Commit Graph

56277 Commits

Author SHA1 Message Date
Francois Perrad
71cbdeb87e package/lua-curl: bump to version 0.3.13
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-03-14 13:31:07 +01:00
Fabrice Fontaine
6d67585cac package/rng-tools: bump to version 6.12
libsysfs is not needed since
46b4e8fd89

https://github.com/nhorman/rng-tools/releases/tag/v6.12

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-03-14 13:21:40 +01:00
Fabrice Fontaine
5cd8c43137 package/libsigc: bump to version 2.10.6
- Switch to meson-package as configure is not shipped in the official
  tarball anymore
- Drop host-m4 dependency (only needed in maintainer mode)
- Disable examples and XML validation (enabled by default)
- Drop LIBSIGC_INSTALL_TARGET_FIXUP as documentation is disabled by
  default
- Update web page in Config.in
- Update indentation in hash file (two spaces)

https://github.com/libsigcplusplus/libsigcplusplus/blob/2.10.6/NEWS

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-03-14 13:21:38 +01:00
Peter Seiderer
b3545f1f55 package/sane-backends: bump version to 1.0.32
- change from '--enable-avahi' to '--with-avahi' as advised in the
  1.0.31 release description ([1])

- add optional libcurl dependency (--with-libcurl)

- add optional poppler/libglib2 dependency (--with-poppler-glib)

- add optional libxml2 dependency (--with-usb-record-replay)

- change COPYING hash (editoral changes)

For details see [1].

[1] https://gitlab.com/sane-project/backends/-/releases

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-03-14 11:59:12 +01:00
Peter Seiderer
b26750e565 package/hwdata: bump version to 0.345
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-03-14 11:59:11 +01:00
Peter Seiderer
8b16476e80 package/cjson: bump version to 1.7.14
Changelog ([1]):

  1.7.14 (Sep 3, 2020)
  Fixes:
    optimize the way to find tail node, see #503
    Fix WError error on macosx because NAN is a float. Thanks @sappo, see #484
    Fix some bugs in detach and replace. Thanks @miaoerduo, see #456

[1] https://github.com/DaveGamble/cJSON/blob/master/CHANGELOG.md

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-03-14 11:59:09 +01:00
Peter Seiderer
89a3f73910 package/wget: bump version to 1.12.1
- update/fix signing key hash

For details see [1], [2].

[1] https://lists.gnu.org/archive/html/info-gnu/2020-12/msg00013.html
[2] https://lists.gnu.org/archive/html/info-gnu/2021-01/msg00007.html

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-03-14 11:59:08 +01:00
Peter Seiderer
1ae2f4763f package/psmisc: bump version to 23.4
Changelog ([1]):

  Changes in 23.4
  ===============
    * killall: Dynamically link to selinux and use security attributes
    * pstree: Do not crash on missing processes !21
    * pstree: fix layout when using -C !24
    * pstree: add time namespace !25
    * pstree: Dynamically link to selinux and use attr
    * fuser: Get less confused about duplicate dev_id !10
    * fuser: Only check pathname on non-block devices !31

  Changes in 23.3
  ===============
    * killall: check also truncated 16 char comm names Debian #912748
    * fuser: Return early if have nulls !18
    * peekfd: Add support for ARM64 !19
    * pstree: Add color by age #21
    * fuser: Use larger inode sizes #16

[1] https://gitlab.com/psmisc/psmisc/-/blob/master/ChangeLog

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-03-14 11:59:07 +01:00
Peter Seiderer
338d19044c package/dos2unix: bump version to 7.4.2
- update COPYING.txt hash (update copyright year)

Changelog ([1]):

  2020-10-12: Version 7.4.2
    * New Friulian translation of the messages.
    * Updated Dutch, German, Serbian, Traditional Chinese, and Ukrainian
      translations.

[1] https://sourceforge.net/projects/dos2unix/files/dos2unix/7.4.2/

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-03-14 11:59:06 +01:00
Peter Seiderer
57095edf43 package/btrfs-progs: bump version to 5.11
For details see [1].

[1] https://btrfs.wiki.kernel.org/index.php/Changelog#btrfs-progs_v5.11_.28Mar_2021.29

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-03-14 11:59:04 +01:00
Fabrice Fontaine
8b00d709be package/avrdude: fix build with kernel < 4.6
Commit 03fa36df7e (package/avrdude: Switch to upstream)
unconditionally enabled linuxspi on the assumption that it is available
since linux-2.6.22.

However, avrdude unconditionally uses GPIO and includes linux/gpio.h,
which is only available since kernel 4.6 and:
    3c702e9987

Add a Kconfig option, enabled by default for backward compatibility, to
drive whether to enable or disable SPI support.

Fixes:
 - http://autobuild.buildroot.org/results/962a7fcff1e54a0550eafa0cbca780ba8bc8409e

Note: weirdly enough, GPIO support does not use linux/gpio.h; rather it
uses sysfs.

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[yann.morin.1998@free.fr: add a Kconfig option]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-03-14 11:38:49 +01:00
Stefan Sørensen
1bad507220 boot/grub2: Backport 2021/03/02 securify fixes
Details: https://lists.gnu.org/archive/html/grub-devel/2021-03/msg00007.html

As detailed in commit 7e64a050fb, it is
difficult to utilize the upstream patches directly, so a number of
patches include changes to generated files so that we don't need invoke
the gentpl.py script.

In addition to the security fixes, these required patches has been
backported:

  f76a27996 efi: Make shim_lock GUID and protocol type public
  04ae030d0 efi: Return grub_efi_status_t from grub_efi_get_variable()
  ac5c93675 efi: Add a function to read EFI variables with attributes
  d7e54b2e5 efi: Add secure boot detection

The following security issues are fixed:

CVE-2020-14372 grub2: The acpi command allows privileged user to load crafted
               ACPI tables when Secure Boot is enabled
CWE-184
7.5/CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

GRUB2 enables the use of the command acpi even when Secure Boot is signaled by
the firmware. An attacker with local root privileges to can drop a small SSDT
in /boot/efi and modify grub.cfg to instruct grub to load said SSDT. The SSDT
then gets run by the kernel and it overwrites the kernel lock down configuration
enabling the attacker to load unsigned kernel modules and kexec unsigned code.

Reported-by: Máté Kukri

*******************************************************************************

CVE-2020-25632 grub2: Use-after-free in rmmod command
CWE-416
7.5/CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

The rmmod implementation for GRUB2 is flawed, allowing an attacker to unload
a module used as dependency without checking if any other dependent module is
still loaded. This leads to an use-after-free scenario possibly allowing an
attacker to execute arbitrary code and by-pass Secure Boot protections.

Reported-by: Chris Coulson (Canonical)

*******************************************************************************

CVE-2020-25647 grub2: Out-of-bound write in grub_usb_device_initialize()
CWE-787
6.9/CVSS:3.1/AV:P/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

grub_usb_device_initialize() is called to handle USB device initialization. It
reads out the descriptors it needs from the USB device and uses that data to
fill in some USB data structures. grub_usb_device_initialize() performs very
little bounds checking and simply assumes the USB device provides sane values.
This behavior can trigger memory corruption. If properly exploited, this would
lead to arbitrary code execution allowing the attacker to by-pass Secure Boot
mechanism.

Reported-by: Joseph Tartaro (IOActive) and Ilja van Sprundel (IOActive)

*******************************************************************************

CVE-2020-27749 grub2: Stack buffer overflow in grub_parser_split_cmdline
CWE-121
7.5/CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

grub_parser_split_cmdline() expands variable names present in the supplied
command line in to their corresponding variable contents and uses a 1kB stack
buffer for temporary storage without sufficient bounds checking. If the
function is called with a command line that references a variable with a
sufficiently large payload, it is possible to overflow the stack buffer,
corrupt the stack frame and control execution. An attacker may use this to
circumvent Secure Boot protections.

Reported-by: Chris Coulson (Canonical)

*******************************************************************************

CVE-2020-27779 grub2: The cutmem command allows privileged user to remove
               memory regions when Secure Boot is enabled
CWE-285
7.5/CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

The GRUB2's cutmem command does not honor Secure Boot locking. This allows an
privileged attacker to remove address ranges from memory creating an
opportunity to circumvent Secure Boot protections after proper triage about
grub's memory layout.

Reported-by: Teddy Reed

*******************************************************************************

CVE-2021-3418 - grub2: GRUB 2.05 reintroduced CVE-2020-15705
CWE-281
6.4/CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

The GRUB2 upstream reintroduced the CVE-2020-15705. This refers to a distro
specific flaw which made upstream in the mentioned version.

If certificates that signed GRUB2 are installed into db, GRUB2 can be booted
directly. It will then boot any kernel without signature validation. The booted
kernel will think it was booted in Secure Boot mode and will implement lock
down, yet it could have been tampered.

This flaw only affects upstream and distributions using the shim_lock verifier.

Reported-by: Dimitri John Ledkov (Canonical)

*******************************************************************************

CVE-2021-20225 grub2: Heap out-of-bounds write in short form option parser
CWE-787
7.5/CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

The option parser in GRUB2 allows an attacker to write past the end of
a heap-allocated buffer by calling certain commands with a large number
of specific short forms of options.

Reported-by: Daniel Axtens (IBM)

*******************************************************************************

CVE-2021-20233 grub2: Heap out-of-bound write due to mis-calculation of
               space required for quoting
CWE-787
7.5/CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

There's a flaw on GRUB2 menu rendering code setparam_prefix() in the menu
rendering code performs a length calculation on the assumption that expressing
a quoted single quote will require 3 characters, while it actually requires
4 characters. This allow an attacker to corrupt memory by one byte for each
quote in the input.

Reported-by: Daniel Axtens (IBM)

*******************************************************************************

Signed-off-by: Stefan Sørensen <stefan.sorensen@spectralink.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-03-14 08:24:24 +01:00
Nicolas Toromanoff
3cf8173e5c boot/uboot: fix kconfig with per-package directories and host-make
If PER_PACKAGE_DIRECTORIES=Y and using host-make package (because
BR2_FORCE_HOST_BUILD=Y or local make is too old) .stamp_dotconfig
target needs per-package/uboot/host/bin/host-make that doesn't
exist yet.

Add host-make into UBOOT_KCONFIG_DEPENDENCIES.

Signed-off-by: Nicolas Toromanoff <nicolas.toromanoff@foss.st.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-03-13 09:08:48 +01:00
Ryan Barnett
9521492bd0 package/opkg-utils: add missing dependencies for host build
opkg-utils is a collection of bash and python scripts which require
additional commands/tools be available for the bash scripts. The full
list of dependencies that the opkg-util scripts require is:

  bash
  binutils
  bzip2
  coreutils
  diffutils
  findutils
  grep
  gzip
  lz4
  python3
  sed
  tar
  xz

The Buildroot manual requires a few packages (bash, binutils, bzip2,
gzip, sed and tar) to be installed on the host system, so we need not
add those. Additionally, and even though they are not in that list,
that grep and find are also required (we already make extensive use of
both everywhere, so it is as good as them being in the list).

We have a host variant for coreutils, but only for systems that do not
already have a recent-enough one, i.e. that provides 'realpath' and
'ln --relative'. opkg-utils uses neither, so can rely on the ones on the
system.

Only add dependencies on the remaining host tools: diffutils, lz4, and
xz.

Signed-off-by: Ryan Barnett <ryan.barnett@rockwellcollins.com>
[yann.morin.1998@free.fr:
  - drop excessive dependencies,
  - reword the commit log accordingly
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-03-13 08:47:18 +01:00
Ryan Barnett
819637e0e9 package/diffutils: add host package
Signed-off-by: Ryan Barnett <ryan.barnett@rockwellcollins.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-03-13 08:37:24 +01:00
Ryan Barnett
05bf014f56 package/opkg-utils: remove build step
opkg-utils is a package that only provides bash and python scripts.
Upon further inspection of the Makefile for the package, invoking
`make` only ever builds the manpage. The previous commit dropped the
installation of the manpage. This makes the build step unnecessary so
remove it.

Add a comment to explain the situation

Signed-off-by: Ryan Barnett <ryan.barnett@rockwellcollins.com>
[yann.morin.1998@free.fr: reword commit log]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-03-13 08:31:59 +01:00
Ryan Barnett
0424eee0ee package/opkg-utils: install only utility scripts
When `make install` is run to install the opkg-utils scripts, it also
invokes building of the man page for opkg-build. The generation of the
man page requires `pod2man` executable which is a part of perl.

Since buildroot does not support man pages in the host directory,
patch the opkg-utils Makefile to separate the installation of man
pages and utility scripts.

With the options to install man pages and utils separately, only
install the opkg-utils scripts.

Signed-off-by: Ryan Barnett <ryan.barnett@rockwellcollins.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-03-13 08:28:02 +01:00
Christian Stewart
8a99b47ec2 DEVELOPERS: remove myself for aufs
Aufs has been deprecated for the purposes of Docker/containers since overlay2
became the mainline kernel module of choice.

Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-03-12 23:20:29 +01:00
Peter Seiderer
08305295de package/sysvinit: bump version to 2.99
Changelog according to [1]:

  sysvinit (2.99) released; urgency=low
    * Fixed typos and missing underlines in shutdown manual page.
      Corrections provided by Helge Kreutzmann.

[1] https://fossies.org/linux/sysvinit/doc/Changelog

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-03-12 23:20:15 +01:00
Peter Seiderer
a21bc3a56d package/bison: bump version to 3.7.6
- update COPYING file hash (URL update from http to https)

For details see [1].

[1] https://fossies.org/linux/bison/ChangeLog

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-03-12 23:11:59 +01:00
Peter Seiderer
788d21b48d package/dosfstools: bump version to 4.2
Upstream has not released an xz-compressed tarball this time,
so switch back to the gz-compressed one...

For details see [1].

[1] https://github.com/dosfstools/dosfstools/releases/tag/v4.2

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-03-12 23:11:02 +01:00
Peter Seiderer
046acbcd7e package/e2fsprogs: bump version to 1.46.2
- removed 0001-create_inode-set-xattrs-to-the-root-directory-as-wel.patch
  (upstream [1])

[1] 0001-create_inode-set-xattrs-to-the-root-directory-as-wel.patch

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-03-12 23:10:41 +01:00
Christian Stewart
9b36b4aa28 package/go: security bump to 1.16.2
go1.16.1 (released 2021/03/10) includes security fixes to the archive/zip and
encoding/xml packages.

go1.16.2 (released 2021/03/11) includes fixes to cgo, the compiler, linker, the
go command, and the syscall and time packages.

https://golang.org/doc/devel/release.html#go1.16

Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-03-12 22:45:19 +01:00
Fabrice Fontaine
694c7d3ece package/mbedtls: security bump to version 2.6.10
- Fix a buffer overflow in mbedtls_mpi_sub_abs() when calculating
  |A| - |B| where |B| is larger than |A| and has more limbs (so the
  function should return MBEDTLS_ERR_MPI_NEGATIVE_VALUE). Only
  applications calling mbedtls_mpi_sub_abs() directly are affected:
  all calls inside the library were safe since this function is
  only called with |A| >= |B|.
- Fix an errorneous estimation for an internal buffer in
  mbedtls_pk_write_key_pem(). If MBEDTLS_MPI_MAX_SIZE is set to an odd
  value the function might fail to write a private RSA keys of the
  largest supported size.
- Fix a stack buffer overflow with mbedtls_net_poll() and
  mbedtls_net_recv_timeout() when given a file descriptor that is
  beyond FD_SETSIZE.
- Guard against strong local side channel attack against base64 tables
  by making access aceess to them use constant flow code.

https://github.com/ARMmbed/mbedtls/releases/tag/v2.16.10

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[yann.morin.1998@free.fr: fix the hash after upstream mess-up]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-03-12 22:45:18 +01:00
Thomas Petazzoni
5568837997 docs/website: adjust link to Buildroot training course
The previous course has ended, announce the next one.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-03-12 22:04:21 +01:00
Fabrice Fontaine
be8f305a95 package/bash: fix seventh patch
Since bump to version 5.1 in commit
9e778b044c, seventh patch wrongly defines
wcdequote_pathname as static which will result in the following build
failure:

smatch.c:(.text+0x22f0): undefined reference to `wcdequote_pathname'

Fixes:
 - http://autobuild.buildroot.org/results/d83f5d260dccd38984ec6fdb340835ca928bb687

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Tested-by: Peter Seiderer <ps.report@gmx.net>
Tested-by: Ryan Barnett <ryan.barnett@rockwellcollins.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-03-12 22:02:05 +01:00
Peter Seiderer
45d326a08c package/transmission: fix sysv init script (name vs. exec)
With the start-stop-daemon enabled (instead of the busybox applet),
stopping transmission emits spurious warnings:

  $ /etc/init.d/S92transmission stop
  Stopping bittorrent client transmission-daemon...
  start-stop-daemon: warning: this system is not able to track process names
  longer than 15 characters, please use --exec instead of --name.

Update our startup script to match what was done upstream 9 years ago:
    https://trac.transmissionbt.com/ticket/4724
    https://trac.transmissionbt.com/wiki/Scripts/initd?action=diff&version=24&old_version=23

Partially fixes:
  - https://bugs.busybox.net/show_bug.cgi?id=13576

Reported-by: ingineru_de_sistem@yahoo.com
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
[yann.morin.1998@free.fr:
  - reword commit log
  - add reference to upstream ticket and changeset
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-03-11 22:49:39 +01:00
Peter Seiderer
50cbac5099 package/sysvinit: add patch to fix compile without stack-protector support
In Buildroot, the SSP flags are passed via the wrapper, and only flags
supported by the toolchain will be used.

Add patch to remove '-fstack-protector-strong' compile flag.

Fixes:
  .../aarch64-buildroot-linux-uclibc/bin/ld: runlevel.o: in function `main':
  runlevel.c:(.text.startup+0x4): undefined reference to `__stack_chk_guard'
  .../aarch64-buildroot-linux-uclibc/bin/ld: cannot find -lssp_nonshared
  .../aarch64-buildroot-linux-uclibc/bin/ld: cannot find -lssp

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-03-11 22:39:12 +01:00
André Hentschel
5dfe4975b6 package/wine: bump to version 6.0
Starting with this Wine version many things changed.
zlib, ncurses and GLU are no longer used.
I also explicitly disabled mingw, as otherwise my host mingw-w64 was picked up.
The build system was refactored, so now we have to build the host tools in their
directories instead of asking for them to be built.

Signed-off-by: André Hentschel <nerv@dawncrow.de>
[yann.morin.1998@free.fr: slightly rework the build of the host tools]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-03-11 22:18:25 +01:00
Peter Seiderer
44dd253da4 package/bash-completion: bump version to 2.11
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-03-11 22:05:30 +01:00
Peter Seiderer
9e778b044c package/bash: bump version to 5.1
- removed 0001-bash50-001.patch to 0018-bash50-018.patch

- added 0001-bash51-001.patch, 0002-bash51-002.patch, 0003-bash51-003.patch,
  0004-bash51-004.patch

- moved 0019-input.h-add-missing-include-on-stdio.h.patch to
  0005-input.h-add-missing-include-on-stdio.h.patch

- removed 0020-locale.c-fix-build-without-wchar.patch
  (superseded by upstream commit)

- added 0006-locale-fix-typo-local_shiftstates-vs.-locale_shiftst.patch
  to fix typo from upstream commit (see previous patch)

- added 0007-glob-fix-dequote_pathname-vs.-udequote_pathname.patch

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-03-11 22:05:29 +01:00
Baruch Siach
2dec366c97 package/strace: fix build for no-MMU targets
Add patch to disable fork() calling code on !HAVE_FORK.

Fixes:
    http://autobuild.buildroot.net/results/3d506e2f6337327c0783cf3cc12a8b5fb78521e4/

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-03-11 21:59:47 +01:00
Yann E. MORIN
c92be85e3a support/download: make the svn backend more reproducible
Since c043ecb20c (support/download: change format of archives
generated from svn), the svn backend uses the generic helper to
create reproducible archives.

That helper really does its job as expected, but the svn backend
is flawed in two ways:

  - the first, most obvious breakage happens with versions older
    than 1.9, as they do not support the '--show-item' option
    for the 'info' action;

  - the second is more involved, in that svn will by default
    expand the old, legacy, deprecated, cumbersome CVS-style
    keywords, in the form of revision marks like '$Date$' in a
    C-style comment in a source file. These replacements are
    done on checkout as well as on export, and they use local
    settings, like the local locale and timezone.

    This means that two people with different settings, will get
    different sources when the svn-checkout or svn-export the same
    revision from the same tree...

    Needless to say that this is not very reproducible...

While the first is easily solved, the second is more involved.

We need to ensure that what source is used initially to compute
the hash, will also be the source that are used to check the hash.

There are basically two solutions:

 1. we ensure the same environment, by forcing the timezone and
    the locale to arbitrary values

 2. we disable keyword expansion

For the first solution, this still leaves the possibility that we
miss some environment settings that have an impact on the keyword
expansion. It would mean that Yann's settings be used, as he did
introduce the hash for the only svn-downloaded package we have,
avrdude, settings which are:
    TZ=Europe/Paris
    LC_TIME="en_US.UTF-8"
    LC_COLLATE="en_GB.UTF-8"
    LC_MONETARY="fr_FR.utf8"
    LC_NUMERIC="fr_FR.utf8"

The second option means that the generated archives change. That
means we'd have to bump the archive version for svn downloads, and
that we update the hashes for all the svn-downloaded packages.

We chose to go with the second option, because this is what really
makes more sense, rather than hard-coding arbitrary values in the
environment. And we also have only one svn-downloaded package,
avrdude.

And thus, we're reaching the trigger for this change: avrdude is
impacted by the CVS-keyword expansion issue:

    https://svn.savannah.gnu.org/viewvc/avrdude/trunk/avrdude/atmel-docs/EDBG/common/jquery/layout/jquery.layout.js?revision=1396&view=markup

which would give two different files when checked out on different
machines:

    diff -durN foo/avrdude-r1450/avrdude/atmel-docs/EDBG/common/jquery/layout/jquery.layout.js bar/avrdude-r1450/avrdude/atmel-docs/EDBG/common/jquery/layout/jquery.layout.js
    --- foo/avrdude-r1450/avrdude/atmel-docs/EDBG/common/jquery/layout/jquery.layout.js 2020-09-22 09:36:45.000000000 +0200
    +++ bar/avrdude-r1450/avrdude/atmel-docs/EDBG/common/jquery/layout/jquery.layout.js 2020-09-22 09:36:45.000000000 +0200
    @@ -1,6 +1,6 @@
     /**
      * @preserve jquery.layout 1.3.0 - Release Candidate 30.51
    - * $Date: 2015-11-02 22:13:28 +0100 (Mon, 02 Nov 2015) $
    + * $Date: 2015-11-02 21:13:28 +0000 (Mon, 02 Nov 2015) $
      * $Rev: 303005 $
      *
      * Copyright (c) 2012
    @@ -4718,7 +4718,7 @@

     /**
      * jquery.layout.state 1.0
    - * $Date: 2015-11-02 22:13:28 +0100 (Mon, 02 Nov 2015) $
    + * $Date: 2015-11-02 21:13:28 +0000 (Mon, 02 Nov 2015) $
      *
      * Copyright (c) 2010
      *   Kevin Dalman (http://allpro.net)
    @@ -5074,7 +5074,7 @@

     /**
      * jquery.layout.buttons 1.0
    - * $Date: 2015-11-02 22:13:28 +0100 (Mon, 02 Nov 2015) $
    + * $Date: 2015-11-02 21:13:28 +0000 (Mon, 02 Nov 2015) $
      *
      * Copyright (c) 2010
      *   Kevin Dalman (http://allpro.net)
    @@ -5356,7 +5356,7 @@

     /**
      * jquery.layout.browserZoom 1.0
    - * $Date: 2015-11-02 22:13:28 +0100 (Mon, 02 Nov 2015) $
    + * $Date: 2015-11-02 21:13:28 +0000 (Mon, 02 Nov 2015) $
      *
      * Copyright (c) 2012
      *   Kevin Dalman (http://allpro.net)

So we also update the hash for avrdude.

Fixes:
    http://autobuild.buildroot.org/results/e3b/e3b0508047f32008ebfa83c5255ec5994b6af120/ (time issue)
    http://autobuild.buildroot.org/results/48e/48e78e84b425e79cdb98c16ab40247a0fa7e9676/ (keyword expansion issue)

Reported-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Vincent Fazio <vfazio@xes-inc.com>
Cc: Alexander Sverdlin <alexander.sverdlin@gmail.com>
Reviewed-by: Alexander Sverdlin <alexander.sverdlin@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-03-11 21:54:00 +01:00
Yann E. MORIN
051ccfbaf1 package/runc: cleanup the CPE_ID variables
The CPE variables are derived from the package upstream values, so they
must be set from the package values, not the other way around.

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Peter Korsgaard <peter@korsgaard.com>
Cc: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Cc: Christian Stewart <christian@paral.in>
Reviewed-by: Christian Stewart <christian@paral.in>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-03-11 21:45:16 +01:00
Yann E. MORIN
8ecb041c87 Revert "package/libopenssl does not support riscv32"
Now that we have a backport from upstream with a proper fix for the
build on riscv32 *and* a proper implementationfor 64-bit time structs,
we can re-activate the build on riscv32.

This partially reverts commit c72be5dd2f.

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Alistair Francis <alistair.francis@wdc.com>
Cc: Matthew Weber <matthew.weber@rockwellcollins.com>
Cc: Mark Corbin <mark@dibsco.co.uk>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-03-11 21:22:10 +01:00
Yann E. MORIN
359c5c266a package/libopenssl: fix build wrt. 64-bit time-related syscalls & structs
riscv32 is (surprise!) a 32-bit architecture. But it has been Y2038-safe
from its inception. As such, there are no legacy binaries that may use
the 32-bit time syscalls, and thus they are not available on riscv32.

Code that directly calls to the syscalls without using the C libraries
wrappers thus need to handle this case by themselves.

Backport two cumulative patches from the upstream openssl development
branch that will eventually be openssl 3.0, but has not yet been
backported to the 1.1.1 stable branch.

Fixes:
    http://autobuild.buildroot.org/results/eb9/eb9a64d4ffae8569b5225083f282cf87ffa7c681/
    ...
    http://autobuild.buildroot.org/results/07e/07e413b24ba8adc9558c80267ce16dda339bf032/

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Alistair Francis <alistair.francis@wdc.com>
Cc: Matthew Weber <matthew.weber@rockwellcollins.com>
Cc: Mark Corbin <mark@dibsco.co.uk>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-03-11 21:22:09 +01:00
Etienne Carriere
da6cca38da package/optee-client: fix gid_t build issue in OP-TEE 3.12 libckteec
Include missing unistd.h to support type gid_t in ckteec library
of optee-client 3.12.0. This change fixes [1]. The fix has been
posted to optee-client forum, see [2].

Link: [1] http://autobuild.buildroot.net/results/34b9946e6d59112a7eead304933534ad4739a84c/build-end.log
Link: [2] https://github.com/OP-TEE/optee_client/pull/262

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
[yann.morin.1998@free.fr:
  - use an actual backport now that upstream applied it
  - fix typo in title
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-03-09 21:19:34 +01:00
Andreas Ziegler
0f28ed0f62 package/linux-firmware: fix build failure when no firmware item selected
The latest change in Linux firmware handling breaks the build if no
specific firmware item is selected below BR2_PACKAGE_LINUX_FIRMWARE.

The firmware archive is only created if at least one firmware
sub-category is selected; the installation step wants to unpack the
archive unconditionally.

Use the same condition to control install command definition as in the
build step.

Signed-off-by: Andreas Ziegler <br015@umbiko.net>
[yann.morin.1998@free.fr: use a single conditional block]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-03-09 21:00:44 +01:00
Alexander Sverdlin
03fa36df7e package/avrdude: Switch to upstream
In the meanwhile "linuxspi" programmer was merged upstream, therefore
it's possible to switch to latest upstream tree instead of the old fork
without losing any functionality.

The fork we were using did auto-detection of kernel headers to detect
whether spidev.h was present or not, and thus whether to enable or
disable its linuxspi 'driver'. As spidev.h has been present since
linux-2.6.22, we can quite easily conclude that spidev support was
always enabled in the fork.

But upstream went a slightly different route, and added a configure
option (and they do no validity check).

So, to keep backward behaviour, we unconditionally enable it  now that
we switched back to use upstream.

Signed-off-by: Alexander Sverdlin <alexander.sverdlin@gmail.com>
[yann.morin.1998@free.fr:
  - clarify why we forcibly use --enable-linuxspi
  - fix the hash to adapt to the new svn tarball format (c043ecb20c)
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-03-09 00:02:49 +01:00
Jack Cripps
654ff79511 package/zyre: bump version to 2.0.1
Version bump required due to python setup.py missing from v2.0.0 python bindings

Signed-off-by: Jack Cripps <jack.cripps@disguise.one>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-03-08 23:49:25 +01:00
Bernd Kuhls
59b822c2fd package/inih: bump version to 53
Removed patch which was applied upstream, fixed upper-case package name.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-03-08 23:49:23 +01:00
Joachim Wiberg
9efacd4697 DEVELOPERS: adopt package/sysklogd
Since I'm the upstream maintainer and we use it for $DAYJOB, I'll adopt.

Signed-off-by: Joachim Wiberg <troglobit@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-03-08 23:48:21 +01:00
Joachim Wiberg
b5c5a1d49d package/sysklogd: bump to version 2.2.2
https://github.com/troglobit/sysklogd/releases/tag/v2.2.2

Signed-off-by: Joachim Wiberg <troglobit@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-03-08 23:48:20 +01:00
Grzegorz Blach
7e958a24e2 package/python-bluezero: bump to version 0.6.0
Signed-off-by: Grzegorz Blach <grzegorz@blach.pl>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-03-08 23:47:59 +01:00
Peter Seiderer
e46fc353fb package/libinput: bump version to 1.17.0
For details see [1].

[1] https://lists.freedesktop.org/archives/wayland-devel/2021-February/041733.html

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-03-08 23:46:48 +01:00
Peter Korsgaard
a56be0d30f Merge branch 'next'
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-03-08 08:06:00 +01:00
Francois Perrad
ff084e1933 package/nano: bump to version 5.6.1
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-03-07 21:54:47 +01:00
Thomas Huth
807dd03eec package/frotz: Update to version 2.53
This version should now also compile fine on systems without pthreads,
so we can remove the dependency on BR2_TOOLCHAIN_HAS_THREADS again.

While we're at it, also fix a typo in the description (replace "can not"
with "cannot").

Signed-off-by: Thomas Huth <huth@tuxfamily.org>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-03-07 21:54:46 +01:00
Jianhui Zhao
d1133a6927 package/libuhttpd: bump version to 3.10.1
Signed-off-by: Jianhui Zhao <zhaojh329@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-03-07 21:54:45 +01:00
Edgar Bonet
7108838386 boot/at91bootstrap3: fix checksum of license
Commit ca1604388a updated the checksum of
the tarball, but failed to update the one of main.c, which serves as a
license file.

Signed-off-by: Edgar Bonet <bonet@grenoble.cnrs.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-03-07 21:42:24 +01:00