in e97fc89e7b a dependency on host-gcc >= 7 was added but
for the comment the condition was not correctly inverted.
Fixes: e97fc89e7b ("package/protobuf-c: bump to version 1.5.0")
Signed-off-by: Michael Nosthoff <buildroot@heine.tech>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 84ef9bede635726542a72af5c61f84914acfe122)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
When BR2_LINUX_KERNEL_IMAGE_TARGET_CUSTOM=y,
BR2_LINUX_KERNEL_IMAGE_TARGET_NAME should be set or the build will
fail. Instead of miserably failing the build, let's catch this earlier
and warn the user in a more informative way.
Related to:
http://autobuild.buildroot.net/results/1d104a051c83bb31e98565369a2ec7badfa21eca/
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit cb4f11a6964902990ce774ff7144b24a1ffd635c)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
When BR2_LINUX_KERNEL_IMAGE_TARGET_CUSTOM=y,
BR2_LINUX_KERNEL_IMAGE_TARGET_NAME is supposed to be non-empty. But in
the context of genraconfig, we don't know to what value
BR2_LINUX_KERNEL_IMAGE_TARGET_NAME can be set, so let's avoid cases
where BR2_LINUX_KERNEL_IMAGE_TARGET_CUSTOM=y. By dropping this option,
kconfig will revert back to the default image format for the selected
architecture.
Fixes:
http://autobuild.buildroot.net/results/1d104a051c83bb31e98565369a2ec7badfa21eca/
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit b07d21ab984d10cbabeb186fbd47d446e027c03b)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
It is not totally clear which update is responsible for the
breakage. The breakage has been occurring for as long as Jan 2022.
Therefore it should be backported to older supported buildroot releases.
Add a patch from Gentoo people, also reported Upstream to fix the
issue.
Fixes:
http://autobuild.buildroot.org/results/abf/abfe66cec3680d396c5774ba492f34599e513edc/
Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 71f36ef9385f860683b5c39a2c3af9f821833c5a)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This is a bugfix release which plugs a couple of small leaks, and
includes patch "0001-Cast-to-EGLNativeWindowType-explicitly.patch",
which can now be removed. Release notes:
https://wpewebkit.org/release/wpebackend-fdo-1.14.3.html
Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit ab3fb12c79e3edd809923f762cafcedd29b9df29)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Generating Bitcoins to an address can take longer than the current
timeout, on slow runners. This commit fixes this issue by increasing
the timeout on specific commands. This issue was also observed more
frequently on newer bitcoin-core version 28.0.
Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/7782083081
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 859c4ea5f74f713777ffa980f1627b46a311bdd4)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Since commit: https://git.postgresql.org/gitweb/?p=postgresql.git;a=commit;h=52afe563206e753f4c45c014fee2459ad0855826
postgrsql fails to build with toolchains without threads support:
misc.c: In function 'ecpg_gettext':
misc.c:541:51: error: 'PTHREAD_MUTEX_INITIALIZER' undeclared (first use in this function)
541 | static pthread_mutex_t binddomain_mutex = PTHREAD_MUTEX_INITIALIZER;
| ^~~~~~~~~~~~~~~~~~~~~~~~~
misc.c:541:51: note: each undeclared identifier is reported only once for each function it appears in
misc.c:552:24: warning: implicit declaration of function 'pthread_mutex_lock' [-Wimplicit-function-declaration]
552 | (void) pthread_mutex_lock(&binddomain_mutex);
| ^~~~~~~~~~~~~~~~~~
misc.c:569:24: warning: implicit declaration of function 'pthread_mutex_unlock' [-Wimplicit-function-declaration]
569 | (void) pthread_mutex_unlock(&binddomain_mutex);
| ^~~~~~~~~~~~~~~~~~~~
Option "--disable-thread-safety" will be dropped in PG 17, so
this patch is needed only for 16.x branch.
Fixes: 73dd1d6b96 ("package/postgresql: security bump version to 16.3")
Signed-off-by: Maxim Kochetkov <fido_max@inbox.ru>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 747a41c19c3ab49981beff8166679a9f49acf0d8)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: He Haorui <hehaorui1999@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 9f3e805428302c16769da78ce6604d5db77fbc39)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The package homepage http url redirects to https. This commit updates
this url to directly use https.
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 5440d6c4464d8dd25c9315e49e97cd91884ccde2)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The package _SITE url only contains the latest version at a given point
in time. When a new version is published, it is replacing the old one.
This issue was not detected because the archive was downloaded from the
sources.buildroot.org backup mirror, when the primary source became
unavailable.
Since commit 559bb33ae "support/testing: do not use s.b.o" [1], the
runtime test infrastructure is disabling this backup mirror. This
makes the nmap runtime test failing [2], which is using liblinear as
a dependency.
The liblinear package author confirmed in a private email that all the
releases, including the latest version, are all kept in the "oldfiles"
directory.
This commit fixes this download issue by updating the _SITE url to that
location. While at it, this commit also change the url to use https
(since the http equivalent redirects to https).
Fixes:
- [2]
[1] 559bb33ae7
[2] https://gitlab.com/buildroot.org/buildroot/-/jobs/7948008007
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 8b18c67f2651ac64e865a1dbd46de60ce8390959)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This fixes the following runtime error when importing PyQt5 in python:
from PyQt5.QtCore import *
ModuleNotFoundError: No module named 'PyQt5.sip'
The problem was likely triggered by the atomic upgrade from 5.7 to
5.15 in b36ce7e. This commit is part of the 2022-2024 LTS.
Signed-off-by: Ralf Dragon <hypnotoad@lindra.de>
Tested-by: Andreas Naumann <anaumann@ultratronik.de>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit ba09a448f1e2e3b3123384ddddeb62d18bfa9461)
[Peter: reword commit summary]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Version environment variable VERSION=$(VERSION) is set in the top level
Makefile of the sysvinit:
$(MAKE) VERSION=$(VERSION) -C src $@
Build command SYSVINIT_BUILD_CMDS doesn't use the top level Makefile, but
src/Makefile instead without setting the VERSION variable, which leads to
undefined VERSION macro in src/init.c.
Add VERSION=$(SYSVINIT_VERSION) to SYSVINIT_MAKE_OPTS to make the VERSION
environment variable available in the src/Makefile.
Signed-off-by: Cody Green <cody@londelec.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 954098b1423d3095112f49a6ac236ddb98236292)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The check-package tool requires some PyPi package to be installed before
it can run. This is typically done by manually installing them into the
user's global Python environment or setting up a virtual environment,
then manually installing each dependency.
Python recently defined a format for managing script dependencies as
inline metadata[1]. This can be used with the `uv` tool to run a Python
script and automatically install the minimum required version of Python
and PyPi dependencies.
With this change, it's now possible to run check-package with
uv run -s ./utils/check-package
Note that, because check-package does not have the '.py' file extension
we must specify the `-s` or `--script` argument. That argument was added
very recently in release 0.4.19[2].
I set the minimum python to 3.9 as that is the oldest version still
supported[3]. I verified 3.9 works by running
uv run -p 3.9 -s ./utils/check-package `git ls-tree -r --name-only HEAD` --ignore-list=.checkpackageignore
[1] https://packaging.python.org/en/latest/specifications/inline-script-metadata/#script-type
[2] https://github.com/astral-sh/uv/releases/tag/0.4.19
[3] https://devguide.python.org/versions/
Signed-off-by: Brandon Maier <brandon.maier@collins.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 6ffcdb52e80b63e68c890aed52ff7f4d00e079b8)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Call out the requirements to run check-package and mention that Docker
can be used to run check-package without installing dependencies.
Signed-off-by: Brandon Maier <brandon.maier@collins.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 68de69c4d7f61ab5da4dd9cad221fb82e9e1abce)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
When compiling jailhouse with BR2_PACKAGE_JAILHOUSE_HELPER_SCRIPTS=y,
installation is failing with error:
/bin/sh: -c: line 1: syntax error near unexpected token ')'
This error is due to an extra ')' character in the macro
JAILHOUSE_INSTALL_HELPER_SCRIPTS.
This commit fixes this typo.
Signed-off-by: Raimundo Sagarzazu <rai.sagarzazu@outlook.com>
[Julien: reworded the commit log]
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 10d25d98edbc75d47f6a8838d91d39e48b12c895)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
I still follow Buildroot development and use it for some personal
projects, but no longer have the time to be an active contributor.
Some of these are important defconfigs and packages to have up-to-date
in Buildroot, and mostly other developers have been doing that work, so
I am dropping them so that someone from the active contributors can be
the maintainer contact for them.
Signed-off-by: Erico Nunes <nunes.erico@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 1dc370cc9009b5362aad5e2e481703f0ca76b4a2)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
See here for a changelog:
https://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-20.10.0.md
Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 5ed6aa0fe30319e250fbe700895cfcd603c495ff)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
I am no longer actively involved in Buildroot.
Signed-off-by: Anisse Astier <anisse@astier.eu>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 91696fbcf1cefe35bf7134b981cdcc3175eb0770)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This vulnerability only affects libcurl deployments in Nest products
because of incorrect use.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 7e739d49b235c1692edbb51dcc23671eaa79fd4f)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
When I initially made the CVE cells collapsible, I neglected to
count the unsure CVEs. This patch adds unsure CVEs to the cell collapsing
calcualation to ensure that cells with lots of unsure CVEs actually get collapsed.
This patch also removes the "+ 1" from the cve_total calculation,
which fixes the cve_total being off-by-one.
I'm not sure *why* I did that in the first place.
demo:
https://sen-h.codeberg.page/pkg-stats-demos/@pages/add-unsure_cves-to-cve_total-calc.html
Signed-off-by: Sen Hastings <sen@hastings.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 87b8428c4017b220afe950aae3a673870698d986)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
We got following error with --enable-static:
checking whether to build static libraries... yes
configure: error: Static linking is not supported as it disables dlopen() and certain security features (e.g. RELRO, ASLR)
Fixes:
http://autobuild.buildroot.org/results/b55/b553898381ff0fdf5dd705fbb11b469b7564c6e6
Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 7b43e248180ad3b3dd1804687bc4457f29a88137)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Security fixes:
- gzip: prevent a hang when processing a malformed gzip inside a gzip
(#2366, OSS-Fuzz)
- tar: don't crash on truncated tar archives (#2364, OSS-Fuzz)
- tar: fix two leaks in tar header parsing (#2377)
Important bugfixes:
- 7-zip: read/write symlink paths as UTF-8 (#2252)
- cpio: exit with an error code if an entry could not be extracted (#2371)
- rar5: report encrypted entries (#2096)
- tar: fix truncation of entry pathnames in specific archives (#2360)
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 55d0c9a9a6f89ed5c4d2e0d25cf499f180a99ee1)
[Peter: mark as security bump]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The denx.de/wiki/U-Boot link now redirects to docs.u-boot.org/en/latest
Replace the link to the new location for the U-Boot documentation
Signed-off-by: Bryan Brattlof <bb@ti.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 164d9f0546372eb076506eebc8f88c6c4a544a36)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Grab commit 778d326740f9893c398f959b419629935b613099 from upstream to
fix the build on mips64 and mips64el when the n32 ABI is used.
Fixes:
http://autobuild.buildroot.net/results/27123bf0ddc84599bceb02ac987327817d498659/
Signed-off-by: Paul Cercueil <paul@crapouillou.net>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
(cherry picked from commit 90167378de)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The 2023.2 version forgets to populate the iHT structure before accessing
it, leading to a segfault. Add a patch submitted upstream to fix that.
Notice that this is fixed in the 2024.1 version as there ReadBinaryFile()
now calls ReadHeaderTableDetails():
3a0f879c61 (diff-404aa20e03f1035b725ac1ea6e64c28477bb65c1663da67f64ffdb1a60552cee)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Reviewed-by: Neal Frager <neal.frager@amd.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add patch to fix build failure introduced in bump to version 8.10.0.
Fixes:
https://autobuild.buildroot.org/results/2d553687a32651f81813c82d7bbf9bb11fd3eca5/
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 16ce77ad7d3a05addc1962b455242199a93f3811)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
For change log, see:
https://github.com/eclipse/mosquitto/blob/v2.0.19/ChangeLog.txt
The change log mention 2 security related fixes.
There is no allocated CVE.
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit bd127d0c3ffc57646f4908264728da4ea074241b)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add a test that runs the dtc commandline tools. To test devicetree
compilation, we use an example devicetree from the dtc project. The
example source is GPL-2.0+ licensed.
Signed-off-by: Brandon Maier <brandon.maier@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
(cherry picked from commit 9b690341602388b54c596c4510d770f58f4ad227)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
linux-pam 1.2.0 removed the use of yywrap, so the flex dependency is not
needed now (host-flex is still needed).
Fixes: #47
Signed-off-by: Damien Thébault <damien.thebault@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
(cherry picked from commit 600e273487baf76d4469bca43d42bd2c4b364db8)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
