buildroot.git
3 years agoutils/scanpypi: remove python2 compatibility imports
Petr Vorel [Tue, 21 Sep 2021 21:04:38 +0000 (23:04 +0200)]
utils/scanpypi: remove python2 compatibility imports

ee8b680816 ("utils/scanpypi: use python3 explicitly") started to use python3,
thus compatibility can be removed:

from __future__ import print_function
from __future__ import absolute_import

Tested with python3 -m py_compile.

Signed-off-by: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agosupport: utils: use python3 explicitly
Petr Vorel [Tue, 21 Sep 2021 21:04:37 +0000 (23:04 +0200)]
support: utils: use python3 explicitly

Python 2 is EOL sice 2020 [1], it's still available on distros, but may not
be installed by default (as being replaced by python3).

Thus remove compatibility imports:
from __future__ import print_function
from __future__ import absolute_import

Tested with python3 -m py_compile.

[1] https://www.python.org/doc/sunset-python-2/

Signed-off-by: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agopackage/libsndfile: add security patch for CVE-2021-3246
Peter Korsgaard [Wed, 22 Sep 2021 11:31:09 +0000 (13:31 +0200)]
package/libsndfile: add security patch for CVE-2021-3246

A heap buffer overflow vulnerability in msadpcm_decode_block of libsndfile
1.0.30 allows attackers to execute arbitrary code via a crafted WAV file.

https://nvd.nist.gov/vuln/detail/CVE-2021-3246

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agopackage/libcurl: security bump to version 7.79.1
Peter Korsgaard [Wed, 22 Sep 2021 08:53:06 +0000 (10:53 +0200)]
package/libcurl: security bump to version 7.79.1

Fixes the following security issues:

- CVE-2021-22945: UAF and double-free in MQTT sending
  When sending data to an MQTT server, libcurl could in some circumstances
  erroneously keep a pointer to an already freed memory area and both use
  that again in a subsequent call to send data and also free it again.

  https://curl.se/docs/CVE-2021-22945.html

- CVE-2021-22946: Protocol downgrade required TLS bypassed
  A user can tell curl to require a successful upgrade to TLS when speaking
  to an IMAP, POP3 or FTP server (--ssl-reqd on the command line or
  CURLOPT_USE_SSL set to CURLUSESSL_CONTROL or CURLUSESSL_ALL with libcurl).
  This requirement could be bypassed if the server would return a properly
  crafted but perfectly legitimate response.

  This flaw would then make curl silently continue its operations without
  TLS contrary to the instructions and expectations, exposing possibly
  sensitive data in clear text over the network.

  https://curl.se/docs/CVE-2021-22946.html

- CVE-2021-22947: STARTTLS protocol injection via MITM
  When curl connects to an IMAP, POP3, SMTP or FTP server to exchange data
  securely using STARTTLS to upgrade the connection to TLS level, the server
  can still respond and send back multiple responses before the TLS upgrade.
  Such multiple "pipelined" responses are cached by curl.  curl would then
  upgrade to TLS but not flush the in-queue of cached responses and instead
  use and trust the responses it got before the TLS handshake as if they
  were authenticated.

  Using this flaw, it allows a Man-In-The-Middle attacker to first inject
  the fake responses, then pass-through the TLS traffic from the legitimate
  server and trick curl into sending data back to the user thinking the
  attacker's injected data comes from the TLS-protected server.

  Over POP3 and IMAP an attacker can inject fake response data.

  https://curl.se/docs/CVE-2021-22947.html

In addition, 7.79.1 fixes a number of regressions in 7.79.0:
https://daniel.haxx.se/blog/2021/09/22/curl-7-79-1-patched-up-and-ready/

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agopackage/ghostscript: add upstream security patch for CVE-2021-3781
Peter Korsgaard [Tue, 21 Sep 2021 19:16:50 +0000 (21:16 +0200)]
package/ghostscript: add upstream security patch for CVE-2021-3781

The file access protection built into Ghostscript proved insufficient for
the "%pipe%" PostScript device, when combined with Ghostscript's requirement
to be able to create and control temporary files in the conventional
temporary file directories (for example, "/tmp" or "/temp).  This exploit is
restricted to Unix-like systems (i.e., it doesn't affect Windows).  The most
severe claimed results are only feasible if the exploit is run as a "high
privilege" user (root/superuser level) \u2013 a practice we would discourage
under any circumstances.

For more details, see the advisory:
https://ghostscript.com/CVE-2021-3781.html

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agopackage/lynx: add security patch for CVE-2021-38165
Peter Korsgaard [Tue, 21 Sep 2021 09:32:49 +0000 (11:32 +0200)]
package/lynx: add security patch for CVE-2021-38165

Lynx through 2.8.9 mishandles the userinfo subcomponent of a URI, which
allows remote attackers to discover cleartext credentials because they may
appear in SNI data.

https://lists.nongnu.org/archive/html/lynx-dev/2021-08/msg00002.html

Upstream unfortunately does not provide a public VCS (only source
snapshots), so fetch the security patch from Debian.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agopackage/xen: security bump to version 4.14.3
Peter Korsgaard [Mon, 20 Sep 2021 22:02:34 +0000 (00:02 +0200)]
package/xen: security bump to version 4.14.3

Includes a number of bugfixes and the security fixes up to xsa-384:
https://xenproject.org/downloads/xen-project-archives/xen-project-4-14-series/xen-project-4-14-3/

Drop the now upstream
0002-libs-foreignmemory-Fix-osdep_xenforeignmemory_map-prototype.patch, and
renumber the remaining patches.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agopackage/webkitgtk: security bump to version 2.32.4
Adrian Perez de Castro [Mon, 20 Sep 2021 18:43:41 +0000 (21:43 +0300)]
package/webkitgtk: security bump to version 2.32.4

This is a minor release which provides fixes for CVE-2021-30858 and
a number of other potential security issues without an associated CVE.
Patch "0001-Add-ldp-and-stp-support-for-FP-registers-plus-some-b.patch"
is deleted as it has been included in this release.

Full release notes can be found at:

  https://webkitgtk.org/2021/09/17/webkitgtk2.32.4-released.html

An accompanying security advisory has been published at:

  https://webkitgtk.org/security/WSA-2021-0005.html

Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agopackage/wpewebkit: security bump to version 2.32.4
Adrian Perez de Castro [Mon, 20 Sep 2021 12:46:32 +0000 (15:46 +0300)]
package/wpewebkit: security bump to version 2.32.4

This is a minor release which provides fixes for CVE-2021-30858 and
a number of other potential security issues without an associated CVE.
Patch "0001-Add-ldp-and-stp-support-for-FP-registers-plus-some-b.patch"
is deleted as it has been included in this release.

Full release notes can be found at:

  https://wpewebkit.org/release/wpewebkit-2.32.4.html

An accompanying security advisory has been published at:

  https://wpewebkit.org/security/WSA-2021-0005.html

Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agopackage/python-pip: security bump to version 21.2.4
Fabrice Fontaine [Sun, 19 Sep 2021 19:37:11 +0000 (21:37 +0200)]
package/python-pip: security bump to version 21.2.4

- SECURITY: Stop splitting on unicode separators in git references,
  which could be maliciously used to install a different revision on the
  repository. (#9827)
- Update hash of LICENSE.txt (update in year)
- Update indentation in hash file (two spaces)

https://pip.pypa.io/en/stable/news/#v21-2-4

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agopackage/{python-}protobuf: bump to version 3.18.0
James Hilliard [Wed, 22 Sep 2021 08:03:47 +0000 (02:03 -0600)]
package/{python-}protobuf: bump to version 3.18.0

python-protobuf no longer supports python2, so depend on
BR2_PACKAGE_PYTHON3. Reverse dependencies already depend on
python3.

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Reviewed-by: Michael Nosthoff <buildroot@heine.tech>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agopackage/iwd: fix build with uclibc-ng
Fabrice Fontaine [Mon, 20 Sep 2021 16:30:31 +0000 (18:30 +0200)]
package/iwd: fix build with uclibc-ng

Fix the following build failure with uclibc-ng raised since bump to
version 1.17 in commit 9badccc9d4887aa2365d7350e3b26bd4250dad48:

/home/giuliobenetti/autobuild/run/instance-3/output-1/host/lib/gcc/xtensa-buildroot-linux-uclibc/10.3.0/../../../../xtensa-buildroot-linux-uclibc/bin/ld: src/sae.o: in function `sae_rx_authenticate':
sae.c:(.text+0xd74): undefined reference to `reallocarray'

Fixes:
 - http://autobuild.buildroot.org/results/c6d3f86282c44645b4f1c61882dc63ccfc8eb35a

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Reviewed-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agotoolchain/helpers.mk: gdbinit: set auto-load-safe-path before sysroot
Thomas De Schampheleire [Mon, 13 Sep 2021 07:29:42 +0000 (09:29 +0200)]
toolchain/helpers.mk: gdbinit: set auto-load-safe-path before sysroot

The gdbinit supplied by Buildroot does two things:
A. specify the sysroot where gdb can find shared libraries
B. mark the sysroot as a 'safe path' for its auto-load feature, to make sure
  that pretty printers for libstdc++.so are added automatically (see commit
  6fb3216a80c64c08375429d89497eaeec5622150)

When debugging a core file, and the gdbinit file is specified via '-x'
rather than '-ix', then the order of these settings matters: If you first
set the sysroot, then gdb will immediately start finding the shared
libraries it needs for the core file, detect libstdc++ and its associated
libstdc++-gdb.py file, then give a big warning about safe paths:

  warning: File ".../i686-buildroot-linux-gnu/sysroot/lib/libstdc++.so.6.0.24-gdb.py"
          auto-loading has been declined by your `auto-load safe-path' set
          to "$debugdir:$datadir/auto-load".
  To enable execution of this file add
          add-auto-load-safe-path .../i686-buildroot-linux-gnu/sysroot/lib/libstdc++.so.6.0.24-gdb.py
  line to your configuration file "/home/me/.gdbinit".
  To completely disable this security protection add
          set auto-load safe-path /
  line to your configuration file "/home/me/.gdbinit".
  For more information about this security protection see the
  "Auto-loading safe path" section in the GDB manual.  E.g., run from the shell:
          info "(gdb)Auto-loading safe path"

and the pretty printing code is not loaded. This is because the second
line from the gdbinit file was not yet parsed at this point.

By changing the order (first configuring the safe path, then setting the
sysroot), this issue does not appear and everything is as expected.

Note that when '-ix' were used instead of '-x' to pass the gdbinit file to
gdb, then the order would not matter, because the entire gdbinit file would
be parsed before considering the core file.
However, even though the Buildroot manual now suggests '-ix', users may not
have noticed this change and continue to use '-x'.

Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agodocs/manual/using-buildroot-debugger: suggest '-ix' iso '-x' when loading gdbinit
Thomas De Schampheleire [Mon, 13 Sep 2021 07:29:41 +0000 (09:29 +0200)]
docs/manual/using-buildroot-debugger: suggest '-ix' iso '-x' when loading gdbinit

A gdbinit file passed via '-x' will be read _after_ parsing any
object/core file passed on the command-line. In cross-compilation context,
this is particularly a problem when loading a core file, because without the
'sysroot' specified in the gdbinit file, it will give a lot of warnings,
like:

    warning: .dynamic section for "/lib/libstdc++.so.6" is not at the expected address (wrong library or version mismatch?)
    warning: .dynamic section for "/lib/librt.so.1" is not at the expected address (wrong library or version mismatch?)
    warning: .dynamic section for "/lib/libm.so.6" is not at the expected address (wrong library or version mismatch?)
    warning: .dynamic section for "/lib/libgcc_s.so.1" is not at the expected address (wrong library or version mismatch?)
    warning: .dynamic section for "/lib/libc.so.6" is not at the expected address (wrong library or version mismatch?)
    warning: .dynamic section for "/lib/ld-linux.so.2" is not at the expected address (wrong library or version mismatch?)
    warning: .dynamic section for "/lib/libanl.so.1" is not at the expected address (wrong library or version mismatch?)
    warning: .dynamic section for "/lib/libdl.so.2" is not at the expected address (wrong library or version mismatch?)
    warning: .dynamic section for "/lib/libpthread.so.0" is not at the expected address (wrong library or version mismatch?)
    warning: .dynamic section for "/usr/lib/libz.so.1" is not at the expected address (wrong library or version mismatch?)
    warning: .dynamic section for "/lib/libnss_files.so.2" is not at the expected address (wrong library or version mismatch?)

    warning: Could not load shared library symbols for 17 libraries, e.g. [...]
    Use the "info sharedlibrary" command to see the complete listing.
    Do you need "set solib-search-path" or "set sysroot"?

In contrast, the '-ix' option will load the specified gdbinit file _before_
parsing object/core files. This will remove said warnings.

See also: https://sourceware.org/bugzilla/show_bug.cgi?id=28330

Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agopackage/wireplumber: new package
James Hilliard [Sun, 12 Sep 2021 22:04:57 +0000 (16:04 -0600)]
package/wireplumber: new package

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agopackage/pipewire: add option to enable media-session support
James Hilliard [Sun, 12 Sep 2021 20:47:41 +0000 (14:47 -0600)]
package/pipewire: add option to enable media-session support

The example media-session pipewire session manager requires
pipewire to be built with examples enabled, add support for
enabling this while depending on examples being enabled.

To simplify adding support for additional session managers in
the future such as wireplumber we pass a comma separated list
to the -Dsession-managers meson config option. This also will
ensure that systemd services that depend on media-session are
only installed if media-session support is enabled.

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agosupport/testing: switch to prebuilt toolchain, core2duo to Nehalem
Romain Naour [Sun, 12 Sep 2021 14:11:34 +0000 (16:11 +0200)]
support/testing: switch to prebuilt toolchain, core2duo to Nehalem

To avoid spending some time to build the x86_64 toolchain (~20min),
switch to corei7 cpu (Nahalem) and use the prebuilt Bootlin toolchain.

We have to use the "stable" Bootlin toolchain to use the same kernel version
for the toolchain kernel headers and the running kernel.

With the "bleeding-edge" toolchain we have the "kernel too old" issue
(running kernel 4.19 vs kernel headers 5.4)

Runtime tested locally.

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agosupport/testing: test_openssh: use a prebuilt toolchain
Romain Naour [Sun, 12 Sep 2021 14:11:33 +0000 (16:11 +0200)]
support/testing: test_openssh: use a prebuilt toolchain

Switch from the Buildroot internal toolchain for armv5 to
the prebuilt Bootlin external toolchain.

The test doesn't require to build a toolchain, there was
no prebuilt glibc toolchain recent enough at the time this
test has been introduced.

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agosupport/testing: test_rust: remove kernel build
Romain Naour [Sun, 12 Sep 2021 14:11:32 +0000 (16:11 +0200)]
support/testing: test_rust: remove kernel build

This test already use builtin kernel provided by the testsuite infra:

    self.emulator.boot(arch="armv7",
                       kernel="builtin",
                       options=["-initrd", img])

But a second kernel is build from the its defconfig. This second kernel
is not used by the test.

The TestRust (using BR2_PACKAGE_HOST_RUST=y) is really long to build,
save some cpu time by removing the kernel build.

This unused kernel (based on 4.11.3 release) doesn't even build with
host gcc >= 10.

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agosupport/testing: test_lxc bump to kernel 4.19.204
Romain Naour [Sun, 12 Sep 2021 14:11:31 +0000 (16:11 +0200)]
support/testing: test_lxc bump to kernel 4.19.204

The kernel 4.19.79 curently used by the test doesn't build with host
gcc >= 10 due the gcc default -fno-common. See GCC 10 porting guide [1].

/usr/bin/ld: scripts/dtc/dtc-parser.tab.o:(.bss+0x20): multiple definition of `yylloc'; scripts/dtc/dtc-lexer.lex.o:(.bss+0x0): first defined here

The issue was fixed in 4.19.114 [2]
Bump to the latest 4.19.x version.

[1] https://gcc.gnu.org/gcc-10/porting_to.html
[2] http://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=621f2ded601546119fabccd1651b1ae29d26cd38

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agosupport/testing: test_iso9660: bump to kernel 4.19.204
Romain Naour [Sun, 12 Sep 2021 14:11:30 +0000 (16:11 +0200)]
support/testing: test_iso9660: bump to kernel 4.19.204

The kernel 4.11 curently used by the test doesn't build with host
gcc >= 10 due the gcc default -fno-common. See GCC 10 porting guide [1].

/usr/bin/ld: scripts/dtc/dtc-parser.tab.o:(.bss+0x20): multiple definition of `yylloc'; scripts/dtc/dtc-lexer.lex.o:(.bss+0x0): first defined here

Update to the latest 4.19 LTS version but doing so requires to
disable CONFIG_RETPOLINE since the toolchain is not retpoline
capable [2].

Fixes:
https://gitlab.com/kubu93/buildroot/-/jobs/1564202078

[1] https://gcc.gnu.org/gcc-10/porting_to.html
[2] https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=8c4ad5d39144776c2987e81609204e1766ed4190

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agosupport/testing: test_openrc: switch to ARM arm toolchain and builtin kernel
Romain Naour [Sun, 12 Sep 2021 14:11:29 +0000 (16:11 +0200)]
support/testing: test_openrc: switch to ARM arm toolchain and builtin kernel

The kernel 5.5.7 curently used by the test doesn't build with host
gcc >= 10 due the gcc default -fno-common. See GCC 10 porting guide [1].

/usr/bin/ld: scripts/dtc/dtc-parser.tab.o:(.bss+0x20): multiple definition of `yylloc'; scripts/dtc/dtc-lexer.lex.o:(.bss+0x0): first defined here

But we can't just update this test to the next linux kernel LTS 5.10.y since
the minimum gcc version has been updated to gcc 4.9 since 5.8 kernel [2]
and the Sourcery CodeBench ARM 2014.05 is used (gcc 4.8 based).

Enable arm cortex A9 and VFP support to switch to the ARM arm prebuilt
toolchain (the Bootlin toolchain could be used).
While at it use the prebuilt buildin kernel for the vexpress target
recently updated to 5.10.7.

Fixes:
https://gitlab.com/kubu93/buildroot/-/jobs/1564202094

[1] https://gcc.gnu.org/gcc-10/porting_to.html
[2] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=6ec4476ac82512f09c94aff5972654b70f3772b2
[3] 3cf2782906d5cc05a3966c25518d2ce01f11afc8

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agosupport/testing: test_glxinfo: bump to kernel 4.19.204
Romain Naour [Sun, 12 Sep 2021 14:11:28 +0000 (16:11 +0200)]
support/testing: test_glxinfo: bump to kernel 4.19.204

The kernel 4.16.7 curently used by the test doesn't build with host
gcc >= 10 due the gcc default -fno-common. See GCC 10 porting guide [1].

/usr/bin/ld: scripts/dtc/dtc-parser.tab.o:(.bss+0x20): multiple definition of `yylloc'; scripts/dtc/dtc-lexer.lex.o:(.bss+0x0): first defined here

Bump to the next LTS release.

[1] https://gcc.gnu.org/gcc-10/porting_to.html

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agosupport/testing: test_f2fs: bump to kernel 4.19.204
Romain Naour [Sun, 12 Sep 2021 14:11:27 +0000 (16:11 +0200)]
support/testing: test_f2fs: bump to kernel 4.19.204

The kernel 4.16.7 curently used by the test doesn't build with host
gcc >= 10 due the gcc default -fno-common. See GCC 10 porting guide [1].

/usr/bin/ld: scripts/dtc/dtc-parser.tab.o:(.bss+0x20): multiple definition of `yylloc'; scripts/dtc/dtc-lexer.lex.o:(.bss+0x0): first defined here

Bump to the next LTS release.

[1] https://gcc.gnu.org/gcc-10/porting_to.html

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agosupport/testing: test_systemd: bump to kernel 4.19.204
Romain Naour [Sun, 12 Sep 2021 14:06:44 +0000 (16:06 +0200)]
support/testing: test_systemd: bump to kernel 4.19.204

The kernel 4.11.3 curently used by the test doesn't build with host
gcc >= 10 due the gcc default -fno-common. See GCC 10 porting guide [1].

/usr/bin/ld: scripts/dtc/dtc-parser.tab.o:(.bss+0x20): multiple definition of `yylloc'; scripts/dtc/dtc-lexer.lex.o:(.bss+0x0): first defined here

Bump to the next LTS release.

[1] https://gcc.gnu.org/gcc-10/porting_to.html

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agosupport/testing: test_file_capabilities: bump to kernel 4.19.204
Romain Naour [Sun, 12 Sep 2021 14:06:43 +0000 (16:06 +0200)]
support/testing: test_file_capabilities: bump to kernel 4.19.204

The kernel 4.11.3 curently used by the test doesn't build with host
gcc >= 10 due the gcc default -fno-common. See GCC 10 porting guide [1].

/usr/bin/ld: scripts/dtc/dtc-parser.tab.o:(.bss+0x20): multiple definition of `yylloc'; scripts/dtc/dtc-lexer.lex.o:(.bss+0x0): first defined here

Bump to the next LTS release.

[1] https://gcc.gnu.org/gcc-10/porting_to.html

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agopackage/diffutils: bump to version 3.8
Fabrice Fontaine [Sun, 12 Sep 2021 10:04:55 +0000 (12:04 +0200)]
package/diffutils: bump to version 3.8

- Update indentation in hash file (two spaces)
- Fix the following build failure with glibc 2.34 thanks to
  https://git.savannah.gnu.org/cgit/diffutils.git/commit/?id=498f88de4de761c1b5741fd8c78d4f5db9f3ce8b
  https://git.savannah.gnu.org/cgit/gnulib.git/commit/?id=f9e2b20a12a230efa30f1d479563ae07d276a94b

In file included from /home/giuliobenetti/autobuild/run/instance-0/output-1/host/arc-buildroot-linux-gnu/sysroot/usr/include/signal.h:328,
                 from ./signal.h:52,
                 from c-stack.c:49:
c-stack.c:55:26: error: missing binary operator before token "("
   55 | #elif HAVE_LIBSIGSEGV && SIGSTKSZ < 16384
      |                          ^~~~~~~~

https://savannah.gnu.org/forum/forum.php?forum_id=10031

Fixes:
 - http://autobuild.buildroot.org/results/6abde124e3124932d3c14d3b699f0572a2f4632d

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agopackage/cog: bump to version 0.10.1
Adrian Perez de Castro [Sun, 12 Sep 2021 09:28:55 +0000 (12:28 +0300)]
package/cog: bump to version 0.10.1

Update to version 0.10.1, which fixes the build when the DRM platform
module is enabled, fixes handling of absolute pointer events, and makes
the headless platform optional.

Although the headless platform is optional, Buildroot keeps it enabled
unconditionally (as previously) because the wpebackend-fdo dependency
is always needed anyway because Buildroot does not include any other
WPE backend.

Release notes:

  https://wpewebkit.org/release/cog-0.10.1.html

Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agopackage/liblinear: bump to version 2.43
Fabrice Fontaine [Fri, 10 Sep 2021 21:40:22 +0000 (23:40 +0200)]
package/liblinear: bump to version 2.43

- Update hash of COPYRIGHT (update in year:
  https://github.com/cjlin1/liblinear/commit/65115f742683b21ed10582c1664829e0146fcaec
  https://github.com/cjlin1/liblinear/commit/acf2f9caf166574a23912fe0e57e16187f74f5a6)
- Refresh second patch
- Update indentation in hash file (two spaces)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agopackage/python-pluggy: bump to version 1.0.0
Marcin Niestroj [Fri, 10 Sep 2021 18:54:55 +0000 (20:54 +0200)]
package/python-pluggy: bump to version 1.0.0

Signed-off-by: Marcin Niestroj <m.niestroj@grinn-global.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agopackage/python-pytest: bump to version 6.2.5
Marcin Niestroj [Fri, 10 Sep 2021 18:54:54 +0000 (20:54 +0200)]
package/python-pytest: bump to version 6.2.5

Signed-off-by: Marcin Niestroj <m.niestroj@grinn-global.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agopackage/python-packaging: bump to version 21.0
Marcin Niestroj [Fri, 10 Sep 2021 18:52:12 +0000 (20:52 +0200)]
package/python-packaging: bump to version 21.0

Signed-off-by: Marcin Niestroj <m.niestroj@grinn-global.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agopackage/python-bleak: bump to version 0.12.1
Marcin Niestroj [Fri, 10 Sep 2021 18:51:30 +0000 (20:51 +0200)]
package/python-bleak: bump to version 0.12.1

Signed-off-by: Marcin Niestroj <m.niestroj@grinn-global.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agopackage/python-typing-extensions: bump to version 3.10.0.2
Marcin Niestroj [Fri, 10 Sep 2021 18:50:38 +0000 (20:50 +0200)]
package/python-typing-extensions: bump to version 3.10.0.2

Signed-off-by: Marcin Niestroj <m.niestroj@grinn-global.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agopackage/protobuf-c: bump to version 1.4.0
Christian Stewart [Fri, 10 Sep 2021 10:47:58 +0000 (03:47 -0700)]
package/protobuf-c: bump to version 1.4.0

Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agopackage/libostree: bump to version 2021.4
Marcus Folkesson [Fri, 10 Sep 2021 08:10:30 +0000 (10:10 +0200)]
package/libostree: bump to version 2021.4

Signed-off-by: Marcus Folkesson <marcus.folkesson@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agopackage/pipewire: install systemd services when using systemd
James Hilliard [Thu, 9 Sep 2021 22:41:21 +0000 (16:41 -0600)]
package/pipewire: install systemd services when using systemd

Also create a pipewire user, which is used for systemd service. There is
no sysvinit start script at the moment, but if there were, it should
also take care of changing the uid to pipewire before starting the
daemon.

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agopackage/alsa-lib: smixer-python module supports python3
Illia Bitkov [Thu, 9 Sep 2021 15:17:39 +0000 (17:17 +0200)]
package/alsa-lib: smixer-python module supports python3

Add simple mixer python bindings to build when "Python support for
alsa-lib" is active. smixer-python is the only python module which
exists in alsa-lib. It is compatible with Python2 and Python3.

Signed-off-by: Illia Bitkov <illia.bitkov@mind.be>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agopackage/webp: bump to version 1.2.1
Francois Perrad [Thu, 9 Sep 2021 08:36:21 +0000 (10:36 +0200)]
package/webp: bump to version 1.2.1

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agopackage/mono: fix external libatomic_ops linkage
Illia Bitkov [Wed, 8 Sep 2021 18:08:25 +0000 (20:08 +0200)]
package/mono: fix external libatomic_ops linkage

Added patch fixes linkage of libgc with external libtomic-ops.
Mono uses bundeled bdwgc which doesn't link external libatomic-ops.
Patch is a fix cherry-picked from bdwgc upstream.

Problem found on ARMv5 processors, on newer ARM processors
it uses header based functions and doesn't need built library.

Error:
/home/buildroot/autobuild/instance-3/output-1/host/opt/ext-toolchain/bin/../lib/gcc/arm-buildroot-linux-uclibcgnueabi/9.3.0/../../../../arm-buildroot-linux-uclibcgnueabi/bin/ld: ../../external/bdwgc/.libs/libgc.a(gc.o): in function `GC_steal_mark_stack':
gc.c:(.text+0x2020): undefined reference to `AO_store_full_emulation'

Fixes:
http://autobuild.buildroot.net/results/ebc54e5dea63aca21a4072d294fdede41de559c7
http://autobuild.buildroot.net/results/6d10a4bd43fbc9c1d3fa26d5eef394c8023cb85f

Signed-off-by: Illia Bitkov <illia.bitkov@mind.be>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agopackage/libtalloc: bump to version 2.3.3
David GOUARIN [Thu, 9 Sep 2021 08:02:21 +0000 (10:02 +0200)]
package/libtalloc: bump to version 2.3.3

license is now LGPL-3.0+ for both talloc and pytalloc. Therefore, remove
pytalloc.h from the license files.

Signed-off-by: David GOUARIN <david.gouarin@thalesgroup.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agopackage/refpolicy: bump version to 2.20210908
Fabrice Fontaine [Thu, 9 Sep 2021 05:57:58 +0000 (07:57 +0200)]
package/refpolicy: bump version to 2.20210908

- Drop upstreamed patches
- Add Upstream status to remaining patch
- Update indentation in hash file (two spaces)
- Fix the following build failure with wireshark raised since commit
  975ab2fa88a0c94b362499ea8ad99222f335fb45 thanks to
  https://github.com/SELinuxProject/refpolicy/commit/d5c571c85567fe191fcc64dfb99b36788f806ceb:

 Compiling targeted policy.31
 env LD_LIBRARY_PATH="/tmp/instance-0/output-1/host/lib:/tmp/instance-0/output-1/host/usr/lib" /tmp/instance-0/output-1/host/usr/bin/checkpolicy -c 31 -U deny -S -O -E policy.conf -o policy.31
 policy/modules/apps/wireshark.te:96:ERROR 'unknown type xdg_downloads_t' at token ';' on line 645315:
 #line 96
allow wireshark_t xdg_downloads_t:dir { getattr search open };
 checkpolicy:  error(s) encountered while parsing configuration
 make[1]: *** [Rules.monolithic:79: policy.31] Error 1

https://github.com/SELinuxProject/refpolicy/releases/tag/RELEASE_2_20210908

Fixes:
 - http://autobuild.buildroot.org/results/dfbc667e0c17072ddab89a03244f572d5234da50

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agopackage/gupnp: bump to version 1.3.1
Fabrice Fontaine [Wed, 8 Sep 2021 20:27:52 +0000 (22:27 +0200)]
package/gupnp: bump to version 1.3.1

https://gitlab.gnome.org/GNOME/gupnp/-/blob/gupnp-1.3.1/NEWS

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agopackage/gssdp: bump to version 1.3.1
Fabrice Fontaine [Wed, 8 Sep 2021 20:25:09 +0000 (22:25 +0200)]
package/gssdp: bump to version 1.3.1

Disable gtk_doc (enabled by default since
https://gitlab.gnome.org/GNOME/gssdp/-/commit/652edd5c0145c0a542017840e3f3bc22b9ade159)

https://gitlab.gnome.org/GNOME/gssdp/-/blob/gssdp-1.3.1/NEWS

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agopackage/i2pd: bump to version 2.39.0
Fabrice Fontaine [Wed, 8 Sep 2021 20:11:52 +0000 (22:11 +0200)]
package/i2pd: bump to version 2.39.0

https://github.com/PurpleI2P/i2pd/releases/tag/2.39.0

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agopackage/libupnp: bump to version 1.14.10
Fabrice Fontaine [Wed, 8 Sep 2021 20:10:37 +0000 (22:10 +0200)]
package/libupnp: bump to version 1.14.10

https://github.com/pupnp/pupnp/blob/release-1.14.10/ChangeLog

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agopackage/tinycbor: bump to version 0.5.4
Fabrice Fontaine [Wed, 8 Sep 2021 20:00:58 +0000 (22:00 +0200)]
package/tinycbor: bump to version 0.5.4

- Drop patch (already in version)
- Update indentation in hash file (two spaces)

https://github.com/intel/tinycbor/releases/tag/v0.5.4

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agopackage/civetweb: bump to version 1.15
Fabrice Fontaine [Wed, 8 Sep 2021 19:51:10 +0000 (21:51 +0200)]
package/civetweb: bump to version 1.15

https://github.com/civetweb/civetweb/releases/tag/v1.15

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agopackage/kismet: bump to version 2021-08-R1
Fabrice Fontaine [Wed, 8 Sep 2021 19:48:47 +0000 (21:48 +0200)]
package/kismet: bump to version 2021-08-R1

Drop patch (already in version)

https://www.kismetwireless.net/release/kismet-2021-08-R1

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agopackage/libressl: depend on threads
Nicolas Cavallari [Wed, 8 Sep 2021 13:30:10 +0000 (15:30 +0200)]
package/libressl: depend on threads

If the toolchain does not have threads (e.g. br-arm-full-nothread),
compilation fails:

In file included from /home/fail/br-test-pkg/br-arm-full-nothread/build/libressl-3.3.3/crypto/cryptlib.c:117:
/home/fail/br-test-pkg/br-arm-full-nothread/build/libressl-3.3.3/crypto/../include/compat/pthread.h:114:15: fatal error: pthread.h: No such file or directory
  114 | #include_next <pthread.h>
      |               ^~~~~~~~~~~
compilation terminated.

Signed-off-by: Nicolas Cavallari <nicolas.cavallari@green-communications.fr>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agopackage/libgit2: bump to version 1.2.0
Nicolas Cavallari [Wed, 8 Sep 2021 13:30:09 +0000 (15:30 +0200)]
package/libgit2: bump to version 1.2.0

COPYING was updated with a copy of the openssl licence since libgit2 now
include openssl headers so it can dlopen it:

    openssl: dynamically load libssl and symbols (optionally)

    Provide an interface around OpenSSL to dynamically load the
    libraries and symbols, so that users can distribute a libgit2
    library that is not linked directly against OpenSSL.  This enables
    users to target multiple distributions with a single binary.

    This mechanism is optional and disabled by default.  Configure cmake
    with -DUSE_HTTPS=OpenSSL-Dynamic to use it.

We do not use that option so the headers are not even used, plus the
headers are not installed on the target anyway, so this patch includes
no license changes.

Upstream also stopped providing release tarballs, relying on
github-generated tarballs instead.

Signed-off-by: Nicolas Cavallari <nicolas.cavallari@green-communications.fr>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agopackage/uftrace: bump to version 0.10
Asaf Kahlon [Wed, 8 Sep 2021 08:21:10 +0000 (11:21 +0300)]
package/uftrace: bump to version 0.10

Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agopackage/{libuv, uvw}: bump to versions 1.42.0, 2.10.0_libuv_v1.42
Asaf Kahlon [Wed, 8 Sep 2021 08:21:09 +0000 (11:21 +0300)]
package/{libuv, uvw}: bump to versions 1.42.0, 2.10.0_libuv_v1.42

Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agopackage/python-scapy: bump to version 2.4.5
Asaf Kahlon [Wed, 8 Sep 2021 08:19:27 +0000 (11:19 +0300)]
package/python-scapy: bump to version 2.4.5

Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agopackage/python-ipdb: bump to version 0.13.9
Asaf Kahlon [Wed, 8 Sep 2021 08:19:26 +0000 (11:19 +0300)]
package/python-ipdb: bump to version 0.13.9

Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agopackage/python-bsdiff4: bump to version 1.2.1
Asaf Kahlon [Wed, 8 Sep 2021 08:19:25 +0000 (11:19 +0300)]
package/python-bsdiff4: bump to version 1.2.1

Plus, use two spaces for indentation in the hash file.

Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agopackage/python-bitstring: bump to version 3.1.9
Asaf Kahlon [Wed, 8 Sep 2021 08:19:24 +0000 (11:19 +0300)]
package/python-bitstring: bump to version 3.1.9

License updated with a minor change at the copyright year.
SETUP_TYPE changed to setuptools.

Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agopackage/python-attrs: bump to version 21.2.0
Asaf Kahlon [Wed, 8 Sep 2021 08:19:23 +0000 (11:19 +0300)]
package/python-attrs: bump to version 21.2.0

Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agopackage/python{3}-six: bump to version 1.16.0
Asaf Kahlon [Wed, 8 Sep 2021 08:19:22 +0000 (11:19 +0300)]
package/python{3}-six: bump to version 1.16.0

Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agopackage/python{3}-psutil: bump to version 5.8.0
Asaf Kahlon [Wed, 8 Sep 2021 08:19:21 +0000 (11:19 +0300)]
package/python{3}-psutil: bump to version 5.8.0

Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agopackage/x11r7/xserver_xorg-server: fix building on mips with GCC10
Raphaël Mélotte [Tue, 7 Sep 2021 12:07:48 +0000 (14:07 +0200)]
package/x11r7/xserver_xorg-server: fix building on mips with GCC10

Port the following upstream commit:
https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/591/diffs?commit_id=0148a15da1616a868d71abe1b56e3f28cc79533c

This fixes the following build error on mips with GCC10:
  CCLD     libint10.la
buildroot/output/host/lib/gcc/mips64el-buildroot-linux-gnu/10.3.0/../../../../mips64el-buildroot-linux-gnu/bin/ld: .libs/helper_mem.o:(.bss+0x0): multiple definition of `IOPortBase'; .libs/helper_exec.o:(.bss+0x0): first defined here

Signed-off-by: Raphaël Mélotte <raphael.melotte@mind.be>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agopackage/gstreamer1/gst1-shark: Bump version to v0.7.3
Chris Packham [Tue, 7 Sep 2021 08:43:45 +0000 (20:43 +1200)]
package/gstreamer1/gst1-shark: Bump version to v0.7.3

Signed-off-by: Chris Packham <judge.packham@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agopackage/syslog-ng: Bump version to 3.33.2
Chris Packham [Tue, 7 Sep 2021 08:43:43 +0000 (20:43 +1200)]
package/syslog-ng: Bump version to 3.33.2

Signed-off-by: Chris Packham <judge.packham@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agopackage/libnss: bump to version 3.70
Giulio Benetti [Mon, 6 Sep 2021 21:27:45 +0000 (23:27 +0200)]
package/libnss: bump to version 3.70

Drop local patch that has been upstream(even if with another authorship).

Release Notes (not yet available, but should eventually land):
https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.70_release_notes

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agopackage/libmdbx: bump version to 0.10.3
Leonid Yuriev [Mon, 6 Sep 2021 18:23:42 +0000 (21:23 +0300)]
package/libmdbx: bump version to 0.10.3

Signed-off-by: Leonid Yuriev <leo@yuriev.ru>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agopackage/libgpgme: fix build with glibc >= 2.34
Fabrice Fontaine [Mon, 6 Sep 2021 16:39:37 +0000 (18:39 +0200)]
package/libgpgme: fix build with glibc >= 2.34

Fix the following build failure with glibc >= 2.34:

posix-io.c: In function '_gpgme_io_spawn':
posix-io.c:577:23: error: void value not ignored as it ought to be
  577 |             while ((i = closefrom (fd)) && errno == EINTR)
      |                       ^

Fixes:
 - http://autobuild.buildroot.org/results/b11094ddd35263071b7dd453a6590c5b684026ff

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agopackage/cryptopp: bump to version 8.5.0
Fabrice Fontaine [Sun, 19 Sep 2021 10:08:42 +0000 (12:08 +0200)]
package/cryptopp: bump to version 8.5.0

https://www.cryptopp.com/release850.html
https://www.cryptopp.com/release840.html

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/tclap: bump to version 1.2.4
Fabrice Fontaine [Sun, 19 Sep 2021 10:00:29 +0000 (12:00 +0200)]
package/tclap: bump to version 1.2.4

Update indentation in hash file (two spaces)

https://sourceforge.net/p/tclap/code/ci/v1.2.4/tree/ChangeLog

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/cppzmq: bump to version 4.8.1
Fabrice Fontaine [Sun, 19 Sep 2021 09:53:43 +0000 (11:53 +0200)]
package/cppzmq: bump to version 4.8.1

https://github.com/zeromq/cppzmq/releases/tag/v4.8.1
https://github.com/zeromq/cppzmq/releases/tag/v4.8.0

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/wayland-protocols: fix build without host-wayland
Fabrice Fontaine [Sun, 19 Sep 2021 09:39:01 +0000 (11:39 +0200)]
package/wayland-protocols: fix build without host-wayland

Don't require wayland-scanner if tests are disabled to avoid the
following build failure raised since bump to version 1.23 in commit
7eedc9cc1e0c3cce1c18cb150157cb2346075b23:

Build-time dependency wayland-scanner found: NO (tried pkgconfig and cmake)

../output-1/build/wayland-protocols-1.23/meson.build:11:0: ERROR: Dependency "wayland-scanner" not found, tried pkgconfig and cmake

Fixes:
 - http://autobuild.buildroot.org/results/2744e50465a9cd9d3726d23298ad6c943ef49a21

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/swupdate: add option to enable USB install
James Hilliard [Sun, 19 Sep 2021 08:09:02 +0000 (02:09 -0600)]
package/swupdate: add option to enable USB install

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
[yann.morin.1998@free.fr:
  - do not default to 'y'
  - add comment
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/python-rsa: add PYTHON_RSA_CPE_ID_VENDOR
Fabrice Fontaine [Sun, 19 Sep 2021 08:52:44 +0000 (10:52 +0200)]
package/python-rsa: add PYTHON_RSA_CPE_ID_VENDOR

cpe:2.3:a:python-rsa_project:python-rsa is a valid CPE identifier for
this package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Apython-rsa_project%3Apython-rsa

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/mesa3d: fix build on m68k
Giulio Benetti [Sun, 19 Sep 2021 00:51:54 +0000 (02:51 +0200)]
package/mesa3d: fix build on m68k

mesa3d uses very big switch statements, which causes the build to fail
on m68k, beause the offsets there are only 16-bit.

We fix that by using -mlong-jump-table-offsets on m68k, to use 32-bit
offsets for switch statements, but this is only available starting with
gcc 7 [0] [1].

Fixes:
http://autobuild.buildroot.net/results/60c4653c2a93125edbdd0beb43cd47301643464a/

Note: we have two packages that select mesa3d, but:
    package/intel-mediadriver/
        -> already depends on x86_64, so implies !m68k

    package/x11r7/xdriver_xf86-video-imx-viv/
        -> imx is an ARM, but xdriver_xf86-video-imx-viv is missing
           a depends on BR2_arm (although the comments do have that
           dependency). However, it depends on other imx related
           packages, and they depend on either arm or aarch64, so
           that implies !m68k.

As such, we do not need to propagate that new dependency.

[0] https://gcc.gnu.org/bugzilla/show_bug.cgi?id=57583#c15
[1] https://gcc.gnu.org/bugzilla/show_bug.cgi?id=57583#c16

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
[yann.morin.1998@free.fr:
  - add comment
  - reword commit log, add BZ references, add non-propagation notes
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/gstreamer1/gstd: new package
James Hilliard [Sat, 18 Sep 2021 22:46:53 +0000 (16:46 -0600)]
package/gstreamer1/gstd: new package

We need to backport a few upstream still-pending PRs, to fix
cross-compilation, out-of-tree installation, and to relax requirements
on some tools.

The python support PR is backported too, but because python support was
not tested, it is forcibly disabled.

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
[yann.morin.1998@free.fr:
  - expand commit log with explanations
  - backport upstream 253 (python) too
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/swupdate: use $(SWUPDATE_PKGDIR) for pkgdir path
James Hilliard [Sat, 11 Sep 2021 16:50:19 +0000 (10:50 -0600)]
package/swupdate: use $(SWUPDATE_PKGDIR) for pkgdir path

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/libfuse3: bump to version 3.10.5
Giulio Benetti [Mon, 6 Sep 2021 21:39:38 +0000 (23:39 +0200)]
package/libfuse3: bump to version 3.10.5

Bump libfuse3 to version 3.10.5 and remove local patch that has been
upstreamed.

Release notes:
Various improvements to make unit tests more robust.

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/libfuse: fix build with glibc >= 2.34
Fabrice Fontaine [Sun, 12 Sep 2021 19:40:57 +0000 (21:40 +0200)]
package/libfuse: fix build with glibc >= 2.34

Fix the following build failure with glibc >= 2.34:

ulockmgr_server.c:127:12: error: conflicting types for 'closefrom'; have 'int(int)'
  127 | static int closefrom(int minfd)
      |            ^~~~~~~~~
In file included from ulockmgr_server.c:14:
/home/buildroot/autobuild/instance-1/output-1/host/arm-buildroot-linux-gnueabihf/sysroot/usr/include/unistd.h:363:13: note: previous declaration of 'closefrom' with type 'void(int)'
  363 | extern void closefrom (int __lowfd) __THROW;
      |             ^~~~~~~~~

Fixes:
 - http://autobuild.buildroot.org/results/3769b18ca804fba3b5974af799972a7d889b39a6

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/strongswan: fix broken dependency relation
Martin Elshuber [Mon, 13 Sep 2021 14:26:50 +0000 (16:26 +0200)]
package/strongswan: fix broken dependency relation

The AKA backend for 3GPP2 requires libgmp (see
https://wiki.strongswan.org/projects/strongswan/wiki/Autoconf). Since
the AKA backend for 3GPP2 is included by BR2_PACKAGE_STRONGSWAN_EAP,
when selecting a crypto backend different from
BR2_PACKAGE_STRONGSWAN_GMP, there is no guarantee the gmp package is
selected as well. When doing so, make fails since the package is in the
dependency chain but not selected:

  $ make
  Makefile:585: *** gmp is in the dependency chain of strongswan that has added it to its _DEPENDENCIES variable without selecting it or depending on it from Config.in.  Stop.
  make: *** [Makefile:23: _all] Error 2

To fix this, select BR2_PACKAGE_GMP when selecting BR2_PACKAGE_STRONGSWAN_EAP.

Signed-off-by: Martin Elshuber <martin.elshuber@theobroma-systems.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agoDEVELOPERS: add myself to trace-cmd package
Giulio Benetti [Sun, 12 Sep 2021 23:20:56 +0000 (01:20 +0200)]
DEVELOPERS: add myself to trace-cmd package

Add myself to trace-cmd package.

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/trace-cmd: bump to version 2.9.5
Giulio Benetti [Sun, 12 Sep 2021 23:20:55 +0000 (01:20 +0200)]
package/trace-cmd: bump to version 2.9.5

Update to version 2.9.5 and remove local patches that have been upstreamed.

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/trace-cmd: fix build for Sparc64
Giulio Benetti [Sun, 12 Sep 2021 23:08:56 +0000 (01:08 +0200)]
package/trace-cmd: fix build for Sparc64

Trace-cmd needs -fPIC for Sparc64 platform otherwise it fails on linking,
so add -fPIC to CFLAGS when building for such platform.

Fixes;
    http://autobuild.buildroot.net/results/c59/c596f6308b7f4d44d9ba009ed0c395396fc72f47/

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/libxkbcommon: change homepage/download url to https
Peter Seiderer [Sat, 18 Sep 2021 20:34:37 +0000 (22:34 +0200)]
package/libxkbcommon: change homepage/download url to https

- change homepage url to https (and remove trailing slash)
- change download url to https

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/grpc: bump version to 1.40
Michael Nosthoff [Mon, 13 Sep 2021 16:46:03 +0000 (18:46 +0200)]
package/grpc: bump version to 1.40

Signed-off-by: Michael Nosthoff <buildroot@heine.tech>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/minicom: drop autoreconf
Fabrice Fontaine [Sun, 12 Sep 2021 20:07:06 +0000 (22:07 +0200)]
package/minicom: drop autoreconf

autoreconf (and so AM_ICONV) is not needed since commit
2df32e0d4437b422175089edf1917219656fccef

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Reviewed-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Reviewed-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/dovecot: drop host-gettext
Fabrice Fontaine [Sun, 12 Sep 2021 19:53:33 +0000 (21:53 +0200)]
package/dovecot: drop host-gettext

AM_ICONV is not needed since drop of autoreconf in commit
03fbb81b8bab7bad135b59267533be7688babe39

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/fio: bump to version 3.28
Fabrice Fontaine [Sun, 12 Sep 2021 16:48:19 +0000 (18:48 +0200)]
package/fio: bump to version 3.28

This will fix the following build failure with kernel >= 5.14 thanks to
https://github.com/axboe/fio/commit/382975557e632efb506836bc1709789e615c9094:

In file included from crc/../os/os.h:39,
                 from crc/crc32c-arm64.c:2:
crc/../os/os-linux.h:17:10: fatal error: linux/raw.h: No such file or directory
   17 | #include <linux/raw.h>
      |          ^~~~~~~~~~~~~

Fixes:
 - http://autobuild.buildroot.org/results/d85c044263c76ff7ef0fe47921d893a472954da9

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/libyang: security bump to version 1.0.240
Peter Korsgaard [Sat, 18 Sep 2021 18:58:14 +0000 (20:58 +0200)]
package/libyang: security bump to version 1.0.240

Fixes the following security issues:

- CVE-2021-28902: In function read_yin_container() in libyang <= v1.0.225,
  it doesn't check whether the value of retval->ext[r] is NULL.  In some
  cases, it can be NULL, which leads to the operation of
  retval->ext[r]->flags that results in a crash.

- CVE-2021-28903: A stack overflow in libyang <= v1.0.225 can cause a denial
  of service through function lyxml_parse_mem().  lyxml_parse_elem()
  function will be called recursively, which will consume stack space and
  lead to crash.

- CVE-2021-28904: In function ext_get_plugin() in libyang <= v1.0.225, it
  doesn't check whether the value of revision is NULL.  If revision is NULL,
  the operation of strcmp(revision, ext_plugins[u].revision) will lead to a
  crash.

- CVE-2021-28905: In function lys_node_free() in libyang <= v1.0.225, it
  asserts that the value of node->module can't be NULL.  But in some cases,
  node->module can be null, which triggers a reachable assertion (CWE-617).

- CVE-2021-28906: In function read_yin_leaf() in libyang <= v1.0.225, it
  doesn't check whether the value of retval->ext[r] is NULL.  In some cases,
  it can be NULL, which leads to the operation of retval->ext[r]->flags that
  results in a crash.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/fetchmail: security bump to version 6.4.22
Peter Korsgaard [Sat, 18 Sep 2021 18:01:36 +0000 (20:01 +0200)]
package/fetchmail: security bump to version 6.4.22

Fixes the following security issues:

- CVE-2021-39272: Fetchmail before 6.4.22 fails to enforce STARTTLS session
  encryption in some circumstances, such as a certain situation with IMAP
  and PREAUTH.
  https://www.fetchmail.info/fetchmail-SA-2021-02.txt

Update COPYING hash for a clarification of the license situation with
openssl 3.x (which is Apache 2.0 licensed):

https://gitlab.com/fetchmail/fetchmail/-/commit/8eed56c21ca5bbdf3c00aaf74d807bcad8713ba9

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/libinput: bump version to 1.19.0
Peter Seiderer [Tue, 14 Sep 2021 21:04:23 +0000 (23:04 +0200)]
package/libinput: bump version to 1.19.0

- add new optional wayland, wayland-protocoll and libx11 dependencies
  in case the debug gui is enabled (libgtk3 available)

For details see [1], [2].

[1] https://lists.freedesktop.org/archives/wayland-devel/2021-September/041971.html
[2] https://lists.freedesktop.org/archives/wayland-devel/2021-September/041977.html

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/libxkbcommon: bump version to 1.3.1
Peter Seiderer [Tue, 14 Sep 2021 21:01:54 +0000 (23:01 +0200)]
package/libxkbcommon: bump version to 1.3.1

For details (since 1.1.0) see [1]

[1] https://lists.freedesktop.org/archives/wayland-devel/2021-April/041762.html
[2] https://lists.freedesktop.org/archives/wayland-devel/2021-May/041816.html
[3] https://lists.freedesktop.org/archives/wayland-devel/2021-September/041976.html

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/iwd: bump version to 1.17
Peter Seiderer [Tue, 14 Sep 2021 21:00:36 +0000 (23:00 +0200)]
package/iwd: bump version to 1.17

- Changelog (since 1.14, from [1]):

  ver 1.17:
    Fix issue with sending additional and vendor IEs.
    Fix issue with IE ordering for 802.11-2020 support.
    Fix issue with frequency update on channel switch events.
    Fix issue with drivers and handling of IF_OPER_UP setting.

  ver 1.16:
    Fix issue with writing provisioning files with a passphrase.
    Add support for Authenticator & Supplicant RSN Extension elements.
    Add support for handling Transition Disable info.
    Add support for SAE Hash-to-Element feature.

  ver 1.15:
    Add support for FT-over-DS procedure with multiple BSS.
    Add support for estimation of VHT RX data rate.
    Add support for exporting Daemon information.

[1] https://git.kernel.org/pub/scm/network/wireless/iwd.git/tree/ChangeLog

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/openresolv: bump version to 3.12.0
Peter Seiderer [Tue, 14 Sep 2021 21:00:35 +0000 (23:00 +0200)]
package/openresolv: bump version to 3.12.0

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/ell: bump version to 0.43
Peter Seiderer [Tue, 14 Sep 2021 21:00:34 +0000 (23:00 +0200)]
package/ell: bump version to 0.43

- Changelog (since 0.41, from [1]):

  ver 0.43:
    Add support for DHCP Rapid Commit feature.
    Add support for DHCP authoritative mode feature.

  ver 0.42:
    Add support for constant time security functions.
    Add support for manipulating DHCP leases.

[1] https://git.kernel.org/pub/scm/libs/ell/ell.git/tree/ChangeLog

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/feh: bump version to 3.7.1
Petr Vorel [Tue, 14 Sep 2021 17:53:51 +0000 (19:53 +0200)]
package/feh: bump version to 3.7.1

Signed-off-by: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/botan: fix boost dependency
Michael Nosthoff [Tue, 14 Sep 2021 13:50:57 +0000 (15:50 +0200)]
package/botan: fix boost dependency

only build --with-boost when both required modules (filesystem and system) are
also selected.

Fixes:
http://autobuild.buildroot.net/results/4fbf2a63f9ddfbc540ce7dabd10964b311477c06

Signed-off-by: Michael Nosthoff <buildroot@heine.tech>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/apitrace: fix build with glibc >= 2.34
Fabrice Fontaine [Tue, 14 Sep 2021 21:11:06 +0000 (23:11 +0200)]
package/apitrace: fix build with glibc >= 2.34

Fix the following build failure with glibc >= 2.34:

/tmp/instance-0/output-1/host/lib/gcc/s390x-buildroot-linux-gnu/10.3.0/../../../../s390x-buildroot-linux-gnu/bin/ld: CMakeFiles/egltrace.dir/dlsym.cpp.o: in function `dlsym':
dlsym.cpp:(.text+0x34): undefined reference to `__libc_dlopen_mode'
/tmp/instance-0/output-1/host/lib/gcc/s390x-buildroot-linux-gnu/10.3.0/../../../../s390x-buildroot-linux-gnu/bin/ld: dlsym.cpp:(.text+0x46): undefined reference to `__libc_dlsym'

Fixes:
 - http://autobuild.buildroot.org/results/ac5e5b1e30249ae0fb8b9179338b47c60c026bcc

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/pv: bump to version 1.6.20
Fabrice Fontaine [Tue, 14 Sep 2021 21:25:48 +0000 (23:25 +0200)]
package/pv: bump to version 1.6.20

- Drop patch (already in version)
- Update indentation in hash file (two spaces)

https://github.com/a-j-wood/pv/releases/tag/v1.6.19
https://github.com/a-j-wood/pv/releases/tag/v1.6.20

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/erlang: ignore Windows specific CVE-2021-29221
Peter Korsgaard [Sat, 18 Sep 2021 16:59:46 +0000 (18:59 +0200)]
package/erlang: ignore Windows specific CVE-2021-29221

CVE-2021-29221 is a Windows specific issue:

A local privilege escalation vulnerability was discovered in Erlang/OTP
prior to version 23.2.3.  By adding files to an existing installation's
directory, a local attacker could hijack accounts of other users running
Erlang programs or possibly coerce a service running with "erlsrv.exe" to
execute arbitrary code as Local System.  This can occur only under specific
conditions on Windows with unsafe filesystem permissions.

So ignore it.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/botan: add upstream security fix for CVE-2021-40529
Peter Korsgaard [Sat, 18 Sep 2021 16:42:46 +0000 (18:42 +0200)]
package/botan: add upstream security fix for CVE-2021-40529

Fixes the following security issue:

- CVE-2021-40529: The ElGamal implementation in Botan through 2.18.1, as
  used in Thunderbird and other products, allows plaintext recovery because,
  during interaction between two cryptographic libraries, a certain
  dangerous combination of the prime defined by the receiver's public key,
  the generator defined by the receiver's public key, and the sender's
  ephemeral exponents can lead to a cross-configuration attack against
  OpenPGP

For more details, see the upstream bug and issue writeup:
- https://github.com/randombit/botan/pull/2790
- https://ibm.github.io/system-security-research-updates/2021/07/20/insecurity-elgamal-pt1

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/nodejs: security bump to version 12.22.6
Peter Korsgaard [Sat, 18 Sep 2021 16:11:30 +0000 (18:11 +0200)]
package/nodejs: security bump to version 12.22.6

Fixes the following security issues:

- CVE-2021-37701: Arbitrary File Creation/Overwrite via insufficient symlink
  protection due to directory cache poisoning using symbolic links

- CVE-2021-37712: Arbitrary File Creation/Overwrite via insufficient symlink
  protection due to directory cache poisoning using symbolic links

- CVE-2021-37713: Arbitrary File Creation/Overwrite on Windows via
  insufficient relative path sanitization

- CVE-2021-39134: UNIX Symbolic Link (Symlink) Following in @npmcli/arborist

- CVE-2021-39135: UNIX Symbolic Link (Symlink) Following in @npmcli/arborist

For more details, see the advisory:
https://nodejs.org/en/blog/vulnerability/aug-2021-security-releases2/

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>