Release notes:
https://www.openssl.org/blog/blog/2023/11/23/OpenSSL32/
Removed patch 0001 and added no-docs configure option due to
956b4c75dc
Removed patch 0003 due to
78634e8ac2
Removed patch 0006 which is included in this release
e1b6ecbab4
Renumbered remaining patches.
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The 6.5.x series is now EOL upstream, so drop the linux-headers option
and add legacy handling for it.
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
[Peter: drop option from linux-headers/Config.host.in]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The README file has seen some cosmetic changes that do not affect the
licensing terms.
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Since the update of Python to version 3.11 in commit
738500c296 ("package/python3: bump to
version 3.11.0"), python-sip fails to compile with:
siplib.c: In function ‘sip_api_get_frame’:
siplib.c:13750:22: error: invalid use of undefined type ‘struct _frame’
13750 | frame = frame->f_back;
This is due to a change in the Python C API, which is fixed by a new
patch. The patch can't be upstreamed, as SIP 4.x is no longer
maintained upstream.
Fixes:
http://autobuild.buildroot.net/results/7b01739e7514e48c06182bc1804b32497ce2e414/
Signed-off-by: Ralf Dragon <hypnotoad@lindra.de>
[Thomas: improved commit log, reformatted patch using Git]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The kcmp() system call first appeared in linux 3.5,
and was also not there before linux 5.12 if
CONFIG_CHECKPOINT_RESTORE was not set.
See: https://man7.org/linux/man-pages/man2/kcmp.2.html
Signed-off-by: Thomas Devoogdt <thomas@devoogdt.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Changes:
https://github.com/containers/crun/releases/tag/1.12
Also add a patch to fix crun compile without libseccomp libcap issue
Signed-off-by: Xiangyu Chen <xiangyu.chen@windriver.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Substitute spaces with tab on 2 entries for consistency.
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This patch adds support for Xilinx Kria KD240 starter kit.
KD240 features can be found here:
https://www.xilinx.com/products/som/kria/kd240-drives-starter-kit.html
While the Kria SOM is based on a ZynqMP SoC, there are some key
boot config differences from the other ZynqMP evaluation boards.
1. There are no boot switches on Kria SOMs. The boot mode is thus
hard configured for QSPI flash. A pre-programmed boot.bin comes
with every Starter Kit. U-Boot can then find the Linux kernel and
file system on the SD card.
Optional instructions for updating the boot.bin in the QSPI flash
can be found in the readme.txt file and the link below.
https://xilinx-wiki.atlassian.net/wiki/spaces/A/pages/1641152513/Kria+K26+SOM
2. Kria SOMs use UART1 for the console instead of UART0. For this
reason, Kria Starter Kits will use a separate extlinux.conf file
from other ZynqMP evaluation boards.
3. The KD240 has a USB to SD card bridge, so the Linux kernel
and file system are found on /dev/sda1 and /dev/sda2.
4. The following patches have been submitted upstream to u-boot.
Without these patches, the usb, sd card and ethernet peripherals
do not work correctly.
https://patchwork.ozlabs.org/project/uboot/patch/20231213134007.2818069-1-neal.frager@amd.com/https://patchwork.ozlabs.org/project/uboot/patch/20231213134052.2818879-1-neal.frager@amd.com/
Signed-off-by: Neal Frager <neal.frager@amd.com>
Reviewed-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
[Peter: add upstream tag, drop patch numbering from patches]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This release fixes some bugs found in the 3.11.2 release.
https://github.com/nlohmann/json/releases/tag/v3.11.3
Signed-off-by: Michael Nosthoff <buildroot@heine.tech>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security issues:
- CVE-2023-5367 X.Org server: OOB write in
XIChangeDeviceProperty/RRChangeOutputProperty
For details, see the advisory:
https://lists.x.org/archives/xorg-announce/2023-October/003430.html
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security issues:
- CVE-2023-5367 X.Org server: OOB write in
XIChangeDeviceProperty/RRChangeOutputProperty
- CVE-2023-5380: Use-after-free bug in DestroyWindow
- CVE-2023-5574: Use-after-free bug in DamageDestroy
For details, see the advisory:
https://lists.x.org/archives/xorg-announce/2023-October/003430.html
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
rsync is used in the infrastructure, mostly for the per-package infra,
and for the override-srcdir mechanism, but also to build the manual.
As such, it is not optional but mandatory, and already listed so.
Drop the reference to rsync from the list of optional packages.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security issues:
- CVE-2023-46218: cookie mixed case PSL bypass
This flaw allows a malicious HTTP server to set "super cookies" in curl
that are then passed back to more origins than what is otherwise allowed
or possible. This allows a site to set cookies that then would get sent
to different and unrelated sites and domains.
https://curl.se/docs/CVE-2023-46218.html
- CVE-2023-46219: HSTS long file name clears contents
When saving HSTS data to an excessively long file name, curl could end up
removing all contents, making subsequent requests using that file unaware
of the HSTS status they should otherwise use.
https://curl.se/docs/CVE-2023-46219.html
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The prebuilt kernel has been updated to 5.10.202, sync the kernel
built by TestDtbocfg.
Signed-off-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The prebuilt kernel has been updated to 5.10.202, sync the kernel
built by InitSystemSystemdBaseOverlayfs.
Signed-off-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fixes the following security issues:
CVE-2023-44429: Heap-based buffer overflow in the AV1 codec parser when
handling certain malformed streams before GStreamer 1.22.7.
https://gstreamer.freedesktop.org/security/sa-2023-0009.html
CVE-2023-44446: Use-after-free (read) in the MXF demuxer when handling
certain files before GStreamer 1.22.7.
https://gstreamer.freedesktop.org/security/sa-2023-0010.html
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Update the zynq readme.txt to add documentation for the zc702 and correct
documentation that was no longer up to date.
Signed-off-by: Neal Frager <neal.frager@amd.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This patch adds support for ZynqMP ZCU104 evaluation board.
ZCU104 features can be found here:
https://www.xilinx.com/products/boards-and-kits/zcu104.html
Signed-off-by: Neal Frager <neal.frager@amd.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Let's also enable NXP firmware package to let latest SDMA firmware to be
loaded. To achieve this we also need to enable dynamic eudev to let it to
load the firmware as it is requested early before the rootfs is mounted.
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
[Peter: explain why eudev is needed]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Let's also enable NXP firmware package to let latest SDMA firmware to be
loaded. To achieve this we also need to enable dynamic eudev to let it
load the firmware as it is requested early before the rootfs is mounted.
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Reviewed-by: Fabio Estevam <festevam@gmail.com>
[Peter: explain why eudev is needed]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Drop patches (already in version)
This bump will fix the following build failure raised since bump of
leptonica to version 1.83.1 in commit
a4e713558d thanks to
27b1827ccd:
src/textord/devanagari_processing.cpp: In member function 'bool tesseract::ShiroRekhaSplitter::Split(bool, tesseract::DebugPixa*)':
src/textord/devanagari_processing.cpp:130:19: error: invalid use of incomplete type 'struct Pixa'
130 | Box *box = ccs->boxa->box[i];
| ^~
In file included from /home/autobuild/autobuild/instance-5/output-1/host/bin/../s390x-buildroot-linux-gnu/sysroot/usr/include/leptonica/alltypes.h:52,
from /home/autobuild/autobuild/instance-5/output-1/host/bin/../s390x-buildroot-linux-gnu/sysroot/usr/include/leptonica/allheaders.h:35,
from src/textord/devanagari_processing.h:16,
from src/textord/devanagari_processing.cpp:25:
/home/autobuild/autobuild/instance-5/output-1/host/bin/../s390x-buildroot-linux-gnu/sysroot/usr/include/leptonica/bmf.h:48:12: note: forward declaration of 'struct Pixa'
48 | struct Pixa *pixa; /*!< pixa of bitmaps for 93 characters */
| ^~~~
https://github.com/tesseract-ocr/tesseract/blob/5.3.3/ChangeLog
Fixes:
- http://autobuild.buildroot.org/results/46d3ffc8885245ee9a56a528be055b0b27a18245
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix the following build failure without DES raised since bump to version
26.0.2 in commit 2cfa86a548:
cipher.c:51:42: error: 'EVP_des_ede3_cbc' undeclared here (not in a function); did you mean 'SN_des_ede3_cbc'?
51 | {{"des_ede3_cbc"}, "des-ede3-cbc", {&EVP_des_ede3_cbc}, 0, 0},
| ^~~~~~~~~~~~~~~~
| SN_des_ede3_cbc
Fixes:
- http://autobuild.buildroot.org/results/1aace0ee738f8ec4aa2c9a739fc7535c3b6bf884
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
