diff LICENCE:
-Copyright (c) 2021 Calvin Rose and contributors
+Copyright (c) 2023 Calvin Rose and contributors
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fix the following build failure with libressl raised since bump to
version 3.5.2 in commit 8b216927db:
In file included from /tmp/instance-10/output-1/build/mariadb-10.3.36/vio/viosslfactories.c:18:
/tmp/instance-10/output-1/build/mariadb-10.3.36/vio/viosslfactories.c: In function 'get_dh2048':
/tmp/instance-10/output-1/build/mariadb-10.3.36/include/ssl_compat.h:68:45: error: invalid use of incomplete typedef 'DH' {aka 'struct dh_st'}
68 | #define DH_set0_pqg(D,P,Q,G) ((D)->p= (P), (D)->g= (G))
| ^~
Fixes:
- http://autobuild.buildroot.org/results/524198344aafca58d214537af64c5961c407b0f8
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This version contains a few minor fixes, provides better error messages,
and includes a new option to set the size of created tmpfs volumes.
Release notes:
https://github.com/containers/bubblewrap/releases/tag/v0.7.0
Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
- Drop patch (already in version)
- Update hash of COPYING (update in year:
927b202c69)
- builtin is a boolean since
aa4909766chttps://github.com/rockdaboot/libpsl/releases/tag/0.21.2
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Reviewed-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fluent Bit is a super fast, lightweight, and highly
scalable logging and metrics processor and forwarder.
Signed-off-by: Thomas Devoogdt <thomas.devoogdt@barco.com>
[Peter: add DEVELOPERS entry, drop STATIC_LIBS dependency]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
libcamera-apps is orphaned, so take care of it.
Signed-off-by: Marcus Folkesson <marcus.folkesson@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Libcamera recently started to tag releases, so use the version tag instead
of raw commit hash.
Signed-off-by: Daniel Semkowicz <dse@thaumatec.com>
Reviewed-by: Marcus Folkesson <marcus.folkesson@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Migrate zcu106_pmufw.elf location from nealfrager github to Xilinx github.
The image is identical, so this patch has zero impact on functionality.
Signed-off-by: Neal Frager <neal.frager@amd.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Migrate zcu102_pmufw.elf location from nealfrager github to Xilinx github.
The image is identical, so this patch has zero impact on functionality.
Signed-off-by: Neal Frager <neal.frager@amd.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Migrate kv260_pmufw.elf location from nealfrager github to Xilinx github.
The image is identical, so this patch has zero impact on functionality.
Signed-off-by: Neal Frager <neal.frager@amd.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Reduce the configs in the kria/uboot.fragment to only what is necessary.
These 4 configs are already included in the xilinx_zynqmp_virt_defconfig, so
it is redundant to include them in the kria/uboot.fragment file. Applying
this patch has zero impact on the u-boot binaries that are built.
This patch has been build and run tested on a kria kv260 starter kit.
Signed-off-by: Neal Frager <neal.frager@amd.com>
Reviewed-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix CVE-2022-40899: An issue discovered in Python Charmers Future 0.18.2
and earlier allows remote attackers to cause a denial of service via
crafted Set-Cookie header from malicious web server.
https://github.com/PythonCharmers/python-future/releases/tag/v0.18.3
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
- Fix CVE-2022-47952: lxc-user-nic in lxc through 5.0.1 is installed
setuid root, and may allow local users to infer whether any file
exists, even within a protected directory tree, because "Failed to
open" often indicates that a file does not exist, whereas "does not
refer to a network namespace path" often indicates that a file exists.
NOTE: this is different from CVE-2018-6556 because the CVE-2018-6556
fix design was based on the premise that "we will report back to the
user that the open() failed but the user has no way of knowing why it
failed"; however, in many realistic cases, there are no plausible
reasons for failing except that the file does not exist.
- Drop patches (already in version)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
- Drop eleventh patch (already in version)
- Update hash of LICENSE file (update in year)
- pcre2 is supported (and enabled by default) since
c6fec0b027http://nginx.org/en/CHANGES-1.22
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes CVE-2023-22742: when compiled with BR2_PACKAGE_LIBSSH2,
libgit2 fails to verify SSH keys by default.
https://github.com/libgit2/libgit2/blob/v1.5.1/docs/changelog.md
Signed-off-by: Nicolas Cavallari <nicolas.cavallari@green-communications.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This patch provides a way to enable utmp support when using systemd,
with it disabled by default, as some security concerns may apply. Still,
there are cases where having utmp is desirable, even though it is rare,
so let's make this configurable.
See commit 32f53bdfb4.
Signed-off-by: Casey Reeves <casey@xogium.me>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The default, the IANA PEN registry used by ipmitool is large (4 MiB+)
and changes at the whim of IANA, meaning reproducible builds may not be
possible by using the default package.
Add a configuration option to specify the source of the registry file.
Remote and local files are supported. If no source is specified, no
registry file will be installed to the target.
Backport upstream patches to allow this to add requisite support:
Make a missing registry file non-fatal
Make downloading/installing the registry optional
Signed-off-by: Vincent Fazio <vfazio@gmail.com>
Co-Developed-by: Yann E. MORIN <yann.morin.1998@free.fr>
[yann.morin.1998@free.fr:
- use https for the default URL
- use simple assignment for first _CONF_OPTS
- squeeze empty lines, comment closing endif
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
