- Dec 05, 2022
-
-
Peter Korsgaard authored
Signed-off-by:Peter Korsgaard <peter@korsgaard.com>
-
Fabrice Fontaine authored
Fix the following build failure with sys/pidfd.h raised since bump to version 5.0.1 in commit db199980: In file included from ../src/lxc/utils.h:23, from ../src/lxc/cgroups/cgfsng.c:51: ../src/lxc/process_utils.h:140:17: error: expected identifier before numeric constant 140 | #define P_PIDFD 3 | ^ Fixes: - http://autobuild.buildroot.org/results/c9ff42a921ca47f634f908bab80c80164c227a02 Signed-off-by:
Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by:
-
Fabrice Fontaine authored
Add a custom case to make sure that a random configuration with an empty board for mxs-bootlets doesn't fail. It reverts to BR2_TARGET_MXS_BOOTLETS_STMP37xx in that case. >>> mxs-bootlets 10.12.01 Building BOARD= CROSS_COMPILE="/home/thomas/autobuild/instance-1/output-1/per-package/mxs-bootlets/host/bin/arm-buildroot-linux-uclibcgnueabi-" /usr/bin/make -j1 -C /home/thomas/autobuild/instance-1/output-1/build/mxs-bootlets-10.12.01 power_prep /home/thomas/autobuild/instance-1/output-1/per-package/xinetd/host/bin/arm-buildroot-linux-uclibcgnueabi-gcc -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -O2 -g0 -static -DNO_RPC -I../../include -c -o inet_aton.o inet_aton.c make[1]: Entering directory '/home/thomas/autobuild/instance-1/buildroot' make[1]: warning: -j1 forced in submake: resetting jobserver mode. build power_prep /usr/bin/make -C power_prep ARCH= BOARD= make[2]: Entering directory '/home/thomas/autobuild/instance-1/output-1/build/mxs-bootlets-10.12.01/power_prep' /usr/bin/make -C ./../mach-/hw make[3]: Entering directory '/home/thomas/autobuild/instance-1/output-1/build/mxs-bootlets-10.12.01/power_prep' make[3]: *** ../mach-/hw: No such file or directory. Stop. Fixes: - http://autobuild.buildroot.org/results/44a2efc64b9b8ff4541430d6b649e7a11a4e4873 Signed-off-by:
-
- Dec 04, 2022
-
-
Jesse Van Gavere authored
Signed-off-by:
Jesse Van Gavere <jesseevg@gmail.com> Signed-off-by:
Yann E. MORIN <yann.morin.1998@free.fr>
-
Fabrice Fontaine authored
Commit 343974b9 forgot to change the licensing information which has been updated with https://code.qt.io/cgit/qt/qtserialport.git/commit/?id=bb05a26d52c834cc7f3c549f3e5d66f76baf42a2 resulting in the following build failure: ERROR: LICENSE.GPL2 has wrong sha256 hash: ERROR: expected: 8177f97513213526df2cf6184d8ff986c675afb514d4e68a404010521b880643 ERROR: got : Fixes: - No autobuilder failures yet Signed-off-by:
-
Fabrice Fontaine authored
Commit 343974b9 forgot to change the licensing information which has been updated with https://code.qt.io/cgit/qt/qtbase.git/commit/?id=05fc3aef53348fb58be6308076e000825b704e58 resulting in the following build failure: ERROR: LICENSE.GPL2 has wrong sha256 hash: ERROR: expected: 8177f97513213526df2cf6184d8ff986c675afb514d4e68a404010521b880643 ERROR: got : Fixes: - http://autobuild.buildroot.org/results/bf20b7457349f1bb7a82d471ad2c9e4307ac540c Signed-off-by:
-
Fabrice Fontaine authored
Fix the following sh4 build failure raised since the addition of the package in commit e10431db: INFO: sh4aeb-linux-gcc: scipy/special/_test_round.c scipy/special/_test_round.c: In function '__pyx_pf_5scipy_7special_11_test_round_have_fenv': scipy/special/_test_round.c:2353:30: error: 'FE_UPWARD' undeclared (first use in this function) 2353 | __pyx_t_1 = ((fesetround(FE_UPWARD) != 0) != 0); | ^~~~~~~~~ Retrieve debian patch as upstream doesn't want to fix this SH4 specific issue: https://github.com/scipy/scipy/issues/15584 Fixes: - http://autobuild.buildroot.org/results/b82d8ed02ba5d094a0d4054e0de28e95c9d3554d Signed-off-by:
Thomas Petazzoni <thomas.petazzoni@bootlin.com>
-
Fabrice Fontaine authored
zlib is a mandatory dependency of gdb and by default, gdb will use its internal one. Moreover, --with-zlib has been replaced by --with-system-zlib since version 7.10 and https://github.com/bminor/binutils-gdb/commit/fa1f5da0b6ff3622f9bf60e348e149b76920abba Fixes: - https://bugs.buildroot.org/show_bug.cgi?id=15131 Signed-off-by:
-
Fabrice Fontaine authored
The Keccak XKCP SHA-3 reference implementation before fdc6fef has an integer overflow and resultant buffer overflow that allows attackers to execute arbitrary code or eliminate expected cryptographic properties. This occurs in the sponge function interface. Python 3.11 and later switched to using tiny_sha3 in GH-32060, so they should not be affected. https://github.com/python/cpython/issues/98517 Signed-off-by:
-
Fabrice Fontaine authored
Commit b1c4c187 forgot to rename S30optee in optee-client.mk resulting in the following build failure: /usr/bin/install -m 0755 -D package/optee-client//S30optee /home/autobuild/autobuild/instance-0/output-1/target/etc/init.d/S30optee /usr/bin/install: cannot stat 'package/optee-client//S30optee': No such file or directory Fixes: - http://autobuild.buildroot.org/results/21fc165933e6d226de277b62d4ce99342cef0ffb Signed-off-by:
-
- Dec 03, 2022
-
-
Max Filippov authored
elf2flt 2021.08 has changed endianness swapping logic for relocated entries in the text segment. This broke little-endian xtensa FLAT images which now fail to start with the following message: binfmt_flat: reloc outside program 0x24c80100 (0 - 0x6e430/0x56a20) Fix it by restoring old endianness swapping logic for relocated entries in the text segment when building for xtensa. Reported-by:
Niklas Cassel <niklas.cassel@wdc.com> Signed-off-by:
Max Filippov <jcmvbkbc@gmail.com> Signed-off-by:
-
Fabrice Fontaine authored
libpng is a mandatory dependency since bump to version 0.1.1 in commit e2511d88 and https://git.yoctoproject.org/matchbox-keyboard/commit/?id=1d7c5f1e0ad736205151c0df5aa738f942bd3e97: checking for PNG... no configure: error: Package requirements (libpng) were not met: Package 'libpng', required by 'virtual:world', not found Fixes: - http://autobuild.buildroot.org/results/4495f0720d7053a52ff8fef82d18a70a6f20c66b Signed-off-by:
-
Etienne Carriere authored
Fix issues reported by utils/check-package: package/optee-client/S30optee:40: should be indented with tabs (http://nightly.buildroot.org/#adding-packages-start-script) package/optee-client/S30optee:46: should be indented with tabs (http://nightly.buildroot.org/#adding-packages-start-script) package/optee-client/S30optee:47: should be indented with tabs (http://nightly.buildroot.org/#adding-packages-start-script) package/optee-client/S30optee:48: should be indented with tabs (http://nightly.buildroot.org/#adding-packages-start-script) package/optee-client/S30optee:0: filename should be S<number><number><daemon name> (http://nightly.buildroot.org/#adding-packages-start-script ) package/optee-client/S30tee-supplicant:0: run 'shellcheck' and fix the warnings Signed-off-by:Etienne Carriere <etienne.carriere@linaro.org> [yann.morin.1998@free.fr: - fix shellcheck SC2086 - rename the file ] Signed-off-by:
-
Giulio Benetti authored
This driver requires: CONFIG_NET CONFIG_WIRELESS CONFIG_CFG80211 CONFIG_USB_SUPPORT CONFIG_USB to build so let's add them to RTL8723BU_LINUX_CONFIG_FIXUPS. Fixes: http://autobuild.buildroot.net/results/7f3637760ad88d314e6812865f3667d1de091957/ Signed-off-by:
Giulio Benetti <giulio.benetti@benettiengineering.com> Signed-off-by:
-
Fabrice Fontaine authored
When BR2_SHARED_STATIC_LIBS is enabled, both --enable-static and --enable-shared are passed to configure. memcached configure.ac only looks for --enable-static to make the build static. But when linking against openssl pkg-config only returns dynamic linking dependencies, resulting in the following build failure: /home/thomas/autobuild/instance-1/output-1/host/bin/aarch64_be-buildroot-linux-gnu-gcc -std=gnu99 -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -Ofast -g0 -D_FORTIFY_SOURCE=2 -pthread -Wall -pedantic -Wmissing-prototypes -Wmissing-declarations -Wredundant-decls -static -o timedrun timedrun.o -levent -L/home/thomas/autobuild/instance-1/output-1/host/bin/../aarch64_be-buildroot-linux-gnu/sysroot/usr/lib -lssl -lcrypto -ldl /home/thomas/autobuild/instance-1/output-1/host/lib/gcc/aarch64_be-buildroot-linux-gnu/11.3.0/../../../../aarch64_be-buildroot-linux-gnu/bin/ld: memcached-memcached.o: in function `conn_new': memcached.c:(.text+0x1668): undefined reference to `SSL_set_info_callback' BR2_SHARED_STATIC_LIBS only makes sense for libraries, not executable binaries. Pass --disable-static unless BR2_STATIC_LIBS is enabled for static only build. Fixes: - http://autobuild.buildroot.org/results/363c84eaa69350e02bec0b35b88d4bdf4dad804c - http://autobuild.buildroot.org/results/0bde41bb700100d8df5ebdb1b64dfdc76c7af475 Signed-off-by:
-
Heiko Thiery authored
When using make 4.4 the KBOUD_OUTPUT environment variable provided to the linuxptp makefile is not utilized. The added patch will fix that behavior. Fixes: http://autobuild.buildroot.net/results/5294fac7ed04945d47ea4eb2d1448bcbea5352bb/ Cc: James Hilliard <james.hilliard1@gmail.com> Signed-off-by:
Heiko Thiery <heiko.thiery@gmail.com> Signed-off-by:
-
Peter Korsgaard authored
The packaged version has a number of security issues, newer versions require erlang 23+ and nobody has stepped up to maintain it since the issues were reported: http://lists.busybox.net/pipermail/buildroot/2022-November/656230.html So drop the package and add legacy handling for it. Signed-off-by:
-
Peter Korsgaard authored
CVE-2022-3620: A vulnerability was found in Exim and classified as problematic. This issue affects the function dmarc_dns_lookup of the file dmarc.c of the component DMARC Handler. The manipulation leads to use after free. The attack may be initiated remotely. The name of the patch is 12fb3842f81bcbd4a4519d5728f2d7e0e3ca1445. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211919. This vulnerability is in the DMARC handling, which is only used if libopendmarc is available AND SUPPORT_DMARC is set to yes, neither of which is true for Buildroot, so ignore the CVE. Signed-off-by:
-
Peter Korsgaard authored
Fixes CVE-2022-3559: A vulnerability was found in Exim and classified as problematic. This issue affects some unknown processing of the component Regex Handler. The manipulation leads to use after free. The name of the patch is 4e9ed49f8f12eb331b29bd5b6dc3693c520fddc2. It is recommended to apply a patch to fix this issue. The identifier VDB-211073 was assigned to this vulnerability. The upstream patch does not apply to 4.96, so use the backported patches from Debian. Amazingly, the patch needs 3 additional patches to unbreak builds without "WITH_CONTENT_SCAN" (default in Buildroot), so add those as well. Signed-off-by:
-
Fabrice Fontaine authored
In libarchive 3.6.1, the software does not check for an error after calling calloc function that can return with a NULL pointer if the function fails, which leads to a resultant NULL pointer dereference. NOTE: the discoverer cites this CWE-476 remark but third parties dispute the code-execution impact: "In rare circumstances, when NULL is equivalent to the 0x0 memory address and privileged code can access it, then writing or reading memory is possible, which may lead to code execution." Signed-off-by:
-
- Dec 02, 2022
-
-
Zikui Zhao authored
Fixed some spelling mistakes of countable nouns. Signed-off-by:
Zikui Zhao <zhaozikui@eswincomputing.com> Reviewed-by:
Woodrow Douglass <wdouglass@carnegierobotics.com> Signed-off-by:
-
Neal Frager authored
This patch bumps the zynqmp_kria_kv260_defconfig to Xilinx release 2022.2. Xilinx 2022.2 includes: - U-Boot 2022.01 bug fixes - Linux bump to Linux 5.15.36 with bug fixes - TF-A 2.6 bug fixes - PMUFW bug fixes Signed-off-by:
Neal Frager <neal.frager@amd.com> Reviewed-by:
Luca Ceresoli <luca.ceresoli@bootlin.com> Signed-off-by:
-
Neal Frager authored
This patch bumps the zynqmp_zcu106_defconfig to Xilinx release 2022.2. Xilinx 2022.2 includes: - U-Boot 2022.01 bug fixes - Linux bump to Linux 5.15.36 with bug fixes - TF-A 2.6 bug fixes - PMUFW bug fixes Signed-off-by:
-
Neal Frager authored
This patch bumps the zynqmp_zcu102_defconfig to Xilinx release 2022.2. Xilinx 2022.2 includes: - U-Boot 2022.01 bug fixes - Linux bump to Linux 5.15.36 with bug fixes - TF-A 2.6 bug fixes - PMUFW bug fixes Signed-off-by:
-
Fabrice Fontaine authored
Fixes: * CVE-2022-39253: When relying on the `--local` clone optimization, Git dereferences symbolic links in the source repository before creating hardlinks (or copies) of the dereferenced link in the destination repository. This can lead to surprising behavior where arbitrary files are present in a repository's `$GIT_DIR` when cloning from a malicious repository. Git will no longer dereference symbolic links via the `--local` clone mechanism, and will instead refuse to clone repositories that have symbolic links present in the `$GIT_DIR/objects` directory. Additionally, the value of `protocol.file.allow` is changed to be "user" by default. * CVE-2022-39260: An overly-long command string given to `git shell` can result in overflow in `split_cmdline()`, leading to arbitrary heap writes and remote code execution when `git shell` is exposed and the directory `$HOME/git-shell-commands` exists. `git shell` is taught to refuse interactive commands that are longer than 4MiB in size. `split_cmdline()` is hardened to reject inputs larger than 2GiB. https://github.com/git/git/blob/v2.31.5/Documentation/RelNotes/2.31.5.txt Signed-off-by:
-
Fabrice Fontaine authored
Fix CVE-2022-3705: A vulnerability was found in vim and classified as problematic. Affected by this issue is the function qf_update_buffer of the file quickfix.c of the component autocmd Handler. The manipulation leads to use after free. The attack may be launched remotely. Upgrading to version 9.0.0805 is able to address this issue. The name of the patch is d0fab10ed2a86698937e3c3fed2f10bd9bb5e731. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-212324. Signed-off-by:
-
Giulio Benetti authored
Drop local patch that has been upstreamed. Fixes: http://autobuild.buildroot.net/results/fa2/fa2482674d789e7674dc0d83c5f54393beed4d70/ Signed-off-by:
-
Peter Korsgaard authored
Commit 83b43373 (package/netsnmp: security bump to version 5.9.3) dropped the patches, but forgot to remove the autoreconf. Do so now. Signed-off-by:
-
- Dec 01, 2022
-
-
Леонид Юрьев (Leonid Yuriev) authored
This is stable bugfix release of libmdbx, in Family Glory and in memory of Boris Yuriev (the inventor of Helicopter and Swashplate in 1911) on his 133rd birthday. It is reasonable to backport this patch to all applicable releases/branches of Buildroot. Release notes for v0.11.13 -------------------------- Fixes: - Fixed builds with older libc versions after using `fcntl64()` (backport). - Fixed builds with older `stdatomic.h` versions, where the `ATOMIC_*_LOCK_FREE` macros mistakenly redefined using functions (backport). - Added workaround for `mremap()` defect to avoid assertion failure (backport). - Workaround for `encryptfs` bug(s) in the `copy_file_range` implementation (backport). - Fixed unexpected `MDBX_BUSY` from `mdbx_env_set_option()`, `mdbx_env_set_syncbytes()` and `mdbx_env_set_syncperiod()` (backport). - CMake requirements lowered to version 3.0.2 (backport). - Added admonition of insecure for RISC-V (backport). Minors: - Minor clarification output of `--help` for `mdbx_test` (backport). - Added admonition of insecure for RISC-V (backport). - Stochastic scripts and CMake files synchronized with the `devel` branch. - Use `--dont-check-ram-size` for small-tests make-targets (backport). The complete ChangeLog: https://gitflic.ru/project/erthink/libmdbx/blob?file=ChangeLog.md Signed-off-by:
Леонид Юрьев (Leonid Yuriev) <leo@yuriev.ru> Signed-off-by:
-
Bernd Kuhls authored
Removed patch 0010, a different fix was applied upstream: https://code.videolan.org/videolan/vlc/-/commit/05445b74a38d045cb28f71f96ccbe882445a031e Removed patch 0011 which was backported from upstream. Renumbered patch 0012 -> 0010. Release notes: http://www.videolan.org/vlc/releases/3.0.18.html Fixes CVE-2022-41325: http://www.videolan.org/security/sb-vlc3018.html Signed-off-by:
Bernd Kuhls <bernd.kuhls@t-online.de> [Peter: fix sha1 hash entry] Signed-off-by:
-
Bernd Kuhls authored
For details see https://github.com/xbmc/xbmc/pull/21674 Build-tested using this previously broken defconfig: BR2_x86_64=y BR2_TOOLCHAIN_BUILDROOT_CXX=y BR2_ROOTFS_DEVICE_CREATION_DYNAMIC_EUDEV=y BR2_PACKAGE_KODI=y BR2_PACKAGE_MESA3D=y BR2_PACKAGE_MESA3D_GALLIUM_DRIVER_IRIS=y BR2_PACKAGE_MESA3D_OPENGL_EGL=y BR2_PACKAGE_MESA3D_OPENGL_ES=y BR2_PACKAGE_PYTHON3=y BR2_PACKAGE_PYTHON3_PY_ONLY=y Signed-off-by:
-
Bernd Kuhls authored
Without this additional comment only the comment kodi needs an OpenGL EGL backend with OpenGL or GLES support is displayed which is not enough to guide users. Signed-off-by:
-
- Nov 30, 2022
-
-
Peter Korsgaard authored
An issue was discovered in the auth component in Dovecot 2.2 and 2.3 before 2.3.20. When two passdb configuration entries exist with the same driver and args settings, incorrect username_filter and mechanism settings can be applied to passdb definitions. These incorrectly applied settings can lead to an unintended security configuration and can permit privilege escalation in certain configurations. The documentation does not advise against the use of passdb definitions that have the same driver and args settings. One such configuration would be where an administrator wishes to use the same PAM configuration or passwd file for both normal and master users but use the username_filter setting to restrict which of the users is able to be a master user. https://dovecot.org/pipermail/dovecot-news/2022-July/000477.html Signed-off-by:
-
- Nov 29, 2022
-
-
Giulio Benetti authored
Signed-off-by:
Arnout Vandecappelle <arnout@mind.be>
-
Giulio Benetti authored
Signed-off-by:
-
Giulio Benetti authored
Fixes: http://autobuild.buildroot.net/results/4526cb70ce91bcd5fce60ebb4f704a63f1ecd249/ Signed-off-by:
-
Giulio Benetti authored
Fixes: http://autobuild.buildroot.net/results/8bcb4d0adabc141ff8144f9e22bd549e3cd8858a/ Signed-off-by:
-
- Nov 25, 2022
-
-
Baruch Siach authored
When BR2_SHARED_STATIC_LIBS is enabled we pass both --enable-static and --enable-shared to configure. dash configure.ac only looks for --enable-static to make the build static. But when linking against libedit pkg-config only returns dynamic linking dependencies, so the indirect ncurses dependency in not mentioned. The end result is that libedit can't find ncurses symbols on link. BR2_SHARED_STATIC_LIBS only makes sense for libraries, not executable binaries. Pass --disable-static unless BR2_STATIC_LIBS is enabled for static only build. Fixes: http://autobuild.buildroot.net/results/137d39cc5ec436759a2fde3f26ce5633e0ad6c2e/ http://autobuild.buildroot.net/results/55a38e0e45212bf7403d9ccb626c9422e3affe72/ http://autobuild.buildroot.net/results/8f109f1a04a6a2ff6d8c4c920e499fbaec3f72b9/ Signed-off-by:
Baruch Siach <baruch@tkos.co.il> Signed-off-by:
-
Peter Korsgaard authored
Fixes the following security issues: - CVE-2022-24805 A buffer overflow in the handling of the INDEX of NET-SNMP-VACM-MIB can cause an out-of-bounds memory access. - CVE-2022-24809 A malformed OID in a GET-NEXT to the nsVacmAccessTable can cause a NULL pointer dereference. - CVE-2022-24806 Improper Input Validation when SETing malformed OIDs in master agent and subagent simultaneously - CVE-2022-24807 A malformed OID in a SET request to SNMP-VIEW-BASED-ACM-MIB::vacmAccessTable can cause an out-of-bounds memory access. - CVE-2022-24808 A malformed OID in a SET request to NET-SNMP-AGENT-MIB::nsLogTable can cause a NULL pointer dereference - CVE-2022-24810 A malformed OID in a SET to the nsVacmAccessTable can cause a NULL pointer dereference. Drop openssl linking patches as they are merged upstream / upstream changed to use pkg-config for openssl since: https://github.com/net-snmp/net-snmp/commit/8c3a094fbe9ebe38ed762488082d52c6d4e04ddb Signed-off-by:
-
Thomas Petazzoni authored
The default ext2 filesystem size of 60 MB is now too small to contain the root filesystem of the Nitrogen i.MX8 configurations. The nitrogen8mp_defconfig configuration for examples generates 55 MB of contents in the rootfs, so an image of 60 MB is slightly too small. This commit extends the filesystem size to 120 MB. Fixes: https://gitlab.com/buildroot.org/buildroot/-/jobs/3372859635 (nitrogen8mp) https://gitlab.com/buildroot.org/buildroot/-/jobs/3372859634 (nitrogen8mn) https://gitlab.com/buildroot.org/buildroot/-/jobs/3372859633 (nitrogen8mm) https://gitlab.com/buildroot.org/buildroot/-/jobs/3372859632 (nitrogen8m) Signed-off-by:
-
