buildroot.git
7 years agopackage/libev: fix download URL
Bernd Kuhls [Sun, 28 May 2017 20:40:57 +0000 (22:40 +0200)]
package/libev: fix download URL

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
7 years agopackage/mxml: fix download URL
Bernd Kuhls [Sun, 28 May 2017 21:37:38 +0000 (23:37 +0200)]
package/mxml: fix download URL

The project moved to github, the current download URL is broken:

$ wget -q  http://www.msweet.org/files/project3/mxml-2.10.tar.gz
$ file mxml-2.10.tar.gz
mxml-2.10.tar.gz: HTML document, UTF-8 Unicode text, with very long lines

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
7 years agoerlang: fix check-package help text warnings
Frank Hunleth [Mon, 29 May 2017 15:39:01 +0000 (11:39 -0400)]
erlang: fix check-package help text warnings

Signed-off-by: Frank Hunleth <fhunleth@troodon-software.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
7 years agoola: remove package
Baruch Siach [Mon, 29 May 2017 18:02:35 +0000 (21:02 +0300)]
ola: remove package

ola does not build with current protobuf. Upstream bug report is still open.

https://github.com/OpenLightingProject/ola/issues/1192

Cc: Dave Skok <blanco.ether@gmail.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
7 years agopackage/libmicrohttpd: security bump version to 0.9.55
Bernd Kuhls [Mon, 29 May 2017 16:59:45 +0000 (18:59 +0200)]
package/libmicrohttpd: security bump version to 0.9.55

For details refer to release notes:
http://lists.gnu.org/archive/html/info-gnu/2017-05/msg00014.html

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
7 years agopackage/stella: fix project URLs
Bernd Kuhls [Mon, 29 May 2017 19:07:36 +0000 (21:07 +0200)]
package/stella: fix project URLs

The project moved to github: http://stella.sourceforge.net/

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
7 years agoDEVELOPERS: remove Andrew Ruder
Thomas Petazzoni [Mon, 29 May 2017 07:04:29 +0000 (09:04 +0200)]
DEVELOPERS: remove Andrew Ruder

His e-mail address is bouncing:

<andrew.ruder@elecsyscorp.com>: host mx1-us1.ppe-hosted.com[67.231.154.162]
    said: 550 5.7.1 <andrew.ruder@elecsyscorp.com>: Recipient address rejected:
    User email address is marked as invalid. (in reply to RCPT TO command)

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
7 years agopackage/redis: fix static linking with libatomic
Bernd Kuhls [Thu, 25 May 2017 07:19:34 +0000 (09:19 +0200)]
package/redis: fix static linking with libatomic

Fixes
http://autobuild.buildroot.net/results/7f1/7f1ecccbfdb6bd95824d9c884f1577e71e0e1e09/
http://autobuild.buildroot.net/results/c0b/c0b1bdcc5fbddf8b996b923015184d753882d4b8/

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
[Thomas:
 - improve comment to explain the fix
 - remove useless LDFLAGS related code]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
7 years agopackage/flashrom: security bump to version 0.9.9
Bernd Kuhls [Sun, 28 May 2017 13:56:11 +0000 (15:56 +0200)]
package/flashrom: security bump to version 0.9.9

Fixes buffer overflow:
https://mail.coreboot.org/pipermail/flashrom/2016-March/014523.html

Removed patch 0002-sys-io.h.patch, not needed anymore, hwaccess.h now
contains a similar fix:

  elif defined(__linux__) || defined(__GLIBC__)

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
7 years agopackage/kodi: security bump to version 17.3
Bernd Kuhls [Thu, 25 May 2017 21:26:20 +0000 (23:26 +0200)]
package/kodi: security bump to version 17.3

Release notes:
https://kodi.tv/article/kodi-v173-minor-bug-fix-and-security-release

"Fix possible security flaw which could abused .zip files which try to
 traverse to a parent directory"

For details about the security bug refer to
http://blog.checkpoint.com/2017/05/23/hacked-in-translation/

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
7 years agopackage/openpowerlink: use pcap-config to fix static linking with libpcap
Romain Naour [Sat, 27 May 2017 22:51:19 +0000 (00:51 +0200)]
package/openpowerlink: use pcap-config to fix static linking with libpcap

When linking demo_mn_console statically with pcap, the CMake build
system forget to link with other libraries linked with libpcap
(-lnl-genl-3 -lnl-3 -ldbus-1 -pthread).

[100%] Linking C executable demo_mn_console
lib64/libpcap.a(pcap-linux.o): In function nl80211_init': pcap-linux.c:(.text+0x41e): undefined reference tonl_socket_alloc'

To fix this, the build system could use pcap-config:
pcap-config --libs --static
-L/path/to/sysroot/usr/lib -lpcap -L/path/to/sysroot/usr/lib/.libs
-lnl-genl-3 -lnl-3 -L/path/to/sysroot/usr/lib -ldbus-1 -pthread

Also don't use getopt() from contrib directory to avoid a clash with
libc definition.

Fixes:
http://autobuild.buildroot.net/results/f43/f437d09ac6c689c911e1885b95da33b692f2cb3c
http://autobuild.buildroot.net/results/385/3859dc0f4de7e3284a96d5841f040f69f71842df
https://github.com/OpenAutomationTechnologies/openPOWERLINK_V2/issues/187

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Tested-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
7 years agopackage/audiofile: Fix static linking with libsndfile
Bernd Kuhls [Sat, 27 May 2017 16:04:46 +0000 (18:04 +0200)]
package/audiofile: Fix static linking with libsndfile

Fixes mpd:
http://autobuild.buildroot.net/results/799/7997ccd698f03885f98d00bd150dc3a578e4b161/

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
7 years agopackage/audiofile: add security fix
Bernd Kuhls [Sat, 27 May 2017 15:44:26 +0000 (17:44 +0200)]
package/audiofile: add security fix

Fixes CVE-2015-7747

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
7 years agosupport/testing: rename variables for readability
Luca Ceresoli [Sat, 27 May 2017 21:58:46 +0000 (23:58 +0200)]
support/testing: rename variables for readability

The 'lines' variable is overwritten with its own fields. Thus it
contains a line first, and then a list of fields -- it never contains
'lines'.

Use two different variables named 'line' and 'fields' to make the code
more readable.

Signed-off-by: Luca Ceresoli <luca@lucaceresoli.net>
Acked-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
7 years agosupport/testing: fs/ext: add a negative test for the "extent" feature
Luca Ceresoli [Sat, 27 May 2017 21:58:47 +0000 (23:58 +0200)]
support/testing: fs/ext: add a negative test for the "extent" feature

We only have a positive test for it, in ext4. Let's have a negative
one as well.

Signed-off-by: Luca Ceresoli <luca@lucaceresoli.net>
Reviewed-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
7 years agoDEVELOPERS: add selinux packages under Adam Duskett
Adam Duskett [Fri, 26 May 2017 14:46:28 +0000 (10:46 -0400)]
DEVELOPERS: add selinux packages under Adam Duskett

Signed-off-by: Adam Duskett <aduskett@codeblue.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
7 years agopackage/dhcp: create tmpfiles.d directory
Romain Naour [Fri, 26 May 2017 22:13:47 +0000 (00:13 +0200)]
package/dhcp: create tmpfiles.d directory

dhcp.mk tries to create dhcp.conf in a non-existant directory.

Fixes:
http://autobuild.buildroot.net/results/40e/40e48f74b586ce380766cf31473932e43090671e

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Tested-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
7 years agopackage/popt: fix libiconv dependency
Bernd Kuhls [Sat, 27 May 2017 08:19:52 +0000 (10:19 +0200)]
package/popt: fix libiconv dependency

Make sure that libiconv is built before popt when needed.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
7 years agopackage/opencv: fix build with old glibc versions
Bernd Kuhls [Sat, 27 May 2017 11:52:37 +0000 (13:52 +0200)]
package/opencv: fix build with old glibc versions

Prior to glibc 2.18, definitions like SIZE_MAX or INT_FAST32_MAX from
<stdint.h> were only made available for C code, or in C++ if
__STDC_LIMIT_MACROS was defined.

The code from jasper uses such definitions, without defining
__STDC_LIMIT_MACROS. Unfortunately, defining __STDC_LIMIT_MACROS in
the jasper headers doesn't work, since <stdint.h> has already been
included before, at a point where __STDC_LIMIT_MACROS was not defined.

So to solve this problem, we simply pass -D__STDC_LIMIT_MACROS in
CXXFLAGS when building opencv with jasper support.

This patch uses the same solution used for libraw:
https://git.buildroot.net/buildroot/commit/package/libraw?id=d246cf5fd01bb0d20a0e64194ffed514ea8dd0aa

Fixes:
http://autobuild.buildroot.net/results/095/095f7574afdb633c59a625cd063de03644b6d3a7/

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
7 years agopackage/libv4l: fix udev configure options
Bernd Kuhls [Sat, 27 May 2017 12:57:08 +0000 (14:57 +0200)]
package/libv4l: fix udev configure options

AC_ARG_WITH([libudev] was removed in version 1.12.0:
https://git.linuxtv.org/v4l-utils.git/commit/configure.ac?id=3aba7817cd1994e6da00651114368db8171eabcc

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
7 years agokeepalived: needs headers >= 3.4
Ilias Apalodimas [Sat, 27 May 2017 12:47:47 +0000 (15:47 +0300)]
keepalived: needs headers >= 3.4

keepalived fails to build on toolchains with headers older than 3.4,
because of a namespace clash between the xt_set.h header from the
kernel and the linux_ip_set.h header installed by ipset.

Even though keepalived does check for pre-3.4 headers, the check
somehow fails to work correctly.

We fix that by making keepalived depend on headers 3.4 or later.

Fixes:
http://autobuild.buildroot.org/results/770/770d8fd2f3bacbdbe233da1b4d6e64e20a84d5a5/
http://autobuild.buildroot.org/results/1ad/1adb710b915427f681eae37452a0942833ce533e/
http://autobuild.buildroot.org/results/70b/70b31547e51ec7213372d2ef07bec34c5df77560/
[...]

Signed-off-by: Ilias Apalodimas <apalos@gmail.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
7 years agolinux: bump default version to 4.11.3
Bernd Kuhls [Thu, 25 May 2017 17:44:12 +0000 (19:44 +0200)]
linux: bump default version to 4.11.3

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
7 years agolinux-headers: bump 4.{4, 9, 11}.x series
Bernd Kuhls [Thu, 25 May 2017 17:44:11 +0000 (19:44 +0200)]
linux-headers: bump 4.{4, 9, 11}.x series

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
7 years agoRevert "libcdio: disable on ARC, triggers a toolchain bug"
Alexey Brodkin [Tue, 16 May 2017 07:32:13 +0000 (10:32 +0300)]
Revert "libcdio: disable on ARC, triggers a toolchain bug"

This reverts commit 459f7302df8cdc45aa0f7f2581ebb6f05fb6432a.

libcdio building is fixed for ARC in
2b360bd547f1 "gcc: arc-2017.03-rc2: Fix "unrecognized supposed constant" error"

Signed-off-by: Alexey Brodkin <abrodkin@synopsys.com>
Tested-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
7 years agogcc: arc: add patch to fix tst_movb pattern
Alexey Brodkin [Wed, 24 May 2017 15:39:19 +0000 (18:39 +0300)]
gcc: arc: add patch to fix tst_movb pattern

Fixes building of quagga [1]:

------------------------------>8---------------------------
839:1: error: unrecognizable insn:
 }
 ^
(insn 183 24 26 4 (set (reg:CC_ZN 61 cc)
        (and:SI (reg:SI 0 r0 [orig:192 _12->id.s_addr ] [192])
            (const_int -256 [0xffffffffffffff00]))) ospf_ri.c:790 -1
     (nil))
ospf_ri.c:839:1: internal compiler error: in extract_insn, at recog.c:2287
------------------------------>8---------------------------

[1] http://autobuild.buildroot.net/results/3c1/3c12c4609d4a77ab8ccd3ea94840884d70520efai

Signed-off-by: Alexey Brodkin <abrodkin@synopsys.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
7 years agotoolchain: Bump ARC tools to arc-2017.03 release
Alexey Brodkin [Tue, 23 May 2017 18:41:37 +0000 (21:41 +0300)]
toolchain: Bump ARC tools to arc-2017.03 release

This commit finally bumps ARC toolchain to arc-2017.03 release.
More info on this release could be found here:
https://github.com/foss-for-synopsys-dwc-arc-processors/toolchain/releases/tag/arc-2017.03

Note mentioned above web-page is not yet populated but should be very soon.
As a safe fall-back interested could refer to RC2 page here:
https://github.com/foss-for-synopsys-dwc-arc-processors/toolchain/releases/tag/arc-2017.03-rc2

Signed-off-by: Alexey Brodkin <abrodkin@synopsys.com>
Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
7 years agoDEVELOPERS: Remove Niranjan Reddy from cgroupfs-mount
Matt Weber [Wed, 24 May 2017 02:01:41 +0000 (21:01 -0500)]
DEVELOPERS: Remove Niranjan Reddy from cgroupfs-mount

He can re-add with a new email if he wants, but his
current Rockwell email will bounce.

Signed-off-by: Matt Weber <matt@thewebers.ws>
Acked-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
7 years agomono: remove copy of host etc files on install
Dustin Johnson [Wed, 15 Mar 2017 02:24:58 +0000 (22:24 -0400)]
mono: remove copy of host etc files on install

When the mono package is installed, the autotools installer installs
the /etc/mono files to the target. A post_install hook then copies
over the mono libraries to the target as well as the host /etc/mono
files which overrides the target files. The target specific mono
configuration file (/etc/mono/config) is overridden with the host
settings. This causes mono on the target to be unable to locate target
specific .so files as it overrides the changes enacted by the patches
for the package.

Signed-off-by: Dustin Johnson <dustin.r.johnson@gmail.com>
Tested-by: Angelo Compagnucci <angelo.compagnucci@gmail.com>
Reviewed-by: Angelo Compagnucci <angelo.compagnucci@gmail.com>
Acked-by: Angelo Compagnucci <angelo.compagnucci@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
7 years agolibepoxy: make EGL support optional
Thomas Petazzoni [Fri, 19 May 2017 19:22:40 +0000 (21:22 +0200)]
libepoxy: make EGL support optional

This commit adds a patch to the libepoxy package to make the EGL
support optional, which allows libepoxy to build with a pure OpenGL
Mesa3D configuration (i.e without EGL/OpenGLES).

Fixes:

  http://autobuild.buildroot.net/results/88774af2845e17cab021a72c8f3171fe30b3a1ff/

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
7 years agotoolchain: disable PIE for static build with musl
Baruch Siach [Mon, 22 May 2017 22:07:09 +0000 (01:07 +0300)]
toolchain: disable PIE for static build with musl

As mentioned in commit 3c93901bcd2 (toolchain: add hidden symbol for PIE
support), support for static PIE using musl requires a gcc patch[1]. Buildroot
doesn't carry this patch. Don't enable BR2_TOOLCHAIN_SUPPORTS_PIE in static
build with musl.

Fixes:
http://autobuild.buildroot.net/results/d19/d19bcfcfb33cc5f5b082b97bbd5852d479823b97/
http://autobuild.buildroot.net/results/91f/91f7c6954c337b03f5ac141050d9b1bee1623376/
http://autobuild.buildroot.net/results/996/996116da9241686110b9525eed08cc5acfd379a6/

[1] https://github.com/richfelker/musl-cross-make/blob/b854a42fc1ea19b8c4ec7104848f9d1a6d7995f0/patches/gcc-6.3.0/0010-static-pie-support.diff

Acked-by: Waldemar Brodkorb <wbx@openadk.org>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
7 years agopackage/c-icap: fix bzip2 configure option
Bernd Kuhls [Sun, 21 May 2017 21:41:17 +0000 (23:41 +0200)]
package/c-icap: fix bzip2 configure option

The configure option controlling bzip2 support got its current name in
2012 with its initial commit:

https://sourceforge.net/p/c-icap/code/890/#diff-2

This patch fixes the configure warning:

configure: WARNING: unrecognized options: [...] --without-bzip2

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
7 years agopackage/c-icap: fix berkeleydb configure option
Bernd Kuhls [Sun, 21 May 2017 21:41:16 +0000 (23:41 +0200)]
package/c-icap: fix berkeleydb configure option

The configure option controlling berkeleydb support got its current
name in 2009: https://sourceforge.net/p/c-icap/code/322/

This patch fixes a configure warning:

configure: WARNING: unrecognized options: [...] --without-berkeleydb, [...]

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
7 years agopackage/python-enum34: change setup type to setuptools
Bernd Kuhls [Sun, 21 May 2017 11:46:25 +0000 (13:46 +0200)]
package/python-enum34: change setup type to setuptools

With version 1.1.3 the project switched to setuptools:
https://bitbucket.org/stoneleaf/enum34/commits/589b4f9d2e733a32c6e67a1e7aa50f476920d121

Fixes
http://autobuild.buildroot.net/results/cb6/cb678ca9e57382a876f3f6034a47a4e2c59bc8d0/

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agolibminiupnpc: add upstream security fix for CVE-2017-8798
Peter Korsgaard [Fri, 19 May 2017 13:48:02 +0000 (15:48 +0200)]
libminiupnpc: add upstream security fix for CVE-2017-8798

CVE-2017-8798: Integer signedness error in MiniUPnP MiniUPnPc v1.4.20101221
through v2.0 allows remote attackers to cause a denial of service or
possibly have unspecified other impact.

For more details including a PoC, see:
https://github.com/tintinweb/pub/tree/master/pocs/cve-2017-8798

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agomariadb: security bump to version 10.1.23
Ryan Coe [Mon, 8 May 2017 15:37:16 +0000 (08:37 -0700)]
mariadb: security bump to version 10.1.23

Fixes:

CVE-2017-3302 - Crash in libmysqlclient.so in Oracle MySQL before 5.6.21 and
5.7.x before 5.7.5 and MariaDB through 5.5.54, 10.0.x through 10.0.29,
10.1.x through 10.1.21, and 10.2.x through 10.2.3.

CVE-2017-3313 - Vulnerability in the MySQL Server component of Oracle MySQL
(subcomponent: Server: MyISAM). Supported versions that are affected are
5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to
exploit vulnerability allows low privileged attacker with logon to the
infrastructure where MySQL Server executes to compromise MySQL Server.
Successful attacks of this vulnerability can result in unauthorized access
to critical data or complete access to all MySQL Server accessible data.

CVE-2017-3308 - Vulnerability in the MySQL Server component of Oracle MySQL
(subcomponent: Server: DML). Supported versions that are affected are 5.5.54
and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable"
vulnerability allows low privileged attacker with network access via
multiple protocols to compromise MySQL Server. While the vulnerability is
in MySQL Server, attacks may significantly impact additional products.
Successful attacks of this vulnerability can result in unauthorized
ability to cause a hang or frequently repeatable crash (complete DOS) of
MySQL Server.

CVE-2017-3309 - Vulnerability in the MySQL Server component of Oracle MySQL
(subcomponent: Server: Optimizer). Supported versions that are affected are
5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily
"exploitable" vulnerability allows low privileged attacker with network
access via multiple protocols to compromise MySQL Server. While the
vulnerability is in MySQL Server, attacks may significantly impact
additional products. Successful attacks of this vulnerability can result
in unauthorized ability to cause a hang or frequently repeatable crash
(complete DOS) of MySQL Server.

CVE-2017-3453 - Vulnerability in the MySQL Server component of Oracle MySQL
(subcomponent: Server: Optimizer). Supported versions that are affected are
5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily
"exploitable" vulnerability allows low privileged attacker with network
access via multiple protocols to compromise MySQL Server. Successful attacks
of this vulnerability can result in unauthorized ability to cause a hang or
frequently repeatable crash (complete DOS) of MySQL Server.

CVE-2017-3456 - Vulnerability in the MySQL Server component of Oracle MySQL
(subcomponent: Server: DML). Supported versions that are affected are 5.5.54
and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable"
vulnerability allows high privileged attacker with network access via
multiple protocols to compromise MySQL Server. Successful attacks of this
vulnerability can result in unauthorized ability to cause a hang or
frequently repeatable crash (complete DOS) of MySQL Server.

CVE-2017-3464 - Vulnerability in the MySQL Server component of Oracle MySQL
(subcomponent: Server: DDL). Supported versions that are affected are 5.5.54
and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable"
vulnerability allows low privileged attacker with network access via
multiple protocols to compromise MySQL Server. Successful attacks of this
vulnerability can result in unauthorized update, insert or delete access to
some of MySQL Server accessible data.

And a number of important, but non-security related fixes:

MDEV-12602: Fixed some race conditions in InnoDB encryption

MariaDB Backup alpha introduced

Galera wsrep library updated to 25.3.20

For details, see the release notes:
https://mariadb.com/kb/en/mariadb/mariadb-10123-release-notes/

[Peter: drop COPYING.LESSER and add a reference to the bugtracker issue
explaining why]
Signed-off-by: Ryan Coe <bluemrp9@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agodropbear: security bump to version 2017.75
Peter Korsgaard [Sat, 20 May 2017 15:15:48 +0000 (17:15 +0200)]
dropbear: security bump to version 2017.75

Fixes:

- CVE-2017-9078: A double-free in the server could be triggered by an
  authenticated user if dropbear is running with -a (Allow connections to
  forwarded ports from any host) This could potentially allow arbitrary code
  execution as root by an authenticated user.  Affects versions 2013.56 to
  2016.74.  Thanks to Mark Shepard for reporting the crash.

- CVE-2017-9079: Dropbear parsed authorized_keys as root, even if it were a
  symlink.  The fix is to switch to user permissions when opening
  authorized_keys.
  A user could symlink their ~/.ssh/authorized_keys to a root-owned file
  they couldn't normally read.  If they managed to get that file to contain
  valid authorized_keys with command= options it might be possible to read
  other contents of that file.  This information disclosure is to an already
  authenticated user.  Thanks to Jann Horn of Google Project Zero for
  reporting this.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agolinux: bump default version to 4.11.2
Peter Korsgaard [Sat, 20 May 2017 15:10:07 +0000 (17:10 +0200)]
linux: bump default version to 4.11.2

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agolinux-headers: bump 4.{4, 9, 10, 11}.x series
Peter Korsgaard [Sat, 20 May 2017 15:10:06 +0000 (17:10 +0200)]
linux-headers: bump 4.{4, 9, 10, 11}.x series

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agoDEVELOPERS: add myself to alsa-{lib, utils}
Bernd Kuhls [Sun, 21 May 2017 15:01:06 +0000 (17:01 +0200)]
DEVELOPERS: add myself to alsa-{lib, utils}

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
7 years agotoolchain: limit musl workaround to kernel headers 3.12+
Baruch Siach [Fri, 19 May 2017 04:20:37 +0000 (07:20 +0300)]
toolchain: limit musl workaround to kernel headers 3.12+

The libc-compat.h first appeared in kernel version 3.12. Trying to build a
musl toolchain using earlier headers leads to the following failure:

/bin/sed: can't read .../output/host/usr/arm-buildroot-linux-musleabi/sysroot/usr/include/linux/libc-compat.h: No such file or directory
package/pkg-generic.mk:266: recipe for target '.../output/build/toolchain/.stamp_staging_installed' failed

Don't apply the sed patch to older headers.

Reported-by: Florent Jacquet <florent.jacquet@free-electrons.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agocppcms: fix build on machines with libgpg-error installed
Thomas Petazzoni [Wed, 17 May 2017 21:53:21 +0000 (23:53 +0200)]
cppcms: fix build on machines with libgpg-error installed

In configuration where target architecture == host architecture, and
libgpg-error is installed system-wide with development files, the build
of cppcms fails with:

/home/test/buildroot/output/host/usr/bin/x86_64-amd-linux-gnu-g++  --sysroot=/home/test/buildroot/output/host/usr/x86_64-buildroot-linux-gnu/sysroot  -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -Os -Wall -Wextra  -DNDEBUG   CMakeFiles/base64_test.dir/tests/base64_test.cpp.o  -o base64_test  -L/home/test/buildroot/output/host/usr/x86_64-buildroot-linux-gnu/sysroot/usr/lib -Wl,-rpath,/home/test/buildroot/output/build/cppcms-1.0.5:/home/test/buildroot/output/build/cppcms-1.0.5/booster:/usr/lib -rdynamic libcppcms.so.1.0.5 booster/libbooster.so.0.0.3 -lpthread /home/test/buildroot/output/host/usr/x86_64-buildroot-linux-gnu/sysroot/usr/lib/libpcre.so /home/test/buildroot/output/host/usr/x86_64-buildroot-linux-gnu/sysroot/usr/lib/libgcrypt.so /home/test/buildroot/output/host/usr/x86_64-buildroot-linux-gnu/sysroot/usr/lib/libdl.so /home/test/buildroot/output/host/usr/x86_64-buildroot-linux-gnu/sysroot/usr/lib/libz.so
/home/test/buildroot/output/host/usr/x86_64-buildroot-linux-gnu/sysroot/usr/lib/libgcrypt.so: undefined reference to `gpg_err_set_errno@GPG_ERROR_1.0'
/home/test/buildroot/output/host/usr/x86_64-buildroot-linux-gnu/sysroot/usr/lib/libgcrypt.so: undefined reference to `gpgrt_lock_init@GPG_ERROR_1.0'
/home/test/buildroot/output/host/usr/x86_64-buildroot-linux-gnu/sysroot/usr/lib/libgcrypt.so: undefined reference to `gpgrt_lock_destroy@GPG_ERROR_1.0'
/home/test/buildroot/output/host/usr/x86_64-buildroot-linux-gnu/sysroot/usr/lib/libgcrypt.so: undefined reference to `gpg_err_code_from_syserror@GPG_ERROR_1.0'
/home/test/buildroot/output/host/usr/x86_64-buildroot-linux-gnu/sysroot/usr/lib/libgcrypt.so: undefined reference to `gpg_err_code_from_errno@GPG_ERROR_1.0'
/home/test/buildroot/output/host/usr/x86_64-buildroot-linux-gnu/sysroot/usr/lib/libgcrypt.so: undefined reference to `gpgrt_lock_unlock@GPG_ERROR_1.0'
/home/test/buildroot/output/host/usr/x86_64-buildroot-linux-gnu/sysroot/usr/lib/libgcrypt.so: undefined reference to `gpg_strerror@GPG_ERROR_1.0'
/home/test/buildroot/output/host/usr/x86_64-buildroot-linux-gnu/sysroot/usr/lib/libgcrypt.so: undefined reference to `gpg_strsource@GPG_ERROR_1.0'
/home/test/buildroot/output/host/usr/x86_64-buildroot-linux-gnu/sysroot/usr/lib/libgcrypt.so: undefined reference to `gpgrt_lock_lock@GPG_ERROR_1.0'

The problem comes from the
"-Wl,-rpath,/home/test/buildroot/output/build/cppcms-1.0.5:/home/test/buildroot/output/build/cppcms-1.0.5/booster:/usr/lib"
option, which tells the linker to search for libraries in /usr/lib.

This commit fixes that by asking CMake to not add any rpath when
building cppcms.

Fixes:

  http://autobuild.buildroot.net/results/a7eb1ede552ae14f409cfd7bd877bcf25ca69a74/

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Reviewed-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agooracle-mysql: add patch to fix gcc 6.x build issue
Thomas Petazzoni [Wed, 17 May 2017 20:24:14 +0000 (22:24 +0200)]
oracle-mysql: add patch to fix gcc 6.x build issue

Fixes:

 http://autobuild.buildroot.net/results/61074b69b81cd5c17a7f74dc1f7b31f3fc35fd8a/

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
7 years agosupport/testing: simplify logging by keeping the log file open
Luca Ceresoli [Wed, 10 May 2017 21:33:46 +0000 (23:33 +0200)]
support/testing: simplify logging by keeping the log file open

We currently call infra.smart_open() to open log files each time we
need to write to them.

Opening the file once in the constructor of Builder and Emulator and
writing to it whenever needed is simpler and slightly more efficient.

Remove smart_open and instead create a new open_log_file() function
which just opens the logfile. Also let it compute the filename, in
order to simplify even further the Builder and Emulator code.

Signed-off-by: Luca Ceresoli <luca@lucaceresoli.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
7 years agosupport/testing/run-tests: help: put the one-letter form before the long form
Luca Ceresoli [Tue, 16 May 2017 20:45:31 +0000 (22:45 +0200)]
support/testing/run-tests: help: put the one-letter form before the long form

This is what the manpages usually do, and what Python does with the
automatically-added -h/--help parameter:

Before the change:
  $ ./support/testing/run-tests
    [...]
  optional arguments:
    -h, --help            show this help message and exit
    --list, -l            list of available test cases
    --all, -a             execute all test cases

After the change:
  $ ./support/testing/run-tests
    [...]
  optional arguments:
    -h, --help            show this help message and exit
    -l, --list            list of available test cases
    -a, --all             execute all test cases

Signed-off-by: Luca Ceresoli <luca@lucaceresoli.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
7 years agosupport/testing: document get_elf_prog_interpreter
Luca Ceresoli [Tue, 16 May 2017 20:45:30 +0000 (22:45 +0200)]
support/testing: document get_elf_prog_interpreter

Signed-off-by: Luca Ceresoli <luca@lucaceresoli.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
7 years agosupport/testing: rename check_broken_links to has_broken_links
Luca Ceresoli [Tue, 16 May 2017 20:45:29 +0000 (22:45 +0200)]
support/testing: rename check_broken_links to has_broken_links

has_broken_links makes it self-explanatory that this is a predicate
function, and that the return value tells whether there _are_ broken
links, not the opposite.

Signed-off-by: Luca Ceresoli <luca@lucaceresoli.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
7 years agognutls: bump version to 3.5.12
Peter Korsgaard [Wed, 17 May 2017 13:03:11 +0000 (15:03 +0200)]
gnutls: bump version to 3.5.12

For details, see the release notes:

https://lists.gnupg.org/pipermail/gnutls-devel/2017-May/008427.html
https://lists.gnupg.org/pipermail/gnutls-devel/2017-April/008393.html

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
7 years agofbgrab: explicitly build fbgrab target to workaround gzip issue
Peter Korsgaard [Wed, 17 May 2017 14:52:51 +0000 (16:52 +0200)]
fbgrab: explicitly build fbgrab target to workaround gzip issue

Fixes #9871

gzip reads default command line options from the environment variable GZIP.
The fbgrab Makefile internally also uses a GZIP make variable to know what
command to use to compress the manpage. Unfortunaly make will export the
value of this make variable to the environment if GZIP is already present in
the enviroment, confusing gzip (as 'gzip' isn't a valid command line argument).

This can either be triggered by users having GZIP set in their environment
(E.G.  for custom options), or by enabling BR2_REPRODUCIBLE, where we use
this feature to force the -n option (to not store name/timestamp) to gzip.

We don't really need to compress the manpage as it isn't installed anyway,
so work around the issue by only building the fbgrab application.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
7 years agontp: add patch to fix -fPIC issue
Thomas Petazzoni [Wed, 17 May 2017 19:45:04 +0000 (21:45 +0200)]
ntp: add patch to fix -fPIC issue

This commit adds a patch that fixes the build on AArch64 and MIPS of the
ntp package, which was caused by some parts of ntp being built without
-fPIC.

Fixes:

  [aarch64] http://autobuild.buildroot.net/results/866b1d28595efd8b6becf83d0a64b596538d58b0
  [mips]    http://autobuild.buildroot.net/results/c2a945855172970736a8ffea9c564f029a023344

Thanks to Romain Naour for the initial analysis.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
7 years agolibqmi: move canonicalize_file_name()
Matt Weber [Mon, 15 May 2017 02:26:00 +0000 (21:26 -0500)]
libqmi: move canonicalize_file_name()

Previously was defined in qmi-util.h to fix musl
compatibility.  It was missed that this is a shared
header which causes other dependent package builds
to fail, so the static definition was moved into the
implementation where it was used.

Upstream bug report has been updated and this resolves
the following autobuilder related failures.

 http://autobuild.buildroot.net/results/fe9b6b1b1399a4e8aafc6a326c81ec97c2480025
 http://autobuild.buildroot.net/results/40eef797b4d8d53fc6e10f2048316d63549caf6d

test-pkg testing was performed against 10 random toolchains

++ Config snippet ++
BR2_ROOTFS_DEVICE_CREATION_DYNAMIC_EUDEV=y
BR2_PACKAGE_MODEM_MANAGER_LIBQMI=y
BR2_PACKAGE_MODEM_MANAGER=y
BR2_PACKAGE_LIBQMI=y

++ Tested Toolchains ++ (Verified I hit all libc variants)
br-arm-cortex-a9-musl
br-arm-full-static
br-m68k-68040-full    (uclibc)
br-mips32r6-el-hf-glibc
br-mips64-n64-full
br-mips64r6-el-hf-glibc
br-mipsel-o32-full
br-sparc64-glibc
linaro-arm
sourcery-arm

Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Tested-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
7 years agopackage/pulseview: fix a build issue
Bartosz Golaszewski [Wed, 17 May 2017 10:10:00 +0000 (12:10 +0200)]
package/pulseview: fix a build issue

Backport an upstream patch fixing the build issue related to boost
math definitions.

Fixes:
http://autobuild.buildroot.net/results/e9f/e9f3f175e203529c44ecf92a34b82a0b3a473e34/

Signed-off-by: Bartosz Golaszewski <brgl@bgdev.pl>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agorabbitmq-c: openssl/popt sub-options don't work in static linking
Thomas Petazzoni [Sun, 14 May 2017 21:22:42 +0000 (23:22 +0200)]
rabbitmq-c: openssl/popt sub-options don't work in static linking

rabbitmq-c currently fails to build in a number of static linking
situations, due to two issues:

 - CMake FindOpenSSL module is buggy. Even though it uses pkg-config,
   it doesn't use the information returned by pkg-config, and
   therefore doesn't know about second order libraries that need be
   part of the link for static linking to succeed. Due to this, -lz is
   not passed, and therefore rabbitmq-c fails when linking against
   libssl/libcrypto. This issue has been reported to upstream CMake at
   https://gitlab.kitware.com/cmake/cmake/issues/16885.

 - popt might use libintl, but CMake doesn't know about that. For
   autotools based packages, we typically work around this by passing
   LIBS=, but CMake apparently has no equivalent to LIBS=.

To workaround this, we only use the OpenSSL and Popt optional
dependencies in dynamic linking situations.

Fixes:

  http://autobuild.buildroot.net/results/798dbe5e5fd0463bb2066cb115656795144c327f/

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agoUpdate for 2017.05-rc2
Peter Korsgaard [Wed, 17 May 2017 08:27:16 +0000 (10:27 +0200)]
Update for 2017.05-rc2

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agoqt5declarative: fix examples compile without OpenGL support
Peter Seiderer [Tue, 16 May 2017 18:52:01 +0000 (20:52 +0200)]
qt5declarative: fix examples compile without OpenGL support

Fixes [1]:

   main.cpp:(.text._ZN11QQmlPrivate10createIntoI6FbItemEEvPv[_ZN11QQmlPrivate10createIntoI6FbItemEEvPv]+0x18): undefined reference to `QQuickFramebufferObject::QQuickFramebufferObject(QQuickItem*)'
   .obj/main.o: In function `QQmlPrivate::QQmlElement<FbItem>::~QQmlElement()':
   main.cpp:(.text._ZN11QQmlPrivate11QQmlElementI6FbItemED2Ev[_ZN11QQmlPrivate11QQmlElementI6FbItemED5Ev]+0x5c): undefined reference to `vtable for QQuickFramebufferObject'
   .obj/main.o: In function `QQmlPrivate::QQmlElement<FbItem>::~QQmlElement()':
   main.cpp:(.text._ZN11QQmlPrivate11QQmlElementI6FbItemED0Ev[_ZN11QQmlPrivate11QQmlElementI6FbItemED0Ev]+0x64): undefined reference to `vtable for QQuickFramebufferObject'
   .obj/main.o:(.data.rel.ro._ZTVN11QQmlPrivate11QQmlElementI6FbItemEE[_ZTVN11QQmlPrivate11QQmlElementI6FbItemEE]+0x48): undefined reference to `QQuickFramebufferObject::isTextureProvider() const'
   .obj/main.o:(.data.rel.ro._ZTVN11QQmlPrivate11QQmlElementI6FbItemEE[_ZTVN11QQmlPrivate11QQmlElementI6FbItemEE]+0x4c): undefined reference to `QQuickFramebufferObject::textureProvider() const'
   .obj/main.o:(.data.rel.ro._ZTVN11QQmlPrivate11QQmlElementI6FbItemEE[_ZTVN11QQmlPrivate11QQmlElementI6FbItemEE]+0xb4): undefined reference to `QQuickFramebufferObject::geometryChanged(QRectF const&, QRectF const&)'
   .obj/main.o:(.data.rel.ro._ZTVN11QQmlPrivate11QQmlElementI6FbItemEE[_ZTVN11QQmlPrivate11QQmlElementI6FbItemEE]+0xb8): undefined reference to `QQuickFramebufferObject::updatePaintNode(QSGNode*, QQuickItem::UpdatePaintNodeData*)'
   .obj/main.o:(.data.rel.ro._ZTVN11QQmlPrivate11QQmlElementI6FbItemEE[_ZTVN11QQmlPrivate11QQmlElementI6FbItemEE]+0xbc): undefined reference to `QQuickFramebufferObject::releaseResources()'
   .obj/moc_fbitem.o: In function `FbItem::qt_metacast(char const*)':
   moc_fbitem.cpp:(.text+0x70): undefined reference to `QQuickFramebufferObject::qt_metacast(char const*)'
   .obj/moc_fbitem.o: In function `FbItem::qt_metacall(QMetaObject::Call, int, void**)':
   moc_fbitem.cpp:(.text+0x80): undefined reference to `QQuickFramebufferObject::qt_metacall(QMetaObject::Call, int, void**)'
   .obj/moc_fbitem.o: In function `FbItem::~FbItem()':
   moc_fbitem.cpp:(.text._ZN6FbItemD2Ev[_ZN6FbItemD5Ev]+0x38): undefined reference to `vtable for QQuickFramebufferObject'
   .obj/moc_fbitem.o: In function `FbItem::~FbItem()':
   moc_fbitem.cpp:(.text._ZN6FbItemD0Ev[_ZN6FbItemD0Ev]+0x40): undefined reference to `vtable for QQuickFramebufferObject'
   .obj/moc_fbitem.o:(.data.rel.ro+0x8): undefined reference to `typeinfo for QQuickFramebufferObject'
   .obj/moc_fbitem.o:(.data.rel.ro+0x58): undefined reference to `QQuickFramebufferObject::isTextureProvider() const'
   .obj/moc_fbitem.o:(.data.rel.ro+0x5c): undefined reference to `QQuickFramebufferObject::textureProvider() const'
   .obj/moc_fbitem.o:(.data.rel.ro+0xc4): undefined reference to `QQuickFramebufferObject::geometryChanged(QRectF const&, QRectF const&)'
   .obj/moc_fbitem.o:(.data.rel.ro+0xc8): undefined reference to `QQuickFramebufferObject::updatePaintNode(QSGNode*, QQuickItem::UpdatePaintNodeData*)'
   .obj/moc_fbitem.o:(.data.rel.ro+0xcc): undefined reference to `QQuickFramebufferObject::releaseResources()'
   .obj/moc_fbitem.o:(.data.rel.ro+0xf0): undefined reference to `QQuickFramebufferObject::staticMetaObject'

[1] http://autobuild.buildroot.net/results/64a/64a198397736db12b73c1f693dbe1c47d73b53da

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agoprotobuf: link with libatomic when needed
Thomas Petazzoni [Mon, 15 May 2017 20:38:32 +0000 (22:38 +0200)]
protobuf: link with libatomic when needed

The protobuf library uses atomic intrinsics, so we need to link
against libatomic.

Fixes the build of protobuf on Sparc:

  http://autobuild.buildroot.net/results/f3d76eaebd529a61bce849e355182c60f233ed06/

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agogcc: drop unused legacy arc-2016.09 patch
Peter Korsgaard [Tue, 16 May 2017 19:24:02 +0000 (21:24 +0200)]
gcc: drop unused legacy arc-2016.09 patch

This was forgotten when the arc toolchain version was bumped.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agopackage/boost: disable boost-locale for static only build with icu
Romain Naour [Sun, 14 May 2017 21:45:56 +0000 (23:45 +0200)]
package/boost: disable boost-locale for static only build with icu

Boost fails to build with the following error:

error: Tried to build the target twice, with property sets having
error: these incompatible properties:
error:
error:     -  <runtime-link>static <warnings>all
error:     -  <runtime-link>shared <warnings>on

when the following conditions are met:

 - BR2_STATIC_LIBS=y
 - BR2_PACKAGE_ICU=y
 - BR2_PACKAGE_BOOST_LOCALE=y
 - Another BR2_PACKAGE_BOOST_xyz option is enabled, which enables a
   feature not provided just by header files, but that requires
   building a library.

In such a situation, Boost absolutely wants to build the libboost
libraries as shared libraries. Not having boost-locale, or not having
icu is sufficient to avoid the issue.

So, as a simple work-around, we prevent from building boost-locale
when icu and static linking are used.

Fixes:

  http://autobuild.buildroot.net/results/c8f7aa85f5791d8ae8cf4b9085788adc5152286f/

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Yegor Yefremov <yegorslists@googlemail.com>
Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
[Thomas:
 - only disable boost-locale when icu is enabled
 - improve commit log]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
7 years agofxload: disable on Microblaze
Thomas Petazzoni [Tue, 16 May 2017 07:38:38 +0000 (09:38 +0200)]
fxload: disable on Microblaze

gcc on Microblaze is affected by PR63261, which causes a build failure
when optimization *and* debugging symbols are enabled. Since anyway
fxload is unlikely to be useful on Microblaze, let's disable this
package on this architecture.

Fixes:

  http://autobuild.buildroot.net/results/24640a042d84f45339246c0a18e10905494b2199/

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
7 years agortmpdump: security bump to current HEAD
Peter Korsgaard [Mon, 15 May 2017 15:32:29 +0000 (17:32 +0200)]
rtmpdump: security bump to current HEAD

Fixes:

- CVE-2015-8271: The AMF3CD_AddProp function in amf.c in RTMPDump 2.4 allows
  remote RTMP Media servers to execute arbitrary code
  https://www.talosintelligence.com/reports/TALOS-2016-0067/

- CVE-2015-8272: RTMPDump 2.4 allows remote attackers to trigger a denial of
  service (NULL pointer dereference and process crash).
  https://www.talosintelligence.com/reports/TALOS-2016-0068/

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
7 years agogit: security bump to version 2.12.3
Peter Korsgaard [Mon, 15 May 2017 14:44:47 +0000 (16:44 +0200)]
git: security bump to version 2.12.3

Fixes CVE-2017-8386 - Git Shell Bypass By Abusing Less

For more details, see:
https://insinuator.net/2017/05/git-shell-bypass-by-abusing-less-cve-2017-8386/
http://www.mail-archive.com/git@vger.kernel.org/msg120982.html

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
7 years agorpcbind: add upstream security fix for CVE-2017-8779
Peter Korsgaard [Mon, 15 May 2017 21:01:24 +0000 (23:01 +0200)]
rpcbind: add upstream security fix for CVE-2017-8779

CVE-2017-8779: rpcbind through 0.2.4, LIBTIRPC through 1.0.1 and 1.0.2-rc
through 1.0.2-rc3, and NTIRPC through 1.4.3 do not consider the maximum RPC
data size during memory allocation for XDR strings, which allows remote
attackers to cause a denial of service (memory consumption with no
subsequent free) via a crafted UDP packet to port 111, aka rpcbomb.

For more details, see:
https://guidovranken.wordpress.com/2017/05/03/rpcbomb-remote-rpcbind-denial-of-service-patches/

Backport upstream fix to version 0.2.3 and unconditionally include syslog.h
to fix a build issue when RPCBIND_DEBUG is disabled (which it is in
Buildroot).

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
7 years agopackage/x11vnc: fix build issue with --without-ssl
Romain Naour [Mon, 15 May 2017 20:28:50 +0000 (22:28 +0200)]
package/x11vnc: fix build issue with --without-ssl

Fixes:
http://autobuild.buildroot.net/results/873/873ed8f2ade1d969abdff15b7b6d63e04819af9a

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
7 years agophp: bump version to 7.1.5
Vicente Olivert Riera [Fri, 12 May 2017 12:45:14 +0000 (13:45 +0100)]
php: bump version to 7.1.5

Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agopackage/faketime: fix build with gcc >= 6
Romain Naour [Sun, 14 May 2017 21:26:43 +0000 (23:26 +0200)]
package/faketime: fix build with gcc >= 6

Upstream added -Wno-nonnull-compare to disable this error [1].

Fixes:
libfaketime.c:513:7: error : nonnull argument « buf » compared to NULL [-Werror=nonnull-compare]
    if (buf != NULL)
       ^
[1] https://github.com/wolfcw/libfaketime/commit/47e958b753fc15098a2b7d0e9ef26b83ee255874

[Peter: add upstream git commit id to patch]
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agoffmpeg: bump version to 3.3.1
Vicente Olivert Riera [Mon, 15 May 2017 12:25:43 +0000 (13:25 +0100)]
ffmpeg: bump version to 3.3.1

Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agogcc: arc-2017.03-rc2: Fix "unrecognized supposed constant" error
Alexey Brodkin [Mon, 15 May 2017 15:56:57 +0000 (18:56 +0300)]
gcc: arc-2017.03-rc2: Fix "unrecognized supposed constant" error

This fixes the following problem:
------------------------------------>8--------------------------------
arc-linux-gcc -c -Os -fPIC iso9660.i
iso9660.c: In function 'strip_trail':
iso9660.c:155:1: error: unrecognized supposed constant
 }
 ^
(unspec:SI [
        (symbol_ref:SI ("*.LANCHOR1") [flags 0x182])
    ] ARC_UNSPEC_GOTOFFPC)
iso9660.c:155:1: internal compiler error: in arc_legitimate_constant_p, at config/arc/arc.c:6028
------------------------------------>8--------------------------------

Found by Buildroot autobuilder [1].

The fix [2] is in arc-2017.03 development branch of ARC GCC and once it
becomes a part the next release of ARC tools this should be removed
from Buildroot.

[1] http://autobuild.buildroot.net/results/c90/c909e8c397ab972b6aa4d370572cad4fae284d00/build-end.log
[2] https://github.com/foss-for-synopsys-dwc-arc-processors/gcc/commit/139fed9d29ab935b3bc5159c0bdf7b8b8a39442d

Signed-off-by: Alexey Brodkin <abrodkin@synopsys.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agolinux: bump default version to 4.11.1
Vicente Olivert Riera [Mon, 15 May 2017 11:36:12 +0000 (12:36 +0100)]
linux: bump default version to 4.11.1

Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agolinux-headers: bump 4.{4, 9, 10, 11}.x series
Vicente Olivert Riera [Mon, 15 May 2017 11:36:11 +0000 (12:36 +0100)]
linux-headers: bump 4.{4, 9, 10, 11}.x series

Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agolibv4l: add patch to link qv4l2 tool with librt
Thomas Petazzoni [Sun, 14 May 2017 20:06:26 +0000 (22:06 +0200)]
libv4l: add patch to link qv4l2 tool with librt

The qv4l2 tool in libv4l uses clock_gettime(), so it should link
against librt to build properly with old versions of glibc. Therefore,
we add a patch to libv4l to fix this issue. Autoreconfiguring libv4l
is now necessary since the patch touches Makefile.am.

Fixes:

  http://autobuild.buildroot.net/results/5dff0ec19205e02f6ee373d34cb79f39ac25b609/

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
7 years agopackage/bluez_utils: select BR2_PACKAGE_CHECK
Romain Naour [Sun, 14 May 2017 19:55:18 +0000 (21:55 +0200)]
package/bluez_utils: select BR2_PACKAGE_CHECK

Commit [1] added check package to bluez_utils dependencies without
selecting it at Kconfig level.

Fixes:
Makefile:535: *** check is in the dependency chain of bluez_utils that has added it to its _DEPENDENCIES variable without selecting it or depending on it from Config.in.

[1] 8554be9f82301282161cf6310bacdb6067fefb16

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
7 years agopackage/opencv3: disable explicitly lapack support
Romain Naour [Sun, 14 May 2017 18:26:55 +0000 (20:26 +0200)]
package/opencv3: disable explicitly lapack support

lapack support is enabled by default but the opencv3.mk doesn't handle
this dependency yet.

Fixes:
http://autobuild.buildroot.net/results/c8a/c8a25af38c405594722b44aef34e5e4c549639db

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Samuel Martin <s.martin49@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
7 years agopackage/bluez_utils: fix test build issues with musl
Romain Naour [Sat, 13 May 2017 17:10:09 +0000 (19:10 +0200)]
package/bluez_utils: fix test build issues with musl

Add one missing header and avoid encrypt redefinition.

Fixes:
http://autobuild.buildroot.net/results/06c/06c930d9c5299b79500d018ac3fb2861ce834c7c/

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
7 years agopackage/bluez_utils: add missing check dependency for test program
Romain Naour [Sat, 13 May 2017 17:10:08 +0000 (19:10 +0200)]
package/bluez_utils: add missing check dependency for test program

Tests are enabled since this has been introduced [1], so keep
them for now.

bluez_utils needs check tool and check if it's available [2].

[1] 06c3e2159686a886e52b2522a47e60c300cfb7f7
[2] https://git.kernel.org/pub/scm/bluetooth/bluez.git/tree/configure.ac?h=4.101#n51

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
7 years agopackage/bluez_utils: add missing host-pkgconf dependency
Romain Naour [Sat, 13 May 2017 17:10:07 +0000 (19:10 +0200)]
package/bluez_utils: add missing host-pkgconf dependency

The configure script use pkg-config.

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Yegor Yefremov <yegorslists@googlemail.com>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
7 years agopackage/binutils: finalize the bump ARC tools to arc-2017.03-rc2
Romain Naour [Sun, 14 May 2017 10:49:56 +0000 (12:49 +0200)]
package/binutils: finalize the bump ARC tools to arc-2017.03-rc2

The commit bumping ARC tools to arc-2017.03-rc2 [1] forgot to
update the ARC tools version in binutils.mk

[1] 043737282010f83e8ec20618a034131bc7e8cae1

Fixes:
http://autobuild.buildroot.net/results/f9c/f9c40610209fc22ac8c0db6bd57bd3b11bbe6d9c

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Alexey Brodkin <abrodkin@synopsys.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
7 years ago.gitlab-ci.yml: regenerate after snps_archs38_zebu_defconfig rename
Thomas Petazzoni [Sun, 14 May 2017 11:56:38 +0000 (13:56 +0200)]
.gitlab-ci.yml: regenerate after snps_archs38_zebu_defconfig rename

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
7 years agoopenblas: SPARC support is for Sparc v9
Thomas Petazzoni [Sat, 13 May 2017 14:09:53 +0000 (16:09 +0200)]
openblas: SPARC support is for Sparc v9

Makefile.sparc in the openblas source code passes -mcpu=v9, i.e it
assumes a SPARCv9 CPU. Therefore, this commit adjusts openblas
Config.in file so that SPARC is only used for BR2_sparc_v9.

Fixes:

  http://autobuild.buildroot.net/results/805087e87b8bb7d11adb49d9eca3959a37aca3a2/

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
7 years agolibcdio: disable on ARC, triggers a toolchain bug
Thomas Petazzoni [Sat, 13 May 2017 13:33:35 +0000 (15:33 +0200)]
libcdio: disable on ARC, triggers a toolchain bug

libcdio doesn't build on ARC, with the following compiler error:

iso9660.c:155:1: error: unrecognized supposed constant
[...]
iso9660.c:155:1: internal compiler error: in arc_legitimate_constant_p, at config/arc/arc.c:6028
Please submit a full bug report,

Since this has been happening for a while and is quite noisy in the
autobuilders results, we disable this package on ARC.

Fixes:

  http://autobuild.buildroot.net/results/e837737abaea851bea428a35ea9d3395a6565c54/

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
7 years agopackage/mke2img: check nb_blocks is specified
Yann E. MORIN [Mon, 1 May 2017 15:58:37 +0000 (17:58 +0200)]
package/mke2img: check nb_blocks is specified

Since we do not have autocalculation anymore, the user must specify the
exact number of blocks.

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
7 years agoradvd: fix build with 4.11 kernel headers
Thomas Petazzoni [Thu, 11 May 2017 07:37:50 +0000 (09:37 +0200)]
radvd: fix build with 4.11 kernel headers

Since the introduction of 4.11 kernel headers in Buildroot, radvd has
failed to build with all toolchains using this kernel header version.

The issue comes from the fact that radvd includes both <net/if_arp.h>
and <linux/if_arp.h> if they are available. Until 4.11,
<linux/if_arp.h> was in fact not included, because the
AC_CHECK_HEADERS() test concluded this header was unsuitable. This has
been fixed in the upstream kernel by commit
2618be7dccf8739b89e1906b64bd8d551af351e6 ("uapi: fix linux/if.h
userspace compilation errors"). So now, the radvd configure script
considers both <net/if_arp.h> and <linux/if_arp.h> as suitable
headers, and includes both of them, leading to the duplicate
definition of various types.

Since it's redundant to include both <net/if_arp.h> and
<linux/if_arp.h>, we simply force radvd to believe that
<linux/if_arp.h> is not available by passing the appropriate autoconf
cache variable. This gets us back to the previous situation, where
<linux/if_arp.h> was never used.

This has been tested with a uClibc toolchain using 4.11 kernel
headers, and verified to work on glibc and musl with older kernel
headers as well.

Fixes:

  http://autobuild.buildroot.net/results/949a75d96299394e4ac957746fa23a4b52f31b43/

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
7 years agocore/download: fix source check for git method
Yann E. MORIN [Fri, 12 May 2017 15:54:29 +0000 (17:54 +0200)]
core/download: fix source check for git method

Running foo-source-check on packages retrieved from git fails.

This is because there is no associated stamp file, so we do not have a
rule-assignment that sets PKG for foo-source-check.

But it does not make sense to have a stamp file at all, because
source-check is not supposed to change anything: the status after is
exactly the same as before; nothing is downlaoded, so there is no
progress (whatsoever) to memorise.

Fix that by just defining PKG in the source-check rule definition.

Fixes #9796.

Reported-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
7 years agopackage/odroid-scripts: relax dependencies to include armeb
Yann E. MORIN [Fri, 12 May 2017 19:15:09 +0000 (21:15 +0200)]
package/odroid-scripts: relax dependencies to include armeb

odroid-scripts are just scripts, so they should also work on a armeb
board.

Besides, odroid-mali selects it, but it only depends on arm-eabihf,
which means armeb is not ruled out.

Fixes unmet dependencies (with BR2_armeb=y):
    warning: (BR2_PACKAGE_ODROID_MALI) selects BR2_PACKAGE_ODROID_SCRIPTS
    which has unmet direct dependencies(BR2_aarch64 || BR2_arm)

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Dagg Stompler <daggs@gmx.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
7 years agotoolchain: Bump ARC tools to arc-2017.03-rc2
Alexey Brodkin [Fri, 12 May 2017 18:31:04 +0000 (21:31 +0300)]
toolchain: Bump ARC tools to arc-2017.03-rc2

This commit bumps ARC toolchain to arc-2017.03-rc2

Please note that it is a release candidate and it might contain some
breakages, please don't use it for production builds.

Signed-off-by: Alexey Brodkin <abrodkin@synopsys.com>
Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
7 years agopackage/gpsd: do not interact with systemd on install
Yann E. MORIN [Sat, 13 May 2017 08:27:36 +0000 (10:27 +0200)]
package/gpsd: do not interact with systemd on install

When building on a systemd-based host for a systemd-based target, gpsd's
buildsystem will try to tell systemd to reload the its configuration and
recreate the entire dependency tree of services.

Of course, this can not work when run as a user:
    >>> gpsd 3.16 Installing to target
    ==== AUTHENTICATING FOR org.freedesktop.systemd1.reload-daemon ===
    Authentication is required to reload the systemd state.
    Authenticating as: root
    Password:

In fact, this does not even mean anything in cross-compilation.

Fortunately, upstream has already fixed their sin, so we backport it
(tweaked to apply onto 3.16).

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
7 years agopackage/uclibc-ng-test: disable tst-cond22 with glibc based toolchain
Romain Naour [Sat, 13 May 2017 12:36:36 +0000 (14:36 +0200)]
package/uclibc-ng-test: disable tst-cond22 with glibc based toolchain

uclibc-ng-test is broken with glibc 2.25 due to pthread_cond_t changes
introduced by [1].
Waldemar has disabled this test (tst-cond22) with glibc based toolchain
[2] but the current uclibc-ng-test package doesn't contain this patch.

So here it is.

Fixes:
[nios2] http://autobuild.buildroot.net/results/d61c8d169fc070271114a515159650f7a0f333c0
[arm] http://autobuild.buildroot.net/results/22295711046c519df44d5d976e0bfcae1f006e5a

[1] https://sourceware.org/git/?p=glibc.git;a=commit;h=ed19993b5b0d05d62cc883571519a67dae481a14
[2] https://gogs.waldemar-brodkorb.de/linux/uclibc-ng-test/commit/787e584f18afc967d91cfe1a8443df2657579ecb

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Waldemar Brodkorb <wbx@openadk.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
7 years agopackage/vlc: security bump to version 2.2.5.1
Bernd Kuhls [Sat, 13 May 2017 10:52:50 +0000 (12:52 +0200)]
package/vlc: security bump to version 2.2.5.1

This release contains "various security improvements in demuxers and
decoders".
Release notes: http://www.videolan.org/vlc/releases/2.2.5.html

Added all hashes provided by upstream.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
7 years agopackage/opencv3: regenerate patch without renames
Thomas Petazzoni [Fri, 12 May 2017 09:48:00 +0000 (11:48 +0200)]
package/opencv3: regenerate patch without renames

Patch using renames are not properly handled by patch < 2.7, which
some users (including autobuilder instances) might be using. Such
renames are silently ignored by old patch versions, caused strange
build failures due to the missed renames.

This patch fixes this by regenerating the patch without renames.

Fixes:

  http://autobuild.buildroot.net/results/347d8fd2e286b3e4e5e18743e64d862bdb66dbb9/

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
7 years agopackage/opencv3: fix build for x86_64 target
Samuel Martin [Thu, 4 May 2017 21:53:33 +0000 (23:53 +0200)]
package/opencv3: fix build for x86_64 target

This change backports a fix from upstream fixing missing symbols due to
wrong compiler optimization flags.

On Buildroot side, also remove deprecated options passed on the
configure command.

Fixes:
  http://autobuild.buildroot.net/results/af950c6172a578c4eeeb9440b6990ceb48263fa6/
  http://autobuild.buildroot.net/results/e8832302cd4f30cec076f67965f6aacbaca5b955/

Cc: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Samuel Martin <s.martin49@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
7 years agokvm-unit-tests: fix build on x86-64 with specific gcc versions
Thomas Petazzoni [Mon, 8 May 2017 20:41:43 +0000 (22:41 +0200)]
kvm-unit-tests: fix build on x86-64 with specific gcc versions

kvm-unit-tests uses the following code on x86/x86-64:

static inline u64 scale_delta(u64 delta, u64 mul_frac)
{
        u64 product, unused;

        __asm__ (
                "mul %3"
                : "=d" (product), "=a" (unused) : "1" (delta), "rm" ((u64)mul_frac) );

        return product;
}

The "mul" instruction does not have a suffix that indicates the width of
the data being multiplied. When the data is passed in a register, there
is no need to specify the width, but with some gcc versions, the data is
passed as a memory reference, and therefore the assembler does not know
the width of the data to be multiplied. It causes the following build
failure:

x86/hyperv_clock.c: Assembler messages:
x86/hyperv_clock.c:21: Error: no instruction mnemonic suffix given and no register operands; can't size instruction

Since the data being multiplied is 64 bit, we explicitly specify the
instruction as being "mulq".

Fixes:

  http://autobuild.buildroot.net/results/a4a65d01f049db83a93de92660f228dd18532625/

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
7 years agopackage/espeak: add comment to ignore 'unmet dependencies'
Yann E. MORIN [Sun, 7 May 2017 20:38:56 +0000 (22:38 +0200)]
package/espeak: add comment to ignore 'unmet dependencies'

On master 86b4eeccc4, espeak can generate spurious 'unmet dependencies'
messages:

    $ make KCONFIG_SEED=0x7A85DEE0 randconfig
    warning: (BR2_PACKAGE_ESPEAK_AUDIO_BACKEND_ALSA) selects
    BR2_PACKAGE_PORTAUDIO_CXX which has unmet directdependencies
    (BR2_PACKAGE_PORTAUDIO && BR2_INSTALL_LIBSTDCPP)

However, the dpendency chain *is* correct. There is something that
causes the kconfig parser to get really confused...

Add a comment statng the issue is spurious, so noone tries to fix it.

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Arnaud Aujon <arnaud@intelibre.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
7 years agolua: use target LDFLAGS
Baruch Siach [Mon, 8 May 2017 14:28:26 +0000 (17:28 +0300)]
lua: use target LDFLAGS

This adds '-static' to the link command when BR2_STATIC_LIBS=y, making the lua
binary really static.

Cc: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Acked-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
7 years agopackage/clamav: renumber patch
Bernd Kuhls [Mon, 8 May 2017 17:59:30 +0000 (19:59 +0200)]
package/clamav: renumber patch

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
7 years agopackage/efl: fix unmet dependencies
Yann E. MORIN [Mon, 8 May 2017 21:11:49 +0000 (23:11 +0200)]
package/efl: fix unmet dependencies

EFL's elput selects libinput but forgot to propagate its dependencies.
Which requires they be propagated further to a second sub-option, then
to a third one.

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Romain Naour <romain.naour@openwide.fr>
[Thomas: fix typoes.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
7 years agostrongswan: fix crypt() redefinition
Baruch Siach [Thu, 11 May 2017 11:22:11 +0000 (14:22 +0300)]
strongswan: fix crypt() redefinition

Add patch from upstream pending pull request (#72) to fix crypt() definition
conflict.

Fixes:
http://autobuild.buildroot.net/results/612/6120add5ad6e7f5d575fc2a2442cd7fe5302eb46/
http://autobuild.buildroot.net/results/ba1/ba1298e71ef28857654ae8d4593d09e4fe8cdda0/
http://autobuild.buildroot.net/results/6b9/6b928e2a6a35bfb21c792fca083bc4cbdaef9304/

Cc: Jérôme Pouiller <jezz@sysmic.org>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
7 years agopackage/linux-headers: bump 3.12.x and 4.{4, 9, 10}.x series
Bernd Kuhls [Thu, 11 May 2017 17:00:42 +0000 (19:00 +0200)]
package/linux-headers: bump 3.12.x and 4.{4, 9, 10}.x series

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
7 years agopackage/openvpn: security bump to 2.4.2
Bernd Kuhls [Thu, 11 May 2017 16:53:33 +0000 (18:53 +0200)]
package/openvpn: security bump to 2.4.2

Fixes CVE-2017-7478 & CVE-2017-7479:
https://community.openvpn.net/openvpn/wiki/QuarkslabAndCryptographyEngineerAudits

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
7 years agoqwt: fix build when BR2_STATIC_LIBS=y
Gwenhael Goavec-Merou [Thu, 11 May 2017 13:46:57 +0000 (15:46 +0200)]
qwt: fix build when BR2_STATIC_LIBS=y

By default, qwt build a shared library, but when BR2_STATIC_LIBS is set
compilation failed with errors like :
__uClibc_main.c:(.text+0x164): undefined reference to `__fini_array_end'
__uClibc_main.c:(.text+0x168): undefined reference to `__fini_array_start'
__uClibc_main.c:(.text+0x16c): undefined reference to `__fini_array_start'

This patch disable QwtDll to build a static library when BR2_STATIC_LIBS=y.

fix:
http://autobuild.buildroot.net/results/739/739406bb8073d1861933872a47802954d9767634/

Signed-off-by: Gwenhael Goavec-Merou <gwenhael.goavec-merou@trabucayre.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
7 years agopostgresql: bump version to 9.6.3 (security)
Vicente Olivert Riera [Thu, 11 May 2017 14:20:14 +0000 (15:20 +0100)]
postgresql: bump version to 9.6.3 (security)

Three security vulnerabilities have been closed by this release:

CVE-2017-7484: selectivity estimators bypass SELECT privilege checks
CVE-2017-7485: libpq ignores PGREQUIRESSL environment variable
CVE-2017-7486: pg_user_mappings view discloses foreign server passwords

More details: https://www.postgresql.org/about/news/1746/

Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
7 years agosudo: fix static linking with openldap having openssl support
Vicente Olivert Riera [Thu, 11 May 2017 13:00:40 +0000 (14:00 +0100)]
sudo: fix static linking with openldap having openssl support

If we are building sudo statically and openldap was linked with openssl,
then when we link sudo with openldap we need to specify the openssl
libs, otherwise it will fail with "undefined reference" errors.

Fixes:
  http://autobuild.buildroot.net/results/ebb/ebbb4c3138b5023a0c8bd938db1932a25ba5b6fb/
  http://autobuild.buildroot.net/results/58e/58ee4fddea85f0c79b26582b04a573258e27eb47/
  http://autobuild.buildroot.net/results/051/05151c4ef7f0b3702a6cd5e6df4888d826a37431/
  http://autobuild.buildroot.net/results/b1d/b1dfae81985daee106700191fcb82387833c2e3f/
  http://autobuild.buildroot.net/results/5b4/5b42e8505856156389d480d0da19f6982cf120d8/
  http://autobuild.buildroot.net/results/30a/30a76190428f902f03bcf54ba9f1f4f4377c6fc9/
  http://autobuild.buildroot.net/results/e8c/e8c6bdc314b9a8d5de303633a3abd7b7e44beb2e/
  http://autobuild.buildroot.net/results/483/4830c69cc6a62080e1516f0d9009c2ba619c23c1/

Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
7 years agoefibootmgr: backport upstream patch to fix build with gcc 6.x
Thomas Petazzoni [Thu, 11 May 2017 07:46:40 +0000 (09:46 +0200)]
efibootmgr: backport upstream patch to fix build with gcc 6.x

efibootmgr was built with -fshort-wchar, which causes gcc to use
2-byte wchar_t instead of the normal 4-byte wchar_t. But this doesn't
work anymore with gcc 6.x, as it causes a build failure:

/home/test/autobuild/run/instance-3/output/host/opt/ext-toolchain/bin/../lib/gcc/arm-buildroot-linux-gnueabihf/6.3.0/../../../../arm-buildroot-linux-gnueabihf/bin/ld: warning: efibootmgr.o uses 2-byte wchar_t yet the output is to use 4-byte wchar_t; use of wchar_t values across objects may fail
/home/test/autobuild/run/instance-3/output/host/opt/ext-toolchain/bin/../lib/gcc/arm-buildroot-linux-gnueabihf/6.3.0/../../../../arm-buildroot-linux-gnueabihf/bin/ld: warning: efi.o uses 2-byte wchar_t yet the output is to use 4-byte wchar_t; use of wchar_t values across objects may fail
/home/test/autobuild/run/instance-3/output/host/opt/ext-toolchain/bin/../lib/gcc/arm-buildroot-linux-gnueabihf/6.3.0/../../../../arm-buildroot-linux-gnueabihf/bin/ld: warning: unparse_path.o uses 2-byte wchar_t yet the output is to use 4-byte wchar_t; use of wchar_t values across objects may fail

Upstream solution was do simply drop -fshort-wchar:

  https://github.com/rhinstaller/efibootmgr/commit/3466fd05c8c6f1052e0426d64eed40f8a88fd78f

So this commit simply backports this upstream patch.

Fixes:

  http://autobuild.buildroot.net/results/87c3ff2427331eb9ab31c9eb685fe80954a0a98f/

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>