When tags was added by commit 011206b2bf
to detect the qemu command line, the qemu_arm_vexpress_tz_defconfig
was ignored due to a build issue.
This build issue has been fixed by previous patches, so we can
enable the runtime testing by adding the tag in the readme.txt
and the post-image script in the defconfig.
Since Qemu from HOST_DIR is now executed directly from BINARIES_DIR,
we can remove all the string before "qemu-system-*".
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Usually the qemu command line start directly with "qemu-system-<arch> ...".
But the command line for qemu_arm_vexpress_tz_defconfig start by doing
"cd output/images && ../host/bin/qemu-system-arm". This is necessary
since boot binaries, except BL1, are primarily loaded via semi-hosting
so all binaries has to reside in the same directory as QEMU is started
from [1].
To order to handle this case correctly, update the post-image.sh used
by all qemu defconfigs to execute qemu from BINARIES_DIR.
Since we have to change the current directory use a subshell to
restore the current directory after Qemu execution.
[1] 4ebbea9592/docs/plat/qemu.rst
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The output/images directory is called BINARIES_DIR in the
Buildroot manual, not IMAGE_DIR.
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
When boot-qemu-image.py script was added, we wanted to run
each qemu defconfig in gitlab, so we expect that all qemu
defconfig generate the script start-qemu.sh in images
directory.
Don't make it a hard requirement even if we prefer to be
able to do a runtime test for each qemu defconfig.
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
scan.c in x11vnc 0.9.16 uses IPC_CREAT|0777 in shmget calls, which
allows access by actors other than the current user.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
- disable new input module options imhttp and impcap
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Changes according to [1] and [2]:
- decode more bits from id[69], courtesy Adrián Kálazi.
- allow passing of custom LDFLAGS from the environment.
- add new "static" target.
- fix --dco-identify max sectors, courtesy of Paul Sultana.
- get rid of leftover "unknown" variables from identify.c
- fixed return values from get_log_page_data().
- support for ioSafe Solo with jMicron bridge.
[1] https://sourceforge.net/p/hdparm/news/2020/11/hdparm-959-is-released
[2] https://sourceforge.net/p/hdparm/news/2020/11/hdparm-960-is-released
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
- Fix CVE-2020-25412: com_line() in command.c in gnuplot 5.4 leads to an
out-of-bounds-write from strncpy() that may lead to arbitrary code
execution.
- Drop second patch (already in version)
- Update indentation in hash file (two spaces)
http://gnuplot.info/ReleaseNotes_5_4_1.html
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security issue:
- CVE-2020-15257: Access controls for the shim’s API socket verified that
the connecting process had an effective UID of 0, but did not otherwise
restrict access to the abstract Unix domain socket. This would allow
malicious containers running in the same network namespace as the shim,
with an effective UID of 0 but otherwise reduced privileges, to cause new
processes to be run with elevated privileges.
For more details, see the advisory:
https://github.com/containerd/containerd/security/advisories/GHSA-36xw-fx78-c5r4
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
For details see [1], changelog:
- Fix (hopefully) a segfault in xkb_x11_keymap_new_from_device() in some
unclear situation (bug introduced in 1.0.2).
- Fix keymaps created with xkb_x11_keymap_new_from_device() don't have level
names (bug introduced in 0.8.0).
[1] https://lists.freedesktop.org/archives/wayland-devel/2020-November/041660.html
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
