binutils 2.26 has been released, it is time to switch to 2.25 as the
default version.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Acked-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Switch to BR2_TOOLCHAIN_HAS_SYNC_4 from BR2_sparc conditional since it's
the correct one.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Reviewed-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
In commit 6709fad224, python-msgpack was
bumped to a new version that has support for Python 3. The "depends on
BR2_PACKAGE_PYTHON' was removed for the main python-msgpack Config.in
option, but not from the comment. This commit fixes this
inconsistency.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
python-crossbar selects python-msgpack which selects msgpack, which
depends on C++ and 4-byte __sync intrinsics. But python-crossbar does
not have the dependencies propagated.
Fixes:
http://autobuild.buildroot.org/results/80f58b7264139dd82c690cb8aae97349aa412539/
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
As recently reported on the mailing list:
http://lists.busybox.net/pipermail/buildroot/2016-February/154130.html
Our configuration options to use sha-256 / sha-512 password encoding do not
work very well with uClibc-ng as our defconfig doesn't enable support for
these encodings, breaking E.G. password login with dropbear.
Notice that it doesn't break login with the busybox login applet, as we
currently force the use of the internal busybox password handling routines
when sha-256/512 encoding is used. This workaround can afaik now be removed.
To fix this, enable support for these password encodings in our defconfig.
Do it unconditionally and not based on BR2_TARGET_GENERIC_PASSWD_* so it
also works when a Buildroot toolchain is reused as an external toolchain and
as the support code is quite small (~8KB):
-rwxr-xr-x 1 peko peko 13360 Mar 7 22:56 output/target/lib/libcrypt-1.0.12.so
-rwxr-xr-x 1 peko peko 21552 Mar 7 23:47 output-sha/target/lib/libcrypt-1.0.12.so
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Acked-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes:
CVE-2016-1285 - An error parsing input received by the rndc control
channel can cause an assertion failure in sexpr.c or alist.c
CVE-2016-1286 - A problem parsing resource record signatures for DNAME
resource records can lead to an assertion failure in resolver.c or db.c
CVE-2016-2088 - A response containing multiple DNS cookies causes
servers with cookie support enabled to exit with an assertion failure.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Upstream was super reactive, and already committed a patch to fix the
build on SuperH, so we take this upstream patch in Buildroot and
re-enable fio on SuperH.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
fio doesn't build on SuperH due to arch_flags being undefined while
building the test programs. Since the fix isn't immediate, the bug was
reported upstream, and this commit disables fio on SuperH until it
gets fixed upstream.
Fixes:
http://autobuild.buildroot.net/results/578/578ae9da10d017ee9e2c15d37014f31a1114ef3a/build-end.logFixes#8751.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The patch 0001-compile-fix-for-linux-header-changes.patch is removed
as it was a backport from an upstream patch.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Despite the documentation and the comment in xtensa_move_literals, in
the presence of --text-section-literals and --auto-litpools literals are
moved from the separate literal sections into .init and .fini, because
the check in the xtensa_move_literals is incorrect.
This fixes build errors seen with projects that have .init/.fini and use
text-section-literals.
Backported from: 4111950f363221c4641dc2f33bea61cc94f34906
Reported-by: Waldemar Brodkorb <mail@waldemar-brodkorb.de>
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016.72 - 9 March 2016
- Validate X11 forwarding input. Could allow bypass of authorized_keys command= restrictions,
found by github.com/tintinweb. Thanks to Damien Miller for a patch.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
A recently discussed on the mailing list:
http://lists.busybox.net/pipermail/buildroot/2016-February/154189.html
Our mdev configuration currently doesn't handle module loading. Fix that by:
- Telling mdev to run modprobe on hotplug events providing MODALIAS
- Adjust the init script to handle coldplug modalias events (E.G. modules
for which the devices were already present before mdev was added as the
hotplug handler). mdev -s should arguable handle this, but it doesn't.
Cc: Arnout Vandecappelle <arnout@mind.be>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The default syslog parameters are to keep only 200-400 KiB of logs,
which is very few if there is a spammy daemon on the system, or a daemon
that fails and then spams errors that hides the original problem.
Make S01logging source a /etc/default/logging file where these
parameters can be overridden.
Signed-off-by: Nicolas Cavallari <nicolas.cavallari@green-communications.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Use $(SED) instead of sed.
Kill trailing whitespace in comment, and move it above the define as per
standard look.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes:
CVE-2016-1950 - heap-based buffer overflow related to the parsing of
certain ASN.1 structures. An attacker could create a specially-crafted
certificate which, when parsed by NSS, would cause a crash or execution
of arbitrary code with the permissions of the user.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
We have removed gcc 4.5 support since a long time, so this commit
removes dead code that was only used when building a toolchain based
on gcc 4.5.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
libpjsip needs libsrtp to build, but it bundles a libsrtp version in
case one is not found during the configure step. The Buildroot policy
in such cases is to force using the external package, so forcibly
depend on libsrtp.
Adding --with-external-srtp also fixes libpjsip not correctly the
libsrtp installed in staging, which shows up with the symptom:
.../libpjmedia.so: undefined reference to `srtp_deinit'
collect2: error: ld returned 1 exit status
Fixes:
http://autobuild.buildroot.org/results/305/305fdc8442cd2e8f51b90485be0dca83ffa36603/http://autobuild.buildroot.org/results/a2f/a2f407c1361ac5c24af122445e84645e9aee309d/
...and many other similar autobuild failures.
Signed-off-by: Luca Ceresoli <luca@lucaceresoli.net>
Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes:
CVE-2015-7560 - Authenticated client could cause Samba to overwrite ACLs
with incorrect owner/group.
CVE-2016-0771 - Malicious request can cause the Samba internal DNS
server to crash or unintentionally return uninitialized memory.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Now that we've got an mbedtls package in the tree we can enable the
optional support for it in libcurl.
We also remove the comment about polarssl support needing version
1.3.x. Indeed, polarssl was renamed to mbedtls when bought by ARM,
which was circa the 1.3.x polarssl release. Due to this referring to
polarssl 1.3.x doesn't make a lot of sense, and we'll probably never
package polarssl 1.3.x in Buildroot now that mbedtls replaces it.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Tested-by: Luca Ceresoli <luca@lucaceresoli.net>
[Thomas: slightly improve commit log as suggested by Luca, using
explanations from Gustavo.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Install package in staging directory, so that this package can be
linked together with other packages (for example collectd and its
onewire plugin).
Signed-off-by: Roland Franke <fli4l@franke-prem.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Fetch a patch fixing autoreconf call.
Patch already sent and merged upstream.
Signed-off-by: Samuel Martin <s.martin49@gmail.com>
Cc: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
In the bump to the 4.1.x series the bundled pgm library was dropped and
the --with-system-pgm option was made pointless since using unbundled
became the only option, so it was renamed to --with-pgm, which
previously meant "use bundled" (but not any longer).
However this wasn't accounted for and pgm support has been broken since
then.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
