buildroot.git
5 years ago{linux, linux-headers}: bump 4.{4, 9, 14, 19}.x / 5.3.x series
Bernd Kuhls [Mon, 25 Nov 2019 18:54:05 +0000 (19:54 +0100)]
{linux, linux-headers}: bump 4.{4, 9, 14, 19}.x / 5.3.x series

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/libdrm: disable nouveau test for static build
Peter Seiderer [Mon, 25 Nov 2019 15:12:29 +0000 (16:12 +0100)]
package/libdrm: disable nouveau test for static build

Fixes:

  [46/66] Compiling C object 'tests/nouveau/e47a46e@@threaded@exe/threaded.c.o'.
  FAILED: tests/nouveau/e47a46e@@threaded@exe/threaded.c.o
  ./tests/nouveau/threaded.c:24:10: fatal error: dlfcn.h: No such file or directory
  #include <dlfcn.h>

[1] http://autobuild.buildroot.net/results/3042637f54d2d232904ea009455cae82e159ea2e

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/jpeg-turbo: security bump to version 2.0.3
Peter Korsgaard [Sun, 24 Nov 2019 21:23:09 +0000 (22:23 +0100)]
package/jpeg-turbo: security bump to version 2.0.3

Fixes the following security vulnerabilities:

- CVE-2019-2201: In generate_jsimd_ycc_rgb_convert_neon of
  jsimd_arm64_neon.S, there is a possible out of bounds write due to a
  missing bounds check.  This could lead to remote code execution in an
  unprivileged process with no additional execution privileges needed.

For more details, see the upstream bugtracker:
https://github.com/libjpeg-turbo/libjpeg-turbo/issues/361

Additionally, it fixes a number of other issues.  From the release notes:

- Fixed a regression in the SIMD feature detection code, introduced by the
  AVX2 SIMD extensions (2.0 beta1[1]), that was known to cause an illegal
  instruction exception, in rare cases, on CPUs that lack support for CPUID
  leaf 07H (or on which the maximum CPUID leaf has been limited by way of a
  BIOS setting.)

- The 4:4:0 (h1v2) fancy (smooth) chroma upsampling algorithm in the
  decompressor now uses a similar bias pattern to that of the 4:2:2 (h2v1)
  fancy chroma upsampling algorithm, rounding up or down the upsampled
  result for alternate pixels rather than always rounding down.  This
  ensures that, regardless of whether a 4:2:2 JPEG image is rotated or
  transposed prior to decompression (in the frequency domain) or after
  decompression (in the spatial domain), the final image will be similar.

- Fixed a regression introduced by 2.0 beta1[15] whereby attempting to
  generate a progressive JPEG image on an SSE2-capable CPU using a scan
  script containing one or more scans with lengths divisible by 16 would
  result in an error ("Missing Huffman code table entry") and an invalid
  JPEG image.

- Fixed an issue whereby tjDecodeYUV() and tjDecodeYUVPlanes() would throw
  an error ("Invalid progressive parameters") or a warning ("Inconsistent
  progression sequence") if passed a TurboJPEG instance that was previously
  used to decompress a progressive JPEG image.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/bind: security bump to version 9.11.13
Peter Korsgaard [Sun, 24 Nov 2019 20:59:17 +0000 (21:59 +0100)]
package/bind: security bump to version 9.11.13

Fixes the following security vulnerabilities:

- CVE-2019-6477: TCP-pipelined queries can bypass tcp-clients limit

For details, see the release notes:
https://downloads.isc.org/isc/bind9/9.11.13/RELEASE-NOTES-bind-9.11.13.html

(9.11.11..12 were not released)

Upstream moved to a 2019-2020 signing key, so update comment in hash file.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/libnss: security bump to version 3.47.1
Giulio Benetti [Mon, 25 Nov 2019 10:50:40 +0000 (11:50 +0100)]
package/libnss: security bump to version 3.47.1

Fixes the following security issues:
CVE-2019-11745: EncryptUpdate should use maxout, not block size

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/libftdi1: fix license
Fabrice Fontaine [Sun, 24 Nov 2019 18:01:57 +0000 (19:01 +0100)]
package/libftdi1: fix license

The GPL only applies to the C++ bindings and eeprom utility, which are
conditionally enabled with BR2_PACKAGE_LIBFTDI1_LIBFTDIPP1 and
BR2_PACKAGE_LIBFTDI1_FDTI_EEPROM, respectively.

The COPYING.LIB is indeed the LGPL-2.0, but the source file for
libftdi1 states LGPL-2.1-only, see src/ftdi.c

The src/ftdi_stream.c also bears a notice of the MIT license, so the
library itself is under both LGPL-2.1-only and MIT.

Note: the COPYING.GPL license file may get added twice to the list, but
that is not a problem in practice: it is just copied twice.

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[yann.morin.1998@free.fr:
  - GPL-2.0 also applies to the ftdi_eeprom utility
  - s/ftdipp1/libftdipp1/
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
5 years agopackage/libftdi: remove unused license
Yann E. MORIN [Sun, 24 Nov 2019 21:12:57 +0000 (22:12 +0100)]
package/libftdi: remove unused license

Commit 9b0b15e90b (package/libftdi: add license) was too hastily fixed,
with confusion between libftdi and libftdi1. The MIT-licensed file is
not present in libftdi; it is only in libftdi1.

Remove the unused MIT license from the list.

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
5 years agopackage/systemd: fix license hash
Fabrice Fontaine [Sun, 24 Nov 2019 19:07:28 +0000 (20:07 +0100)]
package/systemd: fix license hash

Bump to 243.4 forgot to update hash of README file (update to the
requirements).

Fixes:
 - http://autobuild.buildroot.org/results/eae13046b90253cdb2bf260e10b316386dff4eb1

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[yann.morin.1998@free.fr: explain why README was changed]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
5 years agopackage/libftdi: add license
Fabrice Fontaine [Sun, 24 Nov 2019 10:08:46 +0000 (11:08 +0100)]
package/libftdi: add license

The COPYING.LIB license file contains the test of the LGPL-2.0, but the
source code itself explicitly refers to the GPL-2.1-only. Additionally,
parts of the library (src/ftdi_stream.c) are under the MIT license.

The C++ bindings are udner the GPL-2.0-only with an exception, which is
expressed in the LICENSE file.

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[yann.morin.1998@free.fr:
  - the library is under both GPL-2.1-only and MIT
  - the GPL-2.0-only only applies to the C++ bindings
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
5 years agopackage/gob2: add license
Fabrice Fontaine [Sun, 24 Nov 2019 09:10:51 +0000 (10:10 +0100)]
package/gob2: add license

gob2 itself is GPL-2.0+, but it is a code generator. The code generated
by gob2 id not covered by gob2's license, and this is made explicit in
an accompanying license file.

So we include both license files.

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[yann.morin.1998@free.fr:
  - add COPYING.generated-code
  - expand commit log accordingly
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
5 years agoUpdate for 2019.11-rc3
Peter Korsgaard [Sun, 24 Nov 2019 10:15:16 +0000 (11:15 +0100)]
Update for 2019.11-rc3

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/tftpd: add license
Fabrice Fontaine [Sat, 23 Nov 2019 23:05:28 +0000 (00:05 +0100)]
package/tftpd: add license

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
5 years agopackage/faifa: fix incorrect library symlink
Thomas Petazzoni [Mon, 18 Nov 2019 21:10:46 +0000 (22:10 +0100)]
package/faifa: fix incorrect library symlink

As spotted in
http://autobuild.buildroot.net/results/a61/a612cb7a85927d8cfe55c95c34d2901e7694fab0//diffoscope-results.txt,
faifa installs a library symlink with an incorrect target, which was
detected by the reproducible build logic, but is in fact wrong in any
case:

-lrwxrwxrwx   0        0        0        0 2019-11-07 19:38:04.000000 ./usr/lib/libfaifa.so -> /home/naourr/work/instance-3/output-1/target/usr/lib/libfaifa.so.0
+lrwxrwxrwx   0        0        0        0 2019-11-07 19:38:04.000000 ./usr/lib/libfaifa.so -> /home/naourr/work/instance-3/output-2/target/usr/lib/libfaifa.so.0

In practice, this is not a problem at runtime, as the .so symlink is
not used: the library soname is libfaifa.so.0. However, it still makes
sense to fix.

It is fixed by backporting an upstream commit. We considered bumping
to a newer version, but the latest version requires a new dependency
(libevent), so we preferred the backporting approach.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
5 years agopackage/systemd: bump to v243.4
Jérémy Rosen [Tue, 19 Nov 2019 20:23:35 +0000 (21:23 +0100)]
package/systemd: bump to v243.4

Upstream systemd-stable has started tagging point releses.

The commit we currently used has now been tagged as v243.3, and this
brings us to v243.4.

Signed-off-by: Jérémy Rosen <jeremy.rosen@smile.fr>
[yann.morin.1998@free.fr:
  - expand commit log to explain previous version
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
5 years agopackage/redis: bump to version 5.0.7
Titouan Christophe [Sat, 23 Nov 2019 20:01:42 +0000 (21:01 +0100)]
package/redis: bump to version 5.0.7

Changes announced upstream:

Upgrade urgency HIGH: many issues fixed, some may have an impact.
Redis 5.0.7 fixes a number of bugs, none is very critical, however
there are a few that may have an impact. It's a good idea to upgrade.
There are fixes in the area of replication from modules commands and
callbacks, AOF fsync (non critical issue), memory leaks (very rare and small),
streams beahvior (non critical), and a potential crash in commands
processing multiple keys at the same time that is there for years, and happens
very rarely, but is not impossible to trigger.

Signed-off-by: Titouan Christophe <titouan.christophe@railnova.eu>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/asterisk: security bump to version 16.6.2
Peter Korsgaard [Fri, 22 Nov 2019 22:55:31 +0000 (23:55 +0100)]
package/asterisk: security bump to version 16.6.2

Fixes the following security vulnerabilities:

AST-2019-006: SIP request can change address of a SIP peer.
A SIP request can be sent to Asterisk that can change a SIP peer’s IP
address.  A REGISTER does not need to occur, and calls can be hijacked as a
result.  The only thing that needs to be known is the peer’s name;
authentication details such as passwords do not need to be known.  This
vulnerability is only exploitable when the “nat” option is set to the
default, or “auto_force_rport”.

https://downloads.asterisk.org/pub/security/AST-2019-006.pdf

AST-2019-007: AMI user could execute system commands.
A remote authenticated Asterisk Manager Interface (AMI) user without
“system” authorization could use a specially crafted “Originate” AMI request
to execute arbitrary system commands.

https://downloads.asterisk.org/pub/security/AST-2019-007.pdf

AST-2019-008: Re-invite with T.38 and malformed SDP causes crash.
If Asterisk receives a re-invite initiating T.38 faxing and has a port of 0
and no c line in the SDP, a crash will occur.

https://downloads.asterisk.org/pub/security/AST-2019-008.pdf

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
5 years agopackage/zip: add license hash
Adam Duskett [Sat, 23 Nov 2019 17:46:55 +0000 (09:46 -0800)]
package/zip: add license hash

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
5 years agopackage/perl: add license hash
Adam Duskett [Sat, 23 Nov 2019 17:46:54 +0000 (09:46 -0800)]
package/perl: add license hash

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
5 years agopackage/spice: security bump to version 0.14.2
Fabrice Fontaine [Sun, 17 Nov 2019 16:44:52 +0000 (17:44 +0100)]
package/spice: security bump to version 0.14.2

- Fix CVE-2019-3813: fix off-by-one error in group/slot boundary check
- Add license hash

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/spice-protocol: bump to version 0.14.0
Fabrice Fontaine [Sun, 17 Nov 2019 16:44:51 +0000 (17:44 +0100)]
package/spice-protocol: bump to version 0.14.0

- This bump is needed for spice 0.14.2
- Add license hash

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/php: bump version to 7.3.12
Bernd Kuhls [Thu, 21 Nov 2019 21:37:33 +0000 (22:37 +0100)]
package/php: bump version to 7.3.12

Release notes of this bugfix release:
https://www.php.net/ChangeLog-7.php#7.3.12

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/webkitgtk: security bump to version 2.26.2
Adrian Perez de Castro [Fri, 22 Nov 2019 18:00:13 +0000 (20:00 +0200)]
package/webkitgtk: security bump to version 2.26.2

This is a minor release which includes fixes for CVE-2019-8812 and
CVE-2019-8814.

This release also fixes the build with WebDriver disabled and without
X11, so "0001-GTK-ANGLE-s-eglplatform.h-is-build-broken-with-DENAB.patch"
and "0002-WPE-GTK-Build-fails-with-ENABLE_WEBDRIVER-OFF.patch" are not
needed anymore (and therefore removed). There is also a performance
improvement for a regression related to fallback font selection, and a
couple of small fixes. The full release notes are available at:

  https://webkitgtk.org/2019/11/06/webkitgtk2.26.2-released.html

The detailed security advisory can be found at:

  https://webkitgtk.org/security/WSA-2019-0006.html

Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/linux-serial-test: bump version
Yegor Yefremov [Wed, 20 Nov 2019 10:36:55 +0000 (11:36 +0100)]
package/linux-serial-test: bump version

This update fixes both the below mentioned build error when handling
undefined baud rates, and makes the patch for MIPS obsolete.

No other changes will be introduced with this update.

Fixes:
http://autobuild.buildroot.net/results/ef77cbe220619050eb9d46c78ae79a94eea8aa8b

Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
5 years agopackage/waylandpp: fix build with cmake < 3.13
Fabrice Fontaine [Fri, 22 Nov 2019 18:09:57 +0000 (19:09 +0100)]
package/waylandpp: fix build with cmake < 3.13

Fixes:
 - http://autobuild.buildroot.org/results/587fb44ea2272bd134262716870f5ad36a18661d

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
5 years agopackage/postgresql: bump version to 12.1
Bernd Kuhls [Fri, 15 Nov 2019 18:08:31 +0000 (19:08 +0100)]
package/postgresql: bump version to 12.1

Release notes of the bugfix release:
https://www.postgresql.org/about/news/1994/
https://www.postgresql.org/docs/current/release-12-1.html

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 7a709f77c8099af97ed532ff4bd8c0cfdc26df09)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/kvm-unit-tests: really fix build on Arch Linux x86_64
Arnout Vandecappelle (Essensium/Mind) [Sun, 17 Nov 2019 18:41:14 +0000 (19:41 +0100)]
package/kvm-unit-tests: really fix build on Arch Linux x86_64

On x86_64, we use the host compiler instead of the target compiler to
build kvm-unit-tests, because it is built with -m32 and our target
compiler doesn't support that.

However, the compiler on Arch Linux is broken: it *always* builds with
-fstack-protector, even when -ffreestanding is passed. However, when
-fnostdlib is passed at link time (which is normally the case when
building with -ffreestanding), it is not linked with the stack-protector
library. This leads to a link time error:

/usr/bin/ld: x86/realmode.o: in function `print_serial_u32':
.../x86/realmode.c:104: undefined reference to `__stack_chk_fail'

Since the entire package is built with -ffreestanding, it doesn't
support stack-protector at all. Therefore, simply pass
-fno-stack-protector explicitly on x86_64 to work around the bug in Arch
Linux.

Commit c0ffd16e4 tried to do this, but got the condition wrong:
-fno-stack-protector was passed in all cases *except* for x86_64. This
commit fixes that, by inverting the condition and moving the
--cross-prefix part to the else branch.

Fixes:
http://autobuild.buildroot.net/results/ca9576721214ecdce5622f2b7ec4fd4fc3699ac0/

Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Cc: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Cc: Matthew Weber <matthew.weber@rockwellcollins.com>
Reviewed-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Tested-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years ago{linux, linux-headers}: bump 4.{4, 9, 14, 19}.x / 5.3.x series
Bernd Kuhls [Fri, 22 Nov 2019 05:29:08 +0000 (06:29 +0100)]
{linux, linux-headers}: bump 4.{4, 9, 14, 19}.x / 5.3.x series

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/{mesa3d, mesa3d-headers}: bump version to 19.2.6
Bernd Kuhls [Fri, 22 Nov 2019 05:25:36 +0000 (06:25 +0100)]
package/{mesa3d, mesa3d-headers}: bump version to 19.2.6

Release notes of this bugfix release:
https://lists.freedesktop.org/archives/mesa-announce/2019-November/000559.html

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/libupnp18: bump to version 1.8.6
Jörg Krause [Thu, 21 Nov 2019 07:52:10 +0000 (08:52 +0100)]
package/libupnp18: bump to version 1.8.6

This version fixes a runtime issue which crashes gerbera:
https://github.com/gerbera/gerbera/issues/522

The issue has been reported upstream:
https://github.com/mrjimenez/pupnp/pull/122

The fix for this issue is the only "useful" commit between 1.8.5 and
1.8.6:

$ git --no-pager log --format=oneline release-1.8.5..release-1.8.6
71a47673795e9228775959ea23a984ff6c4d0a43 (tag: release-1.8.6) Adjust the library numbers for release
436aae7b617a4cd7bc1e1411d6882780699eb2ee Put the 1.8.6 release on README.md
90069231d83d2f365b76e2b15d918dfb06209970 Update README.md
7d6158d2c88245f2da4354a8bd0bc359eb15fac6 Update Changelog and THANKS
463f1cc025b27af35b0b73a05ba379d0051bcedf Fix format string for ExtraHeaders
8516da470bf32fa1f5c6f59aac3508378d5a85be Homekeeping for the next release

Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/rpcbind: add systemd as a build-time dependency
Matt Weber [Wed, 20 Nov 2019 15:00:15 +0000 (09:00 -0600)]
package/rpcbind: add systemd as a build-time dependency

When systemd support is enabled, systemd should be built before,
otherwise the build fails with:

checking for SYSTEMD... no
configure: error: libsystemd support requested but found
package/pkg-generic.mk:228: recipe for target

Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/ltp-testsuite: Rename older patches
Petr Vorel [Wed, 20 Nov 2019 17:14:01 +0000 (18:14 +0100)]
package/ltp-testsuite: Rename older patches

* add upstream commit hash
* renumber patches

Signed-off-by: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/ltp-testsuite: backport 3 more musl related patches
Petr Vorel [Wed, 20 Nov 2019 17:14:00 +0000 (18:14 +0100)]
package/ltp-testsuite: backport 3 more musl related patches

0009-nfsv4-acl-Remove-unneeded-malloc-sizeof-FILE.patch is fixing
following reports (other 2 has not been reported due previous)

Fixes:
http://autobuild.buildroot.net/results/a38a5d8deaa365f73db427911df68dd10c6930a6
http://autobuild.buildroot.net/results/dfa173caea08876ab69dd959da146b75750cdd28
http://autobuild.buildroot.net/results/1e602f1574e9134a44d5d66838e7851b38e8069a
http://autobuild.buildroot.net/results/f1b4b129ec94795b2144b4501b4301fb20892e71

Signed-off-by: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/clamav: security bump version to 0.102.1
Bernd Kuhls [Wed, 20 Nov 2019 19:36:16 +0000 (20:36 +0100)]
package/clamav: security bump version to 0.102.1

Release notes:
https://lists.clamav.net/pipermail/clamav-announce/2019/000043.html

Fixes CVE-2019-15961.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/{mesa3d, mesa3d-headers}: bump version to 19.2.5
Bernd Kuhls [Wed, 20 Nov 2019 19:47:07 +0000 (20:47 +0100)]
package/{mesa3d, mesa3d-headers}: bump version to 19.2.5

Release notes of this bugfix release:
https://lists.freedesktop.org/archives/mesa-announce/2019-November/000557.html

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/spice: disable tests
Fabrice Fontaine [Sun, 17 Nov 2019 16:44:49 +0000 (17:44 +0100)]
package/spice: disable tests

By disabling tests, we'll remove the optional gdk-pixbuf dependency

Fixes:
 - http://autobuild.buildroot.org/results/96c786f85d35f33508e9c71778043d16b87f72cd

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/lxc: fix build without SSP
Fabrice Fontaine [Mon, 11 Nov 2019 22:06:58 +0000 (23:06 +0100)]
package/lxc: fix build without SSP

Fixes:
 - http://autobuild.buildroot.org/results/57945f54ffbc5c8764b6891a4516c4907e56ab97

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/qemu: add host-python3 as an explicit dependency
Avi Shukron [Sat, 16 Nov 2019 13:49:38 +0000 (15:49 +0200)]
package/qemu: add host-python3 as an explicit dependency

qemu requires python in its configre script. Yet host-python was
not listed as one of the package's dependencies. If no other package
requested host-python, then configuring this package will fail since
it won't find any executable named python in the host dir.

In order to reproduce this issue you must not have python2 installed
on your host machine.

Signed-off-by: Avi Shukron <avraham.shukron@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/rauc: add systemd service file hook
Bartosz Bilas [Thu, 14 Nov 2019 10:59:47 +0000 (11:59 +0100)]
package/rauc: add systemd service file hook

Signed-off-by: Bartosz Bilas <b.bilas@grinn-global.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/kmod: fix build with python 3.8
Fabrice Fontaine [Sat, 16 Nov 2019 17:07:09 +0000 (18:07 +0100)]
package/kmod: fix build with python 3.8

Add a patch to filter -Wl,--no-undefined as -Wl,-z,undefs was only
added in binutils 2.30, and therefore is not available in some older
toolchains, causing build failures such as:

/home/naourr/work/instance-1/output-1/host/opt/ext-toolchain/bin/../lib/gcc/aarch64_be-linux-gnu/7.3.1/../../../../aarch64_be-linux-gnu/bin/ld: warning: -z undefs ignored.

Fixes:
 - http://autobuild.buildroot.org/results/06a6d865b6b7d8ebd793bde214f4a4c40e0962e1

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[Thomas: improve commit log]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/domoticz: fix build with jsoncpp
Fabrice Fontaine [Mon, 18 Nov 2019 20:24:52 +0000 (21:24 +0100)]
package/domoticz: fix build with jsoncpp

domoticz embeds its own version of jsoncpp that can clash with upstream
jsoncpp so retrieve upstream commit that fix this issue

Build failures started after jsoncpp bumps from 1.8.4 to 1.9.1

Fixes:
 - http://autobuild.buildroot.org/results/a73406eb780a454369ea997654b6b4c6b3757a41

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/lsof: fix static build
Fabrice Fontaine [Sun, 17 Nov 2019 13:26:36 +0000 (14:26 +0100)]
package/lsof: fix static build

TARGET_LDFLAGS which contains -static is not passed so build fails on:

/home/buildroot/autobuild/instance-1/output-1/host/bin/xtensa-buildroot-linux-uclibc-gcc -o lsof dfile.o dmnt.o dnode.o dproc.o dsock.o dstore.o arg.o main.o misc.o node.o print.o proc.o store.o usage.o util.o -L./lib -llsof  -ltirpc
/home/buildroot/autobuild/instance-1/output-1/host/lib/gcc/xtensa-buildroot-linux-uclibc/8.3.0/../../../../xtensa-buildroot-linux-uclibc/bin/ld: /home/buildroot/autobuild/instance-1/output-1/host/lib/gcc/xtensa-buildroot-linux-uclibc/8.3.0/libgcc.a(unwind-dw2-fde-dip.o): in function `_Unwind_Find_registered_FDE':
/home/buildroot/autobuild/instance-1/output-1/build/host-gcc-final-8.3.0/build/xtensa-buildroot-linux-uclibc/libgcc/../../../libgcc/unwind-dw2-fde.c:1040: undefined reference to `dl_iterate_phdr'
collect2: error: ld returned 1 exit status

Pass TARGET_LDFLAGS thanks to LSOF_CFGL

Fixes:
 - http://autobuild.buildroot.org/results/0c228e0d3ea1ff2d728ddc906e242d40ed973222

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/gerbera: bump to version 1.3.4
Fabrice Fontaine [Sun, 17 Nov 2019 18:07:53 +0000 (19:07 +0100)]
package/gerbera: bump to version 1.3.4

Fix build with libupnp18 1.8.5 through
https://github.com/gerbera/gerbera/commit/1476d7a90673a870091044fcc0307f5bcaeb24be

Fixes:
 - http://autobuild.buildroot.org/results/e77839fad16caa5798cacb36a5a48b3dbb822ea6

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/redis: bump to 5.0.6
Titouan Christophe [Mon, 18 Nov 2019 15:22:16 +0000 (16:22 +0100)]
package/redis: bump to 5.0.6

The release notes at
https://raw.githubusercontent.com/antirez/redis/5.0/00-RELEASENOTES
say:

==
Upgrade urgency CRITICAL: Only in case of exposed instances to untrusted users.

This Redis release, 5.0.6, is a bugfix and enhancement release. The most
important bugfix is a corruption related to the HyperLogLog. A malformed
HyperLogLog string could cause an invalid access to the memory. At a first
glance the vulnerability appears to be not exploitable but just a DoS. The
way to trigger the issue is complex, we'll not provide any information about
how to do that for the users safety.
==

Signed-off-by: Titouan Christophe <titouan.christophe@railnova.eu>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agodocs/manual/quickstart: update output directory contents documentation
Michael Drake [Mon, 18 Nov 2019 16:42:17 +0000 (16:42 +0000)]
docs/manual/quickstart: update output directory contents documentation

Update the documentation for the output/host/ directory to mention
that it contains the sysroot for the target toolchain, as well as the
host tools required for running buildroot.

Update the staging/ documentation to reflect that it is a link to the
target toolchain sysroot in the host/ directory.

Signed-off-by: Michael Drake <michael.drake@codethink.co.uk>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agoUpdate for 2019.11-rc2
Peter Korsgaard [Sat, 16 Nov 2019 22:02:26 +0000 (23:02 +0100)]
Update for 2019.11-rc2

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/ltp-testsuite: proper fix for missing __kernel_fsid_t
Petr Vorel [Sat, 16 Nov 2019 00:36:38 +0000 (01:36 +0100)]
package/ltp-testsuite: proper fix for missing __kernel_fsid_t

Backported 4 fixes from upstream (2 of them require calling autoreconf).

Fixes: http://autobuild.buildroot.net/results/7a29e3b767e3d23dd64c130daa735ca6c062baf8
Signed-off-by: Petr Vorel <petr.vorel@gmail.com>
[yann.morin.1998@free.fr: add upstream patchwork URL for patch 7]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
5 years agoboard/beaglebone: fix boot on BeagleBone Black
Carlos Santos [Sat, 9 Nov 2019 15:22:54 +0000 (12:22 -0300)]
board/beaglebone: fix boot on BeagleBone Black

Commit 68b5b79b2f has set the getty port to the default console but left
"ttyO0" in bootargs, in the U-Boot environment. Use "ttyS0", instead.

Also set loadaddr to 0x82000000 and fdtaddr to 0x88000000, replacing the
values that were valid for the ancient U-Boot and Linux pre-installed on
old boards but cause boot hangs with the current versions.

Signed-off-by: Carlos Santos <unixmania@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agoDEVELOPERS: add Carlo Caione for jailhouse
Thomas Petazzoni [Sun, 10 Nov 2019 13:29:11 +0000 (14:29 +0100)]
DEVELOPERS: add Carlo Caione for jailhouse

The jailhouse package was added in commit
ee4990721c14c624c99295598fde29e395647fb9 by Carlo Caione, but no entry
in the DEVELOPERS file was added. Let's fix this to ensure we have a
registered maintainer for the Jailhouse package.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Carlo Caione <ccaione@baylibre.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/wpewebkit: security bump to version 2.26.2
Adrian Perez de Castro [Sun, 10 Nov 2019 16:25:03 +0000 (18:25 +0200)]
package/wpewebkit: security bump to version 2.26.2

This is a minor release which includes fixes for CVE-2019-8812 and
CVE-2019-8814.

This release also fixes the build with WebDriver disabled, making patch
"0002-WPE-GTK-Build-fails-with-ENABLE_WEBDRIVER-OFF.patch" unneeded
(and therefore removed). There is also a performance improvement for
a regression related to fallback font selection, and a couple of small
fixes. The full release notes are available at:

  https://wpewebkit.org/release/wpewebkit-2.26.2.html

The detailed security advisory can be found at:

  https://wpewebkit.org/security/WSA-2019-0006.html

Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/dhcp: fix autoreconf for libtool-enabled build
Bernd Kuhls [Mon, 11 Nov 2019 03:31:06 +0000 (04:31 +0100)]
package/dhcp: fix autoreconf for libtool-enabled build

Upstream provides two configure.ac versions, the default one does not
use libtool. For libtool-enabled builds the default configure.ac calls
https://gitlab.isc.org/isc-projects/dhcp/blob/master/configure.ac#L873
https://gitlab.isc.org/isc-projects/dhcp/blob/master/config+lt

which copies configure.ac+lt to configure.ac and starts autoreconf.

On host systems lacking autoreconf this causes a build error:

configure: WARNING: legacy configure is used but libtool is enabled. Trying to recover...
/home/buildroot/autobuild/instance-2/output-1/build/dhcp-4.4.1/config+lt: 20:
 /home/buildroot/autobuild/instance-2/output-1/build/dhcp-4.4.1/config+lt: autoreconf: not found
autoreconf failed

Fixes:
http://autobuild.buildroot.net/results/16f/16f800dd844572336c2fbba3d123604405382a84/
http://autobuild.buildroot.net/results/eac/eac1e7b25128476eccf40aece612e13a1e0637dc/
http://autobuild.buildroot.net/results/8fc/8fcfe7b40af3ae42549351c70466b4dd388820e3/
http://autobuild.buildroot.net/results/7ff/7ff82708b9dea09f1447f0ef94b9bb21fca73196/
http://autobuild.buildroot.net/results/1c5/1c5f401ce7eef13f5ca4603ca8d7c67da249d7c9/

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/ltp-testsuite: fix static build with lts-musl
Fabrice Fontaine [Fri, 15 Nov 2019 21:56:36 +0000 (22:56 +0100)]
package/ltp-testsuite: fix static build with lts-musl

Fixes:
 - http://autobuild.buildroot.org/results/a43def025d44344a4a690b52a52b3959e20b5d26

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Reviewed-by: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/x11r7/xserver_xorg-server: fix arm glibc-2.30 compile
Thomas Preston [Wed, 13 Nov 2019 10:34:17 +0000 (10:34 +0000)]
package/x11r7/xserver_xorg-server: fix arm glibc-2.30 compile

Fixes:

  In file included from lnx_init.c:33:
  ../../../../hw/xfree86/common/compiler.h:767:10: fatal error: sys/io.h: No such file or directory
   #include <sys/io.h>
          ^~~~~~~~~~
  compilation terminated.

The ARM sys/io.h has been removed from upstream glibc, which is in
buildroot. This causes the xorg-server build to fail on ARM when using
the glibc toolchain. See [1], [2].

The following patches ([3], [4]) from upstream xserver fix this, but
have not yet been released.

[1] https://sourceware.org/glibc/wiki/Release/2.30#A.3Csys.2BAC8-io.h.3E_removed_on_32-bit_Arm
[2] https://gitlab.freedesktop.org/xorg/xserver/issues/840
[3] https://gitlab.freedesktop.org/xorg/xserver/commit/6a2ce6c5da9456b97683db6224f38ef3b02cce4b
[4] https://gitlab.freedesktop.org/xorg/xserver/commit/fe4cd0e7f5c58fa94db36326aadc1bd4e6d73eba

Signed-off-by: Thomas Preston <thomas.preston@codethink.co.uk>
Reviewed-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/kodi: share the download dir with helper programs
Yann E. MORIN [Wed, 13 Nov 2019 20:44:12 +0000 (21:44 +0100)]
package/kodi: share the download dir with helper programs

The two helper programs TesturePackager and JsonSchemaBuilder are built
out of the same source tree as Kodi, so to avoid downloading the same
archive three times, let's them share the same download directory.

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/kodi: add missing host-gettext dependency
Yann E. MORIN [Thu, 14 Nov 2019 19:22:10 +0000 (20:22 +0100)]
package/kodi: add missing host-gettext dependency

A sub-component of Kodi (cpluff) needs to be autoreconf-ed, and uses
gettext, so calls to autopoint:

    [  2%] Performing autoreconf step for 'libcpluff'
    autoreconf: Entering directory `.'
    autoreconf: running: autopoint --force
    Can't exec "autopoint": No such file or directory at [...]/host/share/autoconf/Auto4te/FileUtils.pm line 345.
    autoreconf: failed to run autopoint: No such file or directory
    autoreconf: autopoint is needed because this package uses Gettext
    make[4]: *** [CMakeFiles/libcpluff.dir/build.make:121: build/cpluff/src/libcpluff-stamp/libcpluff-autoreconf] Error 1
    make[3]: *** [CMakeFiles/Makefile2:615: CMakeFiles/libcpluff.dir/all] Error 2

Add a dependency to host-gettext to bring an appropriate variant that
provides autotpoint (gettext-tiny's autopoint works like a charm, for
the curious).

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Bernd Kuhls <bernd.kuhls@t-online.de>
Cc: Maxime Hadjinlian <maxime.hadjinlian@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/gettext-tiny: fix gettext wrapper
Yann E. MORIN [Thu, 14 Nov 2019 19:22:09 +0000 (20:22 +0100)]
package/gettext-tiny: fix gettext wrapper

When a textdomain is specified, we ignore it twice: we shift args, and
we printf ${2}, which would yield an empty printf.

Fix that by not shifting, and just printf ${2}; this is nicer.

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Vadim Kochan <vadim4j@gmail.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/gettext-tiny: fix prefix in autopoint
Yann E. MORIN [Thu, 14 Nov 2019 19:22:08 +0000 (20:22 +0100)]
package/gettext-tiny: fix prefix in autopoint

gettext-tiny also installs a fake autopoint, but it still needs to be
pointed at the m4 macros, which the template autopoint expects to be in
@datadir@, where datadir is the traditional autotools datadir, derived
from datarootdir, itself derived from prefix.

So, pass prefix so all the locations are properly pointing to HOST_DIR,
instead of the default /usr/local.

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Vadim Kochan <vadim4j@gmail.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/libsigrokdecode: fix build with python 3.8
Fabrice Fontaine [Fri, 15 Nov 2019 19:47:28 +0000 (20:47 +0100)]
package/libsigrokdecode: fix build with python 3.8

This will fix build with sigrok-cli and python 3.8

Fixes:
 - http://autobuild.buildroot.org/results/4855d42545cbfeeec7529410acc84b61bc8790af

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/neardal: unconditionally use libedit
Peter Korsgaard [Thu, 14 Nov 2019 21:20:12 +0000 (22:20 +0100)]
package/neardal: unconditionally use libedit

neardal is licensed under LGPL-2.0, which is (most likely) not license
compatible with readline (GPL-3.0+), so always use the libedit backend.

The choice is done by ./configure, which first checks for libedit, and
uses readline only as a fallback. Since we do build libedit before
neardal, that's what is going to be picked up.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
[yann.morin.1998@free.fr:
  - add blurb about preference in ./configure
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
5 years agopackage/neardal: license is LGPL-2.0, not GPL-2.0
Peter Korsgaard [Thu, 14 Nov 2019 21:20:11 +0000 (22:20 +0100)]
package/neardal: license is LGPL-2.0, not GPL-2.0

COPYING states LGPL-2.0, not GPL-2.0:

                  GNU LIBRARY GENERAL PUBLIC LICENSE
                       Version 2, June 1991

So use that for the license tag.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
5 years ago{linux, linux-headers}: bump 4.{4, 9, 14, 19}.x / 5.3.x series
Bernd Kuhls [Thu, 14 Nov 2019 17:58:35 +0000 (18:58 +0100)]
{linux, linux-headers}: bump 4.{4, 9, 14, 19}.x / 5.3.x series

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/{mesa3d, mesa3d-headers}: bump version to 19.2.4
Bernd Kuhls [Thu, 14 Nov 2019 17:54:24 +0000 (18:54 +0100)]
package/{mesa3d, mesa3d-headers}: bump version to 19.2.4

Quoting
https://lists.freedesktop.org/archives/mesa-announce/2019-November/000555.html
"This is an emergency release, to fix a critical bug found in the
 19.2.3 release which causes incomplete rendering on all mesa drivers."

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/kodi: drop readline dependency
Peter Korsgaard [Wed, 13 Nov 2019 15:17:18 +0000 (16:17 +0100)]
package/kodi: drop readline dependency

{python-,}readline is (no longer) a required dependency of kodi, and
readline (GPL-3.0+) is not license compatible with kodi (GPL-2.0), so drop
the dependency.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
5 years agotoolchain/helpers: make sure we bail out when kernel headers check fails
Thomas Petazzoni [Tue, 12 Nov 2019 20:21:17 +0000 (21:21 +0100)]
toolchain/helpers: make sure we bail out when kernel headers check fails

In commit 6136765b23abd9faba610dd54ed276a777811575 ("toolchain:
generate check-headers program under $(BUILD_DIR)"), the
check_kernel_headers_version function was simplified to not check the
return value of the check-kernel-headers.sh script, assuming that
"make" does bail out on the first failing command.

However, check_kernel_headers_version when used in $(2)_CONFIGURE_CMDS
from pkg-toolchain-external.mk, is called in a sequence of commands,
where the return value of each command is not checked. Therefore, a
failure of check-kernel-headers.sh no longer aborts the build.

Since all other macros are using this principle of calling "exit 1",
we revert back to the same for check_kernel_headers_version, as it was
done prior to 6136765b23abd9faba610dd54ed276a777811575.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Carlos Santos <unixmania@gmail.com>
Reviewed-by: Carlos Santos <unixmania@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
5 years agopackage/ndisc6: needs c11
Fabrice Fontaine [Wed, 13 Nov 2019 19:05:32 +0000 (20:05 +0100)]
package/ndisc6: needs c11

ndisc needs c11 because of alignas since version 1.0.4 and
https://git.remlab.net/gitweb/?p=ndisc6.git;a=commit;h=d917e5172531dd72e896b317c07f64274e8024a1
https://git.remlab.net/gitweb/?p=ndisc6.git;a=commit;h=77a2efc350fdd52b76b1a4c874ec4029e722048b

So replace -std=gnu99 by -std=c11 and add a dependency on gcc 4.7

This will fix build with gcc 8

Fixes:
 - http://autobuild.buildroot.org/results/1cab1e5f7c4250a153fd1ab758f818078833972f

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
5 years agopackage/oracle-mysql: use bundled GPL-2.0+ libreadline
Peter Korsgaard [Wed, 13 Nov 2019 15:17:23 +0000 (16:17 +0100)]
package/oracle-mysql: use bundled GPL-2.0+ libreadline

oracle-mysql is licensed under GPL-2.0, which is not license compatible with
modern readline (GPL-3.0+), so instead use the bundled older version
(GPL-2.0+ licensed) of readline instead.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
5 years agopackage/socat: drop optional readline dependency
Peter Korsgaard [Wed, 13 Nov 2019 15:17:24 +0000 (16:17 +0100)]
package/socat: drop optional readline dependency

socat is licensed under GPL-2.0, which is not license compatible with
readline (GPL-3.0+), so drop the optional dependency and add a comment
explaining why.

This also matches how socat is packaged in Debian, where the man page has
the following snippet added:

READLINE

  Uses GNU readline and history on stdio to allow editing and reusing input lines (example).
  Due to licensing restrictions the readline feature is disabled in Debian.  See BUGS.
  You can use STDIO instead.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Reviewed-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
5 years agopackage/mariadb: use bundled GPL-2.0+ libreadline
Peter Korsgaard [Wed, 13 Nov 2019 15:17:21 +0000 (16:17 +0100)]
package/mariadb: use bundled GPL-2.0+ libreadline

mariadb is licensed under GPL-2.0, which is not license compatible with
modern readline (GPL-3.0+), so instead use the bundled older version
(GPL-2.0+ licensed) of readline instead.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
5 years agopackage/lvm2: drop optional readline dependency
Peter Korsgaard [Wed, 13 Nov 2019 15:17:20 +0000 (16:17 +0100)]
package/lvm2: drop optional readline dependency

lvm2 is licensed under GPL-2.0, which is not license compatible with
readline (GPL-3.0+), so drop the optional dependency and add a comment
explaining why.

Notice: The readline support is only used when the raw lvm tool is called
without arguments.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
5 years agopackage/kodi: add hash for license file
Peter Korsgaard [Wed, 13 Nov 2019 15:17:19 +0000 (16:17 +0100)]
package/kodi: add hash for license file

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
5 years agopackage/ipsec-tools: add license information
Peter Korsgaard [Wed, 13 Nov 2019 15:17:17 +0000 (16:17 +0100)]
package/ipsec-tools: add license information

The tarball unfortunately does not include a dedicated license file, so
instead use the main source file for the setkey command.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
5 years agopackage/chrony: use libedit for command line editing
Peter Korsgaard [Wed, 13 Nov 2019 15:17:14 +0000 (16:17 +0100)]
package/chrony: use libedit for command line editing

chrony is licensed under GPL-2.0, which is not license compatible with
readline (GPL-3.0+), so remove the optional readline handling and replace
with libedit instead.

While we are at it, also explicitly disable the libedit backend when not
available.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
5 years agopackage/dropwatch: license is GPL-2.0+
Peter Korsgaard [Wed, 13 Nov 2019 15:17:16 +0000 (16:17 +0100)]
package/dropwatch: license is GPL-2.0+

Dropwatch links with readline, which is GPL-3.0+, so not compatible with
GPL-2.0.  When asked about this, upstream has clarified that the license
really is GPL-2.0+:

https://github.com/nhorman/dropwatch/issues/14

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
[yann.morin.1998@free.fr: add a coomet as suggested by Baruc]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Baruch Siach <baruch@tkos.co.il>
5 years agopackage/connman: clarify license of client code
Peter Korsgaard [Wed, 13 Nov 2019 15:17:15 +0000 (16:17 +0100)]
package/connman: clarify license of client code

While the core connman code is licensed under GPL-2.0, the client code is
GPL-2.0+ for compatibility with readline (which is GPL-3.0+).

Extend the _LICENSE with this info to clarify that linking against
readline is OK licensing wise.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
5 years agopackage/intel-microcode: security bump to version 20191112
Peter Korsgaard [Wed, 13 Nov 2019 16:18:49 +0000 (17:18 +0100)]
package/intel-microcode: security bump to version 20191112

Contains mitigations for the following security vulnerabilities:

- CVE-2019-11135: Intel TSX Asynchronous Abort vulnerability:
  https://software.intel.com/security-software-guidance/insights/deep-dive-intel-transactional-synchronization-extensions-intel-tsx-asynchronous-abort

- CVE-2019-11139: Intel Xeon Scalable Processors Voltage Setting Modulation
  vulnerability:
  https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00271.html

Release notes:
https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20191112

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
5 years agopackage/ninja: invoke python3 explicitly to configure the package
Avi Shukron [Mon, 11 Nov 2019 21:31:45 +0000 (23:31 +0200)]
package/ninja: invoke python3 explicitly to configure the package

ninja depends on python3 specifically, but the configure.py file
simply uses "env python". Where no python is selected for the target
you simply won't get a python symlink in $(HOST_DIR)/usr/bin, so the
configure.py script fails to run since it can't find "python".

Notice that in order to reproduce the issue, you must not have
python2 installed on your host machine.

Signed-off-by: Avi Shukron <avraham.shukron@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/qt5wayland: fix installation with Qt 5.6
Carlos Santos [Sun, 10 Nov 2019 23:49:16 +0000 (20:49 -0300)]
package/qt5wayland: fix installation with Qt 5.6

Install QtWayland only if the latest Qt version is selected. It does not
exist in version 5.6.

Signed-off-by: Carlos Santos <unixmania@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/systemd: hybrid cgroupfs hierarchy for docker compatibility
Christian Stewart [Mon, 11 Nov 2019 08:33:48 +0000 (00:33 -0800)]
package/systemd: hybrid cgroupfs hierarchy for docker compatibility

Docker fails to start with "Devices cgroup isn't mounted" as of systemd 243.
According to the systemd documentation:

  systemd now defaults to the "unified" cgroup hierarchy setup during
  build-time, i.e. -Ddefault-hierarchy=unified is now the build-time default.
  Previously, -Ddefault-hierarchy=hybrid was the default. [...] Downstream
  production distributions might want to continue to use
  -Ddefault-hierarchy=hybrid (or even =legacy) for their builds as unfortunately
  the popular container managers have not caught up with the kernel API changes.

Changing this option to "hybrid" or "legacy" fixes the Docker startup.

Reference: https://github.com/opencontainers/runc/issues/654

Signed-off-by: Christian Stewart <christian@paral.in>
Tested-by: Jérémy Rosen <jeremy.rosen@smile.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/libsvgtiny: disable parallel build
Fabrice Fontaine [Mon, 11 Nov 2019 09:25:08 +0000 (10:25 +0100)]
package/libsvgtiny: disable parallel build

Build can sometimes fails on:

src/svgtiny.c:21:10: fatal error: autogenerated_colors.c: No such file or directory
 #include "autogenerated_colors.c"
          ^~~~~~~~~~~~~~~~~~~~~~~~

because svgtiny.c does not properly depends on autogenerated_colors.c
that is built by gperf. So, just disable parallel build instead of
trying to fix this issue especially because libsvgtiny uses the netsurf
buildsystem

Fixes:
 - http://autobuild.buildroot.org/results/48e7a7f7c72634d59cca817778d31661bfe8e72f

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/libmbim: bump to version 1.20.2
Aleksander Morgado [Mon, 11 Nov 2019 09:20:19 +0000 (10:20 +0100)]
package/libmbim: bump to version 1.20.2

Just some bugfixes, including an important one to fix long indication
messages that are split into multiple fragments.

Signed-off-by: Aleksander Morgado <aleksander@aleksander.es>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agodocs/website: update for 2019.02.7
Peter Korsgaard [Mon, 11 Nov 2019 08:04:56 +0000 (09:04 +0100)]
docs/website: update for 2019.02.7

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agoUpdate for 2019.02.7
Peter Korsgaard [Sun, 10 Nov 2019 21:40:03 +0000 (22:40 +0100)]
Update for 2019.02.7

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 83c2e5f6e3b0a27a171cad6de2b2e8b04dd8c517)
[Peter: drop Makefile changes]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agoConfig.in.legacy: fix small typo
Fabrice Fontaine [Sun, 10 Nov 2019 20:41:51 +0000 (21:41 +0100)]
Config.in.legacy: fix small typo

Fix small typo: oenvmtools -> openvmtools

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
5 years agolegacy: add missing entry for openvmtools' procps removal
Yann E. MORIN [Sun, 10 Nov 2019 20:14:47 +0000 (21:14 +0100)]
legacy: add missing entry for openvmtools' procps removal

Commit 2be4232d98 removed the config option for openvmtools' procps
support, but forgot to add it to the legacy menu.

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
5 years agopackage/openvmtools: remove procps option
Fabrice Fontaine [Sun, 29 Sep 2019 18:04:08 +0000 (20:04 +0200)]
package/openvmtools: remove procps option

procps support has been removed since version 10.2.5 and
https://github.com/vmware/open-vm-tools/commit/ed2e2348dd6af823f9458c5959c89acf2f13a952

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
5 years agopackage/bird: disable on nios2
Fabrice Fontaine [Sun, 10 Nov 2019 14:22:58 +0000 (15:22 +0100)]
package/bird: disable on nios2

Build fails with truncation errors:

LD -pthread -o bird obj/conf/cf-parse.tab.o obj/conf/cf-lex.o obj/conf/conf.o obj/filter/filter.o obj/filter/data.o obj/filter/f-util.o obj/filter/tree.o obj/filter/trie.o obj/filter/inst-gen.o obj/lib/bitops.o obj/lib/checksum.o obj/lib/event.o obj/lib/flowspec.o obj/lib/idm.o obj/lib/ip.o obj/lib/lists.o obj/lib/mac.o obj/lib/md5.o obj/lib/mempool.o obj/lib/net.o obj/lib/patmatch.o obj/lib/printf.o obj/lib/resource.o obj/lib/sha1.o obj/lib/sha256.o obj/lib/sha512.o obj/lib/slab.o obj/lib/slists.o obj/lib/strtoul.o obj/lib/tbf.o obj/lib/timer.o obj/lib/xmalloc.o obj/nest/a-path.o obj/nest/a-set.o obj/nest/cli.o obj/nest/cmds.o obj/nest/iface.o obj/nest/locks.o obj/nest/neighbor.o obj/nest/password.o obj/nest/proto.o obj/nest/rt-attr.o obj/nest/rt-dev.o obj/nest/rt-fib.o obj/nest/rt-show.o obj/nest/rt-table.o obj/proto/bgp/attrs.o obj/proto/bgp/bgp.o obj/proto/bgp/packets.o obj/sysdep/linux/netlink.o obj/sysdep/unix/io.o obj/sysdep/unix/krt.o obj/sysdep/unix/log.o obj/sysdep/
 unix/main.o obj/sysdep/unix/random.o
/usr/lfs/hdd_v1/rc-buildroot-test/scripts/instance-2/output/host/opt/ext-toolchain/bin/../lib/gcc/nios2-buildroot-linux-gnu/7.4.0/../../../../nios2-buildroot-linux-gnu/bin/ld: FDE encoding in /usr/lfs/hdd_v1/rc-buildroot-test/scripts/instance-2/output/host/opt/ext-toolchain/bin/../lib/gcc/nios2-buildroot-linux-gnu/7.4.0/libgcc.a(_divdi3.o)(.eh_frame) prevents .eh_frame_hdr table being created
/usr/lfs/hdd_v1/rc-buildroot-test/scripts/instance-2/output/host/opt/ext-toolchain/bin/../lib/gcc/nios2-buildroot-linux-gnu/7.4.0/../../../../nios2-buildroot-linux-gnu/bin/ld: FDE encoding in /usr/lfs/hdd_v1/rc-buildroot-test/scripts/instance-2/output/host/opt/ext-toolchain/bin/../lib/gcc/nios2-buildroot-linux-gnu/7.4.0/libgcc.a(_moddi3.o)(.eh_frame) prevents .eh_frame_hdr table being created
/usr/lfs/hdd_v1/rc-buildroot-test/scripts/instance-2/output/host/opt/ext-toolchain/bin/../lib/gcc/nios2-buildroot-linux-gnu/7.4.0/../../../../nios2-buildroot-linux-gnu/bin/ld: FDE encoding in /usr/lfs/hdd_v1/rc-buildroot-test/scripts/instance-2/output/host/opt/ext-toolchain/bin/../lib/gcc/nios2-buildroot-linux-gnu/7.4.0/libgcc.a(_udivdi3.o)(.eh_frame) prevents .eh_frame_hdr table being created
/usr/lfs/hdd_v1/rc-buildroot-test/scripts/instance-2/output/host/opt/ext-toolchain/bin/../lib/gcc/nios2-buildroot-linux-gnu/7.4.0/../../../../nios2-buildroot-linux-gnu/bin/ld: FDE encoding in /usr/lfs/hdd_v1/rc-buildroot-test/scripts/instance-2/output/host/opt/ext-toolchain/bin/../lib/gcc/nios2-buildroot-linux-gnu/7.4.0/libgcc.a(_umoddi3.o)(.eh_frame) prevents .eh_frame_hdr table being created
/usr/lfs/hdd_v1/rc-buildroot-test/scripts/instance-2/output/host/opt/ext-toolchain/bin/../lib/gcc/nios2-buildroot-linux-gnu/7.4.0/../../../../nios2-buildroot-linux-gnu/bin/ld: obj/filter/filter.o: in function `f_rta_cow.constprop.12':
filter.c:(.text+0x9c): relocation truncated to fit: R_NIOS2_TLS_LE16 against `filter_state'
/usr/lfs/hdd_v1/rc-buildroot-test/scripts/instance-2/output/host/opt/ext-toolchain/bin/../lib/gcc/nios2-buildroot-linux-gnu/7.4.0/../../../../nios2-buildroot-linux-gnu/bin/ld: filter.c:(.text+0xe4): relocation truncated to fit: R_NIOS2_TLS_LE16 against `filter_state'

Fixes:
 - http://autobuild.buildroot.org/results/d3971f9e1305c3c4388dbf48763f5a54ba223307

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[yann.morin.1998@free.fr: fix trailing space]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
5 years agopackage/domoticz: fix build with python 3.8
Fabrice Fontaine [Sat, 9 Nov 2019 20:26:48 +0000 (21:26 +0100)]
package/domoticz: fix build with python 3.8

Fixes:
 - http://autobuild.buildroot.org/results/7790f4726d1fca3e5c0630f71f15417eeb7bf02a

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
5 years agopackage/jailhouse: fix misc details in Config.in
Thomas Petazzoni [Sun, 10 Nov 2019 13:26:26 +0000 (14:26 +0100)]
package/jailhouse: fix misc details in Config.in

This commit fixes a number of small minor details in the jailhouse
Config.in file:

 - The Config.in comment is in the middle of the main
   BR2_PACKAGE_JAILHOUSE option and its sub-options, causing the
   sub-options to not be indented properly in menuconfig

 - jailhouse was capitalized as Jailhouse, while all Buildroot
   packages in menuconfig use small letters, so use "jailhouse"
   everywhere

 - no need to repeat "jailhouse" in the prompt of the sub-option for
   helper scripts, since it is not properly indented under the main
   jailhouse option. Ditto in the comment when python is disabled.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
[yann.morin.1998@free.fr:
  - further drop 'jailhouse' from the helper scripts comment when
    python is not enabled
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
5 years agopackage/jailhouse: python scripts needs python-mako
Fabrice Fontaine [Sat, 9 Nov 2019 21:33:52 +0000 (22:33 +0100)]
package/jailhouse: python scripts needs python-mako

jailhouse-config-create script needs python-mako, see
https://github.com/siemens/jailhouse/commit/5c7f2c4c30f19aa7eb95dffa7b7bb92393c09ba7

Moreover jailhouse-config-create needs host-python-mako to build
jailhouse-config-collect

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/glog: disable on microblaze
Fabrice Fontaine [Sat, 9 Nov 2019 22:51:40 +0000 (23:51 +0100)]
package/glog: disable on microblaze

Disable glog on microblaze instead of trying to fix the build failure
due to __ELF__ being undefined on this architecture following Arnout
request during review of https://patchwork.ozlabs.org/patch/1186107

Fixes:
 - http://autobuild.buildroot.org/results/ae138c08361d3544df92f88edf3f6dcd617b6232

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/linux-serial-test: fix build on MIPS
Fabrice Fontaine [Sat, 9 Nov 2019 23:13:21 +0000 (00:13 +0100)]
package/linux-serial-test: fix build on MIPS

Fixes:
 - http://autobuild.buildroot.org/results/86e06fdcaa91dca682651736162e9e743329412c

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Reviewed-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agodocs/website: update for 2019.08.2
Peter Korsgaard [Sat, 9 Nov 2019 22:05:55 +0000 (23:05 +0100)]
docs/website: update for 2019.08.2

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agoUpdate for 2019.08.2
Peter Korsgaard [Sat, 9 Nov 2019 19:41:24 +0000 (20:41 +0100)]
Update for 2019.08.2

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit a6493a3214ae78bcb163982824693c1e0b1d093c)
[Peter: drop Makefile changes]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/safeclib: bump to version 08112019
Fabrice Fontaine [Fri, 8 Nov 2019 17:07:42 +0000 (18:07 +0100)]
package/safeclib: bump to version 08112019

- Drop patch (already in version)
- Include a fix for musl on x86_64:
  https://github.com/rurban/safeclib/commit/19e7154e9c5189b0dfb5594b94cb7b883f9b6dcf

Fixes:
 - http://autobuild.buildroot.org/results/7923fe7e609a6b2638492350996cc96582cc9193

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agoDEVELOPERS: add François Perrad as contact for olimex_imx233_olinuxino_defconfig
Thomas Petazzoni [Sun, 11 Aug 2019 12:07:32 +0000 (14:07 +0200)]
DEVELOPERS: add François Perrad as contact for olimex_imx233_olinuxino_defconfig

François has regularly updated this defconfig in the last few years,
so it makes sense to have him as a contact for it.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Francois Perrad <francois.perrad@gadz.org>
Acked-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/elf2flt: .ARM.exidx RO data section is incorrectly mapped to data
Romain Naour [Wed, 6 Nov 2019 21:19:13 +0000 (22:19 +0100)]
package/elf2flt: .ARM.exidx RO data section is incorrectly mapped to data

Starting with Binutils 2.33.1, elf2flt segfault while building busybox:
"ld (ld-elf2flt):
/opt/armv7m--uclibc--bleeding-edge-2/arm-buildroot-uclinux-uclibcgnueabi/bin/elf2flt

This was reported to the Binutils mailing list and it's seems
an elf2flt issue with .ARM.exidx RO data section as explained
by: https://sourceware.org/ml/binutils/2019-10/msg00132.html

Apply the patch provided by Greg Ungerer [1] and tested by
Christophe Priouzeau using stm32f469_disco_defconfig on
stm32f469-disco board.

Fixes:
https://gitlab.com/kubu93/toolchains-builder/-/jobs/319395300

[1] https://github.com/uclinux-dev/elf2flt/issues/12

Signed-off-by: Romain Naour <romain.naour@smile.fr>
Cc: Christophe Priouzeau <christophe.priouzeau@st.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/dtc: needs host-pkgconf unconditionally
Yann E. MORIN [Sun, 3 Nov 2019 10:42:06 +0000 (11:42 +0100)]
package/dtc: needs host-pkgconf unconditionally

Commits 495e757d2 (package/dtc: add optional libyaml dependency) and
e43d9072a (package/dtc: fix build without libyaml), added a conditional
dependency to host-pkgconf, when libyaml is enabled, while commit
56d6dd453 (package/dtc: disable valgrind) explicitly disabled support of
valgrind.

However, presence of libyaml, as well as that of valgrind, *is* detected
by calling pkg-config:

    NO_VALGRIND := $(shell $(PKG_CONFIG) --exists valgrind; echo $$?)
    NO_YAML := $(shell $(PKG_CONFIG) --exists yaml-0.1; echo $$?)

Passing NO_YAML=1 or NO_VALGRIND=1 do not prevent the tests from being
executed, which would yield messages like:

    /bin/sh: 1: /home/ymorin/dev/buildroot/O/host/bin/pkg-config: not found

(note however that, even if the test is executed, the value we pass on
the command line still takes precedence, and the support for either is
properly disabled.)

So, move the dependency on host-pkgconfig out of the condition. Ditto
for the host package.

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Cc: Titouan Christophe <titouan.christophe@railnova.eu>
Cc: Carlos Santos <unixmania@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/domoticz: fix build with RELRO
Fabrice Fontaine [Fri, 8 Nov 2019 17:04:45 +0000 (18:04 +0100)]
package/domoticz: fix build with RELRO

Fixes:
 - http://autobuild.buildroot.org/results/5c1ca3083ad672401d1e050c6c3a07b8c33b851d

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/libfribidi: add upstream security fix
Peter Korsgaard [Fri, 8 Nov 2019 16:00:29 +0000 (17:00 +0100)]
package/libfribidi: add upstream security fix

Fixes the following security issue:

- CVE-2019-18397: GNU FriBidi stack buffer overflow >= 1.0.0

For more details, see the advisory:
https://www.openwall.com/lists/oss-security/2019/11/08/5

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/pkg-generic.mk: use site method for same-site extra downloads
Yann E. MORIN [Fri, 8 Nov 2019 17:26:45 +0000 (18:26 +0100)]
package/pkg-generic.mk: use site method for same-site extra downloads

When a package specifies extra downloads, it has the option to only name
the basename of the extra download, in which case that extra download
will be retrieved from the same location the main download is retrieved
from.

In that case, if the extra download contains a '+', it would confuse the
dl-wrapper, which believes the LHS of the '+' is the site method, and
the RHS the actual URI, and so the dl-wrapper mangles and damages the
URI when fetching such extra downloads, like that happens with android
tools, where the proper URI and mangled URIs of the extra download are,
respectively:

    https://launchpad.net/ubuntu/+archive/primary/+files/android-tools_4.2.2+git20130218-3ubuntu41.debian.tar.gz
    http://archive/primary/+files/android-tools_4.2.2+git20130218-3ubuntu41.debian.tar.gz

We fix that by always propagating the site method to extra downloads,
but only when they are specified as relative to the main download URI.

For the extra downloads that specify a full URI, it is not systematic
that it is the same site method. For example, a main download could be a
git clone, but an extra download a pure http download; in that case we
can't replicate the site method for extra downloads, so they'll have to
take appropriate care to specify the required method and encoding if
needed.

Reported-by: Jemy Zhang <jemy.zhang@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Jemy Zhang <jemy.zhang@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/pkg-meson: really generate the global cross-compilation.conf
Thomas Petazzoni [Wed, 6 Nov 2019 15:25:23 +0000 (16:25 +0100)]
package/pkg-meson: really generate the global cross-compilation.conf

Commit ccc9e05990a44d8db5825c07ed61d405ebb40caa ("package/meson:
install cross-compilation.conf during toolchain install") moved the
logic to generate the global cross-compilation.conf from
package/meson/meson.mk to package/pkg-meson.mk. While doing so, it
renamed the macro from HOST_MESON_INSTALL_CROSS_CONF to
PKG_MESON_INSTALL_CROSS_CONF, but the registration of this hook in
TOOLCHAIN_POST_INSTALL_STAGING_HOOKS was not changed accordingly: it
is still registering HOST_MESON_INSTALL_CROSS_CONF.

Due to this, the global cross-compilation.conf file was no longer
generated.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Cc: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>