Remove broken elf2flt patch:
package/elf2flt/0003-elf2flt-fix-.eh_frame-section-handling.patch
The patch modifies main(), but does not perform a similar change in
output_relocs(), which might cause sectionp in output_relocs() to be
initialized with an invalid address, causing random memory to be
overwritten.
This leads to a segfault when linking e.g. busybox for m68k.
We cannot perform a similar change in output_relocs(), since at this
point in time, data_len will always be non-zero.
Revert this patch completely, so that we can add a working patch.
Note that even with this patch reverted, elf2flt is still broken
on archs like m68k and xtensa, resulting in the fatal error:
ERROR: text=0x3bab8 overlaps data=0x33f60 ?
Signed-off-by: Niklas Cassel <niklas.cassel@wdc.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
From the release notes:
================================================================================
Redis 7.0.4 Released Monday Jul 18 12:00:00 IST 2022
================================================================================
Upgrade urgency: SECURITY, contains fixes to security issues.
Security Fixes:
* (CVE-2022-31144) A specially crafted XAUTOCLAIM command on a stream
key in a specific state may result with heap overflow, and potentially
remote code execution. The problem affects Redis versions 7.0.0 or newer.
Signed-off-by: Titouan Christophe <titouanchristophe@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
New version contains updated binaries which are part of the NXP
5.15.5-1.0.0 Yocto release.
Update the license hashes for formatting changes and addition of
LC3plus/T2/Bluetooth SIG licenses.
Signed-off-by: Bram Vlerick <bram.vlerick@openpixelsystems.org>
[Peter: add SCR.txt license file as suggested by Stefan Hager]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
In order to run the full gamut of "perf tests" installing the perf
scripts is required, otherwise we run into errors similar to those:
failed to open shell test directory: /usr/libexec/perf-core/tests/shell
Make this possible by introducing a new option allowing us to install
perf scripts.
Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
nfs-utils 2.6.2 adds nfsrahead tool to set readahead through sysfs, but
this tool is mandatory and requires libmount that in order requires
libblkid. Also we need a local patch that is already pending upstream to
avoid failing static linking:
https://patchwork.kernel.org/project/linux-nfs/patch/20220809223308.1421081-1-giulio.benetti@benettiengineering.com/
So let's select:
- BR2_PACKAGE_UTIL_LINUX_LIBMOUNT
- BR2_PACKAGE_UTIL_LINUX_LIBBLKID
and add the pending patch for fixing static linking failure due to wrong
order of libraries in linker list(-lblkid must follow -lmount). This is
achieved by using pkg-config that is already a dependency of this package.
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Since weston 10.0.0, md5 and sha1 hashes are not published
with the release announce email.
The values were probably calculated locally, so remove them
since upstream provide stronger hashes.
Fixes:
f67a6e9b7a
Signed-off-by: Romain Naour <romain.naour@smile.fr>
Cc: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Drop C++ dependency as nacl is disabled (and will be dropped by upstream
in next release) to avoid the following build failure raised since bump
to version 1.6.1 in commit 814f36fdcc:
CMake Error at /usr/share/cmake-3.22/Modules/CMakeTestCXXCompiler.cmake:62 (message):
The C++ compiler
"/usr/bin/clang++"
is not able to compile a simple test program.
Fixes:
- http://autobuild.buildroot.org/results/a702495074b0393682c619781c349ce62e123133
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
ocrad is licensed under GPL-2.0+ since version 0.24, here is an extract
of https://lists.gnu.org/archive/html/bug-ocrad/2014-10/msg00000.html:
"The license has been changed to GPL version 2 or later for better GPL
compatibility. GPLv2 and GPLv2+ programs may use the library now."
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Octave package test can occasionally fail due to timeout while testing
some octave modules. This commit slightly increase the timeout value
to reduce those failures.
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Drop the patch now that it has been upstreamed.
Signed-off-by: Vincent Fazio <vfazio@xes-inc.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Add a custom case to make sure that a random configuration with an empty
git location for refpolicy doesn't fail. It reverts to
BR2_PACKAGE_REFPOLICY_UPSTREAM_VERSION in that case.
Fixes:
- http://autobuild.buildroot.org/results/98da07a1f9b88e2e8a028a55c8cf76c6ebc28304
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fix the following vulnerabilities:
- [High] Potential for DTLS DoS attack. In wolfSSL versions before
5.4.0 the return-routability check is wrongly skipped in a specific
edge case. The check on the return-routability is there for stopping
attacks that either consume excessive resources on the server, or try
to use the server as an amplifier sending an excessive amount of
messages to a victim IP. If using DTLS 1.0/1.2 on the server side
users should update to avoid the potential DoS attack. CVE-2022-34293
- [Medium] Ciphertext side channel attack on ECC and DH operations.
Users on systems where rogue agents can monitor memory use should
update the version of wolfSSL and change private ECC keys.
https://github.com/wolfSSL/wolfssl/releases/tag/v5.4.0-stablehttps://www.wolfssl.com/docs/security-vulnerabilities/
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This commit makes sure that the python-crossbar package pulls in the
right dependencies, based on the requirements-min.txt.
It does so by:
- Changing the 0002-Remove-idna-requirement patch by a more thorough
patch that drops all indirect dependencies from
requirements-min.txt, making it easier to have a 1:1 mapping
between lines in requirements-min.txt and Buildroot selects.
- Changing the
0003-crossbar-webservice-wap-use-markupsafe-instead-of-we patch to
update requirements-min.txt to indicate the new MarkupSafe
dependency. Here again, to have a 1:1 mapping between lines in
requirements-min.txt and Buildroot selects.
- Updating the Buildroot selects to match requirements-min.txt, with
relevant comments when it does not.
- Fixing up the Crossbar test case to no longer force autobahn to use
umsgpack. Instead, we now use the default of msgpack that is
expected by autobahn.
Fixes bug #14556, https://bugs.busybox.net/show_bug.cgi?id=14556.
Signed-off-by: Emile Cormier <emile.cormier.jr@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
It may be confusing, by pyqrcode and qrcode are two different
packages, and autobahn's encryption support needs the latter, with
support for SVG image generation.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This commit adds options for python-autobahn subpackages that will be
needed by python-crossbar.
Signed-off-by: Emile Cormier <emile.cormier.jr@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The conch subpackage is required by python-crossbar.
Added the serial subpackage while at it, even if it is not required by
Crossbar.
Signed-off-by: Emile Cormier <emile.cormier.jr@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Required by python-twisted[conch], which is required by
python-crossbar.
Signed-off-by: Emile Cormier <emile.cormier.jr@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
On machines supporting Riscv SV57 mode like Qemu, Go programs currently crash
with the following type of error:
runtime: lfstack.push invalid packing: node=0xffffff5908a940 cnt=0x1
packed=0xffff5908a9400001 -> node=0xffff5908a940
The upstream PR fixes this error, but has not yet been merged.
Upstream: https://go-review.googlesource.com/c/go/+/409055/4
Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Unfortunately local patch is still pending upstream. I've pinged them
again after 3 months with no answer:
https://bugzilla.mozilla.org/show_bug.cgi?id=1765100
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
imhttp support needs apr-util in addition to civetweb since bump to
version 8.2204.1 in commit bc469ee632
and
a8b8d6c1f9. Without
apr-util, the build fails with:
configure: error: Package requirements (apr-util-1 >= 1.0) were not met:
Package 'apr-util-1', required by 'virtual:world', not found
Instead of having the user needing to figure out that apr-util is
needed for imhttp support, have the top-level rsyslog option selects
apr-util when civetweb-lib is enabled
Fixes:
- http://autobuild.buildroot.org/results/4454ae5321df0c04c9dee19693f3908e69fbf23d
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
