Fixes the following security vulnerabilities:
- CVE-2019-14271: In Docker 19.03.x before 19.03.1 linked against the GNU C
Library (aka glibc), code injection can occur when the nsswitch facility
dynamically loads a library inside a chroot that contains the contents of
the container
Signed-off-by: Christian Stewart <christian@paral.in>
[Peter: mention security impact]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 0161899ae5)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security vulnerabilities:
- CVE-2019-19221: In Libarchive 3.4.0, archive_wstring_append_from_mbs in archive_string.c
has an out-of-bounds read because of an incorrect mbrtowc or mbtowc call. For example,
bsdtar crashes via a crafted archive.
And adds various security fixes. For details, see :
https://github.com/libarchive/libarchive/releases/tag/v3.4.1
Also remove upstreamed patch.
Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit bbc64eae62)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
mender-grubenv currently has 3 problems that prevent an x86_64-efi image from
successfully being made with the genimage.sh script.
- mender-grubenv does not currently depend on Grub2.
While Grub2 is not needed to build the mender-grubenv package, Grub2 needs
to be built first for mender-grubenv to overwrite the default Grub2 files
reliably.
- The MENDER_GRUBENV_ENV_DIR variable points to /boot/efi/EFI/BOOT instead of
/boot/EFI/BOOT, which is where the Grub2 package installs the default files.
This variable now points to the correct location.
- The Grub2 package installs images to $(BINARIES_DIR)/efi-part, which the
mender-grubenv package currently does not do. As such; the default Grub2
configuration file is used instead of the one provided by mender-grubenv.
Adding a MENDER_GRUBENV_INSTALL_IMAGES_CMDS define in mender-grubenv.mk which
copies the installed files from $(TARGET_DIR)/boot/EFI to
$(BINARIES_DIR)/efi-part fixes this issue.
Signed-off-by: Adam Duskett <aduskett@greenlots.com>
[Thomas:
- drop "runtime" on the depends on BR2_TARGET_GRUB2 since we now have
a build-time dependency on it
- explicitly copy the files installed by mender-grubenv in
MENDER_GRUBENV_INSTALL_IMAGES_CMDS instead of blindly copying
everything that is in $(TARGET_DIR)/boot/EFI]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 425f79087a)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security vulnerabilities:
- CVE-2019-14271: In Docker 19.03.x before 19.03.1 linked against the GNU C
Library (aka glibc), code injection can occur when the nsswitch facility
dynamically loads a library inside a chroot that contains the contents of
the container
Signed-off-by: Christian Stewart <christian@paral.in>
[Peter: mention security impact]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 39cffd5356)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security vulnerabilities:
containerd 1.2.9/gRPC:
- CVE-2019-9512: Some HTTP/2 implementations are vulnerable to ping floods,
potentially leading to a denial of service. The attacker sends continual
pings to an HTTP/2 peer, causing the peer to build an internal queue of
responses. Depending on how efficiently this data is queued, this can
consume excess CPU, memory, or both
- CVE-2019-9514: Some HTTP/2 implementations are vulnerable to a reset
flood, potentially leading to a denial of service. The attacker opens a
number of streams and sends an invalid request over each stream that
should solicit a stream of RST_STREAM frames from the peer. Depending on
how the peer queues the RST_STREAM frames, this can consume excess memory,
CPU, or both
- CVE-2019-9515: Some HTTP/2 implementations are vulnerable to a settings
flood, potentially leading to a denial of service. The attacker sends a
stream of SETTINGS frames to the peer. Since the RFC requires that the
peer reply with one acknowledgement per SETTINGS frame, an empty SETTINGS
frame is almost equivalent in behavior to a ping. Depending on how
efficiently this data is queued, this can consume excess CPU, memory, or
both
containerd 1.2.10/runc:
- CVE-2019-16884: runc through 1.0.0-rc8, as used in Docker through
19.03.2-ce and other products, allows AppArmor restriction bypass because
libcontainer/rootfs_linux.go incorrectly checks mount targets, and thus a
malicious Docker image can mount over a /proc director
Signed-off-by: Christian Stewart <christian@paral.in>
[Peter: mention security impact]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit f40f2bae81)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security vulnerability:
- CVE-2019-16884: runc through 1.0.0-rc8, as used in Docker through
19.03.2-ce and other products, allows AppArmor restriction bypass because
libcontainer/rootfs_linux.go incorrectly checks mount targets, and thus a
malicious Docker image can mount over a /proc directory.
Signed-off-by: Christian Stewart <christian@paral.in>
[Peter: mention security impact]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit dbbf08849b)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security vulnerabilities:
- CVE-2019-14861: Samba AD DC zone-named record Denial of Service in DNS
management server (dnsserver).
- CVE-2019-14870: DelegationNotAllowed not being enforced in protocol transition
on Samba AD DC.
https://www.samba.org/samba/history/samba-4.10.11.html
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Reported-by: Dan Walkes <danwalkes@trellis-logic.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 1c1e9e491e)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Update dependency documentation to detail the order-only relationship
associated with the DEPENDENCIES variable. See the thread at [1] for
details.
[1] http://lists.busybox.net/pipermail/buildroot/2019-October/262685.html
Signed-off-by: Dan Walkes <danwalkes@trellis-logic.com>
[yann.morin.1998@free.fr: indentation & slight rephrasing]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 05d4ce4445)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
intltool has been replaced by gettext since version 12.99.1 and
57e3ccaf51
so replace host-intltool by $(TARGET_NLS_DEPENDENCIES)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit c713047158)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Explictly enable the needed pyqt5 modules depending on Qt5 options or
packages
QtQuick moodule can't be built without opengl support so enable only
when OpenGL is available
Fixes:
- https://bugs.buildroot.org/show_bug.cgi?id=12121
- http://autobuild.buildroot.org/results/cb69c5daa564aa9f3250faa395399cb00a445e85
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Reviewed-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 2320dec34c)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit f64701b03d)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit d7e49f5f42 does not fully propagate
the dependency on a toolchain without bug 64735 to reverse dependencies
of boost-thread
Fixes:
- http://autobuild.buildroot.org/results/2b0ca8ce4df7496dcc7d078fae2114d75bd0a455
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit e458254460)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
boost-thread needs std::current_exception since version 1.71.0 and
386f5507cb
std::current_exception depends on !BR2_TOOLCHAIN_HAS_GCC_BUG_64735 as a
result, gnuradio fails to build on:
[ 12%] Building CXX object gnuradio-runtime/lib/pmt/CMakeFiles/gnuradio-pmt.dir/pmt_pool.cc.o
In file included from /home/test/autobuild/run/instance-2/output-1/host/arm-buildroot-linux-uclibcgnueabi/sysroot/usr/include/boost/exception/detail/exception_ptr.hpp:15:0,
from /home/test/autobuild/run/instance-2/output-1/host/arm-buildroot-linux-uclibcgnueabi/sysroot/usr/include/boost/exception_ptr.hpp:9,
from /home/test/autobuild/run/instance-2/output-1/host/arm-buildroot-linux-uclibcgnueabi/sysroot/usr/include/boost/thread/exceptional_ptr.hpp:10,
from /home/test/autobuild/run/instance-2/output-1/host/arm-buildroot-linux-uclibcgnueabi/sysroot/usr/include/boost/thread/future.hpp:34,
from /home/test/autobuild/run/instance-2/output-1/host/arm-buildroot-linux-uclibcgnueabi/sysroot/usr/include/boost/thread.hpp:24,
from /home/test/autobuild/run/instance-2/output-1/build/gnuradio-3.7.13.5/gnuradio-runtime/include/pmt/pmt_pool.h:27,
from /home/test/autobuild/run/instance-2/output-1/build/gnuradio-3.7.13.5/gnuradio-runtime/lib/pmt/pmt.cc:31:
/home/test/autobuild/run/instance-2/output-1/host/arm-buildroot-linux-uclibcgnueabi/sysroot/usr/include/boost/exception/diagnostic_information.hpp: In function 'std::string boost::current_exception_diagnostic_information(bool)':
/home/test/autobuild/run/instance-2/output-1/host/arm-buildroot-linux-uclibcgnueabi/sysroot/usr/include/boost/exception/diagnostic_information.hpp:49:26: error: 'current_exception' is not a member of 'std'
else if (auto* p=std::current_exception().__cxa_exception_type())
^
So add this dependency on boost-thread, boost-log and gnuradio (the only
reverse dependencies of boost-thread that does not already depends on
!BR2_TOOLCHAIN_HAS_GCC_BUG_64735)
Finally, add this dependency on gqrx as it is a reverse dependency of
gnuradio
Fixes:
- http://autobuild.buildroot.org/results/c384205cf50929c320d90b620f2390837721d9f9
- http://autobuild.buildroot.org/results/47440354b336b943b74b72fa303b079dc962bfd0
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit d7e49f5f42)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Set AM_CFLAGS to an empty value to avoid the following redefinition
error when building with our custom _FORTIFY_SOURCE:
/accts/mlweber1/rc-buildroot-test/scripts/instance-1/output/host/bin/mips-linux-gnu-gcc -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -Wall -Werror -Wuninitialized -Wundef -D_FILE_OFFSET_BITS=64 -D_FORTIFY_SOURCE=2 -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -Os -D_FORTIFY_SOURCE=1 -Wp,-MMD,3rdparty/hmac_sha/.hmac_sha2.o.d,-MT,3rdparty/hmac_sha/hmac_sha2.o -c 3rdparty/hmac_sha/hmac_sha2.c -o 3rdparty/hmac_sha/hmac_sha2.o
<command-line>:0:0: error: "_FORTIFY_SOURCE" redefined [-Werror]
Fixes:
- http://autobuild.buildroot.org/results/cfef9315441b5f4909b58a6dccd8bea8e67ae992
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 05a802f671)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This will fix a static build failure with imagemagick
Fixes:
- http://autobuild.buildroot.org/results/42f4b4881569779162d3efe4628b934f965913b9
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 062423d51a)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add a patch from the upstream AutoGen package that allows POSIX_SHELL
to be taken from the environment, then define that to be '/bin/sh'.
Since we are cross-compiling, the original behaviour of detecting the
host shell is not useful as we cannot assume that the target uses the
same shell, and it can prevent builds being reproducible because a
different host environment will result in a different target binary.
Signed-off-by: James Byrne <james.byrne@origamienergy.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 88f7948187)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Update the upstream URL in the help text in Config.in. Removing
the text from the beginning of the URL line addresses the 'Missing'
URL status in the package stats web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 7cc6df7a69)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
In board/freescale/common/imx/imx8-bootloader-prepare.sh, when
invoking mkimage_fit_atf.sh, the U-Boot DTB is passed as parameter, to
be included in the FIT image. This parameter usually comes from
BR2_ROOTFS_POST_SCRIPT_ARGS config option. The variable
BL33=u-boot.bin set in the invocation uses the u-boot image which is
including its embedded DTB. This means the U-Boot DTB is included
twice.
The upstream script mkimage_fit_atf.sh plus its Buildroot patch are
meant to use by default the nodtb variant and use the DTB in a
separate image. See [1] and [2].
The U-Boot default DTB which will be included in u-boot.bin image is
selected with U-Boot CONFIG_DEFAULT_DEVICE_TREE, or DEVICE_TREE
variable when invoking "make". If one of those option is not aligned
to the BR2_ROOTFS_POST_SCRIPT_ARGS config option, it's possible the
two included U-Boot DTBs are different. If such case happens, the
built-in DTB is always used, regardless of the other one, selected
with BR2_ROOTFS_POST_SCRIPT_ARGS.
For example, this case happens for TechNexion Pico Pi i.MX8M and
i.MX8MMini. Since the U-Boot defconfig assumes the nodtb version will
be used, it does not set the default DTB. The u-boot.bin will include
the fsl-imx8mm-evk instead. Including the wrong board DTB breaks the
USB and UMS commands (and possibly others). Since those boards does
not have SD card slots, a recovery serial download is needed at every
update.
This patch make sure that only the separate U-Boot DTB will be
included in the FIT image by using the nodtb variant.
[1] https://source.codeaurora.org/external/imx/imx-mkimage/tree/iMX8M/mkimage_fit_atf.sh?h=rel_imx_4.14.98_2.0.0_ga#n35
[2] https://git.busybox.net/buildroot/tree/package/imx-mkimage/0001-add-support-for-overriding-bl32-and-bl33-not-only-bl.patch?h=2019.11#n42
Signed-off-by: Julien Olivain <juju@cotds.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit d130f0a837)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The correct syntax that Qt5 understands for display names is
"HDMI1" and "LVDS1", so fix it accordingly.
Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit aac5060d5d)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
CVE-2019-17362:
"The der_decode_utf8_string function (in der_decode_utf8_string.c) does not
properly detect certain invalid UTF-8 sequences. This allows
context-dependent attackers to cause a denial of service (out-of-bounds read
and crash) or read information from other memory locations via carefully
crafted DER-encoded data."
Details:
https://github.com/libtom/libtomcrypt/issues/507https://nvd.nist.gov/vuln/detail/CVE-2019-17362
Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 62b34ed33b)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Update the upstream URL in the help text in Config.in. This
addresses the 'Invalid(405)' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit fc37106579)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Update the upstream URL in the help text in Config.in. This
addresses the 'Invalid(404)' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit ff0d2dd1f2)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Update the upstream URL in the help text in Config.in. This
addresses the 'Invalid(Err)' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 587006496c)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Update the upstream URL in the help text in Config.in. This
addresses the 'Invalid(404)' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 47e0aec2c9)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add an upstream URL to the help text in Config.in. This
addresses the 'Missing' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 6c74afc128)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This variable is never defined, so it is empty. Using it makes the
code needlessly more complicated than it needs to be, so let's drop
it.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit d6febe48c8)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Needed for packages which depend on openipmi.
Signed-off-by: Alexey Lukyanchuk <skif@skif-web.ru>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 3c5912b2ec)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Update the upstream URL in the help text in Config.in. This
addresses the 'Invalid(Err)' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 1a31c20c86)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Update the upstream URL in the help text in Config.in. This
addresses the 'Invalid(404)' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 3661a3e3a9)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add an upstream URL to the help text in Config.in. This
addresses the 'Missing' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 3e581829e9)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add an upstream URL to the help text in Config.in. This
addresses the 'Missing' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 14dabed5ef)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add an upstream URL to the help text in Config.in. This
addresses the 'Missing' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Reviewed-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 77c7fa9539)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add an upstream URL to the help text in Config.in. This
addresses the 'Missing' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Reviewed-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit a7edcb7a7c)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Update the upstream URL in the help text in Config.in. This
addresses the 'Invalid(405)' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit a2d09a16f0)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
For musl toolchain timezone.c needs time.h include.
Fixes:
http://autobuild.buildroot.net/results/77346a2cdb9eeef661527fb9566019f3cd1b82c9
In file included from util.c:28:
timezone.c: In function 'mktime':
timezone.c:644:18: error: dereferencing pointer to incomplete type 'struct tm'
save_isdst = tm->tm_isdst;
timezone.c:661:11: warning: implicit declaration of function 'localtime'; did you mean 'dostime'? [-Wimplicit-function-declaration]
ltm = localtime(&then);
timezone.c:661:9: warning: assignment to 'struct tm *' from 'int' makes pointer from integer without a cast [-Wint-conversion]
ltm = localtime(&then);
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 376d2e8564)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
autoreconf is not needed since bump to version 0.36.2 in commit
76f86c409d
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 1d2c4081f0)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
