buildroot.git
7 years agopackage/dovecot-pigeonhole: bump version to 0.4.23
Bernd Kuhls [Tue, 20 Mar 2018 17:38:15 +0000 (18:38 +0100)]
package/dovecot-pigeonhole: bump version to 0.4.23

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agopackage/dovecot: bump version to 2.2.35
Bernd Kuhls [Tue, 20 Mar 2018 17:38:14 +0000 (18:38 +0100)]
package/dovecot: bump version to 2.2.35

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agopackage/x11r7/xdriver_xf86-input-libinput: bump version to 0.27.0
Bernd Kuhls [Tue, 20 Mar 2018 17:58:09 +0000 (18:58 +0100)]
package/x11r7/xdriver_xf86-input-libinput: bump version to 0.27.0

Added license hash.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agoqemu: fix build with glibc 2.27
Baruch Siach [Tue, 20 Mar 2018 15:56:57 +0000 (17:56 +0200)]
qemu: fix build with glibc 2.27

glibc version 2.27 added a wrapper for the memfd_create system call. The
wrapper prototype collides with a static declaration of memfd_create.
Add upstream patch to correctly detect the glibc provided memfd_create
definition.

Fixes:
http://autobuild.buildroot.net/results/b82/b825c0cd397424b1fc7fa87c580e1757dc25c588/
http://autobuild.buildroot.net/results/9aa/9aa3853d23c0dc72bf3632b4d66ae39f597f5250/
http://autobuild.buildroot.net/results/b13/b13039ba602b9d500b939d259816a39ba24e1ba2/

Cc: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Reviewed-by: Romain Naour <romain.naour@gmail.com>
Tested-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agopackage/samba4: bump version to 4.8.0
Bernd Kuhls [Sat, 24 Mar 2018 11:35:52 +0000 (12:35 +0100)]
package/samba4: bump version to 4.8.0

Changelog: https://www.samba.org/samba/history/samba-4.8.0.html

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agoconfigs/freescale_p1025twr: needs host-openssl for the Linux kernel build
Thomas Petazzoni [Sat, 24 Mar 2018 14:26:02 +0000 (15:26 +0100)]
configs/freescale_p1025twr: needs host-openssl for the Linux kernel build

Fixes:

  https://gitlab.com/buildroot.org/buildroot/-/jobs/59015355

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agoconfigs/qemu_aarch64_virt: needs host-openssl for the Linux kernel build
Thomas Petazzoni [Sat, 24 Mar 2018 14:24:35 +0000 (15:24 +0100)]
configs/qemu_aarch64_virt: needs host-openssl for the Linux kernel build

Fixes:

  https://gitlab.com/buildroot.org/buildroot/-/jobs/59015465

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agopackage/enlightenment: bump to 0.22.3
Romain Naour [Sat, 24 Mar 2018 16:24:25 +0000 (17:24 +0100)]
package/enlightenment: bump to 0.22.3

https://www.enlightenment.org/news/e0.22.3_release

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agoconfigs/imxsabre: Fix U-Boot parallel build issue
Fabio Estevam [Sat, 10 Mar 2018 22:45:37 +0000 (19:45 -0300)]
configs/imxsabre: Fix U-Boot parallel build issue

Sometimes imximage throws the following error:

MKIMAGE u-boot-dtb.imx
Error: No BOOT_FROM tag in board/freescale/mx6sxsabresd/imximage.cfg.cfgtmp
arch/arm/imx-common/Makefile:91: recipe for target 'u-boot-dtb.imx' failed

Later on, when running mkimage for the u-boot.imx it will succeed in
finding the IVT offset.

Looks like some race condition happening during parallel build when
processing mkimage for u-boot-dtb.imx and u-boot.imx.

A proper fix still needs to be implemented, but as a workaround let's
remove the error when the IVT offset is not found.

It is useful to have such message, especially during bring-up phase,
but the build error that it causes is severe, so better avoid the
build error for now.

The error checking can be re-implemented later when we have a proper
fix.

This workaround has already been applied in mainline U-Boot:
http://git.denx.de/?p=u-boot.git;a=commit;h=b5b0e4e351e20a606de22db6a56ad6bc1e2aa8fd

Fixes:

  https://gitlab.com/buildroot.org/buildroot/-/jobs/59015347

Reported-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
7 years agopackage/icu: bump version to 60.2
Bernd Kuhls [Sat, 24 Mar 2018 08:02:44 +0000 (09:02 +0100)]
package/icu: bump version to 60.2

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agopackage/apache: security bump to version 2.4.33
Bernd Kuhls [Sat, 24 Mar 2018 08:37:16 +0000 (09:37 +0100)]
package/apache: security bump to version 2.4.33

Changelog: http://www.apache.org/dist/httpd/CHANGES_2.4.33

Fixes CVE-2017-15710, CVE-2018-1283, CVE-2018-1303, CVE-2018-1301,
CVE-2017-15715, CVE-2018-1312, CVE-2018-1302.

Added license hash.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agopackage/imagemagick: security bump version to 7.0.7-27
Bernd Kuhls [Sat, 24 Mar 2018 07:57:39 +0000 (08:57 +0100)]
package/imagemagick: security bump version to 7.0.7-27

Fixes CVE-2018-6405 (upstream Github PR 964) and many others:
http://www.imagemagick.org/script/changelog.php

Added license hash.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agowoff2: new package
Adrian Perez de Castro [Fri, 23 Mar 2018 18:59:40 +0000 (20:59 +0200)]
woff2: new package

Add the woff2 package to Builroot. This is needed by webkitgtk from
version 2.20.0 onwards. WebKitGTK+ used to bundle a copy of the library,
but it stopped doing so now that the upstream is has been making
releases.

[Peter: fix license hash]
Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agobrotli: new package
Adrian Perez de Castro [Fri, 23 Mar 2018 18:59:39 +0000 (20:59 +0200)]
brotli: new package

Add the brotli package to Buildroot. This is needed by woff2, which in
turn is needed by webkitgtk from version 2.20.0 onwards. WebKitGTK+ used
to bundle a copy of the library, but it stopped doing so now that the
upstream has started making releases.

[Peter: fix license hash]
Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agotpm2-tss: fix build with musl
Carlos Santos [Fri, 23 Mar 2018 17:00:30 +0000 (14:00 -0300)]
tpm2-tss: fix build with musl

Add a missing <sys/select.h> inclusion, needed for the definition of the
fd_set type. This patch can't be sent upstream because the changed file
does not exist anymore on the master branch.

Fixes:
  http://autobuild.buildroot.net/results/09e8b3b85d7113d60e8967a2d41a6aea8f8197c0
  http://autobuild.buildroot.net/results/2e4c70f2f1239eb19235ae04a936a6492daf316d
  http://autobuild.buildroot.net/results/bbd68f52781da735e983b1260de5b804787374b1

Signed-off-by: Carlos Santos <casantos@datacom.ind.br>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agoxfsprogs: fix build with libunistring
Baruch Siach [Tue, 20 Mar 2018 12:34:57 +0000 (14:34 +0200)]
xfsprogs: fix build with libunistring

The latest xfsprogs bump to version 4.15.1 added an optional dependency
on libunistring. Make sure we build libunistring before xfsprogs.

xfsprogs also added -lunistring to its make dependency. This does not
work very well with cross compilation because make does not know about
sysroot. Add a patch to remove this dependency.

To make shared only link with libunistring work, we also need to extend
the -static-libtool-libs patch to cover xfs_scrub as well.

Fixes:
http://autobuild.buildroot.net/results/66e/66e425b00a06f928be0951ac4196190fe88b0f62/
http://autobuild.buildroot.net/results/1cd/1cde87d1daf3c6009220ff47512794cef6a2938f/
http://autobuild.buildroot.net/results/8ba/8ba4e94cfbb8a5cbb166423a671bdbcdf535f86b/

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Reviewed-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agoefivar: bump version
Peter Korsgaard [Fri, 23 Mar 2018 09:57:41 +0000 (10:57 +0100)]
efivar: bump version

Drop 0001-Use-z-muldefs-to-avoid-the-multiple-definitions-bug-.patch and
0003-Remove-some-extra-const-that-gcc-complains-about.patch as they are now
upstream.

The upstream repo moved to the 'rhboot' github project, so adjust upstream
URL in .mk and help text to match.

Drop dependency on !musl as it is now support since e04281e60cf0d
(makeguids: Ensure compatibility with other libcs).

Drop BINTARGETS workaround as this is fixed since 6c674283697 (Don't build
static by default).

Drop popt dependency as it is no longer needed since 1aec5e7891 (Replace
popt usage with getopt_long in efivar.c).

While we are at it, also add a hash for the license file.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agoefibootmgr: explicitly depend on host-pkgconf and popt
Peter Korsgaard [Fri, 23 Mar 2018 09:57:40 +0000 (10:57 +0100)]
efibootmgr: explicitly depend on host-pkgconf and popt

efibootmgr uses host-pkgconf and popt, so explicitly add them to
_DEPENDENCIES instead of relying on them getting pulled in by efivar.

[Peter: reword as suggested by Thomas]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agoutil-linux: bump to version 2.32
Baruch Siach [Fri, 23 Mar 2018 08:35:40 +0000 (11:35 +0300)]
util-linux: bump to version 2.32

Leave both _VERSION_MAJOR and _VERSION to reduce churn. We are likely to
need _MAJOR on the next bump.

Drop ac_cv_header_sys_timex_h override; not needed with current
uClibc-ng.

Drop scanf_cv_type_modifier override; not used in configure script since
v2.21.

Drop upstream patch.

Cc: Carlos Santos <casantos@datacom.ind.br>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agodnsmasq: bump to version 2.79
Baruch Siach [Fri, 23 Mar 2018 09:11:46 +0000 (12:11 +0300)]
dnsmasq: bump to version 2.79

Drop upstream patches.

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agodbus: bump to version 1.12.6
Baruch Siach [Fri, 23 Mar 2018 08:55:06 +0000 (11:55 +0300)]
dbus: bump to version 1.12.6

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agolibostree: bump to version 2018.4
Marcus Folkesson [Fri, 23 Mar 2018 08:00:33 +0000 (09:00 +0100)]
libostree: bump to version 2018.4

Signed-off-by: Marcus Folkesson <marcus.folkesson@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agolinux-headers: bump 4.{4, 9}.x series
Fabio Estevam [Thu, 22 Mar 2018 23:15:07 +0000 (20:15 -0300)]
linux-headers: bump 4.{4, 9}.x series

Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agotpm2-tools: allow building without stack smashing protection (SSP)
Carlos Santos [Thu, 22 Mar 2018 20:27:52 +0000 (17:27 -0300)]
tpm2-tools: allow building without stack smashing protection (SSP)

Disable SSP if the toolchain does not support it. This must be done
explicitly because configure enables hardening by default but doesn't
contain a link test, so it doesn't detect when libssp is missing.

Signed-off-by: Carlos Santos <casantos@datacom.ind.br>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agotpm2-tools: propagate dependencies of selected packages
Carlos Santos [Thu, 22 Mar 2018 20:27:51 +0000 (17:27 -0300)]
tpm2-tools: propagate dependencies of selected packages

- C++ (tpm2-tss)
- MMU (dbus, libglib)
- threads (libglib)
- wchar (libglib -> gettext)

Fixes (libglib):
  http://autobuild.buildroot.net/results/786859fccc477de1519d85d8a180626bb8ebe062
  http://autobuild.buildroot.net/results/df6518f331c16b477c6e934914d0e56dc102c228

[Peter: add C++ dependency to config option]
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Carlos Santos <casantos@datacom.ind.br>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agotpm2-abrmd: allow building without stack smashing protection (SSP)
Carlos Santos [Thu, 22 Mar 2018 20:27:50 +0000 (17:27 -0300)]
tpm2-abrmd: allow building without stack smashing protection (SSP)

Disable SSP if the toolchain does not support it. This must be done
explicitly because configure.ac passes -fstack-protector-all to the
compiler but doesn't contain a link test, so it doesn't detect when
libssp is missing.

Fixes:
  http://autobuild.buildroot.net/results/83ad1f33f523321f841e70d2d8cf5ce861dee217
  http://autobuild.buildroot.net/results/cef047751534fef23d1022e9a276424bc84bf461
  http://autobuild.buildroot.net/results/6048355337804f7841dffa1655f44b9f6db56314
  http://autobuild.buildroot.net/results/d934a2ea90e7bf1c7b93dbb367998abab536daf4
  http://autobuild.buildroot.net/results/c0daaf37b8d1515d62d2441ba6aa57125437e191
  http://autobuild.buildroot.net/results/9482ea5554938865e0061dcbdcf3c2c918b96954
  http://autobuild.buildroot.net/results/282a8b6769f19f0a40089207bc54e7302663751f

Signed-off-by: Carlos Santos <casantos@datacom.ind.br>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agotpm2-abrmd: declare dependency on a toolchain with C++
Carlos Santos [Thu, 22 Mar 2018 20:27:49 +0000 (17:27 -0300)]
tpm2-abrmd: declare dependency on a toolchain with C++

It depends on tpm2-tss, whose current version contains C++ code.

[Peter: add dependency to config option]
Signed-off-by: Carlos Santos <casantos@datacom.ind.br>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agotpm2-tss: allow building without stack smashing protection (SSP)
Carlos Santos [Thu, 22 Mar 2018 20:27:48 +0000 (17:27 -0300)]
tpm2-tss: allow building without stack smashing protection (SSP)

Disable SSP if the toolchain does not support it. This must be done
explicitly because configure.ac passes -fstack-protector-all to the
compiler but doesn't contain a link test, so it doesn't detect when
libssp is missing.

Fixes:
  http://autobuild.buildroot.net/results/f98749311c5a4338f5fbd6d29c9ca29ac6c24abd
  http://autobuild.buildroot.net/results/4112a001038eb5e04c67c7b5c79280813d196911
  http://autobuild.buildroot.net/results/451fcf7e36ea8774967b84279abb89ffb0fd6923
  http://autobuild.buildroot.net/results/8e1181836249105be28f04a59cf6d31afcea91d7
  http://autobuild.buildroot.net/results/49151df111ad3d03c70551e4516c3d3b36e12d70
  http://autobuild.buildroot.net/results/42d625c579a8a16fb0c0a3df441ea186c3d52b9a
  http://autobuild.buildroot.net/results/b0af881e080c4fcc6094489c037ee853fdf42869
  http://autobuild.buildroot.net/results/0909d94af3f9589dd6b8897e2501c05b421262c4
  http://autobuild.buildroot.net/results/2fd0ee29c0b28cb1fee1b43433ab8373f49ca397
  http://autobuild.buildroot.net/results/3fa19441fd2594b064c8ff759df8849705100a65
  http://autobuild.buildroot.net/results/8675d2aa8f1e8e568a42bc0dbfae8f3721e86796
  http://autobuild.buildroot.net/results/786de50b53fa9a325c92a5d48f3928082eff0045
  http://autobuild.buildroot.net/results/a575b340f7cc562c1b87eb31d4304131b52698a7
  http://autobuild.buildroot.net/results/0b1d50d9e266d889d7e848275ebfbce45ccb419d
  http://autobuild.buildroot.net/results/d632b0e1efbb5e133dfb6595554badea9e31c492
  http://autobuild.buildroot.net/results/0c95459bfa82048d7e99661cf5f2d6d393179090
  http://autobuild.buildroot.net/results/bd494dc69fb0da46065f10a3cd8a4cab0bcbcc9b
  http://autobuild.buildroot.net/results/b397e44cd17b3d576cc55f02d5463e9c14743907
  http://autobuild.buildroot.net/results/40ed7a3b519c18102df515b5c4b993ed9a488236
  http://autobuild.buildroot.net/results/e5fc04c2ded86e03eb174a89845a50f52e407d48
  http://autobuild.buildroot.net/results/95a7c14da225d9e42545ee7a155f461303c62aa6
  http://autobuild.buildroot.net/results/25ebda7a13afa4790ad28018f42c46a795f3c284
  http://autobuild.buildroot.net/results/1bc081b78c625f13327c733fc734e36fe28ecc2a
  http://autobuild.buildroot.net/results/273108e2798155464109b9fb4d16884e7d0f9ab3
  http://autobuild.buildroot.net/results/f677d340cd42ea7242d4102fbb5fa6091a05e8ef
  http://autobuild.buildroot.net/results/ae15b625260801b494bbfa541ef86edcdbaedfe0

Signed-off-by: Carlos Santos <casantos@datacom.ind.br>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agotpm2-tss: declare dependency on a toolchain with C++
Carlos Santos [Thu, 22 Mar 2018 20:27:47 +0000 (17:27 -0300)]
tpm2-tss: declare dependency on a toolchain with C++

Version 1.4.0 still contains some C++ code. This has already changed on
upstream, so future versions will drop the dependency on a C++ compiler.

[Peter: fix indentation, add dependency to config option]
Signed-off-by: Carlos Santos <casantos@datacom.ind.br>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agoefibootmgr: bump version
Peter Korsgaard [Thu, 22 Mar 2018 12:51:53 +0000 (13:51 +0100)]
efibootmgr: bump version

Drop 0001-dont-use-fshort-wchar-when-building.patch and
0003-Remove-extra-const-keywords-gcc-7-gripes-about.patch as they are now
upstream.

The upstream repo moved to the 'rhboot' github project, so adjust upstream
URL in .mk and help text to match.

Version 15 introduces build time configuration of the default EFI directory
(E.G. the subdirectory in the EFI system partition where the loader is
installed).  This used to be hardcoded to redhat, but now a value must be
specified at build time.  Given that, it is unlikely that people relied on
the default value so set it to the more sensible 'buildroot'.

While we are at it, also add a hash for the license file.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agoflashrom: avoid download URL redirect
Baruch Siach [Wed, 21 Mar 2018 20:13:16 +0000 (22:13 +0200)]
flashrom: avoid download URL redirect

Use the https URL to avoid HTTP 308 redirect. Older wget releases treat
it as a hard error.

Fixes:
http://autobuild.buildroot.net/results/ee6/ee66e5ead70e73f1d2dae1c5ba31ccf054fe15a7/
http://autobuild.buildroot.net/results/fb8/fb8509bf9cf03933e45355fd9a6c3fa53d33c44f/
http://autobuild.buildroot.net/results/0e1/0e196570207e459c3440d50cecf0032eee6edfc2/

Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agolibostree: bump to version 2018.3
Marcus Folkesson [Wed, 21 Mar 2018 18:39:30 +0000 (19:39 +0100)]
libostree: bump to version 2018.3

Signed-off-by: Marcus Folkesson <marcus.folkesson@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agopackage/{mesa3d, mesa3d-headers}: bump version to 17.3.7
Bernd Kuhls [Wed, 21 Mar 2018 18:09:14 +0000 (19:09 +0100)]
package/{mesa3d, mesa3d-headers}: bump version to 17.3.7

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Tested-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agolinux-headers: bump 3.2.x and 4.{14, 15}.x series
Bernd Kuhls [Wed, 21 Mar 2018 18:06:32 +0000 (19:06 +0100)]
linux-headers: bump 3.2.x and 4.{14, 15}.x series

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agolinux: bump default to version 4.15.12
Bernd Kuhls [Wed, 21 Mar 2018 18:06:31 +0000 (19:06 +0100)]
linux: bump default to version 4.15.12

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agopowerpc-utils: Update URL to new upstream
Joel Stanley [Wed, 21 Mar 2018 02:30:08 +0000 (13:00 +1030)]
powerpc-utils: Update URL to new upstream

powerpc-utils changed upstream git repositories again.

Signed-off-by: Joel Stanley <joel@jms.id.au>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agotremor: security bump to fix CVE-2018-5146
Peter Korsgaard [Mon, 19 Mar 2018 21:40:05 +0000 (22:40 +0100)]
tremor: security bump to fix CVE-2018-5146

Prevent out-of-bounds write in codebook decoding.

Codebooks that are not an exact divisor of the partition size are now
truncated to fit within the partition.

Upstream has migrated from subversion to git, so change to git and bump the
version to include the fix for CVE-2018-5146.

While we're at it, also add a hash file.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agompd-mpc: pass PARALLEL_JOBS to NINJA_OPTS
Jörg Krause [Wed, 14 Mar 2018 20:18:37 +0000 (21:18 +0100)]
mpd-mpc: pass PARALLEL_JOBS to NINJA_OPTS

Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agolibmpdclient: pass PARALLEL_JOBS to NINJA_OPTS
Jörg Krause [Wed, 14 Mar 2018 20:18:36 +0000 (21:18 +0100)]
libmpdclient: pass PARALLEL_JOBS to NINJA_OPTS

Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agodocs/manual: pass PARALLEL_JOBS to NINJA_OPTS
Jörg Krause [Wed, 14 Mar 2018 20:18:35 +0000 (21:18 +0100)]
docs/manual: pass PARALLEL_JOBS to NINJA_OPTS

Ninja understands the `-j` option which defines how many jobs are
run in parallel.

Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agobtrfs-progs: fix build with e2fsprogs 1.44.0
Baruch Siach [Mon, 19 Mar 2018 17:44:09 +0000 (19:44 +0200)]
btrfs-progs: fix build with e2fsprogs 1.44.0

e2fsprogs 1.44.0 renamed a struct field name, breaking the build of code
using it. Add a patch suggested upstream to fix that.

Fixes:
http://autobuild.buildroot.net/results/d6b/d6b5fb377f44d0b6eef96c08e550ec7277a9e3cd/
http://autobuild.buildroot.net/results/651/651518f12b8a98d53cb5402445a476bd2bf32155/
http://autobuild.buildroot.net/results/3c7/3c771455cbc8460fffab6c4dd9835ee4a5776c19/

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agolinux-firmware: add QCA6174 firmware legal notice files
Baruch Siach [Mon, 19 Mar 2018 10:44:05 +0000 (12:44 +0200)]
linux-firmware: add QCA6174 firmware legal notice files

Cc: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Yegor Yefremov <yegorslists@googlemail.com>
Cc: Erik Larsson <karl.erik.larsson@gmail.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agolinux-firmware: add QCA6174 multi-board firmware
Baruch Siach [Mon, 19 Mar 2018 10:44:04 +0000 (12:44 +0200)]
linux-firmware: add QCA6174 multi-board firmware

The board-2.bin file is a new format that support multiple board files.
This file is required for for recent QCA6174 modules.

Cc: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Yegor Yefremov <yegorslists@googlemail.com>
Cc: Erik Larsson <karl.erik.larsson@gmail.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agolinux-headers: bump 3.2.x and 4.{1, 14, 15}.x series
Fabio Estevam [Mon, 19 Mar 2018 10:57:30 +0000 (07:57 -0300)]
linux-headers: bump 3.2.x and 4.{1, 14, 15}.x series

Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agolinux: bump default to version 4.15.11
Fabio Estevam [Mon, 19 Mar 2018 10:57:29 +0000 (07:57 -0300)]
linux: bump default to version 4.15.11

Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agopackage/htop: open files using binary mode
Romain Naour [Sun, 18 Mar 2018 21:26:44 +0000 (22:26 +0100)]
package/htop: open files using binary mode

Imlement Arnout's suggestion [1] for MakeHeader script.

[1] http://lists.busybox.net/pipermail/buildroot/2018-February/214373.html

Fixes:
http://autobuild.buildroot.net/results/9ce/9ce2ef5ef694253b9759016c9702c5c6be7849a1

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agoglibc: install the obsolete libnsl
Baruch Siach [Tue, 13 Mar 2018 15:59:40 +0000 (17:59 +0200)]
glibc: install the obsolete libnsl

glibc 2.27 stopped installing libnsl by default. Restore libnsl install
to fix packages, like exim, that use that library.

Fixes (exim):
http://autobuild.buildroot.net/results/a19/a19df43be7d27cf8815e1257122d25aa8285d75b/
http://autobuild.buildroot.net/results/8ec/8ecfc42a81efec8485784f945e231eb40a087b5b/
http://autobuild.buildroot.net/results/054/054eb702a9b8c66454970333ef45a0afccb7cc80/

Cc: Waldemar Brodkorb <wbx@openadk.org>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Tested-by: Luca Ceresoli <luca@lucaceresoli.net>
Reviewed-by: Luca Ceresoli <luca@lucaceresoli.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agolinux-headers: bump 4.{4,9}.x series
Peter Korsgaard [Sun, 18 Mar 2018 20:14:49 +0000 (21:14 +0100)]
linux-headers: bump 4.{4,9}.x series

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agoirssi: security bump to version 1.0.7
Peter Korsgaard [Sun, 18 Mar 2018 14:40:08 +0000 (15:40 +0100)]
irssi: security bump to version 1.0.7

Fixes the following security issues:

Use after free when server is disconnected during netsplits.  Incomplete fix
of CVE-2017-7191.  Found by Joseph Bisch.  (CWE-416, CWE-825) -
CVE-2018-7054 [2] was assigned to this issue.

Use after free when SASL messages are received in unexpected order.  Found
by Joseph Bisch.  (CWE-416, CWE-691) - CVE-2018-7053 [3] was assigned to
this issue.

Null pointer dereference when an “empty” nick has been observed by Irssi.
Found by Joseph Bisch.  (CWE-476, CWE-475) - CVE-2018-7050 [4] was assigned
to this issue.

When the number of windows exceed the available space, Irssi would crash due
to Null pointer dereference.  Found by Joseph Bisch.  (CWE-690) -
CVE-2018-7052 [5] was assigned to this issue.

Certain nick names could result in out of bounds access when printing theme
strings.  Found by Oss-Fuzz.  (CWE-126) - CVE-2018-7051 [6] was assigned to
this issue.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agopackage/tor: bump version to 0.3.2.10
Bernd Kuhls [Sun, 18 Mar 2018 10:04:26 +0000 (11:04 +0100)]
package/tor: bump version to 0.3.2.10

Bump to latest stable release, rebased patch 0001.

Release notes for 0.3.2.10:
https://blog.torproject.org/new-stable-tor-releases-security-fixes-and-dos-prevention-03210-03110-02915

Release notes for the first stable release of the 0.3.2 series, 0.3.2.9:
https://blog.torproject.org/tor-0329-released-we-have-new-stable-series

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agoe2fsprogs: bump to version 1.44.0
Baruch Siach [Thu, 15 Mar 2018 19:39:47 +0000 (21:39 +0200)]
e2fsprogs: bump to version 1.44.0

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agopackage/x11r7/xdriver_xf86-video-ati: bump version to 18.0.1
Bernd Kuhls [Thu, 15 Mar 2018 18:48:45 +0000 (19:48 +0100)]
package/x11r7/xdriver_xf86-video-ati: bump version to 18.0.1

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agopackage/x11r7/xdriver_xf86-video-amdgpu: bump version to 18.0.1
Bernd Kuhls [Thu, 15 Mar 2018 18:48:44 +0000 (19:48 +0100)]
package/x11r7/xdriver_xf86-video-amdgpu: bump version to 18.0.1

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agoDEVELOPERS: add myself for tpm2-{abrmd, tools, tss}.
Carlos Santos [Thu, 15 Mar 2018 12:56:02 +0000 (09:56 -0300)]
DEVELOPERS: add myself for tpm2-{abrmd, tools, tss}.

Signed-off-by: Carlos Santos <casantos@datacom.ind.br>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agotpm2-tools: new package
Carlos Santos [Thu, 15 Mar 2018 12:56:01 +0000 (09:56 -0300)]
tpm2-tools: new package

TPM (Trusted Platform Module) 2.0 CLI tools based on system API of
TPM2-TSS. These tools can be used to manage keys, perform
encryption/decryption/signing/etc crypto operations, and manage
non-volatile storage through a TPM2.0 HW implementation.

Signed-off-by: Carlos Santos <casantos@datacom.ind.br>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agotpm2-abrmd: new package
Carlos Santos [Thu, 15 Mar 2018 12:56:00 +0000 (09:56 -0300)]
tpm2-abrmd: new package

This is a system daemon implementing the TPM2 access broker (TAB) &
Resource Manager (RM) spec from the TCG. The daemon (tpm2-abrmd) is
implemented using Glib and the GObject system.

Communication between the daemon and clients using the TPM is done with
a combination of DBus and Unix pipes. DBus is used for discovery,
session management and the 'cancel', 'setLocality', and 'getPollHandles'
API calls (mostly these aren't yet implemented). Pipes are used to send
and receive TPM commands and responses (respectively) between client and
server.

The daemon owns the com.intel.tss2.Tabrmd name on dbus. It can be
configured to connect to either the system or the session bus.

The package also provides a client library for interacting with the
daemon via TPM Command Transmission Interface (TCTI). It is intended for
use with the SAPI library (libsapi) like any other TCTI.

[Peter: drop add default DAEMON_ARGS to init script, drop /etc/default file,
drop S30devtpmperms and fix permissions in S80tpm2-abrmd]
Signed-off-by: Carlos Santos <casantos@datacom.ind.br>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agotmp2-tss: bump to version 1.4.0
Carlos Santos [Thu, 15 Mar 2018 12:55:59 +0000 (09:55 -0300)]
tmp2-tss: bump to version 1.4.0

Improved compliance to the last public review spec and some bug fixes.

Signed-off-by: Carlos Santos <casantos@datacom.ind.br>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agotmp2-tss: remove architecture restriction
Carlos Santos [Thu, 15 Mar 2018 12:55:58 +0000 (09:55 -0300)]
tmp2-tss: remove architecture restriction

Followingig a suggestion from Peter Korsgaard, remove the restriction to
x86 and x86_64. It is preferable to expose the package unless there is a
build time dependency on an architecture or the package is specific to a
certain SoC or board.

Signed-off-by: Carlos Santos <casantos@datacom.ind.br>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agomake: fix build with glibc 2.27
Baruch Siach [Sat, 17 Mar 2018 21:11:06 +0000 (23:11 +0200)]
make: fix build with glibc 2.27

glibc 2.27 changed _GNU_GLOB_INTERFACE_VERSION to 2. This triggers build
of the internal glob implementation in make. This internal
implementation needs the __alloca symbol that glibc does not define.

Add upstream patch that adds support for _GNU_GLOB_INTERFACE_VERSION 2.

Add host-pkgconf dependency for the PKG_CHECK_MODULES macro. This macro
is only used for guile, which we currently disable unconditionally. So
host-pkgconf is only needed now so that autoreconf generates a valid
configure script.

Fixes:
http://autobuild.buildroot.net/results/8ff/8ff06ad8438cfcac85577b24675dd1d66f7d3d03/
http://autobuild.buildroot.net/results/5cc/5ccee6bb332e800e81052a3094746edde83403b1/
http://autobuild.buildroot.net/results/841/8418f5ed56dacd6900946e7d56ad36ad03c7bf7e/

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agocore/instrumentation: shave minutes off the build time
Yann E. MORIN [Thu, 15 Mar 2018 20:35:08 +0000 (21:35 +0100)]
core/instrumentation: shave minutes off the build time

As part of the build, we run some instrumentation hooks to gather
statistics about the usage of the target/, staging/ and host/
directories, so that we can generate reports for the user, that
shows:
  - for each file, what package installed it,
  - for each package,the size that it installed.

In so doing, we run a double md5 pass on all files of the affected
directories (before/after installation).  These passes were mostly invisible
when we were only scanning target/, but has greatly increased in time now
that we also scan staging/ and host/ (but only in the corresponding _CMDS,
of course).

This md5 was mostly aimed at catching packages that would "cheat" with
mtime/atime/ctime somehow. They can't really cheat on md5, though [0].

Timings however speak for themselves, with this defconfig (slightly
biggish-but-still-manageable build) [1].

host/      20965 files    1.2GiB
staging/    4715 files    333MiB
target/     1801 files     44MiB

All instrumentation steps, using md5:    19min 27s
All instrumentation steps, using mtime:  14min 45s
No instrumentation step at all:          14min 31s

So, using mtime is an almost-5min improvement, i.e. about 25% faster,
while removing all instrumentation steps does not gain that much more...

So, we switch to using mtime, because in the end that's still good-enough
for our use-case: generating some graphs.  It is not mission-critical, and
if a graph is slightly off, that's not a biggy.  It can anyway be attributed
to a broken package's buildsystem, which should get fixed.

However, we lose the ability to track directories. Non-empty directories
can be tracked back by a bit of scripting, but empty directories are
simply not caught. If we were to also look for directories using mtime,
we would catch parents of installed files:

  - /foo/bar/ exists
  - a package installs /foo/bar/buz
  - mtime of /foo/bar/ is changed to account for the new file in it.

So we do not track directories at all, and we lose empty directories.
The existing tracking was mostly happenstance, with the original
submission and comments not really accounting for a real use-case.

Now, we also change the way we handle symlinks. Previously, we would
hash the file pointed to by the symlink. Now, we only look at the mtime
of the symlink itself, which still detects modifications.

Eventually, this also means that we now no longer need to establish a
list before the install step; we can now simply run after the install
step, finding any files newer than the build stamp.

[0] Yeah, md5 is very weak, but we're not guarding against malicious
attacks, just about careless modifications.

[1] defconfig used for tests:
BR2_arm=y
BR2_cortex_a7=y
BR2_TOOLCHAIN_EXTERNAL=y
BR2_INIT_SYSTEMD=y
BR2_PACKAGE_MESA3D=y
BR2_PACKAGE_MESA3D_GALLIUM_DRIVER_ETNAVIV=y
BR2_PACKAGE_MESA3D_GALLIUM_DRIVER_SWRAST=y
BR2_PACKAGE_MESA3D_GALLIUM_DRIVER_VC4=y
BR2_PACKAGE_MESA3D_GALLIUM_DRIVER_VIRGL=y
BR2_PACKAGE_MESA3D_DRI_DRIVER_SWRAST=y
BR2_PACKAGE_MESA3D_OSMESA=y
BR2_PACKAGE_MESA3D_OPENGL_ES=y
BR2_PACKAGE_SYSTEMD_JOURNAL_GATEWAY=y
BR2_PACKAGE_SYSTEMD_BACKLIGHT=y
BR2_PACKAGE_SYSTEMD_BINFMT=y
BR2_PACKAGE_SYSTEMD_COREDUMP=y
BR2_PACKAGE_SYSTEMD_FIRSTBOOT=y
BR2_PACKAGE_SYSTEMD_HIBERNATE=y
BR2_PACKAGE_SYSTEMD_IMPORTD=y
BR2_PACKAGE_SYSTEMD_LOCALED=y
BR2_PACKAGE_SYSTEMD_LOGIND=y
BR2_PACKAGE_SYSTEMD_MACHINED=y
BR2_PACKAGE_SYSTEMD_POLKIT=y
BR2_PACKAGE_SYSTEMD_QUOTACHECK=y
BR2_PACKAGE_SYSTEMD_RANDOMSEED=y
BR2_PACKAGE_SYSTEMD_RFKILL=y
BR2_PACKAGE_SYSTEMD_SMACK_SUPPORT=y
BR2_PACKAGE_SYSTEMD_SYSUSERS=y
BR2_PACKAGE_SYSTEMD_VCONSOLE=y

[Peter: tweak commit message, use find -type l]
Reported-by: Trent Piepho <tpiepho@impinj.com>
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Trent Piepho <tpiepho@impinj.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agolibvorbis: security bump to version 1.3.6
Peter Korsgaard [Fri, 16 Mar 2018 21:35:29 +0000 (22:35 +0100)]
libvorbis: security bump to version 1.3.6

Fixes CVE-2018-5146: Prevent out-of-bounds write in codebook decoding.

Drop 0001-CVE-2017-14633-Don-t-allow-for-more-than-256-channel.patch and
0002-CVE-2017-14632-vorbis_analysis_header_out-Don-t-clea.patch as they are
now upstream, and add a hash for the license file while we're at it.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agopackage/enlightenment: install to staging
Romain Naour [Thu, 15 Mar 2018 22:50:12 +0000 (23:50 +0100)]
package/enlightenment: install to staging

enlightenment provide enlightenment.pc and some shared libraries.

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agopackage/enlightenment: add xkeyboard-config optional dependency
Romain Naour [Thu, 15 Mar 2018 22:50:11 +0000 (23:50 +0100)]
package/enlightenment: add xkeyboard-config optional dependency

The meson build systemd is checking for xkeyboard-config optional
dependency but there is no option to handle it.

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agopackage/x11r7/xkeyboard-config: install to staging
Romain Naour [Thu, 15 Mar 2018 22:50:10 +0000 (23:50 +0100)]
package/x11r7/xkeyboard-config: install to staging

enlightenment doesn't detect xkeyboard-config since it's missing
from staging.

Fixes:
Dependency xkeyboard-config found: NO

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agopackage/enlightenment: bump to 0.22.2
Romain Naour [Thu, 15 Mar 2018 22:50:09 +0000 (23:50 +0100)]
package/enlightenment: bump to 0.22.2

See https://www.enlightenment.org/news/e0.22.2_release

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agopackage/enlightenment: fix meson warning
Romain Naour [Thu, 15 Mar 2018 22:50:08 +0000 (23:50 +0100)]
package/enlightenment: fix meson warning

--disable-rpath was added by m4/lib-link.m4 with autotools based
buildsystem. Now we use meson, we don't have such option anymore.

The autotools eet-eet and eldbus_codegen options are named respectively
eet and eldbus-codegen with meson.

Fixes:
WARNING: Unknown command line options: "eet-eet, eldbus_codegen, rpath"

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agopackage/efl: bump to 1.20.7
Romain Naour [Thu, 15 Mar 2018 22:50:07 +0000 (23:50 +0100)]
package/efl: bump to 1.20.7

See https://www.enlightenment.org/news/efl-1.20.7

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agoconfigs/olimex_a20_olinuxino_lime*: bump Linux and U-Boot versions
Francois Perrad [Sat, 17 Mar 2018 07:06:29 +0000 (08:06 +0100)]
configs/olimex_a20_olinuxino_lime*: bump Linux and U-Boot versions

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agoxfsprogs: fix build with musl
Baruch Siach [Fri, 16 Mar 2018 06:31:20 +0000 (08:31 +0200)]
xfsprogs: fix build with musl

Add two patches to fix missing header files that trigger build failure
with musl libc.

Fixes:
http://autobuild.buildroot.net/results/a39/a3989394aba0bd3a52146e2a5e6b87b586efb6c6/
http://autobuild.buildroot.net/results/b3b/b3b3c06ea565125bf9f9ad2ebc16bb21f6c7228f/
http://autobuild.buildroot.net/results/223/2238475d2c21c65960a56f86a08fe35d1021080f/

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agolinux-headers: bump 4.{14, 15}.x series
Fabio Estevam [Fri, 16 Mar 2018 14:57:06 +0000 (11:57 -0300)]
linux-headers: bump 4.{14, 15}.x series

Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agolinux: bump default to version 4.15.10
Fabio Estevam [Fri, 16 Mar 2018 14:57:05 +0000 (11:57 -0300)]
linux: bump default to version 4.15.10

Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agolibwebsockets: bump to v2.4.2
Adam Duskett [Thu, 15 Mar 2018 12:55:35 +0000 (08:55 -0400)]
libwebsockets: bump to v2.4.2

Also add hash for license.

Signed-off-by: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agobluez5_utils: bump to version 5.49
Jörg Krause [Wed, 14 Mar 2018 21:58:28 +0000 (22:58 +0100)]
bluez5_utils: bump to version 5.49

Drop musl patch, which is not necessary anymore as netinet vs linux
header clash is fixed.

Also add hash for the license files.

musl build successfully tested with:
 * armv7-eabihf--musl--stable-2017.05-toolchains-1-1
   (GCC 5.4.0, Linux headers 3.10.105, musl 1.1.16)
 * armv7-eabihf--musl--bleeding-edge-2018.02-1
   (GCC 7.3.0, Linux headers 4.9.80, musl 1.1.18)

Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agointel-microcode: bump to version 20180312
Peter Korsgaard [Wed, 14 Mar 2018 22:03:47 +0000 (23:03 +0100)]
intel-microcode: bump to version 20180312

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agolibcurl: security bump to version 7.59.0
Baruch Siach [Thu, 15 Mar 2018 18:06:19 +0000 (20:06 +0200)]
libcurl: security bump to version 7.59.0

CVE-2018-1000120: curl could be fooled into writing a zero byte out of
bounds when curl is told to work on an FTP URL with the setting to only
issue a single CWD command, if the directory part of the URL contains a
"%00" sequence.

https://curl.haxx.se/docs/adv_2018-9cd6.html

CVE-2018-1000121: curl might dereference a near-NULL address when
getting an LDAP URL.

https://curl.haxx.se/docs/adv_2018-97a2.html

CVE-2018-1000122: When asked to transfer an RTSP URL, curl could
calculate a wrong data length to copy from the read buffer.

https://curl.haxx.se/docs/adv_2018-b047.html

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agopackage/busybox: Unbreak the `tar` implementation
Jan Kundrát [Wed, 14 Mar 2018 16:58:40 +0000 (17:58 +0100)]
package/busybox: Unbreak the `tar` implementation

The `tar` implementation in Busybox 1.28.0 and 1.28.1 won't extract a
rootfs with some symlinks that appear to look "dangerous". This
completely (and silently!) breaks on-target updates via RAUC for me, for
example.

In the meanwhile, upstream already reverted the commit in question
(in their commit a84db18fc71d09e801df0ebca048d82e90b32c6a), so this
patch simply applies that revert in Buildroot. The fix has not made it
to a release, yet.

Signed-off-by: Jan Kundrát <jan.kundrat@cesnet.cz>
Bug: https://bugs.busybox.net/show_bug.cgi?id=8411
Bug: https://github.com/rauc/rauc/issues/249
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agopkg-virtual.mk: explicitly set <pkg>_VERSION / _SOURCE for robustness
Peter Korsgaard [Mon, 12 Mar 2018 22:36:03 +0000 (23:36 +0100)]
pkg-virtual.mk: explicitly set <pkg>_VERSION / _SOURCE for robustness

Recently a build failure was reported which was traced back to to the fact
that the user had a TOOLCHAIN_VERSION environment variable set which leads
to a strange looking error message:

toolchain/toolchain/toolchain.mk:40: *** TOOLCHAIN_SITE cannot be empty when
TOOLCHAIN_SOURCE is not.  Stop.

Environment variables automatically gets converted to make variables by GNU
make - E.G. from the manual
(https://www.gnu.org/software/make/manual/html_node/Environment.html):

Variables in make can come from the environment in which make is run.  Every
environment variable that make sees when it starts up is transformed into a
make variable with the same name and value

So we end up in make with TOOLCHAIN_VERSION set to the value of the
environment variable.  As virtual packages do not have a version, there is
no explicit TOOLCHAIN_VERSION = ..  line in toolchain.mk overriding this
value, and the logic in package/pkg-generic.mk sets a default value for
TOOLCHAIN_SOURCE when TOOLCHAIN_VERSION is set, and finally errors out as
TOOLCHAIN_SITE isn't set.

As a workaround, explicitly set <pkg>_VERSION and <pkg>_SOURCE to the empty
string in the virtual package infrastructure.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agolibpjsip: security bump to 2.7.2
Adam Duskett [Mon, 12 Mar 2018 08:44:44 +0000 (04:44 -0400)]
libpjsip: security bump to 2.7.2

Fixes the following vulnerabilities:

- CVE-2018-1000098: Crash when parsing SDP with an invalid media format
  description

- CVE-2018-1000099: Crash when receiving SDP with invalid fmtp attribute

[Peter: add CVE info]
Signed-off-by: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years ago.flake8: ignore utils/diffconfig
Ricardo Martincoski [Tue, 13 Mar 2018 03:09:45 +0000 (00:09 -0300)]
.flake8: ignore utils/diffconfig

This script comes from the kernel source, so ignore any code style
warnings for it in order to keep it as close as possible to the original
one, making synchronization between repos easier.

The option --exclude for flake8/pycodestyle is an absolute list and has
a default, so ideally the default values should be added too.
But the use cases for flake8 in the tree are:
 - when developing a new script or changing an existing one, the
   developer calls flake8 only on that script;
 - in the GitLab job, a list of all Python files to be tested is created
   and then passed to flake8.
None of these involve calling 'flake8' without parameters, so don't care
about adding the default value.

Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Cc: Marcus Folkesson <marcus.folkesson@gmail.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agosupport/dockerfile: install flake8
Ricardo Martincoski [Tue, 13 Mar 2018 03:09:43 +0000 (00:09 -0300)]
support/dockerfile: install flake8

Use the latest version of the tool because it is actively maintained.
But use a fixed version of the tool and its dependencies to get stable
results. It can be manually bumped from time to time.

Before installing any Python packages, ensure pip, setuptools, and wheel
are up to date as recommended in the docs [1].

[1] https://packaging.python.org/tutorials/installing-packages/

Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Cc: Peter Korsgaard <peter@korsgaard.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Yann E. MORIN <yann.morin.1998@free.fr>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agoscanpypi: fix code style
Ricardo Martincoski [Tue, 13 Mar 2018 03:09:42 +0000 (00:09 -0300)]
scanpypi: fix code style

Fix these warnings:
E401 multiple imports on one line

Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Cc: Yegor Yefremov <yegorslists@googlemail.com>
Reviewed-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agotest_python_cryptography: fix code style
Ricardo Martincoski [Tue, 13 Mar 2018 03:09:41 +0000 (00:09 -0300)]
test_python_cryptography: fix code style

Fix these warnings:
E122 continuation line missing indentation or outdented
E301 expected 1 blank line, found 0
E302 expected 2 blank lines, found 1
F401 'os' imported but unused

Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Cc: Yegor Yefremov <yegorslists@googlemail.com>
Reviewed-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agosize-stats-compare: fix code style
Ricardo Martincoski [Tue, 13 Mar 2018 03:09:40 +0000 (00:09 -0300)]
size-stats-compare: fix code style

Fix these warnings:
E129 visually indented line with same indent as next logical line
E302 expected 2 blank lines, found 1

Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Cc: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Yann E. MORIN <yann.morin.1998@free.fr>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agogenrandconfig: fix code style
Ricardo Martincoski [Tue, 13 Mar 2018 03:09:39 +0000 (00:09 -0300)]
genrandconfig: fix code style

Fix these warnings:
E201 whitespace after '['
E202 whitespace before ']'
E501 line too long (138 > 132 characters)
 -> isolate the common part of the external toolchain url in a variable
 to make the long lines shorter and more readable.

Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agosamba4: security bump to version 4.7.6
Baruch Siach [Tue, 13 Mar 2018 17:30:59 +0000 (19:30 +0200)]
samba4: security bump to version 4.7.6

CVE-2018-1050: Vulnerability to a denial of service attack when the RPC
spoolss service is configured to be run as an external daemon.

https://www.samba.org/samba/security/CVE-2018-1050.html

CVE-2018-1057: Authenticated users might change any other users'
passwords, including administrative users and privileged service
accounts (eg Domain Controllers).

https://www.samba.org/samba/security/CVE-2018-1057.html

Add clnt_create() test result to cache to fix cross configure breakage.

Cc: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agoluarocks: bump to version 2.4.4
Francois Perrad [Tue, 13 Mar 2018 17:29:35 +0000 (18:29 +0100)]
luarocks: bump to version 2.4.4

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agosunxi-mali-mainline-driver: bump version
Giulio Benetti [Tue, 13 Mar 2018 16:08:08 +0000 (17:08 +0100)]
sunxi-mali-mainline-driver: bump version

For stop using cma.

git shortlog --invert-grep --grep travis --no-merges 94ccbc8924c12a818d61d36a4b389b74a89fde3c..
Maxime Ripard (1):
      mali: Stop using the reserved-memory region to setup the fb area

Signed-off-by: Giulio Benetti <giulio.benetti@micronovasrl.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agodocker-compose: bump version to 1.20-rc2
Peter Korsgaard [Tue, 13 Mar 2018 13:49:41 +0000 (14:49 +0100)]
docker-compose: bump version to 1.20-rc2

Fixes a race condition in ParallelStreamWriter.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agouclibc-ng-test: fix build with musl and older kernel headers
Baruch Siach [Tue, 13 Mar 2018 12:54:01 +0000 (14:54 +0200)]
uclibc-ng-test: fix build with musl and older kernel headers

musl libc provides its own system call macros, including
preadv2/pwritev2. Having these macros defined is not enough to determine
availability of other related macros in kernel headers.

Add a patch to check these macros directly.

Fixes:
http://autobuild.buildroot.net/results/7e9/7e9945f46ef9e0f6de7e1c85b0ca1104df6c86f5/
http://autobuild.buildroot.net/results/782/782652193bb6770ae68d509b3a7087667622d627/
http://autobuild.buildroot.net/results/582/5827a724c7f24218010f4cdd24924dca457b0361/

Cc: Waldemar Brodkorb <wbx@openadk.org>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agoflashrom: bump to version 1.0
Baruch Siach [Tue, 13 Mar 2018 12:45:58 +0000 (14:45 +0200)]
flashrom: bump to version 1.0

Add license file hash.

Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agocryptsetup: bump to version 2.0.2
Baruch Siach [Tue, 13 Mar 2018 12:12:36 +0000 (14:12 +0200)]
cryptsetup: bump to version 2.0.2

Cc: Martin Hicks <mort@bork.org>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Acked-by: Martin Hicks <mort@bork.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agowireguard: bump version to 0.0.20180304
Peter Korsgaard [Tue, 13 Mar 2018 06:21:45 +0000 (07:21 +0100)]
wireguard: bump version to 0.0.20180304

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agocmake: Fix RPATH for host libraries built by CMake
Jan Kundrát [Mon, 12 Mar 2018 18:41:00 +0000 (19:41 +0100)]
cmake: Fix RPATH for host libraries built by CMake

The host shared libraries produced by CMake were missing a proper
DT_RPATH. That became a problem because the DT_RPATH handling is not
transitive by design.

Consider the following scenario:

- pkg-a provides a library (`liba`) which links to `libpcre`
- pkg-b provides a binary (`foo`) and a shared library (`libb`) which is
needed by that binary
- `libb` links to `liba`
- pkg-a and pkg-b are both built by CMake

In this scenario, `foo` is correctly marked with DT_RPATH pointing to
host/lib/, but that path is not used when (recursively) resolving PCRE's
symbols in `liba`. When attempting to run the `foo` binary, the linker
correctly finds both `liba` and `libb`, but it cannot find the
libpcre.so as built by Buildroot for host.

Signed-off-by: Jan Kundrát <jan.kundrat@cesnet.cz>
Reviewed-by: Samuel Martin <s.martin49@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agoxfsprogs: bump to version 4.15.1
Baruch Siach [Tue, 13 Mar 2018 08:04:34 +0000 (10:04 +0200)]
xfsprogs: bump to version 4.15.1

Fixes compatibility with glibc 2.27.

Fixes:
http://autobuild.buildroot.net/results/bd7/bd7e1af33e6e937c75b44c7c9ab991d2b10f2931/
http://autobuild.buildroot.net/results/58b/58b59b74f6a138b51206f24481f7268104f0a052/

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agotrinity: fix build with glibc 2.27
Baruch Siach [Tue, 13 Mar 2018 07:19:39 +0000 (09:19 +0200)]
trinity: fix build with glibc 2.27

glibc 2.27 added a system call wrapper for memfd_create() which collides
with the local definition of the same symbol in trinity. Add a patch to
detect the presence of memfd_create(), and avoid collision.

Fixes:
http://autobuild.buildroot.net/results/fda/fda07327395921fdc79cbb4f24b662209fee1be1/
http://autobuild.buildroot.net/results/f98/f98f43657cbf519a626257af5a21c8c228423856/
http://autobuild.buildroot.net/results/575/57558c418ea5c5011ac22e5236beff4d823c825b/

Cc: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agouboot: fix build for older uboot source trees
Stefan Becker [Mon, 12 Mar 2018 12:34:09 +0000 (14:34 +0200)]
uboot: fix build for older uboot source trees

The change in commit bf733342324b414a1142b57781504111f81c97ea only works
for newer uboot source trees. Add a check that scripts/dtc/libfdt
directory exists before making this change.

[Peter: add comment explaining why]
Signed-off-by: Stefan Becker <chemobejk@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agolinux-headers: bump 4.{4, 9, 14, 15}.x series
Fabio Estevam [Mon, 12 Mar 2018 02:30:27 +0000 (23:30 -0300)]
linux-headers: bump 4.{4, 9, 14, 15}.x series

Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agolinux: bump default to version 4.15.9
Fabio Estevam [Mon, 12 Mar 2018 02:30:26 +0000 (23:30 -0300)]
linux: bump default to version 4.15.9

Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agodocker-engine: add dependency on docker-proxy
Christian Stewart [Sun, 4 Mar 2018 00:43:43 +0000 (19:43 -0500)]
docker-engine: add dependency on docker-proxy

docker-proxy is needed by docker-engine at runtime, and was
previously not included. This leads to the following error
when attempting to port-map ports to a container:

  $ docker run -p 8080:8080 nginx
  docker: Error response from daemon: driver failed programming external
  connectivity on endpoint:
  exec: "docker-proxy": executable file not found in $PATH.

Docker expects the docker-proxy binary to exist in the PATH.

Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7 years agodocker-proxy: new package
Christian Stewart [Sun, 4 Mar 2018 00:43:42 +0000 (19:43 -0500)]
docker-proxy: new package

Add docker-proxy package to Buildroot. Needed by docker-engine at
runtime, and previously not included. This leads to the following error
when attempting to port-map ports to a container:

  $ docker run -p 8080:8080 nginx
  docker: Error response from daemon: driver failed programming external
  connectivity on endpoint:
  exec: "docker-proxy": executable file not found in $PATH.

Docker expects the docker-proxy binary to exist in the PATH.

Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>