Fixes the following security issue:
- CVE-2019-11324: The urllib3 library before 1.24.2 for Python mishandles
certain cases where the desired set of CA certificates is different from
the OS store of CA certificates, which results in SSL connections
succeeding in situations where a verification failure is the correct
outcome. This is related to use of the ssl_context, ca_certs, or
ca_certs_dir argument.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 5bc45c5e77505cc07902e6fbd99a15c9d352ded7)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Following ffbe46a5295ce4e0442728f2ad3e19afa7eaa8ed ("linux: simplify
LINUX_BUILD_CMDS"), the Linux kernel build for
qemu_ppc_virtex_ml507_defconfig builds an image format that needs
mkimage.
Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/199339544
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 7cbf9c63e5abb498ab1863422cb3abc4c7ec7bc4)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Following ffbe46a5295ce4e0442728f2ad3e19afa7eaa8ed ("linux: simplify
LINUX_BUILD_CMDS"), the Linux kernel build for
qemu_ppc_mpc8544ds_defconfig builds an image format that needs
mkimage.
Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/199339543
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit b78c8a3b17321df53717fe88560c7b2c6c9cbb35)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Following ffbe46a5295ce4e0442728f2ad3e19afa7eaa8ed ("linux: simplify
LINUX_BUILD_CMDS"), the Linux kernel build for
qemu_nios2_10m50_defconfig builds an image format that needs mkimage.
Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/199339537
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit e7c2e5f0ecd594e7f974baf38ae3a15f7a25d99b)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Following ffbe46a5295ce4e0442728f2ad3e19afa7eaa8ed ("linux: simplify
LINUX_BUILD_CMDS"), the Linux kernel build for beaglebone_defconfig
builds more things, including some .itb files, which require mkimage
with FIT support.
Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/199339433
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 80029da692300c5b62dd86114ff20122e89342e5)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security issue:
- CVE-2019-11068: libxslt through 1.1.33 allows bypass of a protection
mechanism because callers of xsltCheckRead and xsltCheckWrite permit
access even upon receiving a -1 error code. xsltCheckRead can return -1
for a crafted URL that is not actually invalid and is subsequently loaded.
Upstream bugtracker issue not yet public:
https://gitlab.gnome.org/GNOME/libxslt/issues/12
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 73edd3c21c8cd8610ade16f449e7af8fd60b8aa9)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 707529b7f7d7a80018cae5fec795dd36cc06fa8f)
[Peter: drop 5.0.x bump]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This patch bumps the Linux CIP version to v4.4.176-cip31.
Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 97f824bec5a15f5d1c55a19c5621da5a18f273e5)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Contains a number of bugfixes since 5.28.1. For details, see:
https://perldoc.pl/perl5282delta
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 3c68d2ddf923b8ad61c0a6fa147eaa8f76bdf7c1)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
When configuring qt5base, qmake is built, but it's not built in parallel
mode. This is due to MAKEFLAGS having 2 dashes on its tail, so this:
MAKEFLAGS="$(MAKEFLAGS) -j$(PARALLEL_JOBS)"
expands in this(i.e. 5 njobs):
MAKEFLAGS="--no-print-directory -- -j5"
and -j5 gets ignored due to "--" preceeding -j5.
Double dashes are part of $(MAKEFLAGS) only when evaluated by shell.
Swap $(MAKEFLAGS) and -j$(PARALLEL_JOBS) to avoid having "--" before
-j$(PARALLEL_JOBS), this way -j$(PARALLEL_JOBS) won't be ignored by
./configure.
Signed-off-by: Giulio Benetti <giulio.benetti@micronovasrl.com>
Tested-by: Michael Trimarchi <michael@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit a1c175cc9ecc411305dc6f0979f0dd262f2c8d5c)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
neon checks for bind_textdomain_codeset
Helps neon to find lintl so it will correctly add -lintl to neon-config
en neon.pc. This will fix build of packages using neon such as nu
Fixes:
- http://autobuild.buildroot.org/results/f7e6afce4b3335573f3cc62d282368b288e9a65a
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 9b667fd14475c4e2023d93fc0b033a13f9632319)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Help lynx finding openssl dependencies by giving it a path in --with-ssl
and using pkg-config to directly pass the correct libraries in LIBS.
This will disable the call to pkg-config and CF_ADD_LIBS which has the
sad behavior of removing duplicates ...
As a result, build fails because, the following correct dependencies:
configure:14170: testing adding -L/accts/mlweber1/rclinux/rc-buildroot-test/scripts/instance-0/output/host/bin/../sparc-buildroot-linux-uclibc/sysroot/usr/lib -lssl -L/accts/mlweber1/rclinux/rc-buildroot-test/scripts/instance-0/output/host/bin/../sparc-buildroot-linux-uclibc/sysroot/usr/lib -lz -pthread -latomic -lcrypto -lz -pthread -latomic to LIBS ...
is replaced by:
-L/accts/mlweber1/rclinux/rc-buildroot-test/scripts/instance-0/output/host/bin/../sparc-buildroot-linux-uclibc/sysroot/usr/lib -lssl -lz -pthread -latomic -lcrypto
As a result, static linking fails on crypto because the second -latomic
has been removed ...
Fixes:
- http://autobuild.buildroot.org/results/2c28426253014d93e86e3ba6ed578e84317a9f19
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit fbe58db378dfc1b24fe3d50ca515bb7ae4493ee5)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The default of 60 MB is no longer sufficient to contain all the tools
enabled in this "development" defconfig, so let's increase the ext4
image size to 120 MB.
Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/199339421
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit d9273b22e9c822d6302038a09b4b6767d51ab6ae)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The default of 60 MB is no longer sufficient to contain all the tools
enabled in this "development" defconfig, so let's increase the ext4
image size to 120 MB.
Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/199339417
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit df9f18907203d2910eb8acdc262fcb583446a8ad)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The default of 60 MB is no longer sufficient to contain all the tools
enabled in this "development" defconfig, so let's increase the ext4
image size to 120 MB.
Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/199339426
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 18a4d559061ab3d00f7e39c963d86ee5ff794d4c)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The default rootfs image size is too small, causing the following
build failure:
Copying files into the device: __populate_fs: Could not allocate block in ext2 filesystem while writing file "udevd"
mkfs.ext4: Could not allocate block in ext2 filesystem while populating file system
*** Maybe you need to increase the filesystem size (BR2_TARGET_ROOTFS_EXT2_SIZE)
So we increase it to 120 MB.
Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/199339415
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit ce751fad37b78bb658ea6532bee3b49ea523aa73)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The yaffs2utils Makefile uses plain "cp", which fails when
$(HOST_DIR)/bin doesn't exist. Fix that by creationg $(HOST_DIR)/bin
beforehand.
Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/199339624
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 01a0bd3f739ce1284a89641b7f41705c57b5bd04)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Default value of CONFIG_SYS_BOOTM_LEN in u-boot causes board reset for
large uImage files, so add u-boot patch to increase the maximum kernel
image size.
Signed-off-by: Shyam Saini <shyam.saini@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit b0bae3bcc85c0c6e63b9487a777d29f2187c5e6b)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
LICENSE has been added in version 0.0.1.32 with
74671aa279
So add it to LINKNX_LICENSE_FILES as well as its hash
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 8481ba9c190aa3d508ed0a71dc0be42a91279b7a)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
BR2_PACKAGE_GST_PLUGINS_UGL1_PLUGIN_XINGMUX needs to be
BR2_PACKAGE_GST1_PLUGINS_UGLY_PLUGIN_XINGMUX
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit d2ada4d7045ba8b23824e10c59bb662c1cfd901c)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
MKINSTALLDIRS is not automatically called by autotools when
autoreconfigured.
This leads to the following error during install:
`/bin/sh @MKINSTALLDIRS@ /home/dawncrow/buildroot-test/scripts/instance-0/output/target/usr/share
/bin/sh: 0: Can't open @MKINSTALLDIRS@`
because @MKINSTALLDIRS@ doesn't get substituted during autoreconf.
This particular command only gets invoked when NLS is enabled.
Add patch that explicitly calls AM_MKINSTALLDIRS macro to substitute
every @MKINSTALLDIRS@ occurence in *.in Makefile.
Patch is not sent upstream since upstream is dead.
Fixes:
http://autobuild.buildroot.net/results/744/7447c03426556f787f20f7ab2d36f0cacc4af1bd/
Signed-off-by: Giulio Benetti <giulio.benetti@micronovasrl.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
(cherry picked from commit 00b733a39b0fe3902c96f6734c4f82c310cffc26)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The commit 197b5f9d1c23 ("package/binutils: fix loops relaxation in
xtensa gas") changed the way loop opcodes are relaxed resulting in build
failures in hand-made assembly code that has loops in sections without
.literal_position pseudo op or equivalent construct. This e.g. breaks
xtensa linux kernel build.
Fix that by adding literal position to the beginning of every section.
Fixes: 197b5f9d1c23 ("package/binutils: fix loops relaxation in xtensa
gas")
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit de1d1577d727d41bf26eca46e6f4c659062aa105)
[Peter: drop 2.32 patch]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security issues:
- CVE-2019-8320: Delete directory using symlink when decompressing tar
- CVE-2019-8321: Escape sequence injection vulnerability in verbose
- CVE-2019-8322: Escape sequence injection vulnerability in gem owner
- CVE-2019-8323: Escape sequence injection vulnerability in API response handling
- CVE-2019-8324: Installing a malicious gem may lead to arbitrary code execution
- CVE-2019-8325: Escape sequence injection vulnerability in errors
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 900982313786d3537417f18251732ab7dca95553)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes a number of issues discovered post-2.1.2. For details, see:
https://github.com/tpm2-software/tpm2-tss/releases/tag/2.1.3
Drop 002-configure.ac-switch-default-ESAPI-crypto-backend-to-.patch as this
issue is now fixed upstream.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 097ce6b3a83ac4c4e89d61ef439caee1a1368f32)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This moves the BR2_PACKAGE_LINUX_FIRMWARE_TI_CC2560 option to the
Bluetooth section of the config file. This chip is Bluetooth-only, so
it belongs there instead of with the Wi-Fi/Bluetooth combo chips.
Signed-off-by: David Lechner <david@lechnology.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 0edbbe548f56367ead0feb354c27c0a0d42778e0)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Since commit f93596d8ba82354efb545fe91449627e6c896ce1, systemd is
enabled on arc however systemd-bootchart is not available on this
architecture so add a BR2_PACKAGE_SYSTEMD_BOOTCHART_ARCH_SUPPORTS from
the information retrieved in src/architecture.h
Fixes:
- http://autobuild.buildroot.org/results/84fb51212abf99faa2b7a46b8c44c42a3ca1201c
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
(cherry picked from commit 9c3089c8a7fdd0e39a990ba6bb8de48e06682863)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix a bug where cJSON_Minify could overflow it's buffer, both reading
and writing: https://github.com/DaveGamble/cJSON/issues/338.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit a45a3997d8ee0aa592c6a64ce300ee727ad7dc54)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes a number of post-1.3 fixes. For details, see the announcement:
http://lists.xiph.org/pipermail/opus/2019-April/004318.html
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit b594e6a1b7af7a5e46d599579523953a3af75726)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Default value of CONFIG_SYS_BOOTM_LEN in u-boot causes board reset for
large uImage files, so add u-boot patch to increase the maximum kernel
image size.
Signed-off-by: Shyam Saini <shyam.saini@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 7dfcd850b9021d4a6e7d3c220680131de222a615)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
- Update hash of COPYING (update in year:
bb693862a3)
- Include a Security bugfix released in version 5.48: Fixed requesting
client certificate when specified as a global option.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 9f69da705de8661d5d45cf4ad89cfa01538d3e01)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
