cbs_jpeg_split_fragment in libavcodec/cbs_jpeg.c in FFmpeg 4.2.2 has a
heap-based buffer overflow during JPEG_MARKER_SOS handling because of a
missing length check.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This patch bumps Linux CIP RT version to 4.19.115-cip24-rt9.
Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This patch bumps Linux CIP version to v4.19.118-cip25.
Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Back in commit [1], a patch fixing an issue a PowerPC issue in gcc was
added in gcc 4.3.3. It was present until gcc 4.9, which itself was
removed in [2]. The patch was dropped starting gcc 5.1 [3] but it's
know to be useful for gcc 4.7.3 [4]. However, even though we no longer
support building any of those older gcc versions, the conditional
patching logic in gcc.mk is still there.
We used to have a patch directory (package/gcc/$(GCC_VERSION)) for
every gcc version available in Buildroot, the apply-patches.sh script
doesn't error out even if
1000-powerpc-link-with-math-lib.patch.conditional is missing.
But with gcc 10, we don't need (for the moment) to apply any patch, so
the patch directory doesn't exist. apply-patches.sh breaks the build
since the patch directory is missing:
Aborting. 'package/gcc/10.1.0' is not a directory.
Since we removed gcc 4.9 last year [2], we can safely remove this code.
Tested using qemu_ppc_virtex_ml507_defconfig.
[1] bb1f42e442
[2] baf1775022
[3] 4deb2d93c5
[4] 197006a41c
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Commit 3052da3eac did not renumber
remaining patches, fix that
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
In commit ff9f778c66 (support/gnuconfig: update to 2019-05-28), we
forgot to update the README to reference the sha1 we're using, keeping
the old one from 2016...
Update it now.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
If libapparmor is selected, depend on libapparmor and set -Dapparmor=true
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
>From [1]
"GCC 10 (PR 91233) won't silently allow registers that are not architecturally
available to be present in the clobber list anymore, resulting in build failure
for mips*r6 targets in form of:
...
.../sysdep.h:146:2: error: the register ‘lo’ cannot be clobbered in ‘asm’ for the current target
146 | __asm__ volatile ( \
| ^~~~~~~
This is because base R6 ISA doesn't define hi and lo registers w/o DSP extension.
This patch provides the alternative definitions of __SYSCALL_CLOBBERS for r6
targets that won't include those registers."
Fixes:
https://gitlab.com/kubu93/buildroot/-/jobs/543923030
Note:
The kernel 5.4.35 fail to build later due to a similar issue while
building lib/vdso/gettimeofday.c [2]. The issue is still present in kernel
5.7-rc4.
[1] https://sourceware.org/git/?p=glibc.git;a=commit;h=020b2a97bb15f807c0482f0faee2184ed05bcad8
[2] https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/tree/arch/mips/include/asm/vdso/gettimeofday.h?h=v5.7-rc4#n38
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Waldemar Brodkorb <wbx@openadk.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
matchbox selects expat but does not add it to its dependency resulting
in the following build failure:
configure: error: cannot find expat library
make: *** [/home/buildroot/autobuild/run/instance-2/output-1/build/matchbox-1.2/.stamp_configured] Error 1
Fixes:
- http://autobuild.buildroot.org/results/37021f1d7fcfd890011068a28ce6181dc509e746
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Added upstream patch for removal of unused te_assertions which was
found when using GCC10 as a host complier (-fno-common is now default)
Fixes:
http://autobuild.buildroot.net/results/63f2d1897a8f581ec107374bf2cbb68d3add4109/
Cc: Peter Korsgaard <peter@korsgaard.com>
Cc: Romain Naour <romain.naour@gmail.com>
Cc: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Tested-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
When we prepare the release, we generate the manual in various formats,
so that it can be consulted locally without needing the miriads of tools
needed to generate it.
However, this creates the temporary .br2-external.* files in the output
directory, and those end up in the release tarball.
This is not a problem in practice, but is not clean.
Run 'distclean' in the output directory, to get rid of everything but
the generated documentation.
Reported-by: Danomi Manchego <danomimanchego123@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Use WITH_LIBUSB which is available since version 4.9700 and
f53817577a
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
aa-unconfied requires the full version of netstat provided by the net-tools
package. Without the full version, running aa-unconfined will result in the
error:
netstat: invalid option -- 'p'
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
[yann.morin.1998@free.fr:
- net-ttols is a runtime depednency
- select BB_SHOW_OTHERS
- reorder depends
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The following regex string in rc.apparmor.functions
"^/.*[ \t]+flags[ \t]*=[ \t]*\([ \t]*complain[ \t]*\)[ \t]+{" is broken due to
the unescaped { at the end of the regex pattern.
GNU grep ignors the error. However, the Busybox grep does not and throws the
error "unescaped character {"
Escape the "{" character to fix this issue.
Note: Upstream has rewritten large sections of the rc.apparmor.functions file
and the function this patch fixes will no longer be necessary after the next
version is released. However, it is not possible to easily backport the
upstream patches as the rewrite comes with new features that would not be
possible with a simple patch such as this one.
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Do not force c99 mode to be able to remove both patches and because it
does not seem to be motivated. Indeed, even if the second patch was
sucessfully upstreamed. The first one can't be upstreamed as it raises
the following build falure on Solaris 11 (due to mixing c99 and
_POSIX_C_SOURCE):
#if defined(STDC_C99) && (defined(_XOPEN_OR_POSIX) && !defined(XPG6))
#error "Compiler or options invalid for pre-UNIX 03 X/Open applications \
and pre-2001 POSIX applications"
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Between 1.0.32 and 1.0.34, only bug fixes have been merged in
uclibc-ng. All patches can be removed, as they have been applied
upstream.
Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fix CVE-2020-11945: An issue was discovered in Squid before 5.0.2. A
remote attacker can replay a sniffed Digest Authentication nonce to gain
access to resources that are otherwise forbidden. This occurs because
the attacker can overflow the nonce reference counter (a short integer).
Remote code execution may occur if the pooled token credentials are
freed (instead of replayed as valid credentials).
http://www.squid-cache.org/Advisories/SQUID-2020_4.txt
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
When pod2man and pod2html are missing, building now exits with an
error.
Building of man pages and documentation should be skipped in buildroot,
setting both executables to the "true" command it's sufficient to skip
them.
Fixes:
http://autobuild.buildroot.net/results/ca8d3071d888b5c1cfa3e275afaf05415e19627f
Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This is the last of an unconsolidated series of patches that
removes the need for host-python(2) for all waf-based packages.
Signed-off-by: Titouan Christophe <titouan.christophe@railnova.eu>
Reviewed-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
cage v0.1.1 can't build with wlroots 0.10.1, as it uses
a set of wlroots API that are no longer available.
Moving to latest upstream version fixes the issue.
Also:
- added license file information
- updated license file hash
Signed-off-by: Gilles Talis <gilles.talis@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
"The inclusion of GLU is historical. [...] It's not needed for GLEW to
build or run, but it's opt-out that reason. I'd recommend using
-DGLEW_NO_GLU since GLU is rarely seen in modern codebases nowadays."
https://github.com/nigels-com/glew/issues/192#issuecomment-411641657
Supertuxkart already uses -DGLEW_NO_GLU:
https://github.com/supertuxkart/stk-code/blob/master/CMakeLists.txt#L224
This patch only removes the dependency to libglu and depends on the
previous patch of this series which removes glu from glew.pc.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
"The inclusion of GLU is historical. [...] It's not needed for GLEW to
build or run, but it's opt-out that reason. I'd recommend using
-DGLEW_NO_GLU since GLU is rarely seen in modern codebases nowadays."
https://github.com/nigels-com/glew/issues/192#issuecomment-411641657
This patch prevents libglu being added to the "Requires:" section of
glew.pc fixing libglew detection in the supertuxkart package
-- Checking for module 'glew>=2.1'
-- Package 'glu', required by 'glew', not found
after libglu is removed as dependency of supertuxkart.
Supertuxkart already uses -DGLEW_NO_GLU:
https://github.com/supertuxkart/stk-code/blob/master/CMakeLists.txt#L224
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
"The inclusion of GLU is historical. [...] It's not needed for GLEW to
build or run, but it's opt-out that reason. I'd recommend using
-DGLEW_NO_GLU since GLU is rarely seen in modern codebases nowadays."
https://github.com/nigels-com/glew/issues/192#issuecomment-411641657
Each package using glew.h has to decide whether to use the opt-out for
glu or not. Since supertux does not need libglu we can safely remove
the dependency by adding -DGLEW_NO_GLU to TARGET_CXXFLAGS.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
"The inclusion of GLU is historical. [...] I'd recommend using
-DGLEW_NO_GLU since GLU is rarely seen in modern codebases nowadays."
https://github.com/nigels-com/glew/issues/192#issuecomment-411641657
Add -DGLEW_NO_GLU to get rid of the libglu dependency.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
[yann.morin.1998@free.fr:
- fix mismatch between OGRE_CXX_FLAGS and OGRE_CXXFLAGS
- also use OGRE_CFLAGS for symetry with OGRE_CXXFLAGS
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Commit e845f9364c ("ne10: bump to v1.2.1") removed arm arch
dependency from the comment. This comment is only relevant to arm.
Furthermore, if a target does not have a NEON unit, there is
nothing a user can do about that condition in Buildroot. Showing
a comment would not be useful, and we're not usually showing any
arch-related comment.
Cc: Cody Guldner <cody.guldner@rockwellcollins.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
[yann.morin.1998@free.fr: drop the comment, explain why]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Contrary to riscv32, the qemu_riscv64_virt defconfig doesn't needs
any specific change. It could have been updated to Linux 5.4.35 in
the commit 80a044703a.
So, update the kernel version to 5.4.35.
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Drop flask license as the old flask theme has been replaced with the
sphinx_rtd_theme since version 0.17.0 and
8f96cbdabf
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
