git.libre-soc.org Git - buildroot.git/log

DEVELOPERS: drop Maxime Hadjinlian

Maxime has not been contributing to Buildroot for several years, so it
doesn't make sense to keep him in the DEVELOPERS file and make us
think that those packages are being maintained and to Cc: him on
patches affecting those packages.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

toolchain: handle toolchains with multiple ld*.so.* files

Some 3rd party vendor toolchains have multiple files which match
these glob patterns. In this case, the shell script failed.
Switching to use find and xargs solves the issue.

Signed-off-by: Jonah Petri <jonah@petri.us>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/libarchive: security bump to version 3.5.2

Fix CVE-2021-36976: libarchive 3.4.1 through 3.5.1 has a use-after-free
in copy_string (called from do_uncompress_block and process_block).

https://github.com/libarchive/libarchive/releases/tag/v3.5.2

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/belle-sip: add BELLE_SIP_CPE_ID_VENDOR

cpe:2.3:a:linphone:belle-sip is a valid CPE identifier for this package:

https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Alinphone%3Abelle-sip

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/libffi: disable use of static exec trampolines

TestGst1Python test segfault since the libffi bump to 3.4.2.

Apply the same fix from Yocto [1] disabling static exec trampolines.

Fixes:
https://gitlab.com/kubu93/buildroot/-/jobs/1522848331

[1] http://git.yoctoproject.org/cgit/cgit.cgi/poky/commit/?id=dadfef3950fae4e93ce4c13ab91a2a7f41b3702e

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/linux-pam: add libxcrypt optional dependency

Add libxcrypt optional dependency and fix the following build failure
with libxcrypt and uclibc-ng raised since the addition of libxcrypt in
commit 464bbe26ff5fb9e5bfe26a26ea65c700b90598f5:

/home/buildroot/autobuild/instance-1/output-1/host/opt/ext-toolchain/bin/../lib/gcc/arm-buildroot-linux-uclibcgnueabihf/9.3.0/../../../../arm-buildroot-linux-uclibcgnueabihf/bin/ld: unix_chkpwd-passverify.o: in function `verify_pwd_hash':
passverify.c:(.text+0xab4): undefined reference to `crypt_checksalt'

Fixes:
- http://autobuild.buildroot.org/results/65d68b7c9c7de1c7cb0f941ff9982f93a49a56f8

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/localedef: bump to version 2.33-46-gedfd11197ecf3629bbb4b66c5814da09a61a7f9f

resync the version with glibc package.

Remove upstream patches.

Rebase remaining patches for glibc 2.33.

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/python{3}-requests: allow idna 3.x to be installed on python 3.x

The tests.package.test_docker_compose.TestDockerCompose is broken
since the python-idna version bump to 3.0 because python-requests needs
python-idna < 3.0.

# docker-compose up -d
Traceback (most recent call last):
   File "/usr/lib/python3.9/site-packages/pkg_resources/__init__.py", line 583, in _build_master
   File "/usr/lib/python3.9/site-packages/pkg_resources/__init__.py", line 900, in require
   File "/usr/lib/python3.9/site-packages/pkg_resources/__init__.py", line 791, in resolve
pkg_resources.ContextualVersionConflict: (idna 3.2 (/usr/lib/python3.9/site-packages), Requirement.parse('idna<3,>=2.5'), {'requests'})

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
   File "/usr/bin/docker-compose", line 6, in <module>
     from pkg_resources import load_entry_point
   File "/usr/lib/python3.9/site-packages/pkg_resources/__init__.py", line 3252, in <module>
   File "/usr/lib/python3.9/site-packages/pkg_resources/__init__.py", line 3235, in _call_aside
   File "/usr/lib/python3.9/site-packages/pkg_resources/__init__.py", line 3264, in _initialize_master_working_set
   File "/usr/lib/python3.9/site-packages/pkg_resources/__init__.py", line 585, in _build_master
   File "/usr/lib/python3.9/site-packages/pkg_resources/__init__.py", line 598, in _build_from_requirements
   File "/usr/lib/python3.9/site-packages/pkg_resources/__init__.py", line 786, in resolve
pkg_resources.DistributionNotFound: The 'idna<3,>=2.5' distribution was not found and is required by requests

Fixes:
https://gitlab.com/kubu93/buildroot/-/jobs/1522848327

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

support/testing: test_docker_compose: bump the kernel to 4.19.204

gcc 10.x is now used by default but the kernel 4.19 used by
test_docker_compose doesn't build with it.

Bump the kernel to 4.19.204 release that contains a lot of
fixes for newer gcc.

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

support/testing: revert the last change of check_network()

check_network() must check the error code of the command
used to check the network configuration with the value
passed as argument "exitCode".

But this argument is ignored since this commit [1].

Revert the last change of check_network().

Fixes:
https://gitlab.com/kubu93/buildroot/-/jobs/1522848308
https://gitlab.com/kubu93/buildroot/-/jobs/1522848306

[1] afc1ed4d5152e0f6e724e6986a1d12c8001b94fe

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

toolchain: improve conditions for gcc bug 99140

Gcc bug 99140 has been fixed on gcc 8.x but reappeared on gcc 9.x while
it's been fixed on gcc 10.x+. So let's update
BR2_TOOLCHAIN_HAS_GCC_BUG_99140 accordingly.

Fixes:
http://autobuild.buildroot.net/results/c55/c55f50a8d657695f0d5492c32efa666254cd7f99/

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

Revert "package/libcap: don't overwrite 'empty' when generating loader.txt"

This was for the next branch, not master...

This reverts commit 6fb0dbe4038ccde96e4600ca566d6269911077bc.

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/libcap: don't overwrite 'empty' when generating loader.txt

Upstream commit [1] introduced an invocation of objcopy to generat
loader.txt. However, objcopy, if not provided with an output file, will
overwrite the input file. This is usually harmless because it will be
identical, but the timestamp is updated. This may cause 'empty' to be
newer than 'loader.txt', which causes 'loader.txt' and its dependencies
to be rebuilt during 'make install'

We provide a different set of parameters during 'make install'. In
particular, we no longer pass in HOST_CONFIGURE_OPTS, so we no longer
set LDFLAGS. Thus, there is no -Wl,rpath option that is passed in, which
causes the resulting binaries to have an incorrect RPATH.

Fix this by adding /dev/null as the output file in the objcopy
invocation.

Patch was sent upstream, but there's no mailing list, just a single
person.

Fixes: http://autobuild.buildroot.net/results/600/600aff5b839b48db80751cace5fa9670b7a3d698
(hopefully)

[1] https://git.kernel.org/pub/scm/libs/libcap/libcap.git/commit/?id=efd293947f940180eedd8d0915b124f4aedccc08

Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

support/testing: remove TestPythonPy2{Cryptography, ServiceIdentity, Treq, Twisted, Txtorcon}

The python2 support has been removed since the python-idna bump to version 3.2 [1]

[1] 0c7e30b43a5e98abfc8db521a6415b5a5c1c267f

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/libmodsecurity: disable -fPIC on m68k_cf

This package has -fPIC gcc option set by default but we can't use it on
m68k_cf since it doesn't support it throwing a gcc build failure. So let's
disable it by passing -fno-PIC.

Fixes:
http://autobuild.buildroot.net/results/b92980a563fe7ee331e70f288ce041be0bf29d40/

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/mesa3d: fix build on riscv32

Fix the following build failure on riscv32:

../src/util/futex.h: In function 'sys_futex':
../src/util/futex.h:39:19: error: 'SYS_futex' undeclared (first use in this function); did you mean 'sys_futex'?
   39 |    return syscall(SYS_futex, addr1, op, val1, timeout, addr2, val3);
      |                   ^~~~~~~~~
      |                   sys_futex

Fixes:
- http://autobuild.buildroot.org/results/692700a5f967760a0b8cd358b1712f1d5a7b681e

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/snort3: link with -latomic if needed

Fix the following build failure raised since bump to version 3.1.6
in commit e66f2fd310374779d415fa683813cc5f5ccf6be9 and
https://github.com/snort3/snort3/commit/3e518d86040e74c328bcc0d5bbd49c1da6b7a3ec:

/home/buildroot/autobuild/instance-1/output-1/host/opt/ext-toolchain/bin/../lib/gcc/powerpc-buildroot-linux-uclibc/9.3.0/../../../../powerpc-buildroot-linux-uclibc/bin/ld: service_inspectors/dce_rpc/CMakeFiles/dce_rpc.dir/dce_smb2_file.cc.o: undefined reference to symbol '__atomic_load_8@@LIBATOMIC_1.0'

Fixes:
- http://autobuild.buildroot.org/results/df34a69175e61bc7b180d89c738747e19aaf13bf

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/sdl2: fix build with kmsdrm

Build with kmsdrm is broken since bump to version 2.0.14 in commit
5e0da5c40da82d90c3f6ca037170838a6689b65b. Indeed, first patch was
already applied in this version:
https://github.com/libsdl-org/SDL/commit/9354aea19834ada7ffb90d379600a242a7aa820f
but upstream made other changes that requires EGL so add an upstream
patch to fix the build failure

Moreover, run autogen.sh instead of autoreconf as it breaks the build
and is not recommended by upstream:
https://github.com/libsdl-org/SDL/pull/4214

Fixes:
- http://autobuild.buildroot.org/results/355c7e5092e7641d8b04ecb550e2671d70720bd2

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[Arnout: add dependency on host-autoconf]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/sdl2: kmsdrm needs GBM

kmsdrm needs GBM (and so mesa3d) since its addition in version 2.0.6:
https://github.com/libsdl-org/SDL/commit/56363ebf6124b345e1cfbd14fb6c0e654837910c

If libgbm is not found, kmsdrm will be silently disabled

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/lua-lunix: fix sys/sysctl.h detection

sysctl.h has been removed from glibc since version 2.32.

Fixes: http://autobuild.buildroot.net/results/749a11d5289c6fec3b2f236b9073fc1ab730d090/
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

Config.in: disable Fortify Source for microblaze

As reported by Toolchain-builder project [1], the microblaze glibc
toolchain creates a system that doesn't boot when FORTIFY_SOURCE is
enabled: the init process hangs.

Also, hardening features may not be wanted or possible for such
slow soft-core cpus [2].

Note: for completeness, BR2_RELRO_PARTIAL was manually tested and it
does boot.

[1] https://gitlab.com/bootlin/toolchains-builder/-/jobs/1467624500
[2] http://lists.busybox.net/pipermail/buildroot/2021-June/312416.html

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/libressl: always expose SSL_OP_NO_TLSv1_3

Fixes the build of vsftpd 3.0.4

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/kvm-unit-tests: fix powerpc64 PHDR seg err

Upstream comment: "Let's introduce some fake PHDRs
to the linker script to get this working again."

Fixes:
(next) http://autobuild.buildroot.net/results/ae091dbcb155e63c208ce5adb289807cee83e28d/
(master) http://autobuild.buildroot.net/results/ef0/ef0b044802c54a697d8bffb28eba08cf9ce44f4c/
(2021.02.x) http://autobuild.buildroot.net/results/044/04495aa23ce51c48b9b850890453abded85dc477/
(2021.05.x) http://autobuild.buildroot.net/results/0fa/0fa94f1f930aa16cec3bc96e64bc57b460238a0a/

[Cherry-picked upstream]
5126732d73aa75a0bc84f898042bfe35640624b8

Signed-off-by: Matthew Weber <matthew.weber@collins.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/polkit: install polkit.loc to HOST_DIR

Fix added by commit c20d31baf471daeeec50d62cb8baa79bac06fa51 is
incomplete as polkit.loc must also be added to
$(HOST_DIR)/share/gettext/its

Additionally, the destination path for "$(INSTALL) -D" must be a
fully-qualified filename, not just the destination directory.

Fixes:
- http://autobuild.buildroot.org/results/170e4802b7b4e8e7dafa95ade549e8fd05e43bfd

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[yann.morin.1998@free.fr: dest must be a filename, not a directory]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/libvirt: fix syntax error in Config.in

The typo was introduced in 6aa318d91e66731d66dca485c4c30391fe0e2423

Signed-off-by: Titouan Christophe <titouanchristophe@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/cpio: fix CVE-2021-38185

GNU cpio through 2.13 allows attackers to execute arbitrary code via a
crafted pattern file, because of a dstring.c ds_fgetstr integer overflow
that triggers an out-of-bounds heap write. NOTE: it is unclear whether
there are common cases where the pattern file, associated with the -E
option, is untrusted data.

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/mpv: fix build of vaapi with egl-drm

Build of vaapi with egl-drm is broken since commit
6ec47c4e59c7c8c57e972dab985c8a2ba0bf7174 because egl-drm is a part of gl
group which is only enabled if BR2_PACKAGE_HAS_LIBGL or
BR2_PACKAGE_HAS_LIBGLES are set:
https://github.com/mpv-player/mpv/blob/ec0006bfa1aaf608a7141929f2871c89ac7a15d6/wscript#L572

As a result, despite what is being displayed in the autobuilder log
message, the build failure is not related to X11 but to the fact that
we try to enable vaapi through egl-drm but at the same time, we disable
gl.

To fix it, enable gl if libegl is available as gl can be enabled for
example through wayland and egl (gl-wayland):

'deps': 'gl-cocoa || gl-x11 || egl-x11 || egl-drm || '
+ 'gl-win32 || gl-wayland || rpi || '
+ 'plain-gl',

Fixes:
- http://autobuild.buildroot.org/results/e5c15228f42a73f8c34b26630b2074c30e5f5966

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/mpv: vaapi-drm needs egl-drm

Build of vaapi-drm without egl-drm is broken since commit
6ec47c4e59c7c8c57e972dab985c8a2ba0bf7174.

egl-drm has been added with commit
031df474c24f92757ac95ade572b90995ebdc6a2 and it is only available with
mesa3d because of the gbm dependency:
https://github.com/mpv-player/mpv/blob/0b56e1c00a57fdb767674462c299a5c973a9e373/wscript#L571

Indeed, at the moment, mesa3d is the only gbm provider in buildroot.

Fixes:
- http://autobuild.buildroot.org/results/83d6dcbb77ab8754aefcdcf90baeaff9db2a1c81

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/libmcrypt: drop package

Drop libmcrypt which is a cryptographic package that is not maintained
anymore. Here is an extract of https://en.wikipedia.org/wiki/Mcrypt:
"The last update to libmcrypt was in 2007, despite years of unmerged
patches. These facts have led security experts to declare mcrypt
abandonware and discourage its use in new development.".

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/mcrypt: drop package

Drop mcrypt which is a cryptographic package that is not maintained
anymore. Here is an extract of https://en.wikipedia.org/wiki/Mcrypt:
"The last update to libmcrypt was in 2007, despite years of unmerged
patches. These facts have led security experts to declare mcrypt
abandonware and discourage its use in new development."

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/libvirt: fix dependency of comment

d1fc0690addd (package/libvirt: fix dependencies on kernel headers)
forgot to update the conditions for the comment after the last-minute
changes by Yann.

Fix that.

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/libvirt: fix dependencies on kernel headers

In ccfc90e1010e (package/libvirt: new package), last-minute changes
missed the depenecny on kernel headers; headers >= 3.12 are required for
all architectures, but AArch64, which requires 4.11 for HWCAP_CPUID:

    ../src/cpu/cpu_arm.c: In function 'virCPUarmCpuDataFromRegs':
    ../src/cpu/cpu_arm.c:562:20: error: 'HWCAP_CPUID' undeclared (first use in this function); did you mean 'HWCAP_PMULL'?
         if (!(hwcaps & HWCAP_CPUID)) {
                        ^~~~~~~~~~~
                        HWCAP_PMULL

Fixes:
- http://autobuild.buildroot.org/results/85bf7b4dad73a748bf439e63874eb64d9a53088f

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[yann.morin.1998@free.fr:
  - move AArch64 4.11 req. from _ARCH_SUPPORTS to BR2_PACKAGE_LIBVIRT
  - add missing dependency on headers 3.12 for the rest
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/rust-bin: harmonize indentation

Use an indentation of two spaces everywhere

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/heirloom-mailx: fix build failure due to gcc bug 101916

The heirloom-mailx package exhibits gcc bug 101916 when built for the
SH4 architecture with optimization enabled, which causes a build failure.

As done for other packages in Buildroot work around this gcc bug by
setting optimization to -O0 if BR2_TOOLCHAIN_HAS_GCC_BUG_101916=y.
Also introduce HEIRLOOM_MAILX_CFLAGS as done for other packages and move
the already present -fPIC CFLAG to it.

Fixes:
http://autobuild.buildroot.net/results/911/911f5c024834741754102ff1bbb05c4a64c54a0b/

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

toolchain: introduce BR2_TOOLCHAIN_HAS_GCC_BUG_101916

heirloom-mailx package fails to build for the SH4 architecture with
optimization enabled with gcc = 11.1.0:
http://autobuild.buildroot.net/results/911/911f5c024834741754102ff1bbb05c4a64c54a0b/

It's been reported upstream:
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=101916

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/lmbench: fix build failure due to gcc bug 101915

The lmbench package exhibits gcc bug 101915 when built for the
Microblaze architecture with optimization enabled, which causes a build
failure.

As done for other packages in Buildroot work around this gcc bug by
setting optimization to -O0 if BR2_TOOLCHAIN_HAS_GCC_BUG_101915=y.

Fixes:
http://autobuild.buildroot.net/results/ae1/ae1e4d61ed367c6cb64442c60d98882cc7985346/

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

toolchain: introduce BR2_TOOLCHAIN_HAS_GCC_BUG_101915

lmbench package fails to build for the Microblaze architecture with
optimization enabled with gcc = 11.1.0:
http://autobuild.buildroot.net/results/ae1/ae1e4d61ed367c6cb64442c60d98882cc7985346/

It's been reported upstream:
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=101915

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

linux: bump CIP RT kernel to version 4.19.198-cip54-rt21

This patch bumps Linux CIP RT to version 4.19.198-cip54-rt21

Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

linux: bump CIP kernel to version 4.19.198-cip54

This patch bumps Linux CIP to version 4.19.198-cip54.

Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/gdb: fix build of gdb on riscv

Build of gdb on riscv without host-gdb is broken since commit
4ecd247ead22a6cfb87a4ffafc4be05201328aef because BR2_GDB_VERSION_10 is
never defined if BR2_PACKAGE_HOST_GDB is not selected resulting in the
following build failure:

/bin/bash: line 0: cd: /tmp/instance-0/output-1/build/gdb-10.1/gdb/gdbserver: No such file or directory

So add a BR2_PACKAGE_GDB_TOPLEVEL hidden option as suggested by Thomas
Petazzoni.

Fixes:
- http://autobuild.buildroot.org/results/ce47d616ee79d5f735779570ebc3b4a9c0f64c6a

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/gdb: bump version 10.x to 10.2

Signed-off-by: Michael Fischer <mf@go-sys.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

Revert "package/libshout: enable optional dependency for libressl"

This reverts commit 46b8fb7500ecca65a79507318fd3052208559c09 indeed if
libressl is selected as the openssl provider, the BR2_PACKAGE_OPENSSL
conditition will always be used and the BR2_PACKAGE_LIBRESSL condition
will never be triggered. Moreover, libressl provides a pkg-config file.

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/haproxy: security bump to version 2.4.3

Fixes the following security issues:

- CVE-2021-39240: An issue was discovered in HAProxy 2.2 before 2.2.16, 2.3
  before 2.3.13, and 2.4 before 2.4.3.  It does not ensure that the scheme
  and path portions of a URI have the expected characters.  For example, the
  authority field (as observed on a target HTTP/2 server) might differ from
  what the routing rules were intended to achieve.

- CVE-2021-39241: An issue was discovered in HAProxy 2.0 before 2.0.24, 2.2
  before 2.2.16, 2.3 before 2.3.13, and 2.4 before 2.4.3.  An HTTP method
  name may contain a space followed by the name of a protected resource.  It
  is possible that a server would interpret this as a request for that
  protected resource, such as in the "GET /admin?  HTTP/1.1 /static/images
  HTTP/1.1" example.

- CVE-2021-39242: An issue was discovered in HAProxy 2.2 before 2.2.16, 2.3
  before 2.3.13, and 2.4 before 2.4.3.  It can lead to a situation with an
  attacker-controlled HTTP Host header, because a mismatch between Host and
  authority is mishandled.

For more details, see the advisory:
https://www.mail-archive.com/haproxy@formilux.org/msg41041.html

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/sentry-cli: remove package

This package has had build failures for a very long time, and these
issues have not been fixed, and it is now the number 1 build failure
reason in our autobuilders. It is time to acknowledge that the package
needs to be removed.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/openvmtools: fix time_t build failure on 32-bit platforms

Add upstream pending patch[1] to fix time_t on 32-bit platform.

[1]: https://github.com/vmware/open-vm-tools/pull/387

Fixes:
http://autobuild.buildroot.net/results/eb3dfe679536b578a0f16762312a96ada7162095/

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/libvirt: fix NLS build

Fix the following build failure raised since the addition of the package
in commit ccfc90e1010e42e6529afae3a5ea8bf7226dabc1:

/tmp/instance-0/output-1/host/opt/ext-toolchain/bin/../lib/gcc/i686-buildroot-linux-uclibc/9.3.0/../../../../i686-buildroot-linux-uclibc/bin/ld: src/util/libvirt_util.a(viralloc.c.o): in function `virInsertElementsN':
viralloc.c:(.text+0x167): undefined reference to `libintl_dgettext'

Fixes:
- http://autobuild.buildroot.net/results/2349c55a4a42f08ca52700c60cda3065b0c4bd88

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

boot/at91bootstrap3: update to final 4.0.0 version

Update to AT91Bootstrap 4.0.0 version.

This package is now released under MIT license, and a license file was
added.

Signed-off-by: Eugen Hristev <eugen.hristev@microchip.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/bullet: fix build failure due to gcc bug 101952

The bullet package exhibits gcc bug 101952 when built for the SH4
architecture with optimization enabled, which causes a build failure.

As done for other packages in Buildroot work around this gcc bug by
setting optimization to -O0 if BR2_TOOLCHAIN_HAS_GCC_BUG_101952=y like we
already do for BR2_TOOLCHAIN_HAS_GCC_BUG_85180=y.

Fixes:
http://autobuild.buildroot.net/results/32b/32bfaf0aae57ed18c18e82a72a958af9b3e1b241/

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

toolchain: introduce BR2_TOOLCHAIN_HAS_GCC_BUG_101952

bullet package fails to build for the SH4 architecture with optimization
enabled with gcc = 11.1.0:
http://autobuild.buildroot.net/results/32b/32bfaf0aae57ed18c18e82a72a958af9b3e1b241/

It's been reported upstream:
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=101952

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

DEVELOPERS: add myself to toolchain topics/packages

Since I've dealt and deal with toolchain bugs and their work-around
very often add myself to toolchain topic(toolchain/) as well as
package/binutils and package/gcc.

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/eigen: override Fortran path

The language detection is falling back to the host system
Fortran compiler. An example of this is in RHEL7.9
(gcc4.8.5 20150623 (Red Hat 4.8.5-44)).

This patch bypasses detection and points to the location
where the compiler would be installed (if present). In the
cases where it doesn't exist, the detection falls through
and leaves Fortran disabled.

Fixes:
http://autobuild.buildroot.net/results/8354da225d1e5e337aa7ea62a7e6524fb5f1135f/

Signed-off-by: Matthew Weber <matthew.weber@collins.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/rustc: fix conditions related to MIPS support

For MIPS64 architecture variants supported by Rust, we need to exclude
MIPS64R6, but due to a copy/paste mistake in commit
d69d40c029dc7d8199b745eaee759d92b66c5d17 ("package/rustc: add support
for Tier 1 and Tier 2 platform"), we used BR2_MIPS_CPU_MIPS32R6 for
both MIPS 32-bit and MIPS 64-bit configurations, while
BR2_MIPS_CPU_MIPS64R6 should be used on MIPS 64-bit.

Fixes:

http://autobuild.buildroot.net/8bab232eb98b164df300581ae019254bde7c8ca3/

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/nvidia-driver: fix build without X.org drivers

Fix the following build failure without BR2_PACKAGE_NVIDIA_DRIVER_XORG
raised since commit 9cda982855315d683d4880e6bb2a129133ea7213:

ln: failed to create symbolic link '/tmp/instance-0/output-1/target/usr/lib/xorg/modules/extensions/libglx.so': No such file or directory

Fixes:
- http://autobuild.buildroot.org/results/c2e7a826c105363309f70a3fcfe28bd53efcb94a

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Reviewed-by: Vincent Fazio <vfazio@xes-inc.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

Update for 2021.08-rc2

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/postgresql: security bump version to 13.4

Release notes:
https://www.postgresql.org/about/news/postgresql-134-128-1113-1018-9623-and-14-beta-3-released-2277/

Fixes CVE-2021-3677:
https://www.postgresql.org/support/security/CVE-2021-3677/

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

configs/{atmel, microchip}: bump at91bootstrap3 version

Signed-off-by: Ludovic Desroches <ludovic.desroches@microchip.com>
Tested-by: Pierre-Jean Texier <texier.pj2@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

configs/acmesystems_*: bump at91bootstrap3 version

Signed-off-by: Ludovic Desroches <ludovic.desroches@microchip.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

boot/at91bootstrap3: bump 3.x series to 3.10.3

Signed-off-by: Ludovic Desroches <ludovic.desroches@microchip.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/protobuf: fix build failure due to missing -mcmodel=large

When building protobuf for or1k -mcmodel=large is needed to link, so let's
add that gcc option in case we're building for or1k.

Upstream gcc doesn't have the -mcmodel=large option for or1k, but all
released Buildroot gcc versions have the patch to add it, so that's
fine.

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Reviewed-by: Maxim Kochetkov <fido_max@inbox.ru>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/libgeos: fix build failure due to missing -mcmodel=large

When building libgeos for or1k -mcmodel=large is needed to link, so let's
add that gcc option in case we're building for or1k.

Upstream gcc doesn't have the -mcmodel=large option for or1k, but all
released Buildroot gcc versions have the patch to add it, so that's
fine.

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Reviewed-by: Maxim Kochetkov <fido_max@inbox.ru>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/gcc: add OpenRisc patches for gcc version 11.1.0

At the moment of gcc 11.1.0 release the OpenRisc patches for -mcmodel=large
were still pending. They have been upstreamed yesterday as pointed in gcc
bugzilla[1]. So they will be part of gcc 11.3.0 or maybe before on 11.2.
2. Anyway at the moment if we try to build packages libgeos and protobuf
with OpenRisc gcc 11.1.0 it fails due to missing -mcmodel=large. So let's
add OpenRisc patches for it as done for all the previous versions.

Fixes:
still not appeared on autobuilers

[1]: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=99783

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/tor: security bump version to 0.4.6.7

Fixes CVE-2021-38385: https://blog.torproject.org/node/2062

Rebased patch 0001.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/python-treq: depend comment on BR2_PACKAGE_PYTHON3

The user shouldn't see the comment on the python2 menu.

Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/python-service-identity: depend comment on BR2_PACKAGE_PYTHON3

The user shouldn't see the comment on the python2 menu.

Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/python-secretstorage: depend comment on BR2_PACKAGE_PYTHON3

The user shouldn't see the comment on the python2 menu.

Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/python-pyopenssl: depend comment on BR2_PACKAGE_PYTHON3

The user shouldn't see the comment on the python2 menu.

Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/python-keyring: depend comment on BR2_PACKAGE_PYTHON3

The user shouldn't view the comment on the python2 menu.

Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/python-cryptography: depend comment on BR2_PACKAGE_PYTHON3

The user shouldn't see the comment on the python2 menu.

Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/libbpf: needs headers >= 4.13

Since its addition in commit f7b8508e4fe9c96bf679cc5423cc1500b6523e83,
libbpf unconditionally uses TCA_BPF_ID which is only available since
kernel 4.13 and
https://github.com/torvalds/linux/commit/e86283071fb0eed28136adb52997888f4beb202b:

netlink.c: In function '__get_tc_info':
netlink.c:515:11: error: 'TCA_BPF_ID' undeclared (first use in this function); did you mean 'TCA_BPF_FD'?
  515 |  if (!tbb[TCA_BPF_ID])
      |           ^~~~~~~~~~
      |           TCA_BPF_FD

Fixes:
- http://autobuild.buildroot.org/results/14996a0b7b9b65d0d6d5717d6da8922752789749

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/fontconfig: fix build with NLS

Add TARGET_NLS_DEPENDENCIES and host-gettext dependency to avoid the
following build failure in a per-package-directorie build with
host-cairo raised because fontconfig installs its ITS files in the wrong
directory (i.e. outside of gettext-tiny symlink):

mkdir -p /tmp/instance-0/output-1/per-package/host-cairo/host
rsync -a --link-dest=/tmp/instance-0/output-1/per-package/host-fontconfig/host/ /tmp/instance-0/output-1/per-package/host-fontconfig/host/ /tmp/instance-0/output-1/per-package/host-cairo/host
rsync -a --link-dest=/tmp/instance-0/output-1/per-package/host-freetype/host/ /tmp/instance-0/output-1/per-package/host-freetype/host/ /tmp/instance-0/output-1/per-package/host-cairo/host
rsync -a --link-dest=/tmp/instance-0/output-1/per-package/host-libglib2/host/ /tmp/instance-0/output-1/per-package/host-libglib2/host/ /tmp/instance-0/output-1/per-package/host-cairo/host
cannot delete non-empty directory: share/gettext
could not make way for new symlink: share/gettext

This only happens with per-package directories because then the rsync is
done. Otherwise the fontconfig installation will simply follow the
symlink.

The error of course exists for target as well, but doesn't occur in
autobuilders since it already fails for host.

Fixes:
- http://autobuild.buildroot.org/results/00e29958cecfffa4e994ab549637117dd8f55c30

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/fontconfig: break circular dependency

Build fails because of the following circular dependency:

fontconfig -> util-linux -> udev -> systemd -> polkit ->
gobject-introspection -> cairo -> fontconfig

which results in the following build failure:

checking for UUID... no
checking where uuid functions comes from... configure: error:
*** uuid is required. install util-linux.

To break it, apply the same ugly workaround that was applied for
libglib2 and cryptsetup until a better solution is found:
https://patchwork.ozlabs.org/project/buildroot/patch/20201101150619.1709959-1-fontaine.fabrice@gmail.com/

Fixes:
- http://autobuild.buildroot.org/results/2c6ef073e7e98e13daa409e1ea6130e9abd32c87

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/busybox/udhcpc.script: ensure action argument is correctly passed to hook scripts

commit f79a420825479c47d (package/busybox/udhcpc.script: support RFC3442
static routes) used 'set --' clobbering the positional arguments, causing
the action argument to not be correctly forwarded to hook scripts for the
renew / bound cases if static routes are provided by the server.

As a workaround, save the action argument at the beginning of the script and
use that when calling hook scripts.

Reported-by: 王琦 <wangwangqi2011@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/harfbuzz: fix build without threads

Fix the following build failures without threads by defining HB_NO_MT as
specified in https://github.com/harfbuzz/harfbuzz/blob/main/CONFIG.md:

In file included from ../src/hb.hh:458,
                 from ../src/hb-blob.cc:28:
../src/hb-mutex.hh:88:2: error: #error "Could not find any system to define mutex macros."
   88 | #error "Could not find any system to define mutex macros."
      |  ^~~~~

This build failure is raised since bump to version 2.8.1 in commit
e9ba1c80e8ebf5f5ad9d889d2dd37f27af87e811 and
https://github.com/harfbuzz/harfbuzz/commit/711c241f6c7e18c5403602375a733af74df76f83
which removed busyloop mutex implementation.

Fixes:
- http://autobuild.buildroot.org/results/0c03aca5e3ade735b54b0b9233896b868aec1520

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/libepoxy: bump to version 1.5.9

Update to libepoxy 1.5.9, which adds a fallback to use libOpenGL.so that
fixes a couple of regressions:

https://github.com/anholt/libepoxy/releases/tag/1.5.9

Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

boot/arm-trusted-firmware: don't force ENABLE_STACK_PROTECTOR

Commit 5f432df7e2d2 ("boot/arm-trusted-firmware: change
ENABLE_STACK_PROTECTOR value when disabled") set
ENABLE_STACK_PROTECTOR=0 when disabled. But since we pass this value as
MAKE_OPT, the internal ATF logic that sets ENABLE_STACK_PROTECTOR again
based on its initial value breaks. This leads to build failure:

make[1]: *** [/builds/buildroot.org/buildroot/output/build/arm-trusted-firmware-v2.4/build/a80x0_mcbin/release/libc/assert.o] Error 1
aarch64-buildroot-linux-uclibc-gcc.br_real: error: unrecognized command-line option ‘-fstack-protector-0’; did you mean ‘-fstack-protector’?

Move ENABLE_STACK_PROTECTOR to make environment instead to allow make to
change its value.

Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/1497663294

Cc: Dick Olsson <hi@senzilla.io>
Cc: Sergey Matyukevich <geomatsi@gmail.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/libargtable2: update LIBARGTABLE2_VERSION

Update LIBARGTABLE2_VERSION to reflect what is used by
https://release-monitoring.org

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/iozone: update IOZONE_VERSION

Update IOZONE_VERSION to reflect what is used by
https://release-monitoring.org

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/sqlite: add SQLITE_TAR_VERSION

3.35.0 is the version used by https://release-monitoring.org as well as
NVD NIST database so add SQLITE_TAR_VERSION and drop
SQLITE_CPE_ID_VERSION

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/unbound: bump to version 1.13.2

The release contains a bugfix to fix the make install of the python
module after build changes introduced in this release RC1.

This release contains a number of bug fixes. There is a crash fix for
broken internal structures in stream reuse, that is used when many TCP
or TLS upstream connections are made. Also a number of features are added.

https://github.com/NLnetLabs/unbound/releases/tag/release-1.13.2

Signed-off-by: Kyle Harding <kyle@balena.io>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/go: security bump to version 1.16.7

go1.16.7 (released 2021-08-05) includes a security fix to the
net/http/httputil package, as well as bug fixes to the compiler, the
linker, the runtime, the go command, and the net/http package.

https://golang.org/doc/devel/release#go1.16

Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

DEVELOPERS: drop Sven Fischer

Sven has privately asked to no longer receive notifications related to
this package.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/refpolicy: fix build with samba

Fix the following build failure with samba raised since commit
49f6b2f39ee23e3e53c0b001894644734b8338b6:

Compiling targeted policy.31
env LD_LIBRARY_PATH="/tmp/instance-5/output-1/host/lib:/tmp/instance-5/output-1/host/usr/lib" /tmp/instance-5/output-1/host/usr/bin/checkpolicy -c 31 -U deny -S -O -E policy.conf -o policy.31
policy/modules/services/samba.te:399:ERROR 'type crack_db_t is not within scope' at token ';' on line 360232:
allow smbd_t crack_db_t:dir { getattr search open };
#line 399
checkpolicy: error(s) encountered while parsing configuration

Fixes:
- http://autobuild.buildroot.org/results/ab7098948d1920e42fa587e07f0513f23ba7fc74

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/gd: fix CVE-2021-38115

read_header_tga in gd_tga.c in the GD Graphics Library (aka LibGD)
through 2.3.2 allows remote attackers to cause a denial of service
(out-of-bounds read) via a crafted TGA file.

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/python-txtorcon: depend comment on BR2_PACKAGE_PYTHON3

The user shouldn't view the comment on the python2 menu.

Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/terminology: set eet path

Set eet path to avoid the following build failure raised since bump to
version 1.9.0 in commit 6ac557a54bb4613e79728ad96724e7681c9c3c18 and
https://git.enlightenment.org/apps/terminology.git/commit/?id=f15dd2881a5e87e7f3b03594983826f7480c12e7:

/home/buildroot/autobuild/instance-2/output-1/build/terminology-1.9.0/data/colorschemes/add_color_scheme.sh: 30: /home/buildroot/autobuild/instance-2/output-1/build/terminology-1.9.0/data/colorschemes/add_color_scheme.sh: /usr/bin/eet: not found

Fixes:
- http://autobuild.buildroot.org/results/767acf73e4eade48cd3fdb43e9dd599ba7ef9661

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/python-matplotlib: merge dependency comments

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/jszip: add JSZIP_CPE_ID_VENDOR

cpe:2.3:a:jszip_project:jszip is a valid CPE identifier for this
package:

https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Ajszip_project%3Ajszip

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/sylpheed: fix CVE-2021-37746

textview_uri_security_check in textview.c in Claws Mail before 3.18.0,
and Sylpheed through 3.7.0, does not have sufficient link checks before
accepting a click.

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/sylpheed: add SYLPHEED_CPE_ID_VENDOR

cpe:2.3:a:sylpheed_project:sylpheed is a valid CPE identifier for this
package:

https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Asylpheed_project%3Asylpheed

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/nginx-naxsi: fix build without x_forwarded_for

Fix the following build failure without x_forwarded_for raised since
bump to version 1.3 in commit 3335c8d8685119ebb5b2a9a6e575f3a5337c4d90:

/home/buildroot/autobuild/instance-3/output-1/build/nginx-naxsi-1.3/naxsi_src/naxsi_runtime.c: In function 'ngx_http_naxsi_data_parse':
/home/buildroot/autobuild/instance-3/output-1/build/nginx-naxsi-1.3/naxsi_src/naxsi_runtime.c:2846:20: error: 'ngx_http_headers_in_t' has no member named 'x_forwarded_for'
if (r->headers_in.x_forwarded_for.nelts >= 1) {
^

Fixes:
- http://autobuild.buildroot.org/results/cdbc1536f6b5de3d4c836efa2f0dcaf0cdbb1462

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/poppler: fix build with gcc 11

Fix the following build failure with gcc 11:

In file included from /tmp/instance-0/output-1/host/arm-buildroot-linux-gnueabihf/sysroot/usr/include/glib-2.0/glib/gthread.h:32,
                 from /tmp/instance-0/output-1/host/arm-buildroot-linux-gnueabihf/sysroot/usr/include/glib-2.0/glib/gasyncqueue.h:32,
                 from /tmp/instance-0/output-1/host/arm-buildroot-linux-gnueabihf/sysroot/usr/include/glib-2.0/glib.h:32,
                 from /tmp/instance-0/output-1/host/arm-buildroot-linux-gnueabihf/sysroot/usr/include/glib-2.0/gobject/gbinding.h:28,
                 from /tmp/instance-0/output-1/host/arm-buildroot-linux-gnueabihf/sysroot/usr/include/glib-2.0/glib-object.h:22,
                 from /tmp/instance-0/output-1/build/poppler-0.84.0/glib/poppler.h:22,
                 from /tmp/instance-0/output-1/build/poppler-0.84.0/glib/poppler-action.cc:19:
/tmp/instance-0/output-1/build/poppler-0.84.0/glib/poppler-action.cc: In function 'GType poppler_dest_get_type()':
/tmp/instance-0/output-1/build/poppler-0.84.0/glib/poppler-private.h:155:13: error: argument 2 of '__atomic_load' must not be a pointer to a 'volatile' type
  155 |         if (g_once_init_enter (&g_define_type_id__volatile)) {                        \
      |             ^~~~~~~~~~~~~~~~~
/tmp/instance-0/output-1/build/poppler-0.84.0/glib/poppler-action.cc:28:1: note: in expansion of macro 'POPPLER_DEFINE_BOXED_TYPE'
   28 | POPPLER_DEFINE_BOXED_TYPE (PopplerDest, poppler_dest, poppler_dest_copy, poppler_dest_free)
      | ^~~~~~~~~~~~~~~~~~~~~~~~~

Fixes:
- http://autobuild.buildroot.org/results/dfcaac6487aaeb10412c3fe72a23135f8a70fefe

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/postgis: bump version to 3.1.3

Release-notes: https://postgis.net/2021/07/02/postgis-3.1.3/

Signed-off-by: Maxim Kochetkov <fido_max@inbox.ru>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/python-pymupdf: depend on python3

According to the package documentation, python 3.6 or newer
is needed.

Fixes:
- http://autobuild.buildroot.net/results/f857986b8c9b6d4a843f3694cae8527760540ed0/

Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/gobject-introspection: fix gidatadir

Since commit 521d387640d704f24caee51841388d98bcac739b gidatadir is
wrongly set to ${libdir}/../share, set it back to
${datadir}/gobject-introspection-1.0

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/prosody: security bump version to 0.11.10

fixes CVE-2021-37601
see https://blog.prosody.im/prosody-0.11.10-released/

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/jszip: fix CVE-2021-23413

This affects the package jszip before 3.7.0. Crafting a new zip file
with filenames set to Object prototype values (e.g __proto__, toString,
etc) results in a returned object with a modified prototype instance.

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/qemu: add libfuse3 optional dependency

libfuse3 is an optional dependency which is enabled by default since
version 6.0.0 and
https://gitlab.com/qemu-project/qemu/-/commit/0c9b70d5900a5108e899edfdd6f3790f8cb6bdc2

So add this dependency and fix the following build failures on musl
raised since bump to version 6.0.0 in commit
6b86c9335fc3ff381878156c6243454d4b688df9:

../block/export/fuse.c: In function 'fuse_fallocate':
../block/export/fuse.c:563:23: error: 'FALLOC_FL_ZERO_RANGE' undeclared (first use in this function)
  563 |     } else if (mode & FALLOC_FL_ZERO_RANGE) {
      |                       ^~~~~~~~~~~~~~~~~~~~
../block/export/fuse.c:563:23: note: each undeclared identifier is reported only once for each function it appears in
../block/export/fuse.c: In function 'fuse_lseek':
../block/export/fuse.c:639:19: error: 'SEEK_HOLE' undeclared (first use in this function)
  639 |     if (whence != SEEK_HOLE && whence != SEEK_DATA) {
      |                   ^~~~~~~~~
../block/export/fuse.c:639:42: error: 'SEEK_DATA' undeclared (first use in this function); did you mean 'SEEK_SET'?
  639 |     if (whence != SEEK_HOLE && whence != SEEK_DATA) {
      |                                          ^~~~~~~~~
      |                                          SEEK_SET

Fixes:
- http://autobuild.buildroot.org/results/0196609043bd37543e6a0d17ffc2254302ea7ba3

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/tpm2-tools: fix build with gcc 4.8

Fix the following build failure with gcc 4.8 raised since bump to
version 4.3.2 in commit 91aa6efa8588bf7617cc4a640eb55052b524ceb7:

lib/tpm2_eventlog_yaml.c: In function 'yaml_uefi_var_unicodename':
lib/tpm2_eventlog_yaml.c:130:5: error: 'for' loop initial declarations are only allowed in C99 mode
     for(size_t i = 0; i < data->UnicodeNameLength; ++i, tmp += ret) {
     ^
lib/tpm2_eventlog_yaml.c:130:5: note: use option -std=c99 or -std=gnu99 to compile your code
lib/tpm2_eventlog_yaml.c: In function 'yaml_specid_algs':
lib/tpm2_eventlog_yaml.c:335:5: error: 'for' loop initial declarations are only allowed in C99 mode
     for (size_t i = 0; i < count; ++i, ++alg) {
     ^

Fixes:
- http://autobuild.buildroot.org/results/018c75cfbb34006c0bca52dcc255ad6f9cc43b77

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/mongodb: fix build with gcc 11

Fix the following build failure with gcc 11:

In file included from src/mongo/db/query/plan_cache.h:36,
                 from src/mongo/db/catalog/collection_info_cache.h:33,
                 from src/mongo/db/catalog/collection.h:42,
                 from src/mongo/db/exec/requires_collection_stage.h:32,
                 from src/mongo/db/exec/delete.h:32,
                 from src/mongo/db/query/internal_plans.h:33,
                 from src/mongo/db/query/internal_plans.cpp:32:
src/mongo/db/exec/plan_stats.h:214:10: error: 'optional' in namespace 'std' does not name a template type
  214 |     std::optional<std::string> replanReason;
      |          ^~~~~~~~

Fixes:
- http://autobuild.buildroot.org/results/8c0875fa413923504515a83d8b679366418c2444

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>