Commit Graph

43214 Commits

Author SHA1 Message Date
Yegor Yefremov
0135bc5b60 python-typing: new package
Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
Reviewed-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-30 21:10:28 +01:00
Yegor Yefremov
e97a83b726 python-wrapt: new package
Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
Reviewed-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-30 21:09:57 +01:00
Bernd Kuhls
bc6ecbbeef package/systemd: Add upstream patch to fix CVE-2018-15688
Systemd-networkd is vulnerable to an out out-of-bounds heap write in the
DHCPv6 client when handling options sent by network adjacent DHCP servers.
A attacker could exploit this via malicious DHCP server to corrupt heap
memory on client machines, resulting in a denial of service or potential
code execution.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
[Peter: add description]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-30 21:07:36 +01:00
Peter Korsgaard
646ae5a0b1 ruby: security bump to version 2.4.5
Fixes the following security issues:

- CVE-2018-16396: Tainted flags are not propagated in Array#pack and
  String#unpack with some directives
https://www.ruby-lang.org/en/news/2018/10/17/not-propagated-taint-flag-in-some-formats-of-pack-cve-2018-16396/

- CVE-2018-16395: OpenSSL::X509::Name equality check does not work correctly
https://www.ruby-lang.org/en/news/2018/10/17/openssl-x509-name-equality-check-does-not-work-correctly-cve-2018-16395/

Update hash of LEGAL as it had a few (wayback machine) URLs added/changed.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-30 21:05:19 +01:00
Peter Korsgaard
15793bc19f lighttpd: security bump to version 1.14.51
Fixes the following security issues:

1.4.50:
[mod_alias] security: potential path traversal with specific configs
[core] security: use-after-free invalid Range req
[mod_alias] security: path traversal in mod_alias (in some use cases) (fixes #2898)
[core] security: use-after-free after invalid Range request (fixes #2899)

1.4.51:
[core,security] process headers after combining folded headers
[mod_userdir] security: skip username “.” and “..”

1.4.51 brings optional pam and wolfssl support.  Explicitly disable these
options for now.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-30 21:05:13 +01:00
Fabrice Fontaine
0646d67c1d qemu: switch to sdl2
Since version 2.12.0 and
e52c6ba341,
SDL 1.2 is deprecated so switch to SDL 2.0 as SDL 1.2 will be removed in
the last release of 2018

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Reviewed-by: Matt Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-30 21:02:51 +01:00
Fabrice Fontaine
8153ce21e7 qemu: sdl frontend needs x11
Since qemu 2.12.0 and
2ec78706d1,
x_keymap.h has been converted from "SDL display driver" to "X11 keymaps"

So add a select on BR2_PACKAGE_SDL_X11

Fixes:
 - http://autobuild.buildroot.org/results/1908d2d7de8d3aff11ed6fbb8fe4cf3eff54b5a5

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Reviewed-by: Matt Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-30 21:01:39 +01:00
Fabrice Fontaine
54000d187a synergy: needs gcc >= 4.9
Since version 1.9.0 and
c0376e9e2f,
synergy needs C++14 so add a dependency on
BR2_TOOLCHAIN_GCC_AT_LEAST_4_9

Fixes:
 - http://autobuild.buildroot.org/results/c4646ee9342ea8bd906bfe2b29996c48cb403ccc

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Tested-by: Pieterjan Camerlynck <pieterjan.camerlynck@gmail.com>
Reviewed-by: Pieterjan Camerlynck <pieterjan.camerlynck@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-30 21:00:35 +01:00
Fabrice Fontaine
87187d5c99 motion: bump to version 4.2
- Remove patch (already in version)
- Add new mandatory libmicrohttpd dependency, see:
  3cd68cab49
- Add new optional gettext dependency, see:
  4ff191be82

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-30 21:00:02 +01:00
Petr Vorel
0d61e067eb kconfig: Refresh patches
Signed-off-by: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-30 20:58:54 +01:00
Petr Vorel
a3366b2705 kconfig: Restore missing custom changes + add patches
Commit 6eacea5ae0 accidentally removed these changes in merge_config.sh:
0f56304521 ("merge_config.sh: create temporary files in /tmp")
28fac3973b ("merge_config.sh: add br2-external support")

Changes were lost because commits just changed files, but didn't add patches.
Therefore not only restore our changes, but also add (updated) patches.

Missing 0f56304521 caused breaking merge_config.sh when used in out of
tree build:
$ make -C buildroot O=$PWD/output defconfig
...
$ cd output
$ echo 'BR2_TARGET_GENERIC_HOSTNAME="test"' > test.frag
$ ../buildroot/support/kconfig/merge_config.sh .config test.frag
Using .config as base
Merging test.frag
umask 0022 && make -C /home/test/buildroot O=/home/test/output/. alldefconfig
  GEN     /home/test/output/Makefile
*** Can't read seed configuration "./.tmp.config.qIcpASpUyh"!
make[1]: *** [Makefile:925: alldefconfig] Error 1
make: *** [Makefile:16: _all] Error 2

Fixes: 6eacea5ae0 support/kconfig: bump to kconfig from Linux 4.17-rc2

Signed-off-by: Petr Vorel <petr.vorel@gmail.com>
Reported-by: Erico Nunes <nunes.erico@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-30 20:58:09 +01:00
Petr Vorel
775087fab0 kconfig: Add missing patch
which was specified, but not added during last update.

Fixes: 6eacea5ae0 ("support/kconfig: bump to kconfig from Linux 4.17-rc2")

Signed-off-by: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-30 20:57:04 +01:00
Fabrice Fontaine
91b6ca9682 neardal: fix static build with libedit and libbsd
Add an upstreamable patch to use pkg-config for finding libedit and
readline dependencies and drop ncurses "hack"

Fixes:
 - http://autobuild.buildroot.org/results/b0b17f4a5b0a32631a12bdb350ba7c21f7c595d0

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-30 20:56:10 +01:00
Asaf Kahlon
5654eb3c9a python-pycryptodomex: bump to version 3.7.0
Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-30 20:55:40 +01:00
Fabrice Fontaine
1de17e341b openswan: security bump to version 2.6.50.1
- Fixes CVE-2018-15836 (a Bleichenbacher-style signature forgery which
  involves RSA padding attack)
- Add hash for license files

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-30 20:54:51 +01:00
Fabrice Fontaine
8a0c8258b4 openswan: disable documentation
Disable pod2man and xmlto which are used to build man pages

Fixes:
 - http://autobuild.buildroot.org/results/2268814b8f5a071ecec1aab962b50a1edcb818d7

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-30 20:54:01 +01:00
Fabrice Fontaine
8b3dea2c2a libkcapi: disable documentation
Disable db2pdf, db2ps and xmlto which are used for building PDF, PS, man
or html documentation

Fixes:
 - http://autobuild.buildroot.org/results/28df3b50d90bc53b965280b77224f89fe09ec2b9

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-10-28 17:36:17 +01:00
Peter Seiderer
f79f459887 valgrind: fix uclibc c99 support detection
Fixes [1]:

  checking for /home/peko/autobuild/instance-0/output/host/bin/powerpc-linux-gcc option to accept ISO C99... unsupported
  configure: error: Valgrind relies on a C compiler supporting C99

with the following in the valgrind-3.14.0/config.log:

  configure:5517: checking for .../host/bin/powerpc-linux-gcc option to accept ISO C99
  configure:5666: .../host/bin/powerpc-linux-gcc -c -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -Os -fno-stack-protector -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 conftest.c >&5
  conftest.c:55:9: error: unknown type name 'wchar_t'
     const wchar_t *name;
           ^~~~~~~

[1] http://autobuild.buildroot.net/results/b25013f785a11f07e8da3735741b96036712f42a

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-10-28 16:57:49 +01:00
Francois Perrad
5b7563f3d6 scancpan: also use README.md as default license file
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-10-28 15:16:07 +01:00
Fabrice Fontaine
b4501ca80d lcdproc: use ac_cv_mtab_file
Set ac_cv_mtab_file to /etc/mtab otherwise build will fail if no mtab,
mnttab or fstab is found in /etc (on host)

Fixes:
 - http://autobuild.buildroot.org/results/efaf2833d674c7e366c59f367f0b83c7f88546bb

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-28 08:14:28 +01:00
Carlos Santos
2f3042a79b liburiparser: security bump to version 0.9.0
Fixes an out-of-bounds write, detect an integer overflow and protect
against acting on NULL input. For additional datails, see

   https://github.com/uriparser/uriparser/blob/uriparser-0.9.0/ChangeLog

Signed-off-by: Carlos Santos <casantos@datacom.com.br>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-28 08:12:30 +01:00
Asaf Kahlon
658ebd8d23 python3: bump to version 3.7.1
Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-28 08:11:32 +01:00
Asaf Kahlon
76419040f7 python-setuptools: bump to version 40.5.0
Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-28 08:11:07 +01:00
Bernd Kuhls
0a4e2bfd64 package/mjpg-streamer: add optional dependency to zeromq
The ZeroMQ output module also depends on protobuf, see upstream PR 145.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-28 08:02:39 +01:00
Bernd Kuhls
367d7dc7a1 package/mjpg-streamer: bump version
This bump includes
2b751f1f2a

which fixes
http://autobuild.buildroot.net/results/247/247a55398aed37a08c67cc21db6836ad342d24ca/

and includes
ddb69b7b4f

which fixes
http://autobuild.buildroot.net/results/dad/dad054954de76cab56333747274520f269be2066/

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-28 08:01:28 +01:00
Fabrice Fontaine
c0deed8eed gpsd: disable documentation
Fixes:
 - http://autobuild.buildroot.org/results/cbdb4cc34080714082f044fde7e069e6ab5a0e8e

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-27 22:59:15 +02:00
Asaf Kahlon
170723fd57 python-dateutil: bump to version 2.7.5
Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-27 22:58:56 +02:00
Peter Korsgaard
1d9fe18e97 iproute2: fix build on glibc < 2.21 / uClibc
Fixes:
http://autobuild.buildroot.net/results/fc9/fc99b1ad49080f552ce611d5a7a2f9fe171b5a2c/
http://autobuild.buildroot.net/results/5f7/5f74c258a3adafa5aecd4abc378eef0573143764/

q_{etf,taprio}.c uses CLOCK_TAI, which isn't exposed by glibc < 2.21 or
uClibc, breaking the build. Provide a fallback definition like it is done
for IPPROTO_MPLS and others.

Patch submitted upstream:
https://lwn.net/ml/netdev/20181027153102.32302-1-peter%40korsgaard.com/

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-27 22:58:22 +02:00
Asaf Kahlon
2c0a2c7a3d python-fastentrypoints: bump to version 0.12
Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-27 22:58:13 +02:00
Peter Korsgaard
e79df78ce2 iproute2: bump version to 4.19.0
For support for the new 4.19+ kernel features. Release notes:
https://lwn.net/ml/netdev/20181023104935.282ff4ec@xeon-e3/

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Reviewed-by: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-27 11:42:07 +02:00
Thomas Petazzoni
cbf62fc569 mysql: properly order "depends on" vs. bool
This fixes a check-package warning introduced by commit
19df27ed03 ("package/mariadb: add option
to disable build of embedded server")

Fixes:

package/mysql/Config.in:59: attributes order: type, default, depends on, select, help (http://nightly.buildroot.org/#_config_files)

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-10-26 21:28:31 +02:00
Danomi Manchego
a216a344c4 arm-trusted-firmware: replace hard-coded arm64 with MKIMAGE_ARCH
We already use $(MKIMAGE_ARCH) in lots of places; use it here too.

Signed-off-by: Danomi Manchego <danomimanchego123@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-10-26 21:26:33 +02:00
Danomi Manchego
22ea9d5a87 arm-trusted-firmware: replace mkimage invocation with MKIMAGE
We already use $(MKIMAGE) instead of $(HOST_DIR)/bin/mkimage in xvisor, linux,
and cpio; use it here too.

Signed-off-by: Danomi Manchego <danomimanchego123@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-10-26 21:26:27 +02:00
Danomi Manchego
0210f16083 uboot: replace mkimage invocation with MKIMAGE
We already use $(MKIMAGE) instead of $(HOST_DIR)/bin/mkimage in xvisor, linux,
and cpio; use it here too.

Signed-off-by: Danomi Manchego <danomimanchego123@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-10-26 21:26:17 +02:00
Francois Perrad
ece585dee1 perl-path-tiny: bump to version 0.104
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-10-26 21:20:15 +02:00
Francois Perrad
0a88a6c04f perl-net-ping: bump to version 2.71
The license file hash is changed due to:

 - Changes in the README file unrelated to the licensing terms.
 - Update of the copyright year (2017 changed to 2017-2018)

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-10-26 21:20:15 +02:00
Francois Perrad
27d462b9c2 perl-net-dns: bump to version 1.18
The license file hash is updated, but due to changes to the README
file that do not affect the licensing terms.

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-10-26 21:20:15 +02:00
Francois Perrad
5614ca4bc2 perl-mojolicious: bump to version 8.04
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-10-26 21:20:15 +02:00
Francois Perrad
a30274ae89 perl-mail-dkim: bump to version 0.54
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-10-26 21:20:15 +02:00
Francois Perrad
b2ec1ee7a3 perl-libwww-perl: bump to version 6.36
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-10-26 21:20:15 +02:00
Francois Perrad
73458f8a80 perl-io-socket-ssl: bump to version 2.060
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-10-26 21:20:15 +02:00
Francois Perrad
1a06c4e243 perl-gd: bump to version 2.69
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-10-26 21:20:15 +02:00
Francois Perrad
b58bcf1ce3 perl-file-slurp: bump to version 9999.23
The license file is changed to README.md, because README no longer
exists. The licensing terms are unchanged:

"""
This program is free software; you can redistribute it and/or modify it
under the same terms as Perl itself.
"""

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-10-26 21:20:15 +02:00
Francois Perrad
5dfde90705 perl-date-manip: bump to version 6.73
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-10-26 21:20:15 +02:00
Francois Perrad
462c7b62df perl-crypt-openssl-rsa: bump to version 0.31
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-10-26 21:20:15 +02:00
Peter Seiderer
1172a68ae8 valgrind: bump version to 3.14.0
- new option: link-time optimisation

For details see [1].

[1] http://valgrind.org/docs/manual/dist.news.html

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-26 21:19:20 +02:00
Fabrice Fontaine
220f25e940 giflib: disable xmlto
Fixes:
 - http://autobuild.buildroot.org/results/87c7fa4a8e393acaccc84bd2774f9eee32ef7d90

xmlto is optionally used to generate documentation, which we don't need.

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-26 21:16:56 +02:00
Peter Seiderer
1b4ee69faf libevdev: bump version to 1.6.0
For details see [1].

Rebased patch 0001-configure-add-disable-runtime-tests-option.patch.

[1] https://lists.freedesktop.org/archives/input-tools/2018-October/001488.html

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-26 21:14:34 +02:00
Francois Beerten
4f56655b2b board/zynqmp/post-image.sh: support dots in DTS file names
Some ZynqMP device trees in the kernel have a dot in their name,
for example "zynqmp-zcu102-rev1.0". The post image script
left out the part after the dot and created an invalid symlink.

Signed-off-by: Francois Beerten <fbeerten.git@colabti.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-10-26 20:54:00 +02:00
Thomas Petazzoni
2a3ef05520 tar: adjust Config.in comment dependency
Since commit 916b21a7fb ("package/tar:
Depends on MMU"), BR2_PACKAGE_TAR depends on BR2_USE_MMU. However, the
Config.in comment does not take into account this dependency, an
inconsistency which is fixed by this commit.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-26 19:49:48 +02:00