Small security related release. A remote crash is possible if UDP is
enabled. The remediation is to upgrade or disable UDP. The crash was
introduced in the 1.6 series.
https://github.com/memcached/memcached/wiki/ReleaseNotes168
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
As it doesn't seem to be needed any longer. Also it was agreed to fix
packages not using pkgconfig properly instead of doing this sed.
Tested on i.MX6 platform with Qt5, no more issues.
Signed-off-by: Gary Bisson <gary.bisson@boundarydevices.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The commit 7e6f4e5 introduces a new bug when building the gst-omx package
for the raspberry.
GST_OMX_VARIANT variable in gst-omx.mk was shadowed to 'generic' after being
set well for raspberry. It results having the gstomx.conf not being installed,
and thus having gst-omx installed but none of its features available.
Signed-off-by: Augustin Thiercelin <augustin.thiercelin@outlook.com>
Reviewed-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The uclibc build fix from v3.0 has since been merged.
Signed-off-by: Joel Stanley <joel@jms.id.au>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The official repo pointed by https://ltrace.org/ hasn't seen any
updates in 5 years, so this commit switches to
https://github.com/dkogan/ltrace from Dima Kogan that includes some
bug fixes, in particular the following commit to avoid a crash:
192e0a6 void struct members are now ignored
The previous ltrace version gave a crash on a ARMv7 device, showing
this error:
"Assertion `field_info->type != ARGTYPE_VOID' failed."
Using this commit ltrace shows a '<void>' return value in such cases,
but at least avoids the crash.
Signed-off-by: Mauro Meneghin <mauro.meneghin@youview.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Trent's e-mail address is no longer working:
<tpiepho@impinj.com>: host us-smtp-inbound-2.mimecast.com[205.139.110.221]
said: 550 Invalid Recipient -
https://community.mimecast.com/docs/DOC-1369#550
[7R954rMIM8GCM0FMERvPAg.us536] (in reply to RCPT TO command)
Use another e-mail that Trent has recently used on the mailing list.
Cc: Trent Piepho <trent.piepho@synapse.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Julien's e-mail @cotds.org is no longer working:
<juju@cotds.org>: host mail.cotds.org[194.117.244.136] said: 451 4.3.5 Server
configuration problem (in reply to RCPT TO command)
Use his @free.fr e-mail address instead.
Cc: Julien Olivain <ju.o@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
[yann.morin.1998@free.fr: adjust email address after Julien's review]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
In file included from host/aarch64-buildroot-linux-gnu/sysroot/usr/include/EGL/egl.h:39,
from ../libweston/renderer-gl/gl-renderer.h:36,
from ../libweston/backend-drm/drm-gbm.c:42:
host/aarch64-buildroot-linux-gnu/sysroot/usr/include/EGL/eglplatform.h:144:10: fatal error: X11/Xlib.h
such file or directory
144 | #include <X11/Xlib.h>
For the discussion upstream see: https://gitlab.freedesktop.org/wayland/weston/-/merge_requests/508
Cc: Gary Bisson <gary.bisson@boundarydevices.com>
Cc: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Refik Tuzakli <tuzakli.refik@gmail.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
His/her e-mail address is bouncing:
VMSDVM9.POK.IBM.COM unable to deliver following mail to recipient(s):
<mamatha4@linux.ibm.com>
VMSDVM9.POK.IBM.COM received negative reply:
550 5.1.1 <mamatha4@linux.ibm.com>: Recipient address rejected: User unknown in local recipient table
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Add missing space for the cross-compilation.conf.in cpu_family
entry.
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Source package of newest release does not contain license file, so
PKG-INFO is used for now. Missing LICENSE file was added to master
branch of xmodem repository ([1]), so hopefully it will replace PKG-INFO
check after new xmodem release.
[1] https://github.com/tehmaze/xmodem/pull/42
Signed-off-by: Marcin Niestroj <m.niestroj@grinn-global.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The GCC package has a default conf option of disabling libquadmath and
the toolchain dependencies selectively enabled it if i386 / x64.
Fixes:
https://gitlab.com/bootlin/toolchains-builder/-/jobs/729359622
This patch fixes a build failure when (GCC + glibc) is being built for
the IBM Power8 arch and has libgfortran enabled + libquadmath disabled.
The libgfortran has a code condition for __float128 and includes the
quadmath headers. The bug occurs because Power8 has emulated
float128 support. The fix per GCC options is to also set
--disable-libquadmath-support which disables the
__float128/libquadmath support in gcc/fortran and in libgfortran [1].
Another option to fix the build failure was to enable libquadmath for
IBM Power8 (ISA 2.07), however this would be soft float based as the
ISA 3.0+ (Power9) first supports native float128 [2][3].
[1] https://fortran.gcc.gnu.narkive.com/8uSfoKUS/patch-build-pr-46540-add-disable-libquadmath-disable-libquadmath-support
[2] https://gcc.gnu.org/bugzilla/show_bug.cgi?id=66382#c7
[3] https://gcc.gnu.org/onlinedocs/gcc/RS_002f6000-and-PowerPC-Options.html
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fix CVE-2020-14382: A vulnerability was found in upstream release
cryptsetup-2.2.0 where, there's a bug in LUKS2 format validation code,
that is effectively invoked on every device/image presenting itself as
LUKS2 container. The bug is in segments validation code in file
'lib/luks2/luks2_json_metadata.c' in function
hdr_validate_segments(struct crypt_device *cd, json_object *hdr_jobj)
where the code does not check for possible overflow on memory allocation
used for intervals array (see statement "intervals = malloc(first_backup
* sizeof(*intervals));"). Due to the bug, library can be *tricked* to
expect such allocation was successful but for far less memory then
originally expected. Later it may read data FROM image crafted by an
attacker and actually write such data BEYOND allocated memory.
https://mirrors.edge.kernel.org/pub/linux/utils/cryptsetup/v2.3/v2.3.4-ReleaseNotes
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
- Drop patch (already in version) and so autoreconf
- Update hash of COPYING (explicitly mention that the rpmio/ sub dir is
under LGPL:
d5c69756cf)
- sqlite is an optional dependency since
07129b641b
- rpm can be built without berkeleydb since
4c7323f69b
It should be noted that berkeleydb is deprecated since
fc0169eb03
- Update indentation in hash file (two spaces)
https://rpm.org/wiki/Releases/4.16.0.html
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
mosquitto nowadays works correctly with libressl, so allow that as the
openssl backend as well.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Add optional gst1-rtsp-server dependency as checked for in
gst1-devtools-1.18.0/validate/tools/meson.build.
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
- remove patches that are already upstrem
- modified and renumbered existing patch
- add CROSS_COMPILE make arg
- update hashfile for new version
Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
- Refresh first patch
- Drop second patch, not needed since
5c725d5050
- Drop BR2_PACKAGE_GEOIP dependency as suricata switched to GeoIP2, see
a291209e47
- jansson is now a mandatory dependency, see
e49c40428e
- rustc is now a mandatory dependency, see
75429bbe3e
EOL date of 4.1 branch is December 31st, 2020.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This is a follow-up to 4027ba29f4 ("package/nginx: use /run for
PIDFile"), in which we missed that nginx is still built with /var/run
paths.
This commit changes the compile options to use /run instead of
/var/run for pid and lock file to make it consistent.
Further dropping the passing of the pid option in the service file as
this isn't neccessary. Neither debian nor nginx default .service does
it.
Signed-off-by: Michael Nosthoff <buildroot@heine.tech>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>