Testing buildroot 2021.05 I observed that after first
boot I was having the following folders:
/context:
/system_u:object_r:auditd_log_t
The root of this problem turned to be a difference in the
output of $(selabel_lookup -b file -k /var/log/audit) called
by S02auditd that from this version on looks like:
$ selabel_lookup -b file -k /var/log/audit
Default context: system_u:object_r:auditd_log_t
This patch will cut it to retrieve the type piece only. Unfortunately,
audit has no options to create machine-readable output that is
guaranteed not to change, so that's the best we can do.
Signed-off-by: José Pekkarinen <jose.pekkarinen@unikie.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
dtbocfg, which stands for Device Tree Blob Overlay Configuration
File System, was developed to serve as a userspace API of Device
Tree Overlay.
https://github.com/ikwzm/dtbocfg
Signed-off-by: Herve Codina <herve.codina@bootlin.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 516b837002)
[Peter: drop Makefile change]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Use release/0.5.0 tag instead of commit hash so
http://autobuild.buildroot.org/stats will report package as up to date
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The list of tests is as follows:
TestGdbHostOnlyDefault: build just minimal host-gdb, default version
TestGdbHostOnlyAllFeatures: build host-gdb, default version, with all
features enabled (TUI, Python, simulator)
TestGdbserverOnly: build just target gdbserver, default version
TestGdbFullTarget: build just target gdb, default version
TestGdbHostOnly9x: build minimal host-gdb, 9.x version
TestGdbHostGdbserver9x: build minimal host-gdb 9.x + gdbserver
TestGdbHostGdbTarget9x: build minimal host-gdb 9.x + full gdb
TestGdbHostOnly11x: build minimal host-gdb, 11.x version
TestGdbHostGdbserver11x: build minimal host-gdb 11.x + gdbserver
TestGdbHostGdbTarget11x: build minimal host-gdb 11.x + gdb
TestGdbArc: build minimal host-gdb + gdb + gdbserver, for the special
ARC architecture version
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Now that gdb 11.x has been added, that 10.x is the default, we can
drop version 8.3.x.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
When doing this, we can simplify the RISC-V related logic. Indeed, as
there was no support for RISC-V in gdb 9.x, which was the current
default, we had some trickery in the Config.in file to ensure gdb 10.x
was used by default on RISC-V. However now that 10.x is the default
for everybody, this trickery is no longer needed.
Also, we now needs to enable BR2_PACKAGE_GDB_TOPLEVEL when host-gdb is
not built, as the default target gdb version is 10.x, and threfore
requires BR2_PACKAGE_GDB_TOPLEVEL=y.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
All patch from gdb 10.2 are kept.
Starting from version 11.x, gdb needs the gmp library. The target
variant needs a bit of care: if BR2_GDB_VERSION_11 is not set, either
the host gdb is not enabled, in which case the default for the target
gdb is 9.x, or the host gdb is enabled, and another version is selected.
Signed-off-by: Michael Fischer <mf@go-sys.de>
[Thomas:
- fix how the gmp dependency is handled
- set BR2_PACKAGE_GDB_TOPLEVEL to y for gdb 11.x
- fix how BR2_GDB_VERSION is set for gdb 11.x]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
[yann.morin.1998@free.fr:
- only select target gmp if using gdb 11
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Repeat after me: "Forcing the value of <pkg>_DEPENDENCIES inside a
conditional is the root of all evil."
Repeat after me: "Forcing the value of <pkg>_DEPENDENCIES inside a
conditional is the root of all evil."
Repeat after me: "Forcing the value of <pkg>_DEPENDENCIES inside a
conditional is the root of all evil."
Repeat after me: "Forcing the value of <pkg>_DEPENDENCIES inside a
conditional is the root of all evil."
Enough? :-)
Due to this mistake, any other GDB_DEPENDENCIES defined before this
assignment were lost. For example, the host-flex host-bison added
inside the GDB_FROM_GIT==y condition were ignored if
BR2_PACKAGE_GDB_DEBUGGER.
Fixes the build of all ARC configurations that have
BR2_PACKAGE_GDB_DEBUGGER enabled.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Changelog:
- Update CYW43455 bluetooth firmware,
Second Spectra fix for CYW43455 (CVE-2020-10370)
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Changelog:
- Update CYW43455 bluetooth firmware,
Second Spectra fix for CYW43455 (CVE-2020-10370)
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This update is critical for linking against GLIBC v2.34, due to the
changes related to 64-bit time_t on 32-bit systems. See ChangeLog
for details:
https://github.com/troglobit/libuev/releases/tag/v2.4.0
Signed-off-by: Joachim Wiberg <troglobit@gmail.com>
Reviewed-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This package is affected by gcc bug 43744 and I have not found a work
around for it(i.e. the common -O0 we use or other), so let's disable it if
gcc has such bug.
Fixes:
http://autobuild.buildroot.net/results/1db/1db6c59c98e3c09fa13277076ee2fbe7967f1f6b/
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fix the following build failure raised since bump of autoconf to version
2.71 in commit ecd54b65c1:
autoreconf: error: cannot create config/autoconf: No such file or
directory
Indeed, the config/autoconf directory does not exist, and therefore
the AC_CONFIG_AUX_DIR invocation serves no purpose.
Fixes:
- http://autobuild.buildroot.org/results/433599039d6e1ee301465f9867e169c121a0646f
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Since I'm the upstream maintainer and we use it for $DAYJOB, I'll adopt.
Signed-off-by: Joachim Wiberg <troglobit@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Upstream now supplies sha256 hashes, so drop upstream md5 and locally
computed sha256 in favor of that.
The hash for LICENSE has changed due to the copyright years and author
last name being updated.
The hash for chomp.c and pidfile.c has been changed due to copyright
years and author last name being updated, as well as doxygen comments
being added to the files.
Signed-off-by: Joachim Wiberg <troglobit@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Changelog (for details see [1]):
- Fix for memory corruption issue when listening to same node (#99)
[1] https://github.com/RidgeRun/gst-interpipe/releases/tag/1.1.6
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Use standard install target as update target has been removed with
5484cf9a13/
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Select BR2_PACKAGE_WOLFSSL_ALL as suggested by upstream in
https://github.com/curl/curl/issues/7745 to fix the following build
failure raised since bump to version 7.79.1 in commit
6d6842130b:
/home/giuliobenetti/autobuild/run/instance-3/output-1/host/lib/gcc/riscv64-buildroot-linux-uclibc/10.3.0/../../../../riscv64-buildroot-linux-uclibc/bin/ld: ../lib/.libs/libcurl.so: undefined reference to `wolfSSL_ERR_clear_error'
Fixes:
- http://autobuild.buildroot.org/results/2956c8fb91a16d2ab59fb1c7babec46a6c8399e5
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security issue:
- SQUID-2020:12 Out-Of-Bounds memory access in WCCPv2
(CVE-2021-28116 aka ZDI-CAN-11610)
Due to an out of bounds memory access Squid is vulnerable to an
information leak vulnerability when processing WCCPv2 messages.
This problem allows a WCCPv2 sender to corrupt Squids list of
known WCCP routers and divert client traffic to attacker
controlled routers.
This attack is limited to Squid proxy with WCCPv2 enabled and
IP spoofing of a router IP address configured as trusted in
squid.conf.
For more details, see the advisory:
http://lists.squid-cache.org/pipermail/squid-announce/2021-October/000136.html
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
go1.17.2 (released 2021-10-07) includes a security fix to the linker and
misc/wasm directory, as well as bug fixes to the compiler, the runtime, the go
command, and to the time and text/template packages.
https://golang.org/doc/devel/release#go1.17.minor
Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Changelog (since 2021.04.21):
47007d0 wireless-regdb: update regulatory database based on preceding changes
e983a25 Update regulatory rules for Ecuador (EC)
a0bcb88 wireless-regdb: Update regulatory rules for Norway (NO) on 6 and 60 GHz
cdf854d wireless-regdb: Update regulatory rules for Germany (DE) on 6GHz
a4468e8 wireless-regdb: update regulatory database based on preceding changes
86cba52 wireless-regdb: reduce bandwidth for 5730-5850 and 5850-5895 MHz in US
6fa2384 wireless-regdb: remove PTMP-ONLY from 5850-5895 MHz for US
9839e1e wireless-regdb: recent FCC report and order allows 5850-5895 immediately
42dfaf4 wireless-regdb: update 5725-5850 MHz rule for GB
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix CVE-2021-41617: sshd in OpenSSH 6.2 through 8.x before 8.8, when
certain non-default configurations are used, allows privilege escalation
because supplemental groups are not initialized as expected. Helper
programs for AuthorizedKeysCommand and AuthorizedPrincipalsCommand may
run with privileges associated with group memberships of the sshd
process, if the configuration specifies running the command as a
different user.
https://www.openssh.com/txt/release-8.8https://www.openssh.com/txt/release-8.7
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This patch removes unneeded redirections when
calling iptables-restore and iptables-save, and
it adds the save operation to the usage help.
Signed-off-by: José Pekkarinen <jose.pekkarinen@unikie.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
According to the package release notes
(https://github.com/oauthlib/oauthlib/releases/tag/v3.1.1),
python2 isn't supported anymore.
All the reverse dependencies are already python3-only.
Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
python-meld3 is not a dependency since bump to version 4.1.0 in commit
5da3e1a3e6 and
d09d843493
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This package uses meson-package infrastracture, so we don't need to
explicitly pass its additional CFLAGS to some variable. The only thing we
need to pass them is to use MESA3D_CFLAGS, because in package/pkg-meson.mk
we have:
$(2)_CFLAGS ?= $$(TARGET_CFLAGS)
that makes the work automatically, where $(2) is exactly the package name,
though $(2)_CFLAGS expands to MESA3D_CFLAGS.
So let's remove the MESA3D_CONF_OPTS += -DCMAKE_C_FLAGS="$(MESA3D_CFLAGS)"
line that has been added by mistake.
Note: this doesn't fix any bug, but remove an unnecessary and ambiguos line
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>