Commit Graph

70218 Commits

Author SHA1 Message Date
Michael Nosthoff
3d1cafbb87 package/json-for-modern-cpp: bump to version 3.11.3
This release fixes some bugs found in the 3.11.2 release.
https://github.com/nlohmann/json/releases/tag/v3.11.3

Signed-off-by: Michael Nosthoff <buildroot@heine.tech>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 47e01f7e70)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2024-01-05 11:52:49 +01:00
Peter Korsgaard
7c72381423 package/xwayland: libdrm is required, not optional
Fixes:
http://autobuild.buildroot.net/results/476/47665d417dbae76bf27e805a5bcb1d8d6ab1f445/

xwayland unconditionally includes xf86drm.h, so libdrm is required and not
optional:

grep -rs xf86drm.h
glamor/glamor_egl.c:#include <xf86drm.h>
hw/xwayland/xwayland-glamor.h:#include <xf86drm.h>
hw/xwayland/xwayland-glamor-eglstream.c:#include <xf86drm.h>
hw/xwayland/xwayland-window.h:#include <xf86drm.h>
hw/xwayland/xwayland-drm-lease.c:#include <xf86drm.h>
hw/xwayland/xwayland-glamor-gbm.c:#include <xf86drm.h>

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 797de283c7)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2024-01-05 11:52:12 +01:00
Peter Korsgaard
3a8bd9fdb9 package/xwayland: security bump to version 23.2.2
Fixes the following security issues:

- CVE-2023-5367 X.Org server: OOB write in
  XIChangeDeviceProperty/RRChangeOutputProperty

For details, see the advisory:
https://lists.x.org/archives/xorg-announce/2023-October/003430.html

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit d6f0a8735e)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2024-01-05 11:46:44 +01:00
Peter Korsgaard
07c91947be package/xserver_xorg-server: security bump to version 21.1.9
Fixes the following security issues:

- CVE-2023-5367 X.Org server: OOB write in
  XIChangeDeviceProperty/RRChangeOutputProperty

- CVE-2023-5380: Use-after-free bug in DestroyWindow

- CVE-2023-5574: Use-after-free bug in DamageDestroy

For details, see the advisory:
https://lists.x.org/archives/xorg-announce/2023-October/003430.html

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 36a9ec8921)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2024-01-05 11:45:16 +01:00
Yann E. MORIN
c794ede3e9 doc/manual: rsync is not optional
rsync is used in the infrastructure, mostly for the per-package infra,
and for the override-srcdir mechanism, but also to build the manual.
As such, it is not optional but mandatory, and already listed so.

Drop the reference to rsync from the list of optional packages.

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit b79fb3c224)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2024-01-05 11:42:13 +01:00
Peter Korsgaard
ae514155a1 package/libcurl: security bump to version 8.5.0
Fixes the following security issues:

- CVE-2023-46218: cookie mixed case PSL bypass

  This flaw allows a malicious HTTP server to set "super cookies" in curl
  that are then passed back to more origins than what is otherwise allowed
  or possible.  This allows a site to set cookies that then would get sent
  to different and unrelated sites and domains.

  https://curl.se/docs/CVE-2023-46218.html

- CVE-2023-46219: HSTS long file name clears contents

  When saving HSTS data to an excessively long file name, curl could end up
  removing all contents, making subsequent requests using that file unaware
  of the HSTS status they should otherwise use.

  https://curl.se/docs/CVE-2023-46219.html

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit aaa9438b96)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2024-01-05 11:41:59 +01:00
Romain Naour
14a8579cd0 support/testing: TestDtbocfg: bump kernel to 5.10.202
The prebuilt kernel has been updated to 5.10.202, sync the kernel
built by TestDtbocfg.

Signed-off-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 0c0cd720c5)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2024-01-05 11:40:38 +01:00
Romain Naour
dad5eb46da support/testing: InitSystemSystemdBaseOverlayfs: bump kernel to 5.10.202
The prebuilt kernel has been updated to 5.10.202, sync the kernel
built by InitSystemSystemdBaseOverlayfs.

Signed-off-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit f6254689f8)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2024-01-05 11:40:11 +01:00
Romain Naour
02fc3473e1 support/testing: bump prebuilt kernel to 5.10.202
As reported on the mailing list [1], TestPolkitSystemd and
TestPolkitInitd are failing since we bumped the Bootlin toolchain
2023.08 [2].

The issue is caused by expat (XML library) package detecting
arc4random_buf() introduced by glibc 2.36 [3].

With arc4random_buf() support enabled, expat hang Polkit while reading
its policy files (XML files) due to a lack of entropy on the system.

Upgrading the kernel allows to avoid such issue thanks to
random_get_entropy_fallback() introduced in 5.10.119 (backpored) [4].

Build the vexpress-v2p-ca9 (armv7) 5.10.202 using the kernel
configuration file found in /proc/config.gz but with additional kernel
options provided by SYSTEMD_LINUX_CONFIG_FIXUPS. Indeed some kernel
options requested by systemd were missing in 5.10.7 kernel.

Build the versatile-pb (armv5) kernel using the same kernel
configuration as qemu_arm_versatile_defconfig but with additional
kernel options like for vexpress-v2p-ca9. While at it, enable
IKCONFIG_PROC option to provide the kernel configuration at runtime
in /proc/config.gz.

Runtime tested:
https://gitlab.com/kubu93/buildroot/-/pipelines/1097887826 (tests.package.test_polkit.TestPolkit*)
https://gitlab.com/kubu93/buildroot/-/pipelines/1097705399 (tests.init.*)

Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/5689309948 (TestPolkitSystemd)
https://gitlab.com/buildroot.org/buildroot/-/jobs/5689309947 (TestPolkitInitd)

[1] http://lists.busybox.net/pipermail/buildroot/2023-December/680445.html
[2] 452365a385
[3] https://sourceware.org/git/?p=glibc.git;a=commit;h=6f4e0fcfa2d2b0915816a3a3a1d48b4763a7dee2
[4] https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=fdca775081527364621857957655207d83035376

Signed-off-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 241a8b0615)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2024-01-05 11:28:34 +01:00
Peter Korsgaard
69a90b0739 boot/arm-trusted-firmware: fix fiptool linking issue on hosts without openssl
Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/5834758777

Commit e7d16c35a (boot/arm-trusted-firmware: fix the RPATH of fiptool) tried
to fix the build of host-fiptool, but forgot to pass HOST_CFLAGS.

On hosts without (compatible) openssl development headers, this breaks
the build when it cannot find the openssl headers:

fiptool_platform.h:19:11: fatal error: openssl/sha.h: No such file or directory

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit e6ef64d955)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2024-01-05 08:30:06 +01:00
Peter Korsgaard
386bcabcda package/gstreamer1-editing-services: bump to version 1.22.7
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit cf69c8be47)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2024-01-04 21:01:54 +01:00
Peter Korsgaard
147b3aef88 package/gst-omx: bump to version 1.22.7
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 3f1560904f)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2024-01-04 21:01:53 +01:00
Peter Korsgaard
869c1c8d37 package/gst1-vaapi: bump to version 1.22.7
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 5c13e67fa0)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2024-01-04 21:01:52 +01:00
Peter Korsgaard
776e237126 package/gst1-rtsp-server: bump to version 1.22.7
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit ff76ede773)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2024-01-04 21:01:51 +01:00
Peter Korsgaard
9f1369eade package/gst1-python: bump to version 1.22.7
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 84d02fa2e8)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2024-01-04 21:01:51 +01:00
Peter Korsgaard
43c6a32de1 package/gst1-libav: bump to version 1.22.7
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit fcf9f0accf)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2024-01-04 21:01:50 +01:00
Peter Korsgaard
647aae2148 package/gst1-devtools: bump to version 1.22.7
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 5072596f6f)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2024-01-04 21:01:49 +01:00
Peter Korsgaard
a0fe90a27a package/gst1-plugins-ugly: bump to version 1.22.7
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 5ca7309b81)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2024-01-04 21:01:48 +01:00
Peter Korsgaard
a886ecd9fb package/gst1-plugins-bad: security bump to version 1.22.7
Fixes the following security issues:

CVE-2023-44429: Heap-based buffer overflow in the AV1 codec parser when
handling certain malformed streams before GStreamer 1.22.7.

https://gstreamer.freedesktop.org/security/sa-2023-0009.html

CVE-2023-44446: Use-after-free (read) in the MXF demuxer when handling
certain files before GStreamer 1.22.7.

https://gstreamer.freedesktop.org/security/sa-2023-0010.html

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 22c1b4d356)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2024-01-04 21:01:48 +01:00
Peter Korsgaard
f09b54312d package/gst1-plugins-good: bump to version 1.22.7
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 0894009b1a)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2024-01-04 21:01:47 +01:00
Peter Korsgaard
c9b6f41c43 package/gst1-plugins-base: bump to version 1.22.7
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 839606b8b1)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2024-01-04 21:01:46 +01:00
Peter Korsgaard
0f887e8d41 package/gstreamer1: bump to version 1.22.7
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 4b55557986)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2024-01-04 21:01:07 +01:00
Neal Frager
c276902ffa board/zynq/readme.txt: update doc for zc702
Update the zynq readme.txt to add documentation for the zc702 and correct
documentation that was no longer up to date.

Signed-off-by: Neal Frager <neal.frager@amd.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 9675f6150c)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2024-01-04 21:00:26 +01:00
Fabrice Fontaine
cf19090b83 package/erlang: fix build without DES
Fix the following build failure without DES raised since bump to version
26.0.2 in commit 2cfa86a548:

cipher.c:51:42: error: 'EVP_des_ede3_cbc' undeclared here (not in a function); did you mean 'SN_des_ede3_cbc'?
   51 |     {{"des_ede3_cbc"}, "des-ede3-cbc", {&EVP_des_ede3_cbc}, 0, 0},
      |                                          ^~~~~~~~~~~~~~~~
      |                                          SN_des_ede3_cbc

Fixes:
 - http://autobuild.buildroot.org/results/1aace0ee738f8ec4aa2c9a739fc7535c3b6bf884

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 82c0253090)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2024-01-03 13:04:55 +01:00
Louis Chauvet
678146f2ad boot/arm-trusted-firmware: fix the RPATH of fiptool
The arm-trusted-firmware package builds a host tool called "fiptool",
which is used during the build process of arm-trusted-firmware
itself. This tool links against the OpenSSL host library, and
therefore needs to be built with the correct RPATH pointing to
$HOST_DIR/lib.

This is why commit a957d9a90a
("boot/arm-trusted-firmware: build fiptool separately with dependency
o n host-openssl") added the ARM_TRUSTED_FIRMWARE_BUILD_FIPTOOL
variable, which builds the fiptool tool first, with the right
variables set, before invoking the full build of TF-A. This ensured
that fiptool was built with the correct RPATH.

However, more recent versions of TF-A have modified their Makefile
machinery, and fiptool is being rebuilt even if it was built
before. Unfortunately, this rebuild is no longer done with the right
flags, so we end up with a fiptool binary that no longer has the right
RPATH, and fiptool fails to find the OpenSSL libraries from
$HOST_DIR/lib.

In order to fix this, we take a different approach: we do not build
fiptool separately first, but we inject the necessary flags through
the HOSTCC variable. Indeed, there's no HOST_LDFLAGS or HOST_LDLIBS
variable or similar that would allow us to pass the -Wl,-rpath flag
that is needed. Shoe-horning this flag into HOSTCC gets the job done,
and actually simplifies our arm-trusted-firmware.mk.

This patch break the compatibility with version prior to 1.4 (upstream
commit 72610c4102990 ("build: Introduce HOSTCC flag")). v1.4 is very old
(July 2017), not used anymore in-tree and probably not used anymore
outside the tree.

Signed-off-by: Louis Chauvet <louis.chauvet@bootlin.com>
Co-authored-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit e7d16c35ae)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2024-01-03 12:04:45 +01:00
Christian Stewart
ad6bc91a0a package/go: security bump to v1.21.5
Fixes the following CVEs:

CVE-2023-39326: net/http: limit chunked data overhead
CVE-2023-45285: cmd/go: go get may unexpectedly fallback to insecure git

https://go.dev/doc/devel/release#go1.21.5

Signed-off-by: Christian Stewart <christian@aperture.us>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit b81b82da3e)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-12-10 13:58:41 +01:00
Bernd Kuhls
03bf8df2e6 package/php: security bump version to 8.2.13
"This is a security release" according to the upstream release notes:
https://news-web.php.net/php.announce/369

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 0a54c46054)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-12-10 13:56:52 +01:00
Peter Korsgaard
954aeb7c72 Update for 2023.11
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-12-04 09:08:32 +01:00
Fabrice Fontaine
6517a7f4bc package/lttng-modules: bump to version 2.13.10
This bump will fix the following build failures with kernel >= 6.3.0
thanks to
f3559e5b06
and
939200ef16:

In file included from /home/buildroot/autobuild/instance-1/output-1/build/lttng-modules-2.13.7/./src/lttng-ring-buffer-client.h:16,
                 from /home/buildroot/autobuild/instance-1/output-1/build/lttng-modules-2.13.7/./src/lttng-ring-buffer-client-discard.c:16:
/home/buildroot/autobuild/instance-1/output-1/build/lttng-modules-2.13.7/./src/../include/lttng/events-internal.h:292:9: error: unknown type name ‘uuid_le’
  292 |         uuid_le uuid;                   /* Trace session unique ID (copy) */
      |         ^~~~~~~

[...]

/home/thomas/autobuild/instance-3/output-1/build/lttng-modules-2.13.7/./src/lib/ringbuffer/ring_buffer_mmap.c: In function ‘lib_ring_buffer_mmap_buf’:
/home/thomas/autobuild/instance-3/output-1/build/lttng-modules-2.13.7/./src/lib/ringbuffer/ring_buffer_mmap.c:116:23: error: assignment of read-only member ‘vm_flags’
  116 |         vma->vm_flags |= VM_DONTEXPAND;
      |                       ^~

https://github.com/lttng/lttng-modules/blob/v2.13.10/ChangeLog

Fixes:
 - http://autobuild.buildroot.org/results/7b8f57262a02cd9aaa953a9d8666646bae1cc655

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-12-04 08:30:34 +01:00
Fabrice Fontaine
df812ace32 package/wireshark: security bump to version 4.0.11
Fix CVE-2023-6174: SSH dissector crash in Wireshark 4.0.0 to 4.0.10
allows denial of service via packet injection or crafted capture file

https://www.wireshark.org/security/wnpa-sec-2023-28
https://www.wireshark.org/security/wnpa-sec-2023-29
https://www.wireshark.org/docs/relnotes/wireshark-4.0.11.html

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-12-04 08:29:58 +01:00
Fabrice Fontaine
d20329ed76 package/mariadb: security bump to version 10.11.6
This bump will fix the following build failure raised since bump of fmt
to version 10.1.0 in commit 619b5585d9
thanks to
f4cec369a3:

-- Performing Test HAVE_SYSTEM_LIBFMT
-- Performing Test HAVE_SYSTEM_LIBFMT - Failed

[...]

-- Downloading...
   dst='/home/buildroot/autobuild/instance-3/output-1/build/mariadb-10.11.4/extra/libfmt/src/8.0.1.zip'
   timeout='none'
   inactivity timeout='none'
-- Using src='https://github.com/fmtlib/fmt/archive/refs/tags/8.0.1.zip'
CMake Error at libfmt-stamp/download-libfmt.cmake:170 (message):
  Each download failed!

    error: downloading 'https://github.com/fmtlib/fmt/archive/refs/tags/8.0.1.zip' failed
          status_code: 1
          status_string: "Unsupported protocol"
          log:
          --- LOG BEGIN ---
          Protocol "https" not supported or disabled in libcurl

This bump will also fix CVE-2023-22084

https://mariadb.com/kb/en/mariadb-10-11-5-release-notes/
https://mariadb.com/kb/en/mariadb-10-11-6-release-notes/

Fixes:
 - http://autobuild.buildroot.org/results/9cb577195aa939289102116df5a2eac03f0d5017

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-12-03 20:14:10 +01:00
Fabrice Fontaine
b47b2065b2 package/libmemcached: fix static build
Fix the following static build failure raised since bump to version
1.1.4 in commit 7205df8a4f:

CMake Error at /home/autobuild/autobuild/instance-13/output-1/build/libmemcached-1.1.4/src/bin/cmake_install.cmake:60 (file):
  file RPATH_CHANGE could not write new RPATH:

    $ORIGIN/../lib

  to the file:

    /home/autobuild/autobuild/instance-13/output-1/host/arc-buildroot-linux-uclibc/sysroot/usr/bin/memcapable

  No valid ELF RPATH or RUNPATH entry exists in the file;
Call Stack (most recent call first):
  /home/autobuild/autobuild/instance-13/output-1/build/libmemcached-1.1.4/src/cmake_install.cmake:52 (include)
  /home/autobuild/autobuild/instance-13/output-1/build/libmemcached-1.1.4/cmake_install.cmake:52 (include)

Fixes:
 - http://autobuild.buildroot.org/results/778ff517d465896f54a3cd5316a66c54f66fd4cb

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-12-03 19:11:29 +01:00
Giulio Benetti
a7898055d3 package/freescale-imx: append /imx6ulz to BR2_PACKAGE_FREESCALE_IMX_PLATFORM_IMX6UL
imx6ulz supports freescale-imx too so let's add it to the bool name for
completeness.

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-12-03 17:45:13 +01:00
Fabrice Fontaine
51cf6a8aa6 package/monit: fix openssl static build
--with-ssl-dir will exclusively search for dynamic library so use
--with-ssl-static to fix the following openssl static build failure
raised since bump to version 5.33.0 in commit
8cedb39764:

checking for static SSL support... disabled
checking for SSL support... enabled
checking for SSL include directory... /home/buildroot/autobuild/instance-2/output-1/host/mipsel-buildroot-linux-uclibc/sysroot/usr/include
checking for SSL library directory... /lib64

[...]

mipsel-buildroot-linux-uclibc-gcc: ERROR: unsafe header/library path used in cross-compilation: '-L/lib64'

Fixes:
 - http://autobuild.buildroot.org/results/4189decbafb5d28c11d89ddac792b4610abeaff1

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-12-03 17:43:44 +01:00
Peter Korsgaard
cdc9b8a3a7 toradx_apalis_imx6_defconfig: add download hashes for linux/uboot
The defconfig fetches Linux and U-Boot from a git repo using the
unauthenticated git:// protocol, so add download hashes for them to ensure
we get the right sources by adding a global patch dir and running
utils/add-custom-hashes.

The defconfig uses the Linux sources for the kernel headers, so make
linux-headers/linux-headers.hash a symlink to linux/linux.hash so the same
hash file is used.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-12-03 17:38:22 +01:00
Fabrice Fontaine
a3db1dd1b7 package/xenomai: fix build with gcc >= 12
Fix the following build failure with gcc >= 12:

task.c: In function 't_start':
task.c:398:16: error: 'ret' may be used uninitialized [-Werror=maybe-uninitialized]
  398 |         return ret;
      |                ^~~
task.c:364:13: note: 'ret' was declared here
  364 |         int ret;
      |             ^~~
task.c: In function 't_resume':
task.c:444:16: error: 'ret' may be used uninitialized [-Werror=maybe-uninitialized]
  444 |         return ret;
      |                ^~~
task.c:428:13: note: 'ret' was declared here
  428 |         int ret;
      |             ^~~

Fixes:
 - http://autobuild.buildroot.org/results/bc1b40de22e563b704ad7f20b6bf4d1f73a6ed8a

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-12-03 17:27:11 +01:00
Fabrice Fontaine
f6a7050d71 package/speechd: fix NLS build
Fix the following NLS build failure raised since the addition of the
package in commit 9f4f8c5f89:

/home/buildroot/autobuild/run/instance-2/output-1/host/lib/gcc/arm-buildroot-linux-musleabihf/12.3.0/../../../../arm-buildroot-linux-musleabihf/bin/ld: ../../src/common/.libs/libcommon.a(libcommon_la-i18n.o): undefined reference to symbol 'libintl_bindtextdomain'

Fixes:
 - http://autobuild.buildroot.org/results/8ab13cf474d732c95a1da65592d950b24b3d474b

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-12-03 17:26:37 +01:00
Fabrice Fontaine
5eb79ff3b9 package/libmemcached: fix build with gcc 4.8
Fix the following build failure with gcc 4.8 raised since bump to
version 1.1.4 in commit 7205df8a4f:

/home/buildroot/autobuild/run/instance-0/output-1/build/libmemcached-1.1.4/src/libmemcachedprotocol/ascii_handler.c: In function 'ascii_get_response_handler':
/home/buildroot/autobuild/run/instance-0/output-1/build/libmemcached-1.1.4/src/libmemcachedprotocol/ascii_handler.c:249:3: error: 'for' loop initial declarations are only allowed in C99 mode
   for (int x = 0; x < keylen; ++x) {
   ^

Fixes:
 - http://autobuild.buildroot.org/results/202aeec4dda822ac341d8882f84f968a303697c3

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-12-03 17:23:07 +01:00
Fabrice Fontaine
4cf5d91d8b package/libde265: security bump to version 1.0.14
Fix CVE-2023-43887: Libde265 v1.0.12 was discovered to contain multiple
buffer overflows via the num_tile_columns and num_tile_row parameters in
the function pic_parameter_set::dump.

Fix CVE-2023-47471: Buffer Overflow vulnerability in strukturag libde265
v1.10.12 allows a local attacker to cause a denial of service via the
slice_segment_header function in the slice.cc component.

https://github.com/strukturag/libde265/releases/tag/v1.0.14
https://github.com/strukturag/libde265/releases/tag/v1.0.13

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-12-03 17:21:50 +01:00
Sergey Matyukevich
35059ebc37 DEVELOPERS: remove Synopsys email address for S.Matyukevich
I am no longer work at Synopsys, so remove this email address.

Signed-off-by: Sergey Matyukevich <geomatsi@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-12-03 17:21:07 +01:00
Fabrice Fontaine
a73cbe68b2 package/libmemcached: link with -latomic when needed
Fix the following build failure raised since bump to version 1.1.4 in
commit 7205df8a4f:

/home/buildroot/autobuild/instance-2/output-1/host/opt/ext-toolchain/bin/../lib/gcc/sparc-buildroot-linux-uclibc/11.3.0/../../../../sparc-buildroot-linux-uclibc/bin/ld: CMakeFiles/aslap.dir/ms_conn.c.o: undefined reference to symbol '__atomic_fetch_add_4@@LIBATOMIC_1.0'

Fixes:
 - http://autobuild.buildroot.org/results/c8e4e1f9609d1339fe070afe440c63660892600e

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-12-03 17:20:24 +01:00
Fabrice Fontaine
b957a02143 package/linux-tools: fix selftests with kernel >= 6.5
Fix the following selftests build failure raised since kernel >= 6.5 and
9fc96c7c19:

make[1]: Entering directory '/home/autobuild/autobuild/instance-4/output-1/build/linux-6.6.3/tools/testing/selftests'

error: missing kernel header files.
Please run this and try again:

    cd ../../..
    make headers

make[1]: *** [Makefile:186: kernel_header_files] Error 1

Fixes:
 - http://autobuild.buildroot.org/results/7674abb454b46ca768e44b6838a0d8724c772dd6

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-12-03 15:51:13 +01:00
Fabrice Fontaine
499b4d6d22 package/putty: disable gssapi
PUTTY_GSSAPI is enabled by default resulting in the following build
failure since bump to version 0.78 in commit
5673ea3ce4:

 /home/fabrice/buildroot/output/build/putty-0.79/unix/gss.c:133:10: fatal error: gssapi/gssapi.h: No such file or directory
  133 | #include <gssapi/gssapi.h>
      |          ^~~~~~~~~~~~~~~~~

Fixes:
 - http://autobuild.buildroot.org/results/d6d06b5aa0df070c3880399e044fb3cd3a830aec

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-12-03 15:47:01 +01:00
Francois Perrad
bc7b0e1002 package/perl: security bump to version 5.36.3
fix CVE-2023-47038 - Write past buffer end via illegal user-defined Unicode property

note: 5.36.2 was a broken release
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-12-03 15:38:29 +01:00
Fabrice Fontaine
38c4aa2826 package/libpjsip: security bump to version 2.14
Fix CVE-2023-38703: PJSIP is a free and open source multimedia
communication library written in C with high level API in C, C++, Java,
C#, and Python languages. SRTP is a higher level media transport which
is stacked upon a lower level media transport such as UDP and ICE.
Currently a higher level transport is not synchronized with its lower
level transport that may introduce use-after-free issue. This
vulnerability affects applications that have SRTP capability
(`PJMEDIA_HAS_SRTP` is set) and use underlying media transport other
than UDP. This vulnerability’s impact may range from unexpected
application termination to control flow hijack/memory corruption. The
patch is available as a commit in the master branch.

https://github.com/pjsip/pjproject/security/advisories/GHSA-f76w-fh7c-pc66
https://github.com/pjsip/pjproject/releases/tag/2.14

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-12-02 09:40:33 +01:00
Fabrice Fontaine
3d8e0a263f package/putty: fix static build
Fix the following static build failure raised since bump to version 0.78
in commit 5673ea3ce4:

In file included from /home/buildroot/autobuild/instance-0/output-1/build/putty-0.78/putty.h:8,
                 from /home/buildroot/autobuild/instance-0/output-1/build/putty-0.78/callback.c:8:
/home/buildroot/autobuild/instance-0/output-1/build/putty-0.78/unix/platform.h:11:10: fatal error: dlfcn.h: No such file or directory
   11 | #include <dlfcn.h>                     /* Dynamic library loading */
      |          ^~~~~~~~~

Fixes:
 - http://autobuild.buildroot.org/results/06f0b14bd0414f97b06070198e290fb3253348c5

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-12-01 22:22:50 +01:00
Fabrice Fontaine
8b3993178d package/python-numpy: needs gcc >= 9
python-numpy needs gcc >= 8.4 since bump to version 1.25.0 in commit
ca63464e37 and
4002a7d421:

../output-1/build/host-python-numpy-1.25.0/meson.build:30:4: ERROR: Problem encountered: NumPy requires GCC >= 8.4

Fixes:
 - http://autobuild.buildroot.org/results/9ec82be71c908873112064792ace283049355031

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-12-01 21:21:15 +01:00
Fabrice Fontaine
89e6b474ea package/libzenoh-pico: add threads comment
Commit 3e76df02b3 forgot to add a comment
about threads dependency

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-12-01 21:18:45 +01:00
Fabrice Fontaine
67cb7d8d09 package/rtty: fix wolfssl build
Fix the following wolfssl build failure raised at least since bump to
version 7.4.0 in commit 6b5907bf65:

/home/autobuild/autobuild/instance-4/output-1/build/rtty-8.1.0/src/ssl/openssl.c: In function 'ssl_last_error_string':
/home/autobuild/autobuild/instance-4/output-1/build/rtty-8.1.0/src/ssl/openssl.c:143:24: error: implicit declaration of function 'ERR_peek_error_line_data'; did you mean 'wolfSSL_ERR_get_error_line_data'? [-Werror=implicit-function-declaration]
  143 |         ssl_err_code = ERR_peek_error_line_data(&file, &line, &data, &flags);
      |                        ^~~~~~~~~~~~~~~~~~~~~~~~
      |                        wolfSSL_ERR_get_error_line_data

Fixes:
 - http://autobuild.buildroot.org/results/9db9f1dcc6760de4b78771bb79f109c4efd06c36
 - http://autobuild.buildroot.org/results/16422af9469de114e552124542508c3b18ea8f19

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[yann.morin.1998@free.fr: don't force wolfssl-all]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2023-12-01 13:21:10 +01:00
José Luis Salvador Rufo
c068fc4fa0 package/zfs: bump version to 2.2.2
This release contains an important fix for a data corruption
bug. Full details are in the issue [1] and bug fix [2].

1. https://github.com/openzfs/zfs/issues/15526
2. https://github.com/openzfs/zfs/pull/15571

Signed-off-by: José Luis Salvador Rufo <salvador.joseluis@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2023-12-01 11:31:14 +01:00