Peter Korsgaard [Mon, 9 Mar 2020 14:17:09 +0000 (15:17 +0100)]
Merge branch 'next'
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Peter Korsgaard [Mon, 9 Mar 2020 09:36:20 +0000 (10:36 +0100)]
Kickoff 2020.05 cycle
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Peter Korsgaard [Mon, 9 Mar 2020 09:32:51 +0000 (10:32 +0100)]
docs/website/news.html: add 2020.02 announcement link
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Thomas Petazzoni [Sun, 8 Mar 2020 21:27:33 +0000 (22:27 +0100)]
package/bearssl: fix BR2_SHARED_STATIC_LIBS case
Reported-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Peter Korsgaard [Sun, 8 Mar 2020 21:23:03 +0000 (22:23 +0100)]
Update for 2020.02
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Peter Seiderer [Sun, 8 Mar 2020 16:51:49 +0000 (17:51 +0100)]
package/ser2net: fix gensio detection with openssl enabled and static
Add openssl linker flags via LIBS to fix configure gensio
library detection.
Fixes:
http://autobuild.buildroot.net/results/
66e0d3e0a2a8dc5a62c267d16a53216f0f2ce8dd
checking gensio/gensio.h usability... yes
checking gensio/gensio.h presence... yes
checking for gensio/gensio.h... yes
checking for str_to_gensio in -lgensio... no
configure: error: libgensio won't link, please install gensio dev package
The build/ser2net-4.1.1/config.log files states:
.../arm-buildroot-linux-uclibcgnueabi/bin/ld: .../host/arm-buildroot-linux-uclibcgnueabi/sysroot/usr/lib/libgensio.a(gensio_filter_ssl.o): in function `gensio_do_ssl_init':
gensio_filter_ssl.c:(.text+0x34): undefined reference to `OPENSSL_init_ssl'
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Sun, 8 Mar 2020 19:47:47 +0000 (20:47 +0100)]
package/gr-osmosdr: disable documentation
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Adrien Grassein [Sun, 8 Mar 2020 18:35:35 +0000 (19:35 +0100)]
package/qemu: Fix a regression in semihosting
The Buildroot's gitlab testing infra reported a build issue
with the qemu_arm_vexpress_tz_defconfig due to host-python3
modules issues [1]. Thoses issues has been fixed by the
previous patch.
But the defconfig doesn't boot with the current master
(2020.02-rc3).
It turn out that is an Qemu 4.2.0 regression that was
fixed upstream by [2]. This issue was found by using
git bisect old/new.
Fixes:
$ ../host/bin/qemu-system-arm -machine virt -machine secure=on -cpu cortex-a15 -smp 1 -s -m 1024 -d unimp -serial stdio -netdev user,id=vmnic -device virtio-net-device,netdev=vmnic -semihosting-config enable,target=native -bios bl1.bin
NOTICE: Booting Trusted Firmware
NOTICE: BL1: v2.0(release):
2020.02-rc3-43-g9abf171ea6
NOTICE: BL1: Built : 12:44:52, Mar 8 2020
ERROR: Failed to load BL2 firmware.
After fixing host-python3 issue from [1]
[1] https://gitlab.com/buildroot.org/buildroot/-/jobs/
456818689
[2] https://github.com/qemu/qemu/commit/
21bf9b06cb6d07c6cc437dfd47b47b28c2bb79db
Signed-off-by: Adrien Grassein <adrien.grassein@smile.fr>
[Romain:
- improve commit log
- add upstream link
]
Signed-off-by: Romain Naour <romain.naour@smile.fr>
Cc: Etienne Carriere <etienne.carriere@linaro.org>
Cc: Gerome Burlats <gerome.burlats@smile.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Romain Naour [Sun, 8 Mar 2020 18:35:33 +0000 (19:35 +0100)]
package/optee-test: add upstream patch to work with python 3.x
Fixes:
TypeError: cannot use a str to initialize an array with typecode 'B'
File "../../scripts/file_to_c.py", line 32, in main
for x in array.array("B", inf.read()):
for x in array.array("B", inf.read()):
TypeError: cannot use a str to initialize an array with typecode 'B'
TypeError: cannot use a str to initialize an array with typecode 'B'
Signed-off-by: Romain Naour <romain.naour@smile.fr>
[Peter: reword commit message]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Romain Naour [Sun, 8 Mar 2020 18:35:32 +0000 (19:35 +0100)]
configs/qemu_arm_vexpress_tz_defconfig: optee needs host-python3 w/ modules
optee-os needs host-python-pycrypto build for python3. The only way we can
force building host-python modules for python3 is to select python3 package
for the target.
Since we want to avoid adding more host-python3-<modules>
(host-python-pycrypto host-python-pyelftools), select python3 package
even if it's not used.
This problem will be fixed as soon as python2 is removed.
Fixes:
File "scripts/pem_to_pub_c.py", line 24, in main
from Crypto.PublicKey import RSA
ImportError: No module named 'Crypto'
https://gitlab.com/buildroot.org/buildroot/-/jobs/
456818689
Signed-off-by: Romain Naour <romain.naour@smile.fr>
Cc: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Sun, 8 Mar 2020 18:09:54 +0000 (19:09 +0100)]
package/openvmtools: fix musl build with libfuse
Fixes:
- http://autobuild.buildroot.org/results/
4eba7c4585d318efdb9b965d58d879426588aa14
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Sun, 8 Mar 2020 17:37:37 +0000 (18:37 +0100)]
package/openjdk-bin: fix install
Create $(HOST_DIR)/bin and $(HOST_DIR)/lib otherwise build can fail on:
cp -dpfr /home/buildroot/autobuild/instance-2/output-1/build/host-openjdk-bin-13.0.2_8/bin/* /home/buildroot/autobuild/instance-2/output-1/per-package/host-openjdk-bin/host/bin/
cp: target '/home/buildroot/autobuild/instance-2/output-1/per-package/host-openjdk-bin/host/bin/' is not a directory
package/pkg-generic.mk:276: recipe for target '/home/buildroot/autobuild/instance-2/output-1/build/host-openjdk-bin-13.0.2_8/.stamp_host_installed' failed
make: *** [/home/buildroot/autobuild/instance-2/output-1/build/host-openjdk-bin-13.0.2_8/.stamp_host_installed] Error 1
Fixes:
- http://autobuild.buildroot.org/results/
28bcec0d28003c2784b6cd27039099c65bac3b96
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Peter Seiderer [Sun, 8 Mar 2020 17:18:04 +0000 (18:18 +0100)]
package/qt5base: fix double-conversion compile for nios2
Add double-conversion upstream patch to enable compile for nios2.
Fixes:
http://autobuild.buildroot.net/results/
19881951a328ff4df82b5753a23219eb634e86df
../3rdparty/double-conversion/include/double-conversion/utils.h:114:2: error: #error Target architecture was not detected as supported by Double-Conversion.
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Sun, 8 Mar 2020 17:05:56 +0000 (18:05 +0100)]
package/php: fix build without zlib
Build will fail if zlib is not found and mysqlnd compression support
is not disabled since version 7.4.1 and
https://github.com/php/php-src/commit/
ee4295b4ce421003c2e1d2af98066826deb23319
Fixes:
- http://autobuild.buildroot.org/results/
9496d81437dba55d22a03762dcfe60d632115ab5
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Max Filippov [Fri, 6 Mar 2020 03:58:03 +0000 (19:58 -0800)]
package/binutils: fix assertion failure in xtensa ld
xtensa ld fails with the following message
ld: BFD (GNU Binutils) 2.31.1 internal error, aborting at
elf32-xtensa.c:3283 in elf_xtensa_finish_dynamic_sections
during domoticz package build. It happens because of mismatch between
the size allocated for dynamic relocations in the executable image and
the number of PLT relocations actually written to the image. The
mismatch is caused by the fact that undefined weak symbol is treated as
dynamic (and thus needing PLT relocation), but xtensa linker not
expecting that.
Fixes: http://autobuild.buildroot.net/results/7885705f1b1c0f31cf21b464150f5509929c1906/
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Backported from:
e15a8da9c71336b06cb5f2706c3f6b7e6ddd95a3
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Chris Packham [Fri, 6 Mar 2020 01:04:28 +0000 (14:04 +1300)]
package/pppd: Add upstream security fix for CVE-2020-8597
Apply patch from upstream and set PPPD_INGORE_CVES appropriately.
Signed-off-by: Chris Packham <judge.packham@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Thu, 27 Feb 2020 17:47:10 +0000 (18:47 +0100)]
package/ortp: bump to version 4.3.1
- License is GPL-3.0+ since version 4.3.0 and
https://gitlab.linphone.org/BC/public/ortp/commit/
6b925368588ce0fc64a9762dbe86041151e8450a
- Switch to cmake-package
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Thu, 27 Feb 2020 17:47:09 +0000 (18:47 +0100)]
package/bctoolbox: bump to version 4.3.1
- Refresh patch
- libiconv is needed without locale since version 4.3.0 and
https://github.com/BelledonneCommunications/bctoolbox/commit/
d5713996c2ae100594ebf319c54d95297b02a2e1
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Thu, 27 Feb 2020 16:30:42 +0000 (17:30 +0100)]
package/bearssl: new package
BearSSL is an implementation of the SSL/TLS protocol (RFC 5246) written
in C
https://bearssl.org
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Giulio Benetti [Thu, 27 Feb 2020 11:02:40 +0000 (12:02 +0100)]
package/libnss: fix PowerPC build failure
NSS assumes <sys/auvx.h> is always present but that's not true, so add a
patch to check if it exists or not.
Fixes:
http://autobuild.buildroot.net/results/
425ba828d30c2bd55ce9f4f00e67bc10d9de2867/
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
James Hilliard [Thu, 27 Feb 2020 10:59:00 +0000 (03:59 -0700)]
package/python-httplib2: bump to version 0.17.0
PKG-INFO hash change is due to version bump.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
James Hilliard [Mon, 2 Mar 2020 14:35:16 +0000 (07:35 -0700)]
package/opencv3: bump to version 4.2.0
We need to set -DPROTOBUF_UPDATE_FILES=ON otherwise our protobuf
headers will be incompatible.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
James Hilliard [Sun, 8 Mar 2020 09:39:58 +0000 (03:39 -0600)]
package/systemd: add userdb support
systemd-userdbd is a system service that multiplexes user/group lookups
to all local services that provide JSON user/group record definitions
to the system. In addition it synthesizes JSON user/group records from
classic UNIX/glibc NSS user/group records in order to provide full
backwards compatibility.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
James Hilliard [Sun, 8 Mar 2020 09:16:40 +0000 (03:16 -0600)]
package/systemd: add repart support
systemd-repart grows and adds partitions to a partition table, based on
the configuration files described in repart.d.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
James Hilliard [Sun, 8 Mar 2020 08:41:31 +0000 (01:41 -0700)]
package/systemd: add dns-over-tls support
Set default-dns-over-tls to opportunistic when dns-over-tls is enabled
as it should be fully backwards compatible. The DNSOverTLS config in
resolved.conf can be used to override default-dns-over-tls.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
James Hilliard [Fri, 6 Mar 2020 23:25:01 +0000 (16:25 -0700)]
package/ser2net: S50ser2net: alsoc heck for new config file format
When running ser2net it looks for config files in the legacy conf
format and the new yaml format so we need to allow either in the
sysv init script.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Peter Korsgaard [Sun, 8 Mar 2020 13:57:27 +0000 (14:57 +0100)]
CHANGES: update with recent changes
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Sat, 7 Mar 2020 23:27:35 +0000 (00:27 +0100)]
package/proftpd: add mod_cap option
Add an option to enable or disable mod_cap and select libcap accordingly
instead of using bundled libcap which raise a build failure with headers
< 4.3 due to PR_CAP_AMBIENT and will be removed in version 1.3.7:
https://github.com/proftpd/proftpd/commit/
8c845703fcf2c7978614784126bd074ffc4477f9
Fixes:
- http://autobuild.buildroot.org/results/
4d680d8204bdf1f3deec2c3eeb9a2d9e6eabe4d5
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Carlos Santos [Sun, 8 Mar 2020 03:21:28 +0000 (00:21 -0300)]
package/spidermonkey: do not build the JavaScript shell, by default
Add a configuration to enable the JavaScript shell (default off). So
far only libmozjs is required (by polkit) and the shell takes around
24MiB.
Signed-off-by: Carlos Santos <unixmania@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Sun, 8 Mar 2020 10:02:14 +0000 (11:02 +0100)]
package/libvncserver: fix jpeg build without png or zlib
Fixes:
- http://autobuild.buildroot.org/results/
bcc701055dd5876005fa6f78f38500399394cd75
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Alexey Lukyanchuk [Wed, 4 Mar 2020 07:21:02 +0000 (10:21 +0300)]
package/cups: store web-interface files under /usr/share/cups/doc-root
The web-interface files (~1.8MB) are by default installed under
/usr/share/doc/cups, which is unfortunate as Buildroot removes usr/share/doc
in target-finalize, breaking the webui.
As a fix, store the web-interface files under /usr/share/cups/doc-root,
similar to how it is done in Debian.
Signed-off-by: Alexey Lukyanchuk <skif@skif-web.ru>
[Peter: use --with-docdir, update description]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Sun, 23 Feb 2020 11:54:42 +0000 (12:54 +0100)]
package/bash: fix uclibc build without wchar
Fixes:
- http://autobuild.buildroot.org/results/
298fb9c785e137bff432dd304eb56986e54ce3ed
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Sat, 7 Mar 2020 19:06:29 +0000 (20:06 +0100)]
package/piglit: fix GL tests
Fixes:
- http://autobuild.buildroot.org/results/
3355e4dc02b07ccfd9fe9b5cafb70c01fc88c158
Add an upstream patch to ensure tests needing GLESv3 are only built when
that is available.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Peter Seiderer [Sat, 7 Mar 2020 11:36:04 +0000 (12:36 +0100)]
package/libdrm: tests/amdgpu needs atomic_ops
Add patch to fix tests/amdpu dependency on atomic_ops.
Fixes:
http://autobuild.buildroot.net/results/
e29dae423f3f80d2c34dde9a125bd216a75ad1c0
FAILED: tests/amdgpu/amdgpu_test
.../host/bin/sparc-linux-gcc -o tests/amdgpu/amdgpu_test 'tests/amdgpu/
b9f2b1d@@amdgpu_test@exe/amdgpu_test.c.o' 'tests/amdgpu/
b9f2b1d@@amdgpu_test@exe/basic_tests.c.o' 'tests/amdgpu/
b9f2b1d@@amdgpu_test@exe/bo_tests.c.o' 'tests/amdgpu/
b9f2b1d@@amdgpu_test@exe/cs_tests.c.o' 'tests/amdgpu/
b9f2b1d@@amdgpu_test@exe/vce_tests.c.o' 'tests/amdgpu/
b9f2b1d@@amdgpu_test@exe/uvd_enc_tests.c.o' 'tests/amdgpu/
b9f2b1d@@amdgpu_test@exe/vcn_tests.c.o' 'tests/amdgpu/
b9f2b1d@@amdgpu_test@exe/deadlock_tests.c.o' 'tests/amdgpu/
b9f2b1d@@amdgpu_test@exe/vm_tests.c.o' 'tests/amdgpu/
b9f2b1d@@amdgpu_test@exe/ras_tests.c.o' 'tests/amdgpu/
b9f2b1d@@amdgpu_test@exe/syncobj_tests.c.o' -Wl,--as-needed -Wl,--no-undefined -Wl,-O1 -Wl,--start-group libdrm.so.2.4.0 amdgpu/libdrm_amdgpu.so.1.0.0 .../host/sparc-buildroot-linux-uclibc/sysroot/usr/lib/libcunit.so -Wl,--end-group -pthread '-Wl,-rpath,$ORIGIN/../..:$ORIGIN/../../amdgpu' -Wl,-rpath-link,.../build/libdrm-2.4.100/build/ -Wl,-rpath-link,.../build/li
bdrm-2.4.100/build/amdgpu
.../host/opt/ext-toolchain/bin/../lib/gcc/sparc-buildroot-linux-uclibc/8.3.0/../../../../sparc-buildroot-linux-uclibc/bin/ld: tests/amdgpu/
b9f2b1d@@amdgpu_test@exe/bo_tests.c.o: undefined reference to symbol 'AO_fetch_compare_and_swap_emulation'
.../host/opt/ext-toolchain/bin/../lib/gcc/sparc-buildroot-linux-uclibc/8.3.0/../../../../sparc-buildroot-linux-uclibc/bin/ld: .../host/sparc-buildroot-linux-uclibc/sysroot/usr/lib/libatomic_ops.so.1: error adding symbols: DSO missing from command line
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Thomas Petazzoni [Fri, 6 Mar 2020 10:38:39 +0000 (11:38 +0100)]
package/swupdate: do not store local build details in swupdate config file
The SWUPDATE_SET_BUILD_OPTIONS macro sets a number of swupdate
configuration options with local build details, especially the
cross-compiler path and sysroot path.
This means that if one stores an swupdate defconfig file as part of
Buildroot, generated with "make swupdate-update-defconfig", it will
contain things like:
CONFIG_CROSS_COMPILE="/home/thomas/projets/buildroot/output/host/bin/arm-linux-"
CONFIG_SYSROOT="/home/thomas/projets/buildroot/output/host/arm-buildroot-linux-uclibcgnueabi/sysroot"
which obviously are not good, as they are specific to where the build
was done.
So instead this commit:
- Uses the CROSS_COMPILE environment variable to pass the
cross-compiler path.
- Drops entirely the use of CONFIG_SYSROOT, since all it does is pass
a --sysroot option to the compiler, which is not needed in the
context of Buildroot.
- Pass EXTRA_CFLAGS/EXTRA_LDFLAGS also through the environment.
Thanks to that the swupdate defconfig file no longer contains any
local build details, and can be re-used by different users of a given
Buildroot configuration.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Peter Seiderer [Sat, 7 Mar 2020 09:54:48 +0000 (10:54 +0100)]
package/gst1-validate: disable introspection
- disable introspection unconditionally (as already done for all
other original gstreamer1 packages)
- use '=' instead of '+=' for the first usage of GST1_VALIDATE_CONF_OPTS
Fixes:
http://autobuild.buildroot.net/results/
e6e43fb85c71af9bb599ea8bbe2e805b392cf1ad
GEN GstValidate-1.0.gir
Couldn't find include 'GstPbutils-1.0.gir' (search path: '['/nvmedata/autobuild/instance-6/output-1/host/bin/../aarch64-buildroot-linux-gnu/sysroot/usr/bin/../share/gir-1.0', '/usr/share/gir-1.0', '/usr/share/gir-1.0', '/usr/share/gir-1.0', '/usr/share/gir-1.0', '/usr/share/gir-1.0', '/nvmedata/autobuild/instance-6/output-1/host/share', 'gir-1.0', '/nvmedata/autobuild/instance-6/output-1/host/share/gir-1.0', '/usr/share/gir-1.0']')
make[5]: *** [Makefile:1612: GstValidate-1.0.gir] Error 1
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Peter Seiderer [Fri, 6 Mar 2020 20:08:47 +0000 (21:08 +0100)]
package/libinput: bump version to 1.15.3
For details see [1].
[1] https://lists.freedesktop.org/archives/wayland-devel/2020-March/041288.html
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Sat, 7 Mar 2020 09:22:30 +0000 (10:22 +0100)]
package/thrift: disable qt4
host-thrift can fail if a broken Qt4 is found on host:
CMake Error in lib/cpp/CMakeLists.txt:
Imported target "Qt4::QtCore" includes non-existent path
"/nvmedata/autobuild/instance-4/output-1/host/usr/mkspecs/default"
in its INTERFACE_INCLUDE_DIRECTORIES. Possible reasons include:
* The path was deleted, renamed, or moved to another location.
* An install or uninstall procedure did not complete successfully.
* The installation package was faulty and references files it does not
provide.
Fixes:
- http://autobuild.buildroot.org/results/
57cad5313896c868e99b0b9534678f1c83a386f2
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Reviewed-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Petr Vorel [Fri, 28 Feb 2020 06:04:55 +0000 (07:04 +0100)]
package/connman: remove _GNU_SOURCE patch
Not needed any more.
Signed-off-by: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Petr Vorel [Thu, 27 Feb 2020 23:29:54 +0000 (00:29 +0100)]
package/connman: add iptables/nftables selection
This allows to use nftables instead of the default iptables.
Signed-off-by: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Petr Vorel [Thu, 27 Feb 2020 23:29:53 +0000 (00:29 +0100)]
package/connman: bump to 1.38
Signed-off-by: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Petr Vorel [Thu, 27 Feb 2020 23:29:52 +0000 (00:29 +0100)]
package/connman: re-organize configure options and dependencies
Use style typical for Buildroot.
Suggested-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Fri, 28 Feb 2020 08:44:35 +0000 (09:44 +0100)]
package/ruby: fix build on mips
Fixes:
- http://autobuild.buildroot.org/results/
d0ab5334f195a400a6d6dd6c49e3c1a2001b2b70
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Sat, 7 Mar 2020 10:00:07 +0000 (11:00 +0100)]
package/guile: fix build without makeinfo
Fixes:
- http://autobuild.buildroot.org/results/
9605aac6f760bfff190d0ab95fa50f65486ffe90
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
James Hilliard [Fri, 6 Mar 2020 20:47:19 +0000 (13:47 -0700)]
package/systemd: bump to version 245
Disabled new modules for now.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Sat, 7 Mar 2020 16:46:19 +0000 (17:46 +0100)]
package/erlang-p1-acme: needs C++
Fixes:
- http://autobuild.buildroot.org/results/
79310855f9a2abe569365ffd27e776f1a56dba2e
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Heiko Thiery [Sat, 7 Mar 2020 07:56:32 +0000 (08:56 +0100)]
support/scripts/pkg-stats: add list of status checks to the json output
Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Heiko Thiery [Sat, 7 Mar 2020 07:56:31 +0000 (08:56 +0100)]
support/scripts/pkg-stats: set status to 'na' for virtual packages
If there is no infra set or infra is virtual the status is set to 'na'.
This is done for the follwing checks:
- license
- license-files
- hash
- hash-license
- patches
- version
Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Heiko Thiery [Sat, 7 Mar 2020 07:56:29 +0000 (08:56 +0100)]
support/scripts/pkg-stats: add defconfig support
Scan configs directory and create Defconfig objects.
Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Heiko Thiery [Sat, 7 Mar 2020 07:56:28 +0000 (08:56 +0100)]
support/scripts/pkg-stats: store pkg dir path
This value can be used for later processing.
In the buildroot-stats application this is used to create links pointing
to the git repo of buildroot.
Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Heiko Thiery [Sat, 7 Mar 2020 07:56:27 +0000 (08:56 +0100)]
support/scripts/pkg-stats: add package count to stats
Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Heiko Thiery [Sat, 7 Mar 2020 07:56:26 +0000 (08:56 +0100)]
support/scripts/pkg-stats: add package status
Unify the status check information. The status is stored in a tuple. The
first entry is the status that can be 'ok', 'warning' or 'error'. The
second entry is a verbose message.
The following checks are performed:
- url: status of the URL check
- license: status of the license presence check
- license-files: status of the license file check
- hash: status of the hash file presence check
- patches: status of the patches count check
- pkg-check: status of the check-package script result
- developers: status if a package has developers in the DEVELOPERS file
- version: status of the version check
With that status information the following variables are replaced:
has_license, has_license_files, has_hash, url_status
Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Heiko Thiery [Sat, 7 Mar 2020 07:56:25 +0000 (08:56 +0100)]
support/scripts/pkg-stats: store licences of package
Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Heiko Thiery [Sat, 7 Mar 2020 07:56:24 +0000 (08:56 +0100)]
support/scripts/pkg-stats: set developers info
Use the function 'parse_developers' function from getdeveloperlib that
collect the information about the developers and the files they
maintain. Then set the maintainer(s) to each package.
Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Heiko Thiery [Sat, 7 Mar 2020 07:56:23 +0000 (08:56 +0100)]
support/scripts/pkg-stats: store patch files for the package
Remove the patch_count attribute and use a class property instead.
Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Heiko Thiery [Sat, 7 Mar 2020 07:56:22 +0000 (08:56 +0100)]
support/scripts/pkg-stats: store latest version in a dict
This patch changes the type of the latest_version variable to a dict.
This is for better readability/usability of the data. With this the json
output is more descriptive in later processing of the json output.
Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Titouan Christophe [Sun, 1 Mar 2020 21:25:28 +0000 (22:25 +0100)]
support/scripts/pkg-stats: clear multiprocessing pools after use
During the CVE checking phase, we can still see a huge amount of
Python processes (actually 128) running on the host, even though
the CVE step is entirely ran in the main thread.
These are actually the worker processes spawned to check for the
packages URL statuses and the latest versions from release-monitoring.
This is because of an issue in Python's multiprocessing implementation:
https://bugs.python.org/issue34172
The problem was already there before the CVE matching step was
introduced, but because pkg-stat was terminating right after the
release-monitoring step, it went unnoticed.
Also, do not hold a reference to the multiprocessing pool from
the Package class, as this is not needed.
Signed-off-by: Titouan Christophe <titouan.christophe@railnova.eu>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Titouan Christophe [Sun, 1 Mar 2020 21:18:48 +0000 (22:18 +0100)]
support/scripts/pkg-stats: decode subprocess output for python3
In Python 3, the functions from the subprocess module return bytes
(and no longer strings as in Python 2), which must be decoded for
further text operations.
Now, pkg-stats can be run in Python 3.
Signed-off-by: Titouan Christophe <titouan.christophe@railnova.eu>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Thomas Petazzoni [Tue, 18 Feb 2020 23:35:26 +0000 (00:35 +0100)]
support/scripts/pkg-stats: properly ignore CVEs in <pkg>_IGNORE_CVES
It seems like throughout the series that the CVE pkg-stats support
went through, the support for ignoring CVEs in the per-package
<pkg>_IGNORE_CVES variable was forgotten.
Let's re-introduce this, which is now very simple thanks to the CVE
class, its .identifier() propertly and the .is_cve_ignored() method of
the Package class
Cc: Titouan Christophe <titouan.christophe@railnova.eu>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Peter Seiderer [Mon, 2 Mar 2020 10:40:47 +0000 (11:40 +0100)]
package/bcm2835: bump version to 1.62
Changelog (since 1.60):
- 1.61 2020-01-11 Fixed errors in the documentation for bcm2835_spi_write.
Fixes issue seen on Raspberry Pi 4 boards where 64-bit off_t is used by
default via -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64. The offset was
being incorrectly converted, this way is clearer and fixes the problem.
Contributed by Jonathan Perkin.
- 1.62 2020-01-12 Fixed a problem that could cause compile failures with
size_t and off_t
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Mark Corbin [Mon, 2 Mar 2020 14:02:50 +0000 (14:02 +0000)]
boot/opensbi: bump to version 0.6
Tested with qemu_riscv32_virt_defconfig and
qemu_riscv64_virt_defconfig using Buildroot host-qemu 4.2.0.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Peter Seiderer [Tue, 3 Mar 2020 16:58:48 +0000 (17:58 +0100)]
package/gstreamer1/gstreamer1: update tools comment
The tools option installs more than gst-launch and gst-inspect, so
simplify its prompt to just "install tools", and update the Config.in
help text. While at it, we list them alphabetically.
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Peter Seiderer [Tue, 3 Mar 2020 16:47:02 +0000 (17:47 +0100)]
package/gstreamer1/gst1-plugins-base: add tools option
Add tools option to disable building/installing of gst-discoverer,
gst-device-monitor and gst-play command line tools (similar to
BR2_PACKAGE_GSTREAMER1_INSTALL_TOOLS).
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Eugen Hristev [Tue, 3 Mar 2020 09:00:52 +0000 (11:00 +0200)]
package/fswebcam: bump to latest version
Bump to latest git version.
Signed-off-by: Eugen Hristev <eugen.hristev@microchip.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Maeva Manuel [Wed, 4 Mar 2020 16:14:27 +0000 (17:14 +0100)]
configs/freescale_imx8qmmek: new defconfig
This patch documents the Buildroot support for the NXP i.MX8QM MEK board.
You will find a reference to the board on nxp.com:
https://www.nxp.com/design/development-boards/i.mx-evaluation-and-development-boards/i.mx-8quadmax-multisensory-enablement-kit-mek:MCIMX8QM-CPU
You can also find the get started guide here:
https://www.nxp.com/document/guide/get-started-with-the-i.mx-8quadmax-mek:GS-iMX-8QM-MEK
Signed-off-by: Maeva Manuel <maeva.manuel@oss.nxp.com>
Tested-by: Julien Olivain <julien.olivain@oss.nxp.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Maeva Manuel [Wed, 4 Mar 2020 16:14:26 +0000 (17:14 +0100)]
package/freescale-imx/firmware-imx: add support for i.MX8QM
Signed-off-by: Maeva Manuel <maeva.manuel@oss.nxp.com>
Tested-by: Julien Olivain <julien.olivain@oss.nxp.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Peter Seiderer [Mon, 2 Mar 2020 15:09:07 +0000 (16:09 +0100)]
package/libevdev: convert to meson
- drop legacy patch 0001-configure-add-disable-runtime-tests-option.patch
and use -Dtests=disabled instead
- drop host-pkgconf dependency as pkgconf is only used in case tests
are enabled to find the check package (checked via meson output -
no 'Found pkg-config' - and via strace)
- update host-python dependency to host-python3 as the script
libevdev/make-event-names.py which is used to generate the
header file event-names.h is updated to python3:
'#!/usr/bin/env python3'
This made no difference with autotools build as the script
was called with '$(PYTHON) libevdev/make-event-names.py'.
We use BR2_PYTHON3_HOST_DEPENDENCY instead of depending on
host-python3, to use any available Python 3.x interpreter on the
build machine instead of building our own, if possible.
- add patch to fix tools compile with older toolchains adding
the local include path (only the meson build is affected)
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Peter Seiderer [Mon, 2 Mar 2020 15:09:06 +0000 (16:09 +0100)]
package/libevdev: bump version to 1.9.0
And update hash file formatting (2 spaces).
For details see [1] and [2].
[1] https://lists.freedesktop.org/archives/input-tools/2020-February/001529.html
[2] https://lists.freedesktop.org/archives/input-tools/2020-March/001530.html
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Peter Seiderer [Mon, 2 Mar 2020 15:09:05 +0000 (16:09 +0100)]
package/libevdev: add host-python dependency
Fixes:
checking for a Python interpreter with version >= 2.6... none
configure: error: no suitable Python interpreter found
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Peter Seiderer [Mon, 2 Mar 2020 15:09:05 +0000 (16:09 +0100)]
package/libevdev: add host-python dependency
Fixes:
checking for a Python interpreter with version >= 2.6... none
configure: error: no suitable Python interpreter found
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Ryan Coe [Mon, 2 Mar 2020 17:49:15 +0000 (09:49 -0800)]
package/libite: bump version to 2.1.2
The hash for LICENSE has changed due to the copyright being updated and
the note about licensing types has been moved to the bottom.
The hash for chomp.c has been changed due to the copyright being updated and
code changes in that file.
Changelog:
https://github.com/troglobit/libite/releases/tag/v2.1.2
Signed-off-by: Ryan Coe <bluemrp9@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Ryan Coe [Mon, 2 Mar 2020 17:49:14 +0000 (09:49 -0800)]
package/inadyn: bump version to 2.6
Changelog:
https://github.com/troglobit/inadyn/releases/tag/v2.6
Signed-off-by: Ryan Coe <bluemrp9@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Ryan Coe [Mon, 2 Mar 2020 17:49:13 +0000 (09:49 -0800)]
package/inadyn: remove dependency on libite
The dependency for libite was removed in upstream commit
e27bfbf
dating back a couple of years.
Signed-off-by: Ryan Coe <bluemrp9@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Pierre-Jean Texier [Mon, 2 Mar 2020 16:56:13 +0000 (17:56 +0100)]
package/ipset: bump to version 7.6
See full changelog http://ipset.netfilter.org/changelog.html
Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
James Hilliard [Tue, 3 Mar 2020 23:16:53 +0000 (16:16 -0700)]
package/wayland-protocols: bump to version 1.20
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Antoine Tenart [Tue, 3 Mar 2020 10:13:37 +0000 (11:13 +0100)]
package/linux-firmware: add option for Microchip VSC85xx networking PHYs
This patch adds an option to support installing firmware files for the
Microchip/Microsemi VSC85xx networking PHY family.
There is a mismatch between Linux and Linux-firmware on the name of the
PHY (Microchip vs Microsemi), due to the acquisition of Microsemi by
Microchip. We chose here the name in Linux-firmware, but mentioned the
other one in the Kconfig help of the option.
Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Antoine Tenart [Wed, 4 Mar 2020 16:55:32 +0000 (17:55 +0100)]
package/linux-firmware: fix special cases of symlinks
Some symlinks were not created correctly when installing the
Linux-firmware package. This patch fixes the support for all symlinks of
the form:
a/foo -> bar
a/foo -> b/bar
a/foo -> ../b/bar
With this patch all forms of symlinks described in the WHENCE file
should be supported, whether they are in nested directories, or in
non-existing ones.
As some symlinks could be in directories that do not exist, we must
maje sure to canonicalize the path before testing the linked-to file.
We compared the symlinks installed pre-
20200122 to what we have now, and
it seems we're handling all of them with this patch.
Fixes: 55df4059d24b ("package/linux-firmware: fix symlink support")
Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com>
[yann.morin.1998@free.fr:
- use readlink in canonicalize-missing mode, to avoid
creating-then-removing directories
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Tested-by: Antoine Tenart <antoine.tenart@bootlin.com>
Reviewed-by: Antoine Tenart <antoine.tenart@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Peter Seiderer [Wed, 4 Mar 2020 11:00:50 +0000 (12:00 +0100)]
package/mesa3d: fix nouveau std::isinf related compile failure
Activate already existing mesa3d solution for the isinf compile
failure for uclibc based toolchains instead of using a custom
workaround.
- remove 0005-src-gallium-drivers-nouveau-codegen-nv50_ir_ra.cpp-p.patch
- add 0004-c99_math-import-isinf-for-uclibc-based-toolchains.patch
Fixes:
http://autobuild.buildroot.net/results/
cbefc5d4a4fefb674e596400fa1d2698cd89c5b3/
http://autobuild.buildroot.net/results/
dc974da012f53fa4ed3be616f937b0afae423d66/
../src/gallium/drivers/nouveau/codegen/nv50_ir_ra.cpp: In member function 'bool nv50_ir::GCRA::simplify()':
../src/gallium/drivers/nouveau/codegen/nv50_ir_ra.cpp:1348:19: error: expected unqualified-id before '(' token
if (std::isinf(bestScore)) {
^
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Adam Duskett [Tue, 3 Mar 2020 19:11:33 +0000 (11:11 -0800)]
package/nodejs: bump version to v12.16.1
Fixes a number of regressions introduced in v12.16.0:
https://github.com/nodejs/node/blob/master/doc/changelogs/CHANGELOG_V12.md#12.16.1
Tested on Debian 9 and Ubuntu 18.04
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Wed, 4 Mar 2020 22:21:03 +0000 (23:21 +0100)]
package/libsndfile: fix CVE-2019-3832
It was discovered the fix for CVE-2018-19758 (libsndfile) was not
complete and still allows a read beyond the limits of a buffer in
wav_write_header() function in wav.c. A local attacker may use this flaw
to make the application crash.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Wed, 4 Mar 2020 22:21:02 +0000 (23:21 +0100)]
package/libsndfile: fix CVE-2018-19758
There is a heap-based buffer over-read at wav.c in wav_write_header in
libsndfile 1.0.28 that will cause a denial of service.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Yann E. MORIN [Wed, 4 Mar 2020 13:40:37 +0000 (14:40 +0100)]
Makefile: work around a bug in newly released make 4.3
Several users of rolling-release distributions have been reporting on
IRC that Buildroot is broken now that they have switched to the newly
released make 4.3.
It turns out that the constructs we use to generated and include the
internal br2-external related fragments is no longer working with
make-4.3.
Indeed, an upstream bug report [0] seems to imply that it so far was
working by chance. There has been no further feedback, whether this is
really considered a fix for a previous ill-defined behaviour, or an
actual regression...
In the meantime, we add a workaround, suggested in that same bug report,
that fixes the issue for make 4.3, and that should not break on older
make versions either (verified on all relevant versions: from 3.81,
3.82, 4.0, 4.1, and 4.2).
[0] https://savannah.gnu.org/bugs/?57676
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Tested-by: Mircea Gliga <mgliga@bitdefender.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Wed, 4 Mar 2020 21:45:32 +0000 (22:45 +0100)]
package/jhead: security bump to version 3.04
- Fix CVE-2019-
1010301: jhead 3.03 is affected by: Buffer Overflow. The
impact is: Denial of service. The component is: gpsinfo.c Line 151
ProcessGpsInfo(). The attack vector is: Open a specially crafted JPEG
file.
- Fix CVE-2019-
1010302: jhead 3.03 is affected by: Incorrect Access
Control. The impact is: Denial of service. The component is: iptc.c
Line 122 show_IPTC(). The attack vector is: the victim must open a
specially crafted JPEG file.
- Fix CVE-2019-19035: jhead 3.03 is affected by: heap-based buffer
over-read. The impact is: Denial of service. The component is:
ReadJpegSections and process_SOFn in jpgfile.c. The attack vector is:
Open a specially crafted JPEG file.
- Update indentation of hash file (two spaces)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Peter Korsgaard [Wed, 4 Mar 2020 19:54:52 +0000 (20:54 +0100)]
package/python-django: security bump to version 3.0.4
Fixes the following security vulnerabilities:
- CVE-2020-9402: Potential SQL injection via tolerance parameter in GIS
functions and aggregates on Oracle.
GIS functions and aggregates on Oracle were subject to SQL injection,
using a suitably crafted tolerance.
For more details, see the advisory:
https://www.djangoproject.com/weblog/2020/mar/04/security-releases/
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Peter Seiderer [Mon, 2 Mar 2020 11:08:26 +0000 (12:08 +0100)]
package/mesa3d: fix linux/kcmp.h related compile failure
Add upstream patch [1].
Fixes:
http://autobuild.buildroot.net/results/
df5bcb8e4f6e98c4de347abbbe91e10a98047422
../src/util/os_file.c:37:24: fatal error: linux/kcmp.h: No such file or directory
[1] https://cgit.freedesktop.org/mesa/mesa/commit/?id=
f7bfb10c69dfe48a91e35523cb5ee641bdbf6988
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Reviewed-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Peter Korsgaard [Tue, 3 Mar 2020 22:59:20 +0000 (23:59 +0100)]
utils/genrandconfig: drop outdated python-nfc check
Commit
9ea528f84ba (package/python-nfc: bump to version 0.13.5) changed the
python-nfc package to download from github, so the package no longer needs
bzr on the host.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Peter Seiderer [Wed, 4 Mar 2020 10:31:41 +0000 (11:31 +0100)]
package/fbgrab: bump version to 1.3.1 and update projct URL
- bump version to 1.3.1
Changelog:
* Incorrect alpha value when converting 32-bit framebuffers.
* Documentation for github instead of own homepage.
- update project URL
Fixes bug 12606 ([1]).
[1] https://bugs.busybox.net/show_bug.cgi?id=12606
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Tested-by: Timo Ketola <timo.ketola@exertus.fi>
Acked-by: Timo Ketola <timo.ketola@exertus.fi>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Peter Seiderer [Tue, 3 Mar 2020 16:30:45 +0000 (17:30 +0100)]
package/gst1-plugins-base: fix static linking
Add patch to fix static linking of tools.
Fixes:
http://autobuild.buildroot.net/results/
b33019b3c9ad856aced34215c69bb292b536e25e
.../bin/ld: .../usr/lib/libgstreamer-1.0.a(gstplugin.c.o): in function `gst_plugin_register_func':
gstplugin.c:(.text+0x3bc): undefined reference to `g_module_make_resident'
.../bin/ld: .../usr/lib/libgstreamer-1.0.a(gstplugin.c.o): in function `_priv_gst_plugin_load_file_for_registry':
gstplugin.c:(.text+0x1228): undefined reference to `g_module_supported'
.../bin/ld: gstplugin.c:(.text+0x126c): undefined reference to `g_module_open'
.../bin/ld: gstplugin.c:(.text+0x1368): undefined reference to `g_module_symbol'
.../bin/ld: gstplugin.c:(.text+0x1494): undefined reference to `g_module_supported'
.../bin/ld: gstplugin.c:(.text+0x17f4): undefined reference to `g_module_close'
.../bin/ld: gstplugin.c:(.text+0x1a2c): undefined reference to `g_module_error'
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Peter Korsgaard [Tue, 3 Mar 2020 22:55:48 +0000 (23:55 +0100)]
Config.in: drop BR2_NEEDS_HOST_{JAVAC,JAR}
With classpath removed, no packages select these symbols any more - So drop
them and their corresponding logic in dependencies.sh / genrandconfig.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
James Hilliard [Mon, 2 Mar 2020 10:01:46 +0000 (03:01 -0700)]
package/classpath: drop package
This package has been abandoned by upstream since 2016 and has not
had a release since 2012. In addition the GNU Compiler for Java
that classpath was written to be used with has been removed as of
GCC 7.
It is no longer feasible to support classpath as it requires a java
compiler capable of producing java 1.5 compatible bytecode which is
not possible on hosts with a recent java compiler.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
James Hilliard [Tue, 3 Mar 2020 22:12:58 +0000 (15:12 -0700)]
package/jamvm: drop package
JamVM has not had a release since 2014 and is unmaintained.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Alexander Sverdlin [Mon, 2 Mar 2020 18:50:54 +0000 (19:50 +0100)]
package/mini-snmpd: bump to version 1.6
Drop both patches:
- 0001-Prepend-zero-byte-before-unsigned-integers.patch is upstream
as of
949ae648bf7c654b8fae607a0988bfa672607156
- 0002-mib.c-allow-unsigned-integers-to-have-an-extra-byte.patch is
upstream as of
Use the systemd unit file provided by the upstream project instead of
our own, just add an /etc/default/ file to add the -a option to
preserve the same behavior.
This new version now needs pkg-config.
v1.6 changelog:
Bug fix release.
- Fix #16: regression in ifTable for point-to-point interfaces
- Fix #17: major memory leak in Linux backend
- Fix #18: consistent timeout handling in .conf file and command line
v1.5 changelog:
Major feature release. Support for TCP-MIB, UDP-MIB, IP-MIB,
ifXTable with 64-bit counters.
- Majority of new features from [NDM Systems][]
- CVE fixes from [Cisco Talos Intelligence Group][talos]
- Add support for ifXTable (64-bit counters), from NDM Systems
- Add support for TCP-MIB, from NDM Systems
- Add support for UDP-MIB, from NDM Systems
- Add support for IP-MIB, from NDM Systems
- Add support for ifType
- Add support for ifMtu
- Binary and man page renamed: `mini_snmpd` --> `mini-snmpd`
- New command line option `-l LEVEL` replaces `--verbose`
- New command line option `-v` to show program version
- Create PID file when daemon is ready to receive signals
- Add support for systemd unit file on Linux
- Add support for /etc/mini-snmpd.conf, disabled by default
- CVE-2020-6060: Fix stack overflow in client connection handler
- CVE-2020-6059: Fix out-of-bounds read in parsing of SNMP packet
- CVE-2020-6058: Fix out-of-bounds read in parsing of SNMP packet
- Let `-s` flag control use of syslog, when running in foreground
- Removed all (known) GNU:isms; i.e., `__progname` and `%m`
Signed-off-by: Alexander Sverdlin <alexander.sverdlin@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
James Hilliard [Sat, 29 Feb 2020 01:11:55 +0000 (18:11 -0700)]
package/python-jinja2: fix async removal paths
Fixes:
http://autobuild.buildroot.net/results/dd5/
dd5f151b2c9872476ab63c529468d0b37a0374f5/
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fabrice Fontaine [Tue, 3 Mar 2020 20:16:22 +0000 (21:16 +0100)]
package/zziplib: fix CVE-2018-17828
Directory traversal vulnerability in ZZIPlib 0.13.69 allows attackers to
overwrite arbitrary files via a .. (dot dot) in a zip file, because of
the function unzzip_cat in the bins/unzzipcat-mem.c file.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Tue, 3 Mar 2020 20:16:21 +0000 (21:16 +0100)]
package/zziplib: fix CVE-2018-16548
An issue was discovered in ZZIPlib through 0.13.69. There is a memory
leak triggered in the function __zzip_parse_root_directory in zip.c,
which will lead to a denial of service attack.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Tue, 3 Mar 2020 19:47:03 +0000 (20:47 +0100)]
package/patch: annotate CVE-2019-13638
GNU patch through 2.7.6 is vulnerable to OS shell command injection that
can be exploited by opening a crafted patch file that contains an ed
style diff payload with shell metacharacters. The ed editor does not
need to be present on the vulnerable system. This is different from
CVE-2018-
1000156.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Tue, 3 Mar 2020 19:47:02 +0000 (20:47 +0100)]
package/patch: fix CVE-2019-13636
In GNU patch through 2.7.6, the following of symlinks is mishandled in
certain cases other than input files. This affects inp.c and util.c.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Tue, 3 Mar 2020 19:47:01 +0000 (20:47 +0100)]
package/patch: fix CVE-2018-20969
do_ed_script in pch.c in GNU patch through 2.7.6 does not block strings
beginning with a ! character. NOTE: this is the same commit as for
CVE-2019-13638, but the ! syntax is specific to ed, and is unrelated to
a shell metacharacter.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Tue, 3 Mar 2020 19:47:00 +0000 (20:47 +0100)]
package/patch: annotate CVE-2018-
1000156
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Tue, 3 Mar 2020 19:46:59 +0000 (20:46 +0100)]
package/patch: annote CVE-2018-6951
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>