- Nov 24, 2022
-
-
Peter Korsgaard authored
Signed-off-by:Peter Korsgaard <peter@korsgaard.com>
-
Peter Korsgaard authored
Fixes the following security issue: CVE-2022-42898: In MIT krb5 releases 1.8 and later, an authenticated attacker may be able to cause a KDC or kadmind process to crash by reading beyond the bounds of allocated memory, creating a denial of service. A privileged attacker may similarly be able to cause a Kerberos or GSS application service to crash. On 32-bit platforms, an attacker can also cause insufficient memory to be allocated for the result, potentially leading to remote code execution in a KDC, kadmind, or GSS or Kerberos application server process. An attacker with the privileges of a cross-realm KDC may be able to extract secrets from a KDC process's memory by having them copied into the PAC of a new ticket. Bugfix tarballs are located in the same directory as the base version, so introduce LIBKRB5_VERSION_MAJOR. Signed-off-by:
Arnout Vandecappelle <arnout@mind.be>
-
Yann E. MORIN authored
Commit 3dbc86f0 (openssl: bump version, enable mdc2+camellia+tlsext) form 2010-06-03, forced the build of mdc2. Commit a83d4186 (package/libopenssl: add option to enable some features) added an option to explicitly disable mdc2, but forgot to amend the existing enabling option. It appears that, like most (all?) openssl config options, mdc2 ends up enabled unless explicitly disabled. Additionally, mdc2 depends on DES, so without DES, mdc2 gets disabled. So, drop the explicit enabling option, and make mdc2 select DES. Signed-off-by:
Yann E. MORIN <yann.morin.1998@free.fr> Cc: "GAUTRON, Erwan" <erwan.gautron@bertin.fr> Cc: "Weber, Matthew L Collins" <Matthew.Weber@collins.com> Signed-off-by:
-
Yann E. MORIN authored
Commit a83d4186 (package/libopenssl: add option to enable some features) added an option to enable rc5. However, since commit 1fff9412 (Fixup non-x86 openssl build), dated 2002-12-30, rc5 has always been forcibly disabled in Buildroot. Given that it was unconditionally disabled all this time, and no one complained, it means there is virtually no-one using rc5, so we can just drop the option. Signed-off-by:
-
Michael Nosthoff authored
If the swupdate configuration contains CONFIG_UBOOT=y it uses libubootenv to access the U-Boot environment. We don't have Buildroot config options for all the different optional dependencies of swupdate, instead we rely on the user to select the appropriate packages and simply add the dependency in the .mk file. Do this for libubootenv as well. swupdate doesn't have anything like HAVE_LIBUBOOTENV, it just assumes libubootenv is available. Fixes: bootloader/uboot.c:23:10: fatal error: libuboot.h: No such file or directory 23 | #include <libuboot.h> Note that libubootenv is normally built before swupdate (alphabetical ordering), so the error only occrus with BR2_PER_PACKAGE_DIRECTORIES or when building swupdate directly. Note that the autobuilders don't have this error, because they only build swupdate with a default configuration that doesn't have U-Boot support. Signed-off-by:
Michael Nosthoff <buildroot@heine.tech> Signed-off-by:
-
- Nov 23, 2022
-
-
Fabrice Fontaine authored
This release fixes the following Security Vulnerabilities: - CVE-2022-42898 PAC parse integer overflows - CVE-2022-3437 Overflows and non-constant time leaks in DES{,3} and arcfour - CVE-2022-41916 Fix Unicode normalization read of 1 bytes past end of array - CVE-2021-44758 NULL dereference DoS in SPNEGO acceptors - CVE-2021-3671 A null pointer de-reference when handling missing sname in TGS-REQ - CVE-2022-44640 Heimdal KDC: invalid free in ASN.1 codec Note that CVE-2022-44640 is a severe vulnerability, possibly a 10.0 on the Common Vulnerability Scoring System (CVSS) v3, as we believe it should be possible to get an RCE on a KDC, which means that credentials can be compromised that can be used to impersonate anyone in a realm or forest of realms. Heimdal's ASN.1 compiler generates code that allows specially crafted DER encodings of CHOICEs to invoke the wrong free function on the decoded structure upon decode error. This is known to impact the Heimdal KDC, leading to an invalid free() of an address partly or wholly under the control of the attacker, in turn leading to a potential remote code execution (RCE) vulnerability. This error affects the DER codec for all extensible CHOICE types used in Heimdal, though not all cases will be exploitable. We have not completed a thorough analysis of all the Heimdal components affected, thus the Kerberos client, the X.509 library, and other parts, may be affected as well. This bug has been in Heimdal's ASN.1 compiler since 2005, but it may only affect Heimdal 1.6 and up. It was first reported by Douglas Bagnall, though it had been found independently by the Heimdal maintainers via fuzzing a few weeks earlier. While no zero-day exploit is known, such an exploit will likely be available soon after public disclosure. - CVE-2019-14870: Validate client attributes in protocol-transition - CVE-2019-14870: Apply forwardable policy in protocol-transition - CVE-2019-14870: Always lookup impersonate client in DB Signed-off-by:Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by:
Thomas Petazzoni <thomas.petazzoni@bootlin.com>
-
Yegor Yefremov authored
Signed-off-by:
Yegor Yefremov <yegorslists@googlemail.com> Signed-off-by:
-
Vincent Stehle authoredAdd the host-qemu package to enable testing on gitlab. Signed-off-by:
Vincent Stehlé <vincent.stehle@arm.com>
Cc: Romain Naour <romain.naour@gmail.com>
Signed-off-by: -
Vincent Stehle authored
The edk2 project is licensed under the BSD-2-Clause license with a patent grant, as per commit 304bff7223a8 ("edk2: Change License.txt from 2-Clause BSD to BSD+Patent"). There is a BSD-2-Clause-Patent SPDX license identifier[1] for this case, therefore refine the edk2 package to use this more specific identifier. [1]: https://spdx.org/licenses/BSD-2-Clause-Patent.html Signed-off-by:Vincent Stehlé <vincent.stehle@arm.com>
Cc: Dick Olsson <hi@senzilla.io>
Signed-off-by: -
Vincent Stehle authored
The edk2-platforms project is licensed under the BSD-2-Clause license with a patent grant, as per commit ae604e4ffe8f ("edk2-platforms: Change License.txt from 2-Clause BSD to BSD+Patent"). There is a BSD-2-Clause-Patent SPDX license identifier[1] for this case, therefore refine the edk2-platforms package to use this more specific identifier. [1]: https://spdx.org/licenses/BSD-2-Clause-Patent.html Signed-off-by:Vincent Stehlé <vincent.stehle@arm.com>
Cc: Dick Olsson <hi@senzilla.io>
Signed-off-by: -
Peter Korsgaard authored
Fixes the following security issue: CVE-2022-45061: An issue was discovered in Python before 3.11.1. An unnecessary quadratic algorithm exists in one path when processing some inputs to the IDNA (RFC 3490) decoder, such that a crafted, unreasonably long name being presented to the decoder could lead to a CPU denial of service. Hostnames are often supplied by remote servers that could be controlled by a malicious actor; in such a scenario, they could trigger excessive CPU consumption on the client attempting to make use of an attacker-supplied supposed hostname. For example, the attack payload could be placed in the Location header of an HTTP response with status code 302. Signed-off-by: -
Brandon Maier authored
Commit d07e6b70 (boot/uboot/uboot.mk: add pmufw.elf support) broke configurations where the UBOOT_ZYNQMP_PMUFW was blank. Previously it would set the U-Boot CONFIG_PMUFW_INIT_FILE to the blank string, but now it will set it to ".bin" which causes U-Boot to fail to build. Signed-off-by:
Brandon Maier <brandon.maier@collins.com> Reviewed-by:
Luca Ceresoli <luca.ceresoli@bootlin.com> Signed-off-by:
Neal Frager <neal.frager@amd.com> Signed-off-by:
-
Peter Korsgaard authored
Signed-off-by: -
Michael Fischer authored
Brings a number of fixes: https://dev.gnupg.org/T6106 Add patch 0001 to fix undefined reference to `ks_ldap_free_state' backported from commit 7011286ce6e1fb56c2989fdafbd11b931c489faa Signed-off-by:
Michael Fischer <mf@go-sys.de> [Peter: add changelog info] Signed-off-by:
-
- Nov 22, 2022
-
-
Marek Metelski authored
Copy default $DAEMON_ARGS from systemd service to sysv init script. Make GITLAB_RUNNER_USER home directory the same as default --work-directory (-d) flag. Run sysv daemon process using root user (remove -c option) This is needed to correctly access config files as specified. System access can still be limited with gitlab-runner `--user` flag. Use same $DAEMON_ARGS variable name so it can be overwritten in /etc/default/gitlab-runner environment file in both cases. Signed-off-by:
Marek Metelski <marek.metelski@grinn-global.com> Reviewed-by:
Marcin Niestroj <m.niestroj@grinn-global.com> Signed-off-by:
-
James Hilliard authored
In 5b3b2d80 we dropped dbus as a build dependency, however we still need it when building with systemd so that the service directory is available via pkg-config. In addition we can drop --with-dbus-datadir by unconditionally requiring dbus as the datadir will then be fetched from pkg-config. Fixes: checking D-Bus bus services directory... configure: error: D-Bus bus services directory is required http://autobuild.buildroot.net/results/4a48676460e6ce588897598f0022ec840b4b4b8d/ Signed-off-by:
James Hilliard <james.hilliard1@gmail.com> Signed-off-by:
-
Vincent Stehle authored
The edk2 package can be configured for platform Arm Sgi575 but this does not build correctly: Usage: build.exe [options] [all|fds|genc|genmake|clean|cleanall|cleanlib|modules|libraries|run] build.exe: error: option -a: invalid choice: '-b' (choose from 'IA32', 'X64', 'EBC', 'ARM', 'AARCH64', 'RISCV64') make[1]: *** [package/pkg-generic.mk:293: /home/thomas/buildroot/buildroot/output/build/edk2-edk2-stable202102/.stamp_built] Error 2 make: *** [Makefile:84: _all] Error 2 Add the necessary definitions to fix the build. Signed-off-by:
Vincent Stehlé <vincent.stehle@arm.com>
Cc: Dick Olsson <hi@senzilla.io>
Signed-off-by:
-
- Nov 21, 2022
-
-
Giulio Benetti authored
Drop local patch that has been upstreamed[0] and drop the endianness handling too since from this commit[1] on it's handled by using Linux macro __LITTLE_ENDIAN. [0]: https://github.com/jwrdegoede/rtl8189ES_linux/commit/4a555ffb77a5947814b6c7f330968318e265c496 [1]: https://github.com/jwrdegoede/rtl8189ES_linux/commit/b3da33576da5359d85c7cfe82716c9a08a592aff Fixes: http://autobuild.buildroot.net/results/6178fbfbe9fe762645b1907c4ceb032a00e75a89/ Signed-off-by:
Giulio Benetti <giulio.benetti@benettiengineering.com> Signed-off-by:
-
Miquel Raynal authored
I am not really maintaining these packages, I don't follow closely enough nor use them to take the time to make the necessary changes. Giulio has been much more reactive than me to fix issues and he is already listed for them anyway. Cc: Giulio Benetti <giulio.benetti@benettiengineering.com> Signed-off-by:
Miquel Raynal <miquel.raynal@bootlin.com> Signed-off-by:
-
Giulio Benetti authored
Add local patch pending upstream[0] to override CFLAGS to set endianness according to BR2_ENDIAN. Let's also bump version to latest to support up to Linux 6.1. [0]: https://github.com/lwfinger/rtl8723ds/pull/29 Fixes: http://autobuild.buildroot.net/results/2646ec0512f867e20c25c1d0a6417826218942d6/ Signed-off-by:
-
Bernd Kuhls authored
Moved the util/compiler.h include to util/macros.h due to upstream commit which added static_assert() to src/util/macros.h https://cgit.freedesktop.org/mesa/mesa/commit/src/util/macros.h?h=22.2&id=f1023571e8ce7ccb6ec7bc115240cb76aef3e5e5 Please note that this patch can be removed when buildroot toolchains are updated to uClibc 1.0.42: https://cgit.uclibc-ng.org/cgi/cgit/uclibc-ng.git/commit/?h=v1.0.42&id=03fbd941e943976bb92cb392882c2ff7ec218704 Fixes: http://autobuild.buildroot.net/results/a55/a55d6980faad8b5063f8f4f8b89467061d44a2ae/ Signed-off-by:
Bernd Kuhls <bernd.kuhls@t-online.de> Signed-off-by:
-
Thomas Petazzoni authored
igh-ethercat comes with a small number of patched Linux kernel network drivers, which aim at replacing the ones available in upstream Linux kernel. All those drivers are provided only for specific kernel releases. For example: r8169-2.6.24-ethercat.c r8169-2.6.24-orig.c r8169-2.6.27-ethercat.c r8169-2.6.27-orig.c r8169-2.6.28-ethercat.c r8169-2.6.28-orig.c r8169-2.6.29-ethercat.c r8169-2.6.29-orig.c r8169-2.6.31-ethercat.c r8169-2.6.31-orig.c r8169-2.6.32-ethercat.c r8169-2.6.32-orig.c r8169-2.6.33-ethercat.c r8169-2.6.33-orig.c r8169-2.6.35-ethercat.c r8169-2.6.35-orig.c r8169-2.6.36-ethercat.c r8169-2.6.36-orig.c r8169-2.6.37-ethercat.c r8169-2.6.37-orig.c r8169-3.10-ethercat.c r8169-3.10-orig.c r8169-3.12-ethercat.c r8169-3.12-orig.c r8169-3.14-ethercat.c r8169-3.14-orig.c r8169-3.16-ethercat.c r8169-3.16-orig.c r8169-3.2-ethercat.c r8169-3.2-orig.c r8169-3.4-ethercat.c r8169-3.4-orig.c r8169-3.6-ethercat.c r8169-3.6-orig.c r8169-3.8-ethercat.c r8169-3.8-orig.c r8169-4.4-ethercat.c r8169-4.4-orig.c Obviously, this doesn't play well with the random configuration testing done by utils/genrandconfig. This commit avoids this issue by making sure we never build any of those drivers as part of the genrandconfig generated configurations. Fixes: http://autobuild.buildroot.net/results/07b7475d780c067d99ee5618a5fd2bb024a5b4e7/ Signed-off-by:
-
Thomas Petazzoni authored
The current version 1.5.2 dates back from 2013, so it is extremely old. The latest master branch of igh-ethercat contains numerous fixes, including fixes to ensure that it builds with recent Linux kernel releases. Backporting the individual patches fixing those issues on a 9 year old release would be too much effort, so we propose to simply bump the version to the latest available in the Git master branch. Fixes: http://autobuild.buildroot.net/results/4dc9b71c805a8156bcf8f398edd3a30f2b6ac6da/ Signed-off-by:
-
Giulio Benetti authored
Make 4.3.91 doesn't allow to safely override Simple Expanded Variables, so let's add a patch pending upstream[0] to make those variable Conditional Expanded. [0]: https://bugzilla.mozilla.org/show_bug.cgi?id=1801182 Fixes: http://autobuild.buildroot.net/results/1074143dbea60567cd83be0a23f7c0214d470de9/ Signed-off-by:
-
Peter Korsgaard authored
SDL v1.2 was discovered to contain a use-after-free via the XFree function at /src/video/x11/SDL_x11yuv.c. https://github.com/advisories/GHSA-wr7h-5wm3-p3h4 Signed-off-by:
-
Michael Fischer authored
Fixes #6421 Backport from: da9ba3a2a1536017e4ce1ee0f4276578d1ce6e29 Signed-off-by:
-
Fabrice Fontaine authored
Fix the following runtime failure raised since bump of popt to version 1.19 in commit 895bfba9: Problem opening for reading! Error is 2. The specified file does not exist! Fixes: - No autobuilder failure Signed-off-by:
Florian Fainelli <f.fainelli@gmail.com> Tested-by:
-
- Nov 20, 2022
-
-
Peter Korsgaard authored
Fixes the following security issue: - CVE-2022-42898: Samba buffer overflow vulnerabilities on 32-bit systems https://www.samba.org/samba/security/CVE-2022-42898.html Signed-off-by:
-
Peter Korsgaard authored
Asterisk 16.26.0 fixed the following security issues: - [ASTERISK-29476] – res_stir_shaken: Blind SSRF vulnerabilities https://issues.asterisk.org/jira/browse/ASTERISK-29476 - [ASTERISK-29838] – ${SQL_ESC()} not correctly escaping a terminating \ https://issues.asterisk.org/jira/browse/ASTERISK-29838 - [ASTERISK-29872] – res_stir_shaken: Resource exhaustion with large files https://issues.asterisk.org/jira/browse/ASTERISK-29872 https://www.asterisk.org/asterisk-news/asterisk-16-26-0-now-available/ It unfortunately also introduced a change to chan_iax2, breaking builds without OpenSSL: https://github.com/asterisk/asterisk/commit/59a8cdaca2dbb5eeb7382dfbe78c0c1cbed8ce6d Which was again fixed in 16.28.0: https://github.com/asterisk/asterisk/commit/f812dfb68c6ed7ae55b4c163716fd1ddc063ff54 So bump to 16.28.0: https://www.asterisk.org/asterisk-news/asterisk-16-28-0-now-available/ The libxml2 support now uses pkg-config, so drop the libxml2-config handling: https://github.com/asterisk/asterisk/commit/bf9dafa7c22302b2f1a12b8216da63102116d9c9 Signed-off-by:
-
Peter Korsgaard authored
Fixes the following security issue: - CVE-2022-3821: An off-by-one Error issue was discovered in Systemd in format_timespan() function of time-util.c. An attacker could supply specific values for time and accuracy that leads to buffer overrun in format_timespan(), leading to a Denial of Service. https://github.com/systemd/systemd/issues/23928 Drop now upstream 0001-missing-syscall-define-MOVE_MOUNT_T_EMPTY_PATH-if-mi.patch Signed-off-by:
-
Fabrice Fontaine authored
Fix CVE-2022-39377: sysstat is a set of system performance tools for the Linux operating system. On 32 bit systems, in versions 9.1.16 and newer but prior to 12.7.1, allocate_structures contains a size_t overflow in sa_common.c. The allocate_structures function insufficiently checks bounds before arithmetic multiplication, allowing for an overflow in the size allocated for the buffer representing system activities. This issue may lead to Remote Code Execution (RCE). Despite what is written above in the CVE announcement, and as written in the Changelog, the fix is also included in version 12.6.1 (12.7.1 is a development version): https://github.com/sysstat/sysstat/commit/c1e631eddc50c04e4dcea169ba396bee2bd6b0ab As a consequence, 12.6.1 is still reported as being affected. Until the NVD is updated appropriately, we mark the CVE as ignored with a comment that explains why. Note: that commit is not reachable from any branch in the sysstat repository, and Github warns about that, but the commit does belong to the upstream repository and is reachable from the 12.6.1 tag (it looks like sysstat only pushes tags-with-history for fix releases). https://github.com/sysstat/sysstat/security/advisories/GHSA-q8r6-g56f-9w7x https://github.com/sysstat/sysstat/blob/v12.6.1/CHANGES Signed-off-by: -
Alexander Lukichev authored
openpgm-5-3-128 has assembly code for x86 that is not guarded by architecture defines. A patch to fix that has been merged upstream some time ago, and the next release will have it. This includes that patch for the time being. Fixes: http://autobuild.buildroot.net/results/338291e5bf0671cb7ed7a32cc10e546c7a521acc Fixes: http://autobuild.buildroot.net/results/3ab6d7f9ee841fa18c1c220d722b1c06ca1fff30 Fixes: http://autobuild.buildroot.net/results/68e840b1fec8f14775cef0b6a14d9b847337324b Signed-off-by:
Alexander Lukichev <alexander.lukichev@gmail.com> Signed-off-by:
-
Peter Korsgaard authored
Fixes the following security issue: CVE-2022-45063: xterm before 375 allows code execution via font ops, e.g., because an OSC 50 response may have Ctrl-g and therefore lead to command execution within the vi line-editing mode of Zsh: https://www.openwall.com/lists/oss-security/2022/11/10/1 Additionally, patch 376 fixes a null pointer access issue: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1022942 Signed-off-by:
-
Peter Korsgaard authored
Includes a number of bugfixes and the security fixes up to xsa-400: https://xenproject.org/downloads/xen-project-archives/xen-project-4-14-series/xen-project-4-14-5/ Signed-off-by:
-
Peter Korsgaard authored
Fixes the following security issue: DNS rebinding in --inspect via invalid octal IP address (Medium) (CVE-2022-43548) The Node.js rebinding protector for --inspect still allows invalid IP address, specifically, the octal format. An example of an octal IP address is 1.09.0.0, the 09 octet is invalid because 9 is not a number in the base 8 number system. Browsers such as Firefox (tested on latest version m105) will still attempt to resolve this invalid octal address via DNS. When combined with an active --inspect session, such as when using VSCode, an attacker can perform DNS rebinding and execute arbitrary code Update license hash for an update of base64 (MIT license) and a change in copyright year: https://github.com/nodejs/node/commit/8ea9a71b15a953cd0936f7e6aae84c62873a77b5 https://github.com/nodejs/node/commit/9f14dc1a8f43a9f3755c673009378b798cbdd73b Signed-off-by:
-
Michael Fischer authored
A severe bug has been found in Libksba , the library used by GnuPG for parsing the ASN.1 structures as used by S/MIME. The bug affects all versions of Libksba before 1.6.2 and may be used for remote code execution. Fix CVE-2022-3515 Signed-off-by:
-
Peter Korsgaard authored
Fixes the following security issues: - CVE-2022-41741: Memory corruption in the ngx_http_mp4_module - CVE-2022-41742: Memory disclosure in the ngx_http_mp4_module https://mailman.nginx.org/archives/list/nginx-announce@nginx.org/message/RBRRON6PYBJJM2XIAPQBFBVLR4Q6IHRA/ Signed-off-by:
-
- Nov 19, 2022
-
-
Fabrice Fontaine authored
Rename configure options to avoid the following build failure raised since bump to version 3.2.5 in commit ae280782: ./simd-checksum-x86_64.cpp: In function 'uint32_t get_checksum1_cpp(char*, int32_t)': ./simd-checksum-x86_64.cpp:89:52: error: multiversioning needs 'ifunc' which is not supported on this target 89 | __attribute__ ((target("default"))) MVSTATIC int32 get_checksum1_avx2_64(schar* buf, int32 len, int32 i, uint32* ps1, uint32* ps2) { return i; } | ^~~~~~~~~~~~~~~~~~~~~ ./simd-checksum-x86_64.cpp:480:1: error: use of multiversioned function without a default 480 | } | ^ If you can't fix the issue, re-run ./configure with --disable-roll-simd. Fixes: - http://autobuild.buildroot.org/results/069da8e585da2e51bfd4f475cc12b9a134954b08 Signed-off-by:
-
Fabrice Fontaine authored
Backported #8403: Fixed multiple client side input validation issues (CVE-2022-39316, CVE-2022-39317, CVE-2022-39318, CVE-2022-39319, CVE-2022-39320, CVE-2022-41877, CVE-2022-39347) https://github.com/FreeRDP/FreeRDP/releases/tag/2.9.0 Signed-off-by:
-
- Nov 17, 2022
-
-
Peter Korsgaard authored
Signed-off-by:
-
