git.libre-soc.org Git - buildroot.git/log

package/freescale-imx/imx-gpu-viv: select libdrm

Some libraries (libGL.so, vivante_dri.so, libEGL.so, libgbm_viv.so) are
linked against libdrm so select libdrm package.

Fixes: 8283e838f040 ("package/freescale-imx/imx-gpu-viv: bump to version 6.4.3.p1.2")
Signed-off-by: Sébastien Szymanski <sebastien.szymanski@armadeus.com>
Reviewed-by: Gary Bisson <gary.bisson@boundarydevices.com>
Tested-by: Gary Bisson <gary.bisson@boundarydevices.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/bullet: fix build

Since bump to version 3.09 in commit
28b4947ed8f53c4edfbf8fef9304dc76480c01ca, build fails on:

[100%] Linking CXX shared library libBulletRoboticsGUI.so
/home/buildroot/autobuild/run/instance-0/output-1/host/opt/ext-toolchain/bin/../lib/gcc/sparc64-buildroot-linux-gnu/9.3.0/../../../../sparc64-buildroot-linux-gnu/bin/ld: cannot find -lBulletExampleBrowserLib

Upstream is aware of this issue and recommends to avoid changing any
options: https://github.com/bulletphysics/bullet3/issues/3143

So don't disable bullet3 and demos apps ...

Fixes:
- http://autobuild.buildroot.org/results/1721df8b0859656f7420b0b166d1ca635e5ddc74

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
[Arnout: remove the options instead of setting to ON]

package/pipewire: fix build with NLS

Fix build failure with NLS which is raised since bump to version 0.3.26
in commit a6d88d3ba5e30e11f4d726f341bc56c1be7c71c9

Fixes:
- http://autobuild.buildroot.org/results/4ed680dc91519c02db4fbfb396d75c5f74207d9b

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/libtomcrypt: compile with -fPIC to enable linking to dynamic libraries/exectuables

Fixes:

.../x86_64-buildroot-linux-gnu/bin/ld: .../host/x86_64-buildroot-linux-gnu/sysroot/usr/lib/libtomcrypt.a(md5.o): relocation R_X86_64_32 against `.rodata.str1.1' can not be used when making a shared object; recompile with -fPIC

when building a shared library that links with libtomcrypt. Our only
internal user dropbear doesn't do this, so there are no autobuilder
failures.

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

configs/aarch64_efi: bump kernel version and update

- Bump kernel to version 5.11.16.

We remove the hardcoded ttyAMA0 and rely on the firmware to discover our
console. This enables serial console on systems, which do not have an Arm
pl011 UART.

We switch to GPT disklabel and discover our root filesystem using its
PARTLABEL. This enables booting from more media, such as HDD, SD card or
USB.

We update the readme, which hinted that ACPI was mandatory. This is not
strictly the case as we can also boot with a dtb and/or a U-Boot based
firmware, with no ACPI. While at it, mention EBBR, SystemReady and explain
how to build and use a U-Boot-based qemu firmware.

Signed-off-by: Vincent Stehlé <vincent.stehle@arm.com>
Cc: Erico Nunes <nunes.erico@gmail.com>
Reviewed-by: Erico Nunes <nunes.erico@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/libfuse3: bump version to 3.10.3

Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

support/testing: add s6-networking tests

Test that the TAICLOCK and TCP servers are working.

Signed-off-by: Dick Olsson <hi@senzilla.io>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
[Arnout: indent config lines more]

support/testing: add s6-rc tests

Test that s6-rc service database compilation is working.

Signed-off-by: Dick Olsson <hi@senzilla.io>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
[Arnout: indent config lines more]

support/testing: add s6-portable-utils tests

Test that a few basis utilities are working.

Signed-off-by: Dick Olsson <hi@senzilla.io>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
[Arnout: indent config lines more]

support/testing: add s6 tests

Test that directory scanning and supervision is working.

Signed-off-by: Dick Olsson <hi@senzilla.io>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
[Arnout: properly indent, and use textwrap to dedent again.]

support/testing: add execline tests

Test that the interpreter can run a basic command.

Signed-off-by: Dick Olsson <hi@senzilla.io>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
[Arnout: indent config lines more]

package/{skalibs, execline, s6*, mdevd}: root prefix

The skaware packages are frequently used as the init system and service
management for machines. Therefore it is more logical to install these
packages to the root prefix.

Signed-off-by: Dick Olsson <hi@senzilla.io>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/libopenssl: fix performance issue in static build

Revert commit 8c2c959b028d44f5518d4445f864aedae3d90406 as no-dso has
been added back to openssl since version 1.1.1e and
https://github.com/openssl/openssl/commit/8dcd57461972dceaaf014b71d173d0a8758e7054
and because gcc no-asm has performance issue

Fixes:
- https://bugs.buildroot.org/show_bug.cgi?id=13751

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/kexec: bump to version 2.0.22

https://www.spinics.net/lists/kexec/msg26864.html

Signed-off-by: Federico Pellegrin <fede@evolware.org>
[yann.morin.1998@free.fr: two-spaces in hash file]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/kmod: create zstd option for host

Signed-off-by: Norbert Lange <nolange79@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/kmod: support zstd compression if available

Signed-off-by: Norbert Lange <nolange79@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

Config.in: enable FORTIFY_SOURCE, PIC/PIE, RELRO, SSP by default

Enhance security by enabling FORTIFY_SOURCE, PIC/PIE, RELRO and SSP by
default.

For SSP, SSP-all can have a significant impact on performance, so we do
not want to enable that unconditionally; instead we use SSP-strong if
available (since gcc-4.9), and resort to SSP-regular otherwise. People
who really, like really-really want to use SSP-all will still have to
enable it explicitly.

For FORTIFY, level 2 may change the behaviour of some glibc functions,
so may crash conforming programs, so may have adverse effects. As such,
we choose level 1 as the default, as it does not change the behaviour
of any function.

This could help making IoT more secure and fight against the assumption
that buildroot does not support binary hardening (see
https://cyber-itl.org/2019/08/26/iot-data-writeup.html)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[yann.morin.1998@free.fr:
  - relax SSP to strong when available, regular otherwise
  - extend commit log to explain why SSP-all is not used
  - extend commit log to explain why FORTIFY level 2 is not used
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/iostat: drop package

This package is not maintained anymore and even upstream site is dead.
As iostat can also be provided by sysstat, just drop the package.

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/docker-cli: bump version to 20.10.6

Signed-off-by: Mario Fink <mario.fink@record-evolution.de>
Tested-by: Christian Stewart <christian@paral.in>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/docker-engine: bump version to 20.10.6

Fixes various networking issues:

- Fix a regression in docker 20.10, causing IPv6 addresses no longer to be
  bound by default when mapping ports moby/moby#42205

- Fix implicit IPv6 port-mappings not included in API response.  Before
  docker 20.10, published ports were accessible through both IPv4 and IPv6
  by default, but the API only included information about the IPv4 (0.0.0.0)
  mapping moby/moby#42205

- Fix a regression in docker 20.10, causing the docker-proxy to not be
  terminated in all cases moby/moby#42205

- Fix iptables forwarding rules not being cleaned up upon container removal
  moby/moby#42205

For more details, see the release notes:
https://docs.docker.com/engine/release-notes/#20106

Signed-off-by: Mario Fink <knif.oiram@gmail.com>
Tested-by: Christian Stewart <christian@paral.in>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

Config.in.legacy: fix BR2_PACKAGE_SCONESERVER_HTTP_SCONESITE_IMAGE

Commit fdb6fc2b4a5be747e7695f594cbbb1a941ceb05b forgot to select
BR2_LEGACY

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/mdevd: bump to version 0.1.4.0

https://www.mail-archive.com/skaware@list.skarnet.org/msg01579.html

Signed-off-by: Dick Olsson <hi@senzilla.io>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/s6-linux-init: bump to version 1.0.6.3

https://www.mail-archive.com/skaware@list.skarnet.org/msg01579.html

Signed-off-by: Dick Olsson <hi@senzilla.io>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/s6-networking: bump to version 2.4.1.1

Change hash file indentation to 2 spaces.

https://www.mail-archive.com/skaware@list.skarnet.org/msg01579.html

Signed-off-by: Dick Olsson <hi@senzilla.io>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/s6-dns: bump to version 2.3.5.1

Change hash file indentation to 2 spaces.

https://www.mail-archive.com/skaware@list.skarnet.org/msg01579.html

Signed-off-by: Dick Olsson <hi@senzilla.io>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/s6-linux-utils: bump to version 2.5.1.5

Change hash file indentation to 2 spaces.

https://www.mail-archive.com/skaware@list.skarnet.org/msg01579.html

Signed-off-by: Dick Olsson <hi@senzilla.io>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/s6-portable-utils: bump to version 2.2.3.2

Change hash file indentation to 2 spaces.

https://www.mail-archive.com/skaware@list.skarnet.org/msg01579.html

Signed-off-by: Dick Olsson <hi@senzilla.io>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/s6-rc: bump to version 0.5.2.2

Change hash file indentation to 2 spaces.

https://www.mail-archive.com/skaware@list.skarnet.org/msg01579.html

Signed-off-by: Dick Olsson <hi@senzilla.io>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/s6: bump to version 2.10.0.3

Change hash file indentation to 2 spaces.

https://www.mail-archive.com/skaware@list.skarnet.org/msg01579.html

Signed-off-by: Dick Olsson <hi@senzilla.io>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/execline: bump to version 2.8.0.1

https://www.mail-archive.com/skaware@list.skarnet.org/msg01579.html

Signed-off-by: Dick Olsson <hi@senzilla.io>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/skalibs: bump to version 2.10.0.3

- Remove upstream patch that has been committed
- Change hash file indentation to 2 spaces

https://www.mail-archive.com/skaware@list.skarnet.org/msg01579.html

Signed-off-by: Dick Olsson <hi@senzilla.io>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/s6-networking: support building with bearssl

Signed-off-by: Dick Olsson <hi@senzilla.io>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/imx-uuc: bump version and enable for i.MX8 architecture

The imx-uuc package was only selectable on 32-bit arm targets; this
patch allows aarch64 targets such as i.MX8 to select the package
and use the ufb for fastboot support against the mfgtools "uuu".

Also bumping to latest upstream commit before uuc is removed from the
standard build, from
https://github.com/NXPmicro/imx-uuc

Tested on i.MX8QXP.

Signed-off-by: Charles Hardin <ckhardin@gmail.com>
Reviewed-by: Gary Bisson <gary.bisson@boundarydevices.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/libtomcrypt: update home page URL to https

- update home page URL to https

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/dmalloc: needs -fPIC

Drop first patch and pass -fPIC to configure to fix the following build
failure on ARC:

ERROR: architecture for "/usr/lib/libdmalloc.so" is "ARCompact", should be "ARCv2"
ERROR: architecture for "/usr/lib/libdmallocth.so" is "ARCompact", should be "ARCv2"
ERROR: architecture for "/usr/lib/libdmallocthcxx.so" is "ARCompact", should be "ARCv2"
ERROR: architecture for "/usr/lib/libdmallocxx.so" is "ARCompact", should be "ARCv2"

This build failure is due to the following configure error:

checking shared library link args... ./configure: line 4467: 10229 Segmentation fault ( ${LD-ld} -shared --whole-archive -soname conftest.so -o conftest.so.t conftest.a ) 2>&5
/home/buildroot/autobuild/run/instance-0/output-1/host/bin/arc-buildroot-linux-gnu-ld -G -o $@.t

This configure error is due to missing -fPIC:

configure:4392: checking shared library link args
configure:4398: /home/buildroot/autobuild/run/instance-0/output-1/host/bin/arc-buildroot-linux-gnu-gcc -c -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -Os -g2 -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 conftest.c >&5
configure:4404: $? = 0
configure:4408: test -z
|| test ! -s conftest.err
configure:4411: $? = 0
configure:4414: test -s conftest.o
configure:4417: $? = 0
/home/buildroot/autobuild/run/instance-0/output-1/host/bin/arc-buildroot-linux-gnu-ld: conftest.a(conftest.o): relocation R_ARC_32_ME against `__stack_chk_guard' can not be used when making a shared object; recompile with -fPIC
/home/buildroot/autobuild/run/instance-0/output-1/host/bin/arc-buildroot-linux-gnu-ld: BFD (GNU Binutils) 2.33.50.20191002 assertion fail elf32-arc.c:1805
/home/buildroot/autobuild/run/instance-0/output-1/host/bin/arc-buildroot-linux-gnu-ld: unrecognized option '-all'
/home/buildroot/autobuild/run/instance-0/output-1/host/bin/arc-buildroot-linux-gnu-ld: use the --help option for usage information
configure:4475: result: /home/buildroot/autobuild/run/instance-0/output-1/host/bin/arc-buildroot-linux-gnu-ld -G -o $@.t

Fixes:
- http://autobuild.buildroot.org/results/65677d889c27649e1f3ca1f3b6c70df7c89779f6

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

Fix -latomic for CMake packages

The poppler package failed to build for me with errors such as this one:

    host/aarch64-buildroot-linux-gnu/include/c++/10.3.0/cstdlib:75:15: fatal error: stdlib.h: No such file or directory
       75 | #include_next <stdlib.h>
          |               ^~~~~~~~~~

Changing the CMake option to a link-specific one fixes the issue.

Also change other packages with the same issue: cutelyst, gerbera,
kf5-modemmanager-qt, kodi and wampcc.

Signed-off-by: Gleb Mazovetskiy <glex.spb@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/bind: security bump to version 9.11.31

Fixes the following security issues:

- A malformed incoming IXFR transfer could trigger an assertion failure in
  named, causing it to quit abnormally.  (CVE-2021-25214)

- named crashed when a DNAME record placed in the ANSWER section during
  DNAME chasing turned out to be the final answer to a client query.
  (CVE-2021-25215)

- When a server's configuration set the tkey-gssapi-keytab or
  tkey-gssapi-credential option, a specially crafted GSS-TSIG query could
  cause a buffer overflow in the ISC implementation of SPNEGO (a protocol
  enabling negotiation of the security mechanism used for GSSAPI
  authentication).  This flaw could be exploited to crash named binaries
  compiled for 64-bit platforms, and could enable remote code execution when
  named was compiled for 32-bit platforms.  (CVE-2021-25216)

For more details, see the release notes:
https://downloads.isc.org/isc/bind9/9.11.31/RELEASE-NOTES-bind-9.11.31.html

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/imx-seco: use the c0 revision for the imx8qxp ahab image

Update the selection of the ahab container image to use based upon
a choice in the Config.in - there are multiple ASIC revisions that
use AHAB and the firmware images need to match. This extends the
support beyond a default image for just the imx8 amd imx8x based
upon the current contents of the imx-seco firmware extraction.

Files from 3.7.4:
    mx8dxla0-ahab-container.img
    mx8dxla1-ahab-container.img
    mx8qmb0-ahab-container.img
    mx8qxb0-ahab-container.img
    mx8qxc0-ahab-container.img

The original defaults prior to this patch were mx8qmb0 for IMX8
and mx8qxb0 for the IMX8X selections. However, this patch will
change the default selection of the IMX8X from the B0 option to
C0 because the IMX8X C0 HW variant is widespread and the current
release of hardware silicon. Because there are still B0's in
circulation an option is being kept for that as well.

Signed-off-by: Charles Hardin <ckhardin@gmail.com>
[yann.morin.1998@free.fr: 1 minor code style]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/sane-backends: poppler-glib needs cairo

- poppler-glib depends on cairo (see poppler-0.84.0/CMakeLists.txt):

  185 else()
  186   set(CAIRO_FEATURE "#undef POPPLER_HAS_CAIRO")
  187   set(ENABLE_GLIB OFF)
  188 endif()

Fixes:

  - http://autobuild.buildroot.net/results/9a345f82c7a010f6b2a3361f25b14caefa9dcbef

  checking for POPPLER_GLIB... no
  configure: error: poppler-glib requested but not found

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/python-rpi-ws281w: fix build with gcc 4.8

Fix build failure with gcc 4.8 which is raised since bump to version
4.2.6 in commit f21d46bf99e2c3a86a86586bc3e82b214104cd30

Fixes:
- http://autobuild.buildroot.org/results/3d037922484bfc45d0f985f87b38f20c5a4ab064

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/nginx: add libxcrypt optional dependency

Fix build failure on uclibc with libxcrypt which has been added in
commit 464bbe26ff5fb9e5bfe26a26ea65c700b90598f5

Fixes:
- http://autobuild.buildroot.org/results/79a51b0d348e756517b5c9ce815a67f5c657e7e6

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/sox: fix static build with magic and bzip2

Update patch added by commit 183d583fb5f19eb11637873d73e13fe14536efa6 to
use pkg-config instead of linking with zlib to fix the following static
build failure with a bzip2-enabled libmagic:

/home/buildroot/autobuild/instance-1/output-1/host/opt/ext-toolchain/bin/../lib/gcc/arc-buildroot-linux-uclibc/9.3.1/../../../../arc-buildroot-linux-uclibc/bin/ld: /home/buildroot/autobuild/instance-1/output-1/host/arc-buildroot-linux-uclibc/sysroot/usr/lib/libmagic.a(compress.o): in function `uncompressbuf':
compress.c:(.text+0x422): undefined reference to `BZ2_bzDecompressInit'
/home/buildroot/autobuild/instance-1/output-1/host/opt/ext-toolchain/bin/../lib/gcc/arc-buildroot-linux-uclibc/9.3.1/../../../../arc-buildroot-linux-uclibc/bin/ld: compress.c:(.text+0x422): undefined reference to `BZ2_bzDecompressInit'

Fixes:
- http://autobuild.buildroot.org/results/4c511c02e4c63b35ecf77a2658f88e8a0d9dbb4d

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/openjdk: drop patch left over after last bump

Commit 5871e278f873 (package/openjdk{, -bin}: security bump to version
11.0.11_9) forgot to account for the openjdk patch in the versioned
directory.

That patch was a collection of backports from upstream ,that are now all
present in 11.0.11+9, so drop that patch.

Fixes: 5871e278f873
Reported-by: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/e2fsprogs: add option for e2scrub

The e2scrib tool has various requirements:

  - e2scrub and its associated helpers, are bash scripts

  - e2scrub_all depends on coreutils' readlink; busybox readlink is
    missing some options:
        readlink: invalid option -- 'e'

  - by design, e2scrub only works on an LVM volume

Add an option to enable e2scrub. This is probably seldom used, so it
does not warrant the usual dance about BR2_PACKAGE_BUSYBOX_SHOW_OTHERS
and selecting the tools; we can just depend on the required tools.

Signed-off-by: Tian Yuanhao <tianyuanhao@aliyun.com>
Cc: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: James Hilliard <james.hilliard1@gmail.com>
[yann.morin.1998@free.fr:
  - add a kconfig option like for other tools
  - move the conditions to that new option
  - reword the commit log accordingly
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/php: security bump version to 7.4.18

Changelog: https://www.php.net/ChangeLog-7.php#7.4.18

Release notes: https://www.php.net/releases/7_4_18.php

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/feh: bump version to 3.6.3

Signed-off-by: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/samba4: security bump version to 4.14.4

Fixes CVE-2021-20254:
https://www.samba.org/samba/security/CVE-2021-20254.html

Release notes: https://www.samba.org/samba/history/samba-4.14.4.html

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/fetchmail: bump version to 6.4.19

Updated license hash due to upstream typo fix:
https://sourceforge.net/p/fetchmail/git/ci/2409d4f0baa90c6303d1e600772e500fc397a561/

Release notes:
https://sourceforge.net/p/fetchmail/mailman/message/37267719/

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

boot/opensbi: allow using U-Boot as a payload

The opensbi package already allows to use Linux as a payload for
OpenSBI, but in some cases, U-Boot as payload is useful. This commit
adds a BR2_TARGET_OPENSBI_UBOOT_PAYLOAD option, modeled after the
existing BR2_TARGET_OPENSBI_LINUX_PAYLOAD.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

boot/opensbi: add support for version configuration

OpenSBI contains platform-specific code, so very much like Linux,
U-Boot or other bootloaders, using the upstream version of OpenSBI
will very often not be sufficient.

This commit therefore adds the possibility of specifying a custom
version of OpenSBI, either custom from upstream, custom tarball, or
custom from Git. Support for other version control systems has not
been implemented for now, but could be added later if needed.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/kodi-pvr-nextpvr: bump version to 8.2.2-Matrix

Changelog:
https://github.com/kodi-pvr/pvr.nextpvr/blob/Matrix/pvr.nextpvr/changelog.txt

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

{linux, linux-headers}: bump 4.{4, 9, 14, 19}.x / 5.{4, 10, 11}.x series

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/bullet: bump to version 3.09

See:
https://github.com/bulletphysics/bullet3/releases/tag/3.09

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/clinfo: bump to version 3.0.21.02.21

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/terminology: bump to version 1.9.0

See:
https://www.enlightenment.org/news/2021-01-18-terminology-1.9.0

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/enet: bump to version 1.3.17

See:
https://github.com/lsalzman/enet/blob/v1.3.17/ChangeLog

Update file hash due to update license dates:
https://github.com/lsalzman/enet/commit/5b93d08fa5e30fce3e3b1d922de6035dadd9e9af

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/minetest{-game}: bump to version 5.4.1

See Changelog [1]

Update minetest-game licence file hash for:
mods/player_api/license.txt [2]

Update minetest license file hash for:
LICENSE.txt [3][4]

[1] https://dev.minetest.net/Changelog#5.3.0_.E2.86.92_5.4.0
[2] https://github.com/minetest/minetest_game/commit/63cffc4bd1851af2acd145f09dbd462287c76068
[3] https://github.com/minetest/minetest/commit/5066fe75830b98f592717b593099a757337c952d
[4] https://github.com/minetest/minetest/commit/92aac69b36d37ace8d2e06721cfa5e488427dcdf

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/efl: bump to version 1.25.1

See:
https://www.enlightenment.org/news/efl-1.25.1

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/solarus: bump to version 1.6.5

See:
https://www.solarus-games.org/en/news/2021-04-06-solarus-1-6-5-bugfix-release

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/mkpimage: define extract step to allow patching

As recently discussed on the list:
http://lists.busybox.net/pipermail/buildroot/2021-April/308373.html

Packages like mkpimage where the source code is included in the Buildroot
tree, currently doesn't use an extract step (which also skips the patch
step), so they cannot be patched by a patch in BR2_GLOBAL_PATCH_DIR (or the
pkgdir), which is a bit confusing.

As a fix, add a simple extract step that copies the source file to the build
directory, so the patch step gets run as well.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/mkpaswd: define extract step to allow patching

As recently discussed on the list:
http://lists.busybox.net/pipermail/buildroot/2021-April/308373.html

Packages like mkpasswd where the source code is included in the Buildroot
tree, currently doesn't use an extract step (which also skips the patch
step), so they cannot be patched by a patch in BR2_GLOBAL_PATCH_DIR (or the
pkgdir), which is a bit confusing.

As a fix, add a simple extract step that copies the source files to the
build directory, so the patch step gets run as well.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/makedevs: define extract step to allow patching

As recently discussed on the list:
http://lists.busybox.net/pipermail/buildroot/2021-April/308373.html

Packages like makedevs where the source code is included in the Buildroot
tree, currently doesn't use an extract step (which also skips the patch
step), so they cannot be patched by a patch in BR2_GLOBAL_PATCH_DIR (or the
pkgdir), which is a bit confusing.

As a fix, add a simple extract step that copies the source file to the build
directory, so the patch step gets run as well.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/fmt: get rid of extra space

Commit 32c10f256bbc3dd09a72d45107682afb4448f07b
introduced extra space so let's remove that in
order to be consistent with other variables.

Signed-off-by: Bartosz Bilas <b.bilas@grinn-global.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/moarvm: bump to version 2021.04

zstd is a new dependency (since 2021.03)

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/python-typepy: bump to version 1.1.5

- python-dateutil and python-pytz are optional since version 0.0.20 and
https://github.com/thombashi/typepy/commit/a54dc97598d9d69e5f6092cf918d7889b9a31f61
- python 2 and python-six dependency have been dropped in version 1.0.0 and
https://github.com/thombashi/typepy/commit/764812d01d831d149b19a871a695ae3a9e39485b
- Update indentation in hash file (two spaces)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

board/boundarydevices: update readme.txt for nitrogen8mp

Add mention about nitrogen8mp_defconfig which is meant for our
Nitrogen8MPlus SOM device.

Signed-off-by: Gary Bisson <gary.bisson@boundarydevices.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/openjdk{, -bin}: security bump to version 11.0.11_9

Fixes the following security issues:

CVE-2020-14779, CVE-2020-14781, CVE-2020-14782, CVE-2020-14792,
CVE-2020-14796, CVE-2020-14797, CVE-2020-14798, CVE-2020-14803,
CVE-2021-2161, CVE-2021-2163

For details. see the advisories:
https://openjdk.java.net/groups/vulnerability/advisories/2020-10-20
https://openjdk.java.net/groups/vulnerability/advisories/2021-01-19
https://openjdk.java.net/groups/vulnerability/advisories/2021-04-20

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

support/download/hg: fix broken method

Commit 54d3d94b6e3846447b5796ef8587b08b537cd348 broke the 'hg' download
method, in a similar way as it broke the 'git' download method (later fixed
with commit b70ce5665126246bd6b6bf804c6d9eea1fc599cf), by introducing extra
output on stdout in a case where the output is redirected.

In the case of 'hg', the 'hg archive' step uses shell redirection rather
than directly letting hg write the output file, since commit
76b51f90c0e393349dd0c71d7e6cf82fbc094282.

As a result, the extra print added by the _hg function is prepended to the
actual archive, causing an invalid archive.

Fix by using the _plain_hg function instead. The disadvantage is that the
command for 'hg archive' is no longer printed.

Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/lxc: bump to version 4.0.6

"The LXC 4.0 branch is supported until June 2025. Only bugfixes and
securitiy issues get included into the stable bugfix releases, so it's
always safe and recommended to keep up and run the latest bugfix
release."

https://discuss.linuxcontainers.org/t/lxc-4-0-6-lts-has-been-released/9926

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/uftrace: add missing dependency to comment

Commit f06d79255fbf0607200f1cc50a5dd87839295be3 forgot to add
BR2_PACKAGE_UFTRACE_ARCH_SUPPORTS dependency to threads comment

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/wpa_supplicant: add upstream patch to fix CVE-2021-30004

Fixes the following security issue for the internal TLS backend:

- CVE-2021-30004: In wpa_supplicant and hostapd 2.9, forging attacks may
occur because AlgorithmIdentifier parameters are mishandled in tls/pkcs1.c
and tls/x509v3.c.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/hostapd: add upstream patch to fix CVE-2021-30004

Fixes the following security issue for the internal TLS backend:

- CVE-2021-30004: In wpa_supplicant and hostapd 2.9, forging attacks may
occur because AlgorithmIdentifier parameters are mishandled in tls/pkcs1.c
and tls/x509v3.c.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

{linux, linux-headers}: bump 4.{4, 9, 14, 19}.x / 5.{4, 10, 11}.x series

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/postgis: add missing || in Config.in

This was forgotten in commit 72eba37e520ede9277a7a84cde82be992eb5639d.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/sconeserver: disable image

Build of http::sconesite::image module was silently broken until commit
d3b818c3cf0990117a8b59fcfc6c212f310ae6ec

However, sconeserver fails to build with ImageMagick because:
- it checks for ImageMagick++.pc instead of ImageMagick.pc
- it uses the transform function which has been removed from the public
API since version 7.0.1-0 and
https://github.com/ImageMagick/ImageMagick/commit/06f590165f0505d42005264893fe14a9e8a79986

As sconeserver does not seem to be maintained anymore, drop
BR2_PACKAGE_SCONESERVER_HTTP_SCONESITE_IMAGE.

Fixes:
- http://autobuild.buildroot.org/results/895ab582d1140f7677fc1c6934fa2e0c47c49f20

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
[Arnout: add legacy symbol. It costs us exactly nothing, and if someone
actually had that selected, they know what's going on.]

package/libcamera: disable package affected by binutils bug 27597

This package is affected by binutils bug 27597 and no work around has
been found, so let's disable it if
BR2_TOOLCHAIN_HAS_BINUTILS_BUG_27597=y.

Fixes:
http://autobuild.buildroot.net/results/8ac/8ac599392f773eecff4773393ef0d0232a22f372/

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/kf5-kcoreaddons: disable package affected by binutils bug 27597

This package is affected by binutils bug 27597 and no work around has
been found, so let's disable it if
BR2_TOOLCHAIN_HAS_BINUTILS_BUG_27597=y.

Fixes:
http://autobuild.buildroot.net/results/0c1/0c1e7e094b0990970f28cda2be0e3fe7d82ce6a2/

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/libgeos: use specific bug instead of BR2_nios2 to disable package

Let's use the _BUG_ form for disabling this package instead of BR2_nios2
architecture as we already use it for other packages.

Propagate this dependency to postgis. Also add the missing dependency on
bug 21464 to postgis.

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
[Arnout:
- put 27597 after 21464 instead of before it;
- propagate dependency to postgis;
- mention the bugs in the comments.
]

toolchain: introduce BR2_TOOLCHAIN_HAS_BINUTILS_BUG_27597

On Nios II binutils it still present ld bug 27597 leading to a package
libgeos to fail building:
http://autobuild.buildroot.net/results/a05fdf1958f93a206c5c66c7f636b6650683626d/http://autobuild.buildroot.net/results/c05/c053b9e191b31f0b1f8f8c902b602e187f714dc0/

The bug was already reported and it's been updated:
https://sourceware.org/bugzilla/show_bug.cgi?id=27597

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/freescale-imx/kernel-module-imx-gpu-viv: bump to version 6.4.3.p1.2

- Same version as NXP release 5.10.9-1.0.0
- No changelog provided by NXP
- Tested on Nitrogen8M device with Weston (DRM backend) as follows:
# cd /usr/share/examples/viv_samples/vdk/
# ./tutorial7

Signed-off-by: Gary Bisson <gary.bisson@boundarydevices.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/uftrace: needs threads

uftrace needs threads since its addition to buildroot in commit
09c97972d9f90b69cfc36f9ffe9e22c13daf9307

Fixes:
- http://autobuild.buildroot.org/results/d27c34a2f773aeb3c806d56dd2468d17caf2fbc6

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

configs/nitrogen8mp: new defconfig

NXP i.MX 8M Plus based SOM with 2GB of LPDDR4 and 16GB eMMC.

More details on the platform here:
https://boundarydevices.com/product/nitrogen8m-plus-som/

Signed-off-by: Gary Bisson <gary.bisson@boundarydevices.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

configs/nitrogen*: bump u-boot revision

- To latest v2020.10 rev (e05b6d68)
  -> added 8MP A1 silicon support
  -> fixed 8MP HAB support
  -> added display support for all 8M platforms
- Bump ATF to boundary-imx_5.4.70_2.3.0

Signed-off-by: Gary Bisson <gary.bisson@boundarydevices.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

configs/nitrogen*: update kernel to 5.4.x_2.3.0

- based upon NXP 5.4.70_2.3.0 release
- include stable until 5.4.110
- 8MP GA support

Signed-off-by: Gary Bisson <gary.bisson@boundarydevices.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

board/boundarydevices: update boot scripts

- Add support for 8M Plus CPU (A1 and A0 silicon)
- Simplify cpu type parsing
- Update to be closer to Yocto counterpart

Signed-off-by: Gary Bisson <gary.bisson@boundarydevices.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/domoticz: select boost atomic

domoticz does not use Boost::atomic but cmake is so "smart" that it
(wrongly) assumes that Boost::thread depends on Boost:date_time and
Boost::atomic since boost version 1.54:

set(_Boost_THREAD_DEPENDENCIES chrono date_time atomic)

Extracted from:
- https://gitlab.kitware.com/cmake/cmake/-/blob/master/Modules/FindBoost.cmake#L1113

As we can't patch every cmake on the field, just select boost atomic

It should be noted that build failures are only raised since commit
8a46b41b4a5d1c2f5ebefd7fc23fec7e8ba0598c as this commit drop the patch
that was decreasing cmake version but also removing:

target_link_libraries(domoticz Boost::thread Boost::system)

Fixes:
- http://autobuild.buildroot.org/results/4306c0a725ed9a34bd55550df428866db6e4f052
- http://autobuild.buildroot.org/results/2478e7a2ec1c63dcc2b36d29a39004468b230211

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

Revert "package/domoticz: drop boost date-time dependency"

This reverts commit 4b4d98e2c5165c3121e670192970fc909cae6d8a as
Boost::date_time is still used by domoticz (in pmain/Scheduler.cpp and
push/BasePush.cpp)

Fixes:
- http://autobuild.buildroot.org/results/493a2e93fe6121f118293a268f986ee51009b7e8

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/localedef: bump to version 2.32-23

resync the version with glibc package.

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

configs/kontron_smarc_sal28: use kernel 5.12

Signed-off-by: Michael Walle <michael@walle.cc>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

{linux, linux-headers}: add version 5.12

Signed-off-by: Michael Walle <michael@walle.cc>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/pipewire: bump to version 0.3.26

Add pipewire optional dependencies/configurations.

This bump will fix a build failure with bluez plugin and gcc 10

Fixes:
- http://autobuild.buildroot.org/results/ab2edff9ae6b67d17bee2a11098b046ad754eee1

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/weston: add patch to support pipewire 0.3 API

This is required when building weston against the latest pipewire
release.

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/python-dnspython: enable host build

Needed for Samba 4.14.x:
https://gitlab.com/samba-team/samba/-/commit/2420b7c6d2038aca33759ca3a7d41240c5f19bf7#bc16f0673dfbb473658dfd16961cdbf12f02ea5a_8_15

Fixes:
http://autobuild.buildroot.net/results/7dc/7dc7e304cb4e9afb157326dd5e4ae38711e91cad/

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/libqmi: add _CPE_ID_VENDOR

cpe:2.3:a:libqmi_project:libqmi:* is a valid CPE identifier for this package:

https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe:2.3:a:libqmi_project:libqmi

Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/pipewire: needs headers >= 3.18

v4l2 plugin needs headers >= 3.18 since
https://gitlab.freedesktop.org/pipewire/pipewire/-/commit/4cb90f3b868e5169cb9bfe2200f3b079d3f0db7b
(so since its addition to buildroot in commit
75c86f90c73c42ee35559610aec28a02190b65b7) because of
V4L2_PIX_FMT_ARGB555X which is only available since
https://github.com/torvalds/linux/commit/fcc0d3db28922f9ba21ea6c7b23ea10ffb5d3521

v4l2 plugin can't be disabled until
https://gitlab.freedesktop.org/pipewire/pipewire/-/commit/8d71d2dab831b77cadb74f2e4630f549acc94ac4

Fixes:
- http://autobuild.buildroot.org/results/b887b6ccd2c22bb3214c07d1281ad486438fb58e

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/libfreefare: drop threads dependency

This dependency should have dropped by commit
1a49188a69416542087acd1246b17c0139ff0054 which removed threads
dependency from libnfc

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/multipath-tools: fix legal-info

Commit 55a7382564e415dfcd29ebcf0b05577a6625d8ba forgot to update hash of
REAMDE.md (changes are not related to license:
https://github.com/opensvc/multipath-tools/commit/021c2df40f367559e5fa1cf3fe3734e4ec5854ae
https://github.com/opensvc/multipath-tools/commit/748d4453734937f372a930cfed3445f9903a9934)

Fixes:
- http://autobuild.buildroot.org/results/9aa925b1a3fe8f0e38bef742c42304101b89b6b2

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/uboot-tools: fix build with FIT

Build with FIT is broken since bump to version 2021.04 in commit
a4c38ae470e6c472f0e0cdfbfb8e2e76f1e8047c

Fake a generated/autoconf.h with just the needed stuff as suggested by
Yann E. Morin in
https://patchwork.ozlabs.org/project/buildroot/patch/20210422210559.707845-1-fontaine.fabrice@gmail.com

It seems that an empty file is enough as make options are still
interpreted

As a side-effect, drop third patch

Fixes:
- http://autobuild.buildroot.org/results/5771a7413c98ec202c9623672787a1eee74da5e0

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>