OpenPOWER buildroot sources https://git.raptorcs.com/git/buildroot/atom?h=2016.08 2016-08-01T20:11:31+00:00 2016-08-01T20:11:31+00:00 Vicente Olivert Riera Vincent.Riera@imgtec.com 2016-08-01T13:19:37+00:00 urn:sha1:b0e524be37856dc433b48103cf17ac6f8983445f Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> 2016-07-24T19:44:22+00:00 Waldemar Brodkorb wbx@openadk.org 2016-07-11T14:35:14+00:00 urn:sha1:3c93901bcd2f77232581ca82a3a5f741aa9e6345 uClibc-ng does not support PIE for some architectures as arc and m68k. It isn't implemented in the static linking case, too. With musl toolchains you might have static PIE support with little patching of gcc. Static linking for GNU libc isn't enabled in buildroot. Fixup any package using special treatment of PIE. (grep -ir pie package/*/*.mk) Signed-off-by: Waldemar Brodkorb <wbx@openadk.org> [Thomas: use positive logic.] Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> 2016-03-10T19:49:57+00:00 Gustavo Zacarias gustavo@zacarias.com.ar 2016-03-10T18:34:28+00:00 urn:sha1:55a94ec8936571df586d4f53ffc1355c651a63d3 Fixes: CVE-2016-3115 - sanitise X11 authentication credentials to avoid xauth command injection when X11Forwarding is enabled. Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Peter Korsgaard <peter@korsgaard.com> 2016-02-29T20:45:32+00:00 Gustavo Zacarias gustavo@zacarias.com.ar 2016-02-29T11:59:32+00:00 urn:sha1:0c62637bdd473236d50ec459c9074ad8a8834129 Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> 2016-01-14T19:13:57+00:00 Gustavo Zacarias gustavo@zacarias.com.ar 2016-01-14T17:55:43+00:00 urn:sha1:2ff0e32e254e3ee6d96f6b13b7bf182b4e1def73 Fixes: CVE-2016-0777 - Client Information leak from use of roaming connection feature. CVE-2016-0778 - A buffer overflow flaw was found in the way the OpenSSH client roaming feature was implemented. A malicious server could potentially use this flaw to execute arbitrary code on a successfully authenticated OpenSSH client if that client used certain non-default configuration options. Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Reviewed-by: James Knight <james.knight@rockwellcollins.com> Tested-by: James Knight <james.knight@rockwellcollins.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com> 2015-10-03T22:56:41+00:00 Maxime Hadjinlian maxime.hadjinlian@gmail.com 2015-10-03T21:29:57+00:00 urn:sha1:0f75b2635ee564fbbdb9ea631cf39fa8731d6d6c 'echo -n' is not a POSIX construct (no flag support), we shoud use 'printf', especially in init script. This patch was generated by the following command line: git grep -l 'echo -n' -- `git ls-files | grep -v 'patch'` | xargs sed -i 's/echo -n/printf/' Signed-off-by: Maxime Hadjinlian <maxime.hadjinlian@gmail.com> Reviewed-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be> Signed-off-by: Peter Korsgaard <peter@korsgaard.com> 2015-08-29T08:43:52+00:00 Waldemar Brodkorb wbx@openadk.org 2015-08-29T07:46:35+00:00 urn:sha1:7bc51f85ae35cf6d60e1622a0df5bf03ae494e39 PIE and static doesn't work on Linux. Fixes: http://autobuild.buildroot.net/results/dce/dce0202e039f4636d68532c4aab8738938b76650/ Signed-off-by: Waldemar Brodkorb <wbx@openadk.org> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> 2015-08-25T20:41:08+00:00 Gustavo Zacarias gustavo@zacarias.com.ar 2015-08-25T18:53:59+00:00 urn:sha1:0916daeff1056f930736bd4b644aff986b8eb88a Fixes: CVE-2015-6563 - Fixed a privilege separation weakness related to PAM support. CVE-2015-6564 - Fixed a use-after-free bug related to PAM support that was reachable by attackers who could compromise the pre-authentication process for remote code exectuion. CVE-2015-6565 - incorrectly set TTYs to be world-writable. Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Peter Korsgaard <peter@korsgaard.com> 2015-07-18T15:26:07+00:00 Matt Weber matthew.weber@rockwellcollins.com 2015-07-14T20:20:22+00:00 urn:sha1:f5f5bd92df7708d19ac19a9df922739520c707ee [Thomas: in the sed expression, use % as a delimiter instead of /, since the line contains several / that all had to be escaped.] Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com> Reviewed-by: Samuel Martin <s.martin49@gmail.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> 2015-07-02T08:59:22+00:00 Gustavo Zacarias gustavo@zacarias.com.ar 2015-07-01T10:44:32+00:00 urn:sha1:ad460e4930166df9163ab811475de1028d4cc589 Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>