Commit Graph

55997 Commits

Author SHA1 Message Date
Scott Fan
6c5caa8f43 package/open62541: fix library version definition
Manually specified version must start with letter 'v',
otherwise, the generated version macro will be zero
in the <build_dir>/src_generated/open62541/config.h file:
  #define UA_OPEN62541_VER_MAJOR 0
  #define UA_OPEN62541_VER_MINOR 0
  #define UA_OPEN62541_VER_PATCH 0

Reference from the following link:
https://open62541.org/doc/current/building.html

Signed-off-by: Scott Fan <fancp2007@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-02-20 23:12:54 +01:00
Romain Naour
03c3fbd81c support/scripts/boot-qemu-image.py: properly catch timeout
As reported on IRC by sephthir, the gitlab test of the defconfig
qemu_sparc_ss10_defconfig doesn't error out while the system
is not working properly.

This is because we explicitly wait for the timeout as an expected
condition, but do not check for it. Indeed, pexpect.expect() returns
the index of the matching condition in the list of expected conditions,
but we just ignore the return code, so we are not able to differentiate
between a successful login (or prompt) from a timeout.

By default, pexepect.expect() raises the pexpect.TIMEOUT exception on a
timeout, and we are already prepared to catch and handle that exception.
But because pexpect.TIMEOUT is passed as an expected condition, the
exception is not raised.

Remove pexpect.TIMEOUT from the list of expected conditions, so that the
exception is properly raised again, and so that we can catch it.

The qemu_sparc_ss10_defconfig is already fixed by
4d16e6f532.

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Jugurtha BELKALEM <jugurtha.belkalem@smile.fr>
[yann.morin.1998@free.fr: reword commit log]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-02-20 22:44:29 +01:00
Peter Seiderer
4a95f38f30 package/irqbalance: fix sysv startup script (add mkdir /run/irqbalance)
- add mkdir -p /run/irqbalance to sysv startup script needed to
  create socket /run/irqbalance/irqbalance<pid>.sock

Fixes:

  - Bug 13541 [1]

  daemon.warn /usr/sbin/irqbalance: Daemon couldn't be bound to the file-based socket.

[1] https://bugs.busybox.net/show_bug.cgi?id=13541

Reported-by: Alfredo Pons Menargues <alfredo.pons@gmail.com>
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
[yann.morin.1998@free.fr: only create in start case]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-02-20 18:36:39 +01:00
Peter Seiderer
60518c1d76 package/irqbalance: fix systemd startup script (add RuntimeDirectory)
- add RuntimeDirectory=irqbalance to create /run/irqbalanace needed to
  create socket /run/irqbalance/irqbalance<pid>.sock

Fixes:

  - Bug 13541 [1]

  /usr/sbin/irqbalance[158]: Daemon couldn't be bound to the file-based socket.

[1] https://bugs.busybox.net/show_bug.cgi?id=13541

Reported-by: Alfredo Pons Menargues <alfredo.pons@gmail.com>
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-02-20 18:36:28 +01:00
Scott Fan
d1054e851c DEVELOPERS: remove Scott Fan
Signed-off-by: Scott Fan <fancp2007@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-02-20 17:48:10 +01:00
Thomas Petazzoni
ee8b680816 utils/scanpypi: use python3 explicitly
scanpypi is python3 compatible. In addition, it executes the setup.py
of Python modules to extract the relevant information. Since these are
more and more commonly using python3 constructs, using "python" to run
scanpypi causes problems on systems that have python2 installed as
python, when trying to parse setup.py scripts with python3 constructs.

Fixes part of #13516.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-02-20 17:42:46 +01:00
Jörg Krause
3590ebec28 package/taglib: drop config options to enable MP4/ASF support
Both options where removed in git commit dd846904cbc1ef3ee628d77f0c9df88ef8967816
back in year 2011.

Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
[yann.morin.1998@free.fr: drop the legacy handling]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-02-20 17:16:05 +01:00
Romain Naour
f826a944ae package/rust: disable ninja
Ninja has recently be enabled as the default build system to build
llvm fork for rust compiler [1]. But we can still use Make if
"ninja = false" is provided in config.toml.

Ninja support can be enabled by a following patch.

[1] 30b7dac745

Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/1019386205

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Eric Le Bihan <eric.le.bihan.dev@free.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-02-20 17:02:51 +01:00
Bartosz Bilas
86fbba8b81 package/cegui: use plain assignemnt for first _CONF_OPTS
Commit 689b9c1a7c (package/cegui: disable xerces support) added
an unconditional assignment to _CONF_OPTS before all the conditional
ones, but used the append-assignment instead of the traditional plain
assignment.

Fix that by removing the append-assignment.

Use that opportunity to also move the first item of this multi-line
assignment, to its own line.

Signed-off-by: Bartosz Bilas <b.bilas@grinn-global.com>
[yann.morin.1998@free.fr:
  - reference the exact commit that introduce the issue
  - also move the first item to its own line
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-02-19 22:46:29 +01:00
Peter Korsgaard
82abd78a01 package/python-django: security bump to version 3.0.13
Fixes the following security issue:

- CVE-2021-23336: Web cache poisoning via django.utils.http.limited_parse_qsl()

  Django contains a copy of urllib.parse.parse_qsl() which was added to
  backport some security fixes.  A further security fix has been issued
  recently such that parse_qsl() no longer allows using ; as a query
  parameter separator by default.  Django now includes this fix.  See
  bpo-42967 for further details.

For more details, see the advisory:
https://www.djangoproject.com/weblog/2021/feb/19/security-releases/

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-02-19 22:36:22 +01:00
Fabrice Fontaine
d71de4143d package/botan: fix build with -latomic
Static build with toolchains needing -latomic (e.g sparc) is broken
since version 2.17.0 and
88af81b889

Fixes:
 - http://autobuild.buildroot.org/results/5c03ee53a34a3cdb409cffcda76e5cc2c723778b

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-02-19 22:33:45 +01:00
Fabrice Fontaine
452f9ca82f package/libselinux: fix build with musl 1.2.2
Fixes:
 - http://autobuild.buildroot.org/results/34b010e76d65cf1d79ef53207cbc00a86674e17a

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-02-19 22:31:15 +01:00
John Keeping
a6aeee74d3 package/libusb: apply upstream patch to fix descriptor parsing
v1.0.24 of libusb has a bug in the Linux backend where it fails to
enumerate any device with more than one configuration.  Backport the
upstream patch which fixes this as otherwise libusb based applications
are unable to communicate with any devices advertising more than one
configuration.

Signed-off-by: John Keeping <john@metanate.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-02-19 22:25:43 +01:00
Peter Korsgaard
d8447af9d8 docs/website: update for 2020.02.11
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-17 21:04:31 +01:00
Peter Korsgaard
947e9219bc Update for 2020.02.11
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 08e03785d3)
[Peter: drop Makefile changes]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-17 21:00:07 +01:00
Peter Korsgaard
b284c1a4f3 docs/website: update for 2020.11.3
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-17 19:44:35 +01:00
Peter Korsgaard
ecbfbabcf7 Update for 2020.11.3
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 610e67b1fc)
[Peter: drop Makefile changes]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-17 19:43:17 +01:00
Peter Korsgaard
21eb777551 Update for 2021.02-rc2
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-17 17:50:51 +01:00
Fabrice Fontaine
91b39d039e package/perl-extutils-pkgconfig: set PATH to BR_PATH
Set PATH to BR_PATH to allow perl-extutils-pkgconfig to find pkg-config
binary

Fixes:
 - http://autobuild.buildroot.org/results/d87787fbf2a8cb9bbaa3b59d1e8004ad1459536a

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-17 17:25:26 +01:00
Peter Korsgaard
4745a484a6 package/libopenssl: security bump to version 1.1.1j
Fixes the following security issues:

- CVE-2021-23841: Null pointer deref in X509_issuer_and_serial_hash()

  The OpenSSL public API function X509_issuer_and_serial_hash() attempts to
  create a unique hash value based on the issuer and serial number data
  contained within an X509 certificate.  However it fails to correctly
  handle any errors that may occur while parsing the issuer field (which
  might occur if the issuer field is maliciously constructed).  This may
  subsequently result in a NULL pointer deref and a crash leading to a
  potential denial of service attack.

  The function X509_issuer_and_serial_hash() is never directly called by
  OpenSSL itself so applications are only vulnerable if they use this
  function directly and they use it on certificates that may have been
  obtained from untrusted sources.

- CVE-2021-23839: Incorrect SSLv2 rollback protection

  OpenSSL 1.0.2 supports SSLv2.  If a client attempts to negotiate SSLv2
  with a server that is configured to support both SSLv2 and more recent SSL
  and TLS versions then a check is made for a version rollback attack when
  unpadding an RSA signature.  Clients that support SSL or TLS versions
  greater than SSLv2 are supposed to use a special form of padding.  A
  server that supports greater than SSLv2 is supposed to reject connection
  attempts from a client where this special form of padding is present,
  because this indicates that a version rollback has occurred (i.e.  both
  client and server support greater than SSLv2, and yet this is the version
  that is being requested).

  The implementation of this padding check inverted the logic so that the
  connection attempt is accepted if the padding is present, and rejected if
  it is absent.  This means that such as server will accept a connection if
  a version rollback attack has occurred.  Further the server will
  erroneously reject a connection if a normal SSLv2 connection attempt is
  made.

  OpenSSL 1.1.1 does not have SSLv2 support and therefore is not vulnerable
  to this issue.  The underlying error is in the implementation of the
  RSA_padding_check_SSLv23() function.  This also affects the
  RSA_SSLV23_PADDING padding mode used by various other functions.  Although
  1.1.1 does not support SSLv2 the RSA_padding_check_SSLv23() function still
  exists, as does the RSA_SSLV23_PADDING padding mode.  Applications that
  directly call that function or use that padding mode will encounter this
  issue.  However since there is no support for the SSLv2 protocol in 1.1.1
  this is considered a bug and not a security issue in that version.

- CVE-2021-23840: Integer overflow in CipherUpdate

  Calls to EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may
  overflow the output length argument in some cases where the input length
  is close to the maximum permissable length for an integer on the platform.
  In such cases the return value from the function call will be 1
  (indicating success), but the output length value will be negative.  This
  could cause applications to behave incorrectly or crash.

For more details, see the advisory:
https://www.openssl.org/news/secadv/20210216.txt

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-17 08:17:44 +01:00
Heiko Thiery
5b844d50d8 support/scripts/pkg-stats: add ignored_cves to json output
Add the list of <pkg>_IGNORE_CVES to the json output to show that we have a
known cause (available patch or the CVE is not valid for our package
configuration) that a affected CVE is not reported.

Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-02-16 23:15:06 +01:00
Thomas De Schampheleire
8efa82a41d package/openblas: fix detection of gfortran compiler
The compiler detection since openblas 0.3.8 added support for gcc 10, but
this broke detection of compilers created with crosstool-ng, or other
toolchains that have a package version containing a version like x.y.z where
at least one of x, y or z have more than one digit, for example
"Crosstool-NG 1.24.0".

See the reported issue for more details [1].

Backport the upstream patch that fixes it.

[1] https://github.com/xianyi/OpenBLAS/issues/3099

Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-02-16 23:10:57 +01:00
Thomas De Schampheleire
6f29cdeee4 package/openblas: allow disabling multithreading
Buildroot would automatically enable multithreading in OpenBLAS if the
architecture supports it. However, one may want to avoid OpenBLAS creating
threads itself and configure single-threaded operation. To accommodate this
use case, add a config option for multithreading.

When multithreading is disabled but OpenBLAS functions are called in the
same application by multiple threads, then locking is mandatory. The
USE_LOCKING flag was added in version 0.3.7 with following release note:

    a new option USE_LOCKING was added to ensure thread safety when OpenBLAS
    itself is built without multithreading but will be called from multiple
    threads.

However, if one knows that OpenBLAS will only be called from single-threaded
applications, then passing USE_LOCKING is not necessary, so make it a config
option too.

When multithreading is enabled, locking is implicitly enabled inside
openblas, so only provide the locking option when multithreading is
disabled.

Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-02-16 23:10:57 +01:00
Fabrice Fontaine
7d73bc5216 package/flashrom: fix build on riscv
Retrieve an upstream patch to fix build with riscv as it fails to
retrieve architecture due to "Use sigaction with SA_RESTART instead"
being caught before riscv:

exec: export LC_ALL=C ; { /home/fabrice/buildroot/output/host/bin/riscv32-linux-gcc -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -E archtest.c 2>/dev/null | grep -v ^# | grep ' | cut -f 2 -d' ; }
Use sigaction with SA_RESTART instead
riscv

Fixes:
 - http://autobuild.buildroot.org/results/61ac6c9bfcd3bd9306aa49faf47b9f16e5abe846

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-02-16 23:02:37 +01:00
Fabrice Fontaine
7ecf22a2fe package/gdk-pixbuf: fix static build
Fix static build failure which is raised since the switch to
meson-package in commit a7b51ed301

Fixes:
 - http://autobuild.buildroot.org/results/6cd54c497f5d19342ec94ece713547b887e4c02d

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[Arnout: add link to upstream MR]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-02-16 23:01:10 +01:00
Peter Korsgaard
824473576e package/wpewebkit: bump version to 2.30.5
Bugfix release, fixing a number of issues:

- Fix RunLoop objects leaked in worker threads.
- Fix JavaScriptCore AArch64 LLInt build with JIT disabled.
- Use Internet Explorer quirk for Google Docs.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Acked-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-16 21:51:28 +01:00
Peter Korsgaard
157dc4e3cf package/webkitgtk: security bump to version 2.30.5
Fixes the following security issue:

- CVE-2020-13558: Processing maliciously crafted web content may lead to
  arbitrary code execution.  Description: A use after free issue in the
  AudioSourceProviderGStreamer class was addressed with improved memory
  management

For more details, see the advisory:
https://webkitgtk.org/security/WSA-2021-0001.html

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Acked-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-16 21:51:20 +01:00
Fabrice Fontaine
d9813df50a package/perl-gd: provide gd options
Now that gdlib-config is gone, provide the GD options otherwise perl-gd
will assume that everything is available:

$features = 'GD_GIF GD_GIFANIM GD_OPENPOLYGON GD_ZLIB GD_PNG GD_FREETYPE GD_FONTCONFIG GD_JPEG GD_XPM GD_TIFF GD_WEBP';

Also, while at it, also make some of the dependencies as optional as
suggested by François Perrad

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Tested-by: Francois Perrad <francois.perrad@gadz.org> (with
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-02-16 21:46:28 +01:00
Fabrice Fontaine
d172644274 package/perl-gd: needs perl-extutils-pkgconfig
Commit 3a291be2e8 forgot to add
perl-extutils-pkgconfig dependency

Fixes:
 - http://autobuild.buildroot.org/results/e590f1990180eae21512b23b884755e105a4c588

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Acked-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-02-16 21:36:05 +01:00
Fabrice Fontaine
d48e5e82ac package/perl-extutils-pkgconfig: new package
host-perl-extutils-pkgconfig is needed by perl-gd to find gd in version
2.3.0

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Acked-by: Francois Perrad <francois.perrad@gadz.org>
[Arnout:
 - remove Config.in - it's host-only
 - add DEVELOPERS entry
 - use HOST_PERL_EXTUTILS_PKGCONFIG_DEPENDENCIES]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-02-16 21:30:15 +01:00
Peter Korsgaard
1efb7b9618 package/tzdate: use classic 'fat' format for uClibc/glibc compatibility
Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/1019385940

FAIL: test_run (tests.core.test_timezone.TestGlibcNonDefaultLimitedTimezone)
----------------------------------------------------------------------
Traceback (most recent call last):
  File "/builds/buildroot.org/buildroot/support/testing/tests/core/test_timezone.py", line 66, in test_run
    self.assertEqual(tz[0].strip(), "EST")
AssertionError: '' != 'EST'

Commit 7868289fd5 (package/zic: bump version to 2020f) bumped the zic
version to 2020f, which changed the default output format from the classic
"fat" format to the new "slim" format:

6ba6f2117b

The slim format is unfortunately not supported by glibc < 2.28 or uClibc, so
explicitly request the classic "fat" format.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-02-16 21:23:38 +01:00
Thomas De Schampheleire
10ad952ea9 package/uboot-tools: depend on u-boot when selected
Currently, the envimage creation logic only depends on u-boot when the
user does not specify a custom envimage source via
BR2_PACKAGE_HOST_UBOOT_TOOLS_ENVIMAGE_SOURCE. This assumes that the
user-provided envimage source is not coming from the u-boot source
tree.

But especially given the fact that the envimage creation logic used to
be part of the u-boot package, this is a realistic scenario: users may
have provided a value of BR2_PACKAGE_HOST_UBOOT_TOOLS_ENVIMAGE_SOURCE
based on $(UBOOT_DIR), e.g.:

    $(UBOOT_DIR)/board/foo-vendor/bar-board/env.txt

Therefore, always add the u-boot dependency if u-boot is selected, for
either case of custom or default envimage source.

Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
[Thomas: re-organize code a bit.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-02-16 21:21:43 +01:00
Arnout Vandecappelle (Essensium/Mind)
bcef4a03e7 support/scripts/cpedb.py: remove import pickle
pickle is no longer used since 09a71e6a75

Fixes:
support/scripts/cpedb.py:7:1: F401 'pickle' imported but unused

Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-02-16 21:16:55 +01:00
Fabrice Fontaine
e52e145d91 package/gstreamer1/gst1-python: needs gst1-plugins-base
gst1-plugins-base is a mandatory dependency since at least version
1.9.90 and
16f971226d

Fixes:
 - http://autobuild.buildroot.org/results/48b22c66c3a610d70931b9adfd6e5082bb3ff3d1

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-16 21:15:19 +01:00
Fabrice Fontaine
d4da2e2083 package/lcms2: disable tiff
tiff is only used by tificc sample and upstream rejected the patch to
fix the static build failure because "adding pkg-config dependency for a
sample is an overkill": https://github.com/mm2/Little-CMS/pull/244

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-02-16 21:05:13 +01:00
Fabrice Fontaine
86dcd3ed03 Revert "package/lcms2: fix static building with tiff"
This reverts commit 7e4f054d23.

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-02-16 21:05:10 +01:00
Thomas De Schampheleire
45a6cdaf58 package/collectd: add 'synproxy' option
The synproxy plugin exists since 5.8.0 and is enabled by default in
collectd.

Add an option in Buildroot, disabled by default.

Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-16 21:01:28 +01:00
Thomas De Schampheleire
bee2f45ee0 package/collectd: add 'logparser' option
The logparser plugin is new since 5.11.0 and enabled by default in
collectd.

Add an option in Buildroot, disabled by default.

Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-16 21:01:16 +01:00
Thomas De Schampheleire
933de25dc0 package/collectd: add 'mdevents' option
The mdevents plugin is new since 5.12.0 and enabled by default in
collectd.

Add an option in Buildroot, disabled by default.

Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-16 21:01:02 +01:00
Thomas De Schampheleire
bbd676801e package/collectd: add 'infiniband' option
The infiniband plugin is new since 5.12.0 and enabled by default in
collectd.

Add an option in Buildroot, disabled by default.

Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-16 21:00:51 +01:00
Fabrice Fontaine
31c430cf5b package/orc: fix powerpc build with headers < 4.11
Autobuilder failures are raised with bootlin toolchains but it affects
orc since version 0.4.30

Fixes:
 - http://autobuild.buildroot.org/results/0821e96cba3e455edd47b87485501d892fc7ac6a

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-16 20:48:44 +01:00
Thomas De Schampheleire
938c085109 package/ebtables: install symlink to ebtables-legacy
Since the upgrade of ebtables from 2.0.10-4 to 2.0.11, there no longer is an
'ebtables' binary. It has been renamed to 'ebtables-legacy' and moved from
'/sbin' to '/usr/sbin'. This change is part of the upstream change to
integrate the functionality of ebtables (and arptables) in the iptables
package, using the nf_tables kernel backend [1].

Unfortunately, the renaming (and move) of the original 'ebtables' binary
breaks existing scripts that are calling 'ebtables' or '/sbin/ebtables'.
Therefore, add a symlink from the original path to 'ebtables-legacy'.

However, do not provide this symlink if BR2_PACKAGE_IPTABLES_NFTABLES is
enabled. In this case, the iptables package will build the new equivalent
of ebtables -- a symlink to ebtables-legacy would cause conflicts.

[1] https://wiki.nftables.org/wiki-nftables/index.php/Legacy_xtables_tools

Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Acked-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-16 20:47:26 +01:00
Thomas De Schampheleire
b74c9cf21a package/tcpdump: remove duplicated binary
Since tcpdump 4.99.0, the 'tcpdump' binary is no longer installed in
/usr/sbin but in /usr/bin. This change invalidates the Buildroot hook
'TCPDUMP_REMOVE_DUPLICATED_BINARY', causing a fairly large rootfs size
increase as a result.

Update the path inside this hook.

Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-16 20:43:53 +01:00
Fabrice Fontaine
3d632c941f package/mongoose: add MONGOOSE_CPE_ID_VENDOR
cpe:2.3🅰️cesanta:mongoose is a valid CPE identifier for this package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Acesanta%3Amongoose

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-16 20:41:21 +01:00
Fabrice Fontaine
baef15dffa package/mongoose: security bump to version 7.1
- Fix CVE-2021-26528: The mg_http_serve_file function in Cesanta
  Mongoose HTTP server 7.0 is vulnerable to remote OOB write attack via
  connection request after exhausting memory pool.
- Fix CVE-2021-26529: The mg_tls_init function in Cesanta Mongoose HTTPS
  server 7.0 and 6.7-6.18 (compiled with mbedTLS support) is vulnerable
  to remote OOB write attack via connection request after exhausting
  memory pool.
- Fix CVE-2021-26530: The mg_tls_init function in Cesanta Mongoose HTTPS
  server 7.0 (compiled with OpenSSL support) is vulnerable to remote OOB
  write attack via connection request after exhausting memory pool.

https://github.com/cesanta/mongoose/releases/tag/7.1

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-16 20:41:18 +01:00
Fabrice Fontaine
e2707dd43e package/mongoose: fix activation of openssl/mbedtls
MG_ENABLE_SSL and MG_SSL_IF have been dropped since version 7.0 and
f2fba1d200

So use the new MG_ENABLE_OPENSSL and MG_ENABLE_MBEDTLS variables

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-16 20:32:51 +01:00
Thomas Petazzoni
be7be1a086 DEVELOPERS: drop Rahul Jain, user no longer exists
<rahul.jain@imgtec.com>: host mxa-00376f01.gslb.pphosted.com[185.132.180.163]
    said: 550 5.1.1 User Unknown (in reply to RCPT TO command)

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-02-16 09:44:16 +01:00
Thomas Petazzoni
e79c34a521 DEVELOPERS: drop Guillaume Gardet, domain no longer exists
The oliseo.fr domain no longer responds to SMTP requests:

smtplib.SMTPRecipientsRefused: {'Guillaume Gardet <guillaume.gardet@oliseo.fr>': (550, b'5.1.2 <guillaume.gardet@oliseo.fr>: Recipient address rejected: Domain not found')}

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-02-16 09:30:21 +01:00
Jörg Krause
f45925a951 package/fakeroot: add upstream patches to fix glibc 2.33 compatibility
Glibc 2.33 removed `_STAT_VER`. On host machines, which updated to glibc
2.33, building host-fakeroot breaks:

```
In file included from communicate.h:20,
                 from libfakeroot.c:60:
libfakeroot.c: In function ‘chown’:
libfakeroot.c:99:40: error: ‘_STAT_VER’ undeclared (first use in this function)
   99 | #define INT_NEXT_STAT(a,b) NEXT_STAT64(_STAT_VER,a,b)
```

The issue has been discussed on some package maintainer threads, e.g.:
https://bugs.archlinux.org/task/69572
https://bugzilla.redhat.com/show_bug.cgi?id=1889862#c13

A patch series was prepared by Ilya Lipnitskiy which included two other
patches not related to the glibc 2.33 compatibility issue and submitted as
merge request for upstream:
https://www.mail-archive.com/openwrt-devel@lists.openwrt.org/msg57280.html

Upstream accepted the merge request:
https://salsa.debian.org/clint/fakeroot/-/merge_requests/10

Note, that this patch series only contains the necessay patches for glibc
2.33 compatibility.

Tested on my Arch Linux machine, building a UBIFS/OverlayFS-based root
filesystem for an i.MX6ULL target board.

Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Tested-by: Bartosz Bilas <b.bilas@grinn-global.com>
[Peter: drop patch numbering (PATCH x/y) as pointed out by check-package]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-15 23:08:05 +01:00
Fabrice Fontaine
f9596e50ec package/libgpg-error: fix build without threads
Fix build without threads of libgpg-error in version >= 1.40

Fixes:
 - http://autobuild.buildroot.org/results/3344c96e5627a9327b0eabe0b27f34490bbabc0d

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-15 23:04:35 +01:00