As part of this, the dependency of the comment "glibc needs a
toolchain w/ dynamic library, kernel headers >= 3.2" is changed to use
BR2_PACKAGE_GLIBC_ARCH_SUPPORTS instead of just BR2_USE_MMU, so that
the comment only appears on architectures for which glibc is supported
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
ngx_{http,stream}_upstream_zone_module need libatomic_ops since their
addition in commit 621ec32677 and
cf31347ee879a03b3ff6:
src/core/ngx_rwlock.c:125:2: error: #error ngx_atomic_cmp_set() is not defined!
125 | #error ngx_atomic_cmp_set() is not defined!
| ^~~~~
Fixes:
- http://autobuild.buildroot.org/results/f7f6be00029d430dc575bc5b3e3e2031cea0460c
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
sigsegv.c: In function 'sigsegv_handler':
sigsegv.c:225:75: error: 'mcontext_t' has no member named 'uc_regs';
did you mean 'gregs'?
((ucontext_t *) ucp)->uc_mcontext.uc_regs->gregs[1]
Musl defines pt_regs differently to glibc. Backport a patch from
upstream gnulib (the source for this file in diffutils).
Fixes:
http://autobuild.buildroot.net/results/1b40146436eb2b3500d0d8faef96b3374f8e5cda/
Signed-off-by: Joel Stanley <joel@jms.id.au>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix the following build failure with libressl raised since bump to
version 3.5.2 in commit 8b216927db:
In file included from ../xsec/enc/OpenSSL/OpenSSLCryptoBase64.hpp:36:0,
from enc/OpenSSL/OpenSSLCryptoKeyRSA.cpp:35:
../xsec/enc/OpenSSL/OpenSSLSupport.hpp:92:20: error: field 'mp_ctx_store' has incomplete type 'EVP_ENCODE_CTX {aka evp_Encode_Ctx_st}'
EVP_ENCODE_CTX mp_ctx_store;
^~~~~~~~~~~~
Fixes:
- http://autobuild.buildroot.org/results/e908e59ec5b8e1ac505c44900dcb39527f0ec1d3
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
traceevent needs dynamic library since its addition in kernel 3.14 and
c877bbd8ec:
event-plugin.c:10:10: fatal error: dlfcn.h: No such file or directory
10 | #include <dlfcn.h>
| ^~~~~~~~~
Fixes:
- http://autobuild.buildroot.org/results/24206071721479a6ba4d0267e7e20ef9498e1e05
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
tmon needs threads since its addition in kernel 3.13 and
94f69966fa:
tmon.c:23:10: fatal error: pthread.h: No such file or directory
23 | #include <pthread.h>
| ^~~~~~~~~~~
Fixes:
- http://autobuild.buildroot.org/results/d7b3d15ebf80ca6dbbbd4554af541182c777e4de
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
go1.18.3 includes security fixes to the crypto/rand, crypto/tls, os/exec,
and path/filepath packages, as well as bug fixes to the compiler, and the
crypto/tls and text/template/parse packages.
https://go.dev/doc/devel/release#go1.18
Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix the following build failure with argp-standalone and NLS raised
since commit 5430c8fedd:
configure:6091: /home/autobuild/autobuild/instance-3/output-1/host/bin/x86_64-buildroot-linux-musl-gcc -o conftest -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -O3 -g0 -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 conftest.c -largp >&5
/home/autobuild/autobuild/instance-3/output-1/host/lib/gcc/x86_64-buildroot-linux-musl/10.3.0/../../../../x86_64-buildroot-linux-musl/bin/ld: /home/autobuild/autobuild/instance-3/output-1/host/x86_64-buildroot-linux-musl/sysroot/usr/lib/../lib64/libargp.a(argp-parse.o): in function `argp_version_parser':
/home/autobuild/autobuild/instance-3/output-1/build/argp-standalone-1.4.1/argp-parse.c:181: undefined reference to `libintl_dgettext'
[...]
checking for library containing argp_parse... no
configure: error: An implementation of GNU Argp was not found, please install libargp
Fixes:
- http://autobuild.buildroot.org/results/3d2d9e27aabcd6763510238087fe25d5273d3535
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
This commit fixes a build error when the host environment has GOOS set to
something other than "linux." For example,
cd ./buildroot
GOOS="js" make
This will cause a build failure. Override GOOS to be either empty for host
packages or set to "linux" for target packages.
Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Since commit 6a9c6311f8, two
BR2_PACKAGE_GTEST_GMOCK blocks are used instead of one which is a little
bit unusual
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
gtest unconditionally uses is_trivially_copy_constructible since
version 1.11.0 and
c13c27a513
So add a dependency on host gcc >= 4.9 for gmock to avoid the following
build failure since commit 9dfbbbb410:
In file included from /usr/lfs/hdd_v1/rc-buildroot-test/scripts/instance-1/output-1/build/host-gtest-1.11.0/googletest/include/gtest/internal/gtest-death-test-internal.h:39:0,
from /usr/lfs/hdd_v1/rc-buildroot-test/scripts/instance-1/output-1/build/host-gtest-1.11.0/googletest/include/gtest/gtest-death-test.h:41,
from /usr/lfs/hdd_v1/rc-buildroot-test/scripts/instance-1/output-1/build/host-gtest-1.11.0/googletest/include/gtest/gtest.h:64,
from /usr/lfs/hdd_v1/rc-buildroot-test/scripts/instance-1/output-1/build/host-gtest-1.11.0/googletest/src/gtest-all.cc:38:
/usr/lfs/hdd_v1/rc-buildroot-test/scripts/instance-1/output-1/build/host-gtest-1.11.0/googletest/include/gtest/gtest-matchers.h: In static member function 'static constexpr bool testing::internal::MatcherBase<T>::IsInlined()':
/usr/lfs/hdd_v1/rc-buildroot-test/scripts/instance-1/output-1/build/host-gtest-1.11.0/googletest/include/gtest/gtest-matchers.h:414:12: error: 'is_trivially_copy_constructible' is not a member of 'std'
std::is_trivially_copy_constructible<M>::value &&
^
Fixes:
- http://autobuild.buildroot.org/results/9d19a47deb80824eaa718d80f14b0afd5f9eb054
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
qpid-proton needs C++ (and so threads due to proactor) to avoid the
following build failure:
CMake Error at /nvmedata/autobuild/instance-3/output-1/host/share/cmake-3.18/Modules/CMakeTestCXXCompiler.cmake:59 (message):
The C++ compiler
"/usr/bin/c++"
is not able to compile a simple test program.
C++ check can't easily be removed:
https://github.com/apache/qpid-proton/pull/366
Fixes:
- http://autobuild.buildroot.org/results/76f8deccc9c4eee29eddf42586cc28e96eec0827
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Reviewed-by: Luca Ceresoli <luca@lucaceresoli.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Disable cloud to avoid the following build failures raised since bump to
version 1.33.1 in commit 73dc2eef2d and
e7e5d0c372:
In file included from aclk/aclk.c:7:
aclk/aclk_otp.h:11:23: error: unknown type name 'RSA'
11 | int aclk_get_mqtt_otp(RSA *p_key, char **mqtt_id, char **mqtt_usr, char **mqtt_pass, url_t *target);
| ^~~
aclk/aclk.c:48:8: error: unknown type name 'RSA'
48 | static RSA *aclk_private_key = NULL;
| ^~~
aclk/aclk.c: In function 'load_private_key':
aclk/aclk.c:52:9: warning: implicit declaration of function 'RSA_free' [-Wimplicit-function-declaration]
52 | RSA_free(aclk_private_key);
| ^~~~~~~~
aclk/aclk.c:65:5: error: unknown type name 'BIO'; did you mean 'EIO'?
65 | BIO *key_bio = BIO_new_mem_buf(private_key, -1);
| ^~~
| EIO
[...]
In file included from database/sqlite/../../aclk/aclk.h:6:0,
from database/sqlite/sqlite_aclk.c:10:
database/sqlite/../../aclk/aclk_util.h:6:29: fatal error: mqtt_wss_client.h: No such file or directory
compilation terminated.
Fixes:
- http://autobuild.buildroot.org/results/6c87c0d1699fd518a989cb81a191419f427accc5
- http://autobuild.buildroot.org/results/aa77c027316b45e812eaf9ced61fb8e967bb987f
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Add a patch to fix a build failure due to the target GOARCH being used while
bootstrapping the Go compiler with the go-bootstrap compiler.
Uses the host architecture variable instead.
This commit updates the patch with improvements from the upstream PR.
PR: https://github.com/golang/go/pull/52362
Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
While reading the docs to find hooks, I completely missed the
LIBFOO_TARGET_FINALIZE_HOOKS one which was actually matching my
use-case.
Though it is documented in a subsection a few lines below, let's also
have it in the list of supported hooks so it's not hidden away.
Cc: Quentin Schulz <foss+buildroot@0leil.net>
Signed-off-by: Quentin Schulz <quentin.schulz@theobroma-systems.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
gcc-12 is starting to trickle down to some distros, like Archlinux.
gcc-12 has new warnings, and detects more cases of issues, like new
UAF cases, which is causing build issues in code that was previously
building fine, as reported in #14826:
In file included from sigchain.c:3:
In function 'xrealloc',
inlined from 'sigchain_push.isra' at sigchain.c:26:2:
subcmd-util.h:56:23: error: pointer may be used after 'realloc' [-Werror=use-after-free]
56 | ret = realloc(ptr, size);
| ^~~~~~~~~~~~~~~~~~
subcmd-util.h:52:21: note: call to 'realloc' here
52 | void *ret = realloc(ptr, size);
| ^~~~~~~~~~~~~~~~~~
subcmd-util.h:58:31: error: pointer may be used after 'realloc' [-Werror=use-after-free]
58 | ret = realloc(ptr, 1);
| ^~~~~~~~~~~~~~~
subcmd-util.h:52:21: note: call to 'realloc' here
52 | void *ret = realloc(ptr, size);
| ^~~~~~~~~~~~~~~~~~
In that case, the kernel has already fixed their code, which is part of
5.17:
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=52a9dab6d892763b2a8334a568bd4e2c1a6fde66
However, we can't easily carry that patch, because we don't know
whether the kernel the user uses already has the fix or not.
Instead, we can just tell the kernel to disable use of -Werror when
building host tools.
As a consequence, we can drop it from the perf-specific setting.
Fixes: #14826
Reported-by: Anders Pitman <buildroot@apitman.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
My Bootlin address is preferred from now on.
Signed-off-by: Luca Ceresoli <luca@lucaceresoli.net>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fix the following uclibc build failure on aarch64:
crc32c.c:277:10: fatal error: sys/auxv.h: No such file or directory
277 | #include <sys/auxv.h>
| ^~~~~~~~~~~~
Fixes:
- http://autobuild.buildroot.org/results/08591fbf9677ff126492c50c15170c641bcab56a
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Some constraints on a setup ended up with a plus sign in the path
for historical reasons and would then fail to match on the comparison
of the host/lib dir match. So, the =~ for bash can be augmented
with a double quote expansion to preserve the literal value of
the characters in the variable.
Example Path: /home/vagrant/test+buildroot/per-package
Signed-off-by: Charles Hardin <ckhardin@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
By default the toolchain-wrapper enable -fPIE to the build of all packages.
TF-A support Position Independent Executable(PIE) only in few build cases,
therefore it should be disable by default.
If you still want to enable PIE, TF-A provide a "ENABLE_PIE" build options
that will override the cflags for the supported cases.
Signed-off-by: Kory Maincent <kory.maincent@bootlin.com>
[Peter: Only do so for BR2_PIC_PIE]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Mutt 2.2.5 was released on May 16, 2022: this is a bug-fix release,
fixing two issues with libgsasl authentication.
Mutt 2.2.4 was released on April 30, 2022: this is a bug-fix release,
fixing some regressions with Maildir/mh mailbox path normalization that
were added in 2.2.0. Please see the UPDATING file for more details.
https://gitlab.com/muttmua/mutt/-/blob/mutt-2-2-5-rel/ChangeLog
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
It turns out that we can build cpulimit for or1k using musl-libc if we
remove the inclusion of the problematic procfs.h header file which is
not required at all. This is a backport of the following upstream pull
request:
https://github.com/opsengine/cpulimit/pull/110
Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Backport the fix submitted from this pull request:
https://github.com/opsengine/cpulimit/pull/61
to fix an infrequent crash.
Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fix the following build failure with kernel >= 5.17 thanks to
7e61ad89cc:
/home/autobuild/autobuild/instance-14/output-1/build/rtl8812au-aircrack-ng-3a6402e9e79802891f1531b435be54f4d8b71f0b/./os_dep/osdep_service.c: In function ‘thread_exit’:
/home/autobuild/autobuild/instance-14/output-1/build/rtl8812au-aircrack-ng-3a6402e9e79802891f1531b435be54f4d8b71f0b/./os_dep/osdep_service.c:1295:2: error: implicit declaration of function ‘complete_and_exit’ [-Werror=implicit-function-declaration]
1295 | complete_and_exit(comp, 0);
| ^~~~~~~~~~~~~~~~~
Fixes:
- http://autobuild.buildroot.org/results/1fff5023b5b79a7d81fd4cba6dea8dcb3f428340
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fixes CVE-2022-29162
Minor security issue (which appears to not be exploitable) related to process
capabilities.
A bug was found in runc where runc exec --cap executed processes with ble Linux
process capabilities, creating an atypical Linux environment. For more
information, see GHSA-f3fp-gc8g-vw66 and CVE-2022-29162.
runc spec no longer sets any inheritable capabilities in the created example OCI
spec (config.json) file.
https://github.com/opencontainers/runc/releases/tag/v1.1.2
Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
samba4 needs iconv.h since bump to version 4.15.3 in commit
d33ad03e75 and
fc51b38ed8:
../../source3/lib/netapi/examples/common.c:13:10: fatal error: iconv.h: No such file or directory
13 | #include <iconv.h>
| ^~~~~~~~~
Strangely enough, there is no autobuilder failures.
Fixes:
- https://bugs.buildroot.org/show_bug.cgi?id=14821
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fix the following build failure raised since bump to version 1.5 in
commit 41bbe8df54 and
be55282d71:
In file included from /nvmedata/autobuild/instance-22/output-1/host/bin/../sparc-buildroot-linux-uclibc/sysroot/usr/include/glib-2.0/glib.h:62,
from src/verity_hash.c:26:
src/verity_hash.c: In function 'verify_zero':
src/verity_hash.c:69:55: error: expected ')' before 'PRIu64'
69 | g_message("Spare area is not zeroed at position %" PRIu64 ".",
| ^~~~~~
Fixes:
- http://autobuild.buildroot.org/results/1a093c0e194a061836884419d2f50506105db01e
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Disables tests to avoid the following build failure with
BR2_SHARED_STATIC_LIBS:
[ 42%] Linking C executable teststring
../libks.so.1: undefined reference to `dlsym'
Fixes:
- http://autobuild.buildroot.org/results/e61a683928795402375165adf686687f3305e0c2
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fix the following static build failure with transmission:
checking for ZLIB... configure: error: Package requirements (zlib >= 1.2.3) were not met:
Package dependency requirement 'zlib >= 1.2.3' could not be satisfied.
Package 'zlib' has version '', required version is '>= 1.2.3'
Fixes:
- http://autobuild.buildroot.org/results/b3b882482f517726e5c780ba4c37818bd379df82
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
HAVE_DATE_BIN has been dropped since version 4.0.5 and
d04037825e
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fix the following uclibc build failure:
/home/buildroot/autobuild/instance-0/output-1/host/opt/ext-toolchain/bin/../lib/gcc/mipsel-buildroot-linux-uclibc/10.3.0/../../../../mipsel-buildroot-linux-uclibc/bin/ld: src/pipewire/libpipewire-0.3.so.0.351.0.p/introspect.c.o: in function `pw_node_info_merge':
/home/buildroot/autobuild/instance-0/output-1/build/pipewire-0.3.51/build/../src/pipewire/introspect.c:216: undefined reference to `reallocarray'
Fixes:
- http://autobuild.buildroot.org/results/374582f75713c4116ae23f972c5bc55214879502
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bugfix release, mostly with build fixes, media playback improvements,
an important fix for when using threaded rendering, and security patches
for CVE-2022-26700, CVE-2022-26709, CVE-2022-26717, CVE-2022-26716, and
CVE-2022-26719.
Release notes:
https://wpewebkit.org/release/wpewebkit-2.36.2.htmlhttps://wpewebkit.org/release/wpewebkit-2.36.3.html
Accompanying security advisory:
https://wpewebkit.org/security/WSA-2022-0005.html
This also imports a build fix which has not made it into the release.
Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
When building with BR2_cortex_a76 in big endian mode, the build of
the kvm-unit-tests is currently failing since the "--arch" option
of the configure script is not set right. We also have to look at
BR2_aarch64_be in this case to get this initialized properly.
Fixes: f7228dadd3 ("package/kvm-unit-tests: add more arm support")
Signed-off-by: Thomas Huth <huth@tuxfamily.org>
Reviewed-by: Cornelia Huck <cohuck@redhat.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Commit 5452b58870 wrongly removed
BR2_PACKAGE_LIBGPG_ERROR_ARCH_SUPPORTS dependency resulting in the
following build failure:
Makefile:576: *** libgpg-error is in the dependency chain of libgcrypt that has added it to its _DEPENDENCIES variable without selecting it or depending on it from Config.in. Stop.
Fixes:
- http://autobuild.buildroot.org/results/261a137824109342fd83b766a299c1eeda6ff401
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fix the following build failure raised on uclibc and musl since the
addition of libexecinfo package in commit
eea8ba446c:
/home/buildroot/autobuild/instance-0/output-1/host/opt/ext-toolchain/bin/../lib/gcc/arc-buildroot-linux-uclibc/10.2.0/../../../../arc-buildroot-linux-uclibc/bin/ld: ../lib/.libs/libboinc.a(libboinc_la-diagnostics.o): in function `boinc_catch_signal':
diagnostics.cpp:(.text+0x8a): undefined reference to `backtrace'
Fixes:
- http://autobuild.buildroot.org/results/4504379b464eb144a4c257001eb4d316bb1f5e44
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fix the following build failure with boost-log raised since bump to
version 1.79.0 in commit 7fa88b8eb6 and
3cbc2585c3:
error: at libs/log/build/Jamfile.v2:59
error: Unable to find file or target named
error: '/boost/architecture//mips'
error: referred to from project at
error: 'libs/log/build'
Fixes:
- http://autobuild.buildroot.org/results/edcc7c7f3586993a77b6cc06ed02363a42c09a83
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fix CVE-2021-29338: Integer Overflow in OpenJPEG v2.4.0 allows remote
attackers to crash the application, causing a Denial of Service (DoS).
This occurs when the attacker uses the command line option "-ImgDir" on
a directory that contains 1048576 files.
Fix CVE-2022-1122: A flaw was found in the opj2_decompress program in
openjpeg2 2.4.0 in the way it handles an input directory with a large
number of files. When it fails to allocate a buffer to store the
filenames of the input directory, it calls free() on an uninitialized
pointer, leading to a segmentation fault and a denial of service.
Drop patches (already in version)
https://github.com/uclouvain/openjpeg/blob/v2.5.0/NEWS.md
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Reviewed-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fix CVE-2022-1619: Heap-based Buffer Overflow in function
cmdline_erase_chars in GitHub repository vim/vim prior to 8.2.4899. This
vulnerabilities are capable of crashing software, modify memory, and
possible remote execution
Fix CVE-2022-1620: NULL Pointer Dereference in function
vim_regexec_string at regexp.c:2729 in GitHub repository vim/vim prior
to 8.2.4901. NULL Pointer Dereference in function vim_regexec_string at
regexp.c:2729 allows attackers to cause a denial of service (application
crash) via a crafted input.
Fix CVE-2022-1621: Heap buffer overflow in vim_strncpy find_word in
GitHub repository vim/vim prior to 8.2.4919. This vulnerability is
capable of crashing software, Bypass Protection Mechanism, Modify
Memory, and possible remote execution
Fix CVE-2022-1629: Buffer Over-read in function find_next_quote in
GitHub repository vim/vim prior to 8.2.4925. This vulnerabilities are
capable of crashing software, Modify Memory, and possible remote
execution
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
