Fabrice Fontaine [Wed, 9 Jun 2021 16:58:37 +0000 (18:58 +0200)]
package/libtorrent: requires RC4 support in openssl
Enable RC4 in openssl to fix build failure raised since commit
a83d41867c8d69a77d5cd0a665aa216af5340359
Fixes:
- http://autobuild.buildroot.org/results/
c909fedb5f59d8a434a3bde469155ff550615e3c
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Yann E. MORIN [Sun, 6 Jun 2021 07:59:32 +0000 (09:59 +0200)]
package/freerdp: needs rc4 from libopenssl
Fixes:
http://autobuild.buildroot.org/results/
b21b21a66bef2bc09231e475037a8f9be5584fa4/
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fabrice Fontaine [Sat, 12 Jun 2021 11:37:07 +0000 (13:37 +0200)]
package/netsnmp: requires DES support in openssl
Enable DES in openssl to fix build failure raised since commit
a83d41867c8d69a77d5cd0a665aa216af5340359
Fixes:
- http://autobuild.buildroot.org/results/
76ddd42cfecc596e431490747e3a32b937f95a17
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fabrice Fontaine [Sat, 12 Jun 2021 11:27:22 +0000 (13:27 +0200)]
package/mender: requires MD4 and RMD160 support in openssl
Enable MD4 and RMD160 in openssl to fix build failure raised since
commit
a83d41867c8d69a77d5cd0a665aa216af5340359
Fixes:
- http://autobuild.buildroot.org/results/
0b9ad028609f7e3e4eddd4439deaf7b3aa1d1273
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fabrice Fontaine [Wed, 9 Jun 2021 21:54:22 +0000 (23:54 +0200)]
package/netatalk: requires CAST and DES support in openssl
Enable CAST and DES in openssl to fix build failures raised since commit
a83d41867c8d69a77d5cd0a665aa216af5340359
Fixes:
- http://autobuild.buildroot.org/results/
b7347e3e4b828901dcb954f7cc37b712b80ac49b
- http://autobuild.buildroot.org/results/
453c10ff24ef48f1340ec91412e504fe604033cf
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[yann.morin.1998@free.fr:
- move the 'select' of the options closer to the 'select' on openssl
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fabrice Fontaine [Wed, 9 Jun 2021 21:30:46 +0000 (23:30 +0200)]
package/rhash: requires RMD160 support in openssl
Enable RMD160 in openssl to fix build failure raised since commit
a83d41867c8d69a77d5cd0a665aa216af5340359
Fixes:
- http://autobuild.buildroot.org/results/
e3733ad25de55616b2eafff0b489aea2bee65e06
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fabrice Fontaine [Wed, 9 Jun 2021 19:52:57 +0000 (21:52 +0200)]
package/transmission: requires RC4 support in openssl
Enable RC4 in openssl to fix build failure raised since commit
a83d41867c8d69a77d5cd0a665aa216af5340359
Fixes:
- http://autobuild.buildroot.org/results/
c658beb245cbf06786aa4155c7649c3e1a613e39
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[yann.morin.1998@free.fr:
- move the 'select' of the option closer to the 'select' on openssl
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
John Keeping [Fri, 11 Jun 2021 18:00:27 +0000 (19:00 +0100)]
package/connman: security bump to 1.40
Fix CVE-2021-33833 which is a stack buffer overflow in dnsproxy.
Release notes:
https://lore.kernel.org/connman/
20210610113503.ob45lhssqy5hk4ki@beryllium.lan/
Signed-off-by: John Keeping <john@metanate.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Peter Korsgaard [Fri, 11 Jun 2021 10:03:08 +0000 (12:03 +0200)]
package/squid: security bump to version 4.15
Fixes the following security issues:
- CVE-2021-28651: Denial of Service in URN processing
Due to a buffer management bug Squid is vulnerable to a Denial of service
attack against the server it is operating on.
This attack is limited to proxies which attempt to resolve a "urn:"
resource identifier. Support for this resolving is enabled by default in
all Squid.
https://github.com/squid-cache/squid/security/advisories/GHSA-ch36-9jhx-phm4
- CVE-2021-28652: Denial of Service issue in Cache Manager
Due to an incorrect parser validation bug Squid is vulnerable to a Denial
of Service attack against the Cache Manager API.
https://github.com/squid-cache/squid/security/advisories/GHSA-m47m-9hvw-7447
- CVE-2021-28662: Denial of Service in HTTP Response Processing
Due to an input validation bug Squid is vulnerable to a Denial of Service
against all clients using the proxy.
https://github.com/squid-cache/squid/security/advisories/GHSA-jjq6-mh2h-g39h
- CVE-2021-31806, CVE-2021-31807, CVE-2021-31808: Multiple Issues in HTTP
Range header
Due to an incorrect input validation bug Squid is vulnerable to
a Denial of Service attack against all clients using the proxy.
https://github.com/squid-cache/squid/security/advisories/GHSA-pxwq-f3qr-w2xf
- CVE-2021-33620: Denial of Service in HTTP Response processing
Due to an input validation bug Squid is vulnerable to a Denial of Service
against all clients using the proxy.
https://github.com/squid-cache/squid/security/advisories/GHSA-572g-rvwr-6c7f
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Peter Korsgaard [Thu, 10 Jun 2021 21:47:30 +0000 (23:47 +0200)]
package/mpg123: bump version to 1.25.15
Bugfix release. From the release notes:
Some backports of important fixes to the 1.25 series, for very conservative
people.
libmpg123: Backport bit reservoir CRC fix from 1.26
libmpg123: Backport part2_3_length regression fix (bug 312).
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Wed, 9 Jun 2021 21:04:48 +0000 (23:04 +0200)]
package/libsoup: fix build with NLS
Fix build failure with NLS raised since bump to version 2.72.0 in commit
8e5f7f1cfc8fd7a9d5270f6a9707eb9eecfd21da
Fixes:
- http://autobuild.buildroot.org/results/
1793753629d81476a3cd6fea40029cbd7de0206c
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Peter Korsgaard [Mon, 7 Jun 2021 15:18:41 +0000 (17:18 +0200)]
package/udisks: drop unused lvm2 support
BR2_PACKAGE_UDISKS_LVM2 was dropped in commit
eb251b30084e38 (package/lvm2:
drop BR2_PACKAGE_LVM2_APP_LIBRARY), but missed when merging next. Drop it.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Peter Korsgaard [Mon, 7 Jun 2021 15:14:37 +0000 (17:14 +0200)]
Merge branch 'next'
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Peter Korsgaard [Mon, 7 Jun 2021 09:20:28 +0000 (11:20 +0200)]
Kickoff 2021.08 cycle
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Peter Korsgaard [Mon, 7 Jun 2021 09:19:43 +0000 (11:19 +0200)]
docs/website/news.html: add 2021.05 announcement link
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Peter Korsgaard [Sun, 6 Jun 2021 21:21:08 +0000 (23:21 +0200)]
Update for 2021.05
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Peter Korsgaard [Sun, 6 Jun 2021 21:12:11 +0000 (23:12 +0200)]
docs/website: update for 2021.05-rc3
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Yann E. MORIN [Sun, 6 Jun 2021 21:04:00 +0000 (23:04 +0200)]
DEVELOPPERS: remove Chakra Divi
The domain for their email is now a parking-site, and mails are not
delivered anymore.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fabrice Fontaine [Sun, 6 Jun 2021 17:38:04 +0000 (19:38 +0200)]
package/mimic: fix static build with gcc 10
Fixes:
- http://autobuild.buildroot.org/results/
bee20bbfa4fa64ed8704bfb9586d5a3148f39fdf
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Chan, Donald [Thu, 20 May 2021 01:49:43 +0000 (01:49 +0000)]
package/python3-cryptography: add python3 host variant
Add a python3 host variant since another downstream OSS component
(OP-TEE) uses buildroot and it will depend on a python3 host variant
of python-cryptography.
Signed-off-by: Donald Chan <hoiho@lab126.com>
[yann.morin.1998@free.fr:
- drop target _DEPENDENCIES since this is a host-only package
- instead, add host-openssl to dependencies
- add CPE variables
- also add sync comment for python-pip
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Chan, Donald [Thu, 20 May 2021 01:48:58 +0000 (01:48 +0000)]
package/python3-cffi: add python3 host variant
Add a python3 host variant since we are adding a python3 host variant of
python-cryptography and it is dependent on this.
Signed-off-by: Donald Chan <hoiho@lab126.com>
[yann.morin.1998@free.fr:
- drop target _DEPENDENCIES since this is a host-only package
- also add sync comment to python-cffi
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Chan, Donald [Thu, 20 May 2021 01:48:29 +0000 (01:48 +0000)]
package/python3-pycparser: add python3 host variant
Add a python3 host variant since we are adding a python3 host variant of
python-cryptography and it is dependent on this.
Signed-off-by: Donald Chan <hoiho@lab126.com>
[yann.morin.1998@free.fr: also add sync comment to python-pycparser]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Chan, Donald [Thu, 20 May 2021 01:48:00 +0000 (01:48 +0000)]
package/python3-pip: add python3 host variant
Add a python3 host variant since we are adding a python3 host variant of
python-cryptography and it is dependent on this.
Signed-off-by: Donald Chan <hoiho@lab126.com>
[yann.morin.1998@free.fr:
- add CPE variables
- also add sync comment for python-pip
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Chan, Donald [Thu, 20 May 2021 01:47:26 +0000 (01:47 +0000)]
package/python3-six: add python3 host variant
Add a python3 host variant since we are adding a python3 host variant of
python-cryptography and it is dependent on this.
Signed-off-by: Donald Chan <hoiho@lab126.com>
[yann.morin.1998@free.fr: also add sync comment in python-six]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Peter Korsgaard [Sun, 6 Jun 2021 11:50:18 +0000 (13:50 +0200)]
package/go: security bump to version 1.16.5
Fixes the following security issues:
- CVE-2021-33195: The LookupCNAME, LookupSRV, LookupMX, LookupNS, and
LookupAddr functions in net, and their respective methods on the Resolver
type may return arbitrary values retrieved from DNS which do not follow
the established RFC 1035 rules for domain names. If these names are used
without further sanitization, for instance unsafely included in HTML, they
may allow for injection of unexpected content. Note that LookupTXT may
still return arbitrary values that could require sanitization before
further use
- CVE-2021-33196: The NewReader and OpenReader functions in archive/zip can
cause a panic or an unrecoverable fatal error when reading an archive that
claims to contain a large number of files, regardless of its actual size
- CVE-2021-33197: ReverseProxy in net/http/httputil could be made to forward
certain hop-by-hop headers, including Connection. In case the target of
the ReverseProxy was itself a reverse proxy, this would let an attacker
drop arbitrary headers, including those set by the ReverseProxy.Director
- CVE-2021-33198: The SetString and UnmarshalText methods of math/big.Rat
may cause a panic or an unrecoverable fatal error if passed inputs with
very large exponents
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Peter Seiderer [Wed, 2 Jun 2021 20:15:29 +0000 (22:15 +0200)]
package/x11r7/xdriver_xf86-video-fbturbo: fix driver loading
Port two xf86-video-fbdev upstream patches to xf86-video-fbturbo fixing
incompatibility with latest xorg release and add mandatory module loading
section to installed xorg.conf:
- patch 0002-Use-own-thunk-functions-instead-of-fbdevHW-Weak.patch, fixes:
[ 12.638] (II) LoadModule: "fbturbo"
[ 12.639] (II) Loading /usr/lib/xorg/modules/drivers/fbturbo_drv.so
[ 12.642] (EE) Failed to load /usr/lib/xorg/modules/drivers/fbturbo_drv.so: /usr/lib/xorg/modules/drivers/fbturbo_drv.so: undefined symbol: shadowUpdatePackedWeak
[ 12.642] (EE) Failed to load module "fbturbo" (loader failed, 0)
- patch 0003-Update-for-1.20-ABI.patch, fixes:
[ 12.551] (II) LoadModule: "fbturbo"
[ 12.553] (II) Loading /usr/lib/xorg/modules/drivers/fbturbo_drv.so
[ 12.556] (EE) Failed to load /usr/lib/xorg/modules/drivers/fbturbo_drv.so: /usr/lib/xorg/modules/drivers/fbturbo_drv.so: undefined symbol: xf86DisableRandR
[ 12.556] (EE) Failed to load module "fbturbo" (loader failed, 0)
- patch 0004-xorg.conf-add-mandatory-modules-fb-shadow-fbdevhw.patch, fixes:
module fbdevhw:
[ 303.906] (II) LoadModule: "fbturbo"
[ 303.906] (II) Loading /usr/lib/xorg/modules/drivers/fbturbo_drv.so
[ 303.907] (EE) Failed to load /usr/lib/xorg/modules/drivers/fbturbo_drv.so: /usr/lib/xorg/modules/drivers/fbturbo_drv.so: undefined symbol: fbdevHWSave
[ 303.907] (EE) Failed to load module "fbturbo" (loader failed, 0)
[ 303.907] (EE) No drivers available.
module shadow:
[ 426.403] (II) LoadModule: "fbturbo"
[ 426.404] (II) Loading /usr/lib/xorg/modules/drivers/fbturbo_drv.so
[ 426.404] (EE) Failed to load /usr/lib/xorg/modules/drivers/fbturbo_drv.so: /usr/lib/xorg/modules/drivers/fbturbo_drv.so: undefined symbol: shadowRemove
[ 426.404] (EE) Failed to load module "fbturbo" (loader failed, 0)
[ 426.404] (EE) No drivers available.
module fb:
[ 471.912] (II) LoadModule: "shadow"
[ 471.913] (II) Loading /usr/lib/xorg/modules/libshadow.so
[ 471.913] (EE) Failed to load /usr/lib/xorg/modules/libshadow.so: /usr/lib/xorg/modules/libshadow.so: undefined symbol: fbGetScreenPrivateKey
[ 471.913] (EE) Failed to load module "shadow" (loader failed, 0)
Fixes:
- https://bugs.busybox.net/show_bug.cgi?id=13816
- http://lists.busybox.net/pipermail/buildroot/2021-June/311763.html
Reported-by: Jürgen Wack <juergen.wack@gmx.de>
Reported-by: Derek T <derek.tata1@gmail.com>
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
[yann.morin.1998@free.fr: fix check-package errors]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Bernd Kuhls [Sun, 6 Jun 2021 07:28:59 +0000 (09:28 +0200)]
package/ffmpeg: Fix build for mips
Fixes:
http://autobuild.buildroot.net/results/079/
079df777211933b92ac5a67fc175839c8188850f/
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fabrice Fontaine [Sat, 5 Jun 2021 21:14:25 +0000 (23:14 +0200)]
package/mono-gtksharp3: fix build with latest mono
Fix build failure with latest mono which is raised since commit
4c8a285b6e35c4028341f874760bfa9226ebff94
Fixes:
- http://autobuild.buildroot.org/results/
ff3edfe406f00a29429d2fa4258af12c87e5fb96
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fabrice Fontaine [Sat, 5 Jun 2021 22:00:31 +0000 (00:00 +0200)]
package/mpv: handle --{en,dis}able-libmpv-{shared,static}
libmpv-static and libmpv-shared are disabled by default resulting in the
following build failure when building with gl but without rpi, wayland
or x11:
Checking for OpenGL without platform-specific code (e.g. for libmpv) : libmpv-shared not found
Checking for OpenGL context support : gl-cocoa not found
You manually enabled the feature 'gl', but the autodetection check failed.
Here is an extract of wscript:
} , {
'name': '--plain-gl',
'desc': 'OpenGL without platform-specific code (e.g. for libmpv)',
'deps': 'libmpv-shared || libmpv-static',
'func': check_true,
}, {
'name': '--gl',
'desc': 'OpenGL context support',
'deps': 'gl-cocoa || gl-x11 || egl-x11 || egl-drm || '
+ 'gl-win32 || gl-wayland || rpi || '
+ 'plain-gl',
'func': check_true,
'req': True,
'fmsg': "No OpenGL video output found or enabled. " +
"Aborting. If you really mean to compile without OpenGL " +
"video outputs use --disable-gl.",
}, {
Enabling both the shared and static libraries is not allowed by mpv, so
we consider the BR2_STATIC_LIBS to be static, and otherwise (i.e.
BR2_SHARED_LIBS and BR2_SHARED_STATIC_LIBS) to be shared.
Fixes:
- http://autobuild.buildroot.org/results/
590d2a8b6746ef071dfb439e42b636f81dbdc35d
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[yann.morin.1998@free.fr:
- expand config log about shared/static icompatibility
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Peter Korsgaard [Sun, 6 Jun 2021 07:05:21 +0000 (09:05 +0200)]
configs/minnowboard_max-graphical_defconfig: unbreak X11/mesa
Fixes https://gitlab.com/buildroot.org/buildroot/-/jobs/
1297337965
Commit
15a2f9b819806d38a7d8172a2 (package/{mesa3d, mesa3d-headers}: bump
version to 21.0.2) marked BR2_PACKAGE_MESA3D_DRI_DRIVER_SWRAST as legacy,
but forgot to update the defconfig. The SW rasterizer isn't really needed
with the Intel GPU, so just drop it.
In addition, X11 now needs some help with loading the modules in the correct
order, similar to how it was done for the test in commit
4a3639bad01a
(support/testing: test_glxinfo load X11 modules in the right order).
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Drew Fustini [Sun, 6 Jun 2021 00:53:42 +0000 (17:53 -0700)]
boot/beaglev-ddrinit: update to include upstream fixes
Update commit ID to include recent upstream fixes:
- Fix I and D cache synchronization issue (
2e2f6faaf105)
- Add carriage return to correct menu formatting (
2f6ea51dbb51)
- Add copyright info (
7d3413d2ffd9)
- Expand the limit on the size of uboot when update it (
623888127a0e)
Signed-off-by: Drew Fustini <drew@beagleboard.org>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Drew Fustini [Sun, 6 Jun 2021 00:51:23 +0000 (17:51 -0700)]
boot/beaglev-secondboot: update to include upstream fixes
Update the commit id to include upstream fixes:
- Fix print format in load_and_run_ddr(
e976d186e69a)
- Update copyright info (
f2b049b7fff2)
- Avoid chiplink address exception (
86664be28e5d)
Signed-off-by: Drew Fustini <drew@beagleboard.org>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fabrice Fontaine [Thu, 3 Jun 2021 05:56:44 +0000 (07:56 +0200)]
package/qt5/qt5base: fix build with gcc 11
Fix the following build failure with gcc 11:
/data/buildroot-autobuilder/instance-0/output-1/build/qt5base-5.15.2/include/QtCore/../../src/corelib/global/qfloat16.h:300:7: error: 'numeric_limits' is not a class template
300 | class numeric_limits<QT_PREPEND_NAMESPACE(qfloat16)> : public numeric_limits<float>
| ^~~~~~~~~~~~~~
Fixes:
- http://autobuild.buildroot.org/results/
9a7a987af40b8408ccdfcae4890008c7090b41a1
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Reviewed-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fabrice Fontaine [Sat, 5 Jun 2021 15:15:09 +0000 (17:15 +0200)]
package/intel-mediadriver: disable -Werror
Disable -Werror to avoid the following build failure:
<command-line>: error: "_FORTIFY_SOURCE" redefined [-Werror]
MEDIA_BUILD_FATAL_WARNINGS option is available since version 18.2.0 and
https://github.com/intel/media-driver/commit/
6932fc0ffb8228245052528820adafb6743f7482
Fixes:
- http://autobuild.buildroot.org/results/
52638d95312e464626d1c4047b3b26d4f57a1cd2
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fabrice Fontaine [Thu, 3 Jun 2021 16:46:58 +0000 (18:46 +0200)]
package/apcupsd: add APCUPSD_CPE_ID_VENDOR
cpe:2.3:a:apcupsd:apcupsd is a valid CPE identifier for this package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Aapcupsd%3Aapcupsd
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fabrice Fontaine [Thu, 3 Jun 2021 16:39:28 +0000 (18:39 +0200)]
package/acpid: add CPE variables
cpe:2.3:a:tedfelix:acpid2 is a valid CPE identifier for this package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Atedfelix%3Aacpid2
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fabrice Fontaine [Thu, 3 Jun 2021 19:13:56 +0000 (21:13 +0200)]
package/chrony: add CHRONY_CPE_ID_VENDOR
cpe:2.3:a:tuxfamily:chrony is a valid CPE identifier for this package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Atuxfamily%3Achrony
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Bernd Kuhls [Sat, 5 Jun 2021 08:15:05 +0000 (10:15 +0200)]
DEVELOPERS: add Bernd Kuhls to gptfdisk package
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Bernd Kuhls [Sat, 5 Jun 2021 08:15:04 +0000 (10:15 +0200)]
package/gptfdisk: security bump version to 1.0.7
Release notes:
https://sourceforge.net/p/gptfdisk/code/ci/master/tree/NEWS
Version 1.0.6 fixes CVE-2020-0256 & CVE-2021-0308.
Removed md5 hash.
Rebased patch due to upstream commit
https://sourceforge.net/p/gptfdisk/code/ci/
6180deb472c302c47f4d4acff8f2123d10824364/#diff-3
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fabrice Fontaine [Thu, 3 Jun 2021 20:09:01 +0000 (22:09 +0200)]
package/odb: fix build with gcc 11
Add -std=c++11 to fix the following build failure with gcc 11:
/data/buildroot-autobuilder/instance-0/output-1/host/include/cutl/shared-ptr/base.hxx:34:41: error: ISO C++17 does not allow dynamic exception specifications
34 | operator new (std::size_t, cutl::share) throw (std::bad_alloc);
| ^~~~~
Fixes:
- http://autobuild.buildroot.org/results/
9cbb8be7a1d8ac5913fbc5e2a78c4c45b5daf8e2
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Bernd Kuhls [Sat, 5 Jun 2021 09:08:49 +0000 (11:08 +0200)]
package/efibootmgr: fix comment
Building efibootmgr with a musl toolchain is possible.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Baruch Siach [Fri, 4 Jun 2021 07:36:00 +0000 (10:36 +0300)]
package/aircrack-ng: requires RC4 support in openssl
Enable RC4 in openssl to fix build failure when openssl is the crypto
backend of aircrack-ng.
Fixes:
http://autobuild.buildroot.net/results/
007b7d88aed3902fb8ed10ee5c0ff0dc1899756d/
http://autobuild.buildroot.net/results/
da464dd449bb950104122535eabf8a4e914d0a9e/
http://autobuild.buildroot.net/results/
d10fec8378c334e896d9e38afe00193ef747192f/
Cc: Laurent Cans <laurent.cans@gmail.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Acked-by: Laurent Cans <laurent.cans@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Baruch Siach [Fri, 4 Jun 2021 07:00:19 +0000 (10:00 +0300)]
package/libssh2: requires RIPEMD160 in openssl
Enable RIPEMD160 in openssl for libssh2 to avoid link time failure.
Fixes:
http://autobuild.buildroot.net/results/
c6e031fca123865138d18c96d895778c03b639be/
http://autobuild.buildroot.net/results/
4284098c0f29fdb7a4df9acbc23986e685c542d2/
http://autobuild.buildroot.net/results/
a457bf27dfc0029cbfc2fdbf371aad1e2efa5b83/
Cc: Matt Weber <matthew.weber@collins.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fabrice Fontaine [Fri, 4 Jun 2021 18:47:06 +0000 (20:47 +0200)]
package/dc3dd: disable on riscv32
Disable dc3dd on riscv32 because of the size of time_t (riscv32 has
never had a 32-bit time, and has always been 64-bit from the onset):
In file included from getdate.y:40:
verify.h:132:30: error: negative width in bit-field 'verify_error_if_negative_size__'
132 | (struct { unsigned int verify_error_if_negative_size__: (R) ? 1 : -1; }))
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
verify.h:138:61: note: in expansion of macro 'verify_true'
138 | # define verify(R) extern int (* verify_function__ (void)) [verify_true (R)]
| ^~~~~~~~~~~
getdate.y:116:1: note: in expansion of macro 'verify'
116 | verify (LONG_MIN <= TYPE_MINIMUM (time_t) && TYPE_MAXIMUM (time_t) <= LONG_MAX);
| ^~~~~~
Fixes:
- http://autobuild.buildroot.org/results/
267151dec9d2328a5f8c61ddf224219a4f617e5c
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fabrice Fontaine [Sun, 16 May 2021 20:28:28 +0000 (22:28 +0200)]
package/lvm2: disable parallel build
Parallel build is broken since bump to version 2.03.12 in commit
80997acd35. Commits
4526078d1b,
8a313b019c, and
a7186cd1ea tried to fix
that by only installing systemd units when appropriate.
It turns out that there are more cases where parallel build still fails:
http://autobuild.buildroot.org/results/995/
995f46ee0033e34261ba7b24b61c41e7a088602b/
>>> lvm2 2.03.12 Installing to staging directory
[...]
[INSTALL] ioctl/libdevmapper.so
[CC] dmsetup.c
/usr/bin/make -C lib install_device-mapper
[CC] dmsetup.c
[...]
[CC] dmsetup
[CC] dmsetup
/nvme/rc-buildroot-test/scripts/instance-0/output-1/host/lib/gcc/arm-buildroot-linux-gnueabihf/10.3.0/../../../../arm-buildroot-linux-gnueabihf/bin/ld: /nvme/rc-buildroot-test/scripts/instance-0/output-1/host/arm-buildroot-linux-gnueabihf/sysroot/usr/lib/Scrt1.o: in function `_start':
(.text+0x54): undefined reference to `main'
collect2: error: ld returned 1 exit status
Makefile:60: recipe for target 'dmsetup' failed
Or:
http://autobuild.buildroot.org/results/a4e/
a4ea87da502272dc2e677123b6fbcb0c23106f0b/
>>> lvm2 2.03.12 Installing to staging directory
[...]
[CC] dmsetup
/home/giuliobenetti/autobuild/run/instance-3/output-1/host/lib/gcc/arm-buildroot-linux-musleabihf/9.3.0/../../../../arm-buildroot-linux-musleabihf/bin/ld: /home/giuliobenetti/autobuild/run/instance-3/output-1/host/arm-buildroot-linux-musleabihf/sysroot/lib/Scrt1.o: in function `_start_c':
Scrt1.c:(.text._start_c+0x5c): undefined reference to `main'
collect2: error: ld returned 1 exit status
make[3]: *** [Makefile:61: dmsetup] Error 1
make[3]: Leaving directory '/home/giuliobenetti/autobuild/run/instance-3/output-1/build/lvm2-2.03.12/libdm/dm-tools'
make[2]: *** [../libdm/make.tmpl:315: dm-tools.device-mapper] Error 2
make[2]: *** Waiting for unfinished jobs....
[CC] dmsetup
[INSTALL] dmsetup
[...]
Similar traces in either case: it tries to build dmsetup twice, at
intall time instead of build time.
Fixes:
- http://autobuild.buildroot.org/results/995/
995f46ee0033e34261ba7b24b61c41e7a088602b/
- http://autobuild.buildroot.org/results/a4e/
a4ea87da502272dc2e677123b6fbcb0c23106f0b/
Note that this is just a workaround for a broken buildsystem anyway:
indeed, the build of dmsetup is done at install time, instead of build
time. More fixes should be worked on with upstream to properly fix the
issue...
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[yann.morin.1998@free.fr:
- update after the three partial fix-commits
- extend commit log accordingly
- add new upstream failures
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Adrian Perez de Castro [Wed, 26 May 2021 18:38:39 +0000 (21:38 +0300)]
package/wpewebkit: import patch to support uclibc
Import a small patch from the upstream Bugzilla which is needed to allow
building WPE WebKit against uClibc.
Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
[yann.morin.1998@free.fr: add upstream commit refs in backported patch]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Adrian Perez de Castro [Wed, 26 May 2021 18:24:16 +0000 (21:24 +0300)]
package/webkitgtk: allow building with musl and uclibc
WebKitGTK 2.32.1 includes fixes for building with the Musl libc, which
also makes it possible to use uClibc as well, therefore arrange
dependencies to allow selecting the package any of the C libraries is in
use. This is done by making the dependencies be more granular, basically
following what the wpewebkit package does.
In order to make make it build against uClibc a small patch that has
been submitted to the upstream's Bugzilla is needed.
Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
[yann.morin.1998@free.fr: add upstream commit refs in backported patch]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Giulio Benetti [Thu, 3 Jun 2021 00:58:05 +0000 (02:58 +0200)]
package/lvm2: remove endif that prevents Buildroot to use Makefiles at all
Commit [1] breaks Buildroot Makefile since a Makefile endif has been left
with no sense giving following error:
package/lvm2/lvm2.mk:61: *** extraneous 'endif'. Stop.
So let's remove that forgotten endif.
[1]: https://git.buildroot.net/buildroot/commit/?id=
8a313b019c7d7e898186a8b08f9c25ae0194fa16
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Yann E. MORIN [Fri, 21 May 2021 14:44:36 +0000 (16:44 +0200)]
package/lvm2: fix installation of systemd units
Since we bump the version in commit
80997acd3587 (package/lvm2: bump
version to 2.03.12), the installation of systemd units is no longer
functional without a full installation.
As Pascal puts it: the systemd service files don't make a whole lot of
sense when there isn't a full lvm2 install.
Move the conditional block that install system units, so that it only
occurs when we do a full installation.
Fixes;
http://autobuild.buildroot.org/results/f47/
f470ffb55625e2639cecde713442550eb532d0d7/
http://autobuild.buildroot.org/results/954/
9547929292e81671fbe3a5b4bbc87a6424edb1ca/
http://autobuild.buildroot.org/results/303/
30359c351a6ce2f9139494a531e036f0b0406ccf
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Co-Developped-by: Pascal de Bruijn <p.debruijn@unilogic.nl>
Cc: Pascal de Bruijn <p.debruijn@unilogic.nl>
Cc: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Yann E. MORIN [Fri, 21 May 2021 14:44:35 +0000 (16:44 +0200)]
package/lvm2: fix inverted logic that is confusing
Commit
ff0f55e38197 (lvm2: replace !BR2_PACKAGE_LVM2_DMSETUP_ONLY by
BR2_PACKAGE_LVM2_STANDARD_INSTALL) changed a negative-logic option to a
positive-logic option.
However, it kept the ordering of the conditional block, which became a
negatice-logic condition.
This is confusing; let's fix that.
Reported-by: Pascal de Bruijn <p.debruijn@unilogic.nl>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Bernd Kuhls [Thu, 8 Apr 2021 15:26:01 +0000 (17:26 +0200)]
package/python3: add optional support for berkeleydb
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Giulio Benetti [Thu, 20 May 2021 00:09:05 +0000 (02:09 +0200)]
package/udisks: bump to version 2.92
Bump version to 2.92 by:
- removing local patches that have been upstreamed
- adding BR2_TOOLCHAIN_HAS_SYNC_4 dependency
- adding libblockdev dependencies
- adding libmount(contained in util-linux package) dependency
- moving download site to github since it's the new upstream address
- disabling all useless udisks's build option to shrink its size and t
use it as a daemon
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Bernd Kuhls [Wed, 2 Jun 2021 15:10:34 +0000 (17:10 +0200)]
package/apache: security bump version to 2.4.48
Changelog: https://downloads.apache.org/httpd/CHANGES_2.4.48
Fixes CVE-2021-31618:
mod_http2: Fix a potential NULL pointer dereference [Ivan Zhakov]
Removed patch 0004 which is included in upstream release.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fabrice Fontaine [Wed, 2 Jun 2021 06:25:50 +0000 (08:25 +0200)]
package/iftop: fix static build
Fixes:
- http://autobuild.buildroot.org/results/
eb53ff6b031c654daec57050dec376b5c9134a81
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fabrice Fontaine [Wed, 2 Jun 2021 06:10:19 +0000 (08:10 +0200)]
package/libraw: add Libs.private to libraw.pc
Add Libs.private to libraw.pc to fix the following static build failure
with imagemagick which is raised since commit
2f47cfade4b298350d056f6d9a7525b837e2ba23:
/home/giuliobenetti/autobuild/run/instance-1/output-1/host/opt/ext-toolchain/bin/../lib/gcc/arm-buildroot-linux-uclibcgnueabi/9.3.0/../../../../arm-buildroot-linux-uclibcgnueabi/bin/ld: /home/giuliobenetti/autobuild/run/instance-1/output-1/host/bin/../arm-buildroot-linux-uclibcgnueabi/sysroot/usr/lib/libjasper.a(jpg_enc.c.o): in function `jpg_encode':
jpg_enc.c:(.text+0x1f4): undefined reference to `jpeg_stdio_dest'
Fixes:
- http://autobuild.buildroot.org/results/
88e43a1ea2059a684e50b0f5f2af407e8c6df2e1
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Baruch Siach [Thu, 27 May 2021 12:50:40 +0000 (15:50 +0300)]
package/netperf: move SITE so s.b.o
The original site is gone.
Fixes:
http://autobuild.buildroot.net/results/
8d4a2ef5a7f50ea21b844d6cf806bb83016ae17b/
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Baruch Siach [Sun, 30 May 2021 17:24:39 +0000 (20:24 +0300)]
package/libssh: openssl backend requires DES
Make sure that openssl supports DES. The libssh openssl backend depends
on DES support.
Fixes:
http://autobuild.buildroot.net/results/
faf773b9997d6504f32fe660d0d9b9c15a198aa5/
http://autobuild.buildroot.net/results/
c3ebcbb9b5ff502e7acefb8b2426bd544913d415/
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fabrice Fontaine [Tue, 1 Jun 2021 21:12:21 +0000 (23:12 +0200)]
package/gupnp: security bump to version 1.2.6
Fix CVE-2021-33516: An issue was discovered in GUPnP before 1.0.7 and
1.1.x and 1.2.x before 1.2.5. It allows DNS rebinding. A remote web
server can exploit this vulnerability to trick a victim's browser into
triggering actions against local UPnP services implemented using this
library. Depending on the affected service, this could be used for data
exfiltration, data tempering, etc.
Replace patch by upstream commit as current patch doesn't apply cleanly
https://discourse.gnome.org/t/security-relevant-releases-for-gupnp-issue-cve-2021-33516/6536
https://gitlab.gnome.org/GNOME/gupnp/-/blob/gupnp-1.2.6/NEWS
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fabrice Fontaine [Fri, 28 May 2021 06:00:23 +0000 (08:00 +0200)]
package/lttng-tools: disable tests
Disabling tests will fix the following build failures on riscv32:
select_poll_epoll.c:408:16: note: each undeclared identifier is reported only once for each function it appears in
select_poll_epoll.c: In function 'ppoll_fds_ulong_max':
select_poll_epoll.c:440:16: error: 'SYS_ppoll' undeclared (first use in this function); did you mean 'SYS_tkill'?
440 | ret = syscall(SYS_ppoll, ufds, ULONG_MAX, NULL, NULL);
| ^~~~~~~~~
| SYS_tkill
select_poll_epoll.c: In function 'pselect_invalid_fd':
select_poll_epoll.c:488:16: error: 'SYS_pselect6' undeclared (first use in this function); did you mean 'SYS_semctl'?
488 | ret = syscall(SYS_pselect6, fd + 1, &rfds, NULL, NULL, NULL, NULL);
| ^~~~~~~~~~~~
| SYS_semctl
Fixes:
- http://autobuild.buildroot.org/results/
dd39188a7191efa512a51f18f4c34d9ee711a6a7
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fabrice Fontaine [Fri, 28 May 2021 05:34:43 +0000 (07:34 +0200)]
package/vlc: disable on riscv32
vlc unconditionally uses __NR_futex resulting in the following build
failure on riscv32:
linux/thread.c:53:20: error: '__NR_futex' undeclared (first use in this function)
53 | return syscall(__NR_futex, addr, op, val, to, addr2, val3);
| ^~~~~~~~~~
A patch that fixes this was submitted upstream, but rejected [1].
Fixes:
- http://autobuild.buildroot.org/results/
be0f2243919d7a052b33118d8a901c922f8d88e7
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
[1] https://patches.videolan.org/patch/30581/
Thomas De Schampheleire [Tue, 1 Jun 2021 14:34:21 +0000 (16:34 +0200)]
utils/genrandconfig: also test BR2_ENABLE_RUNTIME_DEBUG
... similar to BR2_ENABLE_DEBUG.
Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Acked-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Thomas De Schampheleire [Tue, 1 Jun 2021 14:34:20 +0000 (16:34 +0200)]
package/pkg-meson.mk: determine 'buildtype' based on BR2_ENABLE_RUNTIME_DEBUG iso BR2_ENABLE_DEBUG
BR2_ENABLE_DEBUG should just steer the availability of debug symbols and
should have no negative effect on performance.
Introduction of 'assert' statements, 'debug'-type builds with additional
logging, etc. should be steered by BR2_ENABLE_RUNTIME_DEBUG instead.
Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Thomas De Schampheleire [Tue, 1 Jun 2021 14:34:19 +0000 (16:34 +0200)]
package/zmqpp: use BR2_ENABLE_RUNTIME_DEBUG iso BR2_ENABLE_DEBUG
BR2_ENABLE_DEBUG should just steer the availability of debug symbols and
should have no negative effect on performance.
Introduction of 'assert' statements, 'debug'-type builds with additional
logging, etc. should be steered by BR2_ENABLE_RUNTIME_DEBUG instead.
Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Thomas De Schampheleire [Tue, 1 Jun 2021 14:34:18 +0000 (16:34 +0200)]
package/zmqpp: don't set CONFIG=debug
Below are the flags set by zmqpp depending on the specified CONFIG variable:
CONFIG_FLAGS =
ifeq ($(CONFIG),debug)
CONFIG_FLAGS = -g -fno-inline -ftemplate-depth-1000
endif
ifeq ($(CONFIG),valgrind)
CONFIG_FLAGS = -g -O1 -DNO_DEBUG_LOG -DNO_TRACE_LOG
endif
ifeq ($(CONFIG),max)
CONFIG_FLAGS = -O3 -funroll-loops -ffast-math -finline-functions \
-fomit-frame-pointer -DNDEBUG
endif
ifneq (,$(findstring $(CONFIG),release loadtest))
CONFIG_FLAGS = -O3 -funroll-loops -ffast-math -finline-functions \
-fomit-frame-pointer -DNO_DEBUG_LOG -DNO_TRACE_LOG -DNDEBUG
endif
For the flags added with CONFIG=debug, '-g' is to be steered by the core
infrastructure (could be '-g1', '-g2' etc.)
The flag '-ftemplate-depth' is only a protection against incorrect code and
not really needed in Buildroot context.
Finally, the flag '-fno-inline' may be useful when really stepping through
zmqpp code, but is a very specific use case.
With the above in mind, not passing CONFIG=debug may actually be better.
Use 'CONFIG=buildroot' instead.
Note that we don't pass an empty 'CONFIG' to avoid confusion, as this
variable is also passed through to the variable BUILD_ENV, even though it is
currently unused.
Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fabrice Fontaine [Thu, 27 May 2021 21:04:02 +0000 (23:04 +0200)]
package/capnproto: fix build on riscv32
Fixes:
- http://autobuild.buildroot.org/results/
1c1cd4775241ee57d878cad5c978413d4b4a8736
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Thomas De Schampheleire [Tue, 1 Jun 2021 14:34:17 +0000 (16:34 +0200)]
package/sofia-sip: don't set 'NDEBUG' explicitly
BR2_ENABLE_DEBUG should just steer the availability of debug symbols and
should have no negative effect on performance.
Introduction of 'assert' statements, 'debug'-type builds with additional
logging, etc. should be steered by BR2_ENABLE_RUNTIME_DEBUG instead.
The sofia-sip package was setting '--enable-ndebug' conditionally based on
BR2_ENABLE_DEBUG, and this would have to be updated to be based on
BR2_ENABLE_RUNTIME_DEBUG.
However, the sofia-sip option '--enable-ndebug' only sets the 'NDEBUG'
preprocessor macro, and the core package infrastructure already sets this
macro correctly based on BR2_ENABLE_RUNTIME_DEBUG.
This means that the explicit '--enable-ndebug' flag can be removed.
Suggested-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Thomas De Schampheleire [Tue, 1 Jun 2021 14:34:16 +0000 (16:34 +0200)]
package/sofia-sip: correct passing of '--enable-ndebug'
The preprocessor option NDEBUG, triggered by the configure option
'--enable-ndebug', should be read as 'no-debug'. When NDEBUG is set, asserts
are _disabled_.
The sofia-sip package had inverted logic, and set '--enable-ndebug' when
BR2_ENABLE_DEBUG was enabled, while it should be the other way around.
Reported-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Thomas De Schampheleire [Tue, 1 Jun 2021 14:34:15 +0000 (16:34 +0200)]
package/ripgrep: use BR2_ENABLE_RUNTIME_DEBUG iso BR2_ENABLE_DEBUG
BR2_ENABLE_DEBUG should just steer the availability of debug symbols and
should have no negative effect on performance.
Introduction of 'assert' statements, 'debug'-type builds with additional
logging, etc. should be steered by BR2_ENABLE_RUNTIME_DEBUG instead.
Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Acked-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Thomas De Schampheleire [Tue, 1 Jun 2021 14:34:14 +0000 (16:34 +0200)]
package/qt5: use BR2_ENABLE_RUNTIME_DEBUG iso BR2_ENABLE_DEBUG
BR2_ENABLE_DEBUG should just steer the availability of debug symbols and
should have no negative effect on performance.
Introduction of 'assert' statements, 'debug'-type builds with additional
logging, etc. should be steered by BR2_ENABLE_RUNTIME_DEBUG instead.
Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Acked-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Thomas De Schampheleire [Tue, 1 Jun 2021 14:34:13 +0000 (16:34 +0200)]
package/oracle-mysql: use BR2_ENABLE_RUNTIME_DEBUG iso BR2_ENABLE_DEBUG
BR2_ENABLE_DEBUG should just steer the availability of debug symbols and
should have no negative effect on performance.
Introduction of 'assert' statements, 'debug'-type builds with additional
logging, etc. should be steered by BR2_ENABLE_RUNTIME_DEBUG instead.
Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Acked-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Thomas De Schampheleire [Tue, 1 Jun 2021 14:34:12 +0000 (16:34 +0200)]
package/boost: use BR2_ENABLE_RUNTIME_DEBUG iso BR2_ENABLE_DEBUG
BR2_ENABLE_DEBUG should just steer the availability of debug symbols and
should have no negative effect on performance.
Introduction of 'assert' statements, 'debug'-type builds with additional
logging, etc. should be steered by BR2_ENABLE_RUNTIME_DEBUG instead.
Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Thomas De Schampheleire [Tue, 1 Jun 2021 14:34:11 +0000 (16:34 +0200)]
package/sysrepo: remove explicit setting of CMAKE_BUILD_TYPE
sysrepo explicitly sets CMAKE_BUILD_TYPE=Release, ignoring any possible
value of BR2_ENABLE_DEBUG (previously) or BR2_ENABLE_RUNTIME_DEBUG (now).
With the introduction of BR2_ENABLE_RUNTIME_DEBUG, this change should no
longer be necessary. Users that do not wish to have additional runtime
debugging just keep BR2_ENABLE_RUNTIME_DEBUG disabled (default value).
As the 'Debug' build type enables tests, disable them explicitly.
As the 'Debug' build type uses a custom REPO_PATH which does not exist on
target, force /etc/sysrepo like in the 'Release' build type.
Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Acked-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Acked-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Thomas De Schampheleire [Tue, 1 Jun 2021 14:34:10 +0000 (16:34 +0200)]
package/sysrepo: use default CMAKE_BUILD_TYPE for host package
Use the default build type for host-sysrepo.
In the current version of sysrepo, this happens to be 'Debug'.
As 'Debug' also enables tests, explicitly disable them.
Suggested-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Acked-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Acked-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Thomas De Schampheleire [Tue, 1 Jun 2021 14:34:09 +0000 (16:34 +0200)]
package/flare-engine: disable effect of CMAKE_BUILD_TYPE
flare-engine enables profiling when CMAKE_BUILD_TYPE is 'Debug'. The
Buildroot package explicitly avoided that by forcing CMAKE_BUILD_TYPE to
'RelWithDebInfo' when pkg-cmake.mk would normally set it to 'Debug'. Until
recently, this was the case when BR2_ENABLE_DEBUG was enabled.
A previous commit changed the condition under which CMAKE_BUILD_TYPE=Debug
was set, from BR2_ENABLE_DEBUG=y to BR2_ENABLE_RUNTIME_DEBUG=y, so logically
the flare-engine package would have to be updated accordingly.
However, apart from the profiling flag, the flare-engine package only uses
CMAKE_BUILD_TYPE to determine flags that Buildroot wants to control itself,
like optimization and debugging flags.
This means we can fake CMAKE_BUILD_TYPE to a value that has no meaning for
flare-engine itself, without needing to check BR2_ENABLE_DEBUG nor
BR2_ENABLE_RUNTIME_DEBUG.
Incidentally, this trick was already done in case
BR2_TOOLCHAIN_HAS_GCC_BUG_85180 was true, so move that line out of this
condition.
Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Thomas De Schampheleire [Tue, 1 Jun 2021 14:34:08 +0000 (16:34 +0200)]
package/pkg-cmake.mk: determine CMAKE_BUILD_TYPE depending on BR2_ENABLE_RUNTIME_DEBUG
The CMAKE_BUILD_TYPE is currently set as 'Debug' in case BR2_ENABLE_DEBUG is
set, and as 'Release' in other cases. However, while the description of
BR2_ENABLE_DEBUG is to enable debug symbols (no runtime impact), the 'Debug'
build type in CMake can actually have runtime impact. For one, because it
does not set -DNDEBUG like is done for 'Release', but also because packages
may do custom things based on it.
The question of which CMAKE_BUILD_TYPE Buildroot should set, be it 'Debug',
'Release', 'RelWithDebInfo' or others, has come up several times in the
past. See some references below:
- July 2016: switch from Debug to RelWithDebInfo:
https://git.buildroot.org/buildroot/commit/?id=
4b0120183404913f7f7788ef4f0f6b51498ef363
- October 2016: switch from RelWithDebInfo back to Debug:
https://git.buildroot.org/buildroot/commit/?id=
104bb29e0490bfb487e2e665448dd3ca07fcc2b5
and changes to make sure Buildroot's flags are respected:
https://git.buildroot.org/buildroot/commit/?id=
12494ef48f893684d0800e7f6fe39a2ceaed0451
- August 2017: bug #10246 - "BR2_ENABLE_DEBUG does not have the expected
effect for cmake packages"
https://bugs.busybox.net/show_bug.cgi?id=10246
- August 2017: mail thread following bug #10246:
http://lists.busybox.net/pipermail/buildroot/2017-August/200778.html
In the last mail thread, Samuel Martin confirmed that the 'Release' build
type could be used in all cases, because Buildroot is actually making sure
that the optimization flags are those determined by Buildroot, not the
defaults of cmake, thanks to commit
12494ef48f.
But Arnout Vandecappelle objected to using always 'Release', stating that
users may actually want the extra assertions.
With the introduction of BR2_ENABLE_RUNTIME_DEBUG, Buildroot can now cater
for all cases:
- use CMAKE_BUILD_TYPE=Release by default. This makes sure that there is no
unexpected performance degradation triggered by enabling BR2_ENABLE_DEBUG.
- users can optionally enable BR2_ENABLE_RUNTIME_DEBUG if they want runtime
debug info like assertions, at the risk of introducing performance
degradation. In this case, we switch to CMAKE_BUILD_TYPE=Debug.
- orthogonally to the above, BR2_ENABLE_DEBUG still determines passing the
'-g' flag to enable debug symbols, and BR2_OPTIMIZE_X still determines the
used optimization flags.
Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Acked-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Reviewed-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Thomas De Schampheleire [Tue, 1 Jun 2021 14:34:07 +0000 (16:34 +0200)]
core: enable 'NDEBUG' unless BR2_ENABLE_RUNTIME_DEBUG is set
The 'assert' statement in glibc honors the 'NDEBUG' preprocessor macro: if
it is set, then the assert statement is compiled away.
Define this 'NDEBUG' macro when BR2_ENABLE_RUNTIME_DEBUG is disabled (the
default case).
Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Reviewed-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Thomas De Schampheleire [Tue, 1 Jun 2021 14:34:06 +0000 (16:34 +0200)]
core: introduce BR2_ENABLE_RUNTIME_DEBUG
Some packages have optional runtime assertions, extra traces, or other
elements that can help in debugging problems. However, such runtime elements
can negatively influence performance.
In a test program performing 100K gRPC calls from a client to a local server
and receiving the returned response, we see following execution time:
- runtime debug enabled: 1065 seconds
- runtime debug disabled: 48 seconds
This is more than a factor 20 (!) difference. Analysis shows that the
problem mostly stems from libabseil-cpp (a dependency of gRPC) which enables
mutex deadlock analysis when the preprocessor flag 'NDEBUG' is not set,
which adds a 'backtrace()' call on every lock/unlock. Potentially worse,
when libunwind is enabled and linked with the test program, 'backtrace()' is
not provided by glibc but by libunwind itself.
For production systems, users expect good performance out-of-the-box. In the
example above, the difference is huge and unless explicitly tested and
analyzed, users may not realize that the performance could be much better.
Address this problem by introducing a new option BR2_ENABLE_RUNTIME_DEBUG,
which can be used by packages or package infrastructures to set the
necessary flags.
Note that BR2_ENABLE_RUNTIME_DEBUG is orthogonal to BR2_ENABLE_DEBUG: the
former changes runtime behavior, while the latter is only expected to add
debug symbols to the build. Today, the cmake build system does introduce a
runtime impact when BR2_ENABLE_DEBUG is set, but that will be rectified in a
subsequent commit.
Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Acked-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Reviewed-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fabrice Fontaine [Thu, 27 May 2021 20:54:15 +0000 (22:54 +0200)]
package/directfb: disable on riscv32
directfb unconditionally uses __NR_futex which will raise the following
build failure on riscv32:
system.c:242:21: error: '__NR_futex' undeclared (first use in this function)
242 | ret = syscall( __NR_futex, uaddr, op, val, timeout, uaddr2, val3 );
| ^~~~~~~~~~
Fixes:
- http://autobuild.buildroot.org/results/
c0f4168575fa85af933539441eea95a3b10dac91
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fabrice Fontaine [Thu, 27 May 2021 20:49:04 +0000 (22:49 +0200)]
package/libkcapi: fix build on riscv32
Fix the following build failure on riscv32:
lib/internal.h:331:20: error: '__NR_io_getevents' undeclared (first use in this function); did you mean 'io_getevents'?
331 | return syscall(__NR_io_getevents, ctx, min, max, events, timeout);
| ^~~~~~~~~~~~~~
Fixes:
- http://autobuild.buildroot.org/results/
c828d4330a8888fe8db4299dc2f20759947f329f
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fabrice Fontaine [Thu, 27 May 2021 20:19:04 +0000 (22:19 +0200)]
package/unscd: disable on riscv32
unscd unconditionally uses __NR_clock_gettime which will raise the
following build failure on riscv32:
nscd-0.54.c:339:14: error: '__NR_clock_gettime' undeclared (first use in this function); did you mean 'clock_gettime'?
339 | if (syscall(__NR_clock_gettime, CLOCK_MONOTONIC, &ts))
| ^~~~~~~~~~~~~~~~~~
| clock_gettime
Fixes:
- http://autobuild.buildroot.org/results/
eb77b18f268d8e59c407f757662117a33d3f9ee3
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fabrice Fontaine [Thu, 27 May 2021 20:03:54 +0000 (22:03 +0200)]
package/libcamera: fix build on sparc v8
Fix build failure with sparc v8 which is raised since commit
bd9b7b092cf34dc065a4b40268c18a9fe319f5e4 due to
https://git.linuxtv.org/libcamera.git/commit/?id=
a8310248fc26cc1e1b791af5e9394c1d20bee269
Fixes:
- http://autobuild.buildroot.org/results/
d0726b2253f1f3d006e057f3b32c646c4b9b5f7a
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fabrice Fontaine [Thu, 27 May 2021 18:49:21 +0000 (20:49 +0200)]
package/uftrace: needs dynamic library
Since its addition in commit
09c97972d9f90b69cfc36f9ffe9e22c13daf9307,
uftrace always builds a dynamic library which will raise the following
build failure:
LINK libmcount/libmcount.so
.../ld: .../crtbeginT.o: relocation R_X86_64_32 against hidden symbol `__TMC_END__' can not be used when making a shared object
Fixes:
- http://autobuild.buildroot.org/results/
980bb38c6417bd48828379677762382030c5b28a
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Baruch Siach [Thu, 27 May 2021 12:42:20 +0000 (15:42 +0300)]
package/libesmtp: move SITE to s.b.n
The original site is gone, and the author is no longer providing
tarballs:
https://libesmtp.github.io/notes.html
Change website link to the current official page.
Fixes:
http://autobuild.buildroot.net/results/
d788315bf708c31e14ba5fb35dccf94753d5f78a/
http://autobuild.buildroot.net/results/
83bfdd8e5f897b4d4be81c4c16106feb4e17bd50/
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Bernd Kuhls [Sun, 30 May 2021 05:58:19 +0000 (07:58 +0200)]
DEVELOPERS: add Bernd Kuhls for intel-mediasdk & deps
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fabrice Fontaine [Sun, 30 May 2021 08:14:04 +0000 (10:14 +0200)]
package/libcutl: fix build with gcc 11
Add -std=c++11 to fix the following build failure with gcc 11:
In file included from shared-ptr/base.cxx:5:
../cutl/shared-ptr/base.hxx:34:41: error: ISO C++17 does not allow dynamic exception specifications
34 | operator new (std::size_t, cutl::share) throw (std::bad_alloc);
| ^~~~~
Fixes:
- http://autobuild.buildroot.org/results/
60a39d402a0d051c92aa11421b7a14f7729a0380
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Heiko Thiery [Tue, 1 Jun 2021 11:15:52 +0000 (13:15 +0200)]
package/i2c-tools: add I2C_TOOLS_CPE_ID_VENDOR
cpe:2.3:a:i2c-tools_project:i2c-tools is a valid CPE identifier for this
package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Ai2c-tools_project%3Ai2c-tools
Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Romain Naour [Tue, 1 Jun 2021 19:16:16 +0000 (21:16 +0200)]
uclibc: powerpc: fix PIE/PIC builds with secureplt enabled by default
Apply the fix provided by Yann Sionneau when secureplt is enabled
by default by gcc compiler along with PIE/PIC options.
"For the secure PLT to work in PIC, the r30 register needs to point to the GOT"
Fixes:
[qemu_ppc_e500mc_defconfig] https://gitlab.com/buildroot.org/buildroot/-/jobs/
1255661606
[qemu_ppc_g3beige_defconfig] https://gitlab.com/buildroot.org/buildroot/-/jobs/
1255661607
[qemu_ppc_mac99_defconfig] https://gitlab.com/buildroot.org/buildroot/-/jobs/
1255661609
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Yann Sionneau <yann@sionneau.net>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Romain Naour [Tue, 1 Jun 2021 19:00:21 +0000 (21:00 +0200)]
Config.in: disable PIC/PIE for Nios2
Recently in Buildroot the option BR2_PIC_PIE has been enabled by default along
with other hardening features [1]. Since then the nios2 defconfig
qemu_nios2_10m50_defconfig is failing to boot due to a segfault in init program:
Run /init as init process
with arguments:
/init
with environment:
HOME=/
TERM=linux
Failed to execute /init (error -12)
See Buildroot build log and Qemu runtime test log in build artifacts [2].
Analyzing one of the binary with strace show that the problem occur
very early when starting the new process:
# strace ./busybox
execve("./busybox", ["./busybox"], 0x7f91ce90 /* 10 vars */) = -1 ENOMEM
(Cannot allocate memory)
+++ killed by SIGSEGV +++
Several binutils/glibc/gcc version has been tested without any success.
The issue has been reported to the glibc mailing list but it can be a linker
or kernel bug [3].
For the Buildroot 2021.05 release, disable BR2_PIC_PIE until the problem is
found and fixed.
Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/
1285145889
[1] https://git.buildroot.net/buildroot/commit/?id=
810ba387bec3c5b6904e8893fb4cb6f9d3717466
[2] https://gitlab.com/buildroot.org/buildroot/-/jobs/
1285145889
[3] https://sourceware.org/pipermail/libc-alpha/2021-May/126912.html
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Sam Voss [Tue, 1 Jun 2021 18:09:14 +0000 (13:09 -0500)]
package/hostapd: add upstream patch to fix CVE-2021-27803
Fixes the following:
- CVE-2021-27803: A vulnerability was discovered in how p2p/p2p_pd.c in
wpa_supplicant before 2.10 processes P2P (Wi-Fi Direct) provision
discovery requests. It could result in denial of service or other impact
(potentially execution of arbitrary code), for an attacker within radio
range.
Signed-off-by: Sam Voss <sam.voss@collins.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Peter Korsgaard [Mon, 31 May 2021 21:29:41 +0000 (23:29 +0200)]
Update for 2021.05-rc3
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Peter Korsgaard [Sun, 30 May 2021 08:44:57 +0000 (10:44 +0200)]
package/dhcp: security bump to version 4.4.2-P1
Fixes the following security issue:
- CVE-2021-25217: A buffer overrun in lease file parsing code can be used to
exploit a common vulnerability shared by dhcpd and dhclient
For details, see the advisory:
https://kb.isc.org/docs/cve-2021-25217
Update the LICENSE hash for a change of copyright years.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Yann E. MORIN [Sat, 22 May 2021 19:40:56 +0000 (21:40 +0200)]
docs: move the IRC channel away from Freenode
Due to the recent events at Frenode [0], the channel has become a bit
unreliable (much spammed), and users have started to move away already,
as quite a few other projects have moved their IRC presence away from
Freenode.
There are a few alternatives. The first to spring to mind, is the new
Libera.Chat network [1], managed by the previous Freenode staff, so we
could expect quite a good experience there. However, it is a very young
network. The second well known alternative is the long-established OFTC,
which has been very reliable in its 20 years of existence.
So, let's move to OFTC, just because it has a track-record of robustness
(which Libera.Chat still has to build, for being young).
Note: there are a lot of other IRC networks, some very good too, but we
probably would be much off-topic on most of them.
[0] https://lwn.net/Articles/856543/
[1] https://libera.chat/
[2] https://www.oftc.net/
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Peter Korsgaard <peter@korsgaard.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Acked-by: Matthew Weber <matthew.weber@collins.com>
Acked-by: Heiko Thiery <heiko.thiery@gmail.com>
Acked-By: Vincent Fazio <vfazio@xes-inc.com>
Acked-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fabrice Fontaine [Sat, 29 May 2021 17:48:46 +0000 (19:48 +0200)]
package/strace: xtensa needs headers >= 5.0
xtensa support needs user_pt_regs since version 5.6 and
https://github.com/strace/strace/commit/
2429c69961e2598902bded9c02dd601b362b66b4
However user_pt_regs is only available since kernel 5.0 and
https://github.com/torvalds/linux/commit/
06fbac8e8971f2fa526e189304dd95ee62f39dbe
Fixes:
- http://autobuild.buildroot.org/results/
c6c4fb3b9098c5fc5dbe4415e2a9757fc775b746
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fabrice Fontaine [Sat, 29 May 2021 08:48:36 +0000 (10:48 +0200)]
package/pkg-meson: always set b_pie to false
pipewire unconditionally enables b_pie since version 0.3.20 and
https://gitlab.freedesktop.org/pipewire/pipewire/-/commit/
abe73c9146cd223b40b22581b1fd58bc044c671e
which will raise the following build failure on m68k since commit
a6d88d3ba5e30e11f4d726f341bc56c1be7c71c9:
/srv/storage/autobuild/run/instance-1/output-1/host/opt/ext-toolchain/bin/../lib/gcc/m68k-buildroot-linux-uclibc/9.3.0/../../../../m68k-buildroot-linux-uclibc/bin/ld: /srv/storage/autobuild/run/instance-1/output-1/host/m68k-buildroot-linux-uclibc/sysroot/usr/lib/Scrt1.o: in function `lib_main':
(.text+0x4): undefined reference to `__shared_flat_add_library'
To fix this build failure, always set b_pie to false as PIE will be
enabled by toolchain/toolchain-wrapper.mk if needed
Fixes:
- http://autobuild.buildroot.org/results/
c258a2736661af8ea73abeda2503d8682e65f1e2
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Yann E. MORIN [Sat, 29 May 2021 09:16:35 +0000 (11:16 +0200)]
Revert "package/pkg-meson: handle b_pie"
This reverts commit
a8a147f6046f9d11d4685ddfa5c2a6a01f4d7219.
That commit incorrectly made use of BR2_TOOLCHAIN_SUPPORTS_PIE, when it
should have been using BR2_PIC_PIE.
Besides, another attempt is pending, that unconditionally disables it as
it will be set by the toolchain wrapper already.
For both reasons, revert rather than switch over to BR2_PIC_PIE.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fabrice Fontaine [Fri, 28 May 2021 19:17:48 +0000 (21:17 +0200)]
package/pkg-meson: handle b_pie
pipewire unconditionally enables b_pie since version 0.3.20 and
https://gitlab.freedesktop.org/pipewire/pipewire/-/commit/
abe73c9146cd223b40b22581b1fd58bc044c671e
which will raise the following build failure on m68k since commit
a6d88d3ba5e30e11f4d726f341bc56c1be7c71c9:
/srv/storage/autobuild/run/instance-1/output-1/host/opt/ext-toolchain/bin/../lib/gcc/m68k-buildroot-linux-uclibc/9.3.0/../../../../m68k-buildroot-linux-uclibc/bin/ld: /srv/storage/autobuild/run/instance-1/output-1/host/m68k-buildroot-linux-uclibc/sysroot/usr/lib/Scrt1.o: in function `lib_main':
(.text+0x4): undefined reference to `__shared_flat_add_library'
Fixes:
- http://autobuild.buildroot.org/results/
c258a2736661af8ea73abeda2503d8682e65f1e2
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fabrice Fontaine [Fri, 28 May 2021 20:15:28 +0000 (22:15 +0200)]
package/pipewire: alsa needs ucm
alsa unconditionally uses ucm since version 0.3.7 and
https://gitlab.freedesktop.org/pipewire/pipewire/-/commit/
1612f5e4d215bd5edf7d649d220b53ff1ed7c098
which will result in the following build failure since commit
a6d88d3ba5e30e11f4d726f341bc56c1be7c71c9:
../spa/plugins/alsa/acp/alsa-ucm.h:26:10: fatal error: alsa/use-case.h: No such file or directory
26 | #include <alsa/use-case.h>
| ^~~~~~~~~~~~~~~~~
Fixes:
- http://autobuild.buildroot.org/results/
ef53534daf84397b4e22392f2a6be2c335819ab5
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Peter Korsgaard [Fri, 28 May 2021 09:23:13 +0000 (11:23 +0200)]
package/nginx: add upstream CVE-2021-23017 security fix
Fixes the following vulnerability:
- CVE-2021-23017: 1-byte memory overwrite in resolver
For more details, see the advisories:
https://mailman.nginx.org/pipermail/nginx-announce/2021/000300.html
https://www.openwall.com/lists/oss-security/2021/05/25/5
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
[yann.morin.1998@free.fr: annotate the patch, that it is a backport]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Peter Korsgaard [Thu, 27 May 2021 21:35:31 +0000 (23:35 +0200)]
package/libcurl: security bump to version 7.77.0
Fixes the following security issues:
- CVE-2021-22897: schannel cipher selection surprise
https://curl.se/docs/CVE-2021-22897.html
- CVE-2021-22898: TELNET stack contents disclosure
https://curl.se/docs/CVE-2021-22898.html
- CVE-2021-22901: TLS session caching disaster
https://curl.se/docs/CVE-2021-22901.html
Unconditionally disable the ldap(s) options. These require external
libraries, but the options were ignored if the needed libraries weren't
available. This is now changed to be a fatal error since
https://github.com/curl/curl/commit/
dae382a1a1481a94b708c82d5aa9fa7253084160
Additionally, add a post-7.77.0 upstream patch to fix compilation with
bearssl.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
[yann.morin.1998@free.fr: annotate the patch, that it is a backport]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Peter Korsgaard [Thu, 27 May 2021 21:41:23 +0000 (23:41 +0200)]
docs/website: update for 2021.05-rc2
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>