CVE-2016-4983 is an issue in a postinstall script in the dovecot rpm,
which is part of the Red Hat packaging and not part of upstream dovecot
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
CVE-2019-15513 was fixed upstream in 2015 with commit
19e29ffc15dbd958e8e6a648ee0982c68353516f, which is older than the commit
we currently use in LIBUCI_VERSION.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[yann.morin.1998@free.fr: reword comment and commit log]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
- add upstream patch fixing gcc-11 compile failure (missing
limits include)
Fixes:
In file included from ../../../include/QtCore/5.15.2/QtCore/private/qoffsetstringarray_p.h:1,
from ../../dbus/qdbuserror.cpp:44:
../../../src/corelib/tools/qoffsetstringarray_p.h:70:22: error: ‘numeric_limits’ is not a member of ‘std’
70 | Last <= std::numeric_limits<quint8>::max(),
| ^~~~~~~~~~~~~~
../../../src/corelib/tools/qoffsetstringarray_p.h:70:43: error: wrong number of template arguments (1, should be 3)
70 | Last <= std::numeric_limits<quint8>::max(),
| ^
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Help nfs-utils to find the path of libtirpc
Fixes:
- http://autobuild.buildroot.org/results/a5eaf19f58729c4c00a2131b6a0c378c0fc0effb
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[yann.morin.1998@free.fr:
- take the opportunity to move HOST_NFS_UTILS_DEPENDENCIES
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
This reverts commit b991962993, which was
incomplete and did not actually fix the issue it purported to fix, and
we'll soon commit a proper fix.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[yann.morin.1998@free.fr: explain the reason for reverting]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Commit 2eaa6d0f36 (boot/uboot: fix uboot building host tools on x86
architecture) added use of $(PKG_CONFIG_HOST_BINARY), but forgot to add
the corresponding build-ordr dependency.
Add this missing depenency now.
Additionally, the associated test had an explicit host pkgconf enbled in
its configuration. This is superfluous now that uboot properly depends
on host-pkgconf, so drop that from the test.
Note: it hapenned to work, because host-pkgconf, when explicitly enabled
in the configuration, and without per-package directories, would build
before uboot and thus be available. This would fail with PPD, though,
and thus would break for TLPB.
Reported-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Kory Maincent <kory.maincent@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Avahi 0.8 allows a local denial of service (NULL pointer dereference and
daemon crash) against avahi-daemon via the D-Bus interface or a "ping
.local" command.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
PuTTY through 0.75 proceeds with establishing an SSH session even if it
has never sent a substantive authentication response. This makes it
easier for an attacker-controlled SSH server to present a later spoofed
authentication prompt (that the attacker can use to capture credential
data, and use that data for purposes that are undesired by the client
user).
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
1. Adds a patch that fixes OpenGLES2 build
https://gitlab.com/solarus-games/solarus/-/merge_requests/1364
2. Updates Config.in and solarus.mk to support OpenGLES2
Signed-off-by: Gleb Mazovetskiy <glex.spb@gmail.com>
[yann.morin.1998@free.fr: renumber patch]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fix uclibc build which is broken since addition of the package in commit
daae311490
We backport an upstream feature patch, because it includes the actual
fix as a side-effect (including stdarg.h at the proper location).
Fixes:
- http://autobuild.buildroot.org/results/ad5020c5c1a7730f1ae82bf8215ed63df83421fe
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Commit 56b28d3ee1 (mpg123: bump to version 1.13.1) added the
--disable-lfs-alias option, without explaining why it was needed.
However, this causes undefined references for apps that want to link
against mpg123.
The help for that option is pretty explicit that this is a dangerous
option to use:
disable alias wrappers for largefile bitness (mpg123_seek_32 or
mpg123_seek_64 in addition to mpg123_seek, or the other way around;
It is a mess, do not play with this!)
The default is that it is enabled, so leave it at it.
Signed-off-by: Bruno Marie <gameblabla@protonmail.com>
[yann.morin.1998@free.fr: rework commit log]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Most distributions include a duktape.pc file bundled with the duktape
development package. As the duktape source does not include a .pc file,
add one to the package/duktape directory and install it to the staging
directory. This is used by the polkit duktape patch later in the series.
Signed-off-by: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This is the last version to support python2.
License hash change due to removal of OpenSSL locking reference:
49109ce1a6
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fix build failure with gcc 4.8 which is raised since bump to version
2.72.0 in commit 8e5f7f1cfc:
In file included from /tmp/instance-0/output-1/host/arm-buildroot-linux-gnueabi/sysroot/usr/include/resolv.h:65:0,
from /tmp/instance-0/output-1/host/arm-buildroot-linux-gnueabi/sysroot/usr/include/glib-2.0/gio/gnetworking.h:40,
from ../libsoup/soup-address.c:14:
/tmp/instance-0/output-1/host/arm-buildroot-linux-gnueabi/sysroot/usr/include/arpa/nameser.h:115:2: error: unknown type name 'u_char'
const u_char *_msg, *_eom;
^
Fixes:
- http://autobuild.buildroot.org/results/56b9cb987e25b99d6fed16c537552f47c3376f21
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Reviewed-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fix the following build failure with gcc 11:
text/qbytearraymatcher.h:103:38: error: 'numeric_limits' is not a member of 'std'
103 | const auto uchar_max = (std::numeric_limits<uchar>::max)();
| ^~~~~~~~~~~~~~
Signed-off-by: Maxim Kochetkov <fido_max@inbox.ru>
Tested-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Add config option for systemd-sysext.
Add config option for systemd-oomd.
Add new host-python3-jinja2 dependency.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Various security, performance, accuracy and stability issues have been
fixed, including a critical evasion assigned CVE-2021-35063.
https://forum.suricata.io/t/suricata-6-0-3-and-5-0-7-released/1489
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This fixes the following CVEs:
- CVE-2021-3570 linuxptp: missing length check of forwarded messages
- CVE-2021-3571 linuxptp: wrong length of one-step follow-up in transparent clock
See mailing list post for details: https://sourceforge.net/p/linuxptp/mailman/message/37315519/
Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fix CVE-2021-33503: An issue was discovered in urllib3 before 1.26.5.
When provided with a URL containing many @ characters in the authority
component, the authority regular expression exhibits catastrophic
backtracking, causing a denial of service if a URL were passed as a
parameter or redirected to via an HTTP redirect.
https://github.com/urllib3/urllib3/blob/1.26.6/CHANGES.rst
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bump U-Boot to 2021.07 and kernel to version 5.13
Signed-off-by: Pierre-Jean Texier <texier.pj2@gmail.com>
Reviewed-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
NOTE: 0001-lib-fs-fix-issue-when-name-open-_to_handle_at-is-not.patch
will be merged in 5.14.0.
Signed-off-by: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bugfix release, mainly solves a few issues with input events,
drag-and-drop, and a few crashes. Release notes:
https://webkitgtk.org/2021/07/09/webkitgtk2.32.2-released.html
The patch for building against uClibc has been included in this release,
therefore "0001-Support-building-against-uClibc.patch" is removed.
Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bugfix release, mainly solves a few issues with input events and a
few crashes. Release notes:
https://wpewebkit.org/release/wpewebkit-2.32.2.html
The patch for building against uClibc has been included in this release,
therefore "0001-Support-building-against-uClibc.patch" is removed.
Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Build is broken with gcc 10 since bump to version 2.0.22 in commit
cadb8f2f31:
/tmp/instance-1/output-1/host/lib/gcc/powerpc-buildroot-linux-uclibc/10.3.0/../../../../powerpc-buildroot-linux-uclibc/bin/ld: kexec/arch/ppc/kexec-elf-ppc.o:(.sbss+0x0): multiple definition of `ramdisk'; kexec/arch/ppc/kexec-ppc.o:(.sbss+0x0): first defined here
Fixes:
- http://autobuild.buildroot.org/results/22932529f925630ec6db3c6a4eaebbda68b3fc16
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Reviewed-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Build with wolfssl is broken since bump to version 3.12.1 in commit
4d85defa71:
/data/buildroot-autobuilder/instance-0/output-1/build/libuhttpd-3.12.1/src/ssl/openssl.c: In function 'ssl_context_new':
/data/buildroot-autobuilder/instance-0/output-1/build/libuhttpd-3.12.1/src/ssl/openssl.c:180:32: error: 'SSL_OP_NO_SSLv3' undeclared (first use in this function); did you mean 'WOLFSSL_OP_NO_SSLv3'?
180 | SSL_CTX_set_options(c, SSL_OP_NO_SSLv3 | SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1);
| ^~~~~~~~~~~~~~~
| WOLFSSL_OP_NO_SSLv3
This build failure is raised by
0fb46935f0
as since this commit, libuhttpd expects that SSL_OP_NO_xxx are defined
by wolfssl
Fixes:
- http://autobuild.buildroot.org/results/79e3fa697537f2e33863e490b74ec881993eae73
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
build of qemu with virtfs but without system fails since bump to version
6.0.0 in commit 6b86c9335f:
../meson.build:1077:6: ERROR: Problem encountered: virtio-9p (virtfs) needs system emulation support
Indeed virtfs needs system support since switch to meson in
69202b406e
Fixes:
- http://autobuild.buildroot.org/results/ee4b2bbc08c58dc972d285eafa43b7ad6586f270
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>