buildroot.git
6 years agolibvncserver: add upstream security fix for CVE-2018-7225
Peter Korsgaard [Sat, 9 Jun 2018 16:02:29 +0000 (18:02 +0200)]
libvncserver: add upstream security fix for CVE-2018-7225

Fixes CVE-2018-7225 - An issue was discovered in LibVNCServer through
0.9.11.  rfbProcessClientNormalMessage() in rfbserver.c does not sanitize
msg.cct.length, leading to access to uninitialized and potentially sensitive
data or possibly unspecified other impact (e.g., an integer overflow) via
specially crafted VNC packets.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
6 years agoyaml-cpp: bump to version 0.6.2
Fabrice Fontaine [Sat, 9 Jun 2018 10:46:37 +0000 (12:46 +0200)]
yaml-cpp: bump to version 0.6.2

- Remove boost dependency (not needed since 0.6)
- Add C++11 dependency (needed since 0.6)
- Add hash for license file

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
6 years agopackage/mpg123: security bump to version 1.25.10
Bernd Kuhls [Sun, 10 Jun 2018 12:09:10 +0000 (14:09 +0200)]
package/mpg123: security bump to version 1.25.10

Version 1.25.4 fixes CVE-2017-9545, for details see release notes:
http://www.mpg123.org/cgi-bin/news.cgi

Added upstream hashes.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
6 years agopackage/fdk-aac: bump version to 0.1.6
Bernd Kuhls [Sun, 10 Jun 2018 10:11:23 +0000 (12:11 +0200)]
package/fdk-aac: bump version to 0.1.6

Added upstream and license hashes.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
6 years agopackage/nvidia-driver: bump version to 390.67
Bernd Kuhls [Sun, 10 Jun 2018 10:29:46 +0000 (12:29 +0200)]
package/nvidia-driver: bump version to 390.67

Added license hash, adjusted upstream library names.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
6 years agopackage/x265: bump version to 2.8
Bernd Kuhls [Sun, 10 Jun 2018 10:28:14 +0000 (12:28 +0200)]
package/x265: bump version to 2.8

Added license hash.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
6 years agopackage/imagemagick: security bump to version 7.0.7-38
Bernd Kuhls [Sun, 10 Jun 2018 10:21:56 +0000 (12:21 +0200)]
package/imagemagick: security bump to version 7.0.7-38

Fixes CVE-2018-11625, CVE-2018-11624 & CVE-2018-10177.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
6 years agopackage/dtv-scan-tables: bump version
Bernd Kuhls [Sun, 10 Jun 2018 10:14:15 +0000 (12:14 +0200)]
package/dtv-scan-tables: bump version

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
6 years agopackage/speex: bump version to 1.2.0
Bernd Kuhls [Sun, 10 Jun 2018 10:10:24 +0000 (12:10 +0200)]
package/speex: bump version to 1.2.0

Added upstream md5 & locally computed license hashes, rebased patch,
updated SPEEX_SITE.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
6 years agopackage/speex: use pkgconf to detect libogg
Bernd Kuhls [Sun, 10 Jun 2018 10:10:23 +0000 (12:10 +0200)]
package/speex: use pkgconf to detect libogg

Upstream removed with-ogg-* configure options and switched to pkgconf
to detect libogg back in 2014:
https://git.xiph.org/?p=speex.git;a=commitdiff;h=e1b1eeabce815283c5bbc42016a9d6a11eda2866

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
6 years agopackage/wireless-regdb: bump version to 2018.05.31
Bernd Kuhls [Sun, 10 Jun 2018 09:30:48 +0000 (11:30 +0200)]
package/wireless-regdb: bump version to 2018.05.31

Added license hash, updated project URL, old site is dead.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
6 years agopackage/pngquant: bump version to 2.12.0
Bernd Kuhls [Sun, 10 Jun 2018 09:16:56 +0000 (11:16 +0200)]
package/pngquant: bump version to 2.12.0

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
6 years agoDEVELOPERS: add myself for sqlite
Bernd Kuhls [Sun, 10 Jun 2018 09:04:42 +0000 (11:04 +0200)]
DEVELOPERS: add myself for sqlite

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
6 years agopackage/sqlite: bump version to 3.24.0
Bernd Kuhls [Sun, 10 Jun 2018 09:04:41 +0000 (11:04 +0200)]
package/sqlite: bump version to 3.24.0

Release notes:
https://www.sqlite.org/releaselog/3_24_0.html
https://www.sqlite.org/releaselog/3_23_1.html

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
6 years agomeson: bump version to 0.46.1
Eric Le Bihan [Sat, 9 Jun 2018 10:05:35 +0000 (12:05 +0200)]
meson: bump version to 0.46.1

Signed-off-by: Eric Le Bihan <eric.le.bihan.dev@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agomariadb: security bump version to 10.1.33
Peter Korsgaard [Fri, 8 Jun 2018 16:44:34 +0000 (18:44 +0200)]
mariadb: security bump version to 10.1.33

Release notes: https://mariadb.com/kb/en/mariadb-10133-release-notes/
Changelog: https://mariadb.com/kb/en/mariadb-10133-changelog/

Fixes the following security vulnerabilities:

CVE-2018-2782 - Vulnerability in the MySQL Server component of Oracle MySQL
(subcomponent: InnoDB).  Supported versions that are affected are 5.6.39 and
prior and 5.7.21 and prior.  Easily exploitable vulnerability allows low
privileged attacker with network access via multiple protocols to compromise
MySQL Server.  Successful attacks of this vulnerability can result in
unauthorized ability to cause a hang or frequently repeatable crash
(complete DOS) of MySQL Server.

CVE-2018-2784 - Vulnerability in the MySQL Server component of Oracle MySQL
(subcomponent: InnoDB).  Supported versions that are affected are 5.6.39 and
prior and 5.7.21 and prior.  Easily exploitable vulnerability allows low
privileged attacker with network access via multiple protocols to compromise
MySQL Server.  Successful attacks of this vulnerability can result in
unauthorized ability to cause a hang or frequently repeatable crash
(complete DOS) of MySQL Server.

CVE-2018-2787 - Vulnerability in the MySQL Server component of Oracle MySQL
(subcomponent: InnoDB).  Supported versions that are affected are 5.6.39 and
prior and 5.7.21 and prior.  Easily exploitable vulnerability allows high
privileged attacker with network access via multiple protocols to compromise
MySQL Server.  Successful attacks of this vulnerability can result in
unauthorized ability to cause a hang or frequently repeatable crash
(complete DOS) of MySQL Server as well as unauthorized update, insert or
delete access to some of MySQL Server accessible data.

CVE-2018-2766 - Vulnerability in the MySQL Server component of Oracle MySQL
(subcomponent: InnoDB).  Supported versions that are affected are 5.6.39 and
prior and 5.7.21 and prior.  Easily exploitable vulnerability allows high
privileged attacker with network access via multiple protocols to compromise
MySQL Server.  Successful attacks of this vulnerability can result in
unauthorized ability to cause a hang or frequently repeatable crash
(complete DOS) of MySQL Server.

CVE-2018-2755 - Vulnerability in the MySQL Server component of Oracle MySQL
(subcomponent: Server: Replication).  Supported versions that are affected
are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior.  Difficult to
exploit vulnerability allows unauthenticated attacker with logon to the
infrastructure where MySQL Server executes to compromise MySQL Server.
Successful attacks require human interaction from a person other than the
attacker and while the vulnerability is in MySQL Server, attacks may
significantly impact additional products.  Successful attacks of this
vulnerability can result in takeover of MySQL Server.

CVE-2018-2819 - Vulnerability in the MySQL Server component of Oracle MySQL
(subcomponent: InnoDB).  Supported versions that are affected are 5.5.59 and
prior, 5.6.39 and prior and 5.7.21 and prior.  Easily exploitable
vulnerability allows low privileged attacker with network access via
multiple protocols to compromise MySQL Server.  Successful attacks of this
vulnerability can result in unauthorized ability to cause a hang or
frequently repeatable crash (complete DOS) of MySQL Server.

CVE-2018-2817 - Vulnerability in the MySQL Server component of Oracle MySQL
(subcomponent: Server: DDL).  Supported versions that are affected are
5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior.  Easily exploitable
vulnerability allows low privileged attacker with network access via
multiple protocols to compromise MySQL Server.  Successful attacks of this
vulnerability can result in unauthorized ability to cause a hang or
frequently repeatable crash (complete DOS) of MySQL Server.

CVE-2018-2761 - Vulnerability in the MySQL Server component of Oracle MySQL
(subcomponent: Client programs).  Supported versions that are affected are
5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior.  Difficult to
exploit vulnerability allows unauthenticated attacker with network access
via multiple protocols to compromise MySQL Server.  Successful attacks of
this vulnerability can result in unauthorized ability to cause a hang or
frequently repeatable crash (complete DOS) of MySQL Server.

CVE-2018-2781 - Vulnerability in the MySQL Server component of Oracle MySQL
(subcomponent: Server: Optimizer).  Supported versions that are affected are
5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior.  Easily exploitable
vulnerability allows high privileged attacker with network access via
multiple protocols to compromise MySQL Server.  Successful attacks of this
vulnerability can result in unauthorized ability to cause a hang or
frequently repeatable crash (complete DOS) of MySQL Server.

CVE-2018-2771 - Vulnerability in the MySQL Server component of Oracle MySQL
(subcomponent: Server: Locking).  Supported versions that are affected are
5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior.  Difficult to
exploit vulnerability allows high privileged attacker with network access
via multiple protocols to compromise MySQL Server.  Successful attacks of
this vulnerability can result in unauthorized ability to cause a hang or
frequently repeatable crash (complete DOS) of MySQL Server.

CVE-2018-2813 - Vulnerability in the MySQL Server component of Oracle MySQL
(subcomponent: Server: DDL).  Supported versions that are affected are
5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior.  Easily exploitable
vulnerability allows low privileged attacker with network access via
multiple protocols to compromise MySQL Server.  Successful attacks of this
vulnerability can result in unauthorized read access to a subset of MySQL
Server accessible data.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Acked-by: Ryan Coe <bluemrp9@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agoaubio: bump to version 0.4.6
Fabrice Fontaine [Fri, 8 Jun 2018 21:35:40 +0000 (23:35 +0200)]
aubio: bump to version 0.4.6

Add hash for license file

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agojansson: bump to version 2.11
Fabrice Fontaine [Fri, 8 Jun 2018 21:57:44 +0000 (23:57 +0200)]
jansson: bump to version 2.11

Add hash for license file

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agoDEVELOPERS: update email for flatcc
Joel Carlson [Fri, 8 Jun 2018 19:27:39 +0000 (13:27 -0600)]
DEVELOPERS: update email for flatcc

Signed-off-by: Joel Carlson <JoelsonCarl@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agopugixml: bump to version 1.9
Fabrice Fontaine [Sat, 9 Jun 2018 10:13:17 +0000 (12:13 +0200)]
pugixml: bump to version 1.9

- Remove patch (already in version)
- Add hash for license file

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agojson-glib: bump to version 1.4.2
Fabrice Fontaine [Sat, 9 Jun 2018 09:59:28 +0000 (11:59 +0200)]
json-glib: bump to version 1.4.2

- Switch to meson-package
- Add hash for license file

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agojson-c: bump to version 0.13.1
Fabrice Fontaine [Sat, 9 Jun 2018 08:41:39 +0000 (10:41 +0200)]
json-c: bump to version 0.13.1

Drop patch, issue has been properly fixed by:
https://github.com/json-c/json-c/commit/0f814e52dd22ee959a29ffcce36923aff62147b3

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agopackage/libvorbis: add upstream security patch to fix CVE-2017-14160
Bernd Kuhls [Sat, 9 Jun 2018 08:43:37 +0000 (10:43 +0200)]
package/libvorbis: add upstream security patch to fix CVE-2017-14160

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agopackage/tor: bump version to 0.3.3.6
Bernd Kuhls [Sat, 9 Jun 2018 08:13:04 +0000 (10:13 +0200)]
package/tor: bump version to 0.3.3.6

Release notes:
https://blog.torproject.org/tor-0336-released-new-stable-series

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agopackage/samba4: bump version to 4.8.2
Bernd Kuhls [Sat, 9 Jun 2018 08:10:25 +0000 (10:10 +0200)]
package/samba4: bump version to 4.8.2

Release notes: https://www.samba.org/samba/history/samba-4.8.2.html

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agoconfigs/imx7dpico: Bump kernel and U-Boot
Fabio Estevam [Fri, 8 Jun 2018 17:26:24 +0000 (14:26 -0300)]
configs/imx7dpico: Bump kernel and U-Boot

Bump kernel to version 4.17 and U-Boot to 2018.05.

As the dtb file has been renamed in mainline, make the necessary
adjustments in U-Boot environment and also in
BR2_LINUX_KERNEL_INTREE_DTS_NAME.

Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agoconfigs/imx6ulpico: Bump kernel and U-Boot
Fabio Estevam [Fri, 8 Jun 2018 17:26:23 +0000 (14:26 -0300)]
configs/imx6ulpico: Bump kernel and U-Boot

Bump kernel to version 4.17 and U-Boot to 2018.05.

As the imx_v6_v7_defconfig in 4.17 already selects the
CONFIG_CFG80211_WEXT option, the linux.fragment can
be simply removed.

Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agotinymembench: bump to version 0.4
Fabrice Fontaine [Fri, 8 Jun 2018 17:16:23 +0000 (19:16 +0200)]
tinymembench: bump to version 0.4

- Use LICENSE instead of main.c in TINYMEMBENCH_LICENSE_FILES
- Add hash for license file

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agotinyxml2: bump to version 6.2.0
Fabrice Fontaine [Fri, 8 Jun 2018 17:05:55 +0000 (19:05 +0200)]
tinyxml2: bump to version 6.2.0

Add hash for license file

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agolinux-headers: bump 4.{4, 9}.x series
Fabio Estevam [Fri, 8 Jun 2018 17:25:29 +0000 (14:25 -0300)]
linux-headers: bump 4.{4, 9}.x series

Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agopackage/cryptodev-linux: bump to the latest version (f60aa0)
Antoine Tenart [Fri, 8 Jun 2018 10:23:07 +0000 (12:23 +0200)]
package/cryptodev-linux: bump to the latest version (f60aa0)

Bumps the cryptodev-linux package to the latest version available, which
contains some fixes and allows to use cryptodev-linux with a recent
kernel (v4.17).

The patch bumps the version and update the locally calculated hash.

Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agolibedit: bump to version 20180525-3.1
Baruch Siach [Fri, 8 Jun 2018 09:42:21 +0000 (12:42 +0300)]
libedit: bump to version 20180525-3.1

Cc: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agoelfutils: bump to version 0.171
Baruch Siach [Fri, 8 Jun 2018 06:21:57 +0000 (09:21 +0300)]
elfutils: bump to version 0.171

Drop the po/ disable patch; not needed anymore.

Drop the __mempcpy compatibility patch; __mempcpy is not used anymore.

Refresh the -Werror removal patch; still needed, unfortunately.

Renumber the remaining patches.

Add GPLv3 license file.

Add license files hash.

[Peter: drop security reference, was added post-release]
Cc: Stefan Fröberg <stefan.froberg@petroprogram.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agolibxslt: security bump to version 1.3.2
Fabrice Fontaine [Thu, 7 Jun 2018 18:07:04 +0000 (20:07 +0200)]
libxslt: security bump to version 1.3.2

- Fix CVE-2017-5029
- Remove first patch (already in version)
- Add a dependency to host-pkgconf and remove libxml2 options: see
  https://github.com/GNOME/libxslt/commit/abf537ebb2296cd3ae89989a17b0e1b5c79db107
- Add hash for license file

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agotrinity: fix build with kernel headers v4.17+
Baruch Siach [Fri, 8 Jun 2018 03:16:22 +0000 (06:16 +0300)]
trinity: fix build with kernel headers v4.17+

Kernel v4.17 removed the linux/irda.h header. Add a patch to skip the
irda test when the header is missing.

Fixes:
http://autobuild.buildroot.net/results/39d/39d131048d6eb3cd4d802dae462116f7728c41fd/
http://autobuild.buildroot.net/results/af2/af2288711d1a0939a06ea51e65ed32d39e395e2b/
http://autobuild.buildroot.net/results/41f/41fead6d53dba2539ba246f682973e0b5967f3d0/

Cc: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agolibseccomp: bump to version 2.3.3
Fabrice Fontaine [Wed, 6 Jun 2018 20:33:55 +0000 (22:33 +0200)]
libseccomp: bump to version 2.3.3

- Update patch and sent it upstream
- Remove LIBSECCOMP_FIXUP_M4_DIR (not needed anymore)
- Add hash for license file

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
6 years agoopusfile: bump to version 0.10
Jörg Krause [Thu, 7 Jun 2018 13:39:31 +0000 (15:39 +0200)]
opusfile: bump to version 0.10

Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
6 years agompd: bump to version 0.20.20
Jörg Krause [Thu, 7 Jun 2018 13:32:04 +0000 (15:32 +0200)]
mpd: bump to version 0.20.20

Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
6 years agonetplug: prevent starting multiple instances of netplugd
Carlos Santos [Thu, 7 Jun 2018 01:36:41 +0000 (22:36 -0300)]
netplug: prevent starting multiple instances of netplugd

Executing "/etc/init.d/S29netplug start" multiple times resulted in
multiple instances of netplugd.

Pass "-p /var/run/netplug.pid" to netplugd, so it creates the PID file
that start-stop-daemon needs to know that netplugd is already running.
Also use the pid file to stop netplugd, instead of the daemon name.

Fixes https://bugs.busybox.net/show_bug.cgi?id=10661

Reported-by: Joachim Krueger <mail2k@web.de>
Signed-off-by: Carlos Santos <casantos@datacom.com.br>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
6 years agoDEVELOPERS: add myself to init-related packages
Carlos Santos [Thu, 7 Jun 2018 00:15:47 +0000 (21:15 -0300)]
DEVELOPERS: add myself to init-related packages

I'm working on improving the sysvinit scripts, so it's advisable to keep
an eye on them.

Signed-off-by: Carlos Santos <casantos@datacom.com.br>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
6 years agoopencv3: conditionally enable NEON and VFPv3 optimizations
Mathieu Maret [Thu, 7 Jun 2018 08:38:57 +0000 (10:38 +0200)]
opencv3: conditionally enable NEON and VFPv3 optimizations

Signed-off-by: Mathieu Maret <mathieu.maret@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
6 years agodocker-containerd: add missing docker-containerd symlink
Sam Lancia [Thu, 7 Jun 2018 07:51:07 +0000 (08:51 +0100)]
docker-containerd: add missing docker-containerd symlink

Prior to commit 2dccb4f2fefd8a0dbda65dd0f7537f811e920b13
("package/docker-containerd: convert to golang infrastructure"), the
containerd binary was installed as docker-containerd. Following the
conversion to the golang package infrastructure, the binary is now
installed as "containerd", which breaks some use cases.

Let's add a symlink link docker-containerd -> containerd to fix such
use cases.

Fixes: https://bugs.busybox.net/show_bug.cgi?id=11076
Signed-off-by: Sam Lancia <sam@gpsm.co.uk>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
6 years agodnsmasq: NLS/i18n does not mandate libidn anymore
Fabrice Fontaine [Tue, 1 May 2018 13:10:08 +0000 (15:10 +0200)]
dnsmasq: NLS/i18n does not mandate libidn anymore

Since May 2017, automatic inclusion of IDN has been removed when
building internationalisation support:
http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=43cdf1c3d074e75389392d495690923ef37d3248

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
6 years agolinux-headers: bump 3.2.x and 4.{4, 9, 14, 16}.x series
Fabio Estevam [Wed, 6 Jun 2018 01:04:40 +0000 (22:04 -0300)]
linux-headers: bump 3.2.x and 4.{4, 9, 14, 16}.x series

Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
6 years agoimx-usb-loader: propagate libusb dependency
Baruch Siach [Wed, 6 Jun 2018 20:04:39 +0000 (23:04 +0300)]
imx-usb-loader: propagate libusb dependency

Avoid select of libusb when the toolchain does not support threads.

Fixes:
http://autobuild.buildroot.net/results/a21/a212ee3e5ec174f4e6e7d582f777325dac035bfd/

Cc: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
6 years agolibucl: bump to version 0.8.1
Fabrice Fontaine [Wed, 6 Jun 2018 19:45:50 +0000 (21:45 +0200)]
libucl: bump to version 0.8.1

Add hash for license file

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
6 years agowhois: bump to version 5.3.1
Fabrice Fontaine [Wed, 6 Jun 2018 19:39:03 +0000 (21:39 +0200)]
whois: bump to version 5.3.1

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
6 years agoDEVELOPERS: add myself as maintainer of abootimg
Julien BOIBESSOT [Wed, 6 Jun 2018 17:19:52 +0000 (19:19 +0200)]
DEVELOPERS: add myself as maintainer of abootimg

I forgot to do it while submitting this package [1]. Thanks Thomas
for pointing it.

[1] https://git.buildroot.net/buildroot/commit/package/abootimg?id=43bafa748fbb5439856b9de1667db93c43ddd21f

Signed-off-by: Julien BOIBESSOT <julien.boibessot@armadeus.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
6 years agolibgpiod: bump version to v1.1
Bartosz Golaszewski [Wed, 6 Jun 2018 14:28:24 +0000 (16:28 +0200)]
libgpiod: bump version to v1.1

This is a minor release the main feature of which are the
object-oriented bindings for C++ and Python3. Other than that there's
a couple bug-fixes and minor improvements all around.

Signed-off-by: Bartosz Golaszewski <brgl@bgdev.pl>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
6 years agopackage/python-web2py: bump to version R-2.16.1
Angelo Compagnucci [Mon, 28 May 2018 18:37:06 +0000 (20:37 +0200)]
package/python-web2py: bump to version R-2.16.1

This patch bumps python-web2py to version R-2.16.1.

Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
6 years agopackage/python-pydal: bump to version 17.11
Angelo Compagnucci [Mon, 28 May 2018 18:37:05 +0000 (20:37 +0200)]
package/python-pydal: bump to version 17.11

This patch bumps python-pyDAL to version 17.11.

Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
6 years agodependencies.sh: add perl autodie for whois
Fabrice Fontaine [Tue, 5 Jun 2018 18:13:47 +0000 (20:13 +0200)]
dependencies.sh: add perl autodie for whois

Add dependency on perl autodie if whois package is selected

Fixes:
 - http://autobuild.buildroot.net/results/4d2ca14580cbc73f94e86ee834fac6d2541298ec

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
6 years agolibsoxr: bump to version 0.1.3
Fabrice Fontaine [Tue, 5 Jun 2018 19:41:21 +0000 (21:41 +0200)]
libsoxr: bump to version 0.1.3

Add hash for license files

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
6 years agolibstrophe: bump to version 0.9.2
Fabrice Fontaine [Tue, 5 Jun 2018 19:40:32 +0000 (21:40 +0200)]
libstrophe: bump to version 0.9.2

- Remove first patch (already in version, see
  https://github.com/strophe/libstrophe/pull/59)
- Use --without-xml (fixed by
  https://github.com/strophe/libstrophe/commit/3b55c20879aabad2f1b601b141d73c157972708d)
- Add hash for license files

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
6 years agolibbsd: bump to version 0.9.1
Baruch Siach [Tue, 5 Jun 2018 18:19:35 +0000 (21:19 +0300)]
libbsd: bump to version 0.9.1

Drop upstream patches.

Add a patch fixing build with musl libc.

Update the list of licenses based on the content of COPYING. The
BSD-5-Clause license is not listed by SPDX, but that is its name in the
COPYING file.

Update the license file hash: new licenses, dates update, reformat.

Cc: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
6 years agooprofile: fix musl build
Fabrice Fontaine [Tue, 5 Jun 2018 18:20:57 +0000 (20:20 +0200)]
oprofile: fix musl build

Add patch to replace undeclared basename call by op_basename

Fixes:
 - http://autobuild.buildroot.net/results/39ba30f4ec94e176e3d5d5b5ced37a0aa030cc5a

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
6 years agopackage/mender: new package
Angelo Compagnucci [Fri, 4 May 2018 09:21:59 +0000 (11:21 +0200)]
package/mender: new package

This patch add mender, an open source over-the-air (OTA) software
updater for embedded Linux devices.

Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
[Thomas:
 - add entry to DEVELOPERS file.
 - drop dependency on systemd, since there is really no build
   dependency, it's just that the init script integration is missing.
 - add Config.in comment about the thread dependency
 - don't override install commands, otherwise the mender binary is not
   installed, and instead use a post install target hook.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
6 years agoflatcc: new package
Joel Carlson [Thu, 31 May 2018 17:04:29 +0000 (11:04 -0600)]
flatcc: new package

This adds flatcc as a new package, pulling v0.5.1 from github. flatcc
has both a host tool (the compiler), and libraries for the target.

Signed-off-by: Steve deRosier <steve.derosier@lairdtech.com>
Signed-off-by: Joel Carlson <joel.carlson@cosmicaes.com>
Reviewed-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
[Thomas: add entry in DEVELOPERS file.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
6 years agoskeleton: PAGER without blank and unset at end of for loop
Florian La Roche [Tue, 5 Jun 2018 13:47:45 +0000 (15:47 +0200)]
skeleton: PAGER without blank and unset at end of for loop

The PAGER environment variable is including a blank character at the
end. Remove this.
A for loop has been unsetting the variable inside the loop, this is only
needed once at the end of the loop.

Signed-off-by: Florian La Roche <F.LaRoche@pilz.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
6 years agobusybox: reduce number of mkdir calls in inittab
Florian La Roche [Tue, 5 Jun 2018 13:47:09 +0000 (15:47 +0200)]
busybox: reduce number of mkdir calls in inittab

The default busybox inittab does two separate mkdir calls
to create /dev/pts and /dev/shm. Reduce this to call mkdir
only once for both directories.

Signed-off-by: Florian La Roche <F.LaRoche@pilz.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
6 years agobusybox: fix usage string in S01logging
Florian La Roche [Tue, 5 Jun 2018 13:46:52 +0000 (15:46 +0200)]
busybox: fix usage string in S01logging

In busybox fix the S01logging usage text to
document the "reload" target.

Signed-off-by: Florian La Roche <F.LaRoche@pilz.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
6 years agolibusb: fix clock_gettime librt dependency check
Baruch Siach [Tue, 5 Jun 2018 11:42:10 +0000 (14:42 +0300)]
libusb: fix clock_gettime librt dependency check

The detection of the librt dependency of clock_gettime in glibc before
2.17 is broken. We do not support glibc older than 2.17 for target, but
we still need to support hosts using old glibc. Add a patch fixing that.

Should fix (host-imx-usb-loader):
http://autobuild.buildroot.net/results/0a1/0a156449e5f38a6092ab9c88e3e3f5ea9abc0f03/
http://autobuild.buildroot.net/results/347/347f1b9bce2f0854e8ca6d49b9a9b3fa55de24b1/
http://autobuild.buildroot.net/results/f6a/f6a3a62909ccb500ca122ec3f03119d7706fb88a/

Cc: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
6 years agoe2fsprogs: bump to version 1.44.2
Baruch Siach [Tue, 5 Jun 2018 12:30:49 +0000 (15:30 +0300)]
e2fsprogs: bump to version 1.44.2

Update license file hash; FSF address update.

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
6 years agobtrfs-progs: bump to version 4.16.1
Baruch Siach [Tue, 5 Jun 2018 12:10:36 +0000 (15:10 +0300)]
btrfs-progs: bump to version 4.16.1

Drop upstream patch.

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
6 years agoconfigs/orangepi_zero_plus2: bump linux to v4.16
Jagan Teki [Tue, 5 Jun 2018 09:36:32 +0000 (15:06 +0530)]
configs/orangepi_zero_plus2: bump linux to v4.16

Bump linux as well headers to v4.16 version, this eventually drop the
wifi patch since it has been merged to Linux v4.16.

Signed-off-by: Jagan Teki <jagan@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
6 years agoconfigs/arcturus_ucls1012a: bump U-Boot version
Oleksandr Zhadan [Tue, 5 Jun 2018 14:02:50 +0000 (10:02 -0400)]
configs/arcturus_ucls1012a: bump U-Boot version

This new u-boot custom repo version should fix the
arcturus_ucls1012a_defconfig build failures on master.

Fixes:

  https://gitlab.com/buildroot.org/buildroot/-/jobs/71726827

Signed-off-by: Oleksandr Zhadan <oleks@arcturusnetworks.com>
Signed-off-by: Michael Durrant <mdurrant@arcturusnetworks.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
6 years agomono: add hashes for license files
Angelo Compagnucci [Tue, 5 Jun 2018 16:32:23 +0000 (18:32 +0200)]
mono: add hashes for license files

Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
6 years agomono: remove eglib/COPYING from license files
Angelo Compagnucci [Tue, 5 Jun 2018 16:30:59 +0000 (18:30 +0200)]
mono: remove eglib/COPYING from license files

When bumping Mono to 5.12.0.226 in commit
80821d3ed8e5607d259386abe5e3f98625614d11, the license files variable
was not updated to take into account that "eglib" is no longer part of
Mono, and therefore eglib/COPYING doesn't exist anymore. This commit
therefore fixes the license files variable following this change.

Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
6 years agopython-websockets: bump to version 5.0.1
Yegor Yefremov [Tue, 5 Jun 2018 08:15:22 +0000 (10:15 +0200)]
python-websockets: bump to version 5.0.1

Remove upstream patch.

Fixes:
http://autobuild.buildroot.net/results/0b59939faaefc12cd7da4f26ab86659ac031b008/
http://autobuild.buildroot.net/results/c0196693cfdbf10b429c5c03684d5308a68c8509/

Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
6 years agorabbitmq-c: bump to version 0.9.0
Fabrice Fontaine [Mon, 4 Jun 2018 20:59:48 +0000 (22:59 +0200)]
rabbitmq-c: bump to version 0.9.0

Add hash for license file

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
6 years agophp-amqp: bump to version 1.9.3
Fabrice Fontaine [Mon, 4 Jun 2018 20:57:51 +0000 (22:57 +0200)]
php-amqp: bump to version 1.9.3

Add hash for license file

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
6 years agolibsecret: bump to version 0.18.6
Fabrice Fontaine [Mon, 4 Jun 2018 20:57:06 +0000 (22:57 +0200)]
libsecret: bump to version 0.18.6

Add hash for license file

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
6 years agoboinc: bump to version 7.10.2
Fabrice Fontaine [Mon, 4 Jun 2018 20:56:31 +0000 (22:56 +0200)]
boinc: bump to version 7.10.2

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
6 years agonetplug: look for init script configurations in /etc/default/
Carlos Santos [Tue, 5 Jun 2018 02:11:56 +0000 (23:11 -0300)]
netplug: look for init script configurations in /etc/default/

We are working to make all sysvinit scripts conformant to a pattern and
/etc/default/ seems to be a good choice, since 34 packages already get
optional configurations from files at that directory.

netplug still installs an init script at /etc/rc.d/init.d/.  This will
be fixed in a future patch that will refactor the init scripts.

Signed-off-by: Carlos Santos <casantos@datacom.com.br>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
6 years agoaudit: do not remove file installed by netplug
Carlos Santos [Tue, 5 Jun 2018 02:08:42 +0000 (23:08 -0300)]
audit: do not remove file installed by netplug

The package recipe uses a post-install hook to remove useless files from
$(TARGET_DIR)/etc/rc.d/init.d and $(TARGET_DIR)/etc/sysconfig. This may
damage packages that install useful files on those directories (such as
netplug, which installs $(TARGET_DIR)/etc/rc.d/init.d/netplugd).

In the future[1] we will reorganize the init scripts and possibly get
rid of /etc/rc.d and /etc/sysconfig but for the moment let's restrict
the file removal to those installed by audit.

1. http://lists.busybox.net/pipermail/buildroot/2018-May/221549.html

Signed-off-by: Carlos Santos <casantos@datacom.com.br>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
6 years agolibgit2: fix build with LibreSSL 2.7
Nicolas Cavallari [Fri, 1 Jun 2018 15:42:00 +0000 (17:42 +0200)]
libgit2: fix build with LibreSSL 2.7

By using a patch from upstream's master branch.

Signed-off-by: Nicolas Cavallari <nicolas.cavallari@green-communications.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
6 years agolibgit2: bump version to 0.27.1
Nicolas Cavallari [Fri, 1 Jun 2018 15:41:59 +0000 (17:41 +0200)]
libgit2: bump version to 0.27.1

Fixes a security vulnerability similar to git's CVE-2018-11235

This release changes some configuration options, so tweak them
accordingly.

Signed-off-by: Nicolas Cavallari <nicolas.cavallari@green-communications.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
6 years agolibgit2: do not use a bundled zlib
Nicolas Cavallari [Fri, 1 Jun 2018 15:41:58 +0000 (17:41 +0200)]
libgit2: do not use a bundled zlib

libgit2 depends on zlib. If libgit2's build system does not find a
system zlib, then it compiles a bundled version of it, which is not
really great. So instead, add zlib as a mandatory dependency.

Signed-off-by: Nicolas Cavallari <nicolas.cavallari@green-communications.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
6 years agoconfigs/mx53loco: Bump to 4.17 kernel
Fabio Estevam [Mon, 4 Jun 2018 12:48:28 +0000 (09:48 -0300)]
configs/mx53loco: Bump to 4.17 kernel

Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
6 years agolinux: bump default to version 4.17
Fabio Estevam [Mon, 4 Jun 2018 12:48:27 +0000 (09:48 -0300)]
linux: bump default to version 4.17

Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
6 years agolinux-headers: bump to 4.17 kernel version
Fabio Estevam [Mon, 4 Jun 2018 12:48:26 +0000 (09:48 -0300)]
linux-headers: bump to 4.17 kernel version

Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
6 years agotoolchain: add 4.17.x choice for headers
Fabio Estevam [Mon, 4 Jun 2018 12:48:25 +0000 (09:48 -0300)]
toolchain: add 4.17.x choice for headers

Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
6 years agoshadowsocks-libev: new package
Min Xu [Mon, 4 Jun 2018 07:16:26 +0000 (00:16 -0700)]
shadowsocks-libev: new package

Shadowsocks-libev is a lightweight secured SOCKS5 proxy for
embedded devices and low-end boxes.

https://github.com/shadowsocks/shadowsocks-libev

Signed-off-by: Min Xu <xuminready@gmail.com>
[Thomas:
 - drop patch adding license file for libipset
 - drop --disable-documentation, it's passed by autotools-package
 - add entry in DEVELOPERS file
 - pass --disable-ssp because the SSP check uses AC_COMPILE_IFELSE()
   so with some toolchains, it think SSP support is available, while
   it's not. And anyway we want SSP to be controlled by Buildroot
   global options, not on a per-package basis.
 - add depends on BR2_USE_MMU, because the code uses fork().]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
6 years agodl-wrapper: Fix support for URIs containing '+'
Robert Beckett [Mon, 4 Jun 2018 13:32:30 +0000 (14:32 +0100)]
dl-wrapper: Fix support for URIs containing '+'

'+' is a valid character in a url. The current dl-wrapper gets the
URI scheme by dropping everything after the last '+' character, with
the intension of finding 'git' from e.g. 'git+https://uri'.

If a uri has a '+' anywhere in it, it ends up using too much of the
string as a scheme, and fails to match the handler properly.

An example of where this form of URI is used is when using deploy tokens
in gitlab. It uses a form like https://<username>:<password>@gitlab.com/<group>/<repo.git>
where username for deploy token is of the form 'gitlab+deploy-token-<number>'.

Use the %% operator to search backwards until the last '+' character when
dropping the rest of the string as we know that the first '+'
in the string should be the scheme.

Signed-off-by: Robert Beckett <bbeckett@netvu.org.uk>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
6 years agowireshark: security bump to version 2.2.15
Peter Korsgaard [Sun, 3 Jun 2018 21:31:00 +0000 (23:31 +0200)]
wireshark: security bump to version 2.2.15

Fixes the following security issues:

CVE-2018-11362: LDSS dissector crash
https://www.wireshark.org/security/wnpa-sec-2018-25.html

CVE-2018-11357: Multiple dissectors could consume excessive memory
https://www.wireshark.org/security/wnpa-sec-2018-28.html

CVE-2018-11356: DNS dissector crash
https://www.wireshark.org/security/wnpa-sec-2018-29.html

CVE-2018-11360: GSM A DTAP dissector crash
https://www.wireshark.org/security/wnpa-sec-2018-30.html

CVE-2018-11358: Q.931 dissector crash
https://www.wireshark.org/security/wnpa-sec-2018-31.html

CVE-2018-11359: Multiple dissectors could crash
https://www.wireshark.org/security/wnpa-sec-2018-33.html

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
6 years agoDEVELOPERS: add myself to some packages
Fabrice Fontaine [Sun, 3 Jun 2018 19:19:31 +0000 (21:19 +0200)]
DEVELOPERS: add myself to some packages

Add my entry to cairo, liboping, libpfm4, libraw, libraw1394, libroxml,
librsvg, librsync, mbedtls and oprofile

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
6 years agolibnss: fix build without int128
Fabrice Fontaine [Mon, 4 Jun 2018 17:09:26 +0000 (19:09 +0200)]
libnss: fix build without int128

Patch retrieved from upstream, more info here:
https://bugzilla.mozilla.org/show_bug.cgi?format=default&id=1459739

Fixes:
 - http://autobuild.buildroot.net/results/093113829d7ce19d578a920e76caa10822774139

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
6 years agophp-amqp: needs openssl support in rabbitmq-c
Fabrice Fontaine [Mon, 4 Jun 2018 17:03:29 +0000 (19:03 +0200)]
php-amqp: needs openssl support in rabbitmq-c

Since version 1.8.0, php-amqp needs a rabbitmq-c with openssl support:
https://github.com/pdezwart/php-amqp/issues/310

SSL support is disabled in rabbitmq-c if BR2_STATIC_LIBS is set however
don't add an unneeded !BR2_STATIC_LIBS dependency in Config.in as all
PHP External Extensions depends on !BR2_STATIC_LIBS
(see package/Config.in)

Fixes:
 - http://autobuild.buildroot.net/results/b7c89bbbd0ca1df08dd7cbfc90c7b45dcf1fad05

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
6 years agolibroxml: bump to version 3.0.1
Fabrice Fontaine [Wed, 30 May 2018 21:42:24 +0000 (23:42 +0200)]
libroxml: bump to version 3.0.1

Add hash for license file

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
6 years agolibraw1394: bump to version 2.1.2
Fabrice Fontaine [Wed, 30 May 2018 20:22:11 +0000 (22:22 +0200)]
libraw1394: bump to version 2.1.2

- Remove patches (already in version)
- Add hash for license file

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
6 years agolibraw: bump to version 0.18.11
Fabrice Fontaine [Wed, 30 May 2018 20:05:19 +0000 (22:05 +0200)]
libraw: bump to version 0.18.11

- Remove all patches (already in version)
- Since version 0.18 (2016-12-07), there is no
  'LibRaw Software License 27032010' licensing anymore (and all signed
  agreements have expired). LibRaw is now dual-licensed: LGPL 2.1 or
  CDDL 1.0
- Add hash for license files

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
6 years agosupport/docker: run apt-get update and apt-get install in two RUNs
Yann E. MORIN [Sun, 3 Jun 2018 09:08:18 +0000 (11:08 +0200)]
support/docker: run apt-get update and apt-get install in two RUNs

In commit 7517aef4d (support/docker: limit the number of layers),
we reduced the number of layers by coalescing multiple RUN commands
into less commands.

In doing so, we especially coalesced "apt-get update" with "apt-get
install".

However, the distribution we used is a pinned version of stretch, so
we know that running apt-get update will always yield the same apt
database.

If we split the two apt-get commands, then we can re-use any local
intermediate image when we need to update the list of packages to
install; this helps quite a bit when testing the docker files over
and over again, with just slight variants in the packages list.

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Cc: Peter Korsgaard <peter@korsgaard.com>
Reviewed-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
6 years agolibrtas: bump to version 2.0.1
Fabrice Fontaine [Sat, 2 Jun 2018 14:43:15 +0000 (16:43 +0200)]
librtas: bump to version 2.0.1

- Switch site to github
- Move to autotools infrastructure
- Remove patch (not needed anymore)
- Since version 1.4 (January 2016), license is now LGPL-2.1+
- Add hash for license file

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
6 years agoDEVELOPERS: update my e-mail address
Zoltan Gyarmati [Sat, 2 Jun 2018 21:11:13 +0000 (23:11 +0200)]
DEVELOPERS: update my e-mail address

Signed-off-by: Zoltan Gyarmati <zgyarmati@zgyarmati.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
6 years agozmqpp: depends on exception_ptr
Fabrice Fontaine [Sun, 3 Jun 2018 10:11:14 +0000 (12:11 +0200)]
zmqpp: depends on exception_ptr

Fixes:
 - http://autobuild.buildroot.net/results/20475346bfcb0cff019ad2e98a0e0ab432a6e5bf

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
6 years agopackage/mesa3d: update patents.txt file hash
Romain Naour [Sun, 3 Jun 2018 15:00:25 +0000 (17:00 +0200)]
package/mesa3d: update patents.txt file hash

Google patent url has been updated with 18.1 mesa3d release [1].

Fixes:
http://autobuild.buildroot.net/results/00f/00fd8fbc1e89a29b60ed9c6906035dbe4f0a3eb8

[1] https://cgit.freedesktop.org/mesa/mesa/commit/?id=ac731531a1e43e4fa3e10099380a3bba68d65bfd

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
6 years agocifs-utils: disable man page generation
Baruch Siach [Sun, 3 Jun 2018 17:28:24 +0000 (20:28 +0300)]
cifs-utils: disable man page generation

Buildroot does not generate documentation for target.

This fixes the build on hosts where the rst2man command does not support
the --syntax-highlight parameter.

Fixes:
http://autobuild.buildroot.net/results/265/2655c0e1fa3ad0a10b4aed39a17feead94e47bfb/
http://autobuild.buildroot.net/results/92d/92d7c608f717bbfe01ecfb9bc9604cb303d8594c/
http://autobuild.buildroot.net/results/4b9/4b95404a89a595ca9c1e3df912169e9d36ff2bd7/

Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
6 years agolibrtlsdr: fix static build
Fabrice Fontaine [Sun, 3 Jun 2018 14:17:51 +0000 (16:17 +0200)]
librtlsdr: fix static build

When bumping to version 0.5.4, first patch was wrongly removed.
Put back an enhanced version of this patch (sent upstream)

Fixes:
 - http://autobuild.buildroot.net/results/bea78bf580be6fe109b827b72af9587c5324daad

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
6 years agomonit: bump to version 5.25.2
Asaf Kahlon [Sat, 2 Jun 2018 18:16:59 +0000 (21:16 +0300)]
monit: bump to version 5.25.2

Bump the version and add hash for COPYING

Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
6 years agolxc: bump to version 3.0.1
Fabrice Fontaine [Sat, 2 Jun 2018 18:16:31 +0000 (20:16 +0200)]
lxc: bump to version 3.0.1

Remove both patches (already in version)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>