Yann E. MORIN [Sun, 14 Jan 2018 14:16:58 +0000 (15:16 +0100)]
tests: add test for post-fakeroot script
Currently, only post-build and post-image scripts were tested, each with
their own test-script.
The two test-scripts only differ in the name of the log file they
create, and it is based on the name of the script, so it is easy to
share the script.
This allows us to easily re-use it for testing post-fakeroot scripts.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Cc: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Reviewed-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Tested-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Yann E. MORIN [Sun, 14 Jan 2018 14:16:57 +0000 (15:16 +0100)]
fs: pass EXTRA_ENV to post-fakeroot script
Like we do for post-build and post-image scripts, pass EXTRA_ENV to
post-fakeroot script.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Guillermo A. Amaral [Sun, 14 Jan 2018 17:28:07 +0000 (09:28 -0800)]
support/kconfig: ppply upstream nconfig ncurses/ncursesw fix
Buildroot's "make nconfig" command stopped working a while ago on
Gentoo systems. Running the command would result in a crash.
The issue is caused by lxdialog's cflags which are also used to build
nconfig; It would detect *ncursesw* and turn on WIDECHAR support --
but the Makefile would still link to plain *ncurses* while building
nconfig (which was built without WIDECHAR support).
This would cause a crash after using *wattrset* on a WINDOW instance.
WIDECHAR *wattrset* would try to set the _color member in the WINDOW
struct which does not exist in the NON-WIDECHAR ncurses instance. It
would end up clobbering data outside the struct (usually _line entries).
An upstream patch fixes the issue, so we're applying it to Buildroot's
kconfig.
Signed-off-by: Guillermo A. Amaral <g@maral.me>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Bernd Kuhls [Sun, 14 Jan 2018 18:18:27 +0000 (19:18 +0100)]
package/python-mwclient: bump version to 0.8.7
Removed patch applied upstream:
https://github.com/mwclient/mwclient/commit/
60d4b933184172b98e4b31b79b4420c35571bbea
Added license hash.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Sergio Prado [Mon, 15 Jan 2018 14:48:10 +0000 (12:48 -0200)]
wolfssl: fix build on ARMV8
Build on ARMV8 fails when hardware acceleration is enabled:
/tmp/ccmGP5RI.s: Assembler messages:
/tmp/ccmGP5RI.s:532: Error: invalid addressing mode at operand 2 -- `ld1 {v0.2d},[x0,256]'
/tmp/ccmGP5RI.s:568: Error: invalid addressing mode at operand 2 -- `st1 {v0.2d},[x0,256]'
/tmp/ccmGP5RI.s:581: Error: invalid addressing mode at operand 2 -- `ld1 {v0.2d},[x0,256]'
/tmp/ccmGP5RI.s:621: Error: invalid addressing mode at operand 2 -- `st1 {v0.2d},[x0,256]'
So let's disable ARMv8 hardware acceleration for now.
Fixes:
http://autobuild.buildroot.net/results/
6080648394d09a0d382087831ee6f063c7638be9
Signed-off-by: Sergio Prado <sergio.prado@e-labworks.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Jörg Krause [Sun, 14 Jan 2018 16:34:12 +0000 (17:34 +0100)]
augeas: bump to version 1.9.0
Add two patches from upstream to fix a build issue when building an
example. Ideally, the examples should not be build at all. However,
upstream disliked the idea of adding configure options like
`--disable-examples` [1]. So we'll make do with the patches and force a
autoreconf.
Additionaly, the signature was checked and a hash for the license file
is added.
[1] https://github.com/hercules-team/augeas/issues/535
Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Ricardo Martincoski [Sun, 14 Jan 2018 23:41:21 +0000 (21:41 -0200)]
armbian-firmware: fail build for missing file
When a file is listed to be installed but is missing from the package
source currently the first tar command exits with error code but it is
ignored and the build succeeds.
This issue by itself is minor because those listed files that are
present in the package source get installed to the target.
But the code is currently error prone, e.g. to a typo in the file list.
Fix this by first creating a tarball in the build directory and then
installing it, instead of using a pipe between the two tar invocations.
Also use && between the commands, so the first command that exits with
error code fails the build.
Since the two tar invocations remain in use, the desired behavior
remains the same:
- list of files can contain *;
- list of files can contain file inside path, and the path is then
replicated in the target;
- symlinks are not followed but are installed.
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Cc: Sergey Matyukevich <geomatsi@gmail.com>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Ricardo Martincoski [Sun, 14 Jan 2018 23:41:20 +0000 (21:41 -0200)]
linux-firmware: fix install for Chelsio T[45]
It's broken for the last 3 version bumps, since
1c9846ecc9 "linux-firmware: Bump to the latest version"
Fix it by updating the name of the file to install.
Do not use * since it would install also old versions that would take
1MB extra space in the target.
A comment to remember to update the file name when bumping the package
is not needed because a previous patch in the series makes the build
to fail for missing file.
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Cc: Fabio Estevam <festevam@gmail.com>
Cc: Peter Korsgaard <peter@korsgaard.com>
Cc: Peter Seiderer <ps.report@gmx.net>
Cc: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Yegor Yefremov <yegorslists@googlemail.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Ricardo Martincoski [Sun, 14 Jan 2018 23:41:19 +0000 (21:41 -0200)]
linux-firmware: fail build for missing file
When a file is listed to be installed but is missing from the package
source currently the first tar command exits with error code but it is
ignored and the build succeeds.
This issue by itself is minor because those listed files that are
present in the package source get installed to the target.
But the code is currently error prone, e.g. to a typo in the file list.
Fix this by first creating a tarball in the build directory and then
installing it, instead of using a pipe between the two tar invocations.
Also use && between the commands, so the first command that exits with
error code fails the build.
Since the two tar invocations remain in use, the desired behavior
remains the same:
- list of files can contain *;
- list of files can contain file inside path, and the path is then
replicated in the target;
- symlinks are not followed but are installed.
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Cc: Fabio Estevam <festevam@gmail.com>
Cc: Peter Korsgaard <peter@korsgaard.com>
Cc: Peter Seiderer <ps.report@gmx.net>
Cc: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Yegor Yefremov <yegorslists@googlemail.com>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Peter Korsgaard [Sun, 14 Jan 2018 22:47:11 +0000 (23:47 +0100)]
xen: bump to version 4.9.1
Drop 0003-tools-libxc-xc_dom_arm-add-missing-variable-initiali.patch as that
is now upstream:
https://xenbits.xenproject.org/gitweb/?p=xen.git;a=commit;h=
88bfbf90e35f1213f9967a97dee0b2039f9998a4
Drop security patches as 4.9.1 includes up to xsa-245.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Peter Korsgaard [Sun, 14 Jan 2018 22:02:56 +0000 (23:02 +0100)]
configs/openblocks_a6_defconfig: bump linux kernel to 4.14.13
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Peter Korsgaard [Sun, 14 Jan 2018 21:53:55 +0000 (22:53 +0100)]
configs/sheevaplug_defconfig: bump linux kernel to 4.14.13
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Joseph Kogut [Sun, 14 Jan 2018 21:16:57 +0000 (13:16 -0800)]
python-xlib: fix check-package warning
Signed-off-by: Joseph Kogut <joseph.kogut@gmail.com>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Peter Korsgaard [Sun, 14 Jan 2018 21:01:15 +0000 (22:01 +0100)]
minnowboard-max: defconfigs: use silvermont x86 variant
As that is the CPU core in the E38xx Atoms used on the Minnowboard max.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Peter Korsgaard [Sun, 14 Jan 2018 21:01:14 +0000 (22:01 +0100)]
minnowboard-max: defconfigs: bump kernel to 4.14.13
Use CONFIG_UNWINDER_FRAME_POINTER as CONFIG_UNWINDER_ORC needs libelf.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Sun, 14 Jan 2018 19:59:44 +0000 (20:59 +0100)]
domoticz: fix build with boost 1.66
Patch fetch from one of the answer of
https://github.com/domoticz/domoticz/issues/2034
(issue still opened, no official PR sent upstream)
Boost asio changed its API:
- http://www.boost.org/doc/libs/1_66_0/doc/html/boost_asio/net_ts.html
Fixes:
- http://autobuild.buildroot.net/results/
5f02c8fc84889748f283ee1cb76248bb0880215a
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Jörg Krause [Sun, 14 Jan 2018 17:53:06 +0000 (18:53 +0100)]
swupdate: remove empty line
Reported by Yann E. Morin running:
```
$ ./utils/check-package package/swupdate/swupdate.mk
package/swupdate/swupdate.mk:42: consecutive empty lines
140 lines processed
1 warnings generated
```
Reported-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Matt Weber [Sat, 13 Jan 2018 02:21:11 +0000 (20:21 -0600)]
kvm-unit-tests: test for rdseed/rdrand
The build fails when the host binutils isn't at least 2.23
(2.22.x introduced RDSEED).
The host toolchain is used for x86_64 target builds where
we need to do a 32bit build. Most other buildroot builds
are using a much newer binutils unless it's a external
older toolchain.
Fixes:
http://autobuild.buildroot.net/results/c39/
c3987a3cbd2960b0ff50f872636bdfd8d1a9c820/
Upstream:
https://marc.info/?l=kvm&m=
151580743523259&w=2
Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Bernd Kuhls [Sat, 13 Jan 2018 08:16:28 +0000 (09:16 +0100)]
package/waylandpp: bump version to 0.2.1
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Romain Naour [Sat, 13 Jan 2018 16:05:27 +0000 (17:05 +0100)]
package/bash: add /bin/bash to /etc/shells
When bash is selected, /bin/bash is not added to /etc/shells
(see man shells). So, login tools like dropbear reject the ssh
connexions for users using bash as shell in /etc/passwd.
buildroot authpriv.warn dropbear[853]: User 'kubu' has invalid shell, rejected
Reported-by: Jeremy Rosen <jeremy.rosen@smile.fr>
Signed-off-by: Romain Naour <romain.naour@smile.fr>
Cc: "Yann E. MORIN" <yann.morin.1998@free.fr>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Yann E. MORIN [Sat, 13 Jan 2018 22:24:29 +0000 (23:24 +0100)]
package/linux-firmware: fix incorrect line-continuation
Partially fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/
47806089
And add myself to the list of devloppers for it.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Yann E. MORIN [Sat, 6 Jan 2018 15:28:33 +0000 (16:28 +0100)]
support/dockerfile: add directives to run as non-root
Currently, our jobs on the gitlab-ci infra are running as root, which is
problematic for two reasons:
- this is not the usual way Buildroot is built;
- it may miss issues where running as non-root is problematic.
So, complement our Dockerfile with directives to add a new user and run
everything as that user, as demonstrated by this build job:
https://gitlab.com/ymorin/buildroot-ci/-/jobs/
46929562
Additional, enforce an UTF-8 locale while running.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Arnout Vandecappelle <arnout@mind.be>
Cc: Peter Korsgaard <peter@korsgaard.com>
Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Jörg Krause [Tue, 9 Jan 2018 08:39:49 +0000 (09:39 +0100)]
mpd: bump to version 0.20.15
Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Jörg Krause [Tue, 9 Jan 2018 08:58:31 +0000 (09:58 +0100)]
uboot-tools: bump to version 2018.01
Drop patch 0004-uboot-tools-disable-pylibfdt.patch. The issue addressed by
this patch has been fixed in upstream commit
15b97f5c5e6d88e0560c6928f3acd01c999a494d.
Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Tested-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Jörg Krause [Tue, 9 Jan 2018 08:58:30 +0000 (09:58 +0100)]
uboot: bump to version 2018.01
Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Johannes Schmitz [Tue, 9 Jan 2018 16:08:28 +0000 (17:08 +0100)]
board/ci20: create a SD card image
Add a genimage.cfg to create a working sdcard.img for the ci20
hardware. We also need a uboot-env.txt to create the partition for
the uboot environment.
Update the board/ci20/readme.txt with the related information. Remove
the tftp netboot description from the readme as it is already to
complicated for a basic bootable example.
Signed-off-by: Johannes Schmitz <johannes.schmitz1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Jörg Krause [Tue, 9 Jan 2018 22:46:01 +0000 (23:46 +0100)]
boost: bump to version 1.66.0
Drop the metaparse module as it is header only library now. No need for
legacy handling as the module is available unconditionally in Boost.
Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Romain Naour [Tue, 9 Jan 2018 20:13:06 +0000 (21:13 +0100)]
package/ti-cgt-pru: bump to 2.2.1
See: http://www.ti.com/tool/download/PRU-CGT-2-2
The ti-cgt-pru v2.1.x installer are affected by a bug with recent
distribution (Fedora 27 and Ubuntu 17.10) using kernel 4.13 or 4.14
with a glibc 2.26.
The installer is stuck in a futex(wait) system call.
While at it, add license hash.
Fixes:
http://autobuild.buildroot.net/results/68f/
68f60ad38d9b6eae83b5d233966616a25d8c9391
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Ash Charles <ash.charles@savoirfairelinux.com>
Cc: Matthew Weber <matthew.weber@rockwellcollins.com>
Tested-by: Matt Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Romain Naour [Tue, 9 Jan 2018 22:54:07 +0000 (23:54 +0100)]
support/config-fragments: br-powerpc-internal-full: remove old option
BR2_TOOLCHAIN_BUILDROOT_INET_IPV6 has been removed with the commit [1].
Since this option is still in br-powerpc-internal-full config-fragment,
the powerpc configuration is droped by autobuild-run script:
WARN: toolchain can't be used
Missing: BR2_TOOLCHAIN_BUILDROOT_INET_IPV6=y
[Sat, 06 Jan 2018 03:03:43] WARN: failed to generate configuration
[1]
4bcacfd2c05f45171c011d4af7731c6f848819a4
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Yegor Yefremov [Wed, 10 Jan 2018 08:45:52 +0000 (09:45 +0100)]
scanpypi: get license names from SPDX database
Use spdx_lookup package to compare packages' license file texts
with SPDX database.
This feature is optional.
Bonus: fix wrong indentation.
Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Gary Bisson [Thu, 11 Jan 2018 18:07:02 +0000 (19:07 +0100)]
imx-gpu-viv: fix compiling issues with EGL_API_FB
Just like the previous commit did:
c9ecdd2b96 gpu-viv-bin-mx6q: fix compiling issues with EGL_API_FB
Difference is that in latest package, eglvivante.h is included after
a EGL_API_FB check in eglplatform.h, giving the following error:
/.../sysroot/usr/include/EGL/eglplatform.h:146:10:
fatal error: X11/Xlib.h: No such file or directory
#include <X11/Xlib.h>
Also, this patch introduce IMX_GPU_VIV_FIXUP_PKGCONFIG which fixes
the pkgconfig files (for some reason default egl.pc file isn't the
same as the one for fb target).
Finally, this patch removes references to libVIVANTE which is now
replaced by libVDK.
Signed-off-by: Gary Bisson <gary.bisson@boundarydevices.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Sergio Prado [Tue, 9 Jan 2018 23:53:37 +0000 (21:53 -0200)]
daq: fix build against the musl C library
Musl doesn't have <sys/unistd.h>, so let's change to <unistd.h>.
Fixes:
http://autobuild.buildroot.net/results/
054f6581f67338b28af4dc2203b285ae1055581c
http://autobuild.buildroot.net/results/
99ec5d70b2ecf3a17fd5b5461d3e6b8ec0d22bfa
Signed-off-by: Sergio Prado <sergio.prado@e-labworks.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Jörg Krause [Wed, 10 Jan 2018 22:28:16 +0000 (23:28 +0100)]
swupdate: bump to version 2017.11
Remove upstream patch 0001-Fix-SHA256-hash-verification.patch.
Re-enable support for Lua 5.1 and LuaJIT, which was removed in version 2017.09
because of compatibility issues [1]. Meanwhile, the issues have been resolved
upstream [2].
Note, that `CONFIG_HANDLER_IN_LUA` is now supported by Lua 5.1/LuaJIT, too.
Add a fixup command `SWUPDATE_SET_LUA_VERSION` to set the correct base name for
the Lua/LuaJIT pkg-config file used by the swupdates config option `LUAPKG`.
Fix a small type in the help text:
'in my mind' -> 'in mind'.
Regenerated the .config script by doing:
```
make swupdate-menuconfig
make swupdate-update-config
```
.. and removing the paths for the build options manually.
[1] http://patchwork.ozlabs.org/patch/795958/
[2] https://github.com/sbabic/swupdate/commit/
7b49b8dc59acc0591fe9823f1739ba7422eb30c7
Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Thomas Petazzoni [Wed, 10 Jan 2018 22:14:02 +0000 (23:14 +0100)]
system: only expose getty options for busybox and sysvinit
Only busybox and sysvinit handle the BR2_TARGET_GENERIC_GETTY_TERM and
BR2_TARGET_GENERIC_GETTY_OPTIONS options; the other init systems do
not.
So, protect those options behind appropriate dependencies on busybox
or sysvinit.
Fixes #10301.
Reported-by: Michael Heinemann <posted@heine.so>
Suggested-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Peter Seiderer [Wed, 10 Jan 2018 21:38:59 +0000 (22:38 +0100)]
linux-firmware: add support for intel iwlwifi 9xxx
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Peter Seiderer [Wed, 10 Jan 2018 21:38:58 +0000 (22:38 +0100)]
linux-firmware: bump version to
65b1c68
Changes since last version (
17e6288):
02d857e linux-firmware: DMC firmware for skylake v1.27
00a92a3 nfp: update firmware for Agilio CX SmartNICs
c752e24 nfp: change firmware directory layout
b39260f nfp: add firmware for tc-flower
89c6211 linux-firmware: intel: Add Cannonlake audio firmware
71a4800 amdgpu: update vega10 vce firmware
30946b9 amdgpu: add firmware for Raven
73d13b5 linux-firmware: Add firmware file for Intel Bluetooth 9560
041aff8 linux-firmware: Add firmware file for Intel Bluetooth 9260
c113d33 linux-firmware: Update firmware file for Intel Bluetooth 8265
a42f895 linux-firmware: Update firmware patch for Intel Bluetooth 8260
5d98692 Merge branch 'cnl' of git://git.kernel.org/pub/scm/linux/kernel/git/vkoul/firmware
e4252cf Revert commits
a42f895,
c113d33,
041aff8,
73d13b5
db9964e linux-firmware: Add firmware file for Intel Bluetooth 9560
97339b3 linux-firmware: Add firmware file for Intel Bluetooth 9260
9a843a1 linux-firmware: Update firmware file for Intel Bluetooth 8265
fdee922 linux-firmware: Update firmware patch for Intel Bluetooth 8260
bc2164d Merge commit '
b39260f04b9b0a9da8a337098f73cbca7c4e9b2d' of https://github.com/Netronome/linux-firmware
7f93c9d brcm: add CYW4373 firmwares and Cypress license file
2451bb2 linux-firmware: liquidio: add v1.7.0 vswitch firmware
2567e09 nvidia: add GP108 signed firmware
4a77cab linux-firmware: DMC firmware for cannonlake v1.07
2eefafb rtlwifi: rtl8723de: Add firmware for new driver/device
8650396 wl127x/wl128x: update firmwares
65b1c68 wl18xx: update firmware file 8.9.0.0.76
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Peter Korsgaard [Wed, 10 Jan 2018 22:03:03 +0000 (23:03 +0100)]
mcookie: correct wrong memset argument
Fixes #10216
Building mcookie generates a warning about possible wrong arguments to
memset:
mcookie.c:207:26: warning: argument to ‘sizeof’ in ‘memset’ call is the same expression
as the destination; did you mean to dereference it? [-Wsizeof-pointer-memaccess]
memset(ctx, 0, sizeof(ctx)); /* In case it's sensitive */
ctx is a pointer to a structure, so the code should use the size of the
structure and not the size of the pointer when it tries to clear the
structure, similar to how it got fixed upstream back in 2009:
https://git.kernel.org/pub/scm/utils/util-linux/util-linux.git/commit/lib/md5.c?id=
6596057175c6ed342dc20e85eae8a42eb29b629f
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Thomas Petazzoni [Wed, 10 Jan 2018 22:40:52 +0000 (23:40 +0100)]
lz4: install programs as well as libraries
Prior to commit
8ad38a4fc2007df4bee9a941aed46c8771b6a84c
("package/lz4: bump version to r131"), the lz4 package was installing
both libraries and programs, but this commit changed the behavior to
only install libraries.
The contributor might have been confused by the fact that the build
command was "$(MAKE) ... -C $(@D) liblz4", suggesting that only the
library was built. But since the install command was "$(MAKE) ... -C
$(@D) install", the programs were effectively built as part of the
install step, and installed as well.
Since it makes sense for lz4 to also installs its programs, this
commit adjusts the package accordingly.
It is worth mentioning that using the "all" target during the build
step is important. Indeed, otherwise the programs/Makefile has a
"default" target that doesn't build everything (especially the lz4c
program) and it end up being built as part of the install step, due to
how the makefile dependencies are handled in the lz4 project. To make
sure that everything gets built during the build step, we explicitly
use the "all" target.
Fixes bug #9996
Reported-by: Jamin Collins <jamin.collins@gmail.com>
Initial-analysis-by: Arnout Vandecappelle <arnout@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Fri, 12 Jan 2018 18:21:29 +0000 (19:21 +0100)]
cjson: bump to version 1.7.1
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Fri, 12 Jan 2018 18:20:58 +0000 (19:20 +0100)]
boinc: bump to version 7.8.5
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Baruch Siach [Fri, 12 Jan 2018 10:58:00 +0000 (12:58 +0200)]
libsodium: bump to version 1.0.16
Add pgp signature reference.
Cc: Frank Hunleth <fhunleth@troodon-software.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Baruch Siach [Fri, 12 Jan 2018 10:39:18 +0000 (12:39 +0200)]
gnupg2: bump to version 2.2.4
Add license hash.
Cc: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Baruch Siach [Fri, 12 Jan 2018 10:39:17 +0000 (12:39 +0200)]
libgcrypt: bump to version 1.8.2
Add license hash.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Baruch Siach [Fri, 12 Jan 2018 10:14:32 +0000 (12:14 +0200)]
e2fsprogs: bump to version 1.43.8
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Martin Kepplinger [Thu, 11 Jan 2018 14:46:51 +0000 (15:46 +0100)]
tslib: update to 1.15
As usual, https://github.com/kergoth/tslib/releases has the changelog
summary.
This release includes a new plugin "invert" that is being built by
default; so we add that to the list of statically compiled in plugins
for static builds.
Signed-off-by: Martin Kepplinger <martink@posteo.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Thomas Petazzoni [Wed, 10 Jan 2018 22:03:59 +0000 (23:03 +0100)]
busybox: don't remove S01logging when CONFIG_SYSLOGD is disabled
The current busybox.mk explicitly removes S01logging if CONFIG_SYSLOGD
is disabled in the Busybox configuration. However:
- This causes the removal of the S01logging script potentially
installed by another package (currently syslog-ng, rsyslog and
sysklogd can all install a S01logging script).
- We generally don't try to clean-up stuff that we may have installed
in a previous make invocation and that is no longer needed
following a configuration change.
Fixes bug #10176
Reported-by: Karl Krach <mail@kkrach.de>
Fix-provided-by: Karl Krach <mail@kkrach.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Thomas Petazzoni [Wed, 10 Jan 2018 21:19:14 +0000 (22:19 +0100)]
package/kmsxx: don't install static libraries when BR2_SHARED_STATIC_LIBS=y
The kmsxx build system can only build either shared libraries *or*
static libraries, not both. Therefore, the build currently fails when
BR2_SHARED_STATIC_LIBS=y because we try to install the static
libraries, that haven't been built.
We fix this by not installing the static libraries when
BR2_SHARED_STATIC_LIBS=y, making BR2_SHARED_STATIC_LIBS=y essentially
the same as BR2_SHARED_LIBS=y for this package.
Fixes bug #10331.
Reported-by: Frederic MATHIEU <frederic.mathieu@dualis.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Thomas Petazzoni [Wed, 10 Jan 2018 20:00:28 +0000 (21:00 +0100)]
xfsprogs: fix upstream submission link
The oss.sgi.com mailing list archives are no longer available, point
to spinics.net instead.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Thomas Petazzoni [Wed, 10 Jan 2018 19:53:58 +0000 (20:53 +0100)]
package/avahi: fix typo in avahi_tmpfiles.conf
There is an obvious typo in avahi_tmpfiles.conf: avahi-autoipd is
badly spelled.
Fixes bug #10641.
Reported-by: Michael Heinemann <posted@heine.so>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Bernd Kuhls [Tue, 9 Jan 2018 18:55:56 +0000 (19:55 +0100)]
package/intel-microcode: security bump to version
20180108
Quoting releasenote:
"Intel Processor Microcode Package for Linux
20180108 Release
-- Updates upon
20171117 release --
IVT C0 (06-3e-04:ed) 428->42a
SKL-U/Y D0 (06-4e-03:c0) ba->c2
BDW-U/Y E/F (06-3d-04:c0) 25->28
HSW-ULT Cx/Dx (06-45-01:72) 20->21
Crystalwell Cx (06-46-01:32) 17->18
BDW-H E/G (06-47-01:22) 17->1b
HSX-EX E0 (06-3f-04:80) 0f->10
SKL-H/S R0 (06-5e-03:36) ba->c2
HSW Cx/Dx (06-3c-03:32) 22->23
HSX C0 (06-3f-02:6f) 3a->3b
BDX-DE V0/V1 (06-56-02:10) 0f->14
BDX-DE V2 (06-56-03:10)
700000d->
7000011
KBL-U/Y H0 (06-8e-09:c0) 62->80
KBL Y0 / CFL D0 (06-8e-0a:c0) 70->80
KBL-H/S B0 (06-9e-09:2a) 5e->80
CFL U0 (06-9e-0a:22) 70->80
CFL B0 (06-9e-0b:02) 72->80
SKX H0 (06-55-04:b7)
2000035->
200003c
GLK B0 (06-7a-01:01) 1e->22"
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Bernd Kuhls [Tue, 9 Jan 2018 21:25:33 +0000 (22:25 +0100)]
package/{mesa3d, mesa3d-headers}: bump version to 17.3.2
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Francois Perrad [Wed, 10 Jan 2018 14:14:45 +0000 (15:14 +0100)]
configs/olimex_a20_olinuxino_lime*: bump Linux and U-Boot versions
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Adrian Perez de Castro [Wed, 10 Jan 2018 13:57:07 +0000 (15:57 +0200)]
webkitgtk: security bump to version 2.18.5
This is a maintenance release of the current stable WebKitGTK+ version,
which contains mitigations for CVE-2017-5753 and CVE-2017-5715, the
vulnerabilities known as the "Spectre" attack. It also contains a fix
which allows building the reference documentation with newer gtk-doc
versions.
Release notes can be found in the announcement:
https://webkitgtk.org/2018/01/10/webkitgtk2.18.5-released.html
Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabio Estevam [Wed, 10 Jan 2018 12:02:33 +0000 (10:02 -0200)]
linux-headers: bump 4.{4, 9, 14}.x series
Signed-off-by: Fabio Estevam <fabio.estevam@nxp.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabio Estevam [Wed, 10 Jan 2018 12:02:32 +0000 (10:02 -0200)]
linux: bump default to version 4.14.13
Signed-off-by: Fabio Estevam <fabio.estevam@nxp.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Evgeniy Didin [Mon, 18 Dec 2017 10:36:21 +0000 (13:36 +0300)]
toolchain: bump ARC prebuild toolchain to arc-2017.09
There might be subtle differences between uClibc configuration
compared to Buildroot's one.
Native RPC now is disabled because uClinc-ng has removed it.
Signed-off-by: Evgeniy Didin <didin@synopsys.com>
Cc: Alexey Brodkin <abrodkin@synopsys.com>
Cc: arc-buildroot@synopsys.com
Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Thomas Petazzoni [Tue, 9 Jan 2018 08:47:43 +0000 (09:47 +0100)]
python-networkmanager: remove default <pkg>_SOURCE variable
<pkg>-<pkg-version>.tar.gz is the default value, so there's no need to
explicitly specify it.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Thomas Petazzoni [Tue, 9 Jan 2018 08:46:47 +0000 (09:46 +0100)]
daq: remove default <pkg>_SOURCE variable
<pkg>-<pkg-version>.tar.gz is the default value, so there's no need to
explicitly specify it.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Peter Korsgaard [Fri, 13 Oct 2017 19:16:55 +0000 (21:16 +0200)]
fs/tar: add option for lz4 compression
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Peter Korsgaard [Fri, 13 Oct 2017 19:16:54 +0000 (21:16 +0200)]
fs/ext2: add option for lz4 compression
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Peter Korsgaard [Fri, 13 Oct 2017 19:16:53 +0000 (21:16 +0200)]
fs/cpio: add option for lz4 compression
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Peter Korsgaard [Fri, 13 Oct 2017 19:16:52 +0000 (21:16 +0200)]
fs/common.mk: support lz4 compression
Similar to the other compressors. Notice that we use the -l (legacy format)
for Linux kernel initrd compatibility.
Lz4 decompression is supported by the Linux kernel since 3.11.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Arnout Vandecappelle (Essensium/Mind) [Sun, 22 Oct 2017 14:17:52 +0000 (16:17 +0200)]
dependencies: correct dependencies for top-level parallel build
Commit
4932c8a7cc94277b3d53cecd935f725b91cfa9fe introduced the
core-dependencies target to make sure that the dependencies.sh script
runs before we attempt to compile any host tool, so that the absence of
a compiler is properly detected. However, this relied on the
left-to-right evaluation of dependencies. This will no longer be true
when we enable top-level parallel build.
Fix this by letting DEPENDENCIES_HOST_PREREQ depend on
core-dependencies.
Note that it is not possible to remove the
dependencies <- core-dependencies. Indeed, it is possible that
DEPENDENCIES_HOST_PREREQ is completely empty, and in that case we still
need to check core-dependencies.
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Arnout Vandecappelle (Essensium/Mind) [Sun, 22 Oct 2017 14:17:51 +0000 (16:17 +0200)]
core-dependencies: remove unneeded HOSTCC
dependencies.sh uses HOSTCC_NOCCACHE directly, and this variable is
exported from the top-level Makefile, so there is no need to pass
HOSTCC to it. HOSTCC is not used at all in dependencies.sh.
Thus, we also no longer need to apply the HOSTCC override for
core-dependencies. The core-depencies rule doesn't use HOSTCC or
HOSTCXX.
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Olivier Schonken [Mon, 23 Oct 2017 13:26:11 +0000 (15:26 +0200)]
cups-filters: new package
Signed-off-by: Olivier Schonken <olivier.schonken@gmail.com>
[Thomas:
- add missing select BR2_PACKAGE_JPEG
- use jpeg instead of libjpeg
- sort selects alphabetically
- fix Config.in comment dependencies.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Olivier Schonken [Mon, 23 Oct 2017 13:17:43 +0000 (15:17 +0200)]
libjpeg: add pkg-config file for libjpeg
Signed-off-by: Olivier Schonken <olivier.schonken@gmail.com>
[Thomas: change to automatically set the version in the generated .pc file.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Thomas Petazzoni [Mon, 8 Jan 2018 20:26:55 +0000 (21:26 +0100)]
CHANGES: update after removal of source-check
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Maxime Hadjinlian [Wed, 25 Oct 2017 20:09:51 +0000 (22:09 +0200)]
pkg-{download, generic}: remove source-check
This feature is not used by anyone in the core developpers and makes a
drastic simplification of the pkg-download infrastructure harder.
The future patch will move much of what's in the current pkg-download.mk
file into the dl-wrapper which is a shell script.
Signed-off-by: Maxime Hadjinlian <maxime.hadjinlian@gmail.com>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Peter Seiderer [Fri, 27 Oct 2017 19:24:23 +0000 (21:24 +0200)]
libopenssl: do not leak the compiler path (reproducible builds)
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Fabrice Fontaine [Mon, 8 Jan 2018 18:10:42 +0000 (19:10 +0100)]
rygel: fix UI build
Add a patch to avoid failing on a configure error if UI example can't be
built if libgtk3 is available but not gst1-plugins-base (gstreamer-video
is only needed for UI example, not for rygel UI)
Fixes:
- http://autobuild.buildroot.net/results/
6c659aadfc418c0a27a93284eb34d75e2b0dc169
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Norbert Lange [Mon, 8 Jan 2018 13:40:45 +0000 (14:40 +0100)]
tcf-agent: disable package for powerpc64
Fails to build, disable powerpc64 until upstream fixed it
Fixes:
http://autobuild.buildroot.net/results/
5088f6efd44ce9b081c2c7825a7005a9cb60799d
Signed-off-by: Norbert Lange <nolange79@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Peter Korsgaard [Mon, 8 Jan 2018 10:08:15 +0000 (11:08 +0100)]
asterisk: security bump to version 14.7.5
Fixes the following security issues:
* AST-2017-014: Crash in PJSIP resource when missing a contact header A
select set of SIP messages create a dialog in Asterisk. Those SIP
messages must contain a contact header. For those messages, if the header
was not present and using the PJSIP channel driver, it would cause
Asterisk to crash. The severity of this vulnerability is somewhat
mitigated if authentication is enabled. If authentication is enabled a
user would have to first be authorized before reaching the crash point.
For more details, see the announcement:
https://www.asterisk.org/downloads/asterisk-news/asterisk-13185-1475-1515-and-1318-cert2-now-available-security
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Fabio Estevam [Mon, 8 Jan 2018 01:15:08 +0000 (23:15 -0200)]
linux-headers: bump 3.2.x series
Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Matt Weber [Sun, 7 Jan 2018 23:29:06 +0000 (17:29 -0600)]
execline: fix hash "sha" type spelling
sah256 -> sha256
Fixes:
http://autobuild.buildroot.net/results/9d0/
9d054a26d7833353efbe49c984a7cb66d77b1d0c/
Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Peter Korsgaard [Sun, 7 Jan 2018 22:59:40 +0000 (23:59 +0100)]
ntp: does not work with libressl
Fixes #10556
The --with-crypto handling in ntp only works with libopenssl, not with
libressl, where it ends up with compilation issues like:
ntp_control.c:(.text+0x64): undefined reference to `EVP_MD_CTX_new'
ntp_control.c:(.text+0x10c): undefined reference to `EVP_MD_CTX_free'
libntpd.a(ntp_crypto.o): In function `bighash':
ntp_crypto.c:(.text+0x2e8): undefined reference to `EVP_MD_CTX_new'
ntp_crypto.c:(.text+0x328): undefined reference to `EVP_MD_CTX_free'
libntpd.a(ntp_crypto.o): In function `crypto_verify':
ntp_crypto.c:(.text+0x6cc): undefined reference to `EVP_MD_CTX_new'
ntp_crypto.c:(.text+0x710): undefined reference to `EVP_MD_CTX_free'
ntp_crypto.c:(.text+0x72c): undefined reference to `EVP_MD_CTX_free'
So ensure we only pass --with-crypto when libopenssl is used.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Yann E. MORIN [Sun, 7 Jan 2018 22:50:05 +0000 (23:50 +0100)]
utils/test-pkg: always run a global legal-info
Instead of limiting it to the package under test, we run it globally.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Cc: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Trent Piepho [Wed, 20 Dec 2017 02:06:24 +0000 (18:06 -0800)]
ncurses: install 256 color terminfo files unconditionally
There are three 256 color terminfo files that buildroot only installs
if ncurses is configured with wide character support, which also
enables ext-color. There is a fourth 256 color terminfo file that does
not depend on wchar suport and is always installed.
This changes that to always install all four 256 color terminfo files.
When ncurses has ext-colors enabled,it allows 256 fg and bg colors at
the same time. Without ext-colors, it is still possible to use the 256
color terminfo files and one can get a combination of fb and bg colors
that equals up to 256, e.g. 256 fg colors on one background or 16 fg
and 16 bg colors.
In short, the 256 color files work fine without wchar or ext-color
support and support more colors than the normal xterm, etc. terminfo
files. It's common today for the default terminal to use
xterm-256color and it's nice if thinks like vim and top work out of
the box.
Signed-off-by: Trent Piepho <tpiepho@impinj.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Romain Naour [Fri, 5 Jan 2018 16:32:23 +0000 (17:32 +0100)]
package/enlightenment: bump to 0.22.1
See https://www.enlightenment.org/news/e22_release and
https://www.enlightenment.org/news/e0.22.1_release
Switch to the meson build system.
The autotools build system has been removed upstream by commit
https://git.enlightenment.org/core/enlightenment.git/commit/?id=
bd8828204779509a2f47fffc4031abcab2b34d79
Signed-off-by: Romain Naour <romain.naour@gmail.com>
[Thomas: use --option=value everywhere.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Matt Weber [Sun, 7 Jan 2018 22:32:14 +0000 (16:32 -0600)]
cjson: update LICENSE hash for 1.7.0
No change to the contents but indentation.
Fixes:
http://autobuild.buildroot.net/results/626/
626f01bb2e769914d471e70665f7f2909e1f5fe2/
Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Peter Korsgaard [Sun, 7 Jan 2018 21:46:29 +0000 (22:46 +0100)]
asterisk: security bump to version 14.6.2
Fixes the following security issues:
14.6.1:
* AST-2017-005 (applied to all released versions): The "strictrtp" option in
rtp.conf enables a feature of the RTP stack that learns the source address
of media for a session and drops any packets that do not originate from
the expected address. This option is enabled by default in Asterisk 11
and above. The "nat" and "rtp_symmetric" options for chan_sip and
chan_pjsip respectively enable symmetric RTP support in the RTP stack.
This uses the source address of incoming media as the target address of
any sent media. This option is not enabled by default but is commonly
enabled to handle devices behind NAT.
A change was made to the strict RTP support in the RTP stack to better
tolerate late media when a reinvite occurs. When combined with the
symmetric RTP support this introduced an avenue where media could be
hijacked. Instead of only learning a new address when expected the new
code allowed a new source address to be learned at all times.
If a flood of RTP traffic was received the strict RTPsupport would allow
the new address to provide media and with symmetric RTP enabled outgoing
traffic would be sent to this new address, allowing the media to be
hijacked. Provided the attacker continued to send traffic they would
continue to receive traffic as well.
* AST-2017-006 (applied to all released versions): The app_minivm module has
an “externnotify” program configuration option that is executed by the
MinivmNotify dialplan application. The application uses the caller-id
name and number as part of a built string passed to the OS shell for
interpretation and execution. Since the caller-id name and number can
come from an untrusted source, a crafted caller-id name or number allows
an arbitrary shell command injection.
* AST-2017-007 (applied only to 13.17.1 and 14.6.1): A carefully crafted URI
in a From, To or Contact header could cause Asterisk to crash
For more details, see the announcement:
https://www.asterisk.org/downloads/asterisk-news/asterisk-11252-13171-1461-116-cert17-1313-cert5-now-available-security
14.6.2:
* AST-2017-008: Insufficient RTCP packet validation could allow reading
stale buffer contents and when combined with the “nat” and “symmetric_rtp”
options allow redirecting where Asterisk sends the next RTCP report.
The RTP stream qualification to learn the source address of media always
accepted the first RTP packet as the new source and allowed what
AST-2017-005 was mitigating. The intent was to qualify a series of
packets before accepting the new source address.
For more details, see the announcement:
https://www.asterisk.org/downloads/asterisk-news/asterisk-11253-13172-1462-116-cert18-1313-cert6-now-available-security
Drop 0004-configure-in-cross-complation-assimne-eventfd-are-av.patch as this
is now handled differently upstream (by disabling eventfd for cross
compilation, see commit
2e927990b3d2 (eventfd: Disable during cross
compilation)). If eventfd support is needed then this should be submitted
upstream.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Peter Korsgaard [Sun, 7 Jan 2018 21:03:18 +0000 (22:03 +0100)]
irssi: security bump to version 1.0.6
>From the advisory (https://irssi.org/security/irssi_sa_2018_01.txt):
Multiple vulnerabilities have been located in Irssi.
(a) When the channel topic is set without specifying a sender, Irssi
may dereference NULL pointer. Found by Joseph Bisch. (CWE-476)
CVE-2018-5206 was assigned to this issue.
(b) When using incomplete escape codes, Irssi may access data beyond
the end of the string. (CWE-126) Found by Joseph Bisch.
CVE-2018-5205 was assigned to this issue.
(c) A calculation error in the completion code could cause a heap
buffer overflow when completing certain strings. (CWE-126) Found
by Joseph Bisch.
CVE-2018-5208 was assigned to this issue.
(d) When using an incomplete variable argument, Irssi may access data
beyond the end of the string. (CWE-126) Found by Joseph Bisch.
CVE-2018-5207 was assigned to this issue.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Jan Heylen [Thu, 4 Jan 2018 12:28:31 +0000 (13:28 +0100)]
opentracing-cpp: new package
Signed-off-by: Jan Heylen <jan.heylen@nokia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Jan Heylen [Thu, 4 Jan 2018 12:28:30 +0000 (13:28 +0100)]
toolchain: m68k coldfire is also affected by gcc bug 64735
Verified experimentally by using exception_ptr with m68k_cf5208 and
looking at the value of ATOMIC_INT_LOCK_FREE. ATOMIC_INT_LOCK_FREE=1,
so the issue is present. Also verified that gcc 7.x fixed it also for
cf5208.
Signed-off-by: Jan Heylen <jan.heylen@nokia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Jan Heylen [Thu, 4 Jan 2018 12:28:29 +0000 (13:28 +0100)]
package/pkg-cmake.mk: add note about BUILD_STATIC_LIBS
As BUILD_STATIC_LIBS is not a standard cmake variable (while
BUILD_SHARED_LIBS is) we shouldn't add it in pkg-cmake.mk, although
for some packages that would make sense. Therefore, add a note so we
don't forget about this abnormality.
See: https://cmake.org/cmake/help/v3.8/manual/cmake-variables.7.html#variables-that-change-behavior
Signed-off-by: Jan Heylen <jan.heylen@nokia.com>
[Thomas: rework the comment in the code.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Jan Heylen [Thu, 4 Jan 2018 12:28:28 +0000 (13:28 +0100)]
rabbitmq-c: don't pass BUILD_SHARED_LIBS
The BUILD_SHARED_LIBS option is already handled by the cmake-package
infrastructure, so there is no need to pass it at the package level.
Signed-off-by: Jan Heylen <jan.heylen@nokia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Sergey Matyukevich [Sun, 7 Jan 2018 20:11:30 +0000 (23:11 +0300)]
orangepi: drop custom post-build and post-image scripts
Currently in Orange Pi boards post-build script is used only to generate
U-Boot boot script and post-image script is used only to generate sdcard
image according to genimage configuration. However both those tasks can
now be handled by generic Buildroot tools:
- BR2_TARGET_UBOOT_BOOT_SCRIPT config options
- support/scripts/genimage.sh script
This patch drops custom scripts replacing them
by generic Buildroot tools.
Signed-off-by: Sergey Matyukevich <geomatsi@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Sergey Matyukevich [Sun, 7 Jan 2018 20:11:29 +0000 (23:11 +0300)]
xr819-xradio: add license file hash
Signed-off-by: Sergey Matyukevich <geomatsi@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Eric Le Bihan [Sun, 7 Jan 2018 19:08:53 +0000 (20:08 +0100)]
s6-linux-utils: add license hash
Signed-off-by: Eric Le Bihan <eric.le.bihan.dev@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Eric Le Bihan [Sun, 7 Jan 2018 19:08:52 +0000 (20:08 +0100)]
s6-portable-utils: add license hash
Signed-off-by: Eric Le Bihan <eric.le.bihan.dev@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Eric Le Bihan [Sun, 7 Jan 2018 19:08:51 +0000 (20:08 +0100)]
s6-networking: add license hash
Signed-off-by: Eric Le Bihan <eric.le.bihan.dev@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Eric Le Bihan [Sun, 7 Jan 2018 19:08:50 +0000 (20:08 +0100)]
s6-linux-init: add license hash
Signed-off-by: Eric Le Bihan <eric.le.bihan.dev@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Eric Le Bihan [Sun, 7 Jan 2018 19:08:49 +0000 (20:08 +0100)]
execline: add license hash
Signed-off-by: Eric Le Bihan <eric.le.bihan.dev@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Eric Le Bihan [Sun, 7 Jan 2018 19:08:48 +0000 (20:08 +0100)]
s6-dns: bump version to 2.3.0.0
Also add license hash.
Signed-off-by: Eric Le Bihan <eric.le.bihan.dev@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Eric Le Bihan [Sun, 7 Jan 2018 19:08:47 +0000 (20:08 +0100)]
s6-rc: bump version to 0.4.0.0
Also add license hash.
Signed-off-by: Eric Le Bihan <eric.le.bihan.dev@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Eric Le Bihan [Sun, 7 Jan 2018 19:08:46 +0000 (20:08 +0100)]
s6: bump version to 2.7.0.0
Also add license hash.
Signed-off-by: Eric Le Bihan <eric.le.bihan.dev@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Eric Le Bihan [Sun, 7 Jan 2018 19:08:45 +0000 (20:08 +0100)]
skalibs: bump version to 2.6.3.0
Also add license hash.
Signed-off-by: Eric Le Bihan <eric.le.bihan.dev@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Bernd Kuhls [Sun, 7 Jan 2018 19:08:31 +0000 (20:08 +0100)]
package/bdwgc: bump version to 7.6.2
Removed patches applied upstream:
0002-Fix-uClibc-build.patch
https://github.com/ivmai/bdwgc/commit/
047230b71d421407ad2c8641ee4a87a1bd89145b
0003-configure-match-uclinux-pattern.patch
https://github.com/ivmai/bdwgc/commit/
a628c90bdbf397465ac2ab2b11f14eb2e853651c
Renumbered remaining patches, added license hash.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Bernd Kuhls [Sun, 7 Jan 2018 19:00:09 +0000 (20:00 +0100)]
package/x11r7/xserver_xorg-server: fix build with composite support disabled
Added upstream to fix
http://autobuild.buildroot.net/results/44e/
44e29c2fb5d236a66e0466698fbc9201a37dbc63/
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Bernd Kuhls [Sun, 7 Jan 2018 17:56:26 +0000 (18:56 +0100)]
package/x11r7/xlib_libXpm: disable gettext detection when not needed
Patch originates from FreeBSD:
https://lists.freebsd.org/pipermail/freebsd-x11/2015-July/016528.html
https://svnweb.freebsd.org/ports/head/x11/libXpm/Makefile?r1=384234&r2=391122&pathrev=391122
Fixes
http://autobuild.buildroot.net/results/f24/
f24dc74c111690f068833ff6fc72df9a0853d210/
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Bernd Kuhls [Sun, 7 Jan 2018 17:07:38 +0000 (18:07 +0100)]
package/libdrm: adjust patch switching to pkg-config for libatomic_ops
In commit
fa6c7d165971e1f70b9ac94bae9cd1fd9180c072 ("libdrm: fix
libatomic_ops linking"), a patch was added to switch to
PKG_CHECK_MODULES() to detect libatomic_ops instead of
AC_CHECK_HEADER.
However, as explained in
https://autotools.io/pkgconfig/pkg_check_modules.html:
"In contrast with almost all of the original macros, though, the default
action-if-not-found will end the execution with an error for not having
found the dependency."
This makes the configure script bail out when libatomic_ops is not
available, which is not what we want in libdrm's configure
script. This commit adjusts the PKG_CHECK_MODULES() call to avoid
failing.
Fixes:
http://autobuild.buildroot.net/results/cea/
cea777dc997f86c1122c8b818d264215a0e77e5a/
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>