Drop patch which is now upstream.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
And switch to PyPi to fetch the source code.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
In GStreamer commit 0a657d6db5ba912b13092a907ea507638cd01cf9, merged
in Gstreamer 1.19.x, the GstAppSinkCallbacks structure was extended
with another field calle new_event. This requires an update in the
WebKit code, without which we have a build failure:
platform/audio/gstreamer/AudioFileReaderGStreamer.cpp:234:5: error: braces around scalar initializer for type ‘gboolean (*)(GstAppSink*, gpointer) {aka int (*)(_GstAppSink*, void*)}’
There are no autobuilder failures, but the issue could be reproduced
using the following defconfig:
BR2_arm=y
BR2_cortex_a8=y
BR2_TOOLCHAIN_EXTERNAL=y
BR2_TOOLCHAIN_EXTERNAL_LINARO_ARM=y
BR2_PACKAGE_QT5=y
BR2_PACKAGE_QT5WEBKIT=y
Signed-off-by: Nicolas Carrier <nicolas.carrier@orolia.com>
[Thomas: find the actual upstream fix and use that, improve the
explanation about the issue in the commit message]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
No release announcement available from upstream this time so we had to
computed the tarball hash ourselves.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Drop BUILD_HACKRF_TOOLS which has never been recognized since the
addition of the package in commit
29b7cc88f4
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Single hyphen commands has been removed since Mender 3.0.0 [1]
The hyphen was added back while fixing check-pkg and shellcheck warnings [2]
[1] fd838ec1b0
[2] 0b350cf756
Signed-off-by: Romain Naour <romain.naour@smile.fr>
Cc: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
It's been ages (5 years at the next release) that we've not installed
host packages in $(HOST_DIR)/usr, but we still have a few packages that
reference it or install things in there.
Drop all of those in one fell swoop.
The run-time test still succeeds, and the following defconfig, which
should exercise all touched packages [*], does build:
BR2_x86_i686=y
BR2_TOOLCHAIN_EXTERNAL=y
BR2_INIT_NONE=y
BR2_SYSTEM_BIN_SH_NONE=y
# BR2_PACKAGE_BUSYBOX is not set
BR2_PACKAGE_GAWK=y
BR2_PACKAGE_GETTEXT=y
BR2_PACKAGE_ABOOTIMG=y
BR2_PACKAGE_DBUS_PYTHON=y
BR2_PACKAGE_OLA=y
BR2_PACKAGE_JIMTCL=y
BR2_PACKAGE_LUA=y
# BR2_PACKAGE_LUA_32BITS is not set
BR2_PACKAGE_ARGPARSE=y
BR2_PACKAGE_PERL=y
BR2_PACKAGE_PHP=y
BR2_PACKAGE_PHP_APCU=y
BR2_PACKAGE_PHP_LUA=y
BR2_PACKAGE_PHP_PAM=y
BR2_PACKAGE_PHP_PECL_DBUS=y
BR2_PACKAGE_PYTHON3=y
BR2_PACKAGE_PYTHON_CRYPTOGRAPHY=y
BR2_PACKAGE_PYTHON_PLY=y
BR2_PACKAGE_PYTHON_PYBIND=y
BR2_PACKAGE_LIBVA=y
BR2_PACKAGE_BIND=y
BR2_PACKAGE_BIND_SERVER=y
BR2_PACKAGE_BIND_TOOLS=y
BR2_PACKAGE_APPARMOR=y
BR2_PACKAGE_APPARMOR_BINUTILS=y
BR2_PACKAGE_APPARMOR_UTILS=y
BR2_PACKAGE_APPARMOR_UTILS_EXTRA=y
BR2_PACKAGE_APPARMOR_PROFILES=y
BR2_PACKAGE_REFPOLICY=y
BR2_PACKAGE_URANDOM_SCRIPTS=y
BR2_PACKAGE_BASH=y
# embiggen-disk to exercise go
BR2_PACKAGE_EMBIGGEN_DISK=y
BR2_TARGET_GRUB2=y
BR2_TARGET_GRUB2_I386_PC=y
BR2_TARGET_GRUB2_I386_EFI=y
[*] exceptions:
- zfs was not tested: it needs a kernel to be built;
- compiler-rt was not tsted: it needs llvm to be built, that takes
ages, and other packages already reference the correct location for
llvm-config, so it was assumed that is OK.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Angelo Compagnucci <angelo.compagnucci@gmail.com>
Cc: Anisse Astier <anisse@astier.eu>
Cc: Antoine Tenart <atenart@kernel.org>
Cc: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Cc: Asaf Kahlon <asafka7@gmail.com>
Cc: Bernd Kuhls <bernd.kuhls@t-online.de>
Cc: Christian Stewart <christian@paral.in>
Cc: Ezequiel Garcia <ezequiel@vanguardiasur.com.ar>
Cc: Francois Perrad <francois.perrad@gadz.org>
Cc: Guillaume William Brs <guillaume.bressaix@gmail.com>
Cc: Hervé Codina <herve.codina@bootlin.com>
Cc: James Hilliard <james.hilliard1@gmail.com>
Cc: José Luis Salvador Rufo <salvador.joseluis@gmail.com>
Cc: Julien Boibessot <julien.boibessot@armadeus.com>
Cc: Julien Olivain <ju.o@free.fr>
Cc: Matt Weber <matthew.weber@collins.com>
Cc: Nicolas Carrier <nicolas.carrier@orolia.com>
Cc: Peter Korsgaard <peter@korsgaard.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Vadim Kochan <vadim4j@gmail.com>
Cc: Yegor Yefremov <yegorslists@googlemail.com>
Reviewed-by: Romain Naour <romain.naour@smile.fr>
---
Changes v1 -> v2:
- fix new instance that have crept in (Romain)
Commit d69d40c029 (package/rustc: add support for Tier 1 and Tier 2
platforms) misspelled the config options for i586 and i686.
They are BR2_x86_i586 and BR2_x86_i686, not BR2_i586 or BR2_i686.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Baruch Siach <baruch@tkos.co.il>
Reviewed-by: Romain Naour <romain.naour@smile.fr>
---
Changes v1 -> v2:
- in commit log: s/BR2_i386_/BR2_x86_/g (Baruch)
- Fix CVE-2021-43306: An exponential ReDoS (Regular Expression Denial
of Service) can be triggered in the jquery-validation npm package,
when an attacker is able to supply arbitrary input to the url2 method
- Fix CVE-2022-31147: The jQuery Validation Plugin (jquery-validation)
provides drop-in validation for forms. Versions of jquery-validation
prior to 1.19.5 are vulnerable to regular expression denial of service
(ReDoS) when an attacker is able to supply arbitrary input to the url2
method. This is due to an incomplete fix for CVE-2021-43306. Users
should upgrade to version 1.19.5 to receive a patch.
- Use LICENSE.md instead of README.md which is available since version
1.14.0 and
96b7036eb4https://github.com/jquery-validation/jquery-validation/releases/tag/1.19.4https://github.com/jquery-validation/jquery-validation/releases/tag/1.19.5
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fix CVE-2022-2309: NULL Pointer Dereference allows attackers to cause a
denial of service (or application crash). This only applies when lxml is
used together with libxml2 2.9.10 through 2.9.14. libxml2 2.9.9 and
earlier are not affected. It allows triggering crashes through forged
input data, given a vulnerable code sequence in the application. The
vulnerability is caused by the iterwalk function (also used by the
canonicalize function). Such code shouldn't be in wide-spread use, given
that parsing + iterwalk would usually be replaced with the more
efficient iterparse function. However, an XML converter that serialises
to C14N would also be vulnerable, for example, and there are legitimate
use cases for this code sequence. If untrusted input is received (also
remotely) and processed via iterwalk function, a crash can be
triggered.
https://github.com/lxml/lxml/blob/lxml-4.9.1/CHANGES.txt
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
The autotools build system was finally removed in favor of meson,
so migrate the package to the meson infra.
Notable changes:
- c11 is required.
- glib is no longer optional.
- there is no option to choose if libcap or neon must be used or not.
- support for libatomic_ops is broken and must be extensively patched.
Signed-off-by: Nicolas Cavallari <nicolas.cavallari@green-communications.fr>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Add python3 dependencies to avoid the following build failure raised
since the addition of the package in commit
27b8d0ba8c:
Makefile:576: *** libffi is in the dependency chain of python3 that has added it to its _DEPENDENCIES variable without selecting it or depending on it from Config.in. Stop.
Fixes:
- http://autobuild.buildroot.org/results/2893c213f49d37a0878dcf14ec68ef991471c70f
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This is pep517 pyo3 build backend that's an alternative to
python-setuptools-rust.
Note that maturin itself uses python-setuptools-rust for
bootstrapping.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Tested-by: Graeme Smecher <gsmecher@threespeedlogic.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
It might be necessary for some packages to define environment variables when calling waf build and waf install.
This is done the same way as the others package types, by defining $(PKG)_MAKE_ENV in .mk.
Signed-off-by: David GOUARIN <david.gouarin@thalesgroup.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Removed dependency to host-perl, not needed anymore after
3f7d05093b
Removed autoreconf, the tarball provided by upstream contains a
configure script.
This configure script however adds /usr/local/include to some tests
which fail for us, instead of patching configure.ac and going through
the autoreconf nightmare again we patch the configure script directly.
Added configure option --without-doc
Added more autoreconf variables to fix cross-compile issues.
Changed "--with-drivers=all" to "--with-drivers=auto" because some new
drivers need packages not provided by buildroot, for example:
configure: error: Powerman client libraries not found, required for
Powerman PDU client driver
Added optional dependency to freeipmi.
Added optional dependency to libusb, for details see
https://github.com/networkupstools/nut/issues/300
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
This defconfig uses mesa3d's i965 DRI driver, but mesa3d no longer has
any DRI driver now, so this defconfig no longer builds.
Switching to the Gallium driver would require access to an actual board
to test, and that was not available when applying the mesa3d bump.
So, better drop this defconfig, and let an interested party reinstate
it, using the Gallium driver.
Note that we do still have the defconfig for the basic, non-graphical
Minnowbaord Max.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Obviously, KMS/DRM/GBM needs gbm so add a dependency on libgbm which was
added by commit 4a541ee932:
checking for gbm... no
configure: error: Package requirements (gbm) were not met:
Package 'gbm', required by 'virtual:world', not found
Fixes:
- http://autobuild.buildroot.org/results/31b3fff9748300e293b4efb5615176ccce48dd15
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
We used to have a BR2_TOOLCHAIN_HAS_THREADS dependency at the
top-level BR2_PACKAGE_GLSLSANDBOX_PLAYER option to make sure that at
least one of them windowing system was selectable.
However, thanks to the recent introduction of the support for the null
windowing system, we now have a windowing system that doesn't require
any special feature, so we can drop this dependency from the top-level
option.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This nullws doesn't need any extra dependency other than the EGL/GLES
ones, which will help simplify the glslsandbox-player package.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
mender-connect is a daemon responsible for handling bidirectional (websocket)
communication with the Mender server. The daemon is responsible for
implementing a range of troubleshooting features to the device as well as
several enhancement to the mender-client.
Signed-off-by: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
