It seems like the libpcre dependency was added by mistake.
While checking in the source code of czmq (Makefile.am, CMakeLists.txt),
I see there are several dependencies, but there isn't PCRE.
Fixes: 936a48a ("czmq: add new package")
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit e3ab95185c)
include/libdrm/drm.h and others headers are needed to build libva.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
(cherry picked from commit cb8c0ba6c0)
Imported patches included in debian and other package.
* 200-Fix-NULL-pointer-crashes-from-175.patch
CVE-2021-3502
A flaw was found in avahi 0.8-5. A reachable assertion is present in avahi_s_host_name_resolver_start function allowing a local attacker to crash the avahi service by requesting hostname resolutions through the avahi socket or dbus methods for invalid hostnames. The highest threat from this vulnerability is to the service availability.
* 201-Avoid-infinite-loop-in-avahi-daemon-by-handling-HUP-event.patch
CVE-2021-3468
A flaw was found in avahi in versions 0.6 up to 0.8. The event used to signal the termination of the client connection on the avahi Unix socket is not correctly handled in the client_work function, allowing a local attacker to trigger an infinite loop. The highest threat from this vulnerability is to the availability of the avahi service, which becomes unresponsive after this flaw is triggered.
* 202-avahi_dns_packet_consume_uint32-fix-potential-undefined-b.patch
avahi_dns_packet_consume_uint32 left shifts uint8_t values by 8, 16 and 24 bits to combine them into a 32-bit value. This produces an undefined behavior warning with gcc -fsanitize when fed input values of 128 or 255 however in testing no actual unexpected behavior occurs in practice and the 32-bit uint32_t is always correctly produced as the final value is immediately stored into a uint32_t and the compiler appears to handle this "correctly".
Cast the intermediate values to uint32_t to prevent this warning and ensure the intended result is explicit.
* 203-Do-not-disable-timeout-cleanup-on-watch-cleanup.patch
This was causing timeouts to never be removed from the linked list that tracks them, resulting in both memory and CPU usage to grow larger over time.
* 204-Emit-error-if-requested-service-is-not-found.patch
It currently just crashes instead of replying with error. Check return
value and emit error instead of passing NULL pointer to reply.
* 205-conf-file-line-lengths.patch
Allow avahi-daemon.conf file to have lines longer than 256 characters (new limit 1024).
Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
(cherry picked from commit 779af4d40c)
NTRU support has been removed in wolfssl 5.0 so it is required to
mask NTRU specific code if wolfssl >= 5.0
Signed-off-by: Sergey V. Lobanov <sergey@lobanov.in>
(cherry picked from commit 9a9f26796b)
Using https://gitlab.freedesktop.org/mobile-broadband/libqmi.git to download the source code.
Enabled lto and additional gcc flags for perfomance and less size.
Added support for selecting qmi message collection.
Selected basic qmi message collection by default (modemmanager requires it).
Modified to use meson as upstream has abandoned autotools.
Removed BUILD_PARALLEL options. These are default with ninja/meson.
Signed-off-by: Maxim Anisimov <maxim.anisimov.ua@gmail.com>
(cherry picked from commit f7cbd44540)
(cherry picked from commit 1683d7c963)
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
Update meson include dir for branch openwrt-21.02.
The libqmi version 1.30.8 uses meson. In order to cherry-pick the
last changes cleanly, this commit must first be reverted.
This reverts commit 0cccbcb0c7.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
Using https://gitlab.freedesktop.org/mobile-broadband/libmbim.git to download the source code.
Enabled lto and additional gcc flags for perfomance and less size.
Modified to use meson as upstream has abandoned autotools.
Removed BUILD_PARALLEL options. These are default with ninja/meson.
Signed-off-by: Maxim Anisimov <maxim.anisimov.ua@gmail.com>
(cherry picked from commit fea19c2399)
1. Added a new option for SQLITE3_COLUMN_METADATA.
2. Minor cleanup Makefile and fixed 2 typo errors.
Fixes: CVE-2022-35737
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit a4a0f0793b)
This allows to build SQLite with support for the batch-atomic write
optimization. It makes use of atomic write support provided by the
underlying file system. Currently, this is only supported on F2FS. It
it does not work with overlayfs.
Signed-off-by: Jan Hoffmann <jan@3e8.eu>
(cherry picked from commit 4bc7ba7fe8)
This corrects the hash by using sha256sum for downloaded tarball from
freedesktop. After that, package libmbim was successfully compiled.
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
Signed-off-by: Aleksander Morgado <aleksander@aleksander.es>
(cherry picked from commit 1d2ef5abbb)
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
[only version bump]
The configure option --enable-more-warnings is not recognized by
configure.
Buildlog:
configure: WARNING: unrecognized options: --disable-nls, --enable-more-warnings
Therefore this configure option is removed with this commit.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
(cherry picked from commit a42f526b0c)
The configure option --enable-more-warnings and --without-udev are not
recognized by configure.
Buildlog:
configure: WARNING: unrecognized options: --disable-nls,
--enable-more-warnings, --without-udev
Therefore this unkown configure options are removed with this commit.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
(cherry picked from commit f0b5589ef0)
While running `make menuconfig`, it was discovered then there is a
recursive dependency like this:
tmp/.config-package.in:59138:error: recursive dependency detected!
tmp/.config-package.in:59138: symbol PACKAGE_libwebsockets-openssl is selected by PACKAGE_libwebsockets-mbedtls
tmp/.config-package.in:59122: symbol PACKAGE_libwebsockets-mbedtls depends on PACKAGE_libwebsockets-openssl
It is not possible with the recently added conflicts that two packages
(OpenSSL and full variant, which uses OpenSSL as well), which are almost the same
provides the same named package libwebsockets as their conflict - Mbed
TLS.
Fixes: 676c5c72b5 ("libwebsockets: OpenSSL
and mbedTLS variants should conflict")
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit a4e8cbb89a)
They provide the same files, but they don't conflict to each other, this
means that users can install them side by side.
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit 676c5c72b5)
For some time, it is not possible to install ttyd and mosquitto-ssl at the
same time, so let's solve it that libwebsockets-full provides
libwebsockets-openssl. This allows to install ttyd and mosquitto at
the same time.
Also, we need to add conflict, because we should not have installed
libwebsockets-openssl and libwebsockets-full at the same time as they
provides the same files.
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit 77e682a11c)
Update to 13.8 maintainance release of the PostgreSQL 13 release.
This release contains a variety of fixes from 13.7, among also a fix
addressing CVE-2022-2625.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
The new version includes all previously locally backported patches.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 669e4a9542)