buildroot.git
3 years agoconfigs/orangepi-zero-plus2: bump BSP versions
Sergey Matyukevich [Fri, 25 Jun 2021 19:33:18 +0000 (22:33 +0300)]
configs/orangepi-zero-plus2: bump BSP versions

Bump U-Boot and Linux kernel versions. Updating U-Boot to 2021.04
requires the following two changes.

First, after switching to binman, u-boot.itb is no more generated for
64-bit sunxi boards. Combined u-boot-sunxi-with-spl.bin image should
be used instead. This image contains SPL, U-Boot, and FIT image,
where FIT image contains other binaries such as BL31 and SCP.

Second, new U-Boot enables support for System Control Processor (SCP)
firmware. SCP firmware is included by default into FIT image in the
combined u-boot-sunxi-with-spl.bin binary. When SCP is not available
or not needed, it should be explicitly disabled by pointing to an
empty file. Support for Allwinner SCP firmware is not yet available
neither in Buildroot nor in mainline kernel. So disable it for now
using custom U-Boot build options.

Signed-off-by: Sergey Matyukevich <geomatsi@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agoconfigs/orangepi_zero_plus2_defconfig: switch to mainline TF-A
Sergey Matyukevich [Fri, 25 Jun 2021 19:33:17 +0000 (22:33 +0300)]
configs/orangepi_zero_plus2_defconfig: switch to mainline TF-A

Switch to mainline TF-A that provides basic support for H5 and A64.

Signed-off-by: Sergey Matyukevich <geomatsi@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agosupport/testing/tests/boot/test_atf: update U-Boot in TestATFAllwinner
Sergey Matyukevich [Fri, 25 Jun 2021 19:33:16 +0000 (22:33 +0300)]
support/testing/tests/boot/test_atf: update U-Boot in TestATFAllwinner

Bump U-Boot version in TestATFAllwinner. Updating U-Boot version to
2021.04 requires the following two changes.

First, after switching to binman, u-boot.itb is no more generated for
64-bit sunxi boards. Combined u-boot-sunxi-with-spl.bin image should
be used instead. This image contains SPL, U-Boot, and FIT image,
where FIT image contains other binaries such as BL31 and SCP.

Second, new U-Boot enables support for System Control Processor (SCP)
firmware. SCP firmware is included by default into FIT image in the
combined u-boot-sunxi-with-spl.bin binary. When SCP is not available
or not needed, it should be explicitly disabled by pointing to an
empty file. Support for Allwinner SCP firmware is not yet available
neither in Buildroot nor in mainline kernel. So disable it for now
using custom U-Boot build options.

Signed-off-by: Sergey Matyukevich <geomatsi@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agosupport/testing: switch TestATFAllwinner to mainline TF-A
Sergey Matyukevich [Fri, 25 Jun 2021 19:33:15 +0000 (22:33 +0300)]
support/testing: switch TestATFAllwinner to mainline TF-A

Switch to mainline TF-A that provides basic support for H5 and A64.

Note that Allwinner platform layer in TF-A does not provide support
for GCC stack protection, so make sure to disable this TF-A feature.

Signed-off-by: Sergey Matyukevich <geomatsi@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agoboot/arm-trusted-firmware: add SSP option
Sergey Matyukevich [Fri, 25 Jun 2021 19:33:14 +0000 (22:33 +0300)]
boot/arm-trusted-firmware: add SSP option

Buildroot sets appropriate ENABLE_STACK_PROTECTOR build flag value based
on the toolchain global BR2_SSP_* options, and all packages are built
with that setting.

However it might not be always convenient to automatically infer TF-A
stack protection from the toolchain features. For instance, secure
memory constraints may become an issue and all the extra TF-A features
need to be tuned or disabled in order to shrink TF-A firmware image.

Besides, for any value other than "none", TF-A platform specific hook
'plat_get_stack_protector_canary' must be implemented. However this hook
is not implemented by all the platforms supported by TF-A. For instance,
Allwinner currently does not provide such a hook.

Add an new option that a user can toggle to enable or disable SSP in
their ATF build. If enabled, the SSP level is automatically inherited
from the global setting.

Signed-off-by: Sergey Matyukevich <geomatsi@gmail.com>
[yann.morin.1998@free.fr: simplify logic with a single boolean]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/zfs: bump version to 2.0.5
José Luis Salvador Rufo [Thu, 24 Jun 2021 09:56:35 +0000 (11:56 +0200)]
package/zfs: bump version to 2.0.5

As this version brings support for kernel up to 5.12, we update the
test cases to use the 5.12 kernel.

Signed-off-by: José Luis Salvador Rufo <salvador.joseluis@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
3 years agopackage/modem-manager: bump version to 1.16.6
Michael Fischer [Thu, 24 Jun 2021 09:17:46 +0000 (11:17 +0200)]
package/modem-manager: bump version to 1.16.6

Signed-off-by: Michael Fischer <mf@go-sys.de>
Reviewed-by: Alexander Dahl <post@lespocky.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
3 years agopackage/libqmi: bump version to 1.28.6
Michael Fischer [Thu, 24 Jun 2021 09:12:48 +0000 (11:12 +0200)]
package/libqmi: bump version to 1.28.6

Signed-off-by: Michael Fischer <mf@go-sys.de>
Reviewed-by: Alexander Dahl <post@lespocky.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
3 years agopackage/busybox: bump version to 1.33.1
Michael Fischer [Thu, 24 Jun 2021 09:04:05 +0000 (11:04 +0200)]
package/busybox: bump version to 1.33.1

patch 0003: already applied upstream
patch 0004: already applied upstream

Signed-off-by: Michael Fischer <mf@go-sys.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
3 years agopackage/usbguard: fix build with libgcrypt
Fabrice Fontaine [Wed, 23 Jun 2021 16:59:24 +0000 (18:59 +0200)]
package/usbguard: fix build with libgcrypt

Building with libgcrypt fails since the addition of the package in
commit fbff7d7289cc95db991184f890f4ca1fcf8a101e:

checking for sparc64-buildroot-linux-gnu-libgcrypt-config... no
checking for libgcrypt-config... no
checking for LIBGCRYPT - version >= 1.5.0... no
configure: error: The selected crypto backend library is not available.

Fix this build failure by helping usbguard to find libgcrypt-config

Fixes:
 - http://autobuild.buildroot.org/results/4c19e50a2a5308cb31a62f1b4b538a30353022bb

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
3 years agopackage/usbguard: improve option handling
Fabrice Fontaine [Wed, 23 Jun 2021 16:59:23 +0000 (18:59 +0200)]
package/usbguard: improve option handling

Don't pass --disable-seccomp and --disable-systemd unconditionally
While at it, also add a space and a new line when needed, and split
the initial CONF_OPTS assignment to have one option per line.

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
3 years agopackage/gesftpserver: fix build without Python
Andreas Naumann [Thu, 24 Jun 2021 12:32:37 +0000 (14:32 +0200)]
package/gesftpserver: fix build without Python

The build of gesftserver in an environment without Python fails with:

checking for Python 2.4 or better... configure: error: cannot find Python 2.4 or better

However, it turns out that Python is only needed for tests, which we
don't run/use in Buildroot, so we can safely build gesftpserver
without Python.

Signed-off-by: Andreas Naumann <anaumann@ultratronik.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
3 years agopackage/tcpdump: bump to version 4.99.1
Baruch Siach [Thu, 24 Jun 2021 10:55:35 +0000 (13:55 +0300)]
package/tcpdump: bump to version 4.99.1

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
3 years agopackage/libpcap: bump to version 1.10.1
Baruch Siach [Thu, 24 Jun 2021 10:55:34 +0000 (13:55 +0300)]
package/libpcap: bump to version 1.10.1

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
3 years agopackage/resiprocate: enable DES in openssl
Ryan Barnett [Thu, 24 Jun 2021 14:08:13 +0000 (09:08 -0500)]
package/resiprocate: enable DES in openssl

resiprocate security backend assumes that if openssl is enabled that
it provides DES support. However DES support in openssl has become
optional since  commit a83d418 ("package/libopenssl: add option to
enable some features").

Select openssl DES support in wpa_supplicant Kconfig to avoid build
failures.

Fixes:
http://autobuild.buildroot.net/results/f7def0d5706f9e6ab97accc4eaa5f512a11bcb4c

Signed-off-by: Ryan Barnett <ryan.barnett@collins.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
3 years agopackage/libva: bump version to 2.12.0
Bernd Kuhls [Fri, 25 Jun 2021 06:07:25 +0000 (08:07 +0200)]
package/libva: bump version to 2.12.0

Release notes: https://github.com/intel/libva/blob/master/NEWS

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
3 years agopackage/libva-utils: bump version to 2.12.0
Bernd Kuhls [Fri, 25 Jun 2021 06:07:24 +0000 (08:07 +0200)]
package/libva-utils: bump version to 2.12.0

Release notes: https://github.com/intel/libva-utils/blob/master/NEWS

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
3 years agosupport/testing/tests/package/test_bmap_tools: add test for host bmap-tools
Thomas Petazzoni [Mon, 21 Jun 2021 21:01:10 +0000 (23:01 +0200)]
support/testing/tests/package/test_bmap_tools: add test for host bmap-tools

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
[yann.morin.1998@free.fr: check the two files are identical]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agosupport/testing/tests/package/test_bmap_tools: new test
Nicolas Carrier [Mon, 21 Jun 2021 21:01:09 +0000 (23:01 +0200)]
support/testing/tests/package/test_bmap_tools: new test

This patch implements a simple test in which a dummy file system image
is created, then `bmaptool create` and `bmaptool copy` are used to copy
it to another file.

Signed-off-by: Nicolas Carrier <nicolas.carrier@orolia.com>
[Thomas: several reworks, add myself to DEVELOPERS]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
[yann.morin.1998@free.fr: check the two files are identical]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agosupport/testing/infra/emulator.py: update pre-built kernels
Thomas Petazzoni [Mon, 21 Jun 2021 21:01:08 +0000 (23:01 +0200)]
support/testing/infra/emulator.py: update pre-built kernels

The pre-built vexpress kernel used by the testing infrastructure is a
4.0.0 kernel, which is getting old to be used with reasonably recent
toolchains.

This commit updates the pre-built kernels for both the versatile and
vexpress machines to 5.10.7 (they have already been put online).

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/bmap-tools: enable host package
Thomas Petazzoni [Mon, 21 Jun 2021 21:01:07 +0000 (23:01 +0200)]
package/bmap-tools: enable host package

bmaptool allows to drastically reduce the amount of data to transfer
when writing to an SD card. Example with a 544 MiB sdcard.img:

$ bmaptool create sdcard.img > sdcard.bmap
$ gzip sdcard.img
$ bmaptool copy sdcard.img.gz /dev/sdc
bmaptool: info: discovered bmap file 'sdcard.bmap'
bmaptool: info: block map format version 2.0
bmaptool: info: 139265 blocks of size 4096 (544.0 MiB), mapped 23918 blocks (93.4 MiB or 17.2%)
bmaptool: info: copying image 'sdcard.img.gz' to block device '/dev/sdc' using bmap file 'sdcard.bmap'
bmaptool: info: 100% copied
bmaptool: info: synchronizing '/dev/sdc'
bmaptool: info: copying time: 7.7s, copying speed 12.1 MiB/sec

So it means that instead of writing 544 MiB, only 93.4 MiB had to be
written.

In terms of implementation details, compared to the target bmap-tools
package, there are fewer "selects" that are needed because:

 - The dependency on setuptools is not needed, because the package
   uses the setuptools SETUP_TYPE, so host-python-setuptools is
   already a build dependency.

 - host-python and host-python3 are always built with Expat XML
   support.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/bmap-tools: new package
Nicolas Carrier [Mon, 21 Jun 2021 21:01:06 +0000 (23:01 +0200)]
package/bmap-tools: new package

Signed-off-by: Nicolas Carrier <nicolas.carrier@orolia.com>
[Thomas: numerous reworks, add myself in DEVELOPERS]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agosupport/config-fragments/autobuild/br-arm-internal-glibc: update to bleeding edge...
Thomas Petazzoni [Mon, 21 Jun 2021 21:08:19 +0000 (23:08 +0200)]
support/config-fragments/autobuild/br-arm-internal-glibc: update to bleeding edge components

The br-arm-internal-glibc.config is generally used as a configuration
to test the bleeding edge versions of components. However, it has been
lagging behind somewhat, so let's bring it up-to-date:

 - Binutils 2.36.x
 - GCC 11.x

Let the fun begin in the autobuilders!

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agosupport/testing/tests/package/test_python_augeas: new test
Thomas Petazzoni [Mon, 21 Jun 2021 20:34:55 +0000 (22:34 +0200)]
support/testing/tests/package/test_python_augeas: new test

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/python-augeas: new package
Thomas Petazzoni [Mon, 21 Jun 2021 20:34:54 +0000 (22:34 +0200)]
package/python-augeas: new package

We backport an upstream patch that fixes the loading of the native
library by the FFI logic. Without this, "import augeas" doesn't work
as it goes into the ctypes.utils.find_library() logic that tries to
use a compiler on the target to find the augeas native library.

Based on initial work from Nicolas Carrier <nicolas.carrier@orolia.com>

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/gawk: create awk symlink for host-gawk
Hubert Lacote [Tue, 15 Jun 2021 14:03:02 +0000 (16:03 +0200)]
package/gawk: create awk symlink for host-gawk

This is to make sure that host packages that depend on `host-gawk` and that use
`awk` end up using `gawk`, instead of the `awk` symlink installed on the host
system.

On recent Debian-based distributions, `awk` is still symlinked to `mawk` [1].

[1] https://bugs.launchpad.net/ubuntu/+source/mawk/+bug/1841654

Signed-off-by: Hubert Lacote <hubert.lacote@youview.com>
Co-authored-by: Hubert Lacote <hubert.lacote@youview.com>
Co-authored-by: Vicente Olivert Riera <vincent.olivert.riera@youview.com>
[yann.morin.1998@free.fr: move after the target symlink hook]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/weston: disable -NDEBUG
James Hilliard [Wed, 16 Jun 2021 20:17:11 +0000 (14:17 -0600)]
package/weston: disable -NDEBUG

Per upstream -NDEBUG should not be set for any builds:
https://gitlab.freedesktop.org/wayland/weston/-/merge_requests/643#note_958356

Fixes:
http://autobuild.buildroot.net/results/f42/f420890de1b52786f8cf5f2922b69c909162eaa1/

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/tor: bump version to 0.4.6.5
Bernd Kuhls [Sun, 20 Jun 2021 09:02:08 +0000 (11:02 +0200)]
package/tor: bump version to 0.4.6.5

Release notes: https://blog.torproject.org/node/2041

Added upstream patch to fix compilation with older compilers.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
3 years agopackage/tor: security bump version to 0.4.5.9
Bernd Kuhls [Sun, 20 Jun 2021 09:02:07 +0000 (11:02 +0200)]
package/tor: security bump version to 0.4.5.9

Release notes: https://blog.torproject.org/node/2041

Fixes CVE-2021-34548 (TROVE-2021-003), TROVE-2021-004, CVE-2021-34549
(TROVE-2021-005) & CVE-2021-34550 (TROVE-2021-006).

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
3 years agopackage/php: bump version to 7.4.20
Bernd Kuhls [Sun, 20 Jun 2021 09:30:46 +0000 (11:30 +0200)]
package/php: bump version to 7.4.20

Changelog: https://www.php.net/ChangeLog-7.php#7.4.20

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
3 years agopackage/openvpn: bump version to 2.5.3
Bernd Kuhls [Sun, 20 Jun 2021 09:14:51 +0000 (11:14 +0200)]
package/openvpn: bump version to 2.5.3

Release note:
https://forums.openvpn.net/viewtopic.php?f=20&t=32497

CVE-2021-3606 fixed by this release is only relevant for Windows.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
3 years agoconfigs/stm32f469_disco: add host {dosfs, m}tools
Peter Korsgaard [Tue, 22 Jun 2021 08:42:43 +0000 (10:42 +0200)]
configs/stm32f469_disco: add host {dosfs, m}tools

Commit 04a0094f0ef077 (configs/stm32f469_disco: fix kernel bootup) changed
the defconfig to build a vfat image, but forgot to add dosfstools/mtools
host utilities needed for this.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
3 years agopackage/redis: security bump to v6.2.4
Titouan Christophe [Thu, 17 Jun 2021 21:24:59 +0000 (23:24 +0200)]
package/redis: security bump to v6.2.4

From the release notes:
================================================================================
Redis 6.2.4 Released Tue July 1 12:00:00 IST 2021
================================================================================

Upgrade urgency: SECURITY, Contains fixes to security issues that affect
authenticated client connections. MODERATE otherwise.
Fix integer overflow in STRALGO LCS (CVE-2021-32625)

Read the whole release note on:
https://github.com/redis/redis/blob/6.2.4/00-RELEASENOTES

Signed-off-by: Titouan Christophe <titouanchristophe@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
3 years agopackage/mosquitto: security bump to v2.0.11
Titouan Christophe [Mon, 21 Jun 2021 08:53:07 +0000 (10:53 +0200)]
package/mosquitto: security bump to v2.0.11

Versions 2.0.11 and 1.6.15 of Mosquitto has been released.
These are a security and bugfix releases.

Read the full announcement on the blog:
https://mosquitto.org/blog/2021/06/version-2-0-11-released/

Signed-off-by: Titouan Christophe <titouanchristophe@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
3 years agopackage/clamav: bump version to 0.103.3
Bernd Kuhls [Mon, 21 Jun 2021 19:46:53 +0000 (21:46 +0200)]
package/clamav: bump version to 0.103.3

Release notes:
https://blog.clamav.net/2021/06/clamav-01033-patch-release.html

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
3 years agopackage/dovecot-pigeonhole: security bump version to 0.5.15
Bernd Kuhls [Mon, 21 Jun 2021 19:42:31 +0000 (21:42 +0200)]
package/dovecot-pigeonhole: security bump version to 0.5.15

Fixes CVE-2020-28200:
https://dovecot.org/pipermail/dovecot-news/2021-June/000460.html

Release notes:
https://dovecot.org/pipermail/dovecot-news/2021-June/000458.html

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
3 years agopackage/dovecot: security bump version to 2.3.15
Bernd Kuhls [Mon, 21 Jun 2021 19:42:30 +0000 (21:42 +0200)]
package/dovecot: security bump version to 2.3.15

Fixes several security bugs:

CVE-2021-29157
- https://dovecot.org/pipermail/dovecot-news/2021-June/000461.html

CVE-2021-33515
- https://dovecot.org/pipermail/dovecot-news/2021-June/000462.html

Release notes:
https://dovecot.org/pipermail/dovecot-news/2021-June/000457.html

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
3 years agopackage/python-django: security bump to version 3.2.4
Fabrice Fontaine [Mon, 21 Jun 2021 19:28:00 +0000 (21:28 +0200)]
package/python-django: security bump to version 3.2.4

Django 3.2.4 fixes two security issues and several bugs in 3.2.3.
- CVE-2021-33203: Potential directory traversal via ``admindocs``
- CVE-2021-33571: Possible indeterminate SSRF, RFI, and LFI attacks
  since validators accepted leading zeros in IPv4 addresses

https://github.com/django/django/blob/3.2.4/docs/releases/3.2.4.txt

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
3 years agopackage/exiv2: security bump to version 0.27.4
Fabrice Fontaine [Wed, 16 Jun 2021 05:48:29 +0000 (07:48 +0200)]
package/exiv2: security bump to version 0.27.4

Fix 12 security issues including CVE-2021-3482, CVE-2021-29457,
CVE-2021-29458, CVE-2021-29463, CVE-2021-29464, CVE-2021-29470,
CVE-2021-29473, CVE-2021-29623 and CVE-2021-32617

- Use official tarball
- Drop patch (already in version)
- Update indentation in hash file (two spaces)

https://github.com/Exiv2/exiv2/releases/tag/v0.27.4

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
3 years agopackage/wireshark: security bump to version 3.4.6
Fabrice Fontaine [Wed, 16 Jun 2021 06:21:13 +0000 (08:21 +0200)]
package/wireshark: security bump to version 3.4.6

Fix CVE-2021-22222: Infinite loop in DVB-S2-BB dissector in Wireshark
3.4.0 to 3.4.5 allows denial of service via packet injection or crafted
capture file

https://www.wireshark.org/security/wnpa-sec-2021-05.html

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
3 years agopackage/libressl: fix openssldir setting to match openssl
Peter Korsgaard [Wed, 16 Jun 2021 16:05:06 +0000 (18:05 +0200)]
package/libressl: fix openssldir setting to match openssl

libressl defaults to $prefix/etc/ssl for its "openssldir" setting, E.G.
the location where configuration files and certificates are searched:

openssl version -d
OPENSSLDIR: "/usr/etc/ssl"

Change it to /etc/ssl so it matches openssl and the expectations of packages
dealing with certificates (ca-certificates, libcurl, p11-kit)

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
3 years agopackage/tinyproxy: bump to version 1.11.0
Alexander Mukhin [Wed, 16 Jun 2021 14:25:39 +0000 (17:25 +0300)]
package/tinyproxy: bump to version 1.11.0

Also, since tinyproxy no longer uses a2x, remove its explicit disabling.

Signed-off-by: Alexander Mukhin <alexander.i.mukhin@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
3 years agopackage/gcc: switch to gcc 10.x as the default
Romain Naour [Sat, 12 Jun 2021 09:40:15 +0000 (11:40 +0200)]
package/gcc: switch to gcc 10.x as the default

Even if gcc 9.x is still maintained for some time (gcc 9.5 will be the
last), switch to gcc 10.x since it has been released since 2020-05-07
and gcc 11.x is available since 2021-04-27.

We have been having toolchains in the autobuilders with gcc 10.x since
mid-January 2021, so the vast majority of the problems should have
already been solved.

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agotoolchain/toolchain-external/toolchain-external-custom: add gcc 11 version selection
Romain Naour [Sat, 12 Jun 2021 09:40:14 +0000 (11:40 +0200)]
toolchain/toolchain-external/toolchain-external-custom: add gcc 11 version selection

This patch allows to use an external toolchain based on gcc 11.

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agoarch: add BR2_ARCH_NEEDS_GCC_AT_LEAST_11
Romain Naour [Sat, 12 Jun 2021 09:40:13 +0000 (11:40 +0200)]
arch: add BR2_ARCH_NEEDS_GCC_AT_LEAST_11

This new symbol will be used by architectures introduced with gcc 11.

[1] https://gcc.gnu.org/gcc-11/changes.html

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agopackage/gcc: add support for gcc 11
Romain Naour [Sat, 12 Jun 2021 09:40:12 +0000 (11:40 +0200)]
package/gcc: add support for gcc 11

Disable sparc architecture for gcc 11 due to an recent gcc change
that broke uClibc-ng. The change was reverted by the patch
0005-Revert-re-PR-target-92095-internal-error-with-O1-mcp.patch
for gcc 8.4, 9.3 and 10.1 but stop maintaining it for newer gcc
releases.

Rutime tested:
https://gitlab.com/kubu93/buildroot/-/pipelines/318043235

https://gcc.gnu.org/gcc-11/changes.html
https://gcc.gnu.org/gcc-11/porting_to.html

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agotoolchain/Config.in: add BR2_TOOLCHAIN_GCC_AT_LEAST_11 blind option
Romain Naour [Sat, 12 Jun 2021 09:40:11 +0000 (11:40 +0200)]
toolchain/Config.in: add BR2_TOOLCHAIN_GCC_AT_LEAST_11 blind option

In order to add gcc 11 support for internal and external toolchain in
follow-up commits, introduce BR2_TOOLCHAIN_GCC_AT_LEAST_11 symbol.

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agoboard/qemu/sparc64-sun4u: avoid gcc-11 warning to build the kernel
Romain Naour [Sat, 12 Jun 2021 09:40:10 +0000 (11:40 +0200)]
board/qemu/sparc64-sun4u: avoid gcc-11 warning to build the kernel

gcc-11 warns about what appears to be an out-of-range array access but
stop the build due to -Werror added to cflags:

arch/sparc/kernel/mdesc.c: In function 'mdesc_node_by_name':
arch/sparc/kernel/mdesc.c:647:22: error: 'strcmp' reading 1 or more bytes from a region of size 0 [-Werror=stringop-overread]
  647 |                 if (!strcmp(names + ep[ret].name_offset, name))
      |                      ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
arch/sparc/kernel/mdesc.c:77:33: note: at offset 16 into source object 'mdesc' of size 16
   77 |         struct mdesc_hdr        mdesc;
      |                                 ^~~~~
arch/sparc/kernel/mdesc.c: In function 'mdesc_get_property':
arch/sparc/kernel/mdesc.c:692:22: error: 'strcmp' reading 1 or more bytes from a region of size 0 [-Werror=stringop-overread]
  692 |                 if (!strcmp(names + ep->name_offset, name)) {
      |                      ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
arch/sparc/kernel/mdesc.c:77:33: note: at offset 16 into source object 'mdesc' of size 16
   77 |         struct mdesc_hdr        mdesc;
      |                                 ^~~~~
arch/sparc/kernel/mdesc.c: In function 'mdesc_next_arc':
arch/sparc/kernel/mdesc.c:719:21: error: 'strcmp' reading 1 or more bytes from a region of size 0 [-Werror=stringop-overread]
  719 |                 if (strcmp(names + ep->name_offset, arc_type))
      |                     ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
arch/sparc/kernel/mdesc.c:77:33: note: at offset 16 into source object 'mdesc' of size 16
   77 |         struct mdesc_hdr        mdesc;
      |                                 ^~~~~
cc1: all warnings being treated as errors

The issue was initially reported to gcc [1] where it was analized.
As suggested, change the struct mdesc_elem * accesses from the end
of mdesc to those from the beginning of the data array.

Update the prototype of node_block(), name_block() and data_block()
since the code really seems to want to do is to compute the address
somewhere into the chunk pointed to by hp.

[1] https://gcc.gnu.org/bugzilla/show_bug.cgi?id=100262

Upstream status: Pending
https://www.spinics.net/lists/sparclinux/msg26385.html

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agowpebackend-fdo: bump to version 1.10.0
Adrian Perez de Castro [Fri, 11 Jun 2021 14:44:18 +0000 (17:44 +0300)]
wpebackend-fdo: bump to version 1.10.0

This version change does not include functional changes over 1.9.92, but
it is slated as stable (hence the even second version number). Release
notes:

  https://wpewebkit.org/release/wpebackend-fdo-1.10.0.html

Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agolibwpe: bump to version 1.10.1
Adrian Perez de Castro [Fri, 11 Jun 2021 14:40:35 +0000 (17:40 +0300)]
libwpe: bump to version 1.10.1

This minor release fixes a build issue when Meson is running under
a version of Python older than 3.6; release notes:

  https://wpewebkit.org/release/libwpe-1.10.1.html

Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agopackage/libsoup: always disable tls_check
Fabrice Fontaine [Thu, 10 Jun 2021 19:03:13 +0000 (21:03 +0200)]
package/libsoup: always disable tls_check

Always disable tls_check to avoid the following build failure since bump to
version 2.72.0 in commit 8e5f7f1cfc8fd7a9d5270f6a9707eb9eecfd21da:

../output-1/build/libsoup-2.72.0/meson.build:184:4: ERROR: Can not run test applications in this cross environment.

Indeed, tls_check will run code since
https://gitlab.gnome.org/GNOME/libsoup/-/commit/5c45253243a2deca4880d4f614f2932373445cf9

That is the only thing that this option does: it runs code to check that
libgio is built with TLS support.

While at it, also drop glib-networking build-time dependency

Also mark gnutls as a runtime dependency (it already was used as such).

Fixes:
 - http://autobuild.buildroot.org/results/9e539dc7185cfb81f18438dd36357cb49ef23a5a

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Reviewed-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agopackage/libfuse3: bump to version 3.10.4
Asaf Kahlon [Thu, 10 Jun 2021 18:39:34 +0000 (21:39 +0300)]
package/libfuse3: bump to version 3.10.4

From this version, tests can be disabled, so we pass
"tests=false" as a Meson option.

Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agopackage/iperf3: bump to version 3.10.1
Ignacy Gawędzki [Thu, 10 Jun 2021 16:10:08 +0000 (18:10 +0200)]
package/iperf3: bump to version 3.10.1

Update LICENSE hash; copyright year update.

Signed-off-by: Ignacy Gawędzki <ignacy.gawedzki@green-communications.fr>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agopackage/filemq: bump to af4768dcaf2fcb8083a32bad107a22ecb7a5d954
Fabrice Fontaine [Wed, 9 Jun 2021 20:28:42 +0000 (22:28 +0200)]
package/filemq: bump to af4768dcaf2fcb8083a32bad107a22ecb7a5d954

This bump will drop -Werror to fix build failure with -DNDEBUG raised
since commit 5a8c50fe05afacc3cbe8e7347e238da9f242fab0

Fixes:
 - http://autobuild.buildroot.org/results/cf4c45ed7ae2c5090ac6ba967497e0d42d5c5224

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agopackage/openswan: disable -Werror
Fabrice Fontaine [Wed, 9 Jun 2021 20:14:19 +0000 (22:14 +0200)]
package/openswan: disable -Werror

Disable -Werror to avoid the following build failure with -DNDEBUG
raised since commit 5a8c50fe05afacc3cbe8e7347e238da9f242fab0

/srv/storage/autobuild/run/instance-2/output-1/build/openswan-3.0.0/programs/rsasigkey/rsasigkey.c:524:6: error: variable 'success' set but not used [-Werror=unused-but-set-variable]
  524 |  int success;
      |      ^~~~~~~

Fixes:
 - http://autobuild.buildroot.org/results/327a0f2b8f0c51bcbb3edb1c3671870d593e93b9

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agopackage/ffmpeg: Fix build for mips, 2nd attempt
Bernd Kuhls [Wed, 9 Jun 2021 19:01:41 +0000 (21:01 +0200)]
package/ffmpeg: Fix build for mips, 2nd attempt

The patch introduced in commit
uses "defined(HAVE_SYS_AUXV_H)". However, ffmpeg configure is not GNU
autoconf, and it defines the symbol to 0 when not found. Use
HAVE_SYS_AUXV_H without defined() instead.

Fixes:
http://autobuild.buildroot.net/results/da0/da03909291e97c525eb1f53dfc743a1897f59d6e/

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agopackage/pipewire: remove already-applied patch and renumber
Fabrice Fontaine [Wed, 9 Jun 2021 17:11:27 +0000 (19:11 +0200)]
package/pipewire: remove already-applied patch and renumber

Drop 0002-meson.build-fix-build-with-uclibc-ng.patch which is not needed
since 0dda1a44a0859fc15b318e493c151ca1d807ba24 which has been merged in
master in commit 8d07baab43b5624ad6d73ee58f5a9d4ab8b27049

While at it, renumber
0002-meson-fix-getrandom-detection-for-uclibc.patch to
0001-meson-fix-getrandom-detection-for-uclibc.patch (patch number was
wrong since its addition in commit
b003cb5d16de9c92baba7dea7a6626c71cefc4fb) and also renumber remaining
patch

Fixes:
 - http://autobuild.buildroot.org/results/4d442c61b137ca1bd2dd32c6802ff0251d39e7a5

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agopackage/pdbg: fix build with -DNDEBUG
Fabrice Fontaine [Fri, 11 Jun 2021 06:39:21 +0000 (08:39 +0200)]
package/pdbg: fix build with -DNDEBUG

Fix build failure with -DNDEBUG raised since commit
5a8c50fe05afacc3cbe8e7347e238da9f242fab0

Fixes:
 - http://autobuild.buildroot.org/results/9d90ede1ff7425cbb25b95aed3bf8d27ced865a4

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agopackage/libpsl: needs wchar
Fabrice Fontaine [Wed, 9 Jun 2021 21:41:30 +0000 (23:41 +0200)]
package/libpsl: needs wchar

Add a dependency on wchar as both icu and libunistring needs wchar

Fixes:
 - http://autobuild.buildroot.org/results/704d8e6f8b78015180e5b12c132495425637430a

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Reviewed-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agopackage/qemu: remove upstream patch
Romain Naour [Wed, 9 Jun 2021 19:03:28 +0000 (21:03 +0200)]
package/qemu: remove upstream patch

This patch is already merged in qemu 6.0.0.

Fixes:
http://autobuild.buildroot.net/results/aaa/aaabd63d0903819fb55d08852cef34c497cb57e6

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agopackage/libuhttpd: bump version to 3.12.1
Jianhui Zhao [Mon, 7 Jun 2021 02:42:39 +0000 (10:42 +0800)]
package/libuhttpd: bump version to 3.12.1

CMake options have been renamed: UHTTPD_ prefix was dropped,
BUILD_STATIC_LIBS renamed to BUILD_STATIC.

Also fix handling of BUILD_STATIC: it should only be given when building
static libs, otherwise no dynamic lib is built.

Signed-off-by: Jianhui Zhao <zhaojh329@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agopackage/gcc: bump to version 9.4.0
Romain Naour [Mon, 7 Jun 2021 18:54:39 +0000 (20:54 +0200)]
package/gcc: bump to version 9.4.0

Remove upstream patches
Reorder remaining patches

See:
https://gcc.gnu.org/pipermail/gcc-announce/2021/000168.html

Runtime tested:
https://gitlab.com/kubu93/buildroot/-/pipelines/315291768

Signed-off-by: Romain Naour <romain.naour@gmail.com>
3 years agopackage/gnuplot: bump version to 5.4.2
Michael Fischer [Mon, 7 Jun 2021 08:24:51 +0000 (10:24 +0200)]
package/gnuplot: bump version to 5.4.2

Signed-off-by: Michael Fischer <mf@go-sys.de>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agopackage/lualdap: bump to version 1.3.0
Francois Perrad [Mon, 7 Jun 2021 17:56:26 +0000 (19:56 +0200)]
package/lualdap: bump to version 1.3.0

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agopackage/python-rpi-ws281x: Bump to version 4.3.0
Grzegorz Blach [Mon, 7 Jun 2021 12:09:47 +0000 (14:09 +0200)]
package/python-rpi-ws281x: Bump to version 4.3.0

Remove 0001-ws2811.c-fix-build-with-gcc-4.8.patch,
it has been merged upstream.

Signed-off-by: Grzegorz Blach <grzegorz@blach.pl>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agopackage/docker-cli: bump version to 20.10.7
Christian Stewart [Mon, 7 Jun 2021 06:07:30 +0000 (23:07 -0700)]
package/docker-cli: bump version to 20.10.7

Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agopackage/docker-engine: bump version to 20.10.7
Christian Stewart [Mon, 7 Jun 2021 06:07:29 +0000 (23:07 -0700)]
package/docker-engine: bump version to 20.10.7

Drop upstreamed patch fix-port-forwarding-with-ipv6.

Upstream commit: d29a55c6c344a536089d6b1bcd92be9cdea20641

Signed-off-by: Christian Stewart <christian@paral.in>
Tested-by: Christian Stewart <christian@paral.in>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agopackage/fuse-overlayfs: bump to version 1.5.0
Christian Stewart [Mon, 7 Jun 2021 06:01:58 +0000 (23:01 -0700)]
package/fuse-overlayfs: bump to version 1.5.0

Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agopackage/batman-adv: bump to version 2021.1
Christian Stewart [Mon, 7 Jun 2021 05:57:49 +0000 (22:57 -0700)]
package/batman-adv: bump to version 2021.1

Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agopackage/usbguard: new package
Kamel Bouhara [Tue, 8 Jun 2021 12:32:10 +0000 (14:32 +0200)]
package/usbguard: new package

usbguard is a software framework to implement USB
device blacklisting and whitelisting based on their
attributes.

More info. on: https://usbguard.github.io/

Signed-off-by: Kamel Bouhara <kamel.bouhara@bootlin.com>
Tested-by: Miquel Raynal <miquel.raynal@bootlin.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
[Arnout:
 - correct indirect dependencies from protobuf instead of libglib2;
 - say in Config.in help text that rules.conf has to be created]

3 years agopackage/libqb: new package
Kamel Bouhara [Tue, 8 Jun 2021 12:32:09 +0000 (14:32 +0200)]
package/libqb: new package

libqb is a library providing features for client-server architecture,
such as logging, tracing, inter-process communication (IPC) and polling.

see: https://github.com/ClusterLabs/libqb

Signed-off-by: Kamel Bouhara <kamel.bouhara@bootlin.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agoconfigs/stm32f469_disco: fix kernel bootup
Dario Binacchi [Mon, 7 Jun 2021 16:31:49 +0000 (18:31 +0200)]
configs/stm32f469_disco: fix kernel bootup

As described by [1], the kernel generated by the configuration for the
STM32f469 Discovery board is buggy. Using a newer kernel, as suggested
by [1], increases the dtb and Kernel image size. In particular, the
5.12 version of the kernel generates a dtb and a kernel image whose sum
exceeds the 2 MByte of the flash module.

So I decided to replace the afboot-stm32 bootloader in the flash with
U-boot to easily boot the system from sdcard without having to worry
about the size of dtb, kernel and rootfs generated by the configuration.

This solution allows you to fix the kernel boot issue and makes it
possible to use its future versions.

[1] http://buildroot-busybox.2317881.n4.nabble.com/Bug-11746-New-stm32f469-didn-t-work-correctly-td219644.html

Signed-off-by: Dario Binacchi <dariobin@libero.it>
Acked-by: Christophe Priouzeau <christophe.priouzeau@foss.st.com>
Tested-by: Christophe Priouzeau <christophe.priouzeau@foss.st.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
[Arnout:
 - specify headers version explicitly, even though it's default;
 - bump kernel to 5.12.11]

3 years agocore/pkg-generic: fix instrumentation for packages that install nowhere
Yann E. MORIN [Sun, 13 Jun 2021 14:32:07 +0000 (16:32 +0200)]
core/pkg-generic: fix instrumentation for packages that install nowhere

A (target [0]) package can independently declare installing in various
locations: target, staging, or images. The default is to only install
in target.

When a package opts out from installing to target, but does not opts
in to install in any other location, the package is not downloaded,
extracted, patched, configured, nor built at all. As a consequence, none
of the per-step instrumentation is executed, specifically the listing
of files before/after the package sequence.

Down the line, the package infra does not cope well with that situation,
because the gathering-install step, the one that synchronises all the
optional target, staging, or images install steps, still gets run.

And as #13836 shows, this does not go well:

    /bin/sh: /home/tbuild/myboard/build/foo/.files-list.after: No such file or directory
    make[1]: *** [/home/tbuild/myboard/build/foo/.stamp_installed] Error 1
    make: *** [_all] Error 2

So, we should have ensured that the gathering-install step itself
depends on the build step, which would have solved the issue.

However, this bug really illustrates a more fundamental issue: does it
even make sense to have a package that installs nothing in any location?
Indeed, why even bother with that package to begin with if it will not
provide anything at all?

It turns out that yes, this makes sense. We have some packages, that
do not install anything at all, and do not even build anything; they are
there just to ensure that we can download something that will ultimately
be used by another package. This is the case for example for packages
that provide linux extensions, like aufs [1].

Additionally, some ugly out-of-tree packages could conceivably install
things during the build (or even configure!) steps. That's not unheard
of... [2]

So, the solution is to ensure that the gathering-install step does
depend on the build step, to trigger the proper dependency chain and
have the instrumentation hooks properly run even in that degenerate
case.

Fixes: #13836
[0] a host package can't opt out of installing anything.
[1] that one is actually missing AUFS_INSTALL_TARGET = NO, so this
    hides the issue.
[2] even us are not 100% clean on that topic: gcc will install files in
    staging and target as part of the same step (not the build, granted,
    but still...)

Reported-by: "Weber, Matthew L Collins" <Matthew.Weber@collins.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Tested-by: Matthew Weber <matthew.weber@collins.com
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/weston: enable libseat launcher if seatd is enabled
Adrian Perez de Castro [Thu, 27 May 2021 13:35:03 +0000 (16:35 +0300)]
package/weston: enable libseat launcher if seatd is enabled

Enable building Weston's libseat launcher, now that the seatd package
is available.

Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/weston: add configuration options for weston shells
Martin Elshuber [Wed, 16 Jun 2021 12:42:02 +0000 (14:42 +0200)]
package/weston: add configuration options for weston shells

Enable selection of used weston shells. By default all available
shells are enabled to keep the old behavior. The new configuration
options enable the user to select them individually.

Signed-off-by: Martin Elshuber <martin.elshuber@theobroma-systems.com>
[yann.morin.1998@free.fr:
  - ensure at least one shell is enabled; desktop arbitrarily chosen
  - s/BR2_PACKAGE_WESTON_SHELL_SELECTED/BR2_PACKAGE_WESTON_HAS_SHELL/
  - reword associated comment
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/lvm2: default standard install to y
Arnout Vandecappelle (Essensium/Mind) [Wed, 16 Jun 2021 17:33:03 +0000 (19:33 +0200)]
package/lvm2: default standard install to y

Until commit 5c07dfcc1a52e2804011574a3e022523a20546c8
BR2_PACKAGE_LVM2_STANDARD_INSTALL would default to y. Indeed, the
default read:

      default y if !BR2_PACKAGE_LVM2_DMSETUP_ONLY # legacy 2013.11

Since the legacy symbol is normally not selected, this defaults to y.

Commit 5c07dfcc1a52e2804011574a3e022523a20546c8 inadvertedly removed the
entire line instead of just the condition.

Fixes: https://bugs.busybox.net/show_bug.cgi?id=13846
For-stable: 2021.02, 2021.05
Cc: dominique.tronche@atos.net
Cc: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/snort3: new package
Fabrice Fontaine [Sun, 25 Apr 2021 17:22:23 +0000 (19:22 +0200)]
package/snort3: new package

Snort 3 is the next generation Snort IPS (Intrusion
Prevention System).

 - Support multiple packet processing threads
 - Shared configuration and attribute table
 - Use a simple, scriptable configuration
 - Make key components pluggable
 - Autodetect services for portless configuration
 - Support sticky buffers in rules
 - Autogenerate reference documentation
 - Provide better cross platform support

https://www.snort.org/snort3

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Reviewed-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agopackage/daq3: new package
Fabrice Fontaine [Sun, 25 Apr 2021 17:22:22 +0000 (19:22 +0200)]
package/daq3: new package

Add daq3 package to be able to add the snort3 package.

daq3 is not compatatible with snort as daq_load_modules has been removed

daq3 package has been created from the daq package, here is a summary of
the changes:
- Drop patch (not needed anymore)
- Enable parallel build as there is no more tokdefs.h
- Drop libdnet dependency
- Drop host-bison and host-flex dependencies
- Drop libpcap workarounds
- ipq module dropped since version 3.0.0-alpha1 and
  https://github.com/snort3/libdaq/commit/80c62799a936118c80894bf91f396c8aa8ba45a6
- Add LICENSE file (same content than COPYING)
- Update hash of COPYING (project name and GPLv2 text updated with
  https://github.com/snort3/libdaq/commit/46e8722da230082a5728175270ea3c04432d1af0)
- Add a dependency on gcc 4.9 for {t,u}h_{d,s}port that are protected on
  glibc by _FAVOR_BSD (and so !defined _GNU_SOURCE) until version 2.19:
  https://sourceware.org/git/?p=glibc.git;a=commit;h=7011c2622fe3e10a29dbe74f06aaebd07710127d

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agopackage/lua-zlib: new package
Francois Perrad [Sun, 13 Jun 2021 15:42:39 +0000 (17:42 +0200)]
package/lua-zlib: new package

This module is only partially compatible with lzlib (which is no longer
maintained).

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
[yann.morin.1998@free.fr: amend commit log about limited compatibility]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/python-dataproperty: bump to version 0.50.1
Fabrice Fontaine [Sun, 25 Apr 2021 09:29:31 +0000 (11:29 +0200)]
package/python-dataproperty: bump to version 0.50.1

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agopackage/python-dataproperty: drop python-six dependency
Fabrice Fontaine [Sun, 25 Apr 2021 09:29:30 +0000 (11:29 +0200)]
package/python-dataproperty: drop python-six dependency

python-six is not a dependency since drop of python 2 in version 0.47.0:
https://github.com/thombashi/DataProperty/commit/d3fdde41af0151e2f04a3a79bea1fb33a28a98f7

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agopackage/bluez5_utils: Clean up descriptions
Michael Nosthoff [Wed, 21 Apr 2021 13:17:23 +0000 (15:17 +0200)]
package/bluez5_utils: Clean up descriptions

The descriptions in this package have grown pretty confusing over time.
Try to make this a bit more consistent and up-to-date.

* drop references to old kernel versions not supported by BR anymore
* Remove "Bluez 5.x" string from options
* consistently use the term "plugin" (plugins implement profiles)
* make mentioned profile appreviations upper-case
* make descriptions closer to the ones in BlueZ Readme [0]
* make clear that "tests" refers to the python test scripts

[0] https://git.kernel.org/pub/scm/bluetooth/bluez.git/tree/README?h=5.58

Signed-off-by: Michael Nosthoff <buildroot@heine.tech>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
[Arnout:
 - remove more 5.x references;
 - Use official spelling BlueZ in main help text]

3 years agopackage/zstd: Simplify host-build
Norbert Lange [Tue, 25 May 2021 17:26:48 +0000 (19:26 +0200)]
package/zstd: Simplify host-build

1.5.0 uses Threads by default for cli tool and DSO,
should not be necessary to do anything special.

Signed-off-by: Norbert Lange <nolange79@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agopackage/zstd: bump to version 1.5.0
Norbert Lange [Tue, 25 May 2021 17:26:47 +0000 (19:26 +0200)]
package/zstd: bump to version 1.5.0

Signed-off-by: Norbert Lange <nolange79@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agopackage/libiec61850: bump to version 1.5.0
Romain Naour [Tue, 25 May 2021 12:03:41 +0000 (14:03 +0200)]
package/libiec61850: bump to version 1.5.0

Remove all upstream patches
Remove IGNORE_CVES for CVE-2020-15158

Build tested:
https://gitlab.com/kubu93/buildroot/-/pipelines/309037705

Signed-off-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agopackage/intel-microcode: security bump to version 20210608
Peter Korsgaard [Sun, 13 Jun 2021 21:10:11 +0000 (23:10 +0200)]
package/intel-microcode: security bump to version 20210608

Fixes the following security issues:

- CVE-2020-24489: A potential security vulnerability in some Intel®
  Virtualization Technology for Directed I/0 (VT-d) products may allow
  escalation of privilege.  Intel is releasing firmware updates to mitigate
  this potential vulnerability.
  https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00442.html

- CVE-2020-24511: Potential security vulnerabilities in some Intel®
  Processors may allow information disclosure.  Intel is releasing firmware
  updates to mitigate these potential vulnerabilities.
  https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00464.html

- CVE-2020-24513: A potential security vulnerability in some Intel Atom®
  Processors may allow information disclosure.  Intel is releasing firmware
  updates to mitigate this potential vulnerability.
  https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00465.html

For more details, see the release notes:
https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20210608

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agoDEVELOPERS: add myself for cegui
Bartosz Bilas [Sat, 12 Jun 2021 09:00:06 +0000 (11:00 +0200)]
DEVELOPERS: add myself for cegui

Signed-off-by: Bartosz Bilas <b.bilas@grinn-global.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/cegui: bump to current master
Bartosz Bilas [Sat, 12 Jun 2021 08:57:40 +0000 (10:57 +0200)]
package/cegui: bump to current master

v0-8-7 is pretty old (2016) and raises a lot of build failures
so switch to the current master version while at it disable
support for irrlicht and fribidi that are broken on master.
Moreover disable samples and application templates that
are not required.

Fixes:
- http://autobuild.buildroot.net/results/5b9/5b9ff0e8f16a2fd732ae25d5383656f7ae205748/
- http://autobuild.buildroot.net/results/333/33397224f8a8067d8ecbd6661b84ca155a0525c0/

and more...

Signed-off-by: Bartosz Bilas <b.bilas@grinn-global.com>
[yann.morin.1998@free.fr: fix check-package]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/fb-test-app: Add myself to DEVELOPERS
Andy Shevchenko [Mon, 14 Jun 2021 11:14:44 +0000 (14:14 +0300)]
package/fb-test-app: Add myself to DEVELOPERS

Add myself to DEVELOPERS as maintainer of fb-test-app.

Suggested-by: Arnout Vandecappelle <arnout@mind.be>
Signed-off-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/rpcbind fix version number
Andreas Ziegler [Tue, 8 Jun 2021 08:53:32 +0000 (10:53 +0200)]
package/rpcbind fix version number

Commit d13b292cec8166c4712cf4a0defbeee827ffaf78 introduced a patch for rpcbind but also changed the version number to a non-existing value.

Change rpcbind to last released version and adapt hash value.

Signed-off-by: Andreas Ziegler <br015@umbiko.net>
Reviewed-by: Petr Vorel <petr.vorel@gmail.com>
[yann.morin.1998@free.fr: fix version in patch too, noticed by Baruch]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/perl-type-tiny: bump to version 1.012003
Francois Perrad [Mon, 7 Jun 2021 17:56:04 +0000 (19:56 +0200)]
package/perl-type-tiny: bump to version 1.012003

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/perl-net-dns: bump to version 1.31
Francois Perrad [Mon, 7 Jun 2021 17:56:03 +0000 (19:56 +0200)]
package/perl-net-dns: bump to version 1.31

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/perl-libwww-perl: bump to version 6.54
Francois Perrad [Mon, 7 Jun 2021 17:56:02 +0000 (19:56 +0200)]
package/perl-libwww-perl: bump to version 6.54

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/perl-io-socket-ssl: bump to version 2.071
Francois Perrad [Mon, 7 Jun 2021 17:56:01 +0000 (19:56 +0200)]
package/perl-io-socket-ssl: bump to version 2.071

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/perl-http-message: bump to version 6.32
Francois Perrad [Mon, 7 Jun 2021 17:56:00 +0000 (19:56 +0200)]
package/perl-http-message: bump to version 6.32

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/perl-convert-asn1: bump to version 0.31
Francois Perrad [Mon, 7 Jun 2021 17:55:59 +0000 (19:55 +0200)]
package/perl-convert-asn1: bump to version 0.31

diff LICENSE:
- This software is copyright (c) 2014 by Graham Barr.
+ This software is copyright (c) 2021 by Graham Barr.

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/botan: requires RC4 and RMD160 support in openssl
Fabrice Fontaine [Sun, 13 Jun 2021 15:23:38 +0000 (17:23 +0200)]
package/botan: requires RC4 and RMD160 support in openssl

Enable RC4 and RMD160 in openssl to fix build failure raised since
commit a83d41867c8d69a77d5cd0a665aa216af5340359

Fixes:
 - http://autobuild.buildroot.org/results/795671a39b754747725b09cf0e196defd6b0e59a

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/php: requires MD4, RC4 and RMD160 support in openssl
Fabrice Fontaine [Sun, 13 Jun 2021 14:52:52 +0000 (16:52 +0200)]
package/php: requires MD4, RC4 and RMD160 support in openssl

Enable MD4, RC4 and RMD160 in openssl to fix build failure raised since
commit a83d41867c8d69a77d5cd0a665aa216af5340359

Fixes:
 - http://autobuild.buildroot.org/results/bd884a34e8de8990fc85bf51389ec4d8d3424482
 - http://autobuild.buildroot.org/results/faaa667b72ca7b8621d6b13b1912cd5413767222

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/luvi: requires DES support in openssl
Fabrice Fontaine [Sun, 13 Jun 2021 14:14:21 +0000 (16:14 +0200)]
package/luvi: requires DES support in openssl

Enable DES in openssl to fix build failure raised since commit
a83d41867c8d69a77d5cd0a665aa216af5340359

Fixes:
 - http://autobuild.buildroot.org/results/d8452e2de1bd866953d3bb0cb951e9f877f9a6e0

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/tpm-tools: requires DES support in openssl
Fabrice Fontaine [Sun, 13 Jun 2021 10:47:06 +0000 (12:47 +0200)]
package/tpm-tools: requires DES support in openssl

Enable DES in openssl to fix build failure raised since commit
a83d41867c8d69a77d5cd0a665aa216af5340359

Fixes:
 - http://autobuild.buildroot.org/results/c104263d0fb6f758ac1e654b114f68b4fbfcf6bd

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>