buildroot/package, branch 2019.02-op-build

Initial pass at removing binary-only, unlicensed, and proprietary packages from buildroot tree

2019-09-27T20:57:23+00:00

Note that DAHDI is only being removed due to poor packaging -- it does not require binary firmware on some cards, but the buildroot packaging for it unconditionally pulls in binary-only firmware regardless.

Apply FreeBSD kernel patch from upstream kexec-lite repository

2019-04-29T08:25:42+00:00

package/eudev: Revert change preventing monitor start

2019-04-04T02:58:37+00:00

Commit b1e47be "libudev-monitor.c: fail to monitor udev if udev is not started" causes an internal check to fail if /dev is mounted on devtmpfs. Revert this change to have the udev monitor work again. See https://github.com/gentoo/eudev/issues/172 for discussion. Signed-off-by: Samuel Mendoza-Jonas Signed-off-by: Joel Stanley

localedef: Specify host-make in configure step

2019-04-02T01:52:04+00:00

If the host's make is too old it will also fail in the configure step; use host-make here as well. Signed-off-by: Samuel Mendoza-Jonas Signed-off-by: Joel Stanley

make: Include patch for gl_lstat

2019-04-01T00:18:50+00:00

Include upstream commit 193f1e8 "glob: Do not assume glibc glob internals". Without this if building host-make glibc will fail with the following error if using host-make: >>> glibc glibc-2.28-69-g1e5c5303a522764d7e9d2302a60e4a32cdb902f1 Building host-make/host/bin/host-make -j25 -C host-make/build/glibc-glibc-2.28-69-g1e5c5303a522764d7e9d2302a60e4a32cdb902f1/build host-make/host/bin/host-make -r PARALLELMFLAGS="" -C host-make/build/glibc-glibc-2.28-69-g1e5c5303a522764d7e9d2302a60e4a32cdb902f1 objdir=`pwd` all Segmentation fault (core dumped) Signed-off-by: Samuel Mendoza-Jonas Signed-off-by: Joel Stanley

localedef: Depend on host-make

2019-04-01T00:18:42+00:00

The localedef package builds from glibc-2.28 now so it also requires make >= 4.0. Signed-off-by: Joel Stanley Signed-off-by: Samuel Mendoza-Jonas

Merge tag '2019.02.1' into 2019.02-op-build

2019-04-01T00:13:00+00:00

Signed-off-by: Joel Stanley

{linux, linux-headers}: bump 4.{4, 9, 14, 19, 20}.x / 5.0.x series

2019-03-29T13:48:46+00:00

Notice: 4.20.x is now EOL. Signed-off-by: Peter Korsgaard [Peter: drop 5.0.x bump] (cherry picked from commit 198b4cff10aa7e25bac28b54721638119e8fd1f1) Signed-off-by: Peter Korsgaard

package/glibc: bump version for additional post-2.28 security fixes

2019-03-29T13:44:52+00:00

Fixes the following security vulnerabilities: CVE-2019-6488: On x32, the size_t parameter may be passed in the lower 32 bits of a 64-bit register with with non-zero upper 32 bit. When it happened, accessing the 32-bit size_t value as the full 64-bit register in the assembly string/memory functions would cause a buffer overflow. Reported by H.J. Lu. CVE-2019-7309: x86-64 memcmp used signed Jcc instructions to check size. For x86-64, memcmp on an object size larger than SSIZE_MAX has undefined behavior. On x32, the size_t argument may be passed in the lower 32 bits of the 64-bit RDX register with non-zero upper 32 bits. When it happened with the sign bit of RDX register set, memcmp gave the wrong result since it treated the size argument as zero. Reported by H.J. Lu. CVE-2016-10739: The getaddrinfo function could successfully parse IPv4 addresses with arbitrary trailing characters, potentially leading to data or command injection issues in applications. CVE-2019-9169: Attempted case-insensitive regular-expression match via proceed_next_node in posix/regexec.c leads to heap-based buffer over-read. Reported by Hongxu Chen. Signed-off-by: Peter Korsgaard

package/rdesktop: security bump to version 1.8.4

2019-03-28T10:16:53+00:00

- Switch site to github - Remove second patch (already in version) - Add hash for license file - Fix memory corruption in process_bitmap_data - CVE-2018-8794 - Fix remote code execution in process_bitmap_data - CVE-2018-8795 - Fix remote code execution in process_plane - CVE-2018-8797 - Fix Denial of Service in mcs_recv_connect_response - CVE-2018-20175 - Fix Denial of Service in mcs_parse_domain_params - CVE-2018-20175 - Fix Denial of Service in sec_parse_crypt_info - CVE-2018-20176 - Fix Denial of Service in sec_recv - CVE-2018-20176 - Fix minor information leak in rdpdr_process - CVE-2018-8791 - Fix Denial of Service in cssp_read_tsrequest - CVE-2018-8792 - Fix remote code execution in cssp_read_tsrequest - CVE-2018-8793 - Fix Denial of Service in process_bitmap_data - CVE-2018-8796 - Fix minor information leak in rdpsnd_process_ping - CVE-2018-8798 - Fix Denial of Service in process_secondary_order - CVE-2018-8799 - Fix remote code execution in in ui_clip_handle_data - CVE-2018-8800 - Fix major information leak in ui_clip_handle_data - CVE-2018-20174 - Fix memory corruption in rdp_in_unistr - CVE-2018-20177 - Fix Denial of Service in process_demand_active - CVE-2018-20178 - Fix remote code execution in lspci_process - CVE-2018-20179 - Fix remote code execution in rdpsnddbg_process - CVE-2018-20180 - Fix remote code execution in seamless_process - CVE-2018-20181 - Fix remote code execution in seamless_process_line - CVE-2018-20182 Signed-off-by: Fabrice Fontaine Signed-off-by: Peter Korsgaard (cherry picked from commit 992e84c49ebfdef2fbe2fa3d475e0a388cf59218) Signed-off-by: Peter Korsgaard