Commit Graph

33224 Commits

Author SHA1 Message Date
Peter Korsgaard
7f0f83296f docs/website/news.html: add 2016.11 announcement link
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-12-19 23:48:12 +01:00
Peter Korsgaard
c489cbad77 libupnp: add upstream security fix for CVE-2016-8863
Fix out-of-bound access in create_url_list()

If there is an invalid URL in URLS->buf after a valid one, uri_parse is
called with out pointing after the allocated memory. As uri_parse writes
to *out before returning an error the loop in create_url_list must be
stopped early to prevent an out-of-bound access.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-12-19 22:28:46 +01:00
Peter Korsgaard
9d1dab1b80 libupnp: add upstream security fix for CVE-2016-6255
If there's no registered handler for a POST request, the default behaviour
is to write it to the filesystem. Several million deployed devices appear
to have this behaviour, making it possible to (at least) store arbitrary
data on them. Add a configure option that enables this behaviour, and change
the default to just drop POSTs that aren't directly handled.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-12-19 22:28:40 +01:00
Yegor Yefremov
c07ad416b4 python-twisted: bump to version 16.6.0
Add two new dependencies:

python-contstantly: runtime only
python-incremental: both runtime and build-time dependency

Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-12-19 22:26:26 +01:00
Yegor Yefremov
20fb68f71a python-zope-interface: bump to version 4.3.3
Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-12-19 22:26:16 +01:00
Yegor Yefremov
4f37e027df python-constantly: new package
Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-12-19 22:26:00 +01:00
Romain Naour
4f08ad87df package/google-breakpad: add C++11 dependency on the host variant
When google-breakpad has been updated to the latest version, the C++11
dependency has been added for the target variant only.
The C++11 dependency is also required for the host variant.

Fixes:
http://autobuild.buildroot.org/results/dce/dcecb17116c0cf400c98f0052c9bf71f15d0d398

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-12-19 22:21:31 +01:00
Yann E. MORIN
0cf7d259a7 package/weston: fix build on ancient glibc
Fix build with ancient glibces.

Fixes:
    http://autobuild.buildroot.net/results/bce/bcecdbbce4a99eb1e9bfbf519857bf94d8952037/

[Peter: patches configure.ac, so add WESTON_AUTORECONF = YES]
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-12-19 21:09:46 +01:00
Gustavo Zacarias
80e0583a70 samba4: security bump to version 4.4.8
Fixes:
CVE-2016-2123 - Samba NDR Parsing ndr_pull_dnsp_name Heap-based Buffer
Overflow Remote Code Execution Vulnerability.
CVE-2016-2125 - Unconditional privilege delegation to Kerberos servers
in trusted realms.
CVE-2016-2126 - Flaws in Kerberos PAC validation can trigger privilege
elevation.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-12-19 20:55:29 +01:00
Gustavo Zacarias
ae58da7111 openssh: security bump to version 7.4p1
Fixes:
CVE-2016-10009 - ssh-agent(1): Will now refuse to load PKCS#11 modules
from paths outside a trusted whitelist
CVE-2016-10010 - sshd(8): When privilege separation is disabled,
forwarded Unix-domain sockets would be created by sshd(8) with the
privileges of 'root'
CVE-2016-10011 - sshd(8): Avoid theoretical leak of host private key
material to privilege-separated child processes via realloc()
CVE-2016-10012 - sshd(8): The shared memory manager used by
pre-authentication compression support had a bounds checks that could be
elided by some optimising compilers

http://seclists.org/oss-sec/2016/q4/708

Drop upstream patch.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-12-19 20:53:24 +01:00
Yegor Yefremov
42081de819 python-pathvalidate: bump to version 0.9.4
Add new runtime dependency: BR2_PACKAGE_PYTHON_MBSTRDECODER.

Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-12-19 13:42:29 +01:00
Yegor Yefremov
0a27910ea7 python-xlsxwriter: bump to version 0.9.4
Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-12-19 13:41:48 +01:00
Zakharov Vlad
e4491b47b0 toolchain: Bump ARC tools to arc-2016.09 release
As described at:
4520524ba0
this commit continues a series of updates of ARC tools.

This time we're updating tools to arc-2016.09 release version.

Signed-off-by: Vlad Zakharov <vzakhar@synopsys.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-12-19 13:40:57 +01:00
Yegor Yefremov
dbfca79630 can-utils: add dependency on NPTL
canfdtest.c assumes that clock_nanosleep() is always available. But it
is only available with NPTL. Since it unconditionally uses it, we add
dependency on NPTL.

Fixes:
http://autobuild.buildroot.net/results/fd97aa57747a546c799caf094aafe0d1d1225863
http://autobuild.buildroot.net/results/1313f91df134035159e677c6b4a63838c75d074c
http://autobuild.buildroot.net/results/a1ac495c5e38e5d0777c431fc6a2e4b5bff7c2ad
http://autobuild.buildroot.net/results/978bee40049896bd6e093fa31c5eb7673e05a6b8
http://autobuild.buildroot.net/results/c692e96de1b4fdadf720ead8249a44c21fe945f1

Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-12-19 11:35:02 +01:00
Gustavo Zacarias
584885c8d4 gmp: bump to version 6.1.2
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-12-19 00:32:56 +01:00
Theo Debrouwere
e1a0a8858e BeagleBoard X15: new board
This configuration provides a basic setup for using Buildroot
to create a sd-card image a BeagleBoard X15 board.

[Peter: use 512M ext4 partition, linux 4.9 and u-boot 2016.11]
Signed-off-by: Theo Debrouwere <Theo.Debrouwere@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-12-18 23:07:03 +01:00
Baruch Siach
a0ccec3897 zlib: update homepage link
Avoid redirect.

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-12-18 21:33:02 +01:00
Baruch Siach
8b21bdea17 xl2tp: bump to version 1.3.8
Drop obsolete patch.

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-12-18 21:32:17 +01:00
Gustavo Zacarias
4be266220a redis: bump to version 3.2.6
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-12-18 21:30:29 +01:00
Gustavo Zacarias
ad446bb377 debianutils: bump to version 4.8.1
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-12-18 21:30:02 +01:00
Gustavo Zacarias
eaff70b8b6 poppler: bump to version 0.50.0
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-12-18 21:28:29 +01:00
Gustavo Zacarias
32ba7b7b15 strace: bump to version 4.15
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-12-18 21:27:56 +01:00
Gustavo Zacarias
d9ef4c1f79 squid: security bump to version 3.5.23
Fixes:
CVE-2016-10002: http://www.squid-cache.org/Advisories/SQUID-2016_11.txt
CVE-2016-10003: http://www.squid-cache.org/Advisories/SQUID-2016_10.txt

[Peter: add CVE references]
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-12-18 21:24:41 +01:00
Gustavo Zacarias
d174d2ee37 bmon: bump to version 4.0
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-12-18 21:21:14 +01:00
Thomas Petazzoni
4ddd7c9fbc xfsprogs: remove comment about uClibc specific options
xfsprogs now builds fine with Buildroot default uClibc configuration, so
there is no point in having a specific comment: we don't have this for
any other package, and it's basically impossible to maintain.

UCLIBC_SV4_DEPRECATED is still disabled in the Buildroot default uClibc
configuration, but xfsprogs builds fine without it.

UCLIBC_HAS_OBSOLETE_BSD_SIGNAL is now enabled in the Buildroot default
uClibc configuration.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-12-18 15:58:30 +01:00
Thomas Petazzoni
4b36d50b99 xfsprogs: bump to version 4.8.0
Switch to the new upstream site on kernel.org, and to a .tar.xz
tarball. The patches are simply refreshed.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-12-18 15:56:47 +01:00
Thomas Petazzoni
5f51f05393 xfsprogs: turn patches into proper Git patches
The first patch was Git formatted, but additional information at the top
made it unapplicable by Git, fix this.

The second patch was not Git formatted at all.

Since upstream uses Git, it makes sense to have Git formatted patches.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-12-18 15:39:47 +01:00
Thomas Petazzoni
cec7adea4f oprofile: needs libpfm4 on powerpc64(le)
oprofile already needed libpfm4 for PowerPC, but in fact it also needs
it for PowerPC64 and PowerPC64le, so this commit adds a
BR2_PACKAGE_OPROFILE_NEEDS_LIBPFM4 hidden option and uses it to decide
if libpfm4 is needed or not.

Fixes:

  http://autobuild.buildroot.net/results/d19caeb445b7040cbd2e4ff62b7db9986e84b6ab/ (powerpc64le)
  http://autobuild.buildroot.net/results/66dd4f7ff635915a506f96d1d8115ac48cca0c6c/ (powerpc64)

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-12-18 15:26:59 +01:00
Dagg Stompler
e1bf130ca8 odroid-mali: add support for x11 egl implementation
Allow installation of the x11 egl support required for the X11 ddx
driver. The BR2_PACKAGE_ODROID_MALI_X11 hidden option will be selected
by the X11 DDX driver.

Signed-off-by: Dagg Stompler <daggs@gmx.com>
[Thomas:
 - select BR2_PACKAGE_LIBDRM,
   BR2_PACKAGE_XLIB_{LIBX11,LIBXFIXES,LIBXEXT,LIBXDAMAGE} from
   BR2_PACKAGE_ODROID_MALI_X11 in order to avoid numerous "if" in
   Config.in
 - Use a single assignment to ODROID_MALI_DEPENDENCIES to add the
   dependencies for libdrm and the X11 libraries.
 - Introduce ODROID_MALI_HEADERS_SUBDIR and ODROID_MALI_LIBS_SUBDIR to
   clarify the location of the headers and libraries for the selected
   architecture/display backend in the Mali tree.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-12-18 15:03:46 +01:00
Fabien Parent
cd4af31dd8 xorg-server: add dependency on dri2proto when systemd is built
When systemd is selected, xorg-server must have config-udev-kms
enabled in order to build correctly, but it won't be the case if
BR2_PACKAGE_XPROTO_DRI2PROTO is not part of the build.

Add BR2_PACKAGE_XPROTO_DRI2PROTO as a dependency of xorg-xserver
only when systemd is part of the build.

Fixes bug #9486.

Signed-off-by: Fabien Parent <fparent@baylibre.com>
Tested-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-12-18 14:25:39 +01:00
Bernd Kuhls
e9f66e194a package/x11r7/xlib_libXpm: bump version to 3.5.12
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-12-18 14:24:29 +01:00
Bernd Kuhls
67e0424f18 package/x11r7/xdriver_xf86-video-geode: bump version to 2.11.19
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-12-18 14:24:28 +01:00
Bernd Kuhls
3574df46b8 package/x11r7/xdriver_xf86-video-dummy: bump version to 0.3.8
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-12-18 14:24:26 +01:00
Bernd Kuhls
0a79331f7d package/x11r7/xdriver_xf86-input-libinput: bump version to 0.23.0
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-12-18 14:24:24 +01:00
Bernd Kuhls
c9a112705f package/x11r7/xapp_sessreg: fix musl build
Fixes
http://autobuild.buildroot.net/results/717/717bd4a2ee4ba62ed9245ec22166a3c63ce1a56d/

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-12-18 14:23:37 +01:00
Gustavo Zacarias
613f650d34 linux-headers: bump 3.12.x series
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-12-18 14:23:05 +01:00
Yegor Yefremov
af198a2830 DEVELOPERS: add Yegor Yefremov for the can-utils package
Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-12-18 14:11:00 +01:00
Fabrice Fontaine
c383856268 lxc: enable lua if package is selected
lua and python bindings were removed with the same patch:
https://patchwork.ozlabs.org/patch/367361. There is a real issue with
python but not with lua so enable it if lua is selected

Signed-off-by: Fabrice Fontaine <fabrice.fontaine@orange.com>
[Thomas: simplify value passed to --with-lua-pc.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-12-18 12:32:11 +01:00
Fabrice Fontaine
be2adc1ab2 lxc: bump to version 2.0.6
Signed-off-by: Fabrice Fontaine <fabrice.fontaine@orange.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-12-17 23:53:05 +01:00
Jérôme Pouiller
c01efc5ab9 xserver_xorg-server: fix dependency with dbus
If dbus and udev are enabled. Xorg link with both:

$ arm-linux-readelf -d usr/bin/X | grep NEEDED
 0x00000001 (NEEDED)                     Shared library: [libdbus-1.so.3]
 0x00000001 (NEEDED)                     Shared library: [libpthread.so.0]
 0x00000001 (NEEDED)                     Shared library: [libudev.so.1]
[...]

Signed-off-by: Jérôme Pouiller <jezz@sysmic.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-12-17 16:52:38 +01:00
Romain Naour
30128ef4d0 package/google-breakpad: bump to the latest version
This version add the C++11 support and microdump.

Add the C++11 dependency since it's now mendatory.
Use the same linux-syscall-support version as the one defined by DEPS
file in the Google-breakpad sources.

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Pascal Huerst <pascal.huerst@gmail.com>
Cc: Frank Hunleth <fhunleth@troodon-software.com>
[Thomas: propagate the C++11 related dependency to
BR2_GOOGLE_BREAKPAD_ENABLE.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-12-17 16:27:55 +01:00
Romain Naour
c4c4f43d49 package/google-breakpad: switch to the new git repository
Google-breakpad moved to a new git repository last year and the old svn
repository has been deleted. So, the Buildroot archive mirror is used.

svn: E160013: Unable to connect to a repository at URL 'http://google-breakpad.googlecode.com/svn/trunk'
svn: E160013: '/svn/trunk' path not found
--2016-11-27 10:42:34--  http://sources.buildroot.net/google-breakpad-1373.tar.gz

Swith to the git repository using the git hash corresponding to the
1373 svn revision. But there is an issue with the third parties...
Some of them are not bundled with Google-breakpad or as git submodule.
Even worst, the google-breakpad source code use #include
"third_party/lss" directly, so we can't provide missing third parties
with an external package.

That's why the linux-syscall-support package was added to Buildroot,
it provide the missing linux_syscall_support.h file which is must be
copied to src/third_party/lss/ in the Google-breakpad sources.

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Pascal Huerst <pascal.huerst@gmail.com>
Cc: Frank Hunleth <fhunleth@troodon-software.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-12-17 16:15:30 +01:00
Thomas Petazzoni
783c132084 DEVELOPERS: add Romain Naour for linux-syscall-support
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-12-17 16:13:38 +01:00
Romain Naour
a069c16526 package/linux-syscall-support: new package
This package provide a header file which will be used by
Google-breakpad package. This avoid using depot-tools script to fetch
all third parties used by Google-breakpad.

Use the version corresponding to the Google-breakpad svn revision 1373:
http://linux-syscall-support.googlecode.com/svn/trunk/lss@24 829466d3-f3f5-3ae4-62ad-de35cf9bba21

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Pascal Huerst <pascal.huerst@gmail.com>
Cc: Frank Hunleth <fhunleth@troodon-software.com>
[Thomas: directly implement installation in the install commands, rather
than using post-install hooks.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-12-17 16:13:02 +01:00
Jordan Yelloz
ecd5e7ca72 lvm2: ensured TARGET_AR is used during build
The same way TARGET_CC was not being used during the build, TARGET_AR
was not used either. Now TARGET_CONFIGURE_OPTS is injected into
LVM2_MAKE_ENV which should include all the toolchain substitutions.

Signed-off-by: Jordan Yelloz <jordan@yelloz.me>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-12-17 16:05:17 +01:00
Tal Shorer
06a3e83b9a pkg-generic: run $(PKG)_PRE_RSYNC_HOOKS before checking for the existence of $(SRCDIR)
This will allow packages to define their pre-rsync hooks which will be
guaranteed to run even if the source is missing.

Signed-off-by: Tal Shorer <tal.shorer@gmail.com>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-12-17 16:00:03 +01:00
Thomas Petazzoni
57b628a932 Revert "package/aespipe: fix host compile"
This reverts commit cb33a7d6bd, as it
causes build failures on platforms where gcc does not understand the
"-no-pie" option.

Fixes:

  http://autobuild.buildroot.net/results/51be9526300b3d03e2e304dec9cae953f2f59de4/

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-12-17 15:56:21 +01:00
Christian Kellermann
93f31b20da linux: check that a repo and version is defined when using a custom repo
If not set the system will use an empty string which will result in
download errors for 'linux-.tar.gz' packages.

This patch makes it obvious to the user that the variable needs to be
set.

Signed-off-by: Christian Kellermann <christian.kellermann@solectrix.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-12-17 15:55:32 +01:00
Luca Ceresoli
ddd108f39f rapidjson: bump to 1.1.0
Signed-off-by: Luca Ceresoli <luca@lucaceresoli.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-12-17 15:31:45 +01:00
Baruch Siach
69ced96355 musl: workaround kernel if_ether.h header conflict
Add a patch that defines _LINUX_IF_ETHER_H in netinet/if_ether.h to avoid the
conflicting kernel if_ether.h.

Other musl distros (Alpine, Sabotage, Gentoo) patch[1] the kernel headers
instead. This is not practical in Buildroot, since we allow the user to choose
the kernel version.

This only fixes the normal case of including linux/if_ether.h (directly or
indirectly) after netinet/if_ether.h.

Fixes (tcpreplay):
http://autobuild.buildroot.net/results/a65/a65b27f9e288f94f041ced64313dbf55af47bf36/

[1] https://cgit.gentoo.org/proj/musl.git/diff/sys-kernel/linux-headers/files/libc-compat.h-prevent-redefinition-of-struct-ethhdr.patch?id=8eddda8072add075ebf56cf6d288bc1450d6b5f8

Cc: Rich Felker <dalias@aerifal.cx>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-12-17 15:26:36 +01:00