Asaf Kahlon [Tue, 11 Jun 2019 17:24:14 +0000 (20:24 +0300)]
package/python-lxml: bump to version 4.3.4
Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bernd Kuhls [Fri, 7 Jun 2019 19:09:35 +0000 (21:09 +0200)]
package/vlc: bump version to 3.0.7
Removed patch 0010, applied upstream.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Adam Duskett [Tue, 28 May 2019 19:48:11 +0000 (15:48 -0400)]
package/libglib2: bump to version 2.60.3
Changes include:
- Change the package type to meson, as autoconf is no longer supported.
- Add 0002-add-option-to-build-tests.patch
Upstream won't build tests when cross-compiling. However; this means still
building the tests during a host build. Building the tests causes build
failures on older distributions such as CentOS 6 and Debian 7 because of
the command `objcopy --add-symbol` is used when building the test
"test_resources2," which is not available with the older version of
objcopy provided by the distributions.
- Add 0003-remove-cpp-requirement.patch:
C++ is not needed when just compiling. The inclusion of C++ in meson.build
is to ensure libglib doesn't accidentally use C++ reserved keywords in
public headers. Because tests aren't being compiled, there is no need for
C++ as a requirement.
(https://gitlab.gnome.org/GNOME/glib/issues/1748)
- Add 0004-Add-Wno-format-nonliteral-to-compiler-arguments.patch:
This prevents a false error when compiling against older gcc versions.
(https://gitlab.gnome.org/GNOME/glib/issues/1744)
- Remove 0004-Do-not-hardcode-python-path-into-various-tools.patch:
The switch to meson makes this obsolete.
- Remove LIBGLIB2_AUTORECONF = YES from libglib2.mk:
Now that libglib2 is a meson package, there is no need for AUTORECONF.
- Remove LIBGLIB2_INSTALL_STAGING_OPTS from libglib2.mk:
Meson resolves these correctly.
- Add LIBGLIB2_REMOVE_BINDIR_PREFIX_FROM_PC_FILE in libglib2.mk:
Newer versions of libglib2 prefix glib-genmarshal, gobject-query, and
glib-mkenums with ${bindir}. Unfortunately, this will resolve to the host
systems /bin/ directory, which will cause compilation issues if the host
does not have these programs. By removing the ${bindir}/ prefix, these
programs are resolved in PATH instead.
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fabrice Fontaine [Mon, 10 Jun 2019 22:16:35 +0000 (00:16 +0200)]
package/mdadm: bump to version 4.1
Add hash for license file
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fabrice Fontaine [Mon, 10 Jun 2019 22:16:34 +0000 (00:16 +0200)]
package/mdadm: fix patch number
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Vadim Kochan [Mon, 10 Jun 2019 15:57:55 +0000 (18:57 +0300)]
package/git: bump to version 2.22.0
Remove patch with NLS fix because it is was added into latest version.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fabrice Fontaine [Mon, 10 Jun 2019 21:57:33 +0000 (23:57 +0200)]
package/poppler: needs wchar
Fixes:
- http://autobuild.buildroot.org/results/
2c8695b75c3241359e739d88726430cbfe47a5bd
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Jörg Krause [Mon, 10 Jun 2019 21:20:23 +0000 (23:20 +0200)]
package/gerbera: add upstream patch to fix find_program with taglib-config
Add an from from upstream to fix linking Gerbera with taglib. The patch
fixes the following issue:
When cross-compiling CMakes `find_program()` will search for binaries on the
host. This is typically correct, e.g. when search for compilers or shells.
When cross-compiling, searching for `taglib-config` using `find_program` should
not find the binary on the host, instead it should find the binary in the sysroot
directory, as the host `taglib-config` will output the wrong host paths
and libs, whereas the sysroot `taglib-config` will output the correct sysroot
paths and libs.
Therefore, use the `CMAKE_FIND_ROOT_PATH_MODE_PROGRAM` variable when
cross-compiling. This variable controls whether the `CMAKE_FIND_ROOT_PATH`
and `CMAKE_SYSROOT` are used by find_program().
Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Jörg Krause [Mon, 10 Jun 2019 21:20:22 +0000 (23:20 +0200)]
package/taglib: add upstream patch to fix taglib-config
The current taglib-config program does not work when cross-compiling as it only
returns paths to the host, which breaks building programs which link against
taglib.
For example gerbera uses `taglib-config` and it fails with:
```
[..]
-- Found TagLib: -L/usr/lib -ltag
[..]
arm-linux-gnueabihf-g++: ERROR: unsafe header/library path used in cross-compilation: '-L/usr/lib'
```
Before the patch the output of `taglib-config` is:
```
$ ./output/host/arm-buildroot-linux-gnueabihf/sysroot/usr/bin/taglib-config --libs
-L/usr/lib -ltag
```
Add a patch from upstream which fixes taglib-config.
After applying the fix, the pkg-config file is correct:
```
$ ./output/host/arm-buildroot-linux-gnueabihf/sysroot/usr/bin/taglib-config --libs
-L/home/joerg/Development/git/buildroot/output/host/arm-buildroot-linux-gnueabihf/sysroot/usr/lib -ltag
```
Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Pierre-Jean Texier [Mon, 10 Jun 2019 19:55:36 +0000 (21:55 +0200)]
package/swupdate: bump to version 2019.04
New features in this release:
- Improved documentation
- delta updates based on rdiff library
- support for libubootenv
- dry-run option
- CA certificates for signed images
- Fix security leak in parser
This commit also:
- introduce BR2_PACKAGE_LIBRSYNC for 'rdiff' Handler. No HAVE_* is
needed, it just declares the functions locally and links with
-lrsync.
- introduce BR2_PACKAGE_LIBUBOOTENV
- drop upstreamed patch
- backport upstream patches (important fix)
- regenerate the default swupdate.config. Now CONFIG_GUNZIP is always
enabled because gunzip is provided by the default busybox config.
Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io>
[Arnout: don't mention ZLIB in help text for libubootenv, since it is
select'ed by libubootenv.]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Joris Offouga [Mon, 10 Jun 2019 19:41:44 +0000 (21:41 +0200)]
configs/imx7dpico: Add Wifi support
imx7dpico has a BCM4339 Wifi chip. Add Wifi support by default
to allow a better customer experience.
Signed-off-by: Joris Offouga <offougajoris@gmail.com>
Reviewed-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Tested-by: Pierre-Jean Texier <pjtexier@koncepto.io>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Joris Offouga [Mon, 10 Jun 2019 19:41:43 +0000 (21:41 +0200)]
configs/imx7dpico: Bump Linux and U-Boot
Bump Linux to 5.1 and U-Boot to version 2019.01.
U-Boot patch is no longer needed, applied upstream.
U-Boot defconfig name for this board has changed to pico-pi-imx7d.
U-Boot now supports distrobootcmd for this board, so add the appropriate
extlinux.conf and use SPL+u-boot.img instead of u-boot.imx. Note that
the common freescale post-image script handles things appropriately
based on the selected options in .config.
dosfstools and mtools are no longer needed to build the image.
Signed-off-by: Joris Offouga <offougajoris@gmail.com>
Tested-by: Pierre-Jean Texier <pjtexier@koncepto.io>
[Arnout: remove BR2_PACKAGE_HOST_DOSFSTOOLS and BR2_PACKAGE_HOST_MTOOLS]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Joris Offouga [Mon, 10 Jun 2019 19:41:42 +0000 (21:41 +0200)]
boards/freescale/common: Introduce genimage.cfg.template_no_boot_part_spl
Modern U-Boot assumes a layout where the first partition is an ext2 and
the kernel and dtb can be found in /boot. In other words, a layout
without boot partition.
Add a genimage.cfg template for the freescale defconfigs with such a
layout.
For now, only the layout with SPL+u-boot.img is added. It's unlikely that
the u-boot.imx approach will be used.
Signed-off-by: Joris Offouga <offougajoris@gmail.com>
Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io>
Tested-by: Pierre-Jean Texier <pjtexier@koncepto.io>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fabrice Fontaine [Mon, 10 Jun 2019 18:21:59 +0000 (20:21 +0200)]
package/weston: drop unneeded first patch
Patch is not needed since
https://gitlab.freedesktop.org/wayland/weston/commit/
32838c93a509dbeda717e58279683c63a34a2e07
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Mirza Krak [Mon, 10 Jun 2019 15:40:07 +0000 (17:40 +0200)]
package/pkg-golang: do not set static linking for host target
The current logic will set the "-static" flag when building go
host packages if BR2_STATIC_LIBS is set, this will not work as
there is no support to link host packages statically.
Fix this by applying this logic only for target builds.
Signed-off-by: Mirza Krak <mirza.krak@northern.tech>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Julien Olivain [Mon, 10 Jun 2019 10:19:24 +0000 (12:19 +0200)]
configs/imx8mmpico: new defconfig
Signed-off-by: Julien Olivain <juju@cotds.org>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Julien Olivain [Mon, 10 Jun 2019 10:19:23 +0000 (12:19 +0200)]
board/freescale/common/imx: add support for i.MX8MM
For the boot image creation for the i.MX8MM, the main differences with
i.MX8M are that there is no HDMI firmware image passed, and the ATF
load address is different.
Signed-off-by: Julien Olivain <juju@cotds.org>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Julien Olivain [Mon, 10 Jun 2019 10:19:22 +0000 (12:19 +0200)]
package/imx-mkimage: add support for i.MX8MM
Signed-off-by: Julien Olivain <juju@cotds.org>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Julien Olivain [Mon, 10 Jun 2019 10:19:21 +0000 (12:19 +0200)]
package/freescale-imx/firmware-imx: add support for i.MX8MM
Signed-off-by: Julien Olivain <juju@cotds.org>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Julien Olivain [Mon, 10 Jun 2019 10:19:20 +0000 (12:19 +0200)]
package/freescale-imx: add option for i.MX8MM
The i.MX8MMini is slightly different from the i.MX8M. The main
difference of interrest here is that the i.MX8MMini has no HDMI
support. The firmware blobs must not include the HDMI signed firmware,
which is why we need this new configuration option.
Signed-off-by: Julien Olivain <juju@cotds.org>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fabrice Fontaine [Mon, 10 Jun 2019 12:09:26 +0000 (14:09 +0200)]
package/weston: fix build with headers < 4.4
weston includes input-event-codes.h since version 5.0.91 and
https://github.com/wayland-project/weston/commit/
6e229ca26381bc8191fd9af1e439c311da709aff
input-event-codes.h is available only since kernel 4.4 and
https://github.com/torvalds/linux/commit/
f902dd893427eade90f7eaf858e5ff8b150a5a12
To fix this build failure, replace include on linux/input-event-codes.h
by linux/input.h
Fixes:
- http://autobuild.buildroot.org/results/
210c2759900f15ea0030d088f6f45cd8bb199b29
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Jan Kundrát [Mon, 10 Jun 2019 13:37:12 +0000 (15:37 +0200)]
docs: use-case for un-ignoring VCS directories and overridden source dir
Signed-off-by: Jan Kundrát <jan.kundrat@cesnet.cz>
Suggested-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fixes: a27078d32d Allow overriding the VCS exclude list with *_OVERRIDE_SRCDIR_RSYNC_EXCLUSIONS
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fabrice Fontaine [Mon, 10 Jun 2019 13:14:53 +0000 (15:14 +0200)]
package/openjdk: set PATH before calling make
PATH must be set to $(BR_PATH) thanks to $(TARGET_MAKE_ENV) before
calling make otherwise build fails on:
/bin/bash: gawk: command not found
When build fails, config.log contains the following line:
configure:13709: checking for gawk
configure:13725: found /home/buildroot/autobuild/run/instance-3/output/host/bin/gawk
configure:13736: result: gawk
[...]
ac_cv_prog_AWK=gawk
Fixes:
- http://autobuild.buildroot.org/results/
43c5d08f599e8f44b59a576d243ae1c7b27de7a3
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Julien Olivain [Mon, 10 Jun 2019 10:31:18 +0000 (12:31 +0200)]
manual/contribute.txt: fix typo
Signed-off-by: Julien Olivain <juju@cotds.org>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fabrice Fontaine [Mon, 10 Jun 2019 09:51:46 +0000 (11:51 +0200)]
package/ncmpc: fix build without NLS
The build fails if libintl.h is found but xgettext is not available:
Has header "libintl.h" : YES
Library intl found: NO
po/meson.build:28:5: ERROR: Can not do gettext because xgettext is not installed.
This is because enable_nls defaults to true if libintl.h is found. Use
the nls option to enable/disable NLS explicitly, depending on
BR2_SYSTEM_ENABLE_NLS,
Also, fix the second patch to always look for libintl, even if NLS is
not enabled. The enable_nls option disables processing the po files, but
the gettext calls in the source are still there, so we need to link with
libintl anyway.
Fixes:
- http://autobuild.buildroot.org/results/
0ab0a42fd4c5c9fd5891f3b84287bd788f763ba4
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fabrice Fontaine [Mon, 10 Jun 2019 09:16:28 +0000 (11:16 +0200)]
package/openzwave: needs NPTL
openzwave needs pthread_setname_np
Fixes:
- http://autobuild.buildroot.org/results/
d50a79384eb346078fd83ad3a1ba8b8a04cc4d53
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fabrice Fontaine [Mon, 10 Jun 2019 09:03:28 +0000 (11:03 +0200)]
package/libgit2: security bump to version 0.27.8
Fixing the following list of issues (fixed in 0.27.6 and 0.27.5):
The function family git__strtol is used to parse integers
from a buffer. As the functions do not take a buffer length as
argument, they will scan either until the end of the current
number or until a NUL byte is encountered. Many callers have
been misusing the function and called it on potentially
non-NUL-terminated buffers, resulting in possible out-of-bounds
reads. Callers have been fixed to use git__strntol functions
instead and git__strtol functions were removed.
The function git__strntol64 relied on the undefined behavior
of signed integer overflows. While the code tried to detect
such overflows after they have happened, this is unspecified
behavior and may lead to weird behavior on uncommon platforms.
In the case where git__strntol32 was unable to parse an
integer because it doesn't fit into an int32_t, it printed an
error message containing the string that is currently being
parsed. The code didn't truncate the string though, which
caused it to print the complete string until a NUL byte is
encountered and not only the currently parsed number. In case
where the string was not NUL terminated, this could have lead
to an out-of-bounds read.
When parsing tags, all unknown fields that appear before the
tag message are skipped. This skipping is done by using a plain
strstr(buffer, "\n\n") to search for the two newlines that
separate tag fields from tag message. As it is not possible to
supply a buffer length to strstr, this call may skip over the
buffer's end and thus result in an out of bounds read. As
strstr may return a pointer that is out of bounds, the
following computation of buffer_end - buffer will overflow
and result in an allocation of an invalid length. Note that
when reading objects from the object database, we make sure to
always NUL terminate them, making the use of strstr safe.
When parsing the "encoding" field of a commit, we may perform
an out of bounds read due to using git__prefixcmp instead of
git__prefixncmp. This can result in the parsed commit object
containing uninitialized data in both its message encoding and
message fields. Note that when reading objects from the object
database, we make sure to always NUL terminate them, making the
use of strstr safe.
Submodule URLs and paths with a leading "-" are now ignored.
This is due to the recently discovered CVE-2018-17456, which
can lead to arbitrary code execution in upstream git. While
libgit2 itself is not vulnerable, it can be used to inject
options in an implementation which performs a recursive clone
by executing an external command.
When running repack while doing repo writes,
packfile_load__cb() could see some temporary files in the
directory that were bigger than the usual, and makes memcmp
overflow on the p->pack_name string. This issue was reported
and fixed by bisho.
The configuration file parser used unbounded recursion to parse
multiline variables, which could lead to a stack overflow. The
issue was reported by the oss-fuzz project, issue 10048 and
fixed by Nelson Elhage.
The fix to the unbounded recursion introduced a memory leak in
the config parser. While this leak was never in a public
release, the oss-fuzz project reported this as issue 10127. The
fix was implemented by Nelson Elhage and Patrick Steinhardt.
When parsing "ok" packets received via the smart protocol, our
parsing code did not correctly verify the bounds of the
packets, which could result in a heap-buffer overflow. The
issue was reported by the oss-fuzz project, issue 9749 and
fixed by Patrick Steinhardt.
The parsing code for the smart protocol has been tightened in
general, fixing heap-buffer overflows when parsing the packet
type as well as for "ACK" and "unpack" packets. The issue was
discovered and fixed by Patrick Steinhardt.
Fixed potential integer overflows on platforms with 16 bit
integers when parsing packets for the smart protocol. The issue
was discovered and fixed by Patrick Steinhardt.
Fixed potential NULL pointer dereference when parsing
configuration files which have "include.path" or
"includeIf..path" statements without a value.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fabrice Fontaine [Mon, 10 Jun 2019 08:56:56 +0000 (10:56 +0200)]
package/samba4: drop third patch
Drop third patch which is not upstreamable and set XSLTPROC to false
instead to disable documentation
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Francois Perrad [Mon, 10 Jun 2019 08:33:24 +0000 (10:33 +0200)]
package/perl-www-form-urlencoded: bump to version 0.26
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Francois Perrad [Mon, 10 Jun 2019 08:33:23 +0000 (10:33 +0200)]
package/perl-net-http: bump to version 6.19
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Francois Perrad [Mon, 10 Jun 2019 08:33:22 +0000 (10:33 +0200)]
package/perl-libwww-perl: bump to version 6.39
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Francois Perrad [Mon, 10 Jun 2019 08:33:21 +0000 (10:33 +0200)]
package/perl-date-manip: bump to version 6.77
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Francois Perrad [Mon, 10 Jun 2019 08:33:20 +0000 (10:33 +0200)]
package/perl-cookie-baker: bump to version 0.11
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Adam Duskett [Thu, 6 Jun 2019 15:52:15 +0000 (11:52 -0400)]
mender-grubenv: new package
Mender-grubenv contains the boot scripts and tools used by Mender to
integrate with the Grub2 bootloader.
The user must select the following Grub modules for this package:
loadenv, hashsum, echo, halt, gcry_sha256, and test.
Because this patch also includes a grub version of fw_printenv and fw_setenv,
package/mender/Config.in must be changed as well at the same time, because if
both uboot-tools and this package are selected, during startup, mender calls
the uboot-tools version of fw_printenv and fails to start.
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Tested-by: Mirza Krak <mirza.krak@northern.tech>
Acked-by: Mirza Krak <mirza.krak@northern.tech>
[Arnout:
- reorder depends clauses;
- add runtime tag to grub2 dependency
- remove wchar dependency from comment
- only error if BR_BUILDING
- use install instead of cp for a single file.]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Petr Vorel [Sun, 9 Jun 2019 23:07:02 +0000 (01:07 +0200)]
iputils: set the permissions with IPUTILS_PERMISSIONS
... for arping, clockdiff and ping. These require root permission for
socket(). Upstream solution (script setcap-setuid.sh) requires
setcap binary on the host and cap_net_raw+ep + libcap, or setting
setuid root executable (which is dangerous). Neither would work anyway
since we install as non-root user.
This restores behavior used for version s20180629. We used to setuid the
ping and traceroute6 programs. traceroute6 is no longer built since the
bump to s20190515, but now arping and clockdiff are built, and these
need setuid as well. So enable setuid on arping, clockdiff and ping.
Signed-off-by: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fabrice Fontaine [Sun, 9 Jun 2019 22:51:19 +0000 (00:51 +0200)]
package/collectd: add write_redis support
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fabrice Fontaine [Sun, 9 Jun 2019 22:51:18 +0000 (00:51 +0200)]
package/collectd: add redis support
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Jan Kundrát [Mon, 10 Jun 2019 09:27:16 +0000 (11:27 +0200)]
Allow overriding the VCS exclude list with *_OVERRIDE_SRCDIR_RSYNC_EXCLUSIONS
We have some internal packages which automatically bake a version string
from the git checkout, and we usually combine these with a
*_OVERRIDE_SRCDIR. I would like to let Buildroot *not* skip the .git
directory when picking up sources from the local checkout. It turns out
that the existing mechanism (*_OVERRIDE_SRCDIR_RSYNC_EXCLUSIONS) only
supports adding to the exclude list because `rsync` simply uses the
first match from the provided filtering rules.
Solve this by using the user-provided values first. If they match, then
`rsync` won't exclude stuff based on the generic VCS exclude patterns.
Signed-off-by: Jan Kundrát <jan.kundrat@cesnet.cz>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fabrice Fontaine [Sun, 9 Jun 2019 16:57:30 +0000 (18:57 +0200)]
package/collectd: add amqp support
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fabrice Fontaine [Sun, 9 Jun 2019 15:15:15 +0000 (17:15 +0200)]
package/samba4: drop unneeded second patch
This patch is not needed since version 4.9.0 and
https://github.com/samba-team/samba/commit/
859698d29b547217356851094ed8188236e717b6
which solved the issue by avoiding calling this function.
Also renumber the remaining patches.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fabrice Fontaine [Sun, 9 Jun 2019 21:52:41 +0000 (23:52 +0200)]
package/gpsd: fix isync build without nmea
Upstream suggested to move the definition of NMEA_DOLLAR out of the
ifdef.
Fixes:
- http://autobuild.buildroot.org/results/
7757ff82623eb5db8cbd9cdf69baf308fd0b0666
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Francois Perrad [Sun, 9 Jun 2019 14:37:33 +0000 (16:37 +0200)]
package/luarocks: fix test file creation on br-external
first, add the creation of the needed subdirectories
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Francois Perrad [Sun, 9 Jun 2019 14:37:19 +0000 (16:37 +0200)]
utils/scancpan: fix test file creation on br-external
first, add the creation of the needed subdirectories
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fabrice Fontaine [Sun, 9 Jun 2019 09:38:14 +0000 (11:38 +0200)]
package/iputils: fix build without setcap
Fixes:
- http://autobuild.buildroot.org/results/
711718ecf20d6cc28953e089a6e5516cfb4b9031
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fabrice Fontaine [Sun, 9 Jun 2019 09:38:13 +0000 (11:38 +0200)]
package/iputils: fix license
- Replace nfinfod/COPYING by LICENSE, Documentation/LICENSE.BSD3 and
Documentation/LICENSE.GPL2 which are available since version s20180629
and
https://github.com/iputils/iputils/commit/
686ee13130550aa4cb2937842504b2131f0934c6
- BSD-4-Clause has been removed since version s20180629 and
https://github.com/iputils/iputils/commit/
f69eeac80de413248fd3d7d4d4244af22a81e055
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fabrice Fontaine [Sun, 9 Jun 2019 09:38:12 +0000 (11:38 +0200)]
package/iputils: fix build with NLS
Fixes:
- http://autobuild.buildroot.org/results/
0a8a3efe734ac7fb3a68ba505277681857dc0a3d
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fabrice Fontaine [Sun, 9 Jun 2019 09:38:11 +0000 (11:38 +0200)]
package/iputils: fix IDN support
iputils depends on libidn2 since version s20180629 and
https://github.com/iputils/iputils/commit/
665fe4d30ff8b6649454ae25e4768b2f23605332
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fabrice Fontaine [Sat, 8 Jun 2019 22:12:10 +0000 (00:12 +0200)]
package/poppler: needs dynamic library
Fixes:
- http://autobuild.buildroot.org/results/
e409863724005a0c182476612187a322a16a7db8
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fabrice Fontaine [Sat, 8 Jun 2019 21:57:56 +0000 (23:57 +0200)]
package/libevent: fix build with openssl
Since bump to version 2.1.10 in commit
3c8e79db8375f83a8e6a1d58ade697447903b6b0, openssl detection is broken.
Add a patch to fix it otherwise libwebsock fails to build
Fixes:
- http://autobuild.buildroot.org/results/
be32afa364a6b387195cdb5166fb23e9610451a7
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Tested-by: Pierre-Jean Texier <pjtexier@koncepto.io>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Arnout Vandecappelle (Essensium/Mind) [Sat, 8 Jun 2019 23:44:24 +0000 (01:44 +0200)]
package/poppler: use THREAD_PTHREAD_ARG=OFF
As noted by Fabrice, all other packages that show CMake's FindThreads
issue fix it by setting THREAD_PTHREAD_ARG=OFF instead of setting
THREAD_HAVE_PTHREAD_ARG=ON. So, for consistency, do the same for
poppler.
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Sébastien Szymanski [Thu, 6 Jun 2019 13:02:46 +0000 (15:02 +0200)]
linux/linux-ext-xenomai: add check-package exclusion comment
check-package wrongly warns against LINUX_EXTRA_DOWNLOADS var:
linux/linux-ext-xenomai.mk:15: possible typo: LINUX_EXTRA_DOWNLOADS -> *XENOMAI*
34 lines processed
1 warnings generated
Add a TypoInPackageVariable exclusion comment to remove this warning.
Signed-off-by: Sébastien Szymanski <sebastien.szymanski@armadeus.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Atharva Lele [Fri, 7 Jun 2019 08:55:58 +0000 (14:25 +0530)]
utils/genrandconfing: randomly enable BR2_REPRODUCIBLE 10% of the times
Initial patch to start reproducibility testing.
Also enable tar filesystem to compare images since diffoscope works well
with tar.
Signed-off-by: Atharva Lele <itsatharva@gmail.com>
Reviewed-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
James Hilliard [Wed, 5 Jun 2019 05:51:25 +0000 (23:51 -0600)]
package/gstreamer1/gst1-plugins-bad: add wpe plugin option
Removed gst1-plugins-bad dependency from wpewebkit gstreamer-gl option
so that there isn't a circular dependency with gst1-plugins-bad.
It appears that wpewebkit gstreamer-gl only has a runtime dependency on
gst1-plugins-bad.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Reviewed-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fabrice Fontaine [Sat, 8 Jun 2019 19:39:29 +0000 (21:39 +0200)]
package/iputils: fix static build with gcrypt
Fixes:
- http://autobuild.buildroot.net/results/
fb698e3e903869978bd5e69d791ec362317b7981
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Acked-by: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fabrice Fontaine [Sat, 1 Jun 2019 14:34:56 +0000 (16:34 +0200)]
package/mpd: fix static build with tremor and vorbis
mpd can't be built statically with tremor and vorbis, build fails on:
block.c:(.text+0x11c): multiple definition of `vorbis_block_init'
/usr/lfs/v0/rc-buildroot-test/scripts/instance-2/output/host/bin/../sparc-buildroot-linux-uclibc/sysroot/usr/lib/libvorbisidec.a(block.o):block.c:(.text+0x0): first defined here
/usr/lfs/v0/rc-buildroot-test/scripts/instance-2/output/host/opt/ext-toolchain/bin/../lib/gcc/sparc-buildroot-linux-uclibc/7.4.0/../../../../sparc-buildroot-linux-uclibc/bin/ld: Disabling relaxation: it will not work with multiple definitions
/usr/lfs/v0/rc-buildroot-test/scripts/instance-2/output/host/bin/../sparc-buildroot-linux-uclibc/sysroot/usr/lib/libvorbis.a(block.o): In function `_vorbis_block_alloc':
Fix this by making both options mutually exclusive
It should be noted that upstream explicitly removed the possibility to
enable tremor and vorbis at the same time since version 0.21.6 and
https://github.com/MusicPlayerDaemon/MPD/commit/
c18cd941aaa4c16ac713bc4f1e16ada5281d689e
Since we only have 0.20.23, it is still possible to build them together,
but there is clearly no need to allow it.
Fixes:
- http://autobuild.buildroot.org/results/
60c721a82ffd668bebf02d80bca83780d6cdb2f2
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fabrice Fontaine [Sat, 1 Jun 2019 14:34:55 +0000 (16:34 +0200)]
package/mpd: drop tremor select
Drop tremor select added by commit
d428dddf680b067c13ba9a08bfd502c7286cffe7
Indeed, nowadays, mpd can be built successfully even if there is no
input plugin selected.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fabrice Fontaine [Sun, 2 Jun 2019 08:51:30 +0000 (10:51 +0200)]
package/opencv3: objdetect needs calib3d
objdetect needs calib3d since version 3.4.4 and
https://github.com/opencv/opencv/commit/
53ec8f286b7d475fa5a799023595bd4dc73e5c81
Fixes:
- http://autobuild.buildroot.org/results/
37d0a5ba57de4c52b6e0ec99aedaca71f3397fbb
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Arnout Vandecappelle (Essensium/Mind) [Sat, 8 Jun 2019 19:49:57 +0000 (21:49 +0200)]
package/poppler: add missing end-of-line backslash
Commit
c6bef18dab5d "bump version to 0.77.0" converted the
POPPLER_CONF_OPTS variable to one entry per line, but a backslash was
forgotten at the end of one of the lines. Thus, the last bit of the
configuration options weren't applied.
Fortunately, all of those were alread at their default value, so not
much was lost.
It does fix a check-package warning though:
package/poppler/poppler.mk:17: unexpected indent with tabs
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Mirza Krak [Mon, 3 Jun 2019 09:21:01 +0000 (11:21 +0200)]
package/pkg-golang: add cflags/ldflags to GO_HOST_ENV
If a go host package is built using cgo, it needs access
to HOST_CFLAGS/HOST_LDFLAGS to utilize host packages it
might depend on.
Signed-off-by: Mirza Krak <mirza.krak@northern.tech>
Acked-by: Adam Duskett <aduskett@gmail.com>
Tested-by: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fabrice Fontaine [Sun, 2 Jun 2019 19:19:22 +0000 (21:19 +0200)]
package/poppler: fix build with cmake < 3.10
poppler requires threads, and our compiler always accepts the -pthread
argument, so THREADS_HAVE_PTHREAD_ARG can safely be set to ON.
Fixes:
- http://autobuild.buildroot.org/results/
f9e24d38d3aa4519615c5a0ae7f62af610df976f
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[Arnout: set THREADS_HAVE_PTHREAD_ARG instead of THREADS_PTHREAD_ARG,
and set it to ON instead of OFF because we always have threads.]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fabrice Fontaine [Sun, 2 Jun 2019 16:43:23 +0000 (18:43 +0200)]
package/openzwave: needs dynamic library
openzwave always builds and installs a dynamic library, so add a
dependency to !BR2_STATIC_LIBS. domoticz is the only package that uses
openzwave and it already depends on !BR2_STATIC_LIBS.
This behavior has not changed from 1.5 to 1.6 even if there is only a
build failure with 1.6.
Fixes:
- http://autobuild.buildroot.org/results/
f6c8c4072b2cd5b6e9aa548f41ab000e152f1add
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fabrice Fontaine [Sun, 2 Jun 2019 16:25:57 +0000 (18:25 +0200)]
package/grpc: fix build with uclibc on x86_64
On x86_64 if GPR_MUSL_LIBC_COMPAT is not set, grpc tries to link with
memcpy@GLIBC_2.2.5, see:
https://github.com/grpc/grpc/blob/
618a3f561d4a93f263cca23abad086ed8f4d5e86/src/core/lib/gpr/wrap_memcpy.cc
Add a new GPR_DISABLE_WRAPPED_MEMCPY to disable wrapped memory without
changing CPU behavior
Fixes:
- http://autobuild.buildroot.org/results/
20d6f2489a4e291a53bd514da66105eb607e1014
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fabrice Fontaine [Mon, 3 Jun 2019 19:51:07 +0000 (21:51 +0200)]
package/libva: fix build with gcc < 5
Fixes:
- http://autobuild.buildroot.org/results/
96fe1667190e1e08d672984f147ec8e8f5e2f4f1
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Tested-by: Ivan Bagarolo <ivan.bagarolo@micronovasrl.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Adam Duskett [Wed, 29 May 2019 03:56:47 +0000 (23:56 -0400)]
package/gstreamer1/gst1-plugins-bad: bluez-plugin depends on bluez5_utils
autotools doesn't throw an error if bluez_utils is found and is older than
version 5. It just doesn't build the plugin. As such, select bluez5_utils
instead. This was found with the meson conversion, because meson does
throw an error.
All dependencies of bluez5_utils are added, though some of them are
already implicit by gstreamer1 itself. This simplifies things if the
dependencies change in the future (suggested by Thomas).
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
[Arnout: add bluez5_utils comment to dependencies, extend commit log]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Pierre-Jean Texier [Tue, 4 Jun 2019 12:34:46 +0000 (14:34 +0200)]
package/libubootenv: fix build with 'nothread' toolchain
<pthread.h> include doesn't seem to be necessary inside the library.
So, drop the header completely.
Fixes:
- http://autobuild.buildroot.org/results/
813e8951530c093f46b38bf8c3b467ab6535c95b
Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Nicolas Serafini [Wed, 5 Jun 2019 13:51:06 +0000 (13:51 +0000)]
package/exiv2: cleanup options and licenses
exiv2 no longer requires a non commercial option for lens database
integration since version 0.27. See [1] and [2]
The BR2_PACKAGE_EXIV2_LENSDATA option is maintained because the
src/nikonmn_int.cpp file always specifies that the Nikon lens name
database is free to use in non-commercial, GPL or open source software
only.
Legacy handling for the removed option COMMERCIAL is not needed, since
now it's always enabled.
Add the dedicated BSD-3-Clause license file for CMakeLists.txt,
config/FindEXPAT.cmake and config/FindMSGFMT.cmake files.
[1] https://github.com/Exiv2/exiv2/commit/
07f63003b7f50dd7d8719585ba54623e0f60c3c4
[2] https://github.com/Exiv2/exiv2/commit/
085d8a309aafb8ed5a72cad027a1a0ea974938d9
Signed-off-by: Nicolas Serafini <nicolas.serafini@sensefly.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Esben Haabendal [Fri, 7 Jun 2019 12:53:12 +0000 (14:53 +0200)]
arch: Fix typo breaking use of core-avx2 arch
Signed-off-by: Esben Haabendal <esben@geanix.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Asaf Kahlon [Sat, 8 Jun 2019 06:13:15 +0000 (09:13 +0300)]
package/uftp: bump to version 4.9.11
Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Pierre-Jean Texier [Fri, 7 Jun 2019 17:34:08 +0000 (19:34 +0200)]
package/libevent: bump to version 2.1.10
See: https://github.com/libevent/libevent/releases/tag/release-2.1.10-stable
Also fix check-package warning.
Fixes:
$. ./utils/check-package package/libevent/* -v
package/libevent/0001-Disable-building-test-programs.patch:4: generate your patches with 'git format-patch -N'
Subject: [PATCH 1/2] Disable building test programs
76 lines processed
1 warnings generated
Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Francois Perrad [Fri, 7 Jun 2019 17:13:14 +0000 (19:13 +0200)]
package/luarocks: bump to version 3.1.3
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Peter Korsgaard [Fri, 7 Jun 2019 08:38:42 +0000 (10:38 +0200)]
docs/website: update for 2019.02.3
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Peter Korsgaard [Fri, 7 Jun 2019 07:36:49 +0000 (09:36 +0200)]
Update for 2019.02.3
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
[Peter: drop Makefile changes]
(cherry picked from commit
3e8b918b871f484b3ef57832aa41982e368d74c2)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Romain Naour [Wed, 5 Jun 2019 12:40:16 +0000 (14:40 +0200)]
package/gdb: remove gdb 8.0.x
8.3 is around and 8.2 is the default version, so drop
8.0. Keep 7.12 which is the latest version that doesn't
requires C++11 support.
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Romain Naour [Wed, 5 Jun 2019 12:40:15 +0000 (14:40 +0200)]
package/gdb: switch to 8.2 as the default version
8.3 is around, 8.2 has already seen a point release, so it's time to
make 8.2 the default version for gdb.
Signed-off-by: Romain Naour <romain.naour@gmail.com>
[Peter: also update BR2_GDB_VERSION logic]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Romain Naour [Wed, 5 Jun 2019 12:40:14 +0000 (14:40 +0200)]
package/gdb: bump to version 8.3
Rebase local patches.
See:
https://lists.gnu.org/archive/html/info-gnu/2019-05/msg00007.html
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Pierre-Jean Texier [Thu, 6 Jun 2019 20:24:26 +0000 (22:24 +0200)]
package/nanomsg: fix legal-info failure
After version bump, the sha256 has been updated
while the COPYING file remains unchanged.
Fixes:
- http://autobuild.buildroot.net/results/
ec1cb0216ebedc5c7bd2c8719460db28b666a24f/
Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Romain Naour [Thu, 6 Jun 2019 20:19:37 +0000 (22:19 +0200)]
package/python-numpy: bump to version 1.16.4
See:
https://github.com/numpy/numpy/releases/tag/v1.16.4
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Asaf Kahlon <asafka7@gmail.com>
Cc: Samuel Martin <s.martin49@gmail.com>
Cc: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Bartosz Golaszewski [Thu, 6 Jun 2019 14:40:59 +0000 (16:40 +0200)]
libgpiod: bump version to v1.4
This release mostly affects the testing framework but also contains fixes
for C++ bindings.
Signed-off-by: Bartosz Golaszewski <bgolaszewski@baylibre.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Bernd Kuhls [Thu, 6 Jun 2019 05:31:45 +0000 (07:31 +0200)]
package/{mesa3d, mesa3d-headers}: bump version to 19.0.6
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Peter Korsgaard [Wed, 5 Jun 2019 17:23:07 +0000 (19:23 +0200)]
package/python-django: security bump to version 2.1.9
Fixes the following security issues:
CVE-2019-12308: AdminURLFieldWidget XSS¶
The clickable "Current URL" link generated by AdminURLFieldWidget displayed
the provided value without validating it as a safe URL. Thus, an
unvalidated value stored in the database, or a value provided as a URL query
parameter payload, could result in an clickable JavaScript link.
AdminURLFieldWidget now validates the provided value using URLValidator
before displaying the clickable link. You may customize the validator by
passing a validator_class kwarg to AdminURLFieldWidget.__init__(), e.g.
when using formfield_overrides.
Patched bundled jQuery for CVE-2019-11358: Prototype pollution¶
jQuery before 3.4.0, mishandles jQuery.extend(true, {}, ...) because of
Object.prototype pollution. If an unsanitized source object contained an
enumerable __proto__ property, it could extend the native Object.prototype.
The bundled version of jQuery used by the Django admin has been patched to
allow for the select2 library’s use of jQuery.extend().
For more details, see the release notes:
https://docs.djangoproject.com/en/dev/releases/2.1.9/
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Peter Korsgaard [Wed, 5 Jun 2019 16:28:05 +0000 (18:28 +0200)]
package/exim: add upstream security fix for CVE-2019-10149
A flaw was found in Exim versions 4.87 to 4.91 (inclusive). Improper
validation of recipient address in deliver_message() function in
src/deliver.c may lead to remote command execution.
For more details, see the advisory:
https://www.exim.org/static/doc/security/CVE-2019-10149.txt
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Peter Korsgaard [Wed, 5 Jun 2019 07:45:43 +0000 (09:45 +0200)]
package/libcurl: bump version to 7.65.1
Fixes a number of bugs discovered after the 7.65.0 release.
https://daniel.haxx.se/blog/2019/06/05/7-65-1-patched-up-and-ready-to-go/
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Einar Jon Gunnarsson [Wed, 5 Jun 2019 19:56:58 +0000 (21:56 +0200)]
package/autossh: bump version to 1.4g
Version 1.4g most notably addresses a bug that could see an alarm signal
occur without a handler, causing autossh to exit inappropriately.
Signed-off-by: Einar Jon Gunnarsson <tolvupostur@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Jörg Krause [Tue, 4 Jun 2019 14:25:27 +0000 (16:25 +0200)]
package/luv: update hash
Upstream removed (using git force-push) and recreated version 1.29.1-1
and re-uploaded the source tarball. Therefore, the hash has changed and
needs to be updated.
See:
https://github.com/luvit/luv/issues/330
Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Brett Gyarfas [Mon, 3 Jun 2019 21:44:36 +0000 (14:44 -0700)]
package/nanomsg: bump version to 1.1.5
Signed-off-by: Brett Gyarfas <brett.gyarfas@ontera.bio>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Peter Korsgaard [Mon, 3 Jun 2019 06:10:21 +0000 (08:10 +0200)]
{linux, linux-headers}: bump 4.{9, 14, 19}.x / 5.{0, 1}.x series
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Markus Mayer [Mon, 3 Jun 2019 04:29:49 +0000 (21:29 -0700)]
package/busybox: add dependency on dosfstools
dosfstools and busybox may each install mkfs.vfat, so dosfstools must
be installed before busybox.
Signed-off-by: Markus Mayer <mmayer@broadcom.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Francois Perrad [Mon, 3 Jun 2019 02:42:18 +0000 (04:42 +0200)]
DEVELOPERS: Drop support for some packages from Francois Perrad
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Peter Korsgaard [Sun, 2 Jun 2019 20:11:20 +0000 (22:11 +0200)]
Merge branch 'next'
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Peter Korsgaard [Sun, 2 Jun 2019 08:17:27 +0000 (10:17 +0200)]
Kickoff 2019.08 cycle
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Peter Korsgaard [Sun, 2 Jun 2019 08:16:25 +0000 (10:16 +0200)]
docs/website/news.html: add 2019.05 announcement link
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Peter Korsgaard [Sun, 2 Jun 2019 08:01:07 +0000 (10:01 +0200)]
Update for 2019.05
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Sat, 1 Jun 2019 21:11:03 +0000 (23:11 +0200)]
package/mender-artifact: needs host-xz
host-xz (for lzma) is needed since version 3.0.0 and
https://github.com/mendersoftware/mender-artifact/commit/
8f1b79b03fded3a923d948878905ac5fefe59893
Fixes:
- http://autobuild.buildroot.org/results/
c7cecf8946e9d4b4ae118b5f7597638c70decd3f
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Sat, 1 Jun 2019 16:06:20 +0000 (18:06 +0200)]
package/openjdk: needs host-gawk
Fixes:
- http://autobuild.buildroot.org/results/
bb1bb1cf8b58bf28039186866ed01521114acb72
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Olivier Schonken [Fri, 5 Oct 2018 13:31:41 +0000 (15:31 +0200)]
package/poppler: bump version to 0.77.0
For the version bump, the makefile had to be rewritten for CMake, as
the project moved from autotools to CMake.
Signed-off-by: Olivier Schonken <olivier.schonken@gmail.com>
[Thomas:
- update again to the lastest poppler version, 0.77.0
- drop license related changes, since the licensing terms haven't
changed, and they are not completely clear
- keep the openjpeg, jpeg and lcms2 dependencies optionals
- explicitly enable/disable more dependencies
- bump gcc version dependency to gcc 5.x, and update the Config.in
comment accordingly
- don't introduce many sub-options, simply rely on the availability
of dependencies, or on BR2_SOFT_FLOAT
- drop libx11/libxext dependencies, no longer used]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Thomas Petazzoni [Sat, 1 Jun 2019 20:16:07 +0000 (22:16 +0200)]
package/cups-filters: bump to version 1.23.0
This bump is necessary to be compatible with poppler 0.77.0.
Patch 0002-Poppler-removed-memCheck-and-gMemReport-functions.patch is
removed, because it was merged upstream in commit
6b0747c1630dd973acd138f927dbded4ea45e360.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Sat, 1 Jun 2019 12:54:52 +0000 (14:54 +0200)]
package/oprofile: bump to version 1.3.0
Remove second patch (already in version)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Jörg Krause [Sat, 1 Jun 2019 10:59:19 +0000 (12:59 +0200)]
package/speexdsp: bump to version 1.2.0
Drop patch 0001 which is included in the new release.
Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Sat, 1 Jun 2019 10:53:51 +0000 (12:53 +0200)]
package/network-manager: drop unrecognized --without-docs
--without-docs was not recognized since at least version 1.8.4, see:
http://autobuild.buildroot.org/results/
e1464adf0069952ef0561a0a9b501d26bd409c4a
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Sat, 1 Jun 2019 10:53:50 +0000 (12:53 +0200)]
package/network-manager: drop --disable-ifnet
ifnet has been drop since version 1.12.0 and
https://github.com/NetworkManager/NetworkManager/commit/
0474441e2258eeecb356e2aa3cde5c7328828646
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>