Commit Graph

57811 Commits

Author SHA1 Message Date
Bernd Kuhls
d1a445621e package/tor: security bump version to 0.4.5.9
Release notes: https://blog.torproject.org/node/2041

Fixes CVE-2021-34548 (TROVE-2021-003), TROVE-2021-004, CVE-2021-34549
(TROVE-2021-005) & CVE-2021-34550 (TROVE-2021-006).

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-06-24 13:55:38 +02:00
Bernd Kuhls
f42a500e41 package/php: bump version to 7.4.20
Changelog: https://www.php.net/ChangeLog-7.php#7.4.20

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-06-24 09:27:53 +02:00
Bernd Kuhls
e9f13a76ee package/openvpn: bump version to 2.5.3
Release note:
https://forums.openvpn.net/viewtopic.php?f=20&t=32497

CVE-2021-3606 fixed by this release is only relevant for Windows.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-06-24 09:27:29 +02:00
Peter Korsgaard
6dd9e246a7 configs/stm32f469_disco: add host {dosfs, m}tools
Commit 04a0094f0e (configs/stm32f469_disco: fix kernel bootup) changed
the defconfig to build a vfat image, but forgot to add dosfstools/mtools
host utilities needed for this.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-06-23 09:13:27 +02:00
Titouan Christophe
d56fa94092 package/redis: security bump to v6.2.4
From the release notes:
================================================================================
Redis 6.2.4 Released Tue July 1 12:00:00 IST 2021
================================================================================

Upgrade urgency: SECURITY, Contains fixes to security issues that affect
authenticated client connections. MODERATE otherwise.
Fix integer overflow in STRALGO LCS (CVE-2021-32625)

Read the whole release note on:
https://github.com/redis/redis/blob/6.2.4/00-RELEASENOTES

Signed-off-by: Titouan Christophe <titouanchristophe@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-06-23 09:09:34 +02:00
Titouan Christophe
efa4f3d0b4 package/mosquitto: security bump to v2.0.11
Versions 2.0.11 and 1.6.15 of Mosquitto has been released.
These are a security and bugfix releases.

Read the full announcement on the blog:
https://mosquitto.org/blog/2021/06/version-2-0-11-released/

Signed-off-by: Titouan Christophe <titouanchristophe@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-06-23 09:05:25 +02:00
Bernd Kuhls
3950ab9bc7 package/clamav: bump version to 0.103.3
Release notes:
https://blog.clamav.net/2021/06/clamav-01033-patch-release.html

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-06-23 09:04:37 +02:00
Bernd Kuhls
1a55fedb48 package/dovecot-pigeonhole: security bump version to 0.5.15
Fixes CVE-2020-28200:
https://dovecot.org/pipermail/dovecot-news/2021-June/000460.html

Release notes:
https://dovecot.org/pipermail/dovecot-news/2021-June/000458.html

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-06-23 09:04:14 +02:00
Bernd Kuhls
c711012fa5 package/dovecot: security bump version to 2.3.15
Fixes several security bugs:

CVE-2021-29157
- https://dovecot.org/pipermail/dovecot-news/2021-June/000461.html

CVE-2021-33515
- https://dovecot.org/pipermail/dovecot-news/2021-June/000462.html

Release notes:
https://dovecot.org/pipermail/dovecot-news/2021-June/000457.html

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-06-23 09:04:02 +02:00
Fabrice Fontaine
7c69da6295 package/python-django: security bump to version 3.2.4
Django 3.2.4 fixes two security issues and several bugs in 3.2.3.
- CVE-2021-33203: Potential directory traversal via ``admindocs``
- CVE-2021-33571: Possible indeterminate SSRF, RFI, and LFI attacks
  since validators accepted leading zeros in IPv4 addresses

https://github.com/django/django/blob/3.2.4/docs/releases/3.2.4.txt

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-06-23 09:03:38 +02:00
Fabrice Fontaine
bcace42942 package/exiv2: security bump to version 0.27.4
Fix 12 security issues including CVE-2021-3482, CVE-2021-29457,
CVE-2021-29458, CVE-2021-29463, CVE-2021-29464, CVE-2021-29470,
CVE-2021-29473, CVE-2021-29623 and CVE-2021-32617

- Use official tarball
- Drop patch (already in version)
- Update indentation in hash file (two spaces)

https://github.com/Exiv2/exiv2/releases/tag/v0.27.4

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-06-23 08:59:09 +02:00
Fabrice Fontaine
5cf8520840 package/wireshark: security bump to version 3.4.6
Fix CVE-2021-22222: Infinite loop in DVB-S2-BB dissector in Wireshark
3.4.0 to 3.4.5 allows denial of service via packet injection or crafted
capture file

https://www.wireshark.org/security/wnpa-sec-2021-05.html

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-06-23 08:56:05 +02:00
Peter Korsgaard
b0f0b4c4bc package/libressl: fix openssldir setting to match openssl
libressl defaults to $prefix/etc/ssl for its "openssldir" setting, E.G.
the location where configuration files and certificates are searched:

openssl version -d
OPENSSLDIR: "/usr/etc/ssl"

Change it to /etc/ssl so it matches openssl and the expectations of packages
dealing with certificates (ca-certificates, libcurl, p11-kit)

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-06-23 08:53:37 +02:00
Alexander Mukhin
32ca386dab package/tinyproxy: bump to version 1.11.0
Also, since tinyproxy no longer uses a2x, remove its explicit disabling.

Signed-off-by: Alexander Mukhin <alexander.i.mukhin@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-06-23 08:51:14 +02:00
Romain Naour
eacf7a1d0b package/gcc: switch to gcc 10.x as the default
Even if gcc 9.x is still maintained for some time (gcc 9.5 will be the
last), switch to gcc 10.x since it has been released since 2020-05-07
and gcc 11.x is available since 2021-04-27.

We have been having toolchains in the autobuilders with gcc 10.x since
mid-January 2021, so the vast majority of the problems should have
already been solved.

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-06-20 19:03:22 +02:00
Romain Naour
cbaabbd42f toolchain/toolchain-external/toolchain-external-custom: add gcc 11 version selection
This patch allows to use an external toolchain based on gcc 11.

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-06-20 18:59:28 +02:00
Romain Naour
b28e598cec arch: add BR2_ARCH_NEEDS_GCC_AT_LEAST_11
This new symbol will be used by architectures introduced with gcc 11.

[1] https://gcc.gnu.org/gcc-11/changes.html

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-06-20 18:46:51 +02:00
Romain Naour
2ab88dac29 package/gcc: add support for gcc 11
Disable sparc architecture for gcc 11 due to an recent gcc change
that broke uClibc-ng. The change was reverted by the patch
0005-Revert-re-PR-target-92095-internal-error-with-O1-mcp.patch
for gcc 8.4, 9.3 and 10.1 but stop maintaining it for newer gcc
releases.

Rutime tested:
https://gitlab.com/kubu93/buildroot/-/pipelines/318043235

https://gcc.gnu.org/gcc-11/changes.html
https://gcc.gnu.org/gcc-11/porting_to.html

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-06-20 18:43:46 +02:00
Romain Naour
cc0630763d toolchain/Config.in: add BR2_TOOLCHAIN_GCC_AT_LEAST_11 blind option
In order to add gcc 11 support for internal and external toolchain in
follow-up commits, introduce BR2_TOOLCHAIN_GCC_AT_LEAST_11 symbol.

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-06-20 18:43:25 +02:00
Romain Naour
6e1106b4a9 board/qemu/sparc64-sun4u: avoid gcc-11 warning to build the kernel
gcc-11 warns about what appears to be an out-of-range array access but
stop the build due to -Werror added to cflags:

arch/sparc/kernel/mdesc.c: In function 'mdesc_node_by_name':
arch/sparc/kernel/mdesc.c:647:22: error: 'strcmp' reading 1 or more bytes from a region of size 0 [-Werror=stringop-overread]
  647 |                 if (!strcmp(names + ep[ret].name_offset, name))
      |                      ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
arch/sparc/kernel/mdesc.c:77:33: note: at offset 16 into source object 'mdesc' of size 16
   77 |         struct mdesc_hdr        mdesc;
      |                                 ^~~~~
arch/sparc/kernel/mdesc.c: In function 'mdesc_get_property':
arch/sparc/kernel/mdesc.c:692:22: error: 'strcmp' reading 1 or more bytes from a region of size 0 [-Werror=stringop-overread]
  692 |                 if (!strcmp(names + ep->name_offset, name)) {
      |                      ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
arch/sparc/kernel/mdesc.c:77:33: note: at offset 16 into source object 'mdesc' of size 16
   77 |         struct mdesc_hdr        mdesc;
      |                                 ^~~~~
arch/sparc/kernel/mdesc.c: In function 'mdesc_next_arc':
arch/sparc/kernel/mdesc.c:719:21: error: 'strcmp' reading 1 or more bytes from a region of size 0 [-Werror=stringop-overread]
  719 |                 if (strcmp(names + ep->name_offset, arc_type))
      |                     ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
arch/sparc/kernel/mdesc.c:77:33: note: at offset 16 into source object 'mdesc' of size 16
   77 |         struct mdesc_hdr        mdesc;
      |                                 ^~~~~
cc1: all warnings being treated as errors

The issue was initially reported to gcc [1] where it was analized.
As suggested, change the struct mdesc_elem * accesses from the end
of mdesc to those from the beginning of the data array.

Update the prototype of node_block(), name_block() and data_block()
since the code really seems to want to do is to compute the address
somewhere into the chunk pointed to by hp.

[1] https://gcc.gnu.org/bugzilla/show_bug.cgi?id=100262

Upstream status: Pending
https://www.spinics.net/lists/sparclinux/msg26385.html

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-06-20 18:40:05 +02:00
Adrian Perez de Castro
75ad88b506 wpebackend-fdo: bump to version 1.10.0
This version change does not include functional changes over 1.9.92, but
it is slated as stable (hence the even second version number). Release
notes:

  https://wpewebkit.org/release/wpebackend-fdo-1.10.0.html

Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-06-20 18:38:43 +02:00
Adrian Perez de Castro
37eaf1d014 libwpe: bump to version 1.10.1
This minor release fixes a build issue when Meson is running under
a version of Python older than 3.6; release notes:

  https://wpewebkit.org/release/libwpe-1.10.1.html

Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-06-20 18:38:21 +02:00
Fabrice Fontaine
13c30bc923 package/libsoup: always disable tls_check
Always disable tls_check to avoid the following build failure since bump to
version 2.72.0 in commit 8e5f7f1cfc:

../output-1/build/libsoup-2.72.0/meson.build:184:4: ERROR: Can not run test applications in this cross environment.

Indeed, tls_check will run code since
5c45253243

That is the only thing that this option does: it runs code to check that
libgio is built with TLS support.

While at it, also drop glib-networking build-time dependency

Also mark gnutls as a runtime dependency (it already was used as such).

Fixes:
 - http://autobuild.buildroot.org/results/9e539dc7185cfb81f18438dd36357cb49ef23a5a

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Reviewed-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-06-20 18:33:54 +02:00
Asaf Kahlon
0e0abdb034 package/libfuse3: bump to version 3.10.4
From this version, tests can be disabled, so we pass
"tests=false" as a Meson option.

Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-06-20 18:30:19 +02:00
Ignacy Gawędzki
49a8f5e4e8 package/iperf3: bump to version 3.10.1
Update LICENSE hash; copyright year update.

Signed-off-by: Ignacy Gawędzki <ignacy.gawedzki@green-communications.fr>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-06-20 18:29:53 +02:00
Fabrice Fontaine
1255138602 package/filemq: bump to af4768dcaf2fcb8083a32bad107a22ecb7a5d954
This bump will drop -Werror to fix build failure with -DNDEBUG raised
since commit 5a8c50fe05

Fixes:
 - http://autobuild.buildroot.org/results/cf4c45ed7ae2c5090ac6ba967497e0d42d5c5224

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-06-20 18:27:11 +02:00
Fabrice Fontaine
cc1c8c3bb1 package/openswan: disable -Werror
Disable -Werror to avoid the following build failure with -DNDEBUG
raised since commit 5a8c50fe05

/srv/storage/autobuild/run/instance-2/output-1/build/openswan-3.0.0/programs/rsasigkey/rsasigkey.c:524:6: error: variable 'success' set but not used [-Werror=unused-but-set-variable]
  524 |  int success;
      |      ^~~~~~~

Fixes:
 - http://autobuild.buildroot.org/results/327a0f2b8f0c51bcbb3edb1c3671870d593e93b9

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-06-20 18:26:16 +02:00
Bernd Kuhls
f5c0c74ebe package/ffmpeg: Fix build for mips, 2nd attempt
The patch introduced in commit
uses "defined(HAVE_SYS_AUXV_H)". However, ffmpeg configure is not GNU
autoconf, and it defines the symbol to 0 when not found. Use
HAVE_SYS_AUXV_H without defined() instead.

Fixes:
http://autobuild.buildroot.net/results/da0/da03909291e97c525eb1f53dfc743a1897f59d6e/

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-06-20 18:20:11 +02:00
Fabrice Fontaine
026d447c2c package/pipewire: remove already-applied patch and renumber
Drop 0002-meson.build-fix-build-with-uclibc-ng.patch which is not needed
since 0dda1a44a0 which has been merged in
master in commit 8d07baab43

While at it, renumber
0002-meson-fix-getrandom-detection-for-uclibc.patch to
0001-meson-fix-getrandom-detection-for-uclibc.patch (patch number was
wrong since its addition in commit
b003cb5d16) and also renumber remaining
patch

Fixes:
 - http://autobuild.buildroot.org/results/4d442c61b137ca1bd2dd32c6802ff0251d39e7a5

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-06-20 18:15:50 +02:00
Fabrice Fontaine
1f1d536e7e package/pdbg: fix build with -DNDEBUG
Fix build failure with -DNDEBUG raised since commit
5a8c50fe05

Fixes:
 - http://autobuild.buildroot.org/results/9d90ede1ff7425cbb25b95aed3bf8d27ced865a4

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-06-20 15:54:49 +02:00
Fabrice Fontaine
cc128b2d50 package/libpsl: needs wchar
Add a dependency on wchar as both icu and libunistring needs wchar

Fixes:
 - http://autobuild.buildroot.org/results/704d8e6f8b78015180e5b12c132495425637430a

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Reviewed-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-06-20 15:53:54 +02:00
Romain Naour
c42a9f19fa package/qemu: remove upstream patch
This patch is already merged in qemu 6.0.0.

Fixes:
http://autobuild.buildroot.net/results/aaa/aaabd63d0903819fb55d08852cef34c497cb57e6

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-06-20 15:49:14 +02:00
Jianhui Zhao
4d85defa71 package/libuhttpd: bump version to 3.12.1
CMake options have been renamed: UHTTPD_ prefix was dropped,
BUILD_STATIC_LIBS renamed to BUILD_STATIC.

Also fix handling of BUILD_STATIC: it should only be given when building
static libs, otherwise no dynamic lib is built.

Signed-off-by: Jianhui Zhao <zhaojh329@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-06-20 15:40:12 +02:00
Romain Naour
ebda5414d3 package/gcc: bump to version 9.4.0
Remove upstream patches
Reorder remaining patches

See:
https://gcc.gnu.org/pipermail/gcc-announce/2021/000168.html

Runtime tested:
https://gitlab.com/kubu93/buildroot/-/pipelines/315291768

Signed-off-by: Romain Naour <romain.naour@gmail.com>
2021-06-20 14:50:54 +02:00
Michael Fischer
eb2952330e package/gnuplot: bump version to 5.4.2
Signed-off-by: Michael Fischer <mf@go-sys.de>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-06-20 14:45:12 +02:00
Francois Perrad
db39783b64 package/lualdap: bump to version 1.3.0
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-06-20 14:42:58 +02:00
Grzegorz Blach
d5df29a244 package/python-rpi-ws281x: Bump to version 4.3.0
Remove 0001-ws2811.c-fix-build-with-gcc-4.8.patch,
it has been merged upstream.

Signed-off-by: Grzegorz Blach <grzegorz@blach.pl>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-06-20 14:40:23 +02:00
Christian Stewart
c6a4d7bed8 package/docker-cli: bump version to 20.10.7
Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-06-20 14:38:01 +02:00
Christian Stewart
49df508007 package/docker-engine: bump version to 20.10.7
Drop upstreamed patch fix-port-forwarding-with-ipv6.

Upstream commit: d29a55c6c344a536089d6b1bcd92be9cdea20641

Signed-off-by: Christian Stewart <christian@paral.in>
Tested-by: Christian Stewart <christian@paral.in>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-06-20 14:37:17 +02:00
Christian Stewart
05eb8e396f package/fuse-overlayfs: bump to version 1.5.0
Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-06-20 14:36:51 +02:00
Christian Stewart
de41a7040c package/batman-adv: bump to version 2021.1
Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-06-20 14:36:27 +02:00
Kamel Bouhara
fbff7d7289 package/usbguard: new package
usbguard is a software framework to implement USB
device blacklisting and whitelisting based on their
attributes.

More info. on: https://usbguard.github.io/

Signed-off-by: Kamel Bouhara <kamel.bouhara@bootlin.com>
Tested-by: Miquel Raynal <miquel.raynal@bootlin.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
[Arnout:
 - correct indirect dependencies from protobuf instead of libglib2;
 - say in Config.in help text that rules.conf has to be created]
2021-06-16 23:38:54 +02:00
Kamel Bouhara
22864d570d package/libqb: new package
libqb is a library providing features for client-server architecture,
such as logging, tracing, inter-process communication (IPC) and polling.

see: https://github.com/ClusterLabs/libqb

Signed-off-by: Kamel Bouhara <kamel.bouhara@bootlin.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-06-16 23:11:20 +02:00
Dario Binacchi
04a0094f0e configs/stm32f469_disco: fix kernel bootup
As described by [1], the kernel generated by the configuration for the
STM32f469 Discovery board is buggy. Using a newer kernel, as suggested
by [1], increases the dtb and Kernel image size. In particular, the
5.12 version of the kernel generates a dtb and a kernel image whose sum
exceeds the 2 MByte of the flash module.

So I decided to replace the afboot-stm32 bootloader in the flash with
U-boot to easily boot the system from sdcard without having to worry
about the size of dtb, kernel and rootfs generated by the configuration.

This solution allows you to fix the kernel boot issue and makes it
possible to use its future versions.

[1] http://buildroot-busybox.2317881.n4.nabble.com/Bug-11746-New-stm32f469-didn-t-work-correctly-td219644.html

Signed-off-by: Dario Binacchi <dariobin@libero.it>
Acked-by: Christophe Priouzeau <christophe.priouzeau@foss.st.com>
Tested-by: Christophe Priouzeau <christophe.priouzeau@foss.st.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
[Arnout:
 - specify headers version explicitly, even though it's default;
 - bump kernel to 5.12.11]
2021-06-16 23:09:34 +02:00
Yann E. MORIN
ee5e14ff17 core/pkg-generic: fix instrumentation for packages that install nowhere
A (target [0]) package can independently declare installing in various
locations: target, staging, or images. The default is to only install
in target.

When a package opts out from installing to target, but does not opts
in to install in any other location, the package is not downloaded,
extracted, patched, configured, nor built at all. As a consequence, none
of the per-step instrumentation is executed, specifically the listing
of files before/after the package sequence.

Down the line, the package infra does not cope well with that situation,
because the gathering-install step, the one that synchronises all the
optional target, staging, or images install steps, still gets run.

And as #13836 shows, this does not go well:

    /bin/sh: /home/tbuild/myboard/build/foo/.files-list.after: No such file or directory
    make[1]: *** [/home/tbuild/myboard/build/foo/.stamp_installed] Error 1
    make: *** [_all] Error 2

So, we should have ensured that the gathering-install step itself
depends on the build step, which would have solved the issue.

However, this bug really illustrates a more fundamental issue: does it
even make sense to have a package that installs nothing in any location?
Indeed, why even bother with that package to begin with if it will not
provide anything at all?

It turns out that yes, this makes sense. We have some packages, that
do not install anything at all, and do not even build anything; they are
there just to ensure that we can download something that will ultimately
be used by another package. This is the case for example for packages
that provide linux extensions, like aufs [1].

Additionally, some ugly out-of-tree packages could conceivably install
things during the build (or even configure!) steps. That's not unheard
of... [2]

So, the solution is to ensure that the gathering-install step does
depend on the build step, to trigger the proper dependency chain and
have the instrumentation hooks properly run even in that degenerate
case.

Fixes: #13836

[0] a host package can't opt out of installing anything.
[1] that one is actually missing AUFS_INSTALL_TARGET = NO, so this
    hides the issue.
[2] even us are not 100% clean on that topic: gcc will install files in
    staging and target as part of the same step (not the build, granted,
    but still...)

Reported-by: "Weber, Matthew L Collins" <Matthew.Weber@collins.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Tested-by: Matthew Weber <matthew.weber@collins.com
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-06-16 21:54:54 +02:00
Adrian Perez de Castro
54d0a7cc18 package/weston: enable libseat launcher if seatd is enabled
Enable building Weston's libseat launcher, now that the seatd package
is available.

Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-06-16 21:36:24 +02:00
Martin Elshuber
ffb525840c package/weston: add configuration options for weston shells
Enable selection of used weston shells. By default all available
shells are enabled to keep the old behavior. The new configuration
options enable the user to select them individually.

Signed-off-by: Martin Elshuber <martin.elshuber@theobroma-systems.com>
[yann.morin.1998@free.fr:
  - ensure at least one shell is enabled; desktop arbitrarily chosen
  - s/BR2_PACKAGE_WESTON_SHELL_SELECTED/BR2_PACKAGE_WESTON_HAS_SHELL/
  - reword associated comment
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-06-16 21:36:08 +02:00
Arnout Vandecappelle (Essensium/Mind)
6d758f59e6 package/lvm2: default standard install to y
Until commit 5c07dfcc1a
BR2_PACKAGE_LVM2_STANDARD_INSTALL would default to y. Indeed, the
default read:

      default y if !BR2_PACKAGE_LVM2_DMSETUP_ONLY # legacy 2013.11

Since the legacy symbol is normally not selected, this defaults to y.

Commit 5c07dfcc1a inadvertedly removed the
entire line instead of just the condition.

Fixes: https://bugs.busybox.net/show_bug.cgi?id=13846
For-stable: 2021.02, 2021.05
Cc: dominique.tronche@atos.net
Cc: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-06-16 21:06:39 +02:00
Fabrice Fontaine
a7bf844813 package/snort3: new package
Snort 3 is the next generation Snort IPS (Intrusion
Prevention System).

 - Support multiple packet processing threads
 - Shared configuration and attribute table
 - Use a simple, scriptable configuration
 - Make key components pluggable
 - Autodetect services for portless configuration
 - Support sticky buffers in rules
 - Autogenerate reference documentation
 - Provide better cross platform support

https://www.snort.org/snort3

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Reviewed-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-06-15 13:25:43 +02:00
Fabrice Fontaine
6e75a990ae package/daq3: new package
Add daq3 package to be able to add the snort3 package.

daq3 is not compatatible with snort as daq_load_modules has been removed

daq3 package has been created from the daq package, here is a summary of
the changes:
- Drop patch (not needed anymore)
- Enable parallel build as there is no more tokdefs.h
- Drop libdnet dependency
- Drop host-bison and host-flex dependencies
- Drop libpcap workarounds
- ipq module dropped since version 3.0.0-alpha1 and
  80c62799a9
- Add LICENSE file (same content than COPYING)
- Update hash of COPYING (project name and GPLv2 text updated with
  46e8722da2)
- Add a dependency on gcc 4.9 for {t,u}h_{d,s}port that are protected on
  glibc by _FAVOR_BSD (and so !defined _GNU_SOURCE) until version 2.19:
  https://sourceware.org/git/?p=glibc.git;a=commit;h=7011c2622fe3e10a29dbe74f06aaebd07710127d

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-06-15 13:25:18 +02:00