buildroot.git
5 years agopackage/mbedtls: security bump to version 2.16.7
Fabrice Fontaine [Mon, 13 Jul 2020 10:12:42 +0000 (12:12 +0200)]
package/mbedtls: security bump to version 2.16.7

- Fix a side channel vulnerability in modular exponentiation that could
  reveal an RSA private key used in a secure enclave.
- Fix side channel in mbedtls_ecp_check_pub_priv() and
  mbedtls_pk_parse_key() / mbedtls_pk_parse_keyfile() (when loading a
  private key that didn't include the uncompressed public key), as well
  as mbedtls_ecp_mul() / mbedtls_ecp_mul_restartable() when called with
  a NULL f_rng argument. An attacker with access to precise enough
  timing and memory access information (typically an untrusted operating
  system attacking a secure enclave) could fully recover the ECC private
  key.
- Fix issue in Lucky 13 counter-measure that could make it ineffective
  when hardware accelerators were used (using one of the
  MBEDTLS_SHAxxx_ALT macros). This would cause the original Lucky 13
  attack to be possible in those configurations, allowing an active
  network attacker to recover plaintext after repeated timing
  measurements under some conditions.

https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2020-07

Switch to github to get latest release

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/exiv2: bump version to 0.27.3
Nicolas Serafini [Mon, 13 Jul 2020 10:25:13 +0000 (12:25 +0200)]
package/exiv2: bump version to 0.27.3

Bump version 0.27.3 and remove 0001[1] and 0002[2] local patches that
has been upstreamed.

Release notes:
https://github.com/Exiv2/exiv2/blob/v0.27.3/releasenotes/releasenotes.txt

[1]: https://github.com/Exiv2/exiv2/commit/b7890776c62398ca1005e8edc32786859d60fcf7
[2]: https://github.com/Exiv2/exiv2/commit/1b917c3f7dd86336a9f6fda4456422c419dfe88c

Signed-off-by: Nicolas Serafini <nicolas.serafini@sensefly.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/dhcpcd: fix build without fork
Fabrice Fontaine [Mon, 13 Jul 2020 09:01:40 +0000 (11:01 +0200)]
package/dhcpcd: fix build without fork

- Add a patch to fix build without fork in src/dhcpcd.c. This
  regression was introduced in upstream commit
  3063ebb6c8ac7c96196fa923cdd5f7c0384de23b, which was merged in dhcpcd
  9.0.0. Therefore, Buildroot is affected since we bumped from 8.0.3
  to 9.1.4 in commit 809f548e79c6c099f1fa3e3728d90842be7059a7, which
  was applied after 2020.05

- Disable privsep as it unconditionally uses fork (privsep has been
  enabled by default since version 9.0.0 and
  https://github.com/rsmarples/dhcpcd/commit/3a4c2e5604d72151b06ed365aa71493740a3ad75)

Fixes:

 - http://autobuild.buildroot.org/results/9fcc88abedcb8a02946f37837dcf4fff02f66c23

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/python-pyparted: needs python3
Fabrice Fontaine [Mon, 13 Jul 2020 09:10:03 +0000 (11:10 +0200)]
package/python-pyparted: needs python3

python3 is a mandatory dependency since version 3.11.5 and
https://github.com/dcantrell/pyparted/commit/c4949263538784036a5917195f956f8fcda9cf20

Fixes:
 - http://autobuild.buildroot.org/results/7d93b4e5c3afebef8c4c19d1c6a0c26e71423191

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Reviewed-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/python-backcall: bump to version 0.2.0
Fabrice Fontaine [Mon, 13 Jul 2020 17:06:25 +0000 (19:06 +0200)]
package/python-backcall: bump to version 0.2.0

- Update indentation in hash file (two spaces)
- Add license file and its hash

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/libmpdclient: bump to version 2.19
Fabrice Fontaine [Mon, 13 Jul 2020 16:49:20 +0000 (18:49 +0200)]
package/libmpdclient: bump to version 2.19

* fix off-by-one bug in MPD_HOST parser
* add function mpd_lookup_replay_gain_mode()
* identify messages with length over the buffer limit
* support MPD protocol 0.16
 - replay gain
* support MPD protocol 0.19
 - idle events "neighbor" and "mount"
* support MPD protocol 0.20
 - rangeid
* support MPD protocol 0.21
  - command "tagtypes all"

https://raw.githubusercontent.com/MusicPlayerDaemon/libmpdclient/v2.19/NEWS

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/libnetfilter_queue: bump to version 1.0.5
Fabrice Fontaine [Mon, 13 Jul 2020 16:42:52 +0000 (18:42 +0200)]
package/libnetfilter_queue: bump to version 1.0.5

Update indentation in hash file (two spaces)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/libmatroska: bump to version 1.6.0
Fabrice Fontaine [Mon, 13 Jul 2020 16:38:30 +0000 (18:38 +0200)]
package/libmatroska: bump to version 1.6.0

Update indentation in hash file (two spaces)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/libebml: bump to version 1.4.0
Fabrice Fontaine [Mon, 13 Jul 2020 16:38:29 +0000 (18:38 +0200)]
package/libebml: bump to version 1.4.0

Update indentation in hash file (two spaces)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/haproxy: bump to version 2.2.0
Fabrice Fontaine [Mon, 13 Jul 2020 16:20:24 +0000 (18:20 +0200)]
package/haproxy: bump to version 2.2.0

This is the new LTS branch (EOL in 2025-Q2)

https://www.mail-archive.com/haproxy@formilux.org/msg37852.html

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/lcms2: bump to version 2.11
Fabrice Fontaine [Mon, 13 Jul 2020 16:14:58 +0000 (18:14 +0200)]
package/lcms2: bump to version 2.11

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
5 years agopackage/fuse-overlayfs: needs headers >= 3.15
Fabrice Fontaine [Mon, 13 Jul 2020 14:41:59 +0000 (16:41 +0200)]
package/fuse-overlayfs: needs headers >= 3.15

fuse-overlayfs unconditionally uses SYS_renameat2 since version 0.2 and
https://github.com/containers/fuse-overlayfs/commit/616119093a5d37bf201a7b7970eeb5f7ba32de22
which is not available until kernel 3.15 and
https://github.com/torvalds/linux/commit/5fb6b953bb7aa86a9c8ea760934982cedc45c52b

Fixes:
 - http://autobuild.buildroot.org/results/3c97e25c69ab949e51f04b5d0134bc4b4059982d

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
5 years agopackage/wireshark: security bump to version 3.2.5
Fabrice Fontaine [Mon, 13 Jul 2020 12:59:52 +0000 (14:59 +0200)]
package/wireshark: security bump to version 3.2.5

Fix CVE-2020-15466: It may be possible to make Wireshark consume
excessive CPU resources by injecting a malformed packet onto the wire or
by convincing someone to read a malformed packet trace file.

https://www.wireshark.org/security/wnpa-sec-2020-09.html

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
5 years agopackage/{avro-c, python-avro}: bump to version 1.10.0
Titouan Christophe [Mon, 13 Jul 2020 14:51:10 +0000 (16:51 +0200)]
package/{avro-c, python-avro}: bump to version 1.10.0

Drop patches that have been released upstream.

Signed-off-by: Titouan Christophe <titouan.christophe@railnova.eu>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
5 years agopackage/freerdp: security bump to version 2.1.2
Fabrice Fontaine [Mon, 13 Jul 2020 13:11:25 +0000 (15:11 +0200)]
package/freerdp: security bump to version 2.1.2

- Fix CVE-2020-4030: In FreeRDP before version 2.1.2, there is an out of
  bounds read in TrioParse. Logging might bypass string length checks
  due to an integer overflow.
- Fix CVE-2020-4031: In FreeRDP before version 2.1.2, there is a
  use-after-free in gdi_SelectObject. All FreeRDP clients using
  compatibility mode with /relax-order-checks are affected.
- Fix CVE-2020-4032: In FreeRDP before version 2.1.2, there is an
  integer casting vulnerability in update_recv_secondary_order. All
  clients with +glyph-cache /relax-order-checks are affected.
- Fix CVE-2020-4033: In FreeRDP before version 2.1.2, there is an out of
  bounds read in RLEDECOMPRESS. All FreeRDP based clients with sessions
  with color depth < 32 are affected.
- Fix CVE-2020-11095: In FreeRDP before version 2.1.2, an out of bound
  reads occurs resulting in accessing a memory location that is outside
  of the boundaries of the static array
  PRIMARY_DRAWING_ORDER_FIELD_BYTES.
- Fix CVE-2020-11096: In FreeRDP before version 2.1.2, there is a global
  OOB read in update_read_cache_bitmap_v3_order. As a workaround, one
  can disable bitmap cache with -bitmap-cache (default).
- Fix CVE-2020-11097: In FreeRDP before version 2.1.2, an out of bounds
  read occurs resulting in accessing a memory location that is outside
  of the boundaries of the static array
  PRIMARY_DRAWING_ORDER_FIELD_BYTES.
- Fix CVE-2020-11098: In FreeRDP before version 2.1.2, there is an
  out-of-bound read in glyph_cache_put. This affects all FreeRDP clients
  with `+glyph-cache` option enabled.
- Fix CVE-2020-11099: In FreeRDP before version 2.1.2, there is an out
  of bounds read in license_read_new_or_upgrade_license_packet. A
  manipulated license packet can lead to out of bound reads to an
  internal buffer.

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
5 years agopackage/gssdp: bump to version 1.2.3
Fabrice Fontaine [Mon, 13 Jul 2020 16:08:19 +0000 (18:08 +0200)]
package/gssdp: bump to version 1.2.3

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
5 years agopackage/gupnp: security bump to version 1.2.3
Fabrice Fontaine [Mon, 13 Jul 2020 16:08:20 +0000 (18:08 +0200)]
package/gupnp: security bump to version 1.2.3

It includes the following commits:
https://github.com/GNOME/gupnp/commit/66a73e96f5a733a149803a985686a4e4e196f90b
https://github.com/GNOME/gupnp/commit/f943904e2d7f21601337b90058faf74b49c02796
which mitigate CVE-2020-12695

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
5 years agopackage/parprouted: new package
Owen Walpole [Thu, 2 Jul 2020 03:53:27 +0000 (22:53 -0500)]
package/parprouted: new package

parprouted is a daemon for transparent IP (Layer 3) proxy ARP
bridging. This is useful for creation of transparent firewalls
and bridging networks with different MAC protocols. Also,
unlike standard bridging, proxy ARP bridging allows to bridge
Ethernet networks behind wireless nodes without using WDS or
layer 2 bridging.

https://www.hazard.maks.net/parprouted

Signed-off-by: Owen Walpole <owen@walpole.dev>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/keepalived: bump to version 2.1.4
Fabrice Fontaine [Sun, 12 Jul 2020 21:35:43 +0000 (23:35 +0200)]
package/keepalived: bump to version 2.1.4

This will fix a build failure with kernel 4.15 thanks to:
https://github.com/acassen/keepalived/commit/d47ae3b1c853adefb9680ba31cf05c037d844445

Fixes:
 - http://autobuild.buildroot.org/results/db7f149f63e9180b22460caa74850673362aa17c

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/xvisor: needs host-dtc
Fabrice Fontaine [Sun, 12 Jul 2020 21:32:05 +0000 (23:32 +0200)]
package/xvisor: needs host-dtc

host-dtc is a mandatory dependency since version 0.3.0 and
https://github.com/xvisor/xvisor/commit/e31344c9b5835c8a12bfffb3a359f343b273fab5

Fixes:
 - http://autobuild.buildroot.org/results/3f49302e7d05d666a51db0cb51365620a63e3b40

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/pigpio: bump to version 77
Grzegorz Blach [Tue, 30 Jun 2020 09:56:02 +0000 (11:56 +0200)]
package/pigpio: bump to version 77

Signed-off-by: Grzegorz Blach <grzegorz@blach.pl>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/gst1-plugins-bayer2rgb-neon: bump to 0.4
Eloi Bail [Thu, 2 Jul 2020 08:36:19 +0000 (10:36 +0200)]
package/gst1-plugins-bayer2rgb-neon: bump to 0.4

Bump gst1-plugins-bayer2rgb-neon to 0.4.

Signed-off-by: Eloi Bail <eloi.bail@savoirfairelinux.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/nfs-utils: bump version to 2.5.1
Giulio Benetti [Tue, 30 Jun 2020 22:07:14 +0000 (00:07 +0200)]
package/nfs-utils: bump version to 2.5.1

Bump to version 2.5.1 and remove local already upstreamed patch.

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Reviewed-by: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/zlib-ng: bump to version 9609cb56a8f62868ccf264493bc9c3b4d5762fcf
James Hilliard [Wed, 1 Jul 2020 04:42:12 +0000 (22:42 -0600)]
package/zlib-ng: bump to version 9609cb56a8f62868ccf264493bc9c3b4d5762fcf

We need to update the location to point to the current maintained
upstream repo as well since the existing one is unmaintained.

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/redis: bump to version 6.0.5
James Hilliard [Wed, 1 Jul 2020 04:36:05 +0000 (22:36 -0600)]
package/redis: bump to version 6.0.5

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Acked-by: Titouan Christophe <titouan.christophe@railnova.eu>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/libva-utils: bump version to 2.8.0
Bernd Kuhls [Wed, 1 Jul 2020 05:18:51 +0000 (07:18 +0200)]
package/libva-utils: bump version to 2.8.0

Release notes:
https://github.com/intel/libva-utils/blob/v2.8-branch/NEWS

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/libva: bump version to 2.8.0
Bernd Kuhls [Wed, 1 Jul 2020 05:18:50 +0000 (07:18 +0200)]
package/libva: bump version to 2.8.0

Release notes: https://github.com/intel/libva/blob/v2.8-branch/NEWS

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/ntp: bump to version 4.2.8p15
Yegor Yefremov [Thu, 2 Jul 2020 12:23:54 +0000 (14:23 +0200)]
package/ntp: bump to version 4.2.8p15

Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/libnss: bump version to 3.54
Giulio Benetti [Thu, 2 Jul 2020 16:05:00 +0000 (18:05 +0200)]
package/libnss: bump version to 3.54

Bump version to 3.54 and remove 0002[1] and 0003[2] local patches that
has been upstreamed.

Release Notes:
https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.54_release_notes

[1]: https://hg.mozilla.org/projects/nss/rev/e955ece90b050e9da67528f09648945156d2bcea
[2]: https://hg.mozilla.org/projects/nss/rev/f46fca8ced7fca6aa6de60e3170b2a3b6b2df565

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/sdl_image: disable dynamic loading of libraries
Paul Cercueil [Sun, 12 Jul 2020 19:57:12 +0000 (21:57 +0200)]
package/sdl_image: disable dynamic loading of libraries

The thing with Buildroot, is that we know in advance what will be in the
root filesystem. Therefore, we don't need SDL_image to probe for the
presence of libpng, libjpeg, libtiff or libwebp and dynamically load
them; SDL_image can be linked to them directly at compilation time.

Signed-off-by: Paul Cercueil <paul@crapouillou.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/sdl_image: fix WebP dynamically loaded on host build
Paul Cercueil [Sun, 12 Jul 2020 19:57:11 +0000 (21:57 +0200)]
package/sdl_image: fix WebP dynamically loaded on host build

Just like with libjpeg and libpng, we don't want libwebp to be
dynamically loaded by SDL_image at runtime.

Signed-off-by: Paul Cercueil <paul@crapouillou.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/ttyd: bump to version 1.6.1
Tian Yuanhao [Thu, 2 Jul 2020 05:30:21 +0000 (13:30 +0800)]
package/ttyd: bump to version 1.6.1

Removed patches applied upstream.

Signed-off-by: Tian Yuanhao <tianyuanhao@aliyun.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/samba4: bump version to 4.11.10
Bernd Kuhls [Thu, 2 Jul 2020 05:35:56 +0000 (07:35 +0200)]
package/samba4: bump version to 4.11.10

Changelog:
https://www.samba.org/samba/history/samba-4.11.10.html

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/gensio: bump to version 2.1.1
Yegor Yefremov [Thu, 2 Jul 2020 05:25:47 +0000 (07:25 +0200)]
package/gensio: bump to version 2.1.1

Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/libudfread: bump version to 1.1.0
Bernd Kuhls [Thu, 2 Jul 2020 05:19:50 +0000 (07:19 +0200)]
package/libudfread: bump version to 1.1.0

Changelog:
https://code.videolan.org/videolan/libudfread/-/blob/master/ChangeLog

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/stella: bump version to 6.2.1
Sergio Prado [Wed, 1 Jul 2020 20:42:52 +0000 (17:42 -0300)]
package/stella: bump version to 6.2.1

Signed-off-by: Sergio Prado <sergio.prado@e-labworks.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/tslib: update to 1.22
Martin Kepplinger [Wed, 1 Jul 2020 10:50:41 +0000 (12:50 +0200)]
package/tslib: update to 1.22

The removed patches are of course part of this release and
https://github.com/libts/tslib/releases has a very short changelog.

Signed-off-by: Martin Kepplinger <martink@posteo.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agoconfigs/rock_pi_4: new defconfig
Suniel Mahesh [Sat, 4 Jul 2020 20:16:45 +0000 (01:46 +0530)]
configs/rock_pi_4: new defconfig

Add initial support for RK3399 based rockpi-4 targets (model A, B, C)
with below features:

- Custom U-Boot 2020.07-rc4
  https://github.com/amarula/u-boot-amarula.git
  branch rock-pi
- Linux 5.4.46
- GPT partition layout is being used
- Default packages from buildroot

Signed-off-by: Suniel Mahesh <sunil@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agoconfigs/rock_pi_n10: new defconfig
Suniel Mahesh [Sat, 4 Jul 2020 20:16:44 +0000 (01:46 +0530)]
configs/rock_pi_n10: new defconfig

Add initial support for RK3399PRO SOM based rockpi-n10 target
with below features:

- Custom U-Boot 2020.07-rc4
  https://github.com/amarula/u-boot-amarula.git
  branch rock-pi
- Linux 5.7.2
- GPT partition layout is being used
- Default packages from buildroot

Signed-off-by: Suniel Mahesh <sunil@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/batctl: bump version to 2020.2
Sergio Prado [Sun, 12 Jul 2020 16:13:34 +0000 (13:13 -0300)]
package/batctl: bump version to 2020.2

Also separate the fields in the hash file by two spaces.

Signed-off-by: Sergio Prado <sergio.prado@e-labworks.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/bluez-alsa: add patch for fixing build failure with gcc 10
Heiko Thiery [Sun, 12 Jul 2020 14:58:25 +0000 (16:58 +0200)]
package/bluez-alsa: add patch for fixing build failure with gcc 10

A fix is available upstream but does not apply on the used version by
buildroot.

Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agosupport/scripts/pkg-stats: fix flake8 warning
Thomas Petazzoni [Sun, 12 Jul 2020 19:23:13 +0000 (21:23 +0200)]
support/scripts/pkg-stats: fix flake8 warning

This fixes the following flake8 warning:

support/scripts/pkg-stats:1005:9: E117 over-indented

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agosupport/script/pkg-stats: handle exception when version comparison fails
Gregory CLEMENT [Fri, 10 Jul 2020 11:22:37 +0000 (13:22 +0200)]
support/script/pkg-stats: handle exception when version comparison fails

With python 3, when a package has a version number x-y-z instead of
x.y.z, then the version returned by LooseVersion can't be compared
which raises a TypeError exception:

Traceback (most recent call last):
  File "./support/scripts/pkg-stats", line 1062, in <module>
    __main__()
  File "./support/scripts/pkg-stats", line 1051, in __main__
    check_package_cves(args.nvd_path, {p.name: p for p in packages})
  File "./support/scripts/pkg-stats", line 613, in check_package_cves
    if pkg_name in packages and cve.affects(packages[pkg_name]):
  File "./support/scripts/pkg-stats", line 386, in affects
    return pkg_version <= cve_affected_version
  File "/usr/lib64/python3.8/distutils/version.py", line 58, in __le__
    c = self._cmp(other)
  File "/usr/lib64/python3.8/distutils/version.py", line 337, in _cmp
    if self.version < other.version:
TypeError: '<' not supported between instances of 'str' and 'int'

This patch handles this exception by adding a new return value when
the comparison can't be done. The code is adjusted to take of this
change. For now, a return value of CVE_UNKNOWN is handled the same way
as a CVE_DOESNT_AFFECT return value, but this can be improved later
on.

Signed-off-by: Gregory CLEMENT <gregory.clement@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/bitwise: new package
Ramon Fried [Mon, 6 Jul 2020 09:37:43 +0000 (12:37 +0300)]
package/bitwise: new package

Bitwise is multi base interactive calculator supporting dynamic base
conversion and bit manipulation.  It's a handy tool for low level
hackers, kernel developers and device drivers developers.

Signed-off-by: Ramon Fried <rfried.dev@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/sdl_mixer: add MIDI support using Timidity
Paul Cercueil [Thu, 2 Jul 2020 15:25:47 +0000 (17:25 +0200)]
package/sdl_mixer: add MIDI support using Timidity

Add MIDI playback support using SDL_mixer' built-in Timidity synth.

Signed-off-by: Paul Cercueil <paul@crapouillou.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopakcage/sdl_mixer: add optional dependency on FluidSynth for MIDI
Paul Cercueil [Thu, 2 Jul 2020 15:25:46 +0000 (17:25 +0200)]
pakcage/sdl_mixer: add optional dependency on FluidSynth for MIDI

Add support for MIDI playback using FluidSynth.

Signed-off-by: Paul Cercueil <paul@crapouillou.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/libodb-boost: new package
Kamel Bouhara [Mon, 6 Jul 2020 15:30:40 +0000 (17:30 +0200)]
package/libodb-boost: new package

This package contains the Boost ODB profile library. The Boost profile
provides support for persisting Boost smart pointers, containers, and
value types with the ODB system.

Signed-off-by: Kamel Bouhara <kamel.bouhara@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/libodb-mysql: new package
Kamel Bouhara [Mon, 6 Jul 2020 15:30:39 +0000 (17:30 +0200)]
package/libodb-mysql: new package

This package contains the MySQL ODB runtime library. Every application
that includes code generated for the MySQL database will need to link
to this library.

Signed-off-by: Kamel Bouhara <kamel.bouhara@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/libodb-pgsql: new package
Adam Duskett [Mon, 6 Jul 2020 15:30:38 +0000 (17:30 +0200)]
package/libodb-pgsql: new package

This package contains the PostgreSQL ODB runtime library.
Every application that includes code generated for the PostgreSQL
database will need to link to this library.

Signed-off-by: Adam Duskett <aduskett@gmail.com>
[Kamel: Fix incorrect license, remove unneeded dependency on host-odb]
Signed-off-by: Kamel Bouhara <kamel.bouhara@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/libodb: new package
Adam Duskett [Mon, 6 Jul 2020 15:30:37 +0000 (17:30 +0200)]
package/libodb: new package

This package contains the common ODB runtime library. Every application
that includes code generated by the ODB compiler will need to link to this
library.

Signed-off-by: Adam Duskett <aduskett@gmail.com>
[Kamel:
- Fix incorrect license
- Remove unneeded dependency on host-odb]
Signed-off-by: Kamel Bouhara <kamel.bouhara@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/odb: new package
Adam Duskett [Mon, 6 Jul 2020 15:30:36 +0000 (17:30 +0200)]
package/odb: new package

ODB is an open-source, cross-platform, and cross-database
object-relational mapping (ORM) system for C++. It allows you to
persist C++ objects to a relational database without having to deal
with tables, columns, or SQL and without manually writing any mapping
code.

ODB supports MySQL, SQLite, PostgreSQL, Oracle, and Microsoft SQL
Server relational databases as well as C++98/03 and C++11 language
standards.  It also comes with optional profiles for Boost and Qt
which allow you to seamlessly use value types, containers, and smart
pointers from these libraries in your persistent C++ classes.

This package is used for auto-generating ODB specific header files
into useable code that can be linked against a seperate libodb and a
specific libodb database library.  As such, it is only needed as a
host program and is not user selectable.

Signed-off-by: Adam Duskett <aduskett@gmail.com>
[Kamel: Fix incorrect odb license]
Signed-off-by: Kamel Bouhara <kamel.bouhara@bootlin.com>
[Thomas: add patch fixing gcc10 build, add references to upstream
commits]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agosupport/dependencies: add BR2_NEEDS_HOST_GCC_PLUGIN_SUPPORT
Kamel Bouhara [Mon, 6 Jul 2020 15:30:35 +0000 (17:30 +0200)]
support/dependencies: add BR2_NEEDS_HOST_GCC_PLUGIN_SUPPORT

Some packages requires support on the build machine to create gcc
plugins. This commit adds a blind option,
BR2_NEEDS_HOST_GCC_PLUGIN_SUPPORT, which such packages can
select. When this option is enabled, the logic in support/dependencies
verifies that everything needed on the build machine to build gcc
plugins is available.

Signed-off-by: Kamel Bouhara <kamel.bouhara@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/libcutl: new package
Adam Duskett [Mon, 6 Jul 2020 15:30:34 +0000 (17:30 +0200)]
package/libcutl: new package

libcutl is distributed in source code and includes the standard autotools
build system as well as the VC++ project files. It is a dependency for odb.

Because ODB is a host-only package, and no other package depends on libcutl,
this package will also be a host-only package.

Signed-off-by: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Kamel Bouhara <kamel.bouhara@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/freescale-imx/firmware-imx: bump version to 8.8
Maeva Manuel [Fri, 10 Jul 2020 08:16:54 +0000 (10:16 +0200)]
package/freescale-imx/firmware-imx: bump version to 8.8

This version is aligned with 5.4.24_2.1.0 NXP Linux BSP.

License was updated from:
LA_OPT_NXP_Software_License v10 December 2019
to:
LA_OPT_NXP_Software_License v11 February 2020
which explains the change of EULA/COPYING license files.

Tested-by: Julien Olivain <julien.olivain@oss.nxp.com>
[Julien: tested on i.MX8M Mini EVK Rev A with LPDDR4]
Tested-by: Stephane Viau <stephane.viau@oss.nxp.com>
[Stephane: tested on i.MX8MQ and i.MX8MN]
Tested-by : Maeva Manuel <maeva.manuel@oss.nxp.com>
[Maeva: tested on i.MX8QM MEK rev B0 and i.MX8QXP MEK rev B0]
Signed-off-by: Maeva Manuel <maeva.manuel@oss.nxp.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/freescale-imx/imx-seco: bump version to 3.6.3
Maeva Manuel [Fri, 10 Jul 2020 08:16:55 +0000 (10:16 +0200)]
package/freescale-imx/imx-seco: bump version to 3.6.3

This version is aligned with 5.4.24_2.1.0 NXP Linux BSP.
Firmware file names now include the SoC revision.

In order not to break the compatibility with the imx-seco 2.3.1
package, it remains B0 support for i.MX8QXP MEK. C0 support should
introduce a Kconfig option and this will be done in a future patch.

License was updated from:
LA_OPT_NXP_Software_License v10 December 2019
to:
LA_OPT_NXP_Software_License v11 February 2020
which explains the change of EULA/COPYING license files.

Tested-by: Maeva Manuel <maeva.manuel@oss.nxp.com>
[Maeva: tested on i.MX8QXP MEK (Board rev D1, SoC rev B0)
and on i.MX8QM MEK (SoC rev B0)]
Signed-off-by: Maeva Manuel <maeva.manuel@oss.nxp.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agoconfigs/freescale_imx8mnevk: bump BSP components to 5.4.24_2.1.0
Stephane Viau [Fri, 10 Jul 2020 12:11:26 +0000 (14:11 +0200)]
configs/freescale_imx8mnevk: bump BSP components to 5.4.24_2.1.0

Signed-off-by: Stephane Viau <stephane.viau@oss.nxp.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/kodi-pvr-mythtv: bump version to 5.10.18-Leia
Bernd Kuhls [Sun, 12 Jul 2020 07:12:00 +0000 (09:12 +0200)]
package/kodi-pvr-mythtv: bump version to 5.10.18-Leia

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/moarvm: bump to version 2020.06
Francois Perrad [Sun, 12 Jul 2020 06:54:07 +0000 (08:54 +0200)]
package/moarvm: bump to version 2020.06

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/tinydtls: fix build on big endian
Fabrice Fontaine [Sat, 20 Jun 2020 20:28:33 +0000 (22:28 +0200)]
package/tinydtls: fix build on big endian

Fixes:
 - http://autobuild.buildroot.org/results/e8704e02fdede7b63e22da552292977b23380b32

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agoConfig.in.legacy: drop legacy handling for BR2_PACKAGE_FIRMWARE_DDRFW_* options
Thomas Petazzoni [Sun, 12 Jul 2020 08:16:47 +0000 (10:16 +0200)]
Config.in.legacy: drop legacy handling for BR2_PACKAGE_FIRMWARE_DDRFW_* options

These options were only added in commit
6bb7f3b81092e7005470c7d689a566dbc1d059c6, which was made after the
2020.05 release. So they are not part of any release at this point,
which makes legacy handling unnecessary.

Reported-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/agentpp: bump version to 4.3.1
Sergio Prado [Sun, 5 Jul 2020 16:52:42 +0000 (13:52 -0300)]
package/agentpp: bump version to 4.3.1

Also separate the fields in the hash file by two spaces.

Signed-off-by: Sergio Prado <sergio.prado@e-labworks.com>
Reviewed-by: Luca Ceresoli <luca@lucaceresoli.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/snmppp: bump version to 3.4.1
Sergio Prado [Sun, 5 Jul 2020 16:52:41 +0000 (13:52 -0300)]
package/snmppp: bump version to 3.4.1

Also separate the fields in the hash file by two spaces.

Signed-off-by: Sergio Prado <sergio.prado@e-labworks.com>
Reviewed-by: Luca Ceresoli <luca@lucaceresoli.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/python-greenlet: bump to version 0.4.16
James Hilliard [Sun, 5 Jul 2020 21:54:35 +0000 (15:54 -0600)]
package/python-greenlet: bump to version 0.4.16

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/python-aioconsole: bump to version 0.2.1
James Hilliard [Sun, 5 Jul 2020 21:42:30 +0000 (15:42 -0600)]
package/python-aioconsole: bump to version 0.2.1

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/check: bump version to 0.15.0
Sergio Prado [Sun, 5 Jul 2020 18:36:59 +0000 (15:36 -0300)]
package/check: bump version to 0.15.0

Also separate the fields in the hash file by two spaces.

Signed-off-by: Sergio Prado <sergio.prado@e-labworks.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/jq: bump version to a17dd32
Lyle Franklin [Sun, 5 Jul 2020 18:28:45 +0000 (14:28 -0400)]
package/jq: bump version to a17dd32

Bump jq package to latest to fix seg fault errors reported at
https://github.com/stedolan/jq/issues/2003

Signed-off-by: Lyle Franklin <lylejfranklin@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/ccid: bump version to 1.4.33
Sergio Prado [Sun, 5 Jul 2020 18:27:53 +0000 (15:27 -0300)]
package/ccid: bump version to 1.4.33

Also separate the fields in the hash file by two spaces.

Signed-off-by: Sergio Prado <sergio.prado@e-labworks.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/vsftpd: add systemd unit
Francois Perrad [Sat, 11 Jul 2020 13:58:43 +0000 (15:58 +0200)]
package/vsftpd: add systemd unit

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/ffmpeg: bump version to 4.3.1
Bernd Kuhls [Sat, 11 Jul 2020 18:40:08 +0000 (20:40 +0200)]
package/ffmpeg: bump version to 4.3.1

Changelog:
http://git.videolan.org/?p=ffmpeg.git;a=blob;f=Changelog;h=be7588bbbf6d0568282a057e858d9aa694388e85;hb=refs/heads/release/4.3

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/aumix: add debian patch for fixing build with gcc 10
Heiko Thiery [Sat, 11 Jul 2020 18:15:38 +0000 (20:15 +0200)]
package/aumix: add debian patch for fixing build with gcc 10

Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/tor: bump version to 0.4.3.6
Bernd Kuhls [Sat, 11 Jul 2020 18:12:44 +0000 (20:12 +0200)]
package/tor: bump version to 0.4.3.6

Release notes for 0.4.3.5: https://blog.torproject.org/node/1872
"Tor 0.4.3.5 is the first stable release in the 0.4.3.x series."

Release notes for 0.4.3.6: https://blog.torproject.org/node/1900

The fix for CVE-2020-15572 "Fix a crash due to an out-of-bound memory
access when Tor is compiled with NSS support" does not affect buildroot
because we do not support building tor with libnss.

Rebased patch 0001.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/libcec: bump version to 4.0.7
Bernd Kuhls [Sat, 11 Jul 2020 18:00:29 +0000 (20:00 +0200)]
package/libcec: bump version to 4.0.7

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/freescale-imx/firmware-imx: clarify installation of firmware files
Stephane Viau [Fri, 10 Jul 2020 12:00:45 +0000 (14:00 +0200)]
package/freescale-imx/firmware-imx: clarify installation of firmware files

The newly introduced BR2_PACKAGE_FIRMWARE_IMX_NEEDS_xxx symbols are
used in lieu of the SoC type when installing images or binaries on
target.

Suggested-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Stephane Viau <stephane.viau@oss.nxp.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/freescale-imx/firmware-imx: add options for all i.MX FW needs
Stephane Viau [Fri, 10 Jul 2020 12:00:44 +0000 (14:00 +0200)]
package/freescale-imx/firmware-imx: add options for all i.MX FW needs

Some SoCs need a HDMI FW for their bootloader, some other require
EPDC, SDMA and/or VPU.

Instead of trying to "guess" what firmware images need to be installed
in firmware-imx.mk, let the Config framework do the job and allow each
SoC to pick what firmware they need.

Note that this patch should also help introducing an eventual DP FW,
as Gary mentioned in a separate thread [1].

[1] http://lists.busybox.net/pipermail/buildroot/2020-May/283181.html

Suggested-by: Yann E. MORIN <yann.morin.1998@free.fr>
Suggested-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Stephane Viau <stephane.viau@oss.nxp.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/freescale-imx: move DDR FW choice down to firmware-imx package
Stephane Viau [Fri, 10 Jul 2020 12:00:42 +0000 (14:00 +0200)]
package/freescale-imx: move DDR FW choice down to firmware-imx package

The DDR FW along with all other FW code that need to be used in
bootloader or installed on target are related to the firmware-imx
package.

This patch does this job as well as fixing the conjugation of NEED*s*
in the symbol name. Also take advantage of this patch to make the DDR
FW dependant on BR2_PACKAGE_FIRMWARE_IMX.

In addition, the BR2_PACKAGE_FIRMWARE_DDRFW_* option was incorrect, as
there is no package matching this name. So we rename them to
BR2_PACKAGE_FIRMWARE_IMX_*, and add the appropriate Config.in.legacy
handling.

Suggested-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Stephane Viau <stephane.viau@oss.nxp.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/freescale-imx/firmware-imx: fix sdma/vpu firmware install path
Stephane Viau [Fri, 10 Jul 2020 12:00:43 +0000 (14:00 +0200)]
package/freescale-imx/firmware-imx: fix sdma/vpu firmware install path

In a patch set that did not get in for other reasons, Sebastien proposed
to fix the install path directory of the sdma and vpu firmware code [1]:

"Mainline and NXP kernels expect the sdma firmware to be in
/lib/firmware/imx/sdma so fix the install path [...]"

By looking at the code, I believe this is correct even though I have no
means to test it.

[1] http://lists.busybox.net/pipermail/buildroot/2020-June/284875.html

Suggested-by: Sébastien Szymanski <sebastien.szymanski at armadeus.com>
Signed-off-by: Stephane Viau <stephane.viau@oss.nxp.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agoconfigs/freescale_imx8qxpmek: bump BSP components to version 5.4.24_2.1.0
Maeva Manuel [Mon, 6 Jul 2020 09:10:45 +0000 (11:10 +0200)]
configs/freescale_imx8qxpmek: bump BSP components to version 5.4.24_2.1.0

Tested-by: Maeva Manuel <maeva.manuel@oss.nxp.com>
Signed-off-by: Maeva Manuel <maeva.manuel@oss.nxp.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agoconfigs/freescale_imx8qmmek: bump BSP components to version 5.4.24_2.1.0
Maeva Manuel [Mon, 6 Jul 2020 09:10:44 +0000 (11:10 +0200)]
configs/freescale_imx8qmmek: bump BSP components to version 5.4.24_2.1.0

Tested-by: Maeva Manuel <maeva.manuel@oss.nxp.com>
Signed-off-by: Maeva Manuel <maeva.manuel@oss.nxp.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/webkitgtk: security bump to version 2.28.3
Adrian Perez de Castro [Fri, 10 Jul 2020 11:52:48 +0000 (14:52 +0300)]
package/webkitgtk: security bump to version 2.28.3

This is a minor release which provides fixes for CVE-2020-9800,
CVE-2020-9802, CVE-2020-9803, CVE-2020-9805, CVE-2020-9806,
CVE-2020-9807, CVE-2020-9843, CVE-2020-9850, and CVE-2020-13753.

Updating from 2.28.2 also brings in the usual batch of fixes, including
important improvements to threading in the media player. Full release
notes can be found at:

  https://webkitgtk.org/2020/07/09/webkitgtk2.28.3-released.html

A detailed security advisory can be found at:

  https://webkitgtk.org/security/WSA-2020-0006.html

Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/wpewebkit: security bump to version 2.28.3
Adrian Perez de Castro [Fri, 10 Jul 2020 11:47:30 +0000 (14:47 +0300)]
package/wpewebkit: security bump to version 2.28.3

This is a minor release which provides fixes for CVE-2020-9800,
CVE-2020-9802, CVE-2020-9803, CVE-2020-9805, CVE-2020-9806,
CVE-2020-9807, CVE-2020-9843, CVE-2020-9850, and CVE-2020-13753.

Updating from 2.28.2 also brings in the usual batch of fixes, including
important improvements to threading in the media player. Full release
notes can be found at:

  https://wpewebkit.org/release/wpewebkit-2.28.3.html

A detailed security advisory can be found at:

  https://wpewebkit.org/security/WSA-2020-0006.html

Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/php: bump version to 7.4.8
Bernd Kuhls [Fri, 10 Jul 2020 14:53:16 +0000 (16:53 +0200)]
package/php: bump version to 7.4.8

Quoting https://www.php.net/
"For windows users running an official build, this release contains a
 patched version of libcurl addressing CVE-2020-8159.

For all other consumers of PHP, this is a bug fix release."

Changelog: https://www.php.net/ChangeLog-7.php#7.4.8

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agoboard/qemu/aarch64-virt/linux.config: enable VIRTIO_FS driver
Romain Naour [Mon, 6 Jul 2020 23:41:51 +0000 (01:41 +0200)]
board/qemu/aarch64-virt/linux.config: enable VIRTIO_FS driver

virtio-fs allow sharing a directory between the host and the guest.
It require virtiofsd daemon running before starting Qemu.

The wiki [1] recommand to enable the following kernel options:

      CONFIG_VIRTIO
      CONFIG_VIRTIO_FS
      CONFIG_DAX
      CONFIG_FS_DAX
      CONFIG_DAX_DRIVER
      CONFIG_ZONE_DEVICE

But virtio-fs works fine with only VIRTIO_FS.

Note: ZONE_DEVICE can only be enabled on aarch64 since kernel >= 5.7.
ARCH_ENABLE_MEMORY_HOTREMOVE support is missing for previous kernel [2].

[1] https://virtio-fs.gitlab.io/howto-qemu.html
[2] https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=bbd6ec605c0fc286c3f8ce60b4ed44635361d58b

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agoboard/qemu/aarch64-virt/linux.config: enable TPM tis support
Romain Naour [Mon, 6 Jul 2020 23:41:50 +0000 (01:41 +0200)]
board/qemu/aarch64-virt/linux.config: enable TPM tis support

Qemu aarch64 virt machine support TPM using a swtmp [1] TPM emulator
provided on the qemu command line [2].

[1] https://github.com/stefanberger/swtpm/wiki
[2] https://git.qemu.org/?p=qemu.git;a=commitdiff;h=c294ac327ca99342b90bd3a83d2cef9b447afaa7

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agoboard/qemu/aarch64-virt/linux.config: enable ARM_SMMU_V3
Romain Naour [Mon, 6 Jul 2020 23:41:49 +0000 (01:41 +0200)]
board/qemu/aarch64-virt/linux.config: enable ARM_SMMU_V3

>From [1]:
Support for implementations of the ARM System MMU architecture
version 3 providing translation support to a PCIe root complex.

ARM SMMU is supported since Qemu v3.0.0 [2].

ARM_SMMU_V3 can be enabled with: -M virt,iommu=smmuv3

dmesg:
arm-smmu-v3 9050000.smmuv3: ias 44-bit, oas 44-bit (features 0x00000305)
arm-smmu-v3 9050000.smmuv3: allocated 262144 entries for cmdq
arm-smmu-v3 9050000.smmuv3: allocated 131072 entries for evtq

[1] https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/tree/drivers/iommu/Kconfig?h=v5.4.42#n390
[2] https://git.qemu.org/?p=qemu.git;a=commitdiff;h=527773eeef9f2225370f9c17c35074b2ed0ced92

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agoboard/qemu/aarch64-virt/linux.config: enable QEMU firmware configuration (fw_cfg)
Romain Naour [Mon, 6 Jul 2020 23:41:48 +0000 (01:41 +0200)]
board/qemu/aarch64-virt/linux.config: enable QEMU firmware configuration (fw_cfg)

>From [1]:
This kernel option allow exporting of the QEMU firmware configuration (fw_cfg)
file entries via sysfs. Entries are found under /sys/firmware/fw_cfg when this
option is enabled and loaded.

Enable the suboption to allow the qemu_fw_cfg device to be initialized via the
kernel command line or using a module parameter.

[1] https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/tree/drivers/firmware/Kconfig?h=v5.4.42#n187

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agoboard/qemu/aarch64-virt/linux.config: enable VIRTIO_GPU driver
Romain Naour [Mon, 6 Jul 2020 23:41:47 +0000 (01:41 +0200)]
board/qemu/aarch64-virt/linux.config: enable VIRTIO_GPU driver

This driver is intended to be used by mesa virgl Gallium on the guest.
virtio-gpu is enabled by adding "-device virtio-gpu-pci" on the qemu
command line.

It's detected by lspci and dmesg log:

$ lspci
00:01.0 Display controller: Red Hat, Inc. Virtio GPU (rev 01)

$ dmesg
virtio-pci 0000:00:01.0: enabling device (0000 -> 0002)
[drm] pci: virtio-gpu-pci detected at 0000:00:01.0
[drm] virgl 3d acceleration not supported by host
[drm] EDID support available.
[TTM] Zone  kernel: Available graphics memory: 51876 KiB
[TTM] Initializing pool allocator
[TTM] Initializing DMA pool allocator
[drm] number of scanouts: 1
[drm] number of cap sets: 0
[drm] Initialized virtio_gpu 0.1.0 0 for virtio2 on minor 0

The framebuffer interface fb0 is now present in /dev

$ ls /dev/fb*
/dev/fb0

See:
https://www.kraxel.org/blog/2019/09/display-devices-in-qemu/
https://at.projects.genivi.org/wiki/display/WIK4/GENIVI+Technical+Summit+Session+Content+2018?preview=%2F28412356%2F28412481%2F2018-10-11_GeniviBangalorTechSummit_Virtio_GPU.pdf

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agoboard/qemu/aarch64-virt/linux.config: enable PCIe and PCI host generic driver
Romain Naour [Mon, 6 Jul 2020 23:41:46 +0000 (01:41 +0200)]
board/qemu/aarch64-virt/linux.config: enable PCIe and PCI host generic driver

Add the CONFIG_PCI symbol due a change in kernel 5.0 [1].
The option was previously enabled by default (default y).

"PCI: consolidate PCI config entry in drivers/pci

There is no good reason to duplicate the PCI menu in every architecture.
Instead provide a selectable HAVE_PCI symbol that indicates availability
of PCI support, and a FORCE_PCI symbol to for PCI on and the handle the
rest in drivers/pci."

Qemu aarch64 provide a PCIe Host bridge but it require CONFIG_PCI_HOST_GENERIC
enabled in the kernel.

With CONFIG_PCI_HOST_GENERIC enabled PCIe host bridge is detected:

$ dmesg
pci-host-generic 4010000000.pcie: host bridge /pcie@10000000 ranges:
pci-host-generic 4010000000.pcie:    IO 0x3eff0000..0x3effffff -> 0x00000000
pci-host-generic 4010000000.pcie:   MEM 0x10000000..0x3efeffff -> 0x10000000
pci-host-generic 4010000000.pcie:   MEM 0x8000000000..0xffffffffff -> 0x8000000000
pci-host-generic 4010000000.pcie: ECAM at [mem 0x4010000000-0x401fffffff] for [bus 00-ff]
pci-host-generic 4010000000.pcie: PCI host bridge to bus 0000:00
pci_bus 0000:00: root bus resource [bus 00-ff]
pci_bus 0000:00: root bus resource [io  0x0000-0xffff]
pci_bus 0000:00: root bus resource [mem 0x10000000-0x3efeffff]
pci_bus 0000:00: root bus resource [mem 0x8000000000-0xffffffffff]
pci 0000:00:00.0: [1b36:0008] type 00 class 0x060000

$ lspci
00:00.0 Host bridge: Red Hat, Inc. QEMU PCIe Host bridge

[1] https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=eb01d42a77785ff96b6e66a2a2e7027fc6d78e4a

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agoboard/qemu/aarch64-virt/linux.config: add RTC PL031 driver
Romain Naour [Mon, 6 Jul 2020 23:41:45 +0000 (01:41 +0200)]
board/qemu/aarch64-virt/linux.config: add RTC PL031 driver

Qemu for the aarch64 virt emulate an RTC PL031 device.
Enable the kernel support to allow setting the system time.

"date" now return the current time:
Sun Jul  5 20:38:50 UTC 2020

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agoboard/qemu/aarch64-virt/linux.config: regenerate after kernel version bump
Romain Naour [Mon, 6 Jul 2020 23:41:44 +0000 (01:41 +0200)]
board/qemu/aarch64-virt/linux.config: regenerate after kernel version bump

Regenerate the with savedefconfig.

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/cutelyst: bump version to 2.11.0
Sergio Prado [Tue, 7 Jul 2020 23:35:23 +0000 (20:35 -0300)]
package/cutelyst: bump version to 2.11.0

Also separate the fields in the hash file by two spaces.

Signed-off-by: Sergio Prado <sergio.prado@e-labworks.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/libnspr: bump version to 4.26
Giulio Benetti [Tue, 7 Jul 2020 21:34:08 +0000 (23:34 +0200)]
package/libnspr: bump version to 4.26

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/{mesa3d, mesa3d-headers}: bump version to 20.1.3
Bernd Kuhls [Fri, 10 Jul 2020 05:15:21 +0000 (07:15 +0200)]
package/{mesa3d, mesa3d-headers}: bump version to 20.1.3

Renumbered patches, rebased patch 0003.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/babeld: bump version to 1.9.2
Sergio Prado [Thu, 9 Jul 2020 23:37:40 +0000 (20:37 -0300)]
package/babeld: bump version to 1.9.2

Also separate the fields in the hash file by two spaces.

Signed-off-by: Sergio Prado <sergio.prado@e-labworks.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/dhcpcd: bump version to 9.1.4
Sergio Prado [Thu, 9 Jul 2020 22:38:11 +0000 (19:38 -0300)]
package/dhcpcd: bump version to 9.1.4

Also separate the fields in the hash file by two spaces and change the
hash of the license file (copyright message changed from 2019 to 2020).

Signed-off-by: Sergio Prado <sergio.prado@e-labworks.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/sqlite: security bump to version 3.32.3
Sam Voss [Thu, 9 Jul 2020 21:57:59 +0000 (16:57 -0500)]
package/sqlite: security bump to version 3.32.3

Fixes the following CVEs:

- CVE-2019-19923 (Fixed in 3.31.0)

SQLite is vulnerable to denial-of-service condition because of a NULL
pointer dereferencing while handling `SELECT DISTINCT`statements.

- CVE-2019-19924 (Fixed in 3.31.0)

The SQLite mishandles certain SQL commands due to improper error
handling by ` sqlite3WindowRewrite() ` function.

- CVE-2020-13435 (Fixed in 3.32.1)

SQLite is vulnerable to denial-of-service (DoS) due to improper handling
of query rewriting. An attacker could exploit this vulnerability by
supplying a system with maliciously crafted input.

- CVE-2020-13632 (Fixed in 3.32.0)

SQLite is vulnerable to denial-of-service (DoS) due to improper pointer
management in the FTS3 virtual table module. An attacker could exploit
this vulnerability by supplying a system with maliciously crafted input.

- CVE-2020-13434 (Fixed in 3.32.1)

SQLite is vulnerable to denial-of-service (DoS) due to improper handling
of floating-point operations. An attacker could exploit this
vulnerability by supplying a system with maliciously crafted input.

- CVE-2020-13871 (Fixed in 3.32.3)

SQLite 3.32.2 has a use-after-free in resetAccumulator in select.c
because the parse tree rewrite for window functions is too late.

- CVE-2020-13630 (Fixed in 3.32.0)

SQLite is vulnerable to denial-of-service (DoS) due to a use after free
issue in the FTS3 virtual table module. An attacker could exploit this
vulnerability by supplying a system with maliciously crafted input.

- CVE-2020-15358 (Fixed in 3.32.3)

SQLite is vulnerable to a heap-based buffer overflow flaw in part of an
optimization feature. An attacker able to issue specially crafted
queries could cause the application to crash, resulting in a
denial-of-service (DoS).

- CVE-2020-9327 (Fixed in 3.32.0)

SQLite is vulnerable to a Null pointer dereference flaw. A remote
attacker able to issue specially crafted SQL statements may be able to
cause a segmentation fault and application crash, resulting in a
denial-of-service (DoS).

- CVE-2019-19645 (Fixed in 3.31.0)

It was discovered that SQLite contains an denial-of-service (DoS)
vulnerability. An attacker could exploit this to trigger an infinite
recursion resulting in excessive resource consumption leading to a DoS
condition.

- CVE-2019-19926 (Fixed in 3.31.0)

The SQLite allows denial-of-service attack due to improper input
validation of user-supplied input.

- CVE-2020-11655 (Fixed in 3.32.0)

SQLite contains a memory corruption vulnerability. Successfully
exploiting this issue may allow attackers to cause a denial-of-service
(DoS). This allows an attacker to cause SQLite to crash by issuing a
crafted SQL query to the database.

- CVE-2019-19925 (Fixed in 3.31.0)

The INSERT statement fails when the zip file path is `NULL`.

- CVE-2019-19242 (Fixed in 3.31.0)

SQLite is vulnerable to a denial-of-service (DoS). An attacker could
exploit this vulnerability by supplying a maliciously crafted query to
cause an application crash.

- CVE-2019-19244 (Fixed in 3.31.0)

SQLite is vulnerable to a denial-of-service. An attacker could exploit
this vulnerability by providing a crafted SELECT statement to the SQL
server, resulting in an application crash.

- CVE-2020-13631 (Fixed in 3.32.0)

SQLite is vulnerable to data manipulation due to improper management of
virtual tables. An attacker could exploit this vulnerability by
supplying a system with maliciously crafted input.

- CVE-2020-11656 (Fixed in 3.32.0)

SQLite contains a Use-After-Free vulnerability. Successfully exploiting
this issue may allow attackers to cause a denial-of-service (DoS). This
allows an attacker to cause SQLite to crash by issuing a crafted SQL
query to the database.

- CVE-2019-19880 (Fixed in 3.31.0)

SQLite is vulnerable to denial-of-service (DoS) due to the mismanagement
of memory resources. A remote attacker could cause a victim's instance
of the application to crash by submitting crafted request that will lead
to the application parsing problematic integer values.

- CVE-2019-20218 (Fixed in 3.31.0)

SQLite is vulnerable to denial-of-service (DoS) due to improper
exception handling which could lead to unwinding of the `WITH` stack
following parsing errors. An attacker could exploit this vulnerability
by supplying a system with maliciously crafted input.

- CVE-2019-19603 (Fixed in 3.31.0)

It was discovered that SQLite contains a denial-of-service (DoS)
vulnerability. An authenticated attacker could exploit this
vulnerability by creating tables with the same name as shadow table
names.

- CVE-2019-19959 (Fixed in 3.31.0)

SQLite is vulnerable to denial-of-service (DoS) due to the mismanagement
of system memory resources. A remote attacker could cause a victim's
instance of the application to crash by causing it to process a SQL
statement that references a maliciously crafted file name.

- CVE-2019-19646 (Fixed in 3.31.0)

SQLite is vulnerable to a denial-of-service (DoS). An attacker could
exploit this vulnerability by supplying malicious SQL in order to crash
the application.

- CVE-2019-19317 (Fixed in 3.31.0)

SQLite contains a denial-of-service (DoS) vulnerability due to incorrect
logic in name lookups. An attacker could exploit this to cause a
application crash.

Signed-off-by: Sam Voss <sam.voss@rockwellcollins.com>
CC: Peter Korsgard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/luaossl: bump to version 20200709
Francois Perrad [Thu, 9 Jul 2020 20:12:35 +0000 (22:12 +0200)]
package/luaossl: bump to version 20200709

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/libcec: downgrade to version 4.0.5
Bernd Kuhls [Fri, 10 Jul 2020 06:21:02 +0000 (08:21 +0200)]
package/libcec: downgrade to version 4.0.5

According to
https://github.com/Pulse-Eight/libcec/releases/tag/libcec-5.0.0
version 5.0.0 is "not compatible with Kodi 18.x. Please use libCEC
4.0.5 instead."

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/libcurl: fix no-proxy build with bearssl and nss
Baruch Siach [Thu, 9 Jul 2020 06:06:50 +0000 (09:06 +0300)]
package/libcurl: fix no-proxy build with bearssl and nss

Add two patches fixing build against BearSSL and NSS TLS implementations
when BR2_PACKAGE_LIBCURL_PROXY_SUPPORT is disabled.

Fixes:
http://autobuild.buildroot.net/results/4d37d9163bfece536974f15f16b2ebfc5fabc539/
http://autobuild.buildroot.net/results/387e8baa13d0f07ed4dfd5b6ee3b933d4843c0e8/

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
5 years agopackage/dvb-apps: add hash file
Sergio Prado [Tue, 7 Jul 2020 21:19:47 +0000 (18:19 -0300)]
package/dvb-apps: add hash file

Signed-off-by: Sergio Prado <sergio.prado@e-labworks.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
5 years agopackage/gnutls: fix build with uClibc
Stefan Sørensen [Tue, 23 Jun 2020 10:15:33 +0000 (12:15 +0200)]
package/gnutls: fix build with uClibc

Since v3.6.14 gnutls wants to use the 'e' flag with fopen to set the
O_CLOEXEC flags. Since this is a glibc extension, it will trigger a
gnulib override of fopen on non-glibc systems, but that override
breaks the uClibc stdio.h header.

Fixes:
http://autobuild.buildroot.org/results/02f/02f2b524add307c8f7cc1af1ed0783bb1baf029a

Signed-off-by: Stefan Sørensen <stefan.sorensen@spectralink.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>