When BR2_VERSION_FULL contains one or more '/', injection our version
in the perl patch-level fails:
/usr/bin/sed: -e expression #1, char 27: unknown option to `s'
When the build is done in a git tree, and HEAD is a tag, BR2_VERSION_FULL
will contain that tag name. Even if not widely common, it is not unusual
for a tag to contain a '/', and this is perfectly legit in git.
So, mangle BR2_VERSION_FULL to escape all '/' with a backslash '\', so
that the sed expression is correct, and so that we eventually have a
correct pathclevel string in perl's --version output.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This patch fixes the following compile failures:
In file included from platform/text/TextAllInOne.cpp:30:
platform/text/TextBreakIteratorICU.cpp: In function ‘bool
WebCore::textInChunkOrOutOfRange(UText*, int64_t, int64_t, UBool,
UBool&)’:
platform/text/TextBreakIteratorICU.cpp:217:28: error: ‘TRUE’ was not
declared in this scope
217 | isAccessible = TRUE;
| ^~~~
platform/text/TextBreakIteratorICU.cpp:222:28: error: ‘FALSE’ was not
declared in this scope
222 | isAccessible = FALSE;
| ^~~~~
platform/text/TextBreakIteratorICU.cpp:231:28: error: ‘TRUE’ was not
declared in this scope
231 | isAccessible = TRUE;
| ^~~~
platform/text/TextBreakIteratorICU.cpp:236:28: error: ‘FALSE’ was not
declared in this scope
236 | isAccessible = FALSE;
| ^~~~~
platform/text/TextBreakIteratorICU.cpp: In function ‘UBool
WebCore::textLatin1Access(UText*, int64_t, UBool)’:
platform/text/TextBreakIteratorICU.cpp:246:16: error: ‘FALSE’ was not
declared in this scope
246 | return FALSE;
| ^~~~~
platform/text/TextBreakIteratorICU.cpp:266:12: error: ‘TRUE’ was not
declared in this scope
266 | return TRUE;
| ^~~~
platform/text/TextBreakIteratorICU.cpp: In function ‘UBool
WebCore::textUTF16Access(UText*, int64_t, UBool)’:
platform/text/TextBreakIteratorICU.cpp:367:16: error: ‘FALSE’ was not
declared in this scope
367 | return FALSE;
| ^~~~~
platform/text/TextBreakIteratorICU.cpp:387:12: error: ‘TRUE’ was not
declared in this scope
387 | return TRUE;
| ^~~~
...
In file included from platform/text/TextAllInOne.cpp:32:
platform/text/TextCodecICU.cpp: In member function ‘void
WebCore::TextCodecICU::createICUConverter() const’:
platform/text/TextCodecICU.cpp:272:42: error: ‘TRUE’ was not declared in
this scope
272 | ucnv_setFallback(m_converterICU, TRUE);
| ^~~~
The compile failures are fixed by replacing the use of FALSE/TRUE with
false/true as suggested by [1] and/or [2].
A better description is directly from the patch/pull-request ([3]):
Traditionally, ICU4C has defined its own `FALSE`=0 / `TRUE`=1 macros for use with `UBool`.
Starting with ICU 68 (2020q4), we no longer define these in public header files
(unless `U_DEFINE_FALSE_AND_TRUE`=1),
in order to avoid name collisions with code outside ICU defining enum constants and similar
with these names.
and explains why it occurred just recently/since the icu bump to version
68-1 ([4])...
[1] https://unicode-org.atlassian.net/browse/ICU-21267
[2] https://unicode-org.atlassian.net/browse/ICU-21148
[3] 5d77f7084d
[4] https://git.buildroot.net/buildroot/commit/?id=88f2d1c4e52607d2c2a1fa8d934152c47167a168
Signed-off-by: Henri Roosen <henri.roosen@ginzinger.com>
Reviewed-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fix a security issue when using g_file_replace() with
G_FILE_CREATE_REPLACE_DESTINATION
https://gitlab.gnome.org/GNOME/glib/-/tags/2.66.8
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Reviewed-by: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
* ssh-agent(1): fixed a double-free memory corruption that was
introduced in OpenSSH 8.2 . We treat all such memory faults as
potentially exploitable. This bug could be reached by an attacker
with access to the agent socket.
On modern operating systems where the OS can provide information
about the user identity connected to a socket, OpenSSH ssh-agent
and sshd limit agent socket access only to the originating user
and root. Additional mitigation may be afforded by the system's
malloc(3)/free(3) implementation, if it detects double-free
conditions.
The most likely scenario for exploitation is a user forwarding an
agent either to an account shared with a malicious user or to a
host with an attacker holding root access.
* Portable sshd(8): Prevent excessively long username going to PAM.
This is a mitigation for a buffer overflow in Solaris' PAM username
handling (CVE-2020-14871), and is only enabled for Sun-derived PAM
implementations. This is not a problem in sshd itself, it only
prevents sshd from being used as a vector to attack Solaris' PAM.
It does not prevent the bug in PAM from being exploited via some
other PAM application. GHPR#212
Also license has been updated to add some openbsd-compat licenses:
922cfac5edhttps://www.openssh.com/txt/release-8.5
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
This minor release fixes an issue with its public API headers which
can cause third party packages (mainly wpewebkit) to show build errors.
Release notes:
https://wpewebkit.org/release/wpebackend-fdo-1.8.2.html
Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
This is a minor release which provides fixes for CVE-2020-27918,
CVE-2020-29623, CVE-2021-1765, CVE-2021-1789, CVE-2021-1799,
CVE-2021-1801, and CVE-2021-1870.
Full release notes can be found at:
https://wpewebkit.org/release/wpewebkit-2.30.6.html
An accompanying security advisory has been published at:
https://wpewebkit.org/security/WSA-2021-0002.html
Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
This is a minor release which provides fixes for CVE-2020-27918,
CVE-2020-29623, CVE-2021-1765, CVE-2021-1789, CVE-2021-1799,
CVE-2021-1801, and CVE-2021-1870.
Full release notes can be found at:
https://webkitgtk.org/2021/03/18/webkitgtk2.30.6-released.html
An accompanying security advisory has been published at:
https://webkitgtk.org/security/WSA-2021-0002.html
Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Make sure libusb support is properly disabled even if the libusb
package is enabled, and in case it gets built before Kodi.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The package switched to setuptools (see commit:
88a3f0b45e)
Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Almost identical as i.MX 8M Nano, with a couple of differences:
- different ATF load address [1]
- different entry point [2]
[1] e8e2703a30
[2] https://source.denx.de/u-boot/u-boot/-/blob/v2021.04-rc4/configs/imx8mp_evk_defconfig#L14
Signed-off-by: Stephane Viau <stephane.viau@oss.nxp.com>
Reviewed-by: Gary Bisson <gary.bisson@boundarydevices.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This SoC uses the same tools to generate boot images as the 8M family.
Signed-off-by: Stephane Viau <stephane.viau@oss.nxp.com>
Reviewed-by: Gary Bisson <gary.bisson@boundarydevices.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This SoC requires the same (LP)DDR training binaries as i.MX 8M SoC
family.
Signed-off-by: Stephane Viau <stephane.viau@oss.nxp.com>
Reviewed-by: Gary Bisson <gary.bisson@boundarydevices.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The i.MX 8M Plus focuses on machine learning and vision and industrial
automation. It also provides advanced multimedia, including a VPU and
the GPU GC7000UL (3D) + GC520L (2D).
Signed-off-by: Stephane Viau <stephane.viau@oss.nxp.com>
Reviewed-by: Gary Bisson <gary.bisson@boundarydevices.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The latest officially released version of SDL_net is 1.2.8, released
in 2012. Since then, there have been several bugfixes.
SDL's canonical source is now on GitHub. This commit points to the
SDL-1.2 branch from 15 Mar 2021.
Signed-off-by: Gleb Mazovetskiy <glex.spb@gmail.com>
[yann.morin.1998@free.fr: use full-length commit hash]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The latest officially released version of SDL_image is 1.2.12, released
in 2012. Since then, there have been many bugfixes, including security
fixes.
SDL's canonical source is now on GitHub. This commit points to the
SDL-1.2 branch from 15 Mar 2021.
Signed-off-by: Gleb Mazovetskiy <glex.spb@gmail.com>
[yann.morin.1998@free.fr: use full-length commit hash]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The latest officially released version of SDL_mixer is 1.2.12, released
in 2012. Since then, there have been many bugfixes on master.
SDL's canonical source is now on GitHub. This commit points to the
SDL-1.2 branch from 15 Mar 2021.
Signed-off-by: Gleb Mazovetskiy <glex.spb@gmail.com>
[yann.morin.1998@free.fr:
- use full-length commit hash
- two spaces in hash file
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
SDL's canonical source is now on GitHub. The git commit that matches
the Hg commit we used so far is b13aa509166e, but we switch to the
HEAD of the SDL-1.2 branch, which just has two additional commits
touching the autotools files.
Signed-off-by: Gleb Mazovetskiy <glex.spb@gmail.com>
[yann.morin.1998@free.fr:
- explain why we don;t use the exactly-maching commit
- use full-length commit hash
- drop the comment: it did not point to the commit we used
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Enable the OpenSSL library to enable some OP-TEE tests that relies on
it.
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
- Bump TF-A to version 2.4.
- Bump u-boot to version 2021.01.
- Bump kernel to version 5.11.3.
We switch TF-A to a single FIP image. Thanks to this, TF-A does not need to
use semihosting to load the various BL* anymore (but U-Boot still does).
Update the readme.txt accordingly.
We switch to a u-boot image for the ramdisk. This removes the need to
update the fdt chosen node manually in the bootcmd.
While at it, we drop the generation of the kernel dtb, which we do not use.
In this config, we are indeed using the dtb generated on-the-fly by qemu
and amended by TF-A.
Signed-off-by: Vincent Stehlé <vincent.stehle@laposte.net>
Cc: Gerome Burlats <gerome.burlats@smile.fr>
Cc: Romain Naour <romain.naour@gmail.com>
Cc: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Romain Naour <romain.naour@gmail.com>
Tested-by: Romain Naour <romain.naour@gmail.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Drop patch that is now upstream.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Board used custom Kernel but did not specify
custom headers. This broke the build when
Linux 5.11 was added in d2fe9c6.
Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/1089053980
Signed-off-by: Filip Skoneczny <fskoneczny@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
When enabling BR2_PACKAGE_LIBTOOL it depended on the build order if
squid used the external libltdl or built it from its internal copy. That
broke the build in fli4l where we have additional post build checks
analyzing runtime dependencies and a separate step for copying build
artefacts to target packages.
Depend on the external libltdl unconditionally like done with commit
3efc5a250c ("package/siproxd: new package") for package siproxd
recently as well. For reproducibility, size, and security.
Link: https://web.nettworks.org/ci/job/fli4l/job/buildroot/job/4.0/job/trunk-sunxi/672/
Suggested-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Alexander Dahl <post@lespocky.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
