Commit Graph

43141 Commits

Author SHA1 Message Date
Thomas Petazzoni
4c9c70453c libsemanage: define installation location of semanage.conf for host
When /etc/selinux/semanage.conf does not exist, libsemanage tries to
overwrite it. For the target package, it works fine because $(DESTDIR)
is taken into account.

However, for the host package, $(DESTDIR) is empty, and the location
used for /etc/selinux/semanage.conf is not affected by $(PREFIX). This
causes host-libsemanage to try to install /etc/selinux/semanage.conf,
which obviously fails with:

  test -f /etc/selinux/semanage.conf || install -m 644 -D semanage.conf /etc/selinux/semanage.conf
  install: cannot create directory '/etc/selinux': Permission denied

To fix this, this commit passes DEFAULT_SEMANAGE_CONF_LOCATION in the
make options when building/installing host-libsemanage, providing a
path to semanage.conf that Buildroot can write to.

Fixes:

  http://autobuild.buildroot.net/results/cd27e3c66274622d0c3dd5a601a36efb1bc45011/

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Tested-by: Matt Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-11-13 21:22:12 +01:00
Thomas Petazzoni
7b1238055c package/x11r7/xlib_libfontenc: add missing dependency on host-pkgconf
The xlib_libfontenc configure.ac uses PKG_CHECK_MODULES(), but the
Buildroot package does not have a dependency on host-pkgconf. This
causes a build failure with per-package host/target folders, or if one
builds just with "make xlib_libfontenc", which is why it was never
detected by the autobuilders.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-11-13 19:51:35 +01:00
Peter Korsgaard
6a74acb6fb elfutils: security bump to version 0.174
Fixes the following security issues:

CVE-2018-16062: dwarf_getaranges in dwarf_getaranges.c in libdw in elfutils
before 2018-08-18 allows remote attackers to cause a denial of service
(heap-based buffer over-read) via a crafted file.

CVE-2018-16402: libelf/elf_end.c in elfutils 0.173 allows remote attackers
to cause a denial of service (double free and application crash) or possibly
have unspecified other impact because it tries to decompress twice.

CVE-2018-16403: libdw in elfutils 0.173 checks the end of the attributes
list incorrectly in dwarf_getabbrev in dwarf_getabbrev.c and dwarf_hasattr
in dwarf_hasattr.c, leading to a heap-based buffer over-read and an
application crash.

For more details, see the announcement:
https://sourceware.org/ml/elfutils-devel/2018-q3/msg00116.html

0.172 and 0.173 also included fixes for crashes and hangs found by afl-fuzz
(no CVEs assigned):
https://sourceware.org/ml/elfutils-devel/2018-q2/msg00272.html
https://sourceware.org/ml/elfutils-devel/2018-q2/msg00209.html

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-11-13 09:16:58 +01:00
Peter Korsgaard
1c32e4c298 libnss: security bump to version 3.39
Fixes the following security issue:

CVE-2018-12384: NSS responded to an SSLv2-compatible ClientHello with a
ServerHello that had an all-zero random.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-11-13 09:16:28 +01:00
Baruch Siach
56825a6518 libnspr: fix nios2 and microblaze support patches
Commit c9e3d5b6c5 (libnspr: bump to version 4.20) did not refresh the
hunks touching the _linux.cfg file. As a result, these hunk were applied
to the wrong (x86 specific) place in that file, rendering them
ineffective. Refresh the patches to fix that.

Fixes:
http://autobuild.buildroot.net/results/2d1/2d1288e98a6459d84c2599c99b5617a2fde81f62/

Cc: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-11-13 09:16:13 +01:00
Yann E. MORIN
409d4c3fe9 fs: don't use an intermediate tarball
Since 118534fe54 (fs: use a common tarball as base for the other
filesystems), the filesystem creation is split in two steps, using an
intermediate tarball to carry the generic, common finalisations to the
per-filesystem finalisation and image creation.

However, this intermediate tarball causes an issue with capabilities:
they are entirely missing in the generated filesystems.

Capabilities are stored in the extended attribute security.capability,
which tar by default will not store/restore, unless explicitly told to,
e.g. with --xattrs-include='*', which we don't pass.

Now, passing this option when creating and extracting the intermediate
tarball, both done under fakeroot, will cause fakeroot to report an
invalid filetype for files with capabilities. mksquashfs would report
such unknown files as a warning, while mkfs.ext2 would fail (with a
similar error message), e.g.:

    File [...]/usr/sbin/getcap has unrecognised filetype 0, ignoring

This is due to a poor interaction between tar and fakeroot; running as
root the exact same commands we run under fakeroot, works as expected.
Unfortunately, short of fixing fakeroot (which would first require
understanding the problem in there), we don't have much options.

The intermediate tarball was made to avoid redoing the same actions over
and over again for each filesystem to build. However, most of the time,
only one or two such filesystems would be enabled [0], and those actions
are usually pretty lightweight. So, using an intermediate tarball does
not provide a big optimisation.

The main reason to introduce the intermediate tarball, however, is that
it allows to postpone per-filesystem finalisations to be applied only
for the corresponding filesystem, not for all of them.

So, we get rid of the intermediate tarball, and simply move all of the
code to run under fakeroot to the per-filesystem fakeroot script.
Instead of extracting the intermediate tarball, we just rsync the
original target/ directory, and apply the filesystem finalisations on
that copy. The only thing still done in the rootfs-common step is to
generate the intermediate files (users file, devices file) that are used
in the fakeroot script.

Fixes: https://bugs.busybox.net/show_bug.cgi?id=11216

Note: an alternate solution would have been to keep the intermediate
tarball to keep most of the common finalisations, and move only the
permissions to each filesystem, but that was getting a bit more complex
and changed the ordering of permissions and post-fakeroot scripts. Once
we bite the bullet of having some common finalisation done in each
filesystem, it's easier to just move all of them.

[0] Most probsably, users would enable the real filesystem to put on
their device, plus the 'tar' filesystem, to be able to easily inspect
the content on their development machine.

Reported-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Cc: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2018-11-13 00:47:36 +01:00
Peter Seiderer
6ec7fecb0b gstreamer1: fix riscv64 compile
Add upstream patch [1]:

  gstconfig.h.in: initial RISC-V support

Fixes [2]:

  ../gst/gstconfig.h:112:4: error: #error "Could not detect architecture; don't know whether it supports unaligned access! Please file a bug."

[1] 8a156d1725
[2] http://autobuild.buildroot.net/results/07efafadff75ae2fb1d2b8d420be72345906af6c

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-11-13 00:08:27 +01:00
Fabrice Fontaine
c9e3d5b6c5 libnspr: bump to version 4.20
Support for riscv was added in this version

Fixes:
 - http://autobuild.buildroot.org/results/a98db13ea105d627f2a4770969b31550926c2791

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-11-12 23:54:58 +01:00
Peter Korsgaard
cd0ca09e43 {linux, linux-headers}: bump 4.{4, 9, 14, 18}.x series
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-11-11 22:11:04 +01:00
Fabrice Fontaine
236a7d5d78 supertuxkart: fix build on bdver3
Retrieve upstream patch to fix build failure in
lib/graphics_utils/mipmap/cpusimd.h due to direct inclusion of
intrinsics headers:
https://github.com/supertuxkart/stk-code/issues/3091

Fixes:
 - http://autobuild.buildroot.org/results/52bd5c45b0d04a863a2530d388899b3e46494ee9

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-11-11 22:09:02 +01:00
Fabrice Fontaine
e86af4c396 libkrb5: fix build on riscv
Define _REENTRANT otherwise pthread detection will fail

Fixes:
 - http://autobuild.buildroot.org/results/39a51d0c3feab74edd8a17c9174d031ccc7ffe1d

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-11-11 22:08:25 +01:00
Fabrice Fontaine
2e57e835bf libmicrohttpd: fix build on riscv
Define _REENTRANT like already done for ARC otherwise pthread detection
will fail

Fixes:
 - https://autobuild.buildroot.org/results/910dc7164312637bf4dcd89e4cb476ae198466c8

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-11-11 21:59:00 +01:00
Alexander Sverdlin
e9b70f96e8 package/systemd: explicitly configure split-usr=false and split-bin=true
meson-based build of systemd runs a couple of checks on the structure
of the *host* system which will incorrectly configure systemd if build
host configuration doesn't match Buildroot target.

One can also find the following in the NEWS file:

* A new -Dsplit-bin= build configuration switch may be used to specify
  whether bin and sbin directories are merged, or if they should be
  included separately in $PATH and various listings of executable
  directories. The build configuration scripts will try to autodetect
  the proper values of -Dsplit-usr= and -Dsplit-bin= based on build
  system, but distributions are encouraged to configure this
  explicitly.

Signed-off-by: Alexander Sverdlin <alexander.sverdlin@gmail.com>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-11-11 21:55:10 +01:00
Fabrice Fontaine
fecf82a166 wireshark: fix static build
Don't give a path in --with-pcap option otherwise PCAP_CONFIG won't be
used (see AC_WIRESHARK_PCAP_CHECK in acinclude.m4) to retrieve pcap
static dependencies such as -lnl-3 and as a result pcap detection will
fail

Fixes:
 - http://autobuild.buildroot.org/results/084354a33825cf4e723e0a9f1e9656ad2a212a15

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-11-11 21:26:23 +01:00
Fabrice Fontaine
243118288f ncmpc: disable documentation
Fixes:
 - http://autobuild.buildroot.org/results/4822b195628b3ce0d3fd6428bcba2cca158e92be

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-11-11 21:25:13 +01:00
Fabrice Fontaine
e311d8387d trace-cmd: fix site
Replace $(BR2_KERNEL_MIRROR) by https://git.kernel.org/pub, which
fixes the download of this package:

>>> trace-cmd trace-cmd-v2.6.1 Downloading
Initialized empty Git repository in /home/thomas/dl/trace-cmd/git/.git/
Fetching all references
fatal: repository 'https://cdn.kernel.org/pub/scm/linux/kernel/git/rostedt/trace-cmd.git/' not found
Detected a corrupted git cache.
Removing it and starting afresh.
Initialized empty Git repository in /home/thomas/dl/trace-cmd/git/.git/
Fetching all references
fatal: repository 'https://cdn.kernel.org/pub/scm/linux/kernel/git/rostedt/trace-cmd.git/' not found
Detected a corrupted git cache.
This is the second time in a row; bailing out
--2018-11-11 21:08:00--  http://sources.buildroot.net/trace-cmd/trace-cmd-trace-cmd-v2.6.1.tar.gz
Resolving sources.buildroot.net (sources.buildroot.net)... 104.25.210.19, 104.25.211.19, 2606:4700:20::6819:d313, ...
Connecting to sources.buildroot.net (sources.buildroot.net)|104.25.210.19|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 1859835 (1.8M) [application/x-gtar-compressed]

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-11-11 21:13:37 +01:00
Fabrice Fontaine
ce735b0c59 qemu: disable opengl
Since version 0.15.0, qemu has an optional dependency to opengl:
20ff075bb3

Since version 2.4, libepoxy is also needed to enable opengl:
dcf30025c3

As a result if libepoxy is built before qemu, opengl support will be
detected (see config.log):
OpenGL support    yes
OpenGL dmabufs    yes

This will raise the failures in milkymist-tmu2:
hw/display/milkymist-tmu2.c:35:22: fatal error: X11/Xlib.h: No such file or directory

or in sdl2:
  CC      /home/peko/autobuild/instance-0/output/targetui/sdl2-2d.o
In file included from /home/peko/autobuild/instance-0/output/build/qemu-2.12.1/include/ui/egl-context.h:5:0,
                 from ui/egl-context.c:3:
/home/peko/autobuild/instance-0/output/build/qemu-2.12.1/include/ui/egl-helpers.h:45:55: error: unknown type name 'Window'; did you mean 'minor'?

or in translate-a64:
/accts/mlweber1/scripts/instance-3/output/build/qemu-2.12.1/target/arm/translate-a64.c: In function 'handle_shri_with_rndacc':
/accts/mlweber1/scripts/instance-3/output/build/qemu-2.12.1/target/arm/translate-a64.c:7000:28: warning: 'tcg_src_hi' may be used uninitialized in this function [-Wmaybe-uninitialized]
             tcg_gen_mov_i64(tcg_src, tcg_src_hi);
                            ^
../ui/gtk-egl.o: In function `gd_egl_init':
/accts/mlweber1/scripts/instance-3/output/build/qemu-2.12.1/ui/gtk-egl.c:52: undefined reference to `gdk_x11_window_get_xid'

So, for the time being, disable opengl as done in xen since commit
13c6754f3c.

Fixes:
 - http://autobuild.buildroot.org/results/656e45721c72197834462eb2bd8c762e520725a4
 - http://autobuild.buildroot.org/results/d4736a930144fc5e25b377bc1c0baf44fbf8718d
 - http://autobuild.buildroot.org/results/50e0d7d1b4f5c2b827b50bb82d8fbc066bf31118

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-11-11 21:02:14 +01:00
Fabrice Fontaine
6a5e9a7ac6 libiscsi: fix build failures due to warnings
Retrieve two upstream patches to fix build failures due to warnings

Fixes:
 - http://autobuild.buildroot.org/results/7ec1e1cc060bbdaaf758c0d55a053247b731e792

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-11-10 09:43:12 +01:00
Peter Korsgaard
956f05595f docs/website/news.html: update for 2018.11-rc1
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-11-10 00:12:52 +01:00
Peter Korsgaard
419fc6abca Update for 2018.11-rc1
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-11-09 22:56:48 +01:00
Peter Korsgaard
d8a216920f CHANGES: add additional resolved issues since 2018.08
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-11-09 22:48:50 +01:00
Peter Korsgaard
9ffcc4ffbd CHANGES: add recent changes
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-11-09 22:31:35 +01:00
Jörg Krause
8b80b609f9 package/libmpdclient: bump to version 2.16
Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-11-09 22:28:28 +01:00
Jörg Krause
0186da2923 package/mpd-mpc: bump to version 0.31
Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-11-09 22:28:11 +01:00
Jörg Krause
9eadab1bfa package/mpd: bump to version 0.20.23
Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-11-09 22:27:51 +01:00
Jörg Krause
55b5dfc1bf package/meson: bump to version 0.47.2
Note, that there is already a patch [1] to bump the version to 0.48.1.
However, the bump to version 0.48.x has some unresolved issues.

In the meantime, until the issue with 0.48 is resolved, bump to latest
version of the 0.47 branch.

[1] http://patchwork.ozlabs.org/patch/986260/

Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-11-09 22:24:37 +01:00
Peter Seiderer
3d0f3d1c1d valgrind: disable for mips64r6/mips64elr6
Fixes [1]:

  /tmp/ccBAUqbI.s: Assembler messages:
  /tmp/ccBAUqbI.s:622: Error: opcode not supported on this processor: mips64r6 (mips64r6) `movn $2,$4,$7'
  /tmp/ccBAUqbI.s:2607: Error: opcode not supported on this processor: mips64r6 (mips64r6) `movn $2,$4,$7'

[1] http://autobuild.buildroot.net/results/dc52088222e9fbedcebffc1c39be6d2fecfffe5d

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-11-09 22:21:54 +01:00
Bernd Kuhls
f434b9c4bc package/python-mwclient: bump version to 0.9.2
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-11-09 22:20:49 +01:00
Fabrice Fontaine
57cf454c61 libffi: bump to version 3.3-rc0
- Update site to github (for the time being, as 3.3-rc0 is a release
  candidate, it is not published on the official ftp)
- Update third patch
- Remove fourth and fifth patches (already in version)
- Remove uneeded hooks, as public headers are now installed in the
  standard path since
  982b89c01a
- New risc-v support:
  3840d49aaa

Fixes:
 - http://autobuild.buildroot.org/results/3edf66362ea5a83291f19373e4b6f2e5cce98d7b

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-11-09 22:16:09 +01:00
Bernd Kuhls
ca17e0c7a0 package/sconeserver: bump version
6b932d7d8d
adds support for OpenSSL 1.1

Added license hash.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-11-09 22:04:21 +01:00
Alexey Brodkin
311af5e8c2 toolchain/toolchain-buildroot: enable glibc for all little-endian ARCs with atomic ops
Initially we had a port only for ARCv2 cores but then with a simple
change ARCompact cores got supported as well.

So we generalize from BR2_archs to BR2_arcle as we haven't tried to
get glibc working on big-endian ARCs yet.

Also we never bothered to check avaialbility of atomic instructions in
the core but in case of Glibc for ARC this is really a must, so we add
this check here.

Note in case of uClibc we may have system w/o HW atomics but:

 1. Only single-core systems are allowed
 2. Atomic instructions are emulated via arc_usr_cmpxchg syscall

Signed-off-by: Alexey Brodkin <abrodkin@synopsys.com>
Cc: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-11-09 22:02:16 +01:00
Bartosz Golaszewski
87290b8084 libgpiod: bump version to v1.2
Release notes:
  https://git.kernel.org/pub/scm/libs/libgpiod/libgpiod.git/tree/NEWS?h=v1.2.x

Signed-off-by: Bartosz Golaszewski <brgl@bgdev.pl>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-11-09 21:58:46 +01:00
Peter Korsgaard
421517ea4e squid: security bump to version 4.4
Fixes SQUID-2018_4:

Due to incorrect input handling, Squid is vulnerable to a Cross-Site
Scripting vulnerability when generating HTTPS response messages about TLS
errors.

For more details, see the advisory:

http://www.squid-cache.org/Advisories/SQUID-2018_4.txt

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-11-09 15:57:42 +01:00
Jörg Krause
582fd7c094 package/libnfs: add patch to fix musl build issue
Add a patch to fix build issues with the musl C library.

This patch fixes an autobuild issue when linking the mpd package
against libnfs. The header file libnfs.h uses `struct timeval` which is
defined in `<sys/time.h>` for POSIX systems. Unfortunately, upstream
only includes it conditionally, based on the system. Therefore, we
remove the check in the first patch.

Reported upstream:
https://github.com/sahlberg/libnfs/issues/272

Fixes:
http://autobuild.buildroot.org/results/452/4522014698b9fe50720a71b663e47a75805bcf54
http://autobuild.buildroot.org/results/b0a/b0a0c20ad1705e9fa7ba4a12eb9c182e8077ab0c
http://autobuild.buildroot.org/results/53c/53c87361923cc177de7889523b3d16ba6b1d3d0f
.. and more.

Previous patch: Changes requested
http://patchwork.ozlabs.org/patch/973605/

Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-11-09 15:57:02 +01:00
Max Filippov
4debb2fbb7 package/gcc: fix xtensa uclinux code generation
xtensa-uclinux uses bFLT executable file format that cannot relocate
fields representing offsets from data to code. C++ objects built as PIC
use offsets to encode FDE structures. As a result C++ exception handling
doesn't work correctly on xtensa-uclinux. Don't use PIC by default on
xtensa-uclinux.

Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-11-09 15:51:07 +01:00
Nicolas Cavallari
99989d3b91 attr: Add a patch to fix an unconditional infinite recursion
The bump to 2.4.48 introduced a bug that, according to the author,
only happen in certain cases on glibc. But under uclibc-ng, it happens
every time.

The bug essentially cause any program calling any libattr.so function
to enter an infinite recursion, because of a symbol conflict between
uclibc-ng and libattr wrappers, that causes the libattr wrappers to
call themselves.

This infinite recursion does not consume the stack, so programs
basically behave like they enter an infinite loop.

It is easy to reproduce with qemu_arm_versatile_defconfig +
BR2_PACKAGE_ATTR: "getfattr ." never returns and takes 100% CPU.

Upstream fixed it, but the patch is not part of a release yet,
so take the patch.

Signed-off-by: Nicolas Cavallari <nicolas.cavallari@green-communications.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-11-09 14:08:02 +01:00
Peter Korsgaard
c2f5b3a3a8 nginx: security bump to 1.15.6
Fixes the following security issues:

CVE-2018-16843: Excessive memory usage in HTTP/2

CVE-2018-16844: Excessive CPU usage in HTTP/2

CVE-2018-16845: Memory disclosure in the ngx_http_mp4_module

Refreshed patch 0004 + 0007 as they no longer applied cleanly.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-11-09 14:05:48 +01:00
Peter Korsgaard
3a4c111b1f mosquitto: security bump to version 1.5.4
>From the announcement:

When using a TLS enabled websockets listener with require_certificate
enabled, the mosquitto broker does not correctly verify client certificates.
This is now fixed.  All other security measures operate as expected, and in
particular non-websockets listeners are not affected by this.

https://mosquitto.org/blog/2018/11/version-154-released/

Drop patch 0001, now applied upstream:
https://github.com/eclipse/mosquitto/pull/933

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-11-09 14:05:44 +01:00
Thomas Petazzoni
bff6b61adf support/testing/tests/fs/test_f2fs: fix flake8 warning
This commit fixes the following flake8 warnings:

support/testing/tests/fs/test_f2fs.py:6:1: E302 expected 2 blank lines, found 1
support/testing/tests/fs/test_f2fs.py:12:1: E302 expected 2 blank lines, found 1
support/testing/tests/fs/test_f2fs.py:38:23: E225 missing whitespace around operator

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-11-08 22:41:53 +01:00
Thomas Petazzoni
6e5a204dd8 .gitlab-ci.yml: update after addition of TestF2FS test case
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-11-08 22:41:53 +01:00
Fabrice Fontaine
393b205de1 twolame: fix static linking with libmagic
libmagic (from file package) already provides the buffer_init function
so to avoid a build failure for applications wanting to statically link
with twolame and libmagic (for example sox), rename buffer_init into
bitbuffer_init (also rename buffer_deinit into bitbuffer_deinit and
buffer_sstell into bitbuffer_sstell for consistency)

Fixes:
 - http://autobuild.buildroot.org/results/b3fc62e7f372fe595966e84091c11ccdb4cfa77c

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-11-08 22:20:51 +01:00
Bernd Kuhls
d383a73a8e package/php: bump version to 7.2.12
Changelog: http://www.php.net/ChangeLog-7.php#7.2.12

Rebased patch 0004 and updated license hash after white space removal:
902d39a3a7

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-11-08 22:18:07 +01:00
Bernd Kuhls
3c85e9044b package/samba4: bump version to 4.9.2
Release notes: https://www.samba.org/samba/history/samba-4.9.2.html

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-11-08 22:17:20 +01:00
Fabrice Fontaine
92c32d3890 wireshark: disable build of user guide
--disable-guides has been added since version 2.5.0:
aa04d2355e

Fixes:
 - http://autobuild.buildroot.org/results/5ae6d46573942713687f4e659b3eaf0b768ebc71

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-11-08 22:16:05 +01:00
Peter Seiderer
0c15a3e82e ell: new package
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
[Thomas: fix Config.in comment dependencies, add DEVELOPERS entry.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-11-08 21:39:57 +01:00
Grzegorz Blach
5244fd29a1 support/testing: add test for the f2fs filesystem support
Signed-off-by: Grzegorz Blach <grzegorz@blach.pl>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-11-08 21:17:51 +01:00
Grzegorz Blach
3946f74b00 fs/f2fs: simplify overprovision option handling
Setting overprovision to 0 and omitting this option has exactly
the same effect.

Signed-off-by: Grzegorz Blach <grzegorz@blach.pl>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-11-08 21:17:49 +01:00
Grzegorz Blach
25076c94c0 fs/f2fs: add option to define list of hot file extensions
Signed-off-by: Grzegorz Blach <grzegorz@blach.pl>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-11-08 21:07:40 +01:00
Grzegorz Blach
c3159a2d14 fs/f2fs: clarify help messages
For BR2_TARGET_ROOTFS_F2FS_COLD_FILES clarify that extension list must
be a coma separated.

For BR2_TARGET_ROOTFS_F2FS_OVERPROVISION clarify that the default
overprovision ratio is autocalculated according to the partition size.

Signed-off-by: Grzegorz Blach <grzegorz@blach.pl>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-11-08 21:06:27 +01:00
Asaf Kahlon
74804a6311 python-crossbar: bump to version 18.11.1
Adjust patch to fit the new version.

Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Reviewed-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-11-08 21:05:10 +01:00