The following vulnerabilities have been fixed:
- wnpa-sec-2019-19 Wireshark dissection engine crash. Bug 15778.
Update patches to use the ones merged upstream
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Replace utf-8 NO-BREAK-SPACE (c2 a0) in comment line by simple
ascii space character.
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[Thomas: explain why ENABLE_STATIC=OFF is the right thing]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
- Remove patch (already in version)
- Move package to cmake infrastructure
- --disables-guides option is not avaiable with cmake
- gtk ui is no more available
- QT UI now requires:
- qt5multimedia and qt5svg at build time
- qt5fontconfig, qt5png and udev at runtime
- Add host-python3 dependency
- Add a hook to build host-lemon
- Disable static build (some libraries such as
plugins/3.0/codecs/l16mono.so does not support static building)
- Disable new sdjournal feature (will be enabled in a follow up patch)
Fixes:
- http://autobuild.buildroot.org/results/bdbfd72a5da7e02e85159ee62bf56067adbc8931
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
The following vulnerabilities have been fixed:
- wnpa-sec-2018-51 The Wireshark dissection engine could crash. Bug 14466. CVE-2018-19625.
- wnpa-sec-2018-52 The DCOM dissector could crash. Bug 15130. CVE-2018-19626.
- wnpa-sec-2018-53 The LBMPDM dissector could crash. Bug 15132. CVE-2018-19623.
- wnpa-sec-2018-54 The MMSE dissector could go into an infinite loop. Bug 15250. CVE-2018-19622.
- wnpa-sec-2018-55 The IxVeriWave file parser could crash. Bug 15279. CVE-2018-19627.
- wnpa-sec-2018-56 The PVFS dissector could crash. Bug 15280. CVE-2018-19624.
- wnpa-sec-2018-57 The ZigBee ZCL dissector could crash. Bug 15281. CVE-2018-19628.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
At this time :
- Lua 5.3.5 will be the last one of its serie.
- Lua 5.4 is up coming (lua-5.4.0-work2 is already available).
- Lua 5.2.4 was released on 2015.
For various reasons in the Lua ecosystem, the Lua 5.1 will stay.
On BR, Lua 5.3 is the default version since 2016.02.
So, the serie which could be removed is the 5.2.x.
We could wait some days for other user feedback.
Note: see discussion when 5.3.x was introduced :
http://lists.busybox.net/pipermail/buildroot/2015-January/117638.html
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Don't give a path in --with-pcap option otherwise PCAP_CONFIG won't be
used (see AC_WIRESHARK_PCAP_CHECK in acinclude.m4) to retrieve pcap
static dependencies such as -lnl-3 and as a result pcap detection will
fail
Fixes:
- http://autobuild.buildroot.org/results/084354a33825cf4e723e0a9f1e9656ad2a212a15
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
- Optional dependency to snappy has been added with version 2.4.0 and
47649d1c7f
- Specify the path to found libssh as this is done for other options
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
- Optional dependency to lz4 has been added with version 2.4.0 and
47649d1c7f
- Specify the path to found lz4 as this is done for other options
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
- Optional dependency to bcg729 has been added with version 2.5.0 and
3e54cabf81
- Specify the path to found bcg729 as this is done for other options
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
- Embedded nghttp2 code has been removed and an optional dependency to
nghttp2 has been added with version 2.4.0 and
b1cc056b12
- Specify the path to found nghttp2 as this is done for other options
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Optional dependency to libxml2 has been added with version 2.4.0 and
cfab5ef035
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
- Remove first patch (inet_pton test removed since version 2.5.0 and
12d63c428f)
- Remove second patch (already in version, since
3761ef3785)
- Remove WIRESHARK_AUTORECONF=yes as configure.ac is not patched anymore
- gcrypt is a mandatory dependency since version 2.4.0 and
6b84ddee83
- geoip support has been replaced by maxminddb since version 2.5.0 and
a1da75c554
- Drop includedir "hack", this is not needed anymore and wireshark is
now installing files in target. With this hack, build fails on:
wireshark: installs files in /home/fabrice/buildroot/output/target//home/fabrice/buildroot/output
package/pkg-generic.mk:310: recipe for target '/home/fabrice/buildroot/output/build/wireshark-2.6.4/.stamp_target_installed' failed
- Disable all new optional features
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[Arnout: keep optional dependencies alphabetic on Config.in name;
add comment of libgcrypt -> libgpg-error dependency.]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Specify the path to found libkrb5 as this is done for other options
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
- lua 5.3 or luajit is not supported
- Don't specify the path to find lua as pkgconfig is used for lua
(this is not the case for the other options)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
- Optional dependency to libssh has been added with version 2.2.1 and
d6da95231e
- Specify the path to found libssh as this is done for other options
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Since things are no longer installed in $(HOST_DIR)/usr, the callers
should also not refer to it.
This is a mechanical change with
git grep -l '$(HOST_DIR)/usr/bin' | xargs sed -i 's%$(HOST_DIR)/usr/bin%$(HOST_DIR)/bin%g'
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
The check-package script when ran gives warnings on ordering issues
on all of these Config files. This patch cleans up all warnings
related to the ordering in the Config files for packages starting with
the letter w in the package directory.
The appropriate ordering is: type, default, depends on, select, help
See http://nightly.buildroot.org/#_config_files for more information.
Signed-off-by: Adam Duskett <Adamduskett@outlook.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Fixes:
wnpa-sec-2017-01 - The ASTERIX dissector could go into an infinite loop.
wnpa-sec-2017-02 - The DHCPv6 dissector could go into a large loop.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The only security bug fixed concerns windows so it's not a security bump
for buildroot.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
... otherwise we would end up forcefully enabling the linguist tool even
when wireshark would not be enabled.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Commit fa6feff (wireshark: needs the qt5tools lrelease utility)
introduced a circular dependency chain in Kconfig:
package/qt5/qt5base/Config.in:118:error: recursive dependency detected!
package/qt5/qt5base/Config.in:118: symbol BR2_PACKAGE_QT5BASE_GUI is selected by BR2_PACKAGE_QT5TOOLS_PIXELTOOL
package/qt5/qt5tools/Config.in:19: symbol BR2_PACKAGE_QT5TOOLS_PIXELTOOL depends on BR2_PACKAGE_QT5TOOLS
package/qt5/qt5tools/Config.in:1: symbol BR2_PACKAGE_QT5TOOLS is selected by BR2_PACKAGE_QT5BASE_WIDGETS
package/qt5/qt5base/Config.in:131: symbol BR2_PACKAGE_QT5BASE_WIDGETS is selected by BR2_PACKAGE_QT5X11EXTRAS
package/qt5/qt5x11extras/Config.in:1: symbol BR2_PACKAGE_QT5X11EXTRAS depends on BR2_PACKAGE_QT5BASE_XCB
package/qt5/qt5base/Config.in:186: symbol BR2_PACKAGE_QT5BASE_XCB depends on BR2_PACKAGE_QT5BASE_GUI
Fix that by dropping the select on the Qt5Tools, and introduce an
intermediate kconfig-level variable to represent the new condition, to
simplify the .mk file.
That would make the condition for enabling/disabling the GUI to be a
little bit more complex by adding yet another (long-ish) variable.
So we also introduce an intermediate kconfig-level variable that
represent the condition to enable the GUI.
Reported-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Cc: Baruch Siach <baruch@tkos.co.il>
Tested-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Some distros provide a 'qtchooser' utility to select Qt library
version. Make sure not to use that host provided utility.
Cc: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
