Bump mfgtools to include the fix [1] for the C++ build issue reported
by the autobuilders.
This bump include only 4 small commits fixing memory leak and this
build issue.
Remove CPOL.htm (removed upstream) from MFGTOOLS_LICENSE_FILES but CPOL
license is still valid.
Add the README.txt file to MFGTOOLS_LICENSE_FILES since it contains
licensing informations:
Licenses:
- CPOL: MfgToolLib/XmlLite.CPP and XmlLite.h
- BSD: Others.
Add license file hash.
[1] b370a43e54
Fixes:
http://autobuild.buildroot.net/results/7c2bbbe13ab315684f3502afd96958a76879b1d5
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Gary Bisson <gary.bisson@boundarydevices.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 34c4c0680a)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The old SGI site is not accessible anymore. Use the link from the README
file.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 1fa2f7646f)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This is a maintenance release of the current stable WebKitGTK+ version,
which contains fixes for CVE-2017-13866, CVE-2017-13870, CVE-2017-7156, and
CVE-2017-13856. Additionally, this release brings improvements in the
WebDriver spec-compliance, plugs several memory leaks in its GStreamer based
multimedia backend, and fixes a bug when handling cookie removal.
Release notes can be found in the announcement:
https://webkitgtk.org/2017/12/19/webkitgtk2.18.4-released.html
More details about the security fixes are provided in the following
WebKitGTK+ Security Advisory report:
https://webkitgtk.org/security/WSA-2017-0010.html
Last but not least, this new release includes the fix for honoring the
CMAKE_BUILD_TYPE value from CMake toolchain files and the corresponding
patch is removed.
Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit fbf6a483e0)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
(cherry picked from commit e7f82694cf)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security issues:
CVE-2017-13672: QEMU (aka Quick Emulator), when built with the VGA display
emulator support, allows local guest OS privileged users to cause a denial
of service (out-of-bounds read and QEMU process crash) via vectors involving
display update.
CVE-2017-15118: Stack buffer overflow in NBD server triggered via long
export name
CVE-2017-15119: DoS via large option request
CVE-2017-15268: Qemu through 2.10.0 allows remote attackers to cause a
memory leak by triggering slow data-channel read operations, related to
io/channel-websock.c.
For more details, see the release announcement:
https://lists.nongnu.org/archive/html/qemu-devel/2017-12/msg03618.html
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit eb2b3df626)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This would make the unicode challenged menuconfig show something
sensible.
Split the sentence for the text to make sense.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 5099c90939)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The receive_xattr function in xattrs.c in rsync 3.1.2 and 3.1.3-development
does not check for a trailing '\0' character in an xattr name, which allows
remote attackers to cause a denial of service (heap-based buffer over-read
and application crash) or possibly have unspecified other impact by sending
crafted data to the daemon.
For more details, see:
https://bugzilla.samba.org/show_bug.cgi?id=13112
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 7f33f1d848)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The (deprecated) libsamplerate support is not enabled unless
--enable-samplerate is passed to configure. Fix this.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 5b85c6a038)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Put together alsa-lib dependency and configure option code. As a side
effect we now avoid alsa-lib dependency when the required support in
alsa is missing.
Use positive logic.
Explicitly enable alsa support when available.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 8a560563f9)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The ConsoleKit module is loaded by default from the default.pa
configuration file, but its initialization fails because Buildroot has
no ConsoleKit package yet. This breaks per-user pulseaudio daemon.
The default.pa configuration load module-console-kit only when it
exists. Remove module-console-kit to fix pulseaudio per-user startup.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 64dab3c672)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
lldpd currently depends on a C++ compiler to configure properly, but
the package doesn't select that option, so builds fail if
BR2_TOOLCHAIN_BUILDROOT_CXX is not selected with following errors:
checking how to run the C++ preprocessor... /lib/cpp
configure: error: in `/home/dkc/src/buildroot/build-zii/build/lldpd-0.9.4':
configure: error: C++ preprocessor "/lib/cpp" fails sanity check
This package actually builds fine without C++, so drop this check in
configure.ac. Attached patch has already been accepted upstream [1].
[1] https://github.com/vincentbernat/lldpd/pull/261
[Peter: adjust autoreconf comment]
Signed-off-by: Damien Riegel <damien.riegel@savoirfairelinux.com>
Reviewed-by: Julien Floret <julien.floret@6wind.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 18c9cda6e4)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
See https://nodejs.org/en/blog/release/v8.9.3/
[Peter: mention that this fixes security issues]
Signed-off-by: Martin Bark <martin@barkynet.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 380c3d5e40)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
python-pycparser is mentioned in setup.py as install_requires, so
select it in Config.in.
As python-cffi will be installed with python-crossbar's dependencies,
remove it from python-crossbar's Config.in.
Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
(cherry picked from commit a24153a73f)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The gdb install target installs dynamic versions of libbfd and
libopcode, accidentally overwriting the binutils provided versions
(gdb itself links against the bundled static ones to avoid
version problems, so the dynamic ones are un-needed).
Prevent the installation by using the '--disable-install-libbfd'
configure option.
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
(cherry picked from commit b54c793195)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Release notes: https://mariadb.com/kb/en/mariadb-10129-release-notes/
Changelog: https://mariadb.com/kb/en/mariadb-10129-changelog/
Fixes the following security vulnerabilities:
CVE-2017-10378 - Vulnerability in the MySQL Server component of Oracle MySQL
(subcomponent: Server: Optimizer). Supported versions that are affected are
5.5.57 and earlier, 5.6.37 and earlier and 5.7.11 and earlier. Easily
exploitable vulnerability allows low privileged attacker with network access
via multiple protocols to compromise MySQL Server. Successful attacks of this
vulnerability can result in unauthorized ability to cause a hang or frequently
repeatable crash (complete DOS) of MySQL Server.
CVE-2017-10268 - Vulnerability in the MySQL Server component of Oracle MySQL
(subcomponent: Server: Replication). Supported versions that are affected are
5.5.57 and earlier, 5.6.37 and earlier and 5.7.19 and earlier. Difficult to
exploit vulnerability allows high privileged attacker with logon to the
infrastructure where MySQL Server executes to compromise MySQL Server.
Successful attacks of this vulnerability can result in unauthorized access to
critical data or complete access to all MySQL Server accessible data.
Signed-off-by: Ryan Coe <bluemrp9@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit e299197a2c)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This patch bumps the Linux CIP version to v4.4.105-cip15.
Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit e78cf9322d)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Since 0542bb79e8 (uboot: Support multiple environment source files),
missing user-supplied environment source files is no longer detected.
This is because we cat them all, and feed the concatenation to the stdin
of mkenvimage. So, if one source file is missing, the cat exits in error,
but the compound command exits with the exit code of the last command,
which is that of mkenvimage, which happens to be happy with whatever it
is fed on its stdin, even is empty.
We fix that by creating a temporary file, that we even leave afterward
for the user to inspect.
We also move it out of the _CMDS block and into a macro of its own, so
that it is easier to write and maintain.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Cam Hutchison <camh@xdna.net>
Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
(cherry picked from commit c9b6604fa7)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes socket leak that might cause denial of service.
https://bugzilla.redhat.com/show_bug.cgi?id=1523547
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
(cherry picked from commit a4c6ac59e6)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Since Linux kernel commit [1], the build of the iio tool has been
changed to use the common Linux tools build system. The installation
directory is now given by DESTDIR, like for all other Linux tools.
We keep the INSTALL_DIR environment in the 'install' target to be
compatible with kernels older than 4.14.
[1] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=18956cf2d78a8d4a5959e20240f04ce8d5a6c121
Signed-off-by: Julien BOIBESSOT <julien.boibessot@armadeus.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
(cherry picked from commit e47741d1a3)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Various bugfixes, including a compat fix for <= 3.10.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 6bfa6b2a04)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
List of fixes from the 2.26 branch NEWS files:
CVE-2017-15670: The glob function, when invoked with GLOB_TILDE,
suffered from a one-byte overflow during ~ operator processing (either
on the stack or the heap, depending on the length of the user name).
Reported by Tim Rühsen.
CVE-2017-15671: The glob function, when invoked with GLOB_TILDE,
would sometimes fail to free memory allocated during ~ operator
processing, leading to a memory leak and, potentially, to a denial
of service.
CVE-2017-15804: The glob function, when invoked with GLOB_TILDE and
without GLOB_NOESCAPE, could write past the end of a buffer while
unescaping user names. Reported by Tim Rühsen.
CVE-2017-17426: The malloc function, when called with an object size near
the value SIZE_MAX, would return a pointer to a buffer which is too small,
instead of NULL. This was a regression introduced with the new malloc
thread cache in glibc 2.26. Reported by Iain Buclaw.
Cc: Waldemar Brodkorb <wbx@openadk.org>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 971ed9653e)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The HDF5 package is used by flann for testing purpose only and is
not part of buildroot packages. However, if present in the host, it will
be used and trigger the unsafe header/library path used in
cross-compilation error.
Signed-off-by: Johan Oudinet <johan.oudinet@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
(cherry picked from commit f6ee339e92)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This new version includes a fix to allow compilation with compilers
defaulting to -fpie (gcc 6+). It also a fix for a critical bug in
Cobalt:
http://xenomai.org/pipermail/xenomai/2017-November/037923.html
Signed-off-by: Norbert Lange <nolange79@gmail.com>
Reviewed-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
(cherry picked from commit 34d20f0b87)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes CVE-2017-1000405.
[Peter: drop 4.14.x bump]
Signed-off-by: Fabio Estevam <festevam@gmail.com>
[Thomas: adjust commit description to mention the CVE being fixed.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
(cherry picked from commit 9f5178fa34)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Since
https://git.buildroot.net/buildroot/commit/package/kodi?id=bf9bfd065ba3fab328fd041ca040f2bf134fecf2
kodi itself does not depend on libxml2 anymore which previously
provided libxml2 still needed by kodi-pvr-stalker:
https://github.com/kodi-pvr/pvr.stalker/blob/Krypton/CMakeLists.txt#L12
Fixes a build error not caught by autobuilders because they do not have
host jdk installed:
CMake Error at /usr/share/cmake-3.7/Modules/FindPackageHandleStandardArgs.cmake:138 (message):
Could NOT find LibXml2 (missing: LIBXML2_LIBRARIES LIBXML2_INCLUDE_DIR)
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
(cherry picked from commit 7be5653b86)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Building this defconfig
BR2_TOOLCHAIN_BUILDROOT_LOCALE=y
BR2_TOOLCHAIN_BUILDROOT_CXX=y
BR2_ROOTFS_DEVICE_CREATION_DYNAMIC_EUDEV=y
BR2_PACKAGE_MESA3D=y
BR2_PACKAGE_MESA3D_DRI_DRIVER_I965=y
BR2_PACKAGE_MESA3D_OPENGL_EGL=y
BR2_PACKAGE_WESTON=y
BR2_PACKAGE_XORG7=y
is broken:
CC clients/weston_simple_dmabuf_drm-simple-dmabuf-drm.o
clients/simple-dmabuf-drm.c: In function 'create_display':
clients/simple-dmabuf-drm.c:758:15: warning: implicit declaration of function 'eglQueryString' [-Wimplicit-function-declaration]
extensions = eglQueryString(EGL_NO_DISPLAY, EGL_EXTENSIONS);
^~~~~~~~~~~~~~
clients/simple-dmabuf-drm.c:758:30: error: 'EGL_NO_DISPLAY' undeclared (first use in this function)
extensions = eglQueryString(EGL_NO_DISPLAY, EGL_EXTENSIONS);
^~~~~~~~~~~~~~
clients/simple-dmabuf-drm.c:758:30: note: each undeclared identifier is reported only once for each function it appears in
clients/simple-dmabuf-drm.c:758:46: error: 'EGL_EXTENSIONS' undeclared (first use in this function)
extensions = eglQueryString(EGL_NO_DISPLAY, EGL_EXTENSIONS);
^~~~~~~~~~~~~~
clients/simple-dmabuf-drm.c:759:21: warning: implicit declaration of function 'weston_check_egl_extension' [-Wimplicit-function-declaration]
if (extensions && !weston_check_egl_extension(extensions,
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
(cherry picked from commit be420d12f1)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
We use package names as poor-man's namespace, so fix that.
Reported by utils/check-package.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Adam Duskett <aduskett@gmail.com>
Cc: Clayton Shotwell <clayton.shotwell@rockwellcollins.com>
Cc: Matt Weber <matthew.weber@rockwellcollins.com>
[Thomas: use CHECKPOLICY_MAKE_OPTS instead of
CHECKPOLICY_TARGET_MAKE_OPTS, as it is more consistent with
HOST_CHECKPOLICY_MAKE_OPTS being used for the host variant.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
(cherry picked from commit d9f771b902)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This patch bump the Linux CIP kernel to version v4.4.98-cip13
Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
(cherry picked from commit 130b01d52b)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Since uboot 2017.09 path to dtc will be configured via Kconfig. As BR
skips this step for uboot-tools building one has to provide
CONFIG_MKIMAGE_DTC_PATH=dtc on the build command line. Otherwise
mkimage will not be able to create FIT images, i.e.:
mkimage -f kernel-fit.its kernel-fit.itb
will fail with very weird errors.
Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
(cherry picked from commit 21ab88c417)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
https://git.buildroot.net/buildroot/commit/package/linknx?id=e1c9a2349006e657e76dff35706a774376921fb7
made libcurl a hard dependency to fix autoreconf.
https://git.buildroot.net/buildroot/commit/package/linknx?id=b56083099f113817edc6811e2cdd820df1c80450
removed autoreconf but did not re-add libcurl as optional dependency by
mistakenly assuming that libcurl is needed only for autoreconf.
Tested using this defconfig:
BR2_TOOLCHAIN_BUILDROOT_CXX=y
BR2_PACKAGE_LIBCURL=y
BR2_PACKAGE_LINKNX=y
Configure log of linknx without this patch
checking for curl-config... /usr/bin/curl-config
checking for the version of libcurl... 7.52.1
checking for libcurl >= version 7.14.0... yes
checking whether libcurl is usable... no
and with this patch
checking for curl-config... /home/buildroot/br4/output/host/i586-buildroot-linux-uclibc/sysroot/usr/bin/curl-config
checking for the version of libcurl... 7.57.0
checking for libcurl >= version 7.14.0... yes
checking whether libcurl is usable... yes
checking for curl_free... yes
Inspired by the fli4l project
https://web.nettworks.org/repo/changelog/fli4l?cs=49347
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
(cherry picked from commit 22c8b9fce9)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
