buildroot.git
4 years agopackage/mkpaswd: define extract step to allow patching
Peter Korsgaard [Mon, 26 Apr 2021 21:46:27 +0000 (23:46 +0200)]
package/mkpaswd: define extract step to allow patching

As recently discussed on the list:
http://lists.busybox.net/pipermail/buildroot/2021-April/308373.html

Packages like mkpasswd where the source code is included in the Buildroot
tree, currently doesn't use an extract step (which also skips the patch
step), so they cannot be patched by a patch in BR2_GLOBAL_PATCH_DIR (or the
pkgdir), which is a bit confusing.

As a fix, add a simple extract step that copies the source files to the
build directory, so the patch step gets run as well.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
4 years agopackage/makedevs: define extract step to allow patching
Peter Korsgaard [Mon, 26 Apr 2021 21:46:26 +0000 (23:46 +0200)]
package/makedevs: define extract step to allow patching

As recently discussed on the list:
http://lists.busybox.net/pipermail/buildroot/2021-April/308373.html

Packages like makedevs where the source code is included in the Buildroot
tree, currently doesn't use an extract step (which also skips the patch
step), so they cannot be patched by a patch in BR2_GLOBAL_PATCH_DIR (or the
pkgdir), which is a bit confusing.

As a fix, add a simple extract step that copies the source file to the build
directory, so the patch step gets run as well.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
4 years agopackage/fmt: get rid of extra space
Bartosz Bilas [Tue, 27 Apr 2021 18:19:32 +0000 (20:19 +0200)]
package/fmt: get rid of extra space

Commit 32c10f256bbc3dd09a72d45107682afb4448f07b
introduced extra space so let's remove that in
order to be consistent with other variables.

Signed-off-by: Bartosz Bilas <b.bilas@grinn-global.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
4 years agopackage/moarvm: bump to version 2021.04
Francois Perrad [Tue, 27 Apr 2021 16:54:40 +0000 (18:54 +0200)]
package/moarvm: bump to version 2021.04

zstd is a new dependency (since 2021.03)

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
4 years agopackage/python-typepy: bump to version 1.1.5
Fabrice Fontaine [Sun, 25 Apr 2021 08:49:13 +0000 (10:49 +0200)]
package/python-typepy: bump to version 1.1.5

- python-dateutil and python-pytz are optional since version 0.0.20 and
  https://github.com/thombashi/typepy/commit/a54dc97598d9d69e5f6092cf918d7889b9a31f61
- python 2 and python-six dependency have been dropped in version 1.0.0 and
  https://github.com/thombashi/typepy/commit/764812d01d831d149b19a871a695ae3a9e39485b
- Update indentation in hash file (two spaces)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
4 years agoboard/boundarydevices: update readme.txt for nitrogen8mp
Gary Bisson [Tue, 27 Apr 2021 09:49:20 +0000 (11:49 +0200)]
board/boundarydevices: update readme.txt for nitrogen8mp

Add mention about nitrogen8mp_defconfig which is meant for our
Nitrogen8MPlus SOM device.

Signed-off-by: Gary Bisson <gary.bisson@boundarydevices.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
4 years agopackage/openjdk{, -bin}: security bump to version 11.0.11_9
Peter Korsgaard [Tue, 27 Apr 2021 12:59:02 +0000 (14:59 +0200)]
package/openjdk{, -bin}: security bump to version 11.0.11_9

Fixes the following security issues:

CVE-2020-14779, CVE-2020-14781, CVE-2020-14782, CVE-2020-14792,
CVE-2020-14796, CVE-2020-14797, CVE-2020-14798, CVE-2020-14803,
CVE-2021-2161, CVE-2021-2163

For details. see the advisories:
https://openjdk.java.net/groups/vulnerability/advisories/2020-10-20
https://openjdk.java.net/groups/vulnerability/advisories/2021-01-19
https://openjdk.java.net/groups/vulnerability/advisories/2021-04-20

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
4 years agosupport/download/hg: fix broken method
Thomas De Schampheleire [Tue, 27 Apr 2021 19:45:44 +0000 (21:45 +0200)]
support/download/hg: fix broken method

Commit 54d3d94b6e3846447b5796ef8587b08b537cd348 broke the 'hg' download
method, in a similar way as it broke the 'git' download method (later fixed
with commit b70ce5665126246bd6b6bf804c6d9eea1fc599cf), by introducing extra
output on stdout in a case where the output is redirected.

In the case of 'hg', the 'hg archive' step uses shell redirection rather
than directly letting hg write the output file, since commit
76b51f90c0e393349dd0c71d7e6cf82fbc094282.

As a result, the extra print added by the _hg function is prepended to the
actual archive, causing an invalid archive.

Fix by using the _plain_hg function instead. The disadvantage is that the
command for 'hg archive' is no longer printed.

Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
4 years agopackage/lxc: bump to version 4.0.6
Fabrice Fontaine [Tue, 27 Apr 2021 05:54:02 +0000 (07:54 +0200)]
package/lxc: bump to version 4.0.6

"The LXC 4.0 branch is supported until June 2025. Only bugfixes and
securitiy issues get included into the stable bugfix releases, so it's
always safe and recommended to keep up and run the latest bugfix
release."

https://discuss.linuxcontainers.org/t/lxc-4-0-6-lts-has-been-released/9926

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
4 years agopackage/uftrace: add missing dependency to comment
Fabrice Fontaine [Mon, 26 Apr 2021 22:08:15 +0000 (00:08 +0200)]
package/uftrace: add missing dependency to comment

Commit f06d79255fbf0607200f1cc50a5dd87839295be3 forgot to add
BR2_PACKAGE_UFTRACE_ARCH_SUPPORTS dependency to threads comment

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
4 years agopackage/wpa_supplicant: add upstream patch to fix CVE-2021-30004
Peter Korsgaard [Mon, 26 Apr 2021 21:55:53 +0000 (23:55 +0200)]
package/wpa_supplicant: add upstream patch to fix CVE-2021-30004

Fixes the following security issue for the internal TLS backend:

- CVE-2021-30004: In wpa_supplicant and hostapd 2.9, forging attacks may
  occur because AlgorithmIdentifier parameters are mishandled in tls/pkcs1.c
  and tls/x509v3.c.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
4 years agopackage/hostapd: add upstream patch to fix CVE-2021-30004
Peter Korsgaard [Mon, 26 Apr 2021 21:55:52 +0000 (23:55 +0200)]
package/hostapd: add upstream patch to fix CVE-2021-30004

Fixes the following security issue for the internal TLS backend:

- CVE-2021-30004: In wpa_supplicant and hostapd 2.9, forging attacks may
  occur because AlgorithmIdentifier parameters are mishandled in tls/pkcs1.c
  and tls/x509v3.c.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
4 years ago{linux, linux-headers}: bump 4.{4, 9, 14, 19}.x / 5.{4, 10, 11}.x series
Peter Korsgaard [Mon, 26 Apr 2021 21:25:45 +0000 (23:25 +0200)]
{linux, linux-headers}: bump 4.{4, 9, 14, 19}.x / 5.{4, 10, 11}.x series

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
4 years agopackage/postgis: add missing || in Config.in
Thomas Petazzoni [Mon, 26 Apr 2021 20:15:19 +0000 (22:15 +0200)]
package/postgis: add missing || in Config.in

This was forgotten in commit 72eba37e520ede9277a7a84cde82be992eb5639d.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
4 years agopackage/sconeserver: disable image
Fabrice Fontaine [Sun, 21 Mar 2021 11:47:12 +0000 (12:47 +0100)]
package/sconeserver: disable image

Build of http::sconesite::image module was silently broken until commit
d3b818c3cf0990117a8b59fcfc6c212f310ae6ec

However, sconeserver fails to build with ImageMagick because:
- it checks for ImageMagick++.pc instead of ImageMagick.pc
- it uses the transform function which has been removed from the public
  API since version 7.0.1-0 and
  https://github.com/ImageMagick/ImageMagick/commit/06f590165f0505d42005264893fe14a9e8a79986

As sconeserver does not seem to be maintained anymore, drop
BR2_PACKAGE_SCONESERVER_HTTP_SCONESITE_IMAGE.

Fixes:
 - http://autobuild.buildroot.org/results/895ab582d1140f7677fc1c6934fa2e0c47c49f20

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
[Arnout: add legacy symbol. It costs us exactly nothing, and if someone
actually had that selected, they know what's going on.]

4 years agopackage/libcamera: disable package affected by binutils bug 27597
Giulio Benetti [Wed, 17 Mar 2021 17:00:32 +0000 (18:00 +0100)]
package/libcamera: disable package affected by binutils bug 27597

This package is affected by binutils bug 27597 and no work around has
been found, so let's disable it if
BR2_TOOLCHAIN_HAS_BINUTILS_BUG_27597=y.

Fixes:
http://autobuild.buildroot.net/results/8ac/8ac599392f773eecff4773393ef0d0232a22f372/

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
4 years agopackage/kf5-kcoreaddons: disable package affected by binutils bug 27597
Giulio Benetti [Wed, 17 Mar 2021 16:43:46 +0000 (17:43 +0100)]
package/kf5-kcoreaddons: disable package affected by binutils bug 27597

This package is affected by binutils bug 27597 and no work around has
been found, so let's disable it if
BR2_TOOLCHAIN_HAS_BINUTILS_BUG_27597=y.

Fixes:
http://autobuild.buildroot.net/results/0c1/0c1e7e094b0990970f28cda2be0e3fe7d82ce6a2/

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
4 years agopackage/libgeos: use specific bug instead of BR2_nios2 to disable package
Giulio Benetti [Wed, 17 Mar 2021 16:34:59 +0000 (17:34 +0100)]
package/libgeos: use specific bug instead of BR2_nios2 to disable package

Let's use the _BUG_ form for disabling this package instead of BR2_nios2
architecture as we already use it for other packages.

Propagate this dependency to postgis. Also add the missing dependency on
bug 21464 to postgis.

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
[Arnout:
 - put 27597 after 21464 instead of before it;
 - propagate dependency to postgis;
 - mention the bugs in the comments.
]

4 years agotoolchain: introduce BR2_TOOLCHAIN_HAS_BINUTILS_BUG_27597
Giulio Benetti [Wed, 17 Mar 2021 16:34:58 +0000 (17:34 +0100)]
toolchain: introduce BR2_TOOLCHAIN_HAS_BINUTILS_BUG_27597

On Nios II binutils it still present ld bug 27597 leading to a package
libgeos to fail building:
http://autobuild.buildroot.net/results/a05fdf1958f93a206c5c66c7f636b6650683626d/http://autobuild.buildroot.net/results/c05/c053b9e191b31f0b1f8f8c902b602e187f714dc0/

The bug was already reported and it's been updated:
https://sourceware.org/bugzilla/show_bug.cgi?id=27597

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
4 years agopackage/freescale-imx/kernel-module-imx-gpu-viv: bump to version 6.4.3.p1.2
Gary Bisson [Mon, 26 Apr 2021 14:48:24 +0000 (16:48 +0200)]
package/freescale-imx/kernel-module-imx-gpu-viv: bump to version 6.4.3.p1.2

- Same version as NXP release 5.10.9-1.0.0
- No changelog provided by NXP
- Tested on Nitrogen8M device with Weston (DRM backend) as follows:
 # cd /usr/share/examples/viv_samples/vdk/
 # ./tutorial7

Signed-off-by: Gary Bisson <gary.bisson@boundarydevices.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
4 years agopackage/uftrace: needs threads
Fabrice Fontaine [Mon, 26 Apr 2021 18:42:55 +0000 (20:42 +0200)]
package/uftrace: needs threads

uftrace needs threads since its addition to buildroot in commit
09c97972d9f90b69cfc36f9ffe9e22c13daf9307

Fixes:
 - http://autobuild.buildroot.org/results/d27c34a2f773aeb3c806d56dd2468d17caf2fbc6

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
4 years agoconfigs/nitrogen8mp: new defconfig
Gary Bisson [Mon, 26 Apr 2021 15:30:19 +0000 (17:30 +0200)]
configs/nitrogen8mp: new defconfig

NXP i.MX 8M Plus based SOM with 2GB of LPDDR4 and 16GB eMMC.

More details on the platform here:
https://boundarydevices.com/product/nitrogen8m-plus-som/

Signed-off-by: Gary Bisson <gary.bisson@boundarydevices.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
4 years agoconfigs/nitrogen*: bump u-boot revision
Gary Bisson [Mon, 26 Apr 2021 15:30:18 +0000 (17:30 +0200)]
configs/nitrogen*: bump u-boot revision

- To latest v2020.10 rev (e05b6d68)
  -> added 8MP A1 silicon support
  -> fixed 8MP HAB support
  -> added display support for all 8M platforms
- Bump ATF to boundary-imx_5.4.70_2.3.0

Signed-off-by: Gary Bisson <gary.bisson@boundarydevices.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
4 years agoconfigs/nitrogen*: update kernel to 5.4.x_2.3.0
Gary Bisson [Mon, 26 Apr 2021 15:30:17 +0000 (17:30 +0200)]
configs/nitrogen*: update kernel to 5.4.x_2.3.0

- based upon NXP 5.4.70_2.3.0 release
- include stable until 5.4.110
- 8MP GA support

Signed-off-by: Gary Bisson <gary.bisson@boundarydevices.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
4 years agoboard/boundarydevices: update boot scripts
Gary Bisson [Mon, 26 Apr 2021 15:30:16 +0000 (17:30 +0200)]
board/boundarydevices: update boot scripts

- Add support for 8M Plus CPU (A1 and A0 silicon)
- Simplify cpu type parsing
- Update to be closer to Yocto counterpart

Signed-off-by: Gary Bisson <gary.bisson@boundarydevices.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
4 years agopackage/domoticz: select boost atomic
Fabrice Fontaine [Mon, 26 Apr 2021 19:11:13 +0000 (21:11 +0200)]
package/domoticz: select boost atomic

domoticz does not use Boost::atomic but cmake is so "smart" that it
(wrongly) assumes that Boost::thread depends on Boost:date_time and
Boost::atomic since boost version 1.54:

set(_Boost_THREAD_DEPENDENCIES chrono date_time atomic)

Extracted from:
 - https://gitlab.kitware.com/cmake/cmake/-/blob/master/Modules/FindBoost.cmake#L1113

As we can't patch every cmake on the field, just select boost atomic

It should be noted that build failures are only raised since commit
8a46b41b4a5d1c2f5ebefd7fc23fec7e8ba0598c as this commit drop the patch
that was decreasing cmake version but also removing:

target_link_libraries(domoticz Boost::thread Boost::system)

Fixes:
 - http://autobuild.buildroot.org/results/4306c0a725ed9a34bd55550df428866db6e4f052
 - http://autobuild.buildroot.org/results/2478e7a2ec1c63dcc2b36d29a39004468b230211

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
4 years agoRevert "package/domoticz: drop boost date-time dependency"
Fabrice Fontaine [Mon, 26 Apr 2021 19:11:12 +0000 (21:11 +0200)]
Revert "package/domoticz: drop boost date-time dependency"

This reverts commit 4b4d98e2c5165c3121e670192970fc909cae6d8a as
Boost::date_time is still used by domoticz (in pmain/Scheduler.cpp and
push/BasePush.cpp)

Fixes:
 - http://autobuild.buildroot.org/results/493a2e93fe6121f118293a268f986ee51009b7e8

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
4 years agopackage/localedef: bump to version 2.32-23
Romain Naour [Mon, 26 Apr 2021 10:10:20 +0000 (12:10 +0200)]
package/localedef: bump to version 2.32-23

resync the version with glibc package.

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
4 years agoconfigs/kontron_smarc_sal28: use kernel 5.12
Michael Walle [Mon, 26 Apr 2021 11:45:18 +0000 (13:45 +0200)]
configs/kontron_smarc_sal28: use kernel 5.12

Signed-off-by: Michael Walle <michael@walle.cc>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
4 years ago{linux, linux-headers}: add version 5.12
Michael Walle [Mon, 26 Apr 2021 11:45:17 +0000 (13:45 +0200)]
{linux, linux-headers}: add version 5.12

Signed-off-by: Michael Walle <michael@walle.cc>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
4 years agopackage/pipewire: bump to version 0.3.26
James Hilliard [Sun, 25 Apr 2021 21:25:00 +0000 (23:25 +0200)]
package/pipewire: bump to version 0.3.26

Add pipewire optional dependencies/configurations.

This bump will fix a build failure with bluez plugin and gcc 10

Fixes:
 - http://autobuild.buildroot.org/results/ab2edff9ae6b67d17bee2a11098b046ad754eee1

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
4 years agopackage/weston: add patch to support pipewire 0.3 API
James Hilliard [Sun, 25 Apr 2021 21:24:59 +0000 (23:24 +0200)]
package/weston: add patch to support pipewire 0.3 API

This is required when building weston against the latest pipewire
release.

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
4 years agopackage/python-dnspython: enable host build
Bernd Kuhls [Mon, 26 Apr 2021 16:55:57 +0000 (18:55 +0200)]
package/python-dnspython: enable host build

Needed for Samba 4.14.x:
https://gitlab.com/samba-team/samba/-/commit/2420b7c6d2038aca33759ca3a7d41240c5f19bf7#bc16f0673dfbb473658dfd16961cdbf12f02ea5a_8_15

Fixes:
http://autobuild.buildroot.net/results/7dc/7dc7e304cb4e9afb157326dd5e4ae38711e91cad/

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
4 years agopackage/libqmi: add _CPE_ID_VENDOR
Matt Weber [Wed, 21 Apr 2021 01:20:08 +0000 (20:20 -0500)]
package/libqmi: add _CPE_ID_VENDOR

cpe:2.3:a:libqmi_project:libqmi:* is a valid CPE identifier for this package:

 https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe:2.3:a:libqmi_project:libqmi

Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
4 years agopackage/pipewire: needs headers >= 3.18
Fabrice Fontaine [Sun, 25 Apr 2021 19:37:42 +0000 (21:37 +0200)]
package/pipewire: needs headers >= 3.18

v4l2 plugin needs headers >= 3.18 since
https://gitlab.freedesktop.org/pipewire/pipewire/-/commit/4cb90f3b868e5169cb9bfe2200f3b079d3f0db7b
(so since its addition to buildroot in commit
75c86f90c73c42ee35559610aec28a02190b65b7) because of
V4L2_PIX_FMT_ARGB555X which is only available since
https://github.com/torvalds/linux/commit/fcc0d3db28922f9ba21ea6c7b23ea10ffb5d3521

v4l2 plugin can't be disabled until
https://gitlab.freedesktop.org/pipewire/pipewire/-/commit/8d71d2dab831b77cadb74f2e4630f549acc94ac4

Fixes:
 - http://autobuild.buildroot.org/results/b887b6ccd2c22bb3214c07d1281ad486438fb58e

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
4 years agopackage/libfreefare: drop threads dependency
Fabrice Fontaine [Sun, 25 Apr 2021 13:54:54 +0000 (15:54 +0200)]
package/libfreefare: drop threads dependency

This dependency should have dropped by commit
1a49188a69416542087acd1246b17c0139ff0054 which removed threads
dependency from libnfc

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
4 years agopackage/multipath-tools: fix legal-info
Fabrice Fontaine [Sun, 25 Apr 2021 08:36:10 +0000 (10:36 +0200)]
package/multipath-tools: fix legal-info

Commit 55a7382564e415dfcd29ebcf0b05577a6625d8ba forgot to update hash of
REAMDE.md (changes are not related to license:
https://github.com/opensvc/multipath-tools/commit/021c2df40f367559e5fa1cf3fe3734e4ec5854ae
https://github.com/opensvc/multipath-tools/commit/748d4453734937f372a930cfed3445f9903a9934)

Fixes:
 - http://autobuild.buildroot.org/results/9aa925b1a3fe8f0e38bef742c42304101b89b6b2

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
4 years agopackage/uboot-tools: fix build with FIT
Fabrice Fontaine [Sat, 24 Apr 2021 22:31:10 +0000 (00:31 +0200)]
package/uboot-tools: fix build with FIT

Build with FIT is broken since bump to version 2021.04 in commit
a4c38ae470e6c472f0e0cdfbfb8e2e76f1e8047c

Fake a generated/autoconf.h with just the needed stuff as suggested by
Yann E. Morin in
https://patchwork.ozlabs.org/project/buildroot/patch/20210422210559.707845-1-fontaine.fabrice@gmail.com

It seems that an empty file is enough as make options are still
interpreted

As a side-effect, drop third patch

Fixes:
 - http://autobuild.buildroot.org/results/5771a7413c98ec202c9623672787a1eee74da5e0

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
4 years agosupport/dependencies: set cmake version min to 3.16
Fabrice Fontaine [Sat, 24 Apr 2021 12:19:50 +0000 (14:19 +0200)]
support/dependencies: set cmake version min to 3.16

domoticz requires cmake 3.16 since version 2020.2 and
https://github.com/domoticz/domoticz/commit/275effddf0921698197dbc38bde199c48d4956f9

Fixes:
 - http://autobuild.buildroot.org/results/0caec85c70341036a039dbc337ad99196b6005a9

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
4 years agopackage/cmake: bump to version 3.16.9
Fabrice Fontaine [Sat, 24 Apr 2021 12:19:49 +0000 (14:19 +0200)]
package/cmake: bump to version 3.16.9

Update indentation in hash file (two spaces)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
4 years agopackage/perl-role-tiny: bump to version 2.002004
Francois Perrad [Sat, 24 Apr 2021 19:20:29 +0000 (21:20 +0200)]
package/perl-role-tiny: bump to version 2.002004

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
4 years agopackage/perl-path-tiny: bump to version 0.118
Francois Perrad [Sat, 24 Apr 2021 19:20:28 +0000 (21:20 +0200)]
package/perl-path-tiny: bump to version 0.118

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
4 years agopackage/perl-net-ssh2: bump to version 0.72
Francois Perrad [Sat, 24 Apr 2021 19:20:27 +0000 (21:20 +0200)]
package/perl-net-ssh2: bump to version 0.72

diff README.pod:
-Copyright (C) 2011 - 2019 by Salvador FandiE<ntilde>o (salva@cpan.org).
+Copyright (C) 2011 - 2020 by Salvador FandiE<ntilde>o (salva@cpan.org).

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
4 years agopackage/perl-moo: bump to version 2.005004
Francois Perrad [Sat, 24 Apr 2021 19:20:26 +0000 (21:20 +0200)]
package/perl-moo: bump to version 2.005004

diff LICENSE:
-This software is Copyright (c) 2020 by mst - Matt S. Trout (cpan:MSTROUT) <mst@shadowcat.co.uk>.
+This software is Copyright (c) 2021 by mst - Matt S. Trout (cpan:MSTROUT) <mst@shadowcat.co.uk>.

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
4 years agopackage/perl-mojolicious-plugin-authentication: bump to version 1.36
Francois Perrad [Sat, 24 Apr 2021 19:20:25 +0000 (21:20 +0200)]
package/perl-mojolicious-plugin-authentication: bump to version 1.36

diff LICENSE:
-This software is copyright (c) 2018 by Ben van Staveren.
+This software is copyright (c) 2021 by Ben van Staveren.

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
4 years agopackage/perl-mojolicious: bump to version 9.17
Francois Perrad [Sat, 24 Apr 2021 19:20:24 +0000 (21:20 +0200)]
package/perl-mojolicious: bump to version 9.17

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
4 years agopackage/perl-libwww-perl: bump to version 6.53
Francois Perrad [Sat, 24 Apr 2021 19:20:23 +0000 (21:20 +0200)]
package/perl-libwww-perl: bump to version 6.53

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
4 years agopackage/perl-io-socket-ssl: bump to version 2.070
Francois Perrad [Sat, 24 Apr 2021 19:20:22 +0000 (21:20 +0200)]
package/perl-io-socket-ssl: bump to version 2.070

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
4 years agopackage/perl-date-manip: bump to version 6.85
Francois Perrad [Sat, 24 Apr 2021 19:20:21 +0000 (21:20 +0200)]
package/perl-date-manip: bump to version 6.85

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
4 years agopackage/numactl: make available on all architectures
Thomas Petazzoni [Sun, 18 Apr 2021 16:23:58 +0000 (18:23 +0200)]
package/numactl: make available on all architectures

Since its introduction in commit
b05e74ff92b6728369e1540fc0a2bd60025f2146 in 2013, numactl has had an
explicit list of architectures that it supports. Interestingly, this
list does not include ARM, and now that rt-tests unconditionally needs
numactl, it meant the rt-tests package was no longer available on ARM.

Further investigation revealed that there is nothing in recent
versions of numactl that appears to be architecture-specific. It does
build with all of Buildroot toolchains currently used in the
autobuilders.

The only necessary changes are:

 * Exclude no-MMU architectures, as madvise() is used in the code
   base, and this is not available on no-MMU architectures.

 * Make sure to use -latomic when needed, as some atomic operations
   are used.

 * Backport a patch that fixes the .symver usage, which only affects
   really old gcc versions: only the old ARM Sourcery toolchain was
   affected by this. Newer gcc versions support the gcc "symver"
   attribute, so that the code that directly emits the assembly
   .symver directive is not invoked.

With these changes, numactl builds successfully on all our supported
toolchains.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
4 years agopackage/libp11: bump to version 0.4.11
Fabrice Fontaine [Sun, 18 Apr 2021 20:50:42 +0000 (22:50 +0200)]
package/libp11: bump to version 0.4.11

Update indentation in hash file (two spaces)

https://github.com/OpenSC/libp11/releases/tag/libp11-0.4.11

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
4 years agopackage/python-pytrie: bump to version 0.4.0
Fabrice Fontaine [Sun, 18 Apr 2021 20:38:58 +0000 (22:38 +0200)]
package/python-pytrie: bump to version 0.4.0

- python 2 support has been dropped since
  https://github.com/gsakkis/pytrie/commit/a60a601d85a660976f4aaab4cb0efcb15b91263b
- Use LICENSE instead of PKG-INFO which is available in the official
  tarball since
  https://github.com/gsakkis/pytrie/commit/1ba5d547dfbf0d384dd16cf78a2cce91ef69fce8
- Update indentation in hash file (two spaces)

https://github.com/gsakkis/pytrie/blob/0.4.0/README.md

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
4 years agopackage/python-sortedcontainers: bump to version 2.3.0
Fabrice Fontaine [Sun, 18 Apr 2021 20:26:37 +0000 (22:26 +0200)]
package/python-sortedcontainers: bump to version 2.3.0

- Update indentation in hash file (two spaces)
- Update hash of LICENSE file (update in year:
  https://github.com/grantjenks/python-sortedcontainers/commit/d127cdde5f77804fe51f355fdad469a0ac7caede)

https://github.com/grantjenks/python-sortedcontainers/blob/v2.3.0/HISTORY.rst

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
4 years agopackage/usb_modeswitch: bump to version 2.6.1
Fabrice Fontaine [Sun, 18 Apr 2021 20:18:48 +0000 (22:18 +0200)]
package/usb_modeswitch: bump to version 2.6.1

Update indentation in hash file (two spaces)

https://www.draisberghof.de/usb_modeswitch/ChangeLog

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
4 years agopackage/mender-artifact: bump version to 3.5.1
Adam Duskett [Mon, 19 Apr 2021 23:58:28 +0000 (16:58 -0700)]
package/mender-artifact: bump version to 3.5.1

Also update various license hashes

Signed-off-by: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
4 years agopackage/mender: bump version to 2.6.0
Adam Duskett [Mon, 19 Apr 2021 23:58:27 +0000 (16:58 -0700)]
package/mender: bump version to 2.6.0

Also update the progressbarlicense hash due to a year bump

Signed-off-by: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
4 years agoconfigs/freescale_imx8*: bump BSP components to lf-5.10.y-1.0.0
Stephane Viau [Tue, 20 Apr 2021 21:18:21 +0000 (23:18 +0200)]
configs/freescale_imx8*: bump BSP components to lf-5.10.y-1.0.0

Bump ATF, U-Boot and Linux kernel to the NXP BSP 5.10.y_1.0.0 versions.

Signed-off-by: Stephane Viau <stephane.viau@oss.nxp.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
4 years agoconfigs/freescale_imx8m*: bump BSP components to lf-5.10.y-1.0.0
Stephane Viau [Tue, 20 Apr 2021 21:18:20 +0000 (23:18 +0200)]
configs/freescale_imx8m*: bump BSP components to lf-5.10.y-1.0.0

Bump ATF, U-Boot and Linux kernel to the NXP BSP 5.10.y_1.0.0 versions.

Signed-off-by: Stephane Viau <stephane.viau@oss.nxp.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
4 years agoconfigs/freescale_imx7dsabresd: bump BSP components to lf-5.10.y-1.0.0
Stephane Viau [Tue, 20 Apr 2021 21:18:19 +0000 (23:18 +0200)]
configs/freescale_imx7dsabresd: bump BSP components to lf-5.10.y-1.0.0

Bump ATF, U-Boot and Linux kernel to the NXP BSP 5.10.y-1.0.0 versions.

Signed-off-by: Stephane Viau <stephane.viau@oss.nxp.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
4 years agoconfigs/freescale_imx6*: bump BSP components to lf-5.10.y-1.0.0
Stephane Viau [Tue, 20 Apr 2021 21:18:18 +0000 (23:18 +0200)]
configs/freescale_imx6*: bump BSP components to lf-5.10.y-1.0.0

Bump ATF, U-Boot and Linux kernel to the NXP BSP 5.10.y-1.0.0 versions.

Signed-off-by: Stephane Viau <stephane.viau@oss.nxp.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
4 years agopackage/freescale-imx/imx-sc-firmware: bump to version 1.8.0
Sébastien Szymanski [Tue, 20 Apr 2021 08:21:04 +0000 (10:21 +0200)]
package/freescale-imx/imx-sc-firmware: bump to version 1.8.0

- Same version as NXP release 5.10.9_1.0.0
- EULA/COPYING: update to LA_OPT_NXP_Software_License v19

Signed-off-by: Sébastien Szymanski <sebastien.szymanski@armadeus.com>
Reviewed-by: Stephane Viau <stephane.viau@oss.nxp.com>
Tested-by: Stephane Viau <stephane.viau@oss.nxp.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
4 years agopackage/freescale-imx/imx-seco: bump to version 3.7.5
Sébastien Szymanski [Tue, 20 Apr 2021 08:21:03 +0000 (10:21 +0200)]
package/freescale-imx/imx-seco: bump to version 3.7.5

- Same version as NXP release 5.10.9_1.0.0

Signed-off-by: Sébastien Szymanski <sebastien.szymanski@armadeus.com>
Reviewed-by: Stephane Viau <stephane.viau@oss.nxp.com>
Tested-by: Stephane Viau <stephane.viau@oss.nxp.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
4 years agopackage/freescale-imx/imx-gpu-g2d: bump to version 6.4.3.p1.2
Sébastien Szymanski [Tue, 20 Apr 2021 08:21:02 +0000 (10:21 +0200)]
package/freescale-imx/imx-gpu-g2d: bump to version 6.4.3.p1.2

- Same version as NXP release 5.10.9_1.0.0
- EULA/COPYING: update to LA_OPT_NXP_Software_License v19

Signed-off-by: Sébastien Szymanski <sebastien.szymanski@armadeus.com>
Reviewed-by: Stephane Viau <stephane.viau@oss.nxp.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
4 years agopackage/freescale-imx/imx-gpu-viv: bump to version 6.4.3.p1.2
Sébastien Szymanski [Tue, 20 Apr 2021 08:21:01 +0000 (10:21 +0200)]
package/freescale-imx/imx-gpu-viv: bump to version 6.4.3.p1.2

- Same version as NXP release 5.10.9_1.0.0
- EULA/COPYING: update to LA_OPT_NXP_Software_License v19

Signed-off-by: Sébastien Szymanski <sebastien.szymanski@armadeus.com>
Reviewed-by: Stephane Viau <stephane.viau@oss.nxp.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
4 years agopackage/freescale-imx/firmware-imx: bump version to 8.11
Sébastien Szymanski [Tue, 20 Apr 2021 08:21:00 +0000 (10:21 +0200)]
package/freescale-imx/firmware-imx: bump version to 8.11

- Same version as NXP release 5.10.9_1.0.0
- EULA/COPYING: update to LA_OPT_NXP_Software_License v19

Signed-off-by: Sébastien Szymanski <sebastien.szymanski@armadeus.com>
Reviewed-by: Stephane Viau <stephane.viau@oss.nxp.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
4 years agopackage/freescale-imx/imx-vpu-hantro: bump version to 1.21.0
Sébastien Szymanski [Tue, 20 Apr 2021 08:20:59 +0000 (10:20 +0200)]
package/freescale-imx/imx-vpu-hantro: bump version to 1.21.0

- Same version as NXP release 5.10.9_1.0.0
- EULA/COPYING: update to LA_OPT_NXP_Software_License v19

Signed-off-by: Sébastien Szymanski <sebastien.szymanski@armadeus.com>
Reviewed-by: Stephane Viau <stephane.viau@oss.nxp.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
4 years agopackage/uftrace: fix build on i386
Thomas Petazzoni [Sat, 24 Apr 2021 16:08:57 +0000 (18:08 +0200)]
package/uftrace: fix build on i386

The --arch value on i386 must be "i386", and not i486, i586 or i686,
so let's have a special case for BR2_i386, and use $(BR2_ARCH) for the
other supported CPU architectures.

Fixes:

  http://autobuild.buildroot.net/results/01a28789bcec9af66137cbce5a8fda2d606de99f/

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
4 years agopackage/freescale-imx/imx-vpu: fix {EULA, COPYING} file hashes
Sébastien Szymanski [Tue, 20 Apr 2021 08:29:53 +0000 (10:29 +0200)]
package/freescale-imx/imx-vpu: fix {EULA, COPYING} file hashes

Commit a646cd27b112 (package/freescale-imx/imx-vpu: bump version to
5.4.39.3) somehow messed up when updating the hashes of the licene
files:

    >>> imx-vpu 5.4.39.3 Collecting legal info
    ERROR: EULA has wrong sha256 hash:
    ERROR: expected: a39da2e94bd8b99eaac4325633854620ea3a55145259c3a7748c610a80714cfc
    ERROR: got     : 7ffad92e72e5f6b23027e7cf93a770a4acef00a92dcf79f22701ed401c5478c0
    ERROR: Incomplete download, or man-in-the-middle (MITM) attack

    ERROR: COPYING has wrong sha256 hash:
    ERROR: expected: 69cbb76b3f10ac5a8c36f34df7bbdf50825815560c00a946fff2922365ef01a2
    ERROR: got     : 2ceab29de5ea533b86f570bcc4e9ddbfb5fe85a1da4978a8613ff3fd9bed781d
    ERROR: Incomplete download, or man-in-the-middle (MITM) attack

The most probable cause is some confusion with imx-vpu-hantro, as the
faulty hashes reported above are those found in imx-vpu-hantro.

Signed-off-by: Sébastien Szymanski <sebastien.szymanski@armadeus.com>
[yann.morin.1998@free.fr: rewrite commit log with a probably reason]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
4 years agopackage/tar: ignore CVE-2007-4476
Matt Weber [Wed, 21 Apr 2021 20:42:35 +0000 (15:42 -0500)]
package/tar: ignore CVE-2007-4476

https://security-tracker.debian.org/tracker/CVE-2007-4476

Currently NVD has this incorrectly tagged for all versions.
The bug trackers on different distros show it was generally
fixed in versions >= 1.16 but because the impacted source
code is in the GNU paxutils, it is hard to follow in what
cases tar has been fixed around that 1.16 version.

https://bugs.gentoo.org/196978

https://www.itsecdb.com/oval/definition/oval/org.mitre.oval/def/9336/Buffer-overflow-in-the-safer-name-suffix-function-in-GNU-tar.html

Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
4 years agopackage/rsyslog: ignore CVE-2015-3243
Matt Weber [Wed, 21 Apr 2021 20:42:34 +0000 (15:42 -0500)]
package/rsyslog: ignore CVE-2015-3243

https://security-tracker.debian.org/tracker/CVE-2015-3243
 "Rsyslog uses weak permissions for generating log files."

Ignoring this CVE for Buildroot as normally there are not local
users and a build could customize the rsyslog.conf to be more
restrictive ($FileCreateMode 0640).

Example fix from Alpino Linux
 https://github.com/libTorrentUser/alpino-linux-aports/commit/3cb5210cdac46fb8805d4028df16f5889f393a09

Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
4 years agopackage/ncurses: ignore CVE-2018-10754, CVE-2018-19211, CVE-2018-19217, CVE-2019...
Matt Weber [Wed, 21 Apr 2021 20:42:33 +0000 (15:42 -0500)]
package/ncurses: ignore CVE-2018-10754, CVE-2018-19211, CVE-2018-19217, CVE-2019-17594, CVE-2019-17595

Commit 4b21273d71d09 added upstream (security) patches up to 20200118
and in the commit description it outlines these CVEs were patched.

Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
4 years agopackage/wpa_supplicant: ignore CVE-2021-30004 when using openssl
Matt Weber [Wed, 21 Apr 2021 20:42:32 +0000 (15:42 -0500)]
package/wpa_supplicant: ignore CVE-2021-30004 when using openssl

The CVE can be ignored when the internal TLS impl isn't used.

https://security-tracker.debian.org/tracker/CVE-2021-30004
 "Issue only affects the "internal" TLS implementation
 (CONFIG_TLS=internal)"

Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
4 years agopackage/hostapd: ignore CVE-2021-30004 when using openssl
Matt Weber [Wed, 21 Apr 2021 20:42:31 +0000 (15:42 -0500)]
package/hostapd: ignore CVE-2021-30004 when using openssl

The CVE can be ignored when the internal TLS impl isn't used.

https://security-tracker.debian.org/tracker/CVE-2021-30004
 "Issue only affects the "internal" TLS implementation
 (CONFIG_TLS=internal)"

Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
4 years agopackage/flex: ignore CVE-2019-6293
Matt Weber [Wed, 21 Apr 2021 20:42:30 +0000 (15:42 -0500)]
package/flex: ignore CVE-2019-6293

https://security-tracker.debian.org/tracker/CVE-2019-6293

https://github.com/NixOS/nixpkgs/issues/55386#issuecomment-683792976
 "But this bug does not cause stack overflows in the generated code.
 The function and file referred to in the bug (mark_beginning_as_normal
 in nfa.c) are part of the flex code generator, not part of the
 generated code. If flex crashes before generating any code, that
 can hardly be a vulnerability. If flex does not crash, the generated
 code is fine (or perhaps subject to other unreported bugs, who knows,
 but the NFA has been generated correctly)."

Upstream has chosen to not provide a fix
 https://github.com/westes/flex/issues/414

Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
[yann.morin.1998@free.fr: use actual upstream URL]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
4 years agopackage/cmake: ignore CVE-2016-10642
Matt Weber [Wed, 21 Apr 2021 20:42:29 +0000 (15:42 -0500)]
package/cmake: ignore CVE-2016-10642

This is specific to the npm package that installs cmake, so isn't
relevant to Buildroot.
https://github.com/openembedded/openembedded-core/blob/14241ed09f9ed317045cf75a6d08416d3579bb8d/meta/recipes-devtools/cmake/cmake.inc

https://nvd.nist.gov/vuln/detail/CVE-2016-10642#vulnCurrentDescriptionTitle
 "cmake installs the cmake x86 linux binaries. cmake downloads
 binary resources over HTTP, which leaves it vulnerable to
 MITM attacks. It may be possible to cause remote code
 execution (RCE) by swapping out the requested binary with
 an attacker controlled binary if the attacker is on the
 network or positioned in between the user and the remote server."

Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
4 years agopackage/bind: ignore CVE-2019-6470
Matt Weber [Wed, 21 Apr 2021 20:42:28 +0000 (15:42 -0500)]
package/bind: ignore CVE-2019-6470

There had existed in one of the ISC BIND libraries a bug in a
function that was used by dhcpd when operating in DHCPv6 mode.
There was also a bug in dhcpd relating to the use of this function
per its documentation, but the bug in the library function
prevented this from causing any harm. All releases of dhcpd from
ISC contain copies of this, and other, BIND libraries in
combinations that have been tested prior to release and are known
to not present issues like this.

Affects: Builds of dhcpd versions prior to version 4.4.1 when
using BIND versions 9.11.2 or later.

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6470

Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
4 years agopackage/coreutils: ignore CVE-2013-0221, CVE-2013-0222, CVE-2013-0223
Matt Weber [Wed, 21 Apr 2021 20:42:27 +0000 (15:42 -0500)]
package/coreutils: ignore CVE-2013-0221, CVE-2013-0222, CVE-2013-0223

This CVE is only relevant to a build when the SUSE coreutils-i18n.patch
is included. The upstream codebase does not include this patch, nor
does Buildroot.

https://security-tracker.debian.org/tracker/CVE-2013-0221
https://security-tracker.debian.org/tracker/CVE-2013-0222
https://security-tracker.debian.org/tracker/CVE-2013-0223

Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
4 years agopackage/bind: ignore CVE-2017-3139
Matt Weber [Wed, 21 Apr 2021 20:42:26 +0000 (15:42 -0500)]
package/bind: ignore CVE-2017-3139

This CVE is only relevant to the configuration of a specific
RHEL release (6.x).

https://bugzilla.redhat.com/show_bug.cgi?id=1447743

Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
4 years agopackage/bash: add option to keep or remove loadable examples
Thomas Petazzoni [Fri, 23 Apr 2021 20:23:54 +0000 (22:23 +0200)]
package/bash: add option to keep or remove loadable examples

bash has a concept of "loadables", which are "plugins" that can be
loaded at runtime by bash to add new builtin. For example:

    # type whoami
    whoami is hashed (/usr/bin/whoami)
    # whoami
    root

    # enable -f /usr/lib/bash/whoami whoami
    # type whoami
    whoami is a shell builtin
    # whoami
    root

    # enable -d whoami
    # type whoami
    whoami is hashed (/usr/bin/whoami)
    # whoami
    root

bash comes with a set of example loadables, installed in
/usr/lib/bash/. They take 312 KB on ARM32, and are by default not
used, and provide builtins that are for the most part already
available as external commands in Busybox/coreutils:

    Makefile.inc  finfo         mkfifo        realpath      sync
    accept        head          mktemp        rm            tee
    basename      id            mypid         rmdir         truefalse
    csv           ln            pathchk       seq           tty
    cut           loadables.h   print         setpgid       uname
    dirname       logname       printenv      sleep         unlink
    fdflags       mkdir         push          strftime      whoami

So instead of having them unconditionally installed, add an option to
enable/disable their installation (their build apparently cannot be
disabled via a configure option).

Normally, we try to keep backward compatibility by preserving the
existing behavior. In this case, this would have meant making this
option "default y". But this also breaks our principle of "being
minimal by default", and in this case, it feels preferable to be
"minimal by default" than preserving existing behavior.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Nicolas Cavallari <nicolas.cavallari@green-communications.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
4 years agopackage/bash: drop SHOBJ_STATUS from BASH_CONF_ENV
Thomas Petazzoni [Fri, 23 Apr 2021 20:23:55 +0000 (22:23 +0200)]
package/bash: drop SHOBJ_STATUS from BASH_CONF_ENV

SHOBJ_STATUS=unsupported was added in commit
4a2af11cba83ef176672609dd7321712fa7f6a28 to work around a limitation
of the configure script that forgot to set this variable in
static-linking configurations.

It turns out that this issue has been fixed upstream as of bash 5.0:

  https://git.savannah.gnu.org/cgit/bash.git/diff/configure.ac?id=d233b485e83c3a784b803fb894280773f16f2deb

  (see hunk @@ -1151,6 +1179,9 @@)

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
4 years agopackage/bash: use --bindir instead of exec_prefix=
Thomas Petazzoni [Fri, 23 Apr 2021 20:23:53 +0000 (22:23 +0200)]
package/bash: use --bindir instead of exec_prefix=

We want bash to be installed as /bin/bash. For ages, Buildroot has
been doing this by overriding exec_prefix at install time. First of
all, it would be preferred to do this at configure time. But also,
overriding exec_prefix not only changes where "bash" goes, but also
where the pkgconfig file goes. Due to this, bash.pc goes into
/lib/pkgconfig/, and doesn't get removed by target-finalize.

Since all we want is to have 'bash' as /bin/bash, simply pass
--bindir=/bin at configure time. This allows to use the default target
installation logic for autotools-package. We keep a post-install
target hook to remove /bin/bashbug.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Nicolas Cavallari <nicolas.cavallari@green-communications.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
4 years agopackage/cups: bump to version 2.3.3op2
James Hilliard [Wed, 21 Apr 2021 11:54:42 +0000 (05:54 -0600)]
package/cups: bump to version 2.3.3op2

Switch to new OpenPrinting upstream repository.

NOTICE hash change due to date+copyright holder update in:
https://github.com/OpenPrinting/cups/commit/1bc199354e592f73b9d17215953b9965849b3124

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
4 years agopackage/libupnp: security bump to version 1.14.6
Jörg Krause [Thu, 22 Apr 2021 07:29:22 +0000 (07:29 +0000)]
package/libupnp: security bump to version 1.14.6

The server part of pupnp (libupnp) appears to be vulnerable to DNS-rebinding
attacks because it does not check the value of the `Host` header.

Fixes CVE-2021-29462

https://github.com/pupnp/pupnp/security/advisories/GHSA-6hqq-w3jq-9fhg

Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
4 years agopackage/libnpupnp: security bump to version 4.1.4
Jörg Krause [Thu, 22 Apr 2021 07:50:16 +0000 (07:50 +0000)]
package/libnpupnp: security bump to version 4.1.4

Fix vulnerability to DNS-rebind attacks.

This security fix addresses the same vulnerability isue which was reported
for libupnp (which libnpupnp is derived from) in CVE-2021-29462.

Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
4 years agopackage/protozero: disable tests
Fabrice Fontaine [Thu, 22 Apr 2021 18:24:43 +0000 (20:24 +0200)]
package/protozero: disable tests

Add a patch to disable tests through the standard BUILD_TESTING variable
which is already passed by cmake-package.

While at it, drop protobuf dependency which is only needed for tests

This will fix a build failure on toolchains without wchar, toolchains
for sh4 (ICE) or toolchains where gcc is affected by bug 64735.

Upstream thinks that this is unecessary but no additional feedback was
received on how we should handle those build failures

Fixes:
 - http://autobuild.buildroot.org/results/1cd24b757d87b963c70bc7ff927c6d983d0b142a

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Reviewed-by: Maxim Kochetkov <fido_max@inbox.ru>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
4 years agopackage/kodi-inputstream-adaptive: bump version to 2.6.14-Matrix
Bernd Kuhls [Thu, 22 Apr 2021 18:26:37 +0000 (20:26 +0200)]
package/kodi-inputstream-adaptive: bump version to 2.6.14-Matrix

Changelog:
https://github.com/xbmc/inputstream.adaptive/blob/Matrix/inputstream.adaptive/addon.xml.in#L22

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
4 years agopackage/{mesa3d, mesa3d-headers}: bump version to 21.0.3
Bernd Kuhls [Thu, 22 Apr 2021 18:25:38 +0000 (20:25 +0200)]
package/{mesa3d, mesa3d-headers}: bump version to 21.0.3

Release notes:
https://lists.freedesktop.org/archives/mesa-announce/2021-April/000627.html

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
4 years agopackage/postgis: add optional protobuf-c dependency
Fabrice Fontaine [Thu, 22 Apr 2021 18:26:41 +0000 (20:26 +0200)]
package/postgis: add optional protobuf-c dependency

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Reviewed-by: Maxim Kochetkov <fido_max@inbox.ru>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
4 years agopackage/domoticz: bump to version 2021.1
Fabrice Fontaine [Thu, 22 Apr 2021 18:30:11 +0000 (20:30 +0200)]
package/domoticz: bump to version 2021.1

- Drop all patches (already in version)
- USE_BUILTIN_LUA has been removed since
  https://github.com/domoticz/domoticz/commit/275effddf0921698197dbc38bde199c48d4956f9
- cereal is a mandatory dependency since
  https://github.com/domoticz/domoticz/commit/275effddf0921698197dbc38bde199c48d4956f9
- fmt is a mandatory dependency since
  https://github.com/domoticz/domoticz/commit/f049d7d574aae0ab0da1b8a042c59b420106e31c
- Remaining external dependencies (such as minizip which is not
  compatible with our fork of minizip) must be retrieved through git
  submodules since
  https://github.com/domoticz/domoticz/commit/275effddf0921698197dbc38bde199c48d4956f9

https://github.com/domoticz/domoticz/blob/2021.1/History.txt

Fixes:
 - http://autobuild.buildroot.org/results/370/3709e3cd96351ab35d5a8441658faf9bd51cd118

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
4 years agopackage/samba4: bump version to 4.14.3
Bernd Kuhls [Thu, 22 Apr 2021 19:06:46 +0000 (21:06 +0200)]
package/samba4: bump version to 4.14.3

Release notes: https://www.samba.org/samba/history/samba-4.14.3.html

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
4 years agopackage/openvpn: security bump version to 2.5.2
Bernd Kuhls [Thu, 22 Apr 2021 18:40:06 +0000 (20:40 +0200)]
package/openvpn: security bump version to 2.5.2

Fixes CVE-2020-15078:
https://forums.openvpn.net/viewtopic.php?f=20&t=32179

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
4 years agopackage/gerbera: needs dynamic library
Fabrice Fontaine [Thu, 22 Apr 2021 20:52:56 +0000 (22:52 +0200)]
package/gerbera: needs dynamic library

Disable gerbera with static builds as it raises build failures since
bump to version 1.8.0 in commit 8974596836945eada8e162844fb87f88adec9100
and upstream does not seem to care or test static builds:
https://github.com/gerbera/gerbera/issues/1221

Fixes:
 - http://autobuild.buildroot.org/results/9c59ef912d09bb3c0647b98aa8e9eca7fccbe08f

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
4 years agopackage/uftrace: new package
Asaf Kahlon [Fri, 23 Apr 2021 17:26:01 +0000 (20:26 +0300)]
package/uftrace: new package

The uftrace tool is to trace and analyze execution of a program
written in C/C++.

Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
4 years agopackage/cgilua: bump to version 6.0.2
Francois Perrad [Fri, 23 Apr 2021 14:05:03 +0000 (16:05 +0200)]
package/cgilua: bump to version 6.0.2

The hash of the HTML license file has changed due to changes in the
HTML menu and other parts of the page that don't change the license
text itself.

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
4 years agopackage/redis: bump to v6.2.2
Titouan Christophe [Fri, 23 Apr 2021 11:46:03 +0000 (13:46 +0200)]
package/redis: bump to v6.2.2

From the release notes:
================================================================================
Redis 6.2.2 Released Mon April 19 19:00:00 IST 2021
================================================================================

Upgrade urgency: HIGH, if you're using ACL and pub/sub, CONFIG REWRITE, or
suffering from performance regression.

See https://github.com/redis/redis/blob/6.2.2/00-RELEASENOTES

Signed-off-by: Titouan Christophe <titouanchristophe@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
4 years agopackage/rcw-smarc-sal28: bump to version 11
Michael Walle [Tue, 23 Mar 2021 08:46:59 +0000 (09:46 +0100)]
package/rcw-smarc-sal28: bump to version 11

From the changelog:
* Enable SATA RX lane swap
* Add workaround for A-010554 (Improve SATA hard drive detection)
* Add workaround for A-009531 (Wrong IDO bit value for PCIe completion
  packets)

Signed-off-by: Michael Walle <michael@walle.cc>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
4 years agopackage/kismet: fix static build with uclibc
Fabrice Fontaine [Fri, 2 Apr 2021 18:14:58 +0000 (20:14 +0200)]
package/kismet: fix static build with uclibc

Fix static build with uclibc which is raised since bump to version
2020-12-R3 in commit 14522a8f9d272204763c49a21ebce5653430c612

Fixes:
 - http://autobuild.buildroot.org/results/69dcb7ac99e63fca342e4d52d9311d1ee1931911

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
4 years agopackage/nut: bump version
Bernd Kuhls [Sat, 3 Apr 2021 08:19:53 +0000 (10:19 +0200)]
package/nut: bump version

The last release is five years old. To support newer hardware we bump
the package to latest git master branch. For upstream discussion see
github issue 819.

Removed patches, they were all applied upstream.

Added NUT_PRE_CONFIGURE_HOOKS to fix autoreconf:

configure.ac:1994: error: required file 'scripts/augeas/nutupsconf.aug.in' not found
configure.ac:1994: error: required file 'scripts/devd/nut-usb.conf.in' not found
configure.ac:1994: error: required file 'scripts/udev/nut-usbups.rules.in' not found

because upstream autogen.sh creates additional files:
https://github.com/networkupstools/nut/blob/master/autogen.sh

Configure is not cross-compile friendly:
https://github.com/networkupstools/nut/blob/master/m4/ax_c_pragmas.m4#L574
Add ax_cv__printf_string_null=yes to fix cross build.

Removed configure option --without-hal due to upstream removal of hal
files:
https://github.com/networkupstools/nut/commit/5860c09e85278e597f85d26b3a23be8c80c199e8

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
4 years agopackage/python{,3}-regex: bump to version 2021.4.4
Leon Anavi [Fri, 9 Apr 2021 09:00:56 +0000 (12:00 +0300)]
package/python{,3}-regex: bump to version 2021.4.4

Upgrade to release 2021.4.4 with the following bug fixes:

- regex fails with a quantified backreference but succeeds with
  repeated backref
- API is not a drop-in replacement for python's re when it comes
  to typing

Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
4 years agopackage/azure-iot-sdk-c: bump version to LTS_01_2021_Ref01
Sergio Prado [Sat, 10 Apr 2021 09:37:38 +0000 (06:37 -0300)]
package/azure-iot-sdk-c: bump version to LTS_01_2021_Ref01

Also remove patch (already in upstream)

Signed-off-by: Sergio Prado <sergio.prado@e-labworks.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>