Building python-numpy on ARC HS with glibc fails due to missing FE_*
definitions in <fenv.h>. Therefore, python-numpy is only available on
ARC HS with a C library other than glibc.
Fixes:
http://autobuild.buildroot.net/results/6b9a3310bb4f8c1fd7db0ef4476458b3eec2bf2e/
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixed the following security issues:
CVE-2017-0898: Buffer underrun vulnerability in Kernel.sprintf
CVE-2017-10784: Escape sequence injection vulnerability in the Basic
authentication of WEBrick
CVE-2017-14033: Buffer underrun vulnerability in OpenSSL ASN1 decode
CVE-2017-14064: Heap exposure in generating JSON
For more details, see the release notes:
https://www.ruby-lang.org/en/news/2017/09/14/ruby-2-4-2-released/
Drop now upstreamed rubygems patches and add hashes for the license files
while we're at it.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
When BR2_PACKAGE_WPA_SUPPLICANT_MESH_NETWORKING is enabeld,
wpa_supplicant currently fails to build with:
../src/common/sae.o: In function `sae_cn_confirm.isra.2':
sae.c:(.text+0x168): undefined reference to `crypto_bignum_to_bin'
sae.c:(.text+0x198): undefined reference to `crypto_bignum_to_bin'
../src/common/sae.o: In function `sae_cn_confirm_ffc':
sae.c:(.text+0x214): undefined reference to `crypto_bignum_to_bin'
sae.c:(.text+0x22c): undefined reference to `crypto_bignum_to_bin'
../src/common/sae.o: In function `sae_cn_confirm_ecc':
sae.c:(.text+0x2a4): undefined reference to `crypto_ec_point_to_bin'
sae.c:(.text+0x2c0): undefined reference to `crypto_ec_point_to_bin'
[...]
This is due to the fact that the SAE code, used for the mesh network
support, needs OpenSSL support. Therefore, we ensure that
BR2_PACKAGE_WPA_SUPPLICANT_MESH_NETWORKING selects OpenSSL. Only
OpenSSL is supported, which is why
BR2_PACKAGE_OPENSSL_FORCE_LIBOPENSSL is selected as well.
No changes to the .mk files are needed, because we were already
handling OpenSSL as an optional dependency.
This problem was not yet caught by the autobuilders.
Reported-by: Maxime Ripard <maxime.ripard@free-electrons.com>
Cc: Maxime Ripard <maxime.ripard@free-electrons.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
mesa3d does not allow to enable both static and shared libraries so if
BR2_SHARED_STATIC_LIBS is set, disable static
Fixes https://bugs.busybox.net/show_bug.cgi?id=10326
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
The package includes some target-specific code that is irrelevant
in a host package but gets built anyway. The target for this code
must be one of the supported ChromeOS targets.
Supplied Makefile apparently relies on the environment to provide
a valid target, with a simple fallback to host arch. This breaks
the build if no value is provided and the host arch is not among
the supported ones.
Should fix
http://autobuild.buildroot.net/results/d118a83b6c4f7f910d0d44c279f36251d7ba29e8/
and similar failures.
Signed-off-by: Alex Suykov <alex.suykov@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
All Buildroot pre-built toolchains have been rebuilt with Buildroot
2017.11-rc1, so that they have the latest version of
glibc/musl/uClibc, and also the latest gcc/binutils updates.
Specifically, this will fix the build failures on Blackfin that were
due to the missing accept4() support:
http://autobuild.buildroot.net/results/8b5a72dd7cde685f6f68f46aeee8b1b60c96d559/
(openobex)
http://autobuild.buildroot.net/results/b19dd9ed29944d7f79c6f824669e3baaa0bb045a/
(libiio)
In terms of changes to the toolchains:
- AArch64 glibc toolchain changed to use 4.4 kernel headers instead
of 4.1, in order to increase the variety of kernel header versions
being tested.
- Most configurations now use 4.13 kernel headers instead of 4.12
(except the configurations that were explicitly using an older
kernel headers version)
- The mips64 n64 configuration is changed from using gcc 4.9 to gcc
5, since another ARM configuration already tests gcc 4.9.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Several packages have a similar md5.c file, and each has a function
named byteReverse(). This generates link errors when building
statically ("multiple definition of `byteReverse'").
Fix by applying a patch from upstream.
Fixes:
http://autobuild.buildroot.net/results/419ab2c0e034cc68991281c51caa8271b0fadbab/
Signed-off-by: Luca Ceresoli <luca@lucaceresoli.net>
Cc: Adam Duskett <aduskett@gmail.com>
Tested-by: Carlos Santos <casantos@datacom.ind.br>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
>From the changelong:
Set the FD_CLOEXEC flag on sockets, so they are not "leaked" to
spawned processes
Signed-off-by: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Big-endian CPUs store floating point as big endian (at lest majority
of them do), so, in order for 'network' plugin to work correctly (and
potentially any user of htond() in collectd's codebase),
--with-fp-layout=endianflip as opposed to --with-fp-layout=nothing
needs to be specified during configuration phase.
Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Cc: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Andrey Smirnov <andrew.smirnov@gmail.com>
Reviewed-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
This package fails when building for ARCompact due to toolchain issue.
Marking this with special comment "#ARC toolchain issues for
ARCompact" as the package is to be enabled as soon as the issue with
the ARC toolchain is resolved.
Fixes:
http://autobuild.buildroot.net/results/4c4eaa90335756448007ae3c5ae3839fb17d4442/
Signed-off-by: Evgeniy Didin <didin@synopsys.com>
Cc: Alexey Brodkin <abrodkin@synopsys.com>
Cc: arc-buildroot@synopsys.com
Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Current BR2_PACKAGE_PYTHON_NUMPY_ARCH_SUPPORTS variable layout going
to be inconvenient and ugly for adding new architectures or
restricting specific architectures. Lets reformat layout of this
variable.
Signed-off-by: Evgeniy Didin <didin@synopsys.com>
Cc: Alexey Brodkin <abrodkin@synopsys.com>
Cc: arc-buildroot@synopsys.com
Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Fixes the following security issues:
CVE-2017-12172: Start scripts permit database administrator to modify
root-owned files.
CVE-2017-15098: Memory disclosure in JSON functions.
CVE-2017-15099: INSERT ... ON CONFLICT DO UPDATE fails to enforce SELECT
privileges.
See the announcement for more details:
https://www.postgresql.org/about/news/1801/
While we're at it, also add a hash for the license file.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
This is a maintenance release of the current stable WebKitGTK+ version,
which contains a minor rendering fix, another for the WebDriver
implementation, and security fixes for CVE-2017-13798, CVE-2017-13788,
and CVE-2017-13803.
Release notes:
https://webkitgtk.org/2017/11/10/webkitgtk2.18.3-released.html
Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Also add hash for license file
See release notes for details:
https://trac.pjsip.org/repos/milestone/release-2.7.1
Signed-off-by: Adam Duskett <Adamduskett@outlook.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
go-bootstrap is a host package that builds a first stage Go compiler,
later used to build the final Go compiler. However, this first stage
compiler only supports building on x86, x86-64 and arm as host
architectures, so we need to add the relevant architecture
dependencies to avoid having go-bootstrap built on other unsupported
platforms.
We do this by introducing BR2_PACKAGE_HOST_GO_BOOTSTRAP_ARCH_SUPPORTS
in a new package/go-bootstrap/Config.in.host file. This option is then
used by BR2_PACKAGE_HOST_GO_ARCH_SUPPORTS to make sure we can't enable
Go packages when the host architecture doesn't allow building the Go
compiler.
Fixes:
http://autobuild.buildroot.net/results/cbd419c6ab6fa8a6d18dc137c91f895867e53b8a/
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes:
http://autobuild.buildroot.net/results/fbe/fbe21bd173e6566dd93dddd58d4a848de8a3465e/
The build system of the embedded jimtcl copy doesn't use autotools, but does
use an old version of gnuconfig which doesn't know all the architectures
supported by Buildroot, so update config.guess / config.sub like we do in
pkg-autotools.mk
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes:
http://autobuild.buildroot.net/results/284/284876bd649cab26e5ecd696c03c71c077ea7411/
The build system doesn't use autotools, but does use an old version of
gnuconfig which doesn't know all the architectures supported by Buildroot,
so update config.guess / config.sub like we do in pkg-autotools.mk
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
4.2.8p10 no longer requires openssl to compile.
Signed-off-by: Adam Duskett <Adamduskett@outlook.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The prosody configure script defines CFLAGS as -fPIC -Wall, but
because we pass our own CFLAGS, the -fPIC goes away, causing a build
failure when building shared libraries on x86-64:
/home/test/autobuild/run/instance-0/output/host/opt/ext-toolchain/bin/../lib/gcc/x86_64-amd-linux-gnu/6.2.0/../../../../x86_64-amd-linux-gnu/bin/ld: encodings.o: relocation R_X86_64_32 against `.rodata' can not be used when making a shared object; recompile with -fPIC
So let's pass this -fPIC flag explicitly in CFLAGS. We don't bother
passing it conditionally !BR2_STATIC_LIBS because other packages (e.g
lua) also pass -fPIC unconditionally.
Fixes:
http://autobuild.buildroot.net/results/7f0eb285b75cdeacb21a1f9a9f64d2f0cbbf1d59/
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Use of libfdt.h by u-boot is currently using
the <system-path>.
Jan submitted the following upstream
https://patchwork.ozlabs.org/patch/833760/
Resolves a failure like this one observed on uboot-tools
http://autobuild.buildroot.net/results/347cde4b5c0e6ca76d354396385be4ec1294da73
[Peter: only sed if file exists]
CC: Jan Kundrát <jan.kundrat@cesnet.cz>
CC: Arnout Vandecappelle <arnout@mind.be>
Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The recent crypto handling change (commit 04a1031d3: package/libssh2: Add
selectable crypto libraries) had the unfortunate side effect that it no
longer automatically selects the most suitable crypto backend (E.G. one
where the dependency is already enabled), so all users not wanting to use
the mbedtls backend need to explicitly configure this.
Fix this by inverting the logic so the crypto backend sub options use
'depends on' their dependencies instead of 'select', so only the available
backends are displayed.
Like before, default to openssl if no crypto backend dependencies are
currently enabled.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
uClibc doesn't implement __register_atfork() on noMMU systems, causing
a build failure of libressl. Since openssl is available as an
alternative on such platforms, we just disable libressl on
uClibc/noMMU systems.
Fixes:
/home/thomas/projets/buildroot/output/build/libressl-2.5.5/crypto/.libs/libcrypto.a(arc4random.o): In function `_rs_init.part.1':
arc4random.c:(.text+0x74): undefined reference to `__register_atfork'
collect2: error: ld returned 1 exit status
This build issue is not visible in the autobuilders, because libressl
is only selectable through a choice, which isn't randomized by the
autobuilder logic.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Bump kernel to 4.13.11 and U-Boot to 2017.09.
Signed-off-by: Sergey Matyukevich <geomatsi@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Ethtool has a configure script option allowing the enabling or disabling of
pretty printing for drivers, SFP modules etc which can save a significant
amount of bytes on the root filesystem. Allow selecting that, and turn it on by
default (like ethtool's configure script).
[Peter: fix Config.in indentation/style]
Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes:
http://autobuild.buildroot.net/results/49d/49dcec0bd2f3bb78c18675a9fa5c9c53cc183fd2/
g_cclosure_marshal_VOID__VOID is defined both in libgobject.a and
libgstreamer.a. It is probably possible to fix this, but gstreamer0.10
has been deprecated for a long time now and is anyway unlikely to be
used in static-only situations, so let's just require dynamic linking.
Propagate to the reverse dependencies. opencv3 already did depend on
dynamic libs.
[Peter: add autobuild reference]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
We use the host compiler for x86-64 builds, so ensure it is only available
on x86-64 hosts.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
