Adam Duskett [Mon, 30 Mar 2020 16:31:21 +0000 (09:31 -0700)]
package/libpjsip: bump version to 2.10
Other changes:
- Change the site URL as the upstream project has migrated to Github
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Adam Duskett [Mon, 30 Mar 2020 16:03:01 +0000 (09:03 -0700)]
package/janus-gateway: bump version to 0.9.2
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Mon, 30 Mar 2020 21:55:00 +0000 (23:55 +0200)]
package/wpa_supplicant: fix CVE-2019-16275
hostapd before 2.10 and wpa_supplicant before 2.10 allow an incorrect
indication of disconnection in certain situations because source address
validation is mishandled. This is a denial of service that should have
been prevented by PMF (aka management frame protection). The attacker
must send a crafted 802.11 frame from a location that is within the
802.11 communications range.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Mon, 30 Mar 2020 21:54:25 +0000 (23:54 +0200)]
package/hostapd: fix CVE-2019-16275
hostapd before 2.10 and wpa_supplicant before 2.10 allow an incorrect
indication of disconnection in certain situations because source address
validation is mishandled. This is a denial of service that should have
been prevented by PMF (aka management frame protection). The attacker
must send a crafted 802.11 frame from a location that is within the
802.11 communications range.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Mon, 30 Mar 2020 22:17:19 +0000 (00:17 +0200)]
package/libsndfile: add upstream security fixes
- Fix CVE-2017-6892: In libsndfile version 1.0.28, an error in the
"aiff_read_chanmap()" function (aiff.c) can be exploited to cause an
out-of-bounds read memory access via a specially crafted AIFF file.
- Fix CVE-2017-8361: The flac_buffer_copy function in flac.c in
libsndfile 1.0.28 allows remote attackers to cause a denial of service
(buffer overflow and application crash) or possibly have unspecified
other impact via a crafted audio file.
- Fix CVE-2017-8362: The flac_buffer_copy function in flac.c in
libsndfile 1.0.28 allows remote attackers to cause a denial of service
(invalid read and application crash) via a crafted audio file.
- Fix CVE-2017-8363: The flac_buffer_copy function in flac.c in
libsndfile 1.0.28 allows remote attackers to cause a denial of service
(heap-based buffer over-read and application crash) via a crafted
audio file.
- Fix CVE-2017-8365: The i2les_array function in pcm.c in
libsndfile 1.0.28 allows remote attackers to cause a denial of service
(buffer over-read and application crash) via a crafted audio file.
- Fix CVE-2017-12562: Heap-based Buffer Overflow in the
psf_binheader_writef function in common.c in libsndfile through 1.0.28
allows remote attackers to cause a denial of service (application
crash) or possibly have unspecified other impact.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
James Hilliard [Mon, 30 Mar 2020 23:39:55 +0000 (17:39 -0600)]
package/gdb: bump to version 8.3.1
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Thu, 2 Apr 2020 16:28:00 +0000 (18:28 +0200)]
package/cjson: bump to version 1.7.13
Update indentation of hash file (two spaces)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Nazım Gediz AYDINDOĞMUŞ [Thu, 2 Apr 2020 12:41:12 +0000 (12:41 +0000)]
docs/manual: minor typo fix
Definition of LIBFOO_USERS actually ends on 33rd line.
Signed-off-by: Nazım Gediz Aydındoğmuş <gediz.aydindogmus@genemek.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Bernd Kuhls [Mon, 30 Mar 2020 18:22:50 +0000 (20:22 +0200)]
{linux, linux-headers}: add version 5.6
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
[Peter: move .. or later text to 5.6]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Bernd Kuhls [Mon, 30 Mar 2020 18:22:48 +0000 (20:22 +0200)]
toolchain/Config.in: move BR2_TOOLCHAIN_HEADERS_AT_LEAST_5_5
Config option was placed at the wrong position.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Adam Duskett [Mon, 30 Mar 2020 23:46:12 +0000 (16:46 -0700)]
package/nftables: check for python
If python or python3 is selected, nftables should depend on the package
and set the --enable-python option, otherwise set --disable-python
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fabio Estevam [Wed, 1 Apr 2020 17:05:04 +0000 (14:05 -0300)]
kmscube: Bump to the most recent version
Bump to the latest kmscube version.
Since kmscube has been converted to meson, adjust the .mk file
accordingly.
Signed-off-by: Fabio Estevam <festevam@gmail.com>
[yann.morin.1998@free.fr: two spaces in hash file]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fabio Estevam [Wed, 1 Apr 2020 17:05:03 +0000 (14:05 -0300)]
kmscube: Change repository to gitlab
The https://cgit.freedesktop.org/mesa/kmscube repository
is mirrored from https://gitlab.freedesktop.org/mesa/kmscube, so
switch to the gitlab one.
The other advantage of using the gitlab repository is that it can handle
archive downloads, so switch to it.
Suggested-by: Arnout Vandecappelle <arnout@mind.be>
Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Evgeniy Didin [Mon, 10 Feb 2020 07:40:30 +0000 (10:40 +0300)]
package/strace: bump to version 5.5
Drop patch.
Strace 5.5 now is compatible with glibc-2.31 and
Linux kernel headers < 5.3.
The copyright year was updated in COPYING, so update the hash.
Fixes:
- http://autobuild.buildroot.net/results/
dd7ec26396412375941eaf43daf755d61a68458b/
Signed-off-by: Evgeniy Didin <Evgeniy.Didin@synopsys.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: arc-buildroot@synopsys.com
Cc: Baruch Siach <baruch@tkos.co.il>
[yann.morin.1998@free.fr:
- add autobuilder reference provided by Baruch
- fix hash for COPYING
- two spaces in hash file
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fabrice Fontaine [Mon, 30 Mar 2020 20:40:30 +0000 (22:40 +0200)]
package/tinyproxy: disable a2x
If a2x is found, tinyproxy won't touch the configuration files and will
try to regenerate them which will result in the following build failure:
make[4]: Entering directory `/usr/lfs/hdd_v1/rc-buildroot-test/scripts/instance-1/output/build/tinyproxy-1.10.0/docs/man5'
GEN tinyproxy.conf.5
File "/accts/mlweber1/bin/a2x", line 76
print '%s: %s' % (PROG,msg)
^
SyntaxError: invalid syntax
Fixes:
- http://autobuild.buildroot.org/results/
fbd81c05f37a3db6df1cbc3495a89957c6587d25
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fabrice Fontaine [Mon, 30 Mar 2020 21:49:13 +0000 (23:49 +0200)]
package/gupnp-tools: bump to version 0.10.0
- Update indentation of hash file (two spaces)
- Fix build with latest gupnp/gssdp thanks to
https://gitlab.gnome.org/GNOME/gupnp-tools/-/commit/
41feb3168d3870e0d017c248f20cbe85bc5acde7
Fixes:
- No autobuilder failures yet
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabio Estevam [Tue, 31 Mar 2020 20:12:05 +0000 (17:12 -0300)]
configs/mx53loco: bump the kernel version
Bump the kernel to the 5.4.27 version.
Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Adam Duskett [Fri, 27 Mar 2020 18:29:59 +0000 (11:29 -0700)]
package/gupnp: needs host-vala for introspection
Introspection support in gupnp is handled by way of vala tools and
vala bindings.
Even though host-vala is already a transitive dependency via gssdp,
add it to gupnp for correctness sake; also explicitly enable the
generation of the vala API, since it is required for introspection.
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Adam Duskett [Fri, 27 Mar 2020 18:29:56 +0000 (11:29 -0700)]
package/gssdp: build vala bindings for introspection
When building its introspection metadata description files, gssdp can
also generate the associated vala bindings.
Dependent packages may then use either or both the introspection
metadata description files or the vala bindings to generate their own.
For example; this is the case with gupnp, which requires the vala
bindings from gssdp to be able to generate its introspection metadata
description files and vala bindings.
Since there is no way to know whether the vala bindings are required or
not, we always build them. host-vala has no dependency that is not
already a dependency of gssdp, so the overhead is just the time to build
host-vala itself, roughly 32s here when compared to 10+minutes to build
all the dependencies of gssdp with introspection support.
Fixes:
- http://autobuild.buildroot.org/results/
06f879902a567c26bade630091b21b56f637bd60/
- http://autobuild.buildroot.org/results/
457ecc20e1932e13e82ff6bdcaf4adaf97cb7d1d/
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Yaroslav Syrytsia [Mon, 30 Mar 2020 13:41:37 +0000 (16:41 +0300)]
Makefile: make-4.3 now longer un-escapes \# in macros
make-4.3 shipped with a backward incompatible change in how sharp signs
are handled in macros. Previously, up to make 4.2, the sharp sign would
always start a comment, unless backslash-escaped, even in a macro or a
fucntion call.
Now, the sharp sign is no longer starting a comment when it appears
inside such a macro or function call. This behaviour was supposed to be
in force since 3.81, but was not; 4.3 fixed the code to match the doc.
As such, use of external toolchains is broken, as we use the sharp sign
in the copy_toolchain_sysroot macro, in shell variable expansion to
strip off any leading /: ${target\#/}.
Fix that by applying the workaround suggested in the release annoucement
[0], by using a variable to hold a sharp sign.
[0] https://lists.gnu.org/archive/html/info-gnu/2020-01/msg00004.html
Signed-off-by: Yaroslav Syrytsia <me@ys.lc>
[yann.morin.1998@free.fr:
- move the SHARP_SIGN definition out of Makefile and into support/
- expand the commit log
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Gary Bisson [Mon, 30 Mar 2020 08:05:22 +0000 (10:05 +0200)]
package/freescale-imx/imx-vpu-hantro: bump version to 1.15.0
To match NXP BSP 4.19.35-1.1.0 release:
https://source.codeaurora.org/external/imx/meta-fsl-bsp-release/tree/imx/meta-bsp/recipes-bsp/imx-vpu-hantro?h=warrior-4.19.35-1.1.0
Adds support for i.MX8MMini platform (Hantro H1 encoder).
Signed-off-by: Gary Bisson <gary.bisson@boundarydevices.com>
Tested-by: Laurent Gauthier <laurent.gauthier_1@oss.nxp.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bartosz Bilas [Mon, 30 Mar 2020 11:40:15 +0000 (13:40 +0200)]
Config.in.legacy: move cegui06 package to 2020.05 section
During package update, the legacy option was set to the existing
2020.02 release instead of the next 2020.05.
Signed-off-by: Bartosz Bilas <b.bilas@grinn-global.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Baruch Siach [Fri, 27 Mar 2020 07:45:25 +0000 (10:45 +0300)]
package/evtest: fix build with musl 1.2.0
Add upstream patch fixing issue with 64-bit time_t introduced in musl
1.2.0 for 32-bit architectures.
Fixes:
http://autobuild.buildroot.net/results/
0847ef68b7f7bffa3083229ad9523dbad28db4f2/
http://autobuild.buildroot.net/results/
73355877a945d3555350bea3bef70dfa68b80018/
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Mon, 13 Jan 2020 19:57:57 +0000 (20:57 +0100)]
package/opencv3: fix build with protobuf
External protobuf is used instead of embedded one since commit
31c68a449ecd7da61ecfd909bea7ce799f9a6450. However it fails to build on:
[ 63%] Building CXX object modules/dnn/CMakeFiles/opencv_dnn.dir/misc/caffe/opencv-caffe.pb.cc.o
In file included from /home/naourr/work/instance-0/output-1/build/opencv3-3.4.9/modules/dnn/misc/caffe/opencv-caffe.pb.cc:4:
/home/naourr/work/instance-0/output-1/build/opencv3-3.4.9/modules/dnn/misc/caffe/opencv-caffe.pb.h:17:2: error: #error This file was generated by an older version of protoc which is
17 | #error This file was generated by an older version of protoc which is
| ^~~~~
/home/naourr/work/instance-0/output-1/build/opencv3-3.4.9/modules/dnn/misc/caffe/opencv-caffe.pb.h:18:2: error: #error incompatible with your Protocol Buffer headers. Please
18 | #error incompatible with your Protocol Buffer headers. Please
| ^~~~~
/home/naourr/work/instance-0/output-1/build/opencv3-3.4.9/modules/dnn/misc/caffe/opencv-caffe.pb.h:19:2: error: #error regenerate this file with a newer version of protoc.
19 | #error regenerate this file with a newer version of protoc.
| ^~~~~
/home/naourr/work/instance-0/output-1/build/opencv3-3.4.9/modules/dnn/misc/caffe/opencv-caffe.pb.cc:12:10: fatal error: google/protobuf/wire_format_lite_inl.h: No such file or directory
12 | #include <google/protobuf/wire_format_lite_inl.h>
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Fix this error by setting PROTOBUF_UPDATE_FILES to ON
Fixes:
- http://autobuild.buildroot.org/results/
219258c90709fc34748929f1dcdf4f0649215e61
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Tue, 10 Mar 2020 22:31:32 +0000 (23:31 +0100)]
Revert "package/opencv3: bump to version 4.2.0"
This reverts commit
5e51bb2756ee5063eff9a45a46033a449e2a6195.
Indeed, version 4.x is not backward with opencv 3.x, most of the C API
has been removed as stated in https://opencv.org/opencv-4-0.
Moreover, these issues should also be fixed:
- pkg-config file is not installed by default since
https://github.com/opencv/opencv/commit/
e755a2a6e48ae02dd5136a628cc4148566a08225
- layout of include files and pkg-config file name are different since
https://github.com/opencv/opencv/commit/
a95673287433fc810eda2d88b94bb234298c4cd5
As a result, ffmpeg fails to build with opencv 4.2.0.
Moreover, it should be noted that -DPROTOBUF_UPDATE_FILES=ON should be
applied in a separate patch to fix existing build failure with 3.4.9 as
stated in https://patchwork.ozlabs.org/patch/
1222308
Fixes:
- http://autobuild.buildroot.org/results/
ef1d09d8b234807dcd993422f9557e5c34506013
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bernd Kuhls [Sun, 29 Mar 2020 12:22:59 +0000 (14:22 +0200)]
package/kodi-vfs-rar: bump version to 2.2.3-Leia
Updated hash of lib/UnrarXLib/license.txt due to upstream changes:
https://github.com/xbmc/vfs.rar/commits/Leia/lib/UnrarXLib/license.txt
Changed addon license file to LICENSE.md.
Updated dependencies due to upstream commit:
https://github.com/xbmc/vfs.rar/commit/
6c7a62439eac2b2afeb2bf8c241836cd2ab2b93e
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Gary Bisson [Thu, 26 Mar 2020 16:49:42 +0000 (17:49 +0100)]
package/freescale-imx: fix i.MX8MMini configuration
- Just like i.MX8MQ, i.MX8MMini is using Hantro VPU.
- Platform name wasn't set for i.MX8Mini
-> now differencing IMX8MQ and IMX8MM for VPU package
Signed-off-by: Gary Bisson <gary.bisson@boundarydevices.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
James Hilliard [Mon, 30 Mar 2020 00:09:16 +0000 (18:09 -0600)]
package/meson: bump to version 0.54.0
Remove patches that are now upstream.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Carlos Santos [Sun, 29 Mar 2020 23:49:24 +0000 (20:49 -0300)]
package/procps-ng: use logger in S02sysctl only if it is available
The script used the logger utility unconditionally but it may not exist
(e.g. busybox-minimal.config is used and BR2_PACKAGE_UTIL_LINUX_LOGGER
is not selected).
Declare two functions to perform the operation, run_logger and run_std,
and use the appropriate one, depending on the existence of logger.
Signed-off-by: Carlos Santos <unixmania@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Carlos Santos [Sun, 29 Mar 2020 23:49:23 +0000 (20:49 -0300)]
package/procps-ng: add busybox-related comments to S02sysctl
Explain the busybox peculiarities and how the script works with both
versions of the sysctl utility.
Signed-off-by: Carlos Santos <unixmania@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Carlos Santos [Sun, 29 Mar 2020 23:49:22 +0000 (20:49 -0300)]
package/busybox: use same S02sysctl script as procps-ng
The scripts were already the same, except for some comments, so make the
busybox S02sysctl a symlink to the procps-ng one, which works with both
versions of the "sysctl" utility.
Signed-off-by: Carlos Santos <unixmania@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Sun, 29 Mar 2020 22:21:50 +0000 (00:21 +0200)]
package/rng-tools: fix redefinition of encrypt
Fixes:
- http://autobuild.buildroot.org/results/
bb7dbd5a76c1ecd2a1d205f4a1c391095e653886
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Sun, 29 Mar 2020 22:04:28 +0000 (00:04 +0200)]
package/rygel: bump to version 0.38.3
- Update indentation of hash file (two spaces)
- Fix build with gssdp/gupnp 1.2 thanks to:
https://github.com/GNOME/rygel/commit/
791b688d8ac3f8da4d162b1935871d16fe8e16fd
Fixes:
- No autobuilder failures yet
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Jianhui Zhao [Sat, 14 Sep 2019 16:23:02 +0000 (00:23 +0800)]
package/libuwsc: new package
Signed-off-by: Jianhui zhao <zhaojh329@gmail.com>
[Thomas:
- add entry in DEVELOPERS file
- be more explicit with SSL options
- drop logic around luainterpreter since luajit is not properly
detected]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Sun, 29 Mar 2020 21:01:10 +0000 (23:01 +0200)]
package/gupnp: disable examples
Disable examples through the new meson option (they are enabled by
default)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Bernd Kuhls [Wed, 6 Nov 2019 21:10:05 +0000 (22:10 +0100)]
package/ghostscript: add optional dependency to openjpeg
Remove openjpeg source files included in upstream tarball as well.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bernd Kuhls [Wed, 6 Nov 2019 21:10:04 +0000 (22:10 +0100)]
package/ghostscript: add optional dependency to jbig2dec
Remove jbig2dec source files included in upstream tarball as well.
Needs http://patchwork.ozlabs.org/patch/
1161981/
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Raphaël Mélotte [Fri, 13 Sep 2019 11:24:13 +0000 (13:24 +0200)]
package/jbig2dec: new package.
jbig2dec is a decoder implementation of the JBIG2 image compression format.
Signed-off-by: Raphaël Mélotte <raphael.melotte@essensium.com>
Tested-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bartosz Bilas [Mon, 23 Mar 2020 18:03:30 +0000 (19:03 +0100)]
package/cegui: rename and bump version
Since spice ver. 0.12.6 doesn't depend on cegui anymore
let's bump to the latest stable version and rename package.
Signed-off-by: Bartosz Bilas <b.bilas@grinn-global.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Lubomir Rintel [Tue, 24 Mar 2020 14:29:49 +0000 (15:29 +0100)]
package/network-manager: bump to version 1.22.10
Add COPYING.LGPL to license files, disable the "cloud configuration"
tool. It requires libcurl and it is too unlikely to be useful.
The library license is now LGPL-2.1+.
The hash of CONTRIBUTING has changed because it now refers to
LGPL-2.1+ instead of LGPL-2.0+.
The hash of COPYING is changed due to white-space changes, and the
removal of an introduction text:
Unless a COPYING file in a subdirectory or file-specific license
headers specify a different license, the following applies to all
files in this directory and all subdirectories.
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License as
published by the Free Software Foundation; either version 2 of the
License, or (at your option) any later version.
Signed-off-by: Lubomir Rintel <lkundrak@v3.sk>
[Thomas:
- fix hash of CONTRIBUTING
- expand commit log
- drop GFDL license information, since documentation is not installed
on the target]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Heiko Stuebner [Tue, 24 Mar 2020 15:42:55 +0000 (16:42 +0100)]
package/optee-client: add option to configure TEE-based storage location
OP-TEE provides the possibility of secure storage done by the
normal world OS via tee-supplicant.
The location is a compile-time value and by default it is /data/tee .
As this might not be suitable for all use-cases add an option to
set the CFG_TEE_FS_PARENT_PATH compile option.
Default value is still /data/tee as it was before adding this option.
Signed-off-by: Heiko Stuebner <heiko.stuebner@theobroma-systems.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
James Hilliard [Tue, 24 Mar 2020 22:22:30 +0000 (16:22 -0600)]
package/wpebackend-fdo: bump to version 1.6.0
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
James Hilliard [Tue, 24 Mar 2020 22:15:25 +0000 (16:15 -0600)]
package/libwpe: bump to version 1.6.0
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
James Hilliard [Tue, 24 Mar 2020 21:58:09 +0000 (15:58 -0600)]
package/wpewebkit: bump to version 2.28.0
Adjust fix build with musl patch for 2.28.0.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Thomas Petazzoni [Sun, 29 Mar 2020 19:59:24 +0000 (21:59 +0200)]
Revert "package/rtty: remove unnecessary cmake options"
This reverts commit
7f169e6bc3812d7f9160449d7724711e4df7e39e.
As pointed out by Yann E. Morin, we really want to explicitly disable
crypto backends, otherwise they will get automatically re-enabled if
one of the dependencies is found:
elseif(OPENSSL_FOUND)
set(RTTY_USE_OPENSSL ON)
elseif(WOLFSSL_FOUND)
set(RTTY_USE_WOLFSSL ON)
elseif(MBEDTLS_FOUND)
set(RTTY_USE_MBEDTLS ON)
But as usual, dependencies may incorrectly be found, so we want to
explicitly disable.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Johan Oudinet [Wed, 25 Mar 2020 14:04:24 +0000 (15:04 +0100)]
package/vuejs: new package
Signed-off-by: Johan Oudinet <johan.oudinet@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Jianhui Zhao [Wed, 25 Mar 2020 07:27:02 +0000 (15:27 +0800)]
package/rtty: remove unnecessary cmake options
Signed-off-by: Jianhui Zhao <zhaojh329@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
James Hilliard [Fri, 27 Mar 2020 18:26:39 +0000 (12:26 -0600)]
package/cog: fix segfaults on null xkb_data keymap/state
Fixes:
Program terminated with signal SIGSEGV, Segmentation fault.
#0 xkb_state_key_get_layout (state=state@entry=0x0, kc=kc@entry=50) at ../src/state.c:217
Program terminated with signal SIGSEGV, Segmentation fault.
#0 XkbKey (kc=kc@entry=45, keymap=0x0) at ../src/keymap.h:430
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Adam Duskett [Fri, 27 Mar 2020 18:29:58 +0000 (11:29 -0700)]
package/gupnp: bump version to 1.2.2
Other changes:
- Convert the package type to meson as there is no longer autotools support.
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
[yann.morin.1998@free.fr: two spaces in hash file]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Adam Duskett [Fri, 27 Mar 2020 18:29:57 +0000 (11:29 -0700)]
package/gssdp: bump version to 1.2.2
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
[yann.morin.1998@free.fr: two spaces in hash file]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fabrice Fontaine [Thu, 26 Mar 2020 20:24:45 +0000 (21:24 +0100)]
package/rtty: fix static build with openssl
Fixes:
- http://autobuild.buildroot.org/results/
6105b69d8598f0033044a26f53a768e2d4b2915e
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Thomas Petazzoni [Wed, 25 Mar 2020 06:26:34 +0000 (07:26 +0100)]
package/oprofile: fix build with binutils >= 2.34
The libbfd library provided by binutils unfortunately changed its API
in binutils >= 2.34. This is causing some build failures at the moment
on architectures such as ARC that are using a very recent binutils
version, but it would also cause build failures on other architectures
once they start using binutils 2.34.
We fix this build issue by backporting an upstream oprofile
patch. However, this patch touches configure.ac, which means we need
to autoreconf, which needs another fix in configure.ac for autoreconf
to succeed.
With all that in place, this commit fixes:
http://autobuild.buildroot.net/results/
583d281c6cd2aecb65556080b379db24101ae3a8/
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Adam Duskett [Sat, 28 Mar 2020 22:26:11 +0000 (15:26 -0700)]
package/mender-artifact: bump version to 3.3.0
Other changes:
- Update license file hash due to year change.
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Adam Duskett [Sat, 28 Mar 2020 22:26:10 +0000 (15:26 -0700)]
package/mender: bump version to 2.2.0
Other changes:
- Update license file hashes due to copyright year change.
- Remove vendor/github.com/konsorten/go-windows-terminal-sequences/LICENSE
as it no longer exists.
- Add new vendor/github.com/urfave/cli/LICENSE hash.
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Peter Seiderer [Sun, 29 Mar 2020 13:25:34 +0000 (15:25 +0200)]
package/rpi-wifi-firmware: bump version to
d4f7087
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Peter Seiderer [Sun, 29 Mar 2020 13:25:33 +0000 (15:25 +0200)]
package/rpi-bt-firmware: bump version to
d4f7087
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Peter Seiderer [Sun, 29 Mar 2020 13:25:32 +0000 (15:25 +0200)]
package/rpi-firmware: bump version to
5574077
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Peter Seiderer [Sun, 29 Mar 2020 13:25:31 +0000 (15:25 +0200)]
package/rpi-userland: bump version to
6fb5973
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Peter Seiderer [Sun, 29 Mar 2020 13:25:30 +0000 (15:25 +0200)]
configs/raspberrypi*: bump kernel version to
4f2a4cc
Now based on 4.19.113 (from 4.19.97).
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fabrice Fontaine [Sun, 29 Mar 2020 16:44:23 +0000 (18:44 +0200)]
package/janus-gateway: remove stray REST comment
Commit
80f3622bc7 (package/libmicrohttpd: remove dependency on
threads) removed BR2_TOOLCHAIN_HAS_THREADS dependency from
BR2_PACKAGE_JANUS_GATEWAY_REST but forgot to remove comment.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Jagan Teki [Mon, 10 Feb 2020 16:21:02 +0000 (17:21 +0100)]
{linux, linux-headers}: add version 5.5
Signed-off-by: Jagan Teki <jagan@amarulasolutions.com>
[yann.morin.1998@free.fr:
- bump to 5.5.13
- rebase on top of master
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fabrice Fontaine [Sun, 29 Mar 2020 16:02:46 +0000 (18:02 +0200)]
package/gvfs: fix CVE-2019-12795
daemon/gvfsdaemon.c in gvfsd from GNOME gvfs before 1.38.3, 1.40.x
before 1.40.2, and 1.41.x before 1.41.3 opened a private D-Bus server
socket without configuring an authorization rule. A local attacker could
connect to this server socket and issue D-Bus method calls. (Note that
the server socket only accepts a single connection, so the attacker
would have to discover the server and connect to the socket before its
owner does.)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fabrice Fontaine [Sun, 29 Mar 2020 16:02:45 +0000 (18:02 +0200)]
package/gvfs: fix CVE-2019-12449
An issue was discovered in GNOME gvfs 1.29.4 through 1.41.2.
daemon/gvfsbackendadmin.c mishandles a file's user and group ownership
during move (and copy with G_FILE_COPY_ALL_METADATA) operations from
admin:// to file:// URIs, because root privileges are unavailable.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fabrice Fontaine [Sun, 29 Mar 2020 16:02:44 +0000 (18:02 +0200)]
package/gvfs: fix CVE-2019-12447
An issue was discovered in GNOME gvfs 1.29.4 through 1.41.2.
daemon/gvfsbackendadmin.c mishandles file ownership because setfsuid is
not used.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fabrice Fontaine [Sun, 29 Mar 2020 16:02:43 +0000 (18:02 +0200)]
package/gvfs: fix CVE-2019-12448
An issue was discovered in GNOME gvfs 1.29.4 through 1.41.2.
daemon/gvfsbackendadmin.c has race conditions because the admin backend
doesn't implement query_info_on_read/write.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fabrice Fontaine [Sun, 29 Mar 2020 16:02:42 +0000 (18:02 +0200)]
package/gvfs: fix CVE-2019-3827
An incorrect permission check in the admin backend in gvfs before
version 1.39.4 was found that allows reading and modify arbitrary files
by privileged users without asking for password when no authentication
agent is running. This vulnerability can be exploited by malicious
programs running under privileges of users belonging to the wheel group
to further escalate its privileges by modifying system files without
user's knowledge. Successful exploitation requires uncommon system
configuration.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Adam Duskett [Fri, 27 Mar 2020 18:29:55 +0000 (11:29 -0700)]
package/vala: also wrap vapigen
when compiling gobject-introspection .gir files, some packages use vapigen to
generate a vala-api compatible .gir file. These packages tend to call vapigen
directly instead of vala or valac.
Without the wrapper, building the .gir files fail. In the case of for example,
gupnp-dlna throws the following error:
"error: Package `Gst-1.0' not found in specified Vala API directories or
GObject-Introspection GIR directories."
Installing the vala wrapper for vapigen fixes the above issue.
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Adam Duskett [Fri, 27 Mar 2020 18:29:54 +0000 (11:29 -0700)]
package/vala: fix wrapper
Add double quotes around the $@ variable to prevent word splitting.
Reported-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
[yann.morin.1998@free.fr: s/globbing/word splitting/]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fabrice Fontaine [Sun, 29 Mar 2020 08:36:50 +0000 (10:36 +0200)]
package/hiredis: install alloc.h
This will fix build of collectd, proftpd ... with latest hiredis
Fixes:
- http://autobuild.buildroot.org/results/
f5afe60defd63461a5fc06b26bd4759fb5f56a8f
- http://autobuild.buildroot.org/results/
45e980c85d170827d3a41e7443cf1088b2d59ead
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Gary Bisson [Fri, 27 Mar 2020 17:12:03 +0000 (18:12 +0100)]
configs/nitrogen8mm: Add new defconfig
NXP i.MX8MMini based SBC with 2GB of LPDDR4 and 8GB eMMC.
More details on the platform here:
https://boundarydevices.com/product/nitrogen8m-mini
Signed-off-by: Gary Bisson <gary.bisson@boundarydevices.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Gary Bisson [Fri, 27 Mar 2020 17:12:02 +0000 (18:12 +0100)]
board/boundarydevices: update readme.txt
- update outdated website URL
- add missing Nitrogen8M configuration
- reword procedure to make it clear it works for all storages
Signed-off-by: Gary Bisson <gary.bisson@boundarydevices.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Gary Bisson [Fri, 27 Mar 2020 17:12:01 +0000 (18:12 +0100)]
board/boundarydevices/common/post-image.sh: use genimage.sh
- To avoid code duplication and to benefit from support script
improvements like empty target dir.
- Note that currently genimage.sh can't be set in defconfig directly for
i.MX8 targets as the POST_SCRIPT_ARGS is used by
imx8-bootloader-prepare.sh
Signed-off-by: Gary Bisson <gary.bisson@boundarydevices.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bernd Kuhls [Fri, 27 Mar 2020 19:04:40 +0000 (20:04 +0100)]
package/kodi-audiodecoder-timidity: bump version to 2.0.5-Leia
Switched license file to LICENSE.md.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Peter Seiderer [Sat, 28 Mar 2020 22:07:49 +0000 (23:07 +0100)]
package/localedef: fix gcc-10.0.1 compile
Fixes build woth gcc-10, by backporting an upstream patch:
programs/ld-ctype.c:855:18: error: array subscript 0 is outside the bounds of an interior zero-length array ‘unsigned char[0]’ [-Werror=zero-length-bounds]
855 | replace[0].bytes[0] = '?';
| ~~~~~~~~~~~~~~~~^~~
Fixes: #12711
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
[yann.morin.1998@free.fr: slight reword in commit log]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Bernd Kuhls [Sat, 28 Mar 2020 21:48:29 +0000 (22:48 +0100)]
package/kodi: remove dependency to udev for libcec support
libcec added sysfs scanning support:
On Linux, dynamic device discovery is currently implemented via libudev,
which may not be available on more minimal systems. Thus, we implement a
new device discovery that directly uses sysfs to scan through available
USB devices for supported ones without any additional dependencies.
https://github.com/Pulse-Eight/libcec/commit/
70d71cb16fa7c334373f3ba0148b89eafc04f73f
Previously Kodi needed udev to find the Pulse-Eight CEC adapter.
Run-time tested using Kodi 18.6-Leia.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bernd Kuhls [Sat, 28 Mar 2020 21:48:28 +0000 (22:48 +0100)]
package/libcec: bump version
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Sat, 28 Mar 2020 17:44:04 +0000 (18:44 +0100)]
package/openzwave: bump to
62444b0f979c337d2091d77d89cf63c2ae9775cf
- Remove patches (already in version)
- Current license files have been moved to licenses since
https://github.com/OpenZWave/open-zwave/commit/
e5f22ed4aee753d7cbf20dc12859ec2c5bb2e974
- Add new LICENSE file, available since
https://github.com/OpenZWave/open-zwave/commit/
6e03f5fda0726cc449a902320dedf5838ea557d2
- Update indentation of hash file (two spaces)
- This bump is necessary to fix build with latest domoticz. Indeed, even
if this is a wrong practice, domoticz has a local copy of openzwave
headers which are now desynchronized from the openzwave source files
Fixes:
- http://autobuild.buildroot.org/results/
193b8dd97c927805679d874dce6e27c685ce1f28
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Sat, 28 Mar 2020 18:28:48 +0000 (19:28 +0100)]
package/sysstat: bump to version 12.2.1
Update indentation of hash file (two spaces)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Adam Duskett [Sat, 28 Mar 2020 21:26:50 +0000 (14:26 -0700)]
support/testing/tests/package/sample_gst1_python.py: fix flake8 errors
The older version of flake8 on the autobuilders does not support typehints.
As such, flake8 throws the following error when scanning sample_gst1_python:
E999 SyntaxError: invalid syntax
Remove the typehinting from on_message to fix this issue.
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Sat, 28 Mar 2020 15:58:29 +0000 (16:58 +0100)]
package/rocksdb: fix build without dlfcn.h
Fixes:
- http://autobuild.buildroot.org/results/
04c5afff034d8d71d11b95c998e3156292852de6
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Sat, 28 Mar 2020 15:58:28 +0000 (16:58 +0100)]
package/rocksdb: fix build on m68k_cf
Fixes:
- http://autobuild.buildroot.org/results/
04c5afff034d8d71d11b95c998e3156292852de6
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Fri, 27 Mar 2020 21:46:28 +0000 (22:46 +0100)]
package/rng-tools: bump to version 6.10
- libgcrypt is not an optional dependency and openssl is mandatory since
https://github.com/nhorman/rng-tools/commit/
699a404c290eaa08ed5dd37204d951ef6ee23578
- librtlsdr is an optional dependency since
https://github.com/nhorman/rng-tools/commit/
865277d591e20b7e21873433fb2a280c66d98c87
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bernd Kuhls [Fri, 27 Mar 2020 21:23:05 +0000 (22:23 +0100)]
package/gcc: define _REENTRANT for OpenRISC when -pthread is passed
Fixes:
http://autobuild.buildroot.net/results/
ceb802eea0fee5812efd717ae4cdbd9673d9507e/
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bernd Kuhls [Fri, 27 Mar 2020 18:50:45 +0000 (19:50 +0100)]
package/libmicrohttpd: remove dependency on threads
Upstream added support for non-threaded builds:
https://git.gnunet.org/libmicrohttpd.git/commit/configure.ac?id=
0eefd20ba370509d93fb7b0220e6d1c5739efac5
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Suniel Mahesh [Sat, 28 Mar 2020 05:04:31 +0000 (10:34 +0530)]
configs/roc_rk3399_pc: new defconfig
This initial support includes:
Linux 5.4
U-Boot 2020.01
Arm Trusted Firmware v2.2
Buildroot default packages.
Signed-off-by: Suniel Mahesh <sunil@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Suniel Mahesh [Sat, 28 Mar 2020 05:04:30 +0000 (10:34 +0530)]
boot/arm-trusted-firmware: add optional host-arm-gnu-a-toolchain dependency
Some ATF configurations, require a pre-built bare metal toolchain to
build some platforms which host cortex-m series core, for instance
rockchip rk3399 has a cortex-m0 core. Without a pre-built bare metal
toolchain, the build fails:
make[3]: arm-none-eabi-gcc: Command not found
To solve this, this commit implements a
BR2_TARGET_ARM_TRUSTED_FIRMWARE_NEEDS_ARM32_TOOLCHAIN
option. Platforms which have such requirement should enable this
config option.
Signed-off-by: Suniel Mahesh <sunil@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Suniel Mahesh [Sat, 28 Mar 2020 05:04:29 +0000 (10:34 +0530)]
package/arm-gnu-a-toolchain: new package
A number of AArch64 platforms need to build some bits of ARM32 code,
for example in TF-A (ARM Trusted Firmware) or other
firmware/bootloader.
This package allows to get a pre-built cross-compilation toolchain to
build bare-metal ARM32 code.
https://developer.arm.com/tools-and-software/open-source-software/developer-tools/gnu-toolchain/gnu-a/downloads
Signed-off-by: Suniel Mahesh <sunil@amarulasolutions.com>
[Thomas:
- drop empty LICENSE_FILES
- use VERSION variable in SITE variable
- simplify symlink creation
- drop visible Config.in.host option]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Merlin Büge [Sat, 28 Mar 2020 14:41:38 +0000 (15:41 +0100)]
docs/manual: small typo fixes and cleanup
Fix a few punctuation mistakes. The removed link is redundant, see the
previous sentence.
Signed-off-by: Merlin Büge <merlin.buege@tuhh.de>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fabrice Fontaine [Sat, 28 Mar 2020 13:23:26 +0000 (14:23 +0100)]
package/rocksdb: fix bzip2 option
Commit
95bf830e2ae6b5548c17fd3ce6ac1a8d2aa0c8b6 forgot to replace
ROCKSDB_CONF_OPTS by ROCKSDB_MAKE_OPTS for BR2_PACKAGE_BZIP2
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Sat, 28 Mar 2020 09:51:38 +0000 (10:51 +0100)]
package/lz4: annotate CVE-2014-4715
CVE-2014-4715 is misclassified (by our CVE tracker) as affecting
version 1.9.2, while in fact this issue has been fixed since lz4-r130:
https://github.com/lz4/lz4/commit/
140e6e72ddb6fc5f7cd28ce0c8ec3812ef4a9c08
See https://github.com/lz4/lz4/issues/818
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Sat, 28 Mar 2020 09:36:47 +0000 (10:36 +0100)]
package/libical: fix CVE-2016-9584
libical allows remote attackers to cause a denial of service
(use-after-free) and possibly read heap memory via a crafted ics file.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Sat, 28 Mar 2020 09:00:42 +0000 (10:00 +0100)]
package/pure-ftpd: fix CVE-2020-9274
An issue was discovered in Pure-FTPd 1.0.49. An uninitialized pointer
vulnerability has been detected in the diraliases linked list. When the
*lookup_alias(const char alias) or print_aliases(void) function is
called, they fail to correctly detect the end of the linked list and try
to access a non-existent list member. This is related to init_aliases in
diraliases.c.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Sat, 28 Mar 2020 08:52:30 +0000 (09:52 +0100)]
package/hiredis: security bump to version 0.14.1
- Fix CVE-2020-7105: async.c and dict.c in libhiredis.a in hiredis
through 0.14.0 allow a NULL pointer dereference because malloc return
values are unchecked.
- Update indentation of hash file (two spaces)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Gao Xiang [Thu, 26 Mar 2020 02:12:15 +0000 (10:12 +0800)]
package/erofs-utils: add patch to resolve PAGE_SIZE redefinition
This patch resolves PAGE_SIZE redefinition reported by autobuilders,
with toolchains using musl, on x86 (32- or 64-bit) platforms.
Fixes:
- http://autobuild.buildroot.net/results/
340b98caa45bafd43f109002be9da59ba7f6d971
- http://autobuild.buildroot.net/results/
42cd24535ab38cb9b416b730a034a1dbe3293bf5
- http://autobuild.buildroot.net/results/
260cdb3203e9141e674f38a2acd127d10320f8fa
Signed-off-by: Gao Xiang <hsiangkao@aol.com>
[yann.morin.1998@free.fr:
- update commit log with details about conditions
- add two autobuilder references
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Yann E. MORIN [Sat, 28 Mar 2020 08:21:08 +0000 (09:21 +0100)]
gitlab-ci: regenerate to accomodate for a removed test
Commit
a570f63dd4b (Revert "package/perl-crypt-ssleay: new package")
forgot to deregister the associated test from the gitlab-ci list.
Remove it now.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Adam Duskett [Tue, 24 Mar 2020 17:38:53 +0000 (10:38 -0700)]
support/testing: fix test_gst1_python
The config is missing the following packages:
- BR2_PACKAGE_GST1_PLUGINS_BASE
This is needed for the videotestsrc plugin which provides
videotestsrc.
- BR2_PACKAGE_GST1_PLUGINS_BAD
This is needed for the debugutils plugin which provides
fakevideosink.
- BR2_PACKAGE_GST1_PLUGINS_BASE_PLUGIN_VIDEOTESTSRC
videotestsrcplugin used by the example pipeline.
- BR2_PACKAGE_GST1_PLUGINS_BAD_PLUGIN_DEBUGUTILS
fakevideosink plugin used by the example pipeline.
The sample was also amended to fix:
- no call to main.
- using autovideosink instead of fakevideosink. Using Fakevideoskink
is preferred because its primary purpose is for debugging and sample
pipelines. Autovideosink does not work because there is no video
output device.
- No function on_message. Without this function, the script fails
because of the missing function.
- The script sets the pipeline to Gst.State.EOS instead of
Gst.State.NULL which results in a failed pipeline state. When the
state is set to NULL, gstreamer automatically calls EOS. Manually
setting the pipeline state to EOS results in the following error:
Trying to dispose element sink, but it is in PLAYING instead of
the NULL state. You need to explicitly set elements to the NULL
state before dropping the final reference, to allow them to
clean up. A refcounting bug may also cause this problem in the
application or some element.
In addition, the default timeout is set too low and would result in a
test failure, this has been changed to 200 seconds.
These issues are now properly fixed, and the sample script passes.
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
[yann.morin.1998@free.fr:
- meld the two patches together
- add the print() in the on_demand callback
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Adam Duskett [Tue, 24 Mar 2020 17:38:52 +0000 (10:38 -0700)]
package/gstreamer1/gst1-python: fix libpython-dir path
Due to the CONF_ENV options set in the gst1-python.mk file, libpython-dir
must be set manually or else the error:
"Python dynamic library path could not be determined" occurs.
Previously the libpython-dir option was set to
$(HOST_DIR)/lib/python$(PYTHON3_VERSION_MAJOR), however, this breaks the
resulting .so because the above full path is baked into the resulting .so.
which results in the error:
Couldn't g_module_open libpython. Reason:
/full/path/to/host/lib/python3.8/libpython3.8.so: cannot open shared object
file: No such file or directory
To fix this error, set the libpython-dir to /usr/lib.
Because we provide PYTHONPATH=$(PYTHON3_PATH) in the GST1_PYTHON_CONF_ENV,
the logic in the meson file uses the above python3 provided by the PYTHONPATH
variable to determine /usr/lib/ has the proper
python$(PYTHON3_VERSION_MAJOR).so file.
Because Buildroot provides the appropriate paths, the meson file finds
the correct .so file and the resulting compiled library has the appropriate
path of /usr/lib/python3.$(PYTHON3_VERSION_MAJOR).so
This change has been tested on the following distributions:
- Debian 9 and 10
- Debian 9 without python3 installed on the host.
- Centos7
- Fedora 31
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fabrice Fontaine [Wed, 25 Mar 2020 07:36:48 +0000 (08:36 +0100)]
package/libeXosip2: fix build without threads
Fixes:
- http://autobuild.buildroot.org/results/
ec262058cc0a4bf92c381857eaf3b44412942bba
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Reviewed-by: Gilles Talis <gilles.talis@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
James Hilliard [Thu, 26 Mar 2020 23:26:23 +0000 (17:26 -0600)]
package/python-twisted: bump to version 20.3.0
Update in the copyright year of the license file:
-Copyright (c) 2001-2019
+Copyright (c) 2001-2020
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
James Hilliard [Thu, 26 Mar 2020 23:16:56 +0000 (17:16 -0600)]
package/{protobuf, python-protobuf}: bump to version 3.11.4
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>