Add 0003-test-asclen-CVE-2018-19540.patch:
If txtdesc->asclen is < 1, the array index of
txtdesc->ascdata will be negative which causes the heap based overflow.
Patch was proposed upstream[1] but upstream is very inactive. Linux
distributions use the same fix to patch their packages.
1: https://github.com/mdadams/jasper/pull/198
Signed-off-by: Michael Vetter <jubalh@iodoru.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add 0002-check-null-in-jp2_decode.patch:
Patch was proposed upstream[1] but upstream is very inactive.
Linux distributions use the same fix to patch their packages.
1: https://github.com/mdadams/jasper/pull/200
Signed-off-by: Michael Vetter <jubalh@iodoru.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add 0001-verify-data-range-CVE-2018-19541.patch:
We need to verify the data is in the expected range. Otherwise we get
problems later.
Patch was proposed upstream[1] but upstream is very inactive. Linux
distributions use the same fix to patch their packages.
1: https://github.com/mdadams/jasper/pull/211
Signed-off-by: Michael Vetter <jubalh@iodoru.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
As already done in post-build.sh, to prevent hiding errors.
Signed-off-by: Carlos Santos <unixmania@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Autobuild has a "version bump" checker that sends message to a package
maintainer if its declared version does not match the latest one on
release-monitoring.org. In case of openpgm the version _is_ the latest one,
but a mismatch is caused by including a "release-" prefix into tags on
upstream and excluding them on other websites when referring to the
package's version.
This also fixes sha256 value for the downloaded archive.
Signed-off-by: Alexander Lukichev <alexander.lukichev@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes:
http://autobuild.buildroot.net/results/3b6/3b6280b0b7a9634b747db2865b21c6266007c725/
The PYTHON_KEEP_PY_FILES global variable conflicts with the per-package
<pkg>_KEEP_PY_FILES variable for the python package, causing make to
complain:
package/zlib/zlib.mk:7: *** Recursive variable 'PYTHON_KEEP_PY_FILES' references itself (eventually). Stop.
As a workaround, rename the global variable to KEEP_PYTHON_PY_FILES so it
cannot conflict with the per-package variable.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add an upstream URL to the help text in Config.in. This
addresses the 'Missing' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Update the upstream URL in the help text in Config.in. This
addresses the 'Invalid(405)' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add an upstream URL to the help text in Config.in. This
addresses the 'Missing' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add an upstream URL to the help text in Config.in. This
addresses the 'Missing' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add an upstream URL to the help text in Config.in. This
addresses the 'Missing' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add an upstream URL to the help text in Config.in. This
addresses the 'Missing' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add an upstream URL to the help text in Config.in. This
addresses the 'Missing' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add an upstream URL to the help text in Config.in. This
addresses the 'Missing' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add an upstream URL to the help text in Config.in. This
addresses the 'Missing' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add an upstream URL to the help text in Config.in. This
addresses the 'Missing' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Update the upstream URL in the help text in Config.in. This
addresses the 'Invalid(406)' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Update the upstream URL in the help text in Config.in. This
addresses the 'Invalid(Err)' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
adds ConditionVirtualization=vmware to vmtoolsd.service
Signed-off-by: Pascal de Bruijn <p.debruijn@unilogic.nl>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
DEVPATH is not a valid substitution in a RUN+=, devpath is:
https://mirrors.edge.kernel.org/pub/linux/utils/kernel/hotplug/udev/udev.html
So use that to get rid of the following warning:
Invalid value "/bin/sh -c 'echo 180 >/sys$DEVPATH/device/timeout'" for RUN
(char 27: invalid substitution type), ignoring, but please fix
Source: https://github.com/vmware/open-vm-tools/pull/376
Signed-off-by: Pascal de Bruijn <p.debruijn@unilogic.nl>
Acked-by: Jérémy Rosen <jeremy.rosen@smile.fr>
[Peter: extend description]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
/usr/lib/udev/rules.d/99-vmware-scsi-udev.rules is marked executable,
causing systemd to complain.
Source: https://github.com/vmware/open-vm-tools/pull/376
Signed-off-by: Pascal de Bruijn <p.debruijn@unilogic.nl>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This is a bugfix release for the stable 0.11 branch. It is recommended
for all users of 0.11.x to upgrade.
Important note for those upgrading: Previous releases did not
automatically expire messages from group chat (MUC) archives, so if
mod_muc_mam was loaded and enabled for a MUC, archives would grow
indefinitely. This is not what most deployments want, therefore
automatic expiry is now implemented and enabled with a default 7 day
retention. You can configure this with the muc_log_expires_after
configuration option, which can be set to "never" to restore the old
behaviour and preserve any existing logs older than 7 days.
For details see:
https://prosody.im/doc/release/0.11.3
Signed-off-by: Michael Vetter <jubalh@iodoru.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Update the upstream URL in the help text in Config.in. This
addresses the 'Missing' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Update the upstream URL in the help text in Config.in. This
addresses the 'Invalid(405)' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Update the upstream URL in the help text in Config.in. This
addresses the 'Invalid(Err)' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add an upstream URL to the help text in Config.in. This
addresses the 'Missing' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Update the upstream URL in the help text in Config.in. This
addresses the 'Invalid(404)' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Update the upstream URL in the help text in Config.in. This
addresses the 'Invalid(405)' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit 7643ab05de
("package/network-manager: drop obsolete dependencies") was a bit too
brutal in its dependency removal, as it forgot that removing dbus-glib
as a dependency would make libglib2 no longer part of the dependencies
of network-manager.
However, network-manager does require libglib2. From configure.ac:
PKG_CHECK_MODULES(GLIB, [gio-unix-2.0 >= 2.37.6 gmodule-2.0],
[AC_SUBST(LOG_DRIVER, '$(top_srcdir)/build-aux/tap-driver.sh')
AC_SUBST(AM_TESTS_FD_REDIRECT, '--tap')],
[PKG_CHECK_MODULES(GLIB, gio-unix-2.0 >= 2.40 gmodule-2.0)
AC_SUBST(LOG_DRIVER, '$(top_srcdir)/build-aux/test-driver')])
So this commit re-adds libglib2 as a dependency, and propagates the
appropriate "depends on". Nothing selects BR2_PACKAGE_NETWORK_MANAGER,
so we don't have to propagate these additional "depends on" anywhere.
Fixes:
http://autobuild.buildroot.net/results/2025b1bd721bb5c5fa6638ccf389d2fd8fd10339/https://bugs.busybox.net/show_bug.cgi?id=12326
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Lubomir Rintel <lkundrak@v3.sk>
Cc: Christian Stewart <christian@paral.in>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Changes include:
- Rename 0002-add-option-to-build-tests.patch to
0002-allow-explicit-disabling-of-tests.patch to work with 2.62.3.
Upstream now has an option called "installed_tests," which can be used to
prevent the unit tests from being built. However, the check only works for
cross-compiling and not host builds, which would mean that the tests still
build when compiling the host variant.
This conditional causes an error on older systems such as Debian8 or Centos7
because the command `objcopy --add-symbol` is used when building the test
"test_resources2," which is not available with the older version of objcopy
provided by those distributions.
Removing the conditionals and checking for just the installed_tests_enabled
option allows for a much simpler patch.
- Change -Dtests=false to -Dinstalled_tests=false in libglib2.mk as per the
above comment.
br-arm-full [1/6]: OK
br-arm-cortex-a9-glibc [2/6]: OK
br-arm-cortex-m4-full [3/6]: SKIPPED
br-x86-64-musl [4/6]: OK
br-arm-full-static [5/6]: OK
sourcery-arm [6/6]: OK
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
go1.13.4 (released 2019/10/31) with fixes to the net/http and syscall packages.
Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The OpenCV Python module does a fairly strange thing to read a few
configuration details: it uses Python's execfile() to execute two .py
files and access a few variables. However, execfile() only works with
.py files and not .pyc files.
When BR2_PACKAGE_PYTHON{,3}_PYC_ONLY=y, the .py files are all removed,
causing the OpenCV Python module to not work:
File "usr/lib/python3.7/site-packages/cv2/__init__.py", line 89, in <module>
File "usr/lib/python3.7/site-packages/cv2/__init__.py", line 58, in bootstrap
File "usr/lib/python3.7/site-packages/cv2/__init__.py", line 56, in load_first_config
ImportError: OpenCV loader: missing configuration file: ['config.py']. Check OpenCV installation.
To fix this problem, this commit uses the newly introduced
<pkg>_KEEP_PY_FILES mechanism, to ensure the important config*.py
files are kept.
Fixes:
https://bugs.busybox.net/show_bug.cgi?id=12171
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
When BR2_PACKAGE_PYTHON{,3}_PYC_ONLY=y, we force remove all .py files
from the system, as they have all been byte-compiled into their .pyc
variants.
However, it turns out that some packages (e.g: OpenCV) do some funky
things with a few .py files: they pass them through Python's
execfile() facility, which only works with .py files and not .pyc
files. It is used by OpenCV for example to read two small
configuration files.
In order to support such use cases, this commit introduces a very
simple mechanism by which packages can exclude some path patterns from
the .py removal: a per-package <pkg>_KEEP_PY_FILES variable that is
collected into a global PYTHON_KEEP_PY_FILES variable, then used by
the python/python3 target-finalize hooks.
This variable is intentionally not documented, this is really a hack
that we ideally would like to see go away, and we'd rather not see its
usage spread too much.
This is necessary to be able to fix bug #12171.
[Peter: check if PYTHON_KEEP_PY_FILES contains non-white space]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
As suggested by Arnout Vandecappelle, this commit adjusts the
generic-package documentation to document the effect of per-package
directory support on HOST_DIR, STAGING_DIR and TARGET_DIR.
Suggested-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
[Peter: change version reference to Buildroot 2020.02]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The pkg-kconfig infrastructure hijacks the regular chain of build
steps to insert its own step to prepare the configuration of kconfig
packages. This additional step may have dependencies of its own, such
as host-flex, host-bison or toolchain.
In the context of per-package directory support, those dependencies
must be copied to the per-package directory of the current package
prior to doing the config preparation. This commit implements this
logic by adding a call to prepare-per-package-directory at the right
spot.
Reported-by: Andreas Naumann <anaumann@ultratronik.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Libtool .la files unfortunately contain a number of absolute paths,
which now refer to per-package directories. Due to this, when building
package A, .la files may contain absolute paths referring to
directories in package B per-package sysroot. This causes some -L
flags referring to other sysroot from being added, which doesn't work
as the linker no longer realizes that such paths are within its
sysroot.
To fix this, we introduce a replacement step of .la files in the
configure step, to make sure all paths refer to this package
per-package directory.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>