Drop patches that are now upstream.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
While upstream pistache has not yet released a stable 'tag'
a lot has changed since June 2020:
* project has moved to meson build system, cmake builds
do not install headers.
* patches in buildroot are no longer required
* project-implemented Pistache::Optional was replaced by
use of std::optional. This is only available in C++17
* dependency to rapidjson has been introduced
Signed-off-by: Thomas Ruschival <thomas@ruschival.de>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Switch to autotools-package to avoid the following static build failure
since commit d661740201:
[ 56%] Linking C executable rtl_biast
/home/peko/autobuild/instance-1/output-1/host/opt/ext-toolchain/bin/../lib/gcc/riscv64-buildroot-linux-musl/10.3.0/../../../../riscv64-buildroot-linux-musl/bin/ld: attempted static link of dynamic object `/home/peko/autobuild/instance-1/output-1/host/riscv64-buildroot-linux-musl/sysroot/lib/libatomic.so'
collect2: error: ld returned 1 exit status
Drop both cmake-related patches
Fixes:
- http://autobuild.buildroot.org/results/cf84759682848db8ed5610e1abe5a92337d0e957
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
The git:// location is no longer supported by github, so change to https://
For more details:
https://github.blog/2021-09-01-improving-git-protocol-security-github/
Signed-off-by: Neal Frager <neal.frager@amd.com>
Reviewed-by: Luca Ceresoli <luca@lucaceresoli.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Writing into /dev/urandom doesn't actually credit any entropy bits. And
while it adds that data to the entropy pool, it won't actually be
immediately used when reading from /dev/urandom subsequently. This is
how the kernel's /dev/urandom has always worked, unfortunately.
As a result of this behavior, which may be understandably surprising,
writing a good seed file into /dev/urandom and then saving a new seed
file immediately after is dangerous, because the new seed file may wind
up being entirely deterministic, even if the old seed file was quite
good.
This has been fixed in systemd with
<da2862ef06>,
and fortunately it's possible to do the same thing in shell script here.
Specifically, instead of just saving new /dev/urandom output straight
up, we hash the new /dev/urandom together with the old seed, in order to
produce the new seed. This way the amount of entropy in the new seed
will stay the same or get better, but not appreciably regress.
At the same time, the pool size check in this script is useless. Writing
to /dev/urandom never credits bits anyway, so no matter what, writing
into /dev/urandom is useful and not harmful. There's also not much of a
point in seeding with more than 256 bits, which is what the hashing
operation above produces. So this commit removes the file size check.
As a final note, while this commit improves upon the status quo by
removing a vulnerability, this shell script still does not actually
initialize the RNG like it says it does. For initialization via a seed
file, the RNDADDENTROPY ioctl must be used but there's currently no way
to do that from a shell script for now.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Changelog: https://curl.se/changes.html
Updated license hash due to copyright year bump:
0409192b1f
The NSS crypto backend requires a special option now, without it
configure errors out with:
configure: error: NSS use must be confirmed using --with-nss-deprecated. NSS support will be dropped from curl in August 2022. See docs/DEPRECATE.md
Since it will be removed entirely soon anyway, and since this version
doesn't fix any CVEs so doesn't need to be backported to stable
branches, drop the NSS option entirely.
Since NSS is going to be removed soon, drop the --without-nss as well.
It is never going to be enabled automatically.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
[Arnout: drop NSS option entirely, as suggested by Baruch Siach.]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fix CVE-2022-21716: Twisted is an event-based framework for internet
applications, supporting Python 3.6+. Prior to 22.2.0, Twisted SSH
client and server implement is able to accept an infinite amount of data
for the peer's SSH version identifier. This ends up with a buffer using
all the available memory. The attach is a simple as `nc -rv localhost 22
< /dev/zero`. A patch is available in version 22.2.0. There are
currently no known workarounds.
https://github.com/twisted/twisted/releases/tag/twisted-22.2.0
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fix CVE-2022-26495: In nbd-server in nbd before 3.24, there is an
integer overflow with a resultant heap-based buffer overflow. A value of
0xffffffff in the name length field will cause a zero-sized buffer to be
allocated for the name, resulting in a write to a dangling pointer. This
issue exists for the NBD_OPT_INFO, NBD_OPT_GO, and NBD_OPT_EXPORT_NAME
messages.
Fix CVE-2022-26496: In nbd-server in nbd before 3.24, there is a
stack-based buffer overflow. An attacker can cause a buffer overflow in
the parsing of the name field by sending a crafted NBD_OPT_INFO or
NBD_OPT_GO message with an large value as the length of the name.
https://github.com/NetworkBlockDevice/nbd/compare/nbd-3.21...nbd-3.24
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fix the following build failure on sparc v8 raised since commit
5770a645a3:
ERROR: detected a std::atomic implementation that fails for function pointers.
Please apply the patch corresponding to your Standard Library vendor, found in
qtbase/config.tests/atomicfptr
Fixes:
- http://autobuild.buildroot.org/results/5a2/5a20e984a5536165056b3fbd93b8712e8ddbeed4/build-end.log
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fix the following build failure raised on uclibc and musl since the
reintroduction of the package in commit
16ff948444:
/home/giuliobenetti/autobuild/run/instance-3/output-1/host/opt/ext-toolchain/bin/../lib/gcc/arc-buildroot-linux-uclibc/10.2.0/../../../../arc-buildroot-linux-uclibc/bin/ld: common/.libs/libolacommon.so: undefined reference to `backtrace'
Fixes:
- http://autobuild.buildroot.org/results/4362b20d786a0f44268ec32a689c23ac6d3b71c6
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
As explained in the previous commit, AUTORECONF is necessary to handle a
build failure. Add a comment to make sure it doesn't get removed again
in the future.
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
This reverts commit 66d348ae18 because
for an unknown reason, the build fails if autoreconf is dropped:
/home/buildroot/autobuild/instance-2/output-1/host/opt/ext-toolchain/bin/../lib/gcc/i686-buildroot-linux-uclibc/9.3.0/../../../../i686-buildroot-linux-uclibc/bin/ld: warning: libolauartdmx.so.0, needed by olad/.libs/libolaserver.so, not found (try using -rpath or -rpath-link)
/home/buildroot/autobuild/instance-2/output-1/host/opt/ext-toolchain/bin/../lib/gcc/i686-buildroot-linux-uclibc/9.3.0/../../../../i686-buildroot-linux-uclibc/bin/ld: warning: libolaserverplugininterface.so.0, needed by olad/.libs/libolaserver.so, not found (try using -rpath or -rpath-link)
Fixes:
- http://autobuild.buildroot.org/results/f8164c69da0b9fa38081e8b785d8234f0f297ae1
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
This commit drop patches, as they are now included upstream or no longer
needed. It also introduces a new patch to fix a build failure for nios2.
MySQL include and library paths can now be provided in variables passed
to the build command. Variables MYSQL_{INC,LIB}DIR are renamed to
POCO_MYSQL_{INCLUDE,LIB}. For PostgreSQL support, variables
POCO_PGSQL_{INCLUDE,LIB} are also passed the same way to the build
command.
This poco version 1.11.1 introduces a new ActiveRecord component.
For changelog, see:
https://raw.githubusercontent.com/pocoproject/poco/poco-1.11.1-release/CHANGELOG
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
PostgreSQL support was introduced in poco v1.10.0, in commit:
8cec8f6451
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
For clarity, use the same names used in documentation, and component
selection in configure. Valid poco component names are defined in:
https://github.com/pocoproject/poco/blob/poco-1.11.1-release/components
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
This commit reorders dependencies and Kconfig package options
alphabetically for better maintainability.
This commit does not change anything else.
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
This patch updates my email address in the DEVELOPERS file.
Signed-off-by: Neal Frager <neal.frager@amd.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Add some more cortexes with VHE, and enable aarch64.
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
Reviewed-by: Thomas Huth <huth@tuxfamily.org>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
s390x is supported since
3934308046
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Reviewed-by: Thomas Huth <huth@tuxfamily.org>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
- Retrieve official tarball
- Fix CVE-2021-45769: A NULL pointer dereference in
AcseConnection_parseMessage at src/mms/iso_acse/acse.c of libiec61850
v1.5.0 can lead to a segmentation fault or application crash.
- Fix many other vulnerabilities:
https://libiec61850.com/new-release-1-5-1-of-libiec61850
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
When supporting multiple hardware targets, overlay_map.dtb might
be needed to map overlay names to one of several implementations [1].
If the correct overlay names are specified in config.txt, the map file
is not needed, but it also doesn't hurt.
[1] https://github.com/raspberrypi/documentation/blob/develop/documentation/asciidoc/computers/configuration/device-tree.adoc#the-overlay-map-file
Signed-off-by: Rutger Sassen <rsassen@comecer.com>
Reviewed-by: Peter Seiderer <ps.report@gmx.net>
[Arnout: always install overlay_map.dtb]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fix the following build failure with gcc 4.8 raised since bump to
version 2.0.2 in commit 11a3989dbf:
color.c: In function 'parse_dir_colors':
color.c:103:11: error: redeclaration of 'i' with no linkage
for(int i=0; i < DOT_EXTENSION; i++) color_code[i] = NULL;
^
Fixes:
- http://autobuild.buildroot.org/results/e05595696727622eaf517944d4ff4414baf66bb2
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fix the following build failure with libxml2 raised since bump to
version 9.16.26 in commit 8adeaec8af:
configure: error: Specifying libxml2 installation path is not supported, adjust PKG_CONFIG_PATH instead
Fixes:
- http://autobuild.buildroot.org/results/648d29e4cfa6a40bb6e54793c044e9c834f03a1b
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Reviewed-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
openssl is mandatory since bump to version 9.16.26 in commit
8adeaec8af so move openssl variables in
the beginning of bind.mk instead of keeping them in the middle of the
file. Moreover, drop "BIND_DEPENDENCIES += host-pkgconf zlib" as
host-pkgconf is already mandatory
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fix the following build failure with musl and headers >= 5.15 raised
since bump to version 1.0.9 in commit
9af9dfa543:
In file included from /home/buildroot/autobuild/instance-3/output-1/host/arm-buildroot-linux-musleabihf/sysroot/usr/include/arpa/inet.h:9,
from ../../include/internal/internal.h:14,
from proto.c:2:
/home/buildroot/autobuild/instance-3/output-1/host/arm-buildroot-linux-musleabihf/sysroot/usr/include/netinet/in.h:23:8: error: redefinition of 'struct in6_addr'
23 | struct in6_addr {
| ^~~~~~~~
Fixes:
- http://autobuild.buildroot.org/results/19931aba8bee8867a53130ca4a53cfadbc4c5bfd
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Drop patch wich is included in the new version.
Also recreate config.xml by building and running Gerbera using:
```
~/buildroot/output/target/usr/bin/gerbera --create-config > package/gerbera/config.xml
```
Note, that Gerbera sets the `<home>` parameter to the runtime user's home by
default when generating the script. This is not appropriate when running Gerbera
on an embedded Linux system as we usually do not have multiple users or even
users at all. Therefore, we set the home directory to /var/lib/gerbera`.
Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
host-odb installs the ODB compiler, which when executed at runtime,
needs access to the libodb headers. This is a runtime dependency,
normally added in Config.in, but for host packages there is no way to
express a runtime dependency. In order to have them installed, add a
dependency on host-libodb.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Kamel Bouhara <kamel.bouhara@bootlin.com>
[Kamel: Add optional host-libodb-boost dependency]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Add host variant of libodb-boost required by the ODB compiler.
The libodb-boost headers are needed at compile time, and
therefore installed in $(HOST_DIR).
Signed-off-by: Kamel Bouhara <kamel.bouhara@bootlin.com>
[Arnout: add -std=c++11]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Commit ac9855e761 ("package/odb: fix
build with gcc 11") already fixed some gcc 11.x issues, but not all of
them. This commit backports two upstream patches fixing the remaining
issues, ensuring host-odb can be built on a gcc 11.x machine.
Fixes:
http://autobuild.buildroot.net/results/d37c4271e66d923f7af6a4e3dbad603fcd1c8119/
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Kamel Bouhara <kamel.bouhara@bootlin.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
This commit adds support for a new type of graph, showing the timeline
of a build. It shows, with one line per package, when each of this
package steps started/ended, and therefore allows to see the
sequencing of the package builds.
For a fully serialized build like we have today, this is not super
useful (except to show that everything is serialized), but it becomes
much more useful in the context of top-level parallel build.
We chose to order the graph by the time-of-configure, as it is the
closest to the actual cascade-style of a true dependency graph, which is
tiny bit more complex to achieve properly. The actual result still looks
pretty good.
The graph-build make target is extended to also generate this new
timeline graph.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
[yann.morin.1998@free.fr:
- sort by start-of-configure time
- re-use existing colorsets (default or alternate)
- fix python2isms
- fix check-package
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Virtual packages are not added to the _RDEPENDENCIES list of packages
that they depend on (i.e. their provider).
This causes <provider>-show-rdepends to not show the virtual package
and <provider>-show-recursive-rdepends to miss all the packages that
transitively depend on <provider> via the virtual package.
The virtual make targets (e.g. <pkg>-show-info) are also not marked as
phony for virtual packages.
To fix those issues, remove most of the special handling of virtual
packages in pkg-generic by making $($($(1)_KCONFIG_VAR))=y for them as
well.
This also allows removal of some duplicated code in pkg-generic.mk and a
now unneeded special condition in CHECK_ONE_DEPENDENCY.
Still keep the virtual package out of PACKAGES since there is e.g. no
need to rsync per-package target dir to global target dir. I am not
aware of any showstoppers preventing addition to PACKAGES as well,
though, so it is probably just an optimization.
Signed-off-by: Anssi Hannula <anssi.hannula@bitwise.fi>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
A malformed input file can lead to a segfault due to an out of bounds
array access in raptor_xml_writer_start_element_common.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Update hash of src/v3.cpp, update in year and "Frank Fock" added:
- _## SNMP++ v3.3
+ _## SNMP++ v3.4
- _## Copyright (c) 2001-2013 Jochen Katz, Frank Fock
+ _## Copyright (c) 2001-2021 Jochen Katz, Frank Fock
- _## Hewlett-Packard and Jochen Katz make no representations about the
- _## suitability of this software for any purpose. It is provided
+ _## Hewlett-Packard, Frank Fock, and Jochen Katz make no representations
+ _## about the suitability of this software for any purpose. It is provided
https://www.agentpp.com/download/changes_snmp++v3.txt
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
