3a0)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
idna requires unicodedata:
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
File "usr/lib/python3.7/site-packages/idna/__init__.py", line 2, in <module>
File "usr/lib/python3.7/site-packages/idna/core.py", line 3, in <module>
ModuleNotFoundError: No module named 'unicodedata'
Signed-off-by: Alex Xu <alex_y_xu@yahoo.ca>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 9177475111)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
We export GZIP = -n so that GZIP does not record original
name and timestamps. However..
GZIP environment variable is deprecated and soon will not be
supported in future GZIP versions. GZIP suggests the use of a
wrapper to pass options globally but it might be difficult to
implement in Buildroot. For now, we don't export the variable
and fix reproducibility issues per package as they show up in
Autobuilder.
Signed-off-by: Atharva Lele <itsatharva@gmail.com>
Acked-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit d590b37633)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Using the GZIP environment variable to pass gzip options is
deprecated, and therefore we are going to remove the "GZIP = -n"
definition from the main Buildroot Makefile. In preparation for this,
we explicitly add the -n argument to the gzip call in fs/common.mk to
ensure reproducibility.
Signed-off-by: Atharva Lele <itsatharva@gmail.com>
Acked-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 44d17dd128)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
When -Dintrospection=false is not passed, the meson script
auto-detects the host g-ir-scanner, which is not usable in a
cross-compile environment.
Signed-off-by: Alex Xu <alex_y_xu@yahoo.ca>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 6afc3edd41)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
intltool is not needed since version 2.49.90 and
f539b7ebdb
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 454d2a32ee)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Replace utf-8 NO-BREAK-SPACE (c2 a0) in comment line by simple
ascii space character.
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 695f20cd0c)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Replace install target by install-lib target to avoid building and
installing cryptest.exe
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit bd1ba229be)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
In commit 39dde1ffb6 ("package/brotli:
work around gcc bug 68485"), a mistake was made: when
BR2_TOOLCHAIN_HAS_GCC_BUG_68485=y, we're only passing -O0 as CFLAGS,
completely ignoring TARGET_CFLAGS, which is not good.
This commit fixes that by introducing a BROTLI_CFLAGS variable,
initially defined to TARGET_CFLAGS, and to which we add -O0 when
BR2_TOOLCHAIN_HAS_GCC_BUG_68485=y.
Signed-off-by: Giulio Benetti <giulio.benetti@micronovasrl.com>
[Thomas: rework commit log]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 657ffee375)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
With Microblaze Gcc version <= 9.x the build fails due to gcc bug 68485:
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=68485. The bug show up when
building brotli with optimization but not when building with -O0. To
work around this, if BR2_TOOLCHAIN_HAS_GCC_BUG_68458=y, we force using
-O0.
Fixes:
http://autobuild.buildroot.net/results/d86/d86251974a0a348a64d9a1d1fd7d02dd4aff0792/
Signed-off-by: Giulio Benetti <giulio.benetti@micronovasrl.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
(cherry picked from commit 39dde1ffb6)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Use TARGET_CONFIGURE_OPTS to pass -static in LDFLAGS when building
statically
Fixes:
- http://autobuild.buildroot.org/results/12c08173f83315fb68fe3c3d34a78ed919ba5a79
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit df781e31ca)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Bump to version 4.3.2 did not update sha256 hash
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 2312a83288)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security issue:
CVE-2019-13132: a remote, unauthenticated client connecting to a
libzmq application, running with a socket listening with CURVE
encryption/authentication enabled, may cause a stack overflow and
overwrite the stack with arbitrary data, due to a buffer overflow in
the library. Users running public servers with the above configuration
are highly encouraged to upgrade as soon as possible, as there are no
known mitigations. All versions from 4.0.0 and upwards are affected.
Thank you Fang-Pen Lin for finding the issue and reporting it!
Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
[Peter: mention security impact]
(cherry picked from commit 45e5cd5a2b)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
