Support for libsafec can not be completely disabled - currently,
--disable-safec does not exactly allow for compiling libest on
systems without libsafec, but instead just uses bundled copy of
library from safe_c_stub/
To avoid that, do automatically select the full-featured safeclib
package and always use --with-system-libsafec
Signed-off-by: Aleksandr Makarov <aleksandr.o.makarov@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Version 2.3.4 of libtalloc needs to define PYTHONHASHSEED, as a check has been added
to the configure script, and build will fail if it is not defined.
This is originately a workaround by samba developpers meant to avoid rebuilding talloc
with each call to make. Defining PYTHONHASHSEED would not be required in the context
of builroot, if not for the check in the configure script.
Signed-off-by: David GOUARIN <david.gouarin@thalesgroup.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Drop minnowboard_max-graphical_defconfig from DEVELOPERS as it has been
removed by commit b9bc22ee8a
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Drop 'from' in comment of Config.in which was added by commit
00deb6a7c1
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Drop patch which is now upstream.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
And switch to PyPi to fetch the source code.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
In GStreamer commit 0a657d6db5ba912b13092a907ea507638cd01cf9, merged
in Gstreamer 1.19.x, the GstAppSinkCallbacks structure was extended
with another field calle new_event. This requires an update in the
WebKit code, without which we have a build failure:
platform/audio/gstreamer/AudioFileReaderGStreamer.cpp:234:5: error: braces around scalar initializer for type ‘gboolean (*)(GstAppSink*, gpointer) {aka int (*)(_GstAppSink*, void*)}’
There are no autobuilder failures, but the issue could be reproduced
using the following defconfig:
BR2_arm=y
BR2_cortex_a8=y
BR2_TOOLCHAIN_EXTERNAL=y
BR2_TOOLCHAIN_EXTERNAL_LINARO_ARM=y
BR2_PACKAGE_QT5=y
BR2_PACKAGE_QT5WEBKIT=y
Signed-off-by: Nicolas Carrier <nicolas.carrier@orolia.com>
[Thomas: find the actual upstream fix and use that, improve the
explanation about the issue in the commit message]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
No release announcement available from upstream this time so we had to
computed the tarball hash ourselves.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Drop BUILD_HACKRF_TOOLS which has never been recognized since the
addition of the package in commit
29b7cc88f4
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Single hyphen commands has been removed since Mender 3.0.0 [1]
The hyphen was added back while fixing check-pkg and shellcheck warnings [2]
[1] fd838ec1b0
[2] 0b350cf756
Signed-off-by: Romain Naour <romain.naour@smile.fr>
Cc: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
It's been ages (5 years at the next release) that we've not installed
host packages in $(HOST_DIR)/usr, but we still have a few packages that
reference it or install things in there.
Drop all of those in one fell swoop.
The run-time test still succeeds, and the following defconfig, which
should exercise all touched packages [*], does build:
BR2_x86_i686=y
BR2_TOOLCHAIN_EXTERNAL=y
BR2_INIT_NONE=y
BR2_SYSTEM_BIN_SH_NONE=y
# BR2_PACKAGE_BUSYBOX is not set
BR2_PACKAGE_GAWK=y
BR2_PACKAGE_GETTEXT=y
BR2_PACKAGE_ABOOTIMG=y
BR2_PACKAGE_DBUS_PYTHON=y
BR2_PACKAGE_OLA=y
BR2_PACKAGE_JIMTCL=y
BR2_PACKAGE_LUA=y
# BR2_PACKAGE_LUA_32BITS is not set
BR2_PACKAGE_ARGPARSE=y
BR2_PACKAGE_PERL=y
BR2_PACKAGE_PHP=y
BR2_PACKAGE_PHP_APCU=y
BR2_PACKAGE_PHP_LUA=y
BR2_PACKAGE_PHP_PAM=y
BR2_PACKAGE_PHP_PECL_DBUS=y
BR2_PACKAGE_PYTHON3=y
BR2_PACKAGE_PYTHON_CRYPTOGRAPHY=y
BR2_PACKAGE_PYTHON_PLY=y
BR2_PACKAGE_PYTHON_PYBIND=y
BR2_PACKAGE_LIBVA=y
BR2_PACKAGE_BIND=y
BR2_PACKAGE_BIND_SERVER=y
BR2_PACKAGE_BIND_TOOLS=y
BR2_PACKAGE_APPARMOR=y
BR2_PACKAGE_APPARMOR_BINUTILS=y
BR2_PACKAGE_APPARMOR_UTILS=y
BR2_PACKAGE_APPARMOR_UTILS_EXTRA=y
BR2_PACKAGE_APPARMOR_PROFILES=y
BR2_PACKAGE_REFPOLICY=y
BR2_PACKAGE_URANDOM_SCRIPTS=y
BR2_PACKAGE_BASH=y
# embiggen-disk to exercise go
BR2_PACKAGE_EMBIGGEN_DISK=y
BR2_TARGET_GRUB2=y
BR2_TARGET_GRUB2_I386_PC=y
BR2_TARGET_GRUB2_I386_EFI=y
[*] exceptions:
- zfs was not tested: it needs a kernel to be built;
- compiler-rt was not tsted: it needs llvm to be built, that takes
ages, and other packages already reference the correct location for
llvm-config, so it was assumed that is OK.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Angelo Compagnucci <angelo.compagnucci@gmail.com>
Cc: Anisse Astier <anisse@astier.eu>
Cc: Antoine Tenart <atenart@kernel.org>
Cc: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Cc: Asaf Kahlon <asafka7@gmail.com>
Cc: Bernd Kuhls <bernd.kuhls@t-online.de>
Cc: Christian Stewart <christian@paral.in>
Cc: Ezequiel Garcia <ezequiel@vanguardiasur.com.ar>
Cc: Francois Perrad <francois.perrad@gadz.org>
Cc: Guillaume William Brs <guillaume.bressaix@gmail.com>
Cc: Hervé Codina <herve.codina@bootlin.com>
Cc: James Hilliard <james.hilliard1@gmail.com>
Cc: José Luis Salvador Rufo <salvador.joseluis@gmail.com>
Cc: Julien Boibessot <julien.boibessot@armadeus.com>
Cc: Julien Olivain <ju.o@free.fr>
Cc: Matt Weber <matthew.weber@collins.com>
Cc: Nicolas Carrier <nicolas.carrier@orolia.com>
Cc: Peter Korsgaard <peter@korsgaard.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Vadim Kochan <vadim4j@gmail.com>
Cc: Yegor Yefremov <yegorslists@googlemail.com>
Reviewed-by: Romain Naour <romain.naour@smile.fr>
---
Changes v1 -> v2:
- fix new instance that have crept in (Romain)
Commit d69d40c029 (package/rustc: add support for Tier 1 and Tier 2
platforms) misspelled the config options for i586 and i686.
They are BR2_x86_i586 and BR2_x86_i686, not BR2_i586 or BR2_i686.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Baruch Siach <baruch@tkos.co.il>
Reviewed-by: Romain Naour <romain.naour@smile.fr>
---
Changes v1 -> v2:
- in commit log: s/BR2_i386_/BR2_x86_/g (Baruch)
- Fix CVE-2021-43306: An exponential ReDoS (Regular Expression Denial
of Service) can be triggered in the jquery-validation npm package,
when an attacker is able to supply arbitrary input to the url2 method
- Fix CVE-2022-31147: The jQuery Validation Plugin (jquery-validation)
provides drop-in validation for forms. Versions of jquery-validation
prior to 1.19.5 are vulnerable to regular expression denial of service
(ReDoS) when an attacker is able to supply arbitrary input to the url2
method. This is due to an incomplete fix for CVE-2021-43306. Users
should upgrade to version 1.19.5 to receive a patch.
- Use LICENSE.md instead of README.md which is available since version
1.14.0 and
96b7036eb4https://github.com/jquery-validation/jquery-validation/releases/tag/1.19.4https://github.com/jquery-validation/jquery-validation/releases/tag/1.19.5
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fix CVE-2022-2309: NULL Pointer Dereference allows attackers to cause a
denial of service (or application crash). This only applies when lxml is
used together with libxml2 2.9.10 through 2.9.14. libxml2 2.9.9 and
earlier are not affected. It allows triggering crashes through forged
input data, given a vulnerable code sequence in the application. The
vulnerability is caused by the iterwalk function (also used by the
canonicalize function). Such code shouldn't be in wide-spread use, given
that parsing + iterwalk would usually be replaced with the more
efficient iterparse function. However, an XML converter that serialises
to C14N would also be vulnerable, for example, and there are legitimate
use cases for this code sequence. If untrusted input is received (also
remotely) and processed via iterwalk function, a crash can be
triggered.
https://github.com/lxml/lxml/blob/lxml-4.9.1/CHANGES.txt
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
The autotools build system was finally removed in favor of meson,
so migrate the package to the meson infra.
Notable changes:
- c11 is required.
- glib is no longer optional.
- there is no option to choose if libcap or neon must be used or not.
- support for libatomic_ops is broken and must be extensively patched.
Signed-off-by: Nicolas Cavallari <nicolas.cavallari@green-communications.fr>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
