Added license hash, updated project URL, old site is dead.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Release notes: https://mariadb.com/kb/en/mariadb-10133-release-notes/
Changelog: https://mariadb.com/kb/en/mariadb-10133-changelog/
Fixes the following security vulnerabilities:
CVE-2018-2782 - Vulnerability in the MySQL Server component of Oracle MySQL
(subcomponent: InnoDB). Supported versions that are affected are 5.6.39 and
prior and 5.7.21 and prior. Easily exploitable vulnerability allows low
privileged attacker with network access via multiple protocols to compromise
MySQL Server. Successful attacks of this vulnerability can result in
unauthorized ability to cause a hang or frequently repeatable crash
(complete DOS) of MySQL Server.
CVE-2018-2784 - Vulnerability in the MySQL Server component of Oracle MySQL
(subcomponent: InnoDB). Supported versions that are affected are 5.6.39 and
prior and 5.7.21 and prior. Easily exploitable vulnerability allows low
privileged attacker with network access via multiple protocols to compromise
MySQL Server. Successful attacks of this vulnerability can result in
unauthorized ability to cause a hang or frequently repeatable crash
(complete DOS) of MySQL Server.
CVE-2018-2787 - Vulnerability in the MySQL Server component of Oracle MySQL
(subcomponent: InnoDB). Supported versions that are affected are 5.6.39 and
prior and 5.7.21 and prior. Easily exploitable vulnerability allows high
privileged attacker with network access via multiple protocols to compromise
MySQL Server. Successful attacks of this vulnerability can result in
unauthorized ability to cause a hang or frequently repeatable crash
(complete DOS) of MySQL Server as well as unauthorized update, insert or
delete access to some of MySQL Server accessible data.
CVE-2018-2766 - Vulnerability in the MySQL Server component of Oracle MySQL
(subcomponent: InnoDB). Supported versions that are affected are 5.6.39 and
prior and 5.7.21 and prior. Easily exploitable vulnerability allows high
privileged attacker with network access via multiple protocols to compromise
MySQL Server. Successful attacks of this vulnerability can result in
unauthorized ability to cause a hang or frequently repeatable crash
(complete DOS) of MySQL Server.
CVE-2018-2755 - Vulnerability in the MySQL Server component of Oracle MySQL
(subcomponent: Server: Replication). Supported versions that are affected
are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Difficult to
exploit vulnerability allows unauthenticated attacker with logon to the
infrastructure where MySQL Server executes to compromise MySQL Server.
Successful attacks require human interaction from a person other than the
attacker and while the vulnerability is in MySQL Server, attacks may
significantly impact additional products. Successful attacks of this
vulnerability can result in takeover of MySQL Server.
CVE-2018-2819 - Vulnerability in the MySQL Server component of Oracle MySQL
(subcomponent: InnoDB). Supported versions that are affected are 5.5.59 and
prior, 5.6.39 and prior and 5.7.21 and prior. Easily exploitable
vulnerability allows low privileged attacker with network access via
multiple protocols to compromise MySQL Server. Successful attacks of this
vulnerability can result in unauthorized ability to cause a hang or
frequently repeatable crash (complete DOS) of MySQL Server.
CVE-2018-2817 - Vulnerability in the MySQL Server component of Oracle MySQL
(subcomponent: Server: DDL). Supported versions that are affected are
5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Easily exploitable
vulnerability allows low privileged attacker with network access via
multiple protocols to compromise MySQL Server. Successful attacks of this
vulnerability can result in unauthorized ability to cause a hang or
frequently repeatable crash (complete DOS) of MySQL Server.
CVE-2018-2761 - Vulnerability in the MySQL Server component of Oracle MySQL
(subcomponent: Client programs). Supported versions that are affected are
5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Difficult to
exploit vulnerability allows unauthenticated attacker with network access
via multiple protocols to compromise MySQL Server. Successful attacks of
this vulnerability can result in unauthorized ability to cause a hang or
frequently repeatable crash (complete DOS) of MySQL Server.
CVE-2018-2781 - Vulnerability in the MySQL Server component of Oracle MySQL
(subcomponent: Server: Optimizer). Supported versions that are affected are
5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Easily exploitable
vulnerability allows high privileged attacker with network access via
multiple protocols to compromise MySQL Server. Successful attacks of this
vulnerability can result in unauthorized ability to cause a hang or
frequently repeatable crash (complete DOS) of MySQL Server.
CVE-2018-2771 - Vulnerability in the MySQL Server component of Oracle MySQL
(subcomponent: Server: Locking). Supported versions that are affected are
5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Difficult to
exploit vulnerability allows high privileged attacker with network access
via multiple protocols to compromise MySQL Server. Successful attacks of
this vulnerability can result in unauthorized ability to cause a hang or
frequently repeatable crash (complete DOS) of MySQL Server.
CVE-2018-2813 - Vulnerability in the MySQL Server component of Oracle MySQL
(subcomponent: Server: DDL). Supported versions that are affected are
5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Easily exploitable
vulnerability allows low privileged attacker with network access via
multiple protocols to compromise MySQL Server. Successful attacks of this
vulnerability can result in unauthorized read access to a subset of MySQL
Server accessible data.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Acked-by: Ryan Coe <bluemrp9@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Drop patch, issue has been properly fixed by:
0f814e52dd
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Bump kernel to version 4.17 and U-Boot to 2018.05.
As the dtb file has been renamed in mainline, make the necessary
adjustments in U-Boot environment and also in
BR2_LINUX_KERNEL_INTREE_DTS_NAME.
Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Bump kernel to version 4.17 and U-Boot to 2018.05.
As the imx_v6_v7_defconfig in 4.17 already selects the
CONFIG_CFG80211_WEXT option, the linux.fragment can
be simply removed.
Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
- Use LICENSE instead of main.c in TINYMEMBENCH_LICENSE_FILES
- Add hash for license file
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Bumps the cryptodev-linux package to the latest version available, which
contains some fixes and allows to use cryptodev-linux with a recent
kernel (v4.17).
The patch bumps the version and update the locally calculated hash.
Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Drop the po/ disable patch; not needed anymore.
Drop the __mempcpy compatibility patch; __mempcpy is not used anymore.
Refresh the -Werror removal patch; still needed, unfortunately.
Renumber the remaining patches.
Add GPLv3 license file.
Add license files hash.
[Peter: drop security reference, was added post-release]
Cc: Stefan Fröberg <stefan.froberg@petroprogram.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
- Fix CVE-2017-5029
- Remove first patch (already in version)
- Add a dependency to host-pkgconf and remove libxml2 options: see
abf537ebb2
- Add hash for license file
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Executing "/etc/init.d/S29netplug start" multiple times resulted in
multiple instances of netplugd.
Pass "-p /var/run/netplug.pid" to netplugd, so it creates the PID file
that start-stop-daemon needs to know that netplugd is already running.
Also use the pid file to stop netplugd, instead of the daemon name.
Fixes https://bugs.busybox.net/show_bug.cgi?id=10661
Reported-by: Joachim Krueger <mail2k@web.de>
Signed-off-by: Carlos Santos <casantos@datacom.com.br>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
I'm working on improving the sysvinit scripts, so it's advisable to keep
an eye on them.
Signed-off-by: Carlos Santos <casantos@datacom.com.br>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Prior to commit 2dccb4f2fe
("package/docker-containerd: convert to golang infrastructure"), the
containerd binary was installed as docker-containerd. Following the
conversion to the golang package infrastructure, the binary is now
installed as "containerd", which breaks some use cases.
Let's add a symlink link docker-containerd -> containerd to fix such
use cases.
Fixes: https://bugs.busybox.net/show_bug.cgi?id=11076
Signed-off-by: Sam Lancia <sam@gpsm.co.uk>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This is a minor release the main feature of which are the
object-oriented bindings for C++ and Python3. Other than that there's
a couple bug-fixes and minor improvements all around.
Signed-off-by: Bartosz Golaszewski <brgl@bgdev.pl>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This patch bumps python-web2py to version R-2.16.1.
Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This patch bumps python-pyDAL to version 17.11.
Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
- Remove first patch (already in version, see
https://github.com/strophe/libstrophe/pull/59)
- Use --without-xml (fixed by
3b55c20879)
- Add hash for license files
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Drop upstream patches.
Add a patch fixing build with musl libc.
Update the list of licenses based on the content of COPYING. The
BSD-5-Clause license is not listed by SPDX, but that is its name in the
COPYING file.
Update the license file hash: new licenses, dates update, reformat.
Cc: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This patch add mender, an open source over-the-air (OTA) software
updater for embedded Linux devices.
Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
[Thomas:
- add entry to DEVELOPERS file.
- drop dependency on systemd, since there is really no build
dependency, it's just that the init script integration is missing.
- add Config.in comment about the thread dependency
- don't override install commands, otherwise the mender binary is not
installed, and instead use a post install target hook.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This adds flatcc as a new package, pulling v0.5.1 from github. flatcc
has both a host tool (the compiler), and libraries for the target.
Signed-off-by: Steve deRosier <steve.derosier@lairdtech.com>
Signed-off-by: Joel Carlson <joel.carlson@cosmicaes.com>
Reviewed-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
[Thomas: add entry in DEVELOPERS file.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The PAGER environment variable is including a blank character at the
end. Remove this.
A for loop has been unsetting the variable inside the loop, this is only
needed once at the end of the loop.
Signed-off-by: Florian La Roche <F.LaRoche@pilz.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The default busybox inittab does two separate mkdir calls
to create /dev/pts and /dev/shm. Reduce this to call mkdir
only once for both directories.
Signed-off-by: Florian La Roche <F.LaRoche@pilz.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
