Michael Walle [Mon, 26 Jul 2021 14:26:06 +0000 (16:26 +0200)]
package/mtd: bump to version 2.1.3
See release announcement for changes:
https://lists.infradead.org/pipermail/linux-mtd/2021-July/087588.html
Signed-off-by: Michael Walle <michael@walle.cc>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Mon, 26 Jul 2021 09:26:44 +0000 (11:26 +0200)]
package/nut: add SELinux module
Support for nut is added by the services/nut module in the SELinux
refpolicy.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Mon, 26 Jul 2021 09:23:24 +0000 (11:23 +0200)]
package/ntp: add SELinux module
Support for ntp is added by the services/ntp module in the SELinux
refpolicy.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Mon, 26 Jul 2021 09:20:52 +0000 (11:20 +0200)]
package/oracle-mysql: add SELinux module
Support for oracle-mysql is added by the services/mysql module in the
SELinux refpolicy.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Mon, 26 Jul 2021 09:18:59 +0000 (11:18 +0200)]
package/mariadb: add SELinux module
Support for mariadb is added by the services/mysql module in the SELinux
refpolicy.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Titouan Christophe [Mon, 26 Jul 2021 09:16:35 +0000 (11:16 +0200)]
package/redis: security bump to v6.2.5
From the release notes:
================================================================================
Redis 6.2.5 Released Wed Jul 21 16:32:19 IDT 2021
================================================================================
Upgrade urgency: SECURITY, contains fixes to security issues that affect
authenticated client connections on 32-bit versions. MODERATE otherwise.
Fix integer overflow in BITFIELD on 32-bit versions (CVE-2021-32761).
An integer overflow bug in Redis version 2.2 or newer can be exploited using the
BITFIELD command to corrupt the heap and potentially result with remote code
execution.
See https://github.com/redis/redis/blob/6.2.5/00-RELEASENOTES
Signed-off-by: Titouan Christophe <titouanchristophe@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Mon, 26 Jul 2021 09:16:26 +0000 (11:16 +0200)]
package/mpd: add SELinux module
Support for mpd is added by the services/mpd module in the SELinux
refpolicy.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Mon, 26 Jul 2021 09:14:50 +0000 (11:14 +0200)]
package/monit: add SELinux module
Support for monit is added by the services/monit module in the SELinux
refpolicy.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Mon, 26 Jul 2021 09:14:49 +0000 (11:14 +0200)]
package/monit: add MONIT_CPE_ID_VENDOR
cpe:2.3:a:mmonit:monit is a valid CPE identifier for this package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Ammonit%3Amonit
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Mon, 26 Jul 2021 09:08:40 +0000 (11:08 +0200)]
package/mongodb: add SELinux module
Support for mongodb is added by the services/mongodb module in the
SELinux refpolicy.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Mon, 26 Jul 2021 09:06:40 +0000 (11:06 +0200)]
package/modem-manager: add SELinux module
Support for modem-manager is added by the services/modemmanager module
in the SELinux refpolicy.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Mon, 26 Jul 2021 09:03:46 +0000 (11:03 +0200)]
package/memcached: add SELinux module
Support for memcached is added by the services/memcached module in the
SELinux refpolicy.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Mon, 26 Jul 2021 08:59:53 +0000 (10:59 +0200)]
package/lirc-tools: add SELinux module
Support for lirc-tools is added by the services/lircd module in the
SELinux refpolicy.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Mon, 26 Jul 2021 08:55:35 +0000 (10:55 +0200)]
package/openldap: add SELinux module
Support for openldap is added by the services/ldap module in the SELinux
refpolicy.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Mon, 26 Jul 2021 08:51:58 +0000 (10:51 +0200)]
package/xl2tp: add SELinux module
Support for xl2tp is added by the services/l2tp module in the SELinux
refpolicy.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Mon, 26 Jul 2021 08:45:44 +0000 (10:45 +0200)]
package/irqbalance: add SELinux module
Support for irqbalance is added by the services/irqbalance module in the
SELinux refpolicy.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Mon, 26 Jul 2021 08:43:03 +0000 (10:43 +0200)]
package/iodine: add SELinux module
Support for iodine is added by the services/iodine module in the SELinux
refpolicy.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Mon, 26 Jul 2021 08:43:02 +0000 (10:43 +0200)]
package/iodine: add IODINE_CPE_ID_VENDOR
cpe:2.3:a:kryo:iodine is a valid CPE identifier for this package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Akryo%3Aiodine
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Mon, 26 Jul 2021 08:37:40 +0000 (10:37 +0200)]
package/ifplugd: add SELinux module
Support for ifplugd is added by the services/ifplugd module in the
SELinux refpolicy.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Mon, 26 Jul 2021 08:34:23 +0000 (10:34 +0200)]
package/gpsd: add SELinux module
Support for gpsd is added by the services/gpsd module in the SELinux
refpolicy.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Mon, 26 Jul 2021 08:32:06 +0000 (10:32 +0200)]
package/gpm: add SELinux module
Support for gpm is added by the services/gpm module in the SELinux
refpolicy.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Mon, 26 Jul 2021 08:29:19 +0000 (10:29 +0200)]
package/git: add SELinux module
Support for git is added by the services/git module in the SELinux
refpolicy.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Mon, 26 Jul 2021 08:27:40 +0000 (10:27 +0200)]
package/fetchmail: add SELinux module
Support for fetchmail is added by the services/fetchmail module in the
SELinux refpolicy.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Mon, 26 Jul 2021 08:25:53 +0000 (10:25 +0200)]
package/fail2ban: add SELinux module
Support for fail2ban is added by the services/fail2ban module in the
SELinux refpolicy.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Mon, 26 Jul 2021 08:23:46 +0000 (10:23 +0200)]
package/exim: add SELinux module
Support for exim is added by the services/exim module in the SELinux
refpolicy.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Mon, 26 Jul 2021 08:21:31 +0000 (10:21 +0200)]
package/drbd-utils: add SELinux module
Support for drbd-utils is added by the services/drbd module in the
SELinux refpolicy.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Mon, 26 Jul 2021 08:13:24 +0000 (10:13 +0200)]
package/dante: add SELinux module
Support for dante is added by the services/dante module in the SELinux
refpolicy.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Mon, 26 Jul 2021 08:10:25 +0000 (10:10 +0200)]
package/cvs: add SELinux module
Support for cvs is added by the services/cvs module in the SELinux
refpolicy.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Scott Fan [Mon, 22 Feb 2021 05:39:52 +0000 (13:39 +0800)]
package/open62541: cleanup tools files after installation
The open62541 tools directory is indeed 52 MiB, which built as a standalone package
named 'libopen62541-1-tools' in launchpad. Nothing is required at runtime.
See the official debian control file template:
https://raw.githubusercontent.com/open62541/open62541/master/debian/control-template
See https://launchpad.net/~open62541-team/+archive/ubuntu/ppa/+packages
libopen62541-1 Open source implementation of OPC UA - shared library
libopen62541-1-dev Open source implementation of OPC UA - development files
libopen62541-1-tools Open source implementation of OPC UA - tools
open62541-doc Open source implementation of OPC UA - documentation
Signed-off-by: Scott Fan <fancp2007@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Thomas De Schampheleire [Mon, 8 Mar 2021 13:45:40 +0000 (14:45 +0100)]
utils/scanpypi: allow installation of commands without 'main' method
In case the setup.py file of a python package does not directly call the
'setup' method, utils/scanpypi was hoping there be a 'main' function which
would do the work, normally called via a construct like:
if __name__ == '__main__':
main()
However, this construct is nonstandard, and there are packages in PyPI which
call 'setup()' directly from the 'if' statement, without a main() method.
But scanpypi does not actually need to make such assumption: when loading
the module, it can decide the name to be '__main__', just as if setup.py
would be loaded interactively.
Additionally, remove some logic seemingly related to the previous trick of
calling 'main'. There should not be a problem in keeping already loaded
modules in sys.modules, as this is the purpose of sys.modules.
Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Thomas De Schampheleire [Mon, 8 Mar 2021 13:45:39 +0000 (14:45 +0100)]
utils/scanpypi: add setup.py script directory as sys.path[0]
Even though the directory containing a package's setup.py was added to
sys.path, some setup.py implementations rely on the fact that it is placed
in sys.path[0].
An example package is 'cram' which failed to be added with scanpypi:
Traceback (most recent call last):
File "utils/scanpypi", line 756, in <module>
main()
File "utils/scanpypi", line 703, in main
package.load_setup()
File "utils/scanpypi", line 303, in load_setup
setup = imp.load_module('setup', s_file, s_path, s_desc)
File "/usr/lib/python3.8/imp.py", line 234, in load_module
return load_source(name, filename, file)
File "/usr/lib/python3.8/imp.py", line 171, in load_source
module = _load(spec)
File "<frozen importlib._bootstrap>", line 702, in _load
File "<frozen importlib._bootstrap>", line 671, in _load_unlocked
File "<frozen importlib._bootstrap_external>", line 783, in exec_module
File "<frozen importlib._bootstrap>", line 219, in _call_with_frames_removed
File "/tmp/scanpypi-2pzc5wb_/python-cram/cram-0.7/setup.py", line 44, in <module>
long_description=long_description(),
File "/tmp/scanpypi-2pzc5wb_/python-cram/cram-0.7/setup.py", line 20, in long_description
return open(os.path.join(sys.path[0], 'README.rst')).read()
FileNotFoundError: [Errno 2] No such file or directory: '.../buildroot/utils/README.rst'
The corresponding code from cram's setup.py is:
def long_description():
"""Get the long description from the README"""
return open(os.path.join(sys.path[0], 'README.rst')).read()
Indeed, the Python documentation says:
https://docs.python.org/3.8/library/sys.html#sys.path
"...
As initialized upon program startup, the first item of this list,
path[0], is the directory containing the script that was used to invoke
the Python interpreter.
..."
Fix this by inserting explicitly at index 0 instead of appending to
sys.path.
Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Peter Seiderer [Wed, 31 Mar 2021 18:50:01 +0000 (20:50 +0200)]
package/haveged: bump version to 1.9.14
- change clock_gettime option from yes/no style to disable/enable one
(still omitting the explicit disable to keep the configure logic
defaulting to yes in case no rdtsc is available)
- change to set all available configure options:
* '--enable-daemon': previous default
* '--disable-diagnostic': previous default
* '-disable-init': do not install init files as buildroot ships its
own sysv/systemd init files
* '--disable-nistest': disable tests, previous default
* '--disable-enttest': new option, disable tests
* '--disable-olt': previous default was yes, disable builtin test
* '--enable-tune': previous default
- add patch to fix uclibc compile (disable dependency on sys/auxv.h
introduced with upstream commit [1])
Changelog ([2]):
- made enttest configurable
- havegecmd.c - new command added to close the communication socket
[Werner Fink]
[1] https://github.com/jirka-h/haveged/commit/
26d35af198da01220ba4f7a1b987f17012476c00
[2] https://github.com/jirka-h/haveged/releases/tag/v1.9.14
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Peter Seiderer [Thu, 22 Jul 2021 21:24:34 +0000 (23:24 +0200)]
package/qt5declarative: fix gcc-11 compile failure
- add patch for qv4regexp_p to include c++ limits include (instead of plain
c limit.h)
Fixes:
In file included from jsruntime/qv4regexp_p.h:62,
from jsruntime/qv4regexp.cpp:40:
../3rdparty/masm/yarr/Yarr.h:46:44: error: ‘numeric_limits’ is not a member of ‘std’
46 | static const unsigned offsetNoMatch = std::numeric_limits<unsigned>::max();
| ^~~~~~~~~~~~~~
../3rdparty/masm/yarr/Yarr.h:46:59: error: expected primary-expression before ‘unsigned’
46 | static const unsigned offsetNoMatch = std::numeric_limits<unsigned>::max();
| ^~~~~~~~
- add patch for qqmlprofilerevent_p to include c++ limits include
Fixes:
In file included from qqmlprofilertypedevent_p.h:43,
from qqmlprofilertypedevent.cpp:40:
qqmlprofilerevent_p.h: In member function ‘void QQmlProfilerEvent::assignNumbers(const Container&)’:
qqmlprofilerevent_p.h:314:65: error: ‘numeric_limits’ is not a member of ‘std’
314 | static_cast<quint16>(numbers.size()) : std::numeric_limits<quint16>::max();
| ^~~~~~~~~~~~~~
qqmlprofilerevent_p.h:314:87: error: expected primary-expression before ‘>’ token
314 | static_cast<quint16>(numbers.size()) : std::numeric_limits<quint16>::max();
| ^
qqmlprofilerevent_p.h:314:90: error: ‘::max’ has not been declared; did you mean ‘std::max’?
314 | static_cast<quint16>(numbers.size()) : std::numeric_limits<quint16>::max();
| ^~~
| std::max
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Thu, 22 Jul 2021 21:12:30 +0000 (23:12 +0200)]
package/samba4: needs host-flex
host-flex is needed to avoid the following build failure since bump to
version 4.14.3 in commit
7df2611e9e93f9c3efea39bf0b5c217564618a28 due to
https://gitlab.com/samba-team/samba/-/commit/
942c0d2128cb8e64a9354dde6bdae82a1c1c3d88
Checking for flex
Checking for program 'flex' : not found
Embedded Heimdal build requires flex but it was not found. Install flex or use --with-system-mitkrb5 or --with-system-heimdalkrb5
Fixes:
- http://autobuild.buildroot.org/results/
b9ed8be51a0eef77d6e48755861ae266c3b9f811
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Thu, 22 Jul 2021 20:44:08 +0000 (22:44 +0200)]
package/stunnel: requires DES support in openssl
Enable DES in openssl to fix build failure raised since commit
a83d41867c8d69a77d5cd0a665aa216af5340359
Fixes:
- http://autobuild.buildroot.org/results/
4b306a13f543bbabf3f01d882b3549e3d9961556
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Wed, 21 Jul 2021 22:24:59 +0000 (00:24 +0200)]
package/gumbo-parser: fix build without C++
Build without C++ fails since the addition of the package in commit
f6628763eb302f15f861e0ce7bfc44b34b066bea
Fixes:
- http://autobuild.buildroot.org/results/
a32b5d3b959433fd5c3543661c37f80d27fbd010
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Wed, 21 Jul 2021 21:45:17 +0000 (23:45 +0200)]
package/libnetfilter-log: fix build on musl
Add upstream patches to fix the following build failure with suricata
raised since bump to version 6.0.3 in commit
4c429c3f8c322381991a58fcc37c01da9eb5e8a6
checking for libnetfilter_log/libnetfilter_log.h... no
configure: error: libnetfilter_log.h not found ...
Fixes:
- http://autobuild.buildroot.org/results/
0b960f40b5d7e4bb0c4ba20638fe66a9e0964ab3
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Wed, 21 Jul 2021 21:45:16 +0000 (23:45 +0200)]
package/libnfnetlink: fix build on musl
Include upstream patch to fix build failure with suricata raised since
bump to version 6.0.3 in commit
4c429c3f8c322381991a58fcc37c01da9eb5e8a6
Fixes:
- http://autobuild.buildroot.org/results/
0b960f40b5d7e4bb0c4ba20638fe66a9e0964ab3
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Wed, 21 Jul 2021 20:03:49 +0000 (22:03 +0200)]
package/collectd: add SELinux module
Support for collectd is added by the services/collectd module in the
SELinux refpolicy.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Petr Vorel [Sun, 25 Jul 2021 20:17:36 +0000 (22:17 +0200)]
DEVELOPERS: Add myself as rpcbind maintainer
Signed-off-by: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Sun, 25 Jul 2021 15:49:41 +0000 (17:49 +0200)]
package/sudo: add SELinux refpolicy module
SELinux support for sudo is added by the admin/sudo refpolicy module.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Sun, 25 Jul 2021 15:48:35 +0000 (17:48 +0200)]
package/quota: add SELinux refpolicy module
SELinux support for quota is provided by the admin/quota refpolicy
module.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Sun, 25 Jul 2021 15:44:46 +0000 (17:44 +0200)]
package/snort: add SELinux module
Support for snort is added by the services/snort module in the SELinux
refpolicy.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Sun, 25 Jul 2021 15:43:28 +0000 (17:43 +0200)]
package/cups: add SELinux module
Support for cups is added by the services/cups module in the SELinux
refpolicy.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Thomas De Schampheleire [Tue, 8 Jun 2021 15:18:39 +0000 (17:18 +0200)]
toolchain: mark sysroot as 'safe' path for gdb auto-load
gdb can automatically load certain files as described in [1]. Such files
could install pretty-printers for complex data structures.
libstdcxx (C++ standard library) provided by gcc, is one example of a
library for which such auto-load file is available. But there are other
examples too, like libglib2.
However, gdb will only auto-load files if the file is located in one of the
locations treated as 'safe'. The Buildroot sysroot is not by default in that
list.
Provide a better debugging experience by adding the sysroot to the 'safe'
list, via the gdbinit file prepared by Buildroot.
[1] https://sourceware.org/gdb/onlinedocs/gdb/objfile_002dgdbdotext-file.html
Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Thomas De Schampheleire [Tue, 8 Jun 2021 15:18:38 +0000 (17:18 +0200)]
toolchain/toolchain-external: fixup gdb pretty-printer loader for libstdcxx
gcc installs a libstdcxx-...so-gdb.py file that gdb will load automatically
when it loads libstdcxx.so, via the mechanism described at [1].
However, the auto-load file installed by gcc contains hardcoded paths
referring to the location where the (external) toolchain was built, which
are normally not available.
Fix up the paths in the load file so that the pretty printers can be loaded
automatically.
Note that gdb will only auto-load the file if its location is marked as
'safe'. A subsequent commit will take care of that.
Technically, there could be more than one load file, e.g. in lib and
usr/lib, so fix them all. This was for example observed in
BR2_TOOLCHAIN_EXTERNAL_ARM_AARCH64.
In a very specific case with a local custom toolchain, there were actually
two 'python' directories, which would break the sed command, so arbitrarily
limit to the first one encountered.
[1] https://sourceware.org/gdb/onlinedocs/gdb/objfile_002dgdbdotext-file.html
Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Thomas De Schampheleire [Tue, 8 Jun 2021 15:18:37 +0000 (17:18 +0200)]
package/gdb: fix gdb segfault with Python 3.9 support
When enabling Python 3 support in gdb < 10, gdb segfaults at startup.
The issue is was resolved by the following upstream gdb commit,
present since gdb 10.1:
commit
c47bae859a5af0d95224d90000df0e529f7c5aa0
Author: Kevin Buettner <kevinb@redhat.com>
Date: Wed May 27 20:05:40 2020 -0700
Fix Python3.9 related runtime problems
[...]
This commit backports this fix to all relevant gdb versions supported
in Buildroot.
Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Wed, 16 Jun 2021 18:54:47 +0000 (20:54 +0200)]
package/snort3: bump to version 3.1.6.0
https://github.com/snort3/snort3/blob/3.1.6.0/ChangeLog
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Peter Seiderer [Thu, 22 Jul 2021 18:19:29 +0000 (20:19 +0200)]
package/mariadb: provide native compiled mariadb_config
- overwrite cross-compiled mariadb_config executable (used from the
mysql_config script) by a native/host compiled one
Fixes (qt5base configure):
Trying source 0 (type mysqlConfig) of library mysql ...
+ .../host/aarch64-buildroot-linux-gnu/sysroot/usr/bin/mysql_config --version
> .../host/aarch64-buildroot-linux-gnu/sysroot/usr/bin/mysql_config: line 100: \
.../host/aarch64-buildroot-linux-gnu/sysroot/usr/bin/mariadb_config: cannot execute binary file: Exec format error
with
$ file host/aarch64-buildroot-linux-gnu/sysroot/usr/bin/mariadb_config
host/aarch64-buildroot-linux-gnu/sysroot/usr/bin/mariadb_config: ELF 64-bit LSB pie executable, ARM aarch64, version 1 (SYSV), dynamically linked, interpreter /lib/ld-linux-aarch64.so.1, for GNU/Linux 5.10.0, with debug_info, not stripped
Reported-by: Scott Bartolett <SBartolett@thorlabs.com>
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Peter Seiderer [Thu, 22 Jul 2021 18:19:28 +0000 (20:19 +0200)]
package/mariadb: bump version to 10.3.30
- rebase 001-add-extra-check-for-librt.patch
- for changelog see [1], [2]
Fixes:
CMake Error at libmariadb/cmake/ConnectorName.cmake:30 (ENDMACRO):
Flow control statements are not properly nested.
Call Stack (most recent call first):
libmariadb/CMakeLists.txt:423 (INCLUDE)
[1] https://mariadb.com/kb/en/mariadb-10329-changelog/
[2] https://mariadb.com/kb/en/mariadb-10330-changelog/
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bernd Kuhls [Sat, 29 May 2021 07:51:16 +0000 (09:51 +0200)]
package/dav1d: bump version to 0.9.0
Release notes: https://code.videolan.org/videolan/dav1d/-/releases
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
James Hilliard [Sun, 18 Jul 2021 20:44:06 +0000 (14:44 -0600)]
package/nfs-utils: Add optional GSS support
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Reviewed-by: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
James Hilliard [Sun, 18 Jul 2021 20:44:05 +0000 (14:44 -0600)]
package/libtirpc: Add optional GSSAPI support
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Reviewed-by: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fabrice Fontaine [Sun, 18 Jul 2021 08:34:12 +0000 (10:34 +0200)]
package/mtd: update lib{mtd,ubi}.h path
Update lib{mtd,ubi}.h path to fix the following build failure raised
since bump of swupdate to version 2021.04 in commit
2c6b0359c3b819fadb4437b2d780e95c32fdab21:
In file included from corelib/mtd-interface.c:21:
include/flash.h:13:10: fatal error: libmtd.h: No such file or directory
13 | #include <libmtd.h>
| ^~~~~~~~~~
This build failure is raised because of
https://github.com/sbabic/swupdate/commit/
0c672866d4a9fe8f0808b5d8a0afb95c13c4c138
Fixes:
- http://autobuild.buildroot.org/results/
d475bdb341d2afecf12e404dfa093e58221b9882
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Zach Vargas [Thu, 20 Feb 2020 20:11:49 +0000 (14:11 -0600)]
package/nvidia-driver: bump version to 390.132
Support Linux kernel 5.4.
Change the 64-bit download to exclude 32-bit compatibility libs.
Signed-off-by: Zach Vargas <zvargas@xes-inc.com>
[vfazio: 64-bit package change]
Signed-off-by: Vincent Fazio <vfazio@xes-inc.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Vincent Fazio [Thu, 20 Feb 2020 20:11:48 +0000 (14:11 -0600)]
package/nvidia-driver: fixup libraries according to README
Create a symlink for libglx.so and drop libnvidia-wfb.so (aka libwfb.so)
since all selectable xserver versions in Buildroot provide their own.
VDPAU libraries should be installed into /usr/lib/vdpau/
https://download.nvidia.com/XFree86/Linux-x86_64/390.67/README/installedcomponents.html
Also, allow specifying target subdirectory per library and respect it in
the install loop.
Signed-off-by: Vincent Fazio <vfazio@xes-inc.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Gleb Mazovetskiy [Sun, 3 Jan 2021 17:15:25 +0000 (17:15 +0000)]
Makefile: Parallelize glibc locale generation
Parallelizes locale generation based on `BR2_JLEVEL` setting.
Locale generation always runs during the finalize stage and can consume
a significant amount of time. Parallelizing it greatly reduces that time
on multi-core machines.
To parallelize it, we first invoke `localedef` for every locale in
parallel with the `--no-archive` option. This creates the intermediate
locale data instead of writing to the finally archive directly.
Then, we invoke `localedef` again once to create the archive from the
intermediate compiled locale data files.
We have to do it this way because `localedef` does not do any locking
when writing to the archive file, so calling it without `--no-archive`
concurrently could result in a corrupt archive file or an archive file
that is missing some locales.
While we're at it, make two additional improvements:
- Remove locale-archive before adding to it. Otherwise, repeated
applications of target-finalize will keep on growing the file.
- Sort the locales when creating locale-archive so its contents are
reproducible.
We use `find` to collect the installed locales rather than LOCALES. This
makes it possible for something else (skeleton, overlay, custom package)
to create and install additional locales and still have them added to
locale-archive.
Signed-off-by: Gleb Mazovetskiy <glex.spb@gmail.com>
[Arnout:
- Remove -j$(PARALLEL_JOBS), it's already part of $(MAKE)
- Remove HOST_DIR, TARGET_DIR, STAGING_DIR, they're already exported
- Extend commit message
]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Vincent Stehlé [Fri, 28 May 2021 14:02:17 +0000 (16:02 +0200)]
package/fwts: bump to version 21.05.00
- Update patch
Signed-off-by: Vincent Stehlé <vincent.stehle@laposte.net>
Cc: Erico Nunes <nunes.erico@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Romain Naour [Sat, 12 Jun 2021 10:24:49 +0000 (12:24 +0200)]
Config.in: disable PIC/PIE for microblaze
As reported by Toolchain-builder project [1], the system doesn't
boot when PIC/PIE is enabled for glibc based toolchain (the init
process hang).
Also, hardening features may not be wanted or possible for such
slow soft-core cpus [2].
Like for NiosII, disable BR2_PIC_PIE.
[1] https://gitlab.com/bootlin/toolchains-builder/-/pipelines/
318038406
[2] http://lists.busybox.net/pipermail/buildroot/2021-June/312416.html
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Thomas Petazzoni [Sun, 25 Jul 2021 13:45:19 +0000 (15:45 +0200)]
Config.in: add BR2_PIC_PIE_ARCH_SUPPORTS hidden option
The nios2 architecture is already excluded from PIC/PIE due to issues,
and we're going to also exclude Microblaze, so let's introduce a
BR2_PIC_PIE_ARCH_SUPPORTS hidden boolean to facilitate adding this new
architecture exclusion.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Arnout Vandecappelle (Essensium/Mind) [Sun, 25 Jul 2021 13:43:20 +0000 (15:43 +0200)]
package/busybox: correctly set BUSYBOX_KCONFIG_SUPPORTS_DEFCONFIG
Commit
e6b3913cfc converted busybox to the generic kconfig help text
infrastructure, but set the wrong variable to flag that it doesn't
support defconfig files. Fix that.
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Peter Seiderer [Tue, 8 Jun 2021 19:55:15 +0000 (21:55 +0200)]
package/iwd: bump version to 1.14
For details see [1].
[1] https://git.kernel.org/pub/scm/network/wireless/iwd.git/tree/ChangeLog
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Maxim Kochetkov [Tue, 22 Jun 2021 12:41:21 +0000 (15:41 +0300)]
package/timescaledb: bump version to 2.3.0
Signed-off-by: Maxim Kochetkov <fido_max@inbox.ru>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Maxim Kochetkov [Tue, 22 Jun 2021 12:41:20 +0000 (15:41 +0300)]
package/postgresql: add cflags_sl option to pg_config
Some external packages call pg_config to determine the installed
PostgreSQL cflags_sl option. Add this output to Buildroots own
pg_config, so these packages correctly compile.
Default value is defined at src/template/linux as:
Extra CFLAGS for code that will go into a shared library
CFLAGS_SL="-fPIC"
Signed-off-by: Maxim Kochetkov <fido_max@inbox.ru>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Thomas Petazzoni [Tue, 20 Jul 2021 10:08:28 +0000 (12:08 +0200)]
package/python-pysftp: add missing C++ dependency from paramiko
python-paramiko has a dependency on C++ support, which was added in
commit
2d7b73cf75daedd4a198a75546308fedae7c9467 in 2016.
When python-pysftp was added in commit
3b920487bad119abf5bfb10a237cedd3b5278c10 in 2020, this C++ dependency
was not propagated, even though python-pysftp selects python-paramiko.
This commit fixes this issue by propagating the dependency, which
fixes this warning:
WARNING: unmet direct dependencies detected for BR2_PACKAGE_PYTHON_PARAMIKO
Depends on [n]: (BR2_PACKAGE_PYTHON [=n] || BR2_PACKAGE_PYTHON3 [=y]) && BR2_PACKAGE_PYTHON3 [=y] && BR2_INSTALL_LIBSTDCPP [=n]
Selected by [y]:
- BR2_PACKAGE_PYTHON_PYSFTP [=y] && (BR2_PACKAGE_PYTHON [=n] || BR2_PACKAGE_PYTHON3 [=y]) && BR2_PACKAGE_PYTHON3 [=y]
That occurs with configuration with C++ disabled, but python-pysftp
enabled.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Yann E. MORIN [Sat, 24 Jul 2021 21:19:23 +0000 (23:19 +0200)]
package/uclibc: add nconfig as a kconfig editor
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Yann E. MORIN [Sat, 24 Jul 2021 21:19:22 +0000 (23:19 +0200)]
package: use the generic _HELP_CMDS for kconfig-based packages
As Thomas put it:
The <pkg>_HELP_CMDS variable allows packages using the
kconfig-package infrastructure to display their specific
targets related to the handling of their configuration.
However, it was not consistently used and handled by the
different packages.
So, this commit switches all the kconfig-based package to use the
generic help helper.
As a consequence:
- all kconfig packages now advetise their kconfig-related actions,
where some were previously missing: at91bootstrap3, linux-backports,
swupdate, xvisor;
- busybox advertises it does not support defconfig files;
- the 'foo-savedfconfig' action is no longer advertised: it is to be
considered an internal implementation detail.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Yann E. MORIN [Sat, 24 Jul 2021 21:19:21 +0000 (23:19 +0200)]
package/pkg-kconfig: generate generic help
Currently, as Thomas pointed out [0], the help for kconfig packages is
not consistently used and handled by the different packages.
This commit introduces a generic help text for kconfig packages, that is
based on what the package declares:
- the list of kconfig editors it supports;
- whether it is possible to save back the configuration (impossible if
the package uses an in-tree defconfig file);
- whether the package actually supports (loading and saving) defconfig
files, by introducing a new variable a package can set if it does
not (only busybox is known to be in that case).
That new help helper is only used if the package does not already define
its own help, to be consistent with what we do for other _CMDS.
[0] http://lists.busybox.net/pipermail/buildroot/2021-July/313570.html
Reported-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Thomas De Schampheleire <patrickdepinguin@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Yann E. MORIN [Sat, 24 Jul 2021 21:19:20 +0000 (23:19 +0200)]
package/pkg-kconfig: move defaults before calling pkg-generic
Currently, we define the default values for kconfig-specific variables
after we call into the generic package infrastructure.
So far, this was totally unconsequential, because there was no kconfig
variable that could influence the generic parts. But conversely, there
are generic variables that do influence the kconfig part (e.g. $(2)_DIR
that is used in some dependency definitions), but none that do influence
the kconfig variables.
However, we are going to add a new kconfig-related variable that will
have an impact on the generic parts, so we will want that kconfig
variable to be defined before calling into the generic infrastructure.
For consistency, move all the defaults before calling the generic infra.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Thomas De Schampheleire <patrickdepinguin@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fabrice Fontaine [Sun, 25 Jul 2021 12:56:17 +0000 (14:56 +0200)]
package/php: needs wchar
php depends on wchar since bump to version 8.0.7 in commit
469c11c516959375f6caddde178adbdcdc5d9887 and
https://github.com/php/php-src/commit/
457380cae7813a4a34faa1f9a49fa121395fe290
Fixes:
- http://autobuild.buildroot.org/results/
751fea989e4c0136d0bbda0f5487d55d387ee5f3
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Sat, 24 Jul 2021 20:19:36 +0000 (22:19 +0200)]
package/pipewire: bump to version 0.3.32
- Drop second patch (already in version)
- Update license:
https://gitlab.freedesktop.org/pipewire/pipewire/-/commit/
31d79f4c9b606218a14e4d695aaa0afb1820c9f1
- avahi is an optional dependency since
https://gitlab.freedesktop.org/pipewire/pipewire/-/commit/
6744934734f509087df769b447185b070c82b58e
- libusb is an optional dependency since
https://gitlab.freedesktop.org/pipewire/pipewire/-/commit/
5e0b63b149559154a6164dbc064aefc7e773c03a
- pulseaudio is an optional dependency since
https://gitlab.freedesktop.org/pipewire/pipewire/-/commit/
44f326013b5f5e1e858ee3788fe664f802ca2523
- webrtc-audio-processing is an optional dependency since
https://gitlab.freedesktop.org/pipewire/pipewire/-/commit/
d95870d8d3ab7fb9b91f0dbd8ae9395b1929434b
- Fix a build failure without C++ thanks to
https://gitlab.freedesktop.org/pipewire/pipewire/-/commit/
d95870d8d3ab7fb9b91f0dbd8ae9395b1929434b
https://gitlab.freedesktop.org/pipewire/pipewire/-/blob/0.3.32/NEWS
Fixes:
- http://autobuild.buildroot.org/results/
20cd863cb3c83b85900e80de02d485b780288330
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Francois Perrad [Fri, 23 Jul 2021 20:43:33 +0000 (22:43 +0200)]
package/lua-silva: bump to version 0.1.8
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Francois Perrad [Fri, 23 Jul 2021 20:43:24 +0000 (22:43 +0200)]
package/moarvm: bump to version 2021.06
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Francois Perrad [Fri, 23 Jul 2021 20:43:10 +0000 (22:43 +0200)]
package/janet: bump to version 0.16.1
patch upstreamed.
diff LICENSE:
-Copyright (c) 2020 Calvin Rose and contributors
+Copyright (c) 2021 Calvin Rose and contributors
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Giulio Benetti [Fri, 23 Jul 2021 20:08:37 +0000 (22:08 +0200)]
package/at: bump version to 3.2.2
Let's bump at to version 3.2.2 by:
- moving SITE to http://software.calhariz.com/at that is the official at
realease site while the actual(https://salsa.debian.org/debian/at)
doesn't provide consitent tarballs.
- rebasing 2 local patches(some some of them has not been accepted upstream
because of removing -g root -o root while installing, while other simply
has not been taken into account for 1 year.
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Giulio Benetti [Fri, 23 Jul 2021 20:08:36 +0000 (22:08 +0200)]
package/at: convert local patches to git format
Convert local patches to git format. Note that some of them change name
because of use of 'git format-patch'.
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Giulio Benetti [Thu, 22 Jul 2021 23:35:44 +0000 (01:35 +0200)]
package/libnss: bump to version 3.68
libnss 3.68 requires libnspr 4.32.
Release Notes (not yet available, but should eventually land):
https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.68_release_notes
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Giulio Benetti [Thu, 22 Jul 2021 23:35:43 +0000 (01:35 +0200)]
package/libnspr: bump to version 4.32
Bump to version 4.32
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Adrian Perez de Castro [Sat, 24 Jul 2021 20:57:10 +0000 (23:57 +0300)]
package/webkitgtk: security bump to version 2.32.3
This is a minor release which provides fixes for CVE-2021-21775,
CVE-2021-21779, CVE-2021-30663, CVE-2021-30665, CVE-2021-30689,
CVE-2021-30720, CVE-2021-30734, CVE-2021-30744, CVE-2021-30749,
CVE-2021-30795, CVE-2021-30797, and CVE-2021-30799.
Full release notes can be found at:
https://webkitgtk.org/2021/07/23/webkitgtk2.32.3-released.html
An accompanying security advisory has been published at:
https://webkitgtk.org/security/WSA-2021-0004.html
Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Adrian Perez de Castro [Sat, 24 Jul 2021 20:54:18 +0000 (23:54 +0300)]
package/wpewebkit: security bump to version 2.32.3
This is a minor release which provides fixes for CVE-2021-21775,
CVE-2021-21779, CVE-2021-30663, CVE-2021-30665, CVE-2021-30689,
CVE-2021-30720, CVE-2021-30734, CVE-2021-30744, CVE-2021-30749,
CVE-2021-30795, CVE-2021-30797, and CVE-2021-30799.
Full release notes can be found at:
https://wpewebkit.org/release/wpewebkit-2.32.3.html
An accompanying security advisory has been published at:
https://wpewebkit.org/security/WSA-2021-0004.html
Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Sun, 25 Jul 2021 07:58:41 +0000 (09:58 +0200)]
package/minissdpd: add SELinux refpolicy module
SELinux support for minissdpd is added by the services/minissdpd
refpolicy module.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Sun, 25 Jul 2021 07:57:45 +0000 (09:57 +0200)]
package/asterisk: add SELinux module
Support for asterisk is added by the services/asterisk module in the
SELinux refpolicy.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Sun, 25 Jul 2021 07:56:34 +0000 (09:56 +0200)]
package/apcupsd: add SELinux module
Support for apcupsd is added by the services/apcupsd module in the
SELinux refpolicy.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Sun, 25 Jul 2021 07:54:58 +0000 (09:54 +0200)]
package/acpid: add SELinux module
Support for acpid is added by the services/acpi module in the SELinux
refpolicy.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Sat, 24 Jul 2021 22:18:50 +0000 (00:18 +0200)]
package/libffi: bump to version 3.4.2
- Use official tarball
- Drop fourth to seventh patches (already in version)
- Update hash of LICENSE file (update in year:
https://github.com/libffi/libffi/commit/
2bdc8e52efb78d939f23efb4f9c515355610bff5
https://github.com/libffi/libffi/commit/
b844a9c7f1ca792a1dfb0c09d5dae576178e6729)
- Update indentation in hash file (two spaces)
https://github.com/libffi/libffi/blob/v3.4.2/README.md
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Sun, 25 Jul 2021 07:48:55 +0000 (09:48 +0200)]
package/netsnmp: fix legal info
Commit
87bef179222e wrongly removed hash of COPYING
Fixes: 87bef179222ee8a0b0f39c8f96113a4ecf813085
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fabrice Fontaine [Sun, 25 Jul 2021 07:24:37 +0000 (09:24 +0200)]
package/gtest: fix legal info
Commit
9dfbbbb4105c47602da048c9bb9499fb8862e768 forgot to removed
googletest from GTEST_LICENSE_FILES
Fixes:
- http://autobuild.buildroot.org/results/
848238f9f99bee6919b1b71acd078835e94a8501
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Arnout Vandecappelle (Essensium/Mind) [Sat, 24 Jul 2021 21:45:25 +0000 (23:45 +0200)]
package/lapack: introduce BR2_PACKAGE_LAPACK_ARCH_SUPPORTS
This makes it easier for packages that depend on lapack to get
their dependencies correct.
The !uClibc dependency is also not sufficient: indeed, musl too does not
provide _fpu_control; only glibc does. This is the same situation as for
clapack. Add a comment about this, to mirror clapack.
Since the !glibc dependency only exists for PowerPC, treat it as
an architecture dependency.
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
[yann.morin.1998@free.fr:
- fpu_control depends on glibc, not on !uclibc
- add or update comments accordingly
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Arnout Vandecappelle (Essensium/Mind) [Sat, 24 Jul 2021 21:45:24 +0000 (23:45 +0200)]
package/clapack: introduce BR2_PACKAGE_CLAPACK_ARCH_SUPPORTS
This makes it easier for packages that depend on clapack to get
their dependencies correct.
Since the glibc dependency only exists for PowerPC, treat it as
an architecture dependency.
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Yann E. MORIN [Sun, 25 Jul 2021 07:06:14 +0000 (09:06 +0200)]
Revert "package/htop: fix sources location"
This reverts commit
1ad3de2abde38c023a7958cbd3ada1d7b066da67.
Indeed, the tarball changed, so its hash changed; this is going to
cause the traditional hash clash with the existing archive on s.b.o.
or on users machines...
Reported-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
José Pekkarinen [Fri, 23 Jul 2021 09:51:13 +0000 (12:51 +0300)]
package/audit: replace deprecated matchpathcon calls from init script
This patch replace matchpathcon calls in the auditd init script by
calls to selabel_lookup. Indeed, matchpathcon is now deprecated, and
this causes warning during the boot process.
Signed-off-by: José Pekkarinen <jose.pekkarinen@unikie.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Adam Duskett [Wed, 21 Jul 2021 21:45:18 +0000 (14:45 -0700)]
package/spidermonkey: drop package
Now that Spidermonkey is no longer required to build the polkit package, and
no other packages require Spidermonkey, and python2 is required to build the
package, it is safe to drop the package.
Signed-off-by: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Adam Duskett [Wed, 21 Jul 2021 21:45:17 +0000 (14:45 -0700)]
support/testing: add polkit tests
This test script tests polkit with and without systemd.
The Systemd test does the following:
- The brtest user attempts to restart the systemd-timesyncd service and is
denied.
- A systemd-timesyncd-restart.rules file provided by polkit-rules-test
is copied from /root/ to /etc/polkit-1/rules.d
- The brtest user attempts to restart the systemd-timesyncd service and should
now succeed.
The initd test does the following:
- The brtest user attempts to run the test application "hello-polkit" with the
command "pkexec hello-polkit" and is denied.
- A hello-polkit.rules file provided by polkit-rules-test is copied from /root/
to /etc/polkit-1/rules.d
- The brtest user attempts to re-run the test hello-polkit binary with
"pkexec hello-polkit" and succeeds.
Signed-off-by: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Adam Duskett [Wed, 21 Jul 2021 21:45:16 +0000 (14:45 -0700)]
package/polkit: add init S50polkit script
The Polkit source does not come with non-systemd init script. Add one that is
modeled after package/busybox/S01syslogd.
Signed-off-by: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Adam Duskett [Wed, 21 Jul 2021 21:45:15 +0000 (14:45 -0700)]
package/polkit: bump version to 0.119 and use duktape
Unfortunately, as of commit
3e1d61868fa8bfc586099302e931433270e5d17d, polkit
requires mozjs >= 78, which means spidermonkey is too old. As such, this patch
is larger than usual.
Spidermonkey has a few major issues:
- The source directory after compilation is enormous (2.7G!)
- The shared library is 24MB stripped!
- It requires python2 to build, which is EOLed, and Buildroot is working
towards removing. See: https://elinux.org/Buildroot:Python2Packages
Instead of going through the arduous task of updating Spidermonkey, there is a
better solution: use duktape.
There has been a pending patch for over a year that incorporates duktape as an
optional backend for polkit found here:
https://gitlab.freedesktop.org/polkit/polkit/-/merge_requests/35
As Thomas Petazzoni put it:
"As I am subscribed to notifications on this merge request, I have been
following the intermittent discussions taking place on this topic.
And indeed, discussions have been sparse, and the polkit maintainer reaction
has not been very supportive. It even feels like they are trying to find
every possible argument or small issue not to merge the duktape integration."
Many people have come out to support using duktape, and many users, including
myself, have used polkit with duktape for as long as the above merge request has
been around without issues; merging in the above merge request is an acceptable
exception to the typical Buildroot package policies.
As Thomas also suggested, I have forked polkit on Github
(https://github.com/aduskett/polkit-duktape), with the above duktape
merge request applied, and a release made with the same tag as upstream (0.119).
I refrained from also adding 0001-make-netgroup-support-optional.patch as it is
outside of the scope of why the fork exists.
Changes:
- refactor 0001-make-netgroup-support-optional.patch to work with 0.119 and
duktape.
- Remove upstream incorporated 0002-jsauthority-memleak.patch
- Remove upstream 0003-polkit-0.116-pkttyagent-sigttou-bg-job.patch
- Remove any trace of spidermonkey from polkit, udisks, and systemd-polkit
- Add duktape as a dependency of polkit
- Change POLKIT_SITE to the above polkit-duktape GitHub repository.
Signed-off-by: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Daniil Stas [Sat, 24 Jul 2021 20:48:01 +0000 (20:48 +0000)]
package/htop: fix sources location
Change sources location from bintray to github since bintray doesn't
work anymore
Signed-off-by: Daniil Stas <daniil.stas@posteo.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Bernd Kuhls [Thu, 1 Jul 2021 05:11:42 +0000 (07:11 +0200)]
package/libglu: bump version to 9.0.2
Release notes:
https://lists.freedesktop.org/archives/mesa-announce/2021-June/000634.html
Removed md5 & sha1 hashes not provided by upstream anymore.
Updated license hash due to upstream commit:
https://cgit.freedesktop.org/mesa/glu/commit/?id=
a172e0aec8f537f365078dab5486cae9c9a6880e
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Joseph Burt [Thu, 24 Jun 2021 14:00:43 +0000 (14:00 +0000)]
package/qemu: replace old configure param with new equivalent
QEMU 6.0.0 replaces in [1] --(enable|disable)-git-update with
--with-git-submodules=(update|validate|ignore). "Disable" is now "ignore".
[1] https://lore.kernel.org/qemu-devel/
20201016203857.62572-1-ddstreet@canonical.com/
Signed-off-by: Joseph Burt <caseorum@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Norbert Lange [Thu, 8 Jul 2021 14:59:46 +0000 (16:59 +0200)]
package/gtest: bump to version 1.11.0
Python is removed as dependency.
gtest uses python for self-tests which are not run by buildroot,
and the remaining scripts are not used by the build, and aren't
maintained or supported.
Special handling for gtest-config and gmock-config is removed as well,
the CMake Buildsystem now does take care of those.
Signed-off-by: Norbert Lange <nolange79@gmail.com>
[Arnout: still install gmock_gen.py]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Maxim Kochetkov [Thu, 8 Jul 2021 10:30:50 +0000 (13:30 +0300)]
package/glibc: bump to version
2.33-46-gedfd11197ecf3629bbb4b66c5814da09a61a7f9f
See:
https://sourceware.org/pipermail/libc-announce/2021/000030.html
Signed-off-by: Maxim Kochetkov <fido_max@inbox.ru>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>