Compare commits

...

111 Commits

Author SHA1 Message Date
Peter Korsgaard 71ddf1a084 Update for 2022.11.2
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-03-01 17:01:34 +01:00
Fabrice Fontaine 4621c59741 package/zabbix: fix BR2_SHARED_STATIC_LIBS
zabbix uses custom --enable-{static,shared} options, instead of standard
libtool directives resulting in the following build failure with openssl
or libcurl:

configure:13132: /home/autobuild/autobuild/instance-6/output-1/host/bin/or1k-buildroot-linux-gnu-gcc -o conftest -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64  -Ofast -g0  -I/home/autobuild/autobuild/instance-6/output-1/host/or1k-buildroot-linux-gnu/sysroot/usr/include -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -rdynamic  -static -L/home/autobuild/autobuild/instance-6/output-1/host/or1k-buildroot-linux-gnu/sysroot/usr/lib conftest.c -lssl -lcrypto -lm   >&5
/home/autobuild/autobuild/instance-6/output-1/host/lib/gcc/or1k-buildroot-linux-gnu/10.3.0/../../../../or1k-buildroot-linux-gnu/bin/ld: /home/autobuild/autobuild/instance-6/output-1/host/or1k-buildroot-linux-gnu/sysroot/usr/lib/libcrypto.a(dso_dlfcn.o): in function `dlfcn_globallookup':
dso_dlfcn.c:(.text+0x2c): warning: Using 'dlopen' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
/home/autobuild/autobuild/instance-6/output-1/host/lib/gcc/or1k-buildroot-linux-gnu/10.3.0/../../../../or1k-buildroot-linux-gnu/bin/ld: /home/autobuild/autobuild/instance-6/output-1/host/or1k-buildroot-linux-gnu/sysroot/usr/lib/libcrypto.a(b_addr.o): in function `BIO_lookup_ex':
b_addr.c:(.text+0x1128): warning: Using 'getaddrinfo' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
/home/autobuild/autobuild/instance-6/output-1/host/lib/gcc/or1k-buildroot-linux-gnu/10.3.0/../../../../or1k-buildroot-linux-gnu/bin/ld: /home/autobuild/autobuild/instance-6/output-1/host/or1k-buildroot-linux-gnu/sysroot/usr/lib/libcrypto.a(b_sock.o): in function `BIO_gethostbyname':
b_sock.c:(.text+0x90): warning: Using 'gethostbyname' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
/home/autobuild/autobuild/instance-6/output-1/host/lib/gcc/or1k-buildroot-linux-gnu/10.3.0/../../../../or1k-buildroot-linux-gnu/bin/ld: /tmp/cceWHjDi.o: in function `main':
conftest.c:(.text.startup+0x8): undefined reference to `SSL_connect'

[...]

configure: error: OpenSSL library libssl or libcrypto not found
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 895686180f)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-02-28 22:31:28 +01:00
Yann E. MORIN 2f8b83f5e4 support/download: catch post-process errors
Fixes:
http://autobuild.buildroot.net/results/12a/12a63ae177fe3ed0c9a1ef2fa01870f334f36b0f/

Currently, when the post-process helper fails while downloading from
upstream, there is no fallback to the backup mirror.

In case the post-process helper fails, we must consider that to be a
download failure, so we must bail out as if the download backend itself
did fail, but we fail to do so.

Duplicate the logic we have for the download helper: if the post-process
helper fails, remove the downloaded stuff, and continue on to the next
URI, which will ultimately hit the backup mirror (if one has been
configured).

Reported-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit a39116b5db)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-02-28 22:12:21 +01:00
Peter Korsgaard 57a66d1f60 support/dependencies/dependencies.sh: require diagnostics perl package for mosh
Fixes:
http://autobuild.buildroot.net/results/820/820e98b1c126469b1f180f078d102ded43b9c40e/

scripts/Makefile.am of mosh-1.4.0 needs the perl diagnostics module on the host:

make[3]: Entering directory '/home/buildroot/autobuild/instance-2/output-1/build/mosh-1.4.0/scripts'
perl -Mdiagnostics -c ./mosh.pl
Can't locate diagnostics.pm in @INC (you may need to install the diagnostics module) (@INC contains: /home/buildroot/autobuild/instance-2/output-1/host/lib/perl /usr/local/lib64/perl5/5.36 /usr/local/share/perl5/5.36 /usr/lib64/perl5/vendor_perl /usr/share/perl5/vendor_perl /usr/lib64/perl5 /usr/share/perl5).
BEGIN failed--compilation aborted.

So add a check for it in dependencies.sh similar to the other perl modules.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 5be2d9bb62)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-02-28 21:57:18 +01:00
Bernd Kuhls 3a2b638bc5 package/x11r7/xserver_xorg-server: security bump version to 21.1.7
Release notes:
https://lists.x.org/archives/xorg-announce/2023-February/003321.html

Fixes CVE-2023-0494:
https://lists.x.org/archives/xorg-announce/2023-February/003320.html

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit d8f0c02574)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-02-28 21:55:39 +01:00
Thomas Petazzoni d326dc09d6 package/nodejs: add patch to adjust default NodeJS search path
By default, NodeJS searches global modules in /usr/lib/node, but NPM
installs them in /usr/lib/node_modules/. Therefore by default, if one
installs modules with BR2_PACKAGE_NODEJS_MODULES_ADDITIONAL, they are
not accessible by NodeJS, unless by passing a
NODE_PATH=/usr/lib/node_modules/ variable. Since this is not obvious,
and it's nicer when things work out of the box, we simply patch NodeJS
to look for modules at the right place.

See
https://stackoverflow.com/questions/15636367/nodejs-require-a-global-module-package
for some discussions on this topic.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Reviewed-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 0de216f95f)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-02-28 21:45:45 +01:00
Adrian Perez de Castro 4313220d76 package/wpewebkit: security bump to version 2.38.4
Bugfix release, with many security fixes, including (but not limited to)
patches for CVE-2023-23517, CVE-2023-23518, and CVE-2022-42826.

Release notes:

  https://wpewebkit.org/release/wpewebkit-2.38.4.html

Accompanying security advisory:

  https://wpewebkit.org/security/WSA-2023-0001.html

Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 02ace135ee)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-02-28 21:39:06 +01:00
Adrian Perez de Castro c486d4fa4a package/webkitgtk: security bump to version 2.38.4
Bugfix release, with many security fixes, including (but not limited to)
patches for CVE-2023-23517, CVE-2023-23518, and CVE-2022-42826.

Release notes:

  https://webkitgtk.org/2023/02/02/webkitgtk2.38.4-released.html

Accompanying security advisory:

  https://webkitgtk.org/security/WSA-2023-0001.html

Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit ca203080d1)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-02-28 21:38:45 +01:00
Joachim Wiberg 25b3c5ecb6 package/ssdp-responder; drop systemd unit installation, not needed
When systemd is enabled the ssdp-responder build system already installs
the unit file, with the correct name, so we can safely drop this.

This fixes the recurring autobuilder problems that cropped up the last
week+ or so after fixing the spelling error in 6e0ba6b.

 - http://autobuild.buildroot.net/results/f6912d6f79155c5d12811beeb6cb43860e37e7e7
 - http://autobuild.buildroot.net/results/7ee4ed26de7e45b52a9f6f36b839e578d2319247
 - http://autobuild.buildroot.net/results/33d9c10ea58a7cd3b3e2ed75d586007a92ccdaf0
 - http://autobuild.buildroot.net/results/f1238081fc94e3004aebb8e849fdd567a92a2d39
 - http://autobuild.buildroot.net/results/f7f2cf790f51e6224dca258c52bd31d21d621074

Signed-off-by: Joachim Wiberg <troglobit@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit d6e3d36a85)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-02-28 21:31:08 +01:00
Giulio Benetti 00bc11c84f board/asus/tinker: rename label linux-next to linux in extlinux.conf
We're not using next branch so let's rename label linux-next to linux.

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit d4b46bc3c6)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-02-28 21:22:15 +01:00
Giulio Benetti a31551e52a configs/asus_tinker_rk3288: fix boot by prepending tpl to spl+u-boot
During the last U-boot version bump it's not been noted that the TPL
was not prepended to SPL anymore preventing the board to boot, so
let's copy TPL to the image folder, prepend it to u-boot-spl-dtb.bin
and place it at offset 32KB, where RK3288 bootrom expects to find
it. Let's also place u-boot-dtb separated from SPL at offset 8M, where
the SPL expects it to find it.

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit e738d5b725)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-02-28 21:15:03 +01:00
Peter Korsgaard d80c54ba7b package/wpewebkit: Build with ninja
Wpewebkit needs cmake >= 3.20 when building with the make backend since
wpewebkit 3.8.0.

Cmake 3.20 is above our minimal version in
support/dependencies/check-host-cmake.mk, so this breaks builds on hosts
with cmake >= 3.18 < 3.20 - So use the ninja backend instead.

https://github.com/WebKit/WebKit/commit/6cd89696b5d406c1a3d9a7a9bbb18fda9284fa1f

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 78d499409f)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-02-28 17:23:58 +01:00
Peter Korsgaard f27eea9264 package/webkitgtk: Build with ninja
Webkitgtk needs cmake >= 3.20 when building with the make backend since
webkitgtk 3.8.0.

Cmake 3.20 is above our minimal version in
support/dependencies/check-host-cmake.mk, so this breaks builds on hosts
with cmake >= 3.18 < 3.20 - So use the ninja backend instead.

https://github.com/WebKit/WebKit/commit/6cd89696b5d406c1a3d9a7a9bbb18fda9284fa1f

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 16e5c92ff5)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-02-28 17:23:41 +01:00
Giulio Benetti e157c87919 package/rtl8723ds: change CFLAGS approach
Instead of undefining endiannes CFLAGS let's change the approach.

Let's disable the CONFIG_PLATFORM_I386_PC that is set to y by default
involving the endianness to be set to little. This way we can set the
CFLAGS according to architecture with some default define like:

 -DCONFIG_IOCTL_CFG80211
 -DRTW_USE_CFG80211_STA_EVENT
 -Wno-error

Suggested-by: Arnout Vandecappelle <arnout@mind.be>
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 672544148b)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-02-28 17:18:23 +01:00
Frank Vanbever 3ad9e05990 DEVELOPERS: update e-mail for Frank Vanbever
Signed-off-by: Frank Vanbever <frank.vanbever@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 416213be39)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-02-28 17:16:17 +01:00
Peter Seiderer 0d50aa1b2c package/libopenssl: security bump to version 1.1.1t
Changelog (for details see [1] and [2]):

 Changes between 1.1.1s and 1.1.1t [7 Feb 2023]

  *) Fixed X.400 address type confusion in X.509 GeneralName.

     There is a type confusion vulnerability relating to X.400 address processing
     inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1_STRING
     but subsequently interpreted by GENERAL_NAME_cmp as an ASN1_TYPE. This
     vulnerability may allow an attacker who can provide a certificate chain and
     CRL (neither of which need have a valid signature) to pass arbitrary
     pointers to a memcmp call, creating a possible read primitive, subject to
     some constraints. Refer to the advisory for more information. Thanks to
     David Benjamin for discovering this issue. (CVE-2023-0286)

     This issue has been fixed by changing the public header file definition of
     GENERAL_NAME so that x400Address reflects the implementation. It was not
     possible for any existing application to successfully use the existing
     definition; however, if any application references the x400Address field
     (e.g. in dead code), note that the type of this field has changed. There is
     no ABI change.
     [Hugo Landau]

  *) Fixed Use-after-free following BIO_new_NDEF.

     The public API function BIO_new_NDEF is a helper function used for
     streaming ASN.1 data via a BIO. It is primarily used internally to OpenSSL
     to support the SMIME, CMS and PKCS7 streaming capabilities, but may also
     be called directly by end user applications.

     The function receives a BIO from the caller, prepends a new BIO_f_asn1
     filter BIO onto the front of it to form a BIO chain, and then returns
     the new head of the BIO chain to the caller. Under certain conditions,
     for example if a CMS recipient public key is invalid, the new filter BIO
     is freed and the function returns a NULL result indicating a failure.
     However, in this case, the BIO chain is not properly cleaned up and the
     BIO passed by the caller still retains internal pointers to the previously
     freed filter BIO. If the caller then goes on to call BIO_pop() on the BIO
     then a use-after-free will occur. This will most likely result in a crash.
     (CVE-2023-0215)
     [Viktor Dukhovni, Matt Caswell]

  *) Fixed Double free after calling PEM_read_bio_ex.

     The function PEM_read_bio_ex() reads a PEM file from a BIO and parses and
     decodes the "name" (e.g. "CERTIFICATE"), any header data and the payload
     data. If the function succeeds then the "name_out", "header" and "data"
     arguments are populated with pointers to buffers containing the relevant
     decoded data. The caller is responsible for freeing those buffers. It is
     possible to construct a PEM file that results in 0 bytes of payload data.
     In this case PEM_read_bio_ex() will return a failure code but will populate
     the header argument with a pointer to a buffer that has already been freed.
     If the caller also frees this buffer then a double free will occur. This
     will most likely lead to a crash.

     The functions PEM_read_bio() and PEM_read() are simple wrappers around
     PEM_read_bio_ex() and therefore these functions are also directly affected.

     These functions are also called indirectly by a number of other OpenSSL
     functions including PEM_X509_INFO_read_bio_ex() and
     SSL_CTX_use_serverinfo_file() which are also vulnerable. Some OpenSSL
     internal uses of these functions are not vulnerable because the caller does
     not free the header argument if PEM_read_bio_ex() returns a failure code.
     (CVE-2022-4450)
     [Kurt Roeckx, Matt Caswell]

  *) Fixed Timing Oracle in RSA Decryption.

     A timing based side channel exists in the OpenSSL RSA Decryption
     implementation which could be sufficient to recover a plaintext across
     a network in a Bleichenbacher style attack. To achieve a successful
     decryption an attacker would have to be able to send a very large number
     of trial messages for decryption. The vulnerability affects all RSA padding
     modes: PKCS#1 v1.5, RSA-OEAP and RSASVE.
     (CVE-2022-4304)
     [Dmitry Belyavsky, Hubert Kario]

 Changes between 1.1.1r and 1.1.1s [1 Nov 2022]

  *) Fixed a regression introduced in 1.1.1r version not refreshing the
     certificate data to be signed before signing the certificate.
     [Gibeom Gwon]

 Changes between 1.1.1q and 1.1.1r [11 Oct 2022]

  *) Fixed the linux-mips64 Configure target which was missing the
     SIXTY_FOUR_BIT bn_ops flag. This was causing heap corruption on that
     platform.
     [Adam Joseph]

  *) Fixed a strict aliasing problem in bn_nist. Clang-14 optimisation was
     causing incorrect results in some cases as a result.
     [Paul Dale]

  *) Fixed SSL_pending() and SSL_has_pending() with DTLS which were failing to
     report correct results in some cases
     [Matt Caswell]

  *) Fixed a regression introduced in 1.1.1o for re-signing certificates with
     different key sizes
     [Todd Short]

  *) Added the loongarch64 target
     [Shi Pujin]

  *) Fixed a DRBG seed propagation thread safety issue
     [Bernd Edlinger]

  *) Fixed a memory leak in tls13_generate_secret
     [Bernd Edlinger]

  *) Fixed reported performance degradation on aarch64. Restored the
     implementation prior to commit 2621751 ("aes/asm/aesv8-armx.pl: avoid
     32-bit lane assignment in CTR mode") for 64bit targets only, since it is
     reportedly 2-17% slower and the silicon errata only affects 32bit targets.
     The new algorithm is still used for 32 bit targets.
     [Bernd Edlinger]

  *) Added a missing header for memcmp that caused compilation failure on some
     platforms
     [Gregor Jasny]

[1] https://www.openssl.org/news/cl111.txt
[2] https://www.openssl.org/news/vulnerabilities.html

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 040896bd43)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-02-28 17:15:19 +01:00
Fabrice Fontaine 80a82c2896 boot/afboot-stm32: disable stack-protector
Disable stack-protector to avoid the following build failure:

/home/autobuild/autobuild/instance-14/output-1/host/bin/arm-buildroot-linux-gnueabi-ld -T stm32f429.lds --gc-sections -o stm32f469i-disco.elf stm32f469i-disco.o gpio.o mpu.o qspi.o start_kernel.o usart-f4.o
/home/autobuild/autobuild/instance-14/output-1/host/bin/arm-buildroot-linux-gnueabi-ld: stm32f469i-disco.o: in function `main':
stm32f469i-disco.c:(.text.startup.main+0x3b0): undefined reference to `__stack_chk_guard'
/home/autobuild/autobuild/instance-14/output-1/host/bin/arm-buildroot-linux-gnueabi-ld: stm32f469i-disco.c:(.text.startup.main+0x4c0): undefined reference to `__stack_chk_fail'
/home/autobuild/autobuild/instance-14/output-1/host/bin/arm-buildroot-linux-gnueabi-ld: stm32f469i-disco.c:(.text.startup.main+0x4ec): undefined reference to `__stack_chk_guard'

Fixes:
 - http://autobuild.buildroot.org/results/fa6ffab24c3998f21034ab24e8d2852cacde08c1

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit c33a133704)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-02-28 17:13:52 +01:00
Arnout Vandecappelle 76f2ec3f3d utils/brmake: fix shellcheck errors
In utils/brmake line 6:
    local found ret start d h m mf
          ^---^ SC2034: found appears unused. Verify use (or export if used externally).

In utils/brmake line 16:
    > >( while read line; do
               ^--^ SC2162: read without -r will mangle backslashes.

For both, the suggestions from shellcheck can be applied.

Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
(cherry picked from commit dc364c6ae6)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-02-28 17:12:19 +01:00
Francois Perrad 13702acd00 package/libressl: security bump to version 3.6.2
security fix:
    A malicious certificate revocation list or timestamp response token
    would allow an attacker to read arbitrary memory.

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 02f80f5c22)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-02-28 17:00:13 +01:00
Peter Korsgaard 004660e84f support/dependencies/dependencies.sh: ensure git is >= 2.0.0 for vendoring
The go vendoring fails on CentOS 7 (which uses git 1.8.3.1) with errors
related to shallow clones:

make docker-compose-source
..
go: downloading github.com/matttproud/golang_protobuf_extensions v1.0.4
github.com/docker/compose/v2/pkg/mocks imports
        github.com/theupdateframework/notary/client imports
        github.com/docker/go/canonical/json: github.com/docker/go@v1.5.1-1.0.20160303222718-d30aec9fd63c: invalid pseudo-version: git fetch --unshallow -f origin in /home/jacmet/source/buildroot-mirror/output/host/share/go-path/pkg/mod/cache/vcs/48fbd2dfabec81f4c93170677bfc89087d4bec07a2d08f6ca5ce3d17962677ee: exit status 128:
        fatal: git fetch-pack: expected shallow list
make[1]: *** [/home/jacmet/source/buildroot-mirror/output/build/docker-compose-2.15.1/.stamp_downloaded] Error 1

It works with git 2.0.0 (released May 2014, included in Debian 8), so check
for >= 2.0.0 with logic similar to the GNU patch version check.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit f229564c36)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-02-28 16:52:23 +01:00
Peter Korsgaard d62b7f7f91 package/pkg-generic.mk: require git on the host for packages using cargo/go vendoring
The vendoring done for cargo / go packages (may) need git, so ensure we
check for it in dependencies, similar to how it is done for packages
directly using git.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 8c8ee42bbe)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-02-28 16:51:31 +01:00
Vincent Fazio 3f3e133330 package/xz: patch configure due to microblaze patch
Commit bed21bb9b added a patch to change configure.ac but failed to
update configure which caused build failures due to the timestamp
difference between configure and configure.ac and the makefile attempting
to run aclocal.

XZ_AUTORECONF = YES creates a circular dependency where the host autotools
need host-xz which also gets patched.  Because of this, we need to patch
xz's configure script manually and NOT patch configure.ac so its timestamp
stays older than Makefile.in.

While we're doing this, correct the language in the commit body of the
patch, remove a stray whitespace, and fix the offset for configure.ac

Fixes: bed21bb9b ("package/xz: fix microblaze compiles")
Fixes: http://autobuild.buildroot.net/results/958/9586f21e447ef9923606b1385ff333138406b685/

Signed-off-by: Vincent Fazio <vfazio@xes-inc.com>
[Peter: Only patch configure]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit e5a83df8da)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-02-28 16:47:00 +01:00
Vincent Fazio 0407c5ed01 package/xz: fix microblaze compiles
Patch xz to check if __attribute__((symver ..)) is supported via a
compile check during configure.

Fixes:
  http://autobuild.buildroot.org/results/c0d/c0de72e5a34b379e0c516ad08984bb2c4b0abb5c//

Signed-off-by: Vincent Fazio <vfazio@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit bed21bb9b4)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-02-28 16:46:55 +01:00
Francois Perrad 10ae94b6bb package/xz: bump to version 5.2.10
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit be3a6bf2e7)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-02-28 16:46:51 +01:00
Thomas Petazzoni 348b2e25df package/wolfssl: disable assembly when not supported
wolfssl contains some assembly code and its configure.ac script
enables the assembly code depending on the CPU architecture. However,
the detection logic is not sufficient and leads to using the assembly
code in situation where it should not.

Here are two examples:

 - As soon as the architecture is mips64/mips64el, it uses assembly
   code, but that assembly code is not mips64r6 compatible.

 - As soon as the architecture is RISC-V, it uses assembly code, but
   that assembly code uses multiplication instructions, without paying
   attention that the "M" extension may not be available in the RISC-V
   CPU instruction set.

In order to avoid this, we introduce a
BR2_PACKAGE_WOLFSSL_ASM_SUPPORTS hidden boolean to decide when to
enable/disable assembly code. We set an initial value with the
supported CPU architectures, with the exclusion of the problematic
cases described above.

It is pretty likely that this variable will need tuning progressively,
as it is difficult to determine which CPU variants exactly are
supported by the assembly code in wolfssl.

Fixes:

 - MIPS64 case: http://autobuild.buildroot.net/results/43e/43ee1a457cbeb986d958c9a70cac0676377661c0/
 - RISC-V case: http://autobuild.buildroot.net/results/f05/f056ebe7749a69994afba39a9d4967e2774c45ea/

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit d8dc5315eb)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-02-28 16:33:36 +01:00
Thomas Petazzoni 34c193e697 package/wolfssl: handle ARM Thumb situation
By default on ARM32, wolfssl uses assembly instructions that are not
supported on Thumb (original Thumb, not Thumb 2), causing a build
failure:

/tmp/ccgn33X7.s:299: Error: selected processor does not support `umlal r4,r5,r10,ip' in Thumb mode
/tmp/ccgn33X7.s:386: Error: instruction not supported in Thumb16 mode -- `adds r4,r4,r6'
/tmp/ccgn33X7.s:387: Error: unshifted register required -- `adc r3,r3,#0'
/tmp/ccgn33X7.s:395: Error: instruction not supported in Thumb16 mode -- `adds r4,r4,r6'

Fix that by passing --with-arm-target=thumb, which tells wolfssl to
use a different set of assembly routines.

Fixes:

  http://autobuild.buildroot.net/results/907/907a5967439c3157c426023b0be1e613092d7bfe/

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit f79a9c775f)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-02-28 16:32:29 +01:00
Ben Hutchings aca885d9ef package/wolfssl: disable broken asm implementations on 32-bit Arm
wolfSSL has ARMv8-A assembly implementations of some functions for
both A64 and A32 ISAs.  However, some of the A32 versions use r11,
which is usually not allowed:

wolfcrypt/src/port/arm/armv8-aes.c: In function 'wc_AesCbcEncrypt':
wolfcrypt/src/port/arm/armv8-aes.c:3303:5: error: fp cannot be used in 'asm' here
 3303 |     }
      |     ^

That can be fixed by adding the compiler flag -fomit-frame-pointer,
but then there is another failure:

/tmp/ccV19DQV.s: Assembler messages:
/tmp/ccV19DQV.s:248: Error: first transfer register must be even -- `ldrd r11,r10,[r14,#4*14]'
make[3]: *** [Makefile:5858: wolfcrypt/src/port/arm/src_libwolfssl_la-armv8-chacha.lo] Error 1

This is definitely not a valid instruction in A32, which suggests that
this code isn't being tested at all upstream.  So disable it here.

Fixes:

  http://autobuild.buildroot.net/results/502/502a2b217845eb290c1961d4740b032462f8ae53/

Signed-off-by: Ben Hutchings <ben.hutchings@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 36b8c9494b)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-02-28 16:32:05 +01:00
Peter Korsgaard 1174407c5f support/dependencies/dependencies.sh: silence gcc plugin test
The gcc plugin test was not using the -q option to grep causing it to print
the line to stdout, so fix that.

While we're at it, adjust the locale check to use grep -q instead of
redirecting to /dev/null for consistency with the other checks.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 4fbd2f6d2c)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-02-28 16:28:31 +01:00
Sébastien Szymanski 626cd6827c utils/test-pkg: proper output on host without jq installed
On host without jq installed, test-pkg's output is as following:

$ ./utils/test-pkg -p mmc-utils
                    bootlin-armv5-uclibc [1/6]: which: no jq in (/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/bin:/usr/lib/llvm/14/bin:/usr/lib/llvm/13/bin:/usr/lib64/opencascade/bin)
JQ IS
OK
                     bootlin-armv7-glibc [2/6]: which: no jq in (/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/bin:/usr/lib/llvm/14/bin:/usr/lib/llvm/13/bin:/usr/lib64/opencascade/bin)
JQ IS
OK
                   bootlin-armv7m-uclibc [3/6]: which: no jq in (/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/bin:/usr/lib/llvm/14/bin:/usr/lib/llvm/13/bin:/usr/lib64/opencascade/bin)
...

Since test-pkg handles this case we can hide this error message and have
proper output:

$ ./utils/test-pkg -p mmc-utils
                    bootlin-armv5-uclibc [1/6]: OK
                     bootlin-armv7-glibc [2/6]: OK
                   bootlin-armv7m-uclibc [3/6]: OK

Signed-off-by: Sébastien Szymanski <sebastien.szymanski@armadeus.com>
Reviewed-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 09ac5a9e18)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-02-24 08:35:16 +01:00
Peter Korsgaard bc12f089b6 package/pkg-generic.mk: only check for virtual package conflicts when building
The configuration checks should only be done when building so that
make allyespackageconfig && make source works.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 7231701a29)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-02-23 20:08:44 +01:00
Peter Korsgaard 81b082a4fe package/mesa3d-headers: only check for conflicts when building
The configuration checks should only be done when building so that
make allyespackageconfig && make source works.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 509956da4c)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-02-23 20:08:38 +01:00
Thomas Petazzoni f3ed1e376b package/dahdi-linux: update URL in Config.in help text
http://www.asterisk.org/downloads/dahdi no longer works, use the
Github page instead.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit e06975b380)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-02-23 20:07:56 +01:00
Peter Korsgaard df702ada10 support/dependencies/dependencies.sh: correct check for open perl module
Commit 4cdd99190e (support/dependencies/dependencies.sh: require open perl
package for libxcrypt) added a check for the "open" perl module for
libxcrypt, but it does not work as "open" cannot be directly used with
"require" as an argument is needed:

perl -e "require open"
Not enough arguments for open at -e line 1, at EOF
Execution of -e aborted due to compilation errors.

So special case the check to instead check with "use open ':std'".

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit b63e155e5f)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-02-23 20:03:02 +01:00
Julien Olivain 3dad2c0c14 package/python-idna: set _SETUP_TYPE = flit
Python idna package switched to pyproject.toml in commit:
https://github.com/kjd/idna/commit/2a00e518efe55d2eeb62cd3f88ace7db41338603
which is included in idna v3.4.

When using the old setuptools infra, the package is incorrectly
installed as v0.0, which is then incorrectly detected by other
packages when using setuptools pkg_resources.

The issue can be reproduced with the command:

    python3 <<EOF
    __requires__ = ["idna >= 2.5"]
    import pkg_resources
    EOF

which will fail with output:

    pkg_resources.ContextualVersionConflict: (idna 0.0.0 (/usr/lib/python3.11/site-packages), Requirement.parse('idna>=2.5'), {'hyperlink'})
    pkg_resources.DistributionNotFound: The 'idna>=2.5' distribution was not found and is required by hyperlink

This commit changes _SETUP_TYPE to "flit" to fix this issue.

Signed-off-by: Julien Olivain <ju.o@free.fr>
Reviewed-by: Marcus Hoffmann <marcus.hoffmann@othermo.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 8a9da9a8ca)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-02-23 20:01:20 +01:00
Giulio Benetti fc5a107fd3 package/rtl8192eu: disable package for s390x architecture
s390x doesn't support CONFIG_WIRELESS in Linux so let's disable this
package for this architecture.

Fixes:
http://autobuild.buildroot.net/results/9987dfc041c7cc3327b73b8d97e8d482b20555e2/

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 26893ab1c6)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-02-22 21:09:45 +01:00
Peter Korsgaard a007e20b33 support/dependencies/dependencies.sh: require open perl package for libxcrypt
Fixes:
http://autobuild.buildroot.net/results/16c/16cba783be11cc5024f9c56bb0a7abb0acf13ef8/

The configure script of libxcrypt needs the open perl module on the host:

Can't locate open.pm in @INC (you may need to install the open module) (@INC
contains: /home/buildroot/autobuild/instance-2/output-1/host/lib/perl
/usr/local/lib64/perl5/5.36 /usr/local/share/perl5/5.36
/usr/lib64/perl5/vendor_perl /usr/share/perl5/vendor_perl /usr/lib64/perl5
/usr/share/perl5) at ./build-aux/scripts/expand-selected-hashes line 20.

So add a check for it in dependencies.sh similar to how it is done for mpv.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 4cdd99190e)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-02-22 21:02:05 +01:00
Peter Korsgaard 4a17c925e0 support/dependencies/dependencies.sh: require English perl package for host-libxml-parser-perl
Fixes http://autobuild.buildroot.net/results/166/1667b4ebd8e16e7d8b47bc3ca128a76daf27b4d9/

The configure script of host-libxml-parser-perl needs the English perl
module on the host:

ERROR from evaluation of
/home/buildroot/autobuild/instance-1/output-1/build/host-libxml-parser-perl-2.46/Expat/Makefile.PL:
Can't locate English.pm in @INC (you may need to install the English module)
(@INC contains:
/home/buildroot/autobuild/instance-1/output-1/build/host-libxml-parser-perl-2.46/inc
/home/buildroot/autobuild/instance-1/output-1/host/lib/perl
/usr/local/lib64/perl5/5.36 /usr/local/share/perl5/5.36
/usr/lib64/perl5/vendor_perl /usr/share/perl5/vendor_perl /usr/lib64/perl5
/usr/share/perl5 .) at ./Makefile.PL line 3.

So add a check for it in dependencies.sh similar to the existing check for
ExtUtils::MakeMaker.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 8f8085e63a)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-02-22 20:56:28 +01:00
Giulio Benetti 5094adb260 package/qt5: fix build failure due to libressl use
Qt5 only supports openssl, check [0] and [1]. So in qt5base.mk let's check
if BR2_PACKAGE_LIBOPENSSL is enabled instead of BR2_PACKAGE_OPENSSL(that
could be openssl or libressl) and for qt5enginio and qt5webkit let's select
BR2_PACKAGE_OPENSSL_FORCE_LIBOPENSSL instead of only BR2_PACKAGE_OPENSSL.
This way we make sure that only openssl is selected and not libressl or
other future openssl-like implementations.

Fixes:
http://autobuild.buildroot.net/results/a956b48b782dbaa055d7146360465e2493a809d9/

[0]: https://doc.qt.io/qt-5/ssl.html#enabling-and-disabling-ssl-support
[1]: https://bugreports.qt.io/browse/QTBUG-68374

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit a94d39d693)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-02-22 20:51:21 +01:00
Peter Korsgaard 579945a3ba support/dependencies/dependencies.sh: require FindBin perl package for libopenssl
Fixes:
http://autobuild.buildroot.net/results/5d1/5d10f4f545dccf126e3f5b5efce777a393c5e7bc/
http://autobuild.buildroot.net/results/7c2/7c2df31c6eb34b68e460e092d8c262bdc6c8f25a/

The configure script of (host-)libopenssl needs the FindBin perl module on the host:

Can't locate FindBin.pm in @INC (you may need to install the FindBin module)
(@INC contains: /home/buildroot/autobuild/instance-2/output-1/host/lib/perl
/usr/local/lib64/perl5/5.36 /usr/local/share/perl5/5.36
/usr/lib64/perl5/vendor_perl /usr/share/perl5/vendor_perl /usr/lib64/perl5
/usr/share/perl5) at ./Configure line 15.  BEGIN failed--compilation aborted
at ./Configure line 15.

As this is needed for both libopenssl and host-libopenssl (which does not
have a corresponding config symbol in the .config), we have to require it
unconditionally.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 5aab8c59d5)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-02-22 20:46:56 +01:00
Peter Korsgaard 227bfb4866 package/gitlab-runner: use LIBCURL_FORCE_TLS to enforce TLS support in curl
BR2_PACKAGE_LIBCURL_OPENSSL is part of a "choice" option so it cannot be
selected.  What seems to be really be needed is HTTPS support in curl, so
use the blind LIBCURL_FORCE_TLS option instead (openssl is already
selected).

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit b95f7591bd)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-02-22 20:29:39 +01:00
Ricardo Martincoski 4fa653b118 package/sunxi-mali-utgard: properly handle legacy for renamed options
Commit "6a7a652b14 package/sunxi-mali-utgard: rename from
sunxi-mali-mainline" tried to add legacy handling but the new symbols
are part of a choice, and Kconfig does not enforce the select of a
option from a choice.

Update the legacy entry for 2022.02, following the example described in
the beginning of the file.

Cc: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit efc223abd4)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-02-22 17:50:16 +01:00
Ricardo Martincoski 0734a1da83 package/openjdk: properly handle legacy for renamed options
Commit "a610bf9967 package/openjdk{-bin}: bump version to 17.0.1+12"
tried to add legacy handling but the new symbols are part of a choice,
and Kconfig does not enforce the select of a option from a choice.

Update the legacy entry for 2021.11, following the example described in
the beginning of the file.

Cc: Tudor Holton <buildroot@tudorholton.com>
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit a97a4a74aa)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-02-22 17:49:26 +01:00
Ricardo Martincoski 8c573c30a2 package/ti-sgx-km: properly handle legacy for removed options
Commit "c38b5566fe package/ti-sgx-{km, um, demos}: bump to latest TI
version", added in release 2020.02, removed some options that were
previously renamed in release 2018.05.

Update the legacy entry for 2018.05 and add the corresponding legacy
entries for 2020.02.

Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit b2661fe639)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-02-22 17:48:58 +01:00
Ricardo Martincoski 768ecb25b2 package/lua: properly handle legacy for removed version
Commit "297613f1c7 package/lua: remove 5.2.x version" tried to add
legacy handling but the new symbols are part of a choice, and Kconfig
does not enforce the select of a option from a choice.

Update the legacy entry for 2019.02, following the example described in
the beginning of the file.

Cc: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit f461543d9c)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-02-22 17:48:16 +01:00
Ricardo Martincoski 35b29aaa3c package/gcc: properly handle legacy for renamed ARC option
Commit "50332a530b gcc: rename option for ARC gcc" tried to add legacy
handling but the new symbol is part of a choice, and Kconfig does not
enforce the select of a option from a choice.

Update the legacy entry for 2016.11, following the example described in
the beginning of the file.

Cc: Giulio Benetti <giulio.benetti@benettiengineering.com>
Cc: Romain Naour <romain.naour@gmail.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit eb8f38891b)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-02-22 17:47:50 +01:00
Ricardo Martincoski 9afadcbe5c package/openpowerlink: properly handle legacy options
Commit "b1063a0136 package/openpowerlink: bump to v2.2.2" tried to add
legacy handling but the new symbols are part of a choice, and Kconfig
does not enforce the select of a option from a choice.

Update the legacy entry for 2016.02, following the example described in
the beginning of the file.

Cc: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit e1e4f39507)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-02-22 17:46:56 +01:00
Ricardo Martincoski 5d2f70b381 package/linux-headers: remove bogus symbol BR2_PACKAGE_HOST_LINUX_HEADERS
The package host-linux-headers does not exist and there were never
references to this symbol in the tree, do drop it.

Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 367bd65f3c)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-02-22 17:46:19 +01:00
Ricardo Martincoski f513808d04 system: remove use of legacy md5 option
Commit "bf3626002f system cfg: remove mkpasswd MD5 format option", from
release 2019.02, moved the symbol to legacy handling, but the symbol is
still referenced.

Remove the reference to it.

Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 032cfbc716)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-02-22 17:45:42 +01:00
Ricardo Martincoski 89d06caa82 boot/uboot: remove use of legacy xloader symbol
Commit "070b183d0c boot/xloader: remove package", from release 2018.11,
removed the package, but the symbol is still referenced.

Remove the reference to it.

Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 9b1b1763b7)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-02-22 17:45:18 +01:00
Ricardo Martincoski 972ad2022e toolchain/toolchain-buildroot: add comment about using virtual package infra
Commit "9a8ec9195c toolchain/toolchain-buildroot: migrate to virtual
package infrastructure" made the packages toolchain and
toolchain-buildroot to use the virtual package infra even they being
generic packages.
This works because on package/pkg-virtual.mk when a package do not
define neither _PROVIDES_ or _HAS_ symbols, only _IS_VIRTUAL is set to
YES and _VERSION and _SOURCE are set to empty before relaying the call
to inner-generic-package.

Add a comment explaining why the virtual package infra is used in these
cases.

Cc: Giulio Benetti <giulio.benetti@benettiengineering.com>
Cc: Romain Naour <romain.naour@gmail.com>
Cc: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit abcecd737b)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-02-22 17:44:43 +01:00
Ricardo Martincoski 21691c1a49 utils/checkpackagelib: warn about ifdef on .mk
There are two legitimate cases to prefer ifdef over ifeq in package
recipes: command-line overrides are allowed for busybox and uclibc
configs.

Except for that, all package in tree already use ifeq, so warn the
developer adding/changing a package to use ifeq instead of ifdef, in
order to keep consistence across packages.
file.mk:2: use ifeq ($(SYMBOL),y) instead of ifdef SYMBOL
file.mk:5: use ifneq ($(SYMBOL),y) instead of ifndef SYMBOL

The difference between ifeq and ifdef is that ifdef doesn't expand
recursively.

Add comments to busybox and uclibc packages to avoid a warning in such
special cases.

Cc: Arnout Vandecappelle <arnout@mind.be>
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 29c9b44355)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-02-22 17:43:46 +01:00
Ricardo Martincoski f188f8aa49 package/busybox: add comment about variable override
The same comment already exists for UCLIBC_CONFIG_FILE.
Both variables can be override from command-line, as described in the
manual, at section 'Environment variables'.

Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 01c0fb3862)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-02-22 17:43:46 +01:00
Ricardo Martincoski 01f08ce374 package/pugixml: use explicit build options
Commit upstream 986b7ffd01aedcd4f2aa16e78e4cad9313b6d7b2
"Add Cmake options for pugiconfig.hpp" added feature toogles to release
v1.12, including PUGIXML_NO_XPATH and PUGIXML_COMPACT.

Commit upstream 5f49f2c6575cc2b7d343f8d41581fe92d69d7b52
"Mark advanced options and removed redundant ones" removed CMake
specific support for PUGIXML_HEADER_ONLY and PUGIXML_HAS_LONG_LONG, but
they can still be provided using PUGIXML_BUILD_DEFINES, starting from
release v1.12.

So use the explicit build options PUGIXML_NO_XPATH and PUGIXML_COMPACT,
but keep using PUGIXML_BUILD_DEFINES to set PUGIXML_HEADER_ONLY and
PUGIXML_HAS_LONG_LONG.

Cc: Arnout Vandecappelle <arnout@mind.be>
Cc: Theo Debrouwere <t.debrouwere@televic.com>
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit f043f92867)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-02-22 17:43:46 +01:00
Ricardo Martincoski 85b4570d63 package/pugixml: fix configuration options
Commit upstream 1c5a0bb32583fd294022e68e66b541bf6ff71a67
" Update CMake to modern approach" removed all feature
toogles, so starting from release v1.11 any flag passed in BUILD_DEFINES
was completely ignored during the build.
Version 1.11.4 was in use in buildroot since February 2021.

Commit upstream 0f1e75a902ef1751dd63a67fe223b5e8daf4c7f1
"Re-introduced the custom build defines" added PUGIXML_BUILD_DEFINES to
release v1.12, but BUILD_DEFINES is still completely ignored during the
build.
Version 1.12.1 is in use in buildroot since March 2022.

So switch the config options to use PUGIXML_BUILD_DEFINES instead of
BUILD_DEFINES.

Cc: Arnout Vandecappelle <arnout@mind.be>
Cc: Theo Debrouwere <t.debrouwere@televic.com>
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit cc3a4a7b1d)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-02-22 17:43:46 +01:00
Ricardo Martincoski 4dd5058412 package/pugixml: unconditionally set BUILD_DEFINES
The ifdef construct intended to avoid passing -DBUILD_DEFINES="" was
never needed, because even upstream version v1.9 used in 2019 when the
configuration options were added, can handle an empty string for
BUILD_DEFINES.
In fact an empty string is the default for v1.9 if it is not passed
during configure.

Also, the host variant already sets BUILD_DEFINES unconditionally.

So remove the unneeded conditional.

Cc: Arnout Vandecappelle <arnout@mind.be>
Cc: Theo Debrouwere <t.debrouwere@televic.com>
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 01cb02cfae)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-02-22 17:43:46 +01:00
Ricardo Martincoski a6d8ee5404 package/live555: fix build config with locale
Using current conditional code, added in 2014:

ifndef ($(BR2_ENABLE_LOCALE),y)
LIVE555_CFLAGS += -DLOCALE_NOT_USED
endif

the define LOCALE_NOT_USED is always passed on CFLAGS, because there is
no symbol with following names defined:
 "(y,y)" -> not defined when BR2_ENABLE_LOCALE=y
 "(,y)" -> not defined when BR2_ENABLE_LOCALE is not set

So fix the typo, switching ifndef to ifneq.

Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 04a4b86a98)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-02-22 17:43:46 +01:00
Ricardo Martincoski f4236802ad package/fwts: use ifeq instead of ifdef
The conditional code using ifdef was added in 2018 and works as
expected.
But there is no reason to use ifdef instead of ifeq.

For consistence, switch to use ifeq like almost all packages already do.

Cc: Arnout Vandecappelle <arnout@mind.be>
Cc: Erico Nunes <nunes.erico@gmail.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit e6ae825319)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-02-22 17:37:20 +01:00
Ricardo Martincoski feebcb90a2 support/scripts/generate-gitlab-ci-yml: improve test-pkg support
Following the example of test-pkg config described in commit
"12c7a05da1 utils/test-pkg: add gitlab-ci support" to test a defconfig
fragment that contains a disabled option is currently possible, but
it do requires one to change the git config core.commentChart so the
lines starting with "#" are not discarded by git when creating/editing
the commit message.

For instance, without the indentation the 3rd line below would be
excluded from the commit message when the editor is closed:
    test-pkg config:
    SOME_OPTION=y
    # OTHER_OPTION is not set
    SOME_VARIABLE="some value"

Requiring to change git configs is not very nice.
So make the developer's life easier by changing the sed expression to
remove indentation with spaces from a defconfig fragment found on a
commit message.
For instance these lines become valid and generate a defconfig fragment
without the indentation of one space to be tested in GitLab CI:
test-pkg config:
 SOME_OPTION=y
 # OTHER_OPTION is not set
 SOME_VARIABLE="some value"

Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 0ad3ae14c5)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-02-22 17:37:09 +01:00
Yann E. MORIN 2759b8a308 Makefile: fix build when $(O) ends in _defconfig
Commit e6195c5304 (Makefile: fix use of many br2-external trees) fixed
a slowdown with many br2-external trees. In doing so, it changed the
type of the %_defconfig rule: the stem is no longer present in the
prerequisites, so it changes from a pattern rule to an implicit pattern
rule [0].

It is not unusual to name the build directory after the defconfig that
is being built, so we may end up with a build directory named
meh_defconfig. Before e6195c5304, the pattern rule would not match
[1], but now it does, which causes somewhat-cryptic build failures:

    Makefile:1015: *** "Can't find /some/path/meh_defconfig".  Stop.

The issue is that we have this set of rules and assignments (elided and
reordered for legibility):

    all: world
    world: target-post-image
    target-post-image: staging-finalize
    staging-finalize: $(STAGING_DIR_SYMLINK)
    $(STAGING_DIR_SYMLINK): | $(BASE_DIR)
    BASE_DIR := $(CANONICAL_O)
    CANONICAL_O := $(shell mkdir -p $(O) >/dev/null 2>&1)$(realpath $(O))

So, there is a rule that (eventually) has a dependency on $(O), but we
have no rule that provides it explicitly, so the %_defconfig rule kicks
in, with the stem as "/some/path/meh". When the loop searches all the
".../configs/" directories for a file named ".../configs/%_defconfig",
it actually looks for a file named ".../configs//some/path/meh_defconfig"
and that indeed never matches anything.

The solution is to provide an actual rule for $(BASE_DIR), so that the
implicit rule does not kick in.

[0] Terminology and behaviour in make is hard, so the terms we used here
    may be wrong or incorrectly used, and/or the explanations for the
    behaviour be wrong or incomplete... Still, the reasoning stands, and
    the root cause is the removal of the stem in the RHS of the rule
    (adding one back does fix the issue).

[1] not sure how the prerequisite was solved  before e6195c5304,
    though...

Fixes: e6195c5304

Reported-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Nevo Hed <nhed+buildroot@starry.com>
Cc: Peter Korsgaard <peter@korsgaard.com>
Tested-by: Sebastian Weyer <sebastian.weyer@smile.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 5bd2cafc32)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-02-22 17:31:16 +01:00
Joachim Wiberg a3fd22e80c package/netopeer2: fix sysv init script, does not start
- The netopeer server forks to background by default, no need for '-b'
 - The path to the daemon is /usr/sbin, not /usr/bin

Signed-off-by: Joachim Wiberg <troglobit@gmail.com>
Acked-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 6ddc29708d)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-02-22 17:28:55 +01:00
Giulio Benetti 45f5c85ee5 package/postgresql: work around gcc bug 43744
Package postgresql suffers from gcc bug 43744 other than 85180, so let's
work around disabling compiler optimization for this gcc bug too.

Fixes:
http://autobuild.buildroot.net/results/cf272cdc5be2faf4070de3d235ec7a0f7190867a

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 3def0679e3)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-02-22 17:22:28 +01:00
Thomas Petazzoni b4027a4ddd boot/barebox: explicitly set the timezone for the kbuild timestamp
This adjusts the code added in commit
c90bd74ebb ("boot/barebox: pass required
environment variables for reproducible build") to explicitly set the
timezone when calculating KBUILD_BUILD_TIMESTAMP, like is already done
in linux/linux.mk.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 11e75ecbf0)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-02-22 17:11:28 +01:00
Thomas Petazzoni 41aade348a boot/barebox: use $$ instead of $ where needed
Commit c90bd74ebb ("boot/barebox: pass
required environment variables for reproducible build") caused the
build to generate a spurious error message due to the $(shell
... date -d @$(SOURCE_DATE_EPOCH)) command being executed even when
BR2_REPRODUCIBLE was disabled.

This is due to the fact that variable references must be done using $$
within macros. This commit fixes that for the two variables that we
are referencing in the code added in commit
c90bd74ebb.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 75c313816e)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-02-22 17:10:47 +01:00
Ricardo Martincoski eace3a9a03 utils/checkpackagelib: warn about redefined config
Warn the developer in the case the same config is declared more than
once in the same Config.in file.
But take into account the conditional code that lets the config be
visible and warn only when it is declared more than once in the same
conditions.
For instance, do not warn for:
 if BR2_PACKAGE_BUSYBOX
 config BR2_PACKAGE_BUSYBOX_SHOW_OTHERS
 endif
 if !BR2_PACKAGE_BUSYBOX # kconfig doesn't support else
 config BR2_PACKAGE_BUSYBOX_SHOW_OTHERS
 endif

Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 4bbda72743)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-02-22 17:08:58 +01:00
Ricardo Martincoski d981ed04c8 Config.in.legacy: fix typo on BR2_PACKAGE_MEDIAART_BACKEND_QT
Currently using this minimal .config:
 BR2_PACKAGE_MEDIAART_BACKEND_GDK_PIXBUF=y
triggers:
     *** Legacy options removed in 2018.05 ***
 [ ] libmediaart none backend option renamed (NEW)
 [*] libmediaart gdk-pixbuf backend option renamed
 [*] libmediaart qt backend option renamed

Commit "8553b39887 libmediaart: rename options to have proper prefix",
part of the 2018.05 release had a copy&paste error.

As stated in the beginning of the file:
 The oldest symbols will be removed again after about two years.
But while we carry these legacy symbols, let's fix the typo.

Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 316e149611)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-02-22 17:07:19 +01:00
Ricardo Martincoski 42743a9503 package, legacy: fix typo for "daemon" on help text
deamon -> daemon

At same time, in Config.in.legacy fix other typos in the same help text:
spae -> space
monolitic -> monolithic

Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 6a9feaabbc)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-02-22 16:57:34 +01:00
Ricardo Martincoski bcd81208ad *: fix typo for separate(d|) in text
seperate is a common misspelling of separate

Fix all the typos in the tree that are not related to patch files.

CHANGES
  seperate -> separate, in the list of changes
Config.in.legacy
  seperate -> separate, in option name and help texts
package/leafnode2/leafnode2.mk
  seperate -> separate, in a comment
system/Config.in
  seperated -> separated, in a help text

Cc: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 4092d2a354)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-02-22 16:54:42 +01:00
Ricardo Martincoski 4adcd3c4b2 package/thermald: bump to 2.5.1
README.txt states only these changes:
- Static analysis fixes
- Missing init, which causes skipping of conditions in a Dell system

Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 11d98385f5)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-02-22 16:52:58 +01:00
Arnout Vandecappelle dd67740aa9 package/yajl: explicitly request a tag in _SITE
The yajl repository has both a branch and a tag names 2.1.0. Because of
this, when we use the usual github URL [1], github doesn't return a
tarball but rather an ASCII string:
   the given path has multiple possibilities: #<Git::Ref:0x00007f193bebe4d8>, #<Git::Ref:0x00007f193bebd858>

This obviously (and fortunately) leads to a hash check failure.

To make sure we get the tag and not the branch, we should use a URL that
explicitly asks for refs/tags/2.1.0 [2]. We can't change VERSION to
include refs/tags, because that also affects the _SOURCE default, the
contents of the tarball, the CPE ID and the release-monitoring access.
Therefore, add the refs/tags/ prefix to the github helper call.

[1] https://github.com/lloyd/yajl/archive/2.1.0/yajl-2.1.0.tar.gz
[1] https://github.com/lloyd/yajl/archive/refs/tags/2.1.0/yajl-2.1.0.tar.gz

Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
(cherry picked from commit 5be76a39d3)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-02-22 16:51:12 +01:00
Fabrice Fontaine 5efc9e326d package/mongoose: fix build with gcc 4.8
Fix the following build failure with gcc 4.8 raised since bump to
version 7.8 in commit f9e51e1150:

/home/buildroot/autobuild/run/instance-2/output-1/build/mongoose-7.8/mongoose.c: In function 'mg_iotest':
/home/buildroot/autobuild/run/instance-2/output-1/build/mongoose-7.8/mongoose.c:4484:3: error: 'for' loop initial declarations are only allowed in C99 mode
   for (struct mg_connection *c = mgr->conns; c != NULL; c = c->next) {
   ^

Fixes:
 - http://autobuild.buildroot.org/results/c538c6d8e87e4e24097c9878ee15083802276505

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 6139aeacd8)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-02-22 16:50:03 +01:00
Giulio Benetti b15b33fc57 toolchain/Config.in: extend gcc bug 43744 to every sh architecture
Gcc bug 43744 affects seems to affect all SH family because it already
affects:
1) sh4, here you can find a buildroot defconfig that fails to build:
http://autobuild.buildroot.net/results/1db/1db6c59c98e3c09fa13277076ee2fbe7967f1f6b/defconfig
2) sh4a, here you can find a buildroot defconfig that fails to build:
http://autobuild.buildroot.net/results/cf272cdc5be2faf4070de3d235ec7a0f7190867a/defconfig
Note also that gcc bugzilla entry reports the bug for SH and not for
sub-architectures:
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=43744

So let's extend the bug to BR2_sh to match the entire SH architecture.

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit ee7cf14b51)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-02-22 16:46:24 +01:00
Casey Reeves caca4a1ff1 boot/barebox: pass required environment variables for reproducible build
Barebox makes use of the same variables as the linux kernel does for
handling reproducible build -- KBUILD_BUILD_HOST,
KBUILD_BUILD_TIMESTAMP, KBUILD_BUILD_USER. This patch sets the proper
variables based on linux/linux.mk, and passes them to the make
invocation when building, to ensure a reproducible build is possible
when BR2_REPRODUCIBLE is enabled.

Signed-off-by: Casey Reeves <casey@xogium.me>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit c90bd74ebb)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-02-21 21:48:58 +01:00
Fabrice Fontaine 81344a37d6 package/xxhash: use MOREFLAGS instead of overriding CFLAGS
Set MOREFLAGS instead of overriding CFLAGS to avoid the following build
failure raised since commit 94b66fb49c:

/home/autobuild/autobuild/instance-6/output-1/host/lib/gcc/x86_64-buildroot-linux-uclibc/11.3.0/../../../../x86_64-buildroot-linux-uclibc/bin/ld: /tmp/ccabb8cF.o: relocation R_X86_64_32S against `.rodata' can not be used when making a shared object; recompile with -fPIC

Fixes:
 - http://autobuild.buildroot.org/results/953133575d8c13266f1450fa545e70e4a518508d

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit bfef88762d)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-02-21 21:47:23 +01:00
Fabrice Fontaine 527e770697 package/tmux: add utf8proc optional dependency
utf8proc is an optional dependency since version 2.3 and
https://github.com/tmux/tmux/commit/6c94774b70f72952c4c512e4aa59a207ca1c34f2

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 1f618aa388)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-02-21 21:43:55 +01:00
Fabrice Fontaine f5e565d9b2 package/upx: security bump to version 4.0.2
Fix CVE-2023-23456: A heap-based buffer overflow issue was discovered in
UPX in PackTmt::pack() in p_tmt.cpp file. The flow allows an attacker to
cause a denial of service (abort) via a crafted file.

Fix CVE-2023-23457: A Segmentation fault was found in UPX in
PackLinuxElf64::invert_pt_dynamic() in p_lx_elf.cpp. An attacker with a
crafted input file allows invalid memory address access that could lead
to a denial of service.

https://github.com/upx/upx/blob/v4.0.2/NEWS

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 02befac8f9)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-02-21 21:37:06 +01:00
Fabrice Fontaine b87222f6bf package/upx: bump to version 4.0.1
- Drop patch (already in version)
- cmake must be used since
  https://github.com/upx/upx/commit/c7d8b6fed1b551158540e1d2e884dc224fce474c
- ucl and zlib are directly included in upx since
  https://github.com/upx/upx/commit/61e1366122f8d1b9e2434a8103e7af00a35ea902

https://github.com/upx/upx/blob/v4.0.1/NEWS

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 1567516d89)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-02-21 21:36:37 +01:00
Fabrice Fontaine 6cefcf4016 package/modsecurity2: disable pcre
Disable pcre to avoid the following build failure if pcre-config is
found on host raised since bump to version 2.9.7 in commit
42e34cf10f:

/home/thomas/autobuild/instance-0/output-1/per-package/modsecurity2/host/bin/../lib/gcc/mips64el-buildroot-linux-gnu/11.3.0/../../../../mips64el-buildroot-linux-gnu/bin/ld: cannot find -lpcre: No such file or directory

Fixes:
 - http://autobuild.buildroot.org/results/f4864f8cc1d07e357f6e5f8302c19ae94e9cf3af

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 06af305874)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-02-21 21:33:45 +01:00
Fabrice Fontaine 3665ba04bc package/modsecurity2: security bump to version 2.9.7
- Fix CVE-2023-24021: Incorrect handling of '\0' bytes in file uploads
  in ModSecurity before 2.9.7 may allow for Web Application Firewall
  bypasses and buffer overflows on the Web Application Firewall when
  executing rules that read the FILES_TMP_CONTENT collection.
- host-pkgconf is mandatory and used to find libxml2 since
  https://github.com/SpiderLabs/ModSecurity/commit/baa38ddbaf55a87afecad7a1e1760c69a2689787
- pcre2 is supported since:
  https://github.com/SpiderLabs/ModSecurity/commit/8fc0b519b7a6c023259753a21f33bf3649a25b14

https://github.com/SpiderLabs/ModSecurity/blob/v2.9.7/CHANGES

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 42e34cf10f)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-02-21 21:33:34 +01:00
Fabrice Fontaine 3959f94377 package/opusfile: fix CVE-2022-47021
A null pointer dereference issue was discovered in functions op_get_data
and op_open1 in opusfile.c in xiph opusfile 0.9 thru 0.12 allows
attackers to cause denial of service or other unspecified impacts.

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit ae65870e65)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-02-21 21:32:16 +01:00
Niklas Cassel 26df863eb6 package/elf2flt: fix error when building gdb for target on m68k
Thomas reported that m68k fails to build when enabling BR2_PACKAGE_GDB.

It fails when building gdb for the target with the following error:
elf2flt: ERROR: text=0x3c826 overlaps data=0x256e0 ?

It turns out that the gdb binary has another problematic input section
(.gcc_except_table), which causes elf2flt to try to append to the .text
output section, after it has already moved on with appending sections
to the .data output section.

elf2flt cannot append to a previous output section once it has moved on
to another output section.

Update the existing elf2flt patch to also add an exception for
.gcc_except_table.

Reported-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Niklas Cassel <niklas.cassel@wdc.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit f6f15e85b3)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-02-21 20:53:46 +01:00
André Zwing b24972000a DEVELOPERS: Remove openal from my list
Signed-off-by: André Zwing <nerv@dawncrow.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 6c8cda8c94)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-02-14 18:07:02 +01:00
Bernd Kuhls 12003d0146 package/freeswitch: security bump version to 1.10.9
Release notes:
https://github.com/signalwire/freeswitch/releases/tag/v1.10.9

Upstream removed zrtp support:
https://github.com/signalwire/freeswitch/pull/1848

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 46683dd4a6)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-02-14 17:56:42 +01:00
Bernd Kuhls 01827fbfdd package/sofia-sip: bump version to 1.13.12
Switch to github helper due to lack of upstream-provided tarball.

Needed for upcoming bump of freeswitch to version 1.10.9.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 8bb962724e)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-02-14 17:56:42 +01:00
Bernd Kuhls 121037ce40 package/libks: bump version to 1.8.2
Needed for upcoming bump of freeswitch to version 1.10.9.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 6e09e7987b)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-02-14 17:56:42 +01:00
Sergey Organov dd7ca9147a package/openvpn: get rid of -e in S60openvpn shebang
The -e switch makes the script terminate on error from
start-stop-daemon, rendering unreachable the code that checks the exit
status.

There is no need in the -e switch in the first place either, as the
script takes care of errors handling.

Signed-off-by: Sergey Organov <sorganov@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 28ca1da234)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-02-14 17:16:28 +01:00
Peter Korsgaard a512389e21 {linux, linux-headers}: bump 4.{14, 19}.x / 5.{4, 10, 15}.x / 6.1.x series
4.9.x / 6.0.x is now EOL.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit def789059a)
[Peter: drop 6.1.x bump]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-02-14 17:15:17 +01:00
Fabrice Fontaine 6ef0499c2c package/vim: security bump to version 9.0.1260
- Fix CVE-2023-0049, CVE-2023-0051, CVE-2023-0054 and CVE-2023-0288
- Update hash of README.txt: typo fixed by
  https://github.com/vim/vim/commit/f1dcd14fc5d4370476cd82895a4479ca2d252e54

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 98f8ddbc74)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-02-14 16:32:20 +01:00
Fabrice Fontaine 01e97d849e package/c-ares: security bump to version 1.19.0
Low. Stack overflow in ares_set_sortlist() which is used during c-ares
initialization and typically provided by an administrator and not an end
user.

https://c-ares.org/changelog.html#1_19_0

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 121a9d3649)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-02-14 16:31:43 +01:00
Fabrice Fontaine 594acef246 package/sdl2: security bump to version 2.26.2
- Drop patch (already in version)
- Fix CVE-2022-4743: A potential memory leak issue was discovered in
  SDL2 in GLES_CreateTexture() function in SDL_render_gles.c. The
  vulnerability allows an attacker to cause a denial of service attack.

https://github.com/libsdl-org/SDL/releases/tag/release-2.26.0
https://github.com/libsdl-org/SDL/releases/tag/release-2.26.1
https://github.com/libsdl-org/SDL/releases/tag/release-2.26.2

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit d33a8417bf)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-02-14 15:13:51 +01:00
Michael Fischer 8e9afb26b9 package/sdl2: bump version to 2.24.2
Signed-off-by: Michael Fischer <mf@go-sys.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 7c0def2452)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-02-14 15:13:45 +01:00
Bernd Kuhls db67415513 package/kodi: fix riscv build
Fixes build error not yet found by autobuilders

-- System type: Linux
CMake Error at cmake/scripts/linux/ArchSetup.cmake:42 (message):
  Unknown CPU: riscv32

using this defconfig:

BR2_riscv=y
BR2_RISCV_32=y
BR2_TOOLCHAIN_EXTERNAL=y
BR2_ROOTFS_DEVICE_CREATION_DYNAMIC_EUDEV=y
BR2_PACKAGE_KODI=y
BR2_PACKAGE_MESA3D=y
BR2_PACKAGE_MESA3D_GALLIUM_DRIVER_SWRAST=y
BR2_PACKAGE_MESA3D_OPENGL_EGL=y
BR2_PACKAGE_MESA3D_OPENGL_ES=y
BR2_PACKAGE_PYTHON3=y
BR2_PACKAGE_PYTHON3_PY_ONLY=y

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 39886a434a)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-02-14 15:01:32 +01:00
Bernd Kuhls cf37b32e40 package/kodi: fix openrisc build
Fixes build error not yet found by autobuilders

-- System type: Linux
CMake Error at cmake/scripts/linux/ArchSetup.cmake:42 (message):
  Unknown CPU: or1k

with this defconfig:

BR2_or1k=y
BR2_TOOLCHAIN_EXTERNAL=y
BR2_TOOLCHAIN_EXTERNAL_BOOTLIN_OPENRISC_UCLIBC_STABLE=y
BR2_ROOTFS_DEVICE_CREATION_DYNAMIC_EUDEV=y
BR2_PACKAGE_KODI=y
BR2_PACKAGE_MESA3D=y
BR2_PACKAGE_MESA3D_GALLIUM_DRIVER_SWRAST=y
BR2_PACKAGE_MESA3D_OPENGL_EGL=y
BR2_PACKAGE_MESA3D_OPENGL_ES=y
BR2_PACKAGE_PYTHON3=y
BR2_PACKAGE_PYTHON3_PY_ONLY=y

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 86fac589fb)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-02-14 15:00:36 +01:00
Bernd Kuhls dad63d9ec9 package/kodi: fix armv5 build
Disable neon support when not available.

Fixes build error not yet found by autobuilders

/tmp/cc8LvPwi.s: Assembler messages:
/tmp/cc8LvPwi.s:28: Error: selected processor does not support `vldmia r1,{ q4-q7 }' in ARM mode
/tmp/cc8LvPwi.s:29: Error: selected processor does not support `vldmia r0,{ q8-q11 }' in ARM mode
/tmp/cc8LvPwi.s:30: Error: selected processor does not support `vmul.f32 q0,q8,d8[0]' in ARM mode
/tmp/cc8LvPwi.s:31: Error: selected processor does not support `vmul.f32 q1,q8,d10[0]' in ARM mode
/tmp/cc8LvPwi.s:32: Error: selected processor does not support `vmul.f32 q2,q8,d12[0]' in ARM mode
/tmp/cc8LvPwi.s:33: Error: selected processor does not support `vmul.f32 q3,q8,d14[0]' in ARM mode
/tmp/cc8LvPwi.s:34: Error: selected processor does not support `vmla.f32 q0,q9,d8[1]' in ARM mode
/tmp/cc8LvPwi.s:35: Error: selected processor does not support `vmla.f32 q1,q9,d10[1]' in ARM mode
/tmp/cc8LvPwi.s:36: Error: selected processor does not support `vmla.f32 q2,q9,d12[1]' in ARM mode
/tmp/cc8LvPwi.s:37: Error: selected processor does not support `vmla.f32 q3,q9,d14[1]' in ARM mode
/tmp/cc8LvPwi.s:38: Error: selected processor does not support `vmla.f32 q0,q10,d9[0]' in ARM mode
/tmp/cc8LvPwi.s:39: Error: selected processor does not support `vmla.f32 q1,q10,d11[0]' in ARM mode
/tmp/cc8LvPwi.s:40: Error: selected processor does not support `vmla.f32 q2,q10,d13[0]' in ARM mode
/tmp/cc8LvPwi.s:41: Error: selected processor does not support `vmla.f32 q3,q10,d15[0]' in ARM mode
/tmp/cc8LvPwi.s:42: Error: selected processor does not support `vmla.f32 q0,q11,d9[1]' in ARM mode
/tmp/cc8LvPwi.s:43: Error: selected processor does not support `vmla.f32 q1,q11,d11[1]' in ARM mode
/tmp/cc8LvPwi.s:44: Error: selected processor does not support `vmla.f32 q2,q11,d13[1]' in ARM mode
/tmp/cc8LvPwi.s:45: Error: selected processor does not support `vmla.f32 q3,q11,d15[1]' in ARM mode
/tmp/cc8LvPwi.s:46: Error: selected processor does not support `vstmia r0,{ q0-q3 }' in ARM mode

with this defconfig:

BR2_arm=y
BR2_TOOLCHAIN_EXTERNAL=y
BR2_TOOLCHAIN_EXTERNAL_BOOTLIN=y
BR2_TOOLCHAIN_EXTERNAL_BOOTLIN_ARMV5_EABI_UCLIBC_STABLE=y
BR2_ROOTFS_DEVICE_CREATION_DYNAMIC_EUDEV=y
BR2_PACKAGE_KODI=y
BR2_PACKAGE_MESA3D=y
BR2_PACKAGE_MESA3D_GALLIUM_DRIVER_SWRAST=y
BR2_PACKAGE_MESA3D_OPENGL_EGL=y
BR2_PACKAGE_MESA3D_OPENGL_ES=y
BR2_PACKAGE_PYTHON3=y
BR2_PACKAGE_PYTHON3_PY_ONLY=y

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 2952832a40)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-02-14 14:31:09 +01:00
Maxim Kochetkov c0664cc9f4 package/gdal: switch to cmake build to fix libgeotiff detection
GDAL autoconf has wrong libgeotiff detection. It uses host's
library if installed instead of buildroot one.
Modern versions of gdal have no autoconf build scripts, just cmake only.

So move to cmake build variant.

Fixes: https://bugs.busybox.net/show_bug.cgi?id=15281

Signed-off-by: Maxim Kochetkov <fido_max@inbox.ru>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 2b43579e94)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-02-13 15:53:18 +01:00
Fabrice Fontaine a542730884 package/mariadb: fix build with libressl >= 3.5.0
Fix the following build failure with libressl raised since bump to
version 3.5.2 in commit 8b216927db:

In file included from /tmp/instance-10/output-1/build/mariadb-10.3.36/vio/viosslfactories.c:18:
/tmp/instance-10/output-1/build/mariadb-10.3.36/vio/viosslfactories.c: In function 'get_dh2048':
/tmp/instance-10/output-1/build/mariadb-10.3.36/include/ssl_compat.h:68:45: error: invalid use of incomplete typedef 'DH' {aka 'struct dh_st'}
   68 | #define DH_set0_pqg(D,P,Q,G)            ((D)->p= (P), (D)->g= (G))
      |                                             ^~

Fixes:
 - http://autobuild.buildroot.org/results/524198344aafca58d214537af64c5961c407b0f8

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 22e926e9af)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-02-06 09:26:47 +01:00
Fabrice Fontaine 14e35225d8 package/python-future: security bump to version 0.18.3
Fix CVE-2022-40899: An issue discovered in Python Charmers Future 0.18.2
and earlier allows remote attackers to cause a denial of service via
crafted Set-Cookie header from malicious web server.

https://github.com/PythonCharmers/python-future/releases/tag/v0.18.3

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 51eb81ddcf)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-02-06 00:01:10 +01:00
Fabrice Fontaine 4631f48fe7 package/lxc: security bump to version 5.0.2
- Fix CVE-2022-47952: lxc-user-nic in lxc through 5.0.1 is installed
  setuid root, and may allow local users to infer whether any file
  exists, even within a protected directory tree, because "Failed to
  open" often indicates that a file does not exist, whereas "does not
  refer to a network namespace path" often indicates that a file exists.
  NOTE: this is different from CVE-2018-6556 because the CVE-2018-6556
  fix design was based on the premise that "we will report back to the
  user that the open() failed but the user has no way of knowing why it
  failed"; however, in many realistic cases, there are no plausible
  reasons for failing except that the file does not exist.
- Drop patches (already in version)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit cd7bfba252)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-02-05 23:44:05 +01:00
Nicolas Cavallari b25f3d1723 package/libgit2: security bump to 1.5.1
Fixes CVE-2023-22742: when compiled with BR2_PACKAGE_LIBSSH2,
libgit2 fails to verify SSH keys by default.

https://github.com/libgit2/libgit2/blob/v1.5.1/docs/changelog.md

Signed-off-by: Nicolas Cavallari <nicolas.cavallari@green-communications.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit cc47da516c)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-02-05 18:07:09 +01:00
Joachim Wiberg 03c15062c3 package/ssdp-responder: fix misspelled define directive
Signed-off-by: Joachim Wiberg <troglobit@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 6e0ba6bfc2)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-02-05 13:31:03 +01:00
Peter Korsgaard 486eae3194 package/git: security bump to version 2.31.6
Fixes the following security issues:

 * CVE-2022-41903:

   git log has the ability to display commits using an arbitrary
   format with its --format specifiers. This functionality is also
   exposed to git archive via the export-subst gitattribute.

   When processing the padding operators (e.g., %<(, %<|(, %>(,
   %>>(, or %><( ), an integer overflow can occur in
   pretty.c::format_and_pad_commit() where a size_t is improperly
   stored as an int, and then added as an offset to a subsequent
   memcpy() call.

   This overflow can be triggered directly by a user running a
   command which invokes the commit formatting machinery (e.g., git
   log --format=...). It may also be triggered indirectly through
   git archive via the export-subst mechanism, which expands format
   specifiers inside of files within the repository during a git
   archive.

   This integer overflow can result in arbitrary heap writes, which
   may result in remote code execution.

 * CVE-2022-23521:

    gitattributes are a mechanism to allow defining attributes for
    paths. These attributes can be defined by adding a `.gitattributes`
    file to the repository, which contains a set of file patterns and
    the attributes that should be set for paths matching this pattern.

    When parsing gitattributes, multiple integer overflows can occur
    when there is a huge number of path patterns, a huge number of
    attributes for a single pattern, or when the declared attribute
    names are huge.

    These overflows can be triggered via a crafted `.gitattributes` file
    that may be part of the commit history. Git silently splits lines
    longer than 2KB when parsing gitattributes from a file, but not when
    parsing them from the index. Consequentially, the failure mode
    depends on whether the file exists in the working tree, the index or
    both.

    This integer overflow can result in arbitrary heap reads and writes,
    which may result in remote code execution.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-02-05 13:05:42 +01:00
Bernd Kuhls db058b26f0 package/x11r7/xlib_libXpm: security bump version to 3.5.15
Release notes:
https://lists.x.org/archives/xorg-announce/2023-January/003313.html

Fixes CVE-2022-4883, CVE-2022-44617 & CVE-2022-46285:
https://lists.x.org/archives/xorg-announce/2023-January/003312.html

Updated license hash due to upstream commit:
https://gitlab.freedesktop.org/xorg/lib/libxpm/-/commit/501494c6c68a84114fdd0b44d4b67ef9cde776c9

Added configure option to disable compressed pixmaps support:
https://gitlab.freedesktop.org/xorg/lib/libxpm/-/commit/4841039e5385f264d12757903894f47c64f59361

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit a0dfd717f3)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-02-05 11:48:23 +01:00
Bernd Kuhls 2724f705c3 package/x11r7/xlib_libXpm: bump version to 3.5.14
https://lists.x.org/archives/xorg-announce/2022-November/003261.html
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 7d2fff7804)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-02-05 11:47:25 +01:00
Adrian Perez de Castro 5f496bb8b9 package/wpewebkit: security bump to version 2.38.3
Bugfix release, with security fixes for CVE-2022-42852, CVE-2022-42856,
CVE-2022-42867, CVE-2022-46691, CVE-2022-46692, CVE-2022-46698,
CVE-2022-46699, CVE-2022-46700, CVE-2022-42823, and CVE-2022-42799.

Release notes:

  https://wpewebkit.org/release/wpewebkit-2.38.3.html
  https://wpewebkit.org/release/wpewebkit-2.38.2.html
  https://wpewebkit.org/release/wpewebkit-2.38.1.html

Accompanying security advisories:

  https://wpewebkit.org/security/WSA-2022-0011.html
  https://wpewebkit.org/security/WSA-2022-0010.html

Additionally, the update brings in important bug fixes for the
Bubblewrap sandbox support, scrolling in certain web sites, multimedia
playback, and build fixes.

Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit d8bbc215f5)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-01-29 22:50:56 +01:00
Yair Ben-Avraham 00fbc1c7db package/sudo: security bump to version 1.9.12p2
Fix https://nvd.nist.gov/vuln/detail/CVE-2023-22809

Signed-off-by: Yair Ben-Avraham <yairba@protonmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 51e98499ff)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-01-29 22:27:52 +01:00
Francois Perrad 4a23af8467 package/sudo: bump to version 1.9.12p1
remove merged patch

diff LICENSE.md
-    Copyright (C) 1995-2017 Jean-loup Gailly and Mark Adler
+    Copyright (C) 1995-2022 Jean-loup Gailly and Mark Adler
-    Copyright (c) 2008-2018, Dave Benson and the protobuf-c authors.
+    Copyright (c) 2008-2022, Dave Benson and the protobuf-c authors.

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit f095f5a8be)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-01-29 22:27:40 +01:00
Bernd Kuhls 596e904f3f package/apache: security bump version to 2.4.55
Release notes:
https://lists.apache.org/thread/xlp3od60fjl8nl44z4f56y0lhs7pglos

Fixes CVE-2006-20001, CVE-2022-36760, CVE-2022-37436:
https://httpd.apache.org/security/vulnerabilities_24.html

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 60d8585570)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-01-29 22:26:46 +01:00
Fabrice Fontaine 52804618db package/proftpd: sftpd does not build with libressl
sftp doesn't build with libressl >= 3.5.0 resulting in the following
build failure since commit 8b216927db:

mac.c: In function 'init_mac':
mac.c:189:3: warning: implicit declaration of function 'HMAC_CTX_init'; did you mean 'HMAC_CTX_new'? [-Wimplicit-function-declaration]
  189 |   HMAC_CTX_init(hmac_ctx);
      |   ^~~~~~~~~~~~~
      |   HMAC_CTX_new
mac.c: In function 'set_mac_key':
mac.c:435:14: error: storage size of 'ctx' isn't known
  435 |   EVP_MD_CTX ctx;
      |              ^~~

So force use of openssl for sftpd, as no feedback was received on
https://github.com/proftpd/proftpd/pull/1481

Fixes:
 - http://autobuild.buildroot.org/results/a16ccd7cc78eb63de06a6d738fccc6b947da13e7

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit e7797603d2)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-01-29 22:05:34 +01:00
Fabrice Fontaine 17df9e40d3 package/proftpd: bump to version 1.3.8
Drop patch (already in version)

http://proftpd.org/docs/NEWS-1.3.8
http://proftpd.org/docs/RELEASE_NOTES-1.3.8

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 583e06a495)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-01-29 22:05:13 +01:00
Fabrice Fontaine a3edf0ef0a package/xxhash: set XXH_NO_INLINE_HINTS
Set XXH_NO_INLINE_HINTS to marks all internal functions as static,
giving the compiler full control on whether to inline or not. This will
fix the following build failure raised since bump to version 0.8.1 in
commit 5dbdb2535c:

In file included from xxhash.c:43:
In function 'XXH3_accumulate',
    inlined from 'XXH3_hashLong_internal_loop' at xxhash.h:4390:9,
    inlined from 'XXH3_hashLong_64b_internal' at xxhash.h:4453:5,
    inlined from 'XXH3_hashLong_64b_withSecret' at xxhash.h:4473:12,
    inlined from 'XXH3_64bits_internal' at xxhash.h:4554:12,
    inlined from 'XXH3_64bits_withSecret' at xxhash.h:4570:12:
xxhash.h:4196:1: error: inlining failed in call to 'always_inline' 'XXH3_accumulate_512_scalar': function not considered for inlining
 4196 | XXH3_accumulate_512_scalar(void* XXH_RESTRICT acc,
      | ^~~~~~~~~~~~~~~~~~~~~~~~~~

Fixes:
 - http://autobuild.buildroot.org/results/f2c52238df97cc4c13117d8dc1423235231a094c

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 94b66fb49c)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-01-29 22:02:29 +01:00
Vincent Fazio 85e4bb3437 package/ipmitool: fix broken IANA PEN registry URL
Backport the upstream fix for the IANA Private Enterprise Numbers
registry URL so the correct file gets downloaded and installed.

Signed-off-by: Vincent Fazio <vfazio@gmail.com>
Signed-off-by: Vincent Fazio <vfazio@xes-inc.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 4b6ccffcfb)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-01-29 21:57:26 +01:00
Vincent Fazio 0682418f5a package/ipmitool: use the standard github helper
Signed-off-by: Vincent Fazio <vfazio@gmail.com>
Signed-off-by: Vincent Fazio <vfazio@xes-inc.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit dce238f045)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-01-29 21:56:36 +01:00
128 changed files with 975 additions and 892 deletions
+38 -2
View File
@@ -1,3 +1,39 @@
2022.11.2, released March 1st, 2023
Important / security related fixes.
Fix make O=..._defconfig builds (regression in 2022.11.1).
A number of additional/stricter checks have been added to
./utils/check-package.
Build host dependencies check extended to check for a number
of specific perl modules to better handle distributions (like
Fedora) with very fine grained perl packages. Also ensure
build host has git >= 2.0.0 when using packages written in
go/rust because the vendoring may need it.
Defconfigs: ASUS tinker rk3288: Fix boot issue related to TPL
Updated/fixed packages: afboot-stm32, apache, barebox, c-ares,
elf2flt, freeswitch, fwts, gcc, gdal, git, gitlab-runner,
ipmitool, kodi, libgit2, libks, libopenssl, libressl, live555,
lua, lxc, mariadb, mesa3d-headers, modsecurity2, mongoose,
netopeer2, nodejs, openjdk, openpowerlink, openvpn, opusfile,
postgresql, proftpd, pugixml, python-future, python-idna, qt5,
rtl8192eu, rtl8723ds, sdl2, sofia-sip, ssdp-responder, sudo,
sunxi-mali-utgard, thermald, ti-sgx-km, tmux, uboot, upx, vim,
webkitgtk, wolfssl, wpewebkit, xlib_libXpm,
xserver_xorg-server, xxhash, xz, yajl, zabbix
Issues resolved (http://bugs.uclibc.org):
#15271: no start-qemu.sh
#15281: Error compiling GDAL library for RPi-64 if libgdal-dev install..
#15291: BR2_PACKAGE_GNU_EFI_ARCH_SUPPORTS without location
#15301: Selecting NAND Flash boot media (NAND_BOOT) breaks the uboot..
#15331: Warning on python-flit-core license when generating legal info
2022.11.1, released January 18th, 2023
Important / security related fixes.
@@ -7661,7 +7697,7 @@
Architecture: Default to bf532 CPU variant for blackfin,
Fix flat one memory region support for m68k and disable flat
seperate data support because of compatibility issues.
separate data support because of compatibility issues.
Defconfigs: Minnowboard and Raspberrypi: Fix errors with
post-build scripts when systemd is used.
@@ -8197,7 +8233,7 @@
Minor fixes.
Merged/seperate /usr handling is now also performed for
Merged/separate /usr handling is now also performed for
staging so cross-gdb / gdbserver can find the libraries.
Updated/fixed packages: autossh, conntrack-tools, dcron,
+63 -38
View File
@@ -645,20 +645,22 @@ config BR2_PACKAGE_SUNXI_MALI_MAINLINE
config BR2_PACKAGE_SUNXI_MALI_MAINLINE_R6P2
bool "sunxi-mali-mainline-r6p2 was renamed"
select BR2_LEGACY
select BR2_PACKAGE_SUNXI_MALI_UTGARD_R6P2
help
The sunxi-mali-mainline package has been renamed
sunxi-mali-utgard, the suboptions of this package have also
been renamed accordingly.
# Note: BR2_PACKAGE_SUNXI_MALI_MAINLINE_R6P2 is still referenced from
# package/sunxi-mali-utgard/Config.in
config BR2_PACKAGE_SUNXI_MALI_MAINLINE_R8P1
bool "sunxi-mali-mainline-r8p1 was renamed"
select BR2_LEGACY
select BR2_PACKAGE_SUNXI_MALI_UTGARD_R8P1
help
The sunxi-mali-mainline package has been renamed
sunxi-mali-utgard, the suboptions of this package have also
been renamed accordingly.
# Note: BR2_PACKAGE_SUNXI_MALI_MAINLINE_R8P1 is still referenced from
# package/sunxi-mali-utgard/Config.in
config BR2_PACKAGE_QT5WEBKIT_EXAMPLES
bool "qt5webkit-examples removed"
@@ -716,18 +718,20 @@ comment "Legacy options removed in 2021.11"
config BR2_OPENJDK_VERSION_LTS
bool "OpenJDK LTS version was renamed to OpenJDK 11"
select BR2_LEGACY
select BR2_PACKAGE_OPENJDK_VERSION_11
help
The LTS version option was renamed to OpenJDK 11 to make it
clear what LTS version is.
# Note: BR2_OPENJDK_VERSION_LTS is still referenced from
# package/openjdk/Config.in
config BR2_OPENJDK_VERSION_LATEST
bool "OpenJDK latest version (16.x) was removed"
select BR2_LEGACY
select BR2_PACKAGE_OPENJDK_VERSION_17
help
OpenJDK 16.x is no longer mainted, so the option has been
removed. Use OpenJDK 17.x instead.
# Note: BR2_OPENJDK_VERSION_LATEST is still referenced from
# package/openjdk/Config.in
config BR2_PACKAGE_MPD_TIDAL
bool "mpd tidal option removed"
@@ -1643,6 +1647,35 @@ config BR2_PACKAGE_RPI_USERLAND_START_VCFILED
help
The vcfiled support was removed upstream.
config BR2_PACKAGE_TI_SGX_KM_AM335X
bool "ti-sgx-km AM335X option removed"
select BR2_LEGACY
select BR2_PACKAGE_TI_SGX_KM
help
Starting from buildroot release 2020.02, the buildroot package
only supports the target am335x.
config BR2_PACKAGE_TI_SGX_KM_AM437X
bool "ti-sgx-km AM437X option removed"
select BR2_LEGACY
help
Starting from buildroot release 2020.02, the buildroot package
only supports the target am335x.
config BR2_PACKAGE_TI_SGX_KM_AM4430
bool "ti-sgx-km AM4430 option removed"
select BR2_LEGACY
help
Starting from buildroot release 2020.02, the buildroot package
only supports the target am335x.
config BR2_PACKAGE_TI_SGX_KM_AM5430
bool "ti-sgx-km AM5430 option removed"
select BR2_LEGACY
help
Starting from buildroot release 2020.02, the buildroot package
only supports the target am335x.
comment "Legacy options removed in 2019.11"
config BR2_PACKAGE_OPENVMTOOLS_PROCPS
@@ -2108,9 +2141,9 @@ config BR2_PACKAGE_FFTW_PRECISION_QUAD
config BR2_PACKAGE_LUA_5_2
bool "Lua 5.2.x version removed"
select BR2_LEGACY
select BR2_PACKAGE_LUA_5_3
help
The Lua 5.2.x version was removed.
# Note: BR2_PACKAGE_LUA_5_2 is still referenced from package/lua/Config.in
config BR2_TARGET_GENERIC_PASSWD_MD5
bool "target passwd md5 format support has been removed"
@@ -2608,7 +2641,7 @@ config BR2_PACKAGE_MEDIAART_BACKEND_GDK_PIXBUF
BR2_PACKAGE_MEDIAART_BACKEND_GDK_PIXBUF has been renamed to
BR2_PACKAGE_LIBMEDIAART_BACKEND_GDK_PIXBUF
config BR2_PACKAGE_MEDIAART_BACKEND_GDK_PIXBUF
config BR2_PACKAGE_MEDIAART_BACKEND_QT
bool "libmediaart qt backend option renamed"
select BR2_LEGACY
help
@@ -2616,45 +2649,34 @@ config BR2_PACKAGE_MEDIAART_BACKEND_GDK_PIXBUF
BR2_PACKAGE_MEDIAART_BACKEND_QT has been renamed to
BR2_PACKAGE_LIBMEDIAART_BACKEND_QT
# Note: BR2_PACKAGE_TI_SGX_AM335X is still referenced from
# package/ti-sgx-km/Config.in
config BR2_PACKAGE_TI_SGX_AM335X
bool "ti-sgx-km AM335X option renamed"
bool "ti-sgx-km AM335X option removed"
select BR2_LEGACY
select BR2_PACKAGE_TI_SGX_KM
help
For consistency reasons, the option
BR2_PACKAGE_TI_SGX_AM335X has been renamed to
BR2_PACKAGE_TI_SGX_KM_AM335X.
Starting from buildroot release 2020.02, the buildroot package
only supports the target am335x.
# Note: BR2_PACKAGE_TI_SGX_AM437X is still referenced from
# package/ti-sgx-km/Config.in
config BR2_PACKAGE_TI_SGX_AM437X
bool "ti-sgx-km AM437X option renamed"
bool "ti-sgx-km AM437X option removed"
select BR2_LEGACY
help
For consistency reasons, the option
BR2_PACKAGE_TI_SGX_AM437X has been renamed to
BR2_PACKAGE_TI_SGX_KM_AM437X.
Starting from buildroot release 2020.02, the buildroot package
only supports the target am335x.
# Note: BR2_PACKAGE_TI_SGX_AM4430 is still referenced from
# package/ti-sgx-km/Config.in
config BR2_PACKAGE_TI_SGX_AM4430
bool "ti-sgx-km AM4430 option renamed"
bool "ti-sgx-km AM4430 option removed"
select BR2_LEGACY
help
For consistency reasons, the option
BR2_PACKAGE_TI_SGX_AM4430 has been renamed to
BR2_PACKAGE_TI_SGX_KM_AM4430.
Starting from buildroot release 2020.02, the buildroot package
only supports the target am335x.
# Note: BR2_PACKAGE_TI_SGX_AM5430 is still referenced from
# package/ti-sgx-km/Config.in
config BR2_PACKAGE_TI_SGX_AM5430
bool "ti-sgx-km AM5430 option renamed"
bool "ti-sgx-km AM5430 option removed"
select BR2_LEGACY
help
For consistency reasons, the option
BR2_PACKAGE_TI_SGX_AM5430 has been renamed to
BR2_PACKAGE_TI_SGX_KM_AM5430.
Starting from buildroot release 2020.02, the buildroot package
only supports the target am335x.
config BR2_PACKAGE_JANUS_AUDIO_BRIDGE
bool "janus-gateway audio-bridge option renamed"
@@ -3254,7 +3276,7 @@ config BR2_PACKAGE_POLICYCOREUTILS_RESTORECOND
select BR2_PACKAGE_RESTORECOND
help
The policycoreutils package no longer offers restorecond
as a option. This package has been moved into a seperate
as a option. This package has been moved into a separate
package maintained by the SELinux maintainers.
config BR2_PACKAGE_SEPOLGEN
@@ -3848,7 +3870,7 @@ config BR2_GDB_VERSION_7_9
comment "Legacy options removed in 2016.11"
config BR2_PACKAGE_PHP_SAPI_CLI_CGI
bool "PHP CGI and CLI options are now seperate"
bool "PHP CGI and CLI options are now separate"
select BR2_PACKAGE_PHP_SAPI_CLI
select BR2_PACKAGE_PHP_SAPI_CGI
select BR2_LEGACY
@@ -3984,10 +4006,11 @@ config BR2_LINUX_KERNEL_TOOL_SELFTESTS
config BR2_GCC_VERSION_4_8_ARC
bool "gcc arc option renamed"
select BR2_LEGACY
select BR2_GCC_VERSION_ARC
help
The option that selects the gcc version for the ARC
architecture has been renamed to BR2_GCC_VERSION_ARC.
# Note: BR2_GCC_VERSION_4_8_ARC is still referenced from
# package/gcc/Config.in.host
config BR2_KERNEL_HEADERS_4_0
bool "kernel headers version 4.0.x are no longer supported"
@@ -4327,19 +4350,21 @@ config BR2_PACKAGE_OPENPOWERLINK_DEBUG_LEVEL
config BR2_PACKAGE_OPENPOWERLINK_KERNEL_MODULE
bool "openpowerlink package has been updated"
select BR2_LEGACY
select BR2_PACKAGE_OPENPOWERLINK_STACK_KERNEL_STACK_LIB
help
openpowerlink kernel modules are built if the
kernel stack library is selected.
# Note: BR2_PACKAGE_OPENPOWERLINK_KERNEL_MODULE is still referenced from
# package/openpowerlink/Config.in
config BR2_PACKAGE_OPENPOWERLINK_LIBPCAP
bool "openpowerlink package has been updated"
select BR2_LEGACY
select BR2_PACKAGE_OPENPOWERLINK_STACK_USERSPACE_DAEMON_LIB
help
The user space support has been split in two part:
- a monolitic user space library
- a user spae deamon driver
- a monolithic user space library
- a user space daemon driver
# Note: BR2_PACKAGE_OPENPOWERLINK_LIBPCAP is still referenced from
# package/openpowerlink/Config.in
config BR2_LINUX_KERNEL_SAME_AS_HEADERS
bool "using the linux headers version for the kernel has been removed"
@@ -4878,7 +4903,7 @@ config BR2_PACKAGE_KODI_PVR_ADDONS
select BR2_PACKAGE_KODI_PVR_VUPLUS
select BR2_PACKAGE_KODI_PVR_WMC
help
Kodi PVR addon was split into seperate modules
Kodi PVR addon was split into separate modules
config BR2_BINUTILS_VERSION_2_23_2
bool "binutils 2.23 option renamed"
+1 -2
View File
@@ -130,7 +130,6 @@ F: package/python-docopt/
N: André Zwing <nerv@dawncrow.de>
F: package/libkrb5/
F: package/openal/
F: package/p7zip/
F: package/wine/
@@ -1071,7 +1070,7 @@ F: package/ucl/
F: package/upx/
F: package/zxing-cpp/
N: Frank Vanbever <frank.vanbever@essensium.com>
N: Frank Vanbever <frank.vanbever@mind.be>
F: package/elixir/
F: package/libmodsecurity/
F: package/nginx-modsecurity/
+3 -3
View File
@@ -92,9 +92,9 @@ all:
.PHONY: all
# Set and export the version string
export BR2_VERSION := 2022.11.1
export BR2_VERSION := 2022.11.2
# Actual time the release is cut (for reproducible builds)
BR2_VERSION_EPOCH = 1674028000
BR2_VERSION_EPOCH = 1677686000
# Save running make version since it's clobbered by the make package
RUNNING_MAKE_VERSION := $(MAKE_VERSION)
@@ -1041,7 +1041,7 @@ savedefconfig: $(BUILD_DIR)/buildroot-config/conf outputmakefile
# staging and target directories do NOT list these as
# dependencies anywhere else
$(BUILD_DIR) $(BASE_TARGET_DIR) $(HOST_DIR) $(BINARIES_DIR) $(LEGAL_INFO_DIR) $(REDIST_SOURCES_DIR_TARGET) $(REDIST_SOURCES_DIR_HOST) $(PER_PACKAGE_DIR):
$(BASE_DIR) $(BUILD_DIR) $(BASE_TARGET_DIR) $(HOST_DIR) $(BINARIES_DIR) $(LEGAL_INFO_DIR) $(REDIST_SOURCES_DIR_TARGET) $(REDIST_SOURCES_DIR_HOST) $(PER_PACKAGE_DIR):
@mkdir -p $@
# outputmakefile generates a Makefile in the output directory, if using a
+1 -1
View File
@@ -1,4 +1,4 @@
label Tinker linux-next
label Tinker linux
kernel /boot/uImage
devicetree /boot/rk3288-tinker.dtb
append console=ttyS2,115200n8 root=/dev/mmcblk0p1 rootwait
+9 -2
View File
@@ -2,12 +2,19 @@ image sdcard.img {
hdimage {
}
partition u-boot-spl-dtb {
partition u-boot-tpl-spl-dtb {
in-partition-table = "no"
image = "u-boot-spl-dtb.img"
image = "u-boot-tpl-spl-dtb.img"
offset = 32K
}
partition u-boot-dtb {
in-partition-table = "no"
image = "u-boot-dtb.img"
offset = 8M
size = 30M
}
partition rootfs {
partition-type = 0x83
image = "rootfs.ext4"
+2 -2
View File
@@ -3,7 +3,7 @@
MKIMAGE=$HOST_DIR/bin/mkimage
BOARD_DIR="$(dirname $0)"
$MKIMAGE -n rk3288 -T rksd -d $BINARIES_DIR/u-boot-spl-dtb.bin $BINARIES_DIR/u-boot-spl-dtb.img
cat $BINARIES_DIR/u-boot-dtb.bin >> $BINARIES_DIR/u-boot-spl-dtb.img
$MKIMAGE -n rk3288 -T rksd -d $BINARIES_DIR/u-boot-tpl.bin $BINARIES_DIR/u-boot-tpl.img
cat $BINARIES_DIR/u-boot-tpl.img $BINARIES_DIR/u-boot-spl-dtb.bin > $BINARIES_DIR/u-boot-tpl-spl-dtb.img
install -m 0644 -D $BOARD_DIR/extlinux.conf $TARGET_DIR/boot/extlinux/extlinux.conf
@@ -0,0 +1,36 @@
From d65b07d6fe438e760fdbc33a8e42650a27d5b417 Mon Sep 17 00:00:00 2001
From: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Date: Sat, 31 Dec 2022 11:09:38 +0100
Subject: [PATCH] Makefile: disable stack-protector
Disable stack-protector to avoid the following build failure:
/home/autobuild/autobuild/instance-14/output-1/host/bin/arm-buildroot-linux-gnueabi-ld -T stm32f429.lds --gc-sections -o stm32f469i-disco.elf stm32f469i-disco.o gpio.o mpu.o qspi.o start_kernel.o usart-f4.o
/home/autobuild/autobuild/instance-14/output-1/host/bin/arm-buildroot-linux-gnueabi-ld: stm32f469i-disco.o: in function `main':
stm32f469i-disco.c:(.text.startup.main+0x3b0): undefined reference to `__stack_chk_guard'
/home/autobuild/autobuild/instance-14/output-1/host/bin/arm-buildroot-linux-gnueabi-ld: stm32f469i-disco.c:(.text.startup.main+0x4c0): undefined reference to `__stack_chk_fail'
/home/autobuild/autobuild/instance-14/output-1/host/bin/arm-buildroot-linux-gnueabi-ld: stm32f469i-disco.c:(.text.startup.main+0x4ec): undefined reference to `__stack_chk_guard'
Fixes:
- http://autobuild.buildroot.org/results/fa6ffab24c3998f21034ab24e8d2852cacde08c1
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
---
Makefile | 1 +
1 file changed, 1 insertion(+)
diff --git a/Makefile b/Makefile
index 8f42be1..8da7a25 100644
--- a/Makefile
+++ b/Makefile
@@ -14,6 +14,7 @@ CFLAGS := -mthumb -mcpu=cortex-m4
CFLAGS += -ffunction-sections -fdata-sections
CFLAGS += -Os -std=gnu99 -Wall
CFLAGS += -fno-builtin
+CFLAGS += -fno-stack-protector
LINKERFLAGS := --gc-sections
obj-y += gpio.o mpu.o qspi.o start_kernel.o
--
2.35.1
+8 -1
View File
@@ -74,6 +74,13 @@ endif
$(1)_MAKE_FLAGS = ARCH=$$($(1)_ARCH) CROSS_COMPILE="$$(TARGET_CROSS)"
$(1)_MAKE_ENV = $$(TARGET_MAKE_ENV)
ifeq ($$(BR2_REPRODUCIBLE),y)
$(1)_MAKE_ENV += \
KBUILD_BUILD_USER=buildroot \
KBUILD_BUILD_HOST=buildroot \
KBUILD_BUILD_TIMESTAMP="$$(shell LC_ALL=C TZ='UTC' date -d @$(SOURCE_DATE_EPOCH))"
endif
ifeq ($$(BR2_TARGET_$(1)_USE_DEFCONFIG),y)
$(1)_KCONFIG_DEFCONFIG = $$(call qstrip,$$(BR2_TARGET_$(1)_BOARD_DEFCONFIG))_defconfig
else ifeq ($$(BR2_TARGET_$(1)_USE_CUSTOM_CONFIG),y)
@@ -121,7 +128,7 @@ endef
define $(1)_BUILD_CMDS
$$($(1)_BUILD_BAREBOXENV_CMDS)
$$(TARGET_MAKE_ENV) $$(MAKE) $$($(1)_MAKE_FLAGS) -C $$(@D)
$$($(1)_MAKE_ENV) $$(MAKE) $$($(1)_MAKE_FLAGS) -C $$(@D)
$$($(1)_BUILD_CUSTOM_ENV)
endef
-1
View File
@@ -430,7 +430,6 @@ endif
config BR2_TARGET_UBOOT_SPL
bool "Install U-Boot SPL binary image"
depends on !BR2_TARGET_XLOADER
help
Install the U-Boot SPL binary image to the images
directory.
+1 -2
View File
@@ -17,9 +17,8 @@ BR2_TARGET_UBOOT_NEEDS_PYTHON3=y
BR2_TARGET_UBOOT_NEEDS_PYLIBFDT=y
BR2_TARGET_UBOOT_NEEDS_OPENSSL=y
BR2_TARGET_UBOOT_FORMAT_DTB_IMG=y
BR2_TARGET_UBOOT_FORMAT_DTB_BIN=y
BR2_TARGET_UBOOT_SPL=y
BR2_TARGET_UBOOT_SPL_NAME="spl/u-boot-spl-dtb.bin"
BR2_TARGET_UBOOT_SPL_NAME="spl/u-boot-spl-dtb.bin tpl/u-boot-tpl.bin"
# Kernel
BR2_LINUX_KERNEL=y
+5 -5
View File
@@ -2,13 +2,13 @@
sha256 abe37eb0e2e331bdc7c4110115664e180e7d43b7336de6b4cd2bd1b123d30207 linux-6.0.19.tar.xz
# From https://www.kernel.org/pub/linux/kernel/v5.x/sha256sums.asc
sha256 c93bb384a97ad1f0a4f18e442ce0291242722f78023eca658b22344541f09489 linux-5.19.17.tar.xz
sha256 e7359bd2935b54fe8bb821cf748591c36a95bed019e752d3e4d5803d9da1ccb4 linux-5.15.87.tar.xz
sha256 2ec400fc50ffdfe4c836a3c02bf6e7aebcd7963dd2ac1425e6d41545c37dd217 linux-5.10.162.tar.xz
sha256 80253b2cac54c256dfdfd1061800aef907f88432090f7aef74c0ddf50f6e6524 linux-5.4.228.tar.xz
sha256 a63c2bb1beb15f1aea9c63cf80559f5b7ab58afd2da2fa5e7670c515ebe1fe80 linux-5.15.91.tar.xz
sha256 0051a1780e5bda0efc68dafab7c728b8283d2b028fedb439418f478be7d3e1af linux-5.10.166.tar.xz
sha256 a74fd32ccc1025b72f3ba7183208761f7c6190fb96e8f484f6d543a5a183e62f linux-5.4.230.tar.xz
# From https://www.kernel.org/pub/linux/kernel/v4.x/sha256sums.asc
sha256 5385aaec55c766e3f462511453f5c63d7898b2d0e9ea74f22a23ebbedab0b3c6 linux-4.9.337.tar.xz
sha256 e32a230d71072a4ee50bd4386aa23ca4e617b8ad07b6f9fb223b65bf004c4c80 linux-4.14.302.tar.xz
sha256 6e0ba5d224ab216b7b938cc9ff2478be7882a884bbdf15374149bade4d58b20a linux-4.19.269.tar.xz
sha256 64cbb234e46c196bc12bde74b233c7d3cb3b68d9c8ed48bf06715bd0f5c549d5 linux-4.14.304.tar.xz
sha256 636d3f9cb48eaf06df14e56bd9d57bfc7c1b5952a75b9f841d41a43b75829d1a linux-4.19.271.tar.xz
# Locally computed
sha256 4594c147bdc493c7c286688542bbe65e550fb7bd58e0649ec587a2fe893ec0ee linux-cip-5.10.145-cip17.tar.gz
sha256 a5598f7f673b3ef819d6ed24f08d539eecb6febd11673a1d4752a1c05d4ee289 linux-cip-5.10.145-cip17-rt7.tar.gz
+2 -2
View File
@@ -1,5 +1,5 @@
# From https://downloads.apache.org/httpd/httpd-2.4.54.tar.bz2.{sha256,sha512}
sha256 eb397feeefccaf254f8d45de3768d9d68e8e73851c49afd5b7176d1ecf80c340 httpd-2.4.54.tar.bz2
sha512 228493b2ff32c4142c6e484d304f2ea12e467498605fe12adce2b61388d8efe7b2e96ae2fd0abd1dc88a5f12d625e007d8da0ae5628cff2a5272806754f41e18 httpd-2.4.54.tar.bz2
sha256 11d6ba19e36c0b93ca62e47e6ffc2d2f2884942694bce0f23f39c71bdc5f69ac httpd-2.4.55.tar.bz2
sha512 94982f7a1fedac8961fc17b5a22cf763ac28cb27ee6facab2e6a15b249b927773667493fd3f7354fb13fcb34a6f1afc1bdd5cf4b7be030cba1dfb523e40d43fb httpd-2.4.55.tar.bz2
# Locally computed
sha256 47b8c2b6c3309282a99d4a3001575c790fead690cc14734628c4667d2bbffc43 LICENSE
+1 -1
View File
@@ -4,7 +4,7 @@
#
################################################################################
APACHE_VERSION = 2.4.54
APACHE_VERSION = 2.4.55
APACHE_SOURCE = httpd-$(APACHE_VERSION).tar.bz2
APACHE_SITE = https://downloads.apache.org/httpd
APACHE_LICENSE = Apache-2.0
+3
View File
@@ -108,6 +108,9 @@ BUSYBOX_MAKE_OPTS = \
CONFIG_PREFIX="$(TARGET_DIR)" \
SKIP_STRIP=y
# specifying BUSYBOX_CONFIG_FILE on the command-line overrides the .config
# setting.
# check-package disable Ifdef
ifndef BUSYBOX_CONFIG_FILE
BUSYBOX_CONFIG_FILE = $(call qstrip,$(BR2_PACKAGE_BUSYBOX_CONFIG))
endif
+1 -1
View File
@@ -1,5 +1,5 @@
# Locally calculated after checking pgp signature
sha256 1a7d52a8a84a9fbffb1be9133c0f6e17217d91ea5a6fa61f6b4729cda78ebbcf c-ares-1.18.1.tar.gz
sha256 bfceba37e23fd531293829002cac0401ef49a6dc55923f7f92236585b7ad1dd3 c-ares-1.19.0.tar.gz
# Hash for license file
sha256 db4eb63fe09daebdf57d3f79b091bb5ee5070c0d761040e83264e648d307af4c LICENSE.md
+1 -1
View File
@@ -4,7 +4,7 @@
#
################################################################################
C_ARES_VERSION = 1.18.1
C_ARES_VERSION = 1.19.0
C_ARES_SITE = http://c-ares.haxx.se/download
C_ARES_INSTALL_STAGING = YES
C_ARES_CONF_OPTS = --with-random=/dev/urandom
+1 -1
View File
@@ -9,7 +9,7 @@ config BR2_PACKAGE_DAHDI_LINUX
DAHDI Linux is the open source device driver framework used to
interface Asterisk with telephony hardware.
http://www.asterisk.org/downloads/dahdi
https://github.com/asterisk/dahdi-linux
comment "dahdi-linux needs a Linux kernel to be built"
depends on !BR2_LINUX_KERNEL
@@ -1,8 +1,7 @@
From 65ac5f9e69cfb989d970da74c41e478774d29be5 Mon Sep 17 00:00:00 2001
From a8c9f650b82109abf7aa730f298ea5182ed62613 Mon Sep 17 00:00:00 2001
From: Niklas Cassel <niklas.cassel@wdc.com>
Date: Tue, 9 Aug 2022 21:06:05 +0200
Subject: [PATCH] elf2flt: fix fatal error regression on m68k, xtensa,
riscv64
Subject: [PATCH] elf2flt: fix fatal error regression on m68k, xtensa, riscv64
Commit ba379d08bb78 ("elf2flt: fix for segfault on some ARM ELFs")
changed the condition of which input sections that should be included
@@ -12,16 +11,15 @@ to:
((a->flags & (SEC_DATA | SEC_READONLY | SEC_RELOC)) ==
(SEC_DATA | SEC_READONLY | SEC_RELOC))
On ARM, the .eh_frame input section does not have the SEC_RELOC flag
set, so this specific change had no effect on ARM.
On ARM, the .eh_frame input section does not have the SEC_RELOC flag set,
so on ARM, this change caused .eh_frame to move from .text to .data.
However, on e.g. m68k and riscv64, the .eh_frame input section does
have the SEC_RELOC flag set, which means that after commit ba379d08bb78
("elf2flt: fix for segfault on some ARM ELFs"), read-only relocation
data sections were placed in .text output section, instead of .data
output section.
However, on e.g. m68k, xtensa and riscv64, the .eh_frame input section
does have the SEC_RELOC flag set, which means that the change in
commit ba379d08bb78 ("elf2flt: fix for segfault on some ARM ELFs")
caused .eh_frame to move in an opposite way, i.e. from .data to .text.
This will result in a fatal error on m68k, xtensa and riscv64:
This resulted in a fatal error on m68k, xtensa and riscv64:
ERROR: text=0x3bab8 overlaps data=0x33f60 ?
This is because elf2flt cannot append to .text after .data has been
@@ -36,21 +34,26 @@ to .text after .data has been appended to (which will require elf2flt
to move/relocate everything that has already been appended to .data,
since the virtual addresses are contiguous).
However, for now, add an exception for m68k, xtensa and riscv64
(specifically for the problematic input section, .eh_frame), so that we
get the same behavior as older elf2flt releases, where we put read-only
relocation data in .data, which was working perfectly fine.
However, for now, add an exception for input sections which have all
three flags SEC_DATA, SEC_READONLY, and SEC_RELOC set, and which have a
name equal to a problematic input section (.eh_frame, .gcc_except_table).
That way, we get the same behavior as older elf2flt releases for m68k,
xtensa and riscv64, where we put read-only relocation data in .data,
which was working perfectly fine.
This exception will not change any behavior on ARM, as the .eh_frame
input section does not have flag SEC_RELOC set.
Signed-off-by: Niklas Cassel <niklas.cassel@wdc.com>
---
elf2flt.c | 11 +++++++++--
1 file changed, 9 insertions(+), 2 deletions(-)
elf2flt.c | 9 +++++++--
1 file changed, 7 insertions(+), 2 deletions(-)
diff --git a/elf2flt.c b/elf2flt.c
index 9c32f9a..a680c89 100644
index e0d7891..39d035f 100644
--- a/elf2flt.c
+++ b/elf2flt.c
@@ -340,8 +340,15 @@ compare_relocs (const void *pa, const void *pb)
@@ -341,8 +341,13 @@ compare_relocs (const void *pa, const void *pb)
static bool
ro_reloc_data_section_should_be_in_text(asection *s)
{
@@ -58,10 +61,8 @@ index 9c32f9a..a680c89 100644
- (SEC_DATA | SEC_READONLY | SEC_RELOC);
+ if ((s->flags & (SEC_DATA | SEC_READONLY | SEC_RELOC)) ==
+ (SEC_DATA | SEC_READONLY | SEC_RELOC)) {
+#if defined(TARGET_m68k) || defined(TARGET_riscv64) || defined(TARGET_xtensa)
+ if (!strcmp(".eh_frame", s->name))
+ if (!strcmp(".eh_frame", s->name) || !strcmp(".gcc_except_table", s->name))
+ return false;
+#endif
+ return true;
+ }
+ return false;
@@ -69,5 +70,5 @@ index 9c32f9a..a680c89 100644
static uint32_t *
--
2.37.1
2.39.0
+2 -3
View File
@@ -1,11 +1,10 @@
# From https://files.freeswitch.org/freeswitch-releases/freeswitch-1.10.8.-release.tar.xz.sha256
sha256 1176b26b2f463de2980e5be953f81ced94d23c784452bd41e086d3933a88be5f freeswitch-1.10.8.-release.tar.xz
# From https://files.freeswitch.org/freeswitch-releases/freeswitch-1.10.9.-release.tar.xz.sha256
sha256 f649d53af7beccb59c1d03864cd8f2d287e4ea26ef652b5c4969d29121ced063 freeswitch-1.10.9.-release.tar.xz
# Locally computed
sha256 75c933202f40939cdc3827fce20a1efdaa38291e2b5a65d234eb16e2cffda66a COPYING
sha256 c3e3388768dae8bf4edcc4108f95be815b8a05c0b0aef6e4c3d8df81affdfa34 docs/OPENH264_BINARY_LICENSE.txt
sha256 e8e26b16da14aa3e6ed5c22c705fdc1f45d6225fca461ea9f7314bcdfdc414c4 libs/apr/LICENSE
sha256 8267348d5af1262c11d1a08de2f5afc77457755f1ac658627dd9acf71011d615 libs/libvpx/LICENSE
sha256 2b2cc1180c7e6988328ad2033b04b80117419db9c4c584918bbb3cfec7e9364f libs/libyuv/LICENSE
sha256 7d72a8aee2c4b1a084200487992a5d86f5df6b535727a14c1874918e99d24600 libs/libzrtp/src/zrtp_legal.c
sha256 8e19d42a1eec9561f3f347253ddf2e385c55f392f025bb0fd41b88dbf38db5ae libs/srtp/LICENSE
sha256 ab00a482b6a3902e40211b43c5d0441962ea99b6cc7c25c0f243fa270b78d482 src/mod/codecs/mod_isac/LICENSE
+1 -10
View File
@@ -4,7 +4,7 @@
#
################################################################################
FREESWITCH_VERSION = 1.10.8
FREESWITCH_VERSION = 1.10.9
FREESWITCH_SOURCE = freeswitch-$(FREESWITCH_VERSION).-release.tar.xz
FREESWITCH_SITE = https://files.freeswitch.org/freeswitch-releases
# External modules need headers/libs from staging
@@ -81,15 +81,6 @@ FREESWITCH_CONF_OPTS = \
--without-python \
--disable-system-xmlrpc-c
# zrtp supports a limited set of archs, sparc support is also broken due
# to a broken ld call by gcc, see libs/libzrtp/include/zrtp_config.h
ifeq ($(BR2_i386)$(BR2_arm)$(BR2_armeb)$(BR2_aarch64)$(BR2_aarch64_be)$(BR2_mips)$(BR2_mipsel)$(BR2_mips64)$(BR2_mips64el)$(BR2_powerpc)$(BR2_powerpc64)$(BR2_powerpc64le)$(BR2_x86_64),y)
FREESWITCH_LICENSE_FILES += libs/libzrtp/src/zrtp_legal.c
FREESWITCH_CONF_OPTS += --enable-zrtp
else
FREESWITCH_CONF_OPTS += --disable-zrtp
endif
# Enable optional modules
FREESWITCH_ENABLED_MODULES += \
applications/mod_avmd \
+1 -1
View File
@@ -15,7 +15,7 @@ FWTS_DEPENDENCIES = host-bison host-flex host-pkgconf libglib2 libbsd \
$(if $(BR2_PACKAGE_BASH_COMPLETION),bash-completion) \
$(if $(BR2_PACKAGE_DTC),dtc)
ifdef BR2_PACKAGE_FWTS_EFI_RUNTIME_MODULE
ifeq ($(BR2_PACKAGE_FWTS_EFI_RUNTIME_MODULE),y)
FWTS_MODULE_SUBDIRS = efi_runtime
$(eval $(kernel-module))
endif
+1
View File
@@ -2,6 +2,7 @@ comment "GCC Options"
choice
prompt "GCC compiler Version"
default BR2_GCC_VERSION_ARC if BR2_GCC_VERSION_4_8_ARC # legacy
default BR2_GCC_VERSION_ARC if BR2_arc
default BR2_GCC_VERSION_POWERPC_SPE if BR2_powerpc_SPE
default BR2_GCC_VERSION_11_X
+87 -81
View File
@@ -12,6 +12,15 @@ GDAL_LICENSE_FILES = LICENSE.TXT
GDAL_CPE_ID_VENDOR = osgeo
GDAL_INSTALL_STAGING = YES
GDAL_CONFIG_SCRIPTS = gdal-config
GDAL_SUPPORTS_IN_SOURCE_BUILD = NO
# Using 'make' with CMake's Makefile generator will not work, as
# 'make' uses GNUmakefile first, but GNUmakefile is provided by
# autotools in gdal. We need to force 'make' to use the Makefile,
# which is generated by CMake. GNUmakefile and autoconf are dropped in
# 3.6 so this can be dropped in future version.
GDAL_MAKE_OPTS += -f Makefile
# gdal at its core only needs host-pkgconf, libgeotiff, proj and tiff
# but since by default mrf driver support is enabled, it also needs
# jpeg, libpng and zlib. By default there are also many other drivers
@@ -20,97 +29,94 @@ GDAL_CONFIG_SCRIPTS = gdal-config
# respectively needed dependencies.
GDAL_DEPENDENCIES = host-pkgconf jpeg json-c libgeotiff libpng proj tiff zlib
# Yes, even though they have --with options, these few libraries are
# Yes, even though they have -DDGDAL_USE options, a few libraries are
# mandatory. If we don't provide them, bundled versions are used.
GDAL_CONF_OPTS = \
--with-geotiff \
--with-jpeg \
--with-libjson-c=$(STAGING_DIR)/usr \
--with-libtool \
--with-libz \
--with-png \
--with-proj \
--without-armadillo \
--without-blosc \
--without-brunsli \
--without-cfitsio \
--without-crypto \
--without-cryptopp \
--without-curl \
--without-dds \
--without-ecw \
--without-expat \
--without-exr \
--without-fgdb \
--without-freexl \
--without-geos \
--without-gnm \
--without-libkml \
--without-lz4 \
--without-gta \
--without-hdf4 \
--without-hdf5 \
--without-hdfs \
--without-heif \
--without-idb \
--without-jp2lura \
--without-java \
--without-jpeg12 \
--without-jxl \
--without-kakadu \
--without-kea \
--without-lerc \
--without-gif \
--without-liblzma \
--without-libdeflate \
--without-mongocxxv3 \
--without-mrsid \
--without-jp2mrsid \
--without-macosx-framework \
--without-msg \
--without-mysql \
--without-netcdf \
--without-null \
--without-oci \
--without-odbc \
--without-ogdi \
--without-opencl \
--without-openjpeg \
--without-pam \
--without-pcidsk \
--without-pcraster \
--without-pcre \
--without-pcre2 \
--without-pdfium \
--without-podofo \
--without-poppler \
--without-python \
--without-qhull \
--without-rasdaman \
--without-rasterlite2 \
--without-rdb \
--without-sfcgal \
--without-sosi \
--without-spatialite \
--without-sqlite3 \
--without-teigha \
--without-tiledb \
--without-webp \
--without-xerces \
--without-zstd
-DGDAL_USE_GEOTIFF=ON \
-DGDAL_USE_JPEG=ON \
-DGDAL_USE_JSONC=ON \
-DGDAL_USE_ZLIB=ON \
-DGDAL_USE_PNG=ON \
-DGDAL_USE_ARMADILLO=OFF \
-DGDAL_USE_BLOSC=OFF \
-DGDAL_USE_BRUNSLI=OFF \
-DGDAL_USE_CFITSIO=OFF \
-DGDAL_USE_OPENSSL=OFF \
-DGDAL_USE_CRYPTOPP=OFF \
-DGDAL_USE_CRNLIB=OFF \
-DGDAL_USE_CURL=OFF \
-DGDAL_USE_ECW=OFF \
-DGDAL_USE_EXPAT=OFF \
-DGDAL_USE_FILEGDB=OFF \
-DGDAL_USE_FREEXL=OFF \
-DGDAL_USE_GEOS=OFF \
-DGDAL_USE_LIBKML=OFF \
-DGDAL_USE_LZ4=OFF \
-DGDAL_USE_GTA=OFF \
-DGDAL_USE_HDF4=OFF \
-DGDAL_USE_HDF5=OFF \
-DGDAL_USE_HDFS=OFF \
-DGDAL_USE_HEIF=OFF \
-DGDAL_USE_IDB=OFF \
-DGDAL_USE_LURATECH=OFF \
-DGDAL_USE_JPEG12_INTERNAL=OFF \
-DGDAL_USE_JXL=OFF \
-DGDAL_USE_KDU=OFF \
-DGDAL_USE_KEA=OFF \
-DGDAL_USE_LERC=OFF \
-DGDAL_USE_GIF=OFF \
-DGDAL_USE_LIBLZMA=OFF \
-DGDAL_USE_DEFLATE=OFF \
-DGDAL_USE_MONGOCXX=OFF \
-DGDAL_USE_MRSID=OFF \
-DGDAL_USE_PUBLICDECOMPWT=OFF \
-DGDAL_USE_MYSQL=OFF \
-DGDAL_USE_NETCDF=OFF \
-DGDAL_USE_ORACLE=OFF \
-DGDAL_USE_ODBC=OFF \
-DGDAL_USE_OGDI=OFF \
-DGDAL_USE_OPENCL=OFF \
-DGDAL_USE_OPENEXR=OFF \
-DGDAL_USE_OPENJPEG=OFF \
-DGDAL_USE_PCRE=OFF \
-DGDAL_USE_PCRE2=OFF \
-DGDAL_USE_PDFIUM=OFF \
-DGDAL_USE_PODOFO=OFF \
-DGDAL_USE_POPPLER=OFF \
-DGDAL_USE_QHULL=OFF \
-DGDAL_USE_RASDAMAN=OFF \
-DGDAL_USE_RASTERLITE2=OFF \
-DGDAL_USE_RDB=OFF \
-DGDAL_USE_SFCGAL=OFF \
-DGDAL_USE_FYBA=OFF \
-DGDAL_USE_SPATIALITE=OFF \
-DGDAL_USE_SQLITE3=OFF \
-DGDAL_USE_TEIGHA=OFF \
-DGDAL_USE_TILEDB=OFF \
-DGDAL_USE_WEBP=OFF \
-DGDAL_USE_XERCESC=OFF \
-DGDAL_USE_ZSTD=OFF \
-DGDAL_ENABLE_DRIVER_PCIDSK=OFF \
-DGDAL_ENABLE_DRIVER_PCRASTER=OFF \
-DGDAL_ENABLE_DRIVER_NULL=OFF \
-DGDAL_ENABLE_MACOSX_FRAMEWORK=OFF \
-DENABLE_GNM=OFF \
-DENABLE_PAM=OFF \
-DBUILD_JAVA_BINDINGS=OFF \
-DBUILD_PYTHON_BINDINGS=OFF
ifeq ($(BR2_PACKAGE_LIBXML2),y)
GDAL_DEPENDENCIES += libxml2
GDAL_CONF_OPTS += --with-xml2
GDAL_CONF_OPTS += -DGDAL_USE_LIBXML2=ON
else
GDAL_CONF_OPTS += --without-xml2
GDAL_CONF_OPTS += -DGDAL_USE_LIBXML2=OFF
endif
ifeq ($(BR2_PACKAGE_POSTGRESQL),y)
GDAL_DEPENDENCIES += postgresql
GDAL_CONF_OPTS += --with-pg
GDAL_CONF_OPTS += -DGDAL_USE_POSTGRESQL=ON
else
GDAL_CONF_OPTS += --without-pg
GDAL_CONF_OPTS += -DGDAL_USE_POSTGRESQL=OFF
endif
$(eval $(autotools-package))
$(eval $(cmake-package))
+1 -1
View File
@@ -1,5 +1,5 @@
# From: https://www.kernel.org/pub/software/scm/git/sha256sums.asc
sha256 dbc80f88d36fcde2c7acaaa9343cfab0f56effe9aee60e5eb00f3f36b8a619b4 git-2.31.5.tar.xz
sha256 e0fa851e4ccb990c57793a3cfcbf7c8981fbacab175025ea15db9ecd57434cee git-2.31.6.tar.xz
# Locally calculated
sha256 5b2198d1645f767585e8a88ac0499b04472164c0d2da22e75ecf97ef443ab32e COPYING
sha256 1922f45d2c49e390032c9c0ba6d7cac904087f7cec51af30c2b2ad022ce0e76a LGPL-2.1
+1 -1
View File
@@ -4,7 +4,7 @@
#
################################################################################
GIT_VERSION = 2.31.5
GIT_VERSION = 2.31.6
GIT_SOURCE = git-$(GIT_VERSION).tar.xz
GIT_SITE = $(BR2_KERNEL_MIRROR)/software/scm/git
GIT_LICENSE = GPL-2.0, LGPL-2.1+
+1 -1
View File
@@ -11,7 +11,7 @@ config BR2_PACKAGE_GITLAB_RUNNER
select BR2_PACKAGE_GIT # runtime
select BR2_PACKAGE_LIBCURL # runtime
select BR2_PACKAGE_LIBCURL_CURL # runtime
select BR2_PACKAGE_LIBCURL_OPENSSL # runtime, for ca-certificates.
select BR2_PACKAGE_LIBCURL_FORCE_TLS # runtime
select BR2_PACKAGE_OPENSSL # runtime
select BR2_PACKAGE_OPENSSL_FORCE_LIBOPENSSL # runtime
select BR2_PACKAGE_LIBOPENSSL_BIN # runtime
@@ -0,0 +1,36 @@
From 1edb0e27e44196d1ebe449aba0b9be22d376bcb6 Mon Sep 17 00:00:00 2001
From: Alexander Amelkin <alexander@amelkin.msk.ru>
Date: Tue, 22 Nov 2022 13:55:33 +0300
Subject: [PATCH] Fix enterprise-numbers URL
IANA has changed their URL scheme, and the content at the old URL for
enterprise-numbers switched from text/plain to text/html.
Fix Makefile.am to use the new URL
Resolves ipmitool/ipmitool#377
Signed-off-by: Alexander Amelkin <alexander@amelkin.msk.ru>
[vfazio: backport from upstream 1edb0e27e44196d1ebe449aba0b9be22d376bcb6]
Signed-off-by: Vincent Fazio <vfazio@gmail.com>
---
Makefile.am | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/Makefile.am b/Makefile.am
index ce3267f..3182a52 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -41,7 +41,7 @@ MAINTAINERCLEANFILES = Makefile.in aclocal.m4 configure configure-stamp \
$(distdir).tar.gz $(distdir).tar.bz2
SUBDIRS = lib src include doc contrib control
-IANA_PEN = http://www.iana.org/assignments/enterprise-numbers
+IANA_PEN = http://www.iana.org/assignments/enterprise-numbers.txt
dist-hook:
cp control/ipmitool.spec $(distdir)
--
2.25.1
+1 -1
View File
@@ -1,3 +1,3 @@
# Locally computed:
sha256 48b010e7bcdf93e4e4b6e43c53c7f60aa6873d574cbd45a8d86fa7aaeebaff9c IPMITOOL_1_8_19.tar.gz
sha256 48b010e7bcdf93e4e4b6e43c53c7f60aa6873d574cbd45a8d86fa7aaeebaff9c ipmitool-1_8_19.tar.gz
sha256 b7e2382a8be43b5f6cb092f2d2bda163bf1a1938be9300f821a845cbcd535f56 COPYING
+1 -2
View File
@@ -5,8 +5,7 @@
################################################################################
IPMITOOL_VERSION = 1_8_19
IPMITOOL_SOURCE = IPMITOOL_$(IPMITOOL_VERSION).tar.gz
IPMITOOL_SITE = https://github.com/ipmitool/ipmitool/archive/refs/tags
IPMITOOL_SITE = $(call github,ipmitool,ipmitool,IPMITOOL_$(IPMITOOL_VERSION))
IPMITOOL_LICENSE = BSD-3-Clause
IPMITOOL_LICENSE_FILES = COPYING
IPMITOOL_CPE_ID_VENDOR = ipmitool_project
+9 -1
View File
@@ -136,7 +136,7 @@ else ifeq ($(BR2_powerpc)$(BR2_powerpc64le),y)
KODI_CONF_OPTS += \
-DWITH_ARCH=powerpc$(if $(BR2_ARCH_IS_64),64) \
-DWITH_CPU=powerpc$(if $(BR2_ARCH_IS_64),64)
else ifeq ($(BR2_powerpc64)$(BR2_sparc64)$(BR2_sh4)$(BR2_xtensa),y)
else ifeq ($(BR2_or1k)$(BR2_powerpc64)$(BR2_riscv)$(BR2_sparc64)$(BR2_sh4)$(BR2_xtensa),y)
KODI_CONF_OPTS += -DWITH_ARCH=$(BR2_ARCH) -DWITH_CPU=$(BR2_ARCH)
else
# Kodi auto-detects ARCH, tested: arm, aarch64, i386, x86_64
@@ -144,6 +144,14 @@ else
KODI_CONF_OPTS += -DWITH_CPU=$(BR2_ARCH)
endif
ifeq ($(BR2_ARM_CPU_HAS_NEON),y)
KODI_CONF_OPTS += -DENABLE_NEON=ON
else ifeq ($(BR2_aarch64),y)
KODI_CONF_OPTS += -DENABLE_NEON=ON
else
KODI_CONF_OPTS += -DENABLE_NEON=OFF
endif
ifeq ($(BR2_X86_CPU_HAS_SSE),y)
KODI_CONF_OPTS += -D_SSE_OK=ON -D_SSE_TRUE=ON
else
+1 -1
View File
@@ -23,7 +23,7 @@ LEAFNODE2_CONF_OPTS = \
--enable-runas-user=root
# Leafnode2 needs the host version of b_sortnl during
# compilation. Instead of creating a seperate host package and
# compilation. Instead of creating a separate host package and
# installing b_sortnl to $(HOST_DIR) this binary is compiled
# on-the-fly, host-pcre is needed for this
define LEAFNODE2_BUILD_SORTNL_TOOL
+1 -1
View File
@@ -1,3 +1,3 @@
# Locally calculated
sha256 8de872a0f201b33d9522b817c92e14edb4efad18dae95cf156cf240b2efff93e libgit2-1.5.0.tar.gz
sha256 7074f1e2697992b82402501182db254fe62d64877b12f6e4c64656516f4cde88 libgit2-1.5.1.tar.gz
sha256 0fc09da43d666b5b0cf5695defc3100d5cf387936b260ebab37e396d7e0dbc83 COPYING
+1 -1
View File
@@ -4,7 +4,7 @@
#
################################################################################
LIBGIT2_VERSION = 1.5.0
LIBGIT2_VERSION = 1.5.1
LIBGIT2_SITE = $(call github,libgit2,libgit2,v$(LIBGIT2_VERSION))
LIBGIT2_LICENSE = \
GPL-2.0 with linking exception, \
+1 -1
View File
@@ -1,3 +1,3 @@
# Locally computed
sha256 b42544a5544ac00ceeb0675a9e6a99c8e6ecc752452c7f38c6ffe32fbedb906d libks-1.8.0.tar.gz
sha256 131d7896c81a7f3c9bf06860e4f564ca558d4be1614568fec688b3eb66d38107 libks-1.8.2.tar.gz
sha256 1d1327f37b58a4c9ce520fcf9dd3f348c7c639229ee7aed41c47164a8f7836cd copyright
+1 -1
View File
@@ -4,7 +4,7 @@
#
################################################################################
LIBKS_VERSION = 1.8.0
LIBKS_VERSION = 1.8.2
LIBKS_SITE = $(call github,signalwire,libks,v$(LIBKS_VERSION))
LIBKS_LICENSE = MIT
LIBKS_LICENSE_FILES = copyright
+2 -2
View File
@@ -1,5 +1,5 @@
# From https://www.openssl.org/source/openssl-1.1.1q.tar.gz.sha256
sha256 d7939ce614029cdff0b6c20f0e2e5703158a489a72b2507b8bd51bf8c8fd10ca openssl-1.1.1q.tar.gz
# From https://www.openssl.org/source/openssl-1.1.1t.tar.gz.sha256
sha256 8dee9b24bdb1dcbf0c3d1e9b02fb8f6bf22165e807f45adeb7c9677536859d3b openssl-1.1.1t.tar.gz
# License files
sha256 c32913b33252e71190af2066f08115c69bc9fddadf3bf29296e20c835389841c LICENSE
+1 -1
View File
@@ -4,7 +4,7 @@
#
################################################################################
LIBOPENSSL_VERSION = 1.1.1q
LIBOPENSSL_VERSION = 1.1.1t
LIBOPENSSL_SITE = https://www.openssl.org/source
LIBOPENSSL_SOURCE = openssl-$(LIBOPENSSL_VERSION).tar.gz
LIBOPENSSL_LICENSE = OpenSSL or SSLeay
+1 -1
View File
@@ -1,4 +1,4 @@
# From https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/SHA256
sha256 acfac61316e93b919c28d62d53037ca734de85c46b4d703f19fd8395cf006774 libressl-3.6.1.tar.gz
sha256 4be80fff073746cf50b4a8e5babe2795acae98c6b132a9e02519b445dfbfd033 libressl-3.6.2.tar.gz
# Locally computed
sha256 5c63613f008f16a9c0025c096bbd736cecf720494d121b5c5203e0ec6e5955b1 COPYING
+1 -1
View File
@@ -4,7 +4,7 @@
#
################################################################################
LIBRESSL_VERSION = 3.6.1
LIBRESSL_VERSION = 3.6.2
LIBRESSL_SITE = https://ftp.openbsd.org/pub/OpenBSD/LibreSSL
LIBRESSL_LICENSE = ISC (new additions), OpenSSL or SSLeay (original OpenSSL code)
LIBRESSL_LICENSE_FILES = COPYING
+5 -8
View File
@@ -1,8 +1,5 @@
comment "Kernel Header Options"
config BR2_PACKAGE_HOST_LINUX_HEADERS
bool
choice
prompt "Kernel Headers"
default BR2_KERNEL_HEADERS_AS_KERNEL if BR2_LINUX_KERNEL
@@ -393,11 +390,11 @@ endchoice
config BR2_DEFAULT_KERNEL_HEADERS
string
default "4.9.337" if BR2_KERNEL_HEADERS_4_9
default "4.14.302" if BR2_KERNEL_HEADERS_4_14
default "4.19.269" if BR2_KERNEL_HEADERS_4_19
default "5.4.228" if BR2_KERNEL_HEADERS_5_4
default "5.10.162" if BR2_KERNEL_HEADERS_5_10
default "5.15.87" if BR2_KERNEL_HEADERS_5_15
default "4.14.304" if BR2_KERNEL_HEADERS_4_14
default "4.19.271" if BR2_KERNEL_HEADERS_4_19
default "5.4.230" if BR2_KERNEL_HEADERS_5_4
default "5.10.166" if BR2_KERNEL_HEADERS_5_10
default "5.15.91" if BR2_KERNEL_HEADERS_5_15
default "5.19.17" if BR2_KERNEL_HEADERS_5_19
default "6.0.19" if BR2_KERNEL_HEADERS_6_0
default BR2_DEFAULT_KERNEL_VERSION if BR2_KERNEL_HEADERS_VERSION
+1 -1
View File
@@ -39,7 +39,7 @@ else
LIVE555_CFLAGS += -DNO_OPENSSL
endif
ifndef ($(BR2_ENABLE_LOCALE),y)
ifneq ($(BR2_ENABLE_LOCALE),y)
LIVE555_CFLAGS += -DLOCALE_NOT_USED
endif
+1
View File
@@ -14,6 +14,7 @@ config BR2_PACKAGE_PROVIDES_LUAINTERPRETER
choice
prompt "Lua Version"
default BR2_PACKAGE_LUA_5_3 if BR2_PACKAGE_LUA_5_2 # legacy
default BR2_PACKAGE_LUA_5_4
help
Select the version of Lua API/ABI you wish to use.
@@ -1,186 +0,0 @@
From c1115e1503bf955c97f4cf3b925a6a9f619764c3 Mon Sep 17 00:00:00 2001
From: Christian Brauner <brauner@kernel.org>
Date: Tue, 9 Aug 2022 16:14:25 +0200
Subject: [PATCH] build: detect where struct mount_attr is declared
Fixes: #4176
Signed-off-by: Christian Brauner (Microsoft) <christian.brauner@ubuntu.com>
[Retrieved from:
https://github.com/lxc/lxc/commit/c1115e1503bf955c97f4cf3b925a6a9f619764c3]
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
---
meson.build | 30 ++++++++++++++++++++++++++++--
src/lxc/conf.c | 6 +++---
src/lxc/conf.h | 2 +-
src/lxc/mount_utils.c | 6 +++---
src/lxc/syscall_wrappers.h | 12 ++++++++++--
5 files changed, 45 insertions(+), 11 deletions(-)
diff --git a/meson.build b/meson.build
index a145faf069..f679aabbc8 100644
--- a/meson.build
+++ b/meson.build
@@ -590,7 +590,6 @@ decl_headers = '''
foreach decl: [
'__aligned_u64',
'struct clone_args',
- 'struct mount_attr',
'struct open_how',
'struct rtnl_link_stats64',
]
@@ -610,7 +609,6 @@ foreach tuple: [
['struct seccomp_notif_sizes'],
['struct clone_args'],
['__aligned_u64'],
- ['struct mount_attr'],
['struct open_how'],
['struct rtnl_link_stats64'],
]
@@ -630,6 +628,34 @@ foreach tuple: [
endif
endforeach
+## Types.
+decl_headers = '''
+#include <sys/mount.h>
+'''
+
+# We get -1 if the size cannot be determined
+if cc.sizeof('struct mount_attr', prefix: decl_headers, args: '-D_GNU_SOURCE') > 0
+ srcconf.set10('HAVE_' + 'struct mount_attr'.underscorify().to_upper(), true)
+ found_types += 'struct mount_attr (sys/mount.h)'
+else
+ srcconf.set10('HAVE_' + 'struct mount_attr'.underscorify().to_upper(), false)
+ missing_types += 'struct mount_attr (sys/mount.h)'
+endif
+
+## Types.
+decl_headers = '''
+#include <linux/mount.h>
+'''
+
+# We get -1 if the size cannot be determined
+if cc.sizeof('struct mount_attr', prefix: decl_headers, args: '-D_GNU_SOURCE') > 0
+ srcconf.set10('HAVE_UAPI_' + 'struct mount_attr'.underscorify().to_upper(), true)
+ found_types += 'struct mount_attr (linux/mount.h)'
+else
+ srcconf.set10('HAVE_UAPI_' + 'struct mount_attr'.underscorify().to_upper(), false)
+ missing_types += 'struct mount_attr (linux/mount.h)'
+endif
+
## Headers.
foreach ident: [
['bpf', '''#include <sys/syscall.h>
diff --git a/src/lxc/conf.c b/src/lxc/conf.c
index ffbe74c2f6..4193cd07f5 100644
--- a/src/lxc/conf.c
+++ b/src/lxc/conf.c
@@ -2885,7 +2885,7 @@ static int __lxc_idmapped_mounts_child(struct lxc_handler *handler, FILE *f)
struct lxc_mount_options opts = {};
int dfd_from;
const char *source_relative, *target_relative;
- struct lxc_mount_attr attr = {};
+ struct mount_attr attr = {};
ret = parse_lxc_mount_attrs(&opts, mntent.mnt_opts);
if (ret < 0)
@@ -3005,7 +3005,7 @@ static int __lxc_idmapped_mounts_child(struct lxc_handler *handler, FILE *f)
/* Set propagation mount options. */
if (opts.attr.propagation) {
- attr = (struct lxc_mount_attr) {
+ attr = (struct mount_attr) {
.propagation = opts.attr.propagation,
};
@@ -4109,7 +4109,7 @@ int lxc_idmapped_mounts_parent(struct lxc_handler *handler)
for (;;) {
__do_close int fd_from = -EBADF, fd_userns = -EBADF;
- struct lxc_mount_attr attr = {};
+ struct mount_attr attr = {};
struct lxc_mount_options opts = {};
ssize_t ret;
diff --git a/src/lxc/conf.h b/src/lxc/conf.h
index 7dc2f15b60..772479f9e1 100644
--- a/src/lxc/conf.h
+++ b/src/lxc/conf.h
@@ -223,7 +223,7 @@ struct lxc_mount_options {
unsigned long mnt_flags;
unsigned long prop_flags;
char *data;
- struct lxc_mount_attr attr;
+ struct mount_attr attr;
char *raw_options;
};
diff --git a/src/lxc/mount_utils.c b/src/lxc/mount_utils.c
index bba75f933c..88dd73ee36 100644
--- a/src/lxc/mount_utils.c
+++ b/src/lxc/mount_utils.c
@@ -31,7 +31,7 @@ lxc_log_define(mount_utils, lxc);
* setting in @attr_set, but must also specify MOUNT_ATTR__ATIME in the
* @attr_clr field.
*/
-static inline void set_atime(struct lxc_mount_attr *attr)
+static inline void set_atime(struct mount_attr *attr)
{
switch (attr->attr_set & MOUNT_ATTR__ATIME) {
case MOUNT_ATTR_RELATIME:
@@ -272,7 +272,7 @@ int create_detached_idmapped_mount(const char *path, int userns_fd,
{
__do_close int fd_tree_from = -EBADF;
unsigned int open_tree_flags = OPEN_TREE_CLONE | OPEN_TREE_CLOEXEC;
- struct lxc_mount_attr attr = {
+ struct mount_attr attr = {
.attr_set = MOUNT_ATTR_IDMAP | attr_set,
.attr_clr = attr_clr,
.userns_fd = userns_fd,
@@ -335,7 +335,7 @@ int __fd_bind_mount(int dfd_from, const char *path_from, __u64 o_flags_from,
__u64 attr_clr, __u64 propagation, int userns_fd,
bool recursive)
{
- struct lxc_mount_attr attr = {
+ struct mount_attr attr = {
.attr_set = attr_set,
.attr_clr = attr_clr,
.propagation = propagation,
diff --git a/src/lxc/syscall_wrappers.h b/src/lxc/syscall_wrappers.h
index a5e98b565c..c8a7d0c7b7 100644
--- a/src/lxc/syscall_wrappers.h
+++ b/src/lxc/syscall_wrappers.h
@@ -18,6 +18,12 @@
#include "macro.h"
#include "syscall_numbers.h"
+#if HAVE_STRUCT_MOUNT_ATTR
+#include <sys/mount.h>
+#elif HAVE_UAPI_STRUCT_MOUNT_ATTR
+#include <linux/mount.h>
+#endif
+
#ifdef HAVE_LINUX_MEMFD_H
#include <linux/memfd.h>
#endif
@@ -210,16 +216,18 @@ extern int fsmount(int fs_fd, unsigned int flags, unsigned int attr_flags);
/*
* mount_setattr()
*/
-struct lxc_mount_attr {
+#if !HAVE_STRUCT_MOUNT_ATTR && !HAVE_UAPI_STRUCT_MOUNT_ATTR
+struct mount_attr {
__u64 attr_set;
__u64 attr_clr;
__u64 propagation;
__u64 userns_fd;
};
+#endif
#if !HAVE_MOUNT_SETATTR
static inline int mount_setattr(int dfd, const char *path, unsigned int flags,
- struct lxc_mount_attr *attr, size_t size)
+ struct mount_attr *attr, size_t size)
{
return syscall(__NR_mount_setattr, dfd, path, flags, attr, size);
}
@@ -1,47 +0,0 @@
From b0abedf60b40adf0f2fb3cf9dfee4bc601f7b39f Mon Sep 17 00:00:00 2001
From: Chen Qi <Qi.Chen@windriver.com>
Date: Thu, 25 Aug 2022 05:45:53 -0700
Subject: [PATCH] use sd_bus_call_method_async to replace the asyncv one
The sd_bus_call_method_asyncv's 10th parameter is of type
va_list and supplying NULL when invoking it causes compilation
error. Just replace it with the async one.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
[Retrieved from:
https://github.com/lxc/lxc/commit/b0abedf60b40adf0f2fb3cf9dfee4bc601f7b39f]
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
---
meson.build | 4 ++--
src/lxc/cgroups/cgfsng.c | 2 +-
2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/meson.build b/meson.build
index 21955a0504..f8bdcf4e83 100644
--- a/meson.build
+++ b/meson.build
@@ -295,9 +295,9 @@ if not want_sd_bus.disabled()
has_sd_bus = false
endif
- if not cc.has_function('sd_bus_call_method_asyncv', prefix: '#include <systemd/sd-bus.h>', dependencies: libsystemd)
+ if not cc.has_function('sd_bus_call_method_async', prefix: '#include <systemd/sd-bus.h>', dependencies: libsystemd)
if not sd_bus_optional
- error('libsystemd misses required sd_bus_call_method_asyncv function')
+ error('libsystemd misses required sd_bus_call_method_async function')
endif
has_sd_bus = false
diff --git a/src/lxc/cgroups/cgfsng.c b/src/lxc/cgroups/cgfsng.c
index 8a3615893f..d90e5385e1 100644
--- a/src/lxc/cgroups/cgfsng.c
+++ b/src/lxc/cgroups/cgfsng.c
@@ -1232,7 +1232,7 @@ static int unpriv_systemd_create_scope(struct cgroup_ops *ops, struct lxc_conf *
if (r < 0)
return log_error(SYSTEMD_SCOPE_FAILED, "Failed to connect to user bus: %s", strerror(-r));
- r = sd_bus_call_method_asyncv(bus, NULL, DESTINATION, PATH, INTERFACE, "Subscribe", NULL, NULL, NULL, NULL);
+ r = sd_bus_call_method_async(bus, NULL, DESTINATION, PATH, INTERFACE, "Subscribe", NULL, NULL, NULL);
if (r < 0)
return log_error(SYSTEMD_SCOPE_FAILED, "Failed to subscribe to signals: %s", strerror(-r));
@@ -1,55 +0,0 @@
From ef1e0607b82e27350c2d677d649c6a0a9693fd40 Mon Sep 17 00:00:00 2001
From: Christian Brauner <brauner@kernel.org>
Date: Tue, 9 Aug 2022 16:27:40 +0200
Subject: [PATCH] build: detect sys/pidfd.h availability
Fixes: #4176
Signed-off-by: Christian Brauner (Microsoft) <christian.brauner@ubuntu.com>
[Retrieved from:
https://github.com/lxc/lxc/commit/ef1e0607b82e27350c2d677d649c6a0a9693fd40]
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
---
meson.build | 1 +
src/lxc/process_utils.h | 6 ++++++
2 files changed, 7 insertions(+)
diff --git a/meson.build b/meson.build
index f679aabbc8..e999542336 100644
--- a/meson.build
+++ b/meson.build
@@ -735,6 +735,7 @@ foreach tuple: [
['sys/resource.h'],
['sys/memfd.h'],
['sys/personality.h'],
+ ['sys/pidfd.h'],
['sys/signalfd.h'],
['sys/timerfd.h'],
['pty.h'],
diff --git a/src/lxc/process_utils.h b/src/lxc/process_utils.h
index 9c15b15741..ed84741d0e 100644
--- a/src/lxc/process_utils.h
+++ b/src/lxc/process_utils.h
@@ -15,6 +15,10 @@
#include <sys/syscall.h>
#include <unistd.h>
+#if HAVE_SYS_PIDFD_H
+#include <sys/pidfd.h>
+#endif
+
#include "compiler.h"
#include "syscall_numbers.h"
@@ -136,9 +140,11 @@
#endif
/* waitid */
+#if !HAVE_SYS_PIDFD_H
#ifndef P_PIDFD
#define P_PIDFD 3
#endif
+#endif
#ifndef CLONE_ARGS_SIZE_VER0
#define CLONE_ARGS_SIZE_VER0 64 /* sizeof first published struct */
+1 -1
View File
@@ -1,4 +1,4 @@
# Locally calculated
sha256 d8195423bb1e206f8521d24b6cde4789f043960c7cf065990a9cf741dcfd4222 lxc-5.0.1.tar.gz
sha256 bea08d2e49efcee34fa58acd2bc95c0adc64d291c07f4cfaf4ac1d8ac5a36f45 lxc-5.0.2.tar.gz
sha256 ab15fd526bd8dd18a9e77ebc139656bf4d33e97fc7238cd11bf60e2b9b8666c6 LICENSE.GPL2
sha256 dc626520dcd53a22f727af3ee42c770e56c97a64fe3adb063799d8ab032fe551 LICENSE.LGPL2.1
+1 -1
View File
@@ -4,7 +4,7 @@
#
################################################################################
LXC_VERSION = 5.0.1
LXC_VERSION = 5.0.2
LXC_SITE = https://linuxcontainers.org/downloads/lxc
LXC_LICENSE = GPL-2.0 (some tools), LGPL-2.1+
LXC_LICENSE_FILES = LICENSE.GPL2 LICENSE.LGPL2.1
@@ -0,0 +1,39 @@
From 79ed770a37c8669390a58a4485dd8f5565fe2497 Mon Sep 17 00:00:00 2001
From: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Date: Sun, 15 Jan 2023 19:12:05 +0100
Subject: [PATCH] include/ssl_compat.h: fix build with libressl >= 3.5.0
Fix the following build failure with libressl >= 3.5.0:
In file included from /tmp/instance-10/output-1/build/mariadb-10.3.36/vio/viosslfactories.c:18:
/tmp/instance-10/output-1/build/mariadb-10.3.36/vio/viosslfactories.c: In function 'get_dh2048':
/tmp/instance-10/output-1/build/mariadb-10.3.36/include/ssl_compat.h:68:45: error: invalid use of incomplete typedef 'DH' {aka 'struct dh_st'}
68 | #define DH_set0_pqg(D,P,Q,G) ((D)->p= (P), (D)->g= (G))
| ^~
Fixes:
- http://autobuild.buildroot.org/results/524198344aafca58d214537af64c5961c407b0f8
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[Upstream status: https://github.com/MariaDB/server/pull/2435]
---
include/ssl_compat.h | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/include/ssl_compat.h b/include/ssl_compat.h
index 664f3aac87c..3678e5fa084 100644
--- a/include/ssl_compat.h
+++ b/include/ssl_compat.h
@@ -19,7 +19,8 @@
/* OpenSSL version specific definitions */
#if defined(OPENSSL_VERSION_NUMBER)
-#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L && \
+ !(defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x30500000L)
#define HAVE_OPENSSL11 1
#define SSL_LIBRARY OpenSSL_version(OPENSSL_VERSION)
#define ERR_remove_state(X) ERR_clear_error()
--
2.39.0
+1 -1
View File
@@ -6,7 +6,7 @@
# mesa3d-headers is inherently incompatible with mesa3d, so error out
# if both are enabled.
ifeq ($(BR2_PACKAGE_MESA3D)$(BR2_PACKAGE_MESA3D_HEADERS),yy)
ifeq ($(BR_BUILDING)$(BR2_PACKAGE_MESA3D)$(BR2_PACKAGE_MESA3D_HEADERS),yyy)
$(error mesa3d-headers enabled, but mesa3d enabled too)
endif
+1 -1
View File
@@ -2,7 +2,7 @@ config BR2_PACKAGE_MODSECURITY2
bool "modsecurity2"
depends on BR2_PACKAGE_APACHE
select BR2_PACKAGE_LIBXML2
select BR2_PACKAGE_PCRE
select BR2_PACKAGE_PCRE2
help
ModSecurity is an open source, cross-platform web application
firewall (WAF) module. Known as the "Swiss Army Knife" of
+2 -2
View File
@@ -1,5 +1,5 @@
# From https://github.com/SpiderLabs/ModSecurity/releases/download/v2.9.5/modsecurity-2.9.5.tar.gz.sha256
sha256 e2bfc8cd8b8de1e21f054d310543373ea5d89adbd96784e832be0da3e4dc149e modsecurity-2.9.5.tar.gz
# From https://github.com/SpiderLabs/ModSecurity/releases/download/v2.9.7/modsecurity-2.9.7.tar.gz.sha256
sha256 2a28fcfccfef21581486f98d8d5fe0397499749b8380f60ec7bb1c08478e1839 modsecurity-2.9.7.tar.gz
# Locally computed
sha256 2c564f5a67e49e74c80e5a7dcacd1904e7408f1fd6a95218b38c04f012d94cb9 LICENSE
+4 -4
View File
@@ -4,7 +4,7 @@
#
################################################################################
MODSECURITY2_VERSION = 2.9.5
MODSECURITY2_VERSION = 2.9.7
MODSECURITY2_SOURCE = modsecurity-$(MODSECURITY2_VERSION).tar.gz
MODSECURITY2_SITE = https://github.com/SpiderLabs/ModSecurity/releases/download/v$(MODSECURITY2_VERSION)
MODSECURITY2_LICENSE = Apache-2.0
@@ -12,16 +12,16 @@ MODSECURITY2_LICENSE_FILES = LICENSE
MODSECURITY2_CPE_ID_VENDOR = trustwave
MODSECURITY2_CPE_ID_PRODUCT = modsecurity
MODSECURITY2_INSTALL_STAGING = YES
MODSECURITY2_DEPENDENCIES = apache libxml2 pcre
MODSECURITY2_DEPENDENCIES = host-pkgconf apache libxml2 pcre2
MODSECURITY2_CONF_OPTS = \
--with-pcre=$(STAGING_DIR)/usr/bin/pcre-config \
--with-libxml=$(STAGING_DIR)/usr \
--with-pcre2=$(STAGING_DIR)/usr/bin/pcre2-config \
--with-apr=$(STAGING_DIR)/usr/bin/apr-1-config \
--with-apu=$(STAGING_DIR)/usr/bin/apu-1-config \
--with-apxs=$(STAGING_DIR)/usr/bin/apxs \
--without-curl \
--without-lua \
--without-pcre \
--without-yajl \
--without-ssdeep
+1 -1
View File
@@ -13,7 +13,7 @@ MONGOOSE_INSTALL_STAGING = YES
# static library
MONGOOSE_INSTALL_TARGET = NO
MONGOOSE_CFLAGS = $(TARGET_CFLAGS)
MONGOOSE_CFLAGS = $(TARGET_CFLAGS) -std=gnu99
ifeq ($(BR2_PACKAGE_OPENSSL),y)
MONGOOSE_DEPENDENCIES += openssl
+1 -1
View File
@@ -8,7 +8,7 @@ NETOPEER2_SERVER_ARGS=""
start() {
printf 'Starting %s: ' "$DAEMON"
start-stop-daemon -S -b -q -p $PIDFILE -x "/usr/bin/$DAEMON" \
start-stop-daemon -S -q -p $PIDFILE -x "/usr/sbin/$DAEMON" \
-- $NETOPEER2_SERVER_ARGS
status=$?
if [ "$status" -eq 0 ]; then
+1 -1
View File
@@ -2,6 +2,6 @@ config BR2_PACKAGE_NGIRCD
bool "ngircd"
depends on BR2_USE_MMU # fork()
help
Next Generation IRC server deamon.
Next Generation IRC server daemon.
http://ngircd.barton.de
@@ -0,0 +1,36 @@
From a31425bdfcb5d695ab25c3d295898326784cffec Mon Sep 17 00:00:00 2001
From: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Date: Sun, 25 Sep 2022 11:10:06 +0200
Subject: [PATCH] lib/internal/modules/cjs/loader.js: adjust default path to
search modules
NPM installs modules in /usr/lib/node_modules/, but by default NodeJS
searches for them only in /usr/lib/node/. We could also set the
NODE_PATH environment variable, but it is more convienient to have
NodeJS configured by default to find modules where they are installed.
This issue is discussed at
https://stackoverflow.com/questions/15636367/nodejs-require-a-global-module-package.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
---
lib/internal/modules/cjs/loader.js | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/lib/internal/modules/cjs/loader.js b/lib/internal/modules/cjs/loader.js
index f1971c40a4..5fe3884156 100644
--- a/lib/internal/modules/cjs/loader.js
+++ b/lib/internal/modules/cjs/loader.js
@@ -1261,7 +1261,8 @@ Module._initPaths = function() {
path.resolve(process.execPath, '..') :
path.resolve(process.execPath, '..', '..');
- const paths = [path.resolve(prefixDir, 'lib', 'node')];
+ const paths = [path.resolve(prefixDir, 'lib', 'node'),
+ path.resolve(prefixDir, 'lib', 'node_modules')];
if (homeDir) {
ArrayPrototypeUnshift(paths, path.resolve(homeDir, '.node_libraries'));
--
2.37.3
+2
View File
@@ -57,6 +57,8 @@ if BR2_PACKAGE_OPENJDK
choice
prompt "openjdk version"
default BR2_PACKAGE_OPENJDK_VERSION_11 if BR2_OPENJDK_VERSION_LTS # legacy
default BR2_PACKAGE_OPENJDK_VERSION_17 if BR2_OPENJDK_VERSION_LATEST # legacy
default BR2_PACKAGE_OPENJDK_VERSION_17
help
Select the version of OpenJDK you wish to use.
+2
View File
@@ -38,6 +38,8 @@ endchoice
choice
prompt "stack type"
default BR2_PACKAGE_OPENPOWERLINK_STACK_KERNEL_STACK_LIB if BR2_PACKAGE_OPENPOWERLINK_KERNEL_MODULE # legacy
default BR2_PACKAGE_OPENPOWERLINK_STACK_USERSPACE_DAEMON_LIB if BR2_PACKAGE_OPENPOWERLINK_LIBPCAP # legacy
config BR2_PACKAGE_OPENPOWERLINK_STACK_MONOLITHIC_USER_STACK_LIB
bool "linked into application"
+1 -1
View File
@@ -1,4 +1,4 @@
#!/bin/sh -e
#!/bin/sh
#
# Original version by Robert Leslie
# <rob@mars.org>, edited by iwj and cs
@@ -0,0 +1,44 @@
From 0a4cd796df5b030cb866f3f4a5e41a4b92caddf5 Mon Sep 17 00:00:00 2001
From: Ralph Giles <giles@thaumas.net>
Date: Tue, 6 Sep 2022 19:04:31 -0700
Subject: [PATCH] Propagate allocation failure from ogg_sync_buffer.
Instead of segfault, report OP_EFAULT if ogg_sync_buffer returns
a null pointer. This allows more graceful recovery by the caller
in the unlikely event of a fallible ogg_malloc call.
We do check the return value elsewhere in the code, so the new
checks make the code more consistent.
Thanks to https://github.com/xiph/opusfile/issues/36 for reporting.
Signed-off-by: Timothy B. Terriberry <tterribe@xiph.org>
Signed-off-by: Mark Harris <mark.hsj@gmail.com>
[Retrieved from:
https://github.com/xiph/opusfile/commit/0a4cd796df5b030cb866f3f4a5e41a4b92caddf5]
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
---
src/opusfile.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/src/opusfile.c b/src/opusfile.c
index ca219b2..3c3c81e 100644
--- a/src/opusfile.c
+++ b/src/opusfile.c
@@ -148,6 +148,7 @@ static int op_get_data(OggOpusFile *_of,int _nbytes){
int nbytes;
OP_ASSERT(_nbytes>0);
buffer=(unsigned char *)ogg_sync_buffer(&_of->oy,_nbytes);
+ if(OP_UNLIKELY(buffer==NULL))return OP_EFAULT;
nbytes=(int)(*_of->callbacks.read)(_of->stream,buffer,_nbytes);
OP_ASSERT(nbytes<=_nbytes);
if(OP_LIKELY(nbytes>0))ogg_sync_wrote(&_of->oy,nbytes);
@@ -1527,6 +1528,7 @@ static int op_open1(OggOpusFile *_of,
if(_initial_bytes>0){
char *buffer;
buffer=ogg_sync_buffer(&_of->oy,(long)_initial_bytes);
+ if(OP_UNLIKELY(buffer==NULL))return OP_EFAULT;
memcpy(buffer,_initial_data,_initial_bytes*sizeof(*buffer));
ogg_sync_wrote(&_of->oy,(long)_initial_bytes);
}
+3
View File
@@ -11,6 +11,9 @@ OPUSFILE_LICENSE = BSD-3-Clause
OPUSFILE_LICENSE_FILES = COPYING
OPUSFILE_INSTALL_STAGING = YES
# 0001-Propagate-allocation-failure-from-ogg_sync_buffer.patch
OPUSFILE_IGNORE_CVES += CVE-2022-47021
ifeq ($(BR2_PACKAGE_OPENSSL),y)
OPUSFILE_DEPENDENCIES += openssl
else
+9
View File
@@ -1182,10 +1182,12 @@ ifeq ($$($$($(2)_KCONFIG_VAR)),y)
# Ensure the calling package is the declared provider for all the virtual
# packages it claims to be an implementation of.
ifeq ($(BR_BUILDING),y)
ifneq ($$($(2)_PROVIDES),)
$$(foreach pkg,$$($(2)_PROVIDES),\
$$(eval $$(call virt-provides-single,$$(pkg),$$(call UPPERCASE,$$(pkg)),$(1))$$(sep)))
endif
endif
# Register package as a reverse-dependencies of all its dependencies
$$(eval $$(foreach p,$$($(2)_FINAL_ALL_DEPENDENCIES),\
@@ -1248,6 +1250,13 @@ else ifeq ($$($(2)_SITE_METHOD),cvs)
DL_TOOLS_DEPENDENCIES += cvs
endif # SITE_METHOD
# cargo/go vendoring (may) need git
ifeq ($$($(2)_DOWNLOAD_POST_PROCESS),cargo)
DL_TOOLS_DEPENDENCIES += git
else ifeq ($$($(2)_DOWNLOAD_POST_PROCESS),go)
DL_TOOLS_DEPENDENCIES += git
endif
DL_TOOLS_DEPENDENCIES += $$(call extractor-system-dependency,$$($(2)_SOURCE))
# Ensure all virtual targets are PHONY. Listed alphabetically.
+1 -1
View File
@@ -101,7 +101,7 @@ endif
POSTGRESQL_CFLAGS = $(TARGET_CFLAGS)
ifeq ($(BR2_TOOLCHAIN_HAS_GCC_BUG_85180),y)
ifneq ($(BR2_TOOLCHAIN_HAS_GCC_BUG_43744)$(BR2_TOOLCHAIN_HAS_GCC_BUG_85180),)
POSTGRESQL_CFLAGS += -O0
endif
@@ -1,56 +0,0 @@
From 9c9623c8a47fb5580dfea1a59296c6d224479504 Mon Sep 17 00:00:00 2001
From: Sergei Trofimovich <slyfox@gentoo.org>
Date: Mon, 2 Mar 2020 23:45:22 +0000
Subject: [PATCH] mod_quotatab: fix build failure against gcc-10
On gcc-10 (and gcc-9 -fno-common) build fails as:
```
$ ./configure --with-modules=mod_quotatab && make
...
ld: modules/module_glue.o:(.data.rel+0x68):
undefined reference to `quotatab_file_module'
collect2: error: ld returned 1 exit status
make: *** [Makefile:56: proftpd] Error 1
```
gcc-10 will change the default from -fcommon to fno-common:
https://gcc.gnu.org/PR85678.
The error also happens if CFLAGS=-fno-common passed explicitly.
Signed-off-by: Sergei Trofimovich <slyfox@gentoo.org>
[Retrieved from:
https://github.com/proftpd/proftpd/commit/9c9623c8a47fb5580dfea1a59296c6d224479504]
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
---
contrib/mod_quotatab.c | 1 +
contrib/mod_quotatab.h | 2 +-
2 files changed, 2 insertions(+), 1 deletion(-)
diff --git a/contrib/mod_quotatab.c b/contrib/mod_quotatab.c
index 4fa6c1f44..0ee480163 100644
--- a/contrib/mod_quotatab.c
+++ b/contrib/mod_quotatab.c
@@ -50,6 +50,7 @@ typedef struct regtab_obj {
module quotatab_module;
/* Quota objects for the current session */
+quota_deltas_t quotatab_deltas;
static quota_table_t *limit_tab = NULL;
static quota_limit_t sess_limit;
diff --git a/contrib/mod_quotatab.h b/contrib/mod_quotatab.h
index ed30333f5..c818395a0 100644
--- a/contrib/mod_quotatab.h
+++ b/contrib/mod_quotatab.h
@@ -188,7 +188,7 @@ typedef struct table_obj {
#define QUOTATAB_TALLY_SRC 0x0002
/* Quota objects for the current session. */
-quota_deltas_t quotatab_deltas;
+extern quota_deltas_t quotatab_deltas;
/* Function prototypes necessary for quotatab sub-modules */
int quotatab_log(const char *, ...)
+2 -1
View File
@@ -29,7 +29,8 @@ config BR2_PACKAGE_PROFTPD_MOD_REDIS
config BR2_PACKAGE_PROFTPD_MOD_SFTP
bool "mod_sftp support"
select BR2_PACKAGE_OPENSSL
select BR2_PACKAGE_LIBOPENSSL_ENABLE_RMD160 if BR2_PACKAGE_LIBOPENSSL
select BR2_PACKAGE_OPENSSL_FORCE_LIBOPENSSL
select BR2_PACKAGE_LIBOPENSSL_ENABLE_RMD160
help
Compile ProFTPD with mod_sftp support
+1 -1
View File
@@ -1,3 +1,3 @@
# Locally calculated
sha256 2dbe684034ab592742ebdb778a8a234b70f959efeb30feedee3ea77f26f74fbb proftpd-1.3.6e.tar.gz
sha256 f7139e7377a2cb059b8b9b14d76a6df5f440e3181cb15ae890d43bbcae574748 proftpd-1.3.8.tar.gz
sha256 391a473d755c29b5326fb726326ff3c37e42512f53a8f5789fc310232150bf80 COPYING
+2 -2
View File
@@ -4,8 +4,8 @@
#
################################################################################
PROFTPD_VERSION = 1.3.6e
PROFTPD_SITE = $(call github,proftpd,proftpd,v$(PROFTPD_VERSION))
PROFTPD_VERSION = 1.3.8
PROFTPD_SITE = ftp://ftp.proftpd.org/distrib/source
PROFTPD_LICENSE = GPL-2.0+
PROFTPD_LICENSE_FILES = COPYING
PROFTPD_CPE_ID_VENDOR = proftpd
+14 -10
View File
@@ -12,6 +12,18 @@ PUGIXML_CPE_ID_VENDOR = pugixml_project
PUGIXML_INSTALL_STAGING = YES
ifeq ($(BR2_PACKAGE_PUGIXML_XPATH_SUPPORT),y)
PUGIXML_CONF_OPTS += -DPUGIXML_NO_XPATH=OFF
else
PUGIXML_CONF_OPTS += -DPUGIXML_NO_XPATH=ON
endif
ifeq ($(BR2_PACKAGE_PUGIXML_COMPACT),y)
PUGIXML_CONF_OPTS += -DPUGIXML_COMPACT=ON
else
PUGIXML_CONF_OPTS += -DPUGIXML_COMPACT=OFF
endif
# Pugixml will automatically enable 'long long' support on C++11 compilers,
# which means gcc 4.8+. As gcc always supports the 'long long' type,
# force-enable this option to support older gcc versions. See also:
@@ -19,23 +31,15 @@ PUGIXML_INSTALL_STAGING = YES
PUGIXML_BUILD_DEFINES += PUGIXML_HAS_LONG_LONG
HOST_PUGIXML_BUILD_DEFINES += PUGIXML_HAS_LONG_LONG
ifeq ($(BR2_PACKAGE_PUGIXML_XPATH_SUPPORT),)
PUGIXML_BUILD_DEFINES += PUGIXML_NO_XPATH
endif
ifeq ($(BR2_PACKAGE_PUGIXML_COMPACT),y)
PUGIXML_BUILD_DEFINES += PUGIXML_COMPACT
endif
ifeq ($(BR2_PACKAGE_PUGIXML_HEADER_ONLY),y)
PUGIXML_BUILD_DEFINES += PUGIXML_HEADER_ONLY
endif
ifdef PUGIXML_BUILD_DEFINES
PUGIXML_CONF_OPTS += -DBUILD_DEFINES="$(subst $(space),;,$(PUGIXML_BUILD_DEFINES))"
endif
PUGIXML_CONF_OPTS += -DPUGIXML_BUILD_DEFINES="$(subst $(space),;,$(PUGIXML_BUILD_DEFINES))"
HOST_PUGIXML_CONF_OPTS += \
-DBUILD_PKGCONFIG=ON \
-DBUILD_DEFINES="$(subst $(space),;,$(HOST_PUGIXML_BUILD_DEFINES))"
-DPUGIXML_BUILD_DEFINES="$(subst $(space),;,$(HOST_PUGIXML_BUILD_DEFINES))"
$(eval $(cmake-package))
$(eval $(host-cmake-package))
+3 -3
View File
@@ -1,5 +1,5 @@
# md5, sha256 from https://pypi.python.org/pypi/future/json
md5 e4579c836b9c025872efe230f6270349 future-0.18.2.tar.gz
sha256 b1bead90b70cf6ec3f0710ae53a525360fa360d306a86583adc6bf83a4db537d future-0.18.2.tar.gz
# md5, sha256 from https://pypi.org/pypi/future/json
md5 dedcb70d14b23388670d54145aab8be4 future-0.18.3.tar.gz
sha256 34a17436ed1e96697a86f9de3d15a3b0be01d8bc8de9c1dffd59fb8234ed5307 future-0.18.3.tar.gz
# Locally computed sha256 checksums
sha256 916e561392d48471b9c23437f56e2652f320cb3b119ceaa162edf41016f746b9 LICENSE.txt
+2 -2
View File
@@ -4,9 +4,9 @@
#
################################################################################
PYTHON_FUTURE_VERSION = 0.18.2
PYTHON_FUTURE_VERSION = 0.18.3
PYTHON_FUTURE_SOURCE = future-$(PYTHON_FUTURE_VERSION).tar.gz
PYTHON_FUTURE_SITE = https://files.pythonhosted.org/packages/45/0b/38b06fd9b92dc2b68d58b75f900e97884c45bedd2ff83203d933cf5851c9
PYTHON_FUTURE_SITE = https://files.pythonhosted.org/packages/8f/2e/cf6accf7415237d6faeeebdc7832023c90e0282aa16fd3263db0eb4715ec
PYTHON_FUTURE_SETUP_TYPE = setuptools
PYTHON_FUTURE_LICENSE = MIT
PYTHON_FUTURE_LICENSE_FILES = LICENSE.txt
+1 -1
View File
@@ -9,7 +9,7 @@ PYTHON_IDNA_SOURCE = idna-$(PYTHON_IDNA_VERSION).tar.gz
PYTHON_IDNA_SITE = https://files.pythonhosted.org/packages/8b/e1/43beb3d38dba6cb420cefa297822eac205a277ab43e5ba5d5c46faf96438
PYTHON_IDNA_LICENSE = BSD-3-Clause
PYTHON_IDNA_LICENSE_FILES = LICENSE.md
PYTHON_IDNA_SETUP_TYPE = setuptools
PYTHON_IDNA_SETUP_TYPE = flit
$(eval $(python-package))
$(eval $(host-python-package))
+2 -2
View File
@@ -229,8 +229,8 @@ else
QT5BASE_CONFIGURE_OPTS += -no-eglfs
endif
QT5BASE_CONFIGURE_OPTS += $(if $(BR2_PACKAGE_OPENSSL),-openssl,-no-openssl)
QT5BASE_DEPENDENCIES += $(if $(BR2_PACKAGE_OPENSSL),openssl)
QT5BASE_CONFIGURE_OPTS += $(if $(BR2_PACKAGE_LIBOPENSSL),-openssl,-no-openssl)
QT5BASE_DEPENDENCIES += $(if $(BR2_PACKAGE_LIBOPENSSL),openssl)
QT5BASE_CONFIGURE_OPTS += $(if $(BR2_PACKAGE_QT5BASE_FONTCONFIG),-fontconfig,-no-fontconfig)
QT5BASE_DEPENDENCIES += $(if $(BR2_PACKAGE_QT5BASE_FONTCONFIG),fontconfig)
+2
View File
@@ -1,6 +1,8 @@
config BR2_PACKAGE_QT5ENGINIO
bool "qt5enginio"
select BR2_PACKAGE_OPENSSL
# Only openssl is supported by qt5
select BR2_PACKAGE_OPENSSL_FORCE_LIBOPENSSL
select BR2_PACKAGE_QT5BASE_GUI
select BR2_PACKAGE_QT5BASE_NETWORK
help
+2
View File
@@ -16,6 +16,8 @@ config BR2_PACKAGE_QT5WEBKIT
select BR2_PACKAGE_LEVELDB
select BR2_PACKAGE_LIBPNG
select BR2_PACKAGE_OPENSSL
# Only openssl is supported by qt5
select BR2_PACKAGE_OPENSSL_FORCE_LIBOPENSSL
select BR2_PACKAGE_QT5BASE_ICU
select BR2_PACKAGE_QT5BASE_GUI
select BR2_PACKAGE_QT5BASE_WIDGETS
+1 -1
View File
@@ -9,7 +9,7 @@ config BR2_PACKAGE_RP_PPPOE
select BR2_PACKAGE_PPPD
help
An implementation of the Point-to-point protocol over
Ethernet. Has userspace client and server deamons. You
Ethernet. Has userspace client and server daemons. You
likely only need this package if you are implementing the
pppoe server that will service other pppoe client
devices. Otherwise the normal client functionality already
+2
View File
@@ -1,5 +1,6 @@
config BR2_PACKAGE_RTL8192EU
bool "rtl8192eu"
depends on !BR2_s390x
depends on BR2_LINUX_KERNEL
help
A standalone driver for the RTL8192EU USB Wi-Fi adapter.
@@ -10,4 +11,5 @@ config BR2_PACKAGE_RTL8192EU
https://github.com/clnhub/rtl8192eu-linux
comment "rtl8192eu needs a Linux kernel to be built"
depends on !BR2_s390x
depends on !BR2_LINUX_KERNEL
+6 -4
View File
@@ -8,12 +8,14 @@ RTL8723DS_VERSION = a638cc8639015b8b9390af3350fab0366b6c87e7
RTL8723DS_SITE = $(call github,lwfinger,rtl8723ds,$(RTL8723DS_VERSION))
RTL8723DS_LICENSE = GPL-2.0
# Undefine the hardcoded CONFIG_LITTLE_ENDIAN
RTL8723DS_USER_EXTRA_CLAGS = -UCONFIG_LITTLE_ENDIAN
# Set endianness
RTL8723DS_USER_EXTRA_CLAGS += -DCONFIG_$(call qstrip,$(BR2_ENDIAN))_ENDIAN
RTL8723DS_USER_EXTRA_CLAGS = \
-DCONFIG_$(call qstrip,$(BR2_ENDIAN))_ENDIAN \
-DCONFIG_IOCTL_CFG80211 \
-DRTW_USE_CFG80211_STA_EVENT \
-Wno-error
RTL8723DS_MODULE_MAKE_OPTS = \
CONFIG_PLATFORM_I386_PC=n \
CONFIG_RTL8723DS=m \
KVER=$(LINUX_VERSION_PROBED) \
KSRC=$(LINUX_DIR) \
@@ -1,76 +0,0 @@
From da9ba3a2a1536017e4ce1ee0f4276578d1ce6e29 Mon Sep 17 00:00:00 2001
From: Sam Lantinga <slouken@libsdl.org>
Date: Fri, 18 Nov 2022 12:17:27 -0800
Subject: [PATCH] If a CRTC doesn't have a mode configured, use the preferred
or largest mode as the default mode
Fixes https://github.com/libsdl-org/SDL/issues/6421
[mf@go-sys.de: backport from upstream]
Signed-off-by: Michael Fischer <mf@go-sys.de>
[yann.morin.1998@free.fr: do an actual backport]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
---
src/video/kmsdrm/SDL_kmsdrmvideo.c | 35 +++++++++++++++++++++++++-----
1 file changed, 29 insertions(+), 6 deletions(-)
diff --git a/src/video/kmsdrm/SDL_kmsdrmvideo.c b/src/video/kmsdrm/SDL_kmsdrmvideo.c
index eae721455..eeeefef2b 100644
--- a/src/video/kmsdrm/SDL_kmsdrmvideo.c
+++ b/src/video/kmsdrm/SDL_kmsdrmvideo.c
@@ -666,8 +666,8 @@ KMSDRM_CrtcGetVrr(uint32_t drm_fd, uint32_t crtc_id)
/* Gets a DRM connector, builds an SDL_Display with it, and adds it to the
list of SDL Displays in _this->displays[] */
static void
-KMSDRM_AddDisplay (_THIS, drmModeConnector *connector, drmModeRes *resources) {
-
+KMSDRM_AddDisplay (_THIS, drmModeConnector *connector, drmModeRes *resources)
+{
SDL_VideoData *viddata = ((SDL_VideoData *)_this->driverdata);
SDL_DisplayData *dispdata = NULL;
SDL_VideoDisplay display = {0};
@@ -770,14 +770,37 @@ KMSDRM_AddDisplay (_THIS, drmModeConnector *connector, drmModeRes *resources) {
drmModeModeInfo *mode = &connector->modes[i];
if (!SDL_memcmp(mode, &crtc->mode, sizeof(crtc->mode))) {
- mode_index = i;
- break;
+ mode_index = i;
+ break;
}
}
if (mode_index == -1) {
- ret = SDL_SetError("Failed to find index of mode attached to the CRTC.");
- goto cleanup;
+ int current_area, largest_area = 0;
+
+ /* Find the preferred mode or the highest resolution mode */
+ for (i = 0; i < connector->count_modes; i++) {
+ drmModeModeInfo *mode = &connector->modes[i];
+
+ if (mode->type & DRM_MODE_TYPE_PREFERRED) {
+ mode_index = i;
+ break;
+ }
+
+ current_area = mode->hdisplay * mode->vdisplay;
+ if (current_area > largest_area) {
+ mode_index = i;
+ largest_area = current_area;
+ }
+ }
+ if (mode_index != -1) {
+ crtc->mode = connector->modes[mode_index];
+ }
+ }
+
+ if (mode_index == -1) {
+ ret = SDL_SetError("Failed to find index of mode attached to the CRTC.");
+ goto cleanup;
}
/*********************************************/
--
2.25.1
+2 -2
View File
@@ -1,4 +1,4 @@
# Locally calculated after checking http://www.libsdl.org/release/SDL2-2.24.1.tar.gz.sig
sha256 bc121588b1105065598ce38078026a414c28ea95e66ed2adab4c44d80b309e1b SDL2-2.24.1.tar.gz
# Locally calculated after checking http://www.libsdl.org/release/SDL2-2.26.2.tar.gz.sig
sha256 95d39bc3de037fbdfa722623737340648de4f180a601b0afad27645d150b99e0 SDL2-2.26.2.tar.gz
# Locally calculated
sha256 fcb07e07ac6bc8b2fcf047b50431ef4ebe5b619d7ca7c82212018309a9067426 LICENSE.txt
+1 -1
View File
@@ -4,7 +4,7 @@
#
################################################################################
SDL2_VERSION = 2.24.1
SDL2_VERSION = 2.26.2
SDL2_SOURCE = SDL2-$(SDL2_VERSION).tar.gz
SDL2_SITE = http://www.libsdl.org/release
SDL2_LICENSE = Zlib
+1 -1
View File
@@ -1,4 +1,4 @@
# Locally computed
sha256 daf75c41408c559c2d58a8fd4d39be4a8ff5144bc1db220d4dbc28deeed6670a sofia-sip-1.13.9-f6ee306084.tar.gz
sha256 03dda8653367501b7b1188a6b6513416902372e27475553de9318ee89ac390ff sofia-sip-1.13.12.tar.gz
sha256 e1c0890440efe31b6cd2ee2abf895eb917c787799f079133f5809414d90d5d60 COPYING
sha256 b402ae58cf355b33be8fa023f704a039e3d41ecaccd2bbcda43ca31d703e4556 COPYRIGHTS
+4 -3
View File
@@ -4,10 +4,11 @@
#
################################################################################
SOFIA_SIP_VERSION = 1.13.9
SOFIA_SIP_SOURCE = sofia-sip-$(SOFIA_SIP_VERSION)-f6ee306084.tar.gz
SOFIA_SIP_SITE = https://files.freeswitch.org/downloads/libs/sofia-sip
SOFIA_SIP_VERSION = 1.13.12
SOFIA_SIP_SITE = $(call github,freeswitch,sofia-sip,v$(SOFIA_SIP_VERSION))
SOFIA_SIP_INSTALL_STAGING = YES
# Fetched from github, no pre-generated configure script provided
SOFIA_SIP_AUTORECONF = YES
SOFIA_SIP_DEPENDENCIES = host-pkgconf
SOFIA_SIP_LICENSE = LGPL-2.1+
SOFIA_SIP_LICENSE_FILES = COPYING COPYRIGHTS
-5
View File
@@ -25,9 +25,4 @@ define SSDP_RESPONDER_INSTALL_INIT_SYSV
$(TARGET_DIR)/etc/init.d/S50ssdpd
endef
define SSDP-RESPONDER_INSTALL_INIT_SYSTEMD
$(INSTALL) -D -m 644 $(@D)/ssdp-responder.service \
$(TARGET_DIR)/usr/lib/systemd/system/ssdp-responder.service
endef
$(eval $(autotools-package))
@@ -1,53 +0,0 @@
From bd209b9f16fcd1270c13db27ae3329c677d48050 Mon Sep 17 00:00:00 2001
From: "Todd C. Miller" <Todd.Miller@sudo.ws>
Date: Fri, 28 Oct 2022 07:29:55 -0600
Subject: [PATCH] Fix CVE-2022-43995, potential heap overflow for passwords < 8
characters. Starting with sudo 1.8.0 the plaintext password buffer is
dynamically sized so it is not safe to assume that it is at least 9 bytes in
size. Found by Hugo Lefeuvre (University of Manchester) with ConfFuzz.
[Retrieved from:
https://github.com/sudo-project/sudo/commit/bd209b9f16fcd1270c13db27ae3329c677d48050]
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
---
plugins/sudoers/auth/passwd.c | 11 +++++------
1 file changed, 5 insertions(+), 6 deletions(-)
diff --git a/plugins/sudoers/auth/passwd.c b/plugins/sudoers/auth/passwd.c
index b2046eca2..0416861e9 100644
--- a/plugins/sudoers/auth/passwd.c
+++ b/plugins/sudoers/auth/passwd.c
@@ -63,7 +63,7 @@ sudo_passwd_init(struct passwd *pw, sudo_auth *auth)
int
sudo_passwd_verify(struct passwd *pw, char *pass, sudo_auth *auth, struct sudo_conv_callback *callback)
{
- char sav, *epass;
+ char des_pass[9], *epass;
char *pw_epasswd = auth->data;
size_t pw_len;
int matched = 0;
@@ -75,12 +75,12 @@ sudo_passwd_verify(struct passwd *pw, char *pass, sudo_auth *auth, struct sudo_c
/*
* Truncate to 8 chars if standard DES since not all crypt()'s do this.
- * If this turns out not to be safe we will have to use OS #ifdef's (sigh).
*/
- sav = pass[8];
pw_len = strlen(pw_epasswd);
- if (pw_len == DESLEN || HAS_AGEINFO(pw_epasswd, pw_len))
- pass[8] = '\0';
+ if (pw_len == DESLEN || HAS_AGEINFO(pw_epasswd, pw_len)) {
+ strlcpy(des_pass, pass, sizeof(des_pass));
+ pass = des_pass;
+ }
/*
* Normal UN*X password check.
@@ -88,7 +88,6 @@ sudo_passwd_verify(struct passwd *pw, char *pass, sudo_auth *auth, struct sudo_c
* only compare the first DESLEN characters in that case.
*/
epass = (char *) crypt(pass, pw_epasswd);
- pass[8] = sav;
if (epass != NULL) {
if (HAS_AGEINFO(pw_epasswd, pw_len) && strlen(epass) == DESLEN)
matched = !strncmp(pw_epasswd, epass, DESLEN);
+1 -1
View File
@@ -8,4 +8,4 @@ config BR2_PACKAGE_SUDO
basic philosophy is to give as few privileges as possible
but still allow people to get their work done.
http://www.sudo.ws/sudo/
https://www.sudo.ws/sudo/
+3 -3
View File
@@ -1,4 +1,4 @@
# From: http://www.sudo.ws/download.html
sha256 a21918eb9fc0063794f6887464fa2d924ab6d192e19063191a429605c22791d2 sudo-1.9.11p2.tar.gz
# From: https://www.sudo.ws/getting/download/
sha256 b9a0b1ae0f1ddd9be7f3eafe70be05ee81f572f6f536632c44cd4101bb2a8539 sudo-1.9.12p2.tar.gz
# Locally calculated
sha256 cf3a83366f9aabfd76d693ce03843106fcaaf6c76dfa97610f7c0b719a06e6bb LICENSE.md
sha256 d2f93a3b17ed5586fddd07be33ad767146c1a81a22682baa68bb4360a31d020a LICENSE.md
+1 -4
View File
@@ -4,7 +4,7 @@
#
################################################################################
SUDO_VERSION_MAJOR = 1.9.11
SUDO_VERSION_MAJOR = 1.9.12
SUDO_VERSION_MINOR = p2
SUDO_VERSION = $(SUDO_VERSION_MAJOR)$(SUDO_VERSION_MINOR)
SUDO_SITE = https://www.sudo.ws/sudo/dist
@@ -25,9 +25,6 @@ SUDO_CONF_OPTS = \
--without-interfaces \
--with-env-editor
# 0001-Fix-CVE-2022-43995.patch
SUDO_IGNORE_CVES += CVE-2022-43995
ifeq ($(BR2_PACKAGE_LINUX_PAM),y)
define SUDO_INSTALL_PAM_CONF
$(INSTALL) -D -m 0644 package/sudo/sudo.pam $(TARGET_DIR)/etc/pam.d/sudo
+2
View File
@@ -20,6 +20,8 @@ config BR2_PACKAGE_PROVIDES_LIBGLES
choice
prompt "Version"
default BR2_PACKAGE_SUNXI_MALI_UTGARD_R6P2 if BR2_PACKAGE_SUNXI_MALI_MAINLINE_R6P2 # legacy
default BR2_PACKAGE_SUNXI_MALI_UTGARD_R8P1 if BR2_PACKAGE_SUNXI_MALI_MAINLINE_R8P1 # legacy
default BR2_PACKAGE_SUNXI_MALI_UTGARD_R6P2
help
Select the version of the userspace module.
+1 -1
View File
@@ -1,3 +1,3 @@
# Locally computed:
sha256 e6515678ce8ff37978a453e1617a087a40ba3a31809a42c1768b6f816e564cc9 thermald-2.5.tar.gz
sha256 75c165df45b3d09c904d314c8c19789158e9538f46e3d2b606457dc631eb3af5 thermald-2.5.1.tar.gz
sha256 e98be8bc482e038a14bfbc01caf800bbd0024fff275ef14cd999db6560254a8d COPYING
+1 -1
View File
@@ -4,7 +4,7 @@
#
################################################################################
THERMALD_VERSION = 2.5
THERMALD_VERSION = 2.5.1
THERMALD_SITE = $(call github,intel,thermal_daemon,v$(THERMALD_VERSION))
# fetched from Github, with no configure script
THERMALD_AUTORECONF = YES
+7
View File
@@ -11,6 +11,13 @@ TMUX_LICENSE_FILES = COPYING
TMUX_CPE_ID_VENDOR = tmux_project
TMUX_DEPENDENCIES = libevent ncurses host-pkgconf
ifeq ($(BR2_PACKAGE_UTF8PROC),y)
TMUX_DEPENDENCIES += utf8proc
TMUX_CONF_OPTS += --enable-utf8proc
else
TMUX_CONF_OPTS += --disable-utf8proc
endif
# Add /usr/bin/tmux to /etc/shells otherwise some login tools like dropbear
# can reject the user connection. See man shells.
define TMUX_ADD_TMUX_TO_SHELLS
+1
View File
@@ -22,6 +22,7 @@ UCLIBC_DEPENDENCIES = host-gcc-initial linux-headers
# specifying UCLIBC_CONFIG_FILE on the command-line overrides the .config
# setting.
# check-package disable Ifdef
ifndef UCLIBC_CONFIG_FILE
UCLIBC_CONFIG_FILE = $(call qstrip,$(BR2_UCLIBC_CONFIG))
endif
@@ -1,80 +0,0 @@
From 3781df9da23840e596d5e9e8493f22666802fe6c Mon Sep 17 00:00:00 2001
From: John Reiser <jreiser@BitWagon.com>
Date: Fri, 11 Dec 2020 13:38:18 -0800
Subject: [PATCH] Check DT_REL/DT_RELA, DT_RELSZ/DT_RELASZ
https://github.com/upx/upx/issues/421
modified: p_lx_elf.cpp
[Retrieved from:
https://github.com/upx/upx/commit/3781df9da23840e596d5e9e8493f22666802fe6c]
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
---
src/p_lx_elf.cpp | 34 +++++++++++++++++++++++++++++-----
1 file changed, 29 insertions(+), 5 deletions(-)
diff --git a/src/p_lx_elf.cpp b/src/p_lx_elf.cpp
index 182db192f..3a4101cf7 100644
--- a/src/p_lx_elf.cpp
+++ b/src/p_lx_elf.cpp
@@ -2222,8 +2222,20 @@ bool PackLinuxElf32::canPack()
int z_rsz = dt_table[Elf32_Dyn::DT_RELSZ];
if (z_rel && z_rsz) {
unsigned rel_off = get_te32(&dynseg[-1+ z_rel].d_val);
+ if ((unsigned)file_size <= rel_off) {
+ char msg[70]; snprintf(msg, sizeof(msg),
+ "bad Elf32_Dynamic[DT_REL] %#x\n",
+ rel_off);
+ throwCantPack(msg);
+ }
Elf32_Rel *rp = (Elf32_Rel *)&file_image[rel_off];
unsigned relsz = get_te32(&dynseg[-1+ z_rsz].d_val);
+ if ((unsigned)file_size <= relsz) {
+ char msg[70]; snprintf(msg, sizeof(msg),
+ "bad Elf32_Dynamic[DT_RELSZ] %#x\n",
+ relsz);
+ throwCantPack(msg);
+ }
Elf32_Rel *last = (Elf32_Rel *)(relsz + (char *)rp);
for (; rp < last; ++rp) {
unsigned r_va = get_te32(&rp->r_offset);
@@ -2562,14 +2574,26 @@ PackLinuxElf64::canPack()
int z_rel = dt_table[Elf64_Dyn::DT_RELA];
int z_rsz = dt_table[Elf64_Dyn::DT_RELASZ];
if (z_rel && z_rsz) {
- unsigned rel_off = get_te64(&dynseg[-1+ z_rel].d_val);
+ upx_uint64_t rel_off = get_te64(&dynseg[-1+ z_rel].d_val);
+ if ((u64_t)file_size <= rel_off) {
+ char msg[70]; snprintf(msg, sizeof(msg),
+ "bad Elf64_Dynamic[DT_RELA] %#llx\n",
+ rel_off);
+ throwCantPack(msg);
+ }
Elf64_Rela *rp = (Elf64_Rela *)&file_image[rel_off];
- unsigned relsz = get_te64(&dynseg[-1+ z_rsz].d_val);
+ upx_uint64_t relsz = get_te64(&dynseg[-1+ z_rsz].d_val);
+ if ((u64_t)file_size <= relsz) {
+ char msg[70]; snprintf(msg, sizeof(msg),
+ "bad Elf64_Dynamic[DT_RELASZ] %#llx\n",
+ relsz);
+ throwCantPack(msg);
+ }
Elf64_Rela *last = (Elf64_Rela *)(relsz + (char *)rp);
for (; rp < last; ++rp) {
- unsigned r_va = get_te64(&rp->r_offset);
+ upx_uint64_t r_va = get_te64(&rp->r_offset);
if (r_va == user_init_ava) { // found the Elf64_Rela
- unsigned r_info = get_te64(&rp->r_info);
+ upx_uint64_t r_info = get_te64(&rp->r_info);
unsigned r_type = ELF64_R_TYPE(r_info);
if (Elf64_Ehdr::EM_AARCH64 == e_machine
&& R_AARCH64_RELATIVE == r_type) {
@@ -2581,7 +2605,7 @@ PackLinuxElf64::canPack()
}
else {
char msg[50]; snprintf(msg, sizeof(msg),
- "bad relocation %#x DT_INIT_ARRAY[0]",
+ "bad relocation %#llx DT_INIT_ARRAY[0]",
r_info);
throwCantPack(msg);
}
+1 -1
View File
@@ -1,3 +1,3 @@
# Locally computed:
sha256 47774df5c958f2868ef550fb258b97c73272cb1f44fe776b798e393465993714 upx-3.96-src.tar.xz
sha256 1221e725b1a89e06739df27fae394d6bc88aedbe12f137c630ec772522cbc76f upx-4.0.2-src.tar.xz
sha256 8177f97513213526df2cf6184d8ff986c675afb514d4e68a404010521b880643 COPYING
+3 -19
View File
@@ -4,28 +4,12 @@
#
################################################################################
UPX_VERSION = 3.96
UPX_VERSION = 4.0.2
UPX_SITE = https://github.com/upx/upx/releases/download/v$(UPX_VERSION)
UPX_SOURCE = upx-$(UPX_VERSION)-src.tar.xz
UPX_LICENSE = GPL-2.0+
UPX_LICENSE_FILES = COPYING
UPX_CPE_ID_VENDOR = upx_project
UPX_SUPPORTS_IN_SOURCE_BUILD = NO
# 0001-Check-DT_REL-DT_RELA-DT_RELSZ-DT_RELASZ.patch
UPX_IGNORE_CVES += CVE-2021-20285
HOST_UPX_DEPENDENCIES = host-ucl host-zlib
# We need to specify all, otherwise the default target only prints a message
# stating to "please choose a target for 'make'"... :-(
define HOST_UPX_BUILD_CMDS
$(HOST_MAKE_ENV) $(HOST_CONFIGURE_OPTS) $(MAKE) \
UPX_UCLDIR=$(HOST_DIR) CXXFLAGS_WERROR= -C $(@D) all
endef
# UPX has no install procedure, so install it manually.
define HOST_UPX_INSTALL_CMDS
$(INSTALL) -D -m 0755 $(@D)/src/upx.out $(HOST_DIR)/bin/upx
endef
$(eval $(host-generic-package))
$(eval $(host-cmake-package))
+2 -2
View File
@@ -1,4 +1,4 @@
# Locally computed
sha256 c95c9abcf024bd6293ad199e4efa1c09452a9c6456c9cbaf53d896cf7b9f4d08 vim-9.0.0951.tar.gz
sha256 bcaf9b21ab00ab49de4f3bdfda1bcda82533ec16c412824226544a3fce6506ff vim-9.0.1260.tar.gz
sha256 0bcab3b635dd39208c42b496568d1e8171dad247cf3da5bab3d750c9d5883499 LICENSE
sha256 de04910387a62ad4f9b36b91457c8d5ef32733ac5d768a128071b93f4821fcd1 README.txt
sha256 d187aff219161f37138479257f82d687ea10b2cdd17d58b53a3ec9b79d6dc870 README.txt
+1 -1
View File
@@ -4,7 +4,7 @@
#
################################################################################
VIM_VERSION = 9.0.0951
VIM_VERSION = 9.0.1260
VIM_SITE = $(call github,vim,vim,v$(VIM_VERSION))
VIM_DEPENDENCIES = ncurses $(TARGET_NLS_DEPENDENCIES)
VIM_SUBDIR = src
+4 -4
View File
@@ -1,7 +1,7 @@
# From https://webkitgtk.org/releases/webkitgtk-2.38.3.tar.xz.sums
md5 1c1cc5eb59273091e228406937b23947 webkitgtk-2.38.3.tar.xz
sha1 04cb5923d8ac6f435424b74115c3219ec597e9ad webkitgtk-2.38.3.tar.xz
sha256 41f001d1ed448c6936b394a9f20e4640eebf83a7f08262df28504f7410604a5a webkitgtk-2.38.3.tar.xz
# From https://webkitgtk.org/releases/webkitgtk-2.38.4.tar.xz.sums
md5 1c9ca83a0ad7e4ca9e933094572cb7d9 webkitgtk-2.38.4.tar.xz
sha1 38b47df2be9bfb97d68fce8c7fa2819966a79036 webkitgtk-2.38.4.tar.xz
sha256 4f47ea29a2d4d5f15eef3dc9e2d6c6f067e8de863a3f64455e1ccf9693cc1d36 webkitgtk-2.38.4.tar.xz
# Hashes for license files:
sha256 0b5d3a7cc325942567373b0ecd757d07c132e0ebd7c97bfc63f7e1a76094edb4 Source/WebCore/LICENSE-APPLE
+20 -1
View File
@@ -4,7 +4,7 @@
#
################################################################################
WEBKITGTK_VERSION = 2.38.3
WEBKITGTK_VERSION = 2.38.4
WEBKITGTK_SITE = https://www.webkitgtk.org/releases
WEBKITGTK_SOURCE = webkitgtk-$(WEBKITGTK_VERSION).tar.xz
WEBKITGTK_INSTALL_STAGING = YES
@@ -139,4 +139,23 @@ ifeq ($(BR2_ARM_CPU_ARMV5)$(BR2_ARM_CPU_ARMV6)$(BR2_MIPS_CPU_MIPS32R6)$(BR2_MIPS
WEBKITGTK_CONF_OPTS += -DENABLE_JIT=OFF -DENABLE_C_LOOP=ON -DENABLE_SAMPLING_PROFILER=OFF
endif
# webkitgtk needs cmake >= 3.20 when not building with ninja, which is
# above our minimal version in
# support/dependencies/check-host-cmake.mk, so use the ninja backend:
# https://github.com/WebKit/WebKit/commit/6cd89696b5d406c1a3d9a7a9bbb18fda9284fa1f
WEBKITGTK_CONF_OPTS += -GNinja
WEBKITGTK_DEPENDENCIES += host-ninja
define WEBKITGTK_BUILD_CMDS
$(TARGET_MAKE_ENV) $(BR2_CMAKE) --build $(WEBKITGTK_BUILDDIR)
endef
define WEBKITGTK_INSTALL_STAGING_CMDS
$(TARGET_MAKE_ENV) DESTDIR=$(STAGING_DIR) $(BR2_CMAKE) --install $(WEBKITGTK_BUILDDIR)
endef
define WEBKITGTK_INSTALL_TARGET_CMDS
$(TARGET_MAKE_ENV) DESTDIR=$(TARGET_DIR) $(BR2_CMAKE) --install $(WEBKITGTK_BUILDDIR)
endef
$(eval $(cmake-package))

Some files were not shown because too many files have changed in this diff Show More