Vicente Olivert Riera [Fri, 2 Jun 2017 11:02:42 +0000 (12:02 +0100)]
python-dataproperty: bump version to 0.23.0
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Vicente Olivert Riera [Fri, 2 Jun 2017 11:01:07 +0000 (12:01 +0100)]
mutt: bump version to 1.8.3
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Vicente Olivert Riera [Fri, 2 Jun 2017 10:32:20 +0000 (11:32 +0100)]
squid: bump version to 3.5.26
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Vicente Olivert Riera [Fri, 2 Jun 2017 10:28:53 +0000 (11:28 +0100)]
wireshark: bump version to 2.2.7 (security)
Security fixes:
- wnpa-sec-2017-22
Bazaar dissector infinite loop (Bug 13599) CVE-2017-9352
- wnpa-sec-2017-23
DOF dissector read overflow (Bug 13608) CVE-2017-9348
- wnpa-sec-2017-24
DHCP dissector read overflow (Bug 13609, Bug 13628) CVE-2017-9351
- wnpa-sec-2017-25
SoulSeek dissector infinite loop (Bug 13631) CVE-2017-9346
- wnpa-sec-2017-26
DNS dissector infinite loop (Bug 13633) CVE-2017-9345
- wnpa-sec-2017-27
DICOM dissector infinite loop (Bug 13685) CVE-2017-9349
- wnpa-sec-2017-28
openSAFETY dissector memory exhaustion (Bug 13649) CVE-2017-9350
- wnpa-sec-2017-29
BT L2CAP dissector divide by zero (Bug 13701) CVE-2017-9344
- wnpa-sec-2017-30
MSNIP dissector crash (Bug 13725) CVE-2017-9343
- wnpa-sec-2017-31
ROS dissector crash (Bug 13637) CVE-2017-9347
- wnpa-sec-2017-32
RGMP dissector crash (Bug 13646) CVE-2017-9354
- wnpa-sec-2017-33
IPv6 dissector crash (Bug 13675) CVE-2017-9353
Full release notes:
https://www.wireshark.org/docs/relnotes/wireshark-2.2.7.html
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Vicente Olivert Riera [Fri, 2 Jun 2017 10:26:54 +0000 (11:26 +0100)]
sudo: bump version to 1.8.20p2
0001-fix-CVE-2017-
1000367.patch already included in this release.
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Vicente Olivert Riera [Fri, 2 Jun 2017 10:15:36 +0000 (11:15 +0100)]
tmux: bump version to 2.5
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Baruch Siach [Fri, 2 Jun 2017 09:32:53 +0000 (12:32 +0300)]
tinyalsa: fix musl build
Add a patch adding missing header to fix build with musl.
Fixes:
http://autobuild.buildroot.net/results/de9/
de97fbd0b9c88bb5d9aa81ea6d73cdcaadb9c763/
Cc: Maxime Hadjinlian <maxime.hadjinlian@gmail.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Baruch Siach [Fri, 2 Jun 2017 04:55:23 +0000 (07:55 +0300)]
swupdate: fix build without json-c
swupdate enables SURICATTA_HAWKBIT by default, which unconditionally selects
JSON. This breaks the build when the optional json-c dependency is not built.
Add a patch fixing SURICATTA_HAWKBIT dependencies.
Fixes:
http://autobuild.buildroot.net/results/e61/
e6179f515589a42a9aee16b54b897ef9111e7f4b/
http://autobuild.buildroot.net/results/dba/
dba54b00c81f62d957a8c189dde39ba0db8864e6/
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Bernd Kuhls [Fri, 2 Jun 2017 04:54:51 +0000 (06:54 +0200)]
package/poppler: fix openjpeg support
Since the last version bump --enable-libopenjpeg always needs a
parameter:
https://cgit.freedesktop.org/poppler/poppler/commit/configure.ac?id=
65c5a5266462244130f110599ac5d1011a04216e
Fixes
http://autobuild.buildroot.net/results/557/
557b9b386863b6c865bcca86a2b87c7028700ec4/
http://autobuild.buildroot.net/results/f27/
f27380e803be50e066be1659a8512fd74d1fa6de/
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Bernd Kuhls [Fri, 2 Jun 2017 04:45:35 +0000 (06:45 +0200)]
package/imagemagick: bump version to 7.0.5-9
Fixes
http://autobuild.buildroot.net/results/8d9/
8d94627ccce15ae1f348a7a9f54621b2b5a74321/
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Peter Korsgaard [Thu, 1 Jun 2017 20:28:14 +0000 (22:28 +0200)]
Merge branch 'next'
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Peter Korsgaard [Thu, 1 Jun 2017 08:16:15 +0000 (10:16 +0200)]
docs/website/news.html: add 2017.05 announcement link
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Peter Korsgaard [Thu, 1 Jun 2017 08:14:57 +0000 (10:14 +0200)]
Kickoff 2017.08 cycle
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Peter Korsgaard [Wed, 31 May 2017 21:55:40 +0000 (23:55 +0200)]
Update for 2017.05
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Vicente Olivert Riera [Fri, 12 May 2017 12:45:21 +0000 (13:45 +0100)]
php-yaml: bump version to 2.0.0
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Vicente Olivert Riera [Fri, 12 May 2017 12:45:20 +0000 (13:45 +0100)]
php-ssh2: bump version to 1.0
And switch to the official PECL site.
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Vicente Olivert Riera [Fri, 12 May 2017 12:45:19 +0000 (13:45 +0100)]
php-memcached: bump version to 3.0.3
And switch to the official PECL site.
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Vicente Olivert Riera [Fri, 12 May 2017 12:45:18 +0000 (13:45 +0100)]
php-imagick: bump version to 3.4.3
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Vicente Olivert Riera [Fri, 12 May 2017 12:45:17 +0000 (13:45 +0100)]
php-gnupg: bump version to 1.4.0
And switch to the official PECL site.
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Vicente Olivert Riera [Fri, 12 May 2017 12:45:16 +0000 (13:45 +0100)]
php-geoip: bump version to 1.1.1
And switch to the official PECL site.
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Vicente Olivert Riera [Fri, 12 May 2017 12:45:15 +0000 (13:45 +0100)]
php-amqp: bump version to 1.9.0
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Francois Perrad [Mon, 22 May 2017 13:13:07 +0000 (15:13 +0200)]
lua-sdl2: new package
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
[Thomas: add missing !BR2_STATIC_LIBS dependency, inherited from SDL2.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Francois Perrad [Mon, 22 May 2017 13:13:06 +0000 (15:13 +0200)]
sdl2_net: new package
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
[Thomas: add entry to DEVELOPERS file.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Francois Perrad [Mon, 22 May 2017 13:13:05 +0000 (15:13 +0200)]
sdl2_mixer: new package
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
[Thomas: add entry in DEVELOPERS file.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Thomas Petazzoni [Fri, 19 May 2017 21:31:30 +0000 (23:31 +0200)]
grep: gettext is not mandatory
Even when locales are enabled, gettext is not mandatory to build
grep, i.e the following defconfig builds fine:
BR2_arm=y
BR2_TOOLCHAIN_EXTERNAL=y
BR2_TOOLCHAIN_EXTERNAL_CUSTOM=y
BR2_TOOLCHAIN_EXTERNAL_DOWNLOAD=y
BR2_TOOLCHAIN_EXTERNAL_URL="http://autobuild.buildroot.org/toolchains/tarballs/
br-arm-full-2017.02-1096-g54a5333.tar.bz2"
BR2_TOOLCHAIN_EXTERNAL_GCC_4_8=y
BR2_TOOLCHAIN_EXTERNAL_HEADERS_3_10=y
BR2_TOOLCHAIN_EXTERNAL_LOCALE=y
BR2_TOOLCHAIN_EXTERNAL_CXX=y
BR2_INIT_NONE=y
BR2_SYSTEM_BIN_SH_NONE=y
BR2_PACKAGE_GETTEXT=y
BR2_PACKAGE_GREP=y
However, if gettext provides libintl, it gets used. Therefore this
commit moves gettext from a mandatory dependency to an optional
dependency.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Thomas Petazzoni [Fri, 19 May 2017 21:04:41 +0000 (23:04 +0200)]
fetchmail: adjust zlib handling
fetchmail itself does not need zlib, there is no reference to it in its
source, so the "select BR2_PACKAGE_ZLIB" is not necessary. Moreover,
"zlib" was not added to FETCHMAIL_DEPENDENCIES (but was anyway in the
dependency chain through openssl).
In addition, LIBS="-lz" is only needed in static linking configurations,
to help fetchmail's configure script find OpenSSL (it doesn't use
pkg-config unfortunately).
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Thomas Petazzoni [Fri, 19 May 2017 21:04:40 +0000 (23:04 +0200)]
fetchmail: gettext is not mandatory
Even when locales are enabled, gettext is not mandatory to build
fetchmail, i.e the following defconfig builds fine:
BR2_arm=y
BR2_TOOLCHAIN_EXTERNAL=y
BR2_TOOLCHAIN_EXTERNAL_CUSTOM=y
BR2_TOOLCHAIN_EXTERNAL_DOWNLOAD=y
BR2_TOOLCHAIN_EXTERNAL_URL="http://autobuild.buildroot.org/toolchains/tarballs/
br-arm-full-2017.02-1096-g54a5333.tar.bz2"
BR2_TOOLCHAIN_EXTERNAL_GCC_4_8=y
BR2_TOOLCHAIN_EXTERNAL_HEADERS_3_10=y
BR2_TOOLCHAIN_EXTERNAL_LOCALE=y
BR2_TOOLCHAIN_EXTERNAL_CXX=y
BR2_INIT_NONE=y
BR2_SYSTEM_BIN_SH_NONE=y
BR2_PACKAGE_FETCHMAIL=y
However, if gettext provides libintl, it gets used. Therefore this
commit moves gettext from a mandatory dependency to an optional
dependency.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
David Lechner [Tue, 23 May 2017 18:04:06 +0000 (13:04 -0500)]
configs/lego_ev3: use ext4 file system
Change from using ext3 to ext4.
Signed-off-by: David Lechner <david@lechnology.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
David Lechner [Tue, 23 May 2017 18:04:05 +0000 (13:04 -0500)]
configs/lego_ev3: use genimage to rename uImage file
This uses a genimage feature to rename the uImage file instead
of manually creating a symlink in the post-image script.
Signed-off-by: David Lechner <david@lechnology.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
David Lechner [Tue, 23 May 2017 18:04:04 +0000 (13:04 -0500)]
configs/lego_ev3: bump U-Boot version
This bumps U-Boot to the current stable version (2017.05).
Signed-off-by: David Lechner <david@lechnology.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Bernd Kuhls [Wed, 24 May 2017 21:13:17 +0000 (23:13 +0200)]
package/vlc: bump version to 2.2.6
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Bernd Kuhls [Thu, 25 May 2017 16:25:12 +0000 (18:25 +0200)]
package/kodi-pvr-*: mass version bump
This commit brings our package versions in-line with upstream repo:
https://github.com/xbmc/repo-binary-addons/tree/Krypton
after this commit:
https://github.com/xbmc/repo-binary-addons/commit/
a6621cbdc6ae2ef35b4188d909ca7f37a38a41f0
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Angelo Compagnucci [Tue, 23 May 2017 10:20:35 +0000 (12:20 +0200)]
package/mono: bump to version 4.8.1.0
This patch bumps mono the version 4.8.1.0. Simultaneously it removes an
upstreamed patch and updates another one to the latest source code.
It also disables the compilation of 'aot' cause the build system was
fixed to support this option again.
It also disables the compilation of the optional BoringTLS stack: this
stack is distributed as an external component inside the mono source
tree and it carries it's own build system (cmake). To be compiled inside
buildroot it requires hacking the mono build system to pass the correct
compiling options to cmake. This will be done in a future patch set.
Signed-off-by: Angelo Compagnucci <angelo.compagnucci@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Angelo Compagnucci [Tue, 23 May 2017 10:20:34 +0000 (12:20 +0200)]
package/monolite: bump to version 156
This patch bumps monolite to version 156.
Signed-off-by: Angelo Compagnucci <angelo.compagnucci@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Daniel Sabogal [Tue, 23 May 2017 17:19:31 +0000 (13:19 -0400)]
bash: disable bash malloc by default
Bash's malloc relies on sbrk which is implemented as a fail-only stub in
musl. Presently, it is disabled when configured for static
libs. Instead, default to using libc malloc.
Fixes:
# bash
bash: xmalloc: locale.c:81: cannot allocate 18 bytes (0 bytes allocated)
Signed-off-by: Daniel Sabogal <dsabogalcc@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Baruch Siach [Wed, 24 May 2017 19:15:39 +0000 (22:15 +0300)]
cifs-utils: bump to version 6.7
Enable autoreconf because of missing install-sh.
Add upstream patch fixing build breakage with libtalloc is missing.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Bernd Kuhls [Wed, 24 May 2017 15:24:27 +0000 (17:24 +0200)]
package/tor: bump version to 0.3.0.7
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Bernd Kuhls [Wed, 24 May 2017 15:36:32 +0000 (17:36 +0200)]
package/libdrm: bump version to 2.4.81
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Adam Duskett [Thu, 25 May 2017 14:34:12 +0000 (10:34 -0400)]
sngrep: bump version to v1.4.3
The two patches were committed upstream.
Signed-off-by: Adam Duskett <aduskett@codeblue.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Bernd Kuhls [Sun, 28 May 2017 18:27:04 +0000 (20:27 +0200)]
package/bdwgc: fix uclibc build after bump to 7.6.0
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Bernd Kuhls [Sun, 28 May 2017 16:19:44 +0000 (18:19 +0200)]
package/imagemagick: bump version to 7.0.5-8
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Bernd Kuhls [Sun, 28 May 2017 15:38:16 +0000 (17:38 +0200)]
package/tremor: add upstream site to help text
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Bernd Kuhls [Sun, 28 May 2017 15:00:38 +0000 (17:00 +0200)]
package/fwup: bump version to 0.14.3
Added patch to fix uclibc build.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Bernd Kuhls [Sun, 28 May 2017 14:48:15 +0000 (16:48 +0200)]
package/freetype: bump version to 2.8
Added md5 & sha1 hashes supplied by sourceforge mirror.
Removed patches applied upstream:
0001-psaux-Better-protect-flex-handling.patch
http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=
f958c48ee431bef8d4d466b40c9cb2d4dbcb7791
0002-src-psaux-psobjs.c-t1_builder_close_contour-Add-safe.patch
http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=
3774fc08b502c3e685afca098b6e8a195aded6a0
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Fabrice Fontaine [Mon, 29 May 2017 07:48:12 +0000 (09:48 +0200)]
lxc: fix hash of patch
Fix hash of
bc5b27d6f6d166d2a6df47982cbe36041ce6b73.patch
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Romain Naour [Wed, 31 May 2017 19:12:49 +0000 (21:12 +0200)]
package/hans: fix build failures with high 'make -j' values
The top-level doesn't handle correctly the build dependencies
between .o files.
Since hans doesn't take too many time to build, just use MAKE1.
Fixes:
http://autobuild.buildroot.net/results/d14/
d142f4a439d4d5fcc89865abde3e593c45ad5d96
http://autobuild.buildroot.net/results/28e/
28ed230e40cc154db9274f9765085cd7f0eee85a
http://autobuild.buildroot.net/results/900/
9008c3be3bcf46f0fc21a34f48e3cf9da1397d9a
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Gonçalo Salazar [Wed, 31 May 2017 19:08:56 +0000 (20:08 +0100)]
mosh: bump to version 1.3.0
Signed-off-by: Gonçalo Salazar <glbsalazar@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Marcin Niestroj [Mon, 29 May 2017 14:32:05 +0000 (16:32 +0200)]
package/luaossl: new package
Signed-off-by: Marcin Niestroj <m.niestroj@grinn-global.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Johan Oudinet [Wed, 31 May 2017 16:35:44 +0000 (18:35 +0200)]
erlang-p1-xmpp: new package
Signed-off-by: Johan Oudinet <johan.oudinet@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Johan Oudinet [Wed, 31 May 2017 16:35:42 +0000 (18:35 +0200)]
erlang-jiffy: new package
Signed-off-by: Johan Oudinet <johan.oudinet@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Waldemar Brodkorb [Wed, 31 May 2017 16:45:34 +0000 (18:45 +0200)]
gcc: allow gcc 6.x for microblaze architecture
With the two patches from gcc upstream master we can enable gcc 6.x for
microblaze again.
Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Peter Korsgaard [Wed, 31 May 2017 06:47:18 +0000 (08:47 +0200)]
sudo: add upstream security patch for CVE-2017-
1000367
CVE-2017-
1000367 - Potential overwrite of arbitrary files on Linux
On Linux systems, sudo parses the /proc/[pid]/stat file to determine the
device number of the process's tty (field 7). The fields in the file are
space-delimited, but it is possible for the command name (field 2) to
include spaces, which sudo does not account for. A user with sudo
privileges can cause sudo to use a device number of the user's choosing by
creating a symbolic link from the sudo binary to a name that contains a
space, followed by a number.
If SELinux is enabled on the system and sudo was built with SELinux support,
a user with sudo privileges may be able to to overwrite an arbitrary file.
This can be escalated to full root access by rewriting a trusted file such
as /etc/shadow or even /etc/sudoers.
For more details, see: https://www.sudo.ws/alerts/linux_tty.html
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Bernd Kuhls [Wed, 31 May 2017 05:54:57 +0000 (07:54 +0200)]
package/dovecot: bump version to 2.2.30
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Tue, 30 May 2017 08:23:46 +0000 (10:23 +0200)]
libupnp: bump to version 1.6.22
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Bernd Kuhls [Wed, 31 May 2017 05:52:08 +0000 (07:52 +0200)]
linux-headers: bump 4.1.x series
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Johan Oudinet [Tue, 30 May 2017 14:52:07 +0000 (16:52 +0200)]
erlang-p1-yaml: bump to version 1.0.9
Signed-off-by: Johan Oudinet <johan.oudinet@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Johan Oudinet [Tue, 30 May 2017 14:52:06 +0000 (16:52 +0200)]
erlang-p1-xml: bump to version 1.1.22 and add host variant
The host variant will be needed for the upcoming erlang-p1-xmpp package.
Signed-off-by: Johan Oudinet <johan.oudinet@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Johan Oudinet [Tue, 30 May 2017 14:52:05 +0000 (16:52 +0200)]
erlang-p1-sip: bump to version 1.0.11
License changed to Apache-2.0.
Signed-off-by: Johan Oudinet <johan.oudinet@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Johan Oudinet [Tue, 30 May 2017 14:52:04 +0000 (16:52 +0200)]
erlang-p1-stun: bump to version 1.0.10
License changed to Apache-2.0.
Signed-off-by: Johan Oudinet <johan.oudinet@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Johan Oudinet [Tue, 30 May 2017 14:52:03 +0000 (16:52 +0200)]
erlang-p1-tls: bump to version 1.0.11
License changed to Apache-2.0.
Signed-off-by: Johan Oudinet <johan.oudinet@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Johan Oudinet [Tue, 30 May 2017 14:52:02 +0000 (16:52 +0200)]
erlang-p1-stringprep: bump to version 1.0.8
Remove a patch that has been applied upstream.
Signed-off-by: Johan Oudinet <johan.oudinet@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Johan Oudinet [Tue, 30 May 2017 14:52:01 +0000 (16:52 +0200)]
erlang-p1-iconv: bump to version 1.0.4
License changed to Apache-2.0.
Signed-off-by: Johan Oudinet <johan.oudinet@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Johan Oudinet [Tue, 30 May 2017 14:52:00 +0000 (16:52 +0200)]
erlang-p1-cache-tab: bump to version 1.0.7
Signed-off-by: Johan Oudinet <johan.oudinet@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Johan Oudinet [Tue, 30 May 2017 14:51:59 +0000 (16:51 +0200)]
erlang-p1-zlib: bump to version 1.0.2
License changed to Apache-2.0.
Signed-off-by: Johan Oudinet <johan.oudinet@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Johan Oudinet [Tue, 30 May 2017 14:51:58 +0000 (16:51 +0200)]
erlang-p1-utils: bump to version 1.0.8
License changed to Apache-2.0.
Signed-off-by: Johan Oudinet <johan.oudinet@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Johan Oudinet [Tue, 30 May 2017 14:51:57 +0000 (16:51 +0200)]
erlang-lager: bump to version 3.2.1
Signed-off-by: Johan Oudinet <johan.oudinet@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Johan Oudinet [Tue, 30 May 2017 14:51:56 +0000 (16:51 +0200)]
erlang-goldrush: bump version to 0.1.9
Signed-off-by: Johan Oudinet <johan.oudinet@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Peter Korsgaard [Tue, 30 May 2017 13:03:24 +0000 (15:03 +0200)]
strongswan: add upstream security patches
Fixes:
CVE-2017-9022 - RSA public keys passed to the gmp plugin aren't
validated sufficiently before attempting signature verification, so that
invalid input might lead to a floating point exception and crash of the
process. A certificate with an appropriately prepared public key sent by a
peer could be used for a denial-of-service attack.
https://www.strongswan.org/blog/2017/05/30/strongswan-vulnerability-%28cve-2017-9022%29.html
CVE-2017-9023 - ASN.1 CHOICE types are not correctly handled by the ASN.1
parser when parsing X.509 certificates with extensions that use such types.
This could lead to infinite looping of the thread parsing a specifically
crafted certificate.
https://www.strongswan.org/blog/2017/05/30/strongswan-vulnerability-%28cve-2017-9023%29.html
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Alistair Francis [Tue, 30 May 2017 17:26:13 +0000 (10:26 -0700)]
package/xen: Backport a header include fix for makedev
maekdev() is available from sys/types.h but only due to a bug in glibc. This
is being fixed by printing an error when using makedev() from sys/types.h.
To fix the issue we should include sys/sysmacros.h for makedev(). As this
has already been fixed in upstream Xen we can backport the patch.
Fixes:
http://autobuild.buildroot.net/results/552/
552e66d764885341b2fe208a0e4382b5fe05ea9d/
Signed-off-by: Alistair Francis <alistair.francis@xilinx.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Romain Naour [Tue, 30 May 2017 14:53:17 +0000 (16:53 +0200)]
package/madplay: add custom libtool patch
madplay use a libtool script in version 1.5.2 but the libtool patch
"buildroot-libtool-v1.5.patch.patch" doesn't apply.
From [1]:
"It's libtool dropping -static. That's because madplay has a
weird version of libtool, on which our libtool patch doesn't apply so
we have MADPLAY_LIBTOOL_PATCH = NO. Therefore, the hack we have that
makes libtool -static behave like -all-static isn't applied, causing
this build failure."
Fixes:
http://autobuild.buildroot.net/results/
60def1b15ea61d3cb5f50e9de3f354dd2e17d270
[1] http://lists.busybox.net/pipermail/buildroot/2017-May/192959.html
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Luca Ceresoli [Tue, 30 May 2017 17:01:28 +0000 (19:01 +0200)]
stm32flash: fix help text format
Warning reported by check-package.
Signed-off-by: Luca Ceresoli <luca@lucaceresoli.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Luca Ceresoli [Tue, 30 May 2017 17:01:27 +0000 (19:01 +0200)]
snmppp: fix help text format
Warning reported by check-package.
Signed-off-by: Luca Ceresoli <luca@lucaceresoli.net>
Cc: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Luca Ceresoli [Tue, 30 May 2017 17:01:26 +0000 (19:01 +0200)]
rtl8188eu: fix help text format
Warning reported by check-package.
Signed-off-by: Luca Ceresoli <luca@lucaceresoli.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Luca Ceresoli [Tue, 30 May 2017 17:01:25 +0000 (19:01 +0200)]
qpid-proton: fix help text format
Warning reported by check-package.
Signed-off-by: Luca Ceresoli <luca@lucaceresoli.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Luca Ceresoli [Tue, 30 May 2017 17:01:24 +0000 (19:01 +0200)]
exim: fix help text format
Warning reported by check-package.
Signed-off-by: Luca Ceresoli <luca@lucaceresoli.net>
Cc: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Luca Ceresoli [Tue, 30 May 2017 17:01:23 +0000 (19:01 +0200)]
agentpp: fix help text format
Warning reported by check-package.
Signed-off-by: Luca Ceresoli <luca@lucaceresoli.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Christian Stewart [Tue, 30 May 2017 19:36:13 +0000 (12:36 -0700)]
go: bump version to 1.8.3
Bumping Go to 1.8.3 from 1.7.
Go 1.8 comes with significant performance improvements, particularly
around ARM: "CPU time required by our benchmark programs was reduced by
20-30% on 32-bit ARM systems."
Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Graham Holland [Tue, 30 May 2017 18:04:23 +0000 (11:04 -0700)]
package/hwloc: install package to staging directory
The hwloc package consists of a library and utilities so it should be
installed to both the staging and target directories.
Signed-off-by: Graham Holland <gmh7@sfu.ca>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Thomas Petazzoni [Tue, 30 May 2017 09:34:17 +0000 (11:34 +0200)]
toolchain-external: adjust musl dynamic linker symlink for mips-sf
The external toolchain code has some logic to calculate the correct name
for the dynamic linker symbolic link that needs to be created when the
musl C library is being used. There was already some handling for the
mipsel+soft-float case, but not for the mips+soft-float case. Due to
this, the symbolic link was incorrectly named, and programs were
referencing an non-existing file.
Reported-by: Florent Jacquet <florent.jacquet@free-electrons.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Peter Korsgaard [Tue, 30 May 2017 08:28:45 +0000 (10:28 +0200)]
Update for 2017.05-rc3
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Christian Stewart [Tue, 30 May 2017 03:50:04 +0000 (20:50 -0700)]
docker-engine: fix journald logging driver
The Docker engine can optionally log to systemd-journald. For this
driver to work correctly, Docker needs to build against
systemd-journald's client library.
This patch conditionally adds a build-time dependency on systemd and
enables compiling the journald driver in docker-engine if systemd is
used as the Buildroot init process.
Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Peter Korsgaard [Mon, 29 May 2017 21:54:48 +0000 (23:54 +0200)]
libtasn1: security bump to version 4.12
Fixes CVE-2017-7650: Two errors in the "asn1_find_node()" function
(lib/parser_aux.c) within GnuTLS libtasn1 version 4.10 can be exploited to
cause a stacked-based buffer overflow by tricking a user into processing a
specially crafted assignments file via the e.g. asn1Coding utility.
For more details, see:
https://secuniaresearch.flexerasoftware.com/secunia_research/2017-11/
Or the 1.4.11 release mail (no mail about 1.4.12, but identical to 1.4.11 +
a soname fix):
https://lists.gnu.org/archive/html/help-libtasn1/2017-05/msg00003.html
Remove 0001-configure-don-t-add-Werror-to-build-flags.patch and autoreconf
as that patch is now upstream.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Gonçalo Salazar [Mon, 29 May 2017 21:53:41 +0000 (22:53 +0100)]
mosh: add notes to clarify runtime issues
Added notes to the mosh package help to clarify some runtime
issues related with it to ensure mosh will work properly after adding it.
This includes adding a proper LOCALE and an extra flag when using
mosh with dropbear.
Signed-off-by: Gonçalo Salazar <glbsalazar@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Peter Korsgaard [Mon, 29 May 2017 21:19:59 +0000 (23:19 +0200)]
mosquitto: security bump to version 1.4.12
Fixes CVE-2017-7650: Pattern based ACLs can be bypassed by clients that set
their username/client id to ‘#’ or ‘+’. This allows locally or remotely
connected clients to access MQTT topics that they do have the rights to.
The same issue may be present in third party authentication/access control
plugins for Mosquitto.
For more details, see:
https://mosquitto.org/2017/05/security-advisory-cve-2017-7650/
Remove 0001-Remove-lanl-when-WITH_ADNS-is-unset.patch as that patch is now
upstream.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Baruch Siach [Mon, 29 May 2017 20:53:23 +0000 (23:53 +0300)]
elfutils: security bump to version 0.169
Fixes a number of security issues: CVE-2017-7607, CVE-2017-7608,
CVE-2017-7609, CVE-2017-7610, CVE-2017-7611, CVE-2017-7612, CVE-2017-7613.
Rebase patches, and convert to git format.
Remove --disable-werror; unrecognized configure option.
Use upstream provided hash.
Cc: Stefan Fröberg <stefan.froberg@petroprogram.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Alistair Francis [Wed, 24 May 2017 20:30:30 +0000 (13:30 -0700)]
package/xen: add dependency on host-acpica
This commit adds a dependency on the host ACPICA package as Xen tools
require iasl to build.
Fixes:
http://autobuild.buildroot.net/results/
afa199864d6b546fe759bb582a9c10702ea7fa78/
Signed-off-by: Alistair Francis <alistair.francis@xilinx.com>
Acked-by: Erico Nunes <nunes.erico@gmail.com>
[Thomas: tweak commit log, add autobuilder reference.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Alistair Francis [Wed, 24 May 2017 20:30:29 +0000 (13:30 -0700)]
package/acpica: add host package
Add support to build the ACPICA package for the host. This is useful
for the iasl command which is required to build some packages,
including Xen tools.
This is a necessary requirement before changing the Xen package to
address:
http://autobuild.buildroot.net/results/
afa199864d6b546fe759bb582a9c10702ea7fa78/
Signed-off-by: Alistair Francis <alistair.francis@xilinx.com>
Acked-by: Erico Nunes <nunes.erico@gmail.com>
[Thomas: use PREFIX= and not DESTDIR= for host installation, tweak
commit log.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Thomas Petazzoni [Mon, 29 May 2017 21:31:51 +0000 (23:31 +0200)]
ffmpeg: do not build on m68k coldfire
m68k coldfire causes ffmpeg to think atomic intrinsics are available,
so ffmpeg doesn't use its fallback on pthreads based atomic
operations. However, m68k coldfire doesn't provide properly working
sync 4 atomics, causing a build failure.
Since fixing ffmpeg on m68k coldfire is not really important (who
wants to use ffmpeg on such platform?), we simply disallow the
selection of ffmpeg on this platform.
Alternate approaches have been proposed in the past:
- Bernd Kuhls proposed in http://patchwork.ozlabs.org/patch/766909/
to add a dependency on BR2_TOOLCHAIN_HAS_SYNC_4, but this is wrong
because other architectures that lack sync 4 atomics, such as
Sparc, can build ffmpeg perfectly fine thanks to the pthreads based
fallback code.
- Waldemar Brodkorb proposed in
https://patchwork.ozlabs.org/patch/756664/ to add an explicit
option in ffmpeg configure to force the use of pthreads based
atomics. However, we believe that running ffmpeg on m68k coldfire
is such an unlikely use case that it isn't worth carrying a patch
for this.
Fixes:
http://autobuild.buildroot.net/results/b3e/
b3eaaf6d73cd49f5919143aeaa5cbb4d15a7ccc3/
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Bernd Kuhls [Wed, 24 May 2017 21:06:11 +0000 (23:06 +0200)]
package/samba4: security bump to version 4.5.10
Fixes CVE-2017-7494:
https://www.samba.org/samba/history/samba-4.5.10.html
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Bernd Kuhls [Thu, 25 May 2017 16:34:43 +0000 (18:34 +0200)]
package/gnutls: disable for static build
The gnutils code uses __attribute__((constructor)) and
__attribute__((destructor)) to call constructor/desctructor when a
shared library is loaded.
Constructor/desctructor are not used when a static library is used
(except when if -Wl,--whole-archive -lgnutls -Wno-whole-archive is
used, not tested).
Even if gnutls initialization (_gnutls_global_init()) may be
called manually, the gnutls maintainer said it's not supported [1].
"Note that static linking applications with gnutls is not something
supported. gnutls relies on library constructors and destructors
which are not loaded when linking statically."
Now the gnutls script warns about static linking [2].
So disable gnutls statically by adding "depends on !BR2_STATIC_LIBS"
at Kconfig level and --disable-static in GNUTLS_CONF_OPTS.
Fixes:
[taskd] http://autobuild.buildroot.net/results/c2d/
c2dd5c1c9dc87d2943c15e58ee56e67d7375368c
[ffmpeg] http://autobuild.buildroot.net/results/892/
8926d319d6d1cd1ee72239ad7d9ca869d2355628
[sngrep] http://autobuild.buildroot.net/results/f7f/
f7fb42d3742f6f01000a0d181e0c785640284405
[1] https://gitlab.com/gnutls/gnutls/issues/203
[2] https://gitlab.com/gnutls/gnutls/commit/
6b748886799f88ddee9721dba4fc4d52854832ae
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
[Romain: merge our two patches together
add some option comment
disable static libgnutls.a
add sngrep autobuilder reference]
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Tested-by: Bernd Kuhls <bernd.kuhls@t-online.de>
[Thomas: do not disable libgnutls.a]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Bernd Kuhls [Mon, 29 May 2017 17:16:43 +0000 (19:16 +0200)]
package/xscreensaver: bump version to 5.36
Switched _SITE to https.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Jörg Krause [Mon, 29 May 2017 10:17:35 +0000 (12:17 +0200)]
swupdate: bump to version 2017.04
Add optional dependency on zeromq which was already added in version
2016.10.
Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Jörg Krause [Mon, 29 May 2017 10:26:00 +0000 (12:26 +0200)]
shairport-sync: bump to version 3.0.2
Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Jörg Krause [Mon, 29 May 2017 10:20:11 +0000 (12:20 +0200)]
upmpdcli: bump to version 1.2.14
Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Jörg Krause [Mon, 29 May 2017 10:20:10 +0000 (12:20 +0200)]
libupnpp: bump to version 0.15.2
Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Romain Naour [Mon, 29 May 2017 20:13:29 +0000 (22:13 +0200)]
package/google-breakpad: use PRE_CONFIGURE hooks to copy linux_syscall_support.h
As reported by Bernd [1], using POST_EXTRACT to copy
linux_syscall_support.h break the legal-info target when
google-breakpad package is selected:
/usr/bin/install: cannot stat '/home/bernd/buildroot/buildroot/output/ost/usr/i586-buildroot-linux-uclibc/sysroot/usr/include/linux_syscall_support.h': No such file or directory
This is because linux_syscall_support.h is installed by a dependency
of google-breakpad, and dependencies are only guaranteed to be
available for the configure step of a package. To fix this, we use a
PRE_CONFIGURE hook instead of POST_EXTRACT hook.
[1] http://lists.busybox.net/pipermail/buildroot/2017-May/192844.html
Reported-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Romain Naour [Mon, 29 May 2017 19:58:11 +0000 (21:58 +0200)]
package/firejail: remove broken package
firejail has been marked as broken since
3ad100fdcbf6e2bf850b4b2f528c87c74f7c93ff
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Chris Frederick <chrisf@cdf123.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Bernd Kuhls [Sun, 28 May 2017 14:31:35 +0000 (16:31 +0200)]
package/ftop: Fix broken download URL
Also use bz2 tarball and provide md5 & sha256 hashes.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Bernd Kuhls [Sun, 28 May 2017 20:35:52 +0000 (22:35 +0200)]
package/armadillo: fix download URL
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Bernd Kuhls [Sun, 28 May 2017 20:40:57 +0000 (22:40 +0200)]
package/libev: fix download URL
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>