As tomli is no longer required for bootstrapping our pep517 toolchain
we no longer need to use flit-bootstrap for the host package.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This is a separate U-Boot package that allows to build the
intermediate SPL binary for the Cortex-R5 core on TI's k3
platforms. Usually, the resulting SPL will be used for k3-image-gen to
build the full R5 boot binary tiboot3.bin.
Signed-off-by: Xuanhao Shi <x-shi@ti.com>
Signed-off-by: Anand Gadiyar <gadiyar@ti.com>
Reviewed-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Acked-by: Andrew Davis <afd@ti.com>
Tested-by: Bryan Brattlof <bb@ti.com>
Cc: Romain Naour <romain.naour@gmail.com>
Cc: Francois Perrad <francois.perrad@gadz.org>
Reviewed-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
[Bernd:
- switched to actively maintained fork
- package/Config.in: moved to "Hardware handling" (Peter)
- added toolchain dependencies (Thomas)
- added license hash
- fixed build errors related to iconv and execinfo (Peter)
- removed hook HDDTEMP_REMOVE_MAN (Thomas)
- install hddtemp.db to target
- added build/install _CMDS due to
https://github.com/vitlav/hddtemp/issues/5]
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
[yann.morin.1998@free.fr:
- use GETTEXTIZE=YES, drop host-gettext from _DEPENDENCIES
- drop custom build and install commands now that we gettextize
- explicitly specify the DB path, introduce HDDTEMP_DB_PATH
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The host-python-tomli dependency is not required on python version
3.11 and newer.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The host-python-tomli dependency is not required on python version
3.11 and newer.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The host-python-tomli dependency is not required on python version
3.11 and newer.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This patch fixes a problem in the vck190 boot.bin generation as it should be
using the u-boot.dtb as the u-boot device tree and not the Linux system.dtb.
While both dtbs are basically the same, it is better not to mix this up.
Signed-off-by: Neal Frager <neal.frager@amd.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Since commit
5bbc20154e ("configs/zynqmp_kria_kv260_defconfig:
bump to Xilinx 2022.2"), we're using U-Boot version Xilinx 2022.2,
which already carries the psu_init_gpl.c, causing the build to fail as
our patch doesn't apply.
Fix this by dropping the no longer needed patch.
Fixes: 5bbc20154e ("configs/zynqmp_kria_kv260_defconfig: bump to Xilinx 2022.2")
Signed-off-by: Neal Frager <neal.frager@amd.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Since commit
3c997c457a ("configs/zynqmp_zcu106_defconfig:
bump to Xilinx 2022.2"), we're using U-Boot version Xilinx 2022.2,
which already carries the psu_init_gpl.c, causing the build to fail as
our patch doesn't apply.
Fix this by dropping the no longer needed patch.
Fixes: 3c997c457a ("configs/zynqmp_zcu106_defconfig: bump to Xilinx 2022.2")
Signed-off-by: Neal Frager <neal.frager@amd.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Enable blowfish in openssl to fix the following build failure raised
since the addition of the package in commit
72fa60dc10:
src/sscep.c: In function 'get_cipher_alg':
src/sscep.c:123:24: warning: implicit declaration of function 'EVP_bf_cbc'; did you mean 'EVP_sm4_cbc'? [-Wimplicit-function-declaration]
123 | return EVP_bf_cbc();
| ^~~~~~~~~~
| EVP_sm4_cbc
Fixes:
- http://autobuild.buildroot.org/results/55d2c481d8c148fb3bb61c1331340bcd71274553
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Reviewed-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This patch moves the board/zynqmp/kria/kv260/uboot.fragment file
to the board/zynqmp/kria directory. The reason is that this file
is the same for any kria starter kit and is not specific to the kv260.
By moving the file, it can be logically re-used with the kr260 when
support for this starter kit is added to buildroot.
KR260 Starter Kit:
https://www.xilinx.com/products/som/kria/kr260-robotics-starter-kit.html
Signed-off-by: Neal Frager <neal.frager@amd.com>
Reviewed-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
When building/configure meson packages the following warning is
displayed:
WARNING: Running the setup command as meson [options] instead
of meson setup [options] is ambiguous and deprecated.
This warning was introduced in meson release 0.64.0 [0], which we are
using since commit 9afa3e3c7d (package/meson: bump to version 0.64.0),
and is dpcumented in the manual [1].
Follow the advise and the manual, and add the 'setup' argument as the
meson command.
[0] 3c7ab542c0
[1] https://mesonbuild.com/Commands.html#setup
Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Commit d590003e31 (package/pcsc-lite: needs gcc >= 4.9) propagated
that new dependency to a bunch of packages that select pcsc-lite.
Then commit 8aaa7ecbce (package/opensc: new package) introduced
opensc, which selects pcsc-lite. However, the package was submitted
before the dependency to gcc 4.8+ was added to pcsc-lite, and that was
missed during the review.
Add it now.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
When applying 917a961d9c (package/optee-client: bump to version
3.19.0), a last-minute change was made in Config.in to change the
dependency to util-linux instead of util-linux-libs, but the
counterpart to that change in the .mk was omitted.
Fix that now.
Reported-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Commit eb2f2886b2 ("package/swupdate:
add staging install") has introduced some commands indented with
spaces, which check-package doesn't like.
Fix that by using tabs instead, and while we're at it, wrap the line
that is a bit too long.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bug fixes and code cleanups.
https://www.open-mesh.org/news/110
Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Partial mitigations for CVE-2022-39253 Git vulnerability and other fixes:
https://github.com/moby/moby/releases/tag/v20.10.21
Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Partial mitigations for CVE-2022-39253 Git vulnerability and other fixes:
https://github.com/moby/moby/releases/tag/v20.10.21
Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
SWupdate provides API for external programs, so some headers and
libraries must be install to staging.
This patch installs headers and libs to STAGING_DIR, to prevent a
header name collision a subdirectory /usr/include/swupdate creates.
Signed-off-by: Andrey Grafin <conquistador@yandex-team.ru>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This bump will fix the following build failure without NPTL thanks to
27f2b8400c
which is raised since bump to version 2.13.2 in commit
8e5f2d0f8e and
014d7d3b5e:
In file included from thread.c:10:
../../src/common/compat/pthread.h: In function 'lttng_pthread_setname_np':
../../src/common/compat/pthread.h:63:27: error: 'LTTNG_UST_ABI_PROCNAME_LEN' undeclared (first use in this function)
63 | if (strnlen(name, LTTNG_UST_ABI_PROCNAME_LEN) >= LTTNG_UST_ABI_PROCNAME_LEN) {
| ^~~~~~~~~~~~~~~~~~~~~~~~~~
https://github.com/lttng/lttng-tools/blob/v2.13.8/ChangeLog
Fixes:
- http://autobuild.buildroot.org/results/bbc8d6621822bb5da7513331e69799ca25a03f66
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fix CVE-2022-46149: Cap'n Proto is a data interchange format and remote
procedure call (RPC) system. Cap'n Proro prior to versions 0.7.1, 0.8.1,
0.9.2, and 0.10.3, as well as versions of Cap'n Proto's Rust
implementation prior to 0.13.7, 0.14.11, and 0.15.2 are vulnerable to
out-of-bounds read due to logic error handling list-of-list. This issue
may lead someone to remotely segfault a peer by sending it a malicious
message, if the victim performs certain actions on a list-of-pointer
type. Exfiltration of memory is possible if the victim performs
additional certain actions on a list-of-pointer type. To be vulnerable,
an application must perform a specific sequence of actions, described in
the GitHub Security Advisory. The bug is present in inlined code,
therefore the fix will require rebuilding dependent applications. Cap'n
Proto has C++ fixes available in versions 0.7.1, 0.8.1, 0.9.2, and
0.10.3.
https://github.com/capnproto/capnproto/security/advisories/GHSA-qqff-4vw4-f6hxhttps://dwrensha.github.io/capnproto-rust/2022/11/30/out_of_bounds_memory_access_bug.html
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fixes the following security issues:
- CVE-2022-3550: A vulnerability classified as critical was found in X.org
Server. Affected by this vulnerability is the function _GetCountedString
of the file xkb/xkb.c. The manipulation leads to buffer overflow. It is
recommended to apply a patch to fix this issue. The associated identifier
of this vulnerability is VDB-211051.
- CVE-2022-3551: A vulnerability, which was classified as problematic, has
been found in X.org Server. Affected by this issue is the function
ProcXkbGetKbdByName of the file xkb/xkb.c. The manipulation leads to
memory leak. It is recommended to apply a patch to fix this issue. The
identifier of this vulnerability is VDB-211052.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fixes the following security issues:
- CVE-2022-37325: A zero length Called or Calling Party Number can cause a
buffer under-run and Asterisk crash.
https://downloads.asterisk.org/pub/security/AST-2022-007.html
- CVE-2022-42705: Use after free in res_pjsip_pubsub.c may allow a remote
authenticated attacker to crash Asterisk (denial of service) by performing
activity on a subscription via a reliable transport at the same time
Asterisk is also performing activty on that subscription.
https://downloads.asterisk.org/pub/security/AST-2022-008.html
- CVE-2022-42706: AMI Users with “config” permissions may read files outside
of Asterisk directory via GetConfig AMI Action even if “live_dangerously"
is set to "no"
https://downloads.asterisk.org/pub/security/AST-2022-009.html
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
