Fixes CVE-2017-5357: crash with some malformed commands.
Upstream now provides .tar.lz archive. Add the necessary extract command.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
ftp.netroedge.com is (also) down. Download the package from the Debian
snapshot archive.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The lm-sensors.org website is down, and won't be coming back anytime soon. Use
the suggested[1], far from adequate, alternative.
[1] https://github.com/groeck/lm-sensors/issues/3
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Enable fakedate for whole build process.
This work was sponsored by `BA Robotic Systems'.
Signed-off-by: Jérôme Pouiller <jezz@sysmic.org>
Reviewed-by: Samuel Martin <s.martin49@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
`date' is widely used by packages to include build information in their
binaries. Unfortunately, this is incompatible with BR2_REPRODUCIBLE.
Instead of having to identify all `date' invocations in the different
packages, this commit adds a small tool that allows to always return
the same date.
This work was sponsored by `BA Robotic Systems'.
[Peter: drop debugging print]
Signed-off-by: Jérôme Pouiller <jezz@sysmic.org>
Reviewed-by: Samuel Martin <s.martin49@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The use of the __DATE__ and __TIME__ macros are one of the most common
sources of non-reproducible binaries. In order to fix that, gcc 7 supports
the SOURCE_DATE_EPOCH variable:
https://gcc.gnu.org/git/?p=gcc.git;a=commitdiff;h=e3e8c48c4a494d9da741c1c8ea6c4c0b7c4ff934
This patch take advantage of toolchain-wrapper to provide support of
SOURCE_DATE_EPOCH to older gcc versions.
Function get_source_date_epoch() come directly from gcc git.
This work was sponsored by `BA Robotic Systems'.
[Peter: use sizeof for character array sizes, make function static,
extend commit message, add upstream gcc commit]
Signed-off-by: Jérôme Pouiller <jezz@sysmic.org>
Reviewed-by: Samuel Martin <s.martin49@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
When pyqt is used it's obvious that qt needs to be selected and
configured by the user, hence we enforce it by making pyqt depending on
qt, rather than selecting it and depending only on the qt requirements.
Signed-off-by: Andreas Naumann <anaumann@ultratronik.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
When pyqt5 is used it's obvious that qt5 needs to be selected and
configured by the user, hence we enforce it by making pyqt5 depending on
qt5, rather than selecting it and depending only on the qt5
requirements.
Signed-off-by: Andreas Naumann <anaumann@ultratronik.de>
Signed-off-by: Zoltan Gyarmati <mr.zoltan.gyarmati@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Restrict target install to quickcontrols(1) qmls only.
Installing everything under qml/QtQuick includes e.g. quickcontrols2 if
existent in staging (but not selected). Another issue may arise e.g. for a
external package that creates more files than it installs itself under
qml/QtQuick. In that case, it would depend on the order of the packages how
much gets installed into target.
Signed-off-by: Andreas Naumann <anaumann@ultratronik.de>
Signed-off-by: Zoltan Gyarmati <mr.zoltan.gyarmati@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
qtbase carries nor more fonts since c5ceabb9a1caf6b9b7615a28c3097f221772f645
So for Qt Version 5.8.0 this reverts commit
cdfa21b060 and part of
186ef9f6f4.
Signed-off-by: Andreas Naumann <anaumann@ultratronik.de>
Signed-off-by: Julien Corjon <corjon.j@ecagroup.com>
Signed-off-by: Zoltan Gyarmati <mr.zoltan.gyarmati@gmail.com>
[Thomas: adjust commit log.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
For 5.8.0
- add hashes
- qt5 need C++11 compliant compiler since 5.7 ([1])
- use different licenses: since version 5.7 Qt removed the LGPL v2.1 option in favor
of v3 with a different exception
- qt5base: renamed library to EglFSDeviceIntegration ([2])
- qt5base: remove ras-pi patch, commit c0cc5052097c723d0331a7619d686af9eb93d33c fix it ([3])
- qt5base: remove 0007-eglfs-fix-eglfs_mali-compile-for-odroid-mali.patch (upstream committed [3b])
- qt5base: remove obsolete config-option -large ([4])
- qt5base: gstreamer support fully moved to qt5multimedia, so gstreamer
related options are no longer passed ([5])
- add patch for python-pyqt5 to fix the build with Qt 5.8
- add tweak in libv4l to fix the build with Qt 5.8, originally provided
by Peter Seiderer
- add patch from Peter Seiderer fixing a build issue with freetype
For 5.6.2
- moved patches to subdir, and renumber patches
[1] http://blog.qt.io/blog/2016/06/16/qt-5-7-released/
[2] https://code.qt.io/cgit/qt/qtbase.git/commit/?id=ec4eb4db61094179bc6a9ec26ec68fb710177053
[3] https://codereview.qt-project.org/#/c/167172/
[3b] https://code.qt.io/cgit/qt/qtbase.git/commit/?id=f1b4bd4790860e1ff5afcec111a359bc3a91cfda
[4] https://code.qt.io/cgit/qt/qtbase.git/commit/?id=84d3a21c9efe7efb2cce6d3bd14af1f9580b1108
[5] https://code.qt.io/cgit/qt/qtbase.git/commit/?id=7d4da559afb62a779b3d90a65fb679cb5433f203
Signed-off-by: Andreas Naumann <anaumann@ultratronik.de>
Signed-off-by: Julien Corjon <corjon.j@ecagroup.com>
Signed-off-by: Zoltan Gyarmati <mr.zoltan.gyarmati@gmail.com>
[Thomas:
- tweak commit log about GStreamer related changes, suggested by Arnout
- move the gcc 4.8 dependency from the main qt5 option to just the
qt5.8 selection, so that qt5.6 can still be built if gcc < 4.8 is
used. Noticed by Arnout.
- rename the options of the version selection to not include the
version number itself so that we don't have to keep legacy
symbols. Noticed by Arnout.
- introduce changes to qt5quickcontrols2.mk needed to handle qt5.6
vs. qt5.8, borrowed from a later patch in the series.
- add patch for python-pyqt5 to fix the build with Qt 5.8.
- add fix to libv4l.mk from Peter Seiderer to fix the build with Qt
5.8.
- renumber patches for 5.6.2, suggested by Arnout.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Selinux is currently disabled staticly in logrotate. This patch fixes
this by checking for libselinux and adding it as a dependecy if it has
been selected.
Signed-off-by: Adam Duskett <Adamduskett@outlook.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Also removed both patches as they have been added to this release.
Aslo removed reference to github patch in makefile as it has been
added to this release as well.
Signed-off-by: Adam Duskett <Adamduskett@outlook.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
This version of ntp fixes several vulnerabilities.
CVE-2016-9311
CVE-2016-9310
CVE-2016-7427
CVE-2016-7428
CVE-2016-9312
CVE-2016-7431
CVE-2016-7434
CVE-2016-7429
CVE-2016-7426
CVE-2016-7433
http://www.kb.cert.org/vuls/id/633847
In addition, libssl_compat.h is now included in many files, which
references openssl/evp.h, openssl/dsa.h, and openssl/rsa.h.
Even if a you pass --disable-ssl as a configuration option, these
files are now required.
As such, I have also added openssl as a dependency, and it is now
automatically selected when you select ntp.
Signed-off-by: Adam Duskett <aduskett@codeblue.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
We currently have two places where we recommend where BR2_DL_DIR
should be set: "Environment variables" and "Location of downloaded
packages". The former recommends setting BR2_DL_DIR in the .config,
the latter kind of endorses using ~/.bashrc.
We prefer suggesting the ~/.bashrc way since it avoids downloading the
same file multiple times, and anyway it's wise to have all the details
in a unique place. So remove the .config suggestion from "Environment
variables" and let it just point to "Location of downloaded packages".
Cc: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Luca Ceresoli <luca@lucaceresoli.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The manual mentions LIBFOO_GIT_SUBMODULES but does not tell what value
it should have. The implementation only checks whether the variable is
non-empty, but we should suggest a specific value to avoid people
wondering what they have to set, and to try setting weird values.
Signed-off-by: Luca Ceresoli <luca@lucaceresoli.net>
Cc: Baruch Siach <baruch@tkos.co.il>
Cc: Ricardo Herrero <ricardo.herrero@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
When this qemu nios2 defconfig has been added, the insternal toolchain
used for testing was build with Linux kernel headers 4.9, so
BR2_PACKAGE_HOST_LINUX_HEADERS_CUSTOM_4_9 was missing in the defconfig.
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
On uClibc, finite, isinf and isnan are not directly implemented as
functions. Instead math.h #define's these to __finite, __isinf and __isnan,
which are real functions.
This confuses the Ruby configure script which use AC_REPLACE_FUNCS to
detect these, as it really checks for a function without including math.h.
Because of the naming difference the checks fail, therefore the symbols
HAVE_FINITE, HAVE_ISINF and HAVE_ISNAN are not defined.
Ruby code relies on those symbols in order to define its own version of
the finite, isinf and isnan functions. Since the symbols haven't been
defined, those definitions cause conflicts with the already-existing
functions.
Fixes:
http://autobuild.buildroot.net/results/f34/f34dc20749c6f6d12c51eddf3ee6c2ef41d7c13d/
[Peter: extend description, add comment in .mk]
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
As pointed out during the check-package discussion, there is a typo in a
variable name:
http://lists.busybox.net/pipermail/buildroot/2016-December/180765.html
Fixing that also shows that the license file was misspelled, so fix that as
well (LICENSE/LICENCE).
Reported-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
libcec is a cmake based package. LIBCEC_AUTORECONF is meaningless in
this context.
Signed-off-by: Rahul Bedarkar <rahul.bedarkar@imgtec.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
binutils-2.27 gas has bug that results in the following kind of build
error when assembling bb[cs]i.l on big-endian xtensa targets:
ieee754-sf.S:237: Error: invalid symbolic operand
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix:
http://autobuild.buildroot.org/results/b2d/b2d43dd3c52cc9f586009a10a40f97b07548322d/build-end.log
The issue arise from the fact that we compile all *.py files, but the
_gaiohttp.py file is using Python3 ("yield from") syntax which causes an
error.
So if we are using Python2, delete this file as it won't ever be imported
anyway as it is checked by gunicorn in the __init__.py file of the worker
module.
Signed-off-by: Maxime Hadjinlian <maxime.hadjinlian@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Enabling TLS compression may make mbedTLS vulnerable to the
CRIME attack [1]. It should not be enabled unless is is sure CRIME and
similar attacks are not applicable to the particulare situation.
As zlib is probably enabled in most systems, the user might end up with
a vulnerable system without knowing. So, instead of enabling compression
support if the zlib package is available, we make the compression support
a config option. This way, the user has to explicitly enable compression
support and is warned by the help text about the risk.
[1] https://tls.mbed.org/kb/how-to/deflate-compression-in-ssl-tls
Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This file was missing from commit
84d997d689 ("system(d): allow auto net
configuration with networkd")
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
This new version introduces a lot of bug fixes and some new API
functions.
Additionally, the IIO Daemon is now able to share the local IIO devices
through USB (using FunctionFS).
[Peter: usbd option needs 3.18+ headers, reorder options for menuconfig]
Signed-off-by: Paul Cercueil <paul.cercueil@analog.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Automatically build sudo with ldap support when openldap is enabled.
When sudo is built with ldap, /etc/sudoers is only read in for defaults,
all rules need to be provided via ldap which is configured by the user
in /etc/ldap.conf.
Signed-off-by: Chris Frederick <cdf123@cdf123.net>
Reviewed-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
This change adds inode tracking to the size-stats script so that hard
links don't cause files to be double counted. This has a significant
effect on the size computation for some packages. For example, git has
around a dozen hard links to a large file. Before this change, git would
weigh in at about 170 MB with the total filesystem size reported as
175 MB. The actual rootfs.ext2 size was around 16 MB. With the change,
the git package registers at 10.5 MB with a total filesystem size of
15.8 MB.
Signed-off-by: Frank Hunleth <fhunleth@troodon-software.com>
Acked-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>