A double-free condition exists in contrib/shpsort.c of shapelib 1.5.0
and older releases. This issue may allow an attacker to cause a denial
of service or have other unspecified impact via control over malloc.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fix the following build failure without threads raised since bump to
version 2.1.8 in commit ede944f535:
Settings.cpp: In function 'void Settings_Interpret(char, const char*, thread_Settings*)':
Settings.cpp:1281:9: error: break statement not within loop or switch
1281 | break;
| ^~~~~
Fixes:
- http://autobuild.buildroot.org/results/2bcddf8439f6913fdf19b1fc2d33999a787ab3b2
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Set ac_cv_prog_A2X to disable build of documentation and avoid the
following build failure without a working a2x raised since at least bump
to version 1.1.1 in commit ad21d84a58:
a2x -v -f manpage doc/man/usbguard.1.adoc -D ./$(dirname doc/man/usbguard.1.roff)
a2x -v -f manpage doc/man/usbguard-dbus.8.adoc -D ./$(dirname doc/man/usbguard-dbus.8.roff)
/nvmedata/autobuild/instance-5/output-1/host/bin/python3: Error while finding module specification for 'asciidoc.a2x' (ModuleNotFoundError: No module named 'asciidoc')
Fixes:
- http://autobuild.buildroot.org/results/e41950f3cd4bd83d9b067af498757cb9d2f207ef
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
kmemd let's you inspect a live Linux kernel's memory using GDB.
Signed-off-by: Tobias Waldekranz <tobias@waldekranz.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The libbpf build system currently uses the output of "uname -m" to
determine if the library should be installed in "lib" or
"lib64". However, uname -m returns the architecture of the build
machine, which often has nothing to do with the target CPU
architecture.
A patch has been submitted and accepted upstream to address this
issue, by using the $(CC) -dumpmachine output instead. This ensures
libbpf is installed in either "lib" or "lib64" depending on the
bitness of the target CPU architecture.
Signed-off-by: Tobias Waldekranz <tobias@waldekranz.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Since Buildroot commit 3145adfb69 ("package/libbpf: needs headers >=
4.13"), libbpf depends on Linux headers >= 4.13. This requirement
renders the explicit list of supported architectures, previously added
in f693354c30 overly restrictive, as the syscall number for bpf(2)
has been defined since Linux 3.18.
Commit f693354c30 ("package/libbpf: add
BR2_PACKAGE_LIBBPF_ARCH_SUPPORTS") was introduced to fix a build issue
where a toolchain using very old kernel headers (3.13) failed to build
libbpf for ARM, but these architecture dependencies are no longer
needed due to the bump on the kernel headers version requirement.
Signed-off-by: Tobias Waldekranz <tobias@waldekranz.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
s390x doesn't support CONFIG_WIRELESS in Linux so let's disable this
package for this architecture.
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Reviewed-by: Kris Bahnsen <kris@embeddedTS.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
s390x doesn't support CONFIG_WIRELESS in Linux so let's disable this
package for this architecture.
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
s390x doesn't support CONFIG_WIRELESS in Linux so let's disable this
package for this architecture.
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
s390x doesn't support CONFIG_WIRELESS in Linux so let's disable this
package for this architecture.
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
s390x doesn't support CONFIG_WIRELESS in Linux so let's disable this
package for this architecture.
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
s390x doesn't support CONFIG_WIRELESS in Linux so let's disable this
package for this architecture.
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
s390x doesn't support CONFIG_WIRELESS in Linux so let's disable this
package for this architecture.
Fixes:
http://autobuild.buildroot.net/results/693053491ba61edcff0f75a4f30c13958e7e12ce/
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Expat 2.5.0 has been released earlier today. Most importantly, this
release fixes CVE-2022-43680: a heap use-after-free vulnerability after
overeager destruction of a shared DTD in function
XML_ExternalEntityParserCreate in out-of-memory situations, with
expected impact of denial of service or potentially arbitrary code
execution.
https://blog.hartwork.org/posts/expat-2-5-0-releasedhttps://github.com/libexpat/libexpat/blob/R_2_5_0/expat/Changes
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fix the following uclibc build failure raised since bump to version 5.43
in commit f17b56f1aa and
c80065fe69:
file.c: In function 'fname_print':
file.c:605:10: error: macro "putc" requires 2 arguments, but only 1 given
605 | putc(c);
| ^
Fixes:
- http://autobuild.buildroot.org/results/7ff1dd9f79408d2e6286c005302b6f3c505ab259
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fix the following build failure without C++ raised since bump to version
1.0.5 in commit a380244766:
CMake Error at /home/autobuild/autobuild/instance-7/output-1/host/share/cmake-3.22/Modules/CMakeTestCXXCompiler.cmake:62 (message):
The C++ compiler
"/usr/bin/clang++"
is not able to compile a simple test program.
Fixes:
- http://autobuild.buildroot.net/results/30b519aa60d5baddb4015cf3608baa04a30be907
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This commit backports the patch "fixinc: don't "fix" machine names in
__has_include(...)" from upstream GCC, which is needed to resolve a
header conflict between glibc headers and kernel headers, which has
appeared since we bumped glibc to version 2.36 in commit
80c8c15c85.
The problem comes from the "fixinc" logic used by gcc to fixup some
headers files, generated inside an include-fixed/ folder. This logic
ended up replacing "linux/mount.h" by "__linux__/mount.h" in
__has_include() invocation, like this:
#ifdef __has_include
# if __has_include ("__linux__/mount.h")
# include "linux/mount.h"
# endif
#endif
in
build/host-gcc-final-11.3.0/build/gcc/include-fixed/sys/mount.h. With
this fix in place, this "include-fixed" header is no longer generated,
avoiding the problem.
This issue was visible in two different ways in glibc configurations:
- As a build failure during the gcc build itself, for architectures
that support libsanitizer, as libsanitizer includes mount.h, and
would therefore encounter the header conflict.
- As a build failure during another user-space package (such as
sysvinit for example), on architectures when libsanitizer isn't
used, and therefore for which the gcc build was successful, but the
header conflict shows up when building some "random" user-space
package.
The problem is already fixed in GCC 12.2.0, so no patch is
required. The problem did not exist back in GCC 8.4.0, so this version
does not need patching. Consequently, the patch is only needed for GCC
10.4.0, GCC 11.3.0 and the special ARC 2020.09-release version.
Fixes:
(gcc build issue, on architecture that supports libsanitizer)
http://autobuild.buildroot.net/results/90fe4c3b8b72a2c28555674383de9bbd9e8ae09a/
(sysvinit build issue, on architecture that does not support libsanitizer)
http://autobuild.buildroot.net/results/d7bf5795b7621a92be32f18794e3e67944fb96db/
(crun)
http://autobuild.buildroot.net/results/e3e8da4f797dced48aedf8c636db983d36849850/
(libarchive)
http://autobuild.buildroot.net/results/9fcbf0c036a97b2e9a4fcc6e173bcfa09e1b3dac/
Thanks a lot to Peter Seiderer for pointing the relevant GCC commit.
Fixes:
https://bugs.busybox.net/show_bug.cgi?id=15021
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Reviewed-by: Romain Naour <romain.naour@smile.fr>
Acked-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
- Fix CVE-2022-38784: Poppler prior to and including 22.08.0 contains an
integer overflow in the JBIG2 decoder
(JBIG2Stream::readTextRegionSeg() in JBIGStream.cc). Processing a
specially crafted PDF file or JBIG2 image could lead to a crash or the
execution of arbitrary code. This is similar to the vulnerability
described by CVE-2022-38171 in Xpdf.
- Drop patch (already in version)
https://gitlab.freedesktop.org/poppler/poppler/-/blob/poppler-22.10.0/NEWS
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix CVE-2022-3213: A heap buffer overflow issue was found in
ImageMagick. When an application processes a malformed TIFF file, it
could lead to undefined behavior or a crash causing a denial of
service.
https://github.com/ImageMagick/Website/blob/main/ChangeLog.md
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The gdbserver support for or1k is available since 12.1 release, since
commit [1]. Restrict the gdb version choice for or1k to 12.1 for
simplicity. Also enable host-gdb to connect to the gdbserver on the
target.
[1] https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff;h=4933265c3f71b9134363d0c05f09542d5cc677f4
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Stafford Horne <shorne@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Add a patch from upstream pull request to fix build with python 3.11.
Fixes:
python/enum.c: In function ‘enumitem_new’:
python/enum.c:55:25: error: lvalue required as left operand of assignment
55 | Py_SIZE(&self->val) = Py_SIZE(longval);
| ^
python/enum.c: In function ‘zbarEnumItem_New’:
python/enum.c:146:25: error: lvalue required as left operand of assignment
146 | Py_SIZE(&self->val) = Py_SIZE(longval);
| ^
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
drop cross-compile patch which is now upstream (again).
Signed-off-by: Michael Nosthoff <buildroot@heine.tech>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Add host-python-cython so that cython will generate python 3.11
compatible sources instead of using the python 3.11 incompatible
pre-built sources.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The configure file is a shell script which searches for a predefined
python binary and then calls configure.py with that.
As we already call configure with the desired python binary we should
call configure.py directly so that the expected python binary is used
and so that the shell wrapper doesn't throw spurious interpreter
validation errors.
This also avoid spurious errors due to the configure shell wrapper
missing supported python versions, for example this fixes:
Node.js configure: Found Python 3.11.0...
Please use python3.10 or python3.9 or python3.8 or python3.7 or python3.6.
/usr/bin/python3.10 ./configure
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fixes:
http://autobuild.buildroot.org/results/3a8/3a8b66027cde3cdd9d02745381526d52bb626a78/
Bootgen embeds an old version of flex, but uses the system include syntax
(#include <>) to reference it, causing conflicts on systems with the
development headers for a modern flex version installed, leading to build
issues like:
../bisonflex/bif.yy.cpp: In member function 'virtual int BIF::FlexScanner::yylex()':
../bisonflex/bif.yy.cpp:1608:18: error: no match for 'operator=' (operand types are 'std::istream' {aka 'std::basic_istream<char>'} and 'std::istream*' {aka 'std::basic_istream<char>*'})
Fix it by using normal local #include statements by:
sed -i 's/<FlexLexer.h>/"FlexLexer.h"/g' *
Patch submitted upstream: https://github.com/Xilinx/bootgen/pull/20
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Reviewed-by: Neal Frager <neal.frager@amd.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2.1.8 (as of August 5th, 2022)
------------------------------
- Add support for --bounceback to perform a repsonsiveness test (see man
page for other options)
- add support for working loads with --bounceback
- Fix to wait_tick with Mac OS X
- Various python pyflows commits
- add support for client side tcp-write-time histograms and mean/min/max
- add support for human readable dscp or -T values (see man page)
- udp_accept no longer accepts packets from a previous run as a new
connection, this can occur with long network delays
- multiple isoch bug fixes for both UDP and TCP
- isoch server provides mean/min/max/stdev for both frames and packets
- UDP max MTU discovery, requires configure.ac will support
--enable-discover-defaultlen prior to compile
- Drop first patch (already in version)
- Drop second patch (not needed since
de5cb99546)
https://sourceforge.net/projects/iperf2/files/
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2022/02/20:
upnpc: use of @ to replace local lan address
2021/11/09:
python module : Allow to specify the root description url
- Drop patch (already in version)
- Update hash of LICENSE file (license "refined" for github with
af812c8775)
http://miniupnp.free.fr/files/changelog.php?file=miniupnpc-2.2.4.tar.gz
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Version 1.6.38 [September 14, 2022]
Added configurations and scripts for continuous integration.
Fixed various errors in the handling of tRNS, hIST and eXIf.
Implemented many stability improvements across all platforms.
Updated the internal documentation.
Update hash of LICENSE file (update in year with
723b2d9f2e)
https://sourceforge.net/p/libpng/code/ci/v1.6.38/tree/CHANGES
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
- Drop all patches (already in version)
- Replace README by LICENSE file added with
352cb28d12https://github.com/madler/zlib/releases/tag/v1.2.13
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
