Commit Graph

36061 Commits

Author SHA1 Message Date
Ludovic Desroches
0f7b5d4a9f configs/atmel: bump to linux4sam_5.6
Bump at91sam9x5ek, atmel_sama5d2_xplained, atmel_sama5d3_xplained and
atmel_sama5d4_xplained to linux4sam_5.6.

Signed-off-by: Ludovic Desroches <ludovic.desroches@microchip.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-06-21 21:24:05 +02:00
Ludovic Desroches
8c28677ea1 board/atmel: provide u-boot env for at91sam9x5ek_mmc
Default bootargs have changed in U-Boot for this board. Build U-Boot
environment and add it to the SD card image to update bootargs.

Signed-off-by: Ludovic Desroches <ludovic.desroches@microchip.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-06-21 21:23:55 +02:00
Ludovic Desroches
7bd24df2e9 board/atmel: at91sam9x5ek_mmc: add 1M offset for FAT partition
at91sam9x5ek_mmc board was missing in the previous patch adding 1M
offset for FAT partition to solve some boot issues with the ROM code.

Signed-off-by: Ludovic Desroches <ludovic.desroches@microchip.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-06-21 21:23:48 +02:00
Venkateswara Rao Mandela
7fd18fa026 kmsxx: update version
Updating version to latest as on 26 June 2017 to include kmstest utility

Signed-off-by: Venkateswara Rao Mandela <venkat.mandela@ti.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-06-21 18:42:51 +02:00
Alexander Dahl
62cf881a76 iperf: fix tarball hashes changed upstream
Upstream uploaded a new tarball with the same version number 2016-09-08,
some time after the update to v2.0.9 in buildroot. Someone noticed, but
upstream set the ticket to wontfix, and promised to do better in the
future: https://sourceforge.net/p/iperf2/tickets/20/

Signed-off-by: Alexander Dahl <post@lespocky.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-06-21 07:43:39 +02:00
Peter Korsgaard
d1481fe474 c-ares: security bump to version 1.13.0
Fixes the following security issues:

CVE-2017-1000381: The c-ares function `ares_parse_naptr_reply()`, which is
used for parsing NAPTR responses, could be triggered to read memory outside
of the given input buffer if the passed in DNS response packet was crafted
in a particular way.

https://c-ares.haxx.se/adv_20170620.html

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-06-21 07:43:35 +02:00
Koen Martens
438b2d1369 package/input-tools: remove package
remove input-tools, it has been obsoleted by linuxconsoletools

linuxconsoletools uses the same name as upstream and carries
the latest version of the tools installed by input-tools.

Signed-off-by: Koen Martens <gmc@sonologic.nl>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-06-21 00:17:53 +02:00
Peter Korsgaard
e8a15fd693 apache: security bump to version 2.4.26
Fixes the following security issues:

CVE-2017-3167: In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26,
use of the ap_get_basic_auth_pw() by third-party modules outside of the
authentication phase may lead to authentication requirements being bypassed.

CVE-2017-3169: In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26,
mod_ssl may dereference a NULL pointer when third-party modules call
ap_hook_process_connection() during an HTTP request to an HTTPS port.

CVE-2017-7659: A maliciously constructed HTTP/2 request could cause
mod_http2 to dereference a NULL pointer and crash the server process.

CVE-2017-7668: The HTTP strict parsing changes added in Apache httpd 2.2.32
and 2.4.24 introduced a bug in token list parsing, which allows
ap_find_token() to search past the end of its input string.  By maliciously
crafting a sequence of request headers, an attacker may be able to cause a
segmentation fault, or to force ap_find_token() to return an incorrect
value.

CVE-2017-7679: In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26,
mod_mime can read one byte past the end of a buffer when sending a malicious
Content-Type response header.

While we're at it, use the upstream sha256 checksum instead of sha1.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-06-20 23:24:33 +02:00
Peter Korsgaard
e14d89d5e0 bind: security bump to version 9.11-P1
Fixes the following security issues:

CVE-2017-3140 is a denial-of-service vulnerability affecting 9.9.10,
9.10.5, 9.11.0->9.11.1, 9.9.10-S1, and 9.10.5-S1 when configured with
Response Policy Zones (RPZ) utilizing NSIP or NSDNAME rules.

https://kb.isc.org/article/AA-01495/74/CVE-2017-3140

CVE-2017-3141 is a Windows privilege escalation vector affecting
9.2.6-P2+, 9.3.2-P1+, 9.4.x, 9.5.x, 9.6.x, 9.7.x, 9.8.x, 9.9.0->9.9.10,
9.10.0->9.10.5, 9.11.0->9.11.1, 9.9.3-S1->9.9.10-S1, and 9.10.5-S1.  The
BIND Windows installer failed to properly quote the service paths,
possibly allowing a local user to achieve privilege escalation, if
allowed by file system permissions.

https://kb.isc.org/article/AA-01496/74/CVE-2017-3141

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-06-20 23:14:16 +02:00
Alexandre Esse
79c7873b64 package/kvazaar: needs threads
Fixes:

  http://autobuild.buildroot.net/results/6e1eabd691b8674f61898bc0fe734208d226f965/

Signed-off-by: Alexandre Esse <alexandre.esse.dev@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-06-20 23:13:25 +02:00
Adam Duskett
814346f7d2 DEVELOPERS: Add janus-gateway to Adam Duskett
Signed-off-by: Adam Duskett <aduskett@codeblue.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-06-20 23:10:30 +02:00
Adam Duskett
6842b6774a janus-gateway: add unix-sockets to transport section
Signed-off-by: Adam Duskett <aduskett@codeblue.com>
[Thomas: alphabetic ordering.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-06-20 23:09:49 +02:00
Adam Duskett
0c14c1f5e6 janus-gateway: add mqtt to transport section
Signed-off-by: Adam Duskett <aduskett@codeblue.com>
[Thomas: propagate paho-mqtt dependencies, use alphabetic ordering.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-06-20 23:09:33 +02:00
Adam Duskett
5dc7252d73 janus-gateway: add rabbitmq to transports section
Signed-off-by: Adam Duskett <aduskett@codeblue.com>
[Thomas: propagate rabbitmq-c dependency, use alphabetic ordering.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-06-20 23:09:13 +02:00
Adam Duskett
b447ed4a84 janus-gateway: add websockets to transport section
Signed-off-by: Adam Duskett <aduskett@codeblue.com>
[Thomas: propagate BR2_USE_MMU dependency.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-06-20 23:08:44 +02:00
Adam Duskett
2083c40b54 janus-gateway: add HTTP/REST to a new transport config section
janus-gateway supports many different transports, and currently there
is no implicit way to turn them off or on. Instead, if the dependency
happens to be built, then the transport is enabled.

Create a transports section in the config file and add
BR2_PACKAGE_JANUS_REST as the first transport.

Signed-off-by: Adam Duskett <aduskett@codeblue.com>
[Thomas: propagate thread dependency.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-06-20 22:58:54 +02:00
Thomas Petazzoni
590c4104c1 mtd: switch to a foreach loop for installation
Such a construct allows to bail out if the installation of one of the
program fails, which the current shell-based for loop doesn't do.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-06-20 22:32:36 +02:00
Adam Duskett
67117adc89 mtd: bump to version 2.0.0
This revision includes:
  - Moving from a handwritten makefile to autotools.
  - Restructuring and cleaning up the source tree.
  - Fixing the problems that the patches in the package/mtd directory fixed.

Changes:
  - Move from generic-package to autotools-package in mtd.mk.
  - Remove no longer necessary patches.
  - Update binary locations in mtd.mk
  - Update library/header locations in mtd.mk
  - Remove MTD_ADD_MISSING_LINTL definition from mtd.mk, as it's no longer
    needed.

Tested with toolchains compiled with musl, uclibc, and glibc.

Signed-off-by: Adam Duskett <aduskett@codeblue.com>
[Thomas: additional improvements
 - introduce hidden options BR2_PACKAGE_MTD_JFFS_UTILS,
   BR2_PACKAGE_MTD_UBIFS_UTILS and BR2_PACKAGE_MTD_TESTS that match the
   ./configure options of mtd. Those hidden options select the
   appropriate dependencies checked by the configure script, and are
   selected by the existing per-tool Config.in options.
 - .mk file is changed to handle properly the new hidden options
   BR2_PACKAGE_MTD_JFFS_UTILS, BR2_PACKAGE_MTD_UBIFS_UTILS and
   BR2_PACKAGE_MTD_TESTS.
 - .mk file is changed to properly handle BR2_PACKAGE_ACL, by passing
   --with-xattr/--without-xattr.
 - remove HOST_MTD_BUILD_CMDS and HOST_MTD_INSTALL_CMDS, those are no
   longer needed since we have an autotools-package now.
 - MTD_STAGING_y and MTD_INSTALL_STAGING_CMDS are removed, we use the
   default staging installation commands, that install everything that
   is needed.
 - the MTD_TARGETS_UBI_y variable is merged into MTD_TARGETS_y, as we no
   longer need to distinguish both.
 - integck installation logic is moved into MTD_TARGETS_y.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-06-20 22:32:20 +02:00
Bernd Kuhls
cf57c6aa76 package/x264: bump version
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
[Thomas: update hash file.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-06-20 22:30:57 +02:00
Bernd Kuhls
310e4f07f8 package/x264: disable optional ffmpeg support
In buildroot ffmpeg uses x264 as optional dependency if
BR2_PACKAGE_FFMPEG_GPL is enabled at the same time.

If BR2_PACKAGE_FFMPEG_GPL is disabled and ffmpeg is built without x264
support before x264 itself is build, x264 picks up certain ffmpeg libs
as optional dependency leading to build errors because x264 does not
correctly link statically against ffmpeg.

To avoid a circular dependency and to avoid teaching x264 how to
correctly link statically with ffmpeg we just disable all ffmpeg-
related options.

Fixes
http://autobuild.buildroot.net/results/36a/36abb5b8f3aab57fb7b63056b216b4a58143ee3e/

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-06-20 22:27:05 +02:00
Baruch Siach
3c3d8efd9c lirc-tools: no need to check for clock_gettime
Buildroot no longer supports toolchains with glibc older than 2.17, so there
is no need to check whether librt is required for clock_* system calls.

Cc: Rhys Williams <github@wilberforce.co.nz>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-06-20 22:15:06 +02:00
Baruch Siach
f1f033d8ec openipmi: no need to check for clock_gettime
Buildroot no longer supports toolchains with glibc older than 2.17, so there
is no need to check whether librt is required for clock_* system calls.

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-06-20 22:14:52 +02:00
Baruch Siach
dd8e04a732 liboping: no need to check for clock_gettime
Buildroot no longer supports toolchains with glibc older than 2.17, so there
is no need to check whether librt is required for clock_* system calls.

Cc: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-06-20 22:14:33 +02:00
Baruch Siach
428821de12 e2fsprogs: don't link with librt
Buildroot no longer supports toolchains with glibc older than 2.17, so there
is no need to link with librt for clock_* system calls.

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-06-20 22:14:16 +02:00
Baruch Siach
bd9f9acce4 libv4l: don't link with librt
Buildroot no longer supports toolchains with glibc older than 2.17, so there
is no need to link with librt for clock_* system calls.

The following patches are not renumbered. The noise is too high.

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-06-20 22:13:43 +02:00
Baruch Siach
045eb96407 aiccu: don't link with librt
Buildroot no longer supports toolchains with glibc older than 2.17, so there
is no need to link with librt for clock_* system calls.

Cc: Michael Rommel <rommel@layer-7.net>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-06-20 22:13:15 +02:00
Baruch Siach
87f8ff6d2d swupdate: don't link with librt
Buildroot no longer supports toolchains with glibc older than 2.17, so there
is no need to link with librt for clock_* system calls.

Cc: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-06-20 22:13:03 +02:00
Baruch Siach
533a3321b0 docs/manual: drop mention of removed external toolchains
The CodeSourcery x86 and sh, the ADI Blackfin, and the Xilinx Mircoblaze
external toolchain profiles have all been removed. Update the manual.

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-06-20 22:12:54 +02:00
Baruch Siach
598486cdf7 toolchain-external: update list of toolchains
Remove mention of toolchains the we don't have.

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-06-20 22:12:28 +02:00
Baruch Siach
5b05111250 package: remove CodeSourcery sh dependencies
The CodeSourcery sh toolchain has been removed. Drop negative dependencies on
that toolchain.

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-06-20 22:12:16 +02:00
Baruch Siach
6510a826e1 toolchain: remove CodeSourcery sh toolchain
Since glibc 2.17, executable link command need not include the -lrt option for
clock_* system calls. As a result, over time less and less software packages
bother to check whether to toolchain needs -lrt. We are now at a point where
maintainers refuse to add this complexity into their build system. This
requires Buildroot to carry patches fixing this issue indefinitely.

glibc 2.17 is now 4.5 years old. There is no reason to use an older version
with current software.

This commit removes the predefined profile for CodeSourcery sh toolchain that
is based on glibc 2.16. One may still use the custom external toolchain
support in Buildroot to get this toolchain back, and deal with any build
issues that this toolchain causes.

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-06-20 22:11:47 +02:00
Baruch Siach
06cac6460f toolchain: remove CodeSourcery x86 toolchain
Since glibc 2.17, executable link command need not include the -lrt option for
clock_* system calls. As a result, over time less and less software packages
bother to check whether to toolchain needs -lrt. We are now at a point where
maintainers refuse to add this complexity into their build system. This
requires Buildroot to carry patches fixing this issue indefinitely.

glibc 2.17 is now 4.5 years old. There is no reason to use an older version
with current software.

This commit removes the predefined profile for CodeSourcery x86 toolchain that
is based on glibc 2.16. One may still use the custom external toolchain
support in Buildroot to get this toolchain back, and deal with any build
issues that this toolchain causes.

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-06-20 22:11:29 +02:00
Baruch Siach
e251bdbe8d docs/manual: update external toolchain advantages list
Buildroot can build non-uClibc toolchains internally for quite some time now.
Update the manual text.

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-06-20 22:10:42 +02:00
Dmitrii Kolesnichenko
b3998dc00f libtirpc: Fix build error due to missing stdint.h inclusion
Add patch to fix following error:
| ../../libtirpc-1.0.1/src/xdr_sizeof.c:93:13: error: 'uintptr_t' undeclared (first use in this function); did you mean '__intptr_t'?
|   if (len < (uintptr_t)xdrs->x_base) {
|              ^~~~~~~~~

This error occurs with the latest glibc master version (during the testing I had
glibc commit 92bd70fb85bce57ac47ba5d8af008736832c955a), but doesn't occur with
version 2.25.

Patch includes stdint.h to provide uintptr_t.

It has been submitted upstream:
https://sourceforge.net/p/libtirpc/mailman/message/35850276/

Signed-off-by: Dmitrii Kolesnichenko <dmitrii@synopsys.com>
[Thomas: reformat as Git formatted patch.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-06-20 22:07:32 +02:00
Yegor Yefremov
cdd213170c python-cherrypy: bump to version 10.2.2
Fix license info, add new dependencies and change setup type.

Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-06-20 21:56:00 +02:00
Yegor Yefremov
c63404c6be python-cheroot: new package
Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-06-20 21:54:27 +02:00
Yegor Yefremov
e677a54f55 python-portend: new package
Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-06-20 21:53:53 +02:00
Yegor Yefremov
b6ada8d5f8 python-tempora: new package
Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-06-20 21:50:32 +02:00
Peter Korsgaard
dc30db3cf1 roseapplepi: backport upstream patches to fix build with gcc 6
The recent change to default to gcc 6 for the internal toolchain broke this
defconfig as the u-boot and linux kernel are too old to build with gcc 6.

Fit it by backporting the following commits:

- u-boot: 9b2c282b34 (compiler*.h: sync include/linux/compiler*.h with Linux 4.5-rc6)
- linux:  cb984d101b (compiler-gcc: integrate the various compiler-gcc[345].h files)

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-06-20 21:27:54 +02:00
Alexandre Esse
6aeb2c97c2 v4l2loopback: new package
This package provides a kernel module and utilities in order to use
v4l2loopback virtual devices.  This module allows you to create
"virtual video devices" normal (v4l2) applications will read these
devices as if they were ordinary video devices, but the video will not
be read from e.g. a capture card but instead it is generated by
another application.

Signed-off-by: Alexandre Esse <alexandre.esse.dev@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-06-20 21:25:39 +02:00
Martin Bark
5f3768e3e2 package/nodejs: don't build cctest target
cctest is a test package that is built by default.  We don't use of it
and recently it has been failing to build in the host-nodejs builds
so disable it.

Fixes:
http://autobuild.buildroot.net/results/1d7642073d169de941e74dc3a0efba6e992e2de7
http://autobuild.buildroot.net/results/8801109c1976e1c7a08dc4036c6a38efdbb8cd7e
http://autobuild.buildroot.net/results/6d52bc9fef4c9f12f0091e93c020ab2cd4c4c5a1
http://autobuild.buildroot.net/results/a8b8a781bdea668b657311c68b6f0ca0f74169c7

Signed-off-by: Martin Bark <martin@barkynet.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-06-20 10:43:20 +02:00
Martin Bark
de2c85cec6 package/nodejs: bump version to 8.1.2
See https://nodejs.org/en/blog/release/v8.1.2/

Signed-off-by: Martin Bark <martin@barkynet.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-06-20 10:43:13 +02:00
Thomas Petazzoni
1940a66114 expat: fix patch that doesn't apply properly
Fixes:

  http://autobuild.buildroot.net/results/23f799009ae10c5de2b06a7747a28804818204c2/

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-06-20 07:40:25 +02:00
Vicente Olivert Riera
79ee9b7e69 ntp: enable/disable sntp support depending on BR2_PACKAGE_NTP_SNTP
We already have an option for selecting sntp support in ntp that can be
chosen from the menuconfig, and ntp's configure script has a --with-sntp
option (with its --without counterpart) which can be used for disabling
sntp support in ntp. However, we are not using it. This patch will make
use of it.

Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-06-19 22:11:10 +02:00
Rodrigo Rebello
a97b1e03fe irssi: drop obsolete configure option
The configure option --with-ncurses has been removed in version 1.0.0
and thus is no longer needed.

Signed-off-by: Rodrigo Rebello <rprebello@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-06-19 22:06:15 +02:00
Peter Korsgaard
2e19525f2f irssi: security bump to version 1.0.3
Fixes:

CVE-2017-9468 - Joseph Bisch discovered that Irssi does not properly handle
DCC messages without source nick/host.  A malicious IRC server can take
advantage of this flaw to cause Irssi to crash, resulting in a  denial of
service.

CVE-2017-9469 - Joseph Bisch discovered that Irssi does not properly handle
receiving incorrectly quoted DCC files.  A remote attacker can take
advantage of this flaw to cause Irssi to crash, resulting in a denial of
service.

See https://irssi.org/security/irssi_sa_2017_06.txt for more details.

Remove 0001-Get-back-to-using-pkg-config-to-check-for-OpenSSL.patch as it
applied upstream and drop autoreconf as configure.ac is no longer patched.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-06-19 22:06:10 +02:00
Peter Korsgaard
c0ad6ded01 expat: security bump to version 2.2.1
Fixes:

- CVE-2017-9233 - External entity infinite loop DoS. See:
  https://libexpat.github.io/doc/cve-2017-9233/

- CVE-2016-9063 -- Detect integer overflow

And further more:

- Fix regression from fix to CVE-2016-0718 cutting off longer tag names.

- Extend fix for CVE-2016-5300 (use getrandom() if available).

- Extend fix for CVE-2012-0876 (Change hash algorithm to William Ahern's
  version of SipHash).

Also add an upstream patch to fix detection of getrandom().

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-06-19 22:06:03 +02:00
Carlos Santos
1a050ad9b3 Revert "util-linux: bump to version 2.30"
This reverts commit 088292cfc1 to prevent
breaking the build while we search for the root cause of the problem.

Fixes:
  http://autobuild.buildroot.net/results/7b0b1d8ba0015308724a9677f890e6e63f77e0ad
  http://autobuild.buildroot.net/results/11476388b8b774dc5ca7c9ceb34ea9ad1a4314b9
  http://autobuild.buildroot.net/results/9730d0c4a4001314351a0a116164ba854272db4d
  http://autobuild.buildroot.net/results/4d1440360bddfd0ddbbdddf6077bca0e796f2949
  http://autobuild.buildroot.net/results/f3089d8b8727a526eeb553964711e0066287422e
  http://autobuild.buildroot.net/results/ace6aaad6bee0f4bed44126fea57a090ff2541f9
  http://autobuild.buildroot.net/results/ff460fff5da05d38776eb04e8ada947290248f42
  http://autobuild.buildroot.net/results/a4979169d78938e0cc06e6a69eaac0ab13dc3084
  http://autobuild.buildroot.net/results/84e8c23ecb77a99f9bb70fca9de4a5062414037d
  http://autobuild.buildroot.net/results/d3433ef125b5cfbf8a4b8824c256dbd0ea34b6bb
  http://autobuild.buildroot.net/results/92bc3ae63709dae8cdb8860bd997f72c92ede442
  http://autobuild.buildroot.net/results/d9122512b0d0802c19184eccb5056bf985f74e5b
  http://autobuild.buildroot.net/results/dad980abe5dc72df436b21270797b32435b55392
  http://autobuild.buildroot.net/results/7def156b29011b90a20579b4bad436a7acde498c
  http://autobuild.buildroot.net/results/0bb97b8edc5cea657992cdb083ce9ae79c969f03
  http://autobuild.buildroot.net/results/8f76af2caf7dd08919a20cc1fd848c920512e988
  http://autobuild.buildroot.net/results/3a8ecda0ce63dd67a73d66fbd238072ddb079900
  http://autobuild.buildroot.net/results/8d43e6f00be41fde7163868c5fbc3235097629ed
  http://autobuild.buildroot.net/results/5049aab863707aae09bde540d98ea8063c017e7e
  http://autobuild.buildroot.net/results/e227393a29590b298112dfd8efa4aebe2ffa9294
  http://autobuild.buildroot.net/results/8ad4455dcdfcd991dff728910bdbcfa57f5774a4
  http://autobuild.buildroot.net/results/27947db73e4875df1dbeee35a6ea8ad6a31af0b5
  http://autobuild.buildroot.net/results/5a9cc647e648a61e3c24f929987df356abcdc104
  http://autobuild.buildroot.net/results/eb01bb21f6c942cf8cf067450f016fd3893cc7cd
  http://autobuild.buildroot.net/results/6f7e3f6b4acc93ce695c07199cf6bf643db4386e

Signed-off-by: Carlos Santos <casantos@datacom.ind.br>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-06-19 21:49:35 +02:00
Adam Duskett
5e013cfcdb audit: bump to version 2.7.7
Signed-off-by: Adam Duskett <aduskett@codeblue.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-06-19 21:48:58 +02:00
Vicente Olivert Riera
1874fe1522 gdb: fix full gdb build for MIPS musl
Currently building full gdb for MIPS musl fails because it's trying to
include <sgidefs.h> which is provided by glibc and uClibc, but not by
musl.

However, the kernel headers provide <asm/sgidefs.h> which has the same
definitions, so we can use that one instead.

Backporting a patch that has been sent upstream. Taken from here:

https://sourceware.org/bugzilla/show_bug.cgi?id=21070

Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-06-19 21:47:05 +02:00