buildroot.git
5 years agopackage/tesseract-ocr: fix build on musl
Gilles Talis [Fri, 19 Jul 2019 17:14:42 +0000 (19:14 +0200)]
package/tesseract-ocr: fix build on musl

Fixes autobuild failures like:
- http://autobuild.buildroot.net/results/e47da689b4a2912b626f5d31086f6414e3e53774/

Signed-off-by: Gilles Talis <gilles.talis@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/libvips: fix build with NLS
Fabrice Fontaine [Fri, 5 Jul 2019 20:50:48 +0000 (22:50 +0200)]
package/libvips: fix build with NLS

Fixes:
 - http://autobuild.buildroot.org/results/cd61be84dc9781ea645f7667c2bd29908484692f

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/x11r7/xlib_libXfont: work around gcc bug 85180
Giulio Benetti [Mon, 15 Jul 2019 08:48:49 +0000 (10:48 +0200)]
package/x11r7/xlib_libXfont: work around gcc bug 85180

With Microblaze Gcc version < 8.x the build hangs due to gcc bug
85180: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85180. The bug
shows up when building xlib_libXfont with optimization but not when
building with -O0. To work around this, if
BR2_TOOLCHAIN_HAS_GCC_BUG_85180=y we force using -O0.

Fixes:
http://autobuild.buildroot.net/results/7c6/7c64becbf06a1e00e41b7ddb95dd0c65bf364eb7/

Signed-off-by: Giulio Benetti <giulio.benetti@micronovasrl.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agoarch/arc: always needs -matomic with atomic extensions
Yann E. MORIN [Thu, 18 Jul 2019 20:52:49 +0000 (22:52 +0200)]
arch/arc: always needs -matomic with atomic extensions

As reported by Alexey in:
    https://patchwork.ozlabs.org/patch/1087480/
    https://patchwork.ozlabs.org/patch/1087471/

when BR2_ARC_ATOMIC_EXT is enabled, -matomic needs to always be passed
to the compiler to allow atomic instructions to be used. So instead of
passing them through the command-line CFLAGS, we enforce them in the
toolchain wrapper directly.

Reported-by: Alexey Brodkin <Alexey.Brodkin@synopsys.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Alexey Brodkin <Alexey.Brodkin@synopsys.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Acked-by: Alexey Brodkin <abrodkin@synopsys.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agotoolchain: allow architectures to enforce compilation flags
Yann E. MORIN [Thu, 18 Jul 2019 20:52:48 +0000 (22:52 +0200)]
toolchain: allow architectures to enforce compilation flags

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Alexey Brodkin <abrodkin@synopsys.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Acked-by: Alexey Brodkin <abrodkin@synopsys.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/glib-networking: select openssl if gnutls is not enabled
Fabrice Fontaine [Sun, 14 Jul 2019 22:51:00 +0000 (00:51 +0200)]
package/glib-networking: select openssl if gnutls is not enabled

Fixes:
 - http://autobuild.buildroot.org/results/385ab1e09f821facc3d97b7dda6bd8d4a2c98eb5

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/bluez5_utils: fix build with kernel >= 5.2
Fabrice Fontaine [Sun, 14 Jul 2019 23:25:45 +0000 (01:25 +0200)]
package/bluez5_utils: fix build with kernel >= 5.2

Fixes:
 - http://autobuild.buildroot.org/results/1b965c5d9c782d6689041eeeb7be3be4a4854346

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/libcurl: bump to version 7.65.2
Pierre-Jean Texier [Thu, 18 Jul 2019 20:26:18 +0000 (22:26 +0200)]
package/libcurl: bump to version 7.65.2

Contains a number of fixes for issues discovered post-7.65.1.
For details, see full changelog:

https://curl.haxx.se/changes.html#7_65_2

Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/gcc/{arc-2019.03,9.1}.0: fix compilation of glibc
Alexey Brodkin [Tue, 16 Jul 2019 21:50:01 +0000 (00:50 +0300)]
package/gcc/{arc-2019.03,9.1}.0: fix compilation of glibc

When storing a TLS symbol to memory, always use an intermediate
register to load it. Otherwise the compiler generates an instruction
which couldn't be encoded and we see:

----------------------------->8---------------------------
In file included from gethstent_r.c:34:
../nss/getXXent_r.c: In function '__gethostent_r':
../nss/getXXent_r.c:168:1: error: unrecognizable insn:
 }
 ^
(insn 25 24 26 5 (set (mem:SI (plus:SI (reg/f:SI 149 virtual-outgoing-args)
                (const_int 16 [0x10])) [0  S4 A32])
        (plus:SI (reg:SI 25 r25)
            (reg:SI 174))) "../nss/getXXent_r.c":160 -1
     (nil))
during RTL pass: vregs
../nss/getXXent_r.c:168:1: internal compiler error: in extract_insn, at recog.c:2304
In file included from getnetent_r.c:34:
../nss/getXXent_r.c: In function '__getnetent_r':
../nss/getXXent_r.c:168:1: error: unrecognizable insn:
 }
 ^
(insn 25 24 26 5 (set (mem:SI (plus:SI (reg/f:SI 149 virtual-outgoing-args)
                (const_int 16 [0x10])) [0  S4 A32])
        (plus:SI (reg:SI 25 r25)
            (reg:SI 174))) "../nss/getXXent_r.c":160 -1
     (nil))
during RTL pass: vregs
../nss/getXXent_r.c:168:1: internal compiler error: in extract_insn, at recog.c:2304
----------------------------->8---------------------------

Note that this patch is not yet submitted to the GCC's master and
gcc-9-branch but will be submitted soon. That said with th bump of GCC
for ARC this patch will no longer be needed.

Signed-off-by: Alexey Brodkin <abrodkin@synopsys.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Cc: Evgeniy Didin <didin@synopsys.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/gcc/9.1.0: fix ICE on ARC
Alexey Brodkin [Tue, 16 Jul 2019 21:47:25 +0000 (00:47 +0300)]
package/gcc/9.1.0: fix ICE on ARC

In a nutshell while compiling glibc GCC raises an Internal Compiler
Error (ICE).

This is a backport of upstream fix [1] for GCC's BUG #89838 [2].
The fix is the same as the one already merged for arc-2019.03 [3].

With the update of GCC to 9.2.0, this patch won't be needed anymore:
it's already merged in both the stable "gcc-9-branch" branch and the
"master" branch.

[1] https://github.com/gcc-mirror/gcc/commit/472bac30e63ffacecfa5eda813054555f2cc7def
[2] https://gcc.gnu.org/bugzilla/show_bug.cgi?id=89838
[3] https://git.buildroot.org/buildroot/commit/?h=dbf7fffb37e25c40fd5c03d0a64e50a1bba86424

Signed-off-by: Alexey Brodkin <abrodkin@synopsys.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Evgeniy Didin <didin@synopsys.com>
Cc: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/bluez_utils: fix build with kernel >= 5.2
Fabrice Fontaine [Mon, 15 Jul 2019 16:37:55 +0000 (18:37 +0200)]
package/bluez_utils: fix build with kernel >= 5.2

Fixes:
 - http://autobuild.buildroot.org/results/72b6039ee4ba28e67d5ffcb5073e669e8d740e14

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/python-idna: select unicodedata support in python interpreter
Signed-off-by: Alex Xu [Wed, 17 Jul 2019 19:12:15 +0000 (15:12 -0400)]
package/python-idna: select unicodedata support in python interpreter

idna requires unicodedata:

Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
  File "usr/lib/python3.7/site-packages/idna/__init__.py", line 2, in <module>
  File "usr/lib/python3.7/site-packages/idna/core.py", line 3, in <module>
ModuleNotFoundError: No module named 'unicodedata'

Signed-off-by: Alex Xu <alex_y_xu@yahoo.ca>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/flashrom: bump to version 1.1
Fabrice Fontaine [Wed, 17 Jul 2019 17:03:50 +0000 (19:03 +0200)]
package/flashrom: bump to version 1.1

Remove patch (already in version)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/connman-gtk: add hash for license file
Fabrice Fontaine [Wed, 17 Jul 2019 17:02:51 +0000 (19:02 +0200)]
package/connman-gtk: add hash for license file

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/connman-gtk: fix build with NLS
Fabrice Fontaine [Wed, 17 Jul 2019 17:02:50 +0000 (19:02 +0200)]
package/connman-gtk: fix build with NLS

Fixes:
 - http://autobuild.buildroot.org/results/30b775323b4780b35a163100097952eff232339e

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/botan: bump to version 2.11.0
Pierre-Jean Texier [Wed, 17 Jul 2019 14:24:40 +0000 (16:24 +0200)]
package/botan: bump to version 2.11.0

- Remove patches (already in version)
- Upstream does not provide tgz tarball anymore, switch to xz.
- Update hash for license file due to copyright year change.
- See full changelog https://botan.randombit.net/news.html

Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/tesseract-ocr: fix build on uclibc
Fabrice Fontaine [Wed, 17 Jul 2019 21:46:52 +0000 (23:46 +0200)]
package/tesseract-ocr: fix build on uclibc

Fixes:
 - http://autobuild.buildroot.org/results/bdfbafa105ddf0b9b9399d94b557d318ad587d79

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/hiawatha: depends on BR2_TOOLCHAIN_HAS_SYNC_4
Fabrice Fontaine [Wed, 17 Jul 2019 22:02:15 +0000 (00:02 +0200)]
package/hiawatha: depends on BR2_TOOLCHAIN_HAS_SYNC_4

Since its version 10.9, hiawatha uses __sync_add_and_fetch_ 4 and
__sync_sub_and_fetch_4. hiawatha was bumped from 10.6 to 10.9 by
commit 93ca4f965264964bc944bbff4ef6160e4b4a1a63.

Fixes:
 - http://autobuild.buildroot.org/results/396f3ec849229eea9298215fbb1e1aac9f48c677

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/libva-utils: bump version to 2.5.0
Bernd Kuhls [Sun, 14 Jul 2019 15:21:26 +0000 (17:21 +0200)]
package/libva-utils: bump version to 2.5.0

Removed patch 0001, applied upstream:
https://github.com/intel/libva-utils/commit/d71e2604972d35e3803d9b66c7d2ed0a80c145dc

Removed patch 0002 after upstream fixed non-X11 build of sfcsample:
https://github.com/intel/libva-utils/commit/7be46f017caee2a23097bc8371f2fe4eb1b677a0

By removing all patches autoreconf is not needed anymore.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/xkeyboard-config: fix hash
Fabrice Fontaine [Sun, 14 Jul 2019 14:51:53 +0000 (16:51 +0200)]
package/xkeyboard-config: fix hash

Bump to version 2.27 did not update the hash

Fixes:
 - http://autobuild.buildroot.org/results/6afcadda1008771fa32055de64285498815bc4c0

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/tesseract-ocr: fix license
Fabrice Fontaine [Sun, 14 Jul 2019 22:58:19 +0000 (00:58 +0200)]
package/tesseract-ocr: fix license

COPYING has been removed since version 4.1.0 and
https://github.com/tesseract-ocr/tesseract/commit/618489290536282a59ed7a71381ca083d9a7586a

So replace COPYING by LICENSE

Fixes:
 - http://autobuild.buildroot.org/results/a3cff9747be539bdaffde3926f995467f33428c0

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Acked-by: Gilles Talis <gilles.talis@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agoboot/uboot: add hash for license file
Pierre-Jean Texier [Mon, 15 Jul 2019 19:35:11 +0000 (21:35 +0200)]
boot/uboot: add hash for license file

Fixes:
 >>> uboot 2019.07 Collecting legal info
 ERROR: No hash found for Licenses/gpl-2.0.txt

Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agofs/cpio: fix typo in comment
Thomas Petazzoni [Wed, 17 Jul 2019 06:56:35 +0000 (08:56 +0200)]
fs/cpio: fix typo in comment

--reproducible is --reproducible, not --repoducible.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agofs/cpio: make cpio rootfs reproducible
Atharva Lele [Tue, 16 Jul 2019 17:35:18 +0000 (23:05 +0530)]
fs/cpio: make cpio rootfs reproducible

Pass the recommended argument in the CPIO manual to make cpio archives
reproducible.

Reference: https://www.gnu.org/software/cpio/manual/cpio.html#Copy_002dpass-mode

Pre-patch diffoscope output: https://gitlab.com/snippets/1874745
Post-patch: https://gitlab.com/snippets/1874746

We can see that post-patch, the archive related differences are removed.
The differences are arising from utils/bin/getconf. This will have to
be investigated further. However, that is unrelated to cpio.

Signed-off-by: Atharva Lele <itsatharva@gmail.com>
Reviewed-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/cpio: add host version
Yann E. MORIN [Tue, 16 Jul 2019 17:35:17 +0000 (23:05 +0530)]
package/cpio: add host version

The latest cpio has a --reproducible option, which may come handy when
we try to, well, be reproducible...

Reported-by: Arnout Vandecappelle <arnout@mind.be>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
[Atharva: don't force --bindir, as noticed by Arnout]
Signed-off-by: Atharva Lele <itsatharva@gmail.com>
Acked-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Arnout Vandecappelle <arnout@mind.be>
Cc: Atharva Lele <itsatharva@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agoMakefile: don't export GZIP environment variable
Atharva Lele [Tue, 16 Jul 2019 17:42:14 +0000 (23:12 +0530)]
Makefile: don't export GZIP environment variable

We export GZIP = -n so that GZIP does not record original
name and timestamps. However..

GZIP environment variable is deprecated and soon will not be
supported in future GZIP versions. GZIP suggests the use of a
wrapper to pass options globally but it might be difficult to
implement in Buildroot. For now, we don't export the variable
and fix reproducibility issues per package as they show up in
Autobuilder.

Signed-off-by: Atharva Lele <itsatharva@gmail.com>
Acked-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agofs/common.mk: do not store original names and timestamps when creating gzipped rootfs
Atharva Lele [Tue, 16 Jul 2019 17:42:13 +0000 (23:12 +0530)]
fs/common.mk: do not store original names and timestamps when creating gzipped rootfs

Using the GZIP environment variable to pass gzip options is
deprecated, and therefore we are going to remove the "GZIP = -n"
definition from the main Buildroot Makefile. In preparation for this,
we explicitly add the -n argument to the gzip call in fs/common.mk to
ensure reproducibility.

Signed-off-by: Atharva Lele <itsatharva@gmail.com>
Acked-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/gstreamer1: fix static build break after change to meson build
Peter Seiderer [Mon, 15 Jul 2019 17:57:32 +0000 (19:57 +0200)]
package/gstreamer1: fix static build break after change to meson build

Add upstream patch to work around meson bug with linking static
libraries, fixes [1]:

.../arm-buildroot-linux-uclibcgnueabi/sysroot/usr/lib/libgstreamer-1.0.a(gstelement.c.o): In function `_gst_element_error_printf':
gstelement.c:(.text+0x3fe8): undefined reference to `__gst_vasprintf'
.../arm-buildroot-linux-uclibcgnueabi/sysroot/usr/lib/libgstreamer-1.0.a(gstinfo.c.o): In function `gst_debug_message_get':
gstinfo.c:(.text+0x1df0): undefined reference to `__gst_vasprintf'
.../arm-buildroot-linux-uclibcgnueabi/sysroot/usr/lib/libgstreamer-1.0.a(gstinfo.c.o): In function `_priv_gst_debug_init':
gstinfo.c:(.text+0x34a4): undefined reference to `__gst_printf_pointer_extension_set_func'
.../arm-buildroot-linux-uclibcgnueabi/sysroot/usr/lib/libgstreamer-1.0.a(gstinfo.c.o): In function `gst_info_vasprintf':
gstinfo.c:(.text+0x40b4): undefined reference to `__gst_vasprintf'
collect2: error: ld returned 1 exit status

[1] http://autobuild.buildroot.net/results/9f92b180835df9ed580fe2420687a3632d08b3e4

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/gnutls: fix build on sparc
Fabrice Fontaine [Mon, 15 Jul 2019 16:36:08 +0000 (18:36 +0200)]
package/gnutls: fix build on sparc

gnutls source code uses the C++11 <atomic> functionality since
https://github.com/gnutls/gnutls/commit/7978a733460f92b31033affd0e487c86d66c643d,
which internally is implemented using the __atomic_*() gcc built-ins

On certain architectures, the __atomic_*() built-ins are implemented in
the libatomic library that comes with the rest of the gcc runtime. Due
to this, code using <atomic> might need to link against libatomic,
otherwise one hits build issues such as:

../lib/.libs/libgnutls.so: undefined reference to `__atomic_fetch_sub_4'

on an architecture like SPARC.

To solve this, link against libatomic if BR2_PACKAGE_HAS_LIBATOMIC is set.

This fix gnutls build failures as well as cups, gnupg and libmicrohttpd

Fixes:
 - http://autobuild.buildroot.org/results/1c7541fc6ac4b52d1dfe02a9a7d61db90f4521eb
 - http://autobuild.buildroot.org/results/42c8803b98e38ebd48870fe6b1a20a1d6c351e5f
 - http://autobuild.buildroot.org/results/a1e96d02d41f7fec0f5327f65fb34405f963a1e9
 - http://autobuild.buildroot.org/results/59c92706457a9da29dd44425e546a7c80c18b454

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/libiscsi: needs threads
Fabrice Fontaine [Mon, 15 Jul 2019 16:37:02 +0000 (18:37 +0200)]
package/libiscsi: needs threads

threads are needed since bump to version 1.19.0 and
https://github.com/sahlberg/libiscsi/commit/41af44eba113c59dc43764d1d240397616e85b82

Fixes:
 - http://autobuild.buildroot.org/results/1d71c95378a6ef9774926bf7431c1a315e4a1b3e

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Acked-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/json-glib: set -Dintrospection=false
Alex Xu [Mon, 15 Jul 2019 17:18:01 +0000 (13:18 -0400)]
package/json-glib: set -Dintrospection=false

When -Dintrospection=false is not passed, the meson script
auto-detects the host g-ir-scanner, which is not usable in a
cross-compile environment.

Signed-off-by: Alex Xu <alex_y_xu@yahoo.ca>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/xscreensaver: fix hash
Fabrice Fontaine [Mon, 15 Jul 2019 16:38:33 +0000 (18:38 +0200)]
package/xscreensaver: fix hash

When bumping to version 5.43, an incorrect hash was set

Fixes:
 - http://autobuild.buildroot.org/results/029ab289021edaf9820b47846e5d107cab6f3e28

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/libqrencode: bump to version 4.0.2
Pierre-Jean Texier [Mon, 15 Jul 2019 18:25:08 +0000 (20:25 +0200)]
package/libqrencode: bump to version 4.0.2

See https://fukuchi.org/works/qrencode/#news

Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/x11r7/xlib_libICE: security bump version to 1.0.10
Bernd Kuhls [Tue, 16 Jul 2019 19:49:34 +0000 (21:49 +0200)]
package/x11r7/xlib_libICE: security bump version to 1.0.10

Fixes CVE-2017-2626, release notes:
https://lists.x.org/archives/xorg-announce/2019-July/003006.html

Added all hashes provided by upstream, added license hash.
Updated _SITE according to release notes.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/x11r7/xapp_xwininfo: bump version to 1.1.5
Bernd Kuhls [Tue, 16 Jul 2019 20:09:52 +0000 (22:09 +0200)]
package/x11r7/xapp_xwininfo: bump version to 1.1.5

Updated _SITE according to release notes.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/x11r7/xapp_xman: bump version to 1.1.5
Bernd Kuhls [Tue, 16 Jul 2019 20:09:51 +0000 (22:09 +0200)]
package/x11r7/xapp_xman: bump version to 1.1.5

Added all hashes provided by upstream, added license hash.
Updated _SITE according to release notes.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/x11r7/xapp_xclock: bump version to 1.0.9
Bernd Kuhls [Tue, 16 Jul 2019 20:09:50 +0000 (22:09 +0200)]
package/x11r7/xapp_xclock: bump version to 1.0.9

Updated _SITE according to release notes.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/x11r7/xapp_xbiff: bump version to 1.0.4
Bernd Kuhls [Tue, 16 Jul 2019 20:03:15 +0000 (22:03 +0200)]
package/x11r7/xapp_xbiff: bump version to 1.0.4

Added all hashes provided by upstream, added license hash.
Updated _SITE according to release notes.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/x11r7/xapp_xbacklight: bump version to 1.2.3
Bernd Kuhls [Tue, 16 Jul 2019 20:03:14 +0000 (22:03 +0200)]
package/x11r7/xapp_xbacklight: bump version to 1.2.3

Updated _SITE according to release notes.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/x11r7/xapp_setxkbmap: bump version to 1.3.2
Bernd Kuhls [Tue, 16 Jul 2019 20:03:13 +0000 (22:03 +0200)]
package/x11r7/xapp_setxkbmap: bump version to 1.3.2

Added all hashes provided by upstream, added license hash.
Updated _SITE according to release notes.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/ding-libs: bump to version 0.6.1
Fabrice Fontaine [Tue, 16 Jul 2019 21:21:47 +0000 (23:21 +0200)]
package/ding-libs: bump to version 0.6.1

- Switch site to pagure.io as fedorahosted.org is retired:
  https://fedoraproject.org/wiki/Infrastructure/Fedorahosted-retirement
- Add hash for license files

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/python-psycopg2: bump to version 2.8.3
Adam Duskett [Tue, 16 Jul 2019 15:37:09 +0000 (11:37 -0400)]
package/python-psycopg2: bump to version 2.8.3

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/janus-gateway: bump to version 0.7.3
Adam Duskett [Tue, 16 Jul 2019 15:37:08 +0000 (11:37 -0400)]
package/janus-gateway: bump to version 0.7.3

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/mender-artifact: bump to version 3.0.1
Adam Duskett [Tue, 16 Jul 2019 15:12:57 +0000 (11:12 -0400)]
package/mender-artifact: bump to version 3.0.1

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/mender: bump to version 2.0.1
Adam Duskett [Tue, 16 Jul 2019 15:12:56 +0000 (11:12 -0400)]
package/mender: bump to version 2.0.1

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/glib-networking: bump to version 2.61.1
Fabrice Fontaine [Fri, 5 Jul 2019 18:35:40 +0000 (20:35 +0200)]
package/glib-networking: bump to version 2.61.1

- gnutls can be made optional again since
  https://gitlab.gnome.org/GNOME/glib-networking/commit/14a3138a6d242238f61ce83018a806e4358961de
- add openssl optional dependency
- pkcs option has been removed since
  https://gitlab.gnome.org/GNOME/glib-networking/commit/4d6caa033051f55a157d8b7fb9debdc2fa7e561e
- use new options, see
  https://gitlab.gnome.org/GNOME/glib-networking/commit/8629f3d5a58bd12d2b6818b6ca8ff1231375a2fb
- fix build failure with gnutls

Fixes:
 - http://autobuild.buildroot.org/results/e233f9a5693e18bee90669910007e122857c7f77

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/glib-networking: drop ca_certificates
Fabrice Fontaine [Fri, 5 Jul 2019 18:35:39 +0000 (20:35 +0200)]
package/glib-networking: drop ca_certificates

ca_certificates option is no more available since
https://gitlab.gnome.org/GNOME/glib-networking/commit/72a83a4cbcf4c0214f3131991fabe41c41d33cd6

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/glib-networking: drop host-intltool
Fabrice Fontaine [Fri, 5 Jul 2019 18:35:38 +0000 (20:35 +0200)]
package/glib-networking: drop host-intltool

intltool is not needed since version 2.49.90 and
https://gitlab.gnome.org/GNOME/glib-networking/commit/f539b7ebdb28bcf58cb2b6b86a15f33f563edaa8

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/libfribidi: bump version to 1.0.5
Bernd Kuhls [Sun, 7 Jul 2019 12:12:32 +0000 (14:12 +0200)]
package/libfribidi: bump version to 1.0.5

Added license hash, switched _SITE to github.

Removed --with-glib=no, glib support was removed upstream:
https://github.com/fribidi/fribidi/commit/03ba9fc5358bb3dd78c4e8708abefaad106475d0

Autoreconf is not needed anymore after upstream fixed
https://github.com/fribidi/fribidi/issues/35

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/xscreensaver: bump to version 5.43
Fabrice Fontaine [Sun, 7 Jul 2019 15:01:12 +0000 (17:01 +0200)]
package/xscreensaver: bump to version 5.43

- Remove patch (not needed anymore)
- Add hash for license files

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/libplatform: bump to version 1eb12b1b1efa6747c1e190964854e9e267e3a1e2
Fabrice Fontaine [Sun, 7 Jul 2019 08:29:14 +0000 (10:29 +0200)]
package/libplatform: bump to version 1eb12b1b1efa6747c1e190964854e9e267e3a1e2

- Remove patch (already in version)
- Add hash for license file

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Acked-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/imx-uuc: bump to version fc48b497fe961d601b4bcced807f562090854ec9
Fabrice Fontaine [Sun, 7 Jul 2019 13:55:33 +0000 (15:55 +0200)]
package/imx-uuc: bump to version fc48b497fe961d601b4bcced807f562090854ec9

Add hash for license file

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/imx-uuc: fix static build with musl
Fabrice Fontaine [Sun, 7 Jul 2019 13:55:32 +0000 (15:55 +0200)]
package/imx-uuc: fix static build with musl

Use TARGET_CONFIGURE_OPTS to pass -static in LDFLAGS when building
statically

Fixes:
 - http://autobuild.buildroot.org/results/12c08173f83315fb68fe3c3d34a78ed919ba5a79

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/ding-libs: adjust version variable
Victor Huesca [Mon, 8 Jul 2019 08:37:23 +0000 (10:37 +0200)]
package/ding-libs: adjust version variable

This package uses dashes as the version separator while
release-monitoring uses dots. As the <pkg>_VERSION is used to match
against release-monitoring, this patch changes the version variable to
use dots instead.

Signed-off-by: Victor Huesca <victor.huesca@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/zeromq: bump to version 4.3.2
Asaf Kahlon [Mon, 8 Jul 2019 17:18:49 +0000 (20:18 +0300)]
package/zeromq: bump to version 4.3.2

Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/uboot-tools: bump to version 2019.07
Pierre-Jean Texier [Mon, 8 Jul 2019 21:08:29 +0000 (23:08 +0200)]
package/uboot-tools: bump to version 2019.07

- Bump to version 2019.07.
- remove the patches that have been upstreamed.

Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agoboot/uboot: bump to version 2019.07
Pierre-Jean Texier [Mon, 8 Jul 2019 20:52:16 +0000 (22:52 +0200)]
boot/uboot: bump to version 2019.07

See https://lists.denx.de/pipermail/u-boot/2019-July/375451.html

Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/iputils: bump to version s20190709
Petr Vorel [Wed, 10 Jul 2019 20:45:29 +0000 (22:45 +0200)]
package/iputils: bump to version s20190709

Remove all patches (accepted in this release).

Signed-off-by: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agoconfigs/atmel_sama5d27_som1: add rng-tools package
Pierre-Jean Texier [Wed, 10 Jul 2019 16:21:13 +0000 (18:21 +0200)]
configs/atmel_sama5d27_som1: add rng-tools package

More entropy is required at boot time for the ssh
daemon to start.

So, enable rngd which feeds the entropy to the kernel
entropy tool.

Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io>
Acked-by: Ludovic Desroches <ludovic.desroches@microchip.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agoconfigs/atmel_sama5d27_som1: bump to linux4sam_6.1
Pierre-Jean Texier [Wed, 10 Jul 2019 16:21:12 +0000 (18:21 +0200)]
configs/atmel_sama5d27_som1: bump to linux4sam_6.1

This commit :
- bumps Linux & U-Boot to linux4sam_6.1.
- bumps at91bootstrap to v3.8.13

Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io>
Acked-by: Ludovic Desroches <ludovic.desroches@microchip.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/meson: bump version to 0.51.1
Adam Duskett [Thu, 11 Jul 2019 15:10:20 +0000 (11:10 -0400)]
package/meson: bump version to 0.51.1

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/libglib2: bump to version 2.60.5
Adam Duskett [Thu, 11 Jul 2019 15:10:19 +0000 (11:10 -0400)]
package/libglib2: bump to version 2.60.5

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/x11r7/xlib_libXfont2: work around gcc bug 85180
Giulio Benetti [Fri, 12 Jul 2019 09:04:07 +0000 (11:04 +0200)]
package/x11r7/xlib_libXfont2: work around gcc bug 85180

On Microblaze, with gcc versions < 8.x the build of xlib_libXfont2
hangs due to gcc bug 85180:
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85180.

The bug shows up when building xlib_libXfont2 with optimization but
not when building with -O0. To work around this, if
BR2_TOOLCHAIN_HAS_GCC_BUG_85180=y we force using -O0.

Fixes:

  http://autobuild.buildroot.net/results/21099d27c03948daaca2d1c149eeba084427e3af/

Signed-off-by: Giulio Benetti <giulio.benetti@micronovasrl.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/unzip: update security and bug fix patches from Debian
Sébastien Szymanski [Fri, 12 Jul 2019 13:30:41 +0000 (15:30 +0200)]
package/unzip: update security and bug fix patches from Debian

Fix the URL and add three new patches. Quoting changelog [1]:

unzip (6.0-24) unstable; urgency=medium

  * Apply two patches by Mark Adler:
  - Fix bug in undefer_input() that misplaced the input state.
  - Detect and reject a zip bomb using overlapped entries. Closes: #931433.
    Bug discovered by David Fifield. For reference, this is CVE-2019-13232.

 -- Santiago Vila <sanvila@debian.org>  Thu, 11 Jul 2019 18:03:34 +0200

unzip (6.0-23) unstable; urgency=medium

  * Fix lame code in fileio.c which parsed 64-bit values incorrectly.
    Thanks to David Fifield for the report. Closes: #929502.

 -- Santiago Vila <sanvila@debian.org>  Wed, 29 May 2019 00:24:08 +0200

[1] https://sources.debian.org/data/main/u/unzip/6.0-24/debian/changelog

Signed-off-by: Sébastien Szymanski <sebastien.szymanski@armadeus.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/vte: add gnutls optional dependency
Fabrice Fontaine [Sat, 13 Jul 2019 08:32:56 +0000 (10:32 +0200)]
package/vte: add gnutls optional dependency

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/redis: bump version to 5.0.5
Peter Korsgaard [Sun, 14 Jul 2019 11:04:30 +0000 (13:04 +0200)]
package/redis: bump version to 5.0.5

>From the release notes:
https://raw.githubusercontent.com/antirez/redis/5.0/00-RELEASENOTES

================================================================================
Redis 5.0.5     Released Wed May 15 17:57:41 CEST 2019
================================================================================

Upgrade urgency CRITICAL: This release fixes an important AOF fysnc bug
                          and other less critical issues.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/libvncserver: needs dynamic library
Fabrice Fontaine [Fri, 12 Jul 2019 21:29:18 +0000 (23:29 +0200)]
package/libvncserver: needs dynamic library

Disable libvncserver for static builds and drop second patch following
upstream feedback on patch fixing openssl issue:
https://github.com/LibVNC/libvncserver/pull/319

This will also fix build failure when building statically with libgcrypt

Don't update x11vnc, the reverse dependency of libvncserver, because
BR2_PACKAGE_XORG7 already depends on !BR2_STATIC_LIBS

Fixes:
 - http://autobuild.buildroot.org/results/8d7b109d085e3931a874c4fb99f465789485565a

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years ago{linux, linux-headers}: bump to version 5.2
Serhii Sakhno [Tue, 9 Jul 2019 21:35:52 +0000 (00:35 +0300)]
{linux, linux-headers}: bump to version 5.2

Signed-off-by: Serhii Sakhno <sergei.sakhno@gmail.com>
[Peter: default to 5.2.x kernel headers]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/xapian: bump to version 1.4.11
Gilles Talis [Sat, 13 Jul 2019 06:58:27 +0000 (08:58 +0200)]
package/xapian: bump to version 1.4.11

Signed-off-by: Gilles Talis <gilles.talis@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/webp: bump to version 1.0.2
Gilles Talis [Sat, 13 Jul 2019 06:58:26 +0000 (08:58 +0200)]
package/webp: bump to version 1.0.2

Signed-off-by: Gilles Talis <gilles.talis@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/iozone: bump to version 3_487
Gilles Talis [Sat, 13 Jul 2019 06:58:23 +0000 (08:58 +0200)]
package/iozone: bump to version 3_487

Signed-off-by: Gilles Talis <gilles.talis@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/tesseract-ocr: bump to version 4.1.0
Gilles Talis [Sat, 13 Jul 2019 06:58:25 +0000 (08:58 +0200)]
package/tesseract-ocr: bump to version 4.1.0

Signed-off-by: Gilles Talis <gilles.talis@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/leptonica: bump to version 1.78.0
Gilles Talis [Sat, 13 Jul 2019 06:58:24 +0000 (08:58 +0200)]
package/leptonica: bump to version 1.78.0

Signed-off-by: Gilles Talis <gilles.talis@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/libcdio: bump version to 2.1.0
Bernd Kuhls [Sun, 7 Jul 2019 11:59:07 +0000 (13:59 +0200)]
package/libcdio: bump version to 2.1.0

Upstream does not provide the .gz tarball anymore, switch to bz2.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/libxslt: bump version to 1.1.33
Bernd Kuhls [Sun, 7 Jul 2019 11:51:51 +0000 (13:51 +0200)]
package/libxslt: bump version to 1.1.33

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agoDEVELOPERS: add Bernd Kuhls for freetype
Bernd Kuhls [Sun, 7 Jul 2019 11:44:15 +0000 (13:44 +0200)]
DEVELOPERS: add Bernd Kuhls for freetype

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/freetype: bump version to 2.10.1
Bernd Kuhls [Sun, 7 Jul 2019 11:44:14 +0000 (13:44 +0200)]
package/freetype: bump version to 2.10.1

Upstream does not provide bz2 tarball anymore, switch to xz.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/libva: bump version to 2.5.0
Bernd Kuhls [Sat, 6 Jul 2019 07:03:55 +0000 (09:03 +0200)]
package/libva: bump version to 2.5.0

Removed patch which was applied upstream:
https://github.com/intel/libva/commit/6724011e8b52901f13dded130f0b47e8bdbd4dda

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agofs/tar: explicitly set extended header values to ensure binary reproducibility
Atharva Lele [Sat, 6 Jul 2019 06:55:01 +0000 (12:25 +0530)]
fs/tar: explicitly set extended header values to ensure binary reproducibility

Since we use --xattrs-include='*' to include all extended attributes,
tar creates a PAX formatted archive. The archive metadata captures atime
and ctime of files. To fix this, GNU recommends that we pass this added
argument to tar to create binary reproducible packages. Setting of mtime
is handled in fs/common.mk using touch on all files.

Diffoscope output pre-change: https://gitlab.com/snippets/1871111
Diffoscope output after change is blank i.e. binary reproducibile rootfs
is created.

GNU Recommendation: https://www.gnu.org/software/tar/manual/tar.html#SEC147

Signed-off-by: Atharva Lele <itsatharva@gmail.com>
Reviewed-by: Matt Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/libiscsi: bump to version 1.19.0
Fabrice Fontaine [Sun, 14 Jul 2019 08:41:24 +0000 (10:41 +0200)]
package/libiscsi: bump to version 1.19.0

- Remove patches (already in version)
- Use new configure options to disable examples, test-tool and tests
- Drop cunit optional dependency now that test-tool is always disabled

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/imagemagick: add upstream security fix for CVE-2019-13454
Bernd Kuhls [Sat, 13 Jul 2019 12:32:34 +0000 (14:32 +0200)]
package/imagemagick: add upstream security fix for CVE-2019-13454

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/imagemagick: security bump to version 7.0.8-53
Bernd Kuhls [Sat, 13 Jul 2019 12:32:33 +0000 (14:32 +0200)]
package/imagemagick: security bump to version 7.0.8-53

Fixes various CVE IDs:

CVE-2019-13133, CVE-2019-13134, CVE-2019-13135, CVE-2019-13136,
CVE-2019-13137, CVE-2019-13295, CVE-2019-13296, CVE-2019-13297,
CVE-2019-13298, CVE-2019-13299, CVE-2019-13300, CVE-2019-13301,
CVE-2019-13302, CVE-2019-13303, CVE-2019-13304, CVE-2019-13305,
CVE-2019-13306, CVE-2019-13307, CVE-2019-13308, CVE-2019-13309,
CVE-2019-13310, CVE-2019-13311, CVE-2019-13391

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/xkeyboard-config: bump to version 2.27
Fabrice Fontaine [Fri, 12 Jul 2019 21:32:41 +0000 (23:32 +0200)]
package/xkeyboard-config: bump to version 2.27

Drop host-intltool dependency, not needed since
https://gitlab.freedesktop.org/xkeyboard-config/xkeyboard-config/commit/e8026f673ec49c109212acc4c35b492b3e30f48f

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/x11r7/xapp_xauth: bump version to 1.1
Bernd Kuhls [Fri, 12 Jul 2019 19:37:15 +0000 (21:37 +0200)]
package/x11r7/xapp_xauth: bump version to 1.1

Added all hashes provided by upstream, added license hash.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/libpciaccess: bummp version to 0.15
Bernd Kuhls [Fri, 12 Jul 2019 19:36:28 +0000 (21:36 +0200)]
package/libpciaccess: bummp version to 0.15

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/dovecot-pigeonhole: bump version to 0.5.7
Bernd Kuhls [Fri, 12 Jul 2019 19:13:34 +0000 (21:13 +0200)]
package/dovecot-pigeonhole: bump version to 0.5.7

Release notes:
https://dovecot.org/pipermail/dovecot-news/2019-July/000413.html

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/dovecot: bump version to 2.3.7
Bernd Kuhls [Fri, 12 Jul 2019 19:13:33 +0000 (21:13 +0200)]
package/dovecot: bump version to 2.3.7

Switched _SITE to dovecot.org according to release notes:
https://dovecot.org/pipermail/dovecot-news/2019-July/000412.html

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/acpica: bump to version 20190703
Fabrice Fontaine [Thu, 11 Jul 2019 21:39:43 +0000 (23:39 +0200)]
package/acpica: bump to version 20190703

Add hash for license file

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agodocs/manual: 'Fixes' tag needs a colon
Arnout Vandecappelle (Essensium/Mind) [Fri, 12 Jul 2019 09:06:41 +0000 (11:06 +0200)]
docs/manual: 'Fixes' tag needs a colon

Apparently, patchwork only recognizes the 'Fixes' tag if it is followed
by a colon. So make sure the manual documents it as such.

Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Cc: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agoDEVELOPERS: add Pierre-Jean Texier for stunnel
Pierre-Jean Texier [Thu, 11 Jul 2019 20:43:26 +0000 (22:43 +0200)]
DEVELOPERS: add Pierre-Jean Texier for stunnel

Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/stunnel: bump version to 5.55
Pierre-Jean Texier [Thu, 11 Jul 2019 20:43:25 +0000 (22:43 +0200)]
package/stunnel: bump version to 5.55

See https://www.stunnel.org/ChangeLog.md.html

Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agoboot/at91bootstrap3: bump to version 3.8.13
Pierre-Jean Texier [Thu, 11 Jul 2019 20:13:30 +0000 (22:13 +0200)]
boot/at91bootstrap3: bump to version 3.8.13

Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/ffmpeg: bump version to 4.1.4
Bernd Kuhls [Thu, 11 Jul 2019 18:44:02 +0000 (20:44 +0200)]
package/ffmpeg: bump version to 4.1.4

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agoboot/barebox: bump version to 2019.07.0
Bartosz Bilas [Thu, 11 Jul 2019 16:59:50 +0000 (18:59 +0200)]
boot/barebox: bump version to 2019.07.0

Signed-off-by: Bartosz Bilas <b.bilas@grinn-global.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/python3: security bump to version 3.7.4
Adam Duskett [Wed, 10 Jul 2019 21:21:37 +0000 (17:21 -0400)]
package/python3: security bump to version 3.7.4

Fixes the following security issues:

- bpo-37463: ssl.match_hostname() no longer accepts IPv4 addresses with
  additional text after the address and only quad-dotted notation without
  trailing whitespaces.  Some inet_aton() implementations ignore whitespace
  and all data after whitespace, e.g.  ‘127.0.0.1 whatever’.

- bpo-35907: CVE-2019-9948: Avoid file reading by disallowing local-file://
  and local_file:// URL schemes in URLopener().open() and
  URLopener().retrieve() of urllib.request.

- bpo-30458: Address CVE-2019-9740 by disallowing URL paths with embedded
  whitespace or control characters through into the underlying http client
  request.  Such potentially malicious header injection URLs now cause an
  http.client.InvalidURL exception to be raised.

- bpo-33529: Prevent fold function used in email header encoding from
  entering infinite loop when there are too many non-ASCII characters in a
  header.

- bpo-35755: shutil.which() now uses os.confstr("CS_PATH") if available and
  if the PATH environment variable is not set.  Remove also the current
  directory from posixpath.defpath.  On Unix, shutil.which() and the
  subprocess module no longer search the executable in the current directory
  if the PATH environment variable is not set.

Also remove the following upstreamed patches:
  - 0033-bpo-36742-Fixes-handling-of-pre-normalization-charac.patch
  - 0034-bpo-36742-Corrects-fix-to-handle-decomposition-in-us.patch

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
[Peter: mention security fixes]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agoconfigs/warp7: Bump kernel and U-Boot versions
Pierre-Jean Texier [Mon, 8 Jul 2019 20:11:18 +0000 (22:11 +0200)]
configs/warp7: Bump kernel and U-Boot versions

Bump U-Boot to 2019.07 and kernel to version 5.1.16.

Also
 - adjust the U-Boot binary name after DM conversion.
 - add missing notes about DFU

Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io>
Tested-by: Joris Offouga <offougajoris@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/python-django: bump to version 2.2.3
Pierre-Jean Texier [Mon, 8 Jul 2019 20:42:21 +0000 (22:42 +0200)]
package/python-django: bump to version 2.2.3

See https://docs.djangoproject.com/en/2.2/releases/2.2.3/

Also, 2.2.x is the new LTS series.

Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/gnupg2: security bump to version 2.2.17
Baruch Siach [Wed, 10 Jul 2019 17:57:26 +0000 (20:57 +0300)]
package/gnupg2: security bump to version 2.2.17

This release mitigates the effects of the denial-of-service attacks on
the keyserver network (CVE-2019-13050).

https://gist.github.com/rjhansen/67ab921ffb4084c865b3618d6955275f
https://access.redhat.com/articles/4264021

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/{mesa3d, mesa3d-headers}: bump version to 19.0.8
Bernd Kuhls [Thu, 27 Jun 2019 19:06:14 +0000 (21:06 +0200)]
package/{mesa3d, mesa3d-headers}: bump version to 19.0.8

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
5 years agocheckpackagelib/lib_config.py: check packages alphabetical order in {Config.in, Confi...
Jerzy Grzegorek [Tue, 11 Jun 2019 20:49:46 +0000 (22:49 +0200)]
checkpackagelib/lib_config.py: check packages alphabetical order in {Config.in, Config.in.host}

Signed-off-by: Jerzy Grzegorek <jerzy.m.grzegorek@gmail.com>
[Arnout:
 - calculate level by counting - instead of with a static array;
 - new_package is only used locally, so don't make it a class member;
 - do indentation according to length of prefix;
 - don't split string in the middle of a line;
 - report first wrong package per menu;
 - do replace() only once;
 - add comment why we do replace().
]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>