Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 3466797ced)
[Peter: drop Makefile change]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Drop dbus build dependency to avoid the following build failure since
commit 1db1322639 if systemd-polkit is
enabled:
package/dbus/dbus.mk:124: *** Recursive variable 'DBUS_FINAL_RECURSIVE_DEPENDENCIES' references itself (eventually). Stop.
Fixes:
- http://autobuild.buildroot.org/results/0e038fae0f5fc2db3e85be05db4612e4f2395e35
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fix the following build failure with gcc 4.8 raised since bump to
version 0.6.23 in commit e2f8050976:
exif-gps-ifd.c: In function 'exif_get_gps_tag_info':
exif-gps-ifd.c:62:3: error: 'for' loop initial declarations are only allowed in C99 mode
for (int i = 0; i < sizeof(exif_gps_ifd_tags) / sizeof(ExifGPSIfdTagInfo); ++i) {
^
exif-gps-ifd.c:62:3: note: use option -std=c99 or -std=gnu99 to compile your code
Fixes:
- http://autobuild.buildroot.org/results/7dd222e06d1e6611449fb8fe7516817c9ad43d65
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Build fails since commit c47ebe7aeb
because xlib_libXi is a mandatory dependency since version 1.2.0 and
420c2d8517:
configure: error: Package requirements (xi >= 1.7 x11 xt xext xmu xproto >= 7.0.17) were not met:
Package 'xi', required by 'virtual:world', not found
Fixes:
- http://autobuild.buildroot.org/results/896f45fb9eadcd235aeab096db479ee0aa5d0860
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[yann.morin.1998@free.fr: split multi-line dependency]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
xrender is optional, not mandatory since its addition in version 1.0.99:
5e825a140f
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
- Fix CVE-2021-23437 Raise ValueError if color specifier is too long
- Fix 6-byte OOB read in FliDecode
- Update indentation in hash file (two spaces)
https://github.com/python-pillow/Pillow/releases/tag/8.3.2
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
- Fix CVE-2021-40145: ** DISPUTED ** gdImageGd2Ptr in gd_gd2.c in the GD
Graphics Library (aka LibGD) through 2.3.2 has a double free. NOTE:
the vendor's position is "The GD2 image format is a proprietary image
format of libgd. It has to be regarded as being obsolete, and should
only be used for development and testing purposes."
- Drop patch (already in version)
- Update hash of COPYING (duplicate merged and title added with
82d26095056013c7bcf6)
https://github.com/libgd/libgd/releases/tag/gd-2.3.3
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
- Fix several issues found by Covscan in the testsuite. These include:
- CWE-170: String not null terminated (STRING_NULL)
- CWE-188: Reliance on integer endianness (INCOMPATIBLE_CAST)
- CWE-190: Unintentional integer overflow (OVERFLOW_BEFORE_WIDEN)
- CWE-569: Wrong sizeof argument (SIZEOF_MISMATCH)
- CWE-573: Missing varargs init or cleanup (VARARGS)
- CWE-687: Argument cannot be negative (NEGATIVE_RETURNS)
- Update hash of LICENSING due to files being updated with:
44e9eb57b4578271c377https://github.com/besser82/libxcrypt/blob/v4.4.25/NEWS
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
- Drop patches (already in version) and so autoreconf
- Update hash of COPYING due to updates in year and authors with
53ff2e6da4c998f79384635caa9078
- Update indentation in hash file (two spaces)
https://www.libssh2.org/changes.html#1.10.0
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
- Fix CVE-2021-3770: vim is vulnerable to Heap-based Buffer Overflow
- Update hash of README.txt due to changes not related to license:
f2a44e5c4889a9c159f2
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix CVE-2021-3634: A flaw has been found in libssh in versions prior to
0.9.6. The SSH protocol keeps track of two shared secrets during the
lifetime of the session. One of them is called secret_hash and the other
session_id. Initially, both of them are the same, but after key
re-exchange, previous session_id is kept and used as an input to new
secret_hash. Historically, both of these buffers had shared length
variable, which worked as long as these buffers were same. But the key
re-exchange operation can also change the key exchange method, which can
be based on hash of different size, eventually creating "secret_hash" of
different size than the session_id has. This becomes an issue when the
session_id memory is zeroed or when it is used again during second key
re-exchange.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
- Drop patches (already in version)
- Fix some more denial of service (compute time or stack exhaustion)
counter-measures added that avoid minutes of decoding time with
malformed files found by OSS-Fuzz
https://github.com/libexif/libexif/releases/tag/v0.6.23
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
protobuf moved from the google org to protocolbuffers in 2018.
There is a redirect but we should use the official url.
Signed-off-by: Michael Nosthoff <buildroot@heine.tech>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
pause() is defined in glibc since the very early times; it appears in
upstream commit 28f540f45bba (initial import) in 1995 [0].
Bluez has been defining a function named pause() for ages too, since
comit caab74c97542 (media: Implement new callbacks for pass-through
operations) in 2013 [1]
With the recent bump to glibc 2.34.xxx, the build now fails because the
two pause() clash:
profiles/audio/media.c:1284:13: error: conflicting types for 'pause'
1284 | static bool pause(void *user_data)
| ^~~~~
In file included from /tmp/instance-0/output-1/per-package/bluez5_utils/host/s390x-buildroot-linux-gnu/sysroot/usr/include/bits/sigstksz.h:24,
from /tmp/instance-0/output-1/per-package/bluez5_utils/host/s390x-buildroot-linux-gnu/sysroot/usr/include/signal.h:328,
from /tmp/instance-0/output-1/per-package/bluez5_utils/host/bin/../s390x-buildroot-linux-gnu/sysroot/usr/include/glib-2.0/glib/gbacktrace.h:36,
from /tmp/instance-0/output-1/per-package/bluez5_utils/host/bin/../s390x-buildroot-linux-gnu/sysroot/usr/include/glib-2.0/glib.h:34,
from profiles/audio/media.c:21:
/tmp/instance-0/output-1/per-package/bluez5_utils/host/s390x-buildroot-linux-gnu/sysroot/usr/include/unistd.h:489:12: note: previous declaration of 'pause' was here
489 | extern int pause (void);
| ^~~~~
The culprit is indeed glibc 2.34, as can be seen in this result matrix:
\ bluez5_utils
glibc \ 5.60 | 5.61
-------\-------+--------
2.33 | OK | OK
-------+-------+--------
2.34 | KO | KO
Even though we first bumped to glibc 2.34, then to blues5_utils 5.61,
we did not notice build issues with bluez5_utils 5.60 because the two
bumps were too close to each other for the failure to trigger in the
autobuilders.
The underlying reason that pause() is now causing issues with glibc 2.34
is not obvious: glibc is a big beast, and finding such issues is not
easy. However, we can see that the pause() provided by NPTL has been
dropped in favour of the generic one, so maybe this is causing symbol
visibility or weakness to change or something...
We fix that by renaming the local pause() in bluez5_utils with a
namespace-prefix, like some other functions there already have.
Fixes:
- http://autobuild.buildroot.org/results/c4f/c4fbface34be8815838fd7201621d7a8fddd32c5/
- http://autobuild.buildroot.org/results/62b/62b88740f19fbe4a1ad7959dc141d539eb88c1f8/
[0] https://sourceware.org/git/?p=glibc.git;a=commit;h=28f540f45bbacd939bfd07f213bcad2bf730b1bf
[1] caab74c975
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[yann.morin.1998@free.fr: extend commit log with the glibc culprit]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
* add changelog and Signed-off-by to patches
* use correct name for patch 0002
Signed-off-by: Michael Nosthoff <buildroot@heine.tech>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
xdg is needed (and can't be make optional as it is unconditionally used
in pulseaudio.fc) to fix the following build failure raised since commit
bf44a11cf6:
Compiling targeted policy.33
env LD_LIBRARY_PATH="/tmp/instance-0/output-1/host/lib:/tmp/instance-0/output-1/host/usr/lib" /tmp/instance-0/output-1/host/usr/bin/checkpolicy -c 33 -U deny -S -O -E policy.conf -o policy.33
policy/modules/apps/pulseaudio.te:44:ERROR 'attribute xdg_config_type is not declared' at token ';' on line 317285:
#line 44
typeattribute pulseaudio_xdg_config_t xdg_config_type;
checkpolicy: error(s) encountered while parsing configuration
make[1]: *** [Rules.monolithic:79: policy.33] Error 1
Fixes:
- http://autobuild.buildroot.org/results/818219c0f722080d9f6ef778fdc50e34dd4187ab
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Update download to use official gitlab source url.
Drop patches that are now upstream.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Boost 1.77.0 broke the build of the math component on architectures
without lockfree atomics. This was reported in [0].
This patch adds the relevant patches from the upstream patchset[1] which fix the build
and removes the dependency on BR2_TOOLCHAIN_SUPPORTS_ALWAYS_LOCKFREE_ATOMIC_INTS
[0] https://github.com/boostorg/math/issues/673
[1] https://github.com/boostorg/math/pull/684
Signed-off-by: Michael Nosthoff <buildroot@heine.tech>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The mainline U-Boot can create an i.MX specific firmware image (e.g. flash.bin).
For this the i.MX firmware files (DDR, HDMI) must be in the toplevel directory.
Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Reviewed-by: Fabio Estevam <festevam@gmail.com>
[yann.morin.1998@free.fr: simplify hook]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The version bump [1] for the rpm package to v4.17 added the newly
required dependency to Lua; however, the change limited support to only
v5.3 (and not higher). Correcting support for v5.3 or higher by making
a dependency on the Lua package and omitting older versions which are
not supported (specifically, the v5.1 series)
[1]: 429e247b86
Signed-off-by: James Knight <james.d.knight@live.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
openjdk needs host gcc >= 4.9 since bump to version 16.0.1+9 in commit
057e27029c and
2a8f92e7e7:
configure: Using gcc BuildC compiler version 4.8.5 [cc (GCC) 4.8.5 20150623 (Red Hat 4.8.5-44)]
configure: Using gcc BuildC++ compiler version 4.8.5 [g++ (GCC) 4.8.5 20150623 (Red Hat 4.8.5-44)]
configure: Using gcc build linker version 2.27 [GNU ld version 2.27-44.base.el7]
[...]
g++: error: unrecognized command line option '-std=c++14'
Add a dependency on host gcc >= 4.9 for the OpenJDK 16 version only, so
that users can still use OpenJDK 11 on older distributions.
Fixes:
- http://autobuild.buildroot.org/results/7072308d148ccb8237180729551df65c87a76f11
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[yann.morin.1998@free.fr: limit the dependency to OpenJDK 16]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fix the following recursive dependency added with commit
429e247b86:
package/openssl/Config.in:4:error: recursive dependency detected!
package/openssl/Config.in:4: symbol BR2_PACKAGE_OPENSSL is selected by BR2_PACKAGE_LIBGCRYPT
package/libgcrypt/Config.in:1: symbol BR2_PACKAGE_LIBGCRYPT is selected by BR2_PACKAGE_OPENSSL
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
If the ATF binary is used by U-Boot, the file is expected to be in the
toplevel directory.
Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Reviewed-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
In mainline u-boot more and more imx8 boards are switched to binman
to create the imx specific image (flash.bin). To support this the
(lp)ddr firmware training files are needed. For this to work all files
should be made available to the U-Boot build.
Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Reviewed-by: Gary Bisson <gary.bisson@boundarydevices.com>
Reviewed-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Drop patch that is now upstream.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Reviewed-by: Kieran Bingham <kieran.bingham@ideasonboard.com.
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
osm2pgsql needs C++14 since bump to version 1.5.1 in commit
a71661ffb2 and
d35dd358d6
to avoid the following build failure:
/home/buildroot/autobuild/instance-1/output-1/build/osm2pgsql-1.5.1/src/db-copy.cpp: In member function 'void db_copy_thread_t::sync_and_wait()':
/home/buildroot/autobuild/instance-1/output-1/build/osm2pgsql-1.5.1/src/db-copy.cpp:108:16: error: 'make_unique' is not a member of 'std'
add_buffer(std::make_unique<db_cmd_sync_t>(std::move(barrier)));
^
Fixes:
- http://autobuild.buildroot.org/results/30ae4b9405454919437098d29abbd743638c9423
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Reviewed-by: Maxim Kochetkov <fido_max@inbox.ru>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
