Commit Graph

41782 Commits

Author SHA1 Message Date
Peter Seiderer
670260d74b qt5base: fix double-conversion for or1k
Fixes [1]:

  ../3rdparty/double-conversion/include/double-conversion/utils.h:81:2: error: #error Target architecture was not detected as supported by Double-Conversion.
  #error Target architecture was not detected as supported by Double-Conversion.

[1] http://autobuild.buildroot.net/results/a3535cdf5e91df011a59a4b9f60d69195f5efdcb

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-20 00:21:22 +02:00
Yann E. MORIN
a8cea94d5a core: drop useless assignments to BISON and FLEX
They were added back in 5432f26f0 (Adding Central config.cache options),
supposedly to be able to cache the result of configure tests, but they
were never, ever referenced anywhere in our code... Besides, we dropped
the idea of getting a configure cache long ago now (it does not work)...

They are causing spurious error messages on some distros (e.g. Fedora)
which use GNU's which (whatever package that comes from), while it is
silent on other distros (e.g. Ubuntu) which use debianutils' which.

Drop them.

Reported-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-19 23:13:03 +02:00
Thomas Petazzoni
df5bf982de python-pyqt5: add Qt 5.11 compatibility patch
This commit adds a patch to python-pyqt5 to make it build properly
against Qt 5.11.

PyQt5 is using a dual-licensing model, and the commercial company
behind it (RiverBank) only provides release tarballs, and no public
Git repository, so we cannot see the individual changes they make. By
diffing the PyQt5 5.10 and 5.11 releases, we could see that they opted
for dropping entirely support for the waitForEvents() method, rather
than keeping it for Qt < 5.11. We take the same approach in the below
patch, since this is anyway what will happen when we will bump to
PyQt5 5.11.

The patch is not Git-formatted, because there is no upstream Git
repository for this project.

Fixes:

  http://autobuild.buildroot.net/results/1f1e92374fe71a1d4343243db5f530c33db06698/

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-19 21:50:34 +02:00
Vadim Kochan
052d3cbb0e wireless_tools: Fix site URL does not work
Replace broken http://www.hpl.hp.com/personal/Jean_Tourrilhes/Linux
by https://hewlettpackard.github.io/wireless-tools.

[Peter: also adjust URL in Config.in]
Signed-off-by: Vadim Kochan <vadim.kochan@petcube.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-19 21:33:19 +02:00
Bernd Kuhls
bfc5dc9920 package/nodejs: security bump version to 8.11.4
Release notes:
https://nodejs.org/en/blog/vulnerability/august-2018-security-releases/

Fixes CVE-2018-12115, also CVEs were fixed in included OpenSSL code
which do not use for the target build.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-19 21:29:11 +02:00
Bernd Kuhls
a3422534c8 package/ipsec-tools: add security patch to fix CVE-2016-10396
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-19 21:24:35 +02:00
Bernd Kuhls
d2965cbb7e linux-headers: bump 4.{4, 9, 14, 17}.x series
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-19 21:21:55 +02:00
Bernd Kuhls
9070ee65a9 linux: bump default to version 4.17.17
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-19 21:21:36 +02:00
Bernd Kuhls
21d0077a2d package/bind: security bump to version 9.11.4-P1
Fixes CVE-2018-5740: https://ftp.isc.org/isc/bind9/9.11.4-P1/CHANGES

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-19 21:20:35 +02:00
Yann E. MORIN
e0e089acc4 core/pkg-kconfig: allow dependencies before configurators
Some users of kconfig need some packages to be built before their
kconfig infra be used.

For example, the linux kernel, starting with 4.16, needs flex and bison
to generate the parser code. Furthermore, starting with 4.18, it will
also need the cross-compiler before parsing the kconfig stuff, because
that calls the compiler to check its features.

Currently, this is broken, even the flex/bison ones, even though they
are listed, because there is no way to define dependencie that are
guaranteed before the (visual) configurators. For example:

    $ make distclean
    $ make menuconfig
      --> enable the linux kernel, choose a defconfig, save, exit
    $ make linux-menuconfig
    [...]
      HOSTCC  scripts/basic/fixdep
      HOSTCC  scripts/kconfig/conf.o
      YACC    scripts/kconfig/zconf.tab.c
    /bin/sh: bison: command not found
      LEX     scripts/kconfig/zconf.lex.c
    scripts/Makefile.lib:196: recipe for target 'scripts/kconfig/zconf.tab.c' failed
    make[3]: *** [scripts/kconfig/zconf.tab.c] Error 127
    make[3]: *** Waiting for unfinished jobs....
    /bin/sh: flex: command not found
    scripts/Makefile.lib:188: recipe for target 'scripts/kconfig/zconf.lex.c' failed
    make[3]: *** [scripts/kconfig/zconf.lex.c] Error 127
    Makefile:528: recipe for target 'rpc_defconfig' failed
    make[2]: *** [rpc_defconfig] Error 2
    linux/linux.mk:511: recipe for target '/home/ymorin/dev/buildroot/buildroot/output/build/linux-4.17.11/.config' failed
    make[1]: *** [/home/ymorin/dev/buildroot/buildroot/output/build/linux-4.17.11/.config] Error 2
    Makefile:79: recipe for target '_all' failed
    make: *** [_all] Error 2

So, we introduce a new type of dependencies for kconfig-based packages,
that are guaranteed to be built and installed before the (visual)
configurators are called.

Since those dependencies are phony targets and therefore always out of
date, a normal dependency would cause the .config target to be rebuilt
on each invocation of make. So we use an order-only pre-requisite, like
is done for the patch dependency.

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Arnout Vandecappelle <arnout@mind.be>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Jan Kundrát <jan.kundrat@cesnet.cz>
Tested-by: Jan Kundrát <jan.kundrat@cesnet.cz>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-08-18 23:21:03 +02:00
Yann E. MORIN
9ff4167c8c linux: explain why we need host-{flex, bison}
The commit that added the dependency on host-{bison,flex} did
so because the pre-generated kconfig parser source files were
removed from the kernel tree, in linux-4.16.

But then, in linux-4.17, the pre-generated dtc parser source
files were in turn removed as well.

So, document the two reasons why they are needed, so we don't
accidentally remove them when we (soon) introduce the kconfig
dependencies.

(Also fix the first assignment to LINUX_DEPENDENCIES to be a
simple assignement, not an append-assignment.)

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-08-18 23:08:45 +02:00
Fabrice Fontaine
ee2af55d38 boost: enable back log on powerpc with uclibc
boost-log builds fine with powerpc on uclibc nowadays so enable it back.
By removing this dependency, build failure on azmq is also fixed as this
package is currently selecting boost-log without fulfilling this
dependency

Fixes:
 - http://autobuild.buildroot.net/results/9c373d0b5a1a59e2271d71c480d55a90a67b84cb

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-08-18 22:32:29 +02:00
Fabrice Fontaine
b20c5ca3b8 boost: context needs thread without C++11 mutex
Extract from output/build/boost-1.67.0/libs/context/build/Jamfile.v2:

explicit cxx11_hdr_mutex_check ;
local cxx11_mutex = [ check-target-builds
      cxx11_hdr_mutex_check "C++11 mutex"
    :
    : <library>/boost/thread//boost_thread
  ] ;

So select boost_thread if gcc <= 4.7

Fixes:
 - http://autobuild.buildroot.net/results/fb046c04fe18bec973d120e4ab33971f32ba5769

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-08-18 22:32:14 +02:00
Bernd Kuhls
dbe8483b20 package/mariadb: security bump to version 10.1.35
Fixes CVE-2018-3064, CVE-2018-3063, CVE-2018-3058 & CVE-2018-3066:
https://mariadb.com/kb/en/library/mariadb-10135-release-notes/

Added all hashes provided by upstream.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-08-18 21:39:49 +02:00
Thomas Petazzoni
cb8d1743ca libselinux: use correct name and content for patch 0004
Commit 6288409642 ("libselinux: add
patch to fix build with gcc < 4.7") introduced a patch, but its file
name was incorrect, so it was never applied. In addition, the patch
was generated against the Git repository of SELinux, which includes
all projects, and therefore it doesn't apply to the libselinux source
code extracted from the tarball: the "libselinux/" component path
needs to be removed from the patch.

This commit fixes both problems, which should finally and really fix:

  http://autobuild.buildroot.net/results/c3272566bb808e43bb77ec59cfe596f7e0fe9a64/

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-08-18 21:33:47 +02:00
Fabrice Fontaine
e2928dfa08 boost: thread needs atomic if GCC hasn't lock-free
When gcc has not always lock-free atomic ints:
 - lockfree boost::atomic_flag : no

boost thread needs boost atomic:
output/host/usr/bin/nios2-linux-readelf -d output/staging/usr/lib/libboost_thread.so

Dynamic section at offset 0x2cee0 contains 32 entries:
  Tag        Type                         Name/Value
 0x00000001 (NEEDED)                     Shared library: [libboost_system.so.1.67.0]
 0x00000001 (NEEDED)                     Shared library: [libboost_atomic.so.1.67.0]

Fixes:
 - http://autobuild.buildroot.net/results/5a7db292f1365f27e32695527701d5b827f60092
 - http://autobuild.buildroot.net/results/413dff87f5329d3c5180167a8711cdedea5dec67
 - http://autobuild.buildroot.net/results/a7eb4cbcdbd9412c344f45336dec58c82e84dab9

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-08-18 14:34:31 +02:00
Fabrice Fontaine
5f6f910cc9 toolchain: add BR2_TOOLCHAIN_SUPPORTS_ALWAYS_LOCKFREE_ATOMIC_INTS hidden option
Add BR2_TOOLCHAIN_SUPPORTS_ALWAYS_LOCKFREE_ATOMIC_INTS variable and
use it in BR2_TOOLCHAIN_HAS_GCC_BUG_64735.

This new variable will be used to select boost atomic when lock-free
atomic ints are not available

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-08-18 14:32:07 +02:00
Bernd Kuhls
6d37231476 package/samba4: Fix uClibc build on 64bit platforms by including stdint.h
Patch needed to be updated for samba-4.8.4

Fixes
http://autobuild.buildroot.net/results/140/1404a594583ff192d70086ef590f924472465c89/

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-08-18 11:22:25 +02:00
Bernd Kuhls
addd279d73 package/php: security bump to version 7.2.9
Version 7.2.8 fixed CVE-2018-12882, CVE-2018-14883 & CVE-2018-14851:
http://www.php.net/ChangeLog-7.php#7.2.8

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-08-18 11:21:48 +02:00
Bernd Kuhls
d00ac6c723 package/x11r7/xdriver_xf86-video-ati: fix glamor dependency
Glamor support needs egl, fix dependency after
https://git.buildroot.net/buildroot/commit/?id=5b4bcbdafbe8e7b42d4e085a0524d70665cdbaf5

Fixes
http://autobuild.buildroot.net/results/6ac/6acd5ad820a47fc3442d3e3a5d8d72b396fb6e41/

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-08-18 11:21:48 +02:00
Peter Korsgaard
46cfed78b1 ruby: security bump to version 2.4.4
Fixes the following security issues:

CVE-2017-17405: Command injection vulnerability in Net::FTP (2.4.3):
https://www.ruby-lang.org/en/news/2017/12/14/net-ftp-command-injection-cve-2017-17405/

CVE-2017-17742: HTTP response splitting in WEBrick (2.4.4):
https://www.ruby-lang.org/en/news/2018/03/28/http-response-splitting-in-webrick-cve-2017-17742/

CVE-2018-6914: Unintentional file and directory creation with directory
traversal in tempfile and tmpdir (2.4.4):
https://www.ruby-lang.org/en/news/2018/03/28/unintentional-file-and-directory-creation-with-directory-traversal-cve-2018-6914/

CVE-2018-8777: DoS by large request in WEBrick (2.4.4):
https://www.ruby-lang.org/en/news/2018/03/28/large-request-dos-in-webrick-cve-2018-8777/

CVE-2018-8778: Buffer under-read in String#unpack (2.4.4):
https://www.ruby-lang.org/en/news/2018/03/28/buffer-under-read-unpack-cve-2018-8778/

CVE-2018-8779: Unintentional socket creation by poisoned NUL byte in
UNIXServer and UNIXSocket (2.4.4):
https://www.ruby-lang.org/en/news/2018/03/28/poisoned-nul-byte-unixsocket-cve-2018-8779/

CVE-2018-8780: Unintentional directory traversal by poisoned NUL byte in Dir
(2.4.4):
https://www.ruby-lang.org/en/news/2018/03/28/poisoned-nul-byte-dir-cve-2018-8780/

Multiple vulnerabilities in RubyGems (2.4.4):
https://www.ruby-lang.org/en/news/2018/02/17/multiple-vulnerabilities-in-rubygems/

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-17 22:01:53 +02:00
Matt Flax
e477dc19b5 eigen: Fix pkg-config file prefix error
eigen generates	a pkg-config file which	has a broken prefix
(@CMAKE_INSTALL_PREFIX@).  This broken prefix causes an incorrect path when
other packages call pkg-config --cflags eigen.

This patch fixes the prefix in the generated eigen pc file, so projects
which depend on this pc file can now correctly find the eigen include
directory at build time.

Also correct the Cflags output to use the runtime prefix instead of the
build time STAGING_DIR, like we do elsewhere.

[Peter: drop backslashes, tweak commit message]
Signed-off-by: Matt Flax <flatmax@flatmax.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-17 19:20:23 +02:00
Peter Korsgaard
ae977e9428 python-django: security bump to version 1.11.15
Bump to the latest release of the 1.11.x LTS series as 1.10.x is no longer
supported upstream:

https://www.djangoproject.com/download/

Fixes the following security issues:

- CVE-2017-12794: Possible XSS in traceback section of technical 500 debug
  page (1.11.5)

- CVE-2018-6188: Information leakage in AuthenticationForm (1.11.10)

- CVE-2018-7536: Denial-of-service possibility in urlize and urlizetrunc
  template filters (1.11.11)

- CVE-2018-7537: Denial-of-service possibility in truncatechars_html and
  truncatewords_html template filters (1.11.11)

- CVE-2018-14574: Open redirect possibility in CommonMiddleware (1.11.15)

Also add a hash for the license file.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-17 18:58:05 +02:00
Yann E. MORIN
c48f8a6462 package/m4: fix build on host with glibc-2.28
glibc-2.28 did quite some lifting in their headers, which breaks the
way some packages were detecting glibc, like gnulib.

However, packages do bundle gnulib (it was meant to be bundled),
and so does m4.

Since m4 hasn't seen the slightest commit since 2017-01-09, it is
bundling an old gnulib version, that predates glibc-2.28, and thus
breaks. It also means that upstream hasn't already fixed the issue.

Furthermore, as upstream is using a git submodule for gnulib, and
that the paths are not the same in the release tarball (in lib/)
and in the git tree (in gnulib/), we can't do a plain backport.

So, we selectively backport the two patches from gnulib upstream,
restricted to only the files that happen to be used in m4.

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Reported-by: c32 on IRC
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-17 18:57:25 +02:00
Baruch Siach
f70b13a7cb dahdi-tools: unify dependencies comments
The threads dependency comment is currently shown even though the
toolchain supports threads, only because kernel build is disabled.

Merge the kernel and threads comments. This is similar to what we have
in other packages that need the kernel.

Cc: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-17 17:07:11 +02:00
Baruch Siach
45768d28f1 dbus: bump to version 1.2.10
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-17 17:05:34 +02:00
Baruch Siach
d9cfe343d2 cryptsetup: fix build with pre C11 toolchains
Add a patch removing a redefined typedef. Redefinition of typedef, even
to the same type, used to be illegal before C11.

Fixes:
http://autobuild.buildroot.net/results/93b/93b300a62f2ddbad66eab08e25fc3225969f224b/
http://autobuild.buildroot.net/results/6c6/6c6092d633400498ee5b8090733a949a9632e473/
http://autobuild.buildroot.net/results/f46/f46ef6123b5fa92753ff534b4ef7bea3f53ac388/

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Tested-by: Hollis Blanchard <hollis_blanchard@mentor.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-17 16:55:41 +02:00
Peter Korsgaard
9c2bbc3fc9 libfuse: security bump to version 2.9.8
Fixes CVE-2018-10906 - In fuse before versions 2.9.8 and 3.x before 3.2.5,
fusermount is vulnerable to a restriction bypass when SELinux is active.
This allows non-root users to mount a FUSE file system with the
'allow_other' mount option regardless of whether 'user_allow_other' is set
in the fuse configuration.  An attacker may use this flaw to mount a FUSE
file system, accessible by other users, and trick them into accessing files
on that file system, possibly causing Denial of Service or other unspecified
effects.

And additionally:

- libfuse no longer segfaults when fuse_interrupted() is called outside the
  event loop.

- The fusermount binary has been hardened in several ways to reduce
  potential attack surface.  Most importantly, mountpoints and mount options
  must now match a hard-coded whitelist.  It is expected that this whitelist
  covers all regular use-cases.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-17 16:54:07 +02:00
Peter Korsgaard
f881e72248 orangepi_zero_defconfig: bump linux to 4.17.15 to include latest fixes
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-17 16:53:00 +02:00
Peter Korsgaard
931111604c orangepi_zero_defconfig: bump u-boot to 2018.07 to fix build issue
u-boot 2018.01 now fails to build with the following error:

  CC      arch/arm/lib/asm-offsets.s
In file included from /builds/buildroot.org/buildroot/output/host/include/libfdt.h:54:0,
                 from /builds/buildroot.org/buildroot/output/build/uboot-2018.01/scripts/dtc/libfdt/fdt.c:54:
/builds/buildroot.org/buildroot/output/host/include/libfdt_env.h:82:24: error: redefinition of 'fdt16_to_cpu'
 static inline uint16_t fdt16_to_cpu(fdt16_t x)
                        ^~~~~~~~~~~~
In file included from /builds/buildroot.org/buildroot/output/build/uboot-2018.01/scripts/dtc/libfdt/fdt.c:51:0:
/builds/buildroot.org/buildroot/output/build/uboot-2018.01/scripts/dtc/libfdt/libfdt_env.h:81:24: note: previous definition of 'fdt16_to_cpu' was here
 static inline uint16_t fdt16_to_cpu(fdt16_t x)

https://gitlab.com/buildroot.org/buildroot/-/jobs/88314891

Fix it by bumping the u-boot version to 2018.07.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-17 16:52:41 +02:00
Peter Korsgaard
19f1f071f5 orangepi_pc_defconfig: bump linux to 4.17.15 to include latest fixes
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-17 16:52:36 +02:00
Peter Korsgaard
1d8d6cbdcc orangepi_pc_defconfig: bump u-boot to 2018.07 to fix build issue
u-boot 2018.05 now fails to build with the following error:

  HOSTCC  scripts/dtc/flattree.o
In file included from /builds/buildroot.org/buildroot/output/host/include/libfdt.h:54:0,
                 from /builds/buildroot.org/buildroot/output/build/uboot-2018.05/scripts/dtc/libfdt/fdt.c:54:
/builds/buildroot.org/buildroot/output/host/include/libfdt_env.h:82:24: error: redefinition of 'fdt16_to_cpu'
 static inline uint16_t fdt16_to_cpu(fdt16_t x)
                        ^~~~~~~~~~~~
In file included from /builds/buildroot.org/buildroot/output/build/uboot-2018.05/scripts/dtc/libfdt/fdt.c:51:0:
/builds/buildroot.org/buildroot/output/build/uboot-2018.05/scripts/dtc/libfdt/libfdt_env.h:81:24: note: previous definition of 'fdt16_to_cpu' was here
 static inline uint16_t fdt16_to_cpu(fdt16_t x)
                        ^~~~~~~~~~~~

https://gitlab.com/buildroot.org/buildroot/-/jobs/88314886

Fix it by bumping the u-boot version to 2018.07.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-17 16:52:33 +02:00
Thomas Petazzoni
1b53b177a6 linux: replace shell for loop with make foreach loop
This commit replaces the loop copying out-of-tree DTS into the kernel
tree by a make foreach loop instead of a shell for loop. This allows
to error out if one of the DTS file cannot be copied (for example if
it doesn't exist).

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-17 16:52:00 +02:00
Peter Korsgaard
1ee626aab9 sheevaplug: add a basic readme
Describing how to update the board.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-17 16:51:10 +02:00
Peter Korsgaard
1c5b7ba27b sheevaplug_defconfig: bump linux to 4.14.63 to include latest fixes
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-17 16:51:07 +02:00
Peter Korsgaard
0f09daba15 sheevaplug_defconfig: bump u-boot to 2018.07 to fix build issue
u-boot 2016.05 no longer builds with the default gcc/binutils versions:

https://gitlab.com/buildroot.org/buildroot/-/jobs/88314946

  LD      u-boot
fs/built-in.o: In function `read_symbol':
/builds/buildroot.org/buildroot/output/build/uboot-2016.05/fs/jffs2/mini_inflate.c:129: undefined reference to `pull_bit'
fs/built-in.o: In function `decompress_huffman':
/builds/buildroot.org/buildroot/output/build/uboot-2016.05/fs/jffs2/mini_inflate.c:159: undefined reference to `pull_bits'
/builds/buildroot.org/buildroot/output/build/uboot-2016.05/fs/jffs2/mini_inflate.c:170: undefined reference to `pull_bits'
..
/builds/buildroot.org/buildroot/output/host/bin/arm-buildroot-linux-uclibcgnueabi-ld.bfd: BFD (GNU Binutils) 2.29.1 assertion fail elf32-arm.c:9509
Makefile:1192: recipe for target 'u-boot' failed
make[1]: *** [u-boot] Error 1
make[1]: Leaving directory '/builds/buildroot.org/buildroot/output/build/uboot-2016.05'

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-17 16:51:01 +02:00
Bernd Kuhls
8654a214ff package/libopenssl: security bump to version 1.0.2p
Fixes CVE-2018-0732 & CVE-2018-0737:
https://www.openssl.org/news/vulnerabilities.html

Added upstream sha1 hash.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-17 09:03:44 +02:00
Bernd Kuhls
65c47ce0a8 linux: bump default to version 4.17.15
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-16 22:12:12 +02:00
Bernd Kuhls
345a8eeda1 linux-headers: bump 4.{4, 9, 14, 17}.x series
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-16 22:12:12 +02:00
Fabrice Fontaine
9a1059b86a boost: put back chrono select for coroutine
coroutine module does use chrono directly:

./libs/coroutine/performance/asymmetric/segmented/Jamfile.v2: <library>/boost/chrono//boost_chrono
./libs/coroutine/performance/asymmetric/Jamfile.v2: <library>/boost/chrono//boost_chrono
./libs/coroutine/performance/symmetric/segmented/Jamfile.v2: <library>/boost/chrono//boost_chrono
./libs/coroutine/performance/symmetric/Jamfile.v2: <library>/boost/chrono//boost_chrono

So put back select of chrono for coroutine

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-08-16 22:09:24 +02:00
Thomas Petazzoni
6288409642 libselinux: add patch to fix build with gcc < 4.7
This commit adds a patch from Hollis Blanchard on libselinux to fix
build on host machines that have gcc < 4.7.

Fixes:

  http://autobuild.buildroot.net/results/a82bb0c0b22ff24263ad7a7d165b21c0df7b3b1d/

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-08-16 11:42:50 +02:00
Baruch Siach
f45976b2c7 bzip2: change upstream site
The bzip.org website is down. Use the Buildroot backup download site.
Remove the website link as there is no clear alternative upstream at
this point.

  https://lwn.net/Articles/762264/

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-08-16 00:29:04 +02:00
Fabrice Fontaine
6607d66563 boost: thread needs chrono
chrono is selected by thread (see libs/thread/build/Jamfile.v2):

rule usage-requirements ( properties * )
{
[...]
result += <library>/boost/chrono//boost_chrono ;
}

So add this select for BR2_PACKAGE_BOOST_THREAD and remove it from
BR2_PACKAGE_BOOST_COROUTINE, BR2_PACKAGE_BOOST_LOG,
BR2_PACKAGE_TYPE_ERASURE and BR2_PACKAGE_BOOST_WAVE

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-08-15 22:15:44 +02:00
Fabrice Fontaine
73cdfc6a4d boost: locale needs thread with icu
output/host/usr/bin/nios2-linux-readelf -d output/staging/usr/lib/libboost_locale.so

Dynamic section at offset 0x125ec0 contains 36 entries:
  Tag        Type                         Name/Value
 0x00000001 (NEEDED)                     Shared library: [libboost_chrono.so.1.67.0]
 0x00000001 (NEEDED)                     Shared library: [libboost_thread.so.1.67.0]
 0x00000001 (NEEDED)                     Shared library: [libboost_system.so.1.67.0]
 0x00000001 (NEEDED)                     Shared library: [librt.so.1]
 0x00000001 (NEEDED)                     Shared library: [libicudata.so.60]
 0x00000001 (NEEDED)                     Shared library: [libicui18n.so.60]
 0x00000001 (NEEDED)                     Shared library: [libicuuc.so.60]

Fixes:
 - http://autobuild.buildroot.net/results/57838f7cd84f37b66ab7007deaea847af8f54b72

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-08-15 22:12:27 +02:00
Fabrice Fontaine
680789fa39 domoticz: fix appversion.default
Retrieve correct appversion.default (9700) from upstream

Without this patch, the wrong version is displayed in the web ui and
when the user checks for an update, domoticz wrongly says that a new
version is available
This issue was reported by an email from Eyal Eshed <eeshed@coldroll.ca>

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-08-15 21:35:20 +02:00
Bernd Kuhls
3d7ce0124a package/samba4: security bump to version 4.8.4
Release notes: https://www.samba.org/samba/history/samba-4.8.4.html

Fixes

o  CVE-2018-1139  (Weak authentication protocol allowed.)
o  CVE-2018-1140  (Denial of Service Attack on DNS and LDAP server.)
o  CVE-2018-10858 (Insufficient input validation on client directory
                   listing in libsmbclient.)
o  CVE-2018-10918 (Denial of Service Attack on AD DC DRSUAPI server.)
o  CVE-2018-10919 (Confidential attribute disclosure from the AD LDAP
                   server.)

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-15 21:14:32 +02:00
Mirza Krak
4eccbe3ef9 package/pkg-golang: post-pone evaluation of variables
As explained in pkg-generic.mk, all variable references inside the
inner-xxx-package should use $$(...). Otherwise, they are evaluated
too early, and will not contain the expected value. In the content of
the pkg-golang infrastructure, the <pkg>_SRC_DOMAIN, <pkg>_SRC_VENDOR
and <pkg>_SRC_SOFTWARE variables were not properly escaping their
reference to the $$($(2)_SITE) variable.

This was not visible until now, as only target Go packages were
supported, where $(2)_SITE was always defined prior to this macro
being expanded. With the upcoming support of host Go packages, we need
to fix this, as $(2)_SITE may be defined later, inherited from
$(3)_SITE.

Signed-off-by: Mirza Krak <mirza.krak@northern.tech>
[Thomas: rework commit log.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-08-15 14:32:46 +02:00
Peter Seiderer
a3c3a54da9 qt5serialbus: examples need qt5 widgets module
Fixes [1]:

  make[2]: Entering directory '.../build/qt5serialbus-5.11.1/examples'
  Some of the required modules (qtHaveModule(widgets)) are not available.
  Skipped.
  [...]
  cp -dpfr .../host/mips64el-buildroot-linux-gnu/sysroot/usr/lib/qt/examples/serialbus .../target/usr/lib/qt/examples/
  cp: cannot stat '.../host/mips64el-buildroot-linux-gnu/sysroot/usr/lib/qt/examples/serialbus': No such file or directory

[1] http://autobuild.buildroot.net/results/147809b5f8758af935bee48c0fc83fd86a8509e9

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-08-14 23:41:06 +02:00
Marcin Niestroj
5313c50aa3 package/lvm2: Fix runtime crash when using uclibc
When using uclibc libdevmapper.so was calling dm_task_get_info_base()
function recursively, leading to segmentation fault. This was
happening because uclibc linker loader just takes first existing
'dm_task_get_info' (which is 'dm_task_get_info_base') symbol in elf
binary, instead of default version.

Add upstreamable lvm2 patch [1], which introduces
--enable-symvers[=STYLE] switch. Use that switch to disable symbol
versions, as we do not plan to support binaries compiled against
old libdevmapper library.

Fixes bug #10781.

[1] https://www.redhat.com/archives/dm-devel/2018-July/msg00187.html

Signed-off-by: Marcin Niestroj <m.niestroj@grinn-global.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-08-14 22:23:03 +02:00
Laurent Hartanerot
7c2eb68cac lighttpd: Add systemd tmpfile to fix lighttpd systemd boot
Problem starting lighttpd application with systemd.

/usr/sbin/lighttpd -D -f /etc/lighttpd/lighttpd.conf
2018-06-22 11:21:34: (server.c.733) opening errorlog '/var/log/lighttpd-error.log' failed: Permission denied
2018-06-22 11:21:34: (server.c.1420) Opening errorlog failed. Going down.

Lighttpd can not write the 'lighttpd-access.log' and 'lighttpd-error.log' files
to the directory '/var/log/'.

When using systemd the directory '/var/log' does not allow the user www-data to
write.

To correct the problem, we add /usr/lib/tmpfiles.d/lighttpd.conf.
This file create the 'lighttpd-access.log' and 'lighttpd-error.log' files  with
the permission

Signed-off-by: Laurent Hartanerot <laurent.hartanerot@atos.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-08-14 16:27:58 +02:00