buildroot.git
6 years agopackage/turbolua: bump version to v2.1.2
Marcin Niestroj [Mon, 29 Jan 2018 12:08:44 +0000 (13:08 +0100)]
package/turbolua: bump version to v2.1.2

Drop patch now upstream.

Signed-off-by: Marcin Niestroj <m.niestroj@grinn-global.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agomerge_config.sh: add br2-external support
Ilya Kuzmich [Tue, 9 Jan 2018 11:37:43 +0000 (14:37 +0300)]
merge_config.sh: add br2-external support

Pass BR2_EXTERNAL value via -e option.
This will prevent merge_config.sh from silently eating any symbols defined in
external trees on a clean buildroot tree invocation.

Signed-off-by: Ilya Kuzmich <ilya.kuzmich@gmail.com>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agopython-flask-cors: new package
Matt Weber [Tue, 23 Jan 2018 14:25:16 +0000 (08:25 -0600)]
python-flask-cors: new package

A Flask extension for handling Cross Origin Resource
Sharing (CORS), making cross-origin AJAX possible.

Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Reviewed-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agopackage/gpsd: upgrade to 3.17, remove obsolete patch
Zoltan Gyarmati [Mon, 29 Jan 2018 08:26:38 +0000 (09:26 +0100)]
package/gpsd: upgrade to 3.17, remove obsolete patch

The upstream patch which disables the build-time systemctl call made it into
this release so removing it here. Also adding hash for the COPYING file.

Signed-off-by: Zoltan Gyarmati <mr.zoltan.gyarmati@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agopackage/wf111: Fix manufacturer name and url
Julien Corjon [Mon, 29 Jan 2018 08:28:19 +0000 (09:28 +0100)]
package/wf111: Fix manufacturer name and url

Signed-off-by: Julien Corjon <corjon.j@ecagroup.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agoaugeas: bump to version 1.10.1
Jörg Krause [Mon, 29 Jan 2018 13:18:32 +0000 (14:18 +0100)]
augeas: bump to version 1.10.1

Remove upstream patches included in the version bump.

Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agoopen-lldp: requires dynamic linking interface (dlopen, ...)
Laurent Charpentier [Mon, 29 Jan 2018 12:45:30 +0000 (13:45 +0100)]
open-lldp: requires dynamic linking interface (dlopen, ...)

Fixes:
http://autobuild.buildroot.net/results/516456c8e21759e1ecee4ef9f9689a8f720ecd90/

This patch is to fix the following build error:
weak_readline.c:30:19: fatal error: dlfcn.h: No such file or directory
 #include <dlfcn.h>
                   ^
compilation terminated.
Makefile:890: recipe for target 'weak_readline.o' failed

Signed-off-by: Laurent Charpentier <laurent_pubs@yahoo.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agopackage/systemd: fix build with fallback hostname
Stefan Becker [Mon, 29 Jan 2018 09:45:06 +0000 (11:45 +0200)]
package/systemd: fix build with fallback hostname

Commit aebabb2780da4c5f85fec00b56f4690feb646073 used an automoake
configuration option. Replace it with the meson version.

Fixes #10716

Signed-off-by: Stefan Becker <chemobejk@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agodovecot: add upstream security fix for CVE-2017-15132
Peter Korsgaard [Sun, 28 Jan 2018 22:33:10 +0000 (23:33 +0100)]
dovecot: add upstream security fix for CVE-2017-15132

A flaw was found in dovecot 2.0 up to 2.2.33 and 2.3.0.  An abort of SASL
authentication results in a memory leak in dovecot's auth client used by
login processes.  The leak has impact in high performance configuration
where same login processes are reused and can cause the process to crash due
to memory exhaustion.

For more details, see:
http://www.openwall.com/lists/oss-security/2018/01/25/4

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agoopenocd: add security fix for CVE-2018-5704
Peter Korsgaard [Sun, 28 Jan 2018 22:02:56 +0000 (23:02 +0100)]
openocd: add security fix for CVE-2018-5704

Open On-Chip Debugger (OpenOCD) 0.10.0 does not block attempts to use HTTP
POST for sending data to 127.0.0.1 port 4444, which allows remote attackers
to conduct cross-protocol scripting attacks, and consequently execute
arbitrary commands, via a crafted web site.

For more details, see:
https://sourceforge.net/p/openocd/mailman/message/36188041/

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agolinux-firmware: add menu for Intel QuickAssist firmware
Carlos Santos [Thu, 25 Jan 2018 17:29:51 +0000 (15:29 -0200)]
linux-firmware: add menu for Intel QuickAssist firmware

Firmware required when Intel QuickAssist is enabled in the kernel via
CRYPTO_DEV_QAT_DH895xCC, CRYPTO_DEV_QAT_C3XXX or CRYPTO_DEV_QAT_C62X.

See https://dpdk.org/doc/guides/cryptodevs/qat.html

Signed-off-by: Carlos Santos <casantos@datacom.ind.br>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agolinux-firmware: add hashes for license files
Carlos Santos [Thu, 25 Jan 2018 17:29:50 +0000 (15:29 -0200)]
linux-firmware: add hashes for license files

Locally calculated, to fix legal-info generation.

Signed-off-by: Carlos Santos <casantos@datacom.ind.br>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agoconfigs/imx6-sabresd: Bump to kernel 4.15
Fabio Estevam [Sun, 28 Jan 2018 22:34:57 +0000 (20:34 -0200)]
configs/imx6-sabresd: Bump to kernel 4.15

Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agolinux: bump default to version 4.15
Fabio Estevam [Sun, 28 Jan 2018 22:34:56 +0000 (20:34 -0200)]
linux: bump default to version 4.15

Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agolinux-headers: bump to 4.15 kernel version
Fabio Estevam [Sun, 28 Jan 2018 22:34:55 +0000 (20:34 -0200)]
linux-headers: bump to 4.15 kernel version

Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agotoolchain: add 4.15.x choice for headers
Fabio Estevam [Sun, 28 Jan 2018 22:34:54 +0000 (20:34 -0200)]
toolchain: add 4.15.x choice for headers

Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agonftables: bump to version 0.8.1
Baruch Siach [Sun, 28 Jan 2018 19:42:47 +0000 (21:42 +0200)]
nftables: bump to version 0.8.1

Add SHA256 and license hashes.

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agolibnftnl: bump to version 1.0.9
Baruch Siach [Sun, 28 Jan 2018 19:42:46 +0000 (21:42 +0200)]
libnftnl: bump to version 1.0.9

Add SHA256 hash, and a license hash.

Drop mxml dependency since XML support has been removed upstream.

Refresh the patch.

Cc: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agowireshark: security bump to version 2.2.12
Peter Korsgaard [Sun, 28 Jan 2018 19:23:02 +0000 (20:23 +0100)]
wireshark: security bump to version 2.2.12

Fixes the following security issues:

CVE-2017-17997: MRDISC dissector crash
https://www.wireshark.org/security/wnpa-sec-2018-02.html

CVE-2018-5334: IxVeriWave file parser crash
https://www.wireshark.org/security/wnpa-sec-2018-03.html

CVE-2018-5335: WCP dissector crash
https://www.wireshark.org/security/wnpa-sec-2018-04.html

CVE-2018-5336: Multiple dissectors could crash
https://www.wireshark.org/security/wnpa-sec-2018-01.html

For more information, see the release notes:
https://www.wireshark.org/docs/relnotes/wireshark-2.2.12.html

While we are at it, also add as hash for license file.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agopackage/systemd: Set fallback hostname
Chris Lesiak [Tue, 23 Jan 2018 23:15:58 +0000 (17:15 -0600)]
package/systemd: Set fallback hostname

When BR2_TARGET_GENERIC_HOSTNAME is set, use the config option
--with-fallback-hostname to specify the fallback hostname to use
if none is configured in /etc/hostname.  This is useful in a
pristine installation with an empty /etc.

Signed-off-by: Chris Lesiak <chris.lesiak@licor.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agoMakefile: Store OS release in /usr/lib/os-release
Chris Lesiak [Tue, 23 Jan 2018 23:13:50 +0000 (17:13 -0600)]
Makefile: Store OS release in /usr/lib/os-release

It is recommended that vendor trees store OS release information
in /usr/lib/os-release and that /etc/os-release should be a relative
symlink to /usr/lib/os-release.

For more details, see:

http://0pointer.de/public/systemd-man/os-release.html

[Peter: don't hide command, simplify ln invocation]
Signed-off-by: Chris Lesiak <chris.lesiak@licor.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agopackage/transmission: security bump version to 2.93
Bernd Kuhls [Sat, 27 Jan 2018 22:29:53 +0000 (23:29 +0100)]
package/transmission: security bump version to 2.93

Fixes CVE-2018-5702:
https://github.com/transmission/transmission/pull/468

Added license hash.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agopackage/gcc: bump 7.x series to 7.3.0
Romain Naour [Sat, 27 Jan 2018 20:30:44 +0000 (21:30 +0100)]
package/gcc: bump 7.x series to 7.3.0

Remove upstream patches:
0870-xtensa-fix-PR-target-82181.patch
0893-ARC-Configure-script-to-allow-non-uclibc-based-tripl.patch

See: https://www.mail-archive.com/gcc@gcc.gnu.org/msg84336.html

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agopackage/pure-ftpd: Add uploadscript option
Sam Voss [Fri, 12 Jan 2018 19:53:45 +0000 (13:53 -0600)]
package/pure-ftpd: Add uploadscript option

Enable option to compile with '--with-uploadscript' to allow running
script after successful uploads.

Signed-off-by: Sam Voss <sam.voss@rockwellcollins.com>
Acked-by: Bryce Ferguson <bryce.ferguson@rockwellcollins.com
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agosecurity hardening: add RELFO, FORTIFY options
Matt Weber [Wed, 24 Jan 2018 04:09:41 +0000 (22:09 -0600)]
security hardening: add RELFO, FORTIFY options

This enables a user to build a complete system using these
options.  It is important to note that not all packages will
build correctly to start with.

Modeled after OpenWRT approach
https://github.com/openwrt/openwrt/blob/master/config/Config-build.in#L176

A good testing tool to check a target's elf files for compliance
to an array of hardening techniques can be found here:
https://github.com/slimm609/checksec.sh

[Peter: reword fortify help texts, glibc comment]
Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agostack protector: moved option out of adv menu
Matt Weber [Wed, 24 Jan 2018 04:09:40 +0000 (22:09 -0600)]
stack protector: moved option out of adv menu

Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agopackage/git: bump version to 2.16.1
Bernd Kuhls [Sun, 28 Jan 2018 08:40:49 +0000 (09:40 +0100)]
package/git: bump version to 2.16.1

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agoimx-m4fwloader: new package
Gary Bisson [Wed, 24 Jan 2018 17:10:50 +0000 (18:10 +0100)]
imx-m4fwloader: new package

This package provides a tool to load a firmware to the Cortex-M4 core
available in some i.MX processors such as i.MX6SX or i.MX7.

This package was tested on a i.MX7D Nitrogen7 platform:
 # imx-m4fwloader hello_world.bin 0x007F8000

Upstream repository:
https://github.com/codeauroraforum/imx-m4fwloader

[Peter: add license hash, install in /usr/sbin, tweak help text]
Signed-off-by: Gary Bisson <gary.bisson@boundarydevices.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agopackage/tinc: upgrade to 1.0.33, install upstream's systemd files
Zoltan Gyarmati [Fri, 26 Jan 2018 18:54:44 +0000 (19:54 +0100)]
package/tinc: upgrade to 1.0.33, install upstream's systemd files

Signed-off-by: Zoltan Gyarmati <mr.zoltan.gyarmati@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agopackage/freeswitch: bump version to 1.6.20
Bernd Kuhls [Sat, 27 Jan 2018 13:42:29 +0000 (14:42 +0100)]
package/freeswitch: bump version to 1.6.20

Added license hashes.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agopackage/clamav: security bump to version 0.99.3
Bernd Kuhls [Sat, 27 Jan 2018 13:34:52 +0000 (14:34 +0100)]
package/clamav: security bump to version 0.99.3

Fixes CVE-2017-12374, CVE-2017-12375, CVE-2017-12376, CVE-2017-12377,
CVE-2017-12378, CVE-2017-12379, CVE-2017-12380.

For details see upstream announcement:
http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html

Added license hashes.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agonilfs-utils: fix build with static toolchains
Kurt Van Dijck [Mon, 22 Jan 2018 20:27:10 +0000 (21:27 +0100)]
nilfs-utils: fix build with static toolchains

This commit adds a patch to respect the dependency libmount->libblkid->libuuid
properly in autoconf. This becomes necessary for static builds.

Fixes:
 http://autobuild.buildroot.net/results/acaac513eaaa39d4000268428407a9fa6989ef03
 http://autobuild.buildroot.net/results/41af95b9ed7bbbe319565e1c20d1f6e2665d445f

[Peter: add host-pkgconf to dependencies]
Signed-off-by: Kurt Van Dijck <dev.kurt@vandijck-laurijssen.be>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agopackage/physfs: needs threads support
Romain Naour [Fri, 19 Jan 2018 13:59:29 +0000 (14:59 +0100)]
package/physfs: needs threads support

When physfs is built for a Linux system the PHYSFS_PLATFORM_POSIX (which
enable code that use pthread_*()) symbol must be defined, so threads support
is required.  The physfs build system used by the previous version didn't
correctly set PHYSFS_PLATFORM_POSIX for system without pthread support.

Add pthread dependency.

Fixes:
http://autobuild.buildroot.org/results/75d/75d68ff9da42d61f47d80b463445c12bc51ed1a4

Signed-off-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agoltp-testsuite: disable numa tests
Baruch Siach [Fri, 26 Jan 2018 11:03:17 +0000 (13:03 +0200)]
ltp-testsuite: disable numa tests

The LTP_CHECK_SYSCALL_NUMA autoconf macro uses AC_RUN_IFELSE when it
detects the numaif.h header. This is incompatible with cross
compilation.

Fixes:
http://autobuild.buildroot.net/results/21a/21a6eeddbf5ccffc34c38527d0807305a5eb3917/
http://autobuild.buildroot.net/results/fc0/fc01921e8e8e1ea100461b29137c4219e6686c58/
http://autobuild.buildroot.net/results/962/96285d154abd65838ff5c66e96db309d9ac26c80/

Cc: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Acked-by: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agoltp-testsuite: drop redundant arch dependency entries
Baruch Siach [Fri, 26 Jan 2018 11:03:18 +0000 (13:03 +0200)]
ltp-testsuite: drop redundant arch dependency entries

BR2_TOOLCHAIN_HAS_SYNC_4 is enabled for all these architectures except
arc. There is no need to list them explicitly.

Cc: Romain Naour <romain.naour@gmail.com>
Cc: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Acked-by: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agohwdata: bump to version 0.308
Carlos Santos [Fri, 26 Jan 2018 10:21:57 +0000 (08:21 -0200)]
hwdata: bump to version 0.308

The hwdata collection is hosted at GitHub now and provides additional
databases, besides pci.ids and usb.ids:

- Individual Address Block (IAB) and Organizationally Unique Identifier
  (OUI) databases, from IEEE Registration Authority
- PNP ID database (from Microsoft)

Install only pci.ids and usb.ids by default, to keep compatibility with
previous versions.

In the future we can make other packages (pciutils, lshw) use the common
files instead of installing their own copies, thus saving some storage
space.

[Peter: drop BR2_PACKAGE_HWDATA_ANY and build time error, rework install step]
Signed-off-by: Carlos Santos <casantos@datacom.ind.br>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agoswupdate: add upstream patch to fix build error
Jörg Krause [Wed, 24 Jan 2018 22:00:29 +0000 (23:00 +0100)]
swupdate: add upstream patch to fix build error

When building SWUpdate with the following defconfig:

```
CONFIG_DOWNLOAD=y
```

.. the build process breaks with:

```
corelib/channel_curl.c:27:10: fatal error: json-c/json.h: No such file or directory
 #include <json-c/json.h>
```

Looking at the SWUpdate Kconfig based build system shows that `CONFIG_DOWNLOAD`
depends on `HAVE_LIBCURL`, which selects CURL, which eventually enables the
(unnecessary) build of channel_curl.o.

The upstream fixes the condition for building channel_curl.o by adding a new
hidden config option `CHANNEL_CURL`, which is only selected by the
dependent options.

Backported from:
https://github.com/sbabic/swupdate/commit/37a6666a532e9cbc42b56301f27919ae7c00d2eb

Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agopackage/wf111: bump to version 5.2.2-r3
Julien Corjon [Fri, 26 Jan 2018 16:20:21 +0000 (17:20 +0100)]
package/wf111: bump to version 5.2.2-r3

Signed-off-by: Julien Corjon <corjon.j@ecagroup.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agoccache: bump to version 3.3.5
Mark Hirota [Sat, 27 Jan 2018 01:08:43 +0000 (17:08 -0800)]
ccache: bump to version 3.3.5

(Likely) fixes #10536

https://bugs.buildroot.org/show_bug.cgi?id=10536

Signed-off-by: Mark Hirota <markhirota@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agoscanpypi: ignore empty elements in package requirements
Yegor Yefremov [Fri, 26 Jan 2018 12:54:06 +0000 (13:54 +0100)]
scanpypi: ignore empty elements in package requirements

Depending on how setup.py reads requirements files empty elements can occur.
This patch takes care, that such elements will be ignored and don't crash
the scanpypi script.

Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
Tested-by: Matt Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agonetsniff-ng: bump to version 0.6.4
Tobias Klauser [Tue, 23 Jan 2018 14:49:16 +0000 (15:49 +0100)]
netsniff-ng: bump to version 0.6.4

Drop patches merged upstream.

Cc: Joris Lijssens <joris.lijssens@gmail.com>
Cc: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agonetcat-openbsd: bump to version 1.187-1
Baruch Siach [Tue, 23 Jan 2018 13:17:40 +0000 (15:17 +0200)]
netcat-openbsd: bump to version 1.187-1

Cc: Maxime Hadjinlian <maxime.hadjinlian@gmail.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agolibbsd: bump to version 0.8.7
Baruch Siach [Tue, 23 Jan 2018 13:09:16 +0000 (15:09 +0200)]
libbsd: bump to version 0.8.7

Change download site; the latest version is not on the official site.

Add license hash.

Cc: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agozbar: enable static build
Baruch Siach [Tue, 23 Jan 2018 12:43:45 +0000 (14:43 +0200)]
zbar: enable static build

libv4l supports static build since commit f837251785e9 (package/libv4l:
allow build of v4l2 utilities on noMMU platforms).

Cc: Volkov Viacheslav <sv99@inbox.ru>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agolibv4l: bump to version 1.14.1
Baruch Siach [Tue, 23 Jan 2018 12:43:44 +0000 (14:43 +0200)]
libv4l: bump to version 1.14.1

Drop upstream patches. autoreconf is no longer needed.

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agolinux-headers: bump 4.{4, 9, 14}.x series
Fabio Estevam [Tue, 23 Jan 2018 21:14:23 +0000 (19:14 -0200)]
linux-headers: bump 4.{4, 9, 14}.x series

Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agolinux: bump default to version 4.14.15
Fabio Estevam [Tue, 23 Jan 2018 21:14:22 +0000 (19:14 -0200)]
linux: bump default to version 4.14.15

Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agolibcurl: security bump to version 7.58.0
Baruch Siach [Fri, 26 Jan 2018 06:17:56 +0000 (08:17 +0200)]
libcurl: security bump to version 7.58.0

Fixes CVE-2018-1000007: libcurl might leak authentication data to third
parties.

https://curl.haxx.se/docs/adv_2018-b3bf.html

Fixes CVE-2018-1000005: libcurl contains an out bounds read in code handling
HTTP/2 trailers.

https://curl.haxx.se/docs/adv_2018-824a.html

Update license hash due to copyright year change.

[Peter: also add CVE-2018-1000005 reference]
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agoutil-linux: disable useless programs in the host package
Carlos Santos [Fri, 26 Jan 2018 00:16:52 +0000 (22:16 -0200)]
util-linux: disable useless programs in the host package

Disable all programs that depend on ncurses, as well as utilities that
are useless on the host: agetty, chfn-chsh, chmem, login, lslogins,
mesg, more, newgrp, nologin, nsenter, pg, rfkill, schedutils, setpriv,
setterm, su, sulogin, tunelp, ul, unshare, uuidd, vipw, wall, wdctl,
write, zramctl.

Also add dependency on host-zlib if host cramfs utils are to be built.

Signed-off-by: Carlos Santos <casantos@datacom.ind.br>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agognutls: bump to version 3.5.17
Peter Korsgaard [Thu, 25 Jan 2018 21:13:18 +0000 (22:13 +0100)]
gnutls: bump to version 3.5.17

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agowebkitgtk: security bump to version 2.18.6
Adrian Perez de Castro [Thu, 25 Jan 2018 20:42:03 +0000 (22:42 +0200)]
webkitgtk: security bump to version 2.18.6

This is a maintenance release of the current stable WebKitGTK+ version,
which contains security fixes for CVE-2018-4088, CVE-2017-13885,
CVE-2017-7165, CVE-2017-13884, CVE-2017-7160, CVE-2017-7153,
CVE-2017-7153, CVE-2017-7161, and CVE-2018-4096. Additionally, it solves
a GStreamer deadlock when stopping video playback, and contains fixes
and improvements for the WebDriver implementation.

Release notes can be found in the announcement:

  https://webkitgtk.org/2018/01/24/webkitgtk2.18.6-released.html

Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agowebkitgtk: Add missing libtasn1 dependency
Adrian Perez de Castro [Thu, 25 Jan 2018 20:42:02 +0000 (22:42 +0200)]
webkitgtk: Add missing libtasn1 dependency

Nowadays libtasn1 is always required and if not present the CMake
configuration step would fail.

Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agolighttpd: add hash for the license file
Peter Korsgaard [Thu, 25 Jan 2018 20:49:30 +0000 (21:49 +0100)]
lighttpd: add hash for the license file

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agopackage: lighttpd: bump to version 1.4.48
Petr Kulhavy [Thu, 25 Jan 2018 19:09:49 +0000 (20:09 +0100)]
package: lighttpd: bump to version 1.4.48

Signed-off-by: Petr Kulhavy <brain@jikos.cz>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agofis: fix typo in build command
Gary Bisson [Wed, 24 Jan 2018 17:15:38 +0000 (18:15 +0100)]
fis: fix typo in build command

Signed-off-by: Gary Bisson <gary.bisson@boundarydevices.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agodos2unix: bump to version 7.4.0
Baruch Siach [Tue, 23 Jan 2018 13:28:14 +0000 (15:28 +0200)]
dos2unix: bump to version 7.4.0

Add license hash.

Add reference to upstream tarball signature.

Cc: David Bachelart <david.bachelart@bbright.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agolinux-headers: bump 4.1.x series
Fabio Estevam [Tue, 23 Jan 2018 12:38:15 +0000 (10:38 -0200)]
linux-headers: bump 4.1.x series

Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agolua-resty-http: bump to version 0.12
Francois Perrad [Sun, 21 Jan 2018 11:03:35 +0000 (12:03 +0100)]
lua-resty-http: bump to version 0.12

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agoluaossl: bumpp to version 20171028
Francois Perrad [Sun, 21 Jan 2018 11:03:34 +0000 (12:03 +0100)]
luaossl: bumpp to version 20171028

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agoljlinenoise: bump to version 0.1.3
Francois Perrad [Sun, 21 Jan 2018 11:03:33 +0000 (12:03 +0100)]
ljlinenoise: bump to version 0.1.3

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agolua-testmore: bump to version 0.3.3
Francois Perrad [Sun, 21 Jan 2018 11:03:32 +0000 (12:03 +0100)]
lua-testmore: bump to version 0.3.3

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agolua-messagepack: bump to version 0.5.1
Francois Perrad [Sun, 21 Jan 2018 11:03:31 +0000 (12:03 +0100)]
lua-messagepack: bump to version 0.5.1

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agolua-csnappy: bump to version 0.1.5
Francois Perrad [Sun, 21 Jan 2018 11:03:30 +0000 (12:03 +0100)]
lua-csnappy: bump to version 0.1.5

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agolua-coatpersistent: bump to version 0.2.2
Francois Perrad [Sun, 21 Jan 2018 11:03:29 +0000 (12:03 +0100)]
lua-coatpersistent: bump to version 0.2.2

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agolua-coat: bump to version 0.9.2
Francois Perrad [Sun, 21 Jan 2018 11:03:28 +0000 (12:03 +0100)]
lua-coat: bump to version 0.9.2

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agodocs/website: update sponsors for FOSDEM
Arnout Vandecappelle (Essensium/Mind) [Mon, 22 Jan 2018 22:23:38 +0000 (23:23 +0100)]
docs/website: update sponsors for FOSDEM

Simply a matter of updating the year, since it's again Google and Mind
for the FOSDEM2018 developer meeting.

Also add the 2017 sponsorship to the "Past sponsors" section.

Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agosquid: add upstream post-3.5.27 security patches
Peter Korsgaard [Mon, 22 Jan 2018 19:54:17 +0000 (20:54 +0100)]
squid: add upstream post-3.5.27 security patches

Fixes the following security issues:

SQUID-2018:1 Due to incorrect pointer handling Squid is vulnerable to denial
of service attack when processing ESI responses.

http://www.squid-cache.org/Advisories/SQUID-2018_1.txt

SQUID-2018:2  Due to incorrect pointer handling Squid is vulnerable to
denial of service attack when processing ESI responses or downloading
intermediate CA certificates.

http://www.squid-cache.org/Advisories/SQUID-2018_2.txt

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agosquid: bump version to 3.5.27
Peter Korsgaard [Mon, 22 Jan 2018 19:54:16 +0000 (20:54 +0100)]
squid: bump version to 3.5.27

And add a hash for the license files.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agoconfigs/imx6sx-sdb: Bump U-Boot and kernel versions
Fabio Estevam [Mon, 22 Jan 2018 20:25:38 +0000 (18:25 -0200)]
configs/imx6sx-sdb: Bump U-Boot and kernel versions

Bump U-Boot to 2018.01 and kernel to 4.14.4 version.

Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agopython-raven: bump to version 6.5.0
Joseph Kogut [Mon, 22 Jan 2018 20:20:53 +0000 (12:20 -0800)]
python-raven: bump to version 6.5.0

Signed-off-by: Joseph Kogut <joseph.kogut@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agoconfigs/imx6-sabresd_qt5: Bump U-Boot and kernel versions
Fabio Estevam [Mon, 22 Jan 2018 20:08:11 +0000 (18:08 -0200)]
configs/imx6-sabresd_qt5: Bump U-Boot and kernel versions

Bump U-Boot to 2018.01 and kernel to 4.14.4 version.

Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agoconfigs/imx6-sabresd: Bump U-Boot and kernel versions
Fabio Estevam [Mon, 22 Jan 2018 20:08:10 +0000 (18:08 -0200)]
configs/imx6-sabresd: Bump U-Boot and kernel versions

Bump U-Boot to 2018.01 and kernel to 4.14.4 version.

Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agolibtomcrypt: bump to version 1.18.1
Francois Perrad [Mon, 22 Jan 2018 19:29:47 +0000 (20:29 +0100)]
libtomcrypt: bump to version 1.18.1

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agopython-certifi: bump to version 2018.1.18
Yegor Yefremov [Mon, 22 Jan 2018 15:33:29 +0000 (16:33 +0100)]
python-certifi: bump to version 2018.1.18

Add licence checksum.

Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agorefpolicy: bump to 2.20180114
Adam Duskett [Mon, 22 Jan 2018 12:17:18 +0000 (07:17 -0500)]
refpolicy: bump to 2.20180114

Remove 0001-fix-regex-escape-sequence-error.patch, as it has been
committed upstream.

Signed-off-by: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agofirmware-imx: bump to version 7.2
Baruch Siach [Mon, 22 Jan 2018 08:34:49 +0000 (10:34 +0200)]
firmware-imx: bump to version 7.2

The fsl-epdc.mk file is no longer shipped with the package.

Add license files hashes.

Cc: Arnout Vandecappelle <arnout@mind.be>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agopackage/sdl2: Remove trailing backslash
Guillermo A. Amaral [Sat, 20 Jan 2018 21:25:47 +0000 (13:25 -0800)]
package/sdl2: Remove trailing backslash

Left over from 9f8a6fdf9

Signed-off-by: Guillermo A. Amaral <g@maral.me>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agogtksourceview: bump to version 3.24.6
Fabrice Fontaine [Sat, 20 Jan 2018 22:52:27 +0000 (23:52 +0100)]
gtksourceview: bump to version 3.24.6

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agolibmaxminddb: bump to version 1.3.2
Fabrice Fontaine [Sat, 20 Jan 2018 17:14:27 +0000 (18:14 +0100)]
libmaxminddb: bump to version 1.3.2

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agoboinc: bump to version 7.8.6
Fabrice Fontaine [Sat, 20 Jan 2018 17:08:53 +0000 (18:08 +0100)]
boinc: bump to version 7.8.6

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agopackage/waylandpp: bump version to 0.2.2
Bernd Kuhls [Sat, 20 Jan 2018 07:43:52 +0000 (08:43 +0100)]
package/waylandpp: bump version to 0.2.2

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agopackage/{mesa3d, mesa3d-headers}: bump version to 17.3.3
Bernd Kuhls [Sat, 20 Jan 2018 07:43:31 +0000 (08:43 +0100)]
package/{mesa3d, mesa3d-headers}: bump version to 17.3.3

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agouclibc-ng-test: update to latest
Waldemar Brodkorb [Sun, 21 Jan 2018 20:27:21 +0000 (21:27 +0100)]
uclibc-ng-test: update to latest

Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agobfin-bf512: update to latest kernel
Waldemar Brodkorb [Sun, 21 Jan 2018 20:25:35 +0000 (21:25 +0100)]
bfin-bf512: update to latest kernel

Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agouclibc-ng: enable NPTL for m68k/microblaze
Waldemar Brodkorb [Sun, 21 Jan 2018 19:21:57 +0000 (20:21 +0100)]
uclibc-ng: enable NPTL for m68k/microblaze

With 1.0.28 NPTL support for m68k was added.
Microblaze is already supported for a while, enable it now to
benefit from it.

Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agouclibc: update to 1.0.28
Waldemar Brodkorb [Sun, 21 Jan 2018 19:20:46 +0000 (20:20 +0100)]
uclibc: update to 1.0.28

Similar patch included upstream.
Mostly bugfixes and NPTL support for m68k was added.

Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agopython-txtorcon: needs C++ support
Peter Korsgaard [Sun, 21 Jan 2018 22:09:16 +0000 (23:09 +0100)]
python-txtorcon: needs C++ support

Python-txtorcon selects python-pyopenssl and python-service-identity, both
(indirectly) needing C++ support, so propagate that dependency.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Reviewed-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agolibuv: bump to version 1.19.1
Jörg Krause [Sun, 21 Jan 2018 20:42:48 +0000 (21:42 +0100)]
libuv: bump to version 1.19.1

Also add license hash.

Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agodocs/website: update for 2017.11.2
Peter Korsgaard [Sun, 21 Jan 2018 21:29:02 +0000 (22:29 +0100)]
docs/website: update for 2017.11.2

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agoUpdate for 2017.11.2
Peter Korsgaard [Sun, 21 Jan 2018 21:08:22 +0000 (22:08 +0100)]
Update for 2017.11.2

[Peter: drop Makefile changes]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit adb26f1feed697c063d82943d8c0d1673c6c8aea)

6 years agopackage/ltp-testsuite: Bump to version 20180118
Petr Vorel [Fri, 19 Jan 2018 08:58:26 +0000 (09:58 +0100)]
package/ltp-testsuite: Bump to version 20180118

+ removed 3 patches accepted upstream.

Signed-off-by: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agopackage/xen: Force disable SDL for xen-qemu build
Alistair Francis [Thu, 18 Jan 2018 21:52:30 +0000 (13:52 -0800)]
package/xen: Force disable SDL for xen-qemu build

Fixes autobuilder issue:
http://autobuild.buildroot.net/results/8bcb80dc93d38bb38ca32ad93d52c22d1176d57e/

Signed-off-by: Alistair Francis <alistair.francis@xilinx.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agopython-txtorcon: new package
Yegor Yefremov [Thu, 18 Jan 2018 14:49:17 +0000 (15:49 +0100)]
python-txtorcon: new package

Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
6 years agopackage/sdl2: Fix Raspberry Pi support for SDL2
Guillermo A. Amaral [Thu, 18 Jan 2018 17:54:15 +0000 (09:54 -0800)]
package/sdl2: Fix Raspberry Pi support for SDL2

Tweak build system to play well with Buildroot.

Signed-off-by: Guillermo A. Amaral <g@maral.me>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
6 years agopython-cssselect: bump to version 1.0.3
Yegor Yefremov [Thu, 18 Jan 2018 14:31:00 +0000 (15:31 +0100)]
python-cssselect: bump to version 1.0.3

Add licence checksum.

Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
6 years agoconfigs/mx6udoo: Bump kernel and U-Boot versions
Fabio Estevam [Thu, 18 Jan 2018 12:58:54 +0000 (10:58 -0200)]
configs/mx6udoo: Bump kernel and U-Boot versions

Bump U-Boot to 2018.01 and kernel to 4.14.13 version.

Signed-off-by: Fabio Estevam <fabio.estevam@nxp.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
6 years agoswupdate: add upstream patch to fix musl build issue
Jörg Krause [Thu, 18 Jan 2018 12:51:21 +0000 (13:51 +0100)]
swupdate: add upstream patch to fix musl build issue

Add upstream patch to fix build issue with the musl C library, as musl
does not provide the GNU extension `strndupa()` breaking the build with
an undefined reference:

```
ipc/lib.a(network_ipc.o): In function `ipc_postupdate':
network_ipc.c:(.text.ipc_postupdate+0x39): undefined reference to `strndupa'
```

The upstream patch provides a compatibility header file adding a definition
of `strndupa` if it is not already defined.

Backported from:
https://github.com/sbabic/swupdate/commit/9867a9d6a21e6b0b9bcba57c3e2398fe671cea17

Fixes:
http://autobuild.buildroot.net/results/f674219225d0b67d0bc78fd10b47a865250746f4/
http://autobuild.buildroot.net/results/d2b0cfcfec583d203af1b26152f14ded3ebd3eee/
http://autobuild.buildroot.net/results/1d0cbd1eb9b1b70bd9f4d1c4fae431baee9d105c/

Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
6 years agoscanpypi: get rid of commented lines and also strip the package strings
Yegor Yefremov [Thu, 18 Jan 2018 10:41:49 +0000 (11:41 +0100)]
scanpypi: get rid of commented lines and also strip the package strings

Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
6 years agorpcbind: Backport fixes to memory leak security fix
Ed Blake [Thu, 18 Jan 2018 18:05:31 +0000 (18:05 +0000)]
rpcbind: Backport fixes to memory leak security fix

Commit 954509f added a security fix for CVE-2017-8779, involving
pairing all svc_getargs() calls with svc_freeargs() to avoid a memory
leak.  However it also introduced a couple of issues:

- The call to svc_freeargs() from rpcbproc_callit_com() may result in
  an attempt to free static memory, resulting in undefined behaviour.

- A typo in the svc_freeargs() call from pmapproc_dump() causes NIS
  (aka ypbind) to fail.

Backport upstream fixes for these issues to version 0.2.3.

Signed-off-by: Ed Blake <ed.blake@sondrel.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
6 years agopackage/xen: Bump to latest 4.10.0 release
Alistair Francis [Thu, 18 Jan 2018 18:55:48 +0000 (10:55 -0800)]
package/xen: Bump to latest 4.10.0 release

Signed-off-by: Alistair Francis <alistair.francis@xilinx.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>