Add myself to DEVELOPERS as maintainer of fb-test-app.
Suggested-by: Arnout Vandecappelle <arnout@mind.be>
Signed-off-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit b805e9d536)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
remove merged patches
Bugfix release, fixing a number of issues:
- Make enum type registration thread safe
- Do not install skipped test files [Jan Tojnar]
- Fix GIF initialization [Simon McVittie]
- Always run GIF loader tests [Simon McVittie]
- Fix leaks discovered via ASan [Simon McVittie]
- Expose GdkPixbufLoader API via introspection [Paolo Borelli]
- Fix revert-to-previous first frame behaviour for GIF files [Robert Ancell, #166]
- Link to libintl if needed [Fabrice Fontaine]
- Improve support for using gdk-pixbuf as a subproject [Xavier Claessens]
- Fix build with GModule disabled [Fabrice Fontaine]
- Use gi-docgen to generate the API reference from introspection data
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
(cherry picked from commit 54ba3be13b)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
openssl is an optional dependency which is enabled by default since at
least 2007 and
4c17f25c0f
Enable DES, MD4 and RC4 in openssl to fix build failure raised since
commit a83d41867c
Fixes:
- http://autobuild.buildroot.org/results/d73b477bd2064aee076f9debfd8d3346c63ba657
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[yann.morin.1998@free.fr: squash the two commits together]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit b7a5b9d06d)
[Peter: drop openssl options]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The comment has been introduced by commit [1] where the latest
gdb version has been used when cross-gdb is not enabled.
But since then the gdb package doesn't use the latest gdb version when
cross-gdb is not enabled. It's the "stable" version.
[1] https://git.buildroot.net/buildroot/commit/?id=fda818390b5e6a585608f4523356eafa0c587f53
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
(cherry picked from commit 4de251ea41)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
perl-crypt-openssl-rsa inherits the dependency on openssl indirectly
from perl-crypt-openssl-random. Hwvere, perl-crypt-openssl-rsa needs
the openssl libraries for itself, so it must explicitly depend on it.
So far, this was totally unconsequential, but since commit a83d41867c
(package/libopenssl: add option to enable some features), features can
be configured out, of which RMD160 that perl-crypt-openssl-rsa needs.
If we were to add the select to that option (in a followup commit),
without a dependency to openssl, that would be very confusing in the
future.
So, add the explicit dependency now.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 7c636d9c66)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 7f4429dd90)
[Peter: drop 5.11.x/5.12.x bump]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security issues:
- CVE-2021-28651: Denial of Service in URN processing
Due to a buffer management bug Squid is vulnerable to a Denial of service
attack against the server it is operating on.
This attack is limited to proxies which attempt to resolve a "urn:"
resource identifier. Support for this resolving is enabled by default in
all Squid.
https://github.com/squid-cache/squid/security/advisories/GHSA-ch36-9jhx-phm4
- CVE-2021-28652: Denial of Service issue in Cache Manager
Due to an incorrect parser validation bug Squid is vulnerable to a Denial
of Service attack against the Cache Manager API.
https://github.com/squid-cache/squid/security/advisories/GHSA-m47m-9hvw-7447
- CVE-2021-28662: Denial of Service in HTTP Response Processing
Due to an input validation bug Squid is vulnerable to a Denial of Service
against all clients using the proxy.
https://github.com/squid-cache/squid/security/advisories/GHSA-jjq6-mh2h-g39h
- CVE-2021-31806, CVE-2021-31807, CVE-2021-31808: Multiple Issues in HTTP
Range header
Due to an incorrect input validation bug Squid is vulnerable to
a Denial of Service attack against all clients using the proxy.
https://github.com/squid-cache/squid/security/advisories/GHSA-pxwq-f3qr-w2xf
- CVE-2021-33620: Denial of Service in HTTP Response processing
Due to an input validation bug Squid is vulnerable to a Denial of Service
against all clients using the proxy.
https://github.com/squid-cache/squid/security/advisories/GHSA-572g-rvwr-6c7f
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit d94c42b93e)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Bugfix release. From the release notes:
Some backports of important fixes to the 1.25 series, for very conservative
people.
libmpg123: Backport bit reservoir CRC fix from 1.26
libmpg123: Backport part2_3_length regression fix (bug 312).
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit d495593de1)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Since putty is only affected by this CVE on Windows, ignore it in the
stable branch. Branch master is not affected anymore already, due to
newer version which got fixed.
Signed-off-by: Alexander Dahl <post@lespocky.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The domain for their email is now a parking-site, and mails are not
delivered anymore.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 48235e6fc5)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security issues:
- CVE-2021-33195: The LookupCNAME, LookupSRV, LookupMX, LookupNS, and
LookupAddr functions in net, and their respective methods on the Resolver
type may return arbitrary values retrieved from DNS which do not follow
the established RFC 1035 rules for domain names. If these names are used
without further sanitization, for instance unsafely included in HTML, they
may allow for injection of unexpected content. Note that LookupTXT may
still return arbitrary values that could require sanitization before
further use
- CVE-2021-33196: The NewReader and OpenReader functions in archive/zip can
cause a panic or an unrecoverable fatal error when reading an archive that
claims to contain a large number of files, regardless of its actual size
- CVE-2021-33197: ReverseProxy in net/http/httputil could be made to forward
certain hop-by-hop headers, including Connection. In case the target of
the ReverseProxy was itself a reverse proxy, this would let an attacker
drop arbitrary headers, including those set by the ReverseProxy.Director
- CVE-2021-33198: The SetString and UnmarshalText methods of math/big.Rat
may cause a panic or an unrecoverable fatal error if passed inputs with
very large exponents
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
libmpv-static and libmpv-shared are disabled by default resulting in the
following build failure when building with gl but without rpi, wayland
or x11:
Checking for OpenGL without platform-specific code (e.g. for libmpv) : libmpv-shared not found
Checking for OpenGL context support : gl-cocoa not found
You manually enabled the feature 'gl', but the autodetection check failed.
Here is an extract of wscript:
} , {
'name': '--plain-gl',
'desc': 'OpenGL without platform-specific code (e.g. for libmpv)',
'deps': 'libmpv-shared || libmpv-static',
'func': check_true,
}, {
'name': '--gl',
'desc': 'OpenGL context support',
'deps': 'gl-cocoa || gl-x11 || egl-x11 || egl-drm || '
+ 'gl-win32 || gl-wayland || rpi || '
+ 'plain-gl',
'func': check_true,
'req': True,
'fmsg': "No OpenGL video output found or enabled. " +
"Aborting. If you really mean to compile without OpenGL " +
"video outputs use --disable-gl.",
}, {
Enabling both the shared and static libraries is not allowed by mpv, so
we consider the BR2_STATIC_LIBS to be static, and otherwise (i.e.
BR2_SHARED_LIBS and BR2_SHARED_STATIC_LIBS) to be shared.
Fixes:
- http://autobuild.buildroot.org/results/590d2a8b6746ef071dfb439e42b636f81dbdc35d
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[yann.morin.1998@free.fr:
- expand config log about shared/static icompatibility
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 8601137c08)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix the following build failure with gcc 11:
/data/buildroot-autobuilder/instance-0/output-1/build/qt5base-5.15.2/include/QtCore/../../src/corelib/global/qfloat16.h:300:7: error: 'numeric_limits' is not a class template
300 | class numeric_limits<QT_PREPEND_NAMESPACE(qfloat16)> : public numeric_limits<float>
| ^~~~~~~~~~~~~~
Fixes:
- http://autobuild.buildroot.org/results/9a7a987af40b8408ccdfcae4890008c7090b41a1
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Reviewed-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 128901c80a)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Disable -Werror to avoid the following build failure:
<command-line>: error: "_FORTIFY_SOURCE" redefined [-Werror]
MEDIA_BUILD_FATAL_WARNINGS option is available since version 18.2.0 and
6932fc0ffb
Fixes:
- http://autobuild.buildroot.org/results/52638d95312e464626d1c4047b3b26d4f57a1cd2
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit e93eaf7248)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add -std=c++11 to fix the following build failure with gcc 11:
/data/buildroot-autobuilder/instance-0/output-1/host/include/cutl/shared-ptr/base.hxx:34:41: error: ISO C++17 does not allow dynamic exception specifications
34 | operator new (std::size_t, cutl::share) throw (std::bad_alloc);
| ^~~~~
Fixes:
- http://autobuild.buildroot.org/results/9cbb8be7a1d8ac5913fbc5e2a78c4c45b5daf8e2
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit ac9855e761)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Building efibootmgr with a musl toolchain is possible.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit b7d6149b68)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Disable dc3dd on riscv32 because of the size of time_t (riscv32 has
never had a 32-bit time, and has always been 64-bit from the onset):
In file included from getdate.y:40:
verify.h:132:30: error: negative width in bit-field 'verify_error_if_negative_size__'
132 | (struct { unsigned int verify_error_if_negative_size__: (R) ? 1 : -1; }))
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
verify.h:138:61: note: in expansion of macro 'verify_true'
138 | # define verify(R) extern int (* verify_function__ (void)) [verify_true (R)]
| ^~~~~~~~~~~
getdate.y:116:1: note: in expansion of macro 'verify'
116 | verify (LONG_MIN <= TYPE_MINIMUM (time_t) && TYPE_MAXIMUM (time_t) <= LONG_MAX);
| ^~~~~~
Fixes:
- http://autobuild.buildroot.org/results/267151dec9d2328a5f8c61ddf224219a4f617e5c
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 6b9d2ab455)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add Libs.private to libraw.pc to fix the following static build failure
with imagemagick which is raised since commit
2f47cfade4:
/home/giuliobenetti/autobuild/run/instance-1/output-1/host/opt/ext-toolchain/bin/../lib/gcc/arm-buildroot-linux-uclibcgnueabi/9.3.0/../../../../arm-buildroot-linux-uclibcgnueabi/bin/ld: /home/giuliobenetti/autobuild/run/instance-1/output-1/host/bin/../arm-buildroot-linux-uclibcgnueabi/sysroot/usr/lib/libjasper.a(jpg_enc.c.o): in function `jpg_encode':
jpg_enc.c:(.text+0x1f4): undefined reference to `jpeg_stdio_dest'
Fixes:
- http://autobuild.buildroot.org/results/88e43a1ea2059a684e50b0f5f2af407e8c6df2e1
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
(cherry picked from commit cb3b89e4cd)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix CVE-2021-33516: An issue was discovered in GUPnP before 1.0.7 and
1.1.x and 1.2.x before 1.2.5. It allows DNS rebinding. A remote web
server can exploit this vulnerability to trick a victim's browser into
triggering actions against local UPnP services implemented using this
library. Depending on the affected service, this could be used for data
exfiltration, data tempering, etc.
Replace patch by upstream commit as current patch doesn't apply cleanly
https://discourse.gnome.org/t/security-relevant-releases-for-gupnp-issue-cve-2021-33516/6536https://gitlab.gnome.org/GNOME/gupnp/-/blob/gupnp-1.2.6/NEWS
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
(cherry picked from commit 94a3b3f062)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Disabling tests will fix the following build failures on riscv32:
select_poll_epoll.c:408:16: note: each undeclared identifier is reported only once for each function it appears in
select_poll_epoll.c: In function 'ppoll_fds_ulong_max':
select_poll_epoll.c:440:16: error: 'SYS_ppoll' undeclared (first use in this function); did you mean 'SYS_tkill'?
440 | ret = syscall(SYS_ppoll, ufds, ULONG_MAX, NULL, NULL);
| ^~~~~~~~~
| SYS_tkill
select_poll_epoll.c: In function 'pselect_invalid_fd':
select_poll_epoll.c:488:16: error: 'SYS_pselect6' undeclared (first use in this function); did you mean 'SYS_semctl'?
488 | ret = syscall(SYS_pselect6, fd + 1, &rfds, NULL, NULL, NULL, NULL);
| ^~~~~~~~~~~~
| SYS_semctl
Fixes:
- http://autobuild.buildroot.org/results/dd39188a7191efa512a51f18f4c34d9ee711a6a7
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
(cherry picked from commit 2df1c10ba7)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Remove patch 001 as it has been fixed upstream.
Signed-off-by: Norbert Lange <nolange79@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 97bec5b4cc)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
vlc unconditionally uses __NR_futex resulting in the following build
failure on riscv32:
linux/thread.c:53:20: error: '__NR_futex' undeclared (first use in this function)
53 | return syscall(__NR_futex, addr, op, val, to, addr2, val3);
| ^~~~~~~~~~
A patch that fixes this was submitted upstream, but rejected [1].
Fixes:
- http://autobuild.buildroot.org/results/be0f2243919d7a052b33118d8a901c922f8d88e7
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
[1] https://patches.videolan.org/patch/30581/
(cherry picked from commit cc86b866ac)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix the following build failure on riscv32:
lib/internal.h:331:20: error: '__NR_io_getevents' undeclared (first use in this function); did you mean 'io_getevents'?
331 | return syscall(__NR_io_getevents, ctx, min, max, events, timeout);
| ^~~~~~~~~~~~~~
Fixes:
- http://autobuild.buildroot.org/results/c828d4330a8888fe8db4299dc2f20759947f329f
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
(cherry picked from commit 5a075b47a8)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
unscd unconditionally uses __NR_clock_gettime which will raise the
following build failure on riscv32:
nscd-0.54.c:339:14: error: '__NR_clock_gettime' undeclared (first use in this function); did you mean 'clock_gettime'?
339 | if (syscall(__NR_clock_gettime, CLOCK_MONOTONIC, &ts))
| ^~~~~~~~~~~~~~~~~~
| clock_gettime
Fixes:
- http://autobuild.buildroot.org/results/eb77b18f268d8e59c407f757662117a33d3f9ee3
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
(cherry picked from commit 34173da168)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add -std=c++11 to fix the following build failure with gcc 11:
In file included from shared-ptr/base.cxx:5:
../cutl/shared-ptr/base.hxx:34:41: error: ISO C++17 does not allow dynamic exception specifications
34 | operator new (std::size_t, cutl::share) throw (std::bad_alloc);
| ^~~~~
Fixes:
- http://autobuild.buildroot.org/results/60a39d402a0d051c92aa11421b7a14f7729a0380
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
(cherry picked from commit 4d6ca0a8ac)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Recently in Buildroot the option BR2_PIC_PIE has been enabled by default along
with other hardening features [1]. Since then the nios2 defconfig
qemu_nios2_10m50_defconfig is failing to boot due to a segfault in init program:
Run /init as init process
with arguments:
/init
with environment:
HOME=/
TERM=linux
Failed to execute /init (error -12)
See Buildroot build log and Qemu runtime test log in build artifacts [2].
Analyzing one of the binary with strace show that the problem occur
very early when starting the new process:
# strace ./busybox
execve("./busybox", ["./busybox"], 0x7f91ce90 /* 10 vars */) = -1 ENOMEM
(Cannot allocate memory)
+++ killed by SIGSEGV +++
Several binutils/glibc/gcc version has been tested without any success.
The issue has been reported to the glibc mailing list but it can be a linker
or kernel bug [3].
For the Buildroot 2021.05 release, disable BR2_PIC_PIE until the problem is
found and fixed.
Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/1285145889
[1] https://git.buildroot.net/buildroot/commit/?id=810ba387bec3c5b6904e8893fb4cb6f9d3717466
[2] https://gitlab.com/buildroot.org/buildroot/-/jobs/1285145889
[3] https://sourceware.org/pipermail/libc-alpha/2021-May/126912.html
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
(cherry picked from commit 6b4b63a571)
[Peter: backport to 2021.02.x to stop users from manually enabling BR2_PIC_PIE]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
