TinyXML through 2.6.2 has an infinite loop in TiXmlParsingData::Stamp in
tinyxmlparser.cpp via the TIXML_UTF_LEAD_0 case. It can be triggered by
a crafted XML message and leads to a denial of service.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
vte needs C++20 since
eec33cce0b
to avoid the following build failure raised since bump to version 0.66.2
in commit 53c0c7dd01:
../output-1/build/vte-0.66.2/meson.build:144:0: ERROR: Assert failed: option -std=gnu++20 not supported by gcc
Fixes:
- http://autobuild.buildroot.org/results/c0d1adeffbf97805a0f669d01929a56ccc66a835
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Version 2.0.4 of the Apache XML Security for C++ has been released,
correcting support for OpenSSL earlier than 1.1.
Version 2.0.3 of the Apache XML Security for C++ has been released,
adding support for OpenSSL 3.0.0.
Drop patch (already in version) and so autoreconf
https://santuario.apache.org/cindex.html
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
lft 3.91 / WhoB 3.91
----------------------
- Fixed bugs.debian.org/cgi-bin/bugreport.cgi?bug=922430
- Updated date
lft 3.9 / WhoB 3.9
----------------------
- Fixed a bug that could indicate a target was closed when it was open
- Improved support for DLT_NULL interfaces on BSD-like operating systems
- Improved deprecated pcap device enumeration method
- Improved GraphViz output format appearance
Update indentation in hash file (two spaces)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
4.3.2 Oct 7, 2021
- very minor bug. the last command in perfquery is not in a loop and
prevents the collectl daemon from starting via the service.
Update indentation in hash file (two spaces)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
- Switch site to get latest version
- README has been renamed to README.md
- Update indentation in hash file (two spaces)
https://github.com/notroj/neon/blob/0.32.2/NEWS
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
mod_compress has been subsumed by mod_deflate since version 1.4.56 and
dab212b5f5
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Switch to pcre2 which is supported since version 1.4.62 and
7512d82ca4
and enabled by default since version 1.4.64 and
750414d3bb
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fix CVE-2022-22707: In lighttpd 1.4.46 through 1.4.63, the
mod_extforward_Forwarded function of the mod_extforward plugin has a
stack-based buffer overflow (4 bytes representing -1), as demonstrated
by remote denial of service (daemon crash) in a non-default
configuration. The non-default configuration requires handling of the
Forwarded header in a somewhat unusual manner. Also, a 32-bit system is
much more likely to be affected than a 64-bit system.
gdbm, geoip and memcached options have been dropped with
86c2d30936https://www.lighttpd.net/2022/1/19/1.4.64/
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
This version dropped support to NFSv2.
Drop patches backported from this release.
Signed-off-by: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The Linux config already enabled drm-virtio for graphics output, but not the
corresponding virtio-input / evdev drivers for input or the compatibility fb
option.
Enable them so keyboard/mouse input works and /dev/fb0 is provided.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The Linux defconfig both has VT and serial port support, so it makes more
sense to run getty on /dev/console instead of hard coding the serial port.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
This reverts commit 834464792e, the build
failure is not related to the bump to 0.9.75 but to or1k and gcc 10.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Patch added by commit eee96b0f0a on gcc
9.3.0 must also be applied on gcc 10 and 11 to avoid the following build
failure on numerous packages (babeltrace2, pcsc-lite, tpm2-pkcs11,
etc.):
configure:13774: checking whether pthreads work with -pthread
configure:13868: /home/giuliobenetti/autobuild/run/instance-0/output-1/host/bin/or1k-linux-gcc -o conftest -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -Os -g2 -std=gnu99 -pthread -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 conftest.c >&5
conftest.c:27:26: error: #error "_REENTRANT must be defined"
27 | # error "_REENTRANT must be defined"
| ^~~~~
It should be noted that external bootlins will have to be rebuilt.
Fixes:
- http://autobuild.buildroot.org/results/cb58d4fbaeb08d188c2f8bf05ef1604789fa8766
- http://autobuild.buildroot.org/results/7af9d4b68bd46ed260ed66ba2cc3c9c21482e741
- http://autobuild.buildroot.org/results/6f926bec146752873f8032b593f0de1cb222ea46
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Select BR2_TARGET_UBOOT_NEEDS_OPENSSL to fix the following build
error:
include/image.h:1178:12: fatal error: openssl/evp.h: No such file or directory
1178 | # include <openssl/evp.h>
| ^~~~~~~~~~~~~~~
Fixes:
- https://gitlab.com/buildroot.org/buildroot/-/jobs/1970083907
Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
vte also provides libvte, a library that can be linked to by other
programs, so install it in staging.
Signed-off-by: Rainer Jonsson <rainbox2k12@msgsafe.io>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The hash of the LICENSING file is modified due to changes in file
paths listed in that file. No impact on the licensing terms.
Signed-off-by: Guillaume W. Bres <guillaume.bressaix@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
rdgif.c, cderror.h: add sanity check for GIF image dimensions.
Thank to Casper Sun for cjpeg potential vulnerability report.
- Update hash of README (changes not related to license)
- Update indentation in hash file (two spaces)
https://jpegclub.org/reference/reference-sources/
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This fixes the compile errors that were present with the previous
kernel version (4.19):
https://gitlab.com/buildroot.org/buildroot/-/jobs/1970084022
Additionally, the defconfig file was refactored: Configuration
values are now grouped logically, thus increasing readability and
maintainability.
Signed-off-by: Danilo Bargen <mail@dbrgn.ch>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Pending PR is now merged[1] and it fixes Linux >= 5.13 building. So let's
bump xr819-xradio version.
[1]: https://github.com/fifteenhex/xradio/pull/15
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Tested-by: Sergey Kuzminov <kuzminov.sergey81@gmail.com>
Tested-by: Sergey Kuzminov <kuzminov.sergey81@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The FP setting is not used for aarch64 in buildroot. The FPU options are
set implicit.
Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
