>From the release notes
(http://ftp.isc.org/isc/bind9/9.11.4-P2/RELEASE-NOTES-bind-9.11.4-P2.txt):
* There was a long-existing flaw in the documentation for ms-self,
krb5-self, ms-subdomain, and krb5-subdomain rules in update-policy
statements. Though the policies worked as intended, operators who
configured their servers according to the misleading documentation may
have thought zone updates were more restricted than they were; users of
these rule types are advised to review the documentation and correct
their configurations if necessary. New rule types matching the
previously documented behavior will be introduced in a future maintenance
release. [GL !708]
* named could crash during recursive processing of DNAME records when
deny-answer-aliases was in use. This flaw is disclosed in CVE-2018-5740.
[GL #387]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security issues:
- CVE-2018-16543: In Artifex Ghostscript before 9.24, gssetresolution and
gsgetresolution allow attackers to have an unspecified impact
- CVE-2018-17183: Artifex Ghostscript before 9.25 allowed a user-writable
error exception table, which could be used by remote attackers able to
supply crafted PostScript to potentially overwrite or replace error
handlers to inject code.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Carlos O'Donell (1):
Fix tst-setcontext9 for optimized small stacks.
DJ Delorie (3):
RISC-V: Fix rounding save/restore bug.
Regen RISC-V rvd ULPs
Improve ChangeLog message.
Florian Weimer (6):
Linux: Rewrite __old_getdents64 [BZ #23497]
error, error_at_line: Add missing va_end calls
nscd: Deallocate existing user names in file parser
nss_files: Fix file stream leak in aliases lookup [BZ #23521]
regex: Add test tst-regcomp-truncated [BZ #23578]
misc: New test misc/tst-gethostid
H.J. Lu (1):
i386: Use ENTRY and END in start.S [BZ #23606]
Martin Kuchta (1):
pthread_cond_broadcast: Fix waiters-after-spinning case [BZ #23538]
Mingli Yu (1):
Linux gethostid: Check for NULL value from gethostbyname_r [BZ #23679]
Paul Eggert (1):
regex: fix uninitialized memory access
Samuel Thibault (2):
hurd: Add missing symbols for proper libc_get/setspecific
hurd: Avoid PLTs for __pthread_get/setspecific
Stefan Liebler (1):
Fix segfault in maybe_script_execute.
Wilco Dijkstra (1):
Fix strstr bug with huge needles (bug 23637)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
HAProxy is a free, very fast and reliable solution offering
high availability, load balancing, and proxying for TCP and
HTTP-based applications.
http://www.haproxy.org
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Bump the package to the most up to date version and fix the sha256 hash.
linux-firmware was failing due to an incorrect sha256 hash, as follows:
Fetching all references
warning: redirecting to https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git/
remote: Counting objects: 6972, done.
remote: Total 6972 (delta 0), reused 0 (delta 0)
Receiving objects: 100% (6972/6972), 196.63 MiB | 4.22 MiB/s, done.
Resolving deltas: 100% (4516/4516), done.
>From http://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware
* [new branch] master -> origin/master
warning: redirecting to https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git/
warning: refname '8d69bab7a3da1913113ea98cefb73d5fa6988286' is ambiguous.
Git normally never creates a ref that ends with 40 hex characters
because it will be ignored when you just specify 40-hex. These refs
may be created by mistake. For example,
git checkout -b $br $(git rev-parse ...)
where "$br" is somehow empty and a 40-hex ref is created. Please
examine these refs and maybe delete them. Turn this message off by
running "git config advice.objectNameWarning false"
ERROR: linux-firmware-8d69bab7a3da1913113ea98cefb73d5fa6988286.tar.gz has wrong sha256 hash:
ERROR: expected: 905be20e4e2d7628dea4e2e99195520fc0cce8b247faabdc52fc44a3ff2ceb04
ERROR: got : b9fce72a7b0b55eb311701dfd47914bc9e037134fa401d33e6e73ab9ebc9d116
ERROR: Incomplete download, or man-in-the-middle (MITM) attack
Signed-off-by: Erico Nunes <nunes.erico@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Bump the kernel version to 4.18.10.
Tested with qemu 2.11.2 on bios and UEFI virtual machines.
Signed-off-by: Erico Nunes <nunes.erico@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The latest uClibc-ng version (1.0.30) provides clock_nanosleep() even
for non NPTL configurations.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Don't display comment if BR2_USE_MMU is true
Moreover, move BR2_USE_MMU dependency at the top of dependency list
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Acked-by: Kurt Van Dijck <dev.kurt@vandijck-laurijssen.be>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Update LICENSE.adoc: change was zlib and year bump.
Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The libXdmcp configure script uses pkg-config, but the Buildroot
package does not depend on host-pkgconf. This is not seen by the
autobuilders most likely because another package that is always built
before libXdmcp builds pkg-config.
However, running:
$ make xlib_libXdmcp
triggers the following build failure:
checking pkg-config is at least version 0.9.0... ./configure: line 12323: /home/thomas/projets/buildroot/output/host/bin/pkg-config: No such file or directory
no
[...]
checking for XDMCP... configure: error: in `/home/thomas/projets/buildroot/output/build/xlib_libXdmcp-1.1.2':
configure: error: The pkg-config script could not be found or is too old. Make sure it
is in your PATH or set the PKG_CONFIG environment variable to the full
path to pkg-config.
This was detected using per-package target/host folders, because with
this, only the dependencies explicitly expressed by a package are
available to the package.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
- Move to cmake infrastructure
- Do not enforce zlib dependency
- Add optional bzip2 dependency
- Add mandatory host-pkgconf and libbsd dependency
- Remove miniunzip from Config.in, miniunzip (miniunz) has been merged
with minizip:
a66cc31fac
- Add hash for license file
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
