Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merge 2024.02.6 #56

Merged
merged 115 commits into from
Sep 12, 2024
Merged

Merge 2024.02.6 #56

merged 115 commits into from
Sep 12, 2024

Conversation

sairon
Copy link
Member

@sairon sairon commented Sep 12, 2024

Package updates related to HAOS config:

  • cryptsetup
  • libcurl
  • procps-ng
  • dropbear
  • gnutls
  • libxml2
  • libxslt2

d59d09a is needed to fix props-ng build.

bkuhls and others added 30 commits August 18, 2024 22:52
Drop patch which is included in this release.

Changelog: https://matt.ucc.asn.au/dropbear/CHANGES

Signed-off-by: Bernd Kuhls <[email protected]>
Signed-off-by: Thomas Petazzoni <[email protected]>
(cherry picked from commit 516d57d)
Signed-off-by: Peter Korsgaard <[email protected]>
Signed-off-by: Francois Perrad <[email protected]>
Signed-off-by: Thomas Petazzoni <[email protected]>
(cherry picked from commit 2fbffc6)
Signed-off-by: Peter Korsgaard <[email protected]>
`b4` is a commandline tool to make patch-based development easier[1]. It
is primarily used for Linux kernel development, but can be configured to
support any project that has a public-inbox endpoint. Buildroot has a
public-inbox mirror at "https://lore.kernel.org/buildroot/".

We configure some basic settings that tell `b4` where to send patches
and how to use get-developers.

[1] https://b4.docs.kernel.org/en/latest/

Signed-off-by: Brandon Maier <[email protected]>
Signed-off-by: Arnout Vandecappelle <[email protected]>
(cherry picked from commit 322213e)
Signed-off-by: Peter Korsgaard <[email protected]>
According to https://spdx.org/licenses/, the correct license code for
the "Clarified Artistic License" is ClArtistic.

The only other package in Buildroot containing code under this license
is google-breakpad, and it is already using the ClArtistic SPDX code.

Signed-off-by: Thomas Petazzoni <[email protected]>
Signed-off-by: Arnout Vandecappelle <[email protected]>
(cherry picked from commit 2ca6980)
Signed-off-by: Peter Korsgaard <[email protected]>
Signed-off-by: Yann E. MORIN <[email protected]>
Signed-off-by: Arnout Vandecappelle <[email protected]>
(cherry picked from commit 5d84451)
Signed-off-by: Peter Korsgaard <[email protected]>
Lots of people are using broken text editors that 1. do not naturally
terminate text files with a final \n as is customary in UNIX text files,
and 2. do not respect our .editorconfig settings, which explicitly
require adding that final newline. See this nice summary of what a text
file is (with references to applicable standards):

    https://stackoverflow.com/questions/12916352/shell-script-read-missing-last-line/12916758#12916758

So, it is not surprising that read does not read the last "line" of a
file, when said "line" does not end with a newline, because it is thus
not really a line.

Even though we do mandate actual text files, let's be a little bit lax
in this respect, because people may write packages, and their hash
files, in a br2-external tree, and they may not have our .editorconfig
in the directory heierarchy (e.g. if buildroot is a submodule of their
br2-external tree, or whatever).

mapfile does not suffer from this limitation, though, and correctly
reads all lines from a file, even the final line-that-is-not-a-line.

mapfile was introduced in bash 4.0, released on 2009-01-20, more than
15 years ago. Debian squeeze, released in 2011 already had bash 4.1.
Those are really ancient. So, it means we can indeed expect bash
version 4.0 or later; which means mapfile is available.

"It should be fine!"

Fixes: #15976

Reported-by: [email protected]
Signed-off-by: Yann E. MORIN <[email protected]>
Signed-off-by: Arnout Vandecappelle <[email protected]>
(cherry picked from commit ac2e6b3)
Signed-off-by: Peter Korsgaard <[email protected]>
- fix alphabetical ordering
- put one module per line
- add comment explaining why options are enabled

Signed-off-by: Michael Nosthoff <[email protected]>
Signed-off-by: Arnout Vandecappelle <[email protected]>
(cherry picked from commit 5c20804)
Signed-off-by: Peter Korsgaard <[email protected]>
boost-context
- requires C++11 (gcc 4.8) since 1.61 see [0]
- dropped the dependency on (boost) thread in 1.77 see [1]
boost-fiber
- needed C++11 since it's creation in 1.61 [2]
boost-math
- add comment for gcc version

[0] https://www.boost.org/doc/libs/1_82_0/libs/context/doc/html/context/requirements.html
[1] boostorg/context@8425e83
[2] https://www.boost.org/doc/libs/1_62_0/libs/fiber/doc/html/fiber/overview.html

Signed-off-by: Michael Nosthoff <[email protected]>
Signed-off-by: Arnout Vandecappelle <[email protected]>
(cherry picked from commit 16abf80)
Signed-off-by: Peter Korsgaard <[email protected]>
Resolves the following error when building against MUSL:

tools/attr.c: In function 'main':
tools/attr.c:69:20: error: implicit declaration of function 'basename'
[-Wimplicit-function-declaration]
   69 |         progname = basename(argv[0]);
      |                    ^~~~~~~~
tools/attr.c:69:18: error: assignment to 'char *' from 'int' makes
pointer from integer without a cast [-Wint-conversion]
   69 |         progname = basename(argv[0]);
      |                  ^

Upstream: https://git.savannah.nongnu.org/cgit/attr.git/commit/?id=8a80d895dfd779373363c3a4b62ecce5a549efb2

Fixes: http://autobuild.buildroot.net/results/c61206968eda9913e37e95a61dc3e10399503fcd/

Signed-off-by: Yegor Yefremov <[email protected]>
[Romain: use upstream patch]
Signed-off-by: Romain Naour <[email protected]>
(cherry picked from commit fa24168)
Signed-off-by: Peter Korsgaard <[email protected]>
Signed-off-by: Julien Olivain <[email protected]>
Signed-off-by: Arnout Vandecappelle <[email protected]>
(cherry picked from commit 2da40a2)
Signed-off-by: Peter Korsgaard <[email protected]>
Signed-off-by: Marcus Hoffmann <[email protected]>
Signed-off-by: Arnout Vandecappelle <[email protected]>
(cherry picked from commit d429d5d)
Signed-off-by: Peter Korsgaard <[email protected]>
Signed-off-by: Julien Olivain <[email protected]>
Signed-off-by: Arnout Vandecappelle <[email protected]>
(cherry picked from commit 009f910)
Signed-off-by: Peter Korsgaard <[email protected]>
libest uses functions that are no longer available in OpenSSL 3.0. Add a
wrapper that calls the proper replacements depending on the version.

Fixes:
  http://autobuild.buildroot.net/results/89024d6c1f10959282470b120d332fb32922b3b6

Signed-off-by: Aleksandr Makarov <[email protected]>
[Arnout: add Upstream: tag to patches]
Signed-off-by: Arnout Vandecappelle <[email protected]>
(cherry picked from commit 8dc7445)
Signed-off-by: Peter Korsgaard <[email protected]>
Signed-off-by: Marcus Hoffmann <[email protected]>
Signed-off-by: Thomas Petazzoni <[email protected]>
(cherry picked from commit 2fe638a)
Signed-off-by: Peter Korsgaard <[email protected]>
Release Notes: https://nodejs.org/en/blog/release/v20.15.1

Fixes the following CVE's:

CVE-2024-36138 - Bypass incomplete fix of CVE-2024-27980 (High)
CVE-2024-22020 - Bypass network import restriction via data URL (Medium)
CVE-2024-22018 - fs.lstat bypasses permission model (Low)
CVE-2024-36137 - fs.fchown/fchmod bypasses permission model (Low)
CVE-2024-37372 - Permission model improperly processes UNC paths (Low)

Also these additional CVE's were fixed in the v20.12.1 and v20.12.2 releases [1][2]:

CVE-2024-27983 - Assertion failed in node::http2::Http2Session::~Http2Session() leads to HTTP/2 server crash- (High)
CVE-2024-27982 - HTTP Request Smuggling via Content Length Obfuscation - (Medium)
CVE-2024-27980 - Command injection via args parameter of child_process.spawn without shell option enabled on Windows

NodeJS tests are passing:
$ ./support/testing/run-tests -o ./outputs/ -k tests.package.test_nodejs -d dl
12:02:58 TestNodeJSModuleHostSrc                  Starting
12:02:58 TestNodeJSModuleHostSrc                  Building
13:17:15 TestNodeJSModuleHostSrc                  Building done
13:17:23 TestNodeJSModuleHostSrc                  Cleaning up
.13:17:23 TestNodeJSModuleHostBin                  Starting
13:17:23 TestNodeJSModuleHostBin                  Building
14:06:15 TestNodeJSModuleHostBin                  Building done
14:06:20 TestNodeJSModuleHostBin                  Cleaning up
.14:06:20 TestNodeJSBasic                          Starting
14:06:20 TestNodeJSBasic                          Building
14:55:40 TestNodeJSBasic                          Building done
14:55:45 TestNodeJSBasic                          Cleaning up

LICENSE hash changed due to changes in vendored components:

* copyright year update and adding spdx identifier [1]

[1] https://nodejs.org/en/blog/release/v20.12.1
[2] https://nodejs.org/en/blog/release/v20.12.2
[3] nodejs/node@d5a316f

Signed-off-by: Marcus Hoffmann <[email protected]>
Signed-off-by: Thomas Petazzoni <[email protected]>
(cherry picked from commit bffb6a2)
Signed-off-by: Peter Korsgaard <[email protected]>
*ucontext functions are only implemented for a subset of
uClibc supported architectures. To allow the external library
libucontext to be used this small patch is required.
Tested for riscv64.

Signed-off-by: Waldemar Brodkorb <[email protected]>
Signed-off-by: Thomas Petazzoni <[email protected]>
(cherry picked from commit f761a8c)
Signed-off-by: Peter Korsgaard <[email protected]>
Signed-off-by: Francois Perrad <[email protected]>
Signed-off-by: Thomas Petazzoni <[email protected]>
(cherry picked from commit d40e57e)
Signed-off-by: Peter Korsgaard <[email protected]>
fix CVE-2024-6655 (Library injection from CWD)

Signed-off-by: Francois Perrad <[email protected]>
Signed-off-by: Thomas Petazzoni <[email protected]>
(cherry picked from commit c51f988)
Signed-off-by: Peter Korsgaard <[email protected]>
…ributing a board

When the default (newest) kernel headers series changes the build can
break. Example error message:

  Incorrect selection of kernel headers: expected 6.8.x, got 6.5.x

In the above case the defconfig used:

  BR2_LINUX_KERNEL_CUSTOM_VERSION=y
  BR2_LINUX_KERNEL_CUSTOM_VERSION_VALUE="6.5.9"

The kernel headers were not specified, so the build defaulted to using
the kernel sources as header source and the default (newest) header
series. From .config:

  BR2_KERNEL_HEADERS_AS_KERNEL=y
  BR2_PACKAGE_HOST_LINUX_HEADERS_CUSTOM_6_8=y

Signed-off-by: Gero Schwäricke <[email protected]>
Signed-off-by: Arnout Vandecappelle <[email protected]>
(cherry picked from commit eb519ad)
Signed-off-by: Peter Korsgaard <[email protected]>
Fix the following build failure with host gcc >= 14 which enables
-Werror=implicit-function-declaration
(https://gcc.gnu.org/gcc-14/porting_to.html):

configure:9998: checking build system compiler /usr/bin/gcc
configure:10011: /usr/bin/gcc conftest.c
conftest.c: In function 'main':
conftest.c:4:3: error: implicit declaration of function 'exit' [-Wimplicit-function-declaration]
    4 |   exit(0);
      |   ^~~~
conftest.c:1:1: note: include '<stdlib.h>' or provide a declaration of 'exit'
  +++ |+#include <stdlib.h>
    1 | int
conftest.c:4:3: warning: incompatible implicit declaration of built-in function 'exit' [-Wbuiltin-declaration-mismatch]
    4 |   exit(0);
      |   ^~~~
conftest.c:4:3: note: include '<stdlib.h>' or provide a declaration of 'exit'
configure:10014: $? = 1
configure:10021: result: no
configure:10026: error: Specified CC_FOR_BUILD doesn't seem to work

Fixes:
 - http://autobuild.buildroot.org/results/3ab381f06d5dc030039b6f6f8d19feb55cf3367d

Signed-off-by: Fabrice Fontaine <[email protected]>
Signed-off-by: Thomas Petazzoni <[email protected]>
(cherry picked from commit 3bb4266)
Signed-off-by: Peter Korsgaard <[email protected]>
libcoap unconditionally calls the (deprecated) ENGINE_* logic in
libopenssl resulting in a build failure when
!BR2_PACKAGE_LIBOPENSSL_ENGINES since commit
623d3bb

libcoap also unconditionally uses PSK

Fixes: 623d3bb
 - http://autobuild.buildroot.org/results/6bd3e1390cbbc59b9b3d030c2a401e45e9d173da
 - http://autobuild.buildroot.org/results/f243209454feed4f33f759786c2023c576a2cd3d

Signed-off-by: Fabrice Fontaine <[email protected]>
Signed-off-by: Thomas Petazzoni <[email protected]>
(cherry picked from commit 33d25f0)
Signed-off-by: Peter Korsgaard <[email protected]>
https://github.com/pupnp/pupnp/blob/release-1.14.19/ChangeLog

Signed-off-by: Fabrice Fontaine <[email protected]>
Signed-off-by: Thomas Petazzoni <[email protected]>
(cherry picked from commit 3a4bd98)
Signed-off-by: Peter Korsgaard <[email protected]>
https://gitlab.gnome.org/GNOME/libxslt/-/blob/v1.1.42/NEWS

Signed-off-by: Fabrice Fontaine <[email protected]>
Signed-off-by: Thomas Petazzoni <[email protected]>
(cherry picked from commit f3461d0)
Signed-off-by: Peter Korsgaard <[email protected]>
https://github.com/cifsd-team/ksmbd-tools/releases/tag/3.5.2

Signed-off-by: Fabrice Fontaine <[email protected]>
Signed-off-by: Thomas Petazzoni <[email protected]>
(cherry picked from commit b409766)
Signed-off-by: Peter Korsgaard <[email protected]>
Signed-off-by: Julien Olivain <[email protected]>
Signed-off-by: Thomas Petazzoni <[email protected]>
(cherry picked from commit f04a95f)
Signed-off-by: Peter Korsgaard <[email protected]>
Signed-off-by: Julien Olivain <[email protected]>
Signed-off-by: Thomas Petazzoni <[email protected]>
(cherry picked from commit 9c8f6dc)
Signed-off-by: Peter Korsgaard <[email protected]>
The gpsfake command line has a typo (a missing space), which makes the
next gpsctl command to always fail.

This commit fixes the issue by adding the missing space.

Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/7391792948

Signed-off-by: Julien Olivain <[email protected]>
Signed-off-by: Thomas Petazzoni <[email protected]>
(cherry picked from commit 49156a0)
Signed-off-by: Peter Korsgaard <[email protected]>
Signed-off-by: J. Neuschäfer <[email protected]>
Signed-off-by: Thomas Petazzoni <[email protected]>
(cherry picked from commit ade6e41)
Signed-off-by: Peter Korsgaard <[email protected]>
Change the name from "Micro Python" (two words) to "MicroPython"
(camelcase), to match the official website and documentation.

Signed-off-by: J. Neuschäfer <[email protected]>
Signed-off-by: Thomas Petazzoni <[email protected]>
(cherry picked from commit 161c25a)
Signed-off-by: Peter Korsgaard <[email protected]>
unbound unconditionally calls the (deprecated) ENGINE_* logic in
libopenssl resulting in a build failure when
!BR2_PACKAGE_LIBOPENSSL_ENGINES since commit
623d3bb:

sldns/keyraw.c:167:35: error: 'ENGINE_METHOD_ALL' undeclared (first use in this function)
  167 |         if(!ENGINE_set_default(e, ENGINE_METHOD_ALL)) {
      |                                   ^~~~~~~~~~~~~~~~~

Fixes: 623d3bb
 - http://autobuild.buildroot.org/results/b7782f5ba54543df53a835552632f58d4ad6c082

Signed-off-by: Fabrice Fontaine <[email protected]>
Signed-off-by: Thomas Petazzoni <[email protected]>
(cherry picked from commit ec7ae88)
Signed-off-by: Peter Korsgaard <[email protected]>
wbx-github and others added 24 commits September 3, 2024 20:54
See here for a Changelog:
https://openldap.org/software/release/changes_lts.html

Signed-off-by: Waldemar Brodkorb <[email protected]>
Signed-off-by: Thomas Petazzoni <[email protected]>
(cherry picked from commit 61ad551)
Signed-off-by: Peter Korsgaard <[email protected]>
Building with GCC 14 fails at the configure step with:

    ./configure: error: libatomic_ops library was not found.

The error is not caused by a missing library, but by an unrelated
"incompatible pointer type" error in the test program:

    ...
    checking for atomic_ops library
    objs/autotest.c: In function 'main':
    objs/autotest.c:9:48: error: passing argument 1 of 'AO_compare_and_swap' from incompatible pointer type [-Wincompatible-pointer-types]

This used to be a warning, but it is an error since GCC 14.[1]

Fix this by patching the test program in order to use the correct
pointer types.

Fixes: http://autobuild.buildroot.net/results/a3d/a3d8c6fd631b31e272e4d8cc6c3318f2e4151882

[1] https://gcc.gnu.org/gcc-14/porting_to.html#incompatible-pointer-types

Signed-off-by: Edgar Bonet <[email protected]>
Signed-off-by: Arnout Vandecappelle <[email protected]>
(cherry picked from commit 7d249da)
Signed-off-by: Peter Korsgaard <[email protected]>
See here for a Changelog and CVE's:
http://nginx.org/en/CHANGES-1.26

Patch 0006 is no longer required as the openssl library is found without
this patch, which does not apply anymore.

Patch 0009 is no longer required as it was fixed in another way upstream:
https://hg.nginx.org/nginx/rev/fb989e24c60a

Patch 0011 is upstream:
https://hg.nginx.org/nginx/rev/f58b6f636238

Reorder the remaining patches and update .checkpackageignore accordingly.

The LICENSE file is changed, the year changed from 2022 to 2024.

Signed-off-by: Waldemar Brodkorb <[email protected]>
Signed-off-by: Thomas Petazzoni <[email protected]>
(cherry picked from commit 761259c)
Signed-off-by: Peter Korsgaard <[email protected]>
For change log since v2.3.5, see:
- https://github.com/FluidSynth/fluidsynth/releases/tag/v2.3.6

Signed-off-by: Julien Olivain <[email protected]>
Signed-off-by: Thomas Petazzoni <[email protected]>
(cherry picked from commit f9f2ade)
Signed-off-by: Peter Korsgaard <[email protected]>
Signed-off-by: Adrian Perez de Castro <[email protected]>
Signed-off-by: Thomas Petazzoni <[email protected]>
(cherry picked from commit 03505e3)
Signed-off-by: Peter Korsgaard <[email protected]>
…anges"

This didn't work out as planned, neither the restriction of muting
unregistered users, nor the exception for matrix users worked as planned.

The channel mode has been reverted to +R (meaning only registered users
are allowed to join) and an exception for *that* has been introduced for
matrix users via +e. The channel modes are documented in [1].

[1] https://www.oftc.net/ChannelModes/

This reverts commit d1e6d78.

Signed-off-by: Marcus Hoffmann <[email protected]>
Signed-off-by: Thomas Petazzoni <[email protected]>
(cherry picked from commit bede54c)
Signed-off-by: Peter Korsgaard <[email protected]>
With BR2_SHARED_STATIC_LIBS=y, the generic infrastructure adds a
--enable-static flags causing htop to be built as a static binary.
Adding a --disable-static reverts this. This will fix the following
build failure with hwloc raised since bump to version 3.3.0 in commit
0924318 and
htop-dev/htop@c8a6185:

/home/autobuild/autobuild/instance-3/output-1/host/bin/mipsel-buildroot-linux-gnu-gcc -std=c99 -pedantic -D_DEFAULT_SOURCE -D_XOPEN_SOURCE=600 -I/home/autobuild/autobuild/instance-3/output-1/host/mipsel-buildroot-linux-gnu/sysroot/usr/bin/../../usr/include -I/home/autobuild/autobuild/instance-3/output-1/host/bin/../mipsel-buildroot-linux-gnu/sysroot/usr/include/libxml2  -Wall -Wcast-align -Wcast-qual -Wextra -Wfloat-equal -Wformat=2 -Winit-self -Wmissing-format-attribute -Wmissing-noreturn -Wmissing-prototypes -Wpointer-arith -Wshadow -Wstrict-prototypes -Wundef -Wunused -Wwrite-strings -Wnull-dereference -D_XOPEN_SOURCE_EXTENDED -DSYSCONFDIR="\"/etc\"" -I"./linux" -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64  -Os -g0 -D_FORTIFY_SOURCE=2 -static -rdynamic  -static -o htop htop.o   Action.o Affinity.o AffinityPanel.o AvailableColumnsPanel.o AvailableMetersPanel.o BatteryMeter.o CategoriesPanel.o ClockMeter.o ColorsPanel.o ColumnsPanel.o CommandLine.o CommandScreen.
 o Compat.o CPUMeter.o CRT.o DateMeter.o DateTimeMeter.o DiskIOMeter.o DisplayOptionsPanel.o DynamicColumn.o DynamicMeter.o DynamicScreen.o EnvScreen.o FileDescriptorMeter.o FunctionBar.o Hashtable.o Header.o HeaderOptionsPanel.o HostnameMeter.o IncSet.o InfoScreen.o ListItem.o LoadAverageMeter.o Machine.o MainPanel.o MemoryMeter.o MemorySwapMeter.o Meter.o MetersPanel.o NetworkIOMeter.o Object.o OpenFilesScreen.o OptionItem.o Panel.o Process.o ProcessLocksScreen.o ProcessTable.o Row.o RichString.o Scheduling.o ScreenManager.o ScreensPanel.o ScreenTabsPanel.o Settings.o SignalsPanel.o SwapMeter.o SysArchMeter.o Table.o TasksMeter.o TraceScreen.o UptimeMeter.o UsersTable.o Vector.o XUtils.o generic/gettime.o generic/hostname.o generic/uname.o linux/CGroupUtils.o linux/HugePageMeter.o linux/IOPriorityPanel.o linux/LibSensors.o linux/LinuxMachine.o linux/LinuxProcess.o linux/LinuxProcessTable.o linux/Platform.o linux/PressureStallMeter.o linux/SELinuxMeter.o linux/SystemdMeter.o linux/Z
 ramMeter.o zfs/ZfsArcMeter.o zfs/ZfsCompressedArcMeter.o   -lcap -llzma -L/home/autobuild/autobuild/instance-3/output-1/host/mipsel-buildroot-linux-gnu/sysroot/usr/bin/../../usr/lib -lncurses -lm   -L/home/autobuild/autobuild/instance-3/output-1/host/bin/../mipsel-buildroot-linux-gnu/sysroot/usr/lib -lhwloc
/home/autobuild/autobuild/instance-3/output-1/host/lib/gcc/mipsel-buildroot-linux-gnu/12.3.0/../../../../mipsel-buildroot-linux-gnu/bin/ld: Action.o: in function `Action_setUserOnly':
Action.c:(.text+0x2490): warning: Using 'getpwnam' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
/home/autobuild/autobuild/instance-3/output-1/host/lib/gcc/mipsel-buildroot-linux-gnu/12.3.0/../../../../mipsel-buildroot-linux-gnu/bin/ld: Settings.o: in function `Settings_new':
Settings.c:(.text+0x2dd0): warning: Using 'getpwuid' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
/home/autobuild/autobuild/instance-3/output-1/host/lib/gcc/mipsel-buildroot-linux-gnu/12.3.0/../../../../mipsel-buildroot-linux-gnu/bin/ld: /home/autobuild/autobuild/instance-3/output-1/host/mipsel-buildroot-linux-gnu/sysroot/usr/bin/../../usr/lib/libhwloc.a(topology-xml-libxml.o): in function `hwloc_libxml_free_buffer':
topology-xml-libxml.c:(.text+0x2c): undefined reference to `xmlFree'

Fixes:
 - http://autobuild.buildroot.org/results/04bd5633750ff5cef048ea78c9de043d3ffcfa32

Signed-off-by: Fabrice Fontaine <[email protected]>
Signed-off-by: Thomas Petazzoni <[email protected]>
(cherry picked from commit 21f312a)
Signed-off-by: Peter Korsgaard <[email protected]>
Commit 9696d27 "package/gpsd: condition python stuff to the proper
kconfig option" changed the condition in which the gpsd python scripts
are installed. After that change, the "gpsfake" command (which is a
python script) is no longer found and the runtime test is failing.

This commit fixes the issue by reflecting the change in the runtime
test Buildroot configuration.

Signed-off-by: Julien Olivain <[email protected]>
Signed-off-by: Thomas Petazzoni <[email protected]>
(cherry picked from commit b6f4d79)
Signed-off-by: Peter Korsgaard <[email protected]>
Django 5.0.7 fixes the following CVEs:

* CVE-2024-38875: Potential denial-of-service vulnerability in django.utils.html.urlize()
* CVE-2024-39329: Username enumeration through timing difference for users with unusable passwords
* CVE-2024-39330: Potential directory-traversal via Storage.save()
* CVE-2024-39614: Potential denial-of-service vulnerability in get_supported_language_variant()

Django 5.0.8 fixes the following CVEs:

* CVE-2024-41989: Memory exhaustion in django.utils.numberformat.floatformat()
* CVE-2024-41990: Potential denial-of-service vulnerability in django.utils.html.urlize()
* CVE-2024-41991: Potential denial-of-service vulnerability in django.utils.html.urlize() and AdminURLFieldWidget
* CVE-2024-42005: Potential SQL injection in QuerySet.values() and values_list()

Further release Notes: https://docs.djangoproject.com/en/5.0/releases/

Signed-off-by: Marcus Hoffmann <[email protected]>
Signed-off-by: Thomas Petazzoni <[email protected]>
(cherry picked from commit f777ce1)
Signed-off-by: Peter Korsgaard <[email protected]>
Signed-off-by: Giulio Benetti <[email protected]>
Signed-off-by: Thomas Petazzoni <[email protected]>
(cherry picked from commit 7c56e71)
Signed-off-by: Peter Korsgaard <[email protected]>
Signed-off-by: Giulio Benetti <[email protected]>
Signed-off-by: Thomas Petazzoni <[email protected]>
(cherry picked from commit eea735b)
Signed-off-by: Peter Korsgaard <[email protected]>
<[email protected]>: host aspmx.l.google.com[2a00:1450:400c:c07::1a]
    said: 550-5.2.1 The email account that you tried to reach is inactive. For
    more 550-5.2.1 information, go to 550 5.2.1
    https://support.google.com/mail/?p=DisabledUser
    ffacd0b85a97d-36bbd075381si7797549f8f.548 - gsmtp (in reply to RCPT TO
    command)

Signed-off-by: Thomas Petazzoni <[email protected]>
(cherry picked from commit 53116d0)
Signed-off-by: Peter Korsgaard <[email protected]>
Signed-off-by: José Luis Salvador Rufo <[email protected]>
Signed-off-by: Thomas Petazzoni <[email protected]>
(cherry picked from commit 08edb3c)
Signed-off-by: Peter Korsgaard <[email protected]>
Fixes runtime error:

    dlopen: /usr/lib/mjpg-streamer/input_uvc.so: undefined symbol: resolutions_help

Patch was suggested by Thomas:
http://lists.busybox.net/pipermail/buildroot/2024-August/759732.html

Signed-off-by: Bernd Kuhls <[email protected]>
Signed-off-by: Thomas Petazzoni <[email protected]>
(cherry picked from commit fdbc8d9)
Signed-off-by: Peter Korsgaard <[email protected]>
Fixes:

  http://autobuild.buildroot.net/results/e613fc777051be6325d7e3c088d5f723fab518fa/

Signed-off-by: J. Neuschäfer <[email protected]>
Signed-off-by: Thomas Petazzoni <[email protected]>
(cherry picked from commit 2a700617cc1aa14deb9f4e4f5c63e19c77901389)
Signed-off-by: Peter Korsgaard <[email protected]>
Release notes - https://github.com/esnet/iperf/releases/tag/3.16

Signed-off-by: Kadambini Nema <[email protected]>
Signed-off-by: Peter Korsgaard <[email protected]>
(cherry picked from commit 9f94b3b)
Signed-off-by: Peter Korsgaard <[email protected]>
Commit 9f94b3b "package/iperf3: bump to version 3.16" updated
the package but forgot to reflect a breaking change mentioned in
the release note [1], "iperf3 now requires pthreads and C atomic
variables to compile and run".

When the toolchain has no atomic support, or the libatomic is not
added in the linker flags, the compilation now fail with output:

    arm-buildroot-linux-gnueabi/bin/ld: ./.libs/libiperf.so: undefined reference to '__atomic_load_8'

This issue can be seen when running the iperf3 runtime test, with
command:

    support/testing/run-tests \
        -d dl -o output_test \
        tests.package.test_iperf3

This commit fixes the issue by adding a dependency on
BR2_TOOLCHAIN_HAS_ATOMIC and by adding an upstream patch to detect
if linking to libatomic is needed.

Fixes: [2]

[1] https://github.com/esnet/iperf/releases/tag/3.16
[2] https://gitlab.com/buildroot.org/buildroot/-/jobs/6466933622

Signed-off-by: Julien Olivain <[email protected]>
Signed-off-by: Yann E. MORIN <[email protected]>
(cherry picked from commit f10488a)
Signed-off-by: Peter Korsgaard <[email protected]>
Removed patch which is included in this release, autoreconf is not needed
anymore.

Updated license hash due to copyright year bump:
esnet/iperf@7b94705

Fixes CVE-2024-26306.

Release notes:
https://github.com/esnet/iperf/releases/tag/3.17.1
https://github.com/esnet/iperf/releases/tag/3.17

Signed-off-by: Bernd Kuhls <[email protected]>
Signed-off-by: Thomas Petazzoni <[email protected]>
(cherry picked from commit 9d9a0db3d8b471ccf1721312450337ff53ed4a35)
Signed-off-by: Peter Korsgaard <[email protected]>
Version 3.8.4 fixes CVE-2024-28834 & CVE-2024-28835.

Release notes:
3.8.4: https://lists.gnupg.org/pipermail/gnutls-help/2024-March/004845.html
3.8.5: https://lists.gnupg.org/pipermail/gnutls-help/2024-April/004846.html
3.8.6: https://lists.gnupg.org/pipermail/gnutls-help/2024-July/004848.html

Signed-off-by: Bernd Kuhls <[email protected]>
Signed-off-by: Thomas Petazzoni <[email protected]>
(cherry picked from commit 904acfc41e1464848daf0240251e7701954c4918)
Signed-off-by: Peter Korsgaard <[email protected]>
The download and homepage URL for this project have been
updated. The old site no longer works.

Signed-off-by: Waldemar Brodkorb <[email protected]>
Signed-off-by: Thomas Petazzoni <[email protected]>
(cherry picked from commit 2a547e2c424ac08d8741dc557aee968f1b659735)
Signed-off-by: Peter Korsgaard <[email protected]>
Fixes:
http://autobuild.buildroot.net/results/94fd27ea48c4128033ad10cf0dc5dba3f5d97a02/

Commit 4aff9fa (package/am335x-pru-package: fix download
issue) updated the filename and hash of the package, but something went
wrong when adjusting the hash for 2024.02.x.

Investigating the local tarball shows that the permissions in the tarball were
were wrong:

diffoscope old-dl/am335x-pru-package/am335x-pru-package-5f374*-br1.tar.gz \
           dl/am335x-pru-package/am335x-pru-package-5f374*-br1.tar.gz | \
	   grep 96/.gitignore
│ │ --rw-rw-rw-   0        0        0      199 2016-02-10 20:56:25.000000 am335x-pru-package-5f374ad57cc195f28bf5e585c3d446aba6ee7096/.gitignore
│ │ +-rw-r--r--   0        0        0      199 2016-02-10 20:56:25.000000 am335x-pru-package-5f374ad57cc195f28bf5e585c3d446aba6ee7096/.gitignore

And indeed, the file does have mode 666 in the git repo:

ls -lah old-dl/am335x-pru-package/git/.gitignore
-rw-rw-rw- 1 peko peko 199 Aug 31 18:16 old-dl/am335x-pru-package/git/.gitignore

It is unclear how this happened, maybe an issue with switching between
master/2024.05.x/2024.02.x.

Adjust the hash to match what is should have been instead.

Signed-off-by: Peter Korsgaard <[email protected]>
Signed-off-by: Peter Korsgaard <[email protected]>
After update to v4.0.4, props-ng build fails on linker error if If
BR2_PACKAGE_SYSTEMD is enabled:

/build/output/host/lib/gcc/x86_64-buildroot-linux-gnu/12.4.0/../../../../x86_64-buildroot-linux-gnu/bin/ld: src/w.o: undefined reference to symbol 'sd_session_get_uid@@LIBSYSTEMD_209'
/build/output/host/lib/gcc/x86_64-buildroot-linux-gnu/12.4.0/../../../../x86_64-buildroot-linux-gnu/bin/ld: /build/output/host/x86_64-buildroot-linux-gnu/sysroot/lib64/libsystemd.so.0: error adding symbols: DSO missing from command line
collect2: error: ld returned 1 exit status

Add lsystemd to configure arguments if systemd is enabled to fix this.

Signed-off-by: Jan Čermák <[email protected]>
@sairon sairon marked this pull request as ready for review September 12, 2024 12:35
@sairon sairon requested a review from agners September 12, 2024 12:35
@sairon sairon merged commit d59d09a into 2024.02.x-haos Sep 12, 2024
@sairon sairon deleted the merge-2024.02.6 branch September 12, 2024 13:49
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.