Jose-13 fixed the following security issue:
- CVE-2023-50967: latchset jose through version 11 allows attackers to cause
a denial of service (CPU consumption) via a large p2c (aka PBES2 Count)
value.
https://github.com/latchset/jose/issues/151
In addition, jose-14 worked around another DoS issue related to
decompression:
https://github.com/latchset/jose/pull/157
Drop now upstreamed patches:
- 0001-lib-hsh.c-rename-hsh-local-variable.patch: Upstream as of
3d5b287243
- 0002-man-add-option-to-skip-building-man-pages.patch: Upstream after
getting reworked to use -Ddocs=disabled as of
786b426df0
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
[Julien: remove .checkpackageignore entries to fix check-package errors]
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 394a8fb406)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
The upstream Github repository payden/libwebsock is no longer available,
and its URL now redirects to some completely unrelated software.
We don't know for sure what happened, but at least the package does not
build anymore, because its source code has vanished.
Since no other buildroot package depends on libwebsock, and it hasn't
received any update; let's simply remove it from here.
Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 9f2dbf1486)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Buildroot commit 8f69974c20 switched the
buildsystem of mpv from waf to meson but forgot to remove a patch which
fixed a waf-related build error.
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 942b88e693)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Fixup S20audit to pass shellcheck -oall and check-package. The file now
closely resembles package/busybox/S01syslogd.
Tested with qemu_x86_64_defconfig. start, stop, restart, reload, and rotate
all work with busybox ash shell.
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
[Arnout: remove it from .checkpackageignore]
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
(cherry picked from commit cbabeb5077)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Changes:
Set GDB version number to 15.2.
[gdb/python] Make sure python sys.exit makes gdb exit
[gdb/symtab] Revert "Change handling of DW_TAG_enumeration_type in DWARF scanner"
[gdb/testsuite] Add regression test for PR32158
[gdb/testsuite] Add gdb.dwarf2/enum-type-c++.exp, regression test for PR31900.
gdb-15-branch: Clear the X86_XSTATE_MPX bit in XCRO for x32
Recognize -2 as a tombstone value in .debug_line
[gdb] Handle ^C during disassembly
Mark unavailable bytes of limited-length arrays when allocating contents
gdb/solib-frv: move lm_info object to solib
Fix loading a saved recording
Bump GDB's version number to 15.1.90.DATE-git.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit e40bf89e40)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Changes:
Set GDB version number to 16.3.
gstack: [downstream regression] Output file names and line numbers
Fix build failure for gdbserver's raw_compare self test
Fix gdbserver crashes on SVE/SME-enabled systems
gdb: allow selecting default fg/bg colors in tui mode
gdb: Fix assertion failure when inline frame #0 is duplicated
[gdb/tdep] Rewrite i386_canonicalize_syscall
[gdb/record] Fix out-of-bounds write in aarch64_record_asimd_load_store
gdb/dwarf: save DWARF version in dwarf2_loclist_baton, remove it from dwarf2_per_cu
Fix segfault if target_fileio_read_alloc fails
gdb/tui: use wrefresh if output is not surpressed
[gdb/corefiles] Fix segfault in core_target_open
Bump GDB's version number to 16.2.90.DATE-git.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit b793160964)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
This commit adds BR2_DOWNLOAD_FORCE_CHECK_HASHES=y in the defconfig
and adds custom hash files. The exception entry in .checkpackageignore
is also removed.
Cc: Fabio Estevam <festevam@gmail.com>
Reviewed-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 683681261b)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Restart would regularly fail because it did not wait for the old
process to be gone before starting the new one. Rewrite the script
according to current style to fix that, and add reload support (see
mosquitto docs for limitations of reload).
Signed-off-by: Fiona Klute (WIWA) <fiona.klute@gmx.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 340a4bd4f8)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
This is a corrective release over GDB 16.1, fixing the following issues:
PR build/32578 (cannot build GDB 16.1 out of tree when calling the configure script with a relative path)
PR tui/32592 ([gdb/tui] internal error in tui-winsource.c:340:refresh_window)
PR remote/32593 (Incompatibilities between GDB's and LLDB's 'x' packet implementation)
PR build/32610 (Missing #include file in darwin_nat.c)
None of which is really super important for Buildroot, but at least
we're using the latest without wondering why we're not.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 0a5a0772c2)
PIDFILE was set incorrectly, watchdogd writes its PID file to
/var/run/watchdogd/pid (note the slash), which is not configurable
without patching.
Restructure the rest of the script to match current style while at it.
Signed-off-by: Fiona Klute (WIWA) <fiona.klute@gmx.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
- Bump Linux kernel to v6.12.15, update the hash file and add the
dependency on host-python3.
- Bump the FVP in the readme to version 11.27 build 19.
While at it:
- Rework the readme a bit with explicit build instructions, add a link
to the model binaries running on AArch64 host and update the model
command line to specify Arm v8.0 (as we are building for Cortex-A53).
- Turn on hashes verification and update .checkpackageignore
accordingly.
- Add myself as co-developer for this defconfig.
Signed-off-by: Vincent Stehlé <vincent.stehle@laposte.net>
Cc: Masahiro Yamada <yamada.masahiro@socionext.com>
[Julien: remove "Locally calculated" in linux.hash]
Signed-off-by: Julien Olivain <ju.o@free.fr>
The mimic package hasn't been updated in recent years and
downloading this package is now broken.
This commit removes the mimic package.
Signed-off-by: Thomas Bonnefille <thomas.bonnefille@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add new -DgRPC_BUILD_CODEGEN=OFF config option which is required if
no plugins are enabled.
Drop "add GPR_DISABLE_WRAPPED_MEMCPY" patch which is upstream.
Rebase remaining patches.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Drop the patch, that has been upstreamed as b2359c5c994c (libserialport:
Fix Linux files not compiled in with a toolchain for ucLinux).
Accordingly, drop the now superfluous autoreconf.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Paul Cercueil <paul@crapouillou.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The init script S52netopeer2 has to be renamed to S52netopeer2-server to
match the daemon name. The step to install the init script now uses the
NETOPEER2_PKGDIR variable to reference the directory instead of
explicitly using the "package/netopeer2/" path.
The init script now is removed from the .checkpackageignore file.
Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Now that gdb 16.x has been added, and gdb 15.x made the default, let's
remove support for gdb 13.x.
Aside from the usual removal, we also simplify things a bit as GDB
13.x was the last version that did not require MPFR. As it is now a
mandatory dependencies, things can be simplified.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
Remaining "nios2" strings come from existing patches that
are not removed with along with BR2_nios2 symbol.
Signed-off-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Julien Olivain <ju.o@free.fr>
We are now using cross-ldd instead of prelink-cross, so we can drop
this package.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Romain Naour <romain.naour@smile.fr>
As we're about to remove the DirectFB package, let's drop DirectFB
support in sdl.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
As we're about to remove DirectFB due to it no longer being
maintained, we need to first remove Lite, a toolbox based on DirectFB.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
This will make it easier to edit the patch if needed.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
Switch to:
* Linux LTS 6.12.6
* U-Boot 2024.10
Provide hashes for all above components and enable
BR2_DOWNLOAD_FORCE_CHECK_HASHES.
Signed-off-by: Marcin Niestroj <m.niestroj@grinn-global.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
Switch to:
* Linux LTS 6.12.6
* U-Boot 2024.10
Provide hashes for all above components and enable
BR2_DOWNLOAD_FORCE_CHECK_HASHES.
Signed-off-by: Marcin Niestroj <m.niestroj@grinn-global.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
Switch to:
* Linux LTS 6.12.6
* U-Boot 2024.10
* ATF 2.11
Provide hashes for all above components and enable
BR2_DOWNLOAD_FORCE_CHECK_HASHES.
Increase ext4 rootfs size to fit larger components.
Signed-off-by: Marcin Niestroj <m.niestroj@grinn-global.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
The mongodb package has not been updated in close to 3 years (since commit
49bbf644d4 "package/mongodb: security bump to version 4.2.18") and the
4.2.x series is EOL since April 2023:
https://www.mongodb.com/legal/support-policy/lifecycles
There are no reverse dependencies, so drop the package. If a maintainer
steps up to support it, then (a newer version of) the package can be
re-added later.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
[Julien: remove .checkpackageignore entries to fix check-package errors]
Signed-off-by: Julien Olivain <ju.o@free.fr>
Switch to the new Linux LTS release 6.12.3. Switch to U-Boot 2024.10 and
ATF 2.11. Force check of hashes for Linux kernel, headers, U-Boot, ATF.
Increase ext2 partition size to fit new software versions. Finally, add
BR2_TARGET_UBOOT_NEEDS_GNUTLS option required by new U-Boot.
Signed-off-by: Sergey Matyukevich <geomatsi@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
Switch to the new Linux LTS release 6.12.3 and to U-Boot 2024.10.
Force check of hashes for Linux kernel, headers, U-Boot. Finally,
add BR2_TARGET_UBOOT_NEEDS_GNUTLS option required by new U-Boot.
Signed-off-by: Sergey Matyukevich <geomatsi@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
Switch to the new Linux LTS release 6.12.3 and to U-Boot 2024.10.
Force check of hashes for Linux kernel, headers, U-Boot. Finally,
add BR2_TARGET_UBOOT_NEEDS_GNUTLS option required by new U-Boot.
Signed-off-by: Sergey Matyukevich <geomatsi@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
Switch to the new Linux LTS release 6.12.3 and to the latest U-Boot
2024.10. Add hashes for Linux kernel/headers and U-Boot. Finally,
add BR2_TARGET_UBOOT_NEEDS_GNUTLS option required by new U-Boot.
Signed-off-by: Sergey Matyukevich <geomatsi@gmail.com>
[Julien:
- add BR2_DOWNLOAD_FORCE_CHECK_HASHES=y
- remove .checkpackageignore entry
- change linux.hash comment to use upstream hashes
- add missing BR2_GLOBAL_PATCH_DIR
]
Signed-off-by: Julien Olivain <ju.o@free.fr>
Switch to the new Linux LTS release 6.12.3 and to the latest U-Boot
2024.10. Tune the patch for xr819 interrupts for the new kernel.
Add hashes for Linux kernel/headers and U-Boot. Finally, add
BR2_TARGET_UBOOT_NEEDS_GNUTLS option required by new U-Boot.
Signed-off-by: Sergey Matyukevich <geomatsi@gmail.com>
[Julien:
- add BR2_DOWNLOAD_FORCE_CHECK_HASHES=y
- remove .checkpackageignore entry
- change linux.hash comment to use upstream hashes
]
Signed-off-by: Julien Olivain <ju.o@free.fr>
Switch to extlinux instead of U-Boot boot script.
Remove obsolete entry from the .checkpackageignore file.
Drop custom boot script and genimage config.
Drop unnecessary generic and host configs.
Signed-off-by: Scott Fan <fancp2007@gmail.com>
Signed-off-by: Romain Naour <romain.naour@smile.fr>
