<feed xmlns='http://www.w3.org/2005/Atom'>
<title>buildroot/package, branch 2018.02.1</title>
<subtitle>OpenPOWER buildroot sources</subtitle>
<id>https://git.raptorcs.com/git/buildroot/atom?h=2018.02.1</id>
<link rel='self' href='https://git.raptorcs.com/git/buildroot/atom?h=2018.02.1'/>
<link rel='alternate' type='text/html' href='https://git.raptorcs.com/git/buildroot/'/>
<updated>2018-04-09T19:01:30+00:00</updated>
<entry>
<title>patch: add upstream security fix</title>
<updated>2018-04-09T19:01:30+00:00</updated>
<author>
<name>Baruch Siach</name>
<email>baruch@tkos.co.il</email>
</author>
<published>2018-04-09T16:20:36+00:00</published>
<link rel='alternate' type='text/html' href='https://git.raptorcs.com/git/buildroot/commit/?id=c3e1d9849a72495f799b007260bbcdc61fc78da3'/>
<id>urn:sha1:c3e1d9849a72495f799b007260bbcdc61fc78da3</id>
<content type='text'>
Fixes CVE-2018-1000156: arbitrary command execution in ed-style patches.

Depend on MMU for now, because the patch adds a fork() call. Upstream
later switched to gnulib provided execute(), so this dependency can be
dropped on the next version bump.

Signed-off-by: Baruch Siach &lt;baruch@tkos.co.il&gt;
Signed-off-by: Thomas Petazzoni &lt;thomas.petazzoni@bootlin.com&gt;
(cherry picked from commit f4a4df2084b923f29eca2130976ca10a7aa6b719)
Signed-off-by: Peter Korsgaard &lt;peter@korsgaard.com&gt;
</content>
</entry>
<entry>
<title>package/kmod: fix host install</title>
<updated>2018-04-09T15:51:04+00:00</updated>
<author>
<name>Yann E. MORIN</name>
<email>yann.morin.1998@free.fr</email>
</author>
<published>2018-04-08T08:11:51+00:00</published>
<link rel='alternate' type='text/html' href='https://git.raptorcs.com/git/buildroot/commit/?id=34b8a1c5bcb7523f7f125f3b558d8cb1872cdf66'/>
<id>urn:sha1:34b8a1c5bcb7523f7f125f3b558d8cb1872cdf66</id>
<content type='text'>
The host directory no longer uses /usr.

This currently works because we still have the  legacy /usr
symlink, but for correctness it is better that we just fix it.

Signed-off-by: "Yann E. MORIN" &lt;yann.morin.1998@free.fr&gt;
Cc: Yegor Yefremov &lt;yegorslists@googlemail.com&gt;
Cc: Arnout Vandecappelle &lt;arnout@mind.be&gt;
Cc: Thomas Petazzoni &lt;thomas.petazzoni@bootlin.com&gt;
Cc: Peter Korsgaard &lt;peter@korsgaard.com&gt;
Signed-off-by: Thomas Petazzoni &lt;thomas.petazzoni@bootlin.com&gt;
(cherry picked from commit dac25351e6453b35ded611ff367b95bb4b10a9cf)
Signed-off-by: Peter Korsgaard &lt;peter@korsgaard.com&gt;
</content>
</entry>
<entry>
<title>php: fix emalloc/efree/estrdup/... undefined references</title>
<updated>2018-04-09T15:49:03+00:00</updated>
<author>
<name>Thomas Petazzoni</name>
<email>thomas.petazzoni@bootlin.com</email>
</author>
<published>2018-04-05T21:06:22+00:00</published>
<link rel='alternate' type='text/html' href='https://git.raptorcs.com/git/buildroot/commit/?id=d44357175bd7c711c54fd6c2df5637a181c1d03b'/>
<id>urn:sha1:d44357175bd7c711c54fd6c2df5637a181c1d03b</id>
<content type='text'>
zend_alloc.h defines some macros such as:

Where _estrdup is the actual function implemented by the PHP core. If
this header file is not included, and some code uses estrdup, one ends
up with an undefined reference. This happens when libexpat support is
enabled. This commit adds a PHP patch that fixes this issue. The patch
has been submitted upstream through a Github pull request.

Fixes:

  http://autobuild.buildroot.net/results/889d2c1f509c035cd506e36061939bfddc8f1500/

Signed-off-by: Thomas Petazzoni &lt;thomas.petazzoni@bootlin.com&gt;
(cherry picked from commit fc4b66dbc1b71e871129ce14b289fcda6eb3ea10)
Signed-off-by: Peter Korsgaard &lt;peter@korsgaard.com&gt;
</content>
</entry>
<entry>
<title>wireshark: bump version to 2.2.14 (security)</title>
<updated>2018-04-09T15:39:37+00:00</updated>
<author>
<name>André Hentschel</name>
<email>nerv@dawncrow.de</email>
</author>
<published>2018-04-07T12:59:03+00:00</published>
<link rel='alternate' type='text/html' href='https://git.raptorcs.com/git/buildroot/commit/?id=dd730312e509ab40c3ebcc18a121a2aa637be184'/>
<id>urn:sha1:dd730312e509ab40c3ebcc18a121a2aa637be184</id>
<content type='text'>
Security fixes since 2.2.12:

- wnpa-sec-2018-15
  The MP4 dissector could crash. (Bug 13777)
- wnpa-sec-2018-16
  The ADB dissector could crash. (Bug 14460)
- wnpa-sec-2018-17
  The IEEE 802.15.4 dissector could crash. (Bug 14468)
- wnpa-sec-2018-18
  The NBAP dissector could crash. (Bug 14471)
- wnpa-sec-2018-19
  The VLAN dissector could crash. (Bug 14469)
- wnpa-sec-2018-20
  The LWAPP dissector could crash. (Bug 14467)
- wnpa-sec-2018-23
  The Kerberos dissector could crash. (Bug 14576)
- wnpa-sec-2018-05
  The IEEE 802.11 dissector could crash. Bug 14442, CVE-2018-7335
- wnpa-sec-2018-06
  Multiple dissectors could go into large infinite loops. All ASN.1 BER dissectors (Bug 14444), along with the DICOM (Bug 14411), DMP (Bug 14408), LLTD (Bug 14419), OpenFlow (Bug 14420), RELOAD (Bug 14445), RPCoRDMA (Bug 14449), RPKI-Router (Bug 14414), S7COMM (Bug 14423), SCCP (Bug 14413), Thread (Bug 14428), Thrift (Bug 14379), USB (Bug 14421), and WCCP (Bug 14412) dissectors were susceptible.
- wnpa-sec-2018-07
  The UMTS MAC dissector could crash. Bug 14339, CVE-2018-7334
- wnpa-sec-2018-09
  The FCP dissector could crash. Bug 14374, CVE-2018-7336
- wnpa-sec-2018-10
  The SIGCOMP dissector could crash. Bug 14398, CVE-2018-7320
- wnpa-sec-2018-11
  The pcapng file parser could crash. Bug 14403, CVE-2018-7420
- wnpa-sec-2018-12
  The IPMI dissector could crash. Bug 14409, CVE-2018-7417
- wnpa-sec-2018-13
  The SIGCOMP dissector could crash. Bug 14410, CVE-2018-7418
-  wnpa-sec-2018-14
  The NBAP disssector could crash. Bug 14443, CVE-2018-7419

Full release notes:

  https://www.wireshark.org/docs/relnotes/wireshark-2.2.14.html

Signed-off-by: André Hentschel &lt;nerv@dawncrow.de&gt;
Signed-off-by: Thomas Petazzoni &lt;thomas.petazzoni@bootlin.com&gt;
(cherry picked from commit c5c87c2bb61efb31421b345bdbf6931b882ff6a9)
Signed-off-by: Peter Korsgaard &lt;peter@korsgaard.com&gt;
</content>
</entry>
<entry>
<title>linux-headers: bump 4.{4, 9, 14, 15}.x series</title>
<updated>2018-04-08T19:37:27+00:00</updated>
<author>
<name>Fabio Estevam</name>
<email>festevam@gmail.com</email>
</author>
<published>2018-04-08T14:00:51+00:00</published>
<link rel='alternate' type='text/html' href='https://git.raptorcs.com/git/buildroot/commit/?id=3ffe4ab54ea1c405b67af7aa42583a57e0322d3e'/>
<id>urn:sha1:3ffe4ab54ea1c405b67af7aa42583a57e0322d3e</id>
<content type='text'>
Signed-off-by: Fabio Estevam &lt;festevam@gmail.com&gt;
Signed-off-by: Peter Korsgaard &lt;peter@korsgaard.com&gt;
(cherry picked from commit 2661d47425f866cf56617d2928b6b96566db8de4)
Signed-off-by: Peter Korsgaard &lt;peter@korsgaard.com&gt;
</content>
</entry>
<entry>
<title>php: fix how PCRE JIT is disabled</title>
<updated>2018-04-08T19:31:44+00:00</updated>
<author>
<name>Thomas Petazzoni</name>
<email>thomas.petazzoni@bootlin.com</email>
</author>
<published>2018-04-06T08:54:03+00:00</published>
<link rel='alternate' type='text/html' href='https://git.raptorcs.com/git/buildroot/commit/?id=50f01475aaa9115cbe91d0bbdd5e81be0be5e22e'/>
<id>urn:sha1:50f01475aaa9115cbe91d0bbdd5e81be0be5e22e</id>
<content type='text'>
When the internal PCRE library of PHP is used, it tries to use a JIT
engine, which is only available on some architectures.

However, the mechanism used to disable JIT has changed in recent PHP
versions, and it now has a proper --without-pcre-jit option. Switch
over to that to properly disable JIT on unsupported platforms.

It has been tested to fix the build of PHP on ARC and Microblaze.

Fixes:

  http://autobuild.buildroot.net/results/e1359fcad7bc57e3c5a7ecc37abaa2cf6a6a9ffa/

Signed-off-by: Thomas Petazzoni &lt;thomas.petazzoni@bootlin.com&gt;
(cherry picked from commit 9850612ea5e9fc9c377d11ec9c2930bfd812754a)
Signed-off-by: Peter Korsgaard &lt;peter@korsgaard.com&gt;
</content>
</entry>
<entry>
<title>postgresql: propagate BR2_USE_MMU dependency to Config.in comment</title>
<updated>2018-04-08T19:28:49+00:00</updated>
<author>
<name>Thomas Petazzoni</name>
<email>thomas.petazzoni@bootlin.com</email>
</author>
<published>2018-04-05T07:34:35+00:00</published>
<link rel='alternate' type='text/html' href='https://git.raptorcs.com/git/buildroot/commit/?id=a22cbc2371f5d602fa00ac9302f4fa562fff575b'/>
<id>urn:sha1:a22cbc2371f5d602fa00ac9302f4fa562fff575b</id>
<content type='text'>
The BR2_PACKAGE_POSTGRESQL option depends on BR2_USE_MMU, so the
Config.in comment about the dynamic library dependency should only be
displayed if the BR2_USE_MMU requirement is met.

Signed-off-by: Thomas Petazzoni &lt;thomas.petazzoni@bootlin.com&gt;
(cherry picked from commit 9fec3eb9131dba46cbf8474a7def05a076990079)
Signed-off-by: Peter Korsgaard &lt;peter@korsgaard.com&gt;
</content>
</entry>
<entry>
<title>qt5base: correct eglfs support in qmake.conf.in</title>
<updated>2018-04-08T19:27:04+00:00</updated>
<author>
<name>Giulio Benetti</name>
<email>giulio.benetti@micronovasrl.com</email>
</author>
<published>2017-11-13T18:41:54+00:00</published>
<link rel='alternate' type='text/html' href='https://git.raptorcs.com/git/buildroot/commit/?id=2ebb06c8ee752f4052f588087826e5aa8a9972dc'/>
<id>urn:sha1:2ebb06c8ee752f4052f588087826e5aa8a9972dc</id>
<content type='text'>
Setting EGLFS_DEVICE_INTEGRATION at the end of qmake.conf like is done
by commit 0c219ddb8a doesn't work correctly: it has to be set before the
include(../common/linux_device_post.conf)

Instead of appending to the file, change it into a qmake.conf.in
template file that contains a placeholder for the
EGLFS_DEVICE_INTEGRATION assignment and update it with sed. Since the
sed always has to be executed, this removes the need for a separate
QT5BASE_CONFIGURE_QMAKE_CONFIG definition.

Signed-off-by: Giulio Benetti &lt;giulio.benetti@micronovasrl.com&gt;
[Arnout: simplify the replacement, move sunxi-mali support to a
 separate patch]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) &lt;arnout@mind.be&gt;

(cherry picked from commit 81fb33af2a6e4f4d379da3372b2a607b7ae1a21f)
Signed-off-by: Peter Korsgaard &lt;peter@korsgaard.com&gt;
</content>
</entry>
<entry>
<title>python-webpy: use webpy-0.39 tag</title>
<updated>2018-04-08T19:26:23+00:00</updated>
<author>
<name>Peter Korsgaard</name>
<email>peter@korsgaard.com</email>
</author>
<published>2018-04-05T06:42:15+00:00</published>
<link rel='alternate' type='text/html' href='https://git.raptorcs.com/git/buildroot/commit/?id=9a095026c17a10e3e474d94674f6501afd54c5eb'/>
<id>urn:sha1:9a095026c17a10e3e474d94674f6501afd54c5eb</id>
<content type='text'>
No functional change, but upstream has now tagged the release, so use the
tag instead of the sha1.

https://github.com/webpy/webpy/issues/449

Signed-off-by: Peter Korsgaard &lt;peter@korsgaard.com&gt;
(cherry picked from commit 01320bb9ff297bac38a4c9bc32ae505ac79d600f)
Signed-off-by: Peter Korsgaard &lt;peter@korsgaard.com&gt;
</content>
</entry>
<entry>
<title>python-webpy: security bump to version 0.39</title>
<updated>2018-04-08T19:26:12+00:00</updated>
<author>
<name>Peter Korsgaard</name>
<email>peter@korsgaard.com</email>
</author>
<published>2018-04-04T15:51:32+00:00</published>
<link rel='alternate' type='text/html' href='https://git.raptorcs.com/git/buildroot/commit/?id=dec4e2d0e8416533343284366e816fa418b33d94'/>
<id>urn:sha1:dec4e2d0e8416533343284366e816fa418b33d94</id>
<content type='text'>
&gt;From the changelog:

2018-02-28 0.39
* Fixed a security issue with the form module (tx Orange Tsai)
* Fixed a security issue with the db module (tx Adrián Brav and Orange Tsai)

2016-07-08 0.38
..
* Fixed a potential remote exeution risk in `reparam` (tx Adrián Brav)

License files are still not included on pypi, so continue to use the git
repo. Upstream has unfortunately not tagged 0.39, so use the latest commit
on the 0.39 branch.  A request to fix this has been submitted:

https://github.com/webpy/webpy/issues/449

0.39 now uses setuptools, so change the _SETUP_TYPE.

Add hashes for the license files.

Signed-off-by: Peter Korsgaard &lt;peter@korsgaard.com&gt;
Signed-off-by: Thomas Petazzoni &lt;thomas.petazzoni@bootlin.com&gt;
(cherry picked from commit ce559162fca39c273583bea0dbed643229769d8c)
Signed-off-by: Peter Korsgaard &lt;peter@korsgaard.com&gt;
</content>
</entry>
</feed>
