buildroot.git
8 years agopackage/asterisk: add optional neon dependency
Yann E. MORIN [Sat, 9 Sep 2017 21:39:14 +0000 (23:39 +0200)]
package/asterisk: add optional neon dependency

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
8 years agopackage/asterisk: add optional alsa-lib dependency
Yann E. MORIN [Sat, 9 Sep 2017 21:39:12 +0000 (23:39 +0200)]
package/asterisk: add optional alsa-lib dependency

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
8 years agopackage/asterisk: add optional support for openssl
Yann E. MORIN [Sat, 9 Sep 2017 21:39:11 +0000 (23:39 +0200)]
package/asterisk: add optional support for openssl

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
8 years agopackage/asterisk: add optional zlib dependency
Yann E. MORIN [Sat, 9 Sep 2017 21:39:10 +0000 (23:39 +0200)]
package/asterisk: add optional zlib dependency

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
8 years agopackage/asterisk: add optional libgsm dependency
Yann E. MORIN [Sat, 9 Sep 2017 21:39:09 +0000 (23:39 +0200)]
package/asterisk: add optional libgsm dependency

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
8 years agopackage/asterisk: enable backtrace when available
Yann E. MORIN [Sat, 9 Sep 2017 21:39:08 +0000 (23:39 +0200)]
package/asterisk: enable backtrace when available

asterisk uses backtrace() from execinfo.h to print beuatiful backtraces
when it fails. But execinfo is only reliably available with glibc, while
it is optionbal in uClibc and completely missing in musl.

So, only enable backtrace support for glibc toolchains.

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
8 years agopackage/asterisk: new package
Yann E. MORIN [Sat, 9 Sep 2017 21:39:07 +0000 (23:39 +0200)]
package/asterisk: new package

Asterisk: the flagship of telephony on Linux. These are the lines of
code whose continuous mission is to power small and large enterprises
telephony systems, to boldly provide IP PBX where no one has done so
before.

But it is a hell to get compiled... :-(

For starters, it needs a host tool, menuselect, to prepare its build
configuration. Unfortunately, the way it handles menuselect does not
apply very well for cross-compilation: the main ./configure calls out to
menuselect's own ./configure, and of course that runs with the same
environement, which is wrong for cross-compilation (because of variables
like CC, CFLAGS and the likes).

Furthermore, the paths to menuselect are imbricated about everywhere in
the main Makefile, so making it find menuselect in PATH is a lost cause.

Instead, we just patch-out the handling of menuselect, build it as the
host variant and copy it in place.

Now, asterisk wants to install a default set of sound files (for
answering machine stuff, I guess). They come come pre-bundled in the
official archive [0], but the buildsystem will want to download (at
install time) the sha1 files for each sound archive, to validate that
said archive is correct. However, the download is done via plain http,
so it still risks an MITM attack. And for Buildroot, it is not always
possible to download at install time, so we patch-out the sha1 check.

[0] http://downloads.asterisk.org/pub/telephony/asterisk/releases/

The official archive contains the sound archives plus a full set of
documentation. This makes it very big. Unfortunately, the hosting site
is rather slow, topping at about ~204kbps. So we get the archive from
the official mirror on Github. But that archive is missing the sound
archives, so we download them separately.

Some tests, like the crypt() one, are broken and could not have ever
possibly worked at all. Worse, the FFmpeg test is looking for headers
that FFmpeg removed more than 10 years ago and are virtually no longer
available in any distro. So, FFmpeg support is definitely not tested
by upstream and can't possibly work at all. Finally, trying to run
test-code does not work in cross-compilation.

As a final stroke of genius, asterisk checks for the re-entrant variant
of res_ninit(), and concludes that all such functions are available,
including res_nsearch(). Uclibc-ng has the former but not the latter, so
the build fails. Since there is no cache variable for that check, we
can't pre-feed that result to configure, and fixing it is a bigger
endeavour.  So we make asterisk depend on glibc for now, until someone
is brave enough to fix it.

Almost all features are disabled for now. Support for additional
features will be added in subsequent patches now that we have a working
base.

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Romain Naour <romain.naour@openwide.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
[Arnout:
 - make libilbc a mandatory dependency instead of using the bundled one;
 - add license, license files, and license file hashes;
 - minor spelling corrections;
 - remove redundant trailing backslash reported by check-package;
 - rewrap help text to 72 columns instead of 68]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
fixup

8 years agoopenjpeg: Fix malloc poison issue
Olivier Schonken [Fri, 8 Sep 2017 07:52:17 +0000 (09:52 +0200)]
openjpeg: Fix malloc poison issue

The malloc poison issue has been fixed upstream, this patch will thus only
be temporary.

Fixes the following autobuild issues

       sparc | http://autobuild.buildroot.net/results/c1b7a316ca2a4db49023f304dbc7fd5fed05bd9d
        bfin | http://autobuild.buildroot.net/results/031ece7a72e76a9155938cb283de859bd12a8171
         sh4 | http://autobuild.buildroot.net/results/88664451f71c12ccd94e874d408fbb680bea1695
      xtensa | http://autobuild.buildroot.net/results/fbede64a5a86d4868b6da0ab1275e75803235af0
     powerpc | http://autobuild.buildroot.net/results/6c641650509048039b18fbeb010dbca0f0fc5292
microblazeel | http://autobuild.buildroot.net/results/fa2d5272b2db73cbfa441ead9250157c5626ab15
    mips64el | http://autobuild.buildroot.net/results/fc96f6628f71e05d9a74e0e13e50178d29a2c495
         sh4 | http://autobuild.buildroot.net/results/a6d6a6dcb9b4fa250edaaf5935762c5820457b23
      x86_64 | http://autobuild.buildroot.net/results/47b4ca2cc661582d86830b9353a6c8af86e4ba35
         arc | http://autobuild.buildroot.net/results/08e2e4eca6c3dbde8116a649dbf46e52ded45d10
         arc | http://autobuild.buildroot.net/results/899fa044aab7ee28acfa71544f2105da4a5c97d5
         arm | http://autobuild.buildroot.net/results/6016f6885b21d6e8c6199a6833c7acce6210ecc6
         arm | http://autobuild.buildroot.net/results/adbb3c76497e89161535c711de98809a0fa168a7
        or1k | http://autobuild.buildroot.net/results/de3ef69a72d2c2082e202fbed702c53a51274fef
    mips64el | http://autobuild.buildroot.net/results/39b186b13001a810e0992b52321f1015b445d2fd
      x86_64 | http://autobuild.buildroot.net/results/22c6a29a1ded6aedf01adfdfcf26302248dba80c
         arm | http://autobuild.buildroot.net/results/b62c54b727eb5f576c4a517a69c495b537c3b69a
        m68k | http://autobuild.buildroot.net/results/a826561c5786be5f0088b50b633210593e23ffff
         arm | http://autobuild.buildroot.net/results/d32ec927a5e4d5644cb3641014bcf6ebe5c14490

Signed-off-by: Olivier Schonken <olivier.schonken@gmail.com>
Tested-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
8 years agopackage/olsr: bump version to 0.9.6.1
Bernd Kuhls [Thu, 14 Sep 2017 14:23:55 +0000 (16:23 +0200)]
package/olsr: bump version to 0.9.6.1

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
8 years agopackage/ofono: bump version to 1.20
Bernd Kuhls [Thu, 14 Sep 2017 14:07:52 +0000 (16:07 +0200)]
package/ofono: bump version to 1.20

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
8 years agopackage/ocrad: bump version to 0.26
Bernd Kuhls [Thu, 14 Sep 2017 14:00:01 +0000 (16:00 +0200)]
package/ocrad: bump version to 0.26

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
8 years agopython-aiocoap: new package
Yegor Yefremov [Wed, 13 Sep 2017 14:18:59 +0000 (16:18 +0200)]
python-aiocoap: new package

Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
8 years agompd: remove version 0.19
Jörg Krause [Wed, 13 Sep 2017 20:54:36 +0000 (22:54 +0200)]
mpd: remove version 0.19

MPD version 0.20 is affected by GCC bug 64735 and failes to build for
some archictuctures (NIOSII, ARMv4, ARMv5 and SPARCv8) with a GCC
toolchain less then version 7.

We added a version choice between 0.19 and 0.20 in Buildroot version
2017.02 as GCC 7 was not yet available at that time. This way, mpd could
still be build for those architectures.

As GCC 7 is now available in Buildroot remove the version choice for 0.19.

Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
8 years agompd: bump to version 0.20.10
Jörg Krause [Wed, 13 Sep 2017 20:52:36 +0000 (22:52 +0200)]
mpd: bump to version 0.20.10

Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
8 years agopackage/nss-pam-ldapd: bump version to 0.9.8
Bernd Kuhls [Wed, 13 Sep 2017 14:27:02 +0000 (16:27 +0200)]
package/nss-pam-ldapd: bump version to 0.9.8

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
8 years agopackage/nodm: bump version to 0.13
Bernd Kuhls [Wed, 13 Sep 2017 14:21:53 +0000 (16:21 +0200)]
package/nodm: bump version to 0.13

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
8 years agobind: use http:// instead of ftp:// for site
Peter Korsgaard [Wed, 13 Sep 2017 13:01:15 +0000 (15:01 +0200)]
bind: use http:// instead of ftp:// for site

To avoid issues with firewalls blocking ftp.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
8 years agobind: bump to version 9.11.2
Peter Korsgaard [Wed, 13 Sep 2017 13:01:14 +0000 (15:01 +0200)]
bind: bump to version 9.11.2

Adds support for the new ICANN DNSSEC root key for the upcoming KSK rollover
(Oct 11):

https://www.icann.org/resources/pages/ksk-rollover

For more details, see the release notes:
https://kb.isc.org/article/AA-01522

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
8 years agopackage/ninja: bump version to 1.8.2
Bernd Kuhls [Wed, 13 Sep 2017 12:52:38 +0000 (14:52 +0200)]
package/ninja: bump version to 1.8.2

Changelog:
https://groups.google.com/forum/#!topic/ninja-build/Xt3NdAA0KQU/discussion

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
8 years agopackage/newt: bump version to 0.52.20
Bernd Kuhls [Wed, 13 Sep 2017 11:32:50 +0000 (13:32 +0200)]
package/newt: bump version to 0.52.20

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
8 years agopackage/net-tools: bump version
Bernd Kuhls [Wed, 13 Sep 2017 10:56:52 +0000 (12:56 +0200)]
package/net-tools: bump version

Removed patch, not needed anymore after upstream commits
https://sourceforge.net/p/net-tools/code/ci/ea3935bd7c0f36c86c40e5785326698fa3336c6a/
https://sourceforge.net/p/net-tools/code/ci/45d573a89386c934d3ebac499d00c1670437813b/

Added sha256 hash.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
8 years agopackage/openswan: bump version to 2.6.50
Bernd Kuhls [Sat, 16 Sep 2017 16:57:38 +0000 (18:57 +0200)]
package/openswan: bump version to 2.6.50

Removed patch applied upstream:
https://github.com/xelerance/Openswan/commit/0d78578d7f64c433324aa83248d11bd38f91c971

Switched _SITE to https.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
8 years agopackage/omniorb: bump version to 4.2.2
Bernd Kuhls [Sat, 16 Sep 2017 16:53:27 +0000 (18:53 +0200)]
package/omniorb: bump version to 4.2.2

Removed patch after upstream committed a different solution:
https://sourceforge.net/p/omniorb/svn/6330/

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
8 years agopackage/openntpd: bump version to 6.2p2
Bernd Kuhls [Sat, 16 Sep 2017 14:26:47 +0000 (16:26 +0200)]
package/openntpd: bump version to 6.2p2

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
8 years agoconfigs/qemu_arm_versatile: bump kernel to 4.13.3
Peter Korsgaard [Fri, 22 Sep 2017 09:08:38 +0000 (11:08 +0200)]
configs/qemu_arm_versatile: bump kernel to 4.13.3

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
8 years agoAdded support for Sinovoip BananaPi M2 Plus board.
Mike Harmony [Fri, 22 Sep 2017 14:59:46 +0000 (10:59 -0400)]
Added support for Sinovoip BananaPi M2 Plus board.

[Peter: board is from Sinovoip, not Lemaker, move board files,
Use kernel headers from kernel, explicitly use 4.13.3,
drop eth0 dhcp config, cleanup post-build args,
disable tar output format, use u-boot custom format,
add host-dosfstools/mtools for genimage, drop unused
host-uboot-tools/genext2fs]
Signed-off-by: Mike Harmony <mike.harmony@snapav.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
8 years agolibupnpp: bump to version 0.16.0
Jörg Krause [Thu, 21 Sep 2017 07:29:15 +0000 (09:29 +0200)]
libupnpp: bump to version 0.16.0

Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
8 years agomongoose: don't install to target
Peter Korsgaard [Thu, 21 Sep 2017 21:21:39 +0000 (23:21 +0200)]
mongoose: don't install to target

Only a static library is built (and no _INSTALL_TARGET_CMDS are defined), so
there is no need to run the target-install step.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
8 years agomongoose: correct openssl define
Peter Korsgaard [Thu, 21 Sep 2017 21:21:38 +0000 (23:21 +0200)]
mongoose: correct openssl define

NS_ENABLE_SSL was renamed to MG_ENABLE_SSL in v6.0, commit e1dd3f06fe33
(Rename Mongoose constants: NS_ -> MG_, NSF_ -> MG_F_), so use the new name
instead.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
8 years agomongoose: drop unused openssl linker flags
Peter Korsgaard [Thu, 21 Sep 2017 21:21:37 +0000 (23:21 +0200)]
mongoose: drop unused openssl linker flags

No linking is done since the package was reworked for v6.x in commit
9860746ff (mongoose: bump to version 6.1), so drop LDFLAGS and the list of
libraries to link against.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
8 years agomongoose: drop unused MONGOOSE_NO_DL define
Peter Korsgaard [Thu, 21 Sep 2017 21:21:36 +0000 (23:21 +0200)]
mongoose: drop unused MONGOOSE_NO_DL define

This define is not used anywhere in the mongoose sources since v6.0 (commit
8927c9d22b3f), so drop it.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
8 years agopackage/pptp-linux: bump version to 1.9.0
Bernd Kuhls [Sun, 17 Sep 2017 18:37:01 +0000 (20:37 +0200)]
package/pptp-linux: bump version to 1.9.0

Updated patch status of patch 0003.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
8 years agopackage/opencv: bump version to 2.4.13.3
Bernd Kuhls [Sun, 17 Sep 2017 17:23:22 +0000 (19:23 +0200)]
package/opencv: bump version to 2.4.13.3

Removed 0002-avoid-sysctl_h.patch, applied upstream:
https://github.com/opencv/opencv/commit/61936eb1a43e732e4bc1c75b63e6cab85c6f9e94#diff-f3b4393df86251f502cee9ba1da034a5

This bump includes
https://github.com/opencv/opencv/commit/70489b1e2232ead1701519e35d151670b74c3f70#diff-9076fba682f6d51a018b6de8648e1cdb
which fixes ffmpeg static linking
http://autobuild.buildroot.net/results/544/5444b0c5556a42923e3fcdae782811a805e51b1f/
http://autobuild.buildroot.net/results/44d/44d53e4c5d4570507c7e8856fb9dd0a477dcdf63/

In-source-builds are not allowed anymore:
https://github.com/opencv/opencv/commit/777a0080cbdb98761853519b3f45136727a855c2

Re-numbered remaining patches.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
8 years agopackage/php-yaml: bump version to 2.0.2
Bernd Kuhls [Sun, 17 Sep 2017 17:16:18 +0000 (19:16 +0200)]
package/php-yaml: bump version to 2.0.2

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
8 years agopackage/libyaml: bump version to 0.1.7
Bernd Kuhls [Sun, 17 Sep 2017 17:16:17 +0000 (19:16 +0200)]
package/libyaml: bump version to 0.1.7

Removed patch after upstream committed a similar patch:
https://github.com/yaml/libyaml/commit/946596172d140497b560e016e581accb0a92cca4#diff-35a172a9ca8faa1683fc747ca94681b3

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
8 years agopackage/owfs: bump version to 3.2p1
Bernd Kuhls [Sat, 16 Sep 2017 17:09:01 +0000 (19:09 +0200)]
package/owfs: bump version to 3.2p1

Removed patch applied upstream:
https://sourceforge.net/p/owfs/code/ci/6ff4da75c2f507e3d94fa9e01a253ccebd00b916/

Added md5 hash provided by upstream.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
8 years agoluafilesystem: bump to version 1.7.0
Francois Perrad [Sat, 16 Sep 2017 08:33:25 +0000 (10:33 +0200)]
luafilesystem: bump to version 1.7.0

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
8 years agolibidn: add fix for CVE-2017-14062
Baruch Siach [Fri, 15 Sep 2017 04:40:20 +0000 (07:40 +0300)]
libidn: add fix for CVE-2017-14062

Add upstream patch fixing CVE-2017-14062:

Integer overflow in the decode_digit function in puny_decode.c in
Libidn2 before 2.0.4 allows remote attackers to cause a denial of
service or possibly have unspecified other impact.

This issue also affects libidn.

Unfortunately, the patch also triggers reconf of the documentation
subdirectory, since lib/punycode.c is listed in GDOC_SRC that is defined
in doc/Makefile.am. Add autoreconf to handle that.

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
8 years agosudo: bump to version 1.8.21p2
Baruch Siach [Fri, 15 Sep 2017 04:49:20 +0000 (07:49 +0300)]
sudo: bump to version 1.8.21p2

Switch SITE to https.

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
8 years agoiproute2: bump to version 4.13.0
Baruch Siach [Fri, 15 Sep 2017 04:15:58 +0000 (07:15 +0300)]
iproute2: bump to version 4.13.0

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
8 years agoconfigs/mx6cubox: Bump U-Boot and kernel versions
Fabio Estevam [Thu, 21 Sep 2017 15:01:13 +0000 (12:01 -0300)]
configs/mx6cubox: Bump U-Boot and kernel versions

Bump U-Boot to 2017.09 version and kernel to 4.13.3.

Signed-off-by: Fabio Estevam <fabio.estevam@nxp.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
8 years agoutil-linux: bump to v2.30.2
Carlos Santos [Thu, 21 Sep 2017 12:25:14 +0000 (09:25 -0300)]
util-linux: bump to v2.30.2

Release notes:
https://www.kernel.org/pub/linux/utils/util-linux/v2.30/v2.30.2-ReleaseNotes

Signed-off-by: Carlos Santos <casantos@datacom.ind.br>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
8 years agogdk-pixbuf: security bump to version 2.36.10
Peter Korsgaard [Thu, 21 Sep 2017 07:04:16 +0000 (09:04 +0200)]
gdk-pixbuf: security bump to version 2.36.10

Fixes the following security issues:

CVE-2017-2862 - An exploitable heap overflow vulnerability exists in the
gdk_pixbuf__jpeg_image_load_increment functionality of Gdk-Pixbuf 2.36.6.  A
specially crafted jpeg file can cause a heap overflow resulting in remote
code execution.  An attacker can send a file or url to trigger this
vulnerability.

CVE-2017-2870 - An exploitable integer overflow vulnerability exists in the
tiff_image_parse functionality of Gdk-Pixbuf 2.36.6 when compiled with
Clang.  A specially crafted tiff file can cause a heap-overflow resulting in
remote code execution.  An attacker can send a file or a URL to trigger this
vulnerability.

CVE-2017-6311 - gdk-pixbuf-thumbnailer.c in gdk-pixbuf allows
context-dependent attackers to cause a denial of service (NULL pointer
dereference and application crash) via vectors related to printing an error
message.

The host version now needs the same workaround as we do for the target to
not pull in shared-mime-info.

Also add a hash for the license file while we're at it.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
8 years agoflashrom: fix static build with uClibc
Baruch Siach [Wed, 20 Sep 2017 08:17:18 +0000 (11:17 +0300)]
flashrom: fix static build with uClibc

Define HAVE_STRNLEN to avoid local strnlen() definition.

Fixes:
http://autobuild.buildroot.net/results/7dc/7dc4298e3a07c73e03f70205516d68a0f4c2d297/
http://autobuild.buildroot.net/results/e36/e362848eb45f6b8100131361e6e5faa546f0bbd8/
http://autobuild.buildroot.net/results/69e/69ef10ec710f418b4d10c1edb4f2ce2e49b522bf/

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
8 years agoUpdate github hashes
Bernd Kuhls [Thu, 21 Sep 2017 09:13:59 +0000 (11:13 +0200)]
Update github hashes

It seems github now sometimes provides slightly changed tarballs which
produce a different sha256 hash than before. This commit fixes the
hashes of the packages when sources.buildroot.net does not store a copy
of the tarball matching the current hash.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
8 years agopackage/samba4: security bump to version 4.6.8
Bernd Kuhls [Wed, 20 Sep 2017 18:09:43 +0000 (20:09 +0200)]
package/samba4: security bump to version 4.6.8

Release notes:
https://www.samba.org/samba/history/samba-4.6.8.html

Fixes
- CVE-2017-12150 (SMB1/2/3 connections may not require signing where
  they should)
- CVE-2017-12151 (SMB3 connections don't keep encryption across DFS
  redirects)
- CVE-2017-12163 (Server memory information leak over SMB1)

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
8 years agopackage/zstd: Install tools into /usr/bin, not /usr/local/bin
Andrey Smirnov [Sat, 16 Sep 2017 00:27:12 +0000 (17:27 -0700)]
package/zstd: Install tools into /usr/bin, not /usr/local/bin

Install tools into /usr/bin, not /usr/local/bin, since /usr/local/bin
is not in PATH by deafault.

[Peter: set PREFIX to /usr to really install into /usr/bin]
Signed-off-by: Andrey Smirnov <andrew.smirnov@gmail.com>
Tested-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
8 years agopackage/python3: bump to 3.6.2
Andrey Smirnov [Mon, 18 Sep 2017 22:34:41 +0000 (15:34 -0700)]
package/python3: bump to 3.6.2

Bump Python3 version to 3.6.2.

Patches dropped:

"Support PGEN_FOR_BUILD and FREEZE_IMPORTLIB_FOR_BUILD"

Rationale: With commit 9d02f562961efd12d3c8317a10916db7f77330cc, code
generation step of building CPython now became explicit (instead of
always performed as a part of 'make' invocation) and more granular. We
no longer need to use Parser/pgen at all and tricking the build system
into using different Programs/_freeze_importlib can be done as a part
of recipe.

Additional info about the build change can be found at
https://bugs.python.org/issue23404

Signed-off-by: Andrey Smirnov <andrew.smirnov@gmail.com>
Tested-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
8 years agopackage/tvheadend: bump version
Bernd Kuhls [Wed, 20 Sep 2017 10:54:36 +0000 (12:54 +0200)]
package/tvheadend: bump version

It seems github now sometimes provides slightly changed tarballs which
produce a different sha256 hash than before, this is the case for
tvheadend. Instead of fixing the hash lets bump to current HEAD and
hope that the new hash will be valid for a longer period of time ;)

Fixes
http://autobuild.buildroot.net/results/59a/59ad7940dcd498cd0aaec26c8497b21e64379a6f/

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
8 years agozstd: bump to version 1.3.1
Baruch Siach [Fri, 15 Sep 2017 12:39:59 +0000 (15:39 +0300)]
zstd: bump to version 1.3.1

In this release zstd added the GPLv2 license and removed the PATENTS
clause (upstream commit 4f73b3b55d83b).

Cc: Andrey Smirnov <andrew.smirnov@gmail.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Tested-by: Andrey Smirnov <andrew.smirnov@gmail.com>
Tested-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
8 years agochrony: bump version to 3.2
Peter Korsgaard [Fri, 15 Sep 2017 14:27:49 +0000 (16:27 +0200)]
chrony: bump version to 3.2

Also add a hash for the license file while we're at it.

[Peter: use tuxfamily.org URL for annoucement]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
8 years agochrony: add optional seccomp support
Peter Korsgaard [Fri, 15 Sep 2017 14:24:37 +0000 (16:24 +0200)]
chrony: add optional seccomp support

seccomp support has been available since chrony-2.2

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
8 years agolcdproc: fix build with musl libc
Baruch Siach [Fri, 8 Sep 2017 11:31:14 +0000 (14:31 +0300)]
lcdproc: fix build with musl libc

Add a patch adding missing linux ioctl header.

Fixes:
http://autobuild.buildroot.net/results/58a/58a9b98d08060c6ed9e8855ba9f59d03aa2f3e2c/
http://autobuild.buildroot.net/results/5b2/5b2c1bc872cebc7aadf93995b71178bba29e0b25/
http://autobuild.buildroot.net/results/125/12594e613f8fc106e477411f76093654a084c01c/

Cc: Sven Haardiek <sven.haardiek@greenbone.net>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
8 years agoaugeas: security bump to version 1.8.1
Jörg Krause [Wed, 20 Sep 2017 13:09:31 +0000 (15:09 +0200)]
augeas: security bump to version 1.8.1

Fixes CVE-2017-7555 - Augeas versions up to and including 1.8.0 are
vulnerable to heap-based buffer overflow due to improper handling of escaped
strings.  Attacker could send crafted strings that would cause the
application using augeas to copy past the end of a buffer, leading to a
crash or possible code execution.

[Peter: extend description]
Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
8 years agolinux: bump default to version 4.13.3
Bernd Kuhls [Wed, 20 Sep 2017 07:53:41 +0000 (09:53 +0200)]
linux: bump default to version 4.13.3

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
8 years agolinux-headers: bump 3.2.x and 4.{4, 9, 12, 13}.x series
Bernd Kuhls [Wed, 20 Sep 2017 07:53:40 +0000 (09:53 +0200)]
linux-headers: bump 3.2.x and 4.{4, 9, 12, 13}.x series

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
8 years agopackage/softether: bump version
Bernd Kuhls [Wed, 20 Sep 2017 10:41:43 +0000 (12:41 +0200)]
package/softether: bump version

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
8 years agopackage/softether: update patch to remove renames
Bernd Kuhls [Wed, 20 Sep 2017 10:41:42 +0000 (12:41 +0200)]
package/softether: update patch to remove renames

Since
https://git.buildroot.net/buildroot/commit/?id=85f11d08c387c200dbb59a8559f2ba62376689bf
buildroot refuses to apply patches that contain renames.

Fixes
http://autobuild.buildroot.net/results/223/2237b9ec78044678aac9e743318ce5dc01309ab7/

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
8 years agopackage/softether: fix hash
Bernd Kuhls [Wed, 20 Sep 2017 10:41:41 +0000 (12:41 +0200)]
package/softether: fix hash

The tarball downloaded today from github does not match the checksum
which once was valid.

Comparing both
https://github.com/SoftEtherVPN/SoftEtherVPN/archive/1e17c9bcfd7e7b31756aa5389bcbff76c2c9c88a/softether-1e17c9bcfd7e7b31756aa5389bcbff76c2c9c88a.tar.gz
http://sources.buildroot.net/softether-1e17c9bcfd7e7b31756aa5389bcbff76c2c9c88a.tar.gz
shows no differences in content.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
8 years agosupport/scripts/apply-patches.sh: do not apply patches with renames
Thomas Petazzoni [Sat, 24 Jun 2017 19:59:36 +0000 (21:59 +0200)]
support/scripts/apply-patches.sh: do not apply patches with renames

Patches with renames apply properly with patch >= 2.7, but not with
older patch versions. Since "git format-patch" by default generates
patches with renames, Buildroot developers often don't realize that
their patches will not apply properly on build machines that have
patch < 2.7. In order to prevent such a situation from happening
again, this commit adds some logic in apply-patches.sh to refuse
applying patches that contain renames.

Note that just searching for '^rename' is not sufficient, since the
patch commit message may contain the words "rename from" or "rename to"
as well. Therefore, the grep expression is made as accurate as possible,
checking both.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Reviewed-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
[Arnout: spaces instead of tabs (suggested by Yann);
 extend commit message.]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
8 years agotoolchain: detect external glibc in merged /usr
Cam Hutchison [Sun, 3 Sep 2017 21:00:43 +0000 (07:00 +1000)]
toolchain: detect external glibc in merged /usr

When using an external toolchain that was built with Buildroot and a
merged /usr, the dynamic linker is actually in /usr/lib.

But the check_glibc macro limits the depth it is looking for the dynamic
linker, and misses it when it is in /usr/lib because it is too deep.

We could fix that in two ways: increase the depth in which we look
for it, or follow symlinks. We choose the second solution.

Signed-off-by: Cam Hutchison <camh@xdna.net>
Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Cc: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Cc: "Yann E. MORIN" <yann.morin.1998@free.fr>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
8 years agopackage/luvi: needs git submodules
Bernd Kuhls [Mon, 4 Sep 2017 05:31:14 +0000 (07:31 +0200)]
package/luvi: needs git submodules

Luvi bundles several libraries previously provided by the upstream
tarball. Since the tarball is not available anymore we need to fetch
the git submodules. Unbundling is very hard, and we anyway don't have
the bundled libraries in Buildroot.

Fixes
http://autobuild.buildroot.net/results/26d/26d04350a761d362f40e7bd1ac09b639d61de91a/

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Acked-by: "Jörg Krause <joerg.krause@embedded.rocks>"
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
8 years agopackage/tvheadend: add optional support for rpi-userland
Bernd Kuhls [Wed, 6 Sep 2017 20:49:08 +0000 (22:49 +0200)]
package/tvheadend: add optional support for rpi-userland

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
8 years agopackage/tvheadend: add optional support for libva-accelerated transcoding
Bernd Kuhls [Wed, 6 Sep 2017 20:49:07 +0000 (22:49 +0200)]
package/tvheadend: add optional support for libva-accelerated transcoding

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
8 years agopackage/tvheadend: bump version, add optional dependencies to opus & x265
Bernd Kuhls [Wed, 6 Sep 2017 20:49:06 +0000 (22:49 +0200)]
package/tvheadend: bump version, add optional dependencies to opus & x265

This bump
https://github.com/tvheadend/tvheadend/compare/54e63e3f9af8fdc0d23f61f3cda7fa7b246c1732...303f418e1ac2bb3078f7a974b69f04ab6a56c636
updated the transcoding support already present:
https://github.com/tvheadend/tvheadend/commit/014bb9505e1d7eb6e37e10931dd89ab3b1a0dc01

To avoid these build errors

src/transcoding/codec/codecs/libs/libx26x.c:105:18: fatal error: x264.h: No such file or directory
 #include <x264.h>

src/transcoding/codec/codecs/libs/libx26x.c:213:18: fatal error: x265.h: No such file or directory
 #include <x265.h>

src/transcoding/codec/codecs/libs/libopus.c:23:31: fatal error: opus/opus_defines.h: No such file or directory
 #include <opus/opus_defines.h>

we need to add dependency handling already with this patch and keep the
hard dependency x264 as minimum codec for transcoding but we now need
to enable BR2_PACKAGE_FFMPEG_GPL to enable x264-support also in ffmpeg.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
8 years agopackage/tvheadend: add option to en-/disable transcoding support
Bernd Kuhls [Wed, 6 Sep 2017 20:49:05 +0000 (22:49 +0200)]
package/tvheadend: add option to en-/disable transcoding support

https://github.com/tvheadend/tvheadend/commit/014bb9505e1d7eb6e37e10931dd89ab3b1a0dc01
extended the already present transcoding support and included vaapi-
accelerated transcoding.

In order to support these new options and their numerous dependencies
we add a new Kconfig option for transcoding support to allow users to
disable transcoding support, because they use tvheadend for recording
or by its internal hts protocol, for example with the kodi-pvr-hts
addon.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
8 years agopackage/freescale-imx: add support for i.MX6UL
Julien BOIBESSOT [Thu, 7 Sep 2017 13:00:06 +0000 (15:00 +0200)]
package/freescale-imx: add support for i.MX6UL

Mostly to compile imx-lib (providing libpxp) on i.MX6UL (which have a
PXP hardware unit) and to prevent compilation of imx-lib's modules not
supported on i.MX6UL.

Signed-off-by: Julien BOIBESSOT <julien.boibessot@armadeus.com>
Acked-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
8 years agosupport/download: fix check_one_hash description
Gaël PORTAY [Mon, 11 Sep 2017 19:32:32 +0000 (15:32 -0400)]
support/download: fix check_one_hash description

Function check_one_hash takes three arguments:
 - algo hash
 - known hash
 - file to hash

Signed-off-by: Gaël PORTAY <gael.portay@savoirfairelinux.com>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
8 years agoopenipmi: bump to version 2.0.24
Joel Stanley [Thu, 14 Sep 2017 04:17:48 +0000 (13:47 +0930)]
openipmi: bump to version 2.0.24

Some changes in addition to the version bump:

 - The uint32_t patch is now upstream
 - Drop --no-glib12 flag as support was removed in 2.0.23
 - The host library path patch was refreshed

Signed-off-by: Joel Stanley <joel@jms.id.au>
Reviewed-by: Bernd Kuhls <bernd.kuhls@t-online.de>
[Arnout: remove uint32_t patch from hash file]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
8 years agopython-numpy: Bump to the most recent release 1.13.1
Alexey Brodkin [Fri, 15 Sep 2017 10:46:06 +0000 (13:46 +0300)]
python-numpy: Bump to the most recent release 1.13.1

Note previously used location for releases on SourceForge is no longer
supported (latest tarball v1.11.2 available there is dated 2016-10-04)
so as other distros
(see, Fedora http://pkgs.fedoraproject.org/cgit/rpms/numpy.git/tree/numpy.spec?id=7013948f8ba073c69a91a545f0a0898cb62652fa#n22)
we get release tarball directly from GitHub.

Also note 0001-no-fenv-on-uclibc.patch was rebased on v1.13.1.

0002-Don-t-blindly-enable-frexpl-and-ldexpl-for-uClibc.patch is no
longer needed. Since https://github.com/numpy/numpy/pull/4852, there
is a wrapper for frexpl and ldexpl like for the other math functions.

Signed-off-by: Alexey Brodkin <abrodkin@synopsys.com>
Cc: Rahul Bedarkar <rahulbedarkar89@gmail.com>
Cc: Gwenhael Goavec-Merou <gwenhael.goavec-merou@trabucayre.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Cc: Peter Korsgaard <peter@korsgaard.com>
Reviewed-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
[Arnout: improve explanation of 0002-Don-t-blindly-enable-frexpl-and-ldexpl-for-uClibc.patch]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
8 years agopackage/poppler: bump version to 0.59.0
Bernd Kuhls [Sun, 17 Sep 2017 18:28:18 +0000 (20:28 +0200)]
package/poppler: bump version to 0.59.0

Removed patch applied upstream:
https://cgit.freedesktop.org/poppler/poppler/commit/poppler/Form.h?id=a9581e624fa62b3905b790ac10d1349b1f96048a

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Acked-by: Olivier Schonken <olivier.schonken@gmail.com>
Signed-off-by: Bernd Kuhls &lt;<a href="mailto:bernd.kuhls@t-online.de">bernd.kuhls@t-online.de</a>&gt;<br>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
8 years agopackage/poppler: fix libcurl support
Bernd Kuhls [Sun, 17 Sep 2017 18:28:17 +0000 (20:28 +0200)]
package/poppler: fix libcurl support

BR2_PACKAGE_POPPLER_LIBCURL is not defined in poppler/Config.in.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Acked-by: Olivier Schonken <olivier.schonken@gmail.com>
Signed-off-by: Bernd Kuhls &lt;<a href="mailto:bernd.kuhls@t-online.de">bernd.kuhls@t-online.de</a>&gt;<br>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
8 years agoutil-linux: add missing dynamic library dependency
Baruch Siach [Tue, 19 Sep 2017 05:17:52 +0000 (08:17 +0300)]
util-linux: add missing dynamic library dependency

Commit f52af619185 (util-linux: add menu items for login utilities)
forgot to propagate the !BR2_STATIC_LIBS dependency of linux-pam to
BR2_PACKAGE_UTIL_LINUX_LOGIN. Fix this.

Fixes:
http://autobuild.buildroot.net/results/e47/e472891a656e40f33081d9a5db1b1b6d71c1389f/
http://autobuild.buildroot.net/results/9e4/9e443720ca247292ea612851962c611a9bcd3450/
http://autobuild.buildroot.net/results/88f/88f4cecd7e2844701b0e75279c112e37283fc7f9/

Cc: Carlos Santos <casantos@datacom.ind.br>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Reviewed-by: Carlos Santos <casantos@datacom.ind.br>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
8 years agopackage/libebur128: bump version to 1.2.2, add hash
Bernd Kuhls [Tue, 19 Sep 2017 16:14:21 +0000 (18:14 +0200)]
package/libebur128: bump version to 1.2.2, add hash

Upstream removed the speex dependency:
https://github.com/jiixyj/libebur128/commit/54d61fd072bc526c3c56c96dd7a3d0ef0678d5b0

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
8 years agocmake: expose the host variant in menuconfig
Peter Korsgaard [Tue, 19 Sep 2017 10:43:49 +0000 (12:43 +0200)]
cmake: expose the host variant in menuconfig

With the addition of the sdk support it may be interesting to build
host-cmake even though no packages need it, so expose it in menuconfig.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Acked-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
8 years agoxen: add upstream post-4.9.0 security fixes
Peter Korsgaard [Tue, 19 Sep 2017 15:03:14 +0000 (17:03 +0200)]
xen: add upstream post-4.9.0 security fixes

Fixes the following security issues:

XSA-226: multiple problems with transitive grants (CVE-2017-12135)
XSA-227: x86: PV privilege escalation via map_grant_ref (CVE-2017-12137)
XSA-228: grant_table: Race conditions with maptrack free list handling
         (CVE-2017-12136)
XSA-230: grant_table: possibly premature clearing of GTF_writing /
         GTF_reading (CVE-2017-12855)
XSA-231: Missing NUMA node parameter verification (CVE-2017-14316)
XSA-232: Missing check for grant table (CVE-2017-14318)
XSA-233: cxenstored: Race in domain cleanup (CVE-2017-14317)
XSA-234: insufficient grant unmapping checks for x86 PV guests
         (CVE-2017-14319)
XSA-235: add-to-physmap error paths fail to release lock on ARM

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Reviewed-by: Alistair Francis <alistair.francis@xilinx.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
8 years agopkgconf: expose the host variant in menuconfig
Peter Korsgaard [Tue, 19 Sep 2017 11:05:27 +0000 (13:05 +0200)]
pkgconf: expose the host variant in menuconfig

With the addition of the sdk support it may be interesting to build
host-pkgconf even though no packages need it, so expose it in menuconfig.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
8 years agopkgconf: update upstream URL in Config.in
Peter Korsgaard [Tue, 19 Sep 2017 11:05:26 +0000 (13:05 +0200)]
pkgconf: update upstream URL in Config.in

The download location got changed two years ago when the version was bumped
to 0.9.12, but the upstream URL in Config.in wasn't updated.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
8 years agopackage/apache: add patch to fix CVE-2017-9798
Bernd Kuhls [Tue, 19 Sep 2017 18:54:34 +0000 (20:54 +0200)]
package/apache: add patch to fix CVE-2017-9798

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
8 years agopackage/libinput: bump version to 1.8.2
Bernd Kuhls [Mon, 18 Sep 2017 18:35:37 +0000 (20:35 +0200)]
package/libinput: bump version to 1.8.2

Added all hashes applied upstream.

Renamed configure option -event-gui to -debug-gui after upstream commit
https://cgit.freedesktop.org/wayland/libinput/commit/configure.ac?h=1.8-branch&id=a69294251df92e818f695cd2456c8eb860e02522

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
8 years agopackage/proxychains-ng: security bump to version 4.11
Bernd Kuhls [Sun, 17 Sep 2017 18:52:16 +0000 (20:52 +0200)]
package/proxychains-ng: security bump to version 4.11

Version 4.9 fixes CVE-2015-3887:
https://github.com/rofl0r/proxychains-ng/issues/60

Added md5 & sha1 hashes provided by upstream.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
8 years agoDEVELOPERS: Remove email at pcre2
Naoki Matsumoto [Tue, 19 Sep 2017 00:51:30 +0000 (09:51 +0900)]
DEVELOPERS: Remove email at pcre2

I'm going to leave current company and
this mail address is going to become invalid.

Signed-off-by: Naoki Matsumoto <n-matsumoto@melcoinc.co.jp>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
8 years agopackage/x11r7/xdriver_xf86-input-libinput: bump version to 0.26.0
Bernd Kuhls [Mon, 18 Sep 2017 18:24:59 +0000 (20:24 +0200)]
package/x11r7/xdriver_xf86-input-libinput: bump version to 0.26.0

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
8 years agopackage/{mesa3d, mesa3d-headers}: bump version to 17.2.1
Bernd Kuhls [Mon, 18 Sep 2017 08:13:42 +0000 (10:13 +0200)]
package/{mesa3d, mesa3d-headers}: bump version to 17.2.1

Added all hashes provided by upstream.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
8 years agodocs/manual: fix typo
Luca Ceresoli [Mon, 18 Sep 2017 09:34:18 +0000 (11:34 +0200)]
docs/manual: fix typo

Signed-off-by: Luca Ceresoli <luca@lucaceresoli.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
8 years agocmake: explicitly disable openssl support for host-cmake
Peter Korsgaard [Mon, 18 Sep 2017 17:38:48 +0000 (19:38 +0200)]
cmake: explicitly disable openssl support for host-cmake

host-cmake will optionally link with openssl for the embedded copy of
libarchive if available, leaking host dependencies and possibly causing
build issues in case of compatibility issues - E.G. the host-cmake version
we have in 2017.02.x doesn't build against openssl-1.1.0+:

https://github.com/libarchive/libarchive/issues/810

The openssl support in libarchive is unlikely to be needed, so explicitly
disable it.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
8 years agopackage/openal: bump version to 1.18.1
Bernd Kuhls [Sat, 16 Sep 2017 13:11:37 +0000 (15:11 +0200)]
package/openal: bump version to 1.18.1

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
8 years agopackage/bluez5_utils: security bump version to 5.47
Bernd Kuhls [Sat, 16 Sep 2017 08:41:17 +0000 (10:41 +0200)]
package/bluez5_utils: security bump version to 5.47

Fixes CVE-2017-1000250 - All versions of the SDP server in BlueZ 5.46 and
earlier are vulnerable to an information disclosure vulnerability which
allows remote attackers to obtain sensitive information from the bluetoothd
process memory.  This vulnerability lies in the processing of SDP search
attribute requests.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
8 years agostella: fix error when building with uClibc-ng
Sergio Prado [Sat, 16 Sep 2017 13:37:09 +0000 (10:37 -0300)]
stella: fix error when building with uClibc-ng

The uClibc-ng C library defines a type called R0 that conflits with a
global variable called R0 from PaddleReader.cxx.

src/emucore/tia/PaddleReader.cxx:25:3: error: ‘constexpr const double R0’ redeclared as different kind of symbol
   R0 = 1.5e3,
   ^

/home/sprado/workspace/build/buildroot/build/stella_uclibc/host/arm-buildroot-linux-uclibcgnueabi/sysroot/usr/include/sys/ucontext.h:42:3:note: previous declaration ‘<anonymous enum> R0’
   R0 = 0,
   ^~

So let's redefine R0 as a private member of the PaddleReader class.

This patch has already been accepted upstream [1] and should be removed in
the next version bump.

[1] https://github.com/stella-emu/stella/commit/391601d2386e41372d6fa198fbe40287d2e87542

Fixes:

http://autobuild.buildroot.net/results/9ab5772f01236eaa7def66a2f443f13efca8c34c
http://autobuild.buildroot.net/results/5a4a194fe85e04ab31b146367c5a45e4f7688fca
http://autobuild.buildroot.net/results/31f6bb3f5879d056fe152ca19b6b0367cc636212
...

Signed-off-by: Sergio Prado <sergio.prado@e-labworks.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
8 years agopackage/pinentry: bump version to 1.0.0
Bernd Kuhls [Sun, 17 Sep 2017 15:18:35 +0000 (17:18 +0200)]
package/pinentry: bump version to 1.0.0

Removed patch applied upstream:
https://git.gnupg.org/cgi-bin/gitweb.cgi?p=pinentry.git;a=commitdiff;h=f0db3192463cccf4541820de36d985629c4df6ee

Added sha256 hash.

Added dependencies to libassuan & libgpg-error needed after
https://git.gnupg.org/cgi-bin/gitweb.cgi?p=pinentry.git;a=commit;h=302903f76b8d62b1e07219a203f7219cb3aff7d8

Removed CXXFLAGS added for gcc >= 5.x as noted by Thomas:
https://git.buildroot.net/buildroot/commit/package/pinentry?id=9694305ae0b2a7dbdcc74e2c646d392ceed9876f

Renamed configure option -pinentry-qt4 to -pinentry-qt after
https://git.gnupg.org/cgi-bin/gitweb.cgi?p=pinentry.git;a=commit;h=abb59f50abf698ff1e56490fb39bcc98c26ab44b
Qt5 support, also added by this upstream commit, will be added to this
package with a subsequent commit.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
8 years agopackage/imagemagick: security bump to version 7.0.7-1
Bernd Kuhls [Sun, 17 Sep 2017 09:16:52 +0000 (11:16 +0200)]
package/imagemagick: security bump to version 7.0.7-1

Quoting CVE-related issues from
https://github.com/ImageMagick/ImageMagick/blob/master/ChangeLog

2017-07-29 7.0.6-5 Glenn Randers-Pehrson <glennrp@image...>
  * Fix improper use of NULL in the JNG decoder (CVE-2017-11750, Reference
    https://github.com/ImageMagick/ImageMagick/issues/632).

2017-07-24 7.0.6-4 Cristy <quetzlzacatenango@image...>
  * Fixed numerous memory leaks (reference
    https://github.com/ImageMagick/ImageMagick/issues) including
    https://github.com/ImageMagick/ImageMagick/issues/618 (CVE-2017-12676).

2017-07-23  7.0.6-3 Glenn Randers-Pehrson <glennrp@image...>
  * Fix memory leaks when reading a malformed JNG image:
    https://github.com/ImageMagick/ImageMagick/issues/600 (CVE-2017-13141),
    https://github.com/ImageMagick/ImageMagick/issues/602 (CVE-2017-12565).

2017-07-19 7.0.6-2 Cristy <quetzlzacatenango@image...>
  * coders/png.c: fixed memory leak of quantum_info (CVE-2017-11539, reference
    https://github.com/ImageMagick/ImageMagick/issues/582
  * coders/png.c: fixed NULL dereference when trying to write an empty MNG
    (CVE-2017-11522, reference
    https://github.com/ImageMagick/ImageMagick/issues/586).

2017-06-22  7.0.6-1 Glenn Randers-Pehrson <glennrp@image...>
  * Stop a memory leak in read_user_chunk_callback() (reference
    https://github.com/ImageMagick/ImageMagick/issues/517,
    CVE 2017-11310).

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
8 years agopackage/pcmanfm: bump version to 1.2.5
Bernd Kuhls [Sun, 17 Sep 2017 08:27:27 +0000 (10:27 +0200)]
package/pcmanfm: bump version to 1.2.5

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
8 years agopackage/libfm: bump version to 1.2.5
Bernd Kuhls [Sun, 17 Sep 2017 08:27:26 +0000 (10:27 +0200)]
package/libfm: bump version to 1.2.5

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
8 years agopackage/pcsc-lite: bump version to 1.8.22
Bernd Kuhls [Sun, 17 Sep 2017 08:25:24 +0000 (10:25 +0200)]
package/pcsc-lite: bump version to 1.8.22

Release notes:
http://lists.alioth.debian.org/pipermail/pcsclite-muscle/2017-June/000925.html

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
8 years agopackage/pcre2: bump version to 10.30
Bernd Kuhls [Sun, 17 Sep 2017 08:20:33 +0000 (10:20 +0200)]
package/pcre2: bump version to 10.30

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
8 years agopackage/libgcrypt: bump version to 1.8.1
Bernd Kuhls [Sun, 17 Sep 2017 09:56:25 +0000 (11:56 +0200)]
package/libgcrypt: bump version to 1.8.1

Added sha1 hash provided by upstream.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
8 years agopackage/phytool: bump version to 2
Bernd Kuhls [Sun, 17 Sep 2017 09:40:02 +0000 (11:40 +0200)]
package/phytool: bump version to 2

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
8 years agopackage/php-ssh2: bump version to 1.1.2
Bernd Kuhls [Sun, 17 Sep 2017 09:23:18 +0000 (11:23 +0200)]
package/php-ssh2: bump version to 1.1.2

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
8 years agonetsnmp: install all MIB files
Julien Floret [Fri, 8 Sep 2017 13:45:48 +0000 (15:45 +0200)]
netsnmp: install all MIB files

Since commit be8e32d585f3 ("netsnmp: configurable MIB modules"),
the list of MIB modules can be selected with a configuration option.

However, there was still an hardcoded list of MIB files to exclude from
the target filesystem.
Since it is complicated to know which MIB files are necessary according
to the configuration, let's install all of them.

Cc: przemyslaw <przemyslaw.wrzos@calyptech.com>
Cc: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Julien Floret <julien.floret@6wind.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
8 years agopackage/nmon: bump version to 16g
Bernd Kuhls [Wed, 13 Sep 2017 13:57:44 +0000 (15:57 +0200)]
package/nmon: bump version to 16g

Switched _SITE to https

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>