See:
https://sourceware.org/glibc/wiki/Release/2.37https://lists.gnu.org/archive/html/info-gnu/2023-02/msg00000.html
Security related changes:
CVE-2022-39046: When the syslog function is passed a crafted input
string larger than 1024 bytes, it reads uninitialized memory from the
heap and prints it to the target log file, potentially revealing a
portion of the contents of the heap
Remove patch 0001-Revert-Linux-Implement-a-useful-version-of-_startup_.patch fixed
in 2.37 release by [1].
[1] https://sourceware.org/bugzilla/show_bug.cgi?id=29249
Signed-off-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Sebastian Weyer <sebastian.weyer@smile.fr>
Tested-by: Bagas Sanjaya <bagasdotme@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The shebang in check-package now defines python3. There is no longer a
need to maintain support with python 2.x.
See-also: 02b165dc71 (check-package: fix Python3 support)
Signed-off-by: Vincent Fazio <vfazio@gmail.com>
Tested-by: James Knight <james.d.knight@live.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Since kernel version 6.2, the minimum GNU Make version is 3.82 [1]. We
have an optional host-make 4.0 minimum dependency, so we can use it as
is. It's a bit unfortunate that we have to apply this even to older
kernel versions, but make itself builds fairly fast compared to the
kernel.
Use BR2_MAKE and BR2_MAKE1 for linux, and depend on
BR2_MAKE_HOST_DEPENDENCY. In addition, we need to set LINUX_MAKE to
BR2_MAKE for use in the kconfig infrastructure.
Signed-off-by: Oleg Lyovin <ovlevin@sberdevices.ru>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Since kernel version 6.2, the minimum GNU Make version is 3.82 [1]. We
have an optional host-make 4.0 minimum dependency, so we can use it as
is. It's a bit unfortunate that we have to apply this even to older
kernel versions, but make itself builds fairly fast compared to the
toolchain (which is the only reason to build linux-headers).
Use BR2_MAKE for linux-headers, and depend on BR2_MAKE_HOST_DEPENDENCY.
Signed-off-by: Oleg Lyovin <ovlevin@sberdevices.ru>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Excerpt of https://github.com/troglobit/mg/releases/tag/v3.6:
- Sync with mg upstream, OpenBSD 7.2, as of April 10 2023
- Drop trailing whitespace on RET (c-mode)
- Add zap-to-char and zap-up-to-char, binding the former to M-z
- Fix dobeep_msgs() usage, does not support format strings, this may
have caused unexpected crashes for some operations, e.g. goto line
that does not exist
- Fix memleaks and possible crashes in ctags support
- Fall back to /bin/sh if $SHELL is undefined
- Fix typos and duplicate undo in *quick* help buffer
- Add support for exuberant/universal Ctags tags file format
- Add support for M-, to pop-tag-mark, like GNU Emacs
Signed-off-by: Joachim Wiberg <troglobit@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
This patch bumps version of the sunxi-tools to latest commit on master branch.
There are no new tags\releases since 2016 so let's use commit hash as version.
New version brings support for the following SOCs: A63, V5, R528/T113s, V853,
F1C100s, R329, H616, H6
Signed-off-by: Maksim Kiselev <bigunclemax@gmail.com>
[Arnout: use full hash in VERSION]
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
When we updated .checkpackageignore in commit 29d6f319a, this was done
using a different version of shellcheck, that apparently detects some
additional issues. Thus,
board/terasic/de10nano_cyclone5/barebox-env/boot/mmc was detected as
containing shellcheck errors. However this doesn't happen with the
version in CI, leading to "Shellcheck was expected to fail" errors.
Re-generate .checkpackageignore under docker-run, like it should have
been done to begin with.
Fixes: 29d6f319a0
Fixes: https://gitlab.com/buildroot.org/buildroot/-/jobs/4084485150
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
This package is no longer used as python-pypa-build now uses
python-pyproject-hooks instead. In fact, pyproject-hooks is simply the
new name of pep517 [1].
[1] https://github.com/pypa/pyproject-hooks/issues/136
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
It's been ages (5 years at the next release) that we've not installed
host packages in $(HOST_DIR)/usr, but we still have a few packages that
reference it or install things in there. See [1]
Add a new check_function that warns when a file is added installing to
or referencing $(HOST_DIR)/usr .
[1] "d9ff62c4cd pacakge: drop remnants of $(HOST_DIR)/usr"
Cc: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
[Arnout: exclude skeleton.mk with disable comment instead of explicit
code]
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
For years already, $(HOST_DIR)/usr is deprecated. Install directly in
$(HOST_DIR). This will trigger a check-package error in the following
commit.
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Teach check-package to detect python files by type and check them using
flake8.
Do not use subprocess to call 'python3 -m flake8' in order to avoid too
many spawned shells, which in its turn would slow down the check for
multiple files. (make check-package takes twice the time using a shell
for each flake8 call, when compared of importing the main application)
Expand the runtime test and the unit tests for check-package.
Remove check-flake8 from the makefile and also from the GitLab CI
because the exact same checks become part of check-package.
Suggested-by: Arnout Vandecappelle <arnout@mind.be>
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
[Arnout: add a comment to x-python to explain its purpose]
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
The .mk files inside both support/dependencies and support/misc are not
package recipes, similar to package/pkg-*.mk. The check-package don't
apply to them. Therefore ignore such files.
In the test infra, some br2-externals are used as fixtures to provide
(sometimes) failure cases, so ignore files in these directories.
Files inside support/kconfig are files copied from linux upstream, so do
not generate warnings for them.
support/gnuconfig contains auto-generated config.{guess,sub} files,
so do not generate shellcheck warnings for them.
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
When a SysV init script is inside package/ it doesn't need to be
executable. However, when an init script is inside a fs_overlay, it
*does* need to be executable. Therefore, skip the NotExecutable test for
init scripts. We detect them based on the directory /etc/init.d
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
[Arnout: update .checkpackageignore]
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Move RUSTFLAGS for host builds to HOST_PKG_CARGO_ENV so that they
are set for host cargo builds which don't use the cargo infrastructure,
e.g. python packages that include rust code.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Bump U-Boot to version 2023.04 and remove the patch that has already
been upstreamed.
Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
https://github.com/stephane/libmodbus/releases/tag/v3.1.10
Also update URL in Config.in to use https instead of http.
Also remove --without-documentation configure option, which already
didn't exist in 3.1.8.
Signed-off-by: Daniel Lang <dalang@gmx.at>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
mdadm contains various udev rules to manage RAID assembly and create
symlinks, install them if udev (or equivalent) is enabled.
Signed-off-by: Simon Rowe <simon.rowe@nutanix.com>
[Arnout: use MDADM_INSTALL_TARGET_OPTS for install-bin as well]
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Fixes, from https://github.com/troglobit/libite/releases/tag/v2.5.3
- rsync() does not copy single files correctly
- copyfile() does not handle empty source files correctly (error)
- copyfile() does not properly create destination dir
Signed-off-by: Joachim Wiberg <troglobit@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
The version of U-Boot must be explicitly set because if you keep the
default setting, the bootloader is continuously updated in buildroot with
the risk of building a non-working image.
Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
The matio package exhibits gcc bug 99410 when built for the Nios2
architecture with optimization enabled, which causes a build failure.
As done for other packages in Buildroot work around this gcc bug by
setting optimization to -O0 if BR2_TOOLCHAIN_HAS_GCC_BUG_99410=y.
Fixes:
http://autobuild.buildroot.net/results/971/9714160b80a0d1a01983d29af38a95049c07b4d3/
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
go1.19.8 (released 2023-04-04) includes security fixes to the go/parser,
html/template, mime/multipart, net/http, and net/textproto packages, as well as
bug fixes to the compiler, the linker, the runtime, and the time package.
Fixes security vulnerabilities:
go/parser: infinite loop in parsing (CVE-2023-24537)
html/template: backticks not treated as string delimiters (CVE-2023-24538)
net/http, net/textproto: denial of service from excessive memory
allocation (CVE-2023-24534)
net/http, net/textproto, mime/multipart: denial of service from excessive
resource consumption (CVE-2023-24536)
https://go.dev/doc/devel/release#go1.19.8https://github.com/golang/go/issues?q=milestone%3AGo1.19.8+label%3ACherryPickApproved
Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Drop upstream patches.
Update license to include mode licenses. Add license file hashes and
update hashes of existing files for added licenses, as well as
formatting and copyright date updates.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Bump U-Boot to version 2023.04.
Tested on beaglebone black.
Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Although this is a "boot loader", it really is a tool that should be
part of an image that acts as the bootloader. Thus, it is not in the
bootloader menu.
A UI is required and can be provided by ncurses, X11 or fbdev. Only
ncurses is supported for now. The other two use libtwin which isn't part
of Buildroot for now.
Adapted from https://github.com/glevand/petitboot--buildroot
Updated to work with m68k architecture rather than just PlayStation3
(focused on qemu-system-m68k virt machine)
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Reviewed-by: Thomas Huth <huth@tuxfamily.org>
[Arnout:
- Add missing arch and toolchain dependencies.
- Remove nonexistent BR2_PACKAGE_NCURSES_TARGET_* selects.
- Swap kexec/kexec-lite priority.
- Add hash for license file.
- Use version without v for VERSION.
- Remove unnecessary --localstatedir=/var.
- Add --disable-busybox.
- Remove --enable-debug.
- Remove --with-ncursesw and explicit libraries.
- Add explicit arguments for all configure options.
- Always select busybox tftp.
- Add optional dependency on dtc.
- Move dtc-specific options under a single condition.
- Minor cleanups (whitespace, comments, ...).
]
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
kexec supports m68k since commit
027413d822fd57dd39d2d2afab1484bc6b6b84f9 in v2.0.5
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Reviewed-by: Thomas Huth <huth@tuxfamily.org>
[Arnout:
- Split off in a separate commit.
]
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
This release contains some fixes and small improvements. For the
full list see:
https://github.com/moby/moby/releases/tag/v23.0.3
Signed-off-by: Stefan Agner <stefan@agner.ch>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixed a number of issues that can cause Swarm encrypted overlay networks
to fail to uphold their guarantees, addressing CVE-2023-28841,
CVE-2023-28840, and CVE-2023-28842.
https://github.com/moby/moby/releases/tag/v23.0.3
Signed-off-by: Stefan Agner <stefan@agner.ch>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This release contains some fixes and small improvements. For the
full list see:
https://github.com/moby/moby/releases/tag/v23.0.2
Signed-off-by: Stefan Agner <stefan@agner.ch>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>