-
Notifications
You must be signed in to change notification settings - Fork 29
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Merge 2024.02.6 #56
Merged
Merged
Merge 2024.02.6 #56
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Drop patch which is included in this release. Changelog: https://matt.ucc.asn.au/dropbear/CHANGES Signed-off-by: Bernd Kuhls <[email protected]> Signed-off-by: Thomas Petazzoni <[email protected]> (cherry picked from commit 516d57d) Signed-off-by: Peter Korsgaard <[email protected]>
Signed-off-by: Francois Perrad <[email protected]> Signed-off-by: Thomas Petazzoni <[email protected]> (cherry picked from commit 2fbffc6) Signed-off-by: Peter Korsgaard <[email protected]>
`b4` is a commandline tool to make patch-based development easier[1]. It is primarily used for Linux kernel development, but can be configured to support any project that has a public-inbox endpoint. Buildroot has a public-inbox mirror at "https://lore.kernel.org/buildroot/". We configure some basic settings that tell `b4` where to send patches and how to use get-developers. [1] https://b4.docs.kernel.org/en/latest/ Signed-off-by: Brandon Maier <[email protected]> Signed-off-by: Arnout Vandecappelle <[email protected]> (cherry picked from commit 322213e) Signed-off-by: Peter Korsgaard <[email protected]>
According to https://spdx.org/licenses/, the correct license code for the "Clarified Artistic License" is ClArtistic. The only other package in Buildroot containing code under this license is google-breakpad, and it is already using the ClArtistic SPDX code. Signed-off-by: Thomas Petazzoni <[email protected]> Signed-off-by: Arnout Vandecappelle <[email protected]> (cherry picked from commit 2ca6980) Signed-off-by: Peter Korsgaard <[email protected]>
Signed-off-by: Yann E. MORIN <[email protected]> Signed-off-by: Arnout Vandecappelle <[email protected]> (cherry picked from commit 5d84451) Signed-off-by: Peter Korsgaard <[email protected]>
Lots of people are using broken text editors that 1. do not naturally terminate text files with a final \n as is customary in UNIX text files, and 2. do not respect our .editorconfig settings, which explicitly require adding that final newline. See this nice summary of what a text file is (with references to applicable standards): https://stackoverflow.com/questions/12916352/shell-script-read-missing-last-line/12916758#12916758 So, it is not surprising that read does not read the last "line" of a file, when said "line" does not end with a newline, because it is thus not really a line. Even though we do mandate actual text files, let's be a little bit lax in this respect, because people may write packages, and their hash files, in a br2-external tree, and they may not have our .editorconfig in the directory heierarchy (e.g. if buildroot is a submodule of their br2-external tree, or whatever). mapfile does not suffer from this limitation, though, and correctly reads all lines from a file, even the final line-that-is-not-a-line. mapfile was introduced in bash 4.0, released on 2009-01-20, more than 15 years ago. Debian squeeze, released in 2011 already had bash 4.1. Those are really ancient. So, it means we can indeed expect bash version 4.0 or later; which means mapfile is available. "It should be fine!" Fixes: #15976 Reported-by: [email protected] Signed-off-by: Yann E. MORIN <[email protected]> Signed-off-by: Arnout Vandecappelle <[email protected]> (cherry picked from commit ac2e6b3) Signed-off-by: Peter Korsgaard <[email protected]>
- fix alphabetical ordering - put one module per line - add comment explaining why options are enabled Signed-off-by: Michael Nosthoff <[email protected]> Signed-off-by: Arnout Vandecappelle <[email protected]> (cherry picked from commit 5c20804) Signed-off-by: Peter Korsgaard <[email protected]>
boost-context - requires C++11 (gcc 4.8) since 1.61 see [0] - dropped the dependency on (boost) thread in 1.77 see [1] boost-fiber - needed C++11 since it's creation in 1.61 [2] boost-math - add comment for gcc version [0] https://www.boost.org/doc/libs/1_82_0/libs/context/doc/html/context/requirements.html [1] boostorg/context@8425e83 [2] https://www.boost.org/doc/libs/1_62_0/libs/fiber/doc/html/fiber/overview.html Signed-off-by: Michael Nosthoff <[email protected]> Signed-off-by: Arnout Vandecappelle <[email protected]> (cherry picked from commit 16abf80) Signed-off-by: Peter Korsgaard <[email protected]>
Resolves the following error when building against MUSL: tools/attr.c: In function 'main': tools/attr.c:69:20: error: implicit declaration of function 'basename' [-Wimplicit-function-declaration] 69 | progname = basename(argv[0]); | ^~~~~~~~ tools/attr.c:69:18: error: assignment to 'char *' from 'int' makes pointer from integer without a cast [-Wint-conversion] 69 | progname = basename(argv[0]); | ^ Upstream: https://git.savannah.nongnu.org/cgit/attr.git/commit/?id=8a80d895dfd779373363c3a4b62ecce5a549efb2 Fixes: http://autobuild.buildroot.net/results/c61206968eda9913e37e95a61dc3e10399503fcd/ Signed-off-by: Yegor Yefremov <[email protected]> [Romain: use upstream patch] Signed-off-by: Romain Naour <[email protected]> (cherry picked from commit fa24168) Signed-off-by: Peter Korsgaard <[email protected]>
Signed-off-by: Julien Olivain <[email protected]> Signed-off-by: Arnout Vandecappelle <[email protected]> (cherry picked from commit 2da40a2) Signed-off-by: Peter Korsgaard <[email protected]>
Signed-off-by: Marcus Hoffmann <[email protected]> Signed-off-by: Arnout Vandecappelle <[email protected]> (cherry picked from commit d429d5d) Signed-off-by: Peter Korsgaard <[email protected]>
Signed-off-by: Julien Olivain <[email protected]> Signed-off-by: Arnout Vandecappelle <[email protected]> (cherry picked from commit 009f910) Signed-off-by: Peter Korsgaard <[email protected]>
libest uses functions that are no longer available in OpenSSL 3.0. Add a wrapper that calls the proper replacements depending on the version. Fixes: http://autobuild.buildroot.net/results/89024d6c1f10959282470b120d332fb32922b3b6 Signed-off-by: Aleksandr Makarov <[email protected]> [Arnout: add Upstream: tag to patches] Signed-off-by: Arnout Vandecappelle <[email protected]> (cherry picked from commit 8dc7445) Signed-off-by: Peter Korsgaard <[email protected]>
Signed-off-by: Marcus Hoffmann <[email protected]> Signed-off-by: Thomas Petazzoni <[email protected]> (cherry picked from commit 2fe638a) Signed-off-by: Peter Korsgaard <[email protected]>
Release Notes: https://nodejs.org/en/blog/release/v20.15.1 Fixes the following CVE's: CVE-2024-36138 - Bypass incomplete fix of CVE-2024-27980 (High) CVE-2024-22020 - Bypass network import restriction via data URL (Medium) CVE-2024-22018 - fs.lstat bypasses permission model (Low) CVE-2024-36137 - fs.fchown/fchmod bypasses permission model (Low) CVE-2024-37372 - Permission model improperly processes UNC paths (Low) Also these additional CVE's were fixed in the v20.12.1 and v20.12.2 releases [1][2]: CVE-2024-27983 - Assertion failed in node::http2::Http2Session::~Http2Session() leads to HTTP/2 server crash- (High) CVE-2024-27982 - HTTP Request Smuggling via Content Length Obfuscation - (Medium) CVE-2024-27980 - Command injection via args parameter of child_process.spawn without shell option enabled on Windows NodeJS tests are passing: $ ./support/testing/run-tests -o ./outputs/ -k tests.package.test_nodejs -d dl 12:02:58 TestNodeJSModuleHostSrc Starting 12:02:58 TestNodeJSModuleHostSrc Building 13:17:15 TestNodeJSModuleHostSrc Building done 13:17:23 TestNodeJSModuleHostSrc Cleaning up .13:17:23 TestNodeJSModuleHostBin Starting 13:17:23 TestNodeJSModuleHostBin Building 14:06:15 TestNodeJSModuleHostBin Building done 14:06:20 TestNodeJSModuleHostBin Cleaning up .14:06:20 TestNodeJSBasic Starting 14:06:20 TestNodeJSBasic Building 14:55:40 TestNodeJSBasic Building done 14:55:45 TestNodeJSBasic Cleaning up LICENSE hash changed due to changes in vendored components: * copyright year update and adding spdx identifier [1] [1] https://nodejs.org/en/blog/release/v20.12.1 [2] https://nodejs.org/en/blog/release/v20.12.2 [3] nodejs/node@d5a316f Signed-off-by: Marcus Hoffmann <[email protected]> Signed-off-by: Thomas Petazzoni <[email protected]> (cherry picked from commit bffb6a2) Signed-off-by: Peter Korsgaard <[email protected]>
*ucontext functions are only implemented for a subset of uClibc supported architectures. To allow the external library libucontext to be used this small patch is required. Tested for riscv64. Signed-off-by: Waldemar Brodkorb <[email protected]> Signed-off-by: Thomas Petazzoni <[email protected]> (cherry picked from commit f761a8c) Signed-off-by: Peter Korsgaard <[email protected]>
Signed-off-by: Francois Perrad <[email protected]> Signed-off-by: Thomas Petazzoni <[email protected]> (cherry picked from commit d40e57e) Signed-off-by: Peter Korsgaard <[email protected]>
fix CVE-2024-6655 (Library injection from CWD) Signed-off-by: Francois Perrad <[email protected]> Signed-off-by: Thomas Petazzoni <[email protected]> (cherry picked from commit c51f988) Signed-off-by: Peter Korsgaard <[email protected]>
…ributing a board When the default (newest) kernel headers series changes the build can break. Example error message: Incorrect selection of kernel headers: expected 6.8.x, got 6.5.x In the above case the defconfig used: BR2_LINUX_KERNEL_CUSTOM_VERSION=y BR2_LINUX_KERNEL_CUSTOM_VERSION_VALUE="6.5.9" The kernel headers were not specified, so the build defaulted to using the kernel sources as header source and the default (newest) header series. From .config: BR2_KERNEL_HEADERS_AS_KERNEL=y BR2_PACKAGE_HOST_LINUX_HEADERS_CUSTOM_6_8=y Signed-off-by: Gero Schwäricke <[email protected]> Signed-off-by: Arnout Vandecappelle <[email protected]> (cherry picked from commit eb519ad) Signed-off-by: Peter Korsgaard <[email protected]>
Fix the following build failure with host gcc >= 14 which enables -Werror=implicit-function-declaration (https://gcc.gnu.org/gcc-14/porting_to.html): configure:9998: checking build system compiler /usr/bin/gcc configure:10011: /usr/bin/gcc conftest.c conftest.c: In function 'main': conftest.c:4:3: error: implicit declaration of function 'exit' [-Wimplicit-function-declaration] 4 | exit(0); | ^~~~ conftest.c:1:1: note: include '<stdlib.h>' or provide a declaration of 'exit' +++ |+#include <stdlib.h> 1 | int conftest.c:4:3: warning: incompatible implicit declaration of built-in function 'exit' [-Wbuiltin-declaration-mismatch] 4 | exit(0); | ^~~~ conftest.c:4:3: note: include '<stdlib.h>' or provide a declaration of 'exit' configure:10014: $? = 1 configure:10021: result: no configure:10026: error: Specified CC_FOR_BUILD doesn't seem to work Fixes: - http://autobuild.buildroot.org/results/3ab381f06d5dc030039b6f6f8d19feb55cf3367d Signed-off-by: Fabrice Fontaine <[email protected]> Signed-off-by: Thomas Petazzoni <[email protected]> (cherry picked from commit 3bb4266) Signed-off-by: Peter Korsgaard <[email protected]>
libcoap unconditionally calls the (deprecated) ENGINE_* logic in libopenssl resulting in a build failure when !BR2_PACKAGE_LIBOPENSSL_ENGINES since commit 623d3bb libcoap also unconditionally uses PSK Fixes: 623d3bb - http://autobuild.buildroot.org/results/6bd3e1390cbbc59b9b3d030c2a401e45e9d173da - http://autobuild.buildroot.org/results/f243209454feed4f33f759786c2023c576a2cd3d Signed-off-by: Fabrice Fontaine <[email protected]> Signed-off-by: Thomas Petazzoni <[email protected]> (cherry picked from commit 33d25f0) Signed-off-by: Peter Korsgaard <[email protected]>
https://github.com/pupnp/pupnp/blob/release-1.14.19/ChangeLog Signed-off-by: Fabrice Fontaine <[email protected]> Signed-off-by: Thomas Petazzoni <[email protected]> (cherry picked from commit 3a4bd98) Signed-off-by: Peter Korsgaard <[email protected]>
https://gitlab.gnome.org/GNOME/libxslt/-/blob/v1.1.42/NEWS Signed-off-by: Fabrice Fontaine <[email protected]> Signed-off-by: Thomas Petazzoni <[email protected]> (cherry picked from commit f3461d0) Signed-off-by: Peter Korsgaard <[email protected]>
https://github.com/cifsd-team/ksmbd-tools/releases/tag/3.5.2 Signed-off-by: Fabrice Fontaine <[email protected]> Signed-off-by: Thomas Petazzoni <[email protected]> (cherry picked from commit b409766) Signed-off-by: Peter Korsgaard <[email protected]>
Signed-off-by: Julien Olivain <[email protected]> Signed-off-by: Thomas Petazzoni <[email protected]> (cherry picked from commit f04a95f) Signed-off-by: Peter Korsgaard <[email protected]>
Signed-off-by: Julien Olivain <[email protected]> Signed-off-by: Thomas Petazzoni <[email protected]> (cherry picked from commit 9c8f6dc) Signed-off-by: Peter Korsgaard <[email protected]>
The gpsfake command line has a typo (a missing space), which makes the next gpsctl command to always fail. This commit fixes the issue by adding the missing space. Fixes: https://gitlab.com/buildroot.org/buildroot/-/jobs/7391792948 Signed-off-by: Julien Olivain <[email protected]> Signed-off-by: Thomas Petazzoni <[email protected]> (cherry picked from commit 49156a0) Signed-off-by: Peter Korsgaard <[email protected]>
Signed-off-by: J. Neuschäfer <[email protected]> Signed-off-by: Thomas Petazzoni <[email protected]> (cherry picked from commit ade6e41) Signed-off-by: Peter Korsgaard <[email protected]>
Change the name from "Micro Python" (two words) to "MicroPython" (camelcase), to match the official website and documentation. Signed-off-by: J. Neuschäfer <[email protected]> Signed-off-by: Thomas Petazzoni <[email protected]> (cherry picked from commit 161c25a) Signed-off-by: Peter Korsgaard <[email protected]>
unbound unconditionally calls the (deprecated) ENGINE_* logic in libopenssl resulting in a build failure when !BR2_PACKAGE_LIBOPENSSL_ENGINES since commit 623d3bb: sldns/keyraw.c:167:35: error: 'ENGINE_METHOD_ALL' undeclared (first use in this function) 167 | if(!ENGINE_set_default(e, ENGINE_METHOD_ALL)) { | ^~~~~~~~~~~~~~~~~ Fixes: 623d3bb - http://autobuild.buildroot.org/results/b7782f5ba54543df53a835552632f58d4ad6c082 Signed-off-by: Fabrice Fontaine <[email protected]> Signed-off-by: Thomas Petazzoni <[email protected]> (cherry picked from commit ec7ae88) Signed-off-by: Peter Korsgaard <[email protected]>
See here for a Changelog: https://openldap.org/software/release/changes_lts.html Signed-off-by: Waldemar Brodkorb <[email protected]> Signed-off-by: Thomas Petazzoni <[email protected]> (cherry picked from commit 61ad551) Signed-off-by: Peter Korsgaard <[email protected]>
Building with GCC 14 fails at the configure step with: ./configure: error: libatomic_ops library was not found. The error is not caused by a missing library, but by an unrelated "incompatible pointer type" error in the test program: ... checking for atomic_ops library objs/autotest.c: In function 'main': objs/autotest.c:9:48: error: passing argument 1 of 'AO_compare_and_swap' from incompatible pointer type [-Wincompatible-pointer-types] This used to be a warning, but it is an error since GCC 14.[1] Fix this by patching the test program in order to use the correct pointer types. Fixes: http://autobuild.buildroot.net/results/a3d/a3d8c6fd631b31e272e4d8cc6c3318f2e4151882 [1] https://gcc.gnu.org/gcc-14/porting_to.html#incompatible-pointer-types Signed-off-by: Edgar Bonet <[email protected]> Signed-off-by: Arnout Vandecappelle <[email protected]> (cherry picked from commit 7d249da) Signed-off-by: Peter Korsgaard <[email protected]>
See here for a Changelog and CVE's: http://nginx.org/en/CHANGES-1.26 Patch 0006 is no longer required as the openssl library is found without this patch, which does not apply anymore. Patch 0009 is no longer required as it was fixed in another way upstream: https://hg.nginx.org/nginx/rev/fb989e24c60a Patch 0011 is upstream: https://hg.nginx.org/nginx/rev/f58b6f636238 Reorder the remaining patches and update .checkpackageignore accordingly. The LICENSE file is changed, the year changed from 2022 to 2024. Signed-off-by: Waldemar Brodkorb <[email protected]> Signed-off-by: Thomas Petazzoni <[email protected]> (cherry picked from commit 761259c) Signed-off-by: Peter Korsgaard <[email protected]>
For change log since v2.3.5, see: - https://github.com/FluidSynth/fluidsynth/releases/tag/v2.3.6 Signed-off-by: Julien Olivain <[email protected]> Signed-off-by: Thomas Petazzoni <[email protected]> (cherry picked from commit f9f2ade) Signed-off-by: Peter Korsgaard <[email protected]>
Signed-off-by: Adrian Perez de Castro <[email protected]> Signed-off-by: Thomas Petazzoni <[email protected]> (cherry picked from commit 03505e3) Signed-off-by: Peter Korsgaard <[email protected]>
…anges" This didn't work out as planned, neither the restriction of muting unregistered users, nor the exception for matrix users worked as planned. The channel mode has been reverted to +R (meaning only registered users are allowed to join) and an exception for *that* has been introduced for matrix users via +e. The channel modes are documented in [1]. [1] https://www.oftc.net/ChannelModes/ This reverts commit d1e6d78. Signed-off-by: Marcus Hoffmann <[email protected]> Signed-off-by: Thomas Petazzoni <[email protected]> (cherry picked from commit bede54c) Signed-off-by: Peter Korsgaard <[email protected]>
With BR2_SHARED_STATIC_LIBS=y, the generic infrastructure adds a --enable-static flags causing htop to be built as a static binary. Adding a --disable-static reverts this. This will fix the following build failure with hwloc raised since bump to version 3.3.0 in commit 0924318 and htop-dev/htop@c8a6185: /home/autobuild/autobuild/instance-3/output-1/host/bin/mipsel-buildroot-linux-gnu-gcc -std=c99 -pedantic -D_DEFAULT_SOURCE -D_XOPEN_SOURCE=600 -I/home/autobuild/autobuild/instance-3/output-1/host/mipsel-buildroot-linux-gnu/sysroot/usr/bin/../../usr/include -I/home/autobuild/autobuild/instance-3/output-1/host/bin/../mipsel-buildroot-linux-gnu/sysroot/usr/include/libxml2 -Wall -Wcast-align -Wcast-qual -Wextra -Wfloat-equal -Wformat=2 -Winit-self -Wmissing-format-attribute -Wmissing-noreturn -Wmissing-prototypes -Wpointer-arith -Wshadow -Wstrict-prototypes -Wundef -Wunused -Wwrite-strings -Wnull-dereference -D_XOPEN_SOURCE_EXTENDED -DSYSCONFDIR="\"/etc\"" -I"./linux" -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -Os -g0 -D_FORTIFY_SOURCE=2 -static -rdynamic -static -o htop htop.o Action.o Affinity.o AffinityPanel.o AvailableColumnsPanel.o AvailableMetersPanel.o BatteryMeter.o CategoriesPanel.o ClockMeter.o ColorsPanel.o ColumnsPanel.o CommandLine.o CommandScreen. o Compat.o CPUMeter.o CRT.o DateMeter.o DateTimeMeter.o DiskIOMeter.o DisplayOptionsPanel.o DynamicColumn.o DynamicMeter.o DynamicScreen.o EnvScreen.o FileDescriptorMeter.o FunctionBar.o Hashtable.o Header.o HeaderOptionsPanel.o HostnameMeter.o IncSet.o InfoScreen.o ListItem.o LoadAverageMeter.o Machine.o MainPanel.o MemoryMeter.o MemorySwapMeter.o Meter.o MetersPanel.o NetworkIOMeter.o Object.o OpenFilesScreen.o OptionItem.o Panel.o Process.o ProcessLocksScreen.o ProcessTable.o Row.o RichString.o Scheduling.o ScreenManager.o ScreensPanel.o ScreenTabsPanel.o Settings.o SignalsPanel.o SwapMeter.o SysArchMeter.o Table.o TasksMeter.o TraceScreen.o UptimeMeter.o UsersTable.o Vector.o XUtils.o generic/gettime.o generic/hostname.o generic/uname.o linux/CGroupUtils.o linux/HugePageMeter.o linux/IOPriorityPanel.o linux/LibSensors.o linux/LinuxMachine.o linux/LinuxProcess.o linux/LinuxProcessTable.o linux/Platform.o linux/PressureStallMeter.o linux/SELinuxMeter.o linux/SystemdMeter.o linux/Z ramMeter.o zfs/ZfsArcMeter.o zfs/ZfsCompressedArcMeter.o -lcap -llzma -L/home/autobuild/autobuild/instance-3/output-1/host/mipsel-buildroot-linux-gnu/sysroot/usr/bin/../../usr/lib -lncurses -lm -L/home/autobuild/autobuild/instance-3/output-1/host/bin/../mipsel-buildroot-linux-gnu/sysroot/usr/lib -lhwloc /home/autobuild/autobuild/instance-3/output-1/host/lib/gcc/mipsel-buildroot-linux-gnu/12.3.0/../../../../mipsel-buildroot-linux-gnu/bin/ld: Action.o: in function `Action_setUserOnly': Action.c:(.text+0x2490): warning: Using 'getpwnam' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking /home/autobuild/autobuild/instance-3/output-1/host/lib/gcc/mipsel-buildroot-linux-gnu/12.3.0/../../../../mipsel-buildroot-linux-gnu/bin/ld: Settings.o: in function `Settings_new': Settings.c:(.text+0x2dd0): warning: Using 'getpwuid' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking /home/autobuild/autobuild/instance-3/output-1/host/lib/gcc/mipsel-buildroot-linux-gnu/12.3.0/../../../../mipsel-buildroot-linux-gnu/bin/ld: /home/autobuild/autobuild/instance-3/output-1/host/mipsel-buildroot-linux-gnu/sysroot/usr/bin/../../usr/lib/libhwloc.a(topology-xml-libxml.o): in function `hwloc_libxml_free_buffer': topology-xml-libxml.c:(.text+0x2c): undefined reference to `xmlFree' Fixes: - http://autobuild.buildroot.org/results/04bd5633750ff5cef048ea78c9de043d3ffcfa32 Signed-off-by: Fabrice Fontaine <[email protected]> Signed-off-by: Thomas Petazzoni <[email protected]> (cherry picked from commit 21f312a) Signed-off-by: Peter Korsgaard <[email protected]>
Commit 9696d27 "package/gpsd: condition python stuff to the proper kconfig option" changed the condition in which the gpsd python scripts are installed. After that change, the "gpsfake" command (which is a python script) is no longer found and the runtime test is failing. This commit fixes the issue by reflecting the change in the runtime test Buildroot configuration. Signed-off-by: Julien Olivain <[email protected]> Signed-off-by: Thomas Petazzoni <[email protected]> (cherry picked from commit b6f4d79) Signed-off-by: Peter Korsgaard <[email protected]>
Django 5.0.7 fixes the following CVEs: * CVE-2024-38875: Potential denial-of-service vulnerability in django.utils.html.urlize() * CVE-2024-39329: Username enumeration through timing difference for users with unusable passwords * CVE-2024-39330: Potential directory-traversal via Storage.save() * CVE-2024-39614: Potential denial-of-service vulnerability in get_supported_language_variant() Django 5.0.8 fixes the following CVEs: * CVE-2024-41989: Memory exhaustion in django.utils.numberformat.floatformat() * CVE-2024-41990: Potential denial-of-service vulnerability in django.utils.html.urlize() * CVE-2024-41991: Potential denial-of-service vulnerability in django.utils.html.urlize() and AdminURLFieldWidget * CVE-2024-42005: Potential SQL injection in QuerySet.values() and values_list() Further release Notes: https://docs.djangoproject.com/en/5.0/releases/ Signed-off-by: Marcus Hoffmann <[email protected]> Signed-off-by: Thomas Petazzoni <[email protected]> (cherry picked from commit f777ce1) Signed-off-by: Peter Korsgaard <[email protected]>
Signed-off-by: Giulio Benetti <[email protected]> Signed-off-by: Thomas Petazzoni <[email protected]> (cherry picked from commit 7c56e71) Signed-off-by: Peter Korsgaard <[email protected]>
Signed-off-by: Giulio Benetti <[email protected]> Signed-off-by: Thomas Petazzoni <[email protected]> (cherry picked from commit eea735b) Signed-off-by: Peter Korsgaard <[email protected]>
<[email protected]>: host aspmx.l.google.com[2a00:1450:400c:c07::1a] said: 550-5.2.1 The email account that you tried to reach is inactive. For more 550-5.2.1 information, go to 550 5.2.1 https://support.google.com/mail/?p=DisabledUser ffacd0b85a97d-36bbd075381si7797549f8f.548 - gsmtp (in reply to RCPT TO command) Signed-off-by: Thomas Petazzoni <[email protected]> (cherry picked from commit 53116d0) Signed-off-by: Peter Korsgaard <[email protected]>
Signed-off-by: José Luis Salvador Rufo <[email protected]> Signed-off-by: Thomas Petazzoni <[email protected]> (cherry picked from commit 08edb3c) Signed-off-by: Peter Korsgaard <[email protected]>
Fixes runtime error: dlopen: /usr/lib/mjpg-streamer/input_uvc.so: undefined symbol: resolutions_help Patch was suggested by Thomas: http://lists.busybox.net/pipermail/buildroot/2024-August/759732.html Signed-off-by: Bernd Kuhls <[email protected]> Signed-off-by: Thomas Petazzoni <[email protected]> (cherry picked from commit fdbc8d9) Signed-off-by: Peter Korsgaard <[email protected]>
Fixes: http://autobuild.buildroot.net/results/e613fc777051be6325d7e3c088d5f723fab518fa/ Signed-off-by: J. Neuschäfer <[email protected]> Signed-off-by: Thomas Petazzoni <[email protected]> (cherry picked from commit 2a700617cc1aa14deb9f4e4f5c63e19c77901389) Signed-off-by: Peter Korsgaard <[email protected]>
Release notes - https://github.com/esnet/iperf/releases/tag/3.16 Signed-off-by: Kadambini Nema <[email protected]> Signed-off-by: Peter Korsgaard <[email protected]> (cherry picked from commit 9f94b3b) Signed-off-by: Peter Korsgaard <[email protected]>
Commit 9f94b3b "package/iperf3: bump to version 3.16" updated the package but forgot to reflect a breaking change mentioned in the release note [1], "iperf3 now requires pthreads and C atomic variables to compile and run". When the toolchain has no atomic support, or the libatomic is not added in the linker flags, the compilation now fail with output: arm-buildroot-linux-gnueabi/bin/ld: ./.libs/libiperf.so: undefined reference to '__atomic_load_8' This issue can be seen when running the iperf3 runtime test, with command: support/testing/run-tests \ -d dl -o output_test \ tests.package.test_iperf3 This commit fixes the issue by adding a dependency on BR2_TOOLCHAIN_HAS_ATOMIC and by adding an upstream patch to detect if linking to libatomic is needed. Fixes: [2] [1] https://github.com/esnet/iperf/releases/tag/3.16 [2] https://gitlab.com/buildroot.org/buildroot/-/jobs/6466933622 Signed-off-by: Julien Olivain <[email protected]> Signed-off-by: Yann E. MORIN <[email protected]> (cherry picked from commit f10488a) Signed-off-by: Peter Korsgaard <[email protected]>
Removed patch which is included in this release, autoreconf is not needed anymore. Updated license hash due to copyright year bump: esnet/iperf@7b94705 Fixes CVE-2024-26306. Release notes: https://github.com/esnet/iperf/releases/tag/3.17.1 https://github.com/esnet/iperf/releases/tag/3.17 Signed-off-by: Bernd Kuhls <[email protected]> Signed-off-by: Thomas Petazzoni <[email protected]> (cherry picked from commit 9d9a0db3d8b471ccf1721312450337ff53ed4a35) Signed-off-by: Peter Korsgaard <[email protected]>
Version 3.8.4 fixes CVE-2024-28834 & CVE-2024-28835. Release notes: 3.8.4: https://lists.gnupg.org/pipermail/gnutls-help/2024-March/004845.html 3.8.5: https://lists.gnupg.org/pipermail/gnutls-help/2024-April/004846.html 3.8.6: https://lists.gnupg.org/pipermail/gnutls-help/2024-July/004848.html Signed-off-by: Bernd Kuhls <[email protected]> Signed-off-by: Thomas Petazzoni <[email protected]> (cherry picked from commit 904acfc41e1464848daf0240251e7701954c4918) Signed-off-by: Peter Korsgaard <[email protected]>
The download and homepage URL for this project have been updated. The old site no longer works. Signed-off-by: Waldemar Brodkorb <[email protected]> Signed-off-by: Thomas Petazzoni <[email protected]> (cherry picked from commit 2a547e2c424ac08d8741dc557aee968f1b659735) Signed-off-by: Peter Korsgaard <[email protected]>
Fixes: http://autobuild.buildroot.net/results/94fd27ea48c4128033ad10cf0dc5dba3f5d97a02/ Commit 4aff9fa (package/am335x-pru-package: fix download issue) updated the filename and hash of the package, but something went wrong when adjusting the hash for 2024.02.x. Investigating the local tarball shows that the permissions in the tarball were were wrong: diffoscope old-dl/am335x-pru-package/am335x-pru-package-5f374*-br1.tar.gz \ dl/am335x-pru-package/am335x-pru-package-5f374*-br1.tar.gz | \ grep 96/.gitignore │ │ --rw-rw-rw- 0 0 0 199 2016-02-10 20:56:25.000000 am335x-pru-package-5f374ad57cc195f28bf5e585c3d446aba6ee7096/.gitignore │ │ +-rw-r--r-- 0 0 0 199 2016-02-10 20:56:25.000000 am335x-pru-package-5f374ad57cc195f28bf5e585c3d446aba6ee7096/.gitignore And indeed, the file does have mode 666 in the git repo: ls -lah old-dl/am335x-pru-package/git/.gitignore -rw-rw-rw- 1 peko peko 199 Aug 31 18:16 old-dl/am335x-pru-package/git/.gitignore It is unclear how this happened, maybe an issue with switching between master/2024.05.x/2024.02.x. Adjust the hash to match what is should have been instead. Signed-off-by: Peter Korsgaard <[email protected]>
Signed-off-by: Peter Korsgaard <[email protected]>
Release 2024.02.6
After update to v4.0.4, props-ng build fails on linker error if If BR2_PACKAGE_SYSTEMD is enabled: /build/output/host/lib/gcc/x86_64-buildroot-linux-gnu/12.4.0/../../../../x86_64-buildroot-linux-gnu/bin/ld: src/w.o: undefined reference to symbol 'sd_session_get_uid@@LIBSYSTEMD_209' /build/output/host/lib/gcc/x86_64-buildroot-linux-gnu/12.4.0/../../../../x86_64-buildroot-linux-gnu/bin/ld: /build/output/host/x86_64-buildroot-linux-gnu/sysroot/lib64/libsystemd.so.0: error adding symbols: DSO missing from command line collect2: error: ld returned 1 exit status Add lsystemd to configure arguments if systemd is enabled to fix this. Signed-off-by: Jan Čermák <[email protected]>
agners
approved these changes
Sep 12, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Package updates related to HAOS config:
d59d09a is needed to fix props-ng build.