Currently libnss is configured with BUILD_OPT=1 and due to that that
it doesn't take into account Buildroot TARGET_CFLAGS nor
TARGET_LDFLAGS resulting in pre-chosen optimizations and debugging
symbols being used.
We can't pass TARGET_CFLAGS through CFLAGS or similar otherwise other
internal libnss one will be overwritten (i.e. -fPIC), so we prefer to
append TARGET_CFLAGS at the end of Linux.mk as well as TARGET_LDFLAGS
according to internal libnss Makefile system's names. And obviously
remove BUILD_OPT=1 from BUILD_VARS.
This reveals hidden bugs when building with -Os due to bogus
uninitialized warnings from gcc turned into errors because of -Werror,
so we explicitly pass NSS_ENABLE_WERROR=0 to avoid the use of -Werror.
Signed-off-by: Giulio Benetti <giulio.benetti@micronovasrl.com>
[Thomas: drop the libnss patches, and pass NSS_ENABLE_WERROR instead]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Contains a fix for issue discovered post-3.1.5.
See changelog:
https://libmodbus.org/2019/urgent-fix-for-last-releases/
Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Update the i.MX8MM-EVK BSP to match the latest version
referenced on the NXP website.
Signed-off-by: Mark Corbin <mark.corbin@embecosm.com>
Reviewed-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Bump the kernel to version 5.2.4.
Signed-off-by: Fabio Estevam <festevam@gmail.com>
Reviewed-by: Pierre-Jean Texier <pjtexier@koncepto.io>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
- Remove patches (already in version) and so remove AUTORECONF
- Use new option to disable examples
- Add hash for license file
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Move site from http to https as HTTP URL now returns
"301 Moved Permanently"
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Also add hash for license file
Fixes:
$: make pwgen-legal-info
>>> pwgen 2.08 Collecting legal info
ERROR: No hash found for debian/copyright
Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Since mdev was switched to the daemon mode introduced in Busybox 1.31.0,
it requires CONFIG_NET to be enabled in the kernel such that the mdev
daemon can listen to netlink events.
Signed-off-by: Titouan Christophe <titouan.christophe@railnova.eu>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* exp_inter.c: [https://sourceforge.net/p/expect/patches/22/]
Fix interact bug - handle reads of 0 length on
non-blocking channels by explicitly checking if the channel
is non-blocking. Fix by Jack Bates.
* expect.c: [https://sourceforge.net/p/expect/patches/21/]
Fix eof bug introduced with previous bug fix - ensure that data
received just before an eof is processed. Fix by Sergei Golovan.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Bump U-Boot to version 2019.07 and kernel to version 5.2.4.
Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The recent change to default to gcc 8 for the internal toolchain broke this
defconfig. Fix it by bumping to the latest 4.19 kernel.
Fixes: https://gitlab.com/buildroot.org/buildroot/-/jobs/259853955
The kernel now uses ttySx for the omap serial ports, so adjust the getty
port to match.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Upstream pushes their delivery archives in to places:
https://download.qt.io/official_releases/https://download.qt.io/archive/
After a while, only the latter remains, whith the former being pruned
actively to contain only officially supported versions.
Switch to using the archive location, as it has everything, even the
latest versions.
Signed-off-by: "Yann E. MORIN" <yann.morin@orange.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Drop upstream patches.
Remove autoreconf; we no longer patch configure.ac.
Cc: Alexander Dahl <post@lespocky.de>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Since version 1.1.23 musl supports the RISC-V architecture.
Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Tested-by: Mark Corbin <mark.corbin@embecosm.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This version merges the RISC-V (64-bit) port and new math library
implementations of log, exp, and pow. Internals of how (non-cancellable)
syscalls are performed have been overhauled so that all code necessary to make
the syscall resides in the arch-provided header and is inlinable. In the
process, bugs in the implementation of mips and microblaze syscall mechanisms
were found and fixed. Several other bugs were fixed as well, including a
potentially serious one in the layout of static TLS for shared libraries on
archs that use "TLS variant I" layout.
A couple behaviors that were clearly undesirable but arguably mandated by POSIX
have been fixed as a result of POSIX intepretations rendering them unnecessary.
Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Tested-by: Mark Corbin <mark.corbin@embecosm.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Email bounces:
<Qais.Yousef@imgtec.com>: host mxb-00376f01.gslb.pphosted.com[185.132.180.163]
said: 550 5.1.1 User Unknown (in reply to RCPT TO command)
Last mailing list postings date back to 2012.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The 4.11.2 release brings a large number of fixes:
https://xenproject.org/downloads/xen-project-archives/xen-project-4-11-series/xen-project-4-11-2/
Including a number of security fixes:
XSA-284: grant table transfer issues on large hosts
XSA-285: race with pass-through device hotplug
XSA-287: x86: steal_page violates page_struct access discipline
XSA-288: x86: Inconsistent PV IOMMU discipline
XSA-290: missing preemption in x86 PV page table unvalidation
XSA-291: x86/PV: page type reference counting issue with failed IOMMU update
XSA-292: x86: insufficient TLB flushing when using PCID
XSA-293: x86: PV kernel context switch corruption
XSA-294: x86 shadow: Insufficient TLB flushing when using PCID
XSA-295: Unlimited Arm Atomics Operations
XSA-297: Microarchitectural Data Sampling speculative side channel
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security issues:
CVE-2019-7317 CVE-2019-2821 CVE-2019-2769 CVE-2019-2762 CVE-2019-2745
CVE-2019-2816 CVE-2019-2842 CVE-2019-2786 CVE-2019-2818 CVE-2019-2766
CVE-2019-6129
For details. see the advisory:
https://openjdk.java.net/groups/vulnerability/advisories/2019-07-16
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security issues:
CVE-2019-12827: A specially crafted SIP in-dialog MESSAGE message can cause
Asterisk to crash:
https://downloads.asterisk.org/pub/security/AST-2019-002.html
CVE-2019-13161: When T.38 faxing is done in Asterisk a T.38 reinvite may be
sent to an endpoint to switch it to T.38. If the endpoint responds with an
improperly formatted SDP answer including both a T.38 UDPTL stream and an
audio or video stream containing only codecs not allowed on the SIP peer or
user a crash will occur. The code incorrectly assumes that there will be at
least one common codec when T.38 is also in the SDP answer:
https://downloads.asterisk.org/pub/security/AST-2019-003.html
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
According to the project homepage at
http://infozip.sourceforge.net/Zip.html, the version is really named
3.0. This is also how it's called inside the zip30.ann file in the
source code, which says "We have posted Zip 3.0, July 5th 2008".
So the fact that the tarball is named zip30.tgz is just because
upstream wanted to avoid having two dots (perhaps by habit of the old
DOS 8.3 file name limitation ?).
The version is also named "3.0" in the SourceForge RSS at [0] that
release-monitoring.org is using for this package [1]. Therefore, by
using "3.0" as the version, we will match the version known by
release-monitoring.org.
Of course the tarball name is still zip30.tgz so we tweak the
ZIP_VERSION value appropriately.
[0] https://sourceforge.net/projects/infozip/rss?path=/
[1] https://release-monitoring.org/project/10080/
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Upstream now optionally supports a yaml output format, and support is
detected through pkg-config. It has not been added as a dependency but
could in the future if someone asks for it.
Patches applied upstream:
- Kill bogus TYPE_BLOB marker type
- checks: fix simple-bus compatible matching
New patch:
- Makefile: Add EXTRA_CFLAGS variable
The new patch is required to correctly add buildroot's cflags. The
existing packaging was overwriting those set by the package's makefile,
which was breaking the yaml detection.
Signed-off-by: Joel Stanley <joel@jms.id.au>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Removes 0001-mkfs.ubifs-fix-build-without-openssl.patch which has been
merged upsteam as b5027be5f470830ac9543db3c52e076b13abd313.
Release Notes:
https://www.spinics.net/lists/linux-mtd/msg08093.html
Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This patch bumps the package version to 3.3.1 and drops
an upstreamed patch.
Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This patch bump python-pillow to version 6.1.0
Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This patch bumps Linux CIP to version v4.19.60-cip7.
Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
A very small fix for the progress meter regression in 7.65.2.
See https://curl.haxx.se/mail/lib-2019-07/0052.html
Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
MPD changed from Autotools to the Meson build system.
Add config options for the qobuz and tidal plugins and group them together
with the soundcloud plugin under "Commercial services".
Helping MPD to find tremor in static linking scenarios is no longer
needed and can safely be removed.
Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
libgrypt provides a config file `libgcrypt-config`. After the version
bump to 1.8.4 upstream added a pkg-config file as well [1].
Using the pkg-config file is preferred over using the package provided
config file. For example, the Meson build system requires that for every
special config file an entry is added to the `[binary]` section in the
cross-compilation.conf file, otherwise it will use the config file found
in `PATH`. This is bad when cross-compiling as `PATH` will include
pathes to the host and therefore Meson will wrongly use the host config
file.
To simplify using libgcrypt for packages using the meson infrastructure
lets add the pkg-config file.
Note, that the additional upstream patch 0003 fixes a typo in the pkg-config
file.
[1] 97194b422b
Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The `ac_cv_sys_symbol_underscore` reconfigure patch was added to
Buildroot back in 2007 [1], but was not reported to upstream back then.
Meanwhile, the issue has been fixed upstream [2] after the version bump to
version 1.8.4.
In order to add another upstream patch, which will add a pkg-config file
for libgrypt and therefore requires autoreconfiguration as well, replace the
current patch with the upstream patch.
[1] https://git.buildroot.net/buildroot/commit/package/libgcrypt?id=f1bcdf518fa7868b7819b0248f4b8da02a954dde
[2] 0f4545b441
Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fixes CVE-2019-13917:
http://www.exim.org/static/doc/security/CVE-2019-13917.txtd185889f47
added new code to "Prebuild the data structure for builtin macros".
This function needs a host-built binary called macro_predef, it depends
on host-berkeleydb, host-pcre and optionally on host-openssl.
With an openssl-enabled exim the host build of macro_predef will fail
if host-openssl is missing:
/usr/bin/gcc -DMACRO_PREDEF macro_predef.c
In file included from hash.h:14,
from exim.h:485,
from macro_predef.c:11:
sha_ver.h:37:12: fatal error: openssl/ssl.h: No such file or directory
because macro_predef also has the an optional dependency on openssl:
https://github.com/Exim/exim/blob/exim-4.92%2Bfixes/src/src/macro_predef.c#L130
Removed patches applied upstream:
0004: 98913c8ea2
0005: cf3cd30606
0007: 7ea1237c78 (diff-58af16fe62ea674adf1730edc078d175R6243)
Added patch to fix uClibc build.
Added license hash, switched _SITE to https.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Needed for the upcoming Exim security version bump.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Added all hashes provided by upstream, switched tarball to .xz and
updated _SITE according to release notes.
Tarball contains an autoconf'ed configure script now so we can remove
LIBGLU_AUTORECONF = YES
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
