As suggested by Baruch Siach, using "git rev-parse HEAD" is a lot
simpler than playing around with "git log" to just retrieve the commit
id corresponding to the current HEAD.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
In order for the luvi version to match what is given by
release-monitoring.org, the 'v' prefix should be encoded in
LUVI_SOURCE and LUVI_SITE and not LUVI_VERSION.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
In order for the openpowerlink version to match what is given by
release-monitoring.org, the 'V' prefix should be encoded in
OPENPOWERLINK_SOURCE and OPENPOWERLINK_SITE and not
OPENPOWERLINK_VERSION.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Add basic support for the Libre Computer "La Frite" SBC.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
They are required by the default udev rules.
Fixes: https://bugs.busybox.net/show_bug.cgi?id=12141
Signed-off-by: Carlos Santos <unixmania@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
See full Changelog: http://fping.org/dist/CHANGELOG.md
Also add hash for license file
Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The wellknown module `argparse` is now used by LuaRocks 3.2.0, instead
of a homemade argument parsing.
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
this trick removes the need of the patch
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Since syslog-ng 3.11.1 eventlog has been bundled with the sources.
Remove the separate package.
We don't add Config.in.legacy handling because eventlog was only used
by syslog-ng, and was not really meant to be used by anyone else, so
there is no point in warning users who had this package enabled in
their configuration that it no longer exists, as it was only used by
syslog-ng, and syslog-ng now bundles eventlog.
Signed-off-by: Chris Packham <judge.packham@gmail.com>
[Thomas: extend explanation about why we don't have any
Config.in.legacy handling]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
paho-mqtt-c 1.3.1 is the latest stable release. The latest release
contains various bug fixes and adds TLS-PSK encryption support.
Release notes: https://github.com/eclipse/paho.mqtt.c/milestone/6?closed=1
Signed-off-by: Julien Grossholtz <julien.grossholtz@openest.io>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Qemu can optionally depend on nettle if available, so we should take
into account this optional dependency.
Cc: Florian Wolters <florian@florian-wolters.de>
Signed-off-by: Alexander Dahl <post@lespocky.de>
[Thomas: reword commit log, so that it makes sense in the context of
upstream Buildroot]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Create the configuration file as /etc/thttpd.conf, as expected by the
systemd unit file.
This matches other web server packages that install configuration files
at /etc/lighttpd/, /etc/apache2, etc.
Signed-off-by: Carlos Santos <unixmania@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
* Added license hash files
* Updated site to new GNU location
* Reconfig required to use newer automake
* Dropped patch for 01_array_initialize.patch as it was fixed
* Refactored patches for makeinfo variable and write io errs
* Added new dc fix exit code patch from Debian sid
* Added new libmath offline gen cross-compile patch from Yocto
Upstream patch status: Pending
Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Suggested-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Since the bump to the 20190819 snapshot there is now a dedicated dts file
for the rpi0, so use that rather than the rpi-b-plus one:
bd1336d8b6
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fixes#12816
Commit 42d22f3bdb ({configs/raspberrypi,package/rpi-firmware}: bump
kernel/firmware to 20190819 version) updated the kernel version but failed
to take into consideration that the rpi0w dts file has been renamed:
6f91b5dbfd
Fix it by renaming the dts/dtb file referenced from the kernel build and
genimage.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Useful for test purposes when we want to install util-linux with a
custom TARGET_DIR, e.g.
$ make util-linux-reinstall TARGET_DIR=/tmp/util-linux
Signed-off-by: Carlos Santos <unixmania@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Use github macro and drop SOURCE variable to keep the default SOURCE
value which gives a much more sensible tarball name
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The init script provided by thttpd is for FreeBSD. Add a custom one,
made specifically for Buildroot.
Signed-off-by: Carlos Santos <unixmania@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
In order for the sslh version to match what is given by
release-monitoring.org, the 'v' prefix should be encoded in
SSLH_SOURCE and not SSLH_VERSION.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Remove second patch (already in version)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes:
http://autobuild.buildroot.net/results/bfd29593bb6c53d3e9e2d02d2ed6bea360d99c00/
In libnss there is a bug leading to build failure due to double declared
functions. This is due to 2 different #ifdef statements treating the
same function-set.
Add patch to fix this by making the 2 #ifdef statements equal.
Signed-off-by: Giulio Benetti <giulio.benetti@micronovasrl.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
In order for the kompexsqlite version to match what is given by
release-monitoring.org, the 'v' prefix should be encoded in
KOMPEXSQLITE_SOURCE and not KOMPEXSQLITE_VERSION.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
In order for the zziplib version to match what is given by
release-monitoring.org, the 'v' prefix should be encoded in
ZZIPLIB_SITE and not ZZIPLIB_VERSION.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
In order for the perl-class-std-fast version to match what is given by
release-monitoring.org, the 'v' prefix should be encoded in
PERL_CLASS_STD_FAST_SOURCE and not PERL_CLASS_STD_FAST_VERSION.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fixes the following security vulnerabilities:
- CVE-2019-9511 "Data Dribble": The attacker requests a large amount of data
from a specified resource over multiple streams. They manipulate window
size and stream priority to force the server to queue the data in 1-byte
chunks. Depending on how efficiently this data is queued, this can
consume excess CPU, memory, or both, potentially leading to a denial of
service.
- CVE-2019-9512 "Ping Flood": The attacker sends continual pings to an
HTTP/2 peer, causing the peer to build an internal queue of responses.
Depending on how efficiently this data is queued, this can consume excess
CPU, memory, or both, potentially leading to a denial of service.
- CVE-2019-9513 "Resource Loop": The attacker creates multiple request
streams and continually shuffles the priority of the streams in a way that
causes substantial churn to the priority tree. This can consume excess
CPU, potentially leading to a denial of service.
- CVE-2019-9514 "Reset Flood": The attacker opens a number of streams and
sends an invalid request over each stream that should solicit a stream of
RST_STREAM frames from the peer. Depending on how the peer queues the
RST_STREAM frames, this can consume excess memory, CPU, or both,
potentially leading to a denial of service.
- CVE-2019-9515 "Settings Flood": The attacker sends a stream of SETTINGS
frames to the peer. Since the RFC requires that the peer reply with one
acknowledgement per SETTINGS frame, an empty SETTINGS frame is almost
equivalent in behavior to a ping. Depending on how efficiently this data
is queued, this can consume excess CPU, memory, or both, potentially
leading to a denial of service.
- CVE-2019-9516 "0-Length Headers Leak": The attacker sends a stream of
headers with a 0-length header name and 0-length header value, optionally
Huffman encoded into 1-byte or greater headers. Some implementations
allocate memory for these headers and keep the allocation alive until the
session dies. This can consume excess memory, potentially leading to a
denial of service.
- CVE-2019-9517 "Internal Data Buffering": The attacker opens the HTTP/2
window so the peer can send without constraint; however, they leave the
TCP window closed so the peer cannot actually write (many of) the bytes on
the wire. The attacker then sends a stream of requests for a large
response object. Depending on how the servers queue the responses, this
can consume excess memory, CPU, or both, potentially leading to a denial
of service.
- CVE-2019-9518 "Empty Frames Flood": The attacker sends a stream of frames
with an empty payload and without the end-of-stream flag. These frames
can be DATA, HEADERS, CONTINUATION and/or PUSH_PROMISE. The peer spends
time processing each frame disproportionate to attack bandwidth. This can
consume excess CPU, potentially leading to a denial of service.
(Discovered by Piotr Sikora of Google)
Notice that this version bump requires nghttp2 1.39.2. It also includes an
(unconditional) embedded copy of brotli.
Update the license hash because of copyright year changes and the addition
of the MIT-style license text for large_pages and brotli.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fixes the following security issues:
CVE-2019-9511: Data Dribble
CVE-2019-9513: Resource Loop
For details, see the advisory:
https://nghttp2.org/blog/2019/08/19/nghttp2-v1-39-2/
Notice that libnghttp2 itself is not affected by these vulnerabilities, only
nghttpx and nghttpd (which are currently not built).
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Drop the v prefix on the download URL as the 1.2 git tag is just '1.2' and
add a hash for the license file.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
- Update CCACHE_SITE to github.
- The hash of the license file is updated. There were two changes:
* The reference to the credits.html file changed from
ccache.samba.org to ccache.dev
* The MIT license text for minitrace.[ch] was added, but it doesn't
change the fact that the whole is under GPL-3.0, and we anyway
already had "GPL-3.0, others" in CCACHE_LICENSE
Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
[Thomas: update the license file hash]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bugfix release, fixing a potential infinite loop when handling the LUKS
header:
git shortlog v8..v9
Daniel Kopeček (2):
Use asciidoc as the manual page source format
Generate manual page from source during build time
Milan Broz (1):
Fix infinite loop when initializing trimmed LUKS header.
Nathaniel McCallum (3):
Fix invalid man page section reference
Fix typos in the man page
Release version 9
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
nfs-utils selects rpcbind, and rpcbind unconditionally selects
libtirpc. Therefore, nfs-utils will never be used with the C library
RPC implementation: libtirpc will always be used. Consequently, all
the conditional logic to use libtirpc only if available is useless,
and we can use libtirpc unconditionally.
As an added bonus, this means that we can enable IPv6, because
libtirpc provides an IPv6-compatible RPC implementation.
Fixes: https://bugs.busybox.net/show_bug.cgi?id=10806
Signed-off-by: Carlos Santos <unixmania@gmail.com>
[Thomas: rework commit log]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
pkg-stats extracts the Buildroot commit id from which the package
information was collected. However, when doing so, it always assumes
we're using the master branch, by running "git log master".
But in fact, pkg-stats can be run from any branch/tag, so it makes a
lot more sense to use "git log HEAD".
Cc: victor.huesca@bootlin.com
Cc: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
