- May 30, 2017
-
-
Christian Stewart authored
The Docker engine can optionally log to systemd-journald. For this driver to work correctly, Docker needs to build against systemd-journald's client library. This patch conditionally adds a build-time dependency on systemd and enables compiling the journald driver in docker-engine if systemd is used as the Buildroot init process. Signed-off-by:
Christian Stewart <christian@paral.in> Signed-off-by:
Peter Korsgaard <peter@korsgaard.com>
-
Peter Korsgaard authored
Fixes CVE-2017-7650: Two errors in the "asn1_find_node()" function (lib/parser_aux.c) within GnuTLS libtasn1 version 4.10 can be exploited to cause a stacked-based buffer overflow by tricking a user into processing a specially crafted assignments file via the e.g. asn1Coding utility. For more details, see: https://secuniaresearch.flexerasoftware.com/secunia_research/2017-11/ Or the 1.4.11 release mail (no mail about 1.4.12, but identical to 1.4.11 + a soname fix): https://lists.gnu.org/archive/html/help-libtasn1/2017-05/msg00003.html Remove 0001-configure-don-t-add-Werror-to-build-flags.patch and autoreconf as that patch is now upstream. Signed-off-by:
-
Gonçalo Salazar authored
Added notes to the mosh package help to clarify some runtime issues related with it to ensure mosh will work properly after adding it. This includes adding a proper LOCALE and an extra flag when using mosh with dropbear. Signed-off-by:
Gonçalo Salazar <glbsalazar@gmail.com> Signed-off-by:
-
Peter Korsgaard authored
Fixes CVE-2017-7650: Pattern based ACLs can be bypassed by clients that set their username/client id to ‘#’ or ‘+’. This allows locally or remotely connected clients to access MQTT topics that they do have the rights to. The same issue may be present in third party authentication/access control plugins for Mosquitto. For more details, see: https://mosquitto.org/2017/05/security-advisory-cve-2017-7650/ Remove 0001-Remove-lanl-when-WITH_ADNS-is-unset.patch as that patch is now upstream. Signed-off-by:
-
- May 29, 2017
-
-
Baruch Siach authored
Fixes a number of security issues: CVE-2017-7607, CVE-2017-7608, CVE-2017-7609, CVE-2017-7610, CVE-2017-7611, CVE-2017-7612, CVE-2017-7613. Rebase patches, and convert to git format. Remove --disable-werror; unrecognized configure option. Use upstream provided hash. Cc: Stefan Fröberg <stefan.froberg@petroprogram.com> Signed-off-by:
Baruch Siach <baruch@tkos.co.il> Signed-off-by:
Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
-
Alistair Francis authored
This commit adds a dependency on the host ACPICA package as Xen tools require iasl to build. Fixes: http://autobuild.buildroot.net/results/afa199864d6b546fe759bb582a9c10702ea7fa78/ Signed-off-by:
Alistair Francis <alistair.francis@xilinx.com> Acked-by:
Erico Nunes <nunes.erico@gmail.com> [Thomas: tweak commit log, add autobuilder reference.] Signed-off-by:
-
Alistair Francis authored
Add support to build the ACPICA package for the host. This is useful for the iasl command which is required to build some packages, including Xen tools. This is a necessary requirement before changing the Xen package to address: http://autobuild.buildroot.net/results/afa199864d6b546fe759bb582a9c10702ea7fa78/ Signed-off-by:
-
Thomas Petazzoni authored
m68k coldfire causes ffmpeg to think atomic intrinsics are available, so ffmpeg doesn't use its fallback on pthreads based atomic operations. However, m68k coldfire doesn't provide properly working sync 4 atomics, causing a build failure. Since fixing ffmpeg on m68k coldfire is not really important (who wants to use ffmpeg on such platform?), we simply disallow the selection of ffmpeg on this platform. Alternate approaches have been proposed in the past: - Bernd Kuhls proposed in http://patchwork.ozlabs.org/patch/766909/ to add a dependency on BR2_TOOLCHAIN_HAS_SYNC_4, but this is wrong because other architectures that lack sync 4 atomics, such as Sparc, can build ffmpeg perfectly fine thanks to the pthreads based fallback code. - Waldemar Brodkorb proposed in https://patchwork.ozlabs.org/patch/756664/ to add an explicit option in ffmpeg configure to force the use of pthreads based atomics. However, we believe that running ffmpeg on m68k coldfire is such an unlikely use case that it isn't worth carrying a patch for this. Fixes: http://autobuild.buildroot.net/results/b3e/b3eaaf6d73cd49f5919143aeaa5cbb4d15a7ccc3/ Signed-off-by:
-
Bernd Kuhls authored
Fixes CVE-2017-7494: https://www.samba.org/samba/history/samba-4.5.10.html Signed-off-by:
Bernd Kuhls <bernd.kuhls@t-online.de> Signed-off-by:
-
Bernd Kuhls authored
The gnutils code uses __attribute__((constructor)) and __attribute__((destructor)) to call constructor/desctructor when a shared library is loaded. Constructor/desctructor are not used when a static library is used (except when if -Wl,--whole-archive -lgnutls -Wno-whole-archive is used, not tested). Even if gnutls initialization (_gnutls_global_init()) may be called manually, the gnutls maintainer said it's not supported [1]. "Note that static linking applications with gnutls is not something supported. gnutls relies on library constructors and destructors which are not loaded when linking statically." Now the gnutls script warns about static linking [2]. So disable gnutls statically by adding "depends on !BR2_STATIC_LIBS" at Kconfig level and --disable-static in GNUTLS_CONF_OPTS. Fixes: [taskd] http://autobuild.buildroot.net/results/c2d/c2dd5c1c9dc87d2943c15e58ee56e67d7375368c [ffmpeg] http://autobuild.buildroot.net/results/892/8926d319d6d1cd1ee72239ad7d9ca869d2355628 [sngrep] http://autobuild.buildroot.net/results/f7f/f7fb42d3742f6f01000a0d181e0c785640284405 [1] https://gitlab.com/gnutls/gnutls/issues/203 [2] https://gitlab.com/gnutls/gnutls/commit/6b748886799f88ddee9721dba4fc4d52854832ae Signed-off-by:
Romain Naour <romain.naour@gmail.com> Tested-by:
-
Romain Naour authored
As reported by Bernd [1], using POST_EXTRACT to copy linux_syscall_support.h break the legal-info target when google-breakpad package is selected: /usr/bin/install: cannot stat '/home/bernd/buildroot/buildroot/output/ost/usr/i586-buildroot-linux-uclibc/sysroot/usr/include/linux_syscall_support.h': No such file or directory This is because linux_syscall_support.h is installed by a dependency of google-breakpad, and dependencies are only guaranteed to be available for the configure step of a package. To fix this, we use a PRE_CONFIGURE hook instead of POST_EXTRACT hook. [1] http://lists.busybox.net/pipermail/buildroot/2017-May/192844.html Reported-by:
-
Romain Naour authored
firejail has been marked as broken since 3ad100fd Signed-off-by:
-
Bernd Kuhls authored
Also use bz2 tarball and provide md5 & sha256 hashes. Signed-off-by:
-
Bernd Kuhls authored
Signed-off-by:
-
Bernd Kuhls authored
Signed-off-by:
-
Bernd Kuhls authored
The project moved to github, the current download URL is broken: $ wget -q http://www.msweet.org/files/project3/mxml-2.10.tar.gz $ file mxml-2.10.tar.gz mxml-2.10.tar.gz: HTML document, UTF-8 Unicode text, with very long lines Signed-off-by:
-
Frank Hunleth authored
Signed-off-by:
Frank Hunleth <fhunleth@troodon-software.com> Signed-off-by:
-
Baruch Siach authored
ola does not build with current protobuf. Upstream bug report is still open. https://github.com/OpenLightingProject/ola/issues/1192 Cc: Dave Skok <blanco.ether@gmail.com> Signed-off-by:
-
Bernd Kuhls authored
For details refer to release notes: http://lists.gnu.org/archive/html/info-gnu/2017-05/msg00014.html Signed-off-by:
-
Bernd Kuhls authored
The project moved to github: http://stella.sourceforge.net/ Signed-off-by:
-
Thomas Petazzoni authored
His e-mail address is bouncing: <andrew.ruder@elecsyscorp.com>: host mx1-us1.ppe-hosted.com[67.231.154.162] said: 550 5.7.1 <andrew.ruder@elecsyscorp.com>: Recipient address rejected: User email address is marked as invalid. (in reply to RCPT TO command) Signed-off-by:
-
- May 28, 2017
-
-
Bernd Kuhls authored
Fixes http://autobuild.buildroot.net/results/7f1/7f1ecccbfdb6bd95824d9c884f1577e71e0e1e09/ http://autobuild.buildroot.net/results/c0b/c0b1bdcc5fbddf8b996b923015184d753882d4b8/ Signed-off-by:
-
Bernd Kuhls authored
Fixes buffer overflow: https://mail.coreboot.org/pipermail/flashrom/2016-March/014523.html Removed patch 0002-sys-io.h.patch, not needed anymore, hwaccess.h now contains a similar fix: elif defined(__linux__) || defined(__GLIBC__) Signed-off-by:
-
Bernd Kuhls authored
Release notes: https://kodi.tv/article/kodi-v173-minor-bug-fix-and-security-release "Fix possible security flaw which could abused .zip files which try to traverse to a parent directory" For details about the security bug refer to http://blog.checkpoint.com/2017/05/23/hacked-in-translation/ Signed-off-by:
-
Romain Naour authored
When linking demo_mn_console statically with pcap, the CMake build system forget to link with other libraries linked with libpcap (-lnl-genl-3 -lnl-3 -ldbus-1 -pthread). [100%] Linking C executable demo_mn_console lib64/libpcap.a(pcap-linux.o): In function nl80211_init': pcap-linux.c:(.text+0x41e): undefined reference tonl_socket_alloc' To fix this, the build system could use pcap-config: pcap-config --libs --static -L/path/to/sysroot/usr/lib -lpcap -L/path/to/sysroot/usr/lib/.libs -lnl-genl-3 -lnl-3 -L/path/to/sysroot/usr/lib -ldbus-1 -pthread Also don't use getopt() from contrib directory to avoid a clash with libc definition. Fixes: http://autobuild.buildroot.net/results/f43/f437d09ac6c689c911e1885b95da33b692f2cb3c http://autobuild.buildroot.net/results/385/3859dc0f4de7e3284a96d5841f040f69f71842df https://github.com/OpenAutomationTechnologies/openPOWERLINK_V2/issues/187 Signed-off-by:
-
Bernd Kuhls authored
Fixes mpd: http://autobuild.buildroot.net/results/799/7997ccd698f03885f98d00bd150dc3a578e4b161/ Signed-off-by:
-
Bernd Kuhls authored
Fixes CVE-2015-7747 Signed-off-by:
-
Luca Ceresoli authored
The 'lines' variable is overwritten with its own fields. Thus it contains a line first, and then a list of fields -- it never contains 'lines'. Use two different variables named 'line' and 'fields' to make the code more readable. Signed-off-by:
Luca Ceresoli <luca@lucaceresoli.net> Acked-by:
Ricardo Martincoski <ricardo.martincoski@gmail.com> Signed-off-by:
-
Luca Ceresoli authored
We only have a positive test for it, in ext4. Let's have a negative one as well. Signed-off-by:
-
- May 27, 2017
-
-
Adam Duskett authored
Signed-off-by:
Adam Duskett <aduskett@codeblue.com> Signed-off-by:
-
Romain Naour authored
dhcp.mk tries to create dhcp.conf in a non-existant directory. Fixes: http://autobuild.buildroot.net/results/40e/40e48f74b586ce380766cf31473932e43090671e Signed-off-by:
-
Bernd Kuhls authored
Make sure that libiconv is built before popt when needed. Signed-off-by:
-
Bernd Kuhls authored
Prior to glibc 2.18, definitions like SIZE_MAX or INT_FAST32_MAX from <stdint.h> were only made available for C code, or in C++ if __STDC_LIMIT_MACROS was defined. The code from jasper uses such definitions, without defining __STDC_LIMIT_MACROS. Unfortunately, defining __STDC_LIMIT_MACROS in the jasper headers doesn't work, since <stdint.h> has already been included before, at a point where __STDC_LIMIT_MACROS was not defined. So to solve this problem, we simply pass -D__STDC_LIMIT_MACROS in CXXFLAGS when building opencv with jasper support. This patch uses the same solution used for libraw: https://git.buildroot.net/buildroot/commit/package/libraw?id=d246cf5fd01bb0d20a0e64194ffed514ea8dd0aa Fixes: http://autobuild.buildroot.net/results/095/095f7574afdb633c59a625cd063de03644b6d3a7/ Signed-off-by:
-
Bernd Kuhls authored
AC_ARG_WITH([libudev] was removed in version 1.12.0: https://git.linuxtv.org/v4l-utils.git/commit/configure.ac?id=3aba7817cd1994e6da00651114368db8171eabcc Signed-off-by:
-
Ilias Apalodimas authored
keepalived fails to build on toolchains with headers older than 3.4, because of a namespace clash between the xt_set.h header from the kernel and the linux_ip_set.h header installed by ipset. Even though keepalived does check for pre-3.4 headers, the check somehow fails to work correctly. We fix that by making keepalived depend on headers 3.4 or later. Fixes: http://autobuild.buildroot.org/results/770/770d8fd2f3bacbdbe233da1b4d6e64e20a84d5a5/ http://autobuild.buildroot.org/results/1ad/1adb710b915427f681eae37452a0942833ce533e/ http://autobuild.buildroot.org/results/70b/70b31547e51ec7213372d2ef07bec34c5df77560/ [...] Signed-off-by:
Ilias Apalodimas <apalos@gmail.com> Reviewed-by:
"Yann E. MORIN" <yann.morin.1998@free.fr> Signed-off-by:
-
- May 26, 2017
-
-
Bernd Kuhls authored
Signed-off-by:
-
Bernd Kuhls authored
Signed-off-by:
-
- May 25, 2017
-
-
Alexey Brodkin authored
This reverts commit 459f7302. libcdio building is fixed for ARC in 2b360bd5 "gcc: arc-2017.03-rc2: Fix "unrecognized supposed constant" error" Signed-off-by:
Alexey Brodkin <abrodkin@synopsys.com> Tested-by:
-
Alexey Brodkin authored
Fixes building of quagga [1]: ------------------------------>8--------------------------- 839:1: error: unrecognizable insn: } ^ (insn 183 24 26 4 (set (reg:CC_ZN 61 cc) (and:SI (reg:SI 0 r0 [orig:192 _12->id.s_addr ] [192]) (const_int -256 [0xffffffffffffff00]))) ospf_ri.c:790 -1 (nil)) ospf_ri.c:839:1: internal compiler error: in extract_insn, at recog.c:2287 ------------------------------>8--------------------------- [1] http://autobuild.buildroot.net/results/3c1/3c12c4609d4a77ab8ccd3ea94840884d70520efai Signed-off-by: -
Alexey Brodkin authored
This commit finally bumps ARC toolchain to arc-2017.03 release. More info on this release could be found here: https://github.com/foss-for-synopsys-dwc-arc-processors/toolchain/releases/tag/arc-2017.03 Note mentioned above web-page is not yet populated but should be very soon. As a safe fall-back interested could refer to RC2 page here: https://github.com/foss-for-synopsys-dwc-arc-processors/toolchain/releases/tag/arc-2017.03-rc2 Signed-off-by:
-
