Gaël Portay is apparently no longer at Collabora:
<gael.portay@collabora.com>: host mail.collabora.co.uk[46.235.227.172] said:
550 5.1.1 <gael.portay@collabora.com>: Recipient address rejected: User
unknown in local recipient table (in reply to RCPT TO command)
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 91562c9045)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes:
- https://bugs.buildroot.org/show_bug.cgi?id=14881
The package provides a library and a .pc file, so install it into staging as
well.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Acked-by: Joachim Wiberg <troglobit@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit faeebe0858)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix CVE-2022-2085: A NULL pointer dereference vulnerability was found in
Ghostscript, which occurs when it tries to render a large number of bits
in memory. When allocating a buffer device, it relies on an
init_device_procs defined for the device that uses it as a prototype
that depends upon the number of bits per pixel. For bpp > 64,
mem_x_device is used and does not have an init_device_procs defined.
This flaw allows an attacker to parse a large number of bits (more than
64 bits per pixel), which triggers a NULL pointer dereference flaw,
causing an application to crash.
Drop patch (already in version)
https://www.ghostscript.com/doc/9.56.0/News.htmhttps://www.ghostscript.com/doc/9.56.1/News.htm
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit df91a970b6)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit bf46a455bf)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Changelog: https://github.com/jedisct1/pure-ftpd/blob/master/ChangeLog
Updated copyright hash due to copyright year bump:
cf1a9705c6
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit ad54a80465)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix the following build failure without sched_yield raised since bump to
version 7.84.0 in commit b034109dd6:
In file included from easy.c:89:
easy_lock.h: In function 'curl_simple_lock_lock':
easy_lock.h:56:7: error: implicit declaration of function 'sched_yield' [-Werror=implicit-function-declaration]
56 | sched_yield();
| ^~~~~~~~~~~
Fixes:
- http://autobuild.buildroot.org/results/fbc80a0002d640210c81a4c518856c02669059b7
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Reviewed-by: Baruch Siach <baruch@tkos.co.il>
Tested-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit a5adc9b658)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This patch fixes the DP audio and video PLL configurations for the zynqmp-sm-k26-revA som.
It needs to be applied for both the kv260 and kr260 starter kits.
The Linux DP driver expects the DP to be using the following PLL config:
- DP video PLL should use the VPLL (0x0)
- DP audio PLL should use the RPLL (0x3)
- DP system time clock PLL should use RPLL (0x3)
Register 0xFD1A0070 configures the DP video PLL.
Register 0xFD1A0074 configures the DP audio PLL.
Register 0xFD1A007C configures the DP system time clock PLL.
This patch was build and run tested on a zynqmp-kria-kv260 target board.
Upstream-Status: submitted (https://lore.kernel.org/all/fa7e9abc419c9d7648405d1c62367dbe701d09b8.1652709736.git.michal.simek@amd.com/)
This patch will be removed from buildroot in a future release when no longer necessary.
Signed-off-by: Neal Frager <neal.frager@amd.com>
Reviewed-by: Luca Ceresoli <luca@lucaceresoli.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit da7b674d91)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This patch improves the documentation for kria k26 som qspi programming.
Signed-off-by: Neal Frager <neal.frager@amd.com>
Reviewed-by: Luca Ceresoli <luca@lucaceresoli.net>
[Peter: drop trailing spaces]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 0017c3daa8)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This patch fixes an ATF issue by building the ATF for uart1 instead
of uart0 for the Kria KV260 Starter Kit.
Signed-off-by: Neal Frager <neal.frager@amd.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit d488c94630)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
nginx has been replaced by f5 since February 2022:
<cpe-item name="cpe:/a:nginx:nginx:1.18.0" deprecated="true" deprecation_date="2022-02-22T19:26:32.967Z">
<reference href="https://nginx.org/en/CHANGES-1.18">Change Log</reference>
<cpe-23:cpe23-item name="cpe:2.3🅰️nginx:nginx:1.18.0:*:*:*:*:*:*:*">
<cpe-23:deprecated-by name="cpe:2.3🅰️f5:nginx:1.18.0:*:*:*:*:*:*:*" type="NAME_CORRECTION"/>
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Af5%3Anginx
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 3bd30f4a13)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix the following build failure with musl-fts raised since bump to
version 4.4.1 in commit cc66cf922b and
e1f4c2ac91:
/home/giuliobenetti/autobuild/run/instance-1/output-1/host/opt/ext-toolchain/bin/../lib/gcc/powerpc-buildroot-linux-uclibc/10.3.0/../../../../powerpc-buildroot-linux-uclibc/bin/ld: tcpreplay-tcpreplay.o: in function `main':
tcpreplay.c:(.text.startup+0x21c): undefined reference to `fts_open'
Fixes:
- http://autobuild.buildroot.org/results/e47940b5b158395329c0132bb1bbea429c4dc249
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 4138151e44)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
- Fix CVE-2021-45386: tcpreplay 4.3.4 has a Reachable Assertion in
add_tree_ipv6() at tree.c
- Fix CVE-2021-45387: tcpreplay 4.3.4 has a Reachable Assertion in
add_tree_ipv4() at tree.c.
https://github.com/appneta/tcpreplay/blob/v4.4.1/docs/CHANGELOG
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit cc66cf922b)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
PJSIP is a free and open source multimedia communication library written
in C language implementing standard based protocols such as SIP, SDP,
RTP, STUN, TURN, and ICE. In versions prior to and including 2.12.1 a
stack buffer overflow vulnerability affects PJSIP users that use STUN in
their applications, either by: setting a STUN server in their
account/media config in PJSUA/PJSUA2 level, or directly using
`pjlib-util/stun_simple` API.
https://github.com/pjsip/pjproject/security/advisories/GHSA-26j7-ww69-c4qj
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Reviewed-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 7ea3831685)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix the following guile build failure without NPTL raised since the
addition of bdwgc in commit b0476427f6 and
7896408d41:
configure:60776: checking for GC_is_heap_ptr
configure:60776: /home/buildroot/autobuild/instance-2/output-1/host/bin/arm-buildroot-linux-uclibcgnueabi-gcc -std=gnu11 -o conftest -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -O1 -g0 -DHAVE_GC_SET_FINALIZER_NOTIFIER -DHAVE_GC_GET_HEAP_USAGE_SAFE -DHAVE_GC_GET_FREE_SPACE_DIVISOR -DHAVE_GC_SET_FINALIZE_ON_DEMAND -flto -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 conftest.c -L/home/buildroot/autobuild/instance-2/output-1/host/bin/../arm-buildroot-linux-uclibcgnueabi/sysroot/usr/lib -latomic_ops -lgc -lpthread -ldl -latomic -lm >&5
/home/buildroot/autobuild/instance-2/output-1/host/lib/gcc/arm-buildroot-linux-uclibcgnueabi/10.3.0/../../../../arm-buildroot-linux-uclibcgnueabi/bin/ld: /home/buildroot/autobuild/instance-2/output-1/host/bin/../arm-buildroot-linux-uclibcgnueabi/sysroot/usr/lib/libgc.so: undefined reference to `pthread_getattr_np'
[...]
In file included from ../libguile/alist.h:26,
from ../libguile.h:31,
from guile.c:38:
../libguile/pairs.h:205:1: error: conflicting types for 'GC_is_heap_ptr'
205 | GC_is_heap_ptr (void *ptr)
| ^~~~~~~~~~~~~~
In file included from ../libguile/bdw-gc.h:48,
from ../libguile/gc.h:142,
from ../libguile/pairs.h:26,
from ../libguile/alist.h:26,
from ../libguile.h:31,
from guile.c:38:
/home/buildroot/autobuild/instance-2/output-1/host/arm-buildroot-linux-uclibcgnueabi/sysroot/usr/include/gc/gc.h:551:20: note: previous declaration of 'GC_is_heap_ptr' was here
551 | GC_API int GC_CALL GC_is_heap_ptr(const void *);
| ^~~~~~~~~~~~~~
Fixes:
- http://autobuild.buildroot.org/results/819f231a60fc81f9a8dd07bf5411aa9d8f78c3bb
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 41d60d0164)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Drop patch which is now upstream.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 613a3ac3d0)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit a9281777a3)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 7ceabd4846)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 5b073d8bbc)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 347af9f125)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Drop patch which is now upstream.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 88d70d2c2b)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 6bf46fc5cc)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 2d230792e3)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 65852010cd)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit b1a2a28460)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit d8376fc31e)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix the following build failure with libsamplerate or minimodem raised
since bump to version 1.1.0 in commit
c59a9d12b7:
powerpc-buildroot-linux-uclibc-gcc.br_real: error: EXTERNAL_MPEG_LIBS@: No such file or directory
Add host-pkgconf dependency to avoid the following build failure when
running autoreconf:
configure.ac:345: error: macro PKG_INSTALLDIR is not defined; is a m4 file missing?
m4/ax_require_defined.m4:35: AX_REQUIRE_DEFINED is expanded from...
Fixes:
- http://autobuild.buildroot.org/results/6de2d7634b1958693b7cf96fbcc79121f92347e9
- http://autobuild.buildroot.org/results/bf66b19cacd6394957f534035af647ddd8037d60
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit affabe47a2)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix the following security issues:
- Heap buffer overflow in wavlike_ima_decode_block()
- Heap buffer overflow in msadpcm_decode_block()
- Heap buffer overflow in psf_binheader_readf()
- Index out of bounds in psf_nms_adpcm_decode_block()
- Heap buffer overflow in flac_buffer_copy()
- Heap buffer overflow in copyPredictorTo24()
- Uninitialized variable in psf_binheader_readf()
Drop patch (already in version)
While at it, also drop mention of CVE-2018-13419 which is correctly
tagged as only affecting version 1.0.28 in NVD NIST database:
https://nvd.nist.gov/vuln/detail/CVE-2018-13419https://github.com/libsndfile/libsndfile/releases/tag/1.1.0
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit c59a9d12b7)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Disable paxtest on microblaze to avoid the following build failure:
shlibtest.c:9:1: error: requested alignment '65536' exceeds object file maximum 32768
9 | char shbss[PAGE_SIZE_MAX] __pagealigned;
| ^~~~
Updating second patch to set PAGE_SIZE_MAX to 32768 will raise another
build failure:
/tmp/cccMSYDr.s: Assembler messages:
/tmp/cccMSYDr.s: Error: PC relative branch to label buf which is not in the instruction space
Fixes:
- http://autobuild.buildroot.org/results/aba489143b4017617f67c1012bba1f4687708380
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit abfca98ea2)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Nicolas POIROT <ni.poirot@laposte.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 5c5f30cbc7)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix the following build failure without SSP raised since the addition of
the package in commit f0d37e275a:
/home/autobuild/autobuild/instance-5/output-1/host/lib/gcc/i686-buildroot-linux-musl/9.4.0/../../../../i686-buildroot-linux-musl/bin/ld: talloc.c.5.o: in function `_vasprintf_tc':
talloc.c:(.text+0x427d): undefined reference to `__stack_chk_fail_local'
Fixes:
- http://autobuild.buildroot.org/results/e221bde25c7622db99761d0adcd56663296beb15
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
(cherry picked from commit 6a8dae6ddd)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
libmodsecurity embeds several mbedtls source files since version 3.0.0
and
a3ae686f25
resulting in the following static build failure if curl is built with
mbedtls support:
/home/buildroot/autobuild/instance-0/output-1/host/opt/ext-toolchain/m68k-buildroot-uclinux-uclibc/bin/ld.real: /home/buildroot/autobuild/instance-0/output-1/host/bin/../m68k-buildroot-uclinux-uclibc/sysroot/usr/lib/libmbedcrypto.a(md5.c.o): in function `mbedtls_md5_free':
md5.c:(.text+0x16): multiple definition of `mbedtls_md5_free'; ../../src/.libs/libmodsecurity.a(libmbedtls_la-md5.o):md5.c:(.text+0x16): first defined here
Fixes:
- http://autobuild.buildroot.org/results/98472a3a41cdbcb3d02289a437074a267f4b2e8e
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
(cherry picked from commit 9fc652a373)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix version to better match what is expected by NVD NIST database,
release-monitoring.org as well as upstream github
(https://github.com/freeswitch/sofia-sip/tags)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
(cherry picked from commit 978800fadb)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
