- Update site to github (for the time being, as 3.3-rc0 is a release
candidate, it is not published on the official ftp)
- Update third patch
- Remove fourth and fifth patches (already in version)
- Remove uneeded hooks, as public headers are now installed in the
standard path since
982b89c01a
- New risc-v support:
3840d49aaa
Fixes:
- http://autobuild.buildroot.org/results/3edf66362ea5a83291f19373e4b6f2e5cce98d7b
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Initially we had a port only for ARCv2 cores but then with a simple
change ARCompact cores got supported as well.
So we generalize from BR2_archs to BR2_arcle as we haven't tried to
get glibc working on big-endian ARCs yet.
Also we never bothered to check avaialbility of atomic instructions in
the core but in case of Glibc for ARC this is really a must, so we add
this check here.
Note in case of uClibc we may have system w/o HW atomics but:
1. Only single-core systems are allowed
2. Atomic instructions are emulated via arc_usr_cmpxchg syscall
Signed-off-by: Alexey Brodkin <abrodkin@synopsys.com>
Cc: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fixes SQUID-2018_4:
Due to incorrect input handling, Squid is vulnerable to a Cross-Site
Scripting vulnerability when generating HTTPS response messages about TLS
errors.
For more details, see the advisory:
http://www.squid-cache.org/Advisories/SQUID-2018_4.txt
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
xtensa-uclinux uses bFLT executable file format that cannot relocate
fields representing offsets from data to code. C++ objects built as PIC
use offsets to encode FDE structures. As a result C++ exception handling
doesn't work correctly on xtensa-uclinux. Don't use PIC by default on
xtensa-uclinux.
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The bump to 2.4.48 introduced a bug that, according to the author,
only happen in certain cases on glibc. But under uclibc-ng, it happens
every time.
The bug essentially cause any program calling any libattr.so function
to enter an infinite recursion, because of a symbol conflict between
uclibc-ng and libattr wrappers, that causes the libattr wrappers to
call themselves.
This infinite recursion does not consume the stack, so programs
basically behave like they enter an infinite loop.
It is easy to reproduce with qemu_arm_versatile_defconfig +
BR2_PACKAGE_ATTR: "getfattr ." never returns and takes 100% CPU.
Upstream fixed it, but the patch is not part of a release yet,
so take the patch.
Signed-off-by: Nicolas Cavallari <nicolas.cavallari@green-communications.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security issues:
CVE-2018-16843: Excessive memory usage in HTTP/2
CVE-2018-16844: Excessive CPU usage in HTTP/2
CVE-2018-16845: Memory disclosure in the ngx_http_mp4_module
Refreshed patch 0004 + 0007 as they no longer applied cleanly.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
>From the announcement:
When using a TLS enabled websockets listener with require_certificate
enabled, the mosquitto broker does not correctly verify client certificates.
This is now fixed. All other security measures operate as expected, and in
particular non-websockets listeners are not affected by this.
https://mosquitto.org/blog/2018/11/version-154-released/
Drop patch 0001, now applied upstream:
https://github.com/eclipse/mosquitto/pull/933
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This commit fixes the following flake8 warnings:
support/testing/tests/fs/test_f2fs.py:6:1: E302 expected 2 blank lines, found 1
support/testing/tests/fs/test_f2fs.py:12:1: E302 expected 2 blank lines, found 1
support/testing/tests/fs/test_f2fs.py:38:23: E225 missing whitespace around operator
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
libmagic (from file package) already provides the buffer_init function
so to avoid a build failure for applications wanting to statically link
with twolame and libmagic (for example sox), rename buffer_init into
bitbuffer_init (also rename buffer_deinit into bitbuffer_deinit and
buffer_sstell into bitbuffer_sstell for consistency)
Fixes:
- http://autobuild.buildroot.org/results/b3fc62e7f372fe595966e84091c11ccdb4cfa77c
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Changelog: http://www.php.net/ChangeLog-7.php#7.2.12
Rebased patch 0004 and updated license hash after white space removal:
902d39a3a7
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Setting overprovision to 0 and omitting this option has exactly
the same effect.
Signed-off-by: Grzegorz Blach <grzegorz@blach.pl>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
For BR2_TARGET_ROOTFS_F2FS_COLD_FILES clarify that extension list must
be a coma separated.
For BR2_TARGET_ROOTFS_F2FS_OVERPROVISION clarify that the default
overprovision ratio is autocalculated according to the partition size.
Signed-off-by: Grzegorz Blach <grzegorz@blach.pl>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Adjust patch to fit the new version.
Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Reviewed-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Add license hash for COPYING file.
Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bumps Golang host-go compiler to 1.11.2 release.
Add hash for LICENSE.
Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
I am now maintaining / submitting regular patches for the Go toolchain as well.
Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Static build of applications using qt-zlib and zlib (such as mpv) will
fail because zlib and qt-zlib defines the same functions (inflateReset,
inflatePrime ...)
So add a dependency on !BR2_STATIC_LIBS on BR2_PACKAGE_QT_QTZLIB
Fixes:
- http://autobuild.buildroot.org/results/0be6e359d46a8a701006305c32b514687854b035
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fixes the following security issue:
CVE-2018-16850: SQL injection in pg_upgrade and pg_dump, via CREATE TRIGGER
... REFERENCING
For more details, see the advisory:
https://www.postgresql.org/about/news/1905/
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The remaining two patches have been submitted upstream for inclusion,
so let's update their upstream status.
While at it, I update @free-electrons.com to @bootlin.com in the first
patch.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The description of this patch was no longer correct: it no longer
provided dummy definitions of RTLD_* macros since commit
ccad7db515 ("alsa-lib: bump to version
1.1.6"). All it did is make two <dlfcn.h> inclusions optional.
However, this is no longer needed, since the alsa-lib code base
contains four inclusions of <dlfcn.h>, which are all properly handled:
- include/local.h, the include is guarded by #ifdef HAVE_LIBDL
- modules/mixer/simple/sbasedl.c, modules are only built if
BUILD_MODULES is enabled, and BUILD_MODULES is only enabled if
HAVE_LIBDL is enabled
- src/mixer/simple_abst.c, this file is only built if BUILD_MODULES
is enabled, which itself is only enabled if HAVE_LIBDL is enabled
- src/pcm/pcm_meter.c, this file is only built if
BUILD_PCM_PLUGIN_METER is enabled, and this is not enabled if
HAVE_LIBDL is not enabled.
Conclusion: the patch can be dropped. The third patch is renumbered as
appropriate.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
In commit 4707383c5d ("alsa-utils: needs
dynamic library support"), we added a !BR2_STATIC_LIBS dependency
because topology/topology.c was including <dlfcn.h>.
However, it turns out that this include is not needed/used at all, so
we can instead drop it, and re-enable the package in BR2_STATIC_LIBS
configuration.
This was discovered when analyzing why we have
package/alsa-lib/0003-alsa-lib-conditionally-enable-libdl-in-AM_PATH_ALSA-.patch. This
patch fixes the AM_PATH_ALSA autoconf macro, used by alsa-utils, so
that ALSA_LIBS doesn't carry the -ldl option, fixing static-linking
scenarios. This patch had become useless since alsa-utils was no
longer available in BR2_STATIC_LIBS configuration.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Firmware test suite does provides efi_runtime kernel module required
to run UEFI tests. So optionally enable this module build.
[Peter: fix -/_ in comment as suggested by Erico]
Signed-off-by: Sumit Garg <sumit.garg@linaro.org>
Reviewed-by: Erico Nunes <nunes.erico@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The python-posix-ipc package can be used both with python2 and python3.
Signed-off-by: Daniel Fahlgren <daniel@fahlgren.se>
Reviewed-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
When bdw-gc is linked with libatomic_ops, bdw-gc.pc must contain the
needed libraries (such as -latomic_ops) otherwise build of applications
such as guile will fail on link stage:
.libs/libguile_2.0_la-posix.o: In function `scm_tmpnam':
posix.c:(.text+0x2080): warning: the use of `tmpnam' is dangerous, better use `mkstemp'
CCLD guile
/home/buildroot/autobuild/run/instance-2/output/host/arm-buildroot-linux-gnueabi/sysroot/usr/lib/libgc.so: undefined reference to `AO_fetch_compare_and_swap_emulation'
/home/buildroot/autobuild/run/instance-2/output/host/arm-buildroot-linux-gnueabi/sysroot/usr/lib/libgc.so: undefined reference to `AO_store_full_emulation'
So set ATOMIC_OPS_LIBS to -latomic_ops when a system atomic_ops library
is used and use ATOMIC_OPS_LIBS in bdw-gc.pc.in
Fixes:
- http://autobuild.buildroot.org/results/2b23d445e57a5e0f417f5cb9417b0a668bb7bf1c
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security issues:
- CVE-2018-5738: Some versions of BIND can improperly permit recursive query
service to unauthorized clients
- CVE-2018-5740: A flaw in the "deny-answer-aliases" feature can cause an
INSIST assertion failure in named
For more details, see the release notes:
https://ftp.isc.org/isc/bind9/9.11.5/RELEASE-NOTES-bind-9.11.5.html
Drop patch 0003-Rename-ptrsize-to-ptr_size.patch as the uClibc-ng issue was
fixed upstream in commit 931fd627f6195 (mips: fix clashing symbols), which
is included in uclibc-1.0.12 (January 2016).
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Tiago is leaving the company and is unlikely to have access to the hardware
required to test the package.
Signed-off-by: Carlos Santos <casantos@datacom.com.br>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix the following build error:
make[3]: *** No rule to make target '-lm', needed by 'traceroute'.
Fixes:
http://autobuild.buildroot.org/results/dde63672e1de1d4ba036331ab127ccc8ff044444http://autobuild.buildroot.org/results/4efb67e6a29c3dd784676d30a1051f9f0c2a6c80http://autobuild.buildroot.org/results/7ac23a3959aec22297695899c0f76dbbc4e114d3
And many more...
As explained by Arnout, this happens when host-make is built (E.G. when
glibc is built on a machine with an old make version) because the traceroute
Makefiles have a target with a dependency on -lm, and make automatically will
look in make's $prefix/lib directory for libm.so / libm.a to satisfy this
dependency. From the make info pages:
When a prerequisite's name has the form '-lNAME', 'make' handles it
specially by searching for the file 'libNAME.so', and, if it is not
found, for the file 'libNAME.a' in the current directory, in directories
specified by matching 'vpath' search paths and the 'VPATH' search path,
and then in the directories '/lib', '/usr/lib', and 'PREFIX/lib'
(normally '/usr/local/lib', but MS-DOS/MS-Windows versions of 'make'
behave as if PREFIX is defined to be the root of the DJGPP installation
tree).
Our host-make is configured with prefix=$(HOST_DIR), and $(HOST_DIR)/lib
does not contain libm.so / libm.a, causing make to error out.
Work around it by pointing VPATH to $(STAGING_DIR)/usr/lib, so make will
find the (target) libm.so / libm.a.
[Peter: extend description based on Arnouts investigation]
Signed-off-by: Sergio Prado <sergio.prado@e-labworks.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
- Optional dependency to snappy has been added with version 2.4.0 and
47649d1c7f
- Specify the path to found libssh as this is done for other options
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
- Optional dependency to lz4 has been added with version 2.4.0 and
47649d1c7f
- Specify the path to found lz4 as this is done for other options
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
- Optional dependency to bcg729 has been added with version 2.5.0 and
3e54cabf81
- Specify the path to found bcg729 as this is done for other options
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
- Embedded nghttp2 code has been removed and an optional dependency to
nghttp2 has been added with version 2.4.0 and
b1cc056b12
- Specify the path to found nghttp2 as this is done for other options
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Optional dependency to libxml2 has been added with version 2.4.0 and
cfab5ef035
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
- Remove first patch (inet_pton test removed since version 2.5.0 and
12d63c428f)
- Remove second patch (already in version, since
3761ef3785)
- Remove WIRESHARK_AUTORECONF=yes as configure.ac is not patched anymore
- gcrypt is a mandatory dependency since version 2.4.0 and
6b84ddee83
- geoip support has been replaced by maxminddb since version 2.5.0 and
a1da75c554
- Drop includedir "hack", this is not needed anymore and wireshark is
now installing files in target. With this hack, build fails on:
wireshark: installs files in /home/fabrice/buildroot/output/target//home/fabrice/buildroot/output
package/pkg-generic.mk:310: recipe for target '/home/fabrice/buildroot/output/build/wireshark-2.6.4/.stamp_target_installed' failed
- Disable all new optional features
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[Arnout: keep optional dependencies alphabetic on Config.in name;
add comment of libgcrypt -> libgpg-error dependency.]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
As reported in the bug report [1], gcc < 6 doesn't build when
FORTIFY_SOURCE is set to 1 or 2. The issue is related to the
upstream bug report [2] but the patch fixing the issue for gcc 6
has not been backported to earlier gcc versions.
Add a dependency on gcc at least version 6 to BR2_FORTIFY_SOURCE_1
and BR2_FORTIFY_SOURCE_2.
[1] https://bugs.busybox.net/show_bug.cgi?id=11476
[2] https://gcc.gnu.org/bugzilla/show_bug.cgi?id=61164
[3] 55f12fce4c
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Matthew Weber <matthew.weber@rockwellcollins.com>
Cc: Peter Korsgaard <peter@korsgaard.com>
[Peter: only limit for internal toolchain as suggested by Matthew]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
For the default (BR2_SYSTEM_DHCP) /etc/network/interfaces handling.
Both the "big" and busybox ifupdown variants pass the hostname argument to
the DHCP client through the shell, so we can use $() to expand to the
current hostname value.
Notice that this may not be handled by all DHCP clients.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Reviewed-by: Matt Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>