Adam Duskett [Fri, 29 Nov 2019 20:38:41 +0000 (12:38 -0800)]
support/testing: add smmap2 test
Add a simple test case that imports the module and instantiates a new
SlidingWindowMapManager class.
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Adam Duskett [Fri, 29 Nov 2019 20:38:40 +0000 (12:38 -0800)]
package/python-smmap2: new package
Smmap wraps an interface around mmap and tracks the mapped files as
well as the amount of clients who use it. If the system runs out of
resources, or if a memory limit is reached, it will automatically
unload unused maps to allow continued operation.
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Thomas Petazzoni [Mon, 16 Dec 2019 15:31:13 +0000 (16:31 +0100)]
package/pkg-utils.mk: rename extractor-dependency to extractor-system-dependency
The extractor-dependency macro returns which system-provided tools are
needed to be able to extract the archive passed as argument. The
result of this macro is added to DL_TOOLS_DEPENDENCIES so that the
logic in support/dependencies/ verifies that the necessary tools are
provided by the system.
However, we are going to add another macro, extractor-pkg-dependency,
which says which Buildroot packages are needed to extract the archive
passed as argument. Indeed, for those archive types, if the extractor
is not provided system-wide, we build it as a host Buildroot package.
To clarify the distinction between the upcoming
extractor-pkg-dependency and existing extractor-dependency, we rename
the latter to extractor-system-dependency.
We take this opportunity to extend the documentation of this macro.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Reviewed-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Julien Olivain [Mon, 2 Dec 2019 20:06:01 +0000 (21:06 +0100)]
package/freescale-imx/firmware-imx: bump version to 8.1.1
This version is aligned with i.MX NXP BSP components version
rel_imx_4.14.98_2.0.0_ga
Signed-off-by: Julien Olivain <juju@cotds.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Julien Olivain [Mon, 2 Dec 2019 20:05:00 +0000 (21:05 +0100)]
package/freescale-imx: update SITE to use NXP url
NXP BSPs has been using the nxp.com URL for a while:
http://git.yoctoproject.org/cgit/cgit.cgi/meta-freescale/commit/conf/layer.conf?id=
d6abbbc1ce0882bdc82e03b1868eeba1a50a7bd3
It's unclear for how long the freescale.com redirect will be
maintained. This patch update the FREESCALE_IMX_SITE variable
to point directly to the NXP site.
Signed-off-by: Julien Olivain <juju@cotds.org>
Reviewed-by: Gary Bisson <bisson.gary@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Julien Olivain [Mon, 2 Dec 2019 20:03:00 +0000 (21:03 +0100)]
configs/imx8mpico: bump BSP components to 4.14.98_2.0.0
Update Kernel, U-Boot and ATF to TechNexion BSP, based on NXP
4.14.98_2.0.0 release.
This patch also remove BR2_TARGET_UBOOT_FORMAT_IMX in defconfig which
is not needed for this platform.
Signed-off-by: Julien Olivain <juju@cotds.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Julien Olivain [Mon, 2 Dec 2019 19:54:23 +0000 (20:54 +0100)]
configs/imx8mmpico: bump BSP components to 4.14.98_2.0.0
Update Kernel, U-Boot and ATF to TechNexion BSP, based on NXP
4.14.98_2.0.0 release.
This patch also remove BR2_TARGET_UBOOT_FORMAT_IMX in defconfig which
is not needed for this platform.
Signed-off-by: Julien Olivain <juju@cotds.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Sun, 15 Dec 2019 13:13:58 +0000 (14:13 +0100)]
package/solarus: disable tests
Set -DSOLARUS_TESTS=OFF to disable tests (option added in version 1.6.1
with:
https://gitlab.com/solarus-games/solarus/commit/
1829189c6050e36086b12c3806932e8657265467)
Reviewed-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Sun, 15 Dec 2019 13:13:57 +0000 (14:13 +0100)]
package/solarus: allow building with lua 5.1
Build with lua 5.1 has been fixed since version 1.6.1 and
https://gitlab.com/solarus-games/solarus/commit/
611f81a90d42692e986c78c67090541ffd1c5973
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[Thomas: keep a select BR2_PACKAGE_LUAJIT, but make it "if
!BR2_PACKAGE_LUA_5_1"]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Sun, 15 Dec 2019 13:13:56 +0000 (14:13 +0100)]
package/solarus: bump to version 1.6.2
Switch to gitlab to retrieve latest version
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Sat, 14 Dec 2019 11:38:17 +0000 (12:38 +0100)]
package/apitrace: needs wchar
apitrace uses its own version of gtest which depends on wchar since
version 8.0 and
https://github.com/apitrace/apitrace/commit/
85cf7c8b86129699246574dfeec846e88a3f88a2
Moreover, apitrace also uses wcslen in trace_writer.cpp since at least
version 8.0 and
https://github.com/apitrace/apitrace/commit/
5e9a2b11b248aaa2f6f353bbcf9f600d65bcaf51
Fixes:
- http://autobuild.buildroot.org/results/
5f27556ccc9daec578fe1bf2ed516ca9921ed474
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Sat, 14 Dec 2019 11:38:16 +0000 (12:38 +0100)]
package/apitrace: needs host-python3
apitrace needs host-python3 since version 9.0 and
https://github.com/apitrace/apitrace/commit/
0b8b019952f2668a5e8786cc2d331062b958f02e
Fixes:
- http://autobuild.buildroot.org/results/
5f27556ccc9daec578fe1bf2ed516ca9921ed474
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Peter Korsgaard [Mon, 16 Dec 2019 08:25:14 +0000 (09:25 +0100)]
package/python-validators: bump version to 0.14.1
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Peter Korsgaard [Mon, 16 Dec 2019 08:11:05 +0000 (09:11 +0100)]
package/jo: bump version to 1.3
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
James Hilliard [Mon, 26 Aug 2019 02:34:02 +0000 (20:34 -0600)]
package/pipewire: new package
PipeWire is a server and user space API to deal with multimedia
pipelines.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
[Thomas:
- further bump to 0.2.7
- select BR2_PACKAGE_DBUS instead of depending on it]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Sun, 15 Dec 2019 10:29:25 +0000 (11:29 +0100)]
package/jimtcl: bump to version 0.79
- Switch site from debian to github official mirror
- Add hash for license file
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Grzegorz Blach [Sun, 15 Dec 2019 15:23:24 +0000 (16:23 +0100)]
package/python-bluezero: Bump to version 0.3.0
Signed-off-by: Grzegorz Blach <grzegorz@blach.pl>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Nicolas Cavallari [Mon, 16 Dec 2019 11:53:59 +0000 (12:53 +0100)]
package/libgit2: security bump to version 0.28.4
Fixes the following CVE:
- CVE-2019-1351: Windows provides the ability to substitute
drive letters with arbitrary letters, including multi-byte
Unicode letters. To fix any potential issues arising from
interpreting such paths as relative paths, we have extended
detection of DOS drive prefixes to accomodate for such cases.
- CVE-2019-1352: by using NTFS-style alternative file streams for
the ".git" directory, it is possible to overwrite parts of the
repository. While this has been fixed in the past for Windows,
the same vulnerability may also exist on other systems that
write to NTFS filesystems. We now reject any paths starting
with ".git:" on all systems.
- CVE-2019-1353: by using NTFS-style 8.3 short names, it was
possible to write to the ".git" directory and thus overwrite
parts of the repository, leading to possible remote code
execution. While this problem was already fixed in the past for
Windows, other systems accessing NTFS filesystems are
vulnerable to this issue too. We now enable NTFS protecions by
default on all systems to fix this attack vector.
- CVE-2019-1354: on Windows, backslashes are not a valid part of
a filename but are instead interpreted as directory separators.
As other platforms allowed to use such paths, it was possible
to write such invalid entries into a Git repository and was
thus an attack vector to write into the ".git" dierctory. We
now reject any entries starting with ".git" on all systems.
libgit2 is not affected by these git CVE:
- CVE-2019-1348: the fast-import stream command "feature
export-marks=path" allows writing to arbitrary file paths.
- CVE-2019-1349: by using NTFS 8.3 short names, backslashes or
alternate filesystreams, it is possible to cause submodules to
be written into pre-existing directories during a recursive
clone using git.
- CVE-2019-1350: recursive clones may lead to arbitrary remote
code executing due to improper quoting of command line
arguments.
- CVE-2019-1387: it is possible to let a submodule's git
directory point into a sibling's submodule directory, which may
result in overwriting parts of the Git repository and thus lead
to arbitrary command execution. As libgit2 doesn't provide any
way to do submodule clones natively, it is not susceptible to
this vulnerability. Users of libgit2 that have implemented
recursive submodule clones manually are encouraged to review
their implementation for this vulnerability.
Signed-off-by: Nicolas Cavallari <nicolas.cavallari@green-communications.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Thomas Petazzoni [Mon, 16 Dec 2019 10:05:48 +0000 (11:05 +0100)]
configs/beaglebone: kernel builds needs host-openssl
Fixes:
514 scripts/extract-cert.c:21:25: fatal error: openssl/bio.h: No such file or directory
515 #include <openssl/bio.h>
Seen at:
https://gitlab.com/buildroot.org/buildroot/-/jobs/
378314247
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Bernd Kuhls [Sat, 31 Aug 2019 13:04:17 +0000 (15:04 +0200)]
package/libnice: add optional dependency to openssl
Support for OpenSSL was added in version 0.1.15:
https://lists.freedesktop.org/archives/nice/2018-December/001443.html
With the option of using OpenSSL as a crypto provider, we can't keep
GnuTLS as the default, because using:
select BR2_PACKAGE_GNUTLS if !BR2_PACKAGE_OPENSSL
causes a Kconfig circular dependency:
package/openssl/Config.in:4:error: recursive dependency detected!
package/openssl/Config.in:4: symbol BR2_PACKAGE_OPENSSL is selected by BR2_PACKAGE_GNUTLS
package/gnutls/Config.in:1: symbol BR2_PACKAGE_GNUTLS is selected by BR2_PACKAGE_OPENSSL
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
[Thomas: pass --with-crypto-library argument]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bernd Kuhls [Sat, 31 Aug 2019 13:04:16 +0000 (15:04 +0200)]
package/libnice: bump version to 0.1.16
Release notes:
https://lists.freedesktop.org/archives/nice/2018-December/001443.html
https://lists.freedesktop.org/archives/nice/2019-May/001444.html
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bernd Kuhls [Sun, 25 Aug 2019 18:16:20 +0000 (20:16 +0200)]
package/harfbuzz: bump version to 2.6.4
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
[Thomas:
- drop patch 0001-pool-Fix-alignment-assertion.patch, which is in
upstream commit
aade9b70aabd8a97dd8a28cda2cf4d0694dd7350, available
since version 2.6.0
- further bump to 2.6.4]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bernd Kuhls [Sun, 25 Aug 2019 17:24:12 +0000 (19:24 +0200)]
package/coreutils: bump version to 8.31
Added license hash.
Added patch to fix build error with uclibc.
Release notes:
https://lists.gnu.org/archive/html/coreutils/2019-03/msg00042.html
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Thomas Petazzoni [Mon, 16 Dec 2019 09:40:09 +0000 (10:40 +0100)]
configs/licheepi_zero: U-Boot needs pylibfdt
Like all Allwinner platforms, building the licheepi_zero U-Boot
configuration requires pylibfdt.
Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/
378314331
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Thomas Petazzoni [Mon, 16 Dec 2019 09:31:18 +0000 (10:31 +0100)]
board/pc/post-build.sh: fix typo in grub boot.img path
Commit
3468ef16fa55610bae3bacefaf816231a20cfab0
("configs/pc_x86_64_efi: use genimage GPT partition table support")
had a small typo on the path to grub boot.img file: i387-pc instead of
i386-pc, which causes a build failure.
Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/
378314412
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Alexandre PAYEN <alexandre.payen@smile.fr>
Cc: Carlos Santos <casantos@datacom.com.br>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Adrian Perez de Castro [Sun, 15 Dec 2019 18:42:46 +0000 (20:42 +0200)]
package/xdg-dbus-proxy: add patch to support building with musl
Import "0001-Fix-musl-compilation-by-adding-TEMP_FAILURE_RETRY.patch"
from the upstream repository, which allows building against the musl
libc (or any other which does not define the TEMP_FAILURE_RETRY macro).
The patch has been accepted upstream, but no releases have been made yet
which include the fix.
Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Adrian Perez de Castro [Sat, 14 Dec 2019 14:22:16 +0000 (16:22 +0200)]
package/wpewebkit: add option to enable sandboxing support
Add an option to enable WebKit's sandbox, which uses kernel
namespaces to isolate the processes used for Web content rendering
(WebKitWebProcess) and network/disk access (WebKitNetworkProcess).
The reason to have an option is that it needs additional dependencies
(bubblewrap, xdg-dbus-proxy, libseccomp), and that some users may
choose to deploy alternative solution (for example: putting all
of WebKit inside its own container, using systemd-nspawn or the
like).
Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
[Peter: select libseccomp]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Adrian Perez de Castro [Sun, 15 Dec 2019 18:54:01 +0000 (20:54 +0200)]
package/webkitgtk: select libseccomp when sandbox is enabled
Select BR2_PACKAGE_LIBSECCOMP when the sandboxing support is enabled
during configuration.
Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Sat, 14 Dec 2019 23:26:02 +0000 (00:26 +0100)]
package/tpm2-tools: bump to version 4.1
- Drop patch (already in version)
- Update hash of license file (copyrights retained since version 4.0 and
https://github.com/tpm2-software/tpm2-tools/commit/
e4b469724eaa6eff0a1ce3bce9fd2ab9e010cd3b)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[Peter: disable man pages build]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Sat, 14 Dec 2019 23:26:01 +0000 (00:26 +0100)]
package/tpm2-abrmd: bump to version 2.3.0
Drop dbus dependency as it is not needed since version 2.2.0 and
https://github.com/tpm2-software/tpm2-abrmd/commit/
c1d42c9ebefbfe36255603aca065944836c14610
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[Peter: use --disable-defaultflags and explicitly pass -std=c99]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
André Hentschel [Sun, 15 Dec 2019 11:58:01 +0000 (12:58 +0100)]
package/openal: switch to github mirror
Signed-off-by: André Hentschel <nerv@dawncrow.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Peter Korsgaard [Sun, 15 Dec 2019 10:02:33 +0000 (11:02 +0100)]
package/tpm2-totp: explicitly disable optional configure flags
Explicitly disable doxygen, plymouth, initramfstools and mkinitcpio support
as it is not needed / available in Buildroot.
Also use the new --disable-defaultflags option to ensure our compiler flags
are used rather than trying to disable -fstackprotector-all, similar to how
it is done in tpm2-tss.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Sat, 14 Dec 2019 23:26:00 +0000 (00:26 +0100)]
package/tpm2-totp: bump to version 0.2.0
Add patch to fix build failure with musl
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Sat, 14 Dec 2019 23:25:59 +0000 (00:25 +0100)]
package/tpm2-tss: bump to version 2.3.2
- Drop patch (already in version)
- Update hash of license file (SPDX ID has been removed with
https://github.com/tpm2-software/tpm2-tss/commit/
0dbc84ee45d0e4cd7eae528f53968f8877455aab)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[Peter: use --disable-defaultflags and explicitly pass -std=c99]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Sat, 14 Dec 2019 22:55:06 +0000 (23:55 +0100)]
package/libkrb5: needs host-pkgconf for libedit
host-pkgconf is needed to find libedit
Fixes:
- http://autobuild.buildroot.org/results/
45eee300788f46975d292b21eead97f9e9a8b5d8
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Sat, 14 Dec 2019 17:10:59 +0000 (18:10 +0100)]
package/libscrypt: add hash for license file
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Louis Aussedat [Mon, 9 Dec 2019 21:59:23 +0000 (22:59 +0100)]
package/libnfc: add sub-options to enable individual drivers
Until now, the arygon and pn53x_usb were unconditionally enabled, and
there were no options to choose other drivers. Therefore, we had
sub-options for each individual driver, keeping arygon and pn53x_usb
enabled by default to preserve backward compatibility.
Also, due to this, the BR2_TOOLCHAIN_HAS_THREADS dependency on the
libnfc package is no longer needed, and is only needed for some of the
sub-options.
Signed-off-by: Louis Aussedat <aussedat.louis@gmail.com>
[Thomas:
- drop the default ""
- remove the top-level HAS_THREADS dependency, and move it down to
the sub-options that need it
- improve commit log]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
James Hilliard [Wed, 11 Dec 2019 06:29:28 +0000 (23:29 -0700)]
package/python-aiozipkin: new package
Distributed tracing instrumentation for asyncio application
with zipkin.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
James Hilliard [Wed, 11 Dec 2019 06:18:34 +0000 (23:18 -0700)]
package/python-aiosignal: new package
aiosignal: a list of registered asynchronous callbacks.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
James Hilliard [Wed, 11 Dec 2019 06:18:33 +0000 (23:18 -0700)]
package/python-frozenlist: new package
A list-like structure which implements
collections.abc.MutableSequence.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
James Hilliard [Wed, 11 Dec 2019 02:30:50 +0000 (19:30 -0700)]
package/python-janus: new package
Mixed sync-async queue to interoperate between asyncio
tasks and classic threads.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
James Hilliard [Wed, 11 Dec 2019 02:24:11 +0000 (19:24 -0700)]
package/python-async-lru: new package
Simple lru_cache for asyncio.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
James Hilliard [Wed, 11 Dec 2019 02:13:14 +0000 (19:13 -0700)]
package/python-aiohttp-mako: new package
mako template renderer for aiohttp.web (http server for
asyncio).
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
James Hilliard [Wed, 11 Dec 2019 02:02:52 +0000 (19:02 -0700)]
package/python-aiohttp-debugtoolbar: new package
debugtoolbar for aiohttp.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
James Hilliard [Wed, 11 Dec 2019 01:51:43 +0000 (18:51 -0700)]
package/python-sockjs: new package
SockJS server implementation for aiohttp.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Peter Korsgaard [Fri, 13 Dec 2019 13:55:52 +0000 (14:55 +0100)]
package/glibc: bump version for post-2.30 security fixes
Fixes the following security vulnerability:
- CVE-2019-19126: ld.so failed to ignore the LD_PREFER_MAP_32BIT_EXEC
environment variable during program execution after a security
transition, allowing local attackers to restrict the possible mapping
addresses for loaded libraries and thus bypass ASLR for a setuid
program. Reported by Marcin Kościelnicki.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Sat, 14 Dec 2019 17:10:23 +0000 (18:10 +0100)]
package/python-subprocess32: add PYTHON_SUBPROCESS32_CONFIGURE_CMDS
Since commit
1745fcde740057951dcc5429f3bfabd103b764a1,
python-subprocess32 fails to build because it runs configure with
incorrect arguments so add a PYTHON_SUBPROCESS32_CONFIGURE_CMDS
Fixes:
- http://autobuild.buildroot.org/results/
dcf944129392ee6cacc106e096d8d3adfa4447bb
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Fri, 13 Dec 2019 22:23:46 +0000 (23:23 +0100)]
package/webrtc-audio-processing: needs host-pkgconf
configure fails if the pkgconfig.m4 macros are not available during
this package autoreconf:
./configure: line 11829: syntax error near unexpected token `GNUSTL,'
./configure: line 11829: ` PKG_CHECK_MODULES(GNUSTL, gnustl)'
Fixes:
- http://autobuild.buildroot.org/results/
9cbdfb76ea38864fce1acca88714c48c41c77255
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Fri, 13 Dec 2019 22:09:12 +0000 (23:09 +0100)]
package/ljsyscall: add hash for license file
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Fri, 13 Dec 2019 22:09:11 +0000 (23:09 +0100)]
package/ljsyscall: fix build with aarch64
luajit supports aarch64 since commit
2ca0accc21a090874ac6e97670b47153a1f0a0b5
However this raise a build failure with ljsyscall because aarch64
directory does not exist so use arm64 instead
Fixes:
- http://autobuild.buildroot.org/results/
3a0bd14349b3cab3e09d0b8b24ddab66dfab91ff
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Fri, 13 Dec 2019 22:04:52 +0000 (23:04 +0100)]
package/memtool: bump to version 2018.03.0
Add hash for license file
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Peter Korsgaard [Fri, 13 Dec 2019 15:27:31 +0000 (16:27 +0100)]
package/dialog: bump version to 1.3-
20191210
Fixes a number of regressions in 1.3-
20190808:
- Menu shadows are not longer (erroneously) drawn with --no-shadow
- Spaces in menu fields are now correctly handled on uClibc-ng
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Sat, 14 Dec 2019 11:00:36 +0000 (12:00 +0100)]
package/cups-filters: bump to version 1.26.0
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Sat, 14 Dec 2019 10:59:42 +0000 (11:59 +0100)]
package/cups: security bump to version 2.3.1
Fix CVE-2019-2228: The ippSetValuetag function did not validate the
default language value.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Sat, 14 Dec 2019 10:35:35 +0000 (11:35 +0100)]
package/polkit: needs C++11
polkit depends on spidermonkey since bump to version 0.116 in commit
ce2a5eff7890815afeb26105c7760b6f8d2986e0 however build fails with gcc 5:
/home/naourr/work/instance-0/output-1/host/opt/ext-toolchain/mips-linux-gnu/include/c++/5.3.0/bits/c++0x_warning.h:32:2: error: #error This file requires compiler and library support for the ISO C++ 2011 standard. This support is currently experimental, and must be enabled with the -std=c++11 or -std=gnu++11 compiler options.
#error This file requires compiler and library support for the \
^
polkitbackendjsauthority.cpp:223:13: warning: G_ADD_PRIVATE
PolkitBackendJsAuthorityPrivate);
^
In file included from /home/naourr/work/instance-0/output-1/host/bin/../mips64el-buildroot-linux-gnu/sysroot/usr/include/mozjs-60/js/RequiredDefines.h:32:0,
from <command-line>:0:
/home/naourr/work/instance-0/output-1/host/bin/../mips64el-buildroot-linux-gnu/sysroot/usr/include/mozjs-60/mozilla/Char16.h:136:15: error: 'char16_t' does not name a type
typedef const char16_t* char16ptr_t;
^
Fixes:
- http://autobuild.buildroot.org/results/
a7ea21a8e10f32239ee28f58331899912f232ca2
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Sat, 14 Dec 2019 09:02:29 +0000 (10:02 +0100)]
package/libp11: add host-pkgconf dependency for host variant
host-pkgconf is needed to find host-openssl
Fixes:
- http://autobuild.buildroot.org/results/
05adf424050cb56f74ae4106b3c9b61f8daff7d2
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Thomas Petazzoni [Fri, 13 Dec 2019 15:30:43 +0000 (16:30 +0100)]
package/gpsd: remove bogus select of BR2_PACKAGE_GPSD_NTP_SHM
In commit
57f85e52a7b29363e76735930bc1bb51a38718ac ("package/gpsd:
unconditionally enable NTP time hinting support"), the option
BR2_PACKAGE_GPSD_NTP_SHM was removed, because NTP time hinting support
is now enabled unconditionally.
However, in one place, a select of this option was kept, which is
obviously no longer needed.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Thomas Petazzoni [Fri, 13 Dec 2019 15:28:47 +0000 (16:28 +0100)]
package/openpowerlink: drop bogus select
There is no option BR2_PACKAGE_OPENPOWERLINK_PCAP_DAEMON, and we never
had any option named like this, so it seems like a leftover from
previous iterations of the openpowerlink patch series. Since the
option does not exist, the select doesn't do anything, and we can
simply drop it.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Thomas Petazzoni [Fri, 13 Dec 2019 15:25:45 +0000 (16:25 +0100)]
package/easy-rsa: select the appropriate option for openssl binary
Since openssl was converted to a virtual package,
BR2_PACKAGE_OPENSSL_BIN no longer exists: it was renamed to
BR2_PACKAGE_LIBOPENSSL_BIN, but easy-rsa was not changed accordingly.
easy-rsa needs to take into account the two providers of openssl, and
select the appropriate suboptions depending on which openssl
implementation was chosen.
Ideally, we would probably need a more elaborate option that ensures
easy-rsa doesn't have to know the details of which openssl
implementation is selected, but practically speaking with just two
providers of openssl at the moment, the proposed solution is good
enough.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Thomas Petazzoni [Fri, 13 Dec 2019 15:21:54 +0000 (16:21 +0100)]
package/syslog-ng: remove bogus select
The eventlog package was removed as part of commit
5e0b1f9c2386e9184256b10ca19a6a7e4f4865cc ("package/eventlog: remove
package"). It used to be a separate package, but it is now part of
syslog-ng itself, which is why the eventlog package was removed.
But commit
5e0b1f9c2386e9184256b10ca19a6a7e4f4865cc forgot to drop the
select BR2_PACKAGE_EVENTLOG, so let's fix this.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Thomas Petazzoni [Fri, 13 Dec 2019 15:12:28 +0000 (16:12 +0100)]
package/gstreamer1/gst1-plugins-bad: drop bogus select
BR2_PACKAGE_WEBRTC does not exist, and we already select
BR2_PACKAGE_WEBRTC_AUDIO_PROCESSING, which is the package really
needed by the webrtcdsp plugin.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Christian Kellermann [Fri, 13 Dec 2019 08:42:50 +0000 (09:42 +0100)]
package/python-pylibftdi: Fix LICENSE hash after 0.18.1 bump
Commit
dd90d40b5226 (package/python-pylibftdi: bump version to 0.18.1)
bumped the version of the package but failed to take into account the change
of copyright year in the license file:
-Copyright (c) 2010-2018 Ben Bass
+Copyright (c) 2010-2019 Ben Bass
Adjust the license file to match the new content.
Signed-off-by: Christian Kellermann <christian.kellermann@solectrix.de>
[Peter: extend commit message, add SOB]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Thomas Petazzoni [Fri, 13 Dec 2019 14:27:13 +0000 (15:27 +0100)]
package/python-pyasn-modules: select correct option
BR2_PACKAGE_PYASN does not exist, it is BR2_PACKAGE_PYTHON_PYASN that
should be selected.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Thomas Petazzoni [Fri, 13 Dec 2019 14:16:01 +0000 (15:16 +0100)]
package/efl: drop invalid select BR2_PACKAGE_XLIB_LIBXP
The option BR2_PACKAGE_XLIB_LIBXP does not exist, but is select by
efl/Config.in since the package was introduced. Since all xlib_*
dependency in the .mk file each have a corresponding select in the
Config.in file, we simply drop this bogus dependency.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Adrian Perez de Castro [Fri, 20 Sep 2019 15:31:06 +0000 (18:31 +0300)]
package/webkitgtk: add option to enable sandboxing support
Add an option to enable WebKit's sandbox, which uses kernel
namespaces to isolate the processes used for Web content rendering
(WebKitWebProcess) and network/disk access (WebKitNetworkProcess).
The reason to have an option is that it needs additional dependencies
(bubblewrap, xdg-dbus-proxy, libseccomp), and that some users may
choose to deploy alternative solutions (for example: putting all
of WebKit inside its own container, using systemd-nspawn or the
like).
Patch "0002-GTK-WPE-Do-not-run-the-Bubblewrap-executable-when-co.patch"
is imported from upstream, as it is needed to avoid trying to run
the "bwrap" command from the target during cross-compilation.
Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Peter Seiderer [Mon, 9 Dec 2019 20:52:24 +0000 (21:52 +0100)]
package/pango: add dependency on libfribidi
Since commit
5cce413eb11ac75f5c48ed351896c5d1c33961d5 ("package/pango:
bump to version 1.44.6"), pango needs libfribidi. Through the Meson
subprojects mechanism, it tries to download it by itself if not
available. But in Buildroot, we definitely want to use the separate
libfribidi package, so let's add it as a dependency of pango.
Fixes:
http://autobuild.buildroot.net/results/
f16fda910da23dfe5f8ac1cb51f9dbcec444b516
subprocess.CalledProcessError: Command '['git', 'clone', 'https://github.com/fribidi/fribidi.git', 'fribidi']' returned non-zero exit status 128.
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Peter Seiderer [Mon, 9 Dec 2019 20:52:23 +0000 (21:52 +0100)]
package/libfribidi: enable host build
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Aleksander Morgado [Thu, 12 Dec 2019 09:14:57 +0000 (10:14 +0100)]
package/libqmi: bump to version 1.24.2
Signed-off-by: Aleksander Morgado <aleksander@aleksander.es>
Tested-by: Carlos Santos <unixmania@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Adrian Perez de Castro [Fri, 20 Sep 2019 15:31:05 +0000 (18:31 +0300)]
package/xdg-dbus-proxy: new package
xdg-dbus-proxy is a filtering proxy for D-Bus connections, which can
be used to limit access to a set of services. Typically it is used in
combination with containers to provide them with access to certain
services running outside the container.
https://github.com/flatpak/xdg-dbus-proxy
Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
[Peter: license is LGPL-2.1+]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabio Estevam [Thu, 12 Dec 2019 13:24:37 +0000 (10:24 -0300)]
configs/imx7d-sdb: bump U-Boot and kernel versions
Bump kernel to 5.4.1 version and U-Boot to 2019.10.
Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Paul Cercueil [Thu, 12 Dec 2019 17:18:59 +0000 (18:18 +0100)]
package/sdl_mixer: prefer tremor over libvorbis
When Tremor is enabled, configure SDL_mixer to use this Vorbis decoding
library instead of libvorbis. Since Tremor does fixed-point math, it is
safe to assume that if it's enabled then it is faster than libvorbis on
the target architecture.
Signed-off-by: Paul Cercueil <paul@crapouillou.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
James Hilliard [Thu, 12 Dec 2019 14:05:55 +0000 (07:05 -0700)]
package/python-multidict: bump to version 4.7.1
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Aleksander Morgado [Thu, 12 Dec 2019 14:01:47 +0000 (15:01 +0100)]
package/modem-manager: bump to version 1.12.2
Signed-off-by: Aleksander Morgado <aleksander@aleksander.es>
Tested-by: Carlos Santos <unixmania@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Thomas Petazzoni [Thu, 12 Dec 2019 20:24:35 +0000 (21:24 +0100)]
Revert "support/download/git: rename local refs to avoid confusing Git warning"
This reverts commit
6f35d967564863ab150eabf32ca462889bf1e049.
Repeat after me: on the master branch you will not work. On the master
branch you will not work.
This definitely shouldn't have been pushed. Sorry about that.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Jan Kotas [Tue, 3 Dec 2019 09:18:15 +0000 (04:18 -0500)]
boot/boot-wrapper-aarch64: add gicv3 support
This patch adds support for GICv3 (such as GIC-500).
Signed-off-by: Jan Kotas <jank@cadence.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Jan Kotas [Tue, 3 Dec 2019 09:18:14 +0000 (04:18 -0500)]
boot/boot-wrapper-aarch64: improve dtb handling
This patch improves the DTB handling, using a parameter
in more recent versions of the bootwrapper.
Signed-off-by: Jan Kotas <jank@cadence.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Jan Kotas [Tue, 3 Dec 2019 09:18:13 +0000 (04:18 -0500)]
boot/boot-wrapper-aarch64: bump version
This patch bumps the bootwrapper version to the latest.
Signed-off-by: Jan Kotas <jank@cadence.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Thomas Petazzoni [Thu, 12 Dec 2019 14:39:29 +0000 (15:39 +0100)]
support/download/git: rename local refs to avoid confusing Git warning
Running "git fetch origin ${cset}:${cset}" to create a local ref
${cset} from the remote ref ${cset} causes Git to issue a warning like
the below, when the version is a full commit hash:
===
warning: refname '
49eb4ecb1ef9879ebc6789a1bdb536ab2b1d9871' is ambiguous.
Git normally never creates a ref that ends with 40 hex characters
because it will be ignored when you just specify 40-hex. These refs
may be created by mistake. For example,
git switch -c $br $(git rev-parse ...)
where "$br" is somehow empty and a 40-hex ref is created. Please
examine these refs and maybe delete them. Turn this message off by
running "git config advice.objectNameWarning false"
===
This warning is very confusing for users, and is caused by the fact
that Git doesn't like our local ref name to look like a commit hash.
So, this commit proposes to fix the issue by having the local ref
named buildroot-${cset}, i.e
buildroot-${version-specified-by-the-package}.
The generated tarballs are exactly identical, nothing changes, it is
really just internally the local ref we are using to checkout the
correct version that is different. And it avoids the confusing
warning.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Mon, 9 Dec 2019 22:27:45 +0000 (23:27 +0100)]
package/dante: add optional libminiupnpc dependency
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Mon, 9 Dec 2019 22:27:44 +0000 (23:27 +0100)]
package/dante: remove --without-pam
--without-pam was wrongly put back when next was merged into master for
2019.02 in commit
13c43455a05b (Merge branch 'next')
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[Peter: mention next merge]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Christian Kellermann [Tue, 10 Dec 2019 10:43:12 +0000 (11:43 +0100)]
package/python-pylibftdi: bump version to 0.18.1
Signed-off-by: Christian Kellermann <christian.kellermann@solectrix.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
James Hilliard [Wed, 11 Dec 2019 01:37:38 +0000 (18:37 -0700)]
package/python-aiologstash: new package
asyncio-compatible logstash logging handler.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
James Hilliard [Wed, 11 Dec 2019 01:37:37 +0000 (18:37 -0700)]
package/python-logstash: new package
Python logging handler for Logstash.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Thomas Petazzoni [Tue, 10 Dec 2019 22:10:22 +0000 (23:10 +0100)]
package/libuio: add missing dependency on host-pkgconf
configure fails if the pkgconfig.m4 macros are not available during
this package autoreconf:
./configure: line 12003: syntax error near unexpected token `PKGCONF,'
./configure: line 12003: ` PKG_CHECK_MODULES(PKGCONF, glib-2.0)
Fixes:
http://autobuild.buildroot.net/results/
9be944e35090bf270fbc9572423466be9af7b1f2/
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Thomas Petazzoni [Wed, 11 Dec 2019 12:25:00 +0000 (13:25 +0100)]
package/pkg-generic.mk, support/scripts/fix-rpath: fix per-package regexp
Commit
c4e6d5c8be6ada8e7c60950e3b499c55d48761cb ("core: implement
per-package SDK and target") had a mistake on the regexp that is used
to match $(PER_PACKAGE_DIR)/<something>/, and due to this, the regexp
was never matched.
The + sign in [^/]+ which was suggested by Yann E. Morin during the
review of the per-package patch series (instead of [^/]*) needs to be
escaped to be taken into account correctly. Without this, the regexp
doesn't match, and the replacement is not done, causing:
(1) For the libtool fixup in pkg-generic.mk, the lack of replacement
causes libtool .la files to not be tweaked as expected, which it
turn causes build failures reported by the autobuilder.
(2) For the fix-rpath, the RPATH of host binaries in the SDK were not
correct.
Interestingly, we have the same regexp in
support/scripts/check-host-rpath, but here the + sign does not need to
be escaped.
Fixes:
http://autobuild.buildroot.net/results/
d4d996f3923699e266afd40cc7180de0f7257d99/ (libsvg-cairo)
http://autobuild.buildroot.net/results/
56330f86872f67a2ce328e09b4c7b12aa835a432/ (bind)
http://autobuild.buildroot.net/results/
9e0fc42d2c9f856b92954b08019b83ce668ef289/ (ibrcommon)
and probably a number of other similar issues
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Marcus Folkesson [Wed, 11 Dec 2019 20:27:16 +0000 (21:27 +0100)]
package/libostree: bump to version 2019.6
Signed-off-by: Marcus Folkesson <marcus.folkesson@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Peter Korsgaard [Wed, 11 Dec 2019 11:18:36 +0000 (12:18 +0100)]
package/git: security bump to version 2.24.1
Fixes the following security vulnerabilities:
* CVE-2019-1348:
The --export-marks option of git fast-import is exposed also via
the in-stream command feature export-marks=... and it allows
overwriting arbitrary paths.
* CVE-2019-1349:
When submodules are cloned recursively, under certain circumstances
Git could be fooled into using the same Git directory twice. We now
require the directory to be empty.
* CVE-2019-1350:
Incorrect quoting of command-line arguments allowed remote code
execution during a recursive clone in conjunction with SSH URLs.
* CVE-2019-1351:
While the only permitted drive letters for physical drives on
Windows are letters of the US-English alphabet, this restriction
does not apply to virtual drives assigned via subst <letter>:
<path>. Git mistook such paths for relative paths, allowing writing
outside of the worktree while cloning.
* CVE-2019-1352:
Git was unaware of NTFS Alternate Data Streams, allowing files
inside the .git/ directory to be overwritten during a clone.
* CVE-2019-1353:
When running Git in the Windows Subsystem for Linux (also known as
"WSL") while accessing a working directory on a regular Windows
drive, none of the NTFS protections were active.
* CVE-2019-1354:
Filenames on Linux/Unix can contain backslashes. On Windows,
backslashes are directory separators. Git did not use to refuse to
write out tracked files with such filenames.
* CVE-2019-1387:
Recursive clones are currently affected by a vulnerability that is
caused by too-lax validation of submodule names, allowing very
targeted attacks via remote code execution in recursive clones.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Paul Cercueil [Mon, 9 Dec 2019 19:15:54 +0000 (20:15 +0100)]
SDL_mixer: Add support for libmodplug
Add support for playing back tracker modules using libmodplug.
Signed-off-by: Paul Cercueil <paul@crapouillou.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Giulio Benetti [Mon, 9 Dec 2019 22:31:14 +0000 (23:31 +0100)]
package/sunxi-mali-mainline-driver: bump version
For A64 frequency stability.
git shortlog --invert-grep --grep=travis --no-merges
a5e38ca3f05f0f74fdd5e85a711c964383ad23df..
Vasily Khoruzhick (1):
Set GPU clock to 432MHz on A64
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Louis Aussedat [Mon, 9 Dec 2019 21:59:22 +0000 (22:59 +0100)]
package/python-tqdm: bump to version 4.40.1
Signed-off-by: Louis Aussedat <aussedat.louis@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Louis Aussedat [Mon, 9 Dec 2019 21:59:21 +0000 (22:59 +0100)]
configs/friendlyarm_nanopi_neo_plus2: use an extlinux instead of boot.cmd
This remove the file boot.cmd to use an extlinux.conf instead.
Signed-off-by: Louis Aussedat <aussedat.louis@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Peter Seiderer [Mon, 9 Dec 2019 20:04:53 +0000 (21:04 +0100)]
gst-omx: bump version to 1.16.2
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Peter Seiderer [Mon, 9 Dec 2019 20:04:52 +0000 (21:04 +0100)]
gstreamer1-editing-services: bump version to 1.16.2
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Peter Seiderer [Mon, 9 Dec 2019 20:04:51 +0000 (21:04 +0100)]
gst1-rtsp-server: bump version to 1.16.2
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Peter Seiderer [Mon, 9 Dec 2019 20:04:50 +0000 (21:04 +0100)]
gst1-vaapi: bump version to 1.16.2
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Peter Seiderer [Mon, 9 Dec 2019 20:04:49 +0000 (21:04 +0100)]
gst1-libav: bump version to 1.16.2
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Peter Seiderer [Mon, 9 Dec 2019 20:04:48 +0000 (21:04 +0100)]
gst1-validate: bump version to 1.16.2
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Peter Seiderer [Mon, 9 Dec 2019 20:04:47 +0000 (21:04 +0100)]
gst1-plugins-ugly: bump version to 1.16.2
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Peter Seiderer [Mon, 9 Dec 2019 20:04:46 +0000 (21:04 +0100)]
gst1-plugins-bad: bump version to 1.16.2
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Peter Seiderer [Mon, 9 Dec 2019 20:04:45 +0000 (21:04 +0100)]
gst1-plugins-good: bump version to 1.16.2
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>