buildroot.git
5 years agopackage/whois: bump to version 5.5.6
Fabrice Fontaine [Wed, 8 Apr 2020 21:05:00 +0000 (23:05 +0200)]
package/whois: bump to version 5.5.6

Update indentation of hash file (two spaces)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/haproxy: security bump to version 2.1.4
Fabrice Fontaine [Wed, 8 Apr 2020 21:00:06 +0000 (23:00 +0200)]
package/haproxy: security bump to version 2.1.4

- Fix CVE-2020-11100: In hpack_dht_insert in hpack-tbl.c in the HPACK
  decoder in HAProxy 1.8 through 2.x before 2.1.4, a remote attacker can
  write arbitrary bytes around a certain location on the heap via a
  crafted HTTP/2 request, possibly causing remote code execution.
- Update indentation of hash file (two spaces)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/python-autobahn: drop python 2 support
James Hilliard [Wed, 8 Apr 2020 00:09:48 +0000 (18:09 -0600)]
package/python-autobahn: drop python 2 support

Upstream commit
https://github.com/crossbario/autobahn-python/commit/c0223223f865603ce192e6d5cdbcf74849a4cdd8,
which has been part of the releases since v20.1.2 has dropped support
for Python 2.x. So python-autobahn is now only available for Python
3.x.

We therefore remove the Python 2.x autobahn tests, and while at it,
drop the python-six dependency, which is no longer needed since
upstream commit
https://github.com/crossbario/autobahn-python/commit/79bd2ba41b83950614a2928eeda4704c1d149a20,
part of the releases since v20.1.3.

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/libarchive: make optional zstd dependency explicit
Thomas De Schampheleire [Tue, 7 Apr 2020 09:49:49 +0000 (11:49 +0200)]
package/libarchive: make optional zstd dependency explicit

Otherwise, the presence of zstd support in libarchive will depend on build
order.

Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/gnutls: security bump to 3.6.13
Stefan Sørensen [Tue, 7 Apr 2020 07:36:44 +0000 (09:36 +0200)]
package/gnutls: security bump to 3.6.13

Fixes the following security issue:

 * CVE-2020-11501: It was found that GnuTLS 3.6.3 introduced a
   regression in the DTLS protocol implementation. This caused the DTLS
   client to not contribute any randomness to the DTLS negotiation
   breaking the security guarantees of the DTLS protocol.

Signed-off-by: Stefan Sørensen <stefan.sorensen@spectralink.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years ago{linux, linux-headers}: bump 5.{4, 5, 6}.x series
Peter Korsgaard [Wed, 8 Apr 2020 14:39:02 +0000 (16:39 +0200)]
{linux, linux-headers}: bump 5.{4, 5, 6}.x series

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/python-requests: relax version dependency on python-idna
Romain Naour [Tue, 7 Apr 2020 22:15:49 +0000 (00:15 +0200)]
package/python-requests: relax version dependency on python-idna

The dockerCompose runtime test currently fails with:

pkg_resources.ContextualVersionConflict: (idna 2.9 (/usr/lib/python3.8/site-packages), Requirement.parse('idna<2.9,>=2.5'), {'requests'})

This is due to the fact that the python-requests module has a strict
version dependency on the python-idna module: 'idna>=2.5,<2.9'.

Since Buildroot commit 237d31bf5289a46583aa4bbc1fb7ed008b798de5, we're
using python-idna in version 2.9, which no longer matches the version
dependency expressed by python-requests, causing the failure.

Upstream has addressed this issue in commit
https://github.com/psf/requests/commit/c46f55bd48dabc02f033d252f8c64e2011f37361,
which relaxes the version requirement.

Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/498144417

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/fluidsynth: bump to version 2.1.2
Julien Olivain [Wed, 8 Apr 2020 18:25:03 +0000 (20:25 +0200)]
package/fluidsynth: bump to version 2.1.2

Changes since v2.1.1:
https://github.com/FluidSynth/fluidsynth/releases/tag/v2.1.2
- fluidsynth now exits with error when user-provided command-line arguments are out-of-range
- add verbose error logging to opensles and oboe drivers
- fix a memory leak in oboe driver
- fix a NULL dereference in the fluidsynth commandline program

./utils/test-pkg --package fluidsynth
6 builds, 1 skipped, 0 build failed, 0 legal-info failed

Signed-off-by: Julien Olivain <juju@cotds.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/libnetfilter_conntrack: bump to version 1.0.8
Fabrice Fontaine [Tue, 7 Apr 2020 18:27:55 +0000 (20:27 +0200)]
package/libnetfilter_conntrack: bump to version 1.0.8

Update indentation of hash file (two spaces)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/flatbuffers: bump to version 1.12.0
Fabrice Fontaine [Tue, 7 Apr 2020 18:23:07 +0000 (20:23 +0200)]
package/flatbuffers: bump to version 1.12.0

- Drop patch (already in version)
- Update hash of LICENSE.txt: Fixed Apache license not using canonical
  version:
  https://github.com/google/flatbuffers/commit/9834ee97874c95eee8b27677639eeb33aed12980
- Update indentation of hash file (two spaces)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/cegui: disable minizip support
Bartosz Bilas [Tue, 7 Apr 2020 15:15:16 +0000 (17:15 +0200)]
package/cegui: disable minizip support

Disable support for minizip since cegui is not compatible
with the existing buildroot's version due to lack of
necessary header. It will be restored when upstream will
switch to the new version.

Fixes:
 - http://autobuild.buildroot.net/results/65fa719e8b2466409a12eb103a8938e1488efc0c
 - http://autobuild.buildroot.net/results/ef37a0cc16daacb7206d736c86b511c7d90eefe0

and many more.

Signed-off-by: Bartosz Bilas <b.bilas@grinn-global.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/freescale-imx/imx-vpu: bump version to 5.4.39.1
Laurent GAUTHIER [Tue, 7 Apr 2020 20:20:42 +0000 (22:20 +0200)]
package/freescale-imx/imx-vpu: bump version to 5.4.39.1

To match NXP BSP 4.19.35_1.1.0 release:
https://source.codeaurora.org/external/imx/meta-fsl-bsp-release/tree/imx/meta-bsp/recipes-bsp/imx-vpu?h=warrior-4.19.35-1.1.0

The license files have changed significantly, but it remains an NXP
Semiconductor Software License Agreement.

Reviewed-by: Maeva Manuel <maeva.manuel@oss.nxp.com>
Reviewed-by: Julien Olivain <julien.olivain@oss.nxp.com>
Signed-off-by: Laurent Gauthier <laurent.gauthier_1@oss.nxp.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/assimp: bump version to 5.0.1
Peter Seiderer [Tue, 7 Apr 2020 21:12:38 +0000 (23:12 +0200)]
package/assimp: bump version to 5.0.1

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/ddrescue: bump version to 1.25
Peter Seiderer [Tue, 7 Apr 2020 21:12:03 +0000 (23:12 +0200)]
package/ddrescue: bump version to 1.25

For details see [1].

[1] https://lists.gnu.org/archive/html/info-gnu/2020-03/msg00002.html

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/bcm2835: bump version to 1.63
Peter Seiderer [Tue, 7 Apr 2020 21:11:11 +0000 (23:11 +0200)]
package/bcm2835: bump version to 1.63

- update license to GPL-3.0

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/iwd: bump version to 1.6
Peter Seiderer [Tue, 7 Apr 2020 21:07:02 +0000 (23:07 +0200)]
package/iwd: bump version to 1.6

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/ell: bump version to 0.30
Peter Seiderer [Tue, 7 Apr 2020 21:07:01 +0000 (23:07 +0200)]
package/ell: bump version to 0.30

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/python-crontab: bump to version 2.4.1
Grzegorz Blach [Wed, 8 Apr 2020 11:48:08 +0000 (13:48 +0200)]
package/python-crontab: bump to version 2.4.1

Signed-off-by: Grzegorz Blach <grzegorz@blach.pl>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/python-pigpio: bump to version 1.46
Grzegorz Blach [Wed, 8 Apr 2020 11:48:07 +0000 (13:48 +0200)]
package/python-pigpio: bump to version 1.46

Signed-off-by: Grzegorz Blach <grzegorz@blach.pl>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/netdata: bump to 1.21.0
Marcin Niestroj [Wed, 8 Apr 2020 09:36:19 +0000 (11:36 +0200)]
package/netdata: bump to 1.21.0

Signed-off-by: Marcin Niestroj <m.niestroj@grinn-global.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/webkitgtk: bump to version 2.28.0
Adrian Perez de Castro [Wed, 8 Apr 2020 15:27:03 +0000 (18:27 +0300)]
package/webkitgtk: bump to version 2.28.0

Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/thrift: security bump to v0.13
Titouan Christophe [Wed, 8 Apr 2020 09:50:55 +0000 (11:50 +0200)]
package/thrift: security bump to v0.13

Drop patch because the linker error no longer appears on br-x86-64-musl.

v0.13.0 fixes the following CVEs:

CVE-2019-0205: In Apache Thrift all versions up to and including 0.12.0,
a server or client may run into an endless loop when feed with specific
input data. Because the issue had already been partially fixed in version
0.11.0, depending on the installed version it affects only certain
language bindings.

CVE-2019-0210: In Apache Thrift 0.9.3 to 0.12.0, a server implemented
in Go using TJSONProtocol or TSimpleJSONProtocol may panic when feed with
invalid input data.

Also update the hash file to the new two-spaces convention

Signed-off-by: Titouan Christophe <titouan.christophe@railnova.eu>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/nano: bump to v4.9.2
Titouan Christophe [Wed, 8 Apr 2020 09:47:36 +0000 (11:47 +0200)]
package/nano: bump to v4.9.2

Also update the hash file to the new two-spaces convention

Signed-off-by: Titouan Christophe <titouan.christophe@railnova.eu>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/gcc: pass -Wno-error to debug builds
James Hilliard [Tue, 7 Apr 2020 19:26:22 +0000 (13:26 -0600)]
package/gcc: pass -Wno-error to debug builds

gcc fails to build in debug build with debug optimisations:

BR2_x86_corei7=y
BR2_ENABLE_DEBUG=y
BR2_DEBUG_3=y
BR2_OPTIMIZE_G=y
BR2_TOOLCHAIN_BUILDROOT_GLIBC=y
BR2_TOOLCHAIN_BUILDROOT_CXX=y

which fails with:
    ../../../../libsanitizer/libbacktrace/../../libbacktrace/elf.c:772:21: error: ‘st.st_mode’ may be used uninitialized in this function [-Werror=maybe-uninitialized]
       return S_ISLNK (st.st_mode);
                     ^
Upstream has been unable to reproduce/fix properly, details:
https://gcc.gnu.org/legacy-ml/gcc-patches/2019-03/threads.html#00827

Upstream recommends passing -Wno-error as a workaround, see:
https://gcc.gnu.org/pipermail/gcc-patches/2019-April/519867.html

Reviewed-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
[yann.morin.1998@free.fr: add the reproducing defconfig]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
5 years agopackage/mtd: add upstream patch that fixes ubiformat return code
Thomas De Schampheleire [Tue, 7 Apr 2020 09:58:15 +0000 (11:58 +0200)]
package/mtd: add upstream patch that fixes ubiformat return code

ubiformat returns 255 even on successful format actions, since the upgrade
of mtd-utils to version 2.1.1.

Backport an upstream patch that fixes this issue. No new release is made
yet.

Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
[yann.morin.1998@free.fr: make it explicit it's a backported patch]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
5 years agopackage/libubootenv: bump to version f4b9cde
Pierre-Jean Texier [Tue, 7 Apr 2020 10:00:05 +0000 (12:00 +0200)]
package/libubootenv: bump to version f4b9cde

This includes the following changes:

f4b9cde Allow negative offsets
45bf92a Detect sector size if not found in config
9f59db6 uboot_env: remove unused variables
65d243e README: libubootenv is now in oe-core

And update hash file formatting (2 spaces).

Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
5 years agopackage/rng-tools: add nistbeacon option
Fabrice Fontaine [Sat, 4 Apr 2020 21:36:53 +0000 (23:36 +0200)]
package/rng-tools: add nistbeacon option

Add an option to enable nistbeacon which is available since version 6.1
and
https://github.com/nhorman/rng-tools/commit/aefe862e187a1ef608f9826b2b4a5bbabd5e9945

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
5 years agopackage/polkit: properly autoreconf
Thomas Petazzoni [Sat, 4 Apr 2020 13:08:12 +0000 (15:08 +0200)]
package/polkit: properly autoreconf

0001-make-netgroup-support-optional.patch patches configure.ac, but we
don't autoreconf the package, which is not good.

However, simply adding AUTORECONF = YES is not sufficient: polkit
Makefile.am use the automake conditional HAVE_INTROSPECTION, which is
"available" only when the gobject-introspection m4 file is installed.

Since we don't want to make gobject-introspection a mandatory
dependency of polkit, we take a simpler route: add a copy of
introspection.m4 into the polkit source tree. This is only a 142 lines
file, and it can be dropped when
0001-make-netgroup-support-optional.patch is merged upstream.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
5 years agopackage/axel: bump version to 2.17.8
Ismael Luceno [Mon, 6 Apr 2020 21:11:05 +0000 (23:11 +0200)]
package/axel: bump version to 2.17.8

Signed-off-by: Ismael Luceno <ismael@iodev.co.uk>
[yann.morin.1998@free.fr: two spaces in hash file]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
5 years agopackage/flite: bump to version 2.1
Fabrice Fontaine [Mon, 6 Apr 2020 22:05:33 +0000 (00:05 +0200)]
package/flite: bump to version 2.1

- Update site to get latest version
- First patch is not needed since
  https://github.com/festvox/flite/commit/e7e4868ad7a65eb6ed2966dd5048c4bfeb14f23f
- Update second patch
- Drop third patch (not needed anymore)
- Update hash of COPYING:
  - BSD-2-Clause for Palm source code removed
  - Add SUN Microsystems license for g72x files
  - Add Apache-2.0 for lang/cmu_grapheme_lex/grapheme_unitran_tables.c
- Update indentation of hash file (two spaces)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
5 years agopackage/libuwsc: bump version to 3.3.5
Jianhui Zhao [Tue, 7 Apr 2020 05:13:25 +0000 (13:13 +0800)]
package/libuwsc: bump version to 3.3.5

Signed-off-by: Jianhui Zhao <zhaojh329@gmail.com>
[yann.morin.1998@free.fr: two spaces in hash file]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
5 years agopackage/libuhttpd: bump version to 3.1.4
Jianhui Zhao [Tue, 7 Apr 2020 05:10:11 +0000 (13:10 +0800)]
package/libuhttpd: bump version to 3.1.4

Signed-off-by: Jianhui Zhao <zhaojh329@gmail.com>
[yann.morin.1998@free.fr: two spaces in hash file]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
5 years agopackage/vte: enable gobject-introspection support
Adam Duskett [Wed, 1 Apr 2020 00:21:34 +0000 (17:21 -0700)]
package/vte: enable gobject-introspection support

If gobject-introspection is selected, add the gobject-introspection package to
the dependency list and set the conf opt --enable-introspection.

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
5 years agopackage/rygel: enable gobject-introspection support
Adam Duskett [Wed, 1 Apr 2020 00:21:33 +0000 (17:21 -0700)]
package/rygel: enable gobject-introspection support

If gobject-introspection is selected, add the gobject-introspection package to
the dependency list and set the conf opt --enable-introspection.

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
5 years agopackage/libmediaart: enable gobject-introspection support
Adam Duskett [Wed, 1 Apr 2020 00:21:32 +0000 (17:21 -0700)]
package/libmediaart: enable gobject-introspection support

If gobject-introspection is selected, add the gobject-introspection package to
the dependency list and set the conf opt --enable-introspection.

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
5 years agopackage/libgee: enable gobject-introspection support
Adam Duskett [Wed, 1 Apr 2020 00:21:31 +0000 (17:21 -0700)]
package/libgee: enable gobject-introspection support

If gobject-introspection is selected, add the gobject-introspection package to
the dependency list and set the conf opt --enable-introspection.

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
5 years agopackage/atk: enable gobject-introspection support
Adam Duskett [Wed, 1 Apr 2020 00:21:30 +0000 (17:21 -0700)]
package/atk: enable gobject-introspection support

If gobject-introspection is selected, add the gobject-introspection package to
the dependency list and set the conf opt -Dintrospection=true.

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
5 years agopackage/gconf: enable gobject-introspection support
Adam Duskett [Wed, 1 Apr 2020 00:21:29 +0000 (17:21 -0700)]
package/gconf: enable gobject-introspection support

If gobject-introspection is selected, add the gobject-introspection package to
the dependency list and set the conf opt --enable-introspection.

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
5 years agopackage/gcr: enable gobject-introspection support
Adam Duskett [Wed, 1 Apr 2020 00:21:28 +0000 (17:21 -0700)]
package/gcr: enable gobject-introspection support

If gobject-introspection is selected, add the gobject-introspection package to
the dependency list and set the conf opt --with-introspection.

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
5 years agopackage/json-glib: enable gobject-introspection support
Adam Duskett [Wed, 1 Apr 2020 00:21:27 +0000 (17:21 -0700)]
package/json-glib: enable gobject-introspection support

If gobject-introspection is selected, add the gobject-introspection package to
the dependency list and set the conf opt -Dintrospection=true.

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
5 years agopackage/libgtk3: enable gobject-introspection support
Adam Duskett [Wed, 1 Apr 2020 00:21:26 +0000 (17:21 -0700)]
package/libgtk3: enable gobject-introspection support

If gobject-introspection is selected, add the gobject-introspection package to
the dependency list and set the conf opt --enable-introspection.

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
5 years agopackage/libgtk2: enable gobject-introspection support
Adam Duskett [Wed, 1 Apr 2020 00:21:25 +0000 (17:21 -0700)]
package/libgtk2: enable gobject-introspection support

If gobject-introspection is selected, add the gobject-introspection package to
the dependency list and set the conf opt --enable-introspection.

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
5 years agopackage/libsecret: enable gobject-introspection support
Adam Duskett [Wed, 1 Apr 2020 00:21:23 +0000 (17:21 -0700)]
package/libsecret: enable gobject-introspection support

If gobject-introspection is selected, add the gobject-introspection package to
the dependency list and set the conf opt --enable-introspection.

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
5 years agosupport/testing: check if the defconfig provided for testing is valid
Romain Naour [Sun, 5 Apr 2020 23:04:14 +0000 (01:04 +0200)]
support/testing: check if the defconfig provided for testing is valid

Currently, the build continue even if some symbols disapear from
the generated dot config file (.config).

This patch add a new check in order to stop the test if one
of the provided symbol is missing. This must be treated as error.

For example, if a symbol disapear due to new dependency constraints.

Inspired by is_toolchain_usable() function from genrandconfig:
https://git.busybox.net/buildroot/tree/utils/genrandconfig?h=2020.02#n164

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agosupport/testing: don't use TestPythonPackageBase.config and linaro toolchain
Romain Naour [Sun, 5 Apr 2020 23:04:13 +0000 (01:04 +0200)]
support/testing: don't use TestPythonPackageBase.config and linaro toolchain

TestPythonPackageBase.config provide already the basic uClibc toolchain.
So by adding the symbols for the linaro toolchain some warning are printed
at while loading the configuration:

.config:16:warning: override: reassigning to symbol BR2_TOOLCHAIN_EXTERNAL
.config:16:warning: override: BR2_TOOLCHAIN_EXTERNAL changes choice state
.config:17:warning: override: reassigning to symbol BR2_TARGET_ROOTFS_CPIO
.config:21:warning: override: BR2_TOOLCHAIN_EXTERNAL_LINARO_ARM changes choice state

So, some symbol disapear from the generated dot config (.config) leading
to an error due to a new check in the testsuite infra.

Since this test should use the Linaro toolchain, remove
TestPythonPackageBase.config add BR2_arm=y and disable the rootfs tar option.

While at it, re-order the options so that they appear in the same
order as they appear in a defconfig.

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Adam Duskett <Aduskett@gmail.com>
Cc: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agosupport/testing: test_lxc: use ARM arm external toolchain
Romain Naour [Sun, 5 Apr 2020 23:04:12 +0000 (01:04 +0200)]
support/testing: test_lxc: use ARM arm external toolchain

Until now, the lxc test was using the ARM CodeSourcery 2014.05 armv5 toolchain.
But the recent systemd version bump to 245 added a toolchain dependency
on systemd package due to build issues with gcc < 5.0.

Before [1] the lxc test was failing to build with the ARM CodeSourcery 2014.05
toolchain. After [1], the test is faling at runtime since the
"BR2_INIT_SYSTEMD=y" symbol disapear from the dot config (.config) due to
the new toolchain dependency.

Fix this by using the same toolchain as for the systemd tests [2]

[1] 2196ee25ff29c87001a42a382655d5b52d5de3c4
[2] b3d979c0d1b10de501576644e7dcdba708889b0c

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agosupport/testing: test_tmux: remove BR2_GENERATE_LOCALE
Romain Naour [Sun, 5 Apr 2020 23:04:11 +0000 (01:04 +0200)]
support/testing: test_tmux: remove BR2_GENERATE_LOCALE

The BR2_GENERATE_LOCALE can only be used by uClibc based toolchains with the
internal toolchain backend [1].

The test_tmux is using a external uClibc toolchain, so the
"BR2_GENERATE_LOCALE="en_US.UTF-8"" line disapear from
the generated dot config (.config) leading to an error due to
a new check in the testsuite infra.

[1] https://git.buildroot.net/buildroot/commit/?id=bd0ffe2206fbd32baf7f4a1dc5fde81cfad70462

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agosupport/testing: test_glxinfo: remove BR2_TOOLCHAIN_EXTERNAL_LOCALE
Romain Naour [Sun, 5 Apr 2020 23:04:10 +0000 (01:04 +0200)]
support/testing: test_glxinfo: remove BR2_TOOLCHAIN_EXTERNAL_LOCALE

The BR2_TOOLCHAIN_EXTERNAL_LOCALE is only defined for uClibc based
custom external toolchains.

The test_glxinfo is using a glibc toolchain, so the
"# BR2_TOOLCHAIN_EXTERNAL_LOCALE is not set" line disapear from
the generated dot config (.config) leading to an error due to
a new check in the testsuite infra.

There is the same problem with:
BR2_TOOLCHAIN_EXTERNAL_HAS_THREADS_DEBUG=y
BR2_TOOLCHAIN_EXTERNAL_HAS_THREADS=y
BR2_TOOLCHAIN_EXTERNAL_HAS_THREADS_NPTL=y

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agosupport/testing: test_syslinux: remove BR2_TOOLCHAIN_EXTERNAL_LOCALE
Romain Naour [Sun, 5 Apr 2020 23:04:09 +0000 (01:04 +0200)]
support/testing: test_syslinux: remove BR2_TOOLCHAIN_EXTERNAL_LOCALE

The BR2_TOOLCHAIN_EXTERNAL_LOCALE is only defined for uClibc based
custom external toolchains.

The test_syslinux is using a glibc toolchain, so the
"# BR2_TOOLCHAIN_EXTERNAL_LOCALE is not set" line disapear from
the generated dot config (.config) leading to an error due to
a new check in the testsuite infra.

There is the same problem with:
BR2_TOOLCHAIN_EXTERNAL_HAS_THREADS_DEBUG=y
BR2_TOOLCHAIN_EXTERNAL_HAS_THREADS=y
BR2_TOOLCHAIN_EXTERNAL_HAS_THREADS_NPTL=y

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agosupport/testing: test_syslinux: fix flake8 errors
Romain Naour [Sun, 5 Apr 2020 23:04:08 +0000 (01:04 +0200)]
support/testing: test_syslinux: fix flake8 errors

Reported by gitlab:
https://gitlab.com/kubu93/buildroot/-/jobs/499374911

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/libclc: disable ccache
Adam Duskett [Mon, 6 Apr 2020 16:50:44 +0000 (09:50 -0700)]
package/libclc: disable ccache

Configure.py extracts arch, vendor, and os from the passed
toolchain string on line 180. When using ccache, the passed path string is
"/usr/lib64/ccache/g++" which breaks the logic, causing the following error:

Traceback (most recent call last):
  File "./configure.py", line 180, in <module>
    (t_arch, t_vendor, t_os) = target.split('-')
ValueError: not enough values to unpack (expected 3, got 1)

Use --with-cxx-compiler=$(HOSTCXX_NOCCACHE) instead of $(HOSTCXX) to fix the
above error.

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Reviewed-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
5 years agopackage/libudfread: new package
Bernd Kuhls [Sun, 5 Apr 2020 18:20:34 +0000 (20:20 +0200)]
package/libudfread: new package

Upcoming release of kodi 19.0 will add libudfread as optional
dependency: https://github.com/xbmc/xbmc/pull/17612

Please note that the removed support of libudf was added on the master
branch so we do not need to backport udf support to kodi 18.x:
https://github.com/xbmc/xbmc/commit/558b54a79eff717237919afe453ec09e0851d3a5

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
[yann.morin.1998@free.fr: two spaces in hash files]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
5 years agopackage/minizip: bump version to 2.9.2
Bartosz Bilas [Sun, 5 Apr 2020 19:02:18 +0000 (21:02 +0200)]
package/minizip: bump version to 2.9.2

Bump package version and in addition update indentation of
hash file (two spaces).

Signed-off-by: Bartosz Bilas <b.bilas@grinn-global.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/boinc: bump version to 7.16.6
Bernd Kuhls [Sun, 5 Apr 2020 18:44:51 +0000 (20:44 +0200)]
package/boinc: bump version to 7.16.6

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/libnss: fix build failure due to patch not applicable
Giulio Benetti [Sun, 5 Apr 2020 17:11:44 +0000 (19:11 +0200)]
package/libnss: fix build failure due to patch not applicable

Current 0001 patch has been committed into buildroot before being
upstreamed. Now that it's been upstreamed it changed a little, so this
makes patch 0002(based on upstream version of patch 0001) impossible to
apply causing build failure while applying patches. So let's update
patch 0001 with upstream one.

Fixes:
http://autobuild.buildroot.net/results/c8a/c8a6776a3e9cec1dc67862e4972e3ca8f4562a50/

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/pigpio: Bump to version 75
Grzegorz Blach [Mon, 6 Apr 2020 14:10:45 +0000 (16:10 +0200)]
package/pigpio: Bump to version 75

Signed-off-by: Grzegorz Blach <grzegorz@blach.pl>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/cog: support choosing either DRM or FDO platform
Charlie Turner [Mon, 6 Apr 2020 17:42:05 +0000 (18:42 +0100)]
package/cog: support choosing either DRM or FDO platform

A new DRM platform has landed, now you can choose to build with the
DRM or FDO platform, or neither. If neither are selected, Cog will
fallback to a simple WPE backend like WPEBackend-rdk
(https://github.com/WebPlatformForEmbedded/WPEBackend-rdk).

Don't be confused that in both cases the *wpebackend-fdo* package is
required. This is an unfortunate naming issue.

Signed-off-by: Charlie Turner <cturner@igalia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/cog: add wayland dependencies
Charlie Turner [Mon, 6 Apr 2020 17:42:04 +0000 (18:42 +0100)]
package/cog: add wayland dependencies

The always-built FDO backend relies on this.

Signed-off-by: Charlie Turner <cturner@igalia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/cog: add missing libxkbcommon dependency
Charlie Turner [Mon, 6 Apr 2020 17:42:03 +0000 (18:42 +0100)]
package/cog: add missing libxkbcommon dependency

The always-built FDO backend relies on this.

Signed-off-by: Charlie Turner <cturner@igalia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/qemu: disable SDL2 for the host variant
Romain Naour [Mon, 6 Apr 2020 14:21:59 +0000 (16:21 +0200)]
package/qemu: disable SDL2 for the host variant

There is no host variant for SDL2 library in Buildroot.
So the qemu build system will try to detect automatically the
external SDL2 libraries installed on the host.

$ ldd output/host/bin/qemu-system-aarch64
[...]
libSDL2-2.0.so.0 => /lib64/libSDL2-2.0.so.0

Disable explicitely sdl2 options (named sdl) to improve the
build reproducibility.

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
5 years agopackage/qemu: disable bzip2 for the host variant
Romain Naour [Mon, 6 Apr 2020 14:21:58 +0000 (16:21 +0200)]
package/qemu: disable bzip2 for the host variant

bzip2 support is needed for reading bzip2-compressed dmg images.

But the host-bzip2 is missing from host qemu package dependency,
so the qemu build system will try to detect automatically the
external libbzip2 libraries installed on the host.

$ ldd output/host/bin/qemu-system-aarch64
[...]
libbz2.so.1 => /lib64/libbz2.so.1
or
libbz2.so.1.0 => output/host/lib/libbz2.so.1.0
if host-bzip2 is built before host-qemu.

Disable explicitely bzip2 options to improve the build
reproducibility.

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
5 years agopackage/qemu: disable vnc optional support for the host variant
Romain Naour [Mon, 6 Apr 2020 14:21:57 +0000 (16:21 +0200)]
package/qemu: disable vnc optional support for the host variant

The vnc support is enabled by default and the build system
will try to detect automatically some external libraries
installed on the host for vnc-png, vnc-jpeg and vnc-sasl.

$ ldd output/host/bin/qemu-system-aarch64
[...]
libpng16.so.16 => /lib64/libpng16.so.16
or
libpng16.so.16 => output/host/lib/libpng16.so.16
if host-libpng is built before host-qemu.

Disable explicitely thoses options to improve the build
reproducibility.

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
5 years agopackage/qemu: disable libssh for the host variant
Romain Naour [Mon, 6 Apr 2020 14:21:56 +0000 (16:21 +0200)]
package/qemu: disable libssh for the host variant

There is no host-libssh in Buildroot, avoid qemu build system
to find libssh from the host.

Under certain circumstances (host distribution, openssl version), the
qemu-system binary fail to start:

host/bin/qemu-system-aarch64: symbol lookup error: /lib64/libssh.so.4: undefined symbol: EVP_KDF_ctrl, version OPENSSL_1_1_1b

$ ldd output/host/bin/qemu-system-aarch64
[...]
libssh.so.4 => /lib64/libssh.so.4

Explicitely disable libssh for the host variant.

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
5 years agopackage/pkg-generic.mk: also replace /lib by STAGING_DIR/lib in .la files
Thomas Petazzoni [Sun, 5 Apr 2020 14:21:42 +0000 (16:21 +0200)]
package/pkg-generic.mk: also replace /lib by STAGING_DIR/lib in .la files

After the staging installation, we replace a number of paths in libtool
.la files so that those paths point to STAGING_DIR instead of a location
in the build machine.

However, we replace only paths that start with /usr. And it turns out
that the linux-pam package is configured with --libdir=/lib (linux-pam
seems to always be installed in /lib rather than /usr/lib).

Due to this, libpam.la contains the following line:

  libdir='/lib'

When building a configuration that has:

 - BR2_ROOTFS_MERGED_USR=y
 - BR2_PACKAGE_LINUX_PAM=y
 - BR2_PACKAGE_POLKIT=y

on a system that has its system-wide PAM library installed in /lib,
the build fails with:

/lib/libpam.so: file not recognized: File format not recognized

For some reason, libtool searches only in STAGING_DIR/usr/lib, but
when BR2_ROOTFS_MERGED_USR=y, STAGING_DIR/lib points to
STAGING_DIR/usr/lib, so libtool finds libpam.la. And this libpam.la
contains a bogus libdir='/lib' path. libtool then goes on, finds
/lib/libpam.so, and links with it, causing the build failure.

By doing the proper replacement of libdir='/lib', we have a correct
libpam.la, and solve the build issue.

There is no autobuilder failure associated to this issue, as it
requires /lib/libpam.so to exist. This is the case on ArchLinux, on
which Xogium reported the issue, which can also be reproduced in an
ArchLinux container.

Reported-by: Xogium <contact@xogium.me>
Cc: Xogium <contact@xogium.me>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Tested-by: Yann E. MORIN <yann.morin.1998@free.fr>
[yann.morin.1998@free.fr:
  - tested by manually creating a symlink to libpam.so in /lib
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
5 years agopackage/systemd: make sure init choice and package have same dependencies
Yann E. MORIN [Sun, 5 Apr 2020 17:55:05 +0000 (19:55 +0200)]
package/systemd: make sure init choice and package have same dependencies

Currently, the dependencies for the init system choice, and the
dependencies for the package, are slightly different, and not in the
same order, the latter making it difficult to assess consistency between
the two.

Fix all that, by cross-duplicating dependencies from the init choice and
the package, and order the dependencies according to the manual (arch
first, toolchain, then the others).

Note that some dependencies are redundant, but kept nonetheless for
correctness:

  - BR2_USE_MMU is implied by BR2_TOOLCHAIN_USES_GLIBC, but systemd does
    use fork();

  - !BR2_STATIC_LIBS is also implied by BR2_TOOLCHAIN_USES_GLIBC, but it
    is also inherited from kmod which we select;

  - BR2_TOOLCHAIN_HAS_THREADS is also implied by BR2_TOOLCHAIN_USES_GLIBC,
    but systemd does use pthread_*() functions.

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
5 years agopackage/systemd: add gcc >= 5.x dependency
Romain Naour [Sat, 4 Apr 2020 22:08:42 +0000 (00:08 +0200)]
package/systemd: add gcc >= 5.x dependency

As reported on the mailing list, there is a build issue with systemd 245
when using gcc < 5.0:

http://lists.busybox.net/pipermail/buildroot/2020-April/278931.html

Build issue:
../src/shared/gpt.c:7:9: error: initializer element is not constant
         { GPT_ROOT_X86,              "root-x86"              },

When testing with a toolchain using gcc 5.4.0 and the build is ok.
http://toolchains.bootlin.com/downloads/releases/toolchains/armv5-eabi--glibc--stable-2017.05-toolchains-1-1.tar.bz2

While searching for "error: initializer element is not constant" message, we
can notice a note about gcc 5 change about "Initializing statics with compound
literals":

https://gcc.gnu.org/gcc-5/porting_to.html

Add a dependency on gcc 5 to avoid using to old compiler.

There is the same issue with host-systemd with host gcc 4.9
(tested with Debian Jessie). So, add a dependency on host gcc >= 5.x.

Fixes:
http://autobuild.buildroot.org/results/520/520dab2253f4cbe408a8177a6587dcb38c6ba215
http://autobuild.buildroot.org/results/e0e/e0e0512de822864d670b5d176798a24ab09eed2d
http://autobuild.buildroot.org/results/f56/f5660b2711627fcee4086e096e4ec4d9ba190ab6

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Adam Duskett <aduskett@gmail.com>
Cc: Maxime Hadjinlian <maxime.hadjinlian@gmail.com>
Cc: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
5 years agosupport/testing: fix systemd test by using a more recent gcc
Romain Naour [Sat, 4 Apr 2020 22:08:41 +0000 (00:08 +0200)]
support/testing: fix systemd test by using a more recent gcc

As reported on the mailing list [0], there is a build issue with systemd
245 when using gcc < 5.0, due to the following build issue:

    ../src/shared/gpt.c:7:9: error: initializer element is not constant
             { GPT_ROOT_X86,              "root-x86"              },

The pre-built external toolchain we have for armv5 (the default with
just BR2_arm=y) is a very old toolchain from CodeSourcery, which has a
gcc 4.8; we have no other pre-built toolchains for armv5, except by
using a custom one, like those from the Bootlin toolchain builder. But
using a custom toolchain is not nice, as we want our runtime test to
test nominal configurations.

So, switch the systemd tests to use a Cortex-A9, so that we can use the
ARM 2019.12 toolchain, and with VFP, so that it can boot in the qemu
vexpress machine we use for the test-cases.

Fixes:
    https://gitlab.com/buildroot.org/buildroot/-/jobs/498144403
    https://gitlab.com/buildroot.org/buildroot/-/jobs/498144405
    https://gitlab.com/buildroot.org/buildroot/-/jobs/498144406
    https://gitlab.com/buildroot.org/buildroot/-/jobs/498144408
    https://gitlab.com/buildroot.org/buildroot/-/jobs/498144410
    https://gitlab.com/buildroot.org/buildroot/-/jobs/498144412

[0] http://lists.busybox.net/pipermail/buildroot/2020-April/278931.html

Signed-off-by: Romain Naour <romain.naour@gmail.com>
[yann.morin.1998@free.fr:
  - just use cortex-a9_VFP, instead of using a bootlin toolchain
  - adapt the commit log accordingly
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
5 years agopackage/cegui: disable xerces support
Bartosz Bilas [Sat, 4 Apr 2020 16:51:01 +0000 (18:51 +0200)]
package/cegui: disable xerces support

Disable temporarily xerces's support due to used char16_t type
which is not supported in the currently used cegui version (0-8-7)
due to forced c++03 standard.

Fixes:
 - http://autobuild.buildroot.net/results/ea04be78b31b3409801597fc0ebe04627742c0c8
 - http://autobuild.buildroot.net/results/7de3a07c304e3939ec9fd164328d004a5a9bba6d
 - http://autobuild.buildroot.net/results/472b4e8438c9100e06e401296f0417a463e5fcf1

Signed-off-by: Bartosz Bilas <b.bilas@grinn-global.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/kodi: remove optional libtheora support
Bernd Kuhls [Sun, 5 Apr 2020 13:07:59 +0000 (15:07 +0200)]
package/kodi: remove optional libtheora support

Kodi plays these files through ffmpeg and does not link to libtheora
anymore, see PR 9686.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/libuhttpd: bump version to 3.1.3
Jianhui Zhao [Sun, 5 Apr 2020 12:05:05 +0000 (20:05 +0800)]
package/libuhttpd: bump version to 3.1.3

Signed-off-by: Jianhui Zhao <zhaojh329@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/unbound: fix detection of libexpat
Yann E. MORIN [Sun, 5 Apr 2020 08:22:03 +0000 (10:22 +0200)]
package/unbound: fix detection of libexpat

unbound open-codes the detection of libexpat, and as all packages doing
so, look in host paths (/usr/local /opt/local /usr/lib /usr/pkg /usr/sfw
/usr). Obviously this is wrong for cross-compilation.

Do for libexpat as we do for openssl, and point unbound to staging dir,
when we know expat is.

Fixes:
    http://autobuild.buildroot.org/results/a89ea6aa1cd8c253b1260ea227fea3dc9b095fe8/

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Stefan Ott <stefan@ott.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/mcrypt: annotate CVEs
Fabrice Fontaine [Sat, 4 Apr 2020 22:13:25 +0000 (00:13 +0200)]
package/mcrypt: annotate CVEs

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/bubblewrap: security bump to version 0.4.1
Fabrice Fontaine [Sat, 4 Apr 2020 22:06:48 +0000 (00:06 +0200)]
package/bubblewrap: security bump to version 0.4.1

Fix CVE-2020-5291: Bubblewrap (bwrap) before version 0.4.1, if installed
in setuid mode and the kernel supports unprivileged user namespaces,
then the `bwrap --userns2` option can be used to make the setuid process
keep running as root while being traceable. This can in turn be used to
gain root permissions. Note that this only affects the combination of
bubblewrap in setuid mode (which is typically used when unprivileged
user namespaces are not supported) and the support of unprivileged user
namespaces.

Also update indentation of hash file (two spaces)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Reviewed-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/cegui/cegui.mk: fix typos
Bartosz Bilas [Sat, 4 Apr 2020 16:51:00 +0000 (18:51 +0200)]
package/cegui/cegui.mk: fix typos

Configure options should be passed via CONF_OPTS not CONF_OTPS.

Signed-off-by: Bartosz Bilas <b.bilas@grinn-global.com>
[yann.morin.1998@free.fr: also fix the epoxy ones]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
5 years agopackage/vlc: fix build with opencv3
Fabrice Fontaine [Sun, 8 Mar 2020 22:22:46 +0000 (23:22 +0100)]
package/vlc: fix build with opencv3

Fixes:
 - http://autobuild.buildroot.org/results/210424bd33f660aa0757f62a558e1e03faf0f371

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/unbound: new package
Stefan Ott [Sun, 29 Mar 2020 18:00:16 +0000 (20:00 +0200)]
package/unbound: new package

Unbound: validating, recursive & caching DNS resolver with
DNSSEC, QNAME minimisation, DNSCrypt and DNS-over-TLS support.

Signed-off-by: Stefan Ott <stefan@ott.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/libuhttpd: new package
Jianhui Zhao [Sat, 4 Apr 2020 17:04:28 +0000 (01:04 +0800)]
package/libuhttpd: new package

Signed-off-by: Jianhui Zhao <zhaojh329@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agosupport/testing: add build tests for the syslinux bootloader
Thomas Petazzoni [Tue, 24 Mar 2020 14:23:56 +0000 (15:23 +0100)]
support/testing: add build tests for the syslinux bootloader

This commit adds four new tests for the syslinux bootloader:

 - Building on x86, for legacy BIOS
 - Building on x86, for EFI BIOS
 - Building on x86-64, for legacy BIOS
 - Building on x86-64, for EFI BIOS

Runtime testing in Qemu would certainly be possible, but is left as a
future addition to these tests.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agoboot/syslinux: fix build of efi part with gnu-efi 3.0.10
Thomas Petazzoni [Tue, 24 Mar 2020 14:23:55 +0000 (15:23 +0100)]
boot/syslinux: fix build of efi part with gnu-efi 3.0.10

The following defconfig:

BR2_x86_i686=y
BR2_TOOLCHAIN_EXTERNAL=y
BR2_TOOLCHAIN_EXTERNAL_DOWNLOAD=y
BR2_TOOLCHAIN_EXTERNAL_URL="http://toolchains.bootlin.com/downloads/releases/toolchains/x86-i686/tarballs/x86-i686--glibc--bleeding-edge-2018.11-1.tar.bz2"
BR2_TOOLCHAIN_EXTERNAL_GCC_8=y
BR2_TOOLCHAIN_EXTERNAL_HEADERS_4_14=y
BR2_TOOLCHAIN_EXTERNAL_CUSTOM_GLIBC=y
BR2_TOOLCHAIN_EXTERNAL_CXX=y
BR2_INIT_NONE=y
BR2_TARGET_SYSLINUX=y
BR2_TARGET_SYSLINUX_EFI=y

fails to build due to missing setjmp/longjmp definitions, which is a
consequence of a change introduced between gnu-efi 3.0.9 and 3.0.10.

This build failure is fixed by adding another syslinux paytch, which
has been submitted upstream.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/openssh: bump to version 8.2p1
Romain Naour [Mon, 30 Mar 2020 16:24:11 +0000 (18:24 +0200)]
package/openssh: bump to version 8.2p1

This new version is mandatory to allow the glibc package bump to version 2.31.
Otherwise it's not possible to connect to the remote host, as reported by [1] [2].
Upstream commit [3][4] fixes the issue.

[1] https://bugs.archlinux.org/task/65386
[2] https://bugs.gentoo.org/708224
[3] https://github.com/openssh/openssh-portable/commit/beee0ef61866cb567b9abc23bd850f922e59e3f0
[4] https://github.com/openssh/openssh-portable/commit/69298ebfc2c066acee5d187eac8ce9f38c796630

Release Note:
https://www.openssh.com/txt/release-8.2

Signed-off-by: Romain Naour <romain.naour@smile.fr>
Reviewed-by: David Pierret <david.pierret@smile.fr>
Tested-by: David Pierret <david.pierret@smile.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/swupdate: add optional systemd dependency
James Hilliard [Mon, 30 Mar 2020 00:26:49 +0000 (18:26 -0600)]
package/swupdate: add optional systemd dependency

When the swupdate SYSTEMD option is enabled, systemd needs to be built
before swupdate, otherwise the build fails with:

core/notifier.c:27:10: fatal error: systemd/sd-daemon.h: No such file or directory
   27 | #include <systemd/sd-daemon.h>
      |          ^~~~~~~~~~~~~~~~~~~~~

Of course, it remains up to the user to make sure that the systemd
package is enabled when systemd support is enabled in the swupdate
configuration.

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/libunwind: bump to version 1.4.0
Fabrice Fontaine [Thu, 2 Apr 2020 16:51:57 +0000 (18:51 +0200)]
package/libunwind: bump to version 1.4.0

Update indentation of hash file (two spaces)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agosupport/testing: update basic toolchain to bootlin bleeding-edge 2018.11-1
Romain Naour [Thu, 2 Apr 2020 21:57:18 +0000 (23:57 +0200)]
support/testing: update basic toolchain to bootlin bleeding-edge 2018.11-1

Update the toolchain being used by the testsuite infra.

The new toolchain 2018.11-1 is based on gcc 8.2, uClibc-ng 1.0.30,
linux-headers 4.14 and binutils 2.31.1.
Enable BR2_TOOLCHAIN_HAS_THREADS_DEBUG that is now required.

The old toolchain 2017.05 is based on gcc 4.9, uClibc-ng 1.0.25,
linux-headers 3.10 and binutils 2.27.

Tested with gitlab
https://gitlab.com/kubu93/buildroot/pipelines/132376578

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/libnss: fix build failure on arm32 arch not armv7
Giulio Benetti [Fri, 3 Apr 2020 20:10:21 +0000 (22:10 +0200)]
package/libnss: fix build failure on arm32 arch not armv7

NSS assumes that every neon arm32 build is an armv7, but this is
not always true(i.e. build arm32 for armv8), so let's add a patch to
remove -march=armv7 flag when building gcm-arm32-neon.c

Fixes:
http://autobuild.buildroot.net/results/464/464044fda2850123339de6c8071374e380636ee0/

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Reviewed-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/freescale-imx/kernel-module-imx-gpu-viv: bump to version 6.4.0.p1.0
Gary Bisson [Thu, 2 Apr 2020 13:08:41 +0000 (15:08 +0200)]
package/freescale-imx/kernel-module-imx-gpu-viv: bump to version 6.4.0.p1.0

This package has been tested on Nitrogen8M with the following commands:
 # modprobe galcore
 # cd /usr/share/examples/viv_samples/vdk/
 # ./tutorial7

Also update the help text as we shouldn't specify a kernel revision. It
is just that this module isn't meant for mainline kernel, only its NXP
forked version.

Signed-off-by: Gary Bisson <gary.bisson@boundarydevices.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/libexif: annotate CVEs
Fabrice Fontaine [Wed, 1 Apr 2020 21:46:09 +0000 (23:46 +0200)]
package/libexif: annotate CVEs

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/systemd: bump version to 245.4
Adam Duskett [Thu, 2 Apr 2020 01:12:23 +0000 (18:12 -0700)]
package/systemd: bump version to 245.4

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/rtty: bump version to 7.1.3
Jianhui Zhao [Sat, 4 Apr 2020 09:50:40 +0000 (17:50 +0800)]
package/rtty: bump version to 7.1.3

Signed-off-by: Jianhui Zhao <zhaojh329@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/libdrm: bump version to 2.4.101
Bernd Kuhls [Fri, 3 Apr 2020 16:26:17 +0000 (18:26 +0200)]
package/libdrm: bump version to 2.4.101

Removed patches applied upstream:
https://cgit.freedesktop.org/mesa/drm/commit/xf86drm.h?id=8c1185d22cb5ea09dea063bd4a0a4f8b64487919
https://cgit.freedesktop.org/mesa/drm/commit/xf86atomic.h?id=8c511950395ce496028bbc5ba30d9b9632690db6
https://cgit.freedesktop.org/mesa/drm/commit/meson.build?id=8de2696213d0f25a10a167b5fd6c312d6ce6a1af
https://cgit.freedesktop.org/mesa/drm/commit/tests/nouveau/threaded.c?id=cd77f114ca0073f609fc89d22390152945e73107

Renumbered remaining patches, use .xz tarball provided by upstream.
Removed md5 & sha1 hashes, not provided by upstream anymore.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/{mesa3d, mesa3d-headers}: bump version to 20.0.4
Bernd Kuhls [Fri, 3 Apr 2020 16:13:11 +0000 (18:13 +0200)]
package/{mesa3d, mesa3d-headers}: bump version to 20.0.4

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/wireguard-tools: bump version to 1.0.20200319
Peter Korsgaard [Fri, 3 Apr 2020 09:30:39 +0000 (11:30 +0200)]
package/wireguard-tools: bump version to 1.0.20200319

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/wireguard-linux-compat: bump version to 1.0.20200401
Peter Korsgaard [Fri, 3 Apr 2020 09:30:38 +0000 (11:30 +0200)]
package/wireguard-linux-compat: bump version to 1.0.20200401

Matching the now-mainline wireguard code in kernel 5.6.

For details, see the announcement:
https://lists.zx2c4.com/pipermail/wireguard/2020-April/005237.html

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/libva-utils: bump version to 2.7.1
Bernd Kuhls [Fri, 3 Apr 2020 05:30:12 +0000 (07:30 +0200)]
package/libva-utils: bump version to 2.7.1

Removed patch which was applied upstream:
https://github.com/intel/libva-utils/commit/bd01ba5a6b53370ee6465f393051908f9c6ddeba

Switched to github helper, upstream does not provide a tarball for this
release.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/libva: bump version to 2.7.0
Bernd Kuhls [Fri, 3 Apr 2020 05:30:11 +0000 (07:30 +0200)]
package/libva: bump version to 2.7.0

Switched to github helper, upstream does not provide a tarball for this
release.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years ago{linux, linux-headers}: bump 4.{4, 9, 14, 19}.x / 5.{4, 5, 6}.x series
Peter Korsgaard [Thu, 2 Apr 2020 19:33:31 +0000 (21:33 +0200)]
{linux, linux-headers}: bump 4.{4, 9, 14, 19}.x / 5.{4, 5, 6}.x series

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/apache: security bump to version 2.4.43
Peter Korsgaard [Thu, 2 Apr 2020 18:20:53 +0000 (20:20 +0200)]
package/apache: security bump to version 2.4.43

Fixes the following security issues:

  *) SECURITY: CVE-2020-1934 (cve.mitre.org)
     mod_proxy_ftp: Use of uninitialized value with malicious backend FTP
     server. [Eric Covener]

  *) SECURITY: CVE-2020-1927 (cve.mitre.org)
     rewrite, core: Set PCRE_DOTALL flag by default to avoid unpredictable
     matches and substitutions with encoded line break characters.
     The fix for CVE-2019-10098 was not effective.  [Ruediger Pluem]

The LICENSE file has been updated to fix a s/waranties/warranties/ typo, so
update the hash to match and adjust the spacing to match recent agreements:

-This software is provided "as is" and any express or implied waranties,
+This software is provided "as is" and any express or implied warranties,

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/kmscube: Use the official gitlab URL
Fabio Estevam [Sat, 4 Apr 2020 13:57:50 +0000 (10:57 -0300)]
package/kmscube: Use the official gitlab URL

The cgit URL is a mirror of the gitlab repository.

The README.md file of the kmscube project also points
to the gitlab repository, so switch the URL accordingly.

Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
5 years agopackage/sysdig: update upstream URL in Config.in
Peter Seiderer [Fri, 3 Apr 2020 18:55:31 +0000 (20:55 +0200)]
package/sysdig: update upstream URL in Config.in

The sysdig homepage we have points to an "on-sale" domain, that is
purportedly serving malware while at it. Update to point to the wiki on
github instead.

Fixes #12746.

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
[yann.morin.1998@free.fr:
  - use wiki instead of git repo
  - expand commit log
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
5 years agopackage/ntp: security bump to version 4.2.8p14
Sébastien Szymanski [Mon, 30 Mar 2020 11:21:44 +0000 (13:21 +0200)]
package/ntp: security bump to version 4.2.8p14

"This release fixes three security issues in ntpd and provides 46
bugfixes and addresses 4 other issues." [1]

NONE: Sec 3610: process_control() should bail earlier on short packets.

MEDIUM: Sec 3596: Unauthenticated ntpd may be susceptible to IPv4 spoof
attack from highly predictable transmit timestamps.

MEDIUM: Sec 3592: DoS Attack on unauthenticated client.
The fix for https://bugs.ntp.org/3445 introduced a bug whereby a system that
is running ntp-4.2.8p12 (possibly earlier) or p13 that only has one
unauthenticated time source can be attacked in a way that causes the
victim's next poll to its source to be delayed, for as long as the attack is
maintained.

[1] http://support.ntp.org/bin/view/Main/SecurityNotice#March_2020_ntp_4_2_8p14_NTP_Rele

The copyright year has changed in the COPYRIGHT file, so adjust the hash to
match and adjust the spacing to match recent agreements:

@@ -3,7 +3,7 @@

    jpg "Clone me," says Dolly sheepishly.

-   Last update: 2-Jan-2017 11:58 UTC
+   Last update: 4-Feb-2020 23:47 UTC
      __________________________________________________________________

    The following copyright notice applies to all files collectively called
@@ -32,7 +32,7 @@
    Burnicki is:
 ***********************************************************************
 *                                                                     *
-* Copyright (c) Network Time Foundation 2011-2017                     *
+* Copyright (c) Network Time Foundation 2011-2020                     *
 *                                                                     *
 * All Rights Reserved                                                 *
 *                                                                     *

Signed-off-by: Sébastien Szymanski <sebastien.szymanski@armadeus.com>
[Peter: clarify security impact, document COPYRIGHT change]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/netdata: link with libatomic when needed
Fabrice Fontaine [Mon, 30 Mar 2020 21:07:50 +0000 (23:07 +0200)]
package/netdata: link with libatomic when needed

netdata uses __atomic_fetch_add_2

Fixes:
 - http://autobuild.buildroot.org/results/1eb033ba7bf85ba3e25572a106f08faf49cd05b2

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>