Commit Graph

35370 Commits

Author SHA1 Message Date
Peter Korsgaard
3a66a81b7a python-django: security bump to version 1.10.7
Fixes the following security issues:

Since 1.10.3:

CVE-2016-9013 - User with hardcoded password created when running tests on
Oracle

Marti Raudsepp reported that a user with a hardcoded password is created
when running tests with an Oracle database.

CVE-2016-9014 - DNS rebinding vulnerability when DEBUG=True

Aymeric Augustin discovered that Django does not properly validate the Host
header against settings.ALLOWED_HOSTS when the debug setting is enabled.  A
remote attacker can take advantage of this flaw to perform DNS rebinding
attacks.

Since 1.10.7:

CVE-2017-7233 - Open redirect and possible XSS attack via user-supplied
numeric redirect URLs

It was discovered that is_safe_url() does not properly handle certain
numeric URLs as safe.  A remote attacker can take advantage of this flaw to
perform XSS attacks or to use a Django server as an open redirect.

CVE-2017-7234 - Open redirect vulnerability in django.views.static.serve()

Phithon from Chaitin Tech discovered an open redirect vulnerability in the
django.views.static.serve() view.  Note that this view is not intended for
production use.

Cc: Oli Vogt <oli.vogt.pub01@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-04-27 21:27:27 +02:00
Bernd Kuhls
833082fdb4 package/live555: bump version to 2017.04.26
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-04-27 17:28:00 +02:00
Vicente Olivert Riera
6f24afad92 linux: bump default version to 4.10.13
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-04-27 17:03:36 +02:00
Vicente Olivert Riera
431bd936a1 linux-headers: bump 4.{4,9,10}.x series
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-04-27 17:03:21 +02:00
Matt Weber
2ef966fb30 package/libqmi: bump version to 1.18.0
udev support was added with this bump, however
the support was disabled, as Buildroot currently
doesn't support the gudev package.  libqmi is
looking for the Gobject bindings provided by
that package to access libudev.

Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-04-27 15:27:51 +02:00
Baruch Siach
dc1287ee8a aircrack-ng: don't build SSE code for non SSE target
Fixes:
http://autobuild.buildroot.net/results/763/7631470016f923e8f4a7696e65437c71b8668b6e/
http://autobuild.buildroot.net/results/621/621588651b5cf54726bbf5361399a2dc301b8a29/
http://autobuild.buildroot.net/results/628/628a66ef766308fba699f1faa942306e600e5575/

Cc: Laurent Cans <laurent.cans@gmail.com>
Cc: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-04-27 14:16:41 +02:00
Baruch Siach
5efbd573c0 libnl: add upstream security fix
CVE-2017-0553: An elevation of privilege vulnerability in libnl could enable a
local malicious application to execute arbitrary code within the context of
the Wi-Fi service

https://www.mail-archive.com/debian-bugs-dist@lists.debian.org/msg1511855.html

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-04-27 14:12:32 +02:00
Peter Korsgaard
030fe340af tiff: add upstream security fixes
Add upstream post-4.0.7 commits (except for ChangeLog modifications) fixing
the following security issues:

CVE-2016-10266 - LibTIFF 4.0.7 allows remote attackers to cause a denial of
service (divide-by-zero error and application crash) via a crafted TIFF
image, related to libtiff/tif_read.c:351:22.

CVE-2016-10267 - LibTIFF 4.0.7 allows remote attackers to cause a denial of
service (divide-by-zero error and application crash) via a crafted TIFF
image, related to libtiff/tif_ojpeg.c:816:8.

CVE-2016-10269 - LibTIFF 4.0.7 allows remote attackers to cause a denial of
service (heap-based buffer over-read) or possibly have unspecified other
impact via a crafted TIFF image, related to "READ of size 512" and
libtiff/tif_unix.c:340:2.

CVE-2016-10270 - LibTIFF 4.0.7 allows remote attackers to cause a denial of
service (heap-based buffer over-read) or possibly have unspecified other
impact via a crafted TIFF image, related to "READ of size 8" and
libtiff/tif_read.c:523:22.

CVE-2017-5225 - LibTIFF version 4.0.7 is vulnerable to a heap buffer
overflow in the tools/tiffcp resulting in DoS or code execution via a
crafted BitsPerSample value.

CVE-2017-7592 - The putagreytile function in tif_getimage.c in LibTIFF 4.0.7
has a left-shift undefined behavior issue, which might allow remote
attackers to cause a denial of service (application crash) or possibly have
unspecified other impact via a crafted image.

CVE-2017-7593 - tif_read.c in LibTIFF 4.0.7 does not ensure that tif_rawdata
is properly initialized, which might allow remote attackers to obtain
sensitive information from process memory via a crafted image.

CVE-2017-7594 - The OJPEGReadHeaderInfoSecTablesDcTable function in
tif_ojpeg.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of
service (memory leak) via a crafted image.

CVE-2017-7595 - The JPEGSetupEncode function in tiff_jpeg.c in LibTIFF 4.0.7
allows remote attackers to cause a denial of service (divide-by-zero error
and application crash) via a crafted image.

CVE-2017-7598 - tif_dirread.c in LibTIFF 4.0.7 might allow remote attackers
to cause a denial of service (divide-by-zero error and application crash)
via a crafted image.

CVE-2017-7601 - LibTIFF 4.0.7 has a "shift exponent too large for 64-bit
type long" undefined behavior issue, which might allow remote attackers to
cause a denial of service (application crash) or possibly have unspecified
other impact via a crafted image.

CVE-2017-7602 - LibTIFF 4.0.7 has a signed integer overflow, which might
allow remote attackers to cause a denial of service (application crash) or
possibly have unspecified other impact via a crafted image.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-04-27 14:12:24 +02:00
Peter Korsgaard
0135204868 icu: add upstream security fix for utf-8 handling
Fixes:

CVE-2017-7867 - International Components for Unicode (ICU) for C/C++ before
2017-02-13 has an out-of-bounds write caused by a heap-based buffer overflow
related to the utf8TextAccess function in common/utext.cpp and the
utext_setNativeIndex* function.

CVE-2017-7868 - International Components for Unicode (ICU) for C/C++ before
2017-02-13 has an out-of-bounds write caused by a heap-based buffer overflow
related to the utf8TextAccess function in common/utext.cpp and the
utext_moveIndex32* function.

Upstream: http://bugs.icu-project.org/trac/changeset/39671

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-04-27 14:12:16 +02:00
Martin Kepplinger
4d97748129 tslib: speed up the build by skipping autoreconf
We are not carrying any patches modifying auto* files, so autoreconf isn't
needed.

[Peter: extend commit message]
Signed-off-by: Martin Kepplinger <martin.kepplinger@ginzinger.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-04-27 11:30:21 +02:00
Steve Kenton
3046f64c6a tovid: bump version to 0.35.2
Signed-off-by: Steve Kenton <skenton@ou.edu>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-04-27 10:19:02 +02:00
Waldemar Brodkorb
43155c5b4c libmpeg2: fix sparc32 build
The output detection recognized wrong target output, because
sparcv9 optimization flags used for sparcv8 build.

Fixes:
  http://autobuild.buildroot.net/results/1b3158b03f7eaf5afb5a4dab9526091888f6c9b8

Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-04-27 10:18:28 +02:00
Baruch Siach
20cc38be8e DEVELOPERS: remove bouncing email address
The DEVELOPERS email address of Waldemar Rymarkiewicz is bouncing. Remove his
entry.

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-04-27 10:15:15 +02:00
Peter Korsgaard
c363e070d8 libsndfile: security bump to version 1.0.28
Fixes:

CVE-2017-7585 - In libsndfile before 1.0.28, an error in the
"flac_buffer_copy()" function (flac.c) can be exploited to cause a
stack-based buffer overflow via a specially crafted FLAC file.

CVE-2017-7586 - In libsndfile before 1.0.28, an error in the "header_read()"
function (common.c) when handling ID3 tags can be exploited to cause a
stack-based buffer overflow via a specially crafted FLAC file.

CVE-2017-7741 - In libsndfile before 1.0.28, an error in the
"flac_buffer_copy()" function (flac.c) can be exploited to cause a
segmentation violation (with write memory access) via a specially crafted
FLAC file during a resample attempt, a similar issue to CVE-2017-7585.

CVE-2017-7742 - In libsndfile before 1.0.28, an error in the
"flac_buffer_copy()" function (flac.c) can be exploited to cause a
segmentation violation (with read memory access) via a specially crafted
FLAC file during a resample attempt, a similar issue to CVE-2017-7585.

Dop undocumented patch adjusting SUBDIRS in Makefile.in as it no longer
applies.  Instead pass --disable-full-suite to disable man pages,
documentation and programs, as that was presumably the reason for the patch.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-04-27 10:15:05 +02:00
Peter Korsgaard
c3b5480204 ncftp: use tar.gz to workaround upstream changing tarball post-release
As explained here:
http://lists.busybox.net/pipermail/buildroot/2017-March/185550.html

Upstream has silently updated their 3.2.6 tarball some time between our
version bump in late November and December 4th.  The changed tarball also
contains a significant amount of source changes:

 libncftp/c_opennologin.c  |    4
 libncftp/ftp.c            |   31
 libncftp/ftw.c            |    2
 libncftp/io_getmem.c      |    2
 libncftp/io_list.c        |    6
 libncftp/io_sendfile.c    |    4
 libncftp/io_util.c        |    4
 libncftp/ncftp.h          |    2
 libncftp/open.c           |    4
 libncftp/rftw.c           |    2
 libncftp/rglobr.c         |    2
 libncftp/u_decodehost.c   |    2
 libncftp/u_decodeurl.c    |    2
 libncftp/u_getpass.c      |    2
 libncftp/u_misc.c         |    2
 libncftp/u_pathcat.c      |    4
 libncftp/u_scram.c        |    2
 libncftp/wincfg.h         |    1
 ncftp/cmds.c              |   38 -
 ncftp/gl_getline.c        |   26
 ncftp/ls.c                |    9
 ncftp/ls.h                |    9
 ncftp/progress.c          |    9
 ncftp/readln.c            |    4
 ncftp/shell.h             |   10
 ncftp/spoolutil.c         |    8
 ncftp/version.c           |    2
 sh/mksrctar.sh            |    1
 sh_util/gpshare.c         |   12
 sh_util/ncftpbatch.c      |  110 --
 sh_util/ncftpget.c        |    6
 sh_util/ncftpls.c         |    5
 sh_util/ncftpput.c        |   14
 sio/DNSUtil.c             |    4
 sio/Makefile.in           |   16
 sio/SBind.c               |   35
 sio/SConnect.c            |    9
 sio/SNew.c                |  115 ---
 sio/SRead.c               |    6
 sio/StrAddr.c             |    6
 sio/config.h.in           |   24
 sio/configure.in          |    8
 sio/sio.h                 |   18
 sio/wincfg.h              |    1
 vis/bmed.c                |   13
 vis/wgets.c               |   12
 vis/wgets.h               |    7
 vis/wutil.c               |    6
 vis/wutil.h               |    6

Upstream has been contacted to verify if this change was intentional and the
reason why. From the mail:

> Is this update intentional? Why was the tarball regenerated?

Yes.

The old hash was unfortunately already used in the 2017.02 (and .1)
releases, so just changing the hash and updating the tarball on
sources.buildroot.org would break ncftp for users of those releases.
Instead change to use the .tar.gz tarball as suggested by Arnout.

Cc: Arnout Vandecappelle <arnout@mind.be>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-04-27 10:14:54 +02:00
Bernd Kuhls
6538125e1f package/pcsc-lite: bump version to 1.8.20
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-04-26 15:03:00 +02:00
Baruch Siach
0a0524876b xorriso: disable libcdio
xorriso and libcdio define identically named symbols. This breaks static
linking.

Besides, upstream suggested that on Linux the built-in libburn adapter is much
better tested than libcdio.

Disable libcdio.

Fixes:
http://autobuild.buildroot.net/results/430/430a6b548fcc311f20ea71cecaa11fafac1d5a19/
http://autobuild.buildroot.net/results/a5d/a5d0f8bec0d39e48f6dfe4ecc07fe0ca3c6bd70a/

Cc: Steve Kenton <skenton@ou.edu>
Suggested-by: Thomas Schmitt <scdbackup@gmx.net>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Acked-by: Steve Kenton <skenton@ou.edu>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-04-26 09:58:49 +02:00
Waldemar Brodkorb
002d9ed354 uclibc: update to 1.0.24
Fixes aarch64 C++ issue. Removes old implementations for fnmatch/regex.
Allow long double wrappers for all architectures.

Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-04-26 09:20:17 +02:00
Romain Naour
a086213b39 package/bullet: bump to version 2.86.1
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-04-26 09:20:16 +02:00
Romain Naour
2af19b0143 package/xenomai: fallback to http
The https protocol return:
"ERROR 503: Service Temporarily Unavailable"

Fixes:
http://autobuild.buildroot.net/results/120/12034603c46c8bd69590c88bbfe85261460b699c

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-04-26 09:20:16 +02:00
Peter Korsgaard
665560856e imagemagick: add upstream security fix for CVE-2017-7606
This is not yet part of any release.

coders/rle.c in ImageMagick 7.0.5-4 has an "outside the range of
representable values of type unsigned char" undefined behavior issue, which
might allow remote attackers to cause a denial of service (application
crash) or possibly have unspecified other impact via a crafted image.

For more details, see:
https://blogs.gentoo.org/ago/2017/04/02/imagemagick-undefined-behavior-in-codersrle-c/

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-04-26 09:20:16 +02:00
Peter Korsgaard
7daae8362b libcroco: bump to version 0.6.12
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-04-26 09:20:16 +02:00
Peter Korsgaard
52bfb4b1ce libcroco: add upstream security fixes
These have been added to upstream git after 0.6.12 was released.

CVE-2017-7960 - The cr_input_new_from_uri function in cr-input.c in libcroco
0.6.11 and 0.6.12 allows remote attackers to cause a denial of service
(heap-based buffer over-read) via a crafted CSS file.

CVE-2017-7961 - The cr_tknzr_parse_rgb function in cr-tknzr.c in libcroco
0.6.11 and 0.6.12 has an "outside the range of representable values of type
long" undefined behavior issue, which might allow remote attackers to cause
a denial of service (application crash) or possibly have unspecified other
impact via a crafted CSS file.

For more details, see:
https://blogs.gentoo.org/ago/2017/04/17/libcroco-heap-overflow-and-undefined-behavior/

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-04-26 09:20:16 +02:00
Peter Korsgaard
a534030c6e python-web2py: security bump to version 2.14.6
CVE-2016-4806 - Web2py versions 2.14.5 and below was affected by Local File
Inclusion vulnerability, which allows a malicious intended user to
read/access web server sensitive files.

CVE-2016-4807 - Web2py versions 2.14.5 and below was affected by Reflected
XSS vulnerability, which allows an attacker to perform an XSS attack on
logged in user (admin).

CVE-2016-4808 - Web2py versions 2.14.5 and below was affected by CSRF (Cross
Site Request Forgery) vulnerability, which allows an attacker to trick a
logged in user to perform some unwanted actions i.e An attacker can trick an
victim to disable the installed application just by sending a URL to victim.

CVE-2016-10321 - web2py before 2.14.6 does not properly check if a host is
denied before verifying passwords, allowing a remote attacker to perform
brute-force attacks.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-04-26 09:20:16 +02:00
Peter Korsgaard
027a0d5b61 minicom: security bump to version 2.7.1
Fixes CVE-2017-7467 - minicom and prl-vzvncserver vt100.c escparms[] buffer
overflow.

For more details about the issue, see the nice writeup on oss-security:

http://www.openwall.com/lists/oss-security/2017/04/18/5

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-04-26 09:20:16 +02:00
Arnout Vandecappelle
200282e207 busybox: no need to disable clear and reset
Removing clear and reset from the busybox config when the ncurses tools
are enabled is not really needed.

Since commit 802bff9c42, the busybox install will not overwrite
existing programs. Therefore, the tools will be installed correctly
regardless of the order of the build:
- if busybox is built first, the clear and reset apps are installed,
  but they will be overwritten by ncurses;
- if ncurses is built first, it will install the clear and reset apps,
  and busybox will no longer install them.

We prefer not to modify the busybox configuration when not strictly
necessary, because it is surprising for the user that his configuration
is not applied. Clearly, it's not ideal that busybox is configured with
redundant apps, but if the user wants to shrink it, it's possible to
provide a custom config.

This partially reverts commit 33c72344a8.

Cc: Matthew Weber <matthew.weber@rockwellcollins.com>
Cc: Danomi Manchego <danomimanchego123@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Tested-by: Matt Weber  <matthew.weber@rockwellcollins.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-04-26 09:20:15 +02:00
Bernd Kuhls
cddb22ac2b package/aircrack-ng: bump version to 1.2-rc4
Removed patches applied upstream:

0001-Makefile-use-pkg-config-to-find-libpcre-it-s-more-cros.patch
http://trac.aircrack-ng.org/changeset/2445

0002-Optionally-use-LIBPCAP-for-required-libpcap-libraries.patch
http://trac.aircrack-ng.org/changeset/2446

0003-Wesside-ng-Use-termios-instead-of-sys-termios.patch
http://trac.aircrack-ng.org/changeset/2533

Added option to disable stack-protector support auto-detection in gcc.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-04-26 09:20:15 +02:00
Bernd Kuhls
d9f19462fb package/ccid: bump version to 1.4.26
Changed _SITE according to
http://lists.alioth.debian.org/pipermail/pcsclite-muscle/Week-of-Mon-20170102/000780.html

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-04-26 09:20:15 +02:00
Bernd Kuhls
ff75225568 package/acsccid: bump version to 1.1.4
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-04-26 09:20:15 +02:00
Bernd Kuhls
7fe176da86 package/acpica: bump version to 20170303
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-04-26 09:20:15 +02:00
Bernd Kuhls
0250b40b74 package/libgpgme: bump version to 1.9.0
Removed configure option --with-gpg, it was removed upstream in 2013:
https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gpgme.git;a=commitdiff;h=02ba35c1b6a2cbb3361b2f2ad507c53564b2be0b#patch3

[Peter: drop comment referring to --with-gpg option]
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-04-26 09:20:07 +02:00
Rahul Bedarkar
29f261beef sg3_utils: improve license description
Library is licensed under BSD-3-Clause. Some programs are licensed
under GPL-2.0+ while other are BSD-3-Clause. Annotate licenses with
components and improve readability of license strings when
conditionally specifying license for programs using := instead of +=.

Signed-off-by: Rahul Bedarkar <rahulbedarkar89@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-04-26 09:01:30 +02:00
Vicente Olivert Riera
c3d4234d09 linux: bump default version to 4.10.12
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-04-26 09:01:01 +02:00
Vicente Olivert Riera
37159734b0 linux-headers: bump 4.{4,9,10}.x series
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-04-26 09:00:51 +02:00
Vicente Olivert Riera
ab0a4e9437 python-pyopenssl: bump version to 17.0.0
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-04-26 09:00:19 +02:00
Vicente Olivert Riera
27a1629e85 tcpreplay: bump version to 4.2.3
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-04-26 08:59:56 +02:00
Andrey Smirnov
990bc8b2ad package/python-json-schema-validator: remove Python2 dependency
python-json-schema-validator supports Python 3, so there's no reason
to limit it to Python 2 only.

Reviewed-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Matthew Carruth <carruthm@gmail.com>
Signed-off-by: Andrey Smirnov <andrew.smirnov@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-04-25 21:50:44 +02:00
Andrey Smirnov
ce98cea8fb package/python-versiontools: remove Python2 dependency
python-versiontools supports Python 3, so there's no reason to limit
it to Python 2 only.

Reviewed-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Matthew Carruth <carruthm@gmail.com>
Signed-off-by: Andrey Smirnov <andrew.smirnov@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-04-25 21:50:03 +02:00
Zakharov Vlad
fecfb0bacb binutils: arc: fix 0301-PATCH-check-ldrunpath-length.patch after version bump
This commit fixes another brown-paper-bag issue that I've introduced by
my following patch:
toolchain: Bump ARC tools to arc-2017.03-rc1
(5f8ef7e25c)

arc-2017.03-rc1 differs a bit from 2.28. And so corresponding
of-the-tree patch should be updated appropriately.

Fixes target binutils build for arc:
http://autobuild.buildroot.net/results/f67/f67c905979870936d8050a505b61186be6dad85d//

[Peter: tweak commit message]
Signed-off-by: Vlad Zakharov <vzakhar@synopsys.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-04-24 22:32:53 +02:00
Davide Viti
965c5ca57d mongoose: bump to version 6.7
Signed-off-by: Davide Viti <zinosat@tiscali.it>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-04-24 22:28:24 +02:00
Vicente Olivert Riera
c10724093a mpv: bump version to 0.25.0
Remove 0003-fix-build-with-have-gl.patch which is already included in
this release.

Remove --{enable|disable}-standard-gl configure option because it
doesn't exist.

Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-04-24 22:27:57 +02:00
Vicente Olivert Riera
bc41dbe658 poppler: bump version to 0.54.0
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-04-24 22:27:21 +02:00
Vicente Olivert Riera
b53e4f0bb8 harfbuzz: bump version to 1.4.6
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-04-24 22:27:07 +02:00
Vicente Olivert Riera
3ac9e1e71b python-dataproperty: bump version to 0.18.1
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-04-24 22:26:47 +02:00
Vicente Olivert Riera
acaa2e6f93 x265: bump version to 2.4
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-04-24 22:26:31 +02:00
Francois Perrad
bea0cfc596 perl-gd: bump to version 2.66
remove last patch

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-04-24 22:25:31 +02:00
Baruch Siach
4c2b11977a syslog-ng: disable mongodb
libbson is a dependency of the mongo-c-driver that syslog-ng uses. Buildroot
doesn't package mongo-c-driver so syslog-ng uses the bundled one. The bundled
mongo-c-driver in turn may optionally use a bundled libbson. When Buildroot
builds libbson mongo-c-driver detects that and does not configure its bundled
libbson. This breaks the build of the syslog-ng mongodb module because it adds
the bundled libbson to the headers search path.

Disable the mongodb module to avoid this issue.

Fixes:
http://autobuild.buildroot.net/results/843/84331e9a168d8bdf2cceca8e9e1480611c1ecaed/
http://autobuild.buildroot.net/results/b5b/b5bad64abbf5764faf2a7129a1a25ad75c34980b/
http://autobuild.buildroot.net/results/3c3/3c32f4eb7436da06f3fb59f928363959df2a5e86/

Cc: Chris Packham <judge.packham@gmail.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Acked-by: Chris Packham <judge.packham@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-04-22 15:59:31 +02:00
Adam Duskett
e2a7822415 package makefiles: clean up backslash spacing.
The check-package script when ran gave warnings on only using
one space before backslashes on all of these makefiles.
This patch cleans up all warnings related to the one space before
backslashes rule in the make files in the package directory.

Signed-off-by: Adam Duskett <aduskett@codeblue.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-04-22 15:57:23 +02:00
Adam Duskett
42ec2bd4a4 package/qt: fix header
The header was non-standard according to check-package.

Signed-off-by: Adam Duskett <aduskett@codeblue.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-04-22 15:51:07 +02:00
Adam Duskett
edc2d7b0a4 package/qt5: add comment header
Signed-off-by: Adam Duskett <aduskett@codeblue.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-04-22 15:50:52 +02:00