- Mar 24, 2022
-
-
Peter Korsgaard authored
Signed-off-by:Peter Korsgaard <peter@korsgaard.com>
-
Peter Korsgaard authored
Signed-off-by:
-
Peter Seiderer authored
- add 0008-eglconvenience-add-missing-QList-include.patch to fix eglconvenience compile (missing QList include) Fixes: qeglconvenience.cpp:418:23: error: variable ‘QList<QByteArray> extensions’ has initializer but incomplete type 418 | QList<QByteArray> extensions = | ^~~~~~~~~~ qeglconvenience.cpp:420:65: error: invalid use of incomplete type ‘class QList<QByteArray>’ 420 | (eglQueryString(display, EGL_EXTENSIONS))).split(' '); | ^ Signed-off-by:Peter Seiderer <ps.report@gmx.net> Signed-off-by:
Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
-
Quentin Schulz authored
CVE-2021-38593 fixes originally missed a usecase that was covered by the to-be-removed patch. However, this patch was incorrect and added some issues on its own, which was then fixed by now-removed 0012-Refix-for-avoiding-huge-number-of-tiny-dashes.patch. Unfortunately for us, the to-be-removed patch (fixed by 0012-Refix-for-avoiding-huge-number-of-tiny-dashes.patch) can actually be applied (with fuzz; by `patch` only) on top of the now-removed patch. When the move to KDE Qt fork was made, some patches were removed as they were already part of the new git fork. However, the to-be-removed patch was not. This means the 0012-Refix-for-avoiding-huge-number-of-tiny-dashes.patch was actually undone when Buildroot patched qt5base. Let's remove this patch to fix this oversight. As a reference: e7ea2ed27c Improve fix for avoiding huge number of tiny dashes fixed by 65b3aa6a1c Refix for avoiding huge number of tiny dashes in the git repo. Fixes: 5770a645 "package/qt5: bump packages to latest kde submodule versions" Cc: Quentin Schulz <foss+buildroot@0leil.net> Signed-off-by:
Quentin Schulz <quentin.schulz@theobroma-systems.com> [Arnout: renumber patches 0007 and 0008] Signed-off-by:
-
Kyle Harding authored
The file descriptor limit when using the builtin mini-event cannot handle more than 1024 file descriptors. https://unbound.docs.nlnetlabs.nl/en/latest/topics/performance.html?highlight=libevent#using-libevent Without explicit --with-libevent, it uses the builtin mini-event. Signed-off-by:
Kyle Harding <kyle@balena.io> Signed-off-by:
-
James Hilliard authored
Signed-off-by:
James Hilliard <james.hilliard1@gmail.com> Signed-off-by:
-
James Hilliard authored
Signed-off-by:
-
Théo Lebrun authored
This patch has been applied upstream and is required to allow having default devices on non x86_64 platforms with WirePlumber v0.4.8. https://gitlab.freedesktop.org/pipewire/wireplumber/-/commit/e429db7e8c266045aee25e153fb2308bd61fe233 Signed-off-by:
Théo Lebrun <theo.lebrun@bootlin.com> Signed-off-by:
-
Fabrice Fontaine authored
Signed-off-by:
Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by:
-
Fabrice Fontaine authored
https://code.videolan.org/videolan/libbluray/-/blob/1.3.1/ChangeLog Signed-off-by:
-
Fabrice Fontaine authored
Update indentation in hash file (two spaces) https://code.videolan.org/videolan/libbdplus/-/blob/0.2.0/ChangeLog Signed-off-by:
-
Fabrice Fontaine authored
- Drop avro-c patch (already in version) - Drop python-avro patch (not needed anymore) https://github.com/apache/avro/releases/tag/release-1.11.0 Signed-off-by:
-
Fabrice Fontaine authored
Commit 77704462 forgot to renumber patch Signed-off-by:
-
Fabrice Fontaine authored
Fix the following build failure raised since bump to version 0.40.2 in commit 6acdbb81: [108/298] Generating src/librygel-core/RygelCore-2.6.typelib with a custom command FAILED: src/librygel-core/RygelCore-2.6.typelib /home/giuliobenetti/autobuild/run/instance-3/output-1/host/nios2-buildroot-linux-gnu/sysroot/usr/bin/g-ir-compiler --output src/librygel-core/RygelCore-2.6.typelib /home/giuliobenetti/autobuild/run/instance-3/output-1/build/rygel-0.40.2/build/src/librygel-core/RygelCore-2.6.gir Could not find GIR file 'GUPnP-1.2.gir'; check XDG_DATA_DIRS or use --includedir error parsing file /home/giuliobenetti/autobuild/run/instance-3/output-1/build/rygel-0.40.2/build/src/librygel-core/RygelCore-2.6.gir: Failed to parse included gir GUPnP-1.2 Fixes: - http://autobuild.buildroot.org/results/2b8956818f03f66a53480f7ed5fc0abb4f05288d Signed-off-by:
-
Francois Perrad authored
diff README: -2013, 2014, 2015, 2016, 2017, 2018, 2019, 2020, 2021 by Larry Wall and others. +2013, 2014, 2015, 2016, 2017, 2018, 2019, 2020, 2021, 2022 +by Larry Wall and others. Signed-off-by:
Francois Perrad <francois.perrad@gadz.org> Signed-off-by:
-
Fabrice Fontaine authored
Fix the following build failure raised on uclibc and musl since the reintroduction of the package in commit 16ff9484: /home/buildroot/autobuild/instance-1/output-1/host/opt/ext-toolchain/bin/../lib/gcc/arm-buildroot-linux-uclibcgnueabi/10.3.0/../../../../arm-buildroot-linux-uclibcgnueabi/bin/ld: /home/buildroot/autobuild/instance-1/output-1/host/arm-buildroot-linux-uclibcgnueabi/sysroot/usr/lib/libabsl_stacktrace.so.2111.0.0: undefined reference to `backtrace' Fixes: - http://autobuild.buildroot.org/results/63ab2bc86cad03d5258492b17d1707078761d9b3 Signed-off-by:
-
Mirza Kapetanovic authored
Enable the python-rpi-gpio package on 64-bit ARM architectures. I've tested this with a Raspberry Pi 4 64-bit and Python 3 build and it works as expected. Signed-off-by:
Mirza Kapetanovic <mirza.kapetanovic@gmail.com> Signed-off-by:
-
Joel Stanley authored
When generating a filesystem image on a power10 build machine running Ubuntu, we see a segfault when fakeroot is running chmod. This has been reported and fixed upstream in Debian in version 1.26-1.2: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=995393#53 Add the same patch to resolve the segfault. Signed-off-by:
Joel Stanley <joel@jms.id.au> [Arnout: add patch signoff and give proper name (check-package)] Signed-off-by:
-
Thomas Huth authored
I'm involved in the upstream kvm-unit-tests and the mcf5208 QEMU machine, so I could help to have a look on these files, too. Signed-off-by:
Thomas Huth <huth@tuxfamily.org> Signed-off-by:
-
James Hilliard authored
Signed-off-by:
-
James Hilliard authored
Signed-off-by:
-
James Hilliard authored
Drop patches that are now upstream. Signed-off-by:
-
Thomas Ruschival authored
While upstream pistache has not yet released a stable 'tag' a lot has changed since June 2020: * project has moved to meson build system, cmake builds do not install headers. * patches in buildroot are no longer required * project-implemented Pistache::Optional was replaced by use of std::optional. This is only available in C++17 * dependency to rapidjson has been introduced Signed-off-by:
Thomas Ruschival <thomas@ruschival.de> Signed-off-by:
-
Fabrice Fontaine authored
Switch to autotools-package to avoid the following static build failure since commit d6617402: [ 56%] Linking C executable rtl_biast /home/peko/autobuild/instance-1/output-1/host/opt/ext-toolchain/bin/../lib/gcc/riscv64-buildroot-linux-musl/10.3.0/../../../../riscv64-buildroot-linux-musl/bin/ld: attempted static link of dynamic object `/home/peko/autobuild/instance-1/output-1/host/riscv64-buildroot-linux-musl/sysroot/lib/libatomic.so' collect2: error: ld returned 1 exit status Drop both cmake-related patches Fixes: - http://autobuild.buildroot.org/results/cf84759682848db8ed5610e1abe5a92337d0e957 Signed-off-by:
-
Neal Frager authored
The git:// location is no longer supported by github, so change to https:// For more details: https://github.blog/2021-09-01-improving-git-protocol-security-github/ Signed-off-by:
Neal Frager <neal.frager@amd.com> Reviewed-by:
Luca Ceresoli <luca@lucaceresoli.net> Signed-off-by:
-
Jason A. Donenfeld authored
Writing into /dev/urandom doesn't actually credit any entropy bits. And while it adds that data to the entropy pool, it won't actually be immediately used when reading from /dev/urandom subsequently. This is how the kernel's /dev/urandom has always worked, unfortunately. As a result of this behavior, which may be understandably surprising, writing a good seed file into /dev/urandom and then saving a new seed file immediately after is dangerous, because the new seed file may wind up being entirely deterministic, even if the old seed file was quite good. This has been fixed in systemd with <https://github.com/systemd/systemd/commit/da2862ef06f22fc8d31dafced6d2d6dc14f2ee0b >, and fortunately it's possible to do the same thing in shell script here. Specifically, instead of just saving new /dev/urandom output straight up, we hash the new /dev/urandom together with the old seed, in order to produce the new seed. This way the amount of entropy in the new seed will stay the same or get better, but not appreciably regress. At the same time, the pool size check in this script is useless. Writing to /dev/urandom never credits bits anyway, so no matter what, writing into /dev/urandom is useful and not harmful. There's also not much of a point in seeding with more than 256 bits, which is what the hashing operation above produces. So this commit removes the file size check. As a final note, while this commit improves upon the status quo by removing a vulnerability, this shell script still does not actually initialize the RNG like it says it does. For initialization via a seed file, the RNDADDENTROPY ioctl must be used but there's currently no way to do that from a shell script for now. Signed-off-by:
Jason A. Donenfeld <Jason@zx2c4.com> Signed-off-by:
Yann E. MORIN <yann.morin.1998@free.fr>
-
- Mar 23, 2022
-
-
Bernd Kuhls authored
Changelog: https://curl.se/changes.html Updated license hash due to copyright year bump: https://github.com/curl/curl/commit/0409192b1fde6b7a4f09667e80ca5dc555eab3f1 The NSS crypto backend requires a special option now, without it configure errors out with: configure: error: NSS use must be confirmed using --with-nss-deprecated. NSS support will be dropped from curl in August 2022. See docs/DEPRECATE.md Since it will be removed entirely soon anyway, and since this version doesn't fix any CVEs so doesn't need to be backported to stable branches, drop the NSS option entirely. Since NSS is going to be removed soon, drop the --without-nss as well. It is never going to be enabled automatically. Signed-off-by:
Bernd Kuhls <bernd.kuhls@t-online.de> [Arnout: drop NSS option entirely, as suggested by Baruch Siach.] Signed-off-by:
-
Bernd Kuhls authored
Release notes: https://dovecot.org/pipermail/dovecot-news/2022-February/000470.html Signed-off-by:
-
Fabrice Fontaine authored
Fix CVE-2022-21716: Twisted is an event-based framework for internet applications, supporting Python 3.6+. Prior to 22.2.0, Twisted SSH client and server implement is able to accept an infinite amount of data for the peer's SSH version identifier. This ends up with a buffer using all the available memory. The attach is a simple as `nc -rv localhost 22 < /dev/zero`. A patch is available in version 22.2.0. There are currently no known workarounds. https://github.com/twisted/twisted/releases/tag/twisted-22.2.0 Signed-off-by:
-
Fabrice Fontaine authored
Fix CVE-2022-26495: In nbd-server in nbd before 3.24, there is an integer overflow with a resultant heap-based buffer overflow. A value of 0xffffffff in the name length field will cause a zero-sized buffer to be allocated for the name, resulting in a write to a dangling pointer. This issue exists for the NBD_OPT_INFO, NBD_OPT_GO, and NBD_OPT_EXPORT_NAME messages. Fix CVE-2022-26496: In nbd-server in nbd before 3.24, there is a stack-based buffer overflow. An attacker can cause a buffer overflow in the parsing of the name field by sending a crafted NBD_OPT_INFO or NBD_OPT_GO message with an large value as the length of the name. https://github.com/NetworkBlockDevice/nbd/compare/nbd-3.21...nbd-3.24 Signed-off-by:
-
Fabrice Fontaine authored
Fix the following build failure on sparc v8 raised since commit 5770a645: ERROR: detected a std::atomic implementation that fails for function pointers. Please apply the patch corresponding to your Standard Library vendor, found in qtbase/config.tests/atomicfptr Fixes: - http://autobuild.buildroot.org/results/5a2/5a20e984a5536165056b3fbd93b8712e8ddbeed4/build-end.log Signed-off-by:
-
Fabrice Fontaine authored
Commit 5770a645 forgot to update CVE comments Signed-off-by:
-
Fabrice Fontaine authored
Fix the following build failure raised on uclibc and musl since the reintroduction of the package in commit 16ff9484: /home/giuliobenetti/autobuild/run/instance-3/output-1/host/opt/ext-toolchain/bin/../lib/gcc/arc-buildroot-linux-uclibc/10.2.0/../../../../arc-buildroot-linux-uclibc/bin/ld: common/.libs/libolacommon.so: undefined reference to `backtrace' Fixes: - http://autobuild.buildroot.org/results/4362b20d786a0f44268ec32a689c23ac6d3b71c6 Signed-off-by:
-
As explained in the previous commit, AUTORECONF is necessary to handle a build failure. Add a comment to make sure it doesn't get removed again in the future. Signed-off-by: -
Fabrice Fontaine authored
This reverts commit 66d348ae because for an unknown reason, the build fails if autoreconf is dropped: /home/buildroot/autobuild/instance-2/output-1/host/opt/ext-toolchain/bin/../lib/gcc/i686-buildroot-linux-uclibc/9.3.0/../../../../i686-buildroot-linux-uclibc/bin/ld: warning: libolauartdmx.so.0, needed by olad/.libs/libolaserver.so, not found (try using -rpath or -rpath-link) /home/buildroot/autobuild/instance-2/output-1/host/opt/ext-toolchain/bin/../lib/gcc/i686-buildroot-linux-uclibc/9.3.0/../../../../i686-buildroot-linux-uclibc/bin/ld: warning: libolaserverplugininterface.so.0, needed by olad/.libs/libolaserver.so, not found (try using -rpath or -rpath-link) Fixes: - http://autobuild.buildroot.org/results/f8164c69da0b9fa38081e8b785d8234f0f297ae1 Signed-off-by:
-
Julien Olivain authored
This commit drop patches, as they are now included upstream or no longer needed. It also introduces a new patch to fix a build failure for nios2. MySQL include and library paths can now be provided in variables passed to the build command. Variables MYSQL_{INC,LIB}DIR are renamed to POCO_MYSQL_{INCLUDE,LIB}. For PostgreSQL support, variables POCO_PGSQL_{INCLUDE,LIB} are also passed the same way to the build command. This poco version 1.11.1 introduces a new ActiveRecord component. For changelog, see: https://raw.githubusercontent.com/pocoproject/poco/poco-1.11.1-release/CHANGELOG Signed-off-by:Julien Olivain <ju.o@free.fr> Signed-off-by:
-
Julien Olivain authored
PostgreSQL support was introduced in poco v1.10.0, in commit: https://github.com/pocoproject/poco/commit/8cec8f6451b9a0ead80f655eee986040863e3526 Signed-off-by:
-
Julien Olivain authored
For clarity, use the same names used in documentation, and component selection in configure. Valid poco component names are defined in: https://github.com/pocoproject/poco/blob/poco-1.11.1-release/components Signed-off-by:
-
Julien Olivain authored
This commit reorders dependencies and Kconfig package options alphabetically for better maintainability. This commit does not change anything else. Signed-off-by:
-
Neal Frager authored
This patch updates my email address in the DEVELOPERS file. Signed-off-by:
-
