GCC defines wchar_t even when wchar support is disabled in uClibc. The
LTC_NO_WCHAR macro triggers a local definition of wchar_t that conflicts
with the GCC defined one. Remove LTC_NO_WCHAR to avoid that.
See also https://github.com/libtom/libtomcrypt/issues/313 for more
discussion about this.
Fixes:
http://autobuild.buildroot.net/results/4ff/4ffb593185f7520d2d9a9cc988aa9c510f253930/
Cc: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Fixes the following security issues:
CVE-2017-9410: fill_buffer_resample function in libmp3lame/util.c heap-based
buffer over-read and ap
CVE-2017-9411: fill_buffer_resample function in libmp3lame/util.c invalid
memory read and application crash
CVE-2017-9412: unpack_read_samples function in frontend/get_audio.c invalid
memory read and application crash
Drop patches now upstream or no longer needed:
0001-configure.patch: Upstream as mentioned in patch description
0002-gtk1-ac-directives.patch: Upstream as mentioned in patch
description/release notes:
Resurrect Owen Taylor's code dated from 97-11-3 to properly deal with GTK1.
This was transplanted back from aclocal.m4 with a patch provided by Andres
Mejia. This change makes it easy to regenerate autotools' files with a simple
invocation of autoconf -vfi.
0003-msse.patch: Not needed as -march <x86-variant-with-msse-support>
nowadays implies -msse.
With these removed, autoreconf is no longer needed.
Also add a hash for the license file while we're at it.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
that allows optional dependencies
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
[Thomas:
- use "luainterpreter" instead of "lua" in the dependencies
- replace with a Git formatted patch that doesn't comment code but
removes it.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Bump the kernel version to 4.13.8.
Tested with qemu 2.9.1 on bios and UEFI virtual machines.
Signed-off-by: Erico Nunes <nunes.erico@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
This is a dependency of docker-engine v2017.07.0-ce.
Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Go 1.9 is required for docker-engine and other Go packages in Buildroot.
Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Fixes:
http://autobuild.buildroot.net/results/ffc/ffc9c10c55c2838ab7002c5ec35244e9bfe46189/
Commit dfa1817d31 (openldap: supports only the real OpenSSL, not LibreSSL)
tried to ensure openldap would only use openssl, but changed the wrong
variable. OPENLDAP_TLS is passed to configure, so it shouldn't be changed:
./configure --target=aarch64-buildroot-linux-gnu .. --with-tls=libopenssl ..
Configuring OpenLDAP 2.4.45-Release ...
checking build system type... x86_64-pc-linux-gnu
checking host system type... aarch64-buildroot-linux-gnu
checking target system type... aarch64-buildroot-linux-gnu
checking for a BSD-compatible install... /usr/bin/install -c
checking whether build environment is sane... yes
checking for gawk... gawk
checking whether make sets $(MAKE)... yes
checking for aarch64-buildroot-linux-gnu-strip... /usr/lfs/v0/rc-buildroot-test/scripts/instance-0/output/host/bin/aarch64-linux-gnu-strip
checking configure arguments... configure: error: bad value libopenssl for --with-tls
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Vivante GPU could be a part of SoC along with any CPU architecture
thus get rid of nonsense dependency.
Signed-off-by: Alexey Brodkin <abrodkin@synopsys.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Vivante GPU could be a part of SoC along with any CPU architecture
thus get rid of nonsense dependency.
Signed-off-by: Alexey Brodkin <abrodkin@synopsys.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
>From the upstream announcement:
http://www.openwall.com/lists/oss-security/2017/10/19/5
Felix Wilhelm has discovered a flaw in the dns response parsing for
musl libc 1.1.16 that leads to overflow of a stack-based buffer.
Earlier versions are also affected.
When an application makes a request via getaddrinfo for both IPv4 and
IPv6 results (AF_UNSPEC), an attacker who controls or can spoof the
nameservers configured in resolv.conf can reply to both the A and AAAA
queries with A results. Since A records are smaller than AAAA records,
it's possible to fit more addresses than the precomputed bound, and a
buffer overflow occurs.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add initial support for bananapi M1 board with below features:
- U-Boot 2017.09
- Linux 4.13.7
- Default packages from buildroot
Cc: Jason <manager@sinovoip.com.cn>
Cc: hailymei@banana-pi.com <hailymei@banana-pi.com>
Signed-off-by: Jagan Teki <jagan@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
The previous version was by mistake mixed up with the patch 'gst-plugins-bad:
openjpeg: Remove compatibility with openjpeg 2.0'
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
glibc is now supported for ARC so let's kick-start autobuilders
with glibc toolchain for ARC HS.
Signed-off-by: Alexey Brodkin <abrodkin@synopsys.com>
Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
This patch fixes a bug with the BR2_TOOLCHAIN_HAS_THREADS variable
handling which causes CGO_ENABLED to be always 0.
Furthermore, it fixes the cross compilation options for the go
compiler: setting CGO_ENABLED should be done only for the target
compiler not the host one.
Signed-off-by: Angelo Compagnucci <angelo.compagnucci@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Acked-by: Christian Stewart <christian@paral.in>
If selected use:
- system/buildroot harfbuzz in case __sync for 4 bytes is supported
- qt harfbuzz otherwise (using QAtomic instead)
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
The gpu_mem option is not using the proper option argument which causes sed to
fail.
+ case "${arg}" in
+ gpu_mem=ome/gportay/output-rpi3-qtwe/images
+ sed -e '/^ome/gportay/output-rpi3-qtwe/images=/s,=.*,=ome/gportay/output-rpi3-qtwe/images,' -i /home/gportay/output-rpi3-qtwe/images/rpi-firmware/config.txt
sed: -e expression #1, char 8: extra characters after command
+ case "${arg}" in
+ gpu_mem=ome/gportay/output-rpi3-qtwe/images
+ sed -e '/^ome/gportay/output-rpi3-qtwe/images=/s,=.*,=ome/gportay/output-rpi3-qtwe/images,' -i /home/gportay/output-rpi3-qtwe/images/rpi-firmware/config.txt
sed: -e expression #1, char 8: extra characters after command
The issue comes from the use of $1 instead of $arg to extract the gpu_mem
value. $1 is the $(BINARIES_DIR) which leads to a sed expression error.
Also, it adds the error flag to the shell script to prevent from such situation
and terminate the build in error.
Signed-off-by: Gaël PORTAY <gael.portay@savoirfairelinux.com>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
This enables support for ARC cores in numpy.
Cherry-picked from
8edd610ffa
Hopefully becomes a part of the next major release (like 1.14).
Signed-off-by: Alexey Brodkin <abrodkin@synopsys.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
This is just a bug-fix release.
Removing 0003-BUG-Ensure-_npy_scaled_cexp-f-l-is-defined-when-need.patch
as it is a part of the release.
Signed-off-by: Alexey Brodkin <abrodkin@synopsys.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
At this point, libressl can be added to the openssl virtual package.
- Remove the entry package/libressl/Config.in from package/Config.in
- Remove the file: package/libressl/Config.in
- Add libressl entry to package/openssl/Config.in
Signed-off-by: Adam Duskett <Adamduskett@outlook.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
wpa_supplicant will not build with LibreSSL without patches, so let's
support only OpenSSL.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
libevent will not build with LibreSSL without patches, so let's
support only OpenSSL.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
openldap will not build with LibreSSL without patches, so let's
support only OpenSSL.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
opusfile will not build with LibreSSL without patches, so let's
support only OpenSSL.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
mosquitto will not build with LibreSSL without patches, so let's
support only OpenSSL.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
ffmpeg will not build with LibreSSL without patches, so let's support
only OpenSSL.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
hostapd will not build with LibreSSL without patches, so let's support
only OpenSSL.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
softether tries to use SSLv3 functionality as a fallback. LibreSSL
doesn't support SSLv3 anymore. Two main issues prevent a patch:
- Trying to wrap the sslv3 functionality from the source with a guard
clause results in linking errors after compiling is done.
- There are multiple security vulnerabilities with using sslv3.
- There are multiple security issues in github pertaining to using
sslv3.
- This project seems to not be updated very often, and the security
issues are being ignored it seems.
For people who still want to use softether, they will have to use
libopenssl.
Signed-off-by: Adam Duskett <Adamduskett@outlook.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
heirloom-mailx has two small issues when compiling against LibreSSL:
- RAND_egd is used (LibreSSL does not support RAND_egd)
Solution: "Guard" the code calling RAND_egd
- SSLv3_client_method function is used (LibreSSL does not support SSLv3)
Solution: "Guard" the code with #ifndef OPENSSL_NO_SSL3
Signed-off-by: Adam Duskett <Adamduskett@outlook.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Some packages that use openssl are not compatible with libressl, only
with the real openssl (known as libopenssl in Buildroot). So before we
add libressl as a provider for the openssl virtual package, we
introduce a BR2_PACKAGE_OPENSSL_FORCE_LIBOPENSSL hidden option that
packages incompatible with LibreSSL will be able to select.
This will allow packages that need OpenSSL to continue using "select",
without having to change to using "depends on" dependencies.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
To ease the transition to having both OpenSSL and LibreSSL, there has to be
a new virtual package introduced to handle both.
Instead of making a libssl, and adding OpenSSL and libressl to that package,
it will be far easier to move openssl to libopenssl and to make OpenSSL
a virtual package. This offers a few advantages:
- BR2_PACKAGE_OPENSSL is still a visible symbol with no dependencies.
- It does not require a huge patch to convert every instance of
OpenSSL -> libssl)
- Users will be able to update without ever having to select anything new.
- LibreSSL can be added at a later date to the virtual package.
Signed-off-by: Adam Duskett <Adamduskett@outlook.com>
[Thomas: define BR2_PACKAGE_PROVIDES_HOST_OPENSSL to the value
"host-libopenssl" as we always want to use the original OpenSSL for
the host variant.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
The Linux 4.0 kernel doesn't build with gcc 6.x, which is used since
the toolchain update in commit
193dfffa83 ("support/testing: use more
recent toolchains"). So let's update to Linux 4.11 instead (like the
existing Qemu x86 defconfig does), and update the kernel configuration
file accordingly.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
The LINUX_KCONFIG_FIXUP_CMDS are meant to deselect any compression
option that are not selected in the buildroot configuration. But it only
deselects the last one in the list instead of all of them because it
overwrites the LINUX_COMPRESSION_OPT_ variable instead of appending to
it. Only the last option set to that variable gets deselected.
This produces the warning:
.config:2216:warning: override: KERNEL_GZIP changes choice state
is emitted when buildroot runs olddefconfig when buildroot configures a
kernel with a custom config that has a different kernel compression
option set to what is configured in buildroot.
Accumulate all the deselected compression options instead of overwriting
them to ensure all non-selected options get deselected..
Signed-off-by: Cam Hutchison <camh@xdna.net>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
With the hard disk crash of autobuild.b.o, we lost old toolchains, so
use the latest toolchains, which have been restored.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
musl has a bug in that <sched.h> defines CPU_ZERO(), which uses
memset(), but it doesn't have the prototype for it. This has been
fixed by upstream musl but until we rebuild our toolchains, let's have
a patch for Boost that works around this problem. We will of course
remove this patch once musl is updated to 1.1.17 and our toolchains
have been rebuilt.
Fixes:
http://autobuild.buildroot.net/results/6884cff634367cb640940051a60e5e13f30f70a2/
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
This reverts commit 95c15aaf15. It was
mistakenly pushed, and causes problems because it installs the shared
library to staging, but not to target.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
