As we discussed on the mailing list, using $(<pkg>_NAME) when defining
CPE ID variables feels a bit odd and needlessly complicated. Just use
the package name directly.
Cc: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
cpe:2.3🅰️ntp:ntp is a valid CPE identifier for this package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Antp%3Antp
The specification of the version needs to be reworked a little
bit. Indeed, versions look like 4.2.8p15. For the download, we need to
extract 4.2 as the folder is named ntp-4.2. However, for the CPE ID we
need to extract 4.2.8 and p15 into two separate fields.
So, we set:
NTP_VERSION_MAJOR = 4.8
NTP_VERSION_MINOR = 2
NTP_VERSION_POINT = 15
and construct the version:
NTP_VERSION = $(NTP_VERSION_MAJOR).$(NTP_VERSION_MINOR)p$(NTP_VERSION_POINT)
Note that the choice of "point" comes from
http://support.ntp.org/bin/view/Main/ReleaseNumberingScheme, which
states "The letter p followed by an increasing number indicates a
Point (i.e. incremental) Release.".
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
- minor maintainence release mainly to address exist build issues;
- remove the following patches since all have been upstreamed:
0001-erofs-utils-fix-multiple-definition-of-sbi.patch;
0002-erofs-utils-fuse-fix-linking-when-using-with-selinux.patch;
0003-erofs-utils-fuse-disable-backtrace-if-unsupported.patch.
Signed-off-by: Gao Xiang <hsiangkao@aol.com>
[yann.morin.1998@free.fr: two spaces in hash file]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The mainline kernel searches the coda VPU firmware inside the following
locations [1]:
/lib/firmware/
/lib/firmware/vpu/
Currently Buildroot installs the coda firmware into /lib/firmware/imx/vpu,
which is not a valid location.
Fix it by installing the coda firmwares into /lib/firmware/vpu/ which
is a valid path for both mainline and NXP vendor kernels. Also create a
symlink to /lib/firmware/ so that mainline kernels do not need to wait
more than 60 seconds to search again inside /lib/firmware/vpu/.
[1] https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=8af7779f3cbc1f6720d15f00abc797493710d1ab
Reported-by: Romain Naour <romain.naour@gmail.com>
Suggested-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Fabio Estevam <festevam@gmail.com>
Acked-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Drop upstream patch which is included in the new version.
Add additional config option `--enable-a2dpconf` to build small (13 kB)
utility `a2dpconf` which does not depend on any external dependencies.
Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Integrate the RCW into the storage device image, so the image can also
be used a boot source. The SoC expects the RCW at offset 4096 of the SD
card or eMMC.
Signed-off-by: Michael Walle <michael@walle.cc>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Enable building of the bootloader and integrate it into the resulting
image.
Signed-off-by: Michael Walle <michael@walle.cc>
Tested-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
- Fix CVE-2020-36177: RsaPad_PSS in wolfcrypt/src/rsa.c in wolfSSL
before 4.6.0 has an out-of-bounds write for certain relationships
between key size and digest size.
- Drop patch (already in version)
https://github.com/wolfSSL/wolfssl/releases/tag/v4.6.0-stable
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
* add option for new library Boost.JSON
* drop patch 0001 as it's applied upstream
* host: disable options that were added over time but never disabled for the host-build
Signed-off-by: Michael Nosthoff <buildroot@heine.tech>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
There is only one commit between version 3.2.1 and current commit
7c74fa1aece6bc6db351763dc012193d5d634b7e which updates the release file:
6a9efb7dd2
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
When a package has both a target and a host variant, and uses git
submodules, and the host variant is downloaded before the target one, we
end up with the generated archive missing the submodules.
This happens in exactly one package in our tree: c-capnproto.
This issue was not caught before because after a few days, the full
sources are added to sources.buildroot.net. So when the hash check
fails, the full tarball is simply downloaded from there.
Propagate the git submodule setting from the target variant to the host
variant, unless the host variant explicitly opted-out.
Fixes:
http://autobuild.buildroot.org/results/2de9c6c8ce83569d18cc7140ebc60d6fe1aadcbf/
Reported-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Use official tarball (this will also have the nice side-effect of making
MINICOM_VERSION compatible with release-monitoring.org)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Reviewed-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
WavPack 5.4.0 contains a fix for CVE-2020-35738 wherein a specially
crafted WAV file could cause the WAVPACK command-line program to crash
with an out-of-bounds write (see issue #91).
Update hash of COPYING (update in year:
2ce3c069be)
https://github.com/dbry/WavPack/blob/5.4.0/NEWS
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit 37a909cacf (package/tar: drop specific version for host variant)
updated the host variant from 1.29 to 1.32.
However, because there is no longer any upper-limit to the version of
tar accepted from the system, and because tests were conducted on a
recent distribution, there was no need to build the host variant of tar.
As a consequence, updating the hash file was missed.
Do so now.
Also switch to using the new two-space separators.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
- Use the COREMARK_PRO_MARKS definition from the build recipe to
generate the coremark-pro.sh
- Use %x:%X as the date stamp in the results file.
Suggested-by: Arnout Vandecappelle <arnout@mind.be>
Signed-off-by: Chris Packham <judge.packham@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
nvidia-modprobe package adds a utility and headers for probing the NVIDIA
hardware at runtime.
https://github.com/NVIDIA/nvidia-modprobe
Signed-off-by: Christian Stewart <christian@paral.in>
[Arnout:
- use upstream Makefile instead of building directly;
- don't install to staging;
- remove dependency on host-pkgconf;
- correct license to GPL-2.0;
- remove dependency on threads and glibc;
- add dependency on MMU.]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
