buildroot.git
3 years agopackage/xenomai: disable cobalt for armv8
Romain Naour [Tue, 2 Feb 2021 20:56:14 +0000 (21:56 +0100)]
package/xenomai: disable cobalt for armv8

When a armv8 target is used in 32bits mode, xenomai fail to detect the
ARM architecture and abord the build. (__ARM_ARCH_7A__ is not defined
for armv8 cpus).

There are no autobuilder failures for this issue since cobalt is never
selected, but the following defconfig:

BR2_arm=y
BR2_cortex_a53=y
BR2_ARM_FPU_NEON_VFPV4=y
BR2_TOOLCHAIN_EXTERNAL=y
BR2_PACKAGE_XENOMAI=y
BR2_PACKAGE_XENOMAI_COBALT=y

This was initialy reproduced using the raspberrypi3_defconfig with
Xenomai package with cobalt selected.

In order to use Xenomai on raspberrypi3 in 32 bits mode, one has to
select BR2_cortex_a7 instead of BR2_cortex_a53 (see a13a388dd444).

See:
https://gitlab.denx.de/Xenomai/xenomai/-/blob/v3.1/lib/cobalt/arch/arm/include/asm/xenomai/features.h#L52

Signed-off-by: Romain Naour <romain.naour@gmail.com>
[yann.morin.1998@free.fr:
  - switch to independent conditional 'default y'
  - slightly reword the commit log
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/xenomai: smp support needs at least armv6
Romain Naour [Tue, 2 Feb 2021 20:56:13 +0000 (21:56 +0100)]
package/xenomai: smp support needs at least armv6

There are no autobuilder failures for this issue, but the following
defconfig:

BR2_arm=y
BR2_TOOLCHAIN_EXTERNAL=y
BR2_PACKAGE_XENOMAI=y
BR2_PACKAGE_XENOMAI_COBALT=y

See:
https://gitlab.denx.de/Xenomai/xenomai/-/blob/v3.1/lib/cobalt/arch/arm/include/asm/xenomai/features.h#L56

Signed-off-by: Romain Naour <romain.naour@gmail.com>
[yann.morin.1998@free.fr: fix the condition]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agosupport/config-fragments/autobuild: use Bootlin toolchain for RISC-V 64 musl
Thomas Petazzoni [Tue, 2 Feb 2021 22:53:31 +0000 (23:53 +0100)]
support/config-fragments/autobuild: use Bootlin toolchain for RISC-V 64 musl

Instead of using an external toolchain built specifically for the
autobuilders to test RISC-V 64/musl, use a pre-built Bootlin
toolchain.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agosupport/config-fragments/autobuild: use Bootlin toolchain for RISC-V 64 glibc
Thomas Petazzoni [Tue, 2 Feb 2021 22:53:30 +0000 (23:53 +0100)]
support/config-fragments/autobuild: use Bootlin toolchain for RISC-V 64 glibc

Instead of using an external toolchain built specifically for the
autobuilders to test RISC-V 64/glibc, use a pre-built Bootlin
toolchain.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/sox: remove EOL whitespace
Arnout Vandecappelle (Essensium/Mind) [Fri, 5 Feb 2021 08:01:14 +0000 (09:01 +0100)]
package/sox: remove EOL whitespace

Fixes https://gitlab.com/buildroot.org/buildroot/-/jobs/1010083301

Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agopackage/libksba: set LIBKSBA_CPE_ID_VALID
Fabrice Fontaine [Thu, 4 Feb 2021 19:00:06 +0000 (20:00 +0100)]
package/libksba: set LIBKSBA_CPE_ID_VALID

cpe:2.3:a:libksba_project:libksba is a valid CPE identifier for this
package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Alibksba_project%3Alibksba

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
3 years agopackage/ghostscript: add GHOSTSCRIPT_CPE_ID_VENDOR
Fabrice Fontaine [Thu, 4 Feb 2021 19:46:52 +0000 (20:46 +0100)]
package/ghostscript: add GHOSTSCRIPT_CPE_ID_VENDOR

cpe:2.3:a:artifex:ghostscript is a valid CPE identifier for this
package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Aartifex%3Aghostscript

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
3 years agopackage/autofs: bump to version 5.1.7
Fabrice Fontaine [Thu, 4 Feb 2021 19:42:12 +0000 (20:42 +0100)]
package/autofs: bump to version 5.1.7

- Drop patch (already in version)
- Update hash of license files (correction in FSF address):
  https://git.kernel.org/pub/scm/linux/storage/autofs/autofs.git/commit/?id=b74dcdd3f6b05522388729141c29286829c302fc
- Update indentation in hash file (two spaces)

https://git.kernel.org/pub/scm/linux/storage/autofs/autofs.git/tree/CHANGELOG?h=release_5_1_7

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
3 years agopackage/libcurl: bump version to 7.75.0
Bernd Kuhls [Thu, 4 Feb 2021 22:25:25 +0000 (23:25 +0100)]
package/libcurl: bump version to 7.75.0

Updated license hash due to copyright year bump:
https://github.com/curl/curl/commit/275c28e6502e1ded6c62b5bf22a409de16b4a04e

Changelog: https://curl.se/changes.html

Release notes:
https://daniel.haxx.se/blog/2021/02/03/curl-7-75-0-is-smaller/
"No new security advisories this time!"

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
3 years agopackage/tor: bump version to 0.4.4.7
Bernd Kuhls [Thu, 4 Feb 2021 19:50:38 +0000 (20:50 +0100)]
package/tor: bump version to 0.4.4.7

Release notes: https://blog.torproject.org/node/1990

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
3 years agopackage/php: security bump version to 7.4.15
Bernd Kuhls [Thu, 4 Feb 2021 19:49:57 +0000 (20:49 +0100)]
package/php: security bump version to 7.4.15

Changelog: https://www.php.net/ChangeLog-7.php#7.4.15

Fixes CVE-2021-21702: http://bugs.php.net/80672

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
3 years agopackage/clamav: bump version to 0.103.1
Bernd Kuhls [Thu, 4 Feb 2021 19:43:20 +0000 (20:43 +0100)]
package/clamav: bump version to 0.103.1

Release notes:
https://blog.clamav.net/2021/02/clamav-01031-patch-release.html

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
3 years agopackage/capnproto: add CAPNPROTO_CPE_ID_VENDOR
Fabrice Fontaine [Thu, 4 Feb 2021 19:03:22 +0000 (20:03 +0100)]
package/capnproto: add CAPNPROTO_CPE_ID_VENDOR

cpe:2.3:a:capnproto:capnproto is a valid CPE identifier for this
package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Acapnproto%3Acapnproto

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
3 years agopackage/valijson: set VALIJSON_CPE_ID_VALID
Fabrice Fontaine [Thu, 4 Feb 2021 19:01:34 +0000 (20:01 +0100)]
package/valijson: set VALIJSON_CPE_ID_VALID

cpe:2.3:a:valijson_project:valijson is a valid CPE identifier for this
package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Avalijson_project%3Avalijson

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
3 years agopackage/python-bluezero: bump to version 0.5.0
Grzegorz Blach [Thu, 4 Feb 2021 14:22:25 +0000 (15:22 +0100)]
package/python-bluezero: bump to version 0.5.0

Signed-off-by: Grzegorz Blach <grzegorz@blach.pl>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
3 years agopackage/sysklogd: replace local syslog.conf sample with upstream
Joachim Wiberg [Mon, 1 Feb 2021 12:52:36 +0000 (13:52 +0100)]
package/sysklogd: replace local syslog.conf sample with upstream

This patch drops the local syslog.conf in favor of the one shipped with
sysklogd.  The upstream syslog.conf sample differs from the Buildroot
one primarily in shifting to /var/log/syslog as the default for log
messages.  It also comes with a dedicated /var/log/kern.log and some
commented-out filtering examples.

Signed-off-by: Joachim Wiberg <troglobit@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
3 years agopackage/cereal: fix CVE-2020-11105
Fabrice Fontaine [Wed, 3 Feb 2021 20:11:00 +0000 (21:11 +0100)]
package/cereal: fix CVE-2020-11105

Fix CVE-2020-11105: An issue was discovered in USC iLab cereal through
1.3.0. It employs caching of std::shared_ptr values, using the raw
pointer address as a unique identifier. This becomes problematic if an
std::shared_ptr variable goes out of scope and is freed, and a new
std::shared_ptr is allocated at the same address. Serialization fidelity
thereby becomes dependent upon memory layout. In short, serialized
std::shared_ptr variables cannot always be expected to serialize back
into their original values. This can have any number of consequences,
depending on the context within which this manifests.

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
3 years agopackage/sox: security bump to latest git commit
Fabrice Fontaine [Wed, 3 Feb 2021 20:00:49 +0000 (21:00 +0100)]
package/sox: security bump to latest git commit

Bump to the latest git commit as this will fix the following CVEs:

git log|grep CVE
  sox-fmt: validate comments_bytes before use (CVE-2019-13590) [bug #325]
  fix possible null pointer deref in lsx_make_lpf() (CVE-2019-8357)
  fft4g: bail if size too large (CVE-2019-8356)
  fix possible overflow in lsx_(re)valloc() size calculation (CVE-2019-8355)
  fix possible buffer size overflow in lsx_make_lpf() (CVE-2019-8354)
  xa: validate channel count (CVE-2017-18189)
  aiff: fix crash on empty comment chunk (CVE-2017-15642)
  adpcm: fix stack overflow with >4 channels (CVE-2017-15372)
  flac: fix crash on corrupt metadata (CVE-2017-15371)
  wav: ima_adpcm: fix buffer overflow on corrupt input (CVE-2017-15370)
  wav: fix crash writing header when channel count >64k (CVE-2017-11359)
  hcom: fix crash on input with corrupt dictionary (CVE-2017-11358)
  wav: fix crash if channel count is zero (CVE-2017-11332)

- Tweak configuration options due to
  https://sourceforge.net/p/sox/code/ci/6ff0e9322f9891f5a6ac6c9b3bceffbfca16bec3
- libgsm is now an optional dependency since
  https://sourceforge.net/p/sox/code/ci/e548827ffcf4dffa7f21709b8e96b04b481c09b8
- Add patch to put back --disable-stack-protector

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
3 years agopackage/systemd: bump to version 247.3
Norbert Lange [Wed, 3 Feb 2021 11:14:15 +0000 (12:14 +0100)]
package/systemd: bump to version 247.3

Drop upstream patch.

Use the new mode=release switch, this should automatically
disable features deemed not ready for use.

Signed-off-by: Norbert Lange <nolange79@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
3 years agopackage/squashfs: set SQUASHFS_CPE_ID_VALID
Fabrice Fontaine [Tue, 2 Feb 2021 17:31:23 +0000 (18:31 +0100)]
package/squashfs: set SQUASHFS_CPE_ID_VALID

cpe:2.3:a:squashfs_project:squashfs is a valid CPE identifier for this
package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Asquashfs_project%3Asquashfs

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
3 years agopackage/smartmontools: add SMARTMONTOOLS_CPE_ID_VENDOR
Fabrice Fontaine [Tue, 2 Feb 2021 17:29:15 +0000 (18:29 +0100)]
package/smartmontools: add SMARTMONTOOLS_CPE_ID_VENDOR

cpe:2.3:a:smartmontools:smartmontools is a valid CPE identifier for this
package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Asmartmontools%3Asmartmontools

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
3 years agopackage/iputils: bump version to 20210202
Petr Vorel [Tue, 2 Feb 2021 18:39:09 +0000 (19:39 +0100)]
package/iputils: bump version to 20210202

Upstream changed version scheme: dropped leading 's', reflect it.

Signed-off-by: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
3 years agopackage/sqlcipher: add SQLCIPHER_CPE_ID_VENDOR
Fabrice Fontaine [Tue, 2 Feb 2021 17:30:43 +0000 (18:30 +0100)]
package/sqlcipher: add SQLCIPHER_CPE_ID_VENDOR

cpe:2.3:a:zetetic:sqlcipher is a valid CPE identifier for this package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Azetetic%3Asqlcipher

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
3 years agopackage/python-bottle: security bump to version 0.12.19
Peter Korsgaard [Tue, 2 Feb 2021 15:33:19 +0000 (16:33 +0100)]
package/python-bottle: security bump to version 0.12.19

Fixes the following security issue:

CVE-2020-28473: The package bottle from 0 and before 0.12.19 are vulnerable
to Web Cache Poisoning by using a vector called parameter cloaking.  When
the attacker can separate query parameters using a semicolon (;), they can
cause a difference in the interpretation of the request between the proxy
(running with default configuration) and the server.  This can result in
malicious requests being cached as completely safe ones, as the proxy would
usually not see the semicolon as a separator, and therefore would not
include it in a cache key of an unkeyed parameter.

In addition, bottle 0.12.18 fixed a compatibility issue with python 3.8+:

https://github.com/bottlepy/bottle/issues/1181

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
3 years agoconfigs/nexbox_a95x_defconfig: bump to kernel 5.10.12
Peter Korsgaard [Tue, 2 Feb 2021 10:05:08 +0000 (11:05 +0100)]
configs/nexbox_a95x_defconfig: bump to kernel 5.10.12

The mmc probing order has changed since commit 21b2cec61c04bd1 (mmc: Set
PROBE_PREFER_ASYNCHRONOUS for drivers that existed in v4.4), so get rid of
the hardcoded root=/dev/mmcblk1p2.  The old vendor U-Boot unfortunately does
not have GPT support, so stick to MBR and use the legacy
root=PARTUUID=<disksignature>-<partition> format and set a fixed disk
signature, similar to how it was done for orangepi-r1 in commit 34cce93adb
(configs/orangepi_r1_defconfig: bump kernel to 5.10.10, u-boot to 2020.10).

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
3 years agoconfigs/orangepi_r1_defconfig: fix typo in comment
Yann E. MORIN [Wed, 3 Feb 2021 22:16:09 +0000 (23:16 +0100)]
configs/orangepi_r1_defconfig: fix typo in comment

In commit 38d04e6b1341, I did a last-minute change by adding the comment
to explain where the PARTLABEL was coming from, and introduced a typo in
that comment.

Fix it.

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agoboard/orangepi-zero-plus2: switch to GPT for PARTLABEL support
Sergey Matyukevich [Wed, 3 Feb 2021 19:57:19 +0000 (22:57 +0300)]
board/orangepi-zero-plus2: switch to GPT for PARTLABEL support

Patch that pins mmc indexes was not accepted to mainline kernel. Drop that
patch and switch to GPT to use partition labels. For GPT the name of the
partition in genimage.cfg is used as the label for that partition. Note
that the default GPT partition table location conflicts with the SPL
location, so move GPT table after bootloaders.

Signed-off-by: Sergey Matyukevich <geomatsi@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/grpc: disable unnecessary build plugins
Thomas De Schampheleire [Wed, 3 Feb 2021 12:43:24 +0000 (13:43 +0100)]
package/grpc: disable unnecessary build plugins

grpc has plugins for multiple programming languages, which are needed on
development machines only. Examples are grpc_cpp_plugin, grpc_ruby_plugin,
etc.

Even though before commit fedf3318e3fd3c9ba57389ed2b36472f1a772b9e,
grpc_cpp_plugin was not installed for target, all other plugins still were.
This causes additional build time and rootfs space.

As Buildroot does not support building a development environment for target,
these tools can be disabled.

Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/grpc: fix cross-compilation with gRPC_BUILD_GRPC_CPP_PLUGIN=OFF
Thomas De Schampheleire [Wed, 3 Feb 2021 12:43:23 +0000 (13:43 +0100)]
package/grpc: fix cross-compilation with gRPC_BUILD_GRPC_CPP_PLUGIN=OFF

In commit fedf3318e3fd3c9ba57389ed2b36472f1a772b9e, an obsolete patch to
support cross-compilation was removed, in favor of the upstream solution.

However, this caused a small change in behavior: for the target grpc, the
tool 'grpc_cpp_plugin' is now also built, while before it was not.

This tool is only really needed on development machines. Since Buildroot
does not support compilers and such on target itself, the tool is not
needed.

There exists an option gRPC_BUILD_GRPC_CPP_PLUGIN which can be set to 'OFF',
but disabling it in a cross-compilation context yields build failures.

Add a patch to fix that. This patch is intended to be upstreamed to grpc.

Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/collectd: stop passing '--with-libgrpc++'
Thomas De Schampheleire [Wed, 3 Feb 2021 12:43:22 +0000 (13:43 +0100)]
package/collectd: stop passing '--with-libgrpc++'

Commit 903de16f5fd586a32a7aed7a792a43dce16365eb added passing
'--with-libgrpc++' with the explanation:

    "Use --with-libgrpc++ option as otherwise collectd will try to find
    grpc++.pc which is not available."

At the time of above commit, grpc version in Buildroot was 1.23.0.
Since grpc 1.25.0, a grpc++.pc file _is_ generated from cmake builds.
Hence, remove passing --with-libgrpc++.

This change fixes a problem introduced by commit
fedf3318e3fd3c9ba57389ed2b36472f1a772b9e. As a side effect of that change, a
target version of 'grpc_cpp_plugin' was now created. When collectd was built
after grpc, even without grpc support in collectd enabled, the collectd
configure script would find this target grpc_cpp_plugin and try to use it
(which is not possible because it is built for target).
When not passing '--with-libgrpc++', collectd will instead find the host
version of grpc_cpp_plugin, which works fine.

There are still two underlying problems:
1. the target version of grpc_cpp_plugin is not actually needed. This will
   be disabled in a subsequent commit.

2. collectd should not execute any grpc-related action if grpc support for
   collectd is disabled. This problem has been reported upstream:
   https://github.com/collectd/collectd/issues/3836

Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agotoolchain/toolchain-external: update Arm AArch64 BE toolchain 10.2-2020.11
Romain Naour [Tue, 2 Feb 2021 23:19:05 +0000 (00:19 +0100)]
toolchain/toolchain-external: update Arm AArch64 BE toolchain 10.2-2020.11

Update to gcc 10.2, gdb 10.1, binutils 2.35.1.

See "Release Note":
https://developer.arm.com/open-source/gnu-toolchain/gnu-a/downloads#

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agotoolchain/toolchain-external: update Arm AArch64 toolchain 10.2-2020.11
Romain Naour [Tue, 2 Feb 2021 23:19:04 +0000 (00:19 +0100)]
toolchain/toolchain-external: update Arm AArch64 toolchain 10.2-2020.11

Update to gcc 10.2, gdb 10.1, binutils 2.35.1.

See "Release Note":
https://developer.arm.com/open-source/gnu-toolchain/gnu-a/downloads#

Tested with qemu_aarch64_virt_defconfig.

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agotoolchain/toolchain-external: update Arm ARM toolchain 10.2-2020.11
Romain Naour [Tue, 2 Feb 2021 23:19:03 +0000 (00:19 +0100)]
toolchain/toolchain-external: update Arm ARM toolchain 10.2-2020.11

Update to gcc 10.2, gdb 10.1, binutils 2.35.1.

See "Release Note":
https://developer.arm.com/open-source/gnu-toolchain/gnu-a/downloads#

Tested with qemu_arm_vexpress_defconfig.

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agosupport/config-fragments/autobuild: update Buildroot toolchains to 2020.11.2
Thomas Petazzoni [Tue, 2 Feb 2021 22:53:38 +0000 (23:53 +0100)]
support/config-fragments/autobuild: update Buildroot toolchains to 2020.11.2

Most of the toolchains now use gcc 9.x and kernel headers 5.9, instead
of gcc 8.x and kernel headers 5.4.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agosupport/config-fragments/autobuild: use Bootlin toolchain for Xtensa uclibc
Thomas Petazzoni [Tue, 2 Feb 2021 22:53:37 +0000 (23:53 +0100)]
support/config-fragments/autobuild: use Bootlin toolchain for Xtensa uclibc

Instead of using an external toolchain built specifically for the
autobuilders to test Xtensa/uclibc, use a pre-built Bootlin toolchain.

To be noted: that fragment was in fact already using a Bootlin
bleeding-edge toolchain, because BR2_TOOLCHAIN_EXTERNAL_CUSTOM=y is
missing from the fragment:

    $ cat support/config-fragments/autobuild/br-xtensa-full.config >.config

    $ make olddefconfig

    $ grep BOOTLIN .config
    BR2_TOOLCHAIN_EXTERNAL_BOOTLIN=y
    BR2_TOOLCHAIN_EXTERNAL_BOOTLIN_ARCH_SUPPORTS=y
    BR2_TOOLCHAIN_EXTERNAL_BOOTLIN_XTENSA_LX60_UCLIBC_BLEEDING_EDGE=y
    # BR2_TOOLCHAIN_EXTERNAL_BOOTLIN_XTENSA_LX60_UCLIBC_STABLE is not set

The original fragment was supposed to use a stable toolchain, so we
switch to explictly use a stable Bootlin toolchain.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
[yann.morin.1998@free.fr:
  - add blurb about missing BR2_TOOLCHAIN_EXTERNAL_CUSTOM=y
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agosupport/config-fragments/autobuild: use Bootlin toolchain for x86-64 musl
Thomas Petazzoni [Tue, 2 Feb 2021 22:53:36 +0000 (23:53 +0100)]
support/config-fragments/autobuild: use Bootlin toolchain for x86-64 musl

Instead of using an external toolchain built specifically for the
autobuilders to test x86-64/musl, use a pre-built Bootlin toolchain.

The previous configuration was for an Atom platform, but the Bootlin
toolchains only provide a Core i7 configuration. Since this is close
enough, we change to use this Core i7 configuration.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agosupport/config-fragments/autobuild: use Bootlin toolchain for x86-64 uclibc
Thomas Petazzoni [Tue, 2 Feb 2021 22:53:35 +0000 (23:53 +0100)]
support/config-fragments/autobuild: use Bootlin toolchain for x86-64 uclibc

Instead of using an external toolchain built specifically for the
autobuilders to test x86-64/uclibc, use a pre-built Bootlin toolchain.

The previous configuration was for Core2 platform, but the Bootlin
toolchains only provide a Core i7 configuration. Since this is close
enough, we change to use this Core i7 configuration.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agosupport/config-fragments/autobuild: use Bootlin toolchain for SPARC64 glibc
Thomas Petazzoni [Tue, 2 Feb 2021 22:53:34 +0000 (23:53 +0100)]
support/config-fragments/autobuild: use Bootlin toolchain for SPARC64 glibc

Instead of using an external toolchain built specifically for the
autobuilders to test SPARC64/glibc, use a pre-built Bootlin toolchain.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agosupport/config-fragments/autobuild: use Bootlin toolchain for SPARC uclibc
Thomas Petazzoni [Tue, 2 Feb 2021 22:53:33 +0000 (23:53 +0100)]
support/config-fragments/autobuild: use Bootlin toolchain for SPARC uclibc

Instead of using an external toolchain built specifically for the
autobuilders to test SPARC/uclibc, use a pre-built Bootlin toolchain.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agosupport/config-fragments/autobuild: use Bootlin toolchain for SH4 uclibc
Thomas Petazzoni [Tue, 2 Feb 2021 22:53:32 +0000 (23:53 +0100)]
support/config-fragments/autobuild: use Bootlin toolchain for SH4 uclibc

Instead of using an external toolchain built specifically for the
autobuilders to test SH4/uclibc, use a pre-built Bootlin toolchain.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
[yann.morin.1998@free.fr: drop BR2_sh4=y which is the default]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agosupport/config-fragments/autobuild: use Bootlin toolchain for RISC-V 32 glibc
Thomas Petazzoni [Tue, 2 Feb 2021 22:53:29 +0000 (23:53 +0100)]
support/config-fragments/autobuild: use Bootlin toolchain for RISC-V 32 glibc

Instead of using an external toolchain built specifically for the
autobuilders to test RISC-V 32/glibc, use a pre-built Bootlin
toolchain.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agosupport/config-fragments/autobuild: use Bootlin toolchain for PowerPC e500mc uclibc
Thomas Petazzoni [Tue, 2 Feb 2021 22:53:28 +0000 (23:53 +0100)]
support/config-fragments/autobuild: use Bootlin toolchain for PowerPC e500mc uclibc

Instead of using an external toolchain built specifically for the
autobuilders to test PowerPC e500mc/uclibc, use a pre-built Bootlin
toolchain.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agosupport/config-fragments/autobuild: use Bootlin toolchain for PowerPC64le Power8...
Thomas Petazzoni [Tue, 2 Feb 2021 22:53:27 +0000 (23:53 +0100)]
support/config-fragments/autobuild: use Bootlin toolchain for PowerPC64le Power8 glibc

Instead of using an external toolchain built specifically for the
autobuilders to test PowerPC64le Power8/glibc, use a pre-built Bootlin
toolchain.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agosupport/config-fragments/autobuild: use Bootlin toolchain for OpenRISC uclibc
Thomas Petazzoni [Tue, 2 Feb 2021 22:53:26 +0000 (23:53 +0100)]
support/config-fragments/autobuild: use Bootlin toolchain for OpenRISC uclibc

Instead of using an external toolchain built specifically for the
autobuilders to test OpenRISC/uclibc, use a pre-built Bootlin
toolchain.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agosupport/config-fragments/autobuild: use Bootlin toolchain for NIOS2 glibc
Thomas Petazzoni [Tue, 2 Feb 2021 22:53:25 +0000 (23:53 +0100)]
support/config-fragments/autobuild: use Bootlin toolchain for NIOS2 glibc

Instead of using an external toolchain built specifically for the
autobuilders to test nios2/glibc, use a pre-built Bootlin toolchain.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agosupport/config-fragments/autobuild: use Bootlin toolchain for mipsel uclibc
Thomas Petazzoni [Tue, 2 Feb 2021 22:53:24 +0000 (23:53 +0100)]
support/config-fragments/autobuild: use Bootlin toolchain for mipsel uclibc

Instead of using an external toolchain built specifically for the
autobuilders to test mipsel/uclibc, use a pre-built Bootlin toolchain.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agosupport/config-fragments/autobuild: use Bootlin toolchain for mipsel32r6 glibc
Thomas Petazzoni [Tue, 2 Feb 2021 22:53:23 +0000 (23:53 +0100)]
support/config-fragments/autobuild: use Bootlin toolchain for mipsel32r6 glibc

Instead of using an external toolchain built specifically for the
autobuilders to test mipsel32r6/glibc, use a pre-built Bootlin
toolchain.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agosupport/config-fragments/autobuild: use Bootlin toolchain for Microblaze EL uclibc
Thomas Petazzoni [Tue, 2 Feb 2021 22:53:22 +0000 (23:53 +0100)]
support/config-fragments/autobuild: use Bootlin toolchain for Microblaze EL uclibc

Instead of using an external toolchain built specifically for the
autobuilders to test Microblaze EL/uclibc, use a pre-built Bootlin
toolchain.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agosupport/config-fragments/autobuild: use Bootlin toolchain for m68k 5208 uclibc
Thomas Petazzoni [Tue, 2 Feb 2021 22:53:21 +0000 (23:53 +0100)]
support/config-fragments/autobuild: use Bootlin toolchain for m68k 5208 uclibc

Instead of using an external toolchain built specifically for the
autobuilders to test m68k 5208/uclibc, use a pre-built Bootlin
toolchain.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agosupport/config-fragments/autobuild: use Bootlin toolchain for m68k 68040 uclibc
Thomas Petazzoni [Tue, 2 Feb 2021 22:53:20 +0000 (23:53 +0100)]
support/config-fragments/autobuild: use Bootlin toolchain for m68k 68040 uclibc

Instead of using an external toolchain built specifically for the
autobuilders to test m68k 68040/uclibc, use a pre-built Bootlin
toolchain.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agosupport/config-fragments/autobuild: use Bootlin toolchain for ARMv7-M uclibc
Thomas Petazzoni [Tue, 2 Feb 2021 22:53:19 +0000 (23:53 +0100)]
support/config-fragments/autobuild: use Bootlin toolchain for ARMv7-M uclibc

Instead of using an external toolchain built specifically for the
autobuilders to test ARMv7-M/uclibc, use a pre-built Bootlin
toolchain.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agosupport/config-fragments/autobuild: use Bootlin toolchain for ARMv7 musl
Thomas Petazzoni [Tue, 2 Feb 2021 22:53:18 +0000 (23:53 +0100)]
support/config-fragments/autobuild: use Bootlin toolchain for ARMv7 musl

Instead of using an external toolchain built specifically for the
autobuilders to test ARMv7/musl, use a pre-built Bootlin toolchain.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agosupport/config-fragments/autobuild: use Bootlin toolchain for ARMv7 glibc
Thomas Petazzoni [Tue, 2 Feb 2021 22:53:17 +0000 (23:53 +0100)]
support/config-fragments/autobuild: use Bootlin toolchain for ARMv7 glibc

Instead of using an external toolchain built specifically for the
autobuilders to test ARM Cortex-A9/glibc, use a pre-built Bootlin
toolchain. Since this was meant to test very recent version of
toolchain components, we use the bleeding edge toolchain variant.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agosupport/config-fragments/autobuild: use Bootlin toolchain for ARMv5 uclibc
Thomas Petazzoni [Tue, 2 Feb 2021 22:53:16 +0000 (23:53 +0100)]
support/config-fragments/autobuild: use Bootlin toolchain for ARMv5 uclibc

Instead of using an external toolchain built specifically for the
autobuilders to test ARMv5/uclibc, use a pre-built Bootlin toolchain.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agosupport/config-fragments/autobuild: use Bootlin toolchain for ARCle HS38 uclibc
Thomas Petazzoni [Tue, 2 Feb 2021 22:53:15 +0000 (23:53 +0100)]
support/config-fragments/autobuild: use Bootlin toolchain for ARCle HS38 uclibc

Instead of using an external toolchain built specifically for the
autobuilders to test ARCle HS38/uclibc, use a pre-built Bootlin toolchain.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agosupport/config-fragments/autobuild: use Bootlin toolchain for AArch64 glibc
Thomas Petazzoni [Tue, 2 Feb 2021 22:53:14 +0000 (23:53 +0100)]
support/config-fragments/autobuild: use Bootlin toolchain for AArch64 glibc

Instead of using an external toolchain built specifically for the
autobuilders to test AArch64/glibc, use a pre-built Bootlin toolchain.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/libgpiod: disable examples
Fabrice Fontaine [Tue, 2 Feb 2021 19:27:03 +0000 (20:27 +0100)]
package/libgpiod: disable examples

This will fix a build failure with libgpiod in version 1.6.2

Even though the examples are not built by default, we explicitly
disable them, to be future-proof in case that default changes in
the future.

Fixes:
 - http://autobuild.buildroot.org/results/321004b185213099c7c5633b5ec35ceadd0293bc

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[yann.morin.1998@free.fr:
  - keep dependencies first
  - explicitly disable examples
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agoRevert "package/stress-ng: disable libbsd on static build"
Fabrice Fontaine [Mon, 1 Feb 2021 17:51:12 +0000 (18:51 +0100)]
Revert "package/stress-ng: disable libbsd on static build"

This reverts commit f2d6c5ff9092aa7735c7a739d15180910ae734df.

Now that libbsd can't be enabled for static builds, we can drop the
workaround specific to stress-ng.

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/libbsd: needs dynamic library
Fabrice Fontaine [Mon, 1 Feb 2021 17:51:13 +0000 (18:51 +0100)]
package/libbsd: needs dynamic library

Static linking with libbsd fails because of multiple definition of the
strlcpy symbol. uClibc optionally provides these symbols.

So add a dependency on dynamic library to avoid a build failure with a
zeromq-enabled bitcoin or with stress-ng.

Fixes:
 - http://autobuild.buildroot.org/results/ba87544d42ad5e77a27a7a504bc6336a06f6e291

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/libopenssl: fix issue when compiling with BR2_OPTIMIZE_G=y
Yann Sionneau [Tue, 2 Feb 2021 16:53:21 +0000 (17:53 +0100)]
package/libopenssl: fix issue when compiling with BR2_OPTIMIZE_G=y

For instance on risc-v 64 arch the build would otherwise fail because
of undefined ucontext_t because "-DOPENSSL_NO_ASYNC" would not propagate
through to CFLAGS in the Makefile.

Signed-off-by: Yann Sionneau <ysionneau@kalray.eu>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/sox: drop unrecognized options
Fabrice Fontaine [Tue, 2 Feb 2021 20:46:26 +0000 (21:46 +0100)]
package/sox: drop unrecognized options

ffmpeg has been dropped since version 14.4.2 (back in 2013) and
https://sourceforge.net/p/sox/code/ci/5ae4049727d4f29036ad541bde5863c850aa7755

--disable-gomp has also been removed since version 14.4.1 (back in 2012)
and
https://sourceforge.net/p/sox/code/ci/84eaacb54fd2e61154ccd95328d8a8ec5096eae1

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/pkg-meson.mk: fix ccache auto-detection avoidance
Yann E. MORIN [Tue, 2 Feb 2021 20:32:23 +0000 (21:32 +0100)]
package/pkg-meson.mk: fix ccache auto-detection avoidance

Commit f4a61d1ae23e (package/pkg-meson.mk avoid host ccache detection)
forced the host C and C++ compilers so that meson does not try to
autodetect ccache, and instead relies on what we provide.

However, this incorrectly used single-expansion of variables in a
package infra.

For traditional builds, this is OK, because the value does not change
across packages.

However, for builds with per-package directories, this value only refers
to the generic path, which ill not exist until the end of the build when
all packages are aggregated in the host-finalize step.

Fix that by postponing the variable evaluation like all the others.

Reported-by: Xogium on IRC
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agoConfig.in.legacy: remove redundant empty line
Arnout Vandecappelle (Essensium/Mind) [Tue, 2 Feb 2021 19:42:57 +0000 (20:42 +0100)]
Config.in.legacy: remove redundant empty line

As reported by check-package.

Fixes: https://gitlab.com/buildroot.org/buildroot/-/jobs/1003192260
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agosupport/scripts/pkg-stats: check CPE existence in CPE dictionnary
Thomas Petazzoni [Sun, 31 Jan 2021 13:38:16 +0000 (14:38 +0100)]
support/scripts/pkg-stats: check CPE existence in CPE dictionnary

This commit extends pkg-stats to leverage the recently introduced
CPEDB class to verify that the CPEs provided by Buildroot packages are
indeed known in the official CPE dictionnary provided by NVD.

Co-Developed-by: Grégory Clement <gregory.clement@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agosupport/scripts/cpedb.py: new CPE XML helper
Matt Weber [Sun, 31 Jan 2021 13:38:15 +0000 (14:38 +0100)]
support/scripts/cpedb.py: new CPE XML helper

Python class which consumes a NIST CPE XML and provides helper
functions to access and search the db's data.

 - Defines the CPE as a object with operations / formats
 - Processing of CPE dictionary

Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Co-Developed-by: Grégory Clement <gregory.clement@bootlin.com>
Co-Developed-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agopackage/linux-headers: with headers from kernel, also override srcdir
Yann E. MORIN [Wed, 27 Jan 2021 21:24:13 +0000 (22:24 +0100)]
package/linux-headers: with headers from kernel, also override srcdir

When using the headers from the kernel to be built, with the kernel
set to a custom version, and overriding the kernel sources with
LINUX_OVERRIDE_SRCDIR, the linux-headers package is still trying to
download an archive, and fails to validate its hash.

What is going on under the hood is that, with _OVERRIDE_SRCDIR, the
_VERSION of a package is set to 'custom'. Furthermore, the variable
BR_NO_CHECK_HASH_FOR is recursively expanded, so its value is only
evaluated when it is needed.

For linux-headers, we inherit the values from the linux package, and
the LINUX_HEADERS_VERSION takes the value from the configuration.

Thus we end up with the following situation:

    LINUX_VERSION=custom
    LINUX_HEADERS_VERSION=5.10   # For example
    BR_NO_CHECK_HASH_FOR=... linux-custom.tar.gz ...

And thus the archive downloaded by linux-headers will not match any
exclusion, and since there will most probably not be a hash for it,
the download will fail, as was noticed and reported by Jarkko.

But in this case, what we really want is to really use the headers
from the kernel that we build, we do not even want to attempt a
download at all.

So, when using the headers from the kernel to be built, we also
propagate the LINUX_OVERRIDE_SRCDIR to linux-headers, so that we
also use the headers from the overridden sources.

Furthermore, in that configuration, we explicitly disallow
overriding the linux-headers specifically, as it does not make sense
(even though, if they were overridden to the same location, that'd
be OK, but to simplify the condition, we do not even check for that).

Reported-by: Jarkko Sakkinen <jjs@kapsi.fi>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Peter Korsgaard <peter@korsgaard.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agopackage/grpc: remove obsolete patch to support cross-compiling
Thomas De Schampheleire [Mon, 1 Feb 2021 20:57:09 +0000 (21:57 +0100)]
package/grpc: remove obsolete patch to support cross-compiling

When cross-compiling grpc, a native tool 'grpc_cpp_plugin' is needed.
Patch '0001-target-build-using-host-plugin.patch' in Buildroot provides a
way to pass the path to this tool via a configure option
'gRPC_NATIVE_CPP_PLUGIN'.

In version 1.20.0, the upstream grpc project added better support for
cross-compiling via commit 0d7a0ded [1], searching for the native
grpc_cpp_plugin via PATH (rather than specifying it as configure option as
our patch was doing).

This change renders the mentioned Buildroot patch obsolete, so remove it.

[1] https://github.com/grpc/grpc/commit/0d7a0ded1cc93bb7f4d69a156b0a69829557cbf2

Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Reviewed-by: Michael Nosthoff <buildroot@heine.tech>
Tested-by: Michael Nosthoff <buildroot@heine.tech>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
3 years agopackage/python-iso8601: bump to version 0.1.13
Fabrice Fontaine [Mon, 1 Feb 2021 18:26:44 +0000 (19:26 +0100)]
package/python-iso8601: bump to version 0.1.13

Update indentation in hash file (two spaces)

https://github.com/micktwomey/pyiso8601/releases/tag/0.1.13

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
3 years agopackage/snort: add SNORT_CPE_ID_VENDOR
Fabrice Fontaine [Mon, 1 Feb 2021 17:54:14 +0000 (18:54 +0100)]
package/snort: add SNORT_CPE_ID_VENDOR

cpe:2.3:a:snort:snort is a valid CPE identifier for this package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Asnort%3Asnort

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
3 years agopackage/qpid-proton: set CPE variables
Fabrice Fontaine [Tue, 2 Feb 2021 07:13:21 +0000 (08:13 +0100)]
package/qpid-proton: set CPE variables

cpe:2.3:a:apache:qpid_proton is a valid CPE identifier for this package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Aapache%3Aqpid_proton

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
3 years agopackage/libcpprestsdk: bump to version 2.0.18
Fabrice Fontaine [Tue, 2 Feb 2021 07:03:31 +0000 (08:03 +0100)]
package/libcpprestsdk: bump to version 2.0.18

https://github.com/microsoft/cpprestsdk/releases/tag/2.10.18
https://github.com/microsoft/cpprestsdk/releases/tag/2.10.17

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
3 years agopackage/privoxy: add PRIVOXY_CPE_ID_VENDOR
Fabrice Fontaine [Mon, 1 Feb 2021 18:22:27 +0000 (19:22 +0100)]
package/privoxy: add PRIVOXY_CPE_ID_VENDOR

cpe:2.3:a:privoxy:privoxy is a valid CPE identifier for this package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Aprivoxy%3Aprivoxy

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
3 years agopackage/busybox: Fix check for IPv6 default route in udhcpc
Samuel Mendoza-Jonas [Tue, 2 Feb 2021 01:54:52 +0000 (17:54 -0800)]
package/busybox: Fix check for IPv6 default route in udhcpc

The check for a default route is inverted, causing the script to wait
for the timeout even when a default IPv6 route is available. Fix this up
so that it exits early as expected.

Reported-by: Bhattiprolu RaviKumar <ravikumar.bhattiprolu@gmail.com>
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
3 years agopackage/wireguard-linux-compat: bump version to 1.0.20210124
Peter Korsgaard [Mon, 1 Feb 2021 17:48:24 +0000 (18:48 +0100)]
package/wireguard-linux-compat: bump version to 1.0.20210124

Fixes a build issue with recent 4.14.x stable kernels.  For details, see the
announcement:

https://lists.zx2c4.com/pipermail/wireguard/2021-January/006349.html

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
3 years agopackage/python-django: security bump to version 3.0.12
Peter Korsgaard [Mon, 1 Feb 2021 12:55:57 +0000 (13:55 +0100)]
package/python-django: security bump to version 3.0.12

Fixes the following security issues:

CVE-2021-3281: Potential directory-traversal via archive.extract()

The django.utils.archive.extract() function, used by startapp --template and
startproject --template, allowed directory-traversal via an archive with
absolute paths or relative paths with dot segments.

For details, see the advisory:
https://www.djangoproject.com/weblog/2021/feb/01/security-releases/

Additionally, 3.0.11 fixed a regression:
https://docs.djangoproject.com/en/3.1/releases/3.0.11/

Update indentation in hash file (two spaces).

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
3 years agopackage/privoxy: security bump to version 3.0.31
Peter Korsgaard [Mon, 1 Feb 2021 12:48:47 +0000 (13:48 +0100)]
package/privoxy: security bump to version 3.0.31

From the announcement:

ChangeLog for Privoxy 3.0.31
--------------------------------------------------------------------
- Security/Reliability:
  - Prevent an assertion from getting triggered by a crafted CGI request.
    Commit 5bba5b89193fa. OVE-20210130-0001.
    Reported by: Joshua Rogers (Opera)
  - Fixed a memory leak when decompression fails "unexpectedly".
    Commit f431d61740cc0. OVE-20210128-0001.

- Bug fixes:
  - Fixed detection of insufficient data for decompression.
    Previously Privoxy could try to decompress a partly
    uninitialized buffer.

https://www.privoxy.org/announce.txt

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
3 years agosupport/scripts/pkg-stats: get_config_packages(): use dict.values()
Peter Korsgaard [Mon, 1 Feb 2021 12:20:56 +0000 (13:20 +0100)]
support/scripts/pkg-stats: get_config_packages(): use dict.values()

There is no need to get both the key and the value out of the dict if the
key is not used, so use dict.values() instead.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
3 years agopackage/moarvm: bump to version 2020.12
Francois Perrad [Mon, 1 Feb 2021 06:28:27 +0000 (07:28 +0100)]
package/moarvm: bump to version 2020.12

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
3 years agopackage/rtty: bump version to 7.3.1
Jianhui Zhao [Mon, 1 Feb 2021 13:14:26 +0000 (21:14 +0800)]
package/rtty: bump version to 7.3.1

Signed-off-by: Jianhui Zhao <zhaojh329@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
3 years agopackage/pugixml: bump to version 1.11.4
Fabrice Fontaine [Mon, 1 Feb 2021 17:48:18 +0000 (18:48 +0100)]
package/pugixml: bump to version 1.11.4

- Use LICENSE.md which has been added in the release tarball since
  version 1.11 and
  https://github.com/zeux/pugixml/commit/ccb63a91865b59d3a4c1dde61fecf12ec085c089
- Fix a build failure with gerbera >= 1.5.0 when building pugixml in
  header-only mode

Fixes:
 - http://autobuild.buildroot.org/results/9c1919bacd23da0505a4eb828a806997a23b640f

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
3 years agopackage/bdwgc: set BDWGC_CPE_ID_VALID
Fabrice Fontaine [Mon, 1 Feb 2021 17:53:23 +0000 (18:53 +0100)]
package/bdwgc: set BDWGC_CPE_ID_VALID

cpe:2.3:a:bdwgc_project:bdwgc is a valid CPE identifier for this
package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Abdwgc_project%3Abdwgc

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
3 years agopackage/snappy: add SNAPPY_CPE_ID_VENDOR
Fabrice Fontaine [Mon, 1 Feb 2021 17:55:48 +0000 (18:55 +0100)]
package/snappy: add SNAPPY_CPE_ID_VENDOR

cpe:2.3:a:google:snappy is a valid CPE identifier for this package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Agoogle%3Asnappy

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
3 years agopackage/libnss: bump version to 3.61
Giulio Benetti [Sun, 31 Jan 2021 22:22:46 +0000 (23:22 +0100)]
package/libnss: bump version to 3.61

Release Notes:
https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.61_release_notes

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
3 years agopackage/luasyslog: needs host-luarocks
Fabrice Fontaine [Wed, 27 Jan 2021 08:07:45 +0000 (09:07 +0100)]
package/luasyslog: needs host-luarocks

host-luarocks is needed since bump to version 2.2.0 as the package is
now using autotools infrastructure instead of luarocks

Fixes:
 - http://autobuild.buildroot.org/results/f6a9615e965905bdc0a1e62020e4b27d6653693f

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
3 years agopackage/websocketpp: add WEBSOCKETPP_CPE_ID_VENDOR
Fabrice Fontaine [Thu, 28 Jan 2021 19:54:58 +0000 (20:54 +0100)]
package/websocketpp: add WEBSOCKETPP_CPE_ID_VENDOR

cpe:2.3:a:zaphoyd:websocketpp is a valid CPE identifier for this
package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Azaphoyd%3Awebsocketpp

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
3 years agopackage/musl: bump to version 1.2.2
Thomas Petazzoni [Sun, 31 Jan 2021 22:33:03 +0000 (23:33 +0100)]
package/musl: bump to version 1.2.2

Drop 0003-rewrite-wcsnrtombs-to-fix-buffer-overflow-and-other-.patch
as it is a backport of upstream commit
3ab2a4e02682df1382955071919d8aa3c3ec40d4 which is part of the 1.2.2
release.

1.2.2 release notes

major changes:
- child restrictions lifted after fork of multithreaded parent

new features:
- _Fork function (POSIX-future)
- reallocarray function (extension from OpenBSD, now widespread)
- gettid function (kernel tid as supported concept)
- SIGEV_THREAD_ID sigevent API (Linux extension)
- tcgetwinsize and tcsetwinsize functions (POSIX-future)

performance:
- faster software sqrt on archs without native sqrt instruction

compatibility:
- realpath no longer depends on procfs availability & accuracy
- time zone parser now always prefers 64-bit tables if present
- crypt_blowfish now supports $2b$ prefix
- res_query now reports errors via h_errno
- set*id and setrlimit are now safe in vforked/cloned child
- setgroups now applies to all threads
- dlopen debugger notification is improved, should work with lldb
- setrlimit no longer needs __synccall broadcast on linux 2.6.36+
- faccessat with AT_EACCESS no longer needs child process on linux 5.8+

bugs fixed:
- buffer overflow and infinite loop errors in wcsnrtombs (CVE-2020-28928)
- sem_close unmapped still-referenced semaphores
- fork of process with active aio could deadlock or crash paren
- pthread_cond_wait was broken with priority-inheritance mutex
- getgrouplist wrongly failed when nscd reported an empty list
- abort could leak modified SIGABRT disposition to fork or posix_spawn child
- regression with mallocng: malloc_usable_size(0) crashed
- readlink wrongly gave EINVAL on zero length dest buffer
- sqrtl was severely inaccurate (not correctly rounded) on ldquad archs
- assert failure wrongly flushed stdio (possible deadlock)
- MUSL_LOCPATH search was broken with multiple components
- missing newline in herror output
- possible deadlock in pthread_exit with pshared mutex or barrier usage
- pthread_mutexattr_getprotocol didn't read back protocol
- v4l2 ioctl translation for pre-time64 kernels didn't work

arch-specific bugs fixed:
- x86_64 longjmp failed to handle 0 argument reliably
- i386 __set_thread_area fallback for pre-2.6 kernels didn't work
- missing O_LARGEFILE macro value on x86_64, x32, mips64
- unpredictable s390x breakage from failure to preserve call-saved registers

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
3 years agopackage/binutils: drop 2.33.x series
Thomas Petazzoni [Sun, 31 Jan 2021 22:33:02 +0000 (23:33 +0100)]
package/binutils: drop 2.33.x series

Now that 2.36.x has been added, that 2.35.x is the default version,
drop support for 2.33.x.

Note that we keep binutils 2.32.x as it is the latest version that
works for FLAT binaries (used on noMMU platforms).

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
3 years agopackage/binutils: switch to 2.35.x as the default version
Thomas Petazzoni [Sun, 31 Jan 2021 22:33:01 +0000 (23:33 +0100)]
package/binutils: switch to 2.35.x as the default version

Now that 2.36 has been released, let's use 2.35.x as the default
binutils version.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
3 years agopackage/binutils: add support for version 2.36
Thomas Petazzoni [Sun, 31 Jan 2021 22:33:00 +0000 (23:33 +0100)]
package/binutils: add support for version 2.36

Release e-mail:

  https://sourceware.org/pipermail/binutils/2021-January/115071.html

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
3 years agopackage/binutils: bump 2.35.x series to 2.35.2
Thomas Petazzoni [Sun, 31 Jan 2021 22:32:59 +0000 (23:32 +0100)]
package/binutils: bump 2.35.x series to 2.35.2

Release notes:

  https://sourceware.org/pipermail/binutils/2021-January/115150.html

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
3 years agopackage/xenomai: set 'custom' as version in case of tarball
Thomas De Schampheleire [Sun, 31 Jan 2021 21:27:40 +0000 (22:27 +0100)]
package/xenomai: set 'custom' as version in case of tarball

When BR2_PACKAGE_XENOMAI_CUSTOM_TARBALL is selected, the xenomai package
declared an empty version, which among others means that the build directory
becomes output/build/xenomai without any version specification, and empty
version information in 'xenomai-show-info'.

Other packages that allow a custom tarball, like 'linux' and
'arm-trusted-firmware', specify 'custom' as version in this case.

Adapt the xenomai package accordingly.

Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
3 years agopackage/inadyn: bump to version 2.8.1
Joachim Wiberg [Sun, 31 Jan 2021 22:47:46 +0000 (23:47 +0100)]
package/inadyn: bump to version 2.8.1

ChangeLog:
- https://github.com/troglobit/inadyn/releases/tag/v2.8
- https://github.com/troglobit/inadyn/releases/tag/v2.8.1

Signed-off-by: Joachim Wiberg <troglobit@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
3 years agopackage/libevdev: bump to version 1.11.0
Alexander Dahl [Mon, 1 Feb 2021 11:50:28 +0000 (12:50 +0100)]
package/libevdev: bump to version 1.11.0

With this version libevdev sets the license to MIT license.  Actually
that has always been the intended license before.  Upstream made some
effort to have all contributors acknowledge that over the past months.

Link: https://lists.freedesktop.org/archives/input-tools/2021-February/001557.html
Link: https://gitlab.freedesktop.org/libevdev/libevdev/-/issues/9
Link: https://gitlab.freedesktop.org/libevdev/libevdev/-/merge_requests/69
Signed-off-by: Alexander Dahl <post@lespocky.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
3 years agopackage/libgpiod: bump to version 1.6.2
Michael Nosthoff [Mon, 1 Feb 2021 09:12:28 +0000 (10:12 +0100)]
package/libgpiod: bump to version 1.6.2

Version 1.6.2 now builds against headers >= 4.8.x. (Previously 5.5 was
required). Functionality might still be limited depending on the kernel version.

* altered note on updating
* disable building of tests

Signed-off-by: Michael Nosthoff <buildroot@heine.tech>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
3 years agopackage/frr: bump to 7.5
Vadym Kochan [Thu, 28 Jan 2021 15:24:19 +0000 (17:24 +0200)]
package/frr: bump to 7.5

Major Behavior Changes

    - As a reminder for those upgrading from older releases, as of FRR 7.4
    and beyond:

    RFC 8212 is now enabled by default. BGP will not advertise or use
    routes unless explicitly configured to do so with an export or import
    policy.

All daemons

    Minimum libyang version is now 1.0.184

bfdd

    Profile support
    Minimum TTL support

bgpd

    RPKI now has support for VRFs
    Add wide option to route show commands
    Add ability to count filtered prefixes when using maximum-prefix
    with new force option
    Add ability to show selected bestpath routes for a given neighbor
    with bestpath-routes option to neighbor show command
    Add ability to specify message when admin downing a session with bgp
    shutdown message MSG... command
    Add IPv6 support for Flowspec
    Add ability to shut down neighbor if RTT is too high with neighbor
    <neigh> shutdown rtt command
    Allow update-delay to be applied globally
    Graceful Restart fixes
    Stability and performance fixes
    EVPN
    Beginning of MultiHoming support; stay tuned

isisd

    Add VRF support
    Add support for Anycast-SIDs
    Fix adjacency timer display overflow

ospfd

    Segment Routing support for ECMP
    Prevent crash if transferring config amongst instances
    Various LSA-related fixes

pbrd

    Add JSON support to commands
    Add ability to match on DSCP/ECN fields

pimd

    Add more JSON support to commands
    Add support for MSDP SA forwarding
    (s,g,rpt) ifchannel is now cleared when (*, G) prune is received
    Fix IGMP querier election and IP address mapping
    Fix missing mesh-group commands
    Fix crash when RP is removed

staticd

    Add support for Northbound API

zebra

    Nexthop group support for FPM
    Netlink batching support
    Northbound support for RIB model
    Backup nexthop support
    Allow upper level protocols to request ARP
    Add json output for zebra ES, ES-EVI and access vlan dumps

vtysh

    Speed up output across daemons
    Fix build-time errors for some --enable flags

Northbound / YANG

    Filter and route-map support
    OSPF model definition
    BGP model definition

RPM Packaging

    Moved RPKI to subpackage
    Added SNMP subpackage

Signed-off-by: Vadym Kochan <vadym.kochan@plvision.eu>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
3 years agopackage/webkitgtk: add WEBKITGTK_CPE_ID_VENDOR
Fabrice Fontaine [Thu, 28 Jan 2021 17:19:47 +0000 (18:19 +0100)]
package/webkitgtk: add WEBKITGTK_CPE_ID_VENDOR

cpe:2.3:a:webkitgtk:webkitgtk is a valid CPE identifier for this
package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Awebkitgtk%3Awebkitgtk

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Reviewed-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
3 years agoconfigs/hifive_unleashed: use mainline Linux + U-Boot
Bin Meng [Fri, 29 Jan 2021 04:50:06 +0000 (12:50 +0800)]
configs/hifive_unleashed: use mainline Linux + U-Boot

Update to use the official linux kernel v5.10 instead of an
out-of-tree kernel, and use the official U-Boot v2021.01 as the
bootloader. Provide two configuration files of genimage for different
boot flows:

- Boot from SD card (default)
- Boot from SPI flash

A boot script is generated to automatically boot the distro.

Signed-off-by: Bin Meng <bin.meng@windriver.com>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
3 years agoReplace LIBFOO_CPE_ID_VERSION_MINOR by LIBFOO_CPE_ID_UPDATE
Fabrice Fontaine [Fri, 29 Jan 2021 17:56:40 +0000 (18:56 +0100)]
Replace LIBFOO_CPE_ID_VERSION_MINOR by LIBFOO_CPE_ID_UPDATE

Replace LIBFOO_CPE_ID_VERSION_MINOR by LIBFOO_CPE_ID_UPDATE to better
"comply" with the official "Well-Formed CPE Name Data Model" parameters:
 - https://csrc.nist.gov/publications/detail/nistir/7695/final
 - https://nvlpubs.nist.gov/nistpubs/Legacy/IR/nistir7695.pdf

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
3 years agopackage/efl: drop dependency on gcc >= 4.8
Fabrice Fontaine [Fri, 29 Jan 2021 17:43:37 +0000 (18:43 +0100)]
package/efl: drop dependency on gcc >= 4.8

Drop dependency on gcc >= 4.8 for efl options as it is guaranted since
commit dbe2d2e686281c19739824d4d4faec62187d1779 which added a dependency
on gcc >= 4.9 for efl

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
3 years agopackage/libcamera: bump version to ab72e66
Peter Seiderer [Fri, 29 Jan 2021 23:04:17 +0000 (00:04 +0100)]
package/libcamera: bump version to ab72e66

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>