In master, we backported a patch from upstream, to fix running on python
3.10. But at the same time, on next, we bumped the version, where that
change was present.
Now, next has been merged back into master, and the patch obviously does
not apply anymore.
Remove the patch, it is no longer needed.
Fixes:
http://autobuild.buildroot.net/results/b76/b76b1ab80bdf1b7731731f2f561c5b64e9716513/http://autobuild.buildroot.net/results/f9e/f9e07621d345a9bca0be1b0a53bdb21e363d2e90/
...
Signed-off-by: Yann E. MORIN <yann.morin@orange.com>
Cc: Marcus Hoffmann <marcus.hoffmann@othermo.de>
Cc: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The qt5xmlpatterns package exhibits gcc bug 90620 [0] when built for the
Microblaze architecture with optimization enabled, which causes a build
failure.
As done for other packages in Buildroot work around this gcc bug by
setting optimization to -O0 if BR2_TOOLCHAIN_HAS_GCC_BUG_90620=y.
Fixes:
http://autobuild.buildroot.net/results/346/346e6d502a8927c8e95eea156f5b2943a85d0a6b/
[0] https://gcc.gnu.org/bugzilla/show_bug.cgi?id=90620
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
This release fixes a lot of bugs found by fuzzing, and fuzzing coverage
has improved much. Also, compression should be better but a little
slower. Speedups for 64-bit ARM have been implemented. Encoding and
decoding 32 bps PCM is now possible.
- Drop sha1 (not provided anymore)
- Drop patch (already in version) and so autoreconf
- Update hash of COPYING.Xiph (year updated with:
10d7ce268b)
https://github.com/xiph/flac/releases/tag/1.4.0
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
This is a maintenance release that includes improvements and bug fixes.
https://github.com/wolkykim/qlibc/releases/tag/v2.4.6
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
This reverts commit c28b27032b.
This still broke packages using certain older autoconf versions (E.G. 2.13
as used by thttpd/wipe).
Acked-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This release fixes a compiler error when using glibc 2.36.
Signed-off-by: Frank Hunleth <fhunleth@troodon-software.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The POLKIT_IGNORE_CVES variable was missing a "S",
therefore the CVE still showed up in the wrong column.
Signed-off-by: Daniel Lang <d.lang@abatec.at>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Using a custom Xtensa configuration requires an overlay that provides
that configuration; not providing an overlay is like using the default
configuration, BR2_xtensa_fsf, so there would be no point in that case
in requesting a custom configuraiton.
Make providing an overlay mandatory for custom configurations.
Fixes:
http://autobuild.buildroot.org/results/f0b/f0ba47d2534aeb3cc2921124aa639ae3aa072b9b
xtensa-buildroot-linux-uclibc/bin/ld: ldso/ldso/ld-uClibc_so.a(ldso.oS): compiled for a big endian system and target is little endian
[1] https://gcc.gnu.org/git/?p=gcc.git;a=blob;f=include/xtensa-config.h;hb=2ee5e4300186a92ad73f1a1a64cb918dc76c8d67#l28
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Max Filippov <jcmvbkbc@gmail.com>
[yann.morin.1998@free.fr:
- always require an overlay for custom configurations, not just for
little endian ones
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
This is a small bugfix release which solves a coupld of build issues.
Release notes:
https://wpewebkit.org/release/cog-0.14.1.html
Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
With the move to 5.19-rc1, the ethernet interface is now supported.
Configure it using DHCP at startup.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Opensbi is now based on 1.1, U-Boot on 2022.07-rc3 and Linux on 5.19-rc1.
We don't yet support 5.19 kernel headers, so use 5.17 instead.
The incompatibility between opensbi and u-boot is now fixed, so drop
0001-arch-riscv-dts-sun20i-d1.dtsi-adjust-plic-compatible.patch.
The updated device tree in the kernel tree no longer specifies a memory
node (and the board exists in 512M/1G/2G variants, so instead use the
(otherwise identical) device tree provided by u-boot, where the memory
node is fixed up based on the detected memory size.
On riscv, the linux kernel unconditionally wants to build its bundled
dtc, so it needs flex and bison, even if it is not going to build any
DTB. We can get flex and bison either via the system ones, or we get
them as they are in LINUX_KCONFIG_DEPENDENCIES. However, relying on this
is a bit fragile, so we keep asking the kernel to build a DTB, so that
we do ensure that our host-{flex,bison} are built and in the dependency
chain of the kernel (for PPD).
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
[yann.morin.1998@free.fr:
- extend on why we keep building a DTB from the kernel
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
go1.19.1 includes security fixes to the net/http and net/url packages, as well
as bug fixes to the compiler, the go command, the pprof command, the linker, the
runtime, and the crypto/tls and crypto/x509 packages.
https://github.com/golang/go/issues?q=milestone%3AGo1.19.1+label%3ACherryPickApproved
Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
go1.18.6 includes security fixes to the net/http package, as well as bug fixes
to the compiler, the go command, the pprof command, the runtime, and the
crypto/tls, encoding/xml, and net packages.
https://github.com/golang/go/issues?q=milestone%3AGo1.18.6+label%3ACherryPickApproved
Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Sub-options of a kconfig symbol are only preperly indented below that
sybol, if there is no inter-mixed sylbols or comments.
In this vase, the comment about perf being unavailable is in-between the
perf symbol and the sub-options, which means the perf options are int
indented.
Move the comment before the definition of perf, so that the options
directly follow the per fsymbol, and so they are properly indented.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Use the mainline ATF as it supports the Pine64 ROCKPro64 board.
Fixes:
- https://gitlab.com/buildroot.org/buildroot/-/jobs/2812054016
Signed-off-by: Gwenhael Goavec-Merou <gwenhael.goavec-merou@trabucayre.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
package/gcc/11.3.0/0005-rs6000-Improve-.machine.patch:4: generate your patches with 'git format-patch -N'
package/gcc/11.3.0/0006-rs6000-Do-not-use-rs6000_cpu-for-.machine-ppc-and-pp.patch:4: generate your patches with 'git format-patch -N'
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
lots of fixes but most importantly:
- don't allow unknown operational/admin states (CVE-2022-29799, CVE-2022-29800)
Signed-off-by: Michael Nosthoff <buildroot@heine.tech>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
OpenLayers changed its release format again, only two weeks after the
previous change. The good news is, though, that they now ship a
single release archive that includes the compiled JavaScript code
together with the source code. Furthermore, they ship both code with
a single license, which file is part of the archive.
Hence, we still do not need to rely on host-nodejs for this package,
at least not for this version.
Signed-off-by: Thomas Claveirole <thomas.claveirole@green-communications.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
lots of fixes but most importantly:
- don't allow unknown operational/admin states (CVE-2022-29799, CVE-2022-29800)
Signed-off-by: Michael Nosthoff <buildroot@heine.tech>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
host-python-pillow was needed to build optee-os from STMicroelecronics
during its rc versions but is is not needed anymore in the release.
It is then useless to keep this support.
Signed-off-by: Kory Maincent <kory.maincent@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
host-python-pillow dependency was needed to build the STMicroelecronics
version during its rc versions but is is not needed anymore in the release.
It is then useless to keep this dependency.
Signed-off-by: Kory Maincent <kory.maincent@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Following the switch to Glibc as the default libc in Buildroot [1],
all defconfigs expecting uClibc with wchar (or any other uClibc
specific option) should now select BR2_TOOLCHAIN_BUILDROOT_UCLIBC too.
Even if all defconfigs has been tested with uClibc, maintainers
prefer to not enforce a C library and use the default of Buildroot,
which is now glibc.
This commit remove uClibc specific options BR2_TOOLCHAIN_BUILDROOT_WCHAR,
BR2_PTHREAD_DEBUG (required by gdb) and BR2_TOOLCHAIN_BUILDROOT_USE_SSP.
Since glibc always has argp built-in, also remove the standalone one
from affected toolchains...
Fixes:
https://gitlab.com/kubu93/buildroot/-/jobs/2911738579
[1] 4057e36ca9
[2] http://lists.busybox.net/pipermail/buildroot/2022-August/649998.html
Signed-off-by: Romain Naour <romain.naour@gmail.com>
[yann.morin.1998@free.fr: also drop argp-standalone]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
gcc 11.3.0 contains a backported patch [1] that introduce
a regression for old powerpc cpus like the powerpc 7400 (G4).
The glibc crash the init process due to a wrong asm machine
directive (.machine).
Run /sbin/init as init process
init[1]: segfault (11) at 7369693e nip 6f6e08 lr 6f6a68 code 1 in libc.so.6[690000+18f000]
init[1]: code: 280a000c 41c1ffe0 811edb80 554a103a 7d48502e 7d4a4214 7d4903a6 4e800420
init[1]: code: 2c08007a 4bffffbc 89290000 5529103a <7d2a482e> 2c090000 41c2ff78 7fe4fb78
Kernel panic - not syncing: Attempted to kill init! exitcode=0x0000000b
Backport two patches from the gcc-11 stable branch (the upcoming gcc
11.4.0).
[1] https://gcc.gnu.org/git/?p=gcc.git;a=commitdiff;h=3cb53c10831be59d967d9dce8e7980fee4703500
Fixes:
https://gitlab.com/kubu93/buildroot/-/jobs/2976071284
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Joel Stanley <joel@jms.id.au>
Reviewed-by: Joel Stanley <joel@jms.id.au>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fix the following security vulnerabilities:
- [Low] Fault injection attack on RAM via Rowhammer leads to ECDSA key
disclosure. Users doing operations with private ECC keys such as
server side TLS connections and creating ECC signatures, who also
have hardware that could be targeted with a sophisticated Rowhammer
attack should update the version of wolfSSL and compile using the
macro WOLFSSL_CHECK_SIG_FAULTS.
- [Low] In wolfSSL version 5.3.0 if compiled with
--enable-session-ticket and the client has non-empty session cache,
with TLS 1.2 there is the possibility oàf a man in the middle passing
a large session ticket to the client and causing a crash due to an
invalid free. There is also the potential for a malicious TLS 1.3
server to crash a client in a similar manner except in TLS 1.3 it is
not susceptible to a man in the middle attack. Users on the client
side with –enable-session-ticket compiled in and using wolfSSL
version 5.3.0 should update their version of wolfSSL.
- [Low] If using wolfSSL_clear to reset a WOLFSSL object (vs the normal
wolfSSL_free/wolfSSL_new) it can result in runtime issues. This
exists with builds using the wolfSSL compatibility layer
(--enable-opnesslextra) and only when the application is making use
of wolfSSL_clear instead of SSL_free/SSL_new. In the case of a TLS
1.3 resumption, after continuing to use the WOLFSSH object after
having called wolfSSL_clear, an application could crash. It is
suggested that users calling wolfSSL_clear update the version of
wolfSSL used.
- Potential DoS attack on DTLS 1.2. In the case of receiving a
malicious plaintext handshake message at epoch 0 the connection will
enter an error state reporting a duplicate message. This affects both
server and client side. Users that have DTLS enabled and in use
should update their version of wolfSSL to mitigate the potential for
a DoS attack.
https://github.com/wolfSSL/wolfssl/releases/tag/v5.5.0-stable
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Docker Compose v2 is no longer a standalone component, but is now a
plugin loaded by docker-cli.
As such, it should not be installed in /usr/bin, but in the directory
where docker-cli loads its plugins from.
Additionally, we consequently make docker-compose depend on docker-cli;
indeed, it does not really make sense to present a plugin unless the
component it attaches to is already enabled [0].
License hash changed due to strictly copying the license text template,
without customisation to the year and copyright owner.
[0] the original submission by Christian would use a select, to keep
existing config, but that's not sensible, as we already have some
packages that are plugins and that use depends-on, like nginx plugins.
For consistency and as it semantically makes sense, we use a depends-on
here too.
Signed-off-by: Christian Stewart <christian@paral.in>
[yann.morin.1998@free.fr:
- don't select docker-cli, but depends-on it; explain it in commit log
- explain why we override the install commands
- explain change in license file hash
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
- drop a patch (already in version)
- update Copyright.txt (changed from 1995-2021 to 1995-2022)
Signed-off-by: Sergio Prado <sergio.prado@e-labworks.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fix the following build failure with gcc 4.8 raised since commit
8b42bbf30a:
/home/buildroot/autobuild/run/instance-1/output-1/build/sconeserver-8d1935919a2013358993a8e9dfa992cbde56e503/http/AuthRealmDB.cpp: In member function 'virtual std::string http::AuthRealmDB::lookup_hash(const string&)':
/home/buildroot/autobuild/run/instance-1/output-1/build/sconeserver-8d1935919a2013358993a8e9dfa992cbde56e503/http/AuthRealmDB.cpp:93:3: error: 'unique_ptr' is not a member of 'std'
std::unique_ptr<scx::DbQuery> query(m_db->object()->new_query(
^
Fixes:
- http://autobuild.buildroot.org/results/198c23f1de5cc90efe2d3b4ce053939457e003f7
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
