Commit Graph

37708 Commits

Author SHA1 Message Date
Jörg Krause
c8352f997d mpd: remove version 0.19
MPD version 0.20 is affected by GCC bug 64735 and failes to build for
some archictuctures (NIOSII, ARMv4, ARMv5 and SPARCv8) with a GCC
toolchain less then version 7.

We added a version choice between 0.19 and 0.20 in Buildroot version
2017.02 as GCC 7 was not yet available at that time. This way, mpd could
still be build for those architectures.

As GCC 7 is now available in Buildroot remove the version choice for 0.19.

Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-09-22 23:34:31 +02:00
Jörg Krause
21175892a7 mpd: bump to version 0.20.10
Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-09-22 23:33:14 +02:00
Bernd Kuhls
f1871ed2aa package/nss-pam-ldapd: bump version to 0.9.8
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-09-22 23:29:31 +02:00
Bernd Kuhls
c6a4513577 package/nodm: bump version to 0.13
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-09-22 23:28:47 +02:00
Peter Korsgaard
771bb2d58d bind: use http:// instead of ftp:// for site
To avoid issues with firewalls blocking ftp.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-09-22 23:28:10 +02:00
Peter Korsgaard
f3e3b36159 bind: bump to version 9.11.2
Adds support for the new ICANN DNSSEC root key for the upcoming KSK rollover
(Oct 11):

https://www.icann.org/resources/pages/ksk-rollover

For more details, see the release notes:
https://kb.isc.org/article/AA-01522

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-09-22 23:28:06 +02:00
Bernd Kuhls
98fa5ecc0c package/ninja: bump version to 1.8.2
Changelog:
https://groups.google.com/forum/#!topic/ninja-build/Xt3NdAA0KQU/discussion

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-09-22 23:26:11 +02:00
Bernd Kuhls
d54f5b6c5f package/newt: bump version to 0.52.20
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-09-22 23:24:54 +02:00
Bernd Kuhls
2a582cd3ca package/net-tools: bump version
Removed patch, not needed anymore after upstream commits
ea3935bd7c/
45d573a893/

Added sha256 hash.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-09-22 23:23:49 +02:00
Bernd Kuhls
0919da66b4 package/openswan: bump version to 2.6.50
Removed patch applied upstream:
0d78578d7f

Switched _SITE to https.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-09-22 23:17:05 +02:00
Bernd Kuhls
f1e0d85d3e package/omniorb: bump version to 4.2.2
Removed patch after upstream committed a different solution:
https://sourceforge.net/p/omniorb/svn/6330/

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-09-22 23:15:56 +02:00
Bernd Kuhls
ac9dfb9927 package/openntpd: bump version to 6.2p2
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-09-22 23:14:08 +02:00
Peter Korsgaard
9fcb309472 configs/qemu_arm_versatile: bump kernel to 4.13.3
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-09-22 23:12:31 +02:00
Mike Harmony
cef57c9642 Added support for Sinovoip BananaPi M2 Plus board.
[Peter: board is from Sinovoip, not Lemaker, move board files,
	Use kernel headers from kernel, explicitly use 4.13.3,
	drop eth0 dhcp config, cleanup post-build args,
	disable tar output format, use u-boot custom format,
	add host-dosfstools/mtools for genimage, drop unused
	host-uboot-tools/genext2fs]
Signed-off-by: Mike Harmony <mike.harmony@snapav.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-09-22 23:11:01 +02:00
Jörg Krause
ab52259ea1 libupnpp: bump to version 0.16.0
Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-09-22 18:23:06 +02:00
Peter Korsgaard
a418e6eeaa mongoose: don't install to target
Only a static library is built (and no _INSTALL_TARGET_CMDS are defined), so
there is no need to run the target-install step.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-09-22 18:22:18 +02:00
Peter Korsgaard
c96ac022f3 mongoose: correct openssl define
NS_ENABLE_SSL was renamed to MG_ENABLE_SSL in v6.0, commit e1dd3f06fe33
(Rename Mongoose constants: NS_ -> MG_, NSF_ -> MG_F_), so use the new name
instead.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-09-22 18:22:15 +02:00
Peter Korsgaard
a76d5a7276 mongoose: drop unused openssl linker flags
No linking is done since the package was reworked for v6.x in commit
9860746ff (mongoose: bump to version 6.1), so drop LDFLAGS and the list of
libraries to link against.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-09-22 18:22:12 +02:00
Peter Korsgaard
c038388f9a mongoose: drop unused MONGOOSE_NO_DL define
This define is not used anywhere in the mongoose sources since v6.0 (commit
8927c9d22b3f), so drop it.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-09-22 18:22:08 +02:00
Bernd Kuhls
82befadb3f package/pptp-linux: bump version to 1.9.0
Updated patch status of patch 0003.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-09-22 18:20:15 +02:00
Bernd Kuhls
9015b17ff3 package/opencv: bump version to 2.4.13.3
Removed 0002-avoid-sysctl_h.patch, applied upstream:
61936eb1a4 (diff-f3b4393df86251f502cee9ba1da034a5)

This bump includes
70489b1e22 (diff-9076fba682f6d51a018b6de8648e1cdb)
which fixes ffmpeg static linking
http://autobuild.buildroot.net/results/544/5444b0c5556a42923e3fcdae782811a805e51b1f/
http://autobuild.buildroot.net/results/44d/44d53e4c5d4570507c7e8856fb9dd0a477dcdf63/

In-source-builds are not allowed anymore:
777a0080cb

Re-numbered remaining patches.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-09-22 18:19:35 +02:00
Bernd Kuhls
82cab1a999 package/php-yaml: bump version to 2.0.2
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-09-22 18:17:43 +02:00
Bernd Kuhls
e1501e2d1f package/libyaml: bump version to 0.1.7
Removed patch after upstream committed a similar patch:
946596172d (diff-35a172a9ca8faa1683fc747ca94681b3)

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-09-22 18:16:13 +02:00
Bernd Kuhls
08ac3e134f package/owfs: bump version to 3.2p1
Removed patch applied upstream:
6ff4da75c2/

Added md5 hash provided by upstream.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-09-22 18:15:09 +02:00
Francois Perrad
7748e42223 luafilesystem: bump to version 1.7.0
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-09-22 18:14:25 +02:00
Baruch Siach
49cb795f79 libidn: add fix for CVE-2017-14062
Add upstream patch fixing CVE-2017-14062:

Integer overflow in the decode_digit function in puny_decode.c in
Libidn2 before 2.0.4 allows remote attackers to cause a denial of
service or possibly have unspecified other impact.

This issue also affects libidn.

Unfortunately, the patch also triggers reconf of the documentation
subdirectory, since lib/punycode.c is listed in GDOC_SRC that is defined
in doc/Makefile.am. Add autoreconf to handle that.

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-09-22 17:36:42 +02:00
Baruch Siach
a41d44a8c9 sudo: bump to version 1.8.21p2
Switch SITE to https.

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-09-22 17:35:33 +02:00
Baruch Siach
11636cc430 iproute2: bump to version 4.13.0
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-09-22 17:35:04 +02:00
Fabio Estevam
37d5f035fd configs/mx6cubox: Bump U-Boot and kernel versions
Bump U-Boot to 2017.09 version and kernel to 4.13.3.

Signed-off-by: Fabio Estevam <fabio.estevam@nxp.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-09-21 21:35:42 +02:00
Carlos Santos
6cbdaba3e1 util-linux: bump to v2.30.2
Release notes:
https://www.kernel.org/pub/linux/utils/util-linux/v2.30/v2.30.2-ReleaseNotes

Signed-off-by: Carlos Santos <casantos@datacom.ind.br>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-09-21 21:33:57 +02:00
Peter Korsgaard
3853675ae0 gdk-pixbuf: security bump to version 2.36.10
Fixes the following security issues:

CVE-2017-2862 - An exploitable heap overflow vulnerability exists in the
gdk_pixbuf__jpeg_image_load_increment functionality of Gdk-Pixbuf 2.36.6.  A
specially crafted jpeg file can cause a heap overflow resulting in remote
code execution.  An attacker can send a file or url to trigger this
vulnerability.

CVE-2017-2870 - An exploitable integer overflow vulnerability exists in the
tiff_image_parse functionality of Gdk-Pixbuf 2.36.6 when compiled with
Clang.  A specially crafted tiff file can cause a heap-overflow resulting in
remote code execution.  An attacker can send a file or a URL to trigger this
vulnerability.

CVE-2017-6311 - gdk-pixbuf-thumbnailer.c in gdk-pixbuf allows
context-dependent attackers to cause a denial of service (NULL pointer
dereference and application crash) via vectors related to printing an error
message.

The host version now needs the same workaround as we do for the target to
not pull in shared-mime-info.

Also add a hash for the license file while we're at it.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-09-21 21:32:23 +02:00
Baruch Siach
57f4efed79 flashrom: fix static build with uClibc
Define HAVE_STRNLEN to avoid local strnlen() definition.

Fixes:
http://autobuild.buildroot.net/results/7dc/7dc4298e3a07c73e03f70205516d68a0f4c2d297/
http://autobuild.buildroot.net/results/e36/e362848eb45f6b8100131361e6e5faa546f0bbd8/
http://autobuild.buildroot.net/results/69e/69ef10ec710f418b4d10c1edb4f2ce2e49b522bf/

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-09-21 21:30:27 +02:00
Bernd Kuhls
4fbc0c9b53 Update github hashes
It seems github now sometimes provides slightly changed tarballs which
produce a different sha256 hash than before. This commit fixes the
hashes of the packages when sources.buildroot.net does not store a copy
of the tarball matching the current hash.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-09-21 11:33:40 +02:00
Bernd Kuhls
48fcf6eaec package/samba4: security bump to version 4.6.8
Release notes:
https://www.samba.org/samba/history/samba-4.6.8.html

Fixes
- CVE-2017-12150 (SMB1/2/3 connections may not require signing where
  they should)
- CVE-2017-12151 (SMB3 connections don't keep encryption across DFS
  redirects)
- CVE-2017-12163 (Server memory information leak over SMB1)

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-09-21 09:24:39 +02:00
Andrey Smirnov
2753d6df3a package/zstd: Install tools into /usr/bin, not /usr/local/bin
Install tools into /usr/bin, not /usr/local/bin, since /usr/local/bin
is not in PATH by deafault.

[Peter: set PREFIX to /usr to really install into /usr/bin]
Signed-off-by: Andrey Smirnov <andrew.smirnov@gmail.com>
Tested-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-09-20 20:04:04 +02:00
Andrey Smirnov
6e6e8d37b5 package/python3: bump to 3.6.2
Bump Python3 version to 3.6.2.

Patches dropped:

"Support PGEN_FOR_BUILD and FREEZE_IMPORTLIB_FOR_BUILD"

Rationale: With commit 9d02f562961efd12d3c8317a10916db7f77330cc, code
generation step of building CPython now became explicit (instead of
always performed as a part of 'make' invocation) and more granular. We
no longer need to use Parser/pgen at all and tricking the build system
into using different Programs/_freeze_importlib can be done as a part
of recipe.

Additional info about the build change can be found at
https://bugs.python.org/issue23404

Signed-off-by: Andrey Smirnov <andrew.smirnov@gmail.com>
Tested-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-09-20 19:53:42 +02:00
Bernd Kuhls
847048c58d package/tvheadend: bump version
It seems github now sometimes provides slightly changed tarballs which
produce a different sha256 hash than before, this is the case for
tvheadend. Instead of fixing the hash lets bump to current HEAD and
hope that the new hash will be valid for a longer period of time ;)

Fixes
http://autobuild.buildroot.net/results/59a/59ad7940dcd498cd0aaec26c8497b21e64379a6f/

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-09-20 19:41:20 +02:00
Baruch Siach
b34d7b7674 zstd: bump to version 1.3.1
In this release zstd added the GPLv2 license and removed the PATENTS
clause (upstream commit 4f73b3b55d83b).

Cc: Andrey Smirnov <andrew.smirnov@gmail.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Tested-by: Andrey Smirnov <andrew.smirnov@gmail.com>
Tested-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-09-20 19:34:58 +02:00
Peter Korsgaard
8fca8c1551 chrony: bump version to 3.2
Also add a hash for the license file while we're at it.

[Peter: use tuxfamily.org URL for annoucement]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-09-20 19:33:01 +02:00
Peter Korsgaard
883eb058af chrony: add optional seccomp support
seccomp support has been available since chrony-2.2

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-09-20 19:31:17 +02:00
Baruch Siach
fd70d0b434 lcdproc: fix build with musl libc
Add a patch adding missing linux ioctl header.

Fixes:
http://autobuild.buildroot.net/results/58a/58a9b98d08060c6ed9e8855ba9f59d03aa2f3e2c/
http://autobuild.buildroot.net/results/5b2/5b2c1bc872cebc7aadf93995b71178bba29e0b25/
http://autobuild.buildroot.net/results/125/12594e613f8fc106e477411f76093654a084c01c/

Cc: Sven Haardiek <sven.haardiek@greenbone.net>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-09-20 19:22:55 +02:00
Jörg Krause
74ac045c80 augeas: security bump to version 1.8.1
Fixes CVE-2017-7555 - Augeas versions up to and including 1.8.0 are
vulnerable to heap-based buffer overflow due to improper handling of escaped
strings.  Attacker could send crafted strings that would cause the
application using augeas to copy past the end of a buffer, leading to a
crash or possible code execution.

[Peter: extend description]
Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-09-20 19:20:48 +02:00
Bernd Kuhls
f1e499b778 linux: bump default to version 4.13.3
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-09-20 19:19:17 +02:00
Bernd Kuhls
b4afe7a8cf linux-headers: bump 3.2.x and 4.{4, 9, 12, 13}.x series
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-09-20 19:19:02 +02:00
Bernd Kuhls
52529df15c package/softether: bump version
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-09-20 19:07:38 +02:00
Bernd Kuhls
7afb827d4b package/softether: update patch to remove renames
Since
https://git.buildroot.net/buildroot/commit/?id=85f11d08c387c200dbb59a8559f2ba62376689bf
buildroot refuses to apply patches that contain renames.

Fixes
http://autobuild.buildroot.net/results/223/2237b9ec78044678aac9e743318ce5dc01309ab7/

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-09-20 18:56:05 +02:00
Bernd Kuhls
7d06330d37 package/softether: fix hash
The tarball downloaded today from github does not match the checksum
which once was valid.

Comparing both
1e17c9bcfd/softether-1e17c9bcfd7e7b31756aa5389bcbff76c2c9c88a.tar.gz
http://sources.buildroot.net/softether-1e17c9bcfd7e7b31756aa5389bcbff76c2c9c88a.tar.gz
shows no differences in content.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-09-20 18:55:43 +02:00
Thomas Petazzoni
85f11d08c3 support/scripts/apply-patches.sh: do not apply patches with renames
Patches with renames apply properly with patch >= 2.7, but not with
older patch versions. Since "git format-patch" by default generates
patches with renames, Buildroot developers often don't realize that
their patches will not apply properly on build machines that have
patch < 2.7. In order to prevent such a situation from happening
again, this commit adds some logic in apply-patches.sh to refuse
applying patches that contain renames.

Note that just searching for '^rename' is not sufficient, since the
patch commit message may contain the words "rename from" or "rename to"
as well. Therefore, the grep expression is made as accurate as possible,
checking both.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Reviewed-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
[Arnout: spaces instead of tabs (suggested by Yann);
 extend commit message.]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2017-09-19 22:51:25 +02:00
Cam Hutchison
b55ff5a7cd toolchain: detect external glibc in merged /usr
When using an external toolchain that was built with Buildroot and a
merged /usr, the dynamic linker is actually in /usr/lib.

But the check_glibc macro limits the depth it is looking for the dynamic
linker, and misses it when it is in /usr/lib because it is too deep.

We could fix that in two ways: increase the depth in which we look
for it, or follow symlinks. We choose the second solution.

Signed-off-by: Cam Hutchison <camh@xdna.net>
Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Cc: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Cc: "Yann E. MORIN" <yann.morin.1998@free.fr>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2017-09-19 22:43:10 +02:00
Bernd Kuhls
23eae11e0b package/luvi: needs git submodules
Luvi bundles several libraries previously provided by the upstream
tarball. Since the tarball is not available anymore we need to fetch
the git submodules. Unbundling is very hard, and we anyway don't have
the bundled libraries in Buildroot.

Fixes
http://autobuild.buildroot.net/results/26d/26d04350a761d362f40e7bd1ac09b639d61de91a/

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Acked-by: "Jörg Krause <joerg.krause@embedded.rocks>"
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2017-09-19 22:42:34 +02:00