From [1]
"Xorg does not implement real dynamic linking and requires that its
modules get loaded in the right order."
From /var/log/Xorg.0.0.log:
(II) LoadModule: "modesetting"
(II) Loading /usr/lib/xorg/modules/drivers/modesetting_drv.so
(EE) Failed to load /usr/lib/xorg/modules/drivers/modesetting_drv.so: /usr/lib/xorg/modules/drivers/modesetting_drv.so: undefined symbol: shadowRemove
Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/1255661899
[1] https://forums.gentoo.org/viewtopic-p-8245578.html#8245578
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Since the mesa3d bump to version 21.0.3 [1], the
BR2_PACKAGE_MESA3D_DRI_DRIVER_SWRAST option is not supported anymore
since the mesa DRI swrast driver has been removed upstream
So, switch to Gallium swrast.
[1]15a2f9b819806d38a7d8172a20f80130b1d60e63
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
For an unknown reason, gerbera fails to build with -Os and gcc 9 or 10
since bump to version 1.8.0 in commit 8974596836:
[100%] Linking CXX executable gerbera
/home/giuliobenetti/autobuild/run/instance-3/output-1/host/opt/ext-toolchain/bin/../lib/gcc/x86_64-buildroot-linux-gnu/10.2.0/../../../../x86_64-buildroot-linux-gnu/bin/ld: liblibgerbera.a(content_manager.cc.o): in function `ContentManager::_rescanDirectory(std::shared_ptr<AutoscanDirectory>&, int, std::shared_ptr<GenericTask> const&)':
content_manager.cc:(.text+0xb53b): undefined reference to `std::__shared_ptr<std::filesystem::__cxx11::_Dir, (__gnu_cxx::_Lock_policy)2>::swap(std::__shared_ptr<std::filesystem::__cxx11::_Dir, (__gnu_cxx::_Lock_policy)2>&)'
collect2: error: ld returned 1 exit status
A similar build failure has been reported as gcc bug 91067:
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91067
But this bug has been fixed since gcc 9.3 and 10.1 and build failures
are raised with gcc 10.2
To fix this build failure, set optimisation to -O2 if needed
Fixes:
- http://autobuild.buildroot.org/results/a4ee8ad7ff93939716673b611c7cc3f68dafa3d0
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Specify that iostat 'package' has been removed to be consistent with
other entries
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Commit fd7312940a (Makefile: add new missing-cpe target) added the
rule to generate a set of files to update the NVD.
For an in-tree build, 'make clean' remove the output directory, so
those files are removed. But for an out-of-tree build, the output
directory is not removed, so those files still linger around after a
clean.
Explicitly remove them on clean, to cater for both cases.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Matthew Weber <matthew.weber@rockwellcollins.com>
Reviewed-by: Matthew Weber <matthew.weber@collins.com>
Reviewed-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The application library (liblvm2app) has been dropped since version
2.03.00 and
0d22b58172
It should be noted that lvm2 support must be dropped from udisks until
a bump to at least version 2.7.0 and
4c0709a893
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[yann.morin.1998@free.fr:
- slightly expand help text for legacy BR2_PACKAGE_UDISKS_LVM2
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fixes the following security issues:
- CVE-2020-8696: Description: Improper removal of sensitive information
before storage or transfer in some Intel(R) Processors may allow an
authenticated user to potentially enable information disclosure via local
access
- CVE-2020-8698: Description: Improper isolation of shared resources in some
Intel(R) Processors may allow an authenticated user to potentially enable
information disclosure via local access
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00381.html
License file updated with the new year, so change hash accordingly.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
[yann.morin.1998@free.fr: explain license hash change]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
From the release notes:
================================================================================
Redis 6.2.3 Released Mon May 3 19:00:00 IST 2021
================================================================================
Upgrade urgency: SECURITY, Contains fixes to security issues that affect
authenticated client connections. LOW otherwise.
Read more on https://github.com/redis/redis/blob/6.2.3/00-RELEASENOTES
Signed-off-by: Titouan Christophe <titouanchristophe@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
lvmetad has been dropped since version 2.03.00 and
117160b27e
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
When doing analysis it is helpful to be able to view what CVE have
been patched / diagnosed to not apply to Buildroot. This exposes
that list to the reporting and prevents a step where you have to
dig into the .mk's of a pkg to check for sure what has been
ignored.
Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
[yann.morin.1998@free.fr: only set background if there are ignored CVEs]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
For cases of a CPE having a unknown version or when there hasn't
been a CPE verified, proposed a search criteria to help the
user research an update.
(libcurl has NIST dict entries but not this version)
cpe:2.3🅰️haxx:libcurl:7.76.1:*:*:*:*:*:*:*
CPE identifier unknown in CPE database (Search)
(jitterentropy-library package doesn't have any NIST dict entries)
no verified CPE identifier (Search)
Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
[yann.morin.1998@free.fr: fix flake8 issues]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
It invokes the recently introduced gen-missing-cpe script.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Reviewed-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Tested-by: Matt Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
