Giulio Benetti [Fri, 14 Jun 2019 21:03:36 +0000 (23:03 +0200)]
package/lua-cqueues: fix build failure due to gcc bug 68485
The lua-cqueues package exhibits gcc bug 68485 when built for the
Microblaze architecture with optimization enabled, which causes a
build failure.
As done for other packages in Buildroot work around this gcc bug by
setting optimization to -O0 if BR2_TOOLCHAIN_HAS_GCC_BUG_68485=y.
Fixes:
http://autobuild.buildroot.net/results/
c35964dda4e2328c2c1f3b2388677b68c5ed461e/
Signed-off-by: Giulio Benetti <giulio.benetti@micronovasrl.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Giulio Benetti [Fri, 14 Jun 2019 21:03:35 +0000 (23:03 +0200)]
package/libspatialindex: use BR2_TOOLCHAIN_HAS_BUG_68485 option
For consistency with the rest of packages let's use the common
BR2_TOOLCHAIN_HAS_BUG_68485 option instead of !BR2_microblaze
condition with the comment on top of it.
Signed-off-by: Giulio Benetti <giulio.benetti@micronovasrl.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Giulio Benetti [Fri, 14 Jun 2019 21:03:34 +0000 (23:03 +0200)]
package/flann: re-enable package on microblaze
With Microblaze gcc version <= 9.x, the build of flannel fails due to
gcc bug 68485: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=68485.
To avoid this, the flann package has a !BR2_microblaze
dependency. However, gcc bug 68485 only triggers when optimization is
enabled, so we can work around the issue by passing -O0, which is what
we do in other Buildroot packages to work around this bug.
So, this commit passes -O0 when BR2_TOOLCHAIN_HAS_GCC_BUG_68485, and
re-enables flann on Microblaze.
Note that the comment was talking about gcc bug 69401, but this gcc
bug is a duplicate of 68485. Since all Buildroot packages now use the
reference to gcc bug 68485 and the option is named
BR2_TOOLCHAIN_HAS_GCC_BUG_68485, we use this naming as well for flann.
Signed-off-by: Giulio Benetti <giulio.benetti@micronovasrl.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Giulio Benetti [Fri, 14 Jun 2019 21:03:33 +0000 (23:03 +0200)]
package/gpsd: use BR2_TOOLCHAIN_HAS_GCC_BUG_68485 option
The workaround for gcc's ICE works ok, but it's used if
BR2_microblaze=y with a local comment. Let's use
BR2_TOOLCHAIN_HAS_GCC_BUG_68485 instead to avoid repeating ICE bug
comment for every package affected by it.
Signed-off-by: Giulio Benetti <giulio.benetti@micronovasrl.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Giulio Benetti [Fri, 14 Jun 2019 21:03:32 +0000 (23:03 +0200)]
package/kmsxx: work around gcc bug 85180
With Microblaze Gcc version < 8.x the build hangs due to gcc bug
85180: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85180. The bug
shows up when building kmsxx with optimization but not when building
with -O0. To work around this, if BR2_TOOLCHAIN_HAS_GCC_BUG_85180=y we
force using -O0.
Fixes:
http://autobuild.buildroot.net/results/360/
360f19645e76314048c75424bb4b64da91742f47/
Signed-off-by: Giulio Benetti <giulio.benetti@micronovasrl.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Giulio Benetti [Fri, 14 Jun 2019 21:03:29 +0000 (23:03 +0200)]
package/snort: work around gcc bug 85180
With Microblaze Gcc version < 8.x the build hangs due to gcc bug
85180: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85180. The bug
shows up when building snort with optimization but not when building
with -O0. To work around this, if BR2_TOOLCHAIN_HAS_GCC_BUG_85180=y we
force using -O0.
Fixes:
http://autobuild.buildroot.net/results/d24/
d2412710f6cfbfc069e7858e507e28555baafa3e/
Signed-off-by: Giulio Benetti <giulio.benetti@micronovasrl.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Giulio Benetti [Fri, 14 Jun 2019 21:03:26 +0000 (23:03 +0200)]
package/bullet: re-enable package when gcc bug 85180 is present
With Microblaze Gcc version < 8.x the build hangs due to gcc bug
85180: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85180. This
package has been excluded from building on Microblaze due to this.
To be consistent with how we deal with this issue in other packages,
we re-enable the package and instead work around the issue by building
with -O0, since gcc bug 85180 manifests itself only when optimization
is enabled.
To achieve this pass -O0 in CMAKE_CXX_FLAGS and remove 'depends on
!BR2_microblaze' and its comment if not available from Config.in.
Note that the comment was talking about gcc bug 68476, but this gcc
bug is a duplicate of 85180. Since all Buildroot packages now use the
reference to gcc bug 85180 and the option is named
BR2_TOOLCHAIN_HAS_GCC_BUG_85180, we use this naming as well for
bullet.
Signed-off-by: Giulio Benetti <giulio.benetti@micronovasrl.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Giulio Benetti [Fri, 14 Jun 2019 21:03:25 +0000 (23:03 +0200)]
package/stress-ng: re-enable package on microblaze
Package stress-ng has a dependency to keyutils, but keyutils has been
re-enabled with previous patch. Re-enable package by removing 'depends
on !BR_microblaze' from stress-ng Config.in.
Signed-off-by: Giulio Benetti <giulio.benetti@micronovasrl.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Giulio Benetti [Fri, 14 Jun 2019 21:03:21 +0000 (23:03 +0200)]
package/ecryptfs-utils: re-enable package on microblaze
ecryptfs-utils was not available on Microblaze due to its dependency
on keyutils, which itself was not available on Microblaze due to build
issues. However, now that keyutils has been re-enabled on Microblaze,
we can also re-enable ecryptfs-utils on this architecture.
Signed-off-by: Giulio Benetti <giulio.benetti@micronovasrl.com>
[Thomas: rework commit log]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Baruch Siach [Sun, 16 Jun 2019 08:18:47 +0000 (11:18 +0300)]
configs/solidrun_clearfog_gt_8k: new defconfig
Add support for the SolidRun Armada 8040 based Clearfog GT-8K. This
board has the same processor as the Macchiatobin, so we can reuse the
Macchiatobin U-Boot and image definitions.
The kernel fragment enables drivers that are necessary to make
networking ports work (SFP, Ethernet port, and Ethernet switch).
Cc: Jan Kundrát <jan.kundrat@cesnet.cz>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Jan Willem Janssen [Tue, 18 Jun 2019 05:24:15 +0000 (07:24 +0200)]
package/dnsmasq: bump version to 2.80
Also automatically enable UBus support when UBus itself is enabled.
Signed-off-by: Jan Willem Janssen <j.w.janssen@lxtreme.nl>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Evgeniy Didin [Wed, 19 Jun 2019 09:25:32 +0000 (12:25 +0300)]
toolchain: bump ARC tools to arc-2019.03 release
This commit finally bumps ARC tools to the most recent arc-2019.03 release version.
ARC GNU tools of version arc-2019.03 bring some quite significant changes like:
* Binutils v2.32.51.
20190308 with additional ARC patches
* GCC 8.3.1 with additional ARC patches
* glibc 2.29 with additional ARC patches
More information on this release could be found here:
https://github.com/foss-for-synopsys-dwc-arc-processors/toolchain/releases/tag/arc-2019.03-release
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: arc-buildroot@synopsys.com
Signed-off-by: Evgeniy Didin <Evgeniy.Didin@synopsys.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Samuel Mendoza-Jonas [Wed, 19 Jun 2019 02:07:07 +0000 (12:07 +1000)]
package/localedef: compile against glibc-2.29
In glibc 2.27 the following change occurred:
"Statically compiled applications attempting to load locales compiled
for the GNU C Library version 2.27 will fail and fall back to the
builtin C/POSIX locale."
This impacts us since upstream buildroot uses a localdef built against
an older eglibc release, as reported at [0].
This is a combination of my patch to move to glibc and Peter Seiderer's
patch to avoid building all of glibc just for localedef.
[0] https://bugs.busybox.net/show_bug.cgi?id=11096
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
[localedef build & fixups:]
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
[Thomas: share the tarball with the glibc package]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Pierre-Jean Texier [Tue, 18 Jun 2019 19:08:42 +0000 (21:08 +0200)]
package/logrotate: fix legal-info
Add hash for COPYING file
Fixes:
$: make logrotate-legal-info
>>> logrotate 3.15.0 Collecting legal info
ERROR: No hash found for COPYING
Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Pierre-Jean Texier [Tue, 18 Jun 2019 19:08:41 +0000 (21:08 +0200)]
package/logrotate: bump to version 3.15.0
See https://github.com/logrotate/logrotate/releases/tag/3.15.0
Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
James Hilliard [Tue, 18 Jun 2019 18:15:24 +0000 (12:15 -0600)]
package/kmod: bump version to 26
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Tue, 18 Jun 2019 16:36:20 +0000 (18:36 +0200)]
package/flatbuffers: fix musl build
Retrieve upstream patch that check availability of strtoull_l before
using it
Fixes:
- http://autobuild.buildroot.org/results/
18f9eecae551c2db6544c7432f23e541bae0d8b9
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Giulio Benetti [Fri, 14 Jun 2019 21:03:20 +0000 (23:03 +0200)]
package/keyutils: re-enable package on microblaze
keyutils has a !BR2_microblaze introduced by commit:
https://git.buildroot.net/buildroot/commit/?id=
20e0926f4469a3486629cfd6fa7f449f2b659aa8
that points 2 possible build failures:
- "warning: dereferencing type-punned pointer will break strict-aliasing
rules" treated as an error. But this warning is not treated as an
error anymore since -Werror flag is not used after last version bumps
- glibc does not export the resolver symbols resulting in linking
failure. But glibc used was version 2.3.6 that is not used anymore
since. It's been released in 2005.
So re-enable package for Microblaze by removing 'depends on
!BR2_microblaze' from keyutils Config.in
Signed-off-by: Giulio Benetti <giulio.benetti@micronovasrl.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Romain Naour [Wed, 5 Jun 2019 11:55:32 +0000 (13:55 +0200)]
toolchain-external: update Arm AArch64-BE toolchain 8.3-2019.03
Update to gcc 8.3, gdb 8.2, binutils 2.32. Revert to linux kernel
headers 4.19 instead of 5.1-rc1 [1].
See "Release Note":
https://developer.arm.com/open-source/gnu-toolchain/gnu-a/downloads#
[1] https://bugs.linaro.org/show_bug.cgi?id=4297
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Romain Naour [Wed, 5 Jun 2019 11:55:31 +0000 (13:55 +0200)]
toolchain-external: update Arm AArch64 toolchain 8.3-2019.03
Update to gcc 8.3, gdb 8.2, binutils 2.32. Revert to linux kernel
headers 4.19 instead of 5.1-rc1 [1].
See "Release Note":
https://developer.arm.com/open-source/gnu-toolchain/gnu-a/downloads#
Tested with qemu_aarch64_virt_defconfig.
[1] https://bugs.linaro.org/show_bug.cgi?id=4297
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Romain Naour [Wed, 5 Jun 2019 11:55:30 +0000 (13:55 +0200)]
toolchain-external: update Arm ARM toolchain 8.3-2019.03
Update to gcc 8.3, gdb 8.2, binutils 2.32. Revert to linux kernel
headers 4.19 instead of 5.1-rc1 [1].
See "Release Note":
https://developer.arm.com/open-source/gnu-toolchain/gnu-a/downloads#
Tested with qemu_arm_vexpress_defconfig.
[1] https://bugs.linaro.org/show_bug.cgi?id=4297
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Thomas Petazzoni [Mon, 17 Jun 2019 17:17:47 +0000 (19:17 +0200)]
package/iputils: fix IPUTILS_PERMISSIONS
The IPUTILS_PERMISSIONS variable was wrong, because iputils installs
its programs in /usr/bin, not in /bin. It probably was only tested
with the merged /usr option enabled.
This commit fixes IPUTILS_PERMISSIONS, taking into account the change
done in
6e18892733 "package/iputils: move binaries to the location also
used by Busybox":
- arping is moved by the post-install target hook to /usr/sbin
- clockdiff is installed by iputils in /usr/bin
- ping is moved by the post-install target hook to /bin, which makes
the previously incorrect path in IPUTILS_PERMISSIONS now correct
Fixes:
http://autobuild.buildroot.net/results/
fe378bca29c86a681ba9ad40386cb89248195c50/
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Thomas Petazzoni [Mon, 17 Jun 2019 17:17:46 +0000 (19:17 +0200)]
package/iputils: move binaries to the location also used by Busybox
iputils installs several programs that are also implemented as applets
in Busybox. Two of these (arping and tftpd) are installed by iputils
in /bin, while Busybox installs them in /usr/sbin, causing both to be
present if both iputils and busybox are enabled.
This commit moves the binaries installed by iputils to /usr/sbin, so
that only these are installed (Busybox will be installed later thanks
to its optional dependency on iputils, but it will not override the
tools installed by iputils).
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Yi Zheng [Thu, 13 Jun 2019 03:05:27 +0000 (11:05 +0800)]
package/systemd: add option to enable systemd-journal-remote
systemd-journal-remote was added in systemd v211, so add a new option
to enable or disable it.
Signed-off-by: Yi Zheng <goodmenzy@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Thu, 13 Jun 2019 19:17:55 +0000 (21:17 +0200)]
package/libglib2: remove bindir prefix from gio-2.0.pc
Apply LIBGLIB2_REMOVE_BINDIR_PREFIX_FROM_PC_FILE to gio-2.0.pc so
${bindir} prefix is also removed for gbus-codegen otherwise build of
packages using this binary will fail if gbus-codegen is not installed on
host
Fixes:
- http://autobuild.buildroot.org/results/
5c0e4f3d33e01198688d58388aabe159bd005234
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Gilles Talis [Fri, 14 Jun 2019 18:26:46 +0000 (20:26 +0200)]
configs/freescale_imx8mmevk: new defconfig
Signed-off-by: Gilles Talis <gilles.talis@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Pierre-Jean Texier [Sat, 15 Jun 2019 22:54:04 +0000 (00:54 +0200)]
package/mongoose: bump to version 6.15
See https://github.com/cesanta/mongoose/releases/tag/6.15
Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Peter Korsgaard [Sun, 16 Jun 2019 21:17:11 +0000 (23:17 +0200)]
package/python3: add upstream security fix for CVE-2019-10160
Fixes CVE-2019-10160: urlsplit does not handle NFKC normalization (2nd fix)
While the fix for CVE-2019-9936 is included in 3.7.3, the followup
regression fixes unfortunatly aren't.
https://bugs.python.org/issue36742
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Peter Korsgaard [Sun, 16 Jun 2019 21:17:10 +0000 (23:17 +0200)]
package/python: add upstream security fix for CVE-2019-9636
Fixes CVE-2019-9636: urlsplit does not handle NFKC normalization
https://bugs.python.org/issue36216
The fix unfortunately introduced regressions, so also apply the followup
fixes.
https://bugs.python.org/issue36742
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Peter Korsgaard [Sun, 16 Jun 2019 21:17:09 +0000 (23:17 +0200)]
package/python: add upstream security fix for CVE-2019-9948
Fixes CVE-2019-9948: Unnecessary URL scheme exists to allow file:// reading
file in urllib.
https://bugs.python.org/issue35907
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Peter Korsgaard [Sun, 16 Jun 2019 21:48:20 +0000 (23:48 +0200)]
package/wireguard: bump version to 0.0.
20190601
For details of the changes, see the announcement:
https://lists.zx2c4.com/pipermail/wireguard/2019-June/004196.html
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bartosz Bilas [Mon, 17 Jun 2019 17:01:27 +0000 (19:01 +0200)]
configs/bananapro: bump Linux to 5.1.1
Signed-off-by: Bartosz Bilas <b.bilas@grinn-global.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Nylon Chen [Mon, 17 Jun 2019 02:44:45 +0000 (10:44 +0800)]
package/gdb: disable for nds32
There is no support for nds32 in gdb.
Fixes:
http://autobuild.buildroot.net/results/
1a40b1ac5f06c856c2e30dbbb4e485022c438c72
Signed-off-by: Nylon Chen <nylon7@andestech.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Pierre-Jean Texier [Sun, 16 Jun 2019 14:05:40 +0000 (16:05 +0200)]
package/libsocketcan: add license file details
Add LICENSE file
Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Pierre-Jean Texier [Sun, 16 Jun 2019 14:05:39 +0000 (16:05 +0200)]
package/libsocketcan: bump to version 0.0.11
This includes the following changes:
0ff01ae v0.0.11
b217774 Add configure switch for error logging
15af38a Add compile option to disable error logging
9679a3f Add interface to retrieve link statistics
6f13cef Get link information only from specified interface
f5392c3 Fix parse_rtattr() does not completely initialize
4ea9ec7 Update can_set_ctrlmode() documentation
5938ac7 Update CAN netlink header
0c91940 GNUmakefile: include LICENSE file in tarball
4608afb configure: back to trunk
Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bernd Kuhls [Sun, 16 Jun 2019 20:16:21 +0000 (22:16 +0200)]
package/waylandpp: bump version
Removed patch applied upstream:
https://github.com/NilsBrause/waylandpp/commit/
242c2c9a188b1a972978fc05dbe70d102bc7c4e1
Bundled pugixml was removed:
https://github.com/NilsBrause/waylandpp/commit/
433ce65b681c27d54e1e6b9a602f1c8291aabd54
Use host-pugixml instead and bump to HEAD to include a patch which
fixes a linking error:
https://github.com/NilsBrause/waylandpp/commit/
41063c3e1de245bb7ea0c940e7400bd876bee25e
Updated license hash due to upstream commit:
https://github.com/NilsBrause/waylandpp/commit/
f255d61ffd982614c0659be1742383dab06710a2
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bernd Kuhls [Sun, 16 Jun 2019 20:16:19 +0000 (22:16 +0200)]
package/pugixml: enable host build
Needed for host-waylandpp >= 0.2.5
https://github.com/NilsBrause/waylandpp/commit/
433ce65b681c27d54e1e6b9a602f1c8291aabd54
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bernd Kuhls [Sun, 16 Jun 2019 20:23:37 +0000 (22:23 +0200)]
package/flatbuffers: enable host build
Host version of flatc compiler is needed for Kodi 18.x:
https://github.com/xbmc/xbmc/blob/master/cmake/modules/FindFlatBuffers.cmake#L51
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bernd Kuhls [Sun, 16 Jun 2019 20:23:36 +0000 (22:23 +0200)]
package/flatbuffers: bump version to v1.11.0
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Peter Korsgaard [Mon, 17 Jun 2019 07:23:17 +0000 (09:23 +0200)]
{linux, linux-headers}: bump 4.{4, 9, 14, 19}.x / 5.{0, 1}.x series
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
James Hilliard [Mon, 17 Jun 2019 15:17:20 +0000 (09:17 -0600)]
package/meson: bump to version 0.51.0
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Peter Korsgaard [Wed, 12 Jun 2019 21:40:30 +0000 (23:40 +0200)]
package/dbus: security bump to version 1.12.16
Fixes the following security issues:
- CVE-2019-12749: Do not attempt to carry out DBUS_COOKIE_SHA1
authentication for identities that differ from the user running the
DBusServer. Previously, a local attacker could manipulate symbolic links
in their own home directory to bypass authentication and connect to a
DBusServer with elevated privileges. The standard system and session
dbus-daemons in their default configuration were immune to this attack
because they did not allow DBUS_COOKIE_SHA1, but third-party users of
DBusServer such as Upstart could be vulnerable. Thanks to Joe Vennix of
Apple Information Security.
For details, see the advisory:
https://www.openwall.com/lists/oss-security/2019/06/11/2
Also contains a number of other smaller fixes, including fixes for memory
leaks. For details, see NEWS:
https://gitlab.freedesktop.org/dbus/dbus/blob/dbus-1.12/NEWS
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Esben Haabendal [Tue, 11 Jun 2019 08:44:10 +0000 (10:44 +0200)]
package/openblas: Handle new westmere target architecture
Nehalem, the predecessor to westmere, is best match for westmere
architecture in current openblas.
Signed-off-by: Esben Haabendal <esben@geanix.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Esben Haabendal [Tue, 11 Jun 2019 08:44:09 +0000 (10:44 +0200)]
arch: Add support for Westmere targets
The westmere line of x86_64 targets lies between nehalem (corei7) and
sandybridge (corei7-avx). Allowing use of -march=westmere enables use of
AES instruction set on these targets.
Signed-off-by: Esben Haabendal <esben@geanix.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Ryan Coe [Mon, 10 Jun 2019 23:30:25 +0000 (16:30 -0700)]
package/mariadb: security bump to version 10.3.15
The licensing text in README.md has changed slightly. The reference to
COPYING.LESSER has been removed. The file itself has been gone for awhile
now. COPYING.thirdparty has also been renamed to THIRDPARTY.
Release notes:
https://mariadb.com/kb/en/library/mariadb-10315-release-notes/
Changelog:
https://mariadb.com/kb/en/mariadb-10315-changelog/
Fixes the following security vulnerabilities:
CVE-2019-2614 - Vulnerability in the MySQL Server component of Oracle MySQL
(subcomponent: Server: Replication). Supported versions that are affected
are 5.6.43 and prior, 5.7.25 and prior and 8.0.15 and prior. Difficult to
exploit vulnerability allows high privileged attacker with network access
via multiple protocols to compromise MySQL Server. Successful attacks of
this vulnerability can result in unauthorized ability to cause a hang or
frequently repeatable crash (complete DOS) of MySQL Server.
CVE-2019-2627 - Vulnerability in the MySQL Server component of Oracle MySQL
(subcomponent: Server: Security: Privileges). Supported versions that are
affected are 5.6.43 and prior, 5.7.25 and prior and 8.0.15 and prior.
Easily exploitable vulnerability allows high privileged attacker with
network access via multiple protocols to compromise MySQL Server.
Successful attacks of this vulnerability can result in unauthorized ability
to cause a hang or frequently repeatable crash (complete DOS) of MySQL
Server.
CVE-2019-2628 - Vulnerability in the MySQL Server component of Oracle MySQL
(subcomponent: InnoDB). Supported versions that are affected are 5.7.25 and
prior and 8.0.15 and prior. Easily exploitable vulnerability allows high
privileged attacker with network access via multiple protocols to
compromise MySQL Server. Successful attacks of this vulnerability can
result in unauthorized ability to cause a hang or frequently repeatable
crash (complete DOS) of MySQL Server.
Signed-off-by: Ryan Coe <bluemrp9@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bernd Kuhls [Tue, 11 Jun 2019 05:16:55 +0000 (07:16 +0200)]
package/freeswitch: add optional support for libopenh264
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bernd Kuhls [Tue, 11 Jun 2019 05:16:54 +0000 (07:16 +0200)]
package/freeswitch: bump version to 1.8.6
Updated license hash after upstream commit
https://freeswitch.org/stash/projects/FS/repos/freeswitch/commits/
a1f3b4862e7fd44a37862ae84c0e79f89c9bc0d8
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Tue, 11 Jun 2019 17:05:21 +0000 (19:05 +0200)]
package/git: fix build with curl
curl-config path can be set through ac_cv_prog_CURL_CONFIG and not
ac_cv_prog_curl_config
Fixes:
- http://autobuild.buildroot.org/results/
4b22f761795d8760dac6ddfd40934259f0135a4d
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Pierre-Jean Texier [Tue, 11 Jun 2019 17:33:58 +0000 (19:33 +0200)]
package/rauc: add license file details
Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Pierre-Jean Texier [Tue, 11 Jun 2019 17:33:57 +0000 (19:33 +0200)]
package/rauc: bump to version 1.1
See: https://github.com/rauc/rauc/releases/tag/v1.1
Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Asaf Kahlon [Tue, 11 Jun 2019 17:24:16 +0000 (20:24 +0300)]
package/python-psutil: bump to version 5.6.3
License update: change phrasing for Github to recognize
it's BSD-3-Clause.
Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Asaf Kahlon [Tue, 11 Jun 2019 17:24:15 +0000 (20:24 +0300)]
package/python-paramiko: bump to version 2.5.0
Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Asaf Kahlon [Tue, 11 Jun 2019 17:24:14 +0000 (20:24 +0300)]
package/python-lxml: bump to version 4.3.4
Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bernd Kuhls [Fri, 7 Jun 2019 19:09:35 +0000 (21:09 +0200)]
package/vlc: bump version to 3.0.7
Removed patch 0010, applied upstream.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Adam Duskett [Tue, 28 May 2019 19:48:11 +0000 (15:48 -0400)]
package/libglib2: bump to version 2.60.3
Changes include:
- Change the package type to meson, as autoconf is no longer supported.
- Add 0002-add-option-to-build-tests.patch
Upstream won't build tests when cross-compiling. However; this means still
building the tests during a host build. Building the tests causes build
failures on older distributions such as CentOS 6 and Debian 7 because of
the command `objcopy --add-symbol` is used when building the test
"test_resources2," which is not available with the older version of
objcopy provided by the distributions.
- Add 0003-remove-cpp-requirement.patch:
C++ is not needed when just compiling. The inclusion of C++ in meson.build
is to ensure libglib doesn't accidentally use C++ reserved keywords in
public headers. Because tests aren't being compiled, there is no need for
C++ as a requirement.
(https://gitlab.gnome.org/GNOME/glib/issues/1748)
- Add 0004-Add-Wno-format-nonliteral-to-compiler-arguments.patch:
This prevents a false error when compiling against older gcc versions.
(https://gitlab.gnome.org/GNOME/glib/issues/1744)
- Remove 0004-Do-not-hardcode-python-path-into-various-tools.patch:
The switch to meson makes this obsolete.
- Remove LIBGLIB2_AUTORECONF = YES from libglib2.mk:
Now that libglib2 is a meson package, there is no need for AUTORECONF.
- Remove LIBGLIB2_INSTALL_STAGING_OPTS from libglib2.mk:
Meson resolves these correctly.
- Add LIBGLIB2_REMOVE_BINDIR_PREFIX_FROM_PC_FILE in libglib2.mk:
Newer versions of libglib2 prefix glib-genmarshal, gobject-query, and
glib-mkenums with ${bindir}. Unfortunately, this will resolve to the host
systems /bin/ directory, which will cause compilation issues if the host
does not have these programs. By removing the ${bindir}/ prefix, these
programs are resolved in PATH instead.
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fabrice Fontaine [Mon, 10 Jun 2019 22:16:35 +0000 (00:16 +0200)]
package/mdadm: bump to version 4.1
Add hash for license file
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fabrice Fontaine [Mon, 10 Jun 2019 22:16:34 +0000 (00:16 +0200)]
package/mdadm: fix patch number
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Vadim Kochan [Mon, 10 Jun 2019 15:57:55 +0000 (18:57 +0300)]
package/git: bump to version 2.22.0
Remove patch with NLS fix because it is was added into latest version.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fabrice Fontaine [Mon, 10 Jun 2019 21:57:33 +0000 (23:57 +0200)]
package/poppler: needs wchar
Fixes:
- http://autobuild.buildroot.org/results/
2c8695b75c3241359e739d88726430cbfe47a5bd
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Jörg Krause [Mon, 10 Jun 2019 21:20:23 +0000 (23:20 +0200)]
package/gerbera: add upstream patch to fix find_program with taglib-config
Add an from from upstream to fix linking Gerbera with taglib. The patch
fixes the following issue:
When cross-compiling CMakes `find_program()` will search for binaries on the
host. This is typically correct, e.g. when search for compilers or shells.
When cross-compiling, searching for `taglib-config` using `find_program` should
not find the binary on the host, instead it should find the binary in the sysroot
directory, as the host `taglib-config` will output the wrong host paths
and libs, whereas the sysroot `taglib-config` will output the correct sysroot
paths and libs.
Therefore, use the `CMAKE_FIND_ROOT_PATH_MODE_PROGRAM` variable when
cross-compiling. This variable controls whether the `CMAKE_FIND_ROOT_PATH`
and `CMAKE_SYSROOT` are used by find_program().
Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Jörg Krause [Mon, 10 Jun 2019 21:20:22 +0000 (23:20 +0200)]
package/taglib: add upstream patch to fix taglib-config
The current taglib-config program does not work when cross-compiling as it only
returns paths to the host, which breaks building programs which link against
taglib.
For example gerbera uses `taglib-config` and it fails with:
```
[..]
-- Found TagLib: -L/usr/lib -ltag
[..]
arm-linux-gnueabihf-g++: ERROR: unsafe header/library path used in cross-compilation: '-L/usr/lib'
```
Before the patch the output of `taglib-config` is:
```
$ ./output/host/arm-buildroot-linux-gnueabihf/sysroot/usr/bin/taglib-config --libs
-L/usr/lib -ltag
```
Add a patch from upstream which fixes taglib-config.
After applying the fix, the pkg-config file is correct:
```
$ ./output/host/arm-buildroot-linux-gnueabihf/sysroot/usr/bin/taglib-config --libs
-L/home/joerg/Development/git/buildroot/output/host/arm-buildroot-linux-gnueabihf/sysroot/usr/lib -ltag
```
Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Pierre-Jean Texier [Mon, 10 Jun 2019 19:55:36 +0000 (21:55 +0200)]
package/swupdate: bump to version 2019.04
New features in this release:
- Improved documentation
- delta updates based on rdiff library
- support for libubootenv
- dry-run option
- CA certificates for signed images
- Fix security leak in parser
This commit also:
- introduce BR2_PACKAGE_LIBRSYNC for 'rdiff' Handler. No HAVE_* is
needed, it just declares the functions locally and links with
-lrsync.
- introduce BR2_PACKAGE_LIBUBOOTENV
- drop upstreamed patch
- backport upstream patches (important fix)
- regenerate the default swupdate.config. Now CONFIG_GUNZIP is always
enabled because gunzip is provided by the default busybox config.
Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io>
[Arnout: don't mention ZLIB in help text for libubootenv, since it is
select'ed by libubootenv.]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Joris Offouga [Mon, 10 Jun 2019 19:41:44 +0000 (21:41 +0200)]
configs/imx7dpico: Add Wifi support
imx7dpico has a BCM4339 Wifi chip. Add Wifi support by default
to allow a better customer experience.
Signed-off-by: Joris Offouga <offougajoris@gmail.com>
Reviewed-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Tested-by: Pierre-Jean Texier <pjtexier@koncepto.io>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Joris Offouga [Mon, 10 Jun 2019 19:41:43 +0000 (21:41 +0200)]
configs/imx7dpico: Bump Linux and U-Boot
Bump Linux to 5.1 and U-Boot to version 2019.01.
U-Boot patch is no longer needed, applied upstream.
U-Boot defconfig name for this board has changed to pico-pi-imx7d.
U-Boot now supports distrobootcmd for this board, so add the appropriate
extlinux.conf and use SPL+u-boot.img instead of u-boot.imx. Note that
the common freescale post-image script handles things appropriately
based on the selected options in .config.
dosfstools and mtools are no longer needed to build the image.
Signed-off-by: Joris Offouga <offougajoris@gmail.com>
Tested-by: Pierre-Jean Texier <pjtexier@koncepto.io>
[Arnout: remove BR2_PACKAGE_HOST_DOSFSTOOLS and BR2_PACKAGE_HOST_MTOOLS]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Joris Offouga [Mon, 10 Jun 2019 19:41:42 +0000 (21:41 +0200)]
boards/freescale/common: Introduce genimage.cfg.template_no_boot_part_spl
Modern U-Boot assumes a layout where the first partition is an ext2 and
the kernel and dtb can be found in /boot. In other words, a layout
without boot partition.
Add a genimage.cfg template for the freescale defconfigs with such a
layout.
For now, only the layout with SPL+u-boot.img is added. It's unlikely that
the u-boot.imx approach will be used.
Signed-off-by: Joris Offouga <offougajoris@gmail.com>
Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io>
Tested-by: Pierre-Jean Texier <pjtexier@koncepto.io>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fabrice Fontaine [Mon, 10 Jun 2019 18:21:59 +0000 (20:21 +0200)]
package/weston: drop unneeded first patch
Patch is not needed since
https://gitlab.freedesktop.org/wayland/weston/commit/
32838c93a509dbeda717e58279683c63a34a2e07
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Mirza Krak [Mon, 10 Jun 2019 15:40:07 +0000 (17:40 +0200)]
package/pkg-golang: do not set static linking for host target
The current logic will set the "-static" flag when building go
host packages if BR2_STATIC_LIBS is set, this will not work as
there is no support to link host packages statically.
Fix this by applying this logic only for target builds.
Signed-off-by: Mirza Krak <mirza.krak@northern.tech>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Julien Olivain [Mon, 10 Jun 2019 10:19:24 +0000 (12:19 +0200)]
configs/imx8mmpico: new defconfig
Signed-off-by: Julien Olivain <juju@cotds.org>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Julien Olivain [Mon, 10 Jun 2019 10:19:23 +0000 (12:19 +0200)]
board/freescale/common/imx: add support for i.MX8MM
For the boot image creation for the i.MX8MM, the main differences with
i.MX8M are that there is no HDMI firmware image passed, and the ATF
load address is different.
Signed-off-by: Julien Olivain <juju@cotds.org>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Julien Olivain [Mon, 10 Jun 2019 10:19:22 +0000 (12:19 +0200)]
package/imx-mkimage: add support for i.MX8MM
Signed-off-by: Julien Olivain <juju@cotds.org>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Julien Olivain [Mon, 10 Jun 2019 10:19:21 +0000 (12:19 +0200)]
package/freescale-imx/firmware-imx: add support for i.MX8MM
Signed-off-by: Julien Olivain <juju@cotds.org>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Julien Olivain [Mon, 10 Jun 2019 10:19:20 +0000 (12:19 +0200)]
package/freescale-imx: add option for i.MX8MM
The i.MX8MMini is slightly different from the i.MX8M. The main
difference of interrest here is that the i.MX8MMini has no HDMI
support. The firmware blobs must not include the HDMI signed firmware,
which is why we need this new configuration option.
Signed-off-by: Julien Olivain <juju@cotds.org>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fabrice Fontaine [Mon, 10 Jun 2019 12:09:26 +0000 (14:09 +0200)]
package/weston: fix build with headers < 4.4
weston includes input-event-codes.h since version 5.0.91 and
https://github.com/wayland-project/weston/commit/
6e229ca26381bc8191fd9af1e439c311da709aff
input-event-codes.h is available only since kernel 4.4 and
https://github.com/torvalds/linux/commit/
f902dd893427eade90f7eaf858e5ff8b150a5a12
To fix this build failure, replace include on linux/input-event-codes.h
by linux/input.h
Fixes:
- http://autobuild.buildroot.org/results/
210c2759900f15ea0030d088f6f45cd8bb199b29
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Jan Kundrát [Mon, 10 Jun 2019 13:37:12 +0000 (15:37 +0200)]
docs: use-case for un-ignoring VCS directories and overridden source dir
Signed-off-by: Jan Kundrát <jan.kundrat@cesnet.cz>
Suggested-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fixes: a27078d32d Allow overriding the VCS exclude list with *_OVERRIDE_SRCDIR_RSYNC_EXCLUSIONS
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fabrice Fontaine [Mon, 10 Jun 2019 13:14:53 +0000 (15:14 +0200)]
package/openjdk: set PATH before calling make
PATH must be set to $(BR_PATH) thanks to $(TARGET_MAKE_ENV) before
calling make otherwise build fails on:
/bin/bash: gawk: command not found
When build fails, config.log contains the following line:
configure:13709: checking for gawk
configure:13725: found /home/buildroot/autobuild/run/instance-3/output/host/bin/gawk
configure:13736: result: gawk
[...]
ac_cv_prog_AWK=gawk
Fixes:
- http://autobuild.buildroot.org/results/
43c5d08f599e8f44b59a576d243ae1c7b27de7a3
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Julien Olivain [Mon, 10 Jun 2019 10:31:18 +0000 (12:31 +0200)]
manual/contribute.txt: fix typo
Signed-off-by: Julien Olivain <juju@cotds.org>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fabrice Fontaine [Mon, 10 Jun 2019 09:51:46 +0000 (11:51 +0200)]
package/ncmpc: fix build without NLS
The build fails if libintl.h is found but xgettext is not available:
Has header "libintl.h" : YES
Library intl found: NO
po/meson.build:28:5: ERROR: Can not do gettext because xgettext is not installed.
This is because enable_nls defaults to true if libintl.h is found. Use
the nls option to enable/disable NLS explicitly, depending on
BR2_SYSTEM_ENABLE_NLS,
Also, fix the second patch to always look for libintl, even if NLS is
not enabled. The enable_nls option disables processing the po files, but
the gettext calls in the source are still there, so we need to link with
libintl anyway.
Fixes:
- http://autobuild.buildroot.org/results/
0ab0a42fd4c5c9fd5891f3b84287bd788f763ba4
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fabrice Fontaine [Mon, 10 Jun 2019 09:16:28 +0000 (11:16 +0200)]
package/openzwave: needs NPTL
openzwave needs pthread_setname_np
Fixes:
- http://autobuild.buildroot.org/results/
d50a79384eb346078fd83ad3a1ba8b8a04cc4d53
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fabrice Fontaine [Mon, 10 Jun 2019 09:03:28 +0000 (11:03 +0200)]
package/libgit2: security bump to version 0.27.8
Fixing the following list of issues (fixed in 0.27.6 and 0.27.5):
The function family git__strtol is used to parse integers
from a buffer. As the functions do not take a buffer length as
argument, they will scan either until the end of the current
number or until a NUL byte is encountered. Many callers have
been misusing the function and called it on potentially
non-NUL-terminated buffers, resulting in possible out-of-bounds
reads. Callers have been fixed to use git__strntol functions
instead and git__strtol functions were removed.
The function git__strntol64 relied on the undefined behavior
of signed integer overflows. While the code tried to detect
such overflows after they have happened, this is unspecified
behavior and may lead to weird behavior on uncommon platforms.
In the case where git__strntol32 was unable to parse an
integer because it doesn't fit into an int32_t, it printed an
error message containing the string that is currently being
parsed. The code didn't truncate the string though, which
caused it to print the complete string until a NUL byte is
encountered and not only the currently parsed number. In case
where the string was not NUL terminated, this could have lead
to an out-of-bounds read.
When parsing tags, all unknown fields that appear before the
tag message are skipped. This skipping is done by using a plain
strstr(buffer, "\n\n") to search for the two newlines that
separate tag fields from tag message. As it is not possible to
supply a buffer length to strstr, this call may skip over the
buffer's end and thus result in an out of bounds read. As
strstr may return a pointer that is out of bounds, the
following computation of buffer_end - buffer will overflow
and result in an allocation of an invalid length. Note that
when reading objects from the object database, we make sure to
always NUL terminate them, making the use of strstr safe.
When parsing the "encoding" field of a commit, we may perform
an out of bounds read due to using git__prefixcmp instead of
git__prefixncmp. This can result in the parsed commit object
containing uninitialized data in both its message encoding and
message fields. Note that when reading objects from the object
database, we make sure to always NUL terminate them, making the
use of strstr safe.
Submodule URLs and paths with a leading "-" are now ignored.
This is due to the recently discovered CVE-2018-17456, which
can lead to arbitrary code execution in upstream git. While
libgit2 itself is not vulnerable, it can be used to inject
options in an implementation which performs a recursive clone
by executing an external command.
When running repack while doing repo writes,
packfile_load__cb() could see some temporary files in the
directory that were bigger than the usual, and makes memcmp
overflow on the p->pack_name string. This issue was reported
and fixed by bisho.
The configuration file parser used unbounded recursion to parse
multiline variables, which could lead to a stack overflow. The
issue was reported by the oss-fuzz project, issue 10048 and
fixed by Nelson Elhage.
The fix to the unbounded recursion introduced a memory leak in
the config parser. While this leak was never in a public
release, the oss-fuzz project reported this as issue 10127. The
fix was implemented by Nelson Elhage and Patrick Steinhardt.
When parsing "ok" packets received via the smart protocol, our
parsing code did not correctly verify the bounds of the
packets, which could result in a heap-buffer overflow. The
issue was reported by the oss-fuzz project, issue 9749 and
fixed by Patrick Steinhardt.
The parsing code for the smart protocol has been tightened in
general, fixing heap-buffer overflows when parsing the packet
type as well as for "ACK" and "unpack" packets. The issue was
discovered and fixed by Patrick Steinhardt.
Fixed potential integer overflows on platforms with 16 bit
integers when parsing packets for the smart protocol. The issue
was discovered and fixed by Patrick Steinhardt.
Fixed potential NULL pointer dereference when parsing
configuration files which have "include.path" or
"includeIf..path" statements without a value.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fabrice Fontaine [Mon, 10 Jun 2019 08:56:56 +0000 (10:56 +0200)]
package/samba4: drop third patch
Drop third patch which is not upstreamable and set XSLTPROC to false
instead to disable documentation
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Francois Perrad [Mon, 10 Jun 2019 08:33:24 +0000 (10:33 +0200)]
package/perl-www-form-urlencoded: bump to version 0.26
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Francois Perrad [Mon, 10 Jun 2019 08:33:23 +0000 (10:33 +0200)]
package/perl-net-http: bump to version 6.19
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Francois Perrad [Mon, 10 Jun 2019 08:33:22 +0000 (10:33 +0200)]
package/perl-libwww-perl: bump to version 6.39
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Francois Perrad [Mon, 10 Jun 2019 08:33:21 +0000 (10:33 +0200)]
package/perl-date-manip: bump to version 6.77
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Francois Perrad [Mon, 10 Jun 2019 08:33:20 +0000 (10:33 +0200)]
package/perl-cookie-baker: bump to version 0.11
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Adam Duskett [Thu, 6 Jun 2019 15:52:15 +0000 (11:52 -0400)]
mender-grubenv: new package
Mender-grubenv contains the boot scripts and tools used by Mender to
integrate with the Grub2 bootloader.
The user must select the following Grub modules for this package:
loadenv, hashsum, echo, halt, gcry_sha256, and test.
Because this patch also includes a grub version of fw_printenv and fw_setenv,
package/mender/Config.in must be changed as well at the same time, because if
both uboot-tools and this package are selected, during startup, mender calls
the uboot-tools version of fw_printenv and fails to start.
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Tested-by: Mirza Krak <mirza.krak@northern.tech>
Acked-by: Mirza Krak <mirza.krak@northern.tech>
[Arnout:
- reorder depends clauses;
- add runtime tag to grub2 dependency
- remove wchar dependency from comment
- only error if BR_BUILDING
- use install instead of cp for a single file.]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Petr Vorel [Sun, 9 Jun 2019 23:07:02 +0000 (01:07 +0200)]
iputils: set the permissions with IPUTILS_PERMISSIONS
... for arping, clockdiff and ping. These require root permission for
socket(). Upstream solution (script setcap-setuid.sh) requires
setcap binary on the host and cap_net_raw+ep + libcap, or setting
setuid root executable (which is dangerous). Neither would work anyway
since we install as non-root user.
This restores behavior used for version s20180629. We used to setuid the
ping and traceroute6 programs. traceroute6 is no longer built since the
bump to s20190515, but now arping and clockdiff are built, and these
need setuid as well. So enable setuid on arping, clockdiff and ping.
Signed-off-by: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fabrice Fontaine [Sun, 9 Jun 2019 22:51:19 +0000 (00:51 +0200)]
package/collectd: add write_redis support
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fabrice Fontaine [Sun, 9 Jun 2019 22:51:18 +0000 (00:51 +0200)]
package/collectd: add redis support
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Jan Kundrát [Mon, 10 Jun 2019 09:27:16 +0000 (11:27 +0200)]
Allow overriding the VCS exclude list with *_OVERRIDE_SRCDIR_RSYNC_EXCLUSIONS
We have some internal packages which automatically bake a version string
from the git checkout, and we usually combine these with a
*_OVERRIDE_SRCDIR. I would like to let Buildroot *not* skip the .git
directory when picking up sources from the local checkout. It turns out
that the existing mechanism (*_OVERRIDE_SRCDIR_RSYNC_EXCLUSIONS) only
supports adding to the exclude list because `rsync` simply uses the
first match from the provided filtering rules.
Solve this by using the user-provided values first. If they match, then
`rsync` won't exclude stuff based on the generic VCS exclude patterns.
Signed-off-by: Jan Kundrát <jan.kundrat@cesnet.cz>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fabrice Fontaine [Sun, 9 Jun 2019 16:57:30 +0000 (18:57 +0200)]
package/collectd: add amqp support
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fabrice Fontaine [Sun, 9 Jun 2019 15:15:15 +0000 (17:15 +0200)]
package/samba4: drop unneeded second patch
This patch is not needed since version 4.9.0 and
https://github.com/samba-team/samba/commit/
859698d29b547217356851094ed8188236e717b6
which solved the issue by avoiding calling this function.
Also renumber the remaining patches.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fabrice Fontaine [Sun, 9 Jun 2019 21:52:41 +0000 (23:52 +0200)]
package/gpsd: fix isync build without nmea
Upstream suggested to move the definition of NMEA_DOLLAR out of the
ifdef.
Fixes:
- http://autobuild.buildroot.org/results/
7757ff82623eb5db8cbd9cdf69baf308fd0b0666
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Francois Perrad [Sun, 9 Jun 2019 14:37:33 +0000 (16:37 +0200)]
package/luarocks: fix test file creation on br-external
first, add the creation of the needed subdirectories
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Francois Perrad [Sun, 9 Jun 2019 14:37:19 +0000 (16:37 +0200)]
utils/scancpan: fix test file creation on br-external
first, add the creation of the needed subdirectories
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fabrice Fontaine [Sun, 9 Jun 2019 09:38:14 +0000 (11:38 +0200)]
package/iputils: fix build without setcap
Fixes:
- http://autobuild.buildroot.org/results/
711718ecf20d6cc28953e089a6e5516cfb4b9031
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fabrice Fontaine [Sun, 9 Jun 2019 09:38:13 +0000 (11:38 +0200)]
package/iputils: fix license
- Replace nfinfod/COPYING by LICENSE, Documentation/LICENSE.BSD3 and
Documentation/LICENSE.GPL2 which are available since version s20180629
and
https://github.com/iputils/iputils/commit/
686ee13130550aa4cb2937842504b2131f0934c6
- BSD-4-Clause has been removed since version s20180629 and
https://github.com/iputils/iputils/commit/
f69eeac80de413248fd3d7d4d4244af22a81e055
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fabrice Fontaine [Sun, 9 Jun 2019 09:38:12 +0000 (11:38 +0200)]
package/iputils: fix build with NLS
Fixes:
- http://autobuild.buildroot.org/results/
0a8a3efe734ac7fb3a68ba505277681857dc0a3d
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fabrice Fontaine [Sun, 9 Jun 2019 09:38:11 +0000 (11:38 +0200)]
package/iputils: fix IDN support
iputils depends on libidn2 since version s20180629 and
https://github.com/iputils/iputils/commit/
665fe4d30ff8b6649454ae25e4768b2f23605332
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fabrice Fontaine [Sat, 8 Jun 2019 22:12:10 +0000 (00:12 +0200)]
package/poppler: needs dynamic library
Fixes:
- http://autobuild.buildroot.org/results/
e409863724005a0c182476612187a322a16a7db8
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>