libubootenv is required by swupdate.
Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
[Thomas: do the installation directly in <pkg>_INSTALL_STAGING_CMDS.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
The xorg server is somewhat sensitive to certain gcc versions combined
with -Os, particularly for ARM and MIPS, typically in the form of the
following symptom/error:
(EE) Segmentation fault at address 0x0
(EE)
Fatal server error:
(EE) Caught signal 11 (Segmentation fault). Server aborting
Force -O2 to work around this problem - for a target rootfs that uses
X11 the tradeoff is minimal since a sample/test image for qemu vexpress
with X11 + xinit + xterm + twm + xclock + gtk2 with demos is 60+ MB.
And it's less complicated than trying to find all of the bad
combinations.
Fixes bug #8436.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
[Thomas: add comment in .mk file, add reference to bug.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Switch to github repository to fetch latest version, which also added the
missing license file.
Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
The ngx_http_spdy_module has been superseded by the ngx_http_v2_module
so BR2_PACKAGE_NGINX_HTTP_SPDY_MODULE has changed to
BR2_PACKAGE_NGINX_HTTP_V2_MODULE
Signed-off-by: Martin Bark <martin@barkynet.com>
[Thomas: rewrap Config.in.legacy help text.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
When using systemd nginx fails to start with the error
/usr/bin/mkdir: invalid option -- 't'
This is due to a missing space before the semicolon in nginx.service.
For systemd to handle multiple commands in ExecStartPre it requires the
semicolon to be a separate word or the use of multiple ExecStartPre.
This commit splits the multiple commands into two ExecStartPre lines
which fixes the error and improves readability.
Signed-off-by: Martin Bark <martin@barkynet.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Add the missing --with-mail configure option
Signed-off-by: Martin Bark <martin@barkynet.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
As pointed by sonnex on the mailing list.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The plugin was moved from -bad to -good so remove the option.
Support in -good was added via 301e8ffb.
Add legacy entry to notify users of this, however we can't automatically
select the good variant since good might be disabled.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The plugin was moved from -bad to -ugly so remove the option.
Support in -ugly was added via 30cde9a3.
Add legacy entry to notify users of this, however we can't automatically
select the ugly variant since ugly might be disabled.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Using 'yes "" | make oldconfig' to regenerate a .config file from an
existing defconfig does not work reliably in all cases. Specifically, it
does not work well with tristate choice entries.
The correct way to do it is to use 'make olddefconfig', but this target
is not supported in projects that use an old version of kconfig. As
most projects do not use tristate entries, there is no need for them to
upgrade.
'oldnoconfig' is an alias for 'olddefconfig', but it also is the only
name for this target between Linux versions 2.6.36 and 3.6.
Check which targets are supported by the current project, and use the
appropriate method to regenerate the .config file.
Signed-off-by: Romain Izard <romain.izard.pro@gmail.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Tested-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Reviewed-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The current linked website is not up to date, since the libtiff.org domain was
apparently hijacked years ago. See
http://www.asmail.be/msg0055472296.html. Correct this.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes:
CVE-2016-2088 - Duplicate EDNS COOKIE options in a response could
trigger an assertion failure.
Drop libressl support patch since it's upstream now.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add upstream patching fixing CVE-2016-2447: psk configuration parameter update
allowing arbitrary data to be written.
See http://w1.fi/security/2016-1/psk-parameter-config-update.txt for details.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add upstream patch fixing CVE-2016-2447: psk configuration parameter update
allowing arbitrary data to be written.
See http://w1.fi/security/2016-1/psk-parameter-config-update.txt for details.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
x264 uses madvise() which is not available in the bfin external toolchain.
Fixes:
http://autobuild.buildroot.net/results/837/837fd5a63d59b5c65818ec005a565cb7741a1cdd/
[Peter: Issue is specific to bfin toolchain, so only disable for that one]
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes a few regressions from the previous security bump.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Packages installed for the host should have their prefix set to
$(HOST_DIR)/usr, and therefore not use DESTDIR at installation time.
Using PREFIX=/usr DESTDIR=$(HOST_DIR) is wrong, and leads for example to
luajit.pc containing prefix=/usr, which means pkg-config returns
incorrect results for host-luajit.
This patch fixes the luajit package to conform to this rule.
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Gustavo Zacarias <gustavo@zacarias.com.ar>
[Thomas: rewrite commit log.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
These header files are required by swupdate.
Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Building crda with GCC 6 fails because of all compiler warnings are treated as
errors. Disable the compiler option '-Werror':
keys-gcrypt.c:94:32: error: ‘keys’ defined but not used [-Werror=unused-const-variable=]
static const struct key_params keys[] = {
^~~~
cc1: all warnings being treated as errors
Add a patch to drop '-Werror' from CFLAGS.
Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
GCC 6 defaults to -std=gnu++14 instead of -std=gnu++98. The C++11 standard does
not allow "narrowing conversions" which is why building fdk-aac with GCC 6
fails:
libAACenc/src/aacEnc_rom.cpp:661:1: error: narrowing conversion of '2180108801u' from 'unsigned int' to 'FIXP_DBL {aka long int}' inside { } [-Wnarrowing]
Use '-std=gnu++98' as suggested by "Porting to GCC 6" [1].
[1] https://gcc.gnu.org/gcc-6/porting_to.html
Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
It already includes the fixes for CVE-2016-3994 and CVE-2011-5326 so
drop the patches, and additionally fixes:
CVE-2016-4024 - integer overflow in imlib2, which result in insufficient
heap allocation.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Drop patches applied upstream:
- 0001: notify: Don't use constexpr on Haiku
- 0002: notify: use "constexpr" only with glibc
Renumber remaining patches.
Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Includes numerous stablity and cleanup passes by ulli-kroll.
A hash file is also added, as it was missing before.
Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Also drop BR2_PACKAGE_MIDORI_HTTPS option since it's now handled in the
webkitgtk package to satisfy MiniBrowser.
This version can't work with the older webkitgtk24 engine so it switches
to the new version.
Also make gcr support conditional on x11 support for libgtk3, it doesn't
work otherwise.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Add the latest 2.12.x upstream stable branch.
Both 2.4.x and 2.12.x can live side-by-side, however only the latest
stable branch/releases are security-maintained, so add it unslotted.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
