The LLVM project has switched to using a monorepo to host all their
components. The separate, individual repositories have been closed
late 2020 / early 2021. The libclc repository is no longer.
Switch to using the libclc source from the llvm legacy and frozen
mirror.
Even though we could switch over to using the github helper, we just
keep using the git download method: it is a small repository, and it
will not impact people that were already using it.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Romain Naour <romain.naour@gmail.com>
Cc: Valentin Korenblit <valentinkorenblit@gmail.com>
Cc: Michael Opdenacker <michael.opdenacker@bootlin.com>
Acked-by: Romain Naour <romain.naour@gmail.com>
(cherry picked from commit 971d1ea7ac)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The following commits:
- 7868289fd5 package/zic: bump version to 2020f
- c99374ecbb package/tzdata: bump version to 2020f
bumped the tzdata from version 2020a to 2020f. However, in 2020b, the
zic option '-y' was removed, and so was the yearistype.sh script [0].
This now spews annoying warnings:
warning: -y ignored
Fortunately, it still consumes its argument, so the missing yearistype.sh
is simply ignored.
Drop that option.
[0] https://mm.icann.org/pipermail/tz-announce/2020-October/000059.html
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Bernd Kuhls <bernd.kuhls@t-online.de>
(cherry picked from commit 7f78eef767)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
As stated in README.md, multipath-tools is covered by several licenses
and LGPL-2.0 is "just" the default license:
- GPL-2.0+ (e.g. libmultipath/alias.c)
- GPL-3.0+ (e.g. libdmmp/libdmmp.c)
- LGPL-2.1+ (e.g. libmpathcmd/mpath_cmd.c)
So replace COPYING (which is a symlink to LICENSES/LGPL-2.0) by the
approriate license files in LICENSES directory
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[yann.morin.1998@free.fr: further split long lines]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit fc7b7f73c4)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Set the new WARNFLAGS to "" which has been added since version 0.8.5 and
82f1b164cb
Otherwise, -Werror will raise the following build failure:
/srv/storage/autobuild/run/instance-3/output-1/host/bin/mipsel-linux-gcc --std=gnu99 -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -O2 -D_FORTIFY_SOURCE=1 -Werror -Wall -Wextra -Wformat=2 -Werror=implicit-int -Werror=implicit-function-declaration -Werror=format-security -Wno-clobbered -Wno-error=clobbered -Werror=cast-qual -Werror=discarded-qualifiers -pipe -DBIN_DIR=\"/sbin\" -DLIB_STRING=\"lib\" -DRUN_DIR=\"run\" -MMD -MP -fPIC -I.. -I../../libmultipath/nvme -Wp,-D_FORTIFY_SOURCE=2 -c -o nvme.o nvme.c
<command-line>: error: "_FORTIFY_SOURCE" redefined [-Werror]
Fixes:
- http://autobuild.buildroot.org/results/71f7661e7d26ca8608e902eee9f2a92376b00601
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit fe4b4e9dc3)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Change github URL to https://github.com/opensvc/multipath-tools
which offers proper releases.
Signed-off-by: Alexander Egorenkov <egorenar-dev@posteo.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 304b0bee2b)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security issues:
- CVE-2020-8265: use-after-free in TLSWrap (High) Affected Node.js versions
are vulnerable to a use-after-free bug in its TLS implementation. When
writing to a TLS enabled socket, node::StreamBase::Write calls
node::TLSWrap::DoWrite with a freshly allocated WriteWrap object as first
argument. If the DoWrite method does not return an error, this object is
passed back to the caller as part of a StreamWriteResult structure. This
may be exploited to corrupt memory leading to a Denial of Service or
potentially other exploits
- CVE-2020-8287: HTTP Request Smuggling in nodejs Affected versions of
Node.js allow two copies of a header field in a http request. For
example, two Transfer-Encoding header fields. In this case Node.js
identifies the first header field and ignores the second. This can lead
to HTTP Request Smuggling
- CVE-2020-1971: OpenSSL - EDIPARTYNAME NULL pointer de-reference (High)
This is a vulnerability in OpenSSL which may be exploited through Node.js.
You can read more about it in
https://www.openssl.org/news/secadv/20201208.txt
Update the license hash for the addition of the (MIT licensed)
cjs-module-lexer module:
9eb1fa1924
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit ecc8f0fe84)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Use ENABLE_GLIB which is available since version 0.60 and
766a32ff59
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit bf68bd59c1)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security issue:
- CVE-2020-35512: On Unix, avoid a use-after-free if two usernames have the
same numeric uid. In older versions this could lead to a crash (denial of
service) or other undefined behaviour, possibly including incorrect
authorization decisions if <policy group=...> is used. Like Unix
filesystems, D-Bus' model of identity cannot distinguish between users of
different names with the same numeric uid, so this configuration is not
advisable on systems where D-Bus will be used.
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit c80989aa9d)
[Peter: mention security fix]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit d82da39d55 forgot to move
BR2_PACKAGE_CA_CERTIFICATES condition under BR2_PACKAGE_LIBTASN1 to
avoid the following build failure:
checking if trust module is enabled... configure: WARNING: --with-libtasn1 is needed in order to build the trust module, disabling
no
checking for trust module paths... configure: error: need --enable-trust-module in order to specify trust module paths.
Fixes:
- http://autobuild.buildroot.org/results/e7f68205e1b776f9af34e6017f6eb17f46aa2f19
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 0ad12b3a6a)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security issues:
CVE-2020-27618: An infinite loop has been fixed in the iconv program when
invoked with input containing redundant shift sequences in the IBM1364,
IBM1371, IBM1388, IBM1390, or IBM1399 character sets.
CVE-2020-29562: An assertion failure has been fixed in the iconv function
when invoked with UCS4 input containing an invalid character.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Acked-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The manual incorrectly refers to the script file as `setup-environment';
it is actually called `environment-setup'.
Signed-off-by: Konrad Schwarz <konrad.schwarz@siemens.com>
Reviewed-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
(cherry picked from commit 7197b1bc44)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
linux-*/arch/arm/boot/dts/imx6ul.dtsi
requires the install of the sdma-imx6q.bin as stated in
line 727: fsl,sdma-ram-script-name = "imx/sdma/sdma-imx6q.bin";
without the BR2_PACKAGE_FIRMWARE_IMX_SDMA_FW_NAME being set to "imx6q"
line 102 of firmware-imx.mk does not install the firmware to to target
Signed-off-by: Rob Mellor <Rob.Mellor@ultra-pals.com>
Reviewed-by: Gary Bisson <gary.bisson@boundarydevices.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
(cherry picked from commit 8e00c32b14)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Uses the same file as IMX6Q platform, see imx6sl.dtsi.
Signed-off-by: Gary Bisson <gary.bisson@boundarydevices.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 4a511166c8)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Since its introduction in Buildroot in 2013 with commit 07203d78c2
(trace-cmd: new package), trace-cmd has declared installing in staging.
But trace-cmd is a generic-package, and has never, ever provided any
commands for staging installation.
Drop this declaration.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 896b93310a)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
rpcbind is only used by nfsd to export nfs share supporting older
v2, v3 protocols.
Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
[yann.morin.1998@free.fr:
- move the select to the corresponding symbol
- tweak the commit title
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 95fdf09731)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Release notes:
https://www.python.org/downloads/release/python-391/
Changelog:
https://docs.python.org/release/3.9.1/whatsnew/changelog.html
Fixes the following security issues:
- bpo-42103: Prevented potential DoS attack via CPU and RAM exhaustion when
processing malformed Apple Property List files in binary format.
- bpo-42051: The plistlib module no longer accepts entity declarations in
XML plist files to avoid XML vulnerabilities. This should not affect
users as entity declarations are not used in regular plist files.
- bpo-40791: Add volatile to the accumulator variable in
hmac.compare_digest, making constant-time-defeating optimizations less
likely.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit cde875bf8b)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add -p argument that ignore that specified directory already exists.
Signed-off-by: Bartosz Bilas <b.bilas@grinn-global.com>
[yann.morin.1998@free.fr:
- split to its own patch
- rewrite commit title
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 9c5ef6018e)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add -p argument that ignore that specified directory already exists.
Signed-off-by: Bartosz Bilas <b.bilas@grinn-global.com>
[yann.morin.1998@free.fr:
- split to its own patch
- rewrite commit title
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit d2d629ecd8)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Bartosz Bilas <b.bilas@grinn-global.com>
[yann.morin.1998@free.fr:
- use $(INSTALL), not "mkdir -p + cp"
- split to its own patch
- rewrite commit title
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 25bd8ba690)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Since version 1.74.0, boost atomics needs a toolchain that always
supports lockfree atomic bytes so add dependendy on
BR2_TOOLCHAIN_SUPPORTS_ALWAYS_LOCKFREE_ATOMIC_INTS:
https://github.com/boostorg/atomic/issues/42
Fixes:
- http://autobuild.buildroot.org/results/c03a786791e3aa7801cf1bff9934c4a105f54ce1
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[yann.morin.1998@free.fr:
- add the new dependency as its own 'depends on' line
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit a4ad5fa132)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Since 2008 pcre is a hard-dependency of php:
aa64c6727c
Instead of optionally depending on the pcre2 package and building the
bundled pcre2 code of php in case BR2_PACKAGE_PCRE2 was not selected
we let php depend on pcre2.
While being at it rename the pcre-related configure option due to
upstream commit:
c1a22f3d4e
Fixes:
http://autobuild.buildroot.net/results/4a5/4a582af6b66c59a61b75a7047d8530202972ebdd/
because the pcre2 package already contains the fix for mips r6.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
[yann.morin.1998@free.fr: keep the JIT option]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit fabb1243ab)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
An 'else' or 'elif' clause inside a make conditional should not be indented
in the same way as the if/endif clause. check-package did not recognize the
else statement and expected an indentation.
For example:
ifdef FOOBAR
interesting
else
more interesting
endif
would, according to check-package, need to become:
ifdef FOOBAR
interesting
else
more interesting
endif
Treat 'else' and 'elif' the same as if-like keywords in the Indent test, but
take into account that 'else' is also valid shell, so we need to correctly
handle line continuation to prevent complaining about the 'else' in:
ifdef FOOBAR
if true; \
... \
else \
... \
fi
endif
We don't add the 'else' and 'elif' statements to start_conditional, because
it would cause incorrect nesting counting in class OverriddenVariable.
Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit a1bb132a81)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit 7105e65cd6 ("package/openvpn:
adds target install of systemd unit files") added the installation of
systemd unit files. But in fact, they can be installed by openvpn's
build system. It was simply not working due to the custom install step
implemented in openvpn.mk.
So instead, let's have the autotools-package infra call "make
install", which properly installs everything that's needed for
openvpn, including systemd units, but also plugins, etc.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 30bc58d376)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This removes the warning that docker can't find docker-init in PATH.
Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Tian Yuanhao <tianyuanhao@aliyun.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 072af885c4)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Dependency on threads comes from libllcp itself not from libusb (which
is not even selected)
While at it, also add a comment about this dependency
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit b9dc970909)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix the ldflags specifying the version info for "version" command.
Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 9e12516f2a)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix the ldflags specifying the version info for "version" command.
Signed-off-by: Tian Yuanhao <tianyuanhao@aliyun.com>
Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 8107509a1d)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
In barebox v2020.09.0, kconfig has been updated to a newer version
based on Linux 5.9-rc2. As in linux, kconfig can call the compiler
to test its capabilities.
We have no way to know if a custom version would require it or not,
so we just unconditionally depend on the toolchain
Signed-off-by: Jules Maselbas <jmaselbas@kalray.eu>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 1c1a629d81)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
