In commit 325bb37942, support for the
Blackfin architecture was removed. This was our only use of
BR2_GCC_TARGET_CPU_REVISION, and since this config option somewhat
complicates the calculation of the --with-cpu/-mcpu option values,
let's drop it.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Drop 0003-memfd-fix-configure-test.patch applied upstream.
The 4.10.2 version brings a large number of fixes:
https://xenproject.org/downloads/xen-archives/xen-project-410-series/xen-4102.html
Including a number of security fixes:
XSA-260: x86: mishandling of debug exceptions (CVE-2018-8897)
XSA-261: x86 vHPET interrupt injection errors (CVE-2018-10982)
XSA-262: qemu may drive Xen into unbounded loop (CVE-2018-10981)
XSA-263: Speculative Store Bypass (CVE-2018-3639)
XSA-264: preemption checks bypassed in x86 PV MM handling (CVE-2018-12891)
XSA-265: x86: #DB exception safety check can be triggered by a guest
(CVE-2018-12893)
XSA-266: libxl fails to honour readonly flag on HVM emulated SCSI disks
(CVE-2018-12892)
XSA-267: Speculative register leakage from lazy FPU context switching
(CVE-2018-3665)
XSA-268: Use of v2 grant tables may cause crash on ARM (CVE-2018-15469)
XSA-269: x86: Incorrect MSR_DEBUGCTL handling lets guests enable BTS
(CVE-2018-15468)
XSA-272: oxenstored does not apply quota-maxentity (CVE-2018-15470)
XSA-273: L1 Terminal Fault speculative side channel (CVE-2018-3620,
CVE-2018-3646)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security issues:
CVE-2018-16151: The OID parser in the ASN.1 code in gmp allows any number of
random bytes after a valid OID.
CVE-2018-16152: The algorithmIdentifier parser in the ASN.1 code in gmp
doesn't enforce a NULL value for the optional parameter which is not used
with any PKCS#1 algorithm.
For more details, see the advisory:
https://www.strongswan.org/blog/2018/09/24/strongswan-vulnerability-(cve-2018-16151,-cve-2018-16152).html
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
In a private e-mail, Nathan said he no longer has the time to work on
this package, and would like to be removed from the DEVELOPERS file.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
If threads are not available, set SQLITE_THREADSAFE to 0.
Indeed, since version 3.25.0, the following line:
THREADSAFE_FLAGS=-DSQLITE_THREADSAFE=0
has been removed from configure.ac
As a result, SQLITE_THREADSAFE will be set to a default value of 1 even
if --disable-threadsafe is set
Fixes:
- http://autobuild.buildroot.org/results/70b1582edcb787746e4483e80b27f86ac781f0fa
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Update site address in Config.in
Add license hash.
host-python-setuptools-scm is now needed for setup.py
Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
As suggested by Romain Naour during review of patch 976582
(https://patchwork.ozlabs.org/patch/976582), drop bootutils as "upstream
is dead since 2009" and "BootUtils is a collection of utilities to
facilitate booting of modern Kernel 2.6 based systems"
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
LICENSE.TXT hash changed due to the Copyright date update.
Signed-off-by: Valentin Korenblit <valentinkorenblit@gmail.com>
Reviewed-by: Romain Naour <romain.naour@smile.fr>
Tested-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
LLVM_BUILD_GLOBAL_ISEL does no longer exist
LICENSE.TXT hash changed due to the Copyright date update.
Signed-off-by: Valentin Korenblit <valentinkorenblit@gmail.com>
Reviewed-by: Romain Naour <romain.naour@gmail.com>
Tested-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add a patch to customize path to pcre-config or pcre2-config instead of
messing with PCREDIR, PCRE2DIR and PCRE2_LDFLAGS variables
Fixes:
- http://autobuild.buildroot.net/results/490bc87b43074623d2338cfd2acb77d5de0abaa6
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Remove the --enable-i-really-know-what-i-am-doing[...] option removed by
upstream [1]. But keep BR2_PACKAGE_EFL_HAS_RECOMMENDED_CONFIG at Kconfig
level for Buildroot users since "warnings for disabling features have
been left intact".
Update license file hash since dates was removed from the license text.
[1] https://git.enlightenment.org/core/efl.git/commit/?id=1cda9fe749636484b1328e694a8dbbe4f9d0c31d
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Replace first patch which was adding sys/types.h to fix musl issue by a
patch adding sys/sysmacros.h to fix build with glibc 2.28
Fixes:
- http://autobuild.buildroot.org/results/c26761663a764a2eb7af54316a6dc78bd01490fb
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix CVE-2018-12543. If a message is sent to Mosquitto with a topic that
begins with $, but is not $SYS, then an assert that should be unreachable is
triggered and Mosquitto will exit.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Reworked patch from Gustavo Zacharias to make it apply to this version
Signed-off-by: Gilles Talis <gilles.talis@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
>From the release notes
(http://ftp.isc.org/isc/bind9/9.11.4-P2/RELEASE-NOTES-bind-9.11.4-P2.txt):
* There was a long-existing flaw in the documentation for ms-self,
krb5-self, ms-subdomain, and krb5-subdomain rules in update-policy
statements. Though the policies worked as intended, operators who
configured their servers according to the misleading documentation may
have thought zone updates were more restricted than they were; users of
these rule types are advised to review the documentation and correct
their configurations if necessary. New rule types matching the
previously documented behavior will be introduced in a future maintenance
release. [GL !708]
* named could crash during recursive processing of DNAME records when
deny-answer-aliases was in use. This flaw is disclosed in CVE-2018-5740.
[GL #387]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security issues:
- CVE-2018-16543: In Artifex Ghostscript before 9.24, gssetresolution and
gsgetresolution allow attackers to have an unspecified impact
- CVE-2018-17183: Artifex Ghostscript before 9.25 allowed a user-writable
error exception table, which could be used by remote attackers able to
supply crafted PostScript to potentially overwrite or replace error
handlers to inject code.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Carlos O'Donell (1):
Fix tst-setcontext9 for optimized small stacks.
DJ Delorie (3):
RISC-V: Fix rounding save/restore bug.
Regen RISC-V rvd ULPs
Improve ChangeLog message.
Florian Weimer (6):
Linux: Rewrite __old_getdents64 [BZ #23497]
error, error_at_line: Add missing va_end calls
nscd: Deallocate existing user names in file parser
nss_files: Fix file stream leak in aliases lookup [BZ #23521]
regex: Add test tst-regcomp-truncated [BZ #23578]
misc: New test misc/tst-gethostid
H.J. Lu (1):
i386: Use ENTRY and END in start.S [BZ #23606]
Martin Kuchta (1):
pthread_cond_broadcast: Fix waiters-after-spinning case [BZ #23538]
Mingli Yu (1):
Linux gethostid: Check for NULL value from gethostbyname_r [BZ #23679]
Paul Eggert (1):
regex: fix uninitialized memory access
Samuel Thibault (2):
hurd: Add missing symbols for proper libc_get/setspecific
hurd: Avoid PLTs for __pthread_get/setspecific
Stefan Liebler (1):
Fix segfault in maybe_script_execute.
Wilco Dijkstra (1):
Fix strstr bug with huge needles (bug 23637)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
