Fixes CVE-2018-12910: The get_cookies function in soup-cookie-jar.c in
libsoup 2.63.2 allows attackers to have unspecified impact via an empty
hostname.
Cc: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
btrfs will happily use an existing destination file if it
already exists, increasing its size if needed. Hoever, it
will never decrease the size, even if the requested size
is smaller than the existing file.
So, remove any previously existing destination file before
generating the new filesystem.
Note: the original submission by Robert did that, but as
this case was not obvious, the removal was dropped by a
refactoring when the patch was initially applied.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Robert J. Heywood <robert.heywood@codethink.co.uk>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
[Thomas: use $@ instead of $(@), use $(RM) instead of rm.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Update license info, and remove the patch since it's already on upstream.
Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This patch makes it possible to format the rootfs using btrfs. It
introduces the option; BR2_TARGET_ROOTFS_BTRFS.
When selected, the user is able to specify the filesystem size, label,
options, and node and sector sizes. The new files are based on
fs/ext2/{Config.in,ext2.mk}
Signed-off-by: Robert J. Heywood <robert.heywood@codethink.co.uk>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Tested-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
[Thomas:
- fix issues pointed by Yann (duplicated empty line, missing quotes
around default values for string options)
- use -f option so that we don't have to remove the image file before
creating it again
- use the --byte-count option to set the filesystem size, which
avoids the need for doing a "truncate -s"
- remove the possible explanation of a mkfs.btrfs error. Indeed,
mkfs.btrfs automatically extends the size of the image as needed,
so the size passed can never be "too small".
- fix check-package warnings in Config.in file.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
When the dynamic/static library of i2c-tools is enabled it is installed
to the target destination. However, in order for external packages to
link against it, it must also be installed to staging.
Here, the flag is set to install the package to staging. The
INSTALL_STAGING command is included to complete the operation.
Signed-off-by: Brad Love <brad@nextdimension.cc>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Extend i2c-tools SPDX identifiers to include the library license.
Also include COPYING.LGPL and README to license files.
The ic2-tools readme states:
LICENSE
Check the documentation of individual tools for licensing information.
The library is released under the LGPL version 2.1 or later, while most
tools are released under the GPL version 2 or later, but there are a few
exceptions.
Signed-off-by: Brad Love <brad@nextdimension.cc>
[Thomas: add hashes for COPYING.LGPL and README.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Drop upstream patch.
Cc: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Acked-by: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The configure script now detects toolchain support for the -std=gnu90
flag. This fixes build with gcc older than 4.5.
Should fix:
http://autobuild.buildroot.net/results/802/802dd4d7eec058c2eb23e033ed3a093b110f4eda/
Cc: Robert J. Heywood <robert.heywood@codethink.co.uk>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Reviewed-by: "Robert J. Heywood" <robert.heywood@codethink.co.uk>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Removed patch 0001, applied upstream.
Replaced patch 0002 with a more generic solution as patch 0001.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Jack2 audio server is part of buildroot, but the jack gst plugins are
disabled completely in gst1-plugins-good, whether or not jack2 is
selected. This changes the logic so that if the build system
determines that the jack2 audio server is selected, then the jack
plugins are enabled. If the plugins are enabled, then jack2 is also
added as a dependency to gst1-plugins-good.
Signed-off-by: Brad Love <brad@nextdimension.cc>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This patch bumps the sam-ba package to version 2.18 and
adds hashes for license files.
Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Release notes: https://www.samba.org/samba/history/samba-4.8.4.html
Fixes
o CVE-2018-1139 (Weak authentication protocol allowed.)
o CVE-2018-1140 (Denial of Service Attack on DNS and LDAP server.)
o CVE-2018-10858 (Insufficient input validation on client directory
listing in libsmbclient.)
o CVE-2018-10918 (Denial of Service Attack on AD DC DRSUAPI server.)
o CVE-2018-10919 (Confidential attribute disclosure from the AD LDAP
server.)
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
These versions received their last updated more than three months ago
and are no longer supported according to
https://www.kernel.org/category/releases.html, so drop them and add
legacy entries.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
[Thomas: select an older kernel headers (4.9) rather than a newer one
(4.14) in the legacy handling of 4.10, 4.11, 4.12 and 4.13.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
tini uses fork(), so needs an MMU.
Fixes:
http://autobuild.buildroot.org/results/410/410ad9ea6a6652a7db691f537acb38db279b996a/
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Matt Weber <matthew.weber@rockwellcollins.com>
Cc: Christian Stewart <christian@paral.in>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Changelog:
https://metacpan.org/changes/distribution/Crypt-OpenSSL-RSA
Added new build dependency to host-perl-crypt-openssl-guess and force
it to search for openssl in STAGING_DIR. Added license hash. Updated
_SITE according to scancpan.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Changelog:
https://metacpan.org/changes/distribution/Crypt-OpenSSL-Random
Added new build dependency to host-perl-crypt-openssl-guess and force
it to search for openssl in STAGING_DIR. Added license hash.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Needed for upcoming version bumps of perl-crypt-openssl-random and
perl-crypt-openssl-rsa, only host-package is needed.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
As reported by Yann E. Morin, it is more readable when all disable
options are grouped together, and all enable options are grouped
together. Fix this in e2fsprogs.mk.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
e2fsprogs is only needed to build the btrfs-convert program, that
allows to convert an existing ext2 filesystem into a btrfs
filesystem. Not everybody needs to do that and making this dependency
optional is nicer, so this is what this patch does.
Note that btrfs-progs also supports converting from reiserfs, which is
why the --with-convert option supports a list of filesystems. Since
Buildroot has no package for the reiserfs library, we for now only
support the ext2 case, with e2fsprogs as a dependency.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The btrfs-convert tool is used to convert an existing ext2 or reiserfs
filesystem into a btrfs filesystem. On the host, this is not really
useful, so let's disable building this tool, which allows to drop the
host-e2fsprogs dependency.
The host-util-linux dependency becomes necessary: it was previously
brought as a second-order dependency of host-e2fsprogs, but since we
no longer depend on host-e2fsprogs, we now need to explicitly depend
on host-util-linux.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
By default, the e2fsprogs package builds and installs only static
libraries, unless --enable-elf-shlibs is passed. For the target
variant, we pass the appropriate
--enable-elf-shlibs/--disable-elf-shlibs options, but not for the host
package, and therefore static e2fsprogs libraries get installed.
However, on the host, our policy is to build shared libraries and not
static libraries, as visible in the default configure options passed
to host package in pkg-autotools.mk (--enable-shared
--disable-static). Let's do the same with e2fsprogs.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
By default, the lzo package builds and installs only a static
library. For the target variant, we pass the appropriate
ENABLE_STATIC/ENABLE_SHARED options, but not for the host package, and
therefore a static lzo library gets installed.
However, on the host, our policy is to build shared libraries and not
static libraries, as visible in the default configure options passed
to host package in pkg-autotools.mk (--enable-shared
--disable-static). Let's do the same with lzo.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Blobs for arm64(aarch64) and r8p1 version are now available at Bootlin
Github.
So:
- Bump version to latest commit:
For arm64 architecture and r8p1 version.
git shortlog --no-merges cb3e8ece9b2c3a70cbeb3204cd6f30eceaa32023..
Giulio Benetti (1):
Reorder folders splitting includes and libraries.
Maxime Ripard (6):
Move binaries to an arch subfolder
Make x11 binaries path consistent
Add r6p2 arm wayland blobs
Add r6p2 arm64 blobs
Add r8p1 fbdev blobs
Add r8p1 arm64 fbdev blobs
- Add support for them also under arm64(aarch64) architecture copying the
right blobs according to architecture(arm or arm64) checking if BR2_arm
or BR2_aarch64 is enabled.
Only BR2_arm needs to provide BR2_ARM_EABIHF, so check must be done only
in that case.
- Mali-blobs repository folder layout has been reordered, so modify path
when copying headers and libraries.
- When copying libraries copy only *.so* files to avoid useless files to
end into target folder.
Signed-off-by: Giulio Benetti <giulio.benetti@micronovasrl.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This adds a new option to build the btrfs toolset for the host, which
can be useful to prepare a btrfs filesystem image for the target.
Signed-off-by: Robert J. Heywood <robert.heywood@codethink.co.uk>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Update to ATF v1.4 (tested on the actual hardware).
Signed-off-by: Gustavo Pimentel <gustavo.pimentel@synopsys.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
ATF in version 1.2 fails to build with:
./build/juno/release/bl1/context_mgmt.o: In function `cm_prepare_el3_exit':
context_mgmt.c:(.text.cm_prepare_el3_exit+0x54): undefined reference to `cm_set_next_context'
context_mgmt.c:(.text.cm_prepare_el3_exit+0x54): relocation truncated to fit: R_AARCH64_JUMP26 against undefined symbol `cm_set_next_context'
This has been fixed in ATF v1.3. Even though there are even newer
versions of ATF available, we take a conservative approach, and bump
to the first version that has the build issue fixed.
Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/88314771
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Release notes: https://mariadb.com/kb/en/mariadb-10217-release-notes/
Changelog: https://mariadb.com/kb/en/mariadb-10217-changelog/
Note that HOST_MARIADB_CONF_OPTS += -DWITH_SSL=bundled has been changed to
HOST_MARIADB_CONF_OPTS += -DWITH_SSL=OFF in order to prevent the following
configure error:
CMake Error at /usr/share/cmake-3.11/Modules/FindPackageHandleStandardArgs.cmake:137 (message):
Could NOT find GnuTLS (missing: GNUTLS_LIBRARY GNUTLS_INCLUDE_DIR)
(Required is at least version "3.3.24")
Call Stack (most recent call first):
/usr/share/cmake-3.11/Modules/FindPackageHandleStandardArgs.cmake:378 (_FPHSA_FAILURE_MESSAGE)
/usr/share/cmake-3.11/Modules/FindGnuTLS.cmake:54 (FIND_PACKAGE_HANDLE_STANDARD_ARGS)
libmariadb/CMakeLists.txt:303 (FIND_PACKAGE)
RocksDB is also disabled to prevent the following build error in some
configurations:
./buildroot/output/build/mariadb-10.2.17/storage/rocksdb/rocksdb/utilities/backupable/backupable_db.cc:327:38: error: field 'result' has incomplete type 'std::promise<rocksdb::BackupEngineImpl::CopyOrCreateResult>'
std::promise<CopyOrCreateResult> result;
./buildroot/output/build/mariadb-10.2.17/storage/rocksdb/rocksdb/utilities/backupable/backupable_db.cc:378:37: error: field 'result' has incomplete type 'std::future<rocksdb::BackupEngineImpl::CopyOrCreateResult>'
std::future<CopyOrCreateResult> result;
./buildroot/output/build/mariadb-10.2.17/storage/rocksdb/rocksdb/utilities/backupable/backupable_db.cc:425:37: error: field 'result' has incomplete type 'std::future<rocksdb::BackupEngineImpl::CopyOrCreateResult>'
std::future<CopyOrCreateResult> result;
./buildroot/output/build/mariadb-10.2.17/storage/rocksdb/rocksdb/utilities/backupable/backupable_db.cc: In member function 'rocksdb::Status rocksdb::BackupEngineImpl::AddBackupFileWorkItem(std::unordered_set<std::basic_string<char> >&, std::vector<rocksdb::BackupEngineImpl::BackupAfterCopyOrCreateWorkItem>&, rocksdb::BackupID, bool, const string&, const string&, rocksdb::RateLimiter*, uint64_t, uint64_t, bool, std::function<void()>, const string&)':
./buildroot/output/build/mariadb-10.2.17/storage/rocksdb/rocksdb/utilities/backupable/backupable_db.cc:1366:38: error: aggregate 'std::promise<rocksdb::BackupEngineImpl::CopyOrCreateResult> promise_result' has incomplete type and cannot be defined
std::promise<CopyOrCreateResult> promise_result;
Signed-off-by: Ryan Coe <bluemrp9@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fixes
configure: error: The skins2 module depends on the Qt interface. Without
it you will not be able to open any dialog box from the interface, which
makes the skins2 interface rather useless. Install the Qt development
package or alternatively you can also configure with: --disable-qt
--disable-skins2.
http://autobuild.buildroot.net/results/ddb/ddb1ab48adb9705c44ed3d6d800b6d01ad52ac8c/
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>