When we do a release, we know only of a set of gcc versions that the
host may have. But in the future, distributions with newer gcc versions
may show up.
Currently, we do not recognise those versions, and thus we do as if they
were older than the oldest we know of. This means that a set of packages
become unselectable, when they should be.
We fix that by capping the detected version to the highest we know of.
Reported-by: gargar_ on IRC
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Peter Korsgaard <peter@korsgaard.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 3950e69dad)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Qt KMS support should not explicitly depend on the availability of opengl.
Don't explicitly disable KMS if opengl is not available and fallback to
detecting if libdrm is available before disabling kms.
The scenario where this is necessary involves using the Qt linuxfb backend
"dumb buffer" support via the DRM API. This is new in Qt 5.9 [1] and only
requires KMS, but not opengl. Although on Qt 5.6, only eglfs actually
uses libdrm/kms, it doesn't hurt to add the dependency and the -kms
option there as well, and doing so keeps the logic in the .mk file
simple.
[1] http://doc.qt.io/qt-5/embedded-linux.html#linuxfb
Cc: Peter Seiderer <ps.report@gmx.net>
Cc: Julien Corjon <corjon.j@ecagroup.com>
Signed-off-by: Joshua Henderson <joshua.henderson@microchip.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
(cherry picked from commit f91ea94a6f)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The utils/diffconfig script works only on variables with the BR2_
prefix. This is OK for Buildroot [def]configs since this is the prefix
for all user-facing variables, but it prevents using the same script
to compare configs from kconfig-based packages.
Remove the BR2_ restriction, allowing usage such as:
./utils/diffconfig \
board/qemu/xtensa-lx60/linux.config \
board/qemu/xtensa-lx60/linux-nommu.config
Signed-off-by: Marcel Patzlaff <m.patzlaff@pilz.de>
Reviewed-by: Luca Ceresoli <luca@lucaceresoli.net>
Tested-by: Luca Ceresoli <luca@lucaceresoli.net>
Reviewed-by: Matt Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit bf9ccfc37b)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The libcilkrts configure script errors out with "Pthreads are required
to build libcilkrts" if the C library doesn't have thread support. To
fix that, we disable libcilkrts when thread support is not available.
This issue was not noticed until now, because we only regularly build
a no-thread toolchain for ARM, and libcilkrts was enabled on ARM only
starting in gcc 7.x.
This fixes the build of no-thread toolchains on architectures where
libcilkrts is supported, i.e x86/x86-64, ARM and Sparc.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Reviewed-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 076fd27da7)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Sort the certificates into alphabetical order so the contents of
ca-certificates.crt can be built reproducibly.
Note: The certificates are sorted uppercase then lowercase filenames
so the contents of ca-certificates.crt matches the source debian package.
Signed-off-by: Martin Bark <martin@barkynet.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
(cherry picked from commit c61b49e5b5)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Rebuilding ca-certificates using make ca-certificates-rebuild
caused duplicate certificates to be installed in the target. Its build
system is broken: it doesn't detect that the output file already exists,
and instead of overwriting it, a duplicate is generated under a
different name. The net effect is that all certificates are installed
twice after rebuild.
Fix this by cleaning the build directory before building the package.
Signed-off-by: Martin Bark <martin@barkynet.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
(cherry picked from commit 42b10634c6)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
c_rehash looks at all files in /etc/ssl/certs, generates the hash for
the certificates in them, and makes a symlink from the hash to the
certificate file.
However, ca-certificates.crt is also installed in /etc/ssl/certs and
it contains all the certificates. c_rehash will take one of them (the
first?) and create a symlink from that hash to ca-certificates.crt.
Usually, this results in an error like:
WARNING: Skipping duplicate certificate ca-certificates.crt
and all is well. However, depending on filesystem order,
ca-certificates.crt may come first, and the actual certificate is
not symlinked.
To fix this install certificates.crt to /etc/ssl/certs *after* we run
c_rehash to prevent it getting hashed by mistake.
Note: $(TARGET_DIR)/etc/ssl/certs/ is already removed during install so
this fix also works for rebuilds.
Signed-off-by: Martin Bark <martin@barkynet.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
(cherry picked from commit d07ddd8e4e)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
gcc does not build when the srcdir path contains a '@', because that
path is then substitued in a texi file as argument to an @include
directive. But then, the '@' in the path will start a command evaluation
of its own, thus breaking the build. For example, with a $(O) path set
to /home/ymorin/dev/buildroot/O/to@ti :
perl ../../gcc/../contrib/texi2pod.pl ../../gcc/doc/invoke.texi > gcc.pod
../../gcc/doc/invoke.texi:1678: unknown command `ti'
../../gcc/doc/invoke.texi:1678: @include: could not find /home/ymorin/dev/buildroot/O/to/build/host-gcc-initial-7.3.0/build/gcc/../../gcc/../libiberty/at-file.texi
[Peter: use findstring instead of subst/compare]
Reported-by: c32 on IRC
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 7007dc2bc9)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes CVE-2018-10873: A vulnerability was discovered in SPICE before version
0.14.1 where the generated code used for demarshalling messages lacked
sufficient bounds checks. A malicious client or server, after
authentication, could send specially crafted messages to its peer which
would result in a crash or, potentially, other impacts.
Drop patches as they are now upstream.
Add host-pkgconf as the configure script uses pkg-config. Drop removed
--disable-automated-tests configure flag.
Add optional opus support, as that is now supported and needs to be
explicitly disabled to not use. Explicitly disable optional gstreamer
support for now as the dependency tree is fairly complicated.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit f33f7a4f64)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The license heading in source files includes the "or any later"
language.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit cfa3447a78)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes CVE-2017-14501: An out-of-bounds read flaw exists in
parse_file_info in archive_read_support_format_iso9660.c in libarchive
3.3.2 when extracting a specially crafted iso9660 iso file, related to
archive_read_format_iso9660_read_header.
Drop upstream patches.
Use upstream provided tarball hash.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 946f136fe1)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
When two Buildroot builds run in parallel, and they both happen to call
npm at roughly the same time, the two npm instances may conflict when
accessing the npm cache, which is by default ~/.npm
Although npm is supposed to lock access to the cache, it seems it does
sometimes fail to do so properly, bailling out in error, when it would
never ever crash at all when not running in parallel. We suspect that
the sequence leading to such failures are something like:
npm-1 npm-2
lock(retry=few, sleep=short) .
does-stuff() .
. lock(retry=few, sleep=short)
. # can't lock local cache
. download-module()
. # can't download
. exit(1)
unlock()
As per the docs [0], few = 10, short = 10. So if the first npm (npm-1)
takes more than 100s (which can happen behind slow links and/or big
modules that contain native code that is compiled), then the second npm
(npm-2) will bail out (the download would fail if there is no network
access, for example, and only local modules are used).
Point npm to use a per-build cache directory, so they no longer compete
across builds.
That would still need some care when we do top-level parallel builds,
though.
Note also that the conflicts are not totally eliminated: two or more npm
instances may still compete for some other resource that has not yet
been identified.
But, at least, the conflict window has been drastically shortened now,
to the point where it now seldom occurs.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 4a16182d5f)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
While Erlang includes a version of zlib, it's intended for Windows and
there's an expectation that non-Windows platforms provide it. It's also
not as regularly updated as the one in Buildroot. This change makes
Erlang always use a Buildroot-provided zlib.
Fixes this compile error:
CC /home/buildroot/autobuild/run/instance-0/output/build/erlang-21.0/erts/emulator/zlib/obj/x86_64-buildroot-linux-musl/opt/adler32.o
In file included from zlib/adler32.c:11:0:
zlib/zutil.h:172:39: error: "_LFS64_LARGEFILE" is not defined [-Werror=undef]
(!defined(_LARGEFILE64_SOURCE) || _LFS64_LARGEFILE-0 == 0)
^~~~~~~~~~~~~~~~
See http://autobuild.buildroot.net/results/fc633f80c7c36a90e641487f5a888fbb767c2a54/.
Signed-off-by: Frank Hunleth <fhunleth@troodon-software.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit ec5378038f)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
As reported by Jeff Wittrock in bug #11396, the U-Boot environment
image checksum is invalid for big endian targets, because the test on
the BR2_ENDIAN Config.in option doesn't take into account that it is
double quoted.
The fix was provided by Jeff himself on bugzilla.
Fixes bug #11396.
Reported-by: Jeff Wittrock <jwittrock@faultrecorder.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit d6fcf044a7)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
For some reason, ustr installs its own source code, which means we end
up with 448 KB of source code in /usr/share in the target filesystem:
$ tree output/target/usr/share/
output/target/usr/share/
└── ustr-1.0.4
├── malloc-check.h
├── ustr-b-code.h
├── ustr-b-dbg-code.c
├── ustr-b-opt-code.c
├── ustr-cmp-code.h
├── ustr-cmp-dbg-code.c
├── ustr-cmp-internal.h
├── ustr-cmp-opt-code.c
├── ustr-cntl-code.h
├── ustr-fmt-code.h
├── ustr-fmt-dbg-code.c
├── ustr-fmt-internal.h
[...]
$ du -sh output/target/usr/share/ustr-1.0.4/
448K output/target/usr/share/ustr-1.0.4/
So let's drop this source code in a post-install target hook.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit c27484b2ef)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes CVE-2018-10933: authentication bypass vulnerability in the server
code. By presenting the server an SSH2_MSG_USERAUTH_SUCCESS message in
place of the SSH2_MSG_USERAUTH_REQUEST message which the server would
expect to initiate authentication, the attacker could successfully
authenticate without any credentials.
https://www.libssh.org/security/advisories/CVE-2018-10933.txt
Drop an upstream patch.
Cc: Scott Fan <fancp2007@gmail.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit de24e47d90)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Pass TARGET_LDFLAGS to EXTRA_LDFLAGS to fix following issue:
/home/buildroot/autobuild/run/instance-3/output/build/host-gcc-final-7.3.0/build/arm-buildroot-linux-musleabihf/libgcc/../../../libgcc/config/arm/lib1funcs.S:1545: undefined reference to `raise'
Also pass TARGET_CFLAGS to EXTRA_CFLAGS and TARGET_CXXFLAGS to
EXTRA_CXXFLAGS and move all these variables to
OPEN_PLC_UTILS_MAKE_OPTS for readability
Fixes:
- http://autobuild.buildroot.org/results/67bc5e7ac8ae1c49c035b022a394d2f746705cf2
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit d8738d3b97)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
In commit a31a66802a ("freetype:
security bump to version 2.5.3"), the freetype package was changed to
call ./autogen.sh to regenerate the autotools stuff, because the
ltmain.sh provided by upstream freetype was not compatible with
Buildroot libtool-patching logic.
Since then, freetype has been bumped several times, and the current
version packaged in Buildroot has an ltmain.sh that is compatible with
our libtool-patching logic.
Therefore, this commit drops the no longer needed autogen stuff.
This autogen stuff was badly breaking per-package host/target
directory, because the autogen happened at the post-patch hook step,
at which point the host-automake/host-autoconf/host-libtool
dependencies have not yet been copied into this package host
directory.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 88c6329521)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Use system liblinear instead of using included liblinear.
liblinear in buildroot is at version 2.20 released on December 2017
whereas liblinear in nmap has not been updated since 7 years (except for
liblinear.vcxproj which has been updated 2 years ago)
Do not use --with-liblinear option as otherwise nmap will forget to add
-llinear to LIBS due to the following line in configure.ac:
if test $have_liblinear != yes; then
AC_CHECK_HEADERS([linear.h],
AC_CHECK_LIB(linear, predict, [have_liblinear=yes; LIBLINEAR_LIBS="-llinear"; break],, [-lm])
)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit c0d9ba562c)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
When used without spdx_lookup the BSD licence cannot be
detected correctly because many Python packages just specify
BSD without the exact version in their metadata. So add a
special message warning the user instead of the licence id.
Bonus: fix typo.
Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit d05e41eb1a)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit 87d759ced5 (ntp: fix build for no-MMU) added a patch to make MMU
dependent code hidden behind HAVE_WORKING_FORK. It turns out that the
patch covers too much code. When libcap is enabled we pass
--enable-linuxcaps, which in turn enables HAVE_DROPROOT. This adds calls
to code that is covered by HAVE_WORKING_FORK.
Update the no-MMU fix so that HAVE_WORKING_FORK only covers the no-MMU
incompatible routine.
Fixes:
http://autobuild.buildroot.net/results/c5c/c5cf28bb969fec7c07864cdd094dedfa4d5439d2/
Cc: Artem Panfilov <apanfilov@spectracom.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 7cf152852d)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Many platforms don't provide all FPU features needed by Poco when
configured for soft floating point in their fenv.h header. So
disable fpenvironment for this configuration to avoid build breakage.
Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit c735f39881)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The enum34 dependency is required for python2.7 for both the host and
target builds. This patch adds the host dependency to match what is
already in place for the target.
The host build is used by the setools package seinfo tool offline for
host based policy analysis. The analysis is easiest performed offline
as the policy is checked for path/reachability, which is something
that occurs by taking the policy file and using debug libraries to
perform test cases.
Fixes the following runtime error:
$ ./output/host/bin/sesearch
Traceback (most recent call last):
[...]
File "/home/test/buildroot/output/host/lib/python2.7/site-packages/setools-4.1.1-py2.7-linux-x86_64.egg/setools/policyrep/util.py", line 21, in <module>
from enum import Enum
ImportError: No module named enum
Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit a5e4eddb84)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security issues:
CVE-2018-16758: Michael Yonli discovered that tinc 1.0.34 and earlier allow
a man-in-the-middle attack that, even if the MITM cannot decrypt the traffic
sent between the two endpoints, when the MITM can correctly predict when an
ephemeral key exchange message is sent in a TCP connection between two
nodes, allows the MITM to force one node to send UDP packets in plaintext.
The tinc 1.1pre versions are not affected by this.
CVE-2018-16738: Michael Yonli discoverd that tinc versions 1.0.30 to 1.0.34
allow an oracle attack, similar to CVE-2018-16737, but due to the
mitigations put in place for the Sweet32 attack in tinc 1.0.30, it now
requires a timing attack that has only a limited time to complete. Tinc
1.1pre16 and earlier are also affected if there are nodes on the same VPN
that still use the legacy protocol from tinc version 1.0.x.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit d0758184c0)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
get-developers tries to open DEVELOPERS in the current directory, so it
breaks when calling it from elsewhere than the toplevel Buildroot directory.
Traceback (most recent call last):
File "../utils/get-developers", line 107, in <module>
__main__()
File "../utils/get-developers", line 26, in __main__
devs = getdeveloperlib.parse_developers(os.path.dirname()
File "/home/peko/source/buildroot/utils/getdeveloperlib.py", line 161, in parse_developers
with open(os.path.join(basepath, "DEVELOPERS"), "r") as f:
IOError: [Errno 2] No such file or directory: '/home/peko/source/buildroot/output-foo/DEVELOPERS'
Fix it by instead figuring out where the DEVELOPERS file is relative to the
location of get-developers (E.G. one level up).
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
[Arnout:
- add realpath to support a symlinked get-developers script;
- pass devs_dir argument to check_developers() to support -c in subdir;
- convert basepath to absolute path to support -f option.
]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
(cherry picked from commit 62d5558f76)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This fixes a syntax error introduced in bcf2ed5cc3.
Output before the patch:
$ ./utils/get-developers outgoing/*
File "./utils/get-developers", line 97
print dev
^
SyntaxError: Missing parentheses in call to 'print'. Did you mean
print(dev)?
Output after the patch:
$ ./utils/get-developers outgoing/*
git send-email --to buildroot@buildroot.org
Signed-off-by: Grégoire Delattre <gregoire.delattre@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 8320ad3341)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
When called with a list of patches, get-developers prints the entire git
send-email invocation line:
./utils/get-developers 0001-git-security-bump-to-version-2.16.5.patch
git send-email --to buildroot@buildroot.org --cc "Matt Weber <matthew.weber@rockwellcollins.com>"
This may be handy when creating an entire patch series and editing a cover
letter, but it does mean that this has to be explicitly executed and
get-developers cannot be used directly by the --cc-cmd option of git
send-email to automatically CC affected developers.
So add an -e flag to only let get-developers print the email addresses of
the affected developers in the one-email-per-line format expected by git
send-email, similar to how get_maintainer.pl works in the Linux kernel.
With this and a suitable git configuration:
git config sendemail.to buildroot@buildroot.org
git config sendemail.ccCmd "$(pwd)/utils/get-developers -e"
You can simply do:
git send-email master
To automatically mail the buildroot list and CC affected developers on
patches.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Acked-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit bcf2ed5cc3)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
In addition:
- Update 0001-user-exec-fix-usage-of-mcontext-structure-on-ARM-uCl.patch
with new line numbers and file location.
- Remove upstream 0002-memfd-fix-configure-test.patch
- Add new options found in 2.12.0 in qemu.mk as disabled.
- Remove --with-system-pixman as it's no longer optional.
Tested with test-pkg:
./utils/test-pkg -p qemu -c configs/qemu_min_defconfig
br-arm-full [1/6]: OK
br-arm-cortex-a9-glibc [2/6]: OK
br-arm-cortex-m4-full [3/6]: SKIPPED
br-x86-64-musl [4/6]: OK
br-arm-full-static [5/6]: OK
armv5-ctng-linux-gnueabi [6/6]: OK
6 builds, 1 skipped, 0 build failed, 0 legal-info failed
Signed-off-by: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 06e3957c16)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Our package infrastructure uses inheritance of a number of values from
the target package to the host package, which assumes the target
package is defined before the host package. In addition, future
changes are going to make this requirement even more important.
Therefore, let's fix the qemu package so that it declares its target
variant before its host variant, like all other packages in
Buildroot. We handle qemu separately from other packages, because
unlike other packages, it didn't had the "eval" for the host and
target packages at the end of the file, but rather all variables
related to the host variant first, then the call to the package
infrastructure for the host variant, then the variables related to the
target variant, and finally the call to the package infrastructure for
the target variant. We are inverting the order of those two big parts
in this commit.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 2ae7b21e0b)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
According to target/mips/TODO in the Qemu sources:
MIPS64
------
- Userland emulation (both n32 and n64) not functional.
And indeed, trying to run a mips64n32 binary under qemu user emulation
results in:
Invalid ELF image for this architecture
So we move the BR2_mips64(el) dependency from
BR2_PACKAGE_HOST_QEMU_ARCH_SUPPORTS to
BR2_PACKAGE_HOST_QEMU_SYSTEM_ARCH_SUPPORTS, so that only the system
emulation is available on mips64, and not the user-mode emulation.
Signed-off-by: Adam Duskett <Adamduskett@outlook.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 17024f5900)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Not all architectures are supported by both the system emulation and
user-mode emulation in Qemu, so a single
BR2_PACKAGE_HOST_QEMU_ARCH_SUPPORTS doesn't work very well.
Therefore, this commit introduces the
BR2_PACKAGE_HOST_QEMU_{SYSTEM,USER}_ARCH_SUPPORTS hidden options. We
keep the BR2_PACKAGE_HOST_QEMU_ARCH_SUPPORTS option for the (numerous)
architectures supported by both system emulation and user-mode
emulation.
The 'select' logic to make sure that at least either system emulation
or user-mode emulation is selected is reworked, and done carefully to
avoid recursive Kconfig dependencies.
For now BR2_PACKAGE_HOST_QEMU_SYSTEM_ARCH_SUPPORTS and
BR2_PACKAGE_HOST_QEMU_USER_ARCH_SUPPORTS are the same, but they will
become different in a follow-up commit.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit d7f74dced9)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
In commit:
https://git.buildroot.net/buildroot/commit/?id=13722d58f77d0e9fea9eefc50bf083d19f835433
Patch "0003-configure-Invert-AC_CHECK_LIB-EVP_md5-.-without-lz-w.patch"
was intended to fix AC_CHECK_FUNCS() failure on openssl functions. This
was due to missing -lz during static linking.
But the patch is wrong and results in explicitly linking against -lz in
both shared and static build.
This makes no sense, since shared linking has transitive dependency so
it doesn't need to list -lz after -lssl, -lssl is enough.
Differently static linking needs -lz to be listed after -lssl.
So the real cause of previous build failure:
http://autobuild.buildroot.net/results/881/881139fb049738b16609d39ad5a49bd77ff6b4aa/
is that when AC_CHECK_FUNCS(), $LIBS variable is overwritten with
$LIBCRYPTO without taking into accout previous $LIBS content(i.e. where
-lz is present). This results in AC_CHEC_FUNCS() to fail while trying to
statically link without listing -lz.
Then:
- Remove current "0003-configure-Invert-AC_CHECK_LIB-EVP_md5-.-without-lz-w.patch"
- Add patch "0003-configure-fix-AC_CHECK_FUNCS-EVP_sha224-EVP_sha384-..patch"
where add $LIBS content to tail of new $LIBS variable like this:
LIBS="$LIBCRYPTO $LIBS"
NOTE: $LIBS is at the end to ensure static linking to work correctly.
- Add patch 0004-configure-fix-AC_CHECK_FUNCS-TLS_method-TLSv1_method.patch
where add $LIBS content to tail of new $LIBS variable like this:
LIBS="-lssl $LIBCRYPTO $LIBS"
NOTE: $LIBS is at the end to ensure static linking to work correctly.
This way AC_CHECK_FUNCS(), when static linking, try to link with -lz too
appending it at the end of linking library list.
And after every AC_CHECK_FUNCS(), previously saved $LIBS variable gets
back to its original value(i.e. containing -lz if present) resulting in
having or not -lz appended to library list according to static or
shared build.
Signed-off-by: Giulio Benetti <giulio.benetti@micronovasrl.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit c5a7c287de)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes CVE-2018-18065: _set_key in agent/helpers/table_container.c in
Net-SNMP before 5.8 has a NULL Pointer Exception bug that can be used by an
authenticated attacker to remotely cause the instance to crash via a crafted
UDP packet, resulting in Denial of Service.
For more details, see description and PoC:
https://dumpco.re/blog/net-snmp-5.7.3-remote-dos
Removed patch, applied upstream, autoreconf is not needed anymore.
Added sha256 hashes for tarball and license file.
Switched _SITE to https.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 1fe32e8375)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Because we are patching Makefile.am, Makefile.am is newer than Makefile.in
Signed-off-by: Olivier Schonken <olivier.schonken@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This package only needs ncurses when readline support is enabled, as
it's the autoconf macro file for readline (used by autoconf to create
the gnupg configure script) that checks for and pulls in ncurses.
Since readline already depends on ncurses, gnupg need only depend on
readline (when enabled).
The host package always forces readline support off, so the
host-ncurses dependency can be removed entirely.
Signed-off-by: Trent Piepho <tpiepho@impinj.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 51e17496cc)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Drop 0003-memfd-fix-configure-test.patch applied upstream.
The 4.10.2 version brings a large number of fixes:
https://xenproject.org/downloads/xen-archives/xen-project-410-series/xen-4102.html
Including a number of security fixes:
XSA-260: x86: mishandling of debug exceptions (CVE-2018-8897)
XSA-261: x86 vHPET interrupt injection errors (CVE-2018-10982)
XSA-262: qemu may drive Xen into unbounded loop (CVE-2018-10981)
XSA-263: Speculative Store Bypass (CVE-2018-3639)
XSA-264: preemption checks bypassed in x86 PV MM handling (CVE-2018-12891)
XSA-265: x86: #DB exception safety check can be triggered by a guest
(CVE-2018-12893)
XSA-266: libxl fails to honour readonly flag on HVM emulated SCSI disks
(CVE-2018-12892)
XSA-267: Speculative register leakage from lazy FPU context switching
(CVE-2018-3665)
XSA-268: Use of v2 grant tables may cause crash on ARM (CVE-2018-15469)
XSA-269: x86: Incorrect MSR_DEBUGCTL handling lets guests enable BTS
(CVE-2018-15468)
XSA-272: oxenstored does not apply quota-maxentity (CVE-2018-15470)
XSA-273: L1 Terminal Fault speculative side channel (CVE-2018-3620,
CVE-2018-3646)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 059d655f5c)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
>From the release notes
(http://ftp.isc.org/isc/bind9/9.11.4-P2/RELEASE-NOTES-bind-9.11.4-P2.txt):
* There was a long-existing flaw in the documentation for ms-self,
krb5-self, ms-subdomain, and krb5-subdomain rules in update-policy
statements. Though the policies worked as intended, operators who
configured their servers according to the misleading documentation may
have thought zone updates were more restricted than they were; users of
these rule types are advised to review the documentation and correct
their configurations if necessary. New rule types matching the
previously documented behavior will be introduced in a future maintenance
release. [GL !708]
* named could crash during recursive processing of DNAME records when
deny-answer-aliases was in use. This flaw is disclosed in CVE-2018-5740.
[GL #387]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 63eb34fa12)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security issues:
- CVE-2018-16543: In Artifex Ghostscript before 9.24, gssetresolution and
gsgetresolution allow attackers to have an unspecified impact
- CVE-2018-17183: Artifex Ghostscript before 9.25 allowed a user-writable
error exception table, which could be used by remote attackers able to
supply crafted PostScript to potentially overwrite or replace error
handlers to inject code.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit b054797eca)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The woff2 dependency is used to support Web fonts in WOFF2 format.
This is a Web-facing feature that Web sites expect WebKit to support,
and it is recommended to be unconditionally enabled. While it is
possible to disable the feature at build time, upstream only recommends
doing so if the target system cannot provide a woff2 package.
Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 51b3fe094a)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add the woff2 package to Builroot. This is needed by webkitgtk from
version 2.20.0 onwards. WebKitGTK+ used to bundle a copy of the library,
but it stopped doing so now that the upstream is has been making
releases.
[Peter: fix license hash]
Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 70afd4afa7)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add the brotli package to Buildroot. This is needed by woff2, which in
turn is needed by webkitgtk from version 2.20.0 onwards. WebKitGTK+ used
to bundle a copy of the library, but it stopped doing so now that the
upstream has started making releases.
[Peter: fix license hash]
Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 4f634160b2)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
mrouted part of igmpproxy is licensed under BSD-3-Clause so add this in
IGMPPROXY_LICENSE and add hash for license files
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit c60c928614)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
As specified in COPYING, examples are licensed under GPL-3.0+ and .x
files are licensed under BSD-2-Clause.
So update LIBNFS_LICENSE, add COPYING, LICENCE-BSD.txt and
LICENCE-GPL-3.txt to LIBNFS_LICENSE_FILES and add hash for all license
files
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 1b486d4fa3)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
cppcms contains embedded third party software so add
THIRD_PARTY_SOFTWARE.TXT to CPPCMS_LICENSE_FILES as well as the
additional licenses to CPPCMS_LICENSE.
Also add hash for COPYING.TXT and THIRD_PARTY_SOFTWARE.TXT
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit c17310450b)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The underlying problem is that $(foreach V,1 2 3,) does not evaluate to
an empty string. It evaluates to " ", three empty strings separated by
whitespace.
A construct of this format, with a giant list in the foreach, is part of
the printvars command. This means that "@:$(foreach ....)", which is
intended to expand to a null command, in fact expands to "@: "
with a great deal of whitespace. Make chooses to execute this command
with:
execve("/bin/sh", ["/bin/sh", "-c", ": "]
But with far more whitespace. So much that it can exceed shell command
line length limits.
This solution is to move the foreach to another step in the recipe. The
"@:" is retained as the first line so the recipe is not Empty, which
would cause a change in make behavior when make builds the target. The
2nd line, all whitespace, will be skipped by make.
Signed-off-by: Trent Piepho <tpiepho@impinj.com>
Tested-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit b8d0aadc6d)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Nine years ago we added autoreconf to fix libtool-related problems
with the matchbox package:
https://git.buildroot.net/buildroot/commit/?id=51ef5b81224c243aa7f937c4690b1a120c81ccbc
After building this defconfig with autoreconf removed from this package
BR2_x86_64=y
BR2_x86_core_avx2=y
BR2_TOOLCHAIN_BUILDROOT_LOCALE=y
BR2_TOOLCHAIN_BUILDROOT_CXX=y
BR2_PACKAGE_XORG7=y
BR2_PACKAGE_XLIB_LIBXFONT=y
BR2_PACKAGE_MATCHBOX=y
BR2_PACKAGE_MATCHBOX_SM=y
BR2_PACKAGE_MATCHBOX_COMMON=y
BR2_PACKAGE_MATCHBOX_COMMON_PDA=y
BR2_PACKAGE_MATCHBOX_DESKTOP=y
BR2_PACKAGE_MATCHBOX_KEYBOARD=y
BR2_PACKAGE_MATCHBOX_PANEL=y
BR2_PACKAGE_MATCHBOX_STARTUP_MONITOR=y
it is obvious that the problem which existed nine years ago seems to be
gone, therefore we remove autoreconf from this package because there is
no need for it anymore.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 3ae61eac51)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Nine years ago we added autoreconf to fix libtool-related problems
with the matchbox package:
https://git.buildroot.net/buildroot/commit/?id=51ef5b81224c243aa7f937c4690b1a120c81ccbc
Autoreconf for this package needs the xutil_util-macros but after
building this defconfig with autoreconf removed from this package
BR2_x86_64=y
BR2_x86_core_avx2=y
BR2_TOOLCHAIN_BUILDROOT_LOCALE=y
BR2_TOOLCHAIN_BUILDROOT_CXX=y
BR2_PACKAGE_XORG7=y
BR2_PACKAGE_XLIB_LIBXFONT=y
BR2_PACKAGE_MATCHBOX=y
BR2_PACKAGE_MATCHBOX_SM=y
BR2_PACKAGE_MATCHBOX_COMMON=y
BR2_PACKAGE_MATCHBOX_COMMON_PDA=y
BR2_PACKAGE_MATCHBOX_DESKTOP=y
BR2_PACKAGE_MATCHBOX_KEYBOARD=y
BR2_PACKAGE_MATCHBOX_PANEL=y
BR2_PACKAGE_MATCHBOX_STARTUP_MONITOR=y
it is obvious that the problem which existed nine years ago seems to be
gone. So instead of fixing autoreconf we remove it from this package
because there is no need for it anymore.
Fixes
http://autobuild.buildroot.net/results/30c/30cf5cc139f9f6a9dc070953270f74e18b9310d4/
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 534706e260)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The current download location fails, and Buildroot falls back to
sources.b.o:
--2018-08-20 23:41:39-- https://red.libssh.org/attachments/download/218/libssh-0.7.5.tar.xz
Resolving red.libssh.org (red.libssh.org)... 78.46.80.163
Connecting to red.libssh.org (red.libssh.org)|78.46.80.163|:443... connected.
The certificate's owner does not match hostname ‘red.libssh.org’
--2018-08-20 23:41:39-- http://sources.buildroot.net/libssh/libssh-0.7.5.tar.xz
Resolving sources.buildroot.net (sources.buildroot.net)... 104.25.211.19, 104.25.210.19, 2400:cb00:2048:1::6819:d313, ...
Connecting to sources.buildroot.net (sources.buildroot.net)|104.25.211.19|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 351632 (343K) [application/x-xz]
This commit fixes the download location:
--2018-08-20 23:43:04-- https://www.libssh.org/files/0.7/libssh-0.7.5.tar.xz
Resolving www.libssh.org (www.libssh.org)... 87.98.168.187, 2001:41d0:2:f80c::4
Connecting to www.libssh.org (www.libssh.org)|87.98.168.187|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 351632 (343K) [application/x-tar]
This patch is extracted from a contribution from Bernd Kuhls who was
also bumping the package at the same time
(http://patchwork.ozlabs.org/patch/959192/).
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit ac26da5275)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
When the function add_one_group is called on an existing group,
make sure the members of this group are not removed in the process of
deleting then re-adding the group.
Signed-off-by: Johan Oudinet <johan.oudinet@gmail.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
[Thomas: add curly braces when referencing ${members}, as suggested by
Yann.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 497f7134fc)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
It's preferable to use "shutdown -hP now" to ensure that the runlevel is
known, preventing this message on the system console and log:
WARNING: could not determine runlevel - doing soft poweroff
(it's better to use shutdown instead of poweroff from the command line)
Signed-off-by: Carlos Santos <casantos@datacom.com.br>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit ab842ce21d)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit e047dee241 adds an upstream patch
to fix a build issue with soxr. The patch also adds detecting soxr
using pkg-config. Upstream detected an config issue [1], where the
resulting binary lacks soxr support, although libsoxr was correctly
detected.
This patch adds a define for `HAVE_LIBSOXR` when using pkg-config.
Backported from: cd6a99a7cfde1c5e1c1cc74ee6a77041bb4012d9
[1] https://github.com/mikebrady/shairport-sync/issues/740
Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit ac4bca24ad)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Daniel Alvarez (1):
getifaddrs: Don't return ifa entries with NULL names [BZ #21812]
Florian Weimer (8):
libio: Avoid _allocate_buffer, _free_buffer function pointers [BZ #23236]
Use _STRUCT_TIMESPEC as guard in <bits/types/struct_timespec.h> [BZ #23349]
libio: Disable vtable validation in case of interposition [BZ #23313]
NEWS: Reorder out-of-order bugs
Synchronize support/ infrastructure with master
libio: Add tst-vtables, tst-vtables-interposed
stdio-common/tst-printf.c: Remove part under a non-free license [BZ #23363]
conform/conformtest.pl: Escape literal braces in regular expressions
Gabriel F. T. Gomes (1):
Fix parameter type in C++ version of iseqsig (bug 23171)
H.J. Lu (2):
x86: Correct index_cpu_LZCNT [BZ #23456]
x86: Populate COMMON_CPUID_INDEX_80000001 for Intel CPUs [BZ #23459]
Martin Kuchta (1):
pthread_cond_broadcast: Fix waiters-after-spinning case [BZ #23538]
Stefan Liebler (1):
Fix segfault in maybe_script_execute.
Steve Ellcey (1):
Check length of ifname before copying it into to ifreq structure.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Little CMS (aka Little Color Management System) 2.9 has an integer overflow
in the AllocateDataSet function in cmscgats.c, leading to a heap-based
buffer overflow in the SetData function via a crafted file in the second
argument to cmsIT8LoadFromFile.
For more details, see:
https://github.com/mm2/Little-CMS/issues/171https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16435
The upstream fix unfortunately includes a number of unrelated changes, but
thse files are not used when building for Linux.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 9f81f578eb)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Build fails with:
In file included from dyncall_callback.c:35:0:
dyncall_callback_ppc64.c: In function 'dcbNewCallback':
dyncall_callback_ppc64.c:42:13: warning: implicit declaration of function 'dcAllocWX' [-Wimplicit-function-declaration]
int err = dcAllocWX(sizeof(DCCallback), (void**) &pcb);
^~~~~~~~~
dyncall_callback_ppc64.c: In function 'dcbFreeCallback':
dyncall_callback_ppc64.c:53:3: warning: implicit declaration of function 'dcFreeWX' [-Wimplicit-function-declaration]
dcFreeWX(pcb, sizeof(DCCallback));
^~~~~~~~
dyncall_callback_ppc64.S: Assembler messages:
dyncall_callback_ppc64.S:180: Error: operand out of range (3 is not between 0 and 1)
So select BR2_PACKAGE_LIBFFI for BR2_powerpc64 and BR2_powerpc64le as it
is already done for MIPS
Fixes:
- http://autobuild.buildroot.org/results/97b53a74d9847c07f26178daeb1daff3b6c24813
- http://autobuild.buildroot.org/results/c35ac4bbc5fb04aabf5a719eddeedf55f7f1f4eb
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit b1b35eb9c5)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
/usr/lfs/v0/rc-buildroot-test/scripts/instance-2/output/host/bin/arm-none-linux-gnueabi-gcc -c -I. -I. -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -DETCSCREENRC='"/usr/etc/screenrc"' -DSCREENENCODINGS='"/usr/share/screen/utf8encodings"' -DHAVE_CONFIG_H -DGIT_REV=\"\" \
-D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -Os -D_GNU_SOURCE list_display.c
In file included from screen.h:150:0,
from list_display.c:36:
display.h:154:19: error: 'T_N' undeclared here (not in a function)
union tcu d_tcs[T_N]; /* terminal capabilities */
Macro T_N is defined in header file term.h but it may not be created
then fails. Backport patch to make sure term.h is created before compile
other source codes.
Fixes:
- http://autobuild.buildroot.org/results/a62bea1fd32246526d59f029df3dca60f1cd710f
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit d496329a19)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The configure script enables the DirectFB video driver, but forgets to
enable the renderer driver, causing SDL_CreateRenderer() to fail. Add an upstream patch to fix this.
[Peter: reword/extend commit text,
add git formatted patch from https://github.com/spurious/SDL-mirror]
Signed-off-by: Peter Thompson <peter.macleod.thompson@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit d114494456)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The qtwebengine package used by Qt LTS has a different set of license
files for chromium, so this commit introduces a separate
chromium-lts.inc with the right contents.
This fixes legal-info of qt5webengine with Qt LTS.
Signed-off-by: Laurent Hartanerot <laurent.hartanerot@atos.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit b105dc2b0b)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
In minicom package hash file lacks sha256 entry for COPYING file even if
it is added to MINICOM_LICENSE_FILES.
Add COPYING sha256 entry to minicom.hash file.
Signed-off-by: Giulio Benetti <giulio.benetti@micronovasrl.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 6edfa41a0a)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add kconfig help text that explains how to manually specify an
official Linux version to use for the kernel headers.
Signed-off-by: Mark Corbin <mark.corbin@embecosm.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 3beba26d76)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Similarly to c48f8a6462 (package/m4: fix build on host with glibc-2.28),
backport the two fixes fromn gnulib upstream, that allows building
host-bison on systems using glibc 2.28.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Reported-by: c32 on IRC
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 373ac58b82)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Depending on the configuration, the cpp output may contain the string 'yes'
in a comment if built under a path containing 'yes', confusing the _AIX
test:
${CROSS}-cpp conftest.h
\# 1 "conftest.h"
\# 1 "<built-in>"
\# 1 "<command-line>"
\# 31 "<command-line>"
\# 1 "/home/peko/source/buildroot/output-yes/host/x86_64-buildroot-linux-gnu/sysroot/usr/include/stdc-predef.h"
\# 32 "<command-line>" 2
\# 1 "conftest.txt"
If misdetected, the configure script adds -lc128 to LIBS, causing the
AC_CHECKS_FUNCS check for stat64 to fail, which in turn causes compilation
errors about redefinition of symbols:
In file included from ./src/include/pv-internal.h:9:0,
from src/pv/file.c:5:
./src/include/config.h:76:18: error: redefinition of 'struct stat'
# define stat64 stat
^
Fix it by only matching on 'yes' on a line by itself.
As pv doesn't cleanly autoreconf (it doesn't use automake and configure.in
is located in subdir), instead directly patch configure.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 994a47649b)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes CVE-2018-12910: The get_cookies function in soup-cookie-jar.c in
libsoup 2.63.2 allows attackers to have unspecified impact via an empty
hostname.
Cc: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 8a4536b2dd)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes:
http://autobuild.buildroot.net/results/d6d/d6dc9a640aa1f6650a3e7b9397f2fe2ae3433f4d/http://autobuild.buildroot.net/results/ab5/ab5a58ea7845f9f378454ee1aa7e872448618ba9/
ebx was recently added to the x86 inline asm MULADDC_STOP clobber list to
fix#1550, but this causes the build to fail with GCC < 5 when building in
PIC mode with errors like:
include/mbedtls/bn_mul.h:46:13: error: PIC register clobbered by ‘ebx’ in ‘asm’
This is because older GCC versions treated the x86 ebx register (which is
used for the GOT) as a fixed reserved register when building as PIC.
This is fixed by an improved register allocator in GCC 5+. From the release
notes:
Register allocation improvements: Reuse of the PIC hard register, instead of
using a fixed register, was implemented on x86/x86-64 targets. This
improves generated PIC code performance as more hard registers can be used.
https://www.gnu.org/software/gcc/gcc-5/changes.html
As a workaround, add a patch to detect this situation and disable the inline
assembly, similar to the MULADDC_CANNOT_USE_R7 logic.
Patch submitted upstream: https://github.com/ARMmbed/mbedtls/pull/1986
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 11241ac656)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This fixes autobuild failures like
http://autobuild.buildroot.net/results/3288b742cee650ee47a41c5b4d6aaef1fe67bff1
php compile breaks with:
ext/mysqlnd/mysqlnd_auth.o: In function `php_mysqlnd_scramble_sha2':
mysqlnd_auth.c:(.text+0x1054): undefined reference to `PHP_SHA256Init'
mysqlnd_auth.c:(.text+0x1064): undefined reference to `PHP_SHA256Update'
mysqlnd_auth.c:(.text+0x1070): undefined reference to `PHP_SHA256Final'
mysqlnd_auth.c:(.text+0x1078): undefined reference to `PHP_SHA256Init'
mysqlnd_auth.c:(.text+0x1088): undefined reference to `PHP_SHA256Update'
mysqlnd_auth.c:(.text+0x1094): undefined reference to `PHP_SHA256Final'
mysqlnd_auth.c:(.text+0x109c): undefined reference to `PHP_SHA256Init'
mysqlnd_auth.c:(.text+0x10ac): undefined reference to `PHP_SHA256Update'
mysqlnd_auth.c:(.text+0x10bc): undefined reference to `PHP_SHA256Update'
mysqlnd_auth.c:(.text+0x10c8): undefined reference to `PHP_SHA256Final'
It looks like the php mysqli extension needs the hash extension to work. This
seems to be a php Make dependany bug. This patch works around it until the
upstream maintainers can fix it.
Signed-off-by: Christopher McCrory <chrismcc@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 65f9645263)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Dropbear 2018.76 now uses the --enable-static option to indicate that a static
binary should be built. This will incorrectly pick up the generic buildroot
option intended for building static libraries, causing an unwanted static
binary build with BR2_SHARED_STATIC_LIBS.
Fix by appending an --disable-static configure flag, overriding the buildroot
default.
Signed-off-by: Stefan Sørensen <stefan.sorensen@spectralink.com>
Reviewed-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit c9922a4d2f)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Dropbear 2018.76 changed the default ecdsa host key size form 521 to 256
bits, but this breaks systems with an existing 521 bit key, blocking ssh
logins.
Apply the upstream fix from https://secure.ucc.asn.au/hg/dropbear/rev/0dc3103a5900 :
Only advertise a single server ecdsa key when -R (generate as required) is
specified. Fixes -R now that default ecdsa key size has changed.
[Peter: apply-patches.sh does not like suffix-less filename, so include
patch in Buildroot]
Signed-off-by: Stefan Sørensen <stefan.sorensen@spectralink.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 8a38d7cc9a)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
By default, Dropbear's configure script enables hardening
flags. Unfortunately, the check for SSP only uses AC_COMPILE_IFELSE(),
and therefore doesn't properly test for the availability of libssp,
visible only at link time.
In addition, Buildroot passes its own hardening flags, depending on
various global options. So, we simply disable hardening flags in
Dropbear.
This fixes a build failure with non-SSP capable toolchains happening
since the bump to 2018.76.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit b0aafef619)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
with this new version:
- "configure --enable-static" should now be used instead of
"make STATIC=1"
- any customised options should be put in localoptions.h
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 2e035a9aec)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
brltty has a very inventive buildsystem, where it internall runs
./configure for the build machine In doing so, it generates a list
of make variables to define what the build machine supports, like
it does for the target.
However, the build variables are generated with a convoluted sed
script that scans the target list, and appends _FOR_BUILD to each
target variables. Then, both lists are included from the Makefile,
on the assumption that the build variables will not clash with the
target variables.
Where it gets interesting, is that that sed script considers the
variables names to match '[A-Za-z][A-Za-z0-9_]*'
And there we see why ATSPI2_PACKAGE does not match: it contains a
digit.
So, some build variables will inevitably override target ones.
Fix that by simply expanding the matching regexp to allow digits
in variable names.
Fixes:
http://autobuild.buildroot.org/results/a37/a37782b3cfc1a96cc129db8fade20a36a7b2d470/http://autobuild.buildroot.org/results/97e/97edc6a47d2140968e84b409cdc960604e5896f2/
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Mario Lang <mlang@blind.guru>
Cc: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 8909897ab3)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
eigen generates a pkg-config file which has a broken prefix
(@CMAKE_INSTALL_PREFIX@). This broken prefix causes an incorrect path when
other packages call pkg-config --cflags eigen.
This patch fixes the prefix in the generated eigen pc file, so projects
which depend on this pc file can now correctly find the eigen include
directory at build time.
Also correct the Cflags output to use the runtime prefix instead of the
build time STAGING_DIR, like we do elsewhere.
[Peter: drop backslashes, tweak commit message]
Signed-off-by: Matt Flax <flatmax@flatmax.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit e477dc19b5)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Bump to the latest release of the 1.11.x LTS series as 1.10.x is no longer
supported upstream:
https://www.djangoproject.com/download/
Fixes the following security issues:
- CVE-2017-12794: Possible XSS in traceback section of technical 500 debug
page (1.11.5)
- CVE-2018-6188: Information leakage in AuthenticationForm (1.11.10)
- CVE-2018-7536: Denial-of-service possibility in urlize and urlizetrunc
template filters (1.11.11)
- CVE-2018-7537: Denial-of-service possibility in truncatechars_html and
truncatewords_html template filters (1.11.11)
- CVE-2018-14574: Open redirect possibility in CommonMiddleware (1.11.15)
Also add a hash for the license file.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit ae977e9428)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
glibc-2.28 did quite some lifting in their headers, which breaks the
way some packages were detecting glibc, like gnulib.
However, packages do bundle gnulib (it was meant to be bundled),
and so does m4.
Since m4 hasn't seen the slightest commit since 2017-01-09, it is
bundling an old gnulib version, that predates glibc-2.28, and thus
breaks. It also means that upstream hasn't already fixed the issue.
Furthermore, as upstream is using a git submodule for gnulib, and
that the paths are not the same in the release tarball (in lib/)
and in the git tree (in gnulib/), we can't do a plain backport.
So, we selectively backport the two patches from gnulib upstream,
restricted to only the files that happen to be used in m4.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Reported-by: c32 on IRC
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit c48f8a6462)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The threads dependency comment is currently shown even though the
toolchain supports threads, only because kernel build is disabled.
Merge the kernel and threads comments. This is similar to what we have
in other packages that need the kernel.
Cc: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit f70b13a7cb)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes CVE-2018-10906 - In fuse before versions 2.9.8 and 3.x before 3.2.5,
fusermount is vulnerable to a restriction bypass when SELinux is active.
This allows non-root users to mount a FUSE file system with the
'allow_other' mount option regardless of whether 'user_allow_other' is set
in the fuse configuration. An attacker may use this flaw to mount a FUSE
file system, accessible by other users, and trick them into accessing files
on that file system, possibly causing Denial of Service or other unspecified
effects.
And additionally:
- libfuse no longer segfaults when fuse_interrupted() is called outside the
event loop.
- The fusermount binary has been hardened in several ways to reduce
potential attack surface. Most importantly, mountpoints and mount options
must now match a hard-coded whitelist. It is expected that this whitelist
covers all regular use-cases.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 9c2bbc3fc9)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit 6288409642 ("libselinux: add
patch to fix build with gcc < 4.7") introduced a patch, but its file
name was incorrect, so it was never applied. In addition, the patch
was generated against the Git repository of SELinux, which includes
all projects, and therefore it doesn't apply to the libselinux source
code extracted from the tarball: the "libselinux/" component path
needs to be removed from the patch.
This commit fixes both problems, which should finally and really fix:
http://autobuild.buildroot.net/results/c3272566bb808e43bb77ec59cfe596f7e0fe9a64/
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit cb8d1743ca)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
When using uclibc libdevmapper.so was calling dm_task_get_info_base()
function recursively, leading to segmentation fault. This was
happening because uclibc linker loader just takes first existing
'dm_task_get_info' (which is 'dm_task_get_info_base') symbol in elf
binary, instead of default version.
Add upstreamable lvm2 patch [1], which introduces
--enable-symvers[=STYLE] switch. Use that switch to disable symbol
versions, as we do not plan to support binaries compiled against
old libdevmapper library.
Fixes bug #10781.
[1] https://www.redhat.com/archives/dm-devel/2018-July/msg00187.html
Signed-off-by: Marcin Niestroj <m.niestroj@grinn-global.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 5313c50aa3)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Problem starting lighttpd application with systemd.
/usr/sbin/lighttpd -D -f /etc/lighttpd/lighttpd.conf
2018-06-22 11:21:34: (server.c.733) opening errorlog '/var/log/lighttpd-error.log' failed: Permission denied
2018-06-22 11:21:34: (server.c.1420) Opening errorlog failed. Going down.
Lighttpd can not write the 'lighttpd-access.log' and 'lighttpd-error.log' files
to the directory '/var/log/'.
When using systemd the directory '/var/log' does not allow the user www-data to
write.
To correct the problem, we add /usr/lib/tmpfiles.d/lighttpd.conf.
This file create the 'lighttpd-access.log' and 'lighttpd-error.log' files with
the permission
Signed-off-by: Laurent Hartanerot <laurent.hartanerot@atos.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 7c2eb68cac)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
ATF in version 1.2 fails to build with:
./build/juno/release/bl1/context_mgmt.o: In function `cm_prepare_el3_exit':
context_mgmt.c:(.text.cm_prepare_el3_exit+0x54): undefined reference to `cm_set_next_context'
context_mgmt.c:(.text.cm_prepare_el3_exit+0x54): relocation truncated to fit: R_AARCH64_JUMP26 against undefined symbol `cm_set_next_context'
This has been fixed in ATF v1.3. Even though there are even newer
versions of ATF available, we take a conservative approach, and bump
to the first version that has the build issue fixed.
Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/88314771
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 395bc11dde)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
512B is not a correct size to express "512 bytes", and causes a
genimage failure:
ERROR: Invalid size suffix 'B' in '512B'
To express "512 bytes", using just "512" is sufficient. With this
commit, genimage works fine, and we indeed have a 512 bytes unused
partition:
$ fdisk -l output/images/sdcard.img
Disk output/images/sdcard.img: 60 MiB, 62915584 bytes, 122882 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disklabel type: dos
Disk identifier: 0x00000000
Device Boot Start End Sectors Size Id Type
output/images/sdcard.img1 1 1 1 512B 0 Empty
output/images/sdcard.img2 2 524289 524288 256M 83 Linux
Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/88314963
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit f1bdb63ff4)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
As noted by Arnout in [1], the logic in mesa3d-headers.mk generates a
bogus dri.pc file, which looks like this:
prefix=/usr
exec_prefix=/usr
libdir=/lib
includedir=/include
dridriverdir=/dri
Indeed, the ${...} are expanded as shell variables when the sed
command is executed, while the intention is that those ${...} should
go in the .pc file. By escaping those using $${...}, we get the
expected .pc file:
prefix=/usr
exec_prefix=/usr
libdir=${exec_prefix}/lib
includedir=${prefix}/include
dridriverdir=${libdir}/dri
This was detected by the not yet committed check-package improvement
from Ricardo that detects bogus ${...} usage to reference make
variables.
[1] http://lists.busybox.net/pipermail/buildroot/2018-July/225402.html
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 98e3c1eee5)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Since commit b35ad5d0b4 (ncurses: make host-ncurses use host terminfo), we
are now pointing host-ncurses to the host terminfo (typically) located in
/usr/share/terminfo.
With this change we are reusing the existing host terminfo database, so
there is no point in trying to install our own on top. The user running
buildroot typically will have no write access to /usr/share/terminfo, but
tic in that case falls back to writing the database to $HOME/.terminfo.
Neither of which are desirable.
In case $HOME/.terminfo also isn't writable, tic fails, breaking the install
step for host-ncurses:
** Building terminfo database, please wait...
Running sh ./shlib tic to install /usr/share/terminfo ...
You may see messages regarding extended capabilities, e.g., AX.
These are extended terminal capabilities which are compiled
using
tic -x
If you have ncurses 4.2 applications, you should read the INSTALL
document, and install the terminfo without the -x option.
"terminfo.tmp", line 21272, terminal 'v3220': /home/peko/.terminfo: permission denied (errno 30)
To fix all of this, simply disable the terminfo database install.
Suggested-by: Arnout Vandecappelle <arnout@mind.be>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Acked-by: Hollis Blanchard <hollis_blanchard@mentor.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit b42fb29048)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
chrony calls getrandom() at startup if available, so it needs a workaround
for the blocking behaviour on recent (4.14.39+), similar to what was done
for util-linux in commit c4d86707cd (util-linux: add two upstream patches
to fix blocking on getrandom() with recent kernels).
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit d9937b62e0)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Release notes: https://www.samba.org/samba/history/samba-4.8.4.html
Fixes
o CVE-2018-1139 (Weak authentication protocol allowed.)
o CVE-2018-1140 (Denial of Service Attack on DNS and LDAP server.)
o CVE-2018-10858 (Insufficient input validation on client directory
listing in libsmbclient.)
o CVE-2018-10918 (Denial of Service Attack on AD DC DRSUAPI server.)
o CVE-2018-10919 (Confidential attribute disclosure from the AD LDAP
server.)
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 3d7ce0124a)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This commit reformats
0002-patch-source3__libads__kerberos_keytab.c.patch as a Git-formatted
patch.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 90b26f8764)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Use the correct SPDX identifier for the 3 clause BSD license, like we do
elsewhere.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit f2d748e13b)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add patches for the following security issues:
CVE-2017-14501 - An out-of-bounds read flaw exists in parse_file_info in
archive_read_support_format_iso9660.c when extracting a specially
crafted iso9660 iso file.
CVE-2017-14502 - Off-by-one error for UTF-16 names in RAR archives,
leading to an out-of-bounds read in archive_read_format_rar_read_header.
CVE-2017-14503 - Out-of-bounds read within lha_read_data_none() in
archive_read_support_format_lha.c when extracting a specially crafted
lha archive.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 760fbe789c)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
linuxptp missing.h header implements a replacement clock_nanosleep()
function, which was used when the thread implementation was not NPTL,
because uClibc failed to provide clock_nanosleep() in such
configurations.
However, uClibc-ng has fixed this problem upstream, and has backported
this change in Buildroot in patch
package/uclibc/0002-librt-declare-clock_nanosleep-independent-of-thread-.patch
(the code is upstream and will be part of uClibc-ng 1.0.31). Due to
this, there is now a conflicting definition of clock_nanosleep()
between the C library and the linuxptp missing.h code, which manifests
itself by the following build failure:
missing.h:117:19: error: static declaration of 'clock_nanosleep' follows non-static declaration
static inline int clock_nanosleep(clockid_t clock_id, int flags,
^~~~~~~~~~~~~~~
In file included from clockadj.h:24:0,
from clockadj.c:24:
This commit fixes that by adding a patch that removes the replacement
clock_nanosleep() implementation from the linuxptp code base.
Fixes:
http://autobuild.buildroot.net/results/bf400095a853f5beb28c77a50fcffefe52c3d769/
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit ae2cae70b8)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Prevent creating a dangling symlink when vim is not present on the host
machine. With BR2_ROOTFS_MERGED_USR, just link to "vim", since they are
on the same directory, otherwise link to "../usr/bin/vim".
Signed-off-by: Carlos Santos <casantos@datacom.com.br>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 52385d789a)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The BR2_PACKAGE_PULSEAUDIO_HAS_ATOMIC dependency of
BR2_PACKAGE_PULSEAUDIO was not properly propagated to reverse
dependencies, causing the following kconfig warning:
warning: (BR2_PACKAGE_ESPEAK_AUDIO_BACKEND_PULSEAUDIO && BR2_PACKAGE_GST_PLUGINS_GOOD_PLUGIN_PULSE && BR2_PACKAGE_GST1_PLUGINS_GOOD_PLUGIN_PULSE && BR2_PACKAGE_KODI_PULSEAUDIO && BR2_PACKAGE_MPD_PULSEAUDIO && BR2_PACKAGE_EFL_PULSEAUDIO) selects BR2_PACKAGE_PULSEAUDIO which has unmet direct dependencies (BR2_PACKAGE_PULSEAUDIO_HAS_ATOMIC && BR2_USE_WCHAR && BR2_TOOLCHAIN_HAS_THREADS && !BR2_STATIC_LIBS && BR2_USE_MMU)
This commit fixes that by propagating the dependency as it should have
been done.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 68161802eb)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
When building on a ppc64le host we see this error:
build/genmatch --gimple ../../gcc/match.pd \
> tmp-gimple-match.c
../../gcc/match.pd:120:1 error: expected (, got NAME
negative value by 0 gives -0, not +0. */
This was reported upstream[1] and fixed on the GCC 6 [2] and GCC 7 [3]
branches:
Backport from mainline
2018-01-10 Kelvin Nilsen <kelvin@gcc.gnu.org>
* lex.c (search_line_fast): Remove illegal coercion of an
unaligned pointer value to vector pointer type and replace with
use of __builtin_vec_vsx_ld () built-in function, which operates
on unaligned pointer values.
The patches included in Buildroot contain just the code changes, and not
the changelog, to make it easer to manage backporting.
Tested on Ubuntu Cosmic ppc64le.
[1] https://gcc.gnu.org/bugzilla/show_bug.cgi?id=86162
[2] https://gcc.gnu.org/viewcvs/gcc?view=revision&revision=261621
[3] https://gcc.gnu.org/viewcvs/gcc?view=revision&revision=262243
Signed-off-by: Joel Stanley <joel@jms.id.au>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 88a161b388)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
GCC 4.4 and before do not support a message associated to the
"deprecated" gcc attribute. Since such messages are not that useful in
the context of Buildroot, this commit adds a patch that removes them
in the attr source code.
Signed-off-by: Hollis Blanchard <hollis_blanchard@mentor.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit f910320143)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The current version of attr uses a canned custom buildsystem, that
is borked in quite a few ways (no support for static, overwrites
destination files without unlinking...)
There has been a release recently-ish, with a complete overhaul of
the buildsystem. We can now drop all our patches.
The option to disable NLS has changed, so update accordingly.
Fixes: #10986
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Yegor Yefremov <yegorslists@googlemail.com>
[Arnout: use the original SITE instead of a specific mirror]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
(cherry picked from commit b02616cff4)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The acl source code uses pragmas inside functions, which is not
supported by gcc 4.4, still in use in older distributions. This commit
adds a patch that drops such pragma. Indeed, this acl is not built
with -Werror, the warning removals are not that important.
Signed-off-by: Hollis Blanchard <hollis_blanchard@mentor.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit a957cdfbb6)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Of most interest is the build system overhaul, and the drop of the
dependency on attr-provided <attr/xattr.h> in favour of the
system-provided <sys/xattr.h>.
That last bit meaning that we will be able to bump attr.
We can drop our patches: static is now natively supported thanks to
the use of libtool, and the internal symbols patch was a backport,
and finally, our install patch is superseded by the use of autotools.
The option to disable NLS has changed, so update accordingly.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
(cherry picked from commit a37657f44e)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
We don't carry a git-formatted patch, because upstream is in fact a
collection of git trees, while the release tarball is an aggregate
of those repositories. Thus, the layout is different between the
tarball and the SCM...
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Steve Kenton <skenton@ou.edu>
[Thomas:
- add host-pkgconf as a dependency of host-xorriso, since it's needed
for autoreconf to work
- drop HOST_XORRISO_AUTORECONF = YES, since it's implied by
XORRISO_AUTORECONF = YES.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 798d1ec309)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
In a static-only configuration, mariadb fails to build because it
tries to build a shared library:
[ 18%] Linking CXX shared module ha_spider.so
output/host/opt/ext-toolchain/bin/../lib/gcc/arm-buildroot-linux-uclibcgnueabi/6.4.0/../../../../arm-buildroot-linux-uclibcgnueabi/bin/ld: output/host/opt/ext-toolchain/bin/../lib/gcc/arm-buildroot-linux-uclibcgnueabi/6.4.0/../../../../arm-buildroot-linux-uclibcgnueabi/lib/libstdc++.a(eh_globals.o)(.text.__cxa_get_globals_fast+0x14): R_ARM_TLS_LE32 relocation not permitted in shared object
This is not detected by the autobuilders, because mariadb is part of a
Config.in choice, and such choices are not randomized by our current
testing infrastructure.
Signed-off-by: Ryan Coe <bluemrp9@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 58cb24d883)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
There are two comments inside the post install define block that show up in
the build. Fix this by moving the comments outside the block.
Signed-off-by: Ryan Coe <bluemrp9@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit d0a0d49c20)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
GHOSTSCRIPT_FONTS_TARGET_DIR is set to $(TARGET_DIR)/usr/share/fonts/gs
in ghostscript-fonts.mk. If we pass this full path to ghostscript, it
will look for fonts in $(TARGET_DIR), which doesn't exist on the
target.
Instead of /usr/share/fonts/gs, use /usr/share/fonts so ghostscript can
also access other fonts than the ones installed by ghostscript-fonts.
Signed-off-by: Thomas Ehrhardt <tehrhardt@innovaphone.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
(cherry picked from commit a76eab228f)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The help text says that BR2_DEFCONFIG will be used as input, but a
BR2_DEFCONFIG specified in the existing .config file will *not* be
used. So say explicitly that it must be specified on the command line.
Note that both "BR2_DEFCONFIG=... make defconfig" and
"make defconfig BR2_DEFCONFIG=..." will work.
While we're at it, add a semicolon to separate the two statements.
Note that this overflows the help text beyond 80 characters, but that
is already the case in many other lines.
Reported-by: Anisse Astier <anisse@astier.eu>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 27aa7ae618)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Install the LTTng control library headers and shared objects
to staging.
The C interface to LTTng described here:
https://lttng.org/docs/v2.10/#doc-liblttng-ctl-lttng
requires including <lttng/lttng.h> and linking against liblttng-ctl,
but those parts are not available unless this package does a staging
install.
Signed-off-by: John Faith <jfaith@impinj.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 3466298b0f)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Added license hash, switched _UPSTREAM to an upstream directory which
also contains older release tarballs.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 621363f5ac)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
arm64 systems support SMBIOS, so update the dmidecode config
to allow building dmidecode for arm64.
Signed-off-by: Geoff Levand <geoff@infradead.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 6e00a671bc)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Currently makedevs silently ignores extended attributes with leading
whitespace, for example those added to a <PACKAGE>_PERMISSIONS following
the recommended style from check-package.
Makedevs already ignores leading whitespace for normal entries (file
permission changes and device files creation). Do the same for extended
attributes.
Fixes: #11191.
Reported-by: Jean-pierre Cartal <jpcartal@free.fr>
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 2d8d5ced10)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes:
*) SECURITY: CVE-2018-8011 (cve.mitre.org)
mod_md: DoS via Coredumps on specially crafted requests
*) SECURITY: CVE-2018-1333 (cve.mitre.org)
mod_http2: DoS for HTTP/2 connections by specially crafted requests
Changelog: http://www.apache.org/dist/httpd/CHANGES_2.4.34
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 8ef1aaa084)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-09 22:58:37 +02:00
328 changed files with 5174 additions and 3495 deletions
Some files were not shown because too many files have changed in this diff
Show More
Reference in New Issue
Block a user
Blocking a user prevents them from interacting with repositories, such as opening or commenting on pull requests or issues. Learn more about blocking a user.