Fixes a security vulnerability similar to git's CVE-2018-11235
This release changes some configuration options, so tweak them
accordingly.
Signed-off-by: Nicolas Cavallari <nicolas.cavallari@green-communications.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
libgit2 depends on zlib. If libgit2's build system does not find a
system zlib, then it compiles a bundled version of it, which is not
really great. So instead, add zlib as a mandatory dependency.
Signed-off-by: Nicolas Cavallari <nicolas.cavallari@green-communications.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Shadowsocks-libev is a lightweight secured SOCKS5 proxy for
embedded devices and low-end boxes.
https://github.com/shadowsocks/shadowsocks-libev
Signed-off-by: Min Xu <xuminready@gmail.com>
[Thomas:
- drop patch adding license file for libipset
- drop --disable-documentation, it's passed by autotools-package
- add entry in DEVELOPERS file
- pass --disable-ssp because the SSP check uses AC_COMPILE_IFELSE()
so with some toolchains, it think SSP support is available, while
it's not. And anyway we want SSP to be controlled by Buildroot
global options, not on a per-package basis.
- add depends on BR2_USE_MMU, because the code uses fork().]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
'+' is a valid character in a url. The current dl-wrapper gets the
URI scheme by dropping everything after the last '+' character, with
the intension of finding 'git' from e.g. 'git+https://uri'.
If a uri has a '+' anywhere in it, it ends up using too much of the
string as a scheme, and fails to match the handler properly.
An example of where this form of URI is used is when using deploy tokens
in gitlab. It uses a form like https://<username>:<password>@gitlab.com/<group>/<repo.git>
where username for deploy token is of the form 'gitlab+deploy-token-<number>'.
Use the %% operator to search backwards until the last '+' character when
dropping the rest of the string as we know that the first '+'
in the string should be the scheme.
Signed-off-by: Robert Beckett <bbeckett@netvu.org.uk>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Since version 1.8.0, php-amqp needs a rabbitmq-c with openssl support:
https://github.com/pdezwart/php-amqp/issues/310
SSL support is disabled in rabbitmq-c if BR2_STATIC_LIBS is set however
don't add an unneeded !BR2_STATIC_LIBS dependency in Config.in as all
PHP External Extensions depends on !BR2_STATIC_LIBS
(see package/Config.in)
Fixes:
- http://autobuild.buildroot.net/results/b7c89bbbd0ca1df08dd7cbfc90c7b45dcf1fad05
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
- Remove all patches (already in version)
- Since version 0.18 (2016-12-07), there is no
'LibRaw Software License 27032010' licensing anymore (and all signed
agreements have expired). LibRaw is now dual-licensed: LGPL 2.1 or
CDDL 1.0
- Add hash for license files
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
In commit 7517aef4d (support/docker: limit the number of layers),
we reduced the number of layers by coalescing multiple RUN commands
into less commands.
In doing so, we especially coalesced "apt-get update" with "apt-get
install".
However, the distribution we used is a pinned version of stretch, so
we know that running apt-get update will always yield the same apt
database.
If we split the two apt-get commands, then we can re-use any local
intermediate image when we need to update the list of packages to
install; this helps quite a bit when testing the docker files over
and over again, with just slight variants in the packages list.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Cc: Peter Korsgaard <peter@korsgaard.com>
Reviewed-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
- Switch site to github
- Move to autotools infrastructure
- Remove patch (not needed anymore)
- Since version 1.4 (January 2016), license is now LGPL-2.1+
- Add hash for license file
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
When bumping to version 0.5.4, first patch was wrongly removed.
Put back an enhanced version of this patch (sent upstream)
Fixes:
- http://autobuild.buildroot.net/results/bea78bf580be6fe109b827b72af9587c5324daad
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bump the version and add hash for COPYING
Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Remove both patches (already in version)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Rebase the two patches on 18.1.1.
Convert 0001-musl.patch to git patch.
See:
https://lists.freedesktop.org/archives/mesa-dev/2018-June/196523.html
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix typo introduced with the bump to 18.0.4.
Commit f18ca0e7bb
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
All linux configs are renamed to a version neutral filename
to avoid further renaming on kernel bumps.
Defconfig Kernel Qemu Network Status
--------------------------------------------------------------
aarch64_virt 4.16.7 2.12.0 YES OK
arm_versatile 4.16.7 2.12.0 YES OK
arm_versatile_nommu 4.16.7 2.12.0 YES OK (3)
arm_vexpress 4.16.7 2.12.0 YES OK
m68k_mcf5208 4.16.7 2.12.0 YES OK
m68k_q800 4.16.7 q800-v2.11.0 NO (2) OK
microblazebe 4.16.7 2.12.0 YES OK
microblazeel 4.16.7 2.12.0 YES OK
mips32r2el_malta 4.16.7 2.12.0 YES OK
mips32r2_malta 4.16.7 2.12.0 YES OK
mips32r6el_malta 4.16.7 2.12.0 YES OK
mips32r6_malta 4.16.7 2.12.0 YES OK
mips64el_malta 4.16.7 2.12.0 YES OK
mips64_malta 4.16.7 2.12.0 YES OK
mips64r6el_malta 4.16.7 2.12.0 YES OK
mips64r6_malta 4.16.7 2.12.0 YES OK
nios2-10m50 4.16.7 2.12.0 NO OK
or1k 4.16.7 2.12.0 NO OK
ppc_g3beige 4.16.7 2.12.0 YES OK
ppc_mpc8544ds 4.16.7 2.12.0 YES OK
ppc_virtex_ml507 4.16.7 2.12.0 NO OK
ppc64_pseries 4.16.7 2.12.0 YES OK
ppc64le_pseries 4.16.7 2.12.0 YES OK
ppc64_e5500 4.16.7 2.12.0 YES OK
sh4 4.16.7 2.12.0 YES OK
sh4eb 4.16.7 2.12.0 NO (1) OK
sparc_ss10 4.16.7 2.12.0 YES OK
sparc64_sun4u 4.16.7 2.12.0 YES OK
x86 4.16.7 2.12.0 YES OK
x86_64 4.16.7 2.12.0 YES OK
xtensa_lx60 4.16.7 2.12.0 YES OK
xtensa_lx60_nommu 4.16.7 2.12.0 YES OK
(1) - Probably an endian issue with 8139 emulation/driver
(2) - There's a network interface, but enabling it in qemu fails
(3) - Kernel patch required, switched to devicetree usage
Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This issue only applies to kernels built with CONFIG_THUMB2=y, so reword the
comment to make that more clear.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit f13477b (linux: config.in: add comment for Arm Cortex-M) added a
comment so that the user that the linux kernel may miscompile with
binutils 2.29+, when the target is an armv7m CPU.
However, the real trigger is a compilation in thumb2 mode, which happens
to be the only option for armv7m CPUs.
We can't know whether the kernel will be built in arm or thumb2 mode,
though, because we do not have that information: it is only available in
the Linux' .config file, which we don;t have access to at the time we
run our menuconfig.
So, relax the conditions under which the comment is made, so that it
appears as soon as binutils are >= 2.29 (i.e. not 2.28, which is the
oldest we support) for ARM CPUs.
[Peter: reword comment]
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Christophe Priouzeau <christophe.priouzeau@st.com>
Cc: Laurent GONZALEZ <br22@gezedo.com>
Cc: Peter Korsgaard <peter@korsgaard.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit 17f352ac (package/binutils: default to 2.29 for Cortex-M targets)
made the default version 2.28 (and not 2.29!) when the target is an
arm-v7m CPU.
However, the real trigger is compilation in Thumb mode, not the fact
that the target is v7m.
The fact that it was noticed on a v7m target is because Thumb is the
only mode valid on those CPUs.
Tighten the defaults to 2.28 for Thumb and Thumb2 modes.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Laurent GONZALEZ <br22@gezedo.com>
Cc: Christophe Priouzeau <christophe.priouzeau@st.com>
Cc: Peter Korsgaard <peter@korsgaard.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This patch fixes the following error when trying to execute clang compiler
(host-variant):
CommandLine Error: Option 'x86-use-base-pointer' registered more than once!
LLVM ERROR: inconsistency in registered CommandLine options
The same happens for the other binaries, such as clang-format:
./clang-format
: CommandLine Error: Option 'help-list' registered more than once!
LLVM ERROR: inconsistency in registered CommandLine options
Clang binaries are tools, and given that DLLVM_LINK_LLVM_DYLIB is set,
they are linked against libLLVM.so. The problem is that binaries are
also linking against some LLVM static libraries, resulting in the error
shown above. However, it is not the same case for libclang, which is also
a tool but links only against libLLVM.so.
To fix this problem, add LLVM_DYLIB_COMPONENTS=all.
Signed-off-by: Valentin Korenblit <valentin.korenblit@smile.fr>
Tested-by: Joseph Kogut <joseph.kogut@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Since all cyclone5 development changes are upstream, change over to an
upstream release of the Linux kernel and u-boot for buildroot.
Signed-off-by: Florian La Roche <Florian.LaRoche@googlemail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit ef94c736ec)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This reverts commit 12049cc8b8.
Now that the binutils default has been changed for ARMv7M, this is no longer
needed.
Signed-off-by: Christophe Priouzeau <christophe.priouzeau@st.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This reverts commit cbe43fd417.
Now that the binutils default has been changed for ARMv7M, this is no longer
needed.
Signed-off-by: Christophe Priouzeau <christophe.priouzeau@st.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
When binutils > 2.28 are selected on Arm Cortex-M cpu,
linux kernel does not boot due to a new implementation
of 'adr pseudo instruction' on binutils.
Bugzilla thread: https://bugs.busybox.net/show_bug.cgi?id=11051
Signed-off-by: Christophe Priouzeau <christophe.priouzeau@st.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
binutils 2.29 changed the implementation of adr pseudo instruction
it breaks linux kernel and impacts Cortex-M targets (eg. stm32)
[Peter: simplify Config.in logic, adjust message to make it clear this is
just a default]
Signed-off-by: Laurent GONZALEZ <br22@gezedo.com>
Signed-off-by: Christophe Priouzeau <christophe.priouzeau@st.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>