Fixes the following security issue:
- MEDIUM: Sec 3661: Memory leak with CMAC keys
Systems that use a CMAC algorithm in ntp.keys will not release a bit of
memory on each packet that uses a CMAC key, eventually causing ntpd to run
out of memory and fail. The CMAC cleanup from https://bugs.ntp.org/3447,
part of ntp-4.2.8p11 and ntp-4.3.97, introduced a bug whereby the CMAC
data structure was no longer completely removed.
https://support.ntp.org/bin/view/Main/SecurityNotice#June_2020_ntp_4_2_8p15_NTP_Relea
Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit d6d4557b7a)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Bump jq package to latest to fix seg fault errors reported at
https://github.com/stedolan/jq/issues/2003
Signed-off-by: Lyle Franklin <lylejfranklin@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit c94794175f)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This is a minor release which provides fixes for CVE-2020-9800,
CVE-2020-9802, CVE-2020-9803, CVE-2020-9805, CVE-2020-9806,
CVE-2020-9807, CVE-2020-9843, CVE-2020-9850, and CVE-2020-13753.
Updating from 2.28.2 also brings in the usual batch of fixes, including
important improvements to threading in the media player. Full release
notes can be found at:
https://webkitgtk.org/2020/07/09/webkitgtk2.28.3-released.html
A detailed security advisory can be found at:
https://webkitgtk.org/security/WSA-2020-0006.html
Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit fa1185412e)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This is a minor release which provides fixes for CVE-2020-9800,
CVE-2020-9802, CVE-2020-9803, CVE-2020-9805, CVE-2020-9806,
CVE-2020-9807, CVE-2020-9843, CVE-2020-9850, and CVE-2020-13753.
Updating from 2.28.2 also brings in the usual batch of fixes, including
important improvements to threading in the media player. Full release
notes can be found at:
https://wpewebkit.org/release/wpewebkit-2.28.3.html
A detailed security advisory can be found at:
https://wpewebkit.org/security/WSA-2020-0006.html
Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit aa2c6cfd31)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Quoting https://www.php.net/
"For windows users running an official build, this release contains a
patched version of libcurl addressing CVE-2020-8159.
For all other consumers of PHP, this is a bug fix release."
Changelog: https://www.php.net/ChangeLog-7.php#7.4.8
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit a6a500bb99)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following CVEs:
- CVE-2019-19923 (Fixed in 3.31.0)
SQLite is vulnerable to denial-of-service condition because of a NULL
pointer dereferencing while handling `SELECT DISTINCT`statements.
- CVE-2019-19924 (Fixed in 3.31.0)
The SQLite mishandles certain SQL commands due to improper error
handling by ` sqlite3WindowRewrite() ` function.
- CVE-2020-13435 (Fixed in 3.32.1)
SQLite is vulnerable to denial-of-service (DoS) due to improper handling
of query rewriting. An attacker could exploit this vulnerability by
supplying a system with maliciously crafted input.
- CVE-2020-13632 (Fixed in 3.32.0)
SQLite is vulnerable to denial-of-service (DoS) due to improper pointer
management in the FTS3 virtual table module. An attacker could exploit
this vulnerability by supplying a system with maliciously crafted input.
- CVE-2020-13434 (Fixed in 3.32.1)
SQLite is vulnerable to denial-of-service (DoS) due to improper handling
of floating-point operations. An attacker could exploit this
vulnerability by supplying a system with maliciously crafted input.
- CVE-2020-13871 (Fixed in 3.32.3)
SQLite 3.32.2 has a use-after-free in resetAccumulator in select.c
because the parse tree rewrite for window functions is too late.
- CVE-2020-13630 (Fixed in 3.32.0)
SQLite is vulnerable to denial-of-service (DoS) due to a use after free
issue in the FTS3 virtual table module. An attacker could exploit this
vulnerability by supplying a system with maliciously crafted input.
- CVE-2020-15358 (Fixed in 3.32.3)
SQLite is vulnerable to a heap-based buffer overflow flaw in part of an
optimization feature. An attacker able to issue specially crafted
queries could cause the application to crash, resulting in a
denial-of-service (DoS).
- CVE-2020-9327 (Fixed in 3.32.0)
SQLite is vulnerable to a Null pointer dereference flaw. A remote
attacker able to issue specially crafted SQL statements may be able to
cause a segmentation fault and application crash, resulting in a
denial-of-service (DoS).
- CVE-2019-19645 (Fixed in 3.31.0)
It was discovered that SQLite contains an denial-of-service (DoS)
vulnerability. An attacker could exploit this to trigger an infinite
recursion resulting in excessive resource consumption leading to a DoS
condition.
- CVE-2019-19926 (Fixed in 3.31.0)
The SQLite allows denial-of-service attack due to improper input
validation of user-supplied input.
- CVE-2020-11655 (Fixed in 3.32.0)
SQLite contains a memory corruption vulnerability. Successfully
exploiting this issue may allow attackers to cause a denial-of-service
(DoS). This allows an attacker to cause SQLite to crash by issuing a
crafted SQL query to the database.
- CVE-2019-19925 (Fixed in 3.31.0)
The INSERT statement fails when the zip file path is `NULL`.
- CVE-2019-19242 (Fixed in 3.31.0)
SQLite is vulnerable to a denial-of-service (DoS). An attacker could
exploit this vulnerability by supplying a maliciously crafted query to
cause an application crash.
- CVE-2019-19244 (Fixed in 3.31.0)
SQLite is vulnerable to a denial-of-service. An attacker could exploit
this vulnerability by providing a crafted SELECT statement to the SQL
server, resulting in an application crash.
- CVE-2020-13631 (Fixed in 3.32.0)
SQLite is vulnerable to data manipulation due to improper management of
virtual tables. An attacker could exploit this vulnerability by
supplying a system with maliciously crafted input.
- CVE-2020-11656 (Fixed in 3.32.0)
SQLite contains a Use-After-Free vulnerability. Successfully exploiting
this issue may allow attackers to cause a denial-of-service (DoS). This
allows an attacker to cause SQLite to crash by issuing a crafted SQL
query to the database.
- CVE-2019-19880 (Fixed in 3.31.0)
SQLite is vulnerable to denial-of-service (DoS) due to the mismanagement
of memory resources. A remote attacker could cause a victim's instance
of the application to crash by submitting crafted request that will lead
to the application parsing problematic integer values.
- CVE-2019-20218 (Fixed in 3.31.0)
SQLite is vulnerable to denial-of-service (DoS) due to improper
exception handling which could lead to unwinding of the `WITH` stack
following parsing errors. An attacker could exploit this vulnerability
by supplying a system with maliciously crafted input.
- CVE-2019-19603 (Fixed in 3.31.0)
It was discovered that SQLite contains a denial-of-service (DoS)
vulnerability. An authenticated attacker could exploit this
vulnerability by creating tables with the same name as shadow table
names.
- CVE-2019-19959 (Fixed in 3.31.0)
SQLite is vulnerable to denial-of-service (DoS) due to the mismanagement
of system memory resources. A remote attacker could cause a victim's
instance of the application to crash by causing it to process a SQL
statement that references a maliciously crafted file name.
- CVE-2019-19646 (Fixed in 3.31.0)
SQLite is vulnerable to a denial-of-service (DoS). An attacker could
exploit this vulnerability by supplying malicious SQL in order to crash
the application.
- CVE-2019-19317 (Fixed in 3.31.0)
SQLite contains a denial-of-service (DoS) vulnerability due to incorrect
logic in name lookups. An attacker could exploit this to cause a
application crash.
Signed-off-by: Sam Voss <sam.voss@rockwellcollins.com>
CC: Peter Korsgard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit a231f01e4b)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This won't enable install to staging unless capitalized.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit b6141b2aa1)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Removed patch which was applied upstream, reformatted hashes.
Release notes:
https://lists.gnu.org/archive/html/libmicrohttpd/2020-06/msg00013.html
"This release fixes a potential buffer overflow and is thus considered a
security release. Please upgrade as soon as possible."
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 7a9a554cfc)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Video4Linux2 plugins can udev for device probing and monitor.
This greatly improves load time and monitoring performance.
It also enables hotplug monitoring for cameras.
gstreamer is libglib2-based; libgudev is libnglib2-based. So they both
have the same basic dependencies as liblib2 has, and thus propagating
the dependencies of libgudev is not necessary (but might be confusing in
the future, even though such a change is highly unlikely...)
Signed-off-by: Nicolas Dufresne <nicolas.dufresne@collabora.com>
Signed-off-by: Ezequiel Garcia <ezequiel@collabora.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit f50086e59f)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit 0737f48c5f (package/poco: disable build for riscv) did not
propagate the new dependency on BR2_riscv to the comment.
Introduce BR2_PACKAGE_POCO_ARCH_SUPPORTS to solve this issue.
Signed-off-by: Julien Olivain <juju@cotds.org>
[yann.morin.1998@free.fr:
- reword the commit log
- use separate 'depend on !arch'
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 4f733a4de7)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The output of 'find' depends on the directory entries, and is not
ordered. As a consequence, the cpio archive is not reproducible.
Fix that by sorting the output of find. Use the 'C' locale to enforce
reproducibility that does not depend on the locale.
The command line is now pretty long, so we wrap it.
Signed-off-by: Yurii Monakov <monakov.y@gmail.com>
[yann.morin.1998@free.fr:
- use LC_ALL=C when sorting
- wrap long line
- reword commit log
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 4728fdd4c0)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
When using precompiled headers, changing any macros defined on the
command line will invalidate the precompiled header. With
toolchain-wrapper adding __DATE__ and __TIME__, any commits to Buildroot
will invalidate incremental builds regardless of whether the precompiled
header actually uses those values (affecting _OVERRIDE_SRCDIR).
GCC-7 and later support SOURCE_DATE_EPOCH and use it to define __DATE__
and __TIME__ internally, avoiding any impact on precompiled headers.
Disable the custom handling in toolchain-wrapper if GCC is version 7 or
newer.
Signed-off-by: John Keeping <john@metanate.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 408bc354a9)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
When booting, a Raspberry Pi will load the appropriate start files,
depending on the provided configuration. For example, if the config.txt
file contains ’gpu_mem=16’ the board will automatically load the
cut-down startup files (start_cd.elf and fixup_cd.dat on non-Rpi4).
Unfortunately, even when the appropriate version is selected in the
configuration menu, if the rpi-firmware makefile takes the good files,
it renames them to non-qualified, i.e. start.elf and fixup.dat. But as
these are not the files searched by the Raspberry Pi, the board will not
start.
This patch will set the names of the files to load as constant in the
config.txt file. This guarantees that the rpi firmware blobs do not take
any other corner-case decision based on any other as-yet unknown
conditions.
This eases the maintenance, as only the names of the source files
matter; the destination filenames are constants, and so are the
filenames in config.txt.
Fixes: #13026
Signed-off-by: Stéphane Veyret <sveyret@gmail.com>
[yann.morin.1998@free.fr:
- very minor fix in commit title
- drop the non-conditional macro and move its content into
RPI_FIRMWARE_INSTALL_IMAGES_CMDS
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 1bdc0334ff)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This fixes a possible loop-forever bug.
Release notes:
https://github.com/martinh/libconfuse/releases/tag/v3.3
Signed-off-by: Frank Hunleth <fhunleth@troodon-software.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 2747d96714)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
BSD style locks such as implemented by flock are translated to POSIX
advisory file locks (implemented by the fcntl system call on Linux). It
is not possible to lock a directory using POSIX advisory file locks.
Hence, the lock strategy used by Buildroot doesn't work when used over
NFS.
Using flock on a simple file works correctly though, so use a '.lock'
file inside the download directory instead. If the lockfile does not
exist, flock will create it (in a race-free fashion).
Tested using NFS v4.2 and Linux 5.4.43.
Signed-off-by: Maxim Cournoyer <maxim.cournoyer@savoirfairelinux.com>
[yann.morin.1998@free.fr:
- slightly expand commit log about creation of the lockfile
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 2e9d6565fc)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
We are using autotools build system for sdl2, so the sdl2-config.cmake
include path are not resolved like for sdl2-config script [1].
Remove sdl2-config.cmake file and avoid unsafe include path if this
file is used by a cmake based package.
This trigger an issue with ogre 1.12.6 package that replaced
FindSDL2.cmake by sdl2-config.cmake [2].
Thanks to Pavel Rojtberg for the help [3].
[1] https://bugzilla.libsdl.org/show_bug.cgi?id=4597
[2] 6de6f9b408
[3] https://github.com/OGRECave/ogre/issues/1568
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit d59261836a)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Nicolas Robin <nrosfs@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit fe29913fa9)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Nicolas Robin <nrosfs@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit f6cd56b9ce)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Nicolas Robin <nrosfs@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit a14a962983)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This update brings in a few build fixes only. In particular the
one for EGL implementations which use oddball definitions of the
EGLNativeDisplayType type might be needed for some configurations.
Full release notes:
https://wpewebkit.org/release/wpebackend-fdo-1.6.1.html
Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit bbada0c2ec)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
CVE-2020-8177: curl overwrite local file with -J.
CVE-2020-8169: Partial password leak over DNS on HTTP redirect.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 8370769d4a)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 88aebf5fcb)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Includes a number of bugfixes and updates to build against newer stable
kernels.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 5a7d6bab6c)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This patch fix the irrlicht makefile which contains the paths
that point to the host system libraries that are not used and
are not available in Buildroot what's unsafe for cross-compilation.
In addition it fixes linking to the X11 libraries and the following errors:
/home/bartekk/buildroot/output/host/opt/ext-toolchain/bin/../lib/gcc/arm-buildroot-linux-gnueabihf/9.2.0/../../../../arm-buildroot-linux-gnueabihf/bin/ld: /home/bartekk/buildroot/output/host/arm-buildroot-linux-gnueabihf/sysroot/usr/lib/libIrrlicht.so: undefined reference to `XSetSelectionOwner'
/home/bartekk/buildroot/output/host/opt/ext-toolchain/bin/../lib/gcc/arm-buildroot-linux-gnueabihf/9.2.0/../../../../arm-buildroot-linux-gnueabihf/bin/ld: /home/bartekk/buildroot/output/host/arm-buildroot-linux-gnueabihf/sysroot/usr/lib/libIrrlicht.so: undefined reference to `glXGetProcAddress'
/home/bartekk/buildroot/output/host/opt/ext-toolchain/bin/../lib/gcc/arm-buildroot-linux-gnueabihf/9.2.0/../../../../arm-buildroot-linux-gnueabihf/bin/ld: /home/bartekk/buildroot/output/host/arm-buildroot-linux-gnueabihf/sysroot/usr/lib/libIrrlicht.so: undefined reference to `glXMakeCurrent'
/home/bartekk/buildroot/output/host/opt/ext-toolchain/bin/../lib/gcc/arm-buildroot-linux-gnueabihf/9.2.0/../../../../arm-buildroot-linux-gnueabihf/bin/ld: /home/bartekk/buildroot/output/host/arm-buildroot-linux-gnueabihf/sysroot/usr/lib/libIrrlicht.so: undefined reference to `XF86VidModeSetViewPort'
/home/bartekk/buildroot/output/host/opt/ext-toolchain/bin/../lib/gcc/arm-buildroot-linux-gnueabihf/9.2.0/../../../../arm-buildroot-linux-gnueabihf/bin/ld: /home/bartekk/buildroot/output/host/arm-buildroot-linux-gnueabihf/sysroot/usr/lib/libIrrlicht.so: undefined reference to `XF86VidModeSwitchToMode'
/home/bartekk/buildroot/output/host/opt/ext-toolchain/bin/../lib/gcc/arm-buildroot-linux-gnueabihf/9.2.0/../../../../arm-buildroot-linux-gnueabihf/bin/ld: /home/bartekk/buildroot/output/host/arm-buildroot-linux-gnueabihf/sysroot/usr/lib/libIrrlicht.so: undefined reference to `glClearDepth'
/home/bartekk/buildroot/output/host/opt/ext-toolchain/bin/../lib/gcc/arm-buildroot-linux-gnueabihf/9.2.0/../../../../arm-buildroot-linux-gnueabihf/bin/ld: /home/bartekk/buildroot/output/host/arm-buildroot-linux-gnueabihf/sysroot/usr/lib/libIrrlicht.so: undefined reference to `XGetVisualInfo'
/home/bartekk/buildroot/output/host/opt/ext-toolchain/bin/../lib/gcc/arm-buildroot-linux-gnueabihf/9.2.0/../../../../arm-buildroot-linux-gnueabihf/bin/ld: /home/bartekk/buildroot/output/host/arm-buildroot-linux-gnueabihf/sysroot/usr/lib/libIrrlicht.so: undefined reference to `XGrabKeyboard'
/home/bartekk/buildroot/output/host/opt/ext-toolchain/bin/../lib/gcc/arm-buildroot-linux-gnueabihf/9.2.0/../../../../arm-buildroot-linux-gnueabihf/bin/ld: /home/bartekk/buildroot/output/host/arm-buildroot-linux-gnueabihf/sysroot/usr/lib/libIrrlicht.so: undefined reference to `glMatrixMode'
Signed-off-by: Bartosz Bilas <b.bilas@grinn-global.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 98c57af89d)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Assignment in conditional blocks must use append-assignment.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 92d73f31b2)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Without this patch, openssl_abyss is enabled if openssl is built before
libxmlrpc
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 32844dfd99)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Since v3.6.14 gnutls wants to use the 'e' flag with fopen to set the
O_CLOEXEC flags. Since this is a glibc extension, it will trigger a
gnulib override of fopen on non-glibc systems, but that override
breaks the uClibc stdio.h header.
Fixes:
http://autobuild.buildroot.org/results/02f/02f2b524add307c8f7cc1af1ed0783bb1baf029a
Signed-off-by: Stefan Sørensen <stefan.sorensen@spectralink.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 838f67c27f)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security issue:
* CVE-2020-13777: It was found that GnuTLS 3.6.4 introduced a
regression in the TLS protocol implementation. This caused the TLS
server to not securely construct a session ticket encryption key
considering the application supplied secret, allowing a MitM
attacker to bypass authentication in TLS 1.3 and recover previous
conversations in TLS 1.2
Release announcement:
https://lists.gnupg.org/pipermail/gnutls-help/2020-June/004648.html
Signed-off-by: Stefan Sørensen <stefan.sorensen@spectralink.com>
[yann.morin.1998@free.fr: two spaces in hash file]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 16ea3ee784)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The LICENSE file is MIT, not BSD. The confusion comes from the license info
in setup.py, which stated BSD until (post-0.14.2):
669129a3d3
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit d682a3aeb9)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Contains mitigations for the Special Register Buffer Data Sampling
(CVE-2020-0543), Vector Register Sampling (CVE-2020-0548) and L1D
Eviction Sampling (CVE-2020-0549) hardware vulnerabilities.
For more details, see the advisories:
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00320.htmlhttps://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00329.html
Adjust the license hash for a change of copyright year:
-Copyright (c) 2018-2019 Intel Corporation.
+Copyright (c) 2018-2020 Intel Corporation.
And adjust the .hash file to use two spaces.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 05c1049e10)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add two patches from upstream merge request ([1] to fix compile
and runtime failures in case of linux kernel >= 5.3.
[1] https://github.com/abperiasamy/rtl8812AU_8821AU_linux/pull/316
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit de61548933)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit 1ebb35ee5f changed the libopenssl
target architecture to 'linux-generic64' for 64-bit archs based on
BR2_ARCH_IS_64. However, MIPS64n32 has BR2_ARCH_IS_64 set, but is a 32-bit
ABI. On such board, libopenssl needs to be configured with linux-generic32
to function properly.
One symptom of this problem is that ssh-keygen hangs on key generation,
waiting for more random bits. See [1] for the discussion with openssl
upstream.
Thanks to Ronny Meeus for investigating the issue and kudos to the openssl
community for their responsive and helpful interaction!
Reported-by: Ronny Meeus <ronny.meeus@nokia.com>
Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
[1] https://mta.openssl.org/pipermail/openssl-users/2020-June/012565.html
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 42718e13d2)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Mutt before 1.14.3 allows an IMAP fcc/postpone man-in-the-middle attack
via a PREAUTH response.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 6756a3504c)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security issues:
- bpo-40121: Fixes audit events raised on creating a new socket
- bpo-38576: Disallow control characters in hostnames in http.client,
addressing CVE-2019-18348. Such potentially malicious header injection
URLs now cause a InvalidURL to be raised.
- bpo-39503: CVE-2020-8492: The AbstractBasicAuthHandler class of the
urllib.request module uses an inefficient regular expression which can be
exploited by an attacker to cause a denial of service. Fix the regex to
prevent the catastrophic backtracking. Vulnerability reported by Ben
Caller and Matt Schwager.
For more details, see the changelog:
https://docs.python.org/release/3.8.3/whatsnew/changelog.html#security
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 5ff01eb31f)
[Peter: mention security impact]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
