Home - Waterfall Grid T-Grid Console Builders Recent Builds Buildslaves Changesources - JSON API - About

Builder mpc85xx/p1020 Build #302

Results:

Build successful

SourceStamp:

Repositorygit@git.lede-project.org:source.git
Branchlede-17.01
Revision5886a5060a4cd17e87a60028d878525150075653
Got Revision5886a5060a4cd17e87a60028d878525150075653
Changes6 changes

BuildSlave:

lede-17.01-phase1

Reason:

The SingleBranchScheduler scheduler named 'all' triggered this build

Steps and Logfiles:

  1. nproc property 'nproc' set ( 0 secs )
    1. - no logs -
  2. tools/clean User-requested "make tools/clean" skipped ( 0 secs )
    1. - no logs -
  3. toolchain/clean User-requested "make toolchain/clean" skipped ( 0 secs )
    1. - no logs -
  4. target/linux/clean User-requested "make target/linux/clean" skipped ( 0 secs )
    1. - no logs -
  5. dirclean User-requested "make dirclean" skipped ( 0 secs )
    1. - no logs -
  6. distclean User-requested "make distclean" skipped ( 0 secs )
    1. - no logs -
  7. switchbranch Checking out Git branch ( 11 secs )
    1. - no logs -
  8. git update ( 0 secs )
    1. - no logs -
  9. fetchrefs Fetching Git remote refs ( 0 secs )
    1. - no logs -
  10. fetchtag Fetching Git tags skipped ( 0 secs )
    1. - no logs -
  11. switchtag Checking out Git tag skipped ( 0 secs )
    1. - no logs -
  12. rmtmp Remove tmp folder ( 0 secs )
    1. - no logs -
  13. rmfeedlinks Remove feed symlinks ( 0 secs )
    1. - no logs -
  14. updatefeeds Updating feeds ( 37 secs )
    1. - no logs -
  15. installfeeds Installing feeds ( 6 secs )
    1. - no logs -
  16. download downloading to .config ( 0 secs )
    1. - no logs -
  17. newconfig Seeding .config ( 0 secs )
    1. - no logs -
  18. delbin Removing output directory ( 0 secs )
    1. - no logs -
  19. defconfig Populating .config ( 9 secs )
    1. - no logs -
  20. checkarch Checking architecture ( 0 secs )
    1. - no logs -
  21. libc property 'libc' set ( 0 secs )
    1. - no logs -
  22. download_1 downloading to ccache.sh ( 0 secs )
    1. - no logs -
  23. prepccache Preparing ccache ( 4 secs )
    1. - no logs -
  24. download_2 downloading to key-build ( 0 secs )
    1. - no logs -
  25. download_3 downloading to key-build.pub ( 0 secs )
    1. - no logs -
  26. dldir Preparing dl/ ( 0 secs )
    1. - no logs -
  27. dltar Building GNU tar ( 11 secs )
    1. - no logs -
  28. dlrun Populating dl/ ( 21 secs )
    1. - no logs -
  29. cleanbase Cleaning base-files ( 5 secs )
    1. - no logs -
  30. tools Building tools ( 1 mins, 24 secs )
    1. - no logs -
  31. toolchain Building toolchain ( 7 secs )
    1. - no logs -
  32. kmods Building kmods ( 46 secs )
    1. - no logs -
  33. pkgclean Cleaning up package build ( 6 secs )
    1. - no logs -
  34. pkgbuild Building packages ( 3 mins, 5 secs )
    1. - no logs -
  35. pkginstall Installing packages ( 9 secs )
    1. - no logs -
  36. pkgindex Indexing packages ( 10 secs )
    1. - no logs -
  37. images Building images ( 3 mins, 45 secs )
    1. - no logs -
  38. diffconfig Generating config.seed ( 5 secs )
    1. - no logs -
  39. checksums Calculating checksums ( 5 secs )
    1. - no logs -
  40. signprepare Ran ( 0 secs )
    1. - no logs -
  41. signpack Packing files to sign ( 0 secs )
    1. - no logs -
  42. upload uploading sign.tar.gz ( 0 secs )
    1. - no logs -
  43. signfiles Ran ( 0 secs )
    1. - no logs -
  44. download_4 downloading to sign.tar.gz ( 0 secs )
    1. - no logs -
  45. signunpack Unpacking signed files ( 0 secs )
    1. - no logs -
  46. dirprepare Preparing upload directory structure ( 0 secs )
    1. - no logs -
  47. linkprepare Preparing repository symlink ( 0 secs )
    1. - no logs -
  48. dirupload Uploading directory structure ( 0 secs )
    1. - no logs -
  49. targetupload Uploading target files ( 28 secs )
    1. - no logs -
  50. sourceupload Uploading source archives ( 2 mins, 41 secs )
    1. - no logs -

Build Properties:

NameValueSource
branch lede-17.01 Build
builddir /build/lede-17.01/slaves/phase1/mpc85xx_p1020 slave
buildername mpc85xx/p1020 Builder
buildnumber 302 Build
codebase Build
got_revision 5886a5060a4cd17e87a60028d878525150075653 Git
libc SetPropertyFromCommand Step
nproc 8 SetPropertyFromCommand Step
project Build
repository git@git.lede-project.org:source.git Build
revision 5886a5060a4cd17e87a60028d878525150075653 Build
scheduler all Scheduler
slavename lede-17.01-phase1 BuildSlave
workdir /build/lede-17.01/slaves/phase1/mpc85xx_p1020 slave (deprecated)

Forced Build Properties:

NameLabelValue

Responsible Users:

  1. Hauke Mehrtens
  2. John Crispin
  3. Luis Araneda
  4. Rafał Miłecki

Timing:

StartSat Aug 11 07:15:31 2018
EndSat Aug 11 07:30:19 2018
Elapsed14 mins, 47 secs

All Changes:

:

  1. Change #949

    Category None
    Changed by Rafał Miłecki <rafalohnoyoudont@milecki.pl>
    Changed at Fri 10 Aug 2018 08:37:37
    Repository git@git.lede-project.org:source.git
    Branch lede-17.01
    Revision 583fd4b229b0b85c935ee3ac8b3432c9ef9120c9

    Comments

    brcm47xx: revert upstream commit breaking BCM4718A1
    This fixes kernel hang when booting on BCM4718A1 (& probably BCM4717A1).
    
    Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
    (cherry picked from commit 4c1aa64b4d804e77dfaa8d53e5ef699fcced4b18)
    Fixes: aaecfecdcde5 ("kernel: bump kernel 4.4 to version 4.4.139")

    Changed files

    • target/linux/brcm47xx/patches-4.4/330-Revert-MIPS-BCM47XX-Enable-74K-Core-ExternalSync-for.patch
  2. Change #950

    Category None
    Changed by Luis Araneda <luaranedaohnoyoudont@gmail.com>
    Changed at Fri 10 Aug 2018 19:27:11
    Repository git@git.lede-project.org:source.git
    Branch lede-17.01
    Revision 6e78c5502c945382768bd4740c2dc64901ab308b

    Comments

    tools: m4: fix compilation with glibc 2.28
    Add a temporary workaround to compile with glibc 2.28
    as some constants were removed and others made private
    
    Signed-off-by: Luis Araneda <luaraneda@gmail.com>

    Changed files

    • tools/m4/patches/010-glibc-change-work-around.patch
  3. Change #951

    Category None
    Changed by Luis Araneda <luaranedaohnoyoudont@gmail.com>
    Changed at Fri 10 Aug 2018 19:27:12
    Repository git@git.lede-project.org:source.git
    Branch lede-17.01
    Revision 6449ed1553014e819f8815a3749415e36e9ab594

    Comments

    tools: findutils: fix compilation with glibc 2.28
    Add a temporary workaround to compile with glibc 2.28
    as some constants were removed and others made private
    
    Signed-off-by: Luis Araneda <luaraneda@gmail.com>

    Changed files

    • tools/findutils/patches/110-glibc-change-work-around.patch
  4. Change #952

    Category None
    Changed by John Crispin <johnohnoyoudont@phrozen.org>
    Changed at Fri 10 Aug 2018 20:19:06
    Repository git@git.lede-project.org:source.git
    Branch lede-17.01
    Revision b3983323a1f25c936ddfcc129c454b282e90eeed

    Comments

    wpa_supplicant: fix CVE-2018-14526
    Unauthenticated EAPOL-Key decryption in wpa_supplicant
    
    Published: August 8, 2018
    Identifiers:
    - CVE-2018-14526
    Latest version available from: https://w1.fi/security/2018-1/
    
    Vulnerability
    
    A vulnerability was found in how wpa_supplicant processes EAPOL-Key
    frames. It is possible for an attacker to modify the frame in a way that
    makes wpa_supplicant decrypt the Key Data field without requiring a
    valid MIC value in the frame, i.e., without the frame being
    authenticated. This has a potential issue in the case where WPA2/RSN
    style of EAPOL-Key construction is used with TKIP negotiated as the
    pairwise cipher. It should be noted that WPA2 is not supposed to be used
    with TKIP as the pairwise cipher. Instead, CCMP is expected to be used
    and with that pairwise cipher, this vulnerability is not applicable in
    practice.
    
    When TKIP is negotiated as the pairwise cipher, the EAPOL-Key Key Data
    field is encrypted using RC4. This vulnerability allows unauthenticated
    EAPOL-Key frames to be processed and due to the RC4 design, this makes
    it possible for an attacker to modify the plaintext version of the Key
    Data field with bitwise XOR operations without knowing the contents.
    This can be used to cause a denial of service attack by modifying
    GTK/IGTK on the station (without the attacker learning any of the keys)
    which would prevent the station from accepting received group-addressed
    frames. Furthermore, this might be abused by making wpa_supplicant act
    as a decryption oracle to try to recover some of the Key Data payload
    (GTK/IGTK) to get knowledge of the group encryption keys.
    
    Full recovery of the group encryption keys requires multiple attempts
    (128 connection attempts per octet) and each attempt results in
    disconnection due to a failure to complete the 4-way handshake. These
    failures can result in the AP/network getting disabled temporarily or
    even permanently (requiring user action to re-enable) which may make it
    impractical to perform the attack to recover the keys before the AP has
    already changes the group keys. By default, wpa_supplicant is enforcing
    at minimum a ten second wait time between each failed connection
    attempt, i.e., over 20 minutes waiting to recover each octet while
    hostapd AP implementation uses 10 minute default for GTK rekeying when
    using TKIP. With such timing behavior, practical attack would need large
    number of impacted stations to be trying to connect to the same AP to be
    able to recover sufficient information from the GTK to be able to
    determine the key before it gets changed.
    
    Vulnerable versions/configurations
    
    All wpa_supplicant versions.
    
    Acknowledgments
    
    Thanks to Mathy Vanhoef of the imec-DistriNet research group of KU
    Leuven for discovering and reporting this issue.
    
    Possible mitigation steps
    
    - Remove TKIP as an allowed pairwise cipher in RSN/WPA2 networks. This
    can be done also on the AP side.
    
    - Merge the following commits to wpa_supplicant and rebuild:
    
    WPA: Ignore unauthenticated encrypted EAPOL-Key data
    
    This patch is available from https://w1.fi/security/2018-1/
    
    - Update to wpa_supplicant v2.7 or newer, once available
    
    Signed-off-by: John Crispin <john@phrozen.org>

    Changed files

    • package/network/services/hostapd/patches/0001-WPA-Ignore-unauthenticated-encrypted-EAPOL-Key-data.patch
  5. Change #953

    Category None
    Changed by Hauke Mehrtens <haukeohnoyoudont@hauke-m.de>
    Changed at Fri 10 Aug 2018 20:56:31
    Repository git@git.lede-project.org:source.git
    Branch lede-17.01
    Revision 9bc43f3e65bc8e0bb3d0c5ea8ff906111197afb9

    Comments

    curl: fix some security problems
    This fixes the following security problems:
    * CVE-2017-1000254: FTP PWD response parser out of bounds read
    * CVE-2017-1000257: IMAP FETCH response out of bounds read
    * CVE-2018-1000005: HTTP/2 trailer out-of-bounds read
    * CVE-2018-1000007: HTTP authentication leak in redirects
    * CVE-2018-1000120: FTP path trickery leads to NIL byte out of bounds write
    * CVE-2018-1000121: LDAP NULL pointer dereference
    * CVE-2018-1000122: RTSP RTP buffer over-read
    * CVE-2018-1000301: RTSP bad headers buffer over-read
    
    Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

    Changed files

    • package/network/utils/curl/Makefile
    • package/network/utils/curl/patches/105-CVE-2017-1000254.patch
    • package/network/utils/curl/patches/105-CVE-2017-8816.patch
    • package/network/utils/curl/patches/106-CVE-2017-8817.patch
    • package/network/utils/curl/patches/107-CVE-2017-1000257.patch
    • package/network/utils/curl/patches/107-CVE-2017-8816.patch
    • package/network/utils/curl/patches/108-CVE-2017-8817.patch
    • package/network/utils/curl/patches/109-CVE-2018-1000005.patch
    • package/network/utils/curl/patches/110-CVE-2018-1000007.patch
    • package/network/utils/curl/patches/111-CVE-2018-1000120.patch
    • package/network/utils/curl/patches/112-CVE-2018-1000121.patch
    • package/network/utils/curl/patches/113-CVE-2018-1000122.patch
    • package/network/utils/curl/patches/114-CVE-2018-1000301.patch
    • package/network/utils/curl/patches/320-mbedtls-nonblocking-handshake.patch
  6. Change #954

    Category None
    Changed by Hauke Mehrtens <haukeohnoyoudont@hauke-m.de>
    Changed at Fri 10 Aug 2018 20:56:50
    Repository git@git.lede-project.org:source.git
    Branch lede-17.01
    Revision 5886a5060a4cd17e87a60028d878525150075653

    Comments

    mbedtls: update to version 2.7.5
    This fixes the following security problems:
    * CVE-2018-0497: Remote plaintext recovery on use of CBC based ciphersuites through a timing side-channel
    * CVE-2018-0498: Plaintext recovery on use of CBC based ciphersuites through a cache based side-channel
    
    Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

    Changed files

    • package/libs/mbedtls/Makefile
    • package/libs/mbedtls/patches/300-soversion-compatibility.patch