- Use an up to date fork (spice slirp is archived and has not been
updated since 2012)
- Add COPYRIGHT as the license file
- BSD-4-Clause has been replaced by BSD-3-Clause since
3bac39137af9f6e69c4e
- Add hash file
- Switch to meson-package
- Fix multiple security vulnerabilities: CVE-2014-3640, CVE-2017-11434,
CVE-2019-6778, CVE-2019-9824, CVE-2019-14378 and CVE-2020-10756
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 97fcae8ddf)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This patch bumps Linux CIP RT to version 4.19.152-cip37-rt16
Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 0e4d645cf2)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This patch bumps Linux CIP to version 4.19.152-cip37
Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 18729f8d64)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 493b1d7b25)
[Peter: drop 5.8.x/5.9.x bump]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Set BITCOIN_GENBUILD_NO_GIT to not include (Buildroot) git version info in
build, which is available since version 0.15.0 and
e98e3dde6a
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 82d6abda1a)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add license file and, while at it, update indentation to two spaces
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 062e5d8a65)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
I haven't looked at that package and touched it for 6 years now, and
clearly others have taken care of it when looking at the Git history.
Signed-off-by: Antoine Tenart <atenart@kernel.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 19932c8e02)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Antoine Tenart <atenart@kernel.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit e6b3803c84)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
When running the TestInitSystemSystemdRwIfupdown test, the rootfs must
be in read-write mode. The commit log [1] introducing systemd tests say
so:
"basic systemd, read-write, network w/ ifupdown"
With systemd 246.5, the service systemd-update-done return an error code
when it can't write on the filesystem (/etc)
[1] 117835d5fc
[2] 8019995e9a
Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/830981813
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 14ed65e3a6)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Version is 4.19 and not 4.4.
Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 642f821ce5)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
boost program-options is not needed since version 0.17.0 and
f447a0a707
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 2185877a80)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix the following check-package warning added by commit
a2b98a6add:
package/davfs2/davfs2.mk:22: expected indent with tabs
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 62bb541d99)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
mount.davfs expects the availability of the user and group davfs2.
Signed-off-by: Sven Klomp <mail@klomp.eu>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit a2b98a6add)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add lzlib.c as the license file and, while at it, update indentation to
two spaces
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit afdaeab729)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add license file and, while at it, update indentation to two spaces
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 1906912a04)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes CVE-2020-15999, https://www.freetype.org/index.html#news
"This is an emergency release, fixing a severe vulnerability in embedded
PNG bitmap handling [...].
All users should update immediately."
Removed md5 hash.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 1ffe654c6d)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This patch is needed to fix the build with freetype >= 2.10.3.
https://www.freetype.org/index.html#news
"A warning for distribution maintainers: Version 2.10.3 and later may
break the build of ghostscript, due to ghostscript's use of a with-
drawn macro that wasn't intended for external usage."
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 5177f726a0)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Release notes of this "Security and build system fixes" release:
https://github.com/open-source-parsers/jsoncpp/releases/tag/1.9.4
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit b2019a5183)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Removed patch which was committed upstream.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit bab0d6ef43)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Drop patch (already in version)
Fixed many problems found by OSS-Fuzz
Fixed many problems found by Coverity
https://github.com/kkos/oniguruma/releases/tag/v6.9.6
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 969fe10855)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Update hash of COPYING (update in year):
1952e8970a
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit ab8964ae77)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
dvdsub{enc,overlay} -> dvbsub{enc,overlay}
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Reviewed-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 8d6c60656e)
[Peter: drop dvbsubenc, only added in 1.18.0]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
opencv3 does not install anything in $(TARGET_DIR)/usr/share/OpenCV/doc
so drop OPENCV3_CLEAN_INSTALL_DOC
However it installs its licence files in
$(TARGET_DIR)/usr/share/licenses/opencv3 so add
OPENCV3_CLEAN_INSTALL_LICENSE
Moreover, the cmake hook does not catch all cmake files and missed the
valgrind files so update OPENCV3_CLEAN_INSTALL_CMAKE and add
OPENCV3_CLEAN_INSTALL_VALGRIND to delete those files:
OpenCVConfig.cmake OpenCVConfig-version.cmake OpenCVModules.cmake OpenCVModules-release.cmake valgrind_3rdparty.supp valgrind.supp
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 436f4804b2)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This reverts commit d01b0bbad0.
Original commit made restriction for Linux headers < 3.4 which was
related to keepalived version 1.3.5, but it compiles fine now at least
with a toolchain based on 3.2 headers and keepalived 2.0.15 together
with ipset enabled.
Probably it was fixed by this commit:
5a7f895bb7
Signed-off-by: Vadym Kochan <vadym.kochan@plvision.eu>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit c69a88190a)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Busybox is mainly licensed under the GPL-2.0, but the bzip2 part is a
modified copy of the bzip2/libbzip2 project, which comes with its own
license.
Update the licensing information accordingly.
Add the hash for the new license file, and fixup indentation (2 spaces).
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit ca76d0336d)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Since we don't enable sysv any support, it makes no sense to set the
path to telinit either.
The path we were setting was anyway wrong: we set a path into
TARGET_DIR, but this path is only used at runtime, on the target, where
TARGET_DIR doesn't exist (it should have been /usr/sbin/telinit).
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
(cherry picked from commit 8bc9350963)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
If paths are not set, then meson will search the host system for the
binaries (or the target, where those binaries are not yet installed).
So add the missing paths.
Signed-off-by: Norbert Lange <nolange79@gmail.com>
Reviewed-by: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
(cherry picked from commit acb62b3336)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
As we many times by now discussed that - some ARC cores might
not have atomic instructions implemented. Namely that's ARC700
w/o explicitly added atomics during design creation/configuration.
Because of that when GCC gets configured for ARC700, i.e. via
"--with-cpu=arc700" atomic ops are assumed disabled.
Usually it's not a problem as we add "-matomics" in the wraper for
building all packages if targets CPU has atomis (BR2_ARC_ATOMIC_EXT).
But when bulding target's binaries which are essential parts of
the GCC itself we don't use the wrapper. Instead xgcc is being used.
That way we lose that important part of system's configuration about
atomics and:
1. Atomic ops won't be used where otherwise they could have been used.
2. Some configuration checks might end-up thinking there're no atomics
In particular (2) leads to pretty obscure failure on bulding of some
packages which use C++, for example:
log4cplus: http://autobuild.buildroot.net/results/a7732fdb2ba526a114d9fb759814236c5332f8d7
------------------------>8--------------------
./.libs/liblog4cplus.so: undefined reference to `std::__atomic_futex_unsigned_base::_M_futex_notify_all(unsigned int*)'
collect2: error: ld returned 1 exit status
------------------------>8--------------------
bitcoin: http://autobuild.buildroot.net/results/f73/f73d4c77e5fd6223abdbc83e344addcfc93227b8
------------------------>8--------------------
(.text+0x110c): undefined reference to `std::__atomic_futex_unsigned_base::_M_futex_wait_until(unsigned int*, unsigned int, bool, std::chrono::duration<long long, std::ratio<1ll, 1ll> >, std::chrono::duration<long long, std::ratio<1ll, 1000000000ll> >)'
collect2: error: ld returned 1 exit status
------------------------>8--------------------
apcupsd: http://autobuild.buildroot.net/results/7a2/7a2cc7a4ac2237c185817f75e55e05d144efd100
------------------------>8--------------------
/tmp/instance-0/output-1/host/lib/gcc/arc-buildroot-linux-uclibc/9.3.1/../../../../arc-buildroot-linux-uclibc/bin/ld: eh_throw.cc:(.text._ZL23__gxx_exception_cleanup19_Unwind_Reason_CodeP17_Unwind_Exception+0x24): undefined reference to `__gnu_cxx::__exchange_and_add(int volatile*, int)'
collect2: error: ld returned 1 exit status
------------------------>8--------------------
...and many more.
Interesting enough that was not seen earlier because "-matomic"
used to be added in TARGET_{C|CXX}FLAGS via TARGET_ABI,
but later "-matomic" was moved to ARCH_TOOLCHAIN_WRAPPER_OPTS, see
https://git.buildroot.org/buildroot/commit/?id=c568b4f37fa6d7f51e6d14d33d7eb75dfe26d7bf
and since then we started to see that new breakage which we now
attempt to fix right where it hapens on GCC configuration.
In contrast ARC HS family has atomic ops enabled by default thus
we never spotted that kind of problem for it.
More datails with analysis of what really happens under the hodd and
how do error messages above are related to libs of GCC configuration could
be found here: http://lists.busybox.net/pipermail/buildroot/2020-October/293614.html
Signed-off-by: Alexey Brodkin <abrodkin@synopsys.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Cc: Peter Korsgaard <peter@korsgaard.com>
Cc: Romain Naour <romain.naour@gmail.com>
[Peter: simplify conditional]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit d2ae7eb2a2)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
- harfbuzz is mandatory since
f3e2c97e18
- Fix CVE-2020-26682 (In libass 0.14.0, the `ass_outline_construct`'s
call to `outline_stroke` causes a signed integer overflow.) through
676f9dc5b5
which does not apply cleanly over version 0.14.
It should be noted that version 0.15 also fixes other integer
overflows (which have no CVE assigned)
- Update indentation in hash file (two spaces)
https://github.com/libass/libass/releases/tag/0.15.0
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 4ae8ecea8f)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
gnuradio-runtimeTargets.cmake and gnuradio-pmtTargets.cmake are filled
using CMAKE_INSTALL_PREFIX for INSTALL_INTERFACE.
Since CMAKE_INSTALL_PREFIX, in buildroot, is set to /usr, these files contains
path to host system.
With BR2_COMPILER_PARANOID_UNSAFE_PATH package using gnuradio fails with:
arm-linux-gnueabihf-g++: ERROR: unsafe header/library path used in cross-compilation: '-isystem' '/usr/include'
By simply providing 'include', produced .cmake contains:
INTERFACE_INCLUDE_DIRECTORIES "${_IMPORT_PREFIX}/include"
instead of
INTERFACE_INCLUDE_DIRECTORIES "/usr/include"
[Upstream status: https://github.com/gnuradio/gnuradio/pull/3737]
Fix (many) gr-osmosdr build failure:
- http://autobuild.buildroot.net/results/66b76c07f15bb3e6db697c47796ae3dd15ecf4b9/
Signed-off-by: Gwenhael Goavec-Merou <gwenhael.goavec-merou@trabucayre.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 5209123494)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit a81b187c16)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
zstd is available since version 3.1.1 and is enabled by default:
ad94c4d459
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 105004f72a)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Last commit fixed eglfs_kms support for i.MX8 platforms that required to
declare imx-gpu-viv as the gbm provider.
However, this broke the eglfs "fbdev" imx6 support as gbm isn't provided
in this case. So limit the gbm option to imx-gpu-viv when wayland
backend is used only.
Fixes: 82fb51d3b5 ("package/qt5/qt5base: allow to use imx-gpu-viv as GBM
provider")
Signed-off-by: Gary Bisson <gary.bisson@boundarydevices.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 25f2191ed2)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
libcap is an optional dependency which is available since version 7:
eaac494273
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 25ab2d8b11)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
receive.c in fastd before v21 allows denial of service (assertion
failure) when receiving packets with an invalid type code.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Acked-by: Alexander Dahl <post@lespocky.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 7e4af3ce3f)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes
o CVE-2020-14318: Missing handle permissions check in SMB1/2/3 ChangeNotify.
o CVE-2020-14323: Unprivileged user can crash winbind.
o CVE-2020-14383: An authenticated user can crash the DCE/RPC DNS with easily
crafted records.
Release notes:
https://www.samba.org/samba/history/samba-4.11.14.html (bugfix-only)
https://www.samba.org/samba/history/samba-4.11.15.html
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 3adbb6d296)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Changelog: https://www.php.net/ChangeLog-7.php#7.4.12
According to the release notes this is a "security bug fix release":
https://news-web.php.net/php.announce/300
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 69beb4dd98)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
libtac in pam_tacplus through 1.5.1 lacks a check for a failure of
RAND_bytes()/RAND_pseudo_bytes(). This could lead to use of a
non-random/predictable session_id.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 70499767e5)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Retrieve two upstream patches to fix build on musl
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit cca807a3a3)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
