- Nov 10, 2021
-
-
Peter Korsgaard authored
Signed-off-by:Peter Korsgaard <peter@korsgaard.com>
-
- Nov 09, 2021
-
-
Peter Korsgaard authored
Fixes the following security issues: - CVE-2021-41103: Insufficiently restricted permissions on plugin directories https://github.com/advisories/GHSA-c2h3-6mxw-7mvq Signed-off-by:
-
Peter Seiderer authored
- add upstream patch ([1]) to fix compile with gpsd-3.23.1 Fixes: - http://autobuild.buildroot.org/results/53b06e72fb2d8b4c8b6ba41baf775ff33654cd18 - http://autobuild.buildroot.net/results/54cae924711e26f04045f8208db0d772292a3933 src/gpsdclient.c: In function 'nmeaInfoFromGpsd': src/gpsdclient.c:374:30: error: 'STATUS_NO_FIX' undeclared (first use in this function); did you mean 'STATUS_PPS_FIX'? 374 | if (gpsdata->fix.status == STATUS_NO_FIX) { | ^~~~~~~~~~~~~ | STATUS_PPS_FIX [1] https://github.com/OLSR/olsrd/commit/665051a845464c0f95edb81432104dac39426f79 Signed-off-by:
Peter Seiderer <ps.report@gmx.net> Signed-off-by:
-
Fabrice Fontaine authored
Don't override LUA_DEPENDENCIES in a conditional Signed-off-by:
Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by:
-
Fabrice Fontaine authored
Don't override KEXEC_DEPENDENCIES in a conditional Signed-off-by:
-
Fabrice Fontaine authored
Don't override IUCODE_TOOL_DEPENDENCIES in a conditional Signed-off-by:
-
Fabrice Fontaine authored
Don't override DVB_APPS_DEPENDENCIES in a conditional Signed-off-by:
-
Fabrice Fontaine authored
Don't override SOCKETCAND_DEPENDENCIES in a conditional Signed-off-by:
-
Fabrice Fontaine authored
cpe:2.3:a:oisf:suricata is a valid CPE identifier for this package: https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Aoisf%3Asuricata Signed-off-by:
-
Bernd Kuhls authored
Fixes CVE-2020-17049: https://www.samba.org/samba/history/samba-4.14.9.html Signed-off-by:
Bernd Kuhls <bernd.kuhls@t-online.de> Signed-off-by:
-
Peter Seiderer authored
- fix getrandom compile for uclibc < v1.0.35, add missing stddef.h include (fixed in uclibc since v1.0.35, see [1]) Fixes: - http://autobuild.buildroot.net/results/6d4a62c703c85dd993ddb2d90ebe1f6cad24e0b0 .../host/x86_64-buildroot-linux-uclibc/sysroot/usr/include/sys/random.h:27:35: error: unknown type name ‘size_t’ 27 | extern int getrandom(void *__buf, size_t count, unsigned int flags) | ^~~~~~ [1] https://cgit.uclibc-ng.org/cgi/cgit/uclibc-ng.git/commit/?id=00972c02c2b6e0a95d5def4a71bdfb188e091782t Signed-off-by:
Thomas Petazzoni <thomas.petazzoni@bootlin.com> (cherry picked from commit 2f759803) Signed-off-by:
-
Romain Naour authored
Without the selinux xgd module enabled by systemd package, refpolicy fail to build due to policy/modules/system/systemd.te [1] policy/modules/system/systemd.te:288:ERROR 'attribute xdg_config_type is not declared' at token ';' on line 508447: Fixes: https://gitlab.com/buildroot.org/buildroot/-/jobs/1710552468 https://gitlab.com/buildroot.org/buildroot/-/jobs/1710552470 [1] https://github.com/SELinuxProject/refpolicy/blob/RELEASE_2_20210908/policy/modules/system/systemd.te#L288 Signed-off-by:
Romain Naour <romain.naour@gmail.com> Cc: Adam Duskett <aduskett@gmail.com> Cc: Antoine Tenart <atenart@kernel.org> Signed-off-by:
Yann E. MORIN <yann.morin.1998@free.fr> (cherry picked from commit d51189ff) Signed-off-by:
-
Romain Naour authored
The test_jffs2 test fail for the same reason as test_ubi test with qemu >= 2.9 due to a qemu 2.8 bug. See commit d8447c38. Divide the erase block size by two. Fixes: https://gitlab.com/buildroot.org/buildroot/-/jobs/1687590514 Signed-off-by:
-
- Nov 08, 2021
-
-
Peter Korsgaard authored
The entry seems to have been renamed slightly. Signed-off-by:
-
Fabrice Fontaine authored
Disable unit tests which are enabled by default if cmocka is found since the addition of the package in commit 1d2bb469 Signed-off-by:
Marcin Niestroj <m.niestroj@grinn-global.com> Signed-off-by:
-
Fabrice Fontaine authored
libcap is an optional dependency which is enabled by default since the addition of the package in commit 1d2bb469 Signed-off-by:
-
Fabrice Fontaine authored
Don't override RSH_REDONE_DEPENDENCIES in a conditional Signed-off-by:
-
Fabrice Fontaine authored
Don't override ESPEAK_DEPENDENCIES in a conditional Signed-off-by:
-
Fabrice Fontaine authored
Don't override APCUPSD_DEPENDENCIES in a conditional Signed-off-by:
Alexander Dahl <post@lespocky.de> Signed-off-by:
-
Fabrice Fontaine authored
- Fix build with kernel >= 5.4 thanks to https://git.asterisk.org/gitweb/?p=dahdi/linux.git;a=commit;h=45ac6a30f922f4eef54c0120c2a537794b20cf5c - Fix build with kernel >= 5.6 thanks to https://git.asterisk.org/gitweb/?p=dahdi/linux.git;a=commit;h=34b9c77c9ab2794d4e912461e4c1080c4b1f6184 - Fix typo in dahdi-linux.mk - Remove deprecated note about kernel >= 4.0 in Config.in - Add patch to fix build failure with 32-bits kernels raised since https://git.asterisk.org/gitweb/?p=dahdi/linux.git;a=commit;h=ffcd08205c71dcb0e060836359418bef20f07ffa - Update indentation in hash file (two spaces) Fixes: - https://bugs.buildroot.org/show_bug.cgi?id=14311 Signed-off-by:
-
Fabrice Fontaine authored
Fix hotplug build which fails since the addition of the package in commit d959966b Signed-off-by:
-
Fabrice Fontaine authored
dahdi-linux needs a linux with CRC CCITT since the addition of the package in commit d959966b as stated in the README: - CONFIG_CRC_CCITT must be enabled ('y' or 'm'). On 2.6 kernels this can be selected These can be selected from the "Library Routines" submenu during kernel configuration via "make menuconfig". Signed-off-by:
-
Fabrice Fontaine authored
Fix typo added with commit d959966b Signed-off-by:
-
Fabrice Fontaine authored
Fix CVE-2021-40114: Multiple Cisco products are affected by a vulnerability in the way the Snort detection engine processes ICMP traffic that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper memory resource management while the Snort detection engine is processing ICMP packets. An attacker could exploit this vulnerability by sending a series of ICMP packets through an affected device. A successful exploit could allow the attacker to exhaust resources on the affected device, causing the device to reload. https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-dos-s2R7W9UU https://www.snort.org/downloads/snort/changelog_2.9.18.1.txt Signed-off-by:
-
Adam Duskett authored
OpenJDK 17 is a new LTS release, which leaves the Buildroot Config option of "LTS" and "LATEST" as a misnomer because both 11 and 17 are LTS releases. There are two options in this case: 1) Remove "LATEST" and update OpenJDK 11 to 17, and only support 17. 2) Change "LTS" to "11" and "LATEST" to "17" and only support the latest 2 LTS OpenJDK releases. After some discussion with Thomas Petazzoni and Peter Korsgaard, and testing, option 2 is the best course of action for a few reasons: - OpenJDK 11 and 17 have very long support cycles: - OpenJDK 11 has two years of Active and five years of security support left. - OpenJDK 17 has five years of Active and ten years of security support left. - Both OpenJDK versions build with the same parameters. - The maintenance cost of both versions is meager. - Both versions pass tests.package.test_openjdk without issue. Changes: - Change BR2_OPENJDK_VERSION_LATEST -> BR2_OPENJDK_VERSION_17 - Change BR2_OPENJDK_VERSION_LTS -> BR2_OPENJDK_VERSION_11 Signed-off-by:
Adam Duskett <aduskett@gmail.com> [Peter: add Config.in.legacy, use BR2_PACKAGE_OPENJDK_ prefix] Signed-off-by:
-
Peter Korsgaard authored
go1.16.10 (released 2021-11-04) includes security fixes to the archive/zip and debug/macho packages, as well as bug fixes to the compiler, linker, runtime, the misc/wasm directory, and to the net/http package. https://golang.org/doc/devel/release#go1.16.minor Signed-off-by:
-
Fabrice Fontaine authored
Fix the following build failure with uclibc raised since bump to version 8.2.3565 in commit 5650439b and https://github.com/vim/vim/commit/0a7984af5601323fae7b3398f05a48087db7b767: In file included from vim.h:27, from fileio.c:14: fileio.c: In function 'time_differs': auto/config.h:149:22: error: 'stat_T' {aka 'struct stat'} has no member named 'st_mtim'; did you mean 'st_mtime'? 149 | #define ST_MTIM_NSEC st_mtim.tv_nsec | ^~~~~~~ Fixes: - http://autobuild.buildroot.org/results/2132f9aa1b0bc618c91f7bf44fbd1b71b9d6ba05 Signed-off-by:
-
Thomas Petazzoni authored
His e-mail is no longer responding: ** Address not found ** Your message wasn't delivered to mirza.krak@northern.tech because the address couldn't be found, or is unable to receive mail. Learn more here: https://support.google.com/mail/?p=NoSuchUser The response from the remote server was: 550 5.1.1 The email account that you tried to reach does not exist. Please try double-checking the recipient's email address for typos or unnecessary spaces. Learn more at https://support.google.com/mail/?p=NoSuchUser bi21si292758edb.0 - gsmtp Signed-off-by:
-
Fabrice Fontaine authored
Fix CVE-2021-32815, CVE-2021-34334, CVE-2021-34335, CVE-2021-37615, CVE-2021-37616, CVE-2021-37618, CVE-2021-37619, CVE-2021-37620, CVE-2021-37621, CVE-2021-37622 and CVE-2021-37623 https://github.com/Exiv2/exiv2/releases/tag/v0.27.5 Signed-off-by:
-
- Nov 04, 2021
-
-
Peter Korsgaard authored
Signed-off-by:
-
- Nov 03, 2021
-
-
Giulio Benetti authored
Add Giulio Benetti to all Olimex Allwinner boards' defconfigs since I've recently updated and tested them all and I'd like to receive possible build failure from gitlab CI/CD. Signed-off-by:
Giulio Benetti <giulio.benetti@benettiengineering.com> Signed-off-by:
-
Joachim Wiberg authored
Since I'm the upstream maintainer, it'd be nice to get Cc:ed on any issues with the package. Signed-off-by:
Joachim Wiberg <troglobit@gmail.com> Signed-off-by:
-
Thomas Petazzoni authored
In commit 40bb37bd ("utils/getdeveloperlib.py: use relative paths for files"), the Developer class was changed to use relative paths, including for its .hasfile() method. However the check_developers() function of getdeveloperlib.py was not updated accordingly, and continued to pass absolute paths. This caused "get-developers -c" to return the entire list of files in Buildroot as being unmaintained, as none of them were matching the file listed in the DEVELOPERS file. Signed-off-by:
-
Thomas Petazzoni authored
In Python 3.x, check_output() returns a "bytes" array, and not a string. Its result needs to be decoded to be turned into a string. Without this fix, "get-developers -c" bails out with: Traceback (most recent call last): File "/home/thomas/projets/buildroot/./utils/get-developers", line 105, in <module> __main__() File "/home/thomas/projets/buildroot/./utils/get-developers", line 53, in __main__ files = getdeveloperlib.check_developers(devs) File "/home/thomas/projets/buildroot/utils/getdeveloperlib.py", line 280, in check_developers files = subprocess.check_output(cmd).strip().split("\n") TypeError: a bytes-like object is required, not 'str' Signed-off-by: -
Peter Korsgaard authored
Fixes the following security issues: - JDK-8163326, CVE-2021-35550: Update the default enabled cipher suites preference - JDK-8254967, CVE-2021-35565: com.sun.net.HttpsServer spins on TLS session close - JDK-8263314: Enhance XML Dsig modes - JDK-8265167, CVE-2021-35556: Richer Text Editors - JDK-8265574: Improve handling of sheets - JDK-8265580, CVE-2021-35559: Enhanced style for RTF kit - JDK-8265776: Improve Stream handling for SSL - JDK-8266097, CVE-2021-35561: Better hashing support - JDK-8266103: Better specified spec values - JDK-8266109: More Resilient Classloading - JDK-8266115: More Manifest Jar Loading - JDK-8266137, CVE-2021-35564: Improve Keystore integrity - JDK-8266689, CVE-2021-35567: More Constrained Delegation - JDK-8267086: ArrayIndexOutOfBoundsException in java.security.KeyFactory.generatePublic - JDK-8267712: Better LDAP reference processing - JDK-8267729, CVE-2021-35578: Improve TLS client handshaking - JDK-8267735, CVE-2021-35586: Better BMP support - JDK-8268193: Improve requests of certificates - JDK-8268199: Correct certificate requests - JDK-8268205: Enhance DTLS client handshake - JDK-8268506: More Manifest Digests - JDK-8269618, CVE-2021-35603: Better session identification - JDK-8269624: Enhance method selection support - JDK-8270398: Enhance canonicalization - JDK-8270404: Better canonicalization For more details, see the announcement: https://mail.openjdk.java.net/pipermail/jdk-updates-dev/2021-October/009368.html Signed-off-by:
-
Peter Korsgaard authored
Fixes the following security issues: - CVE-2021-25219: Lame cache can be abused to severely degrade resolver performance For details, see the advisory: https://kb.isc.org/docs/cve-2021-25219 Signed-off-by:
-
Peter Korsgaard authored
For details, see the announcement: https://lists.zx2c4.com/pipermail/wireguard/2021-June/006781.html Signed-off-by:
-
Peter Korsgaard authored
Includes various compat fixes and lowers memory requirements. For details, see the announcement: https://lists.zx2c4.com/pipermail/wireguard/2021-February/006404.html Signed-off-by:
-
Peter Korsgaard authored
Fixes https://gitlab.com/buildroot.org/buildroot/-/jobs/1723730198 To correct a build breakage after the move to a gcc 10.x based host compiler, as the updated kernel contains a fix for: HOSTLD scripts/dtc/dtc /usr/bin/ld: scripts/dtc/dtc-parser.tab.o:(.bss+0x10): multiple definition of `yylloc'; scripts/dtc/dtc-lexer.lex.o:(.bss+0x0): first defined here https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=88f7a6aa7fb9aa5076b65489146045dac865f1d3 Signed-off-by:
-
Peter Korsgaard authored
Fixes https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=88f7a6aa7fb9aa5076b65489146045dac865f1d3 To correct a build breakage after the move to a gcc 10.x based host compiler, as the updated kernel contains a fix for: HOSTLD scripts/dtc/dtc /usr/bin/ld: scripts/dtc/dtc-parser.tab.o:(.bss+0x10): multiple definition of `yylloc'; scripts/dtc/dtc-lexer.lex.o:(.bss+0x0): first defined here https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=88f7a6aa7fb9aa5076b65489146045dac865f1d3 Signed-off-by:
-
