Fixes the following security issues:
CVE-2017-12122: An exploitable code execution vulnerability exists in the
ILBM image rendering functionality of SDL2_image-2.0.2. A specially crafted
ILBM image can cause a heap overflow resulting in code execution. An
attacker can display a specially crafted image to trigger this
vulnerability.
CVE-2017-14440: An exploitable code execution vulnerability exists in the
ILBM image rendering functionality of SDL2_image-2.0.2. A specially crafted
ILBM image can cause a stack overflow resulting in code execution. An
attacker can display a specially crafted image to trigger this
vulnerability.
CVE-2017-14441: An exploitable code execution vulnerability exists in the
ICO image rendering functionality of SDL2_image-2.0.2. A specially crafted
ICO image can cause an integer overflow, cascading to a heap overflow
resulting in code execution. An attacker can display a specially crafted
image to trigger this vulnerability.
CVE-2017-14442: An exploitable code execution vulnerability exists in the
BMP image rendering functionality of SDL2_image-2.0.2. A specially crafted
BMP image can cause a stack overflow resulting in code execution. An
attacker can display a specially crafted image to trigger this
vulnerability.
CVE-2017-14448: An exploitable code execution vulnerability exists in the
XCF image rendering functionality of SDL2_image-2.0.2. A specially crafted
XCF image can cause a heap overflow resulting in code execution. An
attacker can display a specially crafted image to trigger this
vulnerability.
CVE-2017-14449: A double-Free vulnerability exists in the XCF image
rendering functionality of SDL2_image-2.0.2. A specially crafted XCF image
can cause a Double-Free situation to occur. An attacker can display a
specially crafted image to trigger this vulnerability.
CVE-2017-14450: A buffer overflow vulnerability exists in the GIF image
parsing functionality of SDL2_image-2.0.2. A specially crafted GIF image
can lead to a buffer overflow on a global section. An attacker can display
an image to trigger this vulnerability.
For details, see the announcement:
https://discourse.libsdl.org/t/sdl-image-2-0-3-released/23958
Also add a hash for the license file while we're at it.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 5fb8fbbb3e)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Drop now upstreamed patch.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit f26654596e)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Requests need hashlib to run with Python 2. Otherwise it is not possible to
import, due to missing e.g. md5.
[Peter: tweak commit message]
Signed-off-by: Sven Haardiek <sven.haardiek@iotec-gmbh.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 2c2f6f6630)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
When the run-time tests to build rust and rust-bin packages are run via Docker,
the $USER environment variable is not set, which makes cargo fail when
initializing the test project.
So add it to make cargo happy.
Signed-off-by: Eric Le Bihan <eric.le.bihan.dev@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 09a5eb427a)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
If one wants to use GDB with python support on the target, you need the support
files installed by GDB. These get usually deleted to save some space, so I just
wrapped the Makefile code deleting them in a conditional block depending on if
python support is active or not.
Signed-off-by: Jonas Zaddach <jzaddach@cisco.com>
Reviewed-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
[Thomas:
- use positive logic "if python is disabled"
- put the comment inside the condition, as suggested by Arnout]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit fa5ca6974d)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
CMake < 3.11 doesn't support add_library() without any source file
(i.e add_library(foo SHARED)). But flann CMake use a trick that use
an empty string "" as source list (i.e add_library(foo SHARED "")).
This look like a bug in CMake < 3.11.
With CMake >= 3.11, the new behaviour of add_library() break the
existing flann CMake code.
>From CMake Changelog [1]:
"add_library() and add_executable() commands can now be called without
any sources and will not complain as long as sources are added later
via the target_sources() command."
Note: flann CMake code doesn't use target_sources() since no source file
are provided intentionally since the flann shared library is created by
linking with the flann_cpp_s static library with this line:
target_link_libraries(flann_cpp -Wl,-whole-archive flann_cpp_s -Wl,-no-whole-archive)
If you try to use "add_library(flann_cpp SHARED ${CPP_SOURCES})" (as it should
be normally done), the link fail due to already defined symbol.
They are building the shared version using the static library "to speedup the
build time" [3]
This issue is already reported upstream [2] with a proposed solution.
Fixes:
http://autobuild.buildroot.net/results/b2f/b2febfaf8c44ce477b3e4a5b9b976fd25e8d7454
[1] https://cmake.org/cmake/help/v3.11/release/3.11.html
[2] https://github.com/mariusmuja/flann/issues/369
[3] 0fd62b43be
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Davide Viti <zinosat@tiscali.it>
Cc: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 0c469478f6)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 062dcceed0)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Drop upstream patch.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 4a92ee34da)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes CVE-2018-9234: Unenforced configuration allows for apparently
valid certifications actually signed by signing subkeys.
Remove --disable-doc from configure options. We pass this options to all
autotools packages.
Cc: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 3db93884a4)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The version of the ARM Trusted Firmware from Marvell was a Git branch,
not a Git commit, leading to unreproducible results. So let's use a
Git commit instead, which is the latest available from the branch that
was previously used.
More specifically, this branch has recently seen a fix that is needed
for ATF to build properly with recent gcc versions:
c96ec59f8b
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit ac260a2ace)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The version of the ARM Trusted Firmware from Marvell was a Git branch,
not a Git commit, leading to unreproducible results. So let's use a
Git commit instead, which is the latest available from the branch that
was previously used.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Tested-by: Sergey Matyukevich <geomatsi@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit c0f8d16621)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This test case currently fails to build with:
./build/juno/release/bl1/context_mgmt.o: In function `cm_prepare_el3_exit':
context_mgmt.c:(.text.cm_prepare_el3_exit+0x54): undefined reference to `cm_set_next_context'
context_mgmt.c:(.text.cm_prepare_el3_exit+0x54): relocation truncated to fit: R_AARCH64_JUMP26 against undefined symbol `cm_set_next_context'
This issue has been fixed upstream in commit
10c252c14b7f446c0b49ef1aafbd5d37804577dd, available since v1.3. So
while we bump, let's bump to the latest version of ATF, v1.5.
Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/64360659
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit e74a7cd1e0)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The release announcement mentions these security fixes:
Defend against Bellcore glitch attacks by verifying the results of RSA
private key operations.
Fix implementation of the truncated HMAC extension. The previous
implementation allowed an offline 2^80 brute force attack on the HMAC
key of a single, uninterrupted connection (with no resumption of the
session).
Reject CRLs containing unsupported critical extensions.
Fix a buffer overread in ssl_parse_server_key_exchange() that could
cause a crash on invalid input. (CVE-2018-9988)
Fix a buffer overread in ssl_parse_server_psk_hint() that could cause
a crash on invalid input. (CVE-2018-9989)
Drop upstream patch.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit babc94e9dd)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
While at it add the license file hash.
Signed-off-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 2c82d7c605)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
While at it add the license file hash.
Signed-off-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 8fa4e97929)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Build infos can break the build due to missing terminating " character.
Fixes:
http://autobuild.buildroot.net/results/3b1/3b1182783fc958dfed96c6b1c097993662fc7308
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 4600c2444d)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
In commit 2a27294e9a ("grub2: force
-fno-stack-protector in CFLAGS"), a fix was made to the grub2 package
to make it build properly even when SSP support is enabled.
However, commit 20a4583ebf ("security
hardening: add RELFO, FORTIFY options") reworked how SSP options are
passed, and they are now passed in CPPFLAGS instead of CFLAGS, making
the fix introduced by 2a27294e9a no
longer operating.
This commit will force no-stack-protector in CPPFLAGS instead of
CFLAGS.
Fixes bug #10961.
Signed-off-by: Tarek El-Sherbiny <tarek_el-sherbiny@waters.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 523b27afa9)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Remove a runtime warning message about configuration file being too old.
Do the same as commit 3dad25466d "syslog-ng: Bump version header in conf
file to 3.9". Package version of syslog-ng is 3.10.1, so bump version
number in syslog-ng.conf to 3.10.
Also add a comment to avoid the same warning message reappears when the
package is bumped.
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@datacom.ind.br>
Cc: Chris Packham <judge.packham@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 905f8d814a)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
https://pypi.python.org URL has been changed to https://pypi.org.
Package's JSON object now contains sha256 checksum, so use it
instead of locally computed one. Change comments in the hash
file accordingly.
Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 6766ff9d12)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
set x-includes and x-libraries configure option for cross-compiling.
wmctrl can use poisoned paths if these options are not passed to
configure script.
Fixes:
http://autobuild.buildroot.net/results/7e5/7e5cba8a5650a00e10d1a5528f38cb2bf772aee1
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Jérôme Pouiller <jezz@sysmic.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 046c5e2563)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
QML modules for QtWebSockets are located in /usr/qml/QtWebSockets since
Qt 5.5.
/usr/qml/Qt/WebSockets still exists for compatibility reasons, but
it contains only a qmldir file which points to ../../QtWebSockets/.
see also: http://doc.qt.io/qt-5.6/qtwebsockets-qmlmodule.html
Signed-off-by: Manfred Schlaegl <manfred.schlaegl@ginzinger.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 4f726cef4c)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Some files were missing on the first build of qt53d but added later:
- by qt5base for the plugins because it copies the whole /usr/lib/qt/plugins
directory
- by qt5declarative for the QML modules because it copies the whole
/usr/qml directory
Also, the qt53d examples were not installed if
BR2_PACKAGE_QT5BASE_EXAMPLES was set.
Signed-off-by: Romain Reignier <rom.reignier@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 4fd448c9c1)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
In addition to the 'halt', 'poweroff', 'reboot' symlinks pointing to
systemctl, add 'shutdown'.
Signed-off-by: Anssi Hannula <anssi.hannula@bitwise.fi>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 36ed046623)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The /lib/firmware directory contains random firmware for various
devices. It happens that some of them might be or appear to be ELF
files, but they shouldn't be checked by fix-rpath. For example, one of
the Qualcomm VPU firmware file appears to be an ELF file, but patchelf
isn't happy about it:
$ ./output/host/bin/patchelf --print-rpath output/target/lib/firmware/qcom/venus-4.2/venus.b00
patchelf: patchelf.cc:387: void ElfFile<Elf_Ehdr, Elf_Phdr, Elf_Shdr, Elf_Addr, Elf_Off, Elf_Dyn, Elf_Sym>::parse() [with Elf_Ehdr = Elf32_Ehdr; Elf_Phdr = Elf32_Phdr; Elf_Shdr = Elf32_Shdr; Elf_Addr = unsigned int; Elf_Off = unsigned int; Elf_Dyn = Elf32_Dyn; Elf_Sym = Elf32_Sym]: Assertion `shstrtabIndex < shdrs.size()' failed.
Aborted (core dumped)
Even though patchelf definitely shouldn't crash, it anyway doesn't
make sense to check ELF files in /lib/firmware, so let's exclude this
directory from our check.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 184cb52f6d)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
libglib2 is licensed under LGPL-2.1+ and not LGPL-2.0+ since release
2.53.3
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit fbd809c5f2)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit 4d279697af added /bin/bash to /etc/shells. In the default
skeleton, however, /etc/shells doesn't exist, so in fact it creates
this file, containing only /bin/bash. Therefore, when bash is selected,
/bin/sh does not appear in /etc/shells and bash is the only shell
allowed. Since /bin/sh is the shell that is used for root in the
default skeleton's /etc/passwd, root is no longer able to log in.
The proper solution is to add all available shells to /etc/shells. For
now, however, just revert commit 4d279697af as a stop-gap measure. That
way, the default situation still works, and only people who update
/etc/passwd with additional logins but don't update /etc/shells will
suffer.
This reverts commit 4d279697af.
Fixes: https://bugs.busybox.net/show_bug.cgi?id=10896
Cc: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Acked-by: Romain Naour <romain.naour@smile.fr>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes CVE-2018-1000156: arbitrary command execution in ed-style patches.
Depend on MMU for now, because the patch adds a fork() call. Upstream
later switched to gnulib provided execute(), so this dependency can be
dropped on the next version bump.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit f4a4df2084)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Custom dts files are still conditionally copied based on non existing
boolean. So it is currently not possible to use custom dts file(s) at all.
List of dts files is now iterated and files are copied into dedicated kernel arch dir.
Signed-off-by: Rafal Susz <rafal.susz@gmail.com>
Tested-by: Jan Kundrát <jan.kundrat@cesnet.cz>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 54157c6c2d)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The host directory no longer uses /usr.
This currently works because we still have the legacy /usr
symlink, but for correctness it is better that we just fix it.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Yegor Yefremov <yegorslists@googlemail.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit dac25351e6)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
zend_alloc.h defines some macros such as:
Where _estrdup is the actual function implemented by the PHP core. If
this header file is not included, and some code uses estrdup, one ends
up with an undefined reference. This happens when libexpat support is
enabled. This commit adds a PHP patch that fixes this issue. The patch
has been submitted upstream through a Github pull request.
Fixes:
http://autobuild.buildroot.net/results/889d2c1f509c035cd506e36061939bfddc8f1500/
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit fc4b66dbc1)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Security fixes since 2.2.12:
- wnpa-sec-2018-15
The MP4 dissector could crash. (Bug 13777)
- wnpa-sec-2018-16
The ADB dissector could crash. (Bug 14460)
- wnpa-sec-2018-17
The IEEE 802.15.4 dissector could crash. (Bug 14468)
- wnpa-sec-2018-18
The NBAP dissector could crash. (Bug 14471)
- wnpa-sec-2018-19
The VLAN dissector could crash. (Bug 14469)
- wnpa-sec-2018-20
The LWAPP dissector could crash. (Bug 14467)
- wnpa-sec-2018-23
The Kerberos dissector could crash. (Bug 14576)
- wnpa-sec-2018-05
The IEEE 802.11 dissector could crash. Bug 14442, CVE-2018-7335
- wnpa-sec-2018-06
Multiple dissectors could go into large infinite loops. All ASN.1 BER dissectors (Bug 14444), along with the DICOM (Bug 14411), DMP (Bug 14408), LLTD (Bug 14419), OpenFlow (Bug 14420), RELOAD (Bug 14445), RPCoRDMA (Bug 14449), RPKI-Router (Bug 14414), S7COMM (Bug 14423), SCCP (Bug 14413), Thread (Bug 14428), Thrift (Bug 14379), USB (Bug 14421), and WCCP (Bug 14412) dissectors were susceptible.
- wnpa-sec-2018-07
The UMTS MAC dissector could crash. Bug 14339, CVE-2018-7334
- wnpa-sec-2018-09
The FCP dissector could crash. Bug 14374, CVE-2018-7336
- wnpa-sec-2018-10
The SIGCOMP dissector could crash. Bug 14398, CVE-2018-7320
- wnpa-sec-2018-11
The pcapng file parser could crash. Bug 14403, CVE-2018-7420
- wnpa-sec-2018-12
The IPMI dissector could crash. Bug 14409, CVE-2018-7417
- wnpa-sec-2018-13
The SIGCOMP dissector could crash. Bug 14410, CVE-2018-7418
- wnpa-sec-2018-14
The NBAP disssector could crash. Bug 14443, CVE-2018-7419
Full release notes:
https://www.wireshark.org/docs/relnotes/wireshark-2.2.14.html
Signed-off-by: André Hentschel <nerv@dawncrow.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit c5c87c2bb6)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
