Fix CVE-2021-3336: DoTls13CertificateVerify in tls13.c in wolfSSL before
4.7.0 does not cease processing for certain anomalous peer behavior
(sending an ED22519, ED448, ECC, or RSA signature without the
corresponding certificate). The client side is affected because
man-in-the-middle attackers can impersonate TLS 1.3 servers.
https://github.com/wolfSSL/wolfssl/releases/tag/v4.7.0-stable
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit b83184de67 (package/libjpeg: switch to s.b.o. as source site)
improperly added a trailing slash '/' at the end of LIBJPEG_SITE,
causing builds to fail:
package/libjpeg/libjpeg.mk:35: *** LIBJPEG_SITE (http://sources.buildroot.org/libjpeg/) cannot have a trailing slash. Stop.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
FOO_CPE_ID_VALID really ought to be an internal implementaion detail.
Packages that really want to trigger their CPE defintitions really
should set one of the actual variables to a meaningful value.
There are two CPE-related variables that we could chose to set to
replace FOO_CPE_ID_VALID: FOO_CPE_ID_VENDOR and FOO_CPE_ID_PRODUCT.
Between those two, _VENDOR more often diverges from the default than
_PRODUCT does, so that's what we use.
---8<------8<------8<------8<------8<---
#!/bin/bash
# Replace FOO_CPE_ID_VALID = YES with FOO_CPE_ID_VENDOR = foo_project
for i in $(git grep -l -E '[^)]_CPE_ID_VALID = YES' package support); do
pkg="$(basename "${i%/*}")"
sed -r -i -e "s/_CPE_ID_VALID = YES/_CPE_ID_VENDOR = ${pkg}_project/" "${i}"
done
---8<------8<------8<------8<------8<---
Reported-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Cc: Matthew Weber <matthew.weber@rockwellcollins.com>
Cc: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[Peter: update cpe-test comment to reflect pkg3 change]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The CPE variables are derived from the package upstream values, so they
must be set from the package values, not the other way around.
Also drop CPE_ID_VALID as it is implied as soon as at least one CPE
variable is set.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Peter Korsgaard <peter@korsgaard.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
FOO_CPE_ID_VALID is an internal implementation detail. Packages should
really define an actual CPE_ID variable to trigger their full CPE_ID
definition.
Reported-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Cc: Matthew Weber <matthew.weber@rockwellcollins.com>
Cc: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[Peter: completely drop any mention of _CPE_ID_VALID in the manual]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The belle-sip package exhibits gcc bug 99410 when built for the Nios2
architecture with optimization enabled, which causes a build failure.
As done for other packages in Buildroot work around this gcc bug by
setting optimization to -O0 if BR2_TOOLCHAIN_HAS_GCC_BUG_99410=y.
Fixes:
http://autobuild.buildroot.net/results/71f26fd81db8e9b19b3f18f3f3cefd9c768f094f/
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The asterisk package exhibits gcc bug 93847 when built for the Nios2
architecture with optimization enabled, which causes a build failure.
As done for other packages in Buildroot work around this gcc bug by
setting optimization to -O0 if BR2_TOOLCHAIN_HAS_GCC_BUG_93847=y.
Fixes:
http://autobuild.buildroot.net/results/24c0a6ca3b272711a1e6ceaa033925182d0d49c4
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Actually asterisk package gets built with -O3 cflag since it's defaulted
into its sources, but it's not what we want, so let's empty its OPTIMIZE
Makefile variable letting Buildroot CFLAGS to take place instead.
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
openblas internally sets -O2, after the flags being passed by Buildroot
(e.g. -Os).
Patch openblas to let the Buildroot-specified flag survive.
Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
openblas strips off -O1-O3 for certain source files, but forgets to handle
-Os, -Og and -O. This means that the intended effect of 'no optimization' is
not always reached.
Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Buildroot specifies a value for FFLAGS on the make command-line.
While the openblas makefiles allowed this principle for the most part by
using 'override FFLAGS += ....', the make.inc file generated for the shipped
'lapack' sources just used a 'FFLAGS = ...' statement, whose value is then
eclipsed by the command-line FFLAGS.
This meant that -fPIC may be passed to the link step but not to all relevant
source files, causing relocation failures.
Fixes: http://autobuild.buildroot.net/results/d530db0f37e1e0462e3af1e1787e15f94ff21884/
Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This package fails to build with Nios II up to gcc version 10.x and no
work around has been found. So let's disable it whil building for Nios
II.
Fixes:
http://autobuild.buildroot.net/results/a05fdf1958f93a206c5c66c7f636b6650683626d
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes#13581
The tarball for version 9d, released 2020-01-12, has been silently
replaced upstream (a unicode BOM was removed from a few files),
causing hash mismatch.
This means that all our versions since 2020.02 will fail the hash
check, and fallback to using s.b.o. so we can't update the copy we
have on s.b.o.
As a consequence, we can't update the hash in master (soon 2021.02)
otherwise it would not match what we have on s.b.o.
This means that users will see hash mismatch by default, which is not
very nice. Although we can't do anything for all previous releases,
we can still try to paper over the problem for the future ones, like
2021.02, by switching the upstream to be s.b.o.
Sigh... :-(
Reported-by: Nick Shaforostov <mshaforostov@airmusictech.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Cc: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Changes:
* Fix JP2 decoder bug that can cause a null pointer dereference for
some invalid CDEF boxes. (#268)
Signed-off-by: Michael Vetter <jubalh@iodoru.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
cpe:2.3🅰️libsdl:sdl_image is a valid CPE identifier for this package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Alibsdl%3Asdl2_image
Indeed, cpe:2.3🅰️libsdl:sdl2_image contains a single CPE entry for
version 2.0.4, all the other entries have been deprecated in favor of
cpe:2.3🅰️libsdl:sdl_image:
<cpe-item name="cpe:/a:libsdl:sdl2_image:2.0.3" deprecated="true" deprecation_date="2020-07-28T15:42:37.767Z">
<reference href="https://www.libsdl.org/projects/SDL_image/">Product</reference>
<cpe-23:cpe23-item name="cpe:2.3🅰️libsdl:sdl2_image:2.0.3:*:*:*:*:*:*:*">
<cpe-23:deprecated-by name="cpe:2.3🅰️libsdl:sdl_image:2.0.3:*:*:*:*:*:*:*" type="NAME_CORRECTION"/>
<cpe-item name="cpe:/a:libsdl:sdl2_image:2.0.4">
<reference href="http://hg.libsdl.org/SDL_image/">Version</reference>
<cpe-23:cpe23-item name="cpe:2.3🅰️libsdl:sdl2_image:2.0.4:*:*:*:*:*:*:*"/>
<cpe-item name="cpe:/a:libsdl:sdl2_image:2.0.5" deprecated="true" deprecation_date="2020-07-28T15:42:40.500Z">
<reference href="http://hg.libsdl.org/SDL_image/">Version</reference>
<cpe-23:cpe23-item name="cpe:2.3🅰️libsdl:sdl2_image:2.0.5:*:*:*:*:*:*:*">
<cpe-23:deprecated-by name="cpe:2.3🅰️libsdl:sdl_image:2.0.5:*:*:*:*:*:*:*" type="NAME_CORRECTION"/>:
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit e5594f7239 fixed privsep for sh,
or1k, microblaze, xtensa, arc, nds32 and nios2, but failed to take into
account that the audit functionality is only available in recent kernels
on those architectures.
Pass the --disable-privsep configure option if the kernel is too old in
those architectures.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
riscv32 is (surprise!) a 32-bit architecture. But it has been Y2038-safe
from its inception. As such, there are no legacy binaries that may use
the 32-bit time syscalls, and thus they are not available on riscv32.
Code that directly calls to the syscalls without using the C libraries
wrappers thus need to handle this case by themselves. That's what
upstream tried to do with:
5b5e2985f3
We initially carried that patch with 2bb26c1a1d (package/libopenssl:
fix build on riscv32).
However, as Arnd Bergmann puts it [0]:
The patch looks wrong to me: __NR_io_pgetevents_time64 must be used
whenever time_t is 64-bit wide on a 32-bit architecture, while
__NR_io_getevents/__NR_io_pgetevents must be used when time_t is the
same width as 'long'.
Checking whether __NR_io_getevents is defined is wrong for all
architectures other than riscv
And Arnd agrees that patch should be reverted [1] [2] (there are further
comments in that stream, that are worth reading).
As such, we've reverted 2bb26c1a1d with 6cfb4ad7f7.
This means we have no working solution to enable openssl on riscv32 for
now. So, rather than fail the build, or backport a dysfunctional patch,
let's just forbid openssl on riscv32.
Drop the default from the choice selection; it was anyway superfluous:
the default of a choice, if left unspecified, is the first entry of the
choice. Also, having a default means we'd have to also propagate the
dependencies of the defaulted-to symbol, which is yet a little bit more
maintenance. Since the chances we get a third implementation of openssl
are pretty slim (very, very slim), reasoning about what is the default
is still very easy.
When propagating dependencies to tpm2-tss' users, we've tried to keep
the architecture dependency toward the top when possible, and otherwise
we've added it together with existing arch dependencies (MMU).
While at it, drop a useless redundant comment in ibm-sw-tpm2: if we
select FORCE_LIBOPENSSL, it is obvious that's because libressl is not
supported... Besides none of the other users of FORCE_LIBOPENSSL have
such a comment.
Fixes:
http://autobuild.buildroot.org/results/eb9/eb9a64d4ffae8569b5225083f282cf87ffa7c681/
...
http://autobuild.buildroot.org/results/07e/07e413b24ba8adc9558c80267ce16dda339bf032/
[0] 5b5e2985f3 (commitcomment-44782859)
[1] 5b5e2985f3 (commitcomment-47826509)
[2] 5b5e2985f3 (commitcomment-47830530)
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Reviewed-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Cc: Peter Korsgaard <peter@korsgaard.com>
Cc: Matthew Weber <matthew.weber@rockwellcollins.com>
Cc: Mark Corbin <mark@dibsco.co.uk>
