Denial of service attack and buffer overflow against TLS 1.3
servers using session ticket resumption. When built with
--enable-session-ticket and making use of TLS 1.3 server code in
wolfSSL, there is the possibility of a malicious client to craft a
malformed second ClientHello packet that causes the server to crash.
This issue is limited to when using both --enable-session-ticket and TLS
1.3 on the server side. Users with TLS 1.3 servers, and having
--enable-session-ticket, should update to the latest version of wolfSSL.
https://github.com/wolfSSL/wolfssl/releases/tag/v5.5.1-stable
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Mostly internal refactoring and some minor enhancements /fixes in features
cdio_paranoia, ffmpeg (support version 5.1), pipewire, replay gain.
Improve iconv detection.
Fix bogus volume levels with multiple partitions.
For partition support, version 0.23.9 or later is recommended.
Full change log:
https://raw.githubusercontent.com/MusicPlayerDaemon/MPD/v0.23.9/NEWS
Tested on:
i386 (build, run)
x86_64 (build)
aarch64 (build, run)
Signed-off-by: Andreas Ziegler <br015@umbiko.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
See the release notes[1] on GitHub for changes.
[1] https://github.com/rauc/rauc/releases/tag/v1.8
Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
We can't use BR2_PACKAGE_LIBOPENSSL to force selecting libopenssl, as
it is part of a choice. Instead, we have a symbol explicitly to force
libopenssl: BR2_PACKAGE_OPENSSL_FORCE_LIBOPENSSL.
Use that.
Reported-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The FWTS application and its associated kernel modules do build on arm;
enable it.
Signed-off-by: Vincent Stehlé <vincent.stehle@arm.com>
Cc: Erico Nunes <nunes.erico@gmail.com>
[yann.morin.1998@free.fr: introduce _ARCH_SUPPORTS, sort alphabetically]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
At the moment rtl8189es module has -DCONFIG_LITTLE_ENDIAN hardcoded and
there is no way to override it. So to do this let's add a patch that is
pending upstream[1] to allow to override CFLAGS and then let's undefine
CONFIG_LITTLE_ENDIAN and define the correct endianness in rtl8189es.mk
Fixes:
http://autobuild.buildroot.net/results/3bcad5e88876c86a2a3338961ed20f28b5953779/
[1]: https://github.com/jwrdegoede/rtl8189ES_linux/pull/83
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Nicolas Tran is apparently no longer at Smile:
The response from the remote server was:
450 4.1.1 <nicolas.tran@smile.fr>: Recipient address rejected: User unknown in virtual mailbox table
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
His e-mail server is no longer responsive. Every single day, we get:
<joerg.krause@embedded.rocks>: connect to embedded.rocks[99.83.154.118]:25:
Connection timed out
when sending the daily autobuilder report.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
- boost regex is not needed since
f773cf9fb9
- Drop all patches (already in version) except first one which has been
reverted by upstream:
1a00949b19
- Add LGPL-3.0+ for fpga/usrp3:
bafa9d9545
- N230 is not supported since
d94140a412
- RFNoC is not supported since
7d69dcdcc3https://github.com/EttusResearch/uhd/blob/v4.3.0.0/CHANGELOG
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Drop have_mfpu_neon which has been added by commit
b07de37540 but is not recognized:
CMake Warning:
Manually-specified variables were not used by the project:
BUILD_DOC
BUILD_DOCS
BUILD_EXAMPLE
BUILD_EXAMPLES
BUILD_TEST
BUILD_TESTING
BUILD_TESTS
CMAKE_INSTALL_RUNSTATEDIR
have_mfpu_neon
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Link to Rust 1.64.0 annoucement: https://blog.rust-lang.org/2022/09/22/Rust-1.64.0.html
Newest version of the source archives have been retrieved with their hash values,
and the signature of the .asc files have been verified as follows:
$ curl -fsSL https://static.rust-lang.org/rust-key.gpg.ascii | gpg --import
$ gpg --verify <filename.asc> <filename>
There is no typographical error in the packages according to the check-pakage utility:
$ ./utils/check-package package/rust-bin/*
$ ./utils/check-package package/rust/*
The testsuite tool were successfully run for rust and rust-bin packages to test
the Rust toolchain under 1.64.0:
$ ./support/testing/run-tests -k -d dl/ -o testsuite tests.package.test_rust.TestRustBin
$ ./support/testing/run-tests -k -d dl/ -o testsuite tests.package.test_rust.TestRust
In order to verify the compatibility of packages depending on Rust 1.64.0,
tests using `./utils/test-pkg` were run.
You may want to execute the test-pkg command after creating a `.config` file
enabling the corresponding BR2_PACKAGE, for example:
Create a file `buildroot/ripgrep.config` containing "BR2_PACKAGE_RIPGREP=y"
Then execute:
$ ./utils/test-pkg -d test-pkg -c ripgrep.config -p ripgrep
Results:
librsvg OK
ripgrep OK
suricata OK
bat OK
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The features of the Cortex A7 CPU on the Aspeed AST2600 A3 SoC are :
half thumb fastmult vfp edsp vfpv3 vfpv3d16 tls vfpv4 idiva idivt lpae evtstrm
the vfpv3d16 feature bit is common to both vfpv3 and vfpv4.
Drop BR2_ARM_FPU_VFPV4 which activates the use of vpfd32 (and breaks
user space). Set BR2_ARM_FPU_VFPV4D16 instead.
Signed-off-by: Cédric Le Goater <clg@kaod.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
From the release notes:
(https://github.com/redis/redis/blob/7.0.5/00-RELEASENOTES)
================================================================================
Redis 7.0.5 Released Wed Sep 21 20:00:00 IST 2022
================================================================================
Upgrade urgency: SECURITY, contains fixes to security issues.
Security Fixes:
* (CVE-2022-35951) Executing a XAUTOCLAIM command on a stream key in a specific
state, with a specially crafted COUNT argument, may cause an integer overflow,
a subsequent heap overflow, and potentially lead to remote code execution.
The problem affects Redis versions 7.0.0 or newer
[reported by Xion (SeungHyun Lee) of KAIST GoN].
Signed-off-by: Titouan Christophe <titouanchristophe@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Version 3.9.1 does not distribute a CSS file nor a bundle. Install
only the minified Javascript source.
Fixes:
http://autobuild.buildroot.net/results/454216c43430c829c4a06566e99f363e3d0f3019/
Signed-off-by: Ignacy Gawędzki <ignacy.gawedzki@green-communications.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This is currently the latest version in the v16.x branch.
Patch 0001-add-qemu-wrapper-support.patch needs some minor adaptations
to resolve conflicts with other unrelated upstream changes. The other
patches are simply refreshed.
The license file is updates due to:
- Reformatting changes
- Addition of the mention of some files being under GPLv3, but it's
only the autoconf machinery: aclocal.m4 and config.guess, so it's
not relevant to add in our LICENSE variable.
- Addition of the mention of another file being under the MIT
license (install-sh), and MIT is already listed, and this file is
anyway only part of the autoconf machinery.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Commit 1facb09b94 ("package/nodejs:
build host-nodejs only if we're installing modules with NPM") forgot
to account for the dependency on Qemu. Now that nodejs no longer
depends on host-nodejs, but needs host-qemu, we need to make sure that
nodejs selects the relevant BR2_PACKAGE_HOST_QEMU options.
So this patch:
- Drops the dependency of BR2_PACKAGE_NODEJS_ARCH_SUPPORTS on
BR2_PACKAGE_QEMU_ARCH_SUPPORTS_TARGET, which was incorrect: we
don't care about running Qemu on the target. We care about
host-qemu supporting the emulation of the target architecture,
which is what BR2_PACKAGE_HOST_QEMU_ARCH_SUPPORTS is for.
- Adds the dependency to the relevant BR2_PACKAGE_HOST_QEMU options
to BR2_PACKAGE_NODEJS, so that host-qemu is built with the
appropriate features needed to build the target nodejs.
- Removes the qemu related dependencies from host-nodejs, which does
not need Qemu at all.
Without this change the build of nodejs without npm enabled is broken
as the host-qemu that gets built does not have all the features that
are needed. There are no autobuild failures at this point, however.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fix the following sparc build failure raised since bump to version 0.24
in commit 9b5caa2ab4 and
2d3cae005f:
/home/buildroot/autobuild/instance-0/output-1/build/libiio-0.24/iiod/serial.c: In function 'serial_configure':
/home/buildroot/autobuild/instance-0/output-1/build/libiio-0.24/iiod/serial.c:99:58: error: 'B2500000' undeclared (first use in this function); did you mean 'B1500000'?
99 | #define CASE_BPS(bps, attr) case bps: (attr)->c_cflag |= B##bps; break
| ^
/home/buildroot/autobuild/instance-0/output-1/build/libiio-0.24/iiod/serial.c:127:9: note: in expansion of macro 'CASE_BPS'
127 | CASE_BPS(2500000, &tty_attrs);
| ^~~~~~~~
/home/buildroot/autobuild/instance-0/output-1/build/libiio-0.24/iiod/serial.c:99:58: note: each undeclared identifier is reported only once for each function it appears in
99 | #define CASE_BPS(bps, attr) case bps: (attr)->c_cflag |= B##bps; break
| ^
/home/buildroot/autobuild/instance-0/output-1/build/libiio-0.24/iiod/serial.c:127:9: note: in expansion of macro 'CASE_BPS'
127 | CASE_BPS(2500000, &tty_attrs);
| ^~~~~~~~
/home/buildroot/autobuild/instance-0/output-1/build/libiio-0.24/iiod/serial.c:99:58: error: 'B3000000' undeclared (first use in this function); did you mean 'B1000000'?
99 | #define CASE_BPS(bps, attr) case bps: (attr)->c_cflag |= B##bps; break
| ^
/home/buildroot/autobuild/instance-0/output-1/build/libiio-0.24/iiod/serial.c:128:9: note: in expansion of macro 'CASE_BPS'
128 | CASE_BPS(3000000, &tty_attrs);
| ^~~~~~~~
/home/buildroot/autobuild/instance-0/output-1/build/libiio-0.24/iiod/serial.c:99:58: error: 'B3500000' undeclared (first use in this function); did you mean 'B1500000'?
99 | #define CASE_BPS(bps, attr) case bps: (attr)->c_cflag |= B##bps; break
| ^
/home/buildroot/autobuild/instance-0/output-1/build/libiio-0.24/iiod/serial.c:129:9: note: in expansion of macro 'CASE_BPS'
129 | CASE_BPS(3500000, &tty_attrs);
| ^~~~~~~~
/home/buildroot/autobuild/instance-0/output-1/build/libiio-0.24/iiod/serial.c:99:58: error: 'B4000000' undeclared (first use in this function); did you mean 'B1000000'?
99 | #define CASE_BPS(bps, attr) case bps: (attr)->c_cflag |= B##bps; break
| ^
/home/buildroot/autobuild/instance-0/output-1/build/libiio-0.24/iiod/serial.c:130:9: note: in expansion of macro 'CASE_BPS'
130 | CASE_BPS(4000000, &tty_attrs);
| ^~~~~~~~
Fixes:
- http://autobuild.buildroot.org/results/8a9902f6eddaab812ebce3506ed6de686f647e02
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Commit 1e2fe860f3 (configs/qemu_ppc64*: downgrade binutils to 2.36.1).
Since then, we've dropped support for binutios 2.36, and hte default is
2.38.x, which has the required changes to fix:
https://github.com/linuxppc/issues/issues/388
Pin the qemu-ppc64 defconfig to explicitly use binutils 2.38.x
Signed-off-by: Cédric Le Goater <clg@kaod.org>
[yann.morin.1998@free.fr:
- explictily force binutils 2.38
- reword commit log to explain why
- reword commit log: it's not really a revert
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
This architecture variant is broken in GCC, causing build failures:
../../../libgcc/config/arm/unwind-arm.c:467:1: error: unrecognizable insn:
467 | }
| ^
(insn 2 4 3 2 (set (reg/v/f:SI 118 [ p ])
(reg:SI 0 r0 [ p ])) "../../../libgcc/config/arm/unwind-arm.c":456:1 -1
(nil))
during RTL pass: vregs
../../../libgcc/config/arm/unwind-arm.c:467:1: internal compiler error: in extract_insn, at recog.c:2770
Reported to the GCC developers, the feedback was "iwmmxt support is
definitely bitrotten and most likely should be removed from GCC.".
See:
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=106972#c1
So this commit simply drops support for iwmmxt, which anyway is
probably barely used nowadays: it's for old Marvell PXA cores that
implemented a special SIMD instruction set. The BR2_xscale option can
be used instead, it's just that it won't use this SIMD instruction
set.
Fixes:
http://autobuild.buildroot.net/results/8e4c4512902c34d8ec0c6f8dfff92b7a198e4b4a/
and the numerous other build failures at:
http://autobuild.buildroot.net/?reason=host-gcc-initial%&subarch=iwmmxt
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Building host-nodejs is no longer needed to build the target nodejs,
unless npm is needed during the build, which happens when
BR2_PACKAGE_NODEJS_MODULES_ADDITIONAL is used.
We need to make that host-python3 is built with bz2 and ssl
support. Until now, it was done by the BR2_PACKAGE_HOST_NODEJS option,
but now that the target nodejs no longer depends on host-nodejs, we
are no longer guaranteed to have a host-python3 with bz2/ssl. To make
sure it is the case, we select the relevant options from
BR2_PACKAGE_NODEJS.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The target nodejs package is building those tools, and running them
under Qemu, so it is not necessary for the host variant to install
them.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Since upstream commit 79da2534737bd090b7000beed68d225618606e53,
present since NodeJS 16.0.0, another call to the torque tool is done
in tools/v8_gypfiles/v8.gyp, but our patch to wrap calls to such tools
under Qemu forgot this addition. Due to this, the build of NodeJS is
broken since the bump to v16 in Buildroot commit
07408779cc ("package/nodejs: bump to
16.15.0"). This issue is not visible in the autobuilders as it was
hidden by a previous build issue, itself fixed by "package/nodejs: fix
'Duplicate v8 target errors when cross-compiling' error".
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Reported also via:
https://github.com/nodejs/node/issues/37441
Patched in:
5e533cb943
The error is:
```
ninja: Entering directory `out/Release'
ninja: error: obj.host/tools/v8_gypfiles/run_torque.ninja:1356: multiple rules generate gen/torque-generated/bit-fields.h [-w dupbuild=err]
make[2]: *** [Makefile:127: node] Error 1
make[1]: *** [package/pkg-generic.mk:293: <buildroot>/output/build/nodejs-16.15.0/.stamp_built] Error 2
make: *** [Makefile:84: _all] Error 2
```
Fixes:
http://autobuild.buildroot.net/results/7fe9132236ee8e3a86dd97fe96ffee42990c2d19/
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
[Thomas:
- regenerate patch as a git formatted patch, add a link to the
original location, add my own SoB to it
- improve commit log]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
