git.libre-soc.org Git - buildroot.git/log

package/qt5base: disable feature-relocatable

Disable feature-relocatable to avoid a path mismatch while searching qml
files and buildroot BR2_ROOTFS_MERGED_USR feature enabled.

As described in [1] with feature-relocatable Qt determines the search
pathes relative to the location of libQt5Core.so, with BR2_ROOTFS_MERGED_USR
enabled found first under the symlink path '/lib' instead of the install
path '/usr/lib' and searches sequentially for qml files under '/qml' instead
of the correct '/usr/qml'.

Fixes:
- https://bugs.busybox.net/show_bug.cgi?id=12906

[1] https://code.qt.io/cgit/qt/qtbase.git/commit/?id=4ac872639ed0dd3ae6627e05bdda821f7d128500

Reported-by: Joonas Harjumäki <jharjuma@gmail.com>
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/rustc: RUSTC_TARGET_NAME is needed to build host-rust

As reported on bugzilla [1], the host-rust package fail when
the target architecture or the target libc is not supported.

The error is the following:
failed to parse TOML configuration 'config.toml': expected a table key, found a right bracket at line 15

In such case BR2_PACKAGE_HOST_RUSTC_TARGET_ARCH_SUPPORTS is
not set thus RUSTC_TARGET_NAME is also not set [2].

But RUSTC_TARGET_NAME is needed to generate the file config.toml [3]

Add BR2_PACKAGE_HOST_RUSTC_TARGET_ARCH_SUPPORTS in the host-rust
dependency.

The commit [4] that allowed to select host-rust when the target
architecture or the target libc is not supported, should have
allowed to select only host-rustc-bin.

Fixes:
Bug #12691

[1] https://bugs.busybox.net/show_bug.cgi?id=12691
[2] https://git.buildroot.net/buildroot/tree/package/rustc/rustc.mk?h=2020.05-rc1#n10
[3] https://git.buildroot.net/buildroot/tree/package/rust/rust.mk?h=2020.05-rc1#n41
[4] 025b863e6facb7b219b82ee6ee7a7916c2c3c47e

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Sam Voss <sam.voss@gmail.com>
Reviewed-by: Sam Voss <sam.voss@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/ezxml: remove package

ezXML is affected by several CVEs and is not maintained anymore (no
release since 2006) so remove it.

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/meson: use wrappers for g-ir-scanner and g-ir-compiler

We need to backport a commit to allow us to override the g-ir-scanner
and g-ir-compiler binaries in the gnome module.

By default since meson looks for these binaries as native: true
dependencies it would use the host versions instead of the wrappers
which are not useable for target package builds. Override this behavior
by specifying the correct wrapper binaries in cross-compilation.conf.

Fixes:
http://autobuild.buildroot.net/results/f49/f49bb57a6ec2890f489fbd55ced9c9249d066334/build-end.log

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
[yann.morin.1998@free.fr:
- expand on why the backported patch does not closely match upstream
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/meson: bump to version 0.54.2

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

configs/raspberrypi{3, 4}_64: enabling BR2_LINUX_KERNEL_DTB_OVERLAY_SUPPORT no longer needed

BR2_LINUX_KERNEL_DTB_OVERLAY_SUPPORT is now forcefully selected by
BR2_PACKAGE_RPI_FIRMWARE_INSTALL_DTB_OVERLAYS when the kernel is in
charge of building DTBs (BR2_LINUX_KERNEL_DTS_SUPPORT=y). So enabling
BR2_LINUX_KERNEL_DTB_OVERLAY_SUPPORT is no longer needed in the 64-bit
defconfigs for Raspberry Pi 3 and 4.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/rpi-firmware: select BR2_LINUX_KERNEL_DTB_OVERLAY_SUPPORT when needed

When BR2_PACKAGE_RPI_FIRMWARE_INSTALL_DTB_OVERLAYS is enabled, and the
DTBs are built by Linux (i.e BR2_LINUX_KERNEL_DTS_SUPPORT is enabled),
these DTBs should be built with the -@ Device Tree compiler option, so
that they can be used together with DTB overlays. So let's select
BR2_LINUX_KERNEL_DTB_OVERLAY_SUPPORT in this situation.

Fixes:

https://bugs.busybox.net/show_bug.cgi?id=12831

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/libssh2: fix autoreconf comment

The comment explaining the autoreconf says that we are building from a git
clone - but we are not, currently. However, the reconf is still needed due
to patches modifying ac files.

This commit corrects the comment.

Signed-off-by: Danomi Manchego <danomimanchego123@gmail.com>
[yann.morin.1998@free.fr: also mention acincludes.m4]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/lrzip: security bump to 8781292dd5833c04eeead51d4a5bd02dc6432dc7

Bump to latest upstream commit as it fixes a huge number of CVEs. Some
of them can't be linked to a given commit (e.g.
https://github.com/ckolivas/lrzip/issues/67). Moreover, upstream does
not plan to tag a new release any time soon:
https://github.com/ckolivas/lrzip/issues/99

- Fix CVE-2017-8842: The bufRead::get() function in libzpaq/libzpaq.h in
  liblrzip.so in lrzip 0.631 allows remote attackers to cause a denial
  of service (divide-by-zero error and application crash) via a crafted
  archive.
- Fix CVE-2017-8843: The join_pthread function in stream.c in
  liblrzip.so in lrzip 0.631 allows remote attackers to cause a denial
  of service (NULL pointer dereference and application crash) via a
  crafted archive.
- Fix CVE-2017-8844: The read_1g function in stream.c in liblrzip.so in
  lrzip 0.631 allows remote attackers to cause a denial of service
  (heap-based buffer overflow and application crash) or possibly have
  unspecified other impact via a crafted archive.
- Fix CVE-2017-8845: The lzo1x_decompress function in lzo1x_d.ch in LZO
  2.08, as used in lrzip 0.631, allows remote attackers to cause a
  denial of service (invalid memory read and application crash) via a
  crafted archive.
- Fix CVE-2017-8846: The read_stream function in stream.c in
  liblrzip.so in lrzip 0.631 allows remote attackers to cause a denial
  of service (use-after-free and application crash) via a crafted
  archive.
- Fix CVE-2017-8847: The bufRead::get() function in libzpaq/libzpaq.h in
  liblrzip.so in lrzip 0.631 allows remote attackers to cause a denial
  of service (NULL pointer dereference and application crash) via a
  crafted archive.
- Fix CVE-2017-9928: In lrzip 0.631, a stack buffer overflow was found
  in the function get_fileinfo in lrzip.c:979, which allows attackers to
  cause a denial of service via a crafted file.
- Fix CVE-2017-9929: In lrzip 0.631, a stack buffer overflow was found
  in the function get_fileinfo in lrzip.c:1074, which allows attackers
  to cause a denial of service via a crafted file.
- Fix CVE-2018-5747: In Long Range Zip (aka lrzip) 0.631, there is a
  use-after-free in the ucompthread function (stream.c). Remote
  attackers could leverage this vulnerability to cause a denial of
  service via a crafted lrz file.
- Fix CVE-2018-11496: In Long Range Zip (aka lrzip) 0.631, there is a
  use-after-free in read_stream in stream.c, because decompress_file in
  lrzip.c lacks certain size validation.

Also:
- update indentation of hash file (two spaces)
- drop patch (already in version)
- manage host-nasm dependency which is enabled by default and has been
   fixed by:
   https://github.com/ckolivas/lrzip/commit/9f16f65705e2f1e11c41647405adcce6a12d286c

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/python-pyqt5: fix QtLocation module dependency

The QT module location from qt5location depends on
QT quick from qt5declarative.

>From qt5location-5.14.2/src/src.pro:

  qtHaveModule(quick) {
      SUBDIRS += positioningquick location
      ...
  }

Adjust pyqt5 QtLocation module dependency accordingly.

Fixes:

  - http://autobuild.buildroot.net/results/122bb0a37d968cd79dc043b48f90f1ba4135491f

  Reading .../build/python-pyqt5-5.7/QtLocation/QtLocation.pro
  Project ERROR: Unknown module(s) in QT: location

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/mesa3d: reorder platforms to fix EGL

Mesa chooses the first platform specified in -Dplatforms as the default
EGL native platform. [0]

    Configure Options

    -D platforms=...
        List the platforms (window systems) to support. Its argument is
        a comma separated string such as -D platforms=x11,drm. It
        decides the platforms a driver may support. The first listed
        platform is also used by the main library to decide the native
        platform.

This has the effect of breaking EGL applications running on X11 and
possibly Wayland when the first platform specified isn't x11 or wayland,
and EGL_PLATFORM isn't set.

Reorder the specified platforms to use x11, wayland, and drm before
surfaceless, as this is the order chosen by other common distributions,
such as Arch Linux [1], Debian [2], and Fedora [3].

Users preferring drm or surfaceless over x11 or wayland likely know how
to override the native EGL platform, and likely have x11 and wayland
disabled anyway.

[0] https://www.mesa3d.org/egl.html
[1] https://git.archlinux.org/svntogit/packages.git/tree/trunk/PKGBUILD?h=packages/mesa#n45
[2] https://salsa.debian.org/xorg-team/lib/mesa/-/blob/fb8c1efb57ea8106525ed01c41218164f8be7f3b/debian/rules#L38
[3] https://src.fedoraproject.org/rpms/mesa/blob/master/f/mesa.spec#_337

Signed-off-by: Joseph Kogut <joseph.kogut@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

configs/nanopi_neo4: fix U-Boot dependencies

In fact, nanopi_neo4 does not need pylibfdt or pyelftools, but only a
host Python interpreter, to run
./arch/arm/mach-rockchip/make_fit_atf.py.

Since upstream U-Boot commit f05d5743567984b4fff6a862fc0f42760ff135da,
this script no longer needs pyelftools. However, since upstream commit
6d06ea34239ab5099783ce588ad4aead96e1fccb (merged in U-Boot 2020.01),
it requires Python 3.x.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
[yann.morin.1998@free.fr: update with the new NEEDS_PYTHON semantics]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

configs/roc_pc_rk3399: fix U-Boot dependencies

In fact, roc_pc_rk3399 does not need pylibfdt or pyelftools, but only
a host Python interpreter, to run
./arch/arm/mach-rockchip/make_fit_atf.py.

Since upstream U-Boot commit f05d5743567984b4fff6a862fc0f42760ff135da,
this script no longer needs pyelftools. However, since upstream commit
6d06ea34239ab5099783ce588ad4aead96e1fccb (merged in U-Boot 2020.01),
it requires Python 3.x.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
[yann.morin.1998@free.fr: update with the new NEEDS_PYTHON semantics]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

configs/beelink_gs1: use Python 3.x

Since the bump to U-Boot 2020.01 in commit
e210080d2ab4d77862c42d2b318e21fab461f127, it needs Python 3.x on the
host.

Fixes:

https://gitlab.com/buildroot.org/buildroot/-/jobs/535054357

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Acked-by: Clément Péron <peron.clem@gmail.com>
[yann.morin.1998@free.fr: update with the new NEEDS_PYTHON semantics]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

configs/olimex_a20_olinuxino_lime{, 2}: use Python 3.x

The olimex_a20_olinuxino_lime{,2}_defconfig uses U-Boot 2020.04 since
commit 6b805c3ab70b5ee63c7dcd3a4aa48a999a8a43c3. This new U-Boot
version needs Python 3.x for pylibfdt.

Fixes:

https://gitlab.com/buildroot.org/buildroot/-/jobs/535054468
https://gitlab.com/buildroot.org/buildroot/-/jobs/535054466

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
[yann.morin.1998@free.fr: update with the new NEEDS_PYTHON semantics]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

boot/uboot: support building U-Boot with Python 3.x

U-Boot versions newer than 2020.01 use Python 3.x instead of Python
2.x in various scripts.

We already had the BR2_TARGET_UBOOT_NEEDS_PYLIBFDT and
BR2_TARGET_UBOOT_NEEDS_PYELFTOOLS options, but depending on the U-Boot
version, we now need to indicate if Python 2.x or Python 3.x should be
used.

In addition, it turns out that some U-Boot configurations need a
Python interpreter, without needing pylibfdt or pyelftools. Some of
our defconfigs were abusing the BR2_TARGET_UBOOT_NEEDS_PYLIBFDT option
to make sure a Python interpreter was built.

To solve this issue, we introduce a choice, that let the users specify
what, if any, host python version is needed. The default is 'no', to
preserve the previous behaviour, unless any of the pylibfdt or the
pyelftools options is enabled, in which case we hide the 'no' option,
and use python 2 by default. This dfault is guaranteed by the order of
options in the choice.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
[yann.morin.1998@free.fr:
  - explicitly make the choice a bool
  - make BR2_TARGET_UBOOT_NEEDS_PYTHON a blind option
  - introduce the 'no' option in the choice
  - reword the commit log accordingly
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/python3-pyelftools: new package

We will need this Python 3.x variant of the host-python-pyelftools
package to be able to build some recent versions of U-Boot (>=
2020.01).

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/python-argon2-cffi: bump to version 20.1.0

Drop patch that is now upstream.

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/kmod: modinfo support of signature details

Add conditional support to allow the module tools to use openssl
on target to inspect the signature of signed modules. If openssl
is not enabled the modinfo will show a hash algo as unknown.

Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Tested-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/exfatprogs: bump to version 1.0.3

Drop patches that are now upstream.

We don't need to autoreconf since we are using a release tarball.

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/{mesa3d, mesa3d-headers}: bump version to 20.0.7

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/elf2flt: add support for XTENSA_[PN]DIFF relocations

Xtensa have added new relocation types R_XTENSA_[NP]DIFF{8,16,32} with
the same properties as the existing types R_XTENSA_DIFF{8,16,32}.
Add them to the list of ignored relocation types.

This fixes the following error when invoking elf2flt on xtensa binaries
built with the recent binutils:

ERROR: reloc type R_XTENSA_PDIFF32 unsupported in this context

Reported-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/php: security bump version to 7.4.6

Changelog: https://www.php.net/ChangeLog-7.php#7.4.6

Fixes CVE 2019-11048.

Reformatted hashes.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/cegui: remove tinyxml2 dependency

Remove tinyxml2 dependency as tinyxml2 is not a part of version 0.8.7.

Indeed, tinyxml2 has been added in September 2016 with
https://github.com/cegui/cegui/commit/49b3fd9d6f0d7555198379514b155bcd61daef67
whereas version 0.8.7 has been released in April 2016

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/fakeroot: fix for fchownat/fchmodat

fakeroot does mask out necessary flags, instead pass through
the flags that are supported by fstatat

Upstream BR: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=959876

Signed-off-by: Norbert Lange <nolange79@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/clamav: security bump version to 0.102.3

Fixes CVE-2020-3327 & CVE-2020-3341.

Release notes:
https://blog.clamav.net/2020/05/clamav-01023-security-patch-released.html

Reformatted hashes.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/binutils: install libopcodes to target/

libopcodes was installed in staging/ in commit 6a508d93610 (binutils:
Also install libopcodes in staging), but was not installed in target/

Starting with linux-5.6, perf (linux-tools) will link to libopcodes when
it is present. Since it is available in staging, the build succeeds.
However, libopcodes missing in target, perf fails at runtime:

perf: ...libopcodes-2.33.1.so: cannot open shared object file

Install libopcodes to target as well.

Signed-off-by: Lecopzer Chen <lecopzer@gmail.com>
[yann.morin.1998@free.fr: reword commit log]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

docs/website: update for 2020.02.2

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

Update for 2020.02.2

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 2f7183d13133f2ded97fee273bd0cbed10226e4e)
[Peter: drop Makefile changes]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/localedef: bump version to stay in sync with glibc

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/glibc: bump version for additional post-2.30 security fixes

Fixes the following security vulnerabilities:

CVE-2020-10029: Trigonometric functions on x86 targets suffered from stack
  corruption when they were passed a pseudo-zero argument.  Reported by Guido
  Vranken / ForAllSecure Mayhem.

CVE-2020-1751: A defect in the PowerPC backtrace function could cause an
  out-of-bounds write when executed in a signal frame context.

CVE-2020-1752: A use-after-free vulnerability in the glob function when
  expanding ~user has been fixed.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/docker-cli: bump version to 19.03.8

Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/docker-engine: bump version to 19.03.8

From the release notes:
- Improve mitigation for CVE-2019-14271 for some nscd configuration.

Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/c-ares: security bump to version 1.16.1

Prevent possible use-after-free and double-free in ares_getaddrinfo() if
ares_destroy() is called prior to ares_getaddrinfo() completing.

https://c-ares.haxx.se/changelog.html#1_16_1

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/python-markdown2: fix CVE-2020-11888

python-markdown2 through 2.3.8 allows XSS because element names are
mishandled unless a \w+ match succeeds. For example, an attack might use
elementname@ or elementname- with an onclick attribute.

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/python-future: fix dependency

python-future does not depends on python2.
The package work with python 3.x.

Signed-off-by: Louis Aussedat <aussedat.louis@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/qt5base: fix compile for aarch64_be

Add patch to fix availability check for storeRGB32FromARGB32PM_neon(), only
available for arm little-endian.

Fixes:

  - http://autobuild.buildroot.net/results/ab623253a6d988f4ee03d292ee85f3455de2ea25

  .obj/qimage_conversions.o: In function `convert_generic(QImageData*, QImageData const*, QFlags<Qt::ImageConversionFlag>)':
  qimage_conversions.cpp:(.text+0x2598): undefined reference to `storeRGB32FromARGB32PM_neon(unsigned char*, unsigned int const*, int, int, QVector<unsigned int> const*, QDitherInfo*)'
  qimage_conversions.cpp:(.text+0x259c): undefined reference to `storeRGB32FromARGB32PM_neon(unsigned char*, unsigned int const*, int, int, QVector<unsigned int> const*, QDitherInfo*)'
  .obj/qimage_conversions.o: In function `convert_generic_inplace(QImageData*, QImage::Format, QFlags<Qt::ImageConversionFlag>)':
  qimage_conversions.cpp:(.text+0x28fc): undefined reference to `storeRGB32FromARGB32PM_neon(unsigned char*, unsigned int const*, int, int, QVector<unsigned int> const*, QDitherInfo*)'
  qimage_conversions.cpp:(.text+0x2900): undefined reference to `storeRGB32FromARGB32PM_neon(unsigned char*, unsigned int const*, int, int, QVector<unsigned int> const*, QDitherInfo*)'

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

packager/docker-cli: bump version to 19.03.7

To match the docker-engine version.

./support/testing/run-tests tests.package.test_docker_compose.TestDockerCompose
09:54:39 TestDockerCompose                        Starting
09:54:40 TestDockerCompose                        Building
10:45:33 TestDockerCompose                        Building done
10:46:30 TestDockerCompose                        Cleaning up
.
----------------------------------------------------------------------
Ran 1 test in 3121.828s

OK

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/paho-mqtt-c: fix build on musl

Set PAHO_HIGH_PERFORMANCE to disable free redefiniton as suggested by
upstream in https://github.com/eclipse/paho.mqtt.c/issues/846.

This will avoid the following build failure on musl:

/tmp/instance-1/output-1/host/x86_64-buildroot-linux-musl/sysroot/usr/include/sched.h:80:17: error: expected declaration specifiers or '...' before string constant
void free(void *);
^
/tmp/instance-1/output-1/host/x86_64-buildroot-linux-musl/sysroot/usr/include/sched.h:80:17: error: expected declaration specifiers or '...' before numeric constant
void free(void *);
^
[ 35%] Building C object src/CMakeFiles/common_obj.dir/Base64.c.o
[ 36%] Building C object src/CMakeFiles/common_obj.dir/SHA1.c.o
make[3]: *** [src/CMakeFiles/common_obj.dir/build.make:284: src/CMakeFiles/common_obj.dir/MQTTReasonCodes.c.o] Error 1

Fixes:
- http://autobuild.buildroot.org/results//fbe57a1602fed331ddff3ff3560dce02573816ff

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

{linux, linux-headers}: bump 4.{4, 9, 14, 19}.x / 5.{4, 6}.x series

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/libvncserver: fix CVE-2019-20788

libvncclient/cursor.c in LibVNCServer through 0.9.12 has a
HandleCursorShape integer overflow and heap-based buffer overflow via a
large height or width value. NOTE: this may overlap CVE-2019-15690.

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

linux: bump CIP, CIP RT hashes

Bumping the hashes for CIP and CIP RT.

Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/squashfs: fix host compile multiple definitions

Add upstream patch to fix squashfs-tools build failures because
of missing external declaration for fwriter_buffer and
bwriter_buffer.

Fixes:

  - http://autobuild.buildroot.net/results/6789b668898245926e0a3a3e7caf823dff515d71

  /usr/bin/ld: read_fs.o:(.bss+0x0): multiple definition of `fwriter_buffer'; mksquashfs.o:(.bss+0x400c90): first defined here
  /usr/bin/ld: read_fs.o:(.bss+0x8): multiple definition of `bwriter_buffer'; mksquashfs.o:(.bss+0x400c98): first defined here

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/libv4l: fix input_event related compile failure

Add two upstream patches fixing input_event time related
compile failures.

Fixes:

- http://autobuild.buildroot.net/results/3883a948e30cfd235cfca1fb8646fe8032f5e18d

  keytable.c: In function 'test_event':
  keytable.c:1536:11: error: 'struct input_event' has no member named 'time'; did you mean 'type'?
       ev[i].time.tv_sec, ev[i].time.tv_usec,
             ^~~~
             type
  keytable.c:1536:30: error: 'struct input_event' has no member named 'time'; did you mean 'type'?
       ev[i].time.tv_sec, ev[i].time.tv_usec,
                                ^~~~
                                type

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/qt5/qt5base: fix input_event related compile failure

Fixes:

  - http://autobuild.buildroot.net/results/af76190876656252eb6f60220cdb1d627a03b7c3

  evdevkeyboard/qevdevkeyboardhandler.cpp: In member function ‘void QEvdevKeyboardHandler::switchLed(int, bool)’:
  evdevkeyboard/qevdevkeyboardhandler.cpp:153:28: error: ‘struct input_event’ has no member named ‘time’; did you mean ‘type’?
       ::gettimeofday(&led_ie.time, 0);
                              ^~~~
                              type

  evdevtouch/qevdevtouchhandler.cpp: In member function ‘void QEvdevTouchScreenData::processInputEvent(input_event*)’:
  evdevtouch/qevdevtouchhandler.cpp:579:29: error: ‘struct input_event’ has no member named ‘time’; did you mean ‘type’?
           m_timeStamp = data->time.tv_sec + data->time.tv_usec / 1000000.0;
                               ^~~~
                               type
  evdevtouch/qevdevtouchhandler.cpp:579:49: error: ‘struct input_event’ has no member named ‘time’; did you mean ‘type’?
           m_timeStamp = data->time.tv_sec + data->time.tv_usec / 1000000.0;
                                                   ^~~~
                                                   type

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/cvs: add license

cvs is an old package, and it shows:

  - CVS is licensed under GPL-1.0+ as stated in README (referenced in source
    code) and COPYING files;

  - COPYING.LIB also give the terms of LGPL-2.0+, and is referenced by a
    few files, like lib/strnlen1.c, mostly vampirised rom older versions
    of the GNU C library (glibc);

  - additionally, the glob implementation was also grabbed from a more
    recent (but still old) glibc version, and is LGPL-2.1+, but there is
    no license file associated with it, so we use the header instead.

Also update indentation in hash file (two spaces)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[yann.morin.1998@free.fr:
  - LGPL-2.0+ is used, reference at least one file
  - LGPL-2.1+ is also used
  - reword commit log accordingly
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/pigz: drop bogus select BR2_PACKAGE_HOST_ZLIB

BR2_PACKAGE_HOST_ZLIB does not exist, and should anyway not be
selected by the target pigz package.

Signed-off-by: Louis-Paul Cordier <lpdev@cordier.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/exfatprogs: fix compile failure missing braces around initializer

Add upstream commit to fix host package compile failure.

Fixes:

  http://autobuild.buildroot.net/results/d9c5d17de03f5d0316d5f54f9cd579b79d311d03

  fsck.c:1213:9: error: missing braces around initializer [-Werror=missing-braces]
    struct fsck_user_input ui = {0,};
           ^

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/exfatprogs: fix compile failure node may be used uninitialized

Fixes:

  - http://autobuild.buildroot.net/results/5c5/5c5d71fde80a4f2f027085bdb0fae9fb76ab9d32

  fsck.c:1062:18: error: 'node' may be used uninitialized in this function [-Werror=maybe-uninitialized]
       node->parent = dir;
                    ^
  fsck.c:870:22: note: 'node' was declared here
    struct exfat_inode *node;
                        ^

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/exfatprogs: fix 64-bit types printf compile failure

Fixes:

  - http://autobuild.buildroot.net/results/a7364a6b3801d7d18c30c7242c6faf19431fddfd

  mkfs.c:60:14: error: format '%llu' expects argument of type 'long long unsigned int', but argument 2 has type 'long unsigned int' [-Werror=format=]
    exfat_debug("Volume Length(sectors) : %llu\n",
                ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/python-attrs: fix typo in hash file

'computer' -> 'computed'.

Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
[yann.morin.1998@free.fr: two spaces in hash file]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/brltty: add host-gawk dependency

host-gawk is used by brltty to build brlapi_constants.h, the build will
fail if mawk is used instead of gawk

Fixes:
- http://autobuild.buildroot.org/results/4c77f03cbc7ab9e5ae9f24fe6eead1d76c50c743

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/irrlicht: disable bundled libpng NEON support

Irrlicht fail to detect properly the NEON support on aarch64 or ARM with NEON FPU support.
While linking an application with libIrrlicht.so, we get an undefined reference to
png_init_filter_functions_neon.
Some files are missing in the libpng bundled in Irrlicht, in particular arm/arm_init.c [1],
so disable NEON support completely.

This can be reproduced by building minetest using this defconfig for aarch64:
BR2_aarch64=y
BR2_TOOLCHAIN_EXTERNAL=y
BR2_PACKAGE_MINETEST=y
BR2_PACKAGE_MINETEST_CLIENT=y
BR2_PACKAGE_MINETEST_SERVER=y
BR2_PACKAGE_MESA3D=y
BR2_PACKAGE_MESA3D_GALLIUM_DRIVER_SWRAST=y
BR2_PACKAGE_MESA3D_OPENGL_GLX=y
BR2_PACKAGE_XORG7=y

Or for ARM with NEON FPU support:
BR2_arm=y
BR2_cortex_a15=y
BR2_ARM_FPU_NEON=y
BR2_TOOLCHAIN_EXTERNAL=y
BR2_PACKAGE_MINETEST=y
BR2_PACKAGE_MINETEST_CLIENT=y
BR2_PACKAGE_MINETEST_SERVER=y
BR2_PACKAGE_MESA3D=y
BR2_PACKAGE_MESA3D_GALLIUM_DRIVER_SWRAST=y
BR2_PACKAGE_MESA3D_OPENGL_GLX=y
BR2_PACKAGE_XORG7=y

[1] https://github.com/glennrp/libpng/tree/v1.6.37/arm

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/piglit: bump version to fix compatibility with mesa3d

Remove upstream patch [1].

This version bump contain a patch removing EGL_NO_CONFIG_MESA [2], a
define that no longer exists in recent Mesa versions.

Update indentation of hash file (two spaces).

Fixes:

http://autobuild.buildroot.net/results/8ede89a673f83896745f90fd51458cac5fe7bb8f

[1] https://gitlab.freedesktop.org/mesa/piglit/-/commit/8417ca1725d523493d8f6782699273dc056888ac
[2] https://gitlab.freedesktop.org/mesa/piglit/-/commit/1fe351e533a1c8b88551b06e6d76e5c2bf8228bc

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/netsniff-ng: bump to version 0.6.7

1. trafgen: reset errno before calling sscanf in str2mac (@troglobit, #213)
2. ifpps: fix iface stat parsing if interface name contains uppercase
characters (@bganne, #215)
3. mausezahn: fix display of missing argument error (@micrictor, #217)
4. mausezahn: support -R to set packet priority (@pmachata)
5. netsniff-ng: handle various malformed packets in protocol dissectors
(@nathaniellives, #221)

Signed-off-by: Vadym Kochan <vadim4j@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/ffmpeg: fix CVE-2020-12284

cbs_jpeg_split_fragment in libavcodec/cbs_jpeg.c in FFmpeg 4.2.2 has a
heap-based buffer overflow during JPEG_MARKER_SOS handling because of a
missing length check.

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

linux: bump CIP RT kernel to version 4.19.115-cip24-rt9

This patch bumps Linux CIP RT version to 4.19.115-cip24-rt9.

Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

linux: bump CIP kernel to version 4.19.118-cip25

This patch bumps Linux CIP version to v4.19.118-cip25.

Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/gcc: remove powerpc conditional patching logic

Back in commit [1], a patch fixing an issue a PowerPC issue in gcc was
added in gcc 4.3.3. It was present until gcc 4.9, which itself was
removed in [2]. The patch was dropped starting gcc 5.1 [3] but it's
know to be useful for gcc 4.7.3 [4]. However, even though we no longer
support building any of those older gcc versions, the conditional
patching logic in gcc.mk is still there.

We used to have a patch directory (package/gcc/$(GCC_VERSION)) for
every gcc version available in Buildroot, the apply-patches.sh script
doesn't error out even if
1000-powerpc-link-with-math-lib.patch.conditional is missing.

But with gcc 10, we don't need (for the moment) to apply any patch, so
the patch directory doesn't exist. apply-patches.sh breaks the build
since the patch directory is missing:

Aborting. 'package/gcc/10.1.0' is not a directory.

Since we removed gcc 4.9 last year [2], we can safely remove this code.

Tested using qemu_ppc_virtex_ml507_defconfig.

[1] bb1f42e4426c432af60fc80da45c6daf7e31c1a0
[2] baf177502214a67619d9d0d6d0a780458e4d652d
[3] 4deb2d93c5ab317b6addf4e1e132571ba8dac031
[4] 197006a41c1a0450bf6350d5742e186b5b0c69de

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/c-icap: fix musl build

Commit cb5df2fea516d4861af3c0629f49df697ee4f70e wrongly removed the
first patch which is not in version 0.5.6. So add it back and update it
so that it applies cleanly.

Fixes:
- http://autobuild.buildroot.org/results/ddb57462945c5c2340cc375aa6fe2848d13d7001

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/python-argon2-cffi: only enable sse2 when supported

We need to backport a commit so that we can enable/disable sse2 using
the ARGON2_CFFI_USE_SSE2 env variable.

Fixes:
http://autobuild.buildroot.net/results/030/0306d66d081dd0807c577edd50d39075a46d0dd9/build-end.log

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/suricata: fix build with lua

Fixes:
- http://autobuild.buildroot.net/results/11bc7f4e1c54f074dd10a995233bee45c293e488

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/util-linux: accept sector-size

Fixes:
- https://bugs.buildroot.org/show_bug.cgi?id=12841

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/util-linux: renumber patches

Commit 3052da3eac8c80e7375341a48bca4cf0ee12e60b did not renumber
remaining patches, fix that

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/uacme: don't allow ualpn with mbedTLS

ualpn requires mbedTLS to be configured and built with
MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION
which is not the default and can be a security risk.

Therefore make BR2_PACKAGE_UACME_UALPN depend on
BR2_PACKAGE_OPENSSL || BR2_PACKAGE_GNUTLS.

Fixes http://autobuild.buildroot.net/results/d241121f8155bad9b6b25c16234576abb7fc940b

See also

https://github.com/ndilieto/uacme/issues/23
https://github.com/ARMmbed/mbedtls/issues/3241
https://github.com/ARMmbed/mbedtls/pull/3243
http://lists.busybox.net/pipermail/buildroot/2020-April/281059.html
http://lists.busybox.net/pipermail/buildroot/2020-April/281108.html

Signed-off-by: Nicola Di Lieto <nicola.dilieto@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

support/gnuconfig: reference the correct sha1 we're using

In commit ff9f778c66f4 (support/gnuconfig: update to 2019-05-28), we
forgot to update the README to reference the sha1 we're using, keeping
the old one from 2016...

Update it now.

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/mbuffer: bump to version 20200505

This bump will fix a build failure with gcc 4.8

Fixes:
- http://autobuild.buildroot.org/results/1a7fe7ac8cbe9997bc5d1e9ade24bc2ee6ac6abe

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/freerdp: security bump to version 2.1.0

- Drop patch (already in version)
- Fix multiple CVEs: CVE-2020-11039, CVE-2020-11038, CVE-2020-11043,
  CVE-2020-11040, CVE-2020-11041, CVE-2020-11019, CVE-2020-11017,
  CVE-2020-11018
- Fix multiple leak and crash issues (#6129, #6128, #6127, #6110, #6081,
  #6077)

Extracted from:
https://github.com/FreeRDP/FreeRDP/commit/65d3ff44617c5a343f726985ed45e3a0a35dfaf3

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/systemd: add support for apparmor

If libapparmor is selected, depend on libapparmor and set -Dapparmor=true

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/uclibc: fix mips uclibc toolchain with gcc 10

>From [1]
"GCC 10 (PR 91233) won't silently allow registers that are not architecturally
available to be present in the clobber list anymore, resulting in build failure
for mips*r6 targets in form of:
...
.../sysdep.h:146:2: error: the register ‘lo’ cannot be clobbered in ‘asm’ for the current target
146 | __asm__ volatile ( \
| ^~~~~~~

This is because base R6 ISA doesn't define hi and lo registers w/o DSP extension.
This patch provides the alternative definitions of __SYSCALL_CLOBBERS for r6
targets that won't include those registers."

Fixes:
https://gitlab.com/kubu93/buildroot/-/jobs/543923030

Note:
The kernel 5.4.35 fail to build later due to a similar issue while
building lib/vdso/gettimeofday.c [2]. The issue is still present in kernel
5.7-rc4.

[1] https://sourceware.org/git/?p=glibc.git;a=commit;h=020b2a97bb15f807c0482f0faee2184ed05bcad8
[2] https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/tree/arch/mips/include/asm/vdso/gettimeofday.h?h=v5.7-rc4#n38

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Waldemar Brodkorb <wbx@openadk.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/matchbox: add hash for license file

Add hash for license file, add sha256 for tarball and update indentation
for hash file (two spaces)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/matchbox: add missing expat dependency

matchbox selects expat but does not add it to its dependency resulting
in the following build failure:

configure: error: cannot find expat library
make: *** [/home/buildroot/autobuild/run/instance-2/output-1/build/matchbox-1.2/.stamp_configured] Error 1

Fixes:
- http://autobuild.buildroot.org/results/37021f1d7fcfd890011068a28ce6181dc509e746

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/checkpolicy: fix -fno-common build failure

Added upstream patch for removal of unused te_assertions which was
found when using GCC10 as a host complier (-fno-common is now default)

Fixes:
http://autobuild.buildroot.net/results/63f2d1897a8f581ec107374bf2cbb68d3add4109/

Cc: Peter Korsgaard <peter@korsgaard.com>
Cc: Romain Naour <romain.naour@gmail.com>
Cc: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Tested-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

release: don't include temp files

When we prepare the release, we generate the manual in various formats,
so that it can be consulted locally without needing the miriads of tools
needed to generate it.

However, this creates the temporary .br2-external.* files in the output
directory, and those end up in the release tarball.

This is not a problem in practice, but is not clean.

Run 'distclean' in the output directory, to get rid of everything but
the generated documentation.

Reported-by: Danomi Manchego <danomimanchego123@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/domoticz: set WITH_LIBUSB

Use WITH_LIBUSB which is available since version 4.9700 and
https://github.com/domoticz/domoticz/commit/f53817577a834ed0c3fc16458c374aea490be49e

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/apparmor: add a dependency on net-tools if utils is selected

aa-unconfied requires the full version of netstat provided by the net-tools
package. Without the full version, running aa-unconfined will result in the
error:
netstat: invalid option -- 'p'

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
[yann.morin.1998@free.fr:
  - net-ttols is a runtime depednency
  - select BB_SHOW_OTHERS
  - reorder depends
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/apparmor: fix typo in Config.in

pyhon should be python

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/apparmor: fix compatibility with busybox grep

The following regex string in rc.apparmor.functions
"^/.*[ \t]+flags[ \t]*=[ \t]*$[ \t]*complain[ \t]*$[ \t]+{" is broken due to
the unescaped { at the end of the regex pattern.
GNU grep ignors the error. However, the Busybox grep does not and throws the
error "unescaped character {"

Escape the "{" character to fix this issue.

Note: Upstream has rewritten large sections of the rc.apparmor.functions file
and the function this patch fixes will no longer be necessary after the next
version is released. However, it is not possible to easily backport the
upstream patches as the rewrite comes with new features that would not be
possible with a simple patch such as this one.

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/apparmor: replace deprecated egrep with grep -E

Upstream commit: 5f46dedd6e8109d845af118b36039a5d7dd05af9

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/mbuffer: do not force c99 mode

Do not force c99 mode to be able to remove both patches and because it
does not seem to be motivated. Indeed, even if the second patch was
sucessfully upstreamed. The first one can't be upstreamed as it raises
the following build falure on Solaris 11 (due to mixing c99 and
_POSIX_C_SOURCE):

#if defined(STDC_C99) && (defined(_XOPEN_OR_POSIX) && !defined(XPG6))
#error "Compiler or options invalid for pre-UNIX 03 X/Open applications \
and pre-2001 POSIX applications"

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/uclibc: bump to 1.0.34

Between 1.0.32 and 1.0.34, only bug fixes have been merged in
uclibc-ng. All patches can be removed, as they have been applied
upstream.

Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/squid: security bump to version 4.11

Fix CVE-2020-11945: An issue was discovered in Squid before 5.0.2. A
remote attacker can replay a sniffed Digest Authentication nonce to gain
access to resources that are otherwise forbidden. This occurs because
the attacker can overflow the nonce reference counter (a short integer).
Remote code execution may occur if the pooled token credentials are
freed (instead of replayed as valid credentials).

http://www.squid-cache.org/Advisories/SQUID-2020_4.txt

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/apparmor: skip docs building

When pod2man and pod2html are missing, building now exits with an
error.
Building of man pages and documentation should be skipped in buildroot,
setting both executables to the "true" command it's sufficient to skip
them.

Fixes:
http://autobuild.buildroot.net/results/ca8d3071d888b5c1cfa3e275afaf05415e19627f

Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

Update for 2020.05-rc1

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

CHANGES: update with list of issues fixed in 2020.05-rc1

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

CHANGES: start updating for 2020.05-rc1 release

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/python-redis: Bump to version 3.5.0

Signed-off-by: Grzegorz Blach <grzegorz@blach.pl>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/libnss: bump version to 3.52

Bump version to 3.52 and drop all patches since they've all been
upstreamed.

Release notes:
https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.52_release_notes

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/zziplib: bump to version 0.13.71

Remove upstream patches and CVE tags.

Switch the dependency to python3 added by [1].

Update indentation of hash file (two spaces).

[1] https://github.com/gdraheim/zziplib/commit/a144bec8d06302e7be11f0f46e02947b0becf574

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/solarus: bump to version 1.6.4

Add glm dependency since the bundled version is gone [1].

Update indentation of hash file (two spaces).

[1] https://gitlab.com/solarus-games/solarus/commit/5285c8e1afa538bbcd4c8654f9bbfb270cc7f52

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/libsepol: fix -fno-common build faiures

Add upstream patch for
libsepol: remove leftovers of cil_mem_error_handler
libsepol: fix CIL_KEY_* build errors with -fno-common

Fixes:
http://autobuild.buildroot.net/results/3d133ce6e83833f0c70a91270d0c49304c3413f6/

Cc: Romain Naour <romain.naour@gmail.com>
Cc: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Tested-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/pkg-waf: use host-python3

This is the last of an unconsolidated series of patches that
removes the need for host-python(2) for all waf-based packages.

Signed-off-by: Titouan Christophe <titouan.christophe@railnova.eu>
Reviewed-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/cage: bump to latest upstream version

cage v0.1.1 can't build with wlroots 0.10.1, as it uses
a set of wlroots API that are no longer available.

Moving to latest upstream version fixes the issue.

Also:
- added license file information
- updated license file hash

Signed-off-by: Gilles Talis <gilles.talis@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/wlroots: add license file information

Signed-off-by: Gilles Talis <gilles.talis@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/znc: bump version to 1.8.0

Reformatted hashes.

Changelog: https://wiki.znc.in/ChangeLog/1.8.0

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/supertuxkart: remove libglu dependency

"The inclusion of GLU is historical. [...] It's not needed for GLEW to
build or run, but it's opt-out that reason. I'd recommend using
-DGLEW_NO_GLU since GLU is rarely seen in modern codebases nowadays."
https://github.com/nigels-com/glew/issues/192#issuecomment-411641657

Supertuxkart already uses -DGLEW_NO_GLU:
https://github.com/supertuxkart/stk-code/blob/master/CMakeLists.txt#L224

This patch only removes the dependency to libglu and depends on the
previous patch of this series which removes glu from glew.pc.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/libglew: do not depend on libglu

"The inclusion of GLU is historical. [...] It's not needed for GLEW to
build or run, but it's opt-out that reason. I'd recommend using
-DGLEW_NO_GLU since GLU is rarely seen in modern codebases nowadays."
https://github.com/nigels-com/glew/issues/192#issuecomment-411641657

This patch prevents libglu being added to the "Requires:" section of
glew.pc fixing libglew detection in the supertuxkart package

-- Checking for module 'glew>=2.1'
-- Package 'glu', required by 'glew', not found

after libglu is removed as dependency of supertuxkart.

Supertuxkart already uses -DGLEW_NO_GLU:
https://github.com/supertuxkart/stk-code/blob/master/CMakeLists.txt#L224

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/supertux: remove libglu dependency

"The inclusion of GLU is historical. [...] It's not needed for GLEW to
build or run, but it's opt-out that reason. I'd recommend using
-DGLEW_NO_GLU since GLU is rarely seen in modern codebases nowadays."
https://github.com/nigels-com/glew/issues/192#issuecomment-411641657

Each package using glew.h has to decide whether to use the opt-out for
glu or not. Since supertux does not need libglu we can safely remove
the dependency by adding -DGLEW_NO_GLU to TARGET_CXXFLAGS.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/ogre: remove libglu dependency

"The inclusion of GLU is historical. [...] I'd recommend using
-DGLEW_NO_GLU since GLU is rarely seen in modern codebases nowadays."
https://github.com/nigels-com/glew/issues/192#issuecomment-411641657

Add -DGLEW_NO_GLU to get rid of the libglu dependency.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
[yann.morin.1998@free.fr:
- fix mismatch between OGRE_CXX_FLAGS and OGRE_CXXFLAGS
- also use OGRE_CFLAGS for symetry with OGRE_CXXFLAGS
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/ne10: drop arch-related comment

Commit e845f9364c2b8 ("ne10: bump to v1.2.1") removed arm arch
dependency from the comment. This comment is only relevant to arm.

Furthermore, if a target does not have a NEON unit, there is
nothing a user can do about that condition in Buildroot. Showing
a comment would not be useful, and we're not usually showing any
arch-related comment.

Cc: Cody Guldner <cody.guldner@rockwellcollins.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
[yann.morin.1998@free.fr: drop the comment, explain why]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>