- Oct 07, 2018
-
-
Peter Korsgaard authored
Signed-off-by:Peter Korsgaard <peter@korsgaard.com>
-
- Oct 05, 2018
-
-
Trent Piepho authored
This package only needs ncurses when readline support is enabled, as it's the autoconf macro file for readline (used by autoconf to create the gnupg configure script) that checks for and pulls in ncurses. Since readline already depends on ncurses, gnupg need only depend on readline (when enabled). The host package always forces readline support off, so the host-ncurses dependency can be removed entirely. Signed-off-by:
Trent Piepho <tpiepho@impinj.com> Signed-off-by:
Thomas Petazzoni <thomas.petazzoni@bootlin.com> (cherry picked from commit 51e17496) Signed-off-by:
-
Fabrice Fontaine authored
comm.h is needed to build list_display.o and list_generic.o otherwise parallel builds will sometimes fail Fixes: - http://autobuild.buildroot.org/results/43105f14857dbe72d8878fc7b3db67f7bdca93cc - http://autobuild.buildroot.org/results/47f4ecbec1355285633df287fc9c4e7cccde9378 Signed-off-by:
Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by:
-
Bernd Kuhls authored
Fixes CVE-2018-15378, CVE-2018-14680, CVE-2018-14681 & CVE-2018-14682: http://lists.clamav.net/pipermail/clamav-announce/2018/000033.html Signed-off-by:
Bernd Kuhls <bernd.kuhls@t-online.de> Signed-off-by:
-
Peter Korsgaard authored
Fixes a race condition in QuerySet.update_or_create() that could result in data loss: https://code.djangoproject.com/ticket/29499 Signed-off-by:
-
Peter Korsgaard authored
Fixes: http://autobuild.buildroot.net/results/4b0/4b02713ed5c10b58f390f96ea25f2a45c9a47af4/ http://autobuild.buildroot.net/results/ac6/ac668f867b9de7a2c61d263a894480afc181dd9b/ http://autobuild.buildroot.net/results/f02/f0248b3bf4a73210f210f422c8df067a6ea28aa1/ The configure script uses AC_PATH_X, which searches the host for the X11 libraries/headers, causing build failures. https://www.gnu.org/software/autoconf/manual/autoconf-2.65/html_node/System-Services.html Fix it by using --x-includes / --x-libraries like we do elsewhere. Signed-off-by:
-
Fabrice Fontaine authored
It seems package has a parallel build issue on ARM cortex A8 or A9 since at least version 2.5: [ 94%] Linking CXX shared library libx265.so ipfilter8.S.o: file not recognized: File truncated collect2: error: ld returned 1 exit status CMakeFiles/x265-shared.dir/build.make:221: recipe for target 'libx265.so.160' failed Fixes: - http://autobuild.buildroot.org/results/f6ea88324a8f9ac8ee780ddd71ec61f922e20210 - http://autobuild.buildroot.org/results/3bd91a5694936650ce936a408ddd50338f65f8b0 Signed-off-by:
-
Peter Korsgaard authored
Drop 0003-memfd-fix-configure-test.patch applied upstream. The 4.10.2 version brings a large number of fixes: https://xenproject.org/downloads/xen-archives/xen-project-410-series/xen-4102.html Including a number of security fixes: XSA-260: x86: mishandling of debug exceptions (CVE-2018-8897) XSA-261: x86 vHPET interrupt injection errors (CVE-2018-10982) XSA-262: qemu may drive Xen into unbounded loop (CVE-2018-10981) XSA-263: Speculative Store Bypass (CVE-2018-3639) XSA-264: preemption checks bypassed in x86 PV MM handling (CVE-2018-12891) XSA-265: x86: #DB exception safety check can be triggered by a guest (CVE-2018-12893) XSA-266: libxl fails to honour readonly flag on HVM emulated SCSI disks (CVE-2018-12892) XSA-267: Speculative register leakage from lazy FPU context switching (CVE-2018-3665) XSA-268: Use of v2 grant tables may cause crash on ARM (CVE-2018-15469) XSA-269: x86: Incorrect MSR_DEBUGCTL handling lets guests enable BTS (CVE-2018-15468) XSA-272: oxenstored does not apply quota-maxentity (CVE-2018-15470) XSA-273: L1 Terminal Fault speculative side channel (CVE-2018-3620, CVE-2018-3646) Signed-off-by:
-
Peter Korsgaard authored
The fix for CVE-2018-16151 / 16152 contained an exploitable bug. For details, see: https://www.strongswan.org/blog/2018/10/01/strongswan-vulnerability-(cve-2018-17540).html Signed-off-by:
-
Peter Korsgaard authored
Fixes the following security issues: CVE-2018-16151: The OID parser in the ASN.1 code in gmp allows any number of random bytes after a valid OID. CVE-2018-16152: The algorithmIdentifier parser in the ASN.1 code in gmp doesn't enforce a NULL value for the optional parameter which is not used with any PKCS#1 algorithm. For more details, see the advisory: https://www.strongswan.org/blog/2018/09/24/strongswan-vulnerability-(cve-2018-16151,-cve-2018-16152).html Signed-off-by:
-
Paresh Chaudhary authored
Signed-off-by:
Paresh Chaudhary <paresh.chaudhary@rockwellcollins.com> Signed-off-by:
Matt Weber <matthew.weber@rockwellcollins.com> Signed-off-by:
-
Bernd Kuhls authored
Fixes: CVE-2018-11763: mod_http2, DoS via continuous SETTINGS frames https://lists.apache.org/thread.html/d435b0267a76501b9e06c552b20c887171064cde38e46d678da4d3dd@%3Cannounce.httpd.apache.org%3E Release notes: https://lists.apache.org/thread.html/5d604774652fc073b1b161584d0d1efbdba7898c40ae2e2334725e5f@%3Cannounce.httpd.apache.org%3E Signed-off-by:
-
Gilles Talis authored
Signed-off-by:
Gilles Talis <gilles.talis@gmail.com> Signed-off-by:
-
Gilles Talis authored
Signed-off-by:
-
Peter Korsgaard authored
>From the release notes (http://ftp.isc.org/isc/bind9/9.11.4-P2/RELEASE-NOTES-bind-9.11.4-P2.txt ): * There was a long-existing flaw in the documentation for ms-self, krb5-self, ms-subdomain, and krb5-subdomain rules in update-policy statements. Though the policies worked as intended, operators who configured their servers according to the misleading documentation may have thought zone updates were more restricted than they were; users of these rule types are advised to review the documentation and correct their configurations if necessary. New rule types matching the previously documented behavior will be introduced in a future maintenance release. [GL !708] * named could crash during recursive processing of DNAME records when deny-answer-aliases was in use. This flaw is disclosed in CVE-2018-5740. [GL #387] Signed-off-by:
-
Bernd Kuhls authored
Ghostscript 9.24 changed the internal lcms2 version: https://www.ghostscript.com/doc/9.24/News.htm With this change the directory name was also changed which broke our code to force the usage of the buildroot lcms2 package. Fixes http://autobuild.buildroot.net/results/d04/d04ad017bf06a442a7397f935959994ba72824e1/ Signed-off-by:
-
Peter Korsgaard authored
Fixes the following security issues: - CVE-2018-16543: In Artifex Ghostscript before 9.24, gssetresolution and gsgetresolution allow attackers to have an unspecified impact - CVE-2018-17183: Artifex Ghostscript before 9.25 allowed a user-writable error exception table, which could be used by remote attackers able to supply crafted PostScript to potentially overwrite or replace error handlers to inject code. Signed-off-by:
-
Fabrice Fontaine authored
Delete lcsm2art directory to use the buildroot lcms2 library Fixes: - http://autobuild.buildroot.net/results/cda9c22bf29278cc24ab852094df19b773d0f151 Signed-off-by:
-
Fabrice Fontaine authored
- Remove sha256 (not provided anymore) and keep only sha512 - Update patch - Add hash for license file Signed-off-by:
-
Fabrice Fontaine authored
Don't display comment if BR2_USE_MMU is true Moreover, move BR2_USE_MMU dependency at the top of dependency list Signed-off-by:
Kurt Van Dijck <dev.kurt@vandijck-laurijssen.be> Signed-off-by:
-
Peter Korsgaard authored
Signed-off-by:
-
Fabio Estevam authored
[Peter: drop 4.18.x change] Signed-off-by:
Fabio Estevam <festevam@gmail.com> Signed-off-by:
-
Adrian Perez de Castro authored
The woff2 dependency is used to support Web fonts in WOFF2 format. This is a Web-facing feature that Web sites expect WebKit to support, and it is recommended to be unconditionally enabled. While it is possible to disable the feature at build time, upstream only recommends doing so if the target system cannot provide a woff2 package. Signed-off-by:
Adrian Perez de Castro <aperez@igalia.com> Signed-off-by:
-
Adrian Perez de Castro authored
Release notes: https://webkitgtk.org/2018/09/03/webkitgtk2.22.0-released.html https://webkitgtk.org/2018/09/20/webkitgtk2.22.1-released.html https://webkitgtk.org/2018/09/21/webkitgtk2.22.2-released.html No corresponding security advisories for 2.22.x have been published. Nevertheless, due to skipping over versions in the 2.20.x series, the following 2.20.x advisories apply: https://webkitgtk.org/security/WSA-2018-0003.html https://webkitgtk.org/security/WSA-2018-0004.html https://webkitgtk.org/security/WSA-2018-0005.html https://webkitgtk.org/security/WSA-2018-0006.html This also bumps the required GCC version, due to the WebKit code now using more modern C++ features which were introduced in version 6.x of the compiler. The dependency is propagated to the midori package as well. Last but not least, BR2_PACKAGE_WEBP_DEMUX and BR2_PACKAGE_GST1_PLUGINS_BAD_PLUGIN_MPEGTSDEMUX are selected as they are unconditionally needed by the newer WebKitGTK+ releases when multimedia support is enabled. An upstream patch for 32-bit ARM which did not make it to be included in this new version is included as well, and can be removed once it gets picked in a new release. Signed-off-by: -
Fabrice Fontaine authored
Same issue on woff2 than in some other packages such as lcdapi: see https://gcc.gnu.org/bugzilla/show_bug.cgi?id=79509 Fixes: - http://autobuild.buildroot.net/results/6c97a08e6ca2e914d54fbb525b3f0bb90023ef07 Signed-off-by:
-
Adrian Perez de Castro authored
Include a patch to make CMake correctly find the Brotli libraries when they have been built as static libraries. Fixes: - http://autobuild.buildroot.net/results/f1c4b5aeb12af7b7a3e8ae01c219004ecd9befd6/ - http://autobuild.buildroot.net/results/74d20ff38766466623cc4a9eb18afcda831bc20b/ Signed-off-by:
-
Adrian Perez de Castro authored
Add the woff2 package to Builroot. This is needed by webkitgtk from version 2.20.0 onwards. WebKitGTK+ used to bundle a copy of the library, but it stopped doing so now that the upstream is has been making releases. [Peter: fix license hash] Signed-off-by:
-
Adrian Perez de Castro authored
Include a patch to make CMake honor the BUILD_SHARED_LIBS which Buildroot sets to choose the kind of libraries to build. Fixes: - http://autobuild.buildroot.net/results/f1c4b5aeb12af7b7a3e8ae01c219004ecd9befd6/ - http://autobuild.buildroot.net/results/74d20ff38766466623cc4a9eb18afcda831bc20b/ Signed-off-by:
-
Adrian Perez de Castro authored
This adds a local patch, also submitted upstream, which modifies CMakeLists.txt to avoid the check for the unneeded C++ compiler. Fixes: - http://autobuild.buildroot.net/results/68e05c634e62ba4b6f6eb8dc95eeb16faa58fd60 Signed-off-by:
-
Adrian Perez de Castro authored
Add the brotli package to Buildroot. This is needed by woff2, which in turn is needed by webkitgtk from version 2.20.0 onwards. WebKitGTK+ used to bundle a copy of the library, but it stopped doing so now that the upstream has started making releases. [Peter: fix license hash] Signed-off-by:
-
Fabrice Fontaine authored
- Use SPDX short identifier (Imlib2) instead of full name - Add COPYING-PLAIN to license files - Add hash for license files Signed-off-by:
Petr Vorel <petr.vorel@gmail.com> Signed-off-by:
-
Marcel Patzlaff authored
The old URL was not working for quite some time. Signed-off-by:
Marcel Patzlaff <m.patzlaff@pilz.de> Signed-off-by:
-
Fabrice Fontaine authored
mrouted part of igmpproxy is licensed under BSD-3-Clause so add this in IGMPPROXY_LICENSE and add hash for license files Signed-off-by:
-
Fabrice Fontaine authored
As specified in COPYING, examples are licensed under GPL-3.0+ and .x files are licensed under BSD-2-Clause. So update LIBNFS_LICENSE, add COPYING, LICENCE-BSD.txt and LICENCE-GPL-3.txt to LIBNFS_LICENSE_FILES and add hash for all license files Signed-off-by:
-
Ferdinand van Aartsen authored
Currently libxslt configure finds native /usr/bin/xml2-config. Signed-off-by:
Ferdinand van Aartsen <ferdinand@ombud.nl> Signed-off-by:
-
Fabrice Fontaine authored
cppcms contains embedded third party software so add THIRD_PARTY_SOFTWARE.TXT to CPPCMS_LICENSE_FILES as well as the additional licenses to CPPCMS_LICENSE. Also add hash for COPYING.TXT and THIRD_PARTY_SOFTWARE.TXT Signed-off-by:
-
Matt Weber authored
Signed-off-by:
-
Matt Weber authored
Allows scripting of URL checking to be simplier Signed-off-by:
-
Matt Weber authored
The "For more information, see" is a bit useless, and not having the URL alone on its own line prevents scripted URL checking. Signed-off-by:
-
Matt Weber authored
Signed-off-by:
-
