Johan Oudinet [Thu, 26 Nov 2020 17:42:58 +0000 (18:42 +0100)]
package/erlang-p1-sip: bump version to 1.0.38
upstream is finally using include_lib to include libraries. Adapt the patch
accordingly.
The hash of the license file has changed, due to:
-Copyright 2002-2019 ProcessOne SARL
+Copyright 2002-2020 ProcessOne SARL
Signed-off-by: Johan Oudinet <johan.oudinet@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Johan Oudinet [Thu, 26 Nov 2020 17:42:57 +0000 (18:42 +0100)]
package/erlang-p1-stun: bump version to 1.0.39
Signed-off-by: Johan Oudinet <johan.oudinet@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Johan Oudinet [Thu, 26 Nov 2020 17:42:56 +0000 (18:42 +0100)]
package/erlang-p1-stringprep: bump version to 1.0.23
Signed-off-by: Johan Oudinet <johan.oudinet@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Johan Oudinet [Thu, 26 Nov 2020 17:42:55 +0000 (18:42 +0100)]
package/erlang-p1-pkix: bump version to 1.0.6
Signed-off-by: Johan Oudinet <johan.oudinet@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Johan Oudinet [Thu, 26 Nov 2020 17:42:54 +0000 (18:42 +0100)]
package/erlang-p1-oauth2: bump version to 0.6.7
Signed-off-by: Johan Oudinet <johan.oudinet@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Johan Oudinet [Thu, 26 Nov 2020 17:42:53 +0000 (18:42 +0100)]
package/erlang-p1-acme: bump version to 1.0.9
The rebar.config.script file adds a dependency to base64url package. Since we remove
all rebar dependencies, add a patch to remove such dependency. Otherwise rebar would
try to download it during the build.
Signed-off-by: Johan Oudinet <johan.oudinet@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Johan Oudinet [Thu, 26 Nov 2020 17:42:52 +0000 (18:42 +0100)]
package/erlang-p1-yconf: bump version to 1.0.8
Signed-off-by: Johan Oudinet <johan.oudinet@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Johan Oudinet [Thu, 26 Nov 2020 17:42:51 +0000 (18:42 +0100)]
package/erlang-p1-mqtree: bump version to 1.0.10
Signed-off-by: Johan Oudinet <johan.oudinet@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Johan Oudinet [Thu, 26 Nov 2020 17:42:50 +0000 (18:42 +0100)]
package/erlang-jiffy: bump version to 1.0.6
Signed-off-by: Johan Oudinet <johan.oudinet@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Johan Oudinet [Thu, 26 Nov 2020 17:42:49 +0000 (18:42 +0100)]
package/erlang-p1-xml: bump version to 1.1.44
Signed-off-by: Johan Oudinet <johan.oudinet@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Johan Oudinet [Thu, 26 Nov 2020 17:42:48 +0000 (18:42 +0100)]
package/erlang-p1-tls: bump version to 1.1.9
The license file hash has changed due to:
-Copyright 2002-2019 ProcessOne SARL
+Copyright 2002-2020 ProcessOne SARL
Signed-off-by: Johan Oudinet <johan.oudinet@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Johan Oudinet [Thu, 26 Nov 2020 17:42:47 +0000 (18:42 +0100)]
package/erlang-p1-zlib: bump version to 1.0.9
The license file hash has changed due to:
-Copyright 2002-2019 ProcessOne SARL
+Copyright 2002-2020 ProcessOne SARL
Signed-off-by: Johan Oudinet <johan.oudinet@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Johan Oudinet [Thu, 26 Nov 2020 17:42:46 +0000 (18:42 +0100)]
package/erlang-eimp: bump version to 1.0.17
Signed-off-by: Johan Oudinet <johan.oudinet@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Johan Oudinet [Thu, 26 Nov 2020 17:42:45 +0000 (18:42 +0100)]
package/erlang-p1-cache-tab: bump version to 1.0.25
Signed-off-by: Johan Oudinet <johan.oudinet@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Johan Oudinet [Thu, 26 Nov 2020 17:42:44 +0000 (18:42 +0100)]
package/erlang-p1-utils: bump version to 1.0.20
Signed-off-by: Johan Oudinet <johan.oudinet@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Peter Seiderer [Sun, 29 Nov 2020 17:56:33 +0000 (18:56 +0100)]
package/kmsxx: bump version to
5489056 and convert to meson build
- remove 0001-fix-compiler-errors-with-gcc-10.patch
(upstream)
- remove 0002-added-include-string-to-card.h-to-follow-gcc10-porti.patch
(upstream)
- convert to meson
- add patch to use system fmt instead of git submodule (fixes
configure 'ERROR: Include dir ext/fmt/include does not exist.')
- add patch to use system pybind11 instead of git submodule (fixes
configure 'ERROR: Include dir ext/pybind11/include does not exist.')
- add patch to use python only if pykms is enabled (fixes
configure 'ERROR: Dependency "pybind11" not found, tried pkgconfig')
- add optional libevdev dependency (needed for utils/kmstouch)
- update LICENSE file hash (replaced short copyright notice and
link to http://mozilla.org/MPL/2.0/ with complete license text)
- lift toolchain headers requirement to at least 4.11 (include
linux/dma-buf.h)
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Wed, 18 Nov 2020 17:18:27 +0000 (18:18 +0100)]
package/kmsxx: fix build with gcc 10
Fixes:
- http://autobuild.buildroot.org/results/
59f70fb725c2f07e27dc818839e02f2788ee490c
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Peter Seiderer [Sun, 29 Nov 2020 20:58:42 +0000 (21:58 +0100)]
package/fmt: bump version to 7.1.3
For details see [1], [2], [3] and [4].
[1] https://github.com/fmtlib/fmt/releases/tag/7.1.0
[2] https://github.com/fmtlib/fmt/releases/tag/7.1.1
[3] https://github.com/fmtlib/fmt/releases/tag/7.1.2
[4] https://github.com/fmtlib/fmt/releases/tag/7.1.3
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Angelo Compagnucci [Tue, 1 Dec 2020 21:30:53 +0000 (22:30 +0100)]
package/cups-filters: bump to version 1.28.4
While bumping, removing upstreamed patches. Removing also autoreconf
step cause we are not patching it anymore.
License hash is changed due to remove of notice for file
filter/sys5ippprinter.c.
Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Julien Olivain [Tue, 17 Nov 2020 21:21:45 +0000 (22:21 +0100)]
package/linux-firmware: install Ath10k QCA9377 sdio firmware
linux-firmware version
20201022 introduced a new sdio firmware for
QCA9377 sdio devices. Install it when support is selected.
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Julien Olivain [Tue, 17 Nov 2020 21:21:44 +0000 (22:21 +0100)]
package/linux-firmware: bump version to
20201022
This update is motivated by the inclusion SDIO firmware for QCA9377 WiFi
cards in this new version. See [1].
The license file "WHENCE" content/checksum has changed, since it's an
index of firmware provenance and their licenses, and many new firmware
files were added.
For the full linux-firmware change log, see tag
20201022 log [2].
[1] https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git/commit/?id=
d7904d5b07a9e2c4cdd9f8b2c5a5faa9c6e665cf
[2] https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git/log/?h=
20201022
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Julien Olivain [Tue, 17 Nov 2020 21:21:43 +0000 (22:21 +0100)]
package/linux-firmware: reformat hash file using the 2 spaces convention
For readability, this reformatting is done in a separate commit, as this
package contains many license files.
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fabrice Fontaine [Thu, 19 Nov 2020 22:11:40 +0000 (23:11 +0100)]
package/bind: fix license hash
Commit
9679d3f0218519ea7a01f3b5fefb7f6dd23b138e forgot to update hash of
COPYRIGHT which was updated to replace http by https:
https://gitlab.isc.org/isc-projects/bind9/-/commit/
400171aee8db87c3973987980327051a58a20a80
Fixes:
- http://autobuild.buildroot.org/results/
db614a6fa1e17af2fa5c1d4a0d51cdf770893ca9
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Angelo Compagnucci [Mon, 9 Nov 2020 16:58:03 +0000 (17:58 +0100)]
package/environment-setup: add better kernel handling
Exporting ARCH and KERNELDIR makes easier to compile an external kernel
or out of tree kernel modules.
Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Reviewed-by: Matt Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Bernd Kuhls [Mon, 30 Nov 2020 17:40:06 +0000 (18:40 +0100)]
package/{mesa3d, mesa3d-headers}: bump version to 20.2.3
Release notes of this bugfix release:
https://lists.freedesktop.org/archives/mesa-announce/2020-November/000607.html
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Marcus Folkesson [Tue, 1 Dec 2020 07:00:05 +0000 (08:00 +0100)]
package/libostree: bump to version 2020.8
Signed-off-by: Marcus Folkesson <marcus.folkesson@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Angelo Compagnucci [Sun, 8 Nov 2020 17:07:18 +0000 (18:07 +0100)]
package/python-pydal: bump to version
20200910.1
While bumping updating the sha256 computation method.
Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Angelo Compagnucci [Sun, 8 Nov 2020 16:57:55 +0000 (17:57 +0100)]
package/python-can: bump to verison 3.3.4
Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Vincent Stehlé [Thu, 26 Nov 2020 21:59:24 +0000 (22:59 +0100)]
configs/bananapi_m2_zero: bump Linux and U-Boot versions
Bump Linux kernel to 5.9.11 and U-Boot to 2020.10.
Signed-off-by: Vincent Stehlé <vincent.stehle@laposte.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Vincent Stehlé [Fri, 27 Nov 2020 13:12:12 +0000 (14:12 +0100)]
configs/aarch64_efi: bump kernel version
Bump Linux kernel version to 5.9.11.
Signed-off-by: Vincent Stehlé <vincent.stehle@laposte.net>
Cc: Erico Nunes <nunes.erico@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Francois Perrad [Sat, 28 Nov 2020 07:45:55 +0000 (08:45 +0100)]
package/lua-lyaml: bump to version 6.2.7
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Peter Seiderer [Fri, 27 Nov 2020 23:22:25 +0000 (00:22 +0100)]
package/libinput: bump version to 1.16.4
For details see [1].
[1] https://lists.freedesktop.org/archives/wayland-devel/2020-November/041664.html
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Thu, 26 Nov 2020 19:08:42 +0000 (20:08 +0100)]
package/x11r7/xserver_xorg-xserver: drop obsolete patch
Drop second patch following upstream review:
https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/555
Indeed, this patch has been dropped from openembedded since 2018 because
"it is forcing input to use SIGIO, despite the fact that since 2015
xserver has used an input thread.":
https://github.com/openembedded/openembedded-core/commit/
cde11398e6d74ad8f27334199b4bd99cdf1f0ff7
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Norbert Lange [Fri, 27 Nov 2020 10:29:47 +0000 (11:29 +0100)]
package/lz4: bump version to 1.9.3
Signed-off-by: Norbert Lange <nolange79@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Fri, 27 Nov 2020 17:13:36 +0000 (18:13 +0100)]
package/linux-pam: bump to version 1.5.1
- Drop patches (already in version) and so autoreconf
- cracklib is not a dependency since
https://github.com/linux-pam/linux-pam/commit/
d702ff714c309069111899fd07c09e31c414c166
https://github.com/linux-pam/linux-pam/releases/tag/v1.5.0
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Thomas Petazzoni [Wed, 4 Nov 2020 14:51:40 +0000 (15:51 +0100)]
support/testing/tests/core/test_cpeid: new test
This commit adds a number of test cases to verify that the CPE_ID_*
variables are properly handled by the generic package infrastructure
and that the "make show-info" JSON output matches what we expect.
A total of 5 different example packages are used to exercise different
scenarios of CPE_ID_* variables usage.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Reviewed-by: Matt Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Thomas Petazzoni [Wed, 4 Nov 2020 14:51:39 +0000 (15:51 +0100)]
package/pkg-utils.mk: expose CPE ID in show-info when available
This commit exposes a new per-package property in the "make show-info"
JSON output: "cpe-id", which exists when a valid CPE ID is available
for the package.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Reviewed-by: Matt Weber <matthew.weber@rockwellcollins.com>
Tested-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Thomas Petazzoni [Wed, 4 Nov 2020 14:51:38 +0000 (15:51 +0100)]
docs/manual: document <pkg>_CPE_ID variables
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Reviewed-by: Matt Weber <matthew.weber@rockwellcollins.com>
Reviewed-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Matt Weber [Wed, 4 Nov 2020 14:51:37 +0000 (15:51 +0100)]
package/pkg-generic.mk: add CPE ID related package variables
Currently, the match between Buildroot packages and CVEs is solely
based on the package names. Unfortunately, as one can imagine, there
isn't necessarily a strict mapping between Buildroot package names,
and how software projects are referenced in the National Vulnerability
Database (NVD) which we use.
The NVD has defined the concept of CPE (Common Platform Enumeration)
identifiers, which uniquely identifies software components based on
string looking like this:
cpe:2.3:a:netsurf-browser:libnsbmp:0.1.2:*:*:*:*:*:*:*
In particular, this CPE identifier contains a vendor name (here
"netsurf-browser"), a product name (here "libnsbmp") and a version
(here "0.1.2").
This patch series introduces the concept of CPE ID in Buildroot, where
each package can be associated to a CPE ID. A package can define one
or several of:
- <pkg>_CPE_ID_VENDOR
- <pkg>_CPE_ID_PRODUCT
- <pkg>_CPE_ID_VERSION
- <pkg>_CPE_ID_VERSION_MINOR
- <pkg>_CPE_ID_PREFIX
If one or several of those variables are defined, then the
<pkg>_CPE_ID will be defined by the generic package infrastructure as
follows:
$(2)_CPE_ID = $$($(2)_CPE_ID_PREFIX):$$($(2)_CPE_ID_VENDOR):$$($(2)_CPE_ID_NAME):$$($(2)_CPE_ID_VERSION):$$($(2)_CPE_ID_VERSION_MINOR):*:*:*:*:*:*
<pkg>_CPE_ID_* variables that are not explicitly specified by the
package will carry a default value defined by the generic package
infrastructure.
If a package is happy with the default <pkg>_CPE_ID, and therefore
does not need to define any of <pkg>_CPE_ID_{VENDOR,PRODUCT,...}, it
can set <pkg>_CPE_ID_VALID = YES.
If any of the <pkg>_CPE_ID_{VENDOR,PRODUCT,...} variables are defined
by the package, then <pkg>_CPE_ID_VALID = YES will be set by the
generic package infrastructure.
Then, it's only if <pkg>_CPE_ID_VALID = YES that a <pkg>_CPE_ID will
be defined. Indeed, we want to be able to distinguish packages for
which the CPE ID information has been checked and is considered valid,
from packages for which the CPE ID information has never been
verified. For this reason, we cannot simply define a default value
for <pkg>_CPE_ID.
The <pkg>_CPE_ID_* values for the host package are inherited from the
same variables of the corresponding target package, as we normally do
for most package variables.
Signed-off-by: Matt Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Reviewed-by: Matt Weber <matthew.weber@rockwellcollins.com>
Reviewed-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Thomas Petazzoni [Wed, 4 Nov 2020 14:51:35 +0000 (15:51 +0100)]
support/scripts/cve.py: properly match CPEs with version '*'
Currently, when the version encoded in a CPE is '-', we assume all
versions are affected, but when it's '*' with no further range
information, we assume no version is affected.
This doesn't make sense, so instead, we handle '*' and '-' in the same
way. If there's no version information available in the CVE CPE ID, we
assume all versions are affected.
This increases quite a bit the number of CVEs and package affected:
- "total-cves": 302,
- "pkg-cves": 100,
+ "total-cves": 597,
+ "pkg-cves": 135,
For example, CVE-2007-4476 has a CPE ID of:
cpe:2.3:a:gnu:tar:*:*:*:*:*:*:*:*
So it should be taken into account. In this specific case, it is
combined with an AND with CPE ID
cpe:2.3:o:suse:suse_linux:10:*:enterprise_server:*:*:*:*:* but since
we don't support this kind of matching, we'd better be on the safe
side, and report this CVE as affecting tar, do an analysis of the CVE
impact, and document it in TAR_IGNORE_CVES.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Reviewed-by: Matt Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Ismael Luceno [Sun, 22 Nov 2020 20:51:53 +0000 (21:51 +0100)]
package/axel: bump version to 2.17.10
Signed-off-by: Ismael Luceno <ismael@iodev.co.uk>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Wed, 18 Nov 2020 07:00:06 +0000 (08:00 +0100)]
package/jpeg-turbo: fix license hash
Commit
105d61c85062b18bc9555011f909c8c8a5a33277 forgot to update hash of
LICENSE.md (update in year:
https://github.com/libjpeg-turbo/libjpeg-turbo/commit/
00607ec260efa4cfe10f9b36d6e3d3590ae92d79)
While at it, also update indentation in hash file (two spaces)
Fixes:
- http://autobuild.buildroot.org/results/
66fb5c0171af73d4c1c93241b285fac8f8f494f7
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Fri, 20 Nov 2020 22:09:49 +0000 (23:09 +0100)]
package/abootimg: fix host build
Commit
05b11e24c3d4013d3caa0453d9bada9905795e35 wrongly added
ABOOTIMG_HOST_DEPENDENCIES instead of HOST_ABOOTIMG_DEPENDENCIES
Fixes:
- http://autobuild.buildroot.org/results/
c13b5424cec151cd3ad71b1cb38d6ad8ff68afa0
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Mike Frampton [Thu, 19 Nov 2020 09:08:53 +0000 (22:08 +1300)]
package/abootimg: add host build
Enabling package host build for abootimg so that boot images can be
created for boards which boot from this format.
Signed-off-by: Mike Frampton <mikeframpo@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Mike Frampton [Thu, 19 Nov 2020 09:08:52 +0000 (22:08 +1300)]
package/qcom-db410c-firmware: new package
Installs the required Wifi/BT firmware blobs for the Qualcomm
Dragonboard 410c SBC.
Signed-off-by: Mike Frampton <mikeframpo@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Thu, 19 Nov 2020 12:03:47 +0000 (13:03 +0100)]
package/radvd: fix build without stack-protector
Commit
6e85ab44493624748398ffb2c6bf4bda409f2de7 forgot to manage the new
--{with,without}-stack-protector option which has been added with
https://github.com/reubenhwk/radvd/commit/
f2cb35449f35b5815f3804161c968fde5ef2982b
and is enabled by default
Fixes:
- http://autobuild.buildroot.org/results/
e778df96f0a382a5b119724ee69f956ad455c452
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Jeff Zignego [Thu, 19 Nov 2020 21:25:45 +0000 (15:25 -0600)]
package/qt5/qt5base: fix typo for syslog support
Fix typo from
109df4deba86839704d902204d130714e32df0fa that added this
option.
Signed-off-by: Jeff Zignego <jzignego@hedcontrols.com>
Reviewed-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Fri, 13 Nov 2020 22:44:08 +0000 (23:44 +0100)]
package/ipsec-tools: drop package
Extract from http://ipsec-tools.sourceforge.net:
"The development of ipsec-tools has been ABANDONED.
ipsec-tools has security issues, and you should not use it. Please
switch to a secure alternative!"
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Fri, 13 Nov 2020 20:51:28 +0000 (21:51 +0100)]
package/qdecoder: bump to version 12.0.8
Update indentation in hash file (two spaces)
https://github.com/wolkykim/qdecoder/releases/tag/v12.0.8
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Vincent Stehlé [Fri, 13 Nov 2020 10:30:03 +0000 (11:30 +0100)]
package/pixz: bump version to v1.0.7
- Update the hash accordingly.
- Remove a patch, as its fix is in this new version of pixz.
Signed-off-by: Vincent Stehlé <vincent.stehle@laposte.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Julien Olivain [Fri, 13 Nov 2020 13:09:41 +0000 (14:09 +0100)]
package/linux-backports: bump version to 5.8
Attempting to compile this package with newer Kernel version (e.g. v5.4)
fails with message:
Generating local configuration database from kernel ...Kernel version parse failed!
Upgrading the package to 5.8 fixes this issue. Anyways, v4.4 is now
rather old and beat the very purpose of having newer drivers in older
kernels.
Since backports tag v4.14-rc4-1, the requirement on minimal kernel
version changed from 3.0 to 3.10. See commit [1]. The minimal kernel
version check is changed accordingly.
License files are also updated: the linux backports package copies the
license files from the kernel version used for its generation. v5.8 is
now "GPL-2.0 WITH Linux-syscall-note". However, there is no such SPDX
identifier (contrary to what is said in the COPYING file), so we keep it
as GPL-2.0 (which also keeps it aligned to what we have in linux.mk).
[1] https://git.kernel.org/pub/scm/linux/kernel/git/backports/backports.git/commit/?id=
a0d05f9f9ca50ea8b1d60726fac6b54167257e76
Signed-off-by: Julien Olivain <ju.o@free.fr>
Reviewed-by: Petr Vorel <petr.vorel@gmail.com>
Tested-by: Petr Vorel <petr.vorel@gmail.com>
[yann.morin.1998@free.fr: keep license as GPL-2.0, like for linux]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Yann E. MORIN [Tue, 17 Nov 2020 20:51:22 +0000 (21:51 +0100)]
Merge branch 'master' into next
* master: (125 commits)
package/jpeg-turbo: security bump to version 2.0.5
package/modem-manager: bump to version 1.14.8
package/c-ares: security bump to version 1.17.0
docs/website: update for 2020.02.8
Update for 2020.02.8
docs/website: update for 2020.08.2
Update for 2020.08.2
package/qemu: fix build with 64 bits time_t
package/harfbuzz: fix build without threads
boot/uboot: fix custom repo error message
package/numactl: needs -fPIC
package/dovecot-pigeonhole: fix build with per-package directories
package/libpam-tacplus: remove duplicate LIBPAM_TACPLUS_AUTORECONF
package/openntpd: needs host-bison
package/xorriso: fix host option
DEVELOPERS: drop Trent Piepho
package/postgresql: security bump to version 12.5
package/redis: security bump to version 6.0.9
Revert "package/linux-backports: bump version to 5.8"
package/linux-backports: bump version to 5.8
...
Heiko Stuebner [Fri, 13 Nov 2020 12:28:35 +0000 (13:28 +0100)]
package/jpeg-turbo: security bump to version 2.0.5
Fixes the following security issue:
- CVE-2020-13790: ibjpeg-turbo 2.0.4, and mozjpeg 4.0.0, has a heap-based
buffer over-read in get_rgb_row() in rdppm.c via a malformed PPM input
file
For more details, see the release notes:
https://github.com/libjpeg-turbo/libjpeg-turbo/releases/tag/2.0.5
Signed-off-by: Heiko Stuebner <heiko.stuebner@theobroma-systems.com>
[Peter: mark as security bump / extend commit message]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Fri, 13 Nov 2020 22:07:38 +0000 (23:07 +0100)]
package/radvd: bump to version 2.19
Drop patch (already in version) and so autoreconf
http://www.litech.org/radvd/CHANGES.txt:w
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Michael Nosthoff [Tue, 17 Nov 2020 16:26:46 +0000 (17:26 +0100)]
package/{protobuf, python-protobuf}: bump to version 3.14.0
python-protobuf: drop patch 0001 as it is applied upstream
Signed-off-by: Michael Nosthoff <buildroot@heine.tech>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Mircea GLIGA [Tue, 17 Nov 2020 08:37:48 +0000 (10:37 +0200)]
package/mbuffer: bump to version
20200929
Signed-off-by: Mircea GLIGA <mgliga@bitdefender.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Aleksander Morgado [Mon, 16 Nov 2020 09:44:39 +0000 (10:44 +0100)]
package/modem-manager: bump to version 1.14.8
There should be no longer any need for the ac_cv_prog_XSLTPROC_CHECK
hack, this release already removes xsltproc from being a build
dependency when building from dist tarballs.
https://lists.freedesktop.org/archives/modemmanager-devel/2020-November/008279.html
Signed-off-by: Aleksander Morgado <aleksander@aleksander.es>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Asaf Kahlon [Sun, 15 Nov 2020 19:56:54 +0000 (21:56 +0200)]
package/spdlog: bump to version 1.8.1
Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Asaf Kahlon [Sun, 15 Nov 2020 19:56:53 +0000 (21:56 +0200)]
package/{libuv, uvw}: bump to versions 1.40.0, 2.8.0_libuv_v1.40
Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Tue, 17 Nov 2020 07:04:51 +0000 (08:04 +0100)]
package/bctoolbox: drop GIT_EXECUTABLE
GIT_EXECUTABLE is not needed since version 4.3.0 and
https://github.com/BelledonneCommunications/bctoolbox/commit/
a92ea8672fc0a736c9018de31588aeeeef4a4157
https://github.com/BelledonneCommunications/bctoolbox/commit/
6c2e02ffb16f999e270c5de29bbf4dd13b9e986d
CMake Warning:
Manually-specified variables were not used by the project:
BUILD_DOC
BUILD_DOCS
BUILD_EXAMPLE
BUILD_EXAMPLES
BUILD_TEST
BUILD_TESTING
BUILD_TESTS
GIT_EXECUTABLE
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Tue, 17 Nov 2020 07:10:54 +0000 (08:10 +0100)]
package/c-ares: security bump to version 1.17.0
- avoid read-heap-buffer-overflow in ares_parse_soa_reply found during
fuzzing
- Avoid theoretical buffer overflow in RC4 loop comparison
- Empty hquery->name could lead to invalid memory access
- ares_parse_{a,aaaa}_reply() could return a larger *naddrttls than was
passed in
https://c-ares.haxx.se/changelog.html#1_17_0
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Peter Korsgaard [Tue, 17 Nov 2020 08:07:28 +0000 (09:07 +0100)]
docs/website: update for 2020.02.8
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Peter Korsgaard [Mon, 16 Nov 2020 23:04:03 +0000 (00:04 +0100)]
Update for 2020.02.8
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit
a4832641bcab4e3487a986ac31110fb2c006b2c0)
[Peter: drop Makefile changes]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Peter Korsgaard [Mon, 16 Nov 2020 22:44:10 +0000 (23:44 +0100)]
docs/website: update for 2020.08.2
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Peter Korsgaard [Mon, 16 Nov 2020 22:13:14 +0000 (23:13 +0100)]
Update for 2020.08.2
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit
5a90d87d331aa440cd024c7269a0673d94792896)
[Peter: drop Makefile changes]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Sat, 14 Nov 2020 21:53:03 +0000 (22:53 +0100)]
package/qemu: fix build with 64 bits time_t
Fix build of qemu 5.0.0 and above with 64 bites time_t
Fixes:
- http://autobuild.buildroot.org/results/
efd4474fb4b6c0ce0ab3838ce130429c51e43bbb
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Sun, 15 Nov 2020 10:23:52 +0000 (11:23 +0100)]
package/harfbuzz: fix build without threads
Fixes:
- http://autobuild.buildroot.org/results/
70c98e89b1d5e5b651d1f6928dc53f465103f57a
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Garret Kelly [Sun, 15 Nov 2020 04:40:43 +0000 (23:40 -0500)]
boot/uboot: fix custom repo error message
When using a custom git or mercurial repository for u-boot the error message
indicating a version had not been provided incorrectly stated that the URL was
missing. Update the error message to indicate that it's the version that's
missing.
Signed-off-by: Garret Kelly <garret.kelly@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Sat, 14 Nov 2020 22:11:24 +0000 (23:11 +0100)]
package/numactl: needs -fPIC
This will avoid the following build failure with qemu 5.0.0 and above:
/srv/storage/autobuild/run/instance-2/output-1/host/opt/ext-toolchain/bin/../lib/gcc/x86_64-buildroot-linux-uclibc/8.3.0/../../../../x86_64-buildroot-linux-uclibc/bin/ld: /srv/storage/autobuild/run/instance-2/output-1/host/x86_64-buildroot-linux-uclibc/sysroot/usr/lib/../lib64/libnuma.a(libnuma.o): relocation R_X86_64_32 against `.rodata.str1.1' can not be used when making a PIE object; recompile with -fPIC
Fixes:
- http://autobuild.buildroot.org/results/
616dff216a215dc0494c846d337e03e0795b2fb2
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Bernd Kuhls [Sat, 14 Nov 2020 22:10:07 +0000 (23:10 +0100)]
package/dovecot-pigeonhole: fix build with per-package directories
Fix wrong path in usr/lib/dovecot-config which was copied from the
dovecot staging dir.
Fixes:
http://autobuild.buildroot.net/results/5fb/
5fb1cd57bc3fdf4f75019c7b25d65ef887eea539/
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Bernd Kuhls [Sat, 14 Nov 2020 17:14:29 +0000 (18:14 +0100)]
package/samba4: bump version to 4.11.16
Release notes: https://www.samba.org/samba/history/samba-4.11.16.html
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Romain Naour [Sat, 14 Nov 2020 14:51:58 +0000 (15:51 +0100)]
package/libpam-tacplus: remove duplicate LIBPAM_TACPLUS_AUTORECONF
The commit [1] added a second LIBPAM_TACPLUS_AUTORECONF
because we are now patching configure.ac.
But LIBPAM_TACPLUS_AUTORECONF was already used because the
package is fetched from github.
[1]
bd85d82f61af0578a64e74e1cfb56c3c1bf46fe1
Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/
849509860
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Reviewed-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Baruch Siach [Mon, 16 Nov 2020 11:18:29 +0000 (13:18 +0200)]
package/openntpd: needs host-bison
Build fails when no yacc alternative is installed.
Fixes:
http://autobuild.buildroot.net/results/
1ba8e339cbb5646663d0bf4e158d89e54433b242/
http://autobuild.buildroot.net/results/
a00a53d6635c64e72c50d4841658155de5380110/
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Acked-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Sun, 15 Nov 2020 21:55:30 +0000 (22:55 +0100)]
package/xorriso: fix host option
--disable-bzip2 is not a recognized option so replace it by
--disable-libbz2 to match the target logic.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Thomas Petazzoni [Mon, 16 Nov 2020 13:08:08 +0000 (14:08 +0100)]
DEVELOPERS: drop Trent Piepho
We change Trent's e-mail address in commit
1c20802d4b5de5836b2ab6000a4c5e273711a8aa, but it turns out the new one
also doesn't work:
<trent.piepho@synapse.com>: host
synapse-com.mail.protection.outlook.com[104.47.57.138] said: 550 5.4.1
Recipient address rejected: Access denied. AS(
201806281)
[DM6NAM11FT063.eop-nam11.prod.protection.outlook.com] (in reply to RCPT TO
command)
So let's drop Trent entirely, which orphans the libp11 package.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Sun, 15 Nov 2020 10:51:03 +0000 (11:51 +0100)]
package/postgresql: security bump to version 12.5
Fix the following CVEs:
- CVE-2020-25695: Multiple features escape "security restricted
operation" sandbox
- CVE-2020-25694: Reconnection can downgrade connection security
settings
- CVE-2020-25696: psql's \gset allows overwriting specially treated
variables
https://www.postgresql.org/about/news/postgresql-131-125-1110-1015-9620-and-9524-released-2111
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Sat, 14 Nov 2020 14:48:47 +0000 (15:48 +0100)]
package/redis: security bump to version 6.0.9
This release fixes a potential heap overflow when using a heap allocator
other than jemalloc or glibc's malloc. See:
https://github.com/redis/redis/pull/7963
https://raw.githubusercontent.com/redis/redis/6.0/00-RELEASENOTES
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Yann E. MORIN [Sun, 15 Nov 2020 21:20:50 +0000 (22:20 +0100)]
Revert "package/linux-backports: bump version to 5.8"
This reverts commit
d2159da6a034b8287984f738974f9f8738bac1e6.
which should not have been applied to master, but to next...
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Julien Olivain [Fri, 13 Nov 2020 13:09:41 +0000 (14:09 +0100)]
package/linux-backports: bump version to 5.8
Attempting to compile this package with newer Kernel version (e.g. v5.4)
fails with message:
Generating local configuration database from kernel ...Kernel version parse failed!
Upgrading the package to 5.8 fixes this issue. Anyways, v4.4 is now
rather old and beat the very purpose of having newer drivers in older
kernels.
Since backports tag v4.14-rc4-1, the requirement on minimal kernel
version changed from 3.0 to 3.10. See commit [1]. The minimal kernel
version check is changed accordingly.
License files are also updated: the linux backports package copies the
license files from the kernel version used for its generation. v5.8 is
now "GPL-2.0 WITH Linux-syscall-note". However, there is no such SPDX
identifier (contrary to what is said in the COPYING file), so we keep it
as GPL-2.0 (which also keeps it aligned to what we have in linux.mk).
[1] https://git.kernel.org/pub/scm/linux/kernel/git/backports/backports.git/commit/?id=
a0d05f9f9ca50ea8b1d60726fac6b54167257e76
Signed-off-by: Julien Olivain <ju.o@free.fr>
Reviewed-by: Petr Vorel <petr.vorel@gmail.com>
Tested-by: Petr Vorel <petr.vorel@gmail.com>
[yann.morin.1998@free.fr: keep license as GPL-2.0, like for linux]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Peter Korsgaard [Sat, 14 Nov 2020 13:51:08 +0000 (14:51 +0100)]
Update for 2020.11-rc2
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Bartosz Bilas [Fri, 13 Nov 2020 15:15:58 +0000 (16:15 +0100)]
package/rauc: disable systemd for host build
Since there is not necessary to have support of systemd within the host
variant let's disable it unconditionally to solve the following errors:
/usr/bin/install -c -m 644 data/rauc.service '/usr/lib/systemd/system'
/usr/bin/install: cannot create regular file '/usr/lib/systemd/system/rauc.service': Permission denied
/usr/bin/install -c -m 644 data/de.pengutronix.rauc.conf 'no'
make[4]: *** [Makefile:1700: install-nodist_systemdunitDATA] Error 1
make[4]: *** Waiting for unfinished jobs....
Signed-off-by: Bartosz Bilas <b.bilas@grinn-global.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Thomas Petazzoni [Sat, 14 Nov 2020 10:48:07 +0000 (11:48 +0100)]
toolchain/toolchain-external/toolchain-external-arm-arm: add dependency on NEON
While testing Buildroot on a Cortex-A5 that doesn't provide NEON, we
found out that a system generated with the ARM toolchain from Arm
didn't boot. It turns out that this ARM toolchain is built with:
--with-arch=armv7-a --with-fpu=neon --with-float=hard --with-mode=thumb
So, it uses NEON as its FPU, which means it can only work on CPU cores
that have NEON support. This commit adds the appropriate dependency to
the toolchain-external-arm-arm package, and adjusts the Config.in help
text accordingly.
While at it, it also drops the part of the Config.in help text that
says the code is tuned for Cortex-A9, as it is not the case: it was
the case for the Linaro toolchain (built with --with-tune=cortex-a9),
but not for the ARM toolchain, for which no specific --with-tune is
passed.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Alexandre Belloni <alexandre.belloni@bootlin.com>
Cc: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Fri, 13 Nov 2020 20:21:15 +0000 (21:21 +0100)]
package/tcpdump: fix CVE-2020-8037
The ppp decapsulator in tcpdump 4.9.3 can be convinced to allocate a
large amount of memory.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Fri, 13 Nov 2020 20:00:39 +0000 (21:00 +0100)]
package/libpam-tacplus: disable -Werror
Fixes:
- http://autobuild.buildroot.org/results/
5c17226f12eba104d907693ec37fc101cc6d447f
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Fri, 13 Nov 2020 19:41:07 +0000 (20:41 +0100)]
package/mp4v2: fix build with gcc 10
Fixes:
- http://autobuild.buildroot.org/results/
4655626f1827245648a566a7223f247a130714c5
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Romain Naour [Fri, 13 Nov 2020 22:52:07 +0000 (23:52 +0100)]
package/cryptsetup: really break circular dependency
The commit [1] should fix a circular dependency by
using util-linux-libs instead of util-linux if
BR2_PACKAGE_UTIL_LINUX_LIBS is set.
But util-linux is still in CRYPTSETUP_DEPENDENCIES.
Remove it to really break the circular dependency.
[1]
e3c86f5c9e466ed5135e824d6dcebcfd7f5ac1ab
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Cc: Yann E. MORIN <yann.morin.1998@free.fr>
Reviewed-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Julien Olivain [Fri, 13 Nov 2020 13:09:40 +0000 (14:09 +0100)]
package/linux-backports: fix kernel version check
The commit
05fea6e4a60a38a797d9bacbf318a2cd7dbd435f "infra/pkg-kconfig:
do not rely on package's .config as a timestamp" broke the kernel
version check of this linux-backports package (it was no longer
executed). Since linux-4.19, the kernel's build system internally
touches its .config file, so it can no longer be used as a stamp file.
The stamp file defined in KCONFIG_STAMP_DOTCONFIG variable of
pkg-kconfig infra need to be used instead.
This commit fixes the kernel version check.
Signed-off-by: Julien Olivain <ju.o@free.fr>
Reviewed-by: Petr Vorel <petr.vorel@gmail.com>
Tested-by: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Baruch Siach [Thu, 12 Nov 2020 18:34:45 +0000 (20:34 +0200)]
package/luajit: drop static build handling
Static build of luajit is disabled since commit
b2e8f28efac
("package/luajit: disable for static build"). Remove the related
BUILDMODE handling as well.
Cc: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Fri, 13 Nov 2020 06:35:35 +0000 (07:35 +0100)]
package/quota: bump to version 4.06
- Drop patch (already in version) and so autoreconf
- Update hash of COPYING (mailing address updated:
https://sourceforge.net/p/linuxquota/code/ci/
b6bb53e1124e6b813fe4de5682b9d9a9f8a1fba8)
- Update indentation in hash file (two spaces)
https://sourceforge.net/p/linuxquota/code/ci/v4.06/tree/Changelog
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Thu, 12 Nov 2020 21:03:00 +0000 (22:03 +0100)]
package/python-thrift: bump to version 0.13.0
Updated through scanpypi
https://github.com/apache/thrift/blob/v0.13.0/CHANGES.md
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Thu, 12 Nov 2020 19:31:28 +0000 (20:31 +0100)]
package/python-yatl: bump to version
20200711.1
https://github.com/web2py/yatl/compare/v20200430.1...master
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Thu, 12 Nov 2020 22:16:30 +0000 (23:16 +0100)]
package/sshfs: bump to version 3.7.1
Drop patch (already in version)
https://github.com/libfuse/sshfs/blob/sshfs-3.7.1/ChangeLog.rst
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Romain Naour [Thu, 12 Nov 2020 23:20:52 +0000 (00:20 +0100)]
toolchain/toolchain-buildroot: only riscv64 is supported by uClibc-ng
The commit [1] enabled riscv32 and riscv64 for uClibc-ng
internal toolchain backend but only riscv64 is curently
supported by uClibc-ng.
The initial patch [2] from Mark Corbin is only about riscv64.
Remove riscv32 from uClibc-ng supported architecture list.
Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/
830981656
[1]
209a082478fca143394512bb9a6c0822f12cfe2c
[2]
bd9810e176273914eca1208bcba23f0de9e446b3
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Václav Kubernát [Wed, 11 Nov 2020 16:00:08 +0000 (17:00 +0100)]
package/perf: if zstd is enabled, depend on it
Enables the "-z" flag.
Signed-off-by: Václav Kubernát <sir.venceslas@gmail.com>
Reviewed-by: Jan Kundrát <jan.kundrat@cesnet.cz>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Václav Kubernát [Wed, 11 Nov 2020 16:00:07 +0000 (17:00 +0100)]
package/perf: if audit is enabled, depend on it
Enables the `perf trace` command.
Signed-off-by: Václav Kubernát <sir.venceslas@gmail.com>
Reviewed-by: Jan Kundrát <jan.kundrat@cesnet.cz>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Thu, 12 Nov 2020 20:22:02 +0000 (21:22 +0100)]
package/suricata: link with libatomic if needed
Fix build of suricata 6.0.0 with mips32r6
app-layer-ftp.o: In function `FTPCheckMemcap':
app-layer-ftp.c:(.text+0x284): undefined reference to `__atomic_load_8'
app-layer-ftp.c:(.text+0x2d8): undefined reference to `__atomic_fetch_add_8'
Fixes:
- http://autobuild.buildroot.org/results/
f574005204905250702df32b61c85d427ab4feda
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Bartosz Bilas [Fri, 13 Nov 2020 11:39:40 +0000 (12:39 +0100)]
package/rauc: prevent occurring the error when directory exists
Add -p argument that ignore that specified directory already exists.
Fixes:
mkdir: cannot create directory ‘/home/bartekk/buildroot-2020.11-rc1/output/target/usr/lib/systemd/system/rauc.service.d’: File exists
Signed-off-by: Bartosz Bilas <b.bilas@grinn-global.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Peter Korsgaard [Fri, 13 Nov 2020 10:31:11 +0000 (11:31 +0100)]
package/go: security bump to 1.15.5
Fixes the following security issues:
- math/big: panic during recursive division of very large numbers
A number of math/big.Int methods (Div, Exp, DivMod, Quo, Rem, QuoRem, Mod,
ModInverse, ModSqrt, Jacobi, and GCD) can panic when provided crafted
large inputs. For the panic to happen, the divisor or modulo argument
must be larger than 3168 bits (on 32-bit architectures) or 6336 bits (on
64-bit architectures). Multiple math/big.Rat methods are similarly affected.
crypto/rsa.VerifyPSS, crypto/rsa.VerifyPKCS1v15, and crypto/dsa.Verify may
panic when provided crafted public keys and signatures. crypto/ecdsa and
crypto/elliptic operations may only be affected if custom CurveParams with
unusually large field sizes (several times larger than the largest
supported curve, P-521) are in use. Using crypto/x509.Verify on a crafted
X.509 certificate chain can lead to a panic, even if the certificates
don’t chain to a trusted root. The chain can be delivered via a
crypto/tls connection to a client, or to a server that accepts and
verifies client certificates. net/http clients can be made to crash by an
HTTPS server, while net/http servers that accept client certificates will
recover the panic and are unaffected.
Moreover, an application might crash invoking
crypto/x509.(*CertificateRequest).CheckSignature on an X.509 certificate
request or during a golang.org/x/crypto/otr conversation. Parsing a
golang.org/x/crypto/openpgp Entity or verifying a signature may crash.
Finally, a golang.org/x/crypto/ssh client can panic due to a malformed
host key, while a server could panic if either PublicKeyCallback accepts a
malformed public key, or if IsUserAuthority accepts a certificate with a
malformed public key.
Thanks to the Go Ethereum team and the OSS-Fuzz project for reporting
this. Thanks to Rémy Oudompheng and Robert Griesemer for their help
developing and validating the fix.
This issue is CVE-2020-28362 and Go issue golang.org/issue/42552.
- cmd/go: arbitrary code execution at build time through cgo
The go command may execute arbitrary code at build time when cgo is in
use. This may occur when running go get on a malicious package, or any
other command that builds untrusted code.
This can be caused by malicious gcc flags specified via a #cgo directive,
or by a malicious symbol name in a linked object file.
Thanks to Imre Rad and to Chris Brown and Tempus Ex respectively for
reporting these issues.
These issues are CVE-2020-28367 and CVE-2020-28366, and Go issues
golang.org/issue/42556 and golang.org/issue/42559 respectively.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Peter Korsgaard [Fri, 13 Nov 2020 10:01:23 +0000 (11:01 +0100)]
package/wireguard-linux-compat: bump version to 1.0.
20201112
Fixes a build issue with linux 5.4.76+. For details, see the announcement:
https://lists.zx2c4.com/pipermail/wireguard/2020-November/005997.html
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Peter Korsgaard [Fri, 13 Nov 2020 08:33:20 +0000 (09:33 +0100)]
{linux, linux-headers}: bump 4.{4, 9, 14, 19}.x / 5.{4, 9}.x series
Including the fix for CVE-2020-8694:
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00389.html
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>