Commit Graph

62753 Commits

Author SHA1 Message Date
Fabrice Fontaine
b49e3da1ab package/udpcast: fix build without pod2man
udpcast unconditionally build manpages which will raise the following
build failure without pod2man since at least bump to version 20200328 in
commit 4fb91d8b9d:

sh: line 1: pod2man: command not found

To fix this issue, rework how udpcast is built and installed to always
build and install the sender or the receiver and never build the
manpages. As a side effect, this will also avoid to install the unneeded
rateGovernor.h

Fixes:
 - http://autobuild.buildroot.org/results/ce602a09357e950d79794391cd4a852d565914f1

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2022-04-04 19:51:19 +02:00
Fabrice Fontaine
e3b8d098e4 package/postgresql: fix pkg-config without openssl
Fix the following build failure with libdbi-drivers raised since bump to
version 14.1 in commit c9bd029115 and
https://git.postgresql.org/gitweb/?p=postgresql.git;a=commit;h=beff361bc1edc24ee5f8b2073a1e5e4c92ea66eb:

configure: error: Package requirements (libpq) were not met:

Package 'libssl', required by 'libpq', not found
Package 'libcrypto', required by 'libpq', not found

Fixes:
 - http://autobuild.buildroot.org/results/415cb61a58b928a42623ed90b0b60c59032f0a4e

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2022-04-04 19:51:19 +02:00
Marcus Folkesson
e4b62f6308 package/libostree: bump to version 2022.2
Signed-off-by: Marcus Folkesson <marcus.folkesson@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2022-04-04 19:51:18 +02:00
Fabrice Fontaine
4e4739ca5a package/ed: bump to version 1.18
license has been switched back to GPL-2.0+:
https://lists.gnu.org/archive/html/bug-ed/2022-02/msg00002.html

https://lists.gnu.org/archive/html/bug-ed/2022-02/msg00000.html

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2022-04-04 19:35:40 +02:00
Fabrice Fontaine
10d80eb39a package/apr: fix CVE-2021-35940
An out-of-bounds array read in the apr_time_exp*() functions was fixed
in the Apache Portable Runtime 1.6.3 release (CVE-2017-12613). The fix
for this issue was not carried forward to the APR 1.7.x branch, and
hence version 1.7.0 regressed compared to 1.6.3 and is vulnerable to the
same issue.

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2022-04-04 19:35:40 +02:00
Peter Seiderer
94b5778c82 package/libcamera-apps: fix X11 preview compile (conversion from Window to EGLNativeWindowType)
- add 002-preview-fix-egl_preview-compile-conversion-from-Wind.patch

Fixes:

  .../build/libcamera-apps-2d1009e3badcc8047361ff81149ad6cba3b911b5/preview/egl_preview.cpp:329:69: error: invalid conversion from ‘Window’ {aka ‘long unsigned int’} to ‘EGLNativeWindowType’ {aka ‘fbdev_window*’} [-fpermissive]
    329 |         egl_surface_ = eglCreateWindowSurface(egl_display_, config, window_, NULL);
        |                                                                     ^~~~~~~
        |                                                                     |
        |                                                                     Window {aka long unsigned int}

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2022-04-04 19:35:40 +02:00
Bernd Kuhls
373f329476 package/dav1d: bump version to 1.0.0
Release notes:
https://code.videolan.org/videolan/dav1d/-/blob/master/NEWS

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2022-04-04 19:35:40 +02:00
Fabrice Fontaine
1a3de362ae package/libabseil-cpp: fix uclibc-ng build
Fix the following build failure with uclibc-ng and grpc raised on arm
and ppc:

/home/buildroot/autobuild/instance-0/output-1/host/opt/ext-toolchain/bin/../lib/gcc/arm-buildroot-linux-uclibcgnueabi/10.3.0/../../../../arm-buildroot-linux-uclibcgnueabi/bin/ld: /home/buildroot/autobuild/instance-0/output-1/host/arm-buildroot-linux-uclibcgnueabi/sysroot/usr/lib/libabsl_random_internal_randen_hwaes.so.2111.0.0: undefined reference to `getauxval'

Strangely enough it seems there is only one autobuilder failure despite
the fact that libabseil-cpp is unconditionally using getauxval since its
addition in commit 93568440ed:
https://github.com/abseil/abseil-cpp/blob/20200225/absl/random/internal/randen_detect.cc

Perhaps this build failure is an unexpected side effect of commit
8251d8c255

Fixes:
 - http://autobuild.buildroot.org/results/775f3ca3dedebff29e212b29dfa896b7613b7a02

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2022-04-04 19:27:00 +02:00
Bernd Kuhls
af457e6da3 package/stellarium: bump version to 0.22.0
Release notes:
http://stellarium.org/release/2022/03/27/stellarium-0.22.0.html

Added upstream patch to fix build error.

Added dependency to qt5charts following upstream commit:
5b8fece8d0 (diff-1e7de1ae2d059d21e1dd75d5812d5a34b0222cef273b7c3a2af62eb747f9d20aR487)

Added configure option to disable qt5webengine support, the package is
broken: https://bugs.busybox.net/show_bug.cgi?id=14681

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2022-04-04 19:16:42 +02:00
Fabrice Fontaine
8bcae68f37 package/upower: add gobject-introspection optional dependency
gobject-introspection is an optional dependency which is enabled by
default since
0d7bf34ed6

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2022-04-04 19:15:21 +02:00
Fabrice Fontaine
43991ac5e0 package/pango: fix empty-body
Fix the following build failure raised since bump to version 1.50.5 in
commit 68b0efbae4:

../utils/viewer-cairo.c: In function 'cairo_vector_view_create':
../utils/viewer-cairo.c:228:5: error: suggest braces around empty body in an 'if' statement [-Werror=empty-body]
     ;
     ^

Fixes:
 - http://autobuild.buildroot.org/results/dee3d631474f83b345f22eb26c59a305c32258f8

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2022-04-04 19:15:18 +02:00
Julien Olivain
d2fc098faa package/fluidsynth: bump to version 2.2.6
For change log since v2.2.5, see:
- https://github.com/FluidSynth/fluidsynth/releases/tag/v2.2.6

Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2022-04-04 19:15:16 +02:00
Fabrice Fontaine
3763c30214 package/wireshark: needs C++
wireshark needs C++ since switch to cmake-package in commit
7cb7fb8191:

CMake Error at CMakeLists.txt:32 (project):
  No CMAKE_CXX_COMPILER could be found.

Fixes:
 - http://autobuild.buildroot.org/results/1ce9bc2a2330e27dfaceae682139d222feb806ae

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2022-04-04 09:27:21 +02:00
Fabrice Fontaine
2eeb66a82b package/fluidsynth: needs C++
fluidsynth needs C++ since bump to version 2.2.0 in commit
7e02d2e762 and
0d98c47545:

CMake Error at CMakeLists.txt:32 (project):
  No CMAKE_CXX_COMPILER could be found.

Fixes:
 - http://autobuild.buildroot.org/results/fe677f7b38c8ed7011f1c976bdb45768067936f7

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2022-04-04 09:27:21 +02:00
Francois Perrad
3852f88c9a package/luaexpat: bump to version 1.4.0
moved under the hat of https://github.com/lunarmodules

remove upstream patch

diff LICENSE:
-The MIT License (MIT)
-Copyright (c) 2013 Tomás Guisasola
+Copyright (C) 2003-2007 The Kepler Project, 2013-2022 Matthew Wild

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2022-04-04 09:27:21 +02:00
James Hilliard
2490cc3052 package/cog: bump to version 0.12.4
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Acked-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2022-04-04 09:27:21 +02:00
Fabrice Fontaine
a8290f99a7 package/nbd: needs host-bison
host-bison is mandatory to avoid the following build failure since bump
to version 3.24 in commit bf2e459bb9 and
cd099ee7d0:

configure: error: bison is required

Fixes:
 - http://autobuild.buildroot.org/results/05872813c9e9b9f39f960fa9a33ad82dc124c808

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2022-04-04 09:27:21 +02:00
Fabrice Fontaine
0af793816d package/paho-mqtt-c: bump to version 1.3.10
Service release. Issues resolved:
https://github.com/eclipse/paho.mqtt.c/milestone/17?closed=1

https://github.com/eclipse/paho.mqtt.c/releases/tag/v1.3.10

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2022-04-04 09:27:21 +02:00
Fabrice Fontaine
d1fc278f6d Revert "package/tpm2-tss: bump version to 3.2.0"
This reverts commit ed13a65a08 as it
has the following non trivial issues:
 - pkgconfig files have no version number if we run autoreconf
   (https://github.com/tpm2-software/tpm2-tss/issues/2329) resulting in
   the following build failures with tpm2-{abrmd,pkcs11} or libsecret:

   configure: error: Package requirements (tss2-esys >= 2.0) were not met:

   Package dependency requirement 'tss2-esys >= 2.0' could not be satisfied.
   Package 'tss2-esys' has version '', required version is '>= 2.0'

 - addgroup/groupadd and adduser/useradd are mandatory since
   7fde604383:

    configure: error: addgroup or groupadd are needed.

It seems better to find an upstreamable solution to both issues before
bumping.

Fixes:
 - http://autobuild.buildroot.org/results/d4d6807af3493deb47951c6f11f427040e5c5e11
 - http://autobuild.buildroot.org/results/a304e45bacb8cd7e7ea9bc49e4a8ec9359ca0a3a
 - http://autobuild.buildroot.org/results/be0befa81e955ac8cf16f9d20723f9b9b174e012
 - http://autobuild.buildroot.org/results/d4ebee400423f6df51613193c86db3c58c94ff88

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2022-04-04 09:27:21 +02:00
Fabrice Fontaine
192dfc68c0 package/zlib-ng: fix build on powerpc
Handle WITH_POWER8 to fix the following build failure with powerpc and
libglib2 raised since bump to version 1.9.9-b1 in commit
1f7b12a0b4 and
b81f4ee96d:

/home/autobuild/autobuild/instance-9/output-1/host/lib/gcc/powerpc-buildroot-linux-musl/11.2.0/../../../../powerpc-buildroot-linux-musl/bin/ld: /home/autobuild/autobuild/instance-9/output-1/host/powerpc-buildroot-linux-musl/sysroot/usr/lib/libz.a(adler32_power8.c.o): in function `adler32_power8':
/home/autobuild/autobuild/instance-9/output-1/build/zlib-ng-2.0.6/arch/power/adler32_power8.c:106: undefined reference to `vec_sumsu'

Fixes:
 - http://autobuild.buildroot.org/results/f864a0e2307e25342b45c90a5b4fb57a0f5c1c93

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2022-04-03 22:36:42 +02:00
Fabrice Fontaine
2d806891cb package/xmrig: needs C++
xmrig needs C++ since its addition in commit
6f70990ccf:

CMake Error at CMakeLists.txt:2 (project):
  No CMAKE_CXX_COMPILER could be found.

Fixes:
 - http://autobuild.buildroot.org/results/48f4ff6dc8281ffa99a45401b5941b28f2c94bc2

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2022-04-03 22:28:18 +02:00
Fabrice Fontaine
ea6cc91be4 package/libyang: disable tests
Disable tests which are enabled by default in debug mode since bump to
version 2.0.0 in commit 2a3edc5e00 and
e84f12fc5e
as they will raise the following build failure if cmocka is built before
libyang:

In file included from /home/buildroot/autobuild/instance-0/output-1/host/riscv64-buildroot-linux-musl/sysroot/usr/include/stdint.h:20,
                 from /home/buildroot/autobuild/instance-0/output-1/host/opt/ext-toolchain/lib/gcc/riscv64-buildroot-linux-musl/10.3.0/include/stdint.h:9,
                 from /home/buildroot/autobuild/instance-0/output-1/build/libyang-2.0.112/src/libyang.h:18,
                 from /home/buildroot/autobuild/instance-0/output-1/build/libyang-2.0.112/tests/utests/utests.h:30,
                 from /home/buildroot/autobuild/instance-0/output-1/build/libyang-2.0.112/tests/utests/extensions/test_yangdata.c:15:
/home/buildroot/autobuild/instance-0/output-1/host/riscv64-buildroot-linux-musl/sysroot/usr/include/bits/alltypes.h:53:24: error: conflicting types for 'uintptr_t'
   53 | typedef unsigned _Addr uintptr_t;
      |                        ^~~~~~~~~

Fixes:
 - http://autobuild.buildroot.org/results/7ae21fbb28b1a69183c5d8ed87cf5f5cbf055026

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2022-04-03 22:24:50 +02:00
Fabrice Fontaine
58ab72bb83 package/libyang: drop unrecognized options
Commit 2a3edc5e00 forgot to drop
ENABLE_LYD_PRIV and GEN_PYTHON_BINDINGS options which are not recognized
anymore

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2022-04-03 22:24:48 +02:00
Fabrice Fontaine
b1d8008378 package/minizip: bump to version 3.0.5
This bump will fix the following build failure with zlib-ng thanks to
9184ba1216:

/home/autobuild/autobuild/instance-10/output-1/build/minizip-3.0.4/mz_crypt.c:19:14: fatal error: zlib-ng.h: No such file or directory
   19 | #    include "zlib-ng.h"
      |              ^~~~~~~~~~~

https://github.com/zlib-ng/minizip-ng/releases/tag/3.0.5

Fixes:
 - http://autobuild.buildroot.org/results/530fee780557941356dcd6aabb8cc9eb048574f3

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2022-04-03 22:23:27 +02:00
Fabrice Fontaine
f6b6e0b68b package/fetchmail: fix build with libressl
Fix the following build failure with libressl raised since bump to
version 6.4.29 in commit ba6fd52195 and
340d00bf99:

configure: error: fetchmail cannot legally be linked against LibreSSL for lack of GPL2 clause 2b exception. See COPYING.

Fixes:
 - http://autobuild.buildroot.org/results/95ca66091efa0dafb7c4e8e8c7da1f929ef32d76

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2022-04-03 22:12:05 +02:00
Stefan Agner
342631bed1 package/openocd: Allow to build BCM2835 on aarch64
Allow to build the BCM2835 bitbang interface on aarch64.

Signed-off-by: Stefan Agner <stefan@agner.ch>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2022-04-03 21:17:54 +02:00
Yann E. MORIN
158b062a42 package/linux-firmware: properly fix drivers names for iwl3945/iwl4965
In 7130bcb44c (package/linux-firmware: Add Intel WiFi
3945ABG/BG/4965AGN), I improperly fixed the two drivers names...

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2022-04-03 21:10:59 +02:00
Stefan Agner
7130bcb44c package/linux-firmware: Add Intel WiFi 3945ABG/BG/4965AGN
Add Intel WiFi 3945ABG/BG and 4965AGN firmware. This firmware is
required for the iwl4965 and iwl3945 kernel driver.

Signed-off-by: Stefan Agner <stefan@agner.ch>
[yann.morin.1998@free.fr: fix driver names in help texts]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2022-04-03 21:08:08 +02:00
Fabrice Fontaine
fccc96f6aa package/cppcms: bump to version 2.0.0-beta2
- Update indentation in hash file (two spaces)
- This bump will fix the following build failure if python2 is not
  available on host (while at it, add host-python3 dependency):

Traceback (most recent call last):
  File "/home/autobuild/autobuild/instance-4/output-1/build/cppcms-1.2.1/bin/cppcms_tmpl_cc", line 14, in <module>
    import StringIO
ModuleNotFoundError: No module named 'StringIO'

http://cppcms.com/wikipp/en/page/cppcms_2_0_whats_new

Fixes:
 - http://autobuild.buildroot.org/results/00482ee24deae95a91f8499f499b18e15f14b51a

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2022-04-03 21:03:13 +02:00
Fabrice Fontaine
9fb9c1e8df package/cppcms: add openssl optional dependency
openssl is an optional dependency since version 1.0.5 and
7cfdc9f703

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2022-04-03 21:03:11 +02:00
Fabrice Fontaine
32045a73a3 package/cppcms: libgcrypt is optional, not mandatory
If libgcrypt (or openssl) is not enabled, aes_encryptor is disabled

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2022-04-03 21:03:09 +02:00
Fabrice Fontaine
f413bf2c64 package/cppcms: zlib is optional, not mandatory
zlib is not mandatory since at least version 1.0.5 and
fc1c25f9c7

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2022-04-03 21:03:06 +02:00
Fabrice Fontaine
c49b46e9cc package/htop: use official tarball
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2022-04-03 20:57:18 +02:00
Fabrice Fontaine
dd6c4a9929 package/htop: fix hwloc static build
Fix the following static build failure with hwloc raised since commit
c83bf97206:

checking for hwloc_get_proc_cpubind in -lhwloc... no
configure: error: can not find required library libhwloc

Fixes:
 - http://autobuild.buildroot.org/results/5d815ec08c580005a863df6ac9ac29deff7d4128

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2022-04-03 20:56:42 +02:00
Fabrice Fontaine
a8289875b6 package/htop: fix sensors option
Commit 811846df48 wrongly used
--{with,without}-sensors instead of --{dis,en}able-sensors

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2022-04-03 20:56:39 +02:00
Romain Naour
5140d10bf6 package/python-{treq, twisted}: add a comment to use the same version
As reported by [1], python-twisted and python-treq must use the same
version because its the same project:

https://github.com/twisted/twisted
https://github.com/twisted/treq

We have to update python-treq to version 22.2.0 [2] otherwise we have
a runtime issue:

Traceback (most recent call last):
  File "/root/sample_python_treq.py", line 2, in <module>
    import treq
  File "/usr/lib/python3.10/site-packages/treq/__init__.py", line 5, in <module>
  File "/usr/lib/python3.10/site-packages/treq/api.py", line 5, in <module>
  File "/usr/lib/python3.10/site-packages/treq/client.py", line 11, in <module>
ImportError: cannot import name '_PY3' from 'twisted.python.compat' (unknown
location)

The comment should avoid forgeting one of them while upgrading or
backporting version bump.

[1] http://lists.busybox.net/pipermail/buildroot/2022-February/637505.html
[2] https://github.com/twisted/treq/releases/tag/release-22.2.0
[3] https://gitlab.com/buildroot.org/buildroot/-/jobs/2179206653

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2022-04-03 11:44:06 +02:00
Emile Cormier
5bea8c9521 package/pkg-python.mk: fix PEP517 paths
Use /usr target/staging prefix and / host prefix.

This allows the Python interpreter to find packages built via the new
Flit infrastructure.

Fixes: #14721

Signed-off-by: Emile Cormier <emile.cormier.jr@gmail.com>
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2022-04-03 10:24:59 +02:00
Peter Seiderer
15f76e16b3 package/apr-util: change URL from http to https
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2022-04-02 19:28:56 +02:00
Peter Seiderer
05f1a88f49 package/apr: change URL from http to https
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2022-04-02 19:28:20 +02:00
Markus Mayer
6626bf7c5f package: replace git:// URLs with https:// URLs where possible
Replace the remaining git:// URLs with their https:// equivalents as
this is more secure and also more palatable to corporate firewalls.

Signed-off-by: Markus Mayer <mmayer@broadcom.com>
[yann.morin.1998@free.fr: convert dahdi-linux too]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2022-04-02 19:21:57 +02:00
Thomas Petazzoni
bd1798ad95 support/scripts/pkg-stats: reimplement CPE parsing in pkg-stats
pkg-stats currently uses the services from support/scripts/cpedb.py to
match the CPE identifiers of packages with the official CPE database.

Unfortunately, the cpedb.py code uses regular ElementTree parsing,
which involves loading the full XML tree into memory. This causes the
pkg-stats process to consume a huge amount of memory:

thomas   1310458 85.2 21.4 3708952 3450164 pts/5 R+   16:04   0:33  |   |   \_ python3 ./support/scripts/pkg-stats

So, 3.7 GB of VSZ and 3.4 GB of RSS are used by the pkg-stats
process. This is causing the OOM killer to kick-in on machines with
relatively low memory.

This commit reimplements the XML parsing needed to do the CPE matching
directly in pkg-stats, using the XmlParser functionality of
ElementTree, also called "streaming parsing". Thanks to this, we never
load the entire XML tree in RAM, but only stream it through the
parser, and construct a very simple list of all CPE identifiers. The
max memory consumption of pkg-stats is now:

thomas   1317511 74.2  0.9 381104 152224 pts/5   R+   16:08   0:17  |   |   \_ python3 ./support/scripts/pkg-stats

So, 381 MB of VSZ and 152 MB of RSS, which is obviously much better.

The JSON output of pkg-stats for the full package set, before and after
this commit, is exactly identical.

Now, one will probably wonder why this isn't directly changed in
cpedb.py. The reason is simple: cpedb.py is also used by
support/scripts/missing-cpe, which (for now) heavily relies on having
in memory the ElementTree objects, to re-generate a snippet of XML
that allows us to submit to NIST new CPE entries.

So, future work could include one of those two options:

 (1) Re-integrate cpedb.py into missing-cpe directly, and live with
     two different ways of processing the CPE database.

 (2) Rewrite the missing-cpe logic to also be compatible with a
     streaming parsing, which would allow this logic to be again
     shared between pkg-stats and missing-cpe.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
[yann.morin.1998@free.fr:
  - add missing import of requests
  - import CPEDB_URL from cpedb, instead of duplicating it
  - fix flake8 errors
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2022-04-02 19:14:17 +02:00
Thomas Petazzoni
387c496b98 support/scripts/pkg-stats: add a timeout on HTTP requests for upstream URLs
Some upstream sites are very slow to respond, and the default timeout
of 300 seconds of the aiohttp.ClientSession() is too long. Let's
reduce it to 15 seconds.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2022-04-02 16:36:09 +02:00
Thomas Petazzoni
1adcf56598 support/scripts/pkg-stats: allow disabling package warnings retrieval
This is useful when debugging/developing the pkg-stats script.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2022-04-02 16:34:37 +02:00
Thomas Petazzoni
cd8a576c6d support/scripts/pkg-stats: allow disabling CPE matching
This is useful when debugging/developing the pkg-stats script.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2022-04-02 16:34:07 +02:00
Bernd Kuhls
2120113026 package/kodi-pvr-mythtv: bump version to 19.0.8-Matrix
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2022-03-31 17:53:54 +02:00
Fabrice Fontaine
ae699d7f9a package/python-paramiko: security bump to version 2.10.3
Fix CVE-2022-24302: Creation of new private key files using PKey
subclasses was subject to a race condition between file creation & mode
modification, which could be exploited by an attacker with knowledge of
where the Paramiko-using code would write out such files.

https://github.com/paramiko/paramiko/blob/2.10.3/sites/www/changelog.rst

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2022-03-31 17:53:10 +02:00
Bernd Kuhls
a7fa40a9c1 package/libzlib: security bump version to 1.2.12
Fixes CVE-2018-25032.

Release notes:
http://madler.net/pipermail/zlib-announce_madler.net/2022/000012.html

Changelog: https://github.com/madler/zlib/blob/master/ChangeLog

Added upstream patch to fix build error.

Updated license hash due to version bump, reformatted hashes:
21767c654d

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2022-03-31 17:50:28 +02:00
Lang Daniel
1506ff275b package/dbus-cxx: bump to version 2.2.0
- License has been changed from GPL to LGPL or BSD-3-Clause
- Drop upstream patches

Signed-off-by: Daniel Lang <d.lang@abatec.at>
[Arnout: license is actually LGPL-3.0+, not LGPL-3.0]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2022-03-28 21:51:00 +02:00
Quentin Schulz
1da911cbde package/qt5wayland: fix compilation when libxkbcommon is disabled
When libxkbcommon is disabled, QT_CONFIG(xkbcommon) is not defined which
means the variable and function pointer in this patch are compiled out
from the header, but the cpp code actually still made use of it. This
patch fixes the build issue when libxkbcommon package is not to be
built.

This patch was taken from (merged):
https://codereview.qt-project.org/c/qt/qtwayland/+/344916

Cc: Quentin Schulz <foss+buildroot@0leil.net>
Signed-off-by: Quentin Schulz <quentin.schulz@theobroma-systems.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2022-03-28 21:51:00 +02:00
Quentin Schulz
ba8f35eda6 package/qt5base: fix race with libxkbcommon
qt5wayland package currently has a bug if the xkbcommon Qt config is not
enabled which highlighted a race issues between qt5base, libxkbcommon
and qt5wayland.

qt5wayland has a dependency on libxkbcommon package if it's enabled.
qt5base only has a dependency on libxkbcommon if xcb support is to be
enabled.

If libxkbcommon package is built before qt5base, qt5base will detect it
during its configure step and enable the Qt config accordingly. This
will make it available to qt5wayland afterwards, even if xcb support is
not enabled in Buildroot Kconfig.

However, if qt5base is built before libxkbcommon is, qt5base will not
advertise support of xbcommon feature to qt5wayland (which will fail its
build because of a bug in the source code).

Since the package build order should not impact the outcome of the
build, let's explicit the dependency if and only if libxkbcommon package
is to be compiled at some point in time so that at least this feature is
not susceptible to races.

Move the xkbcommon entries out of the BR2_PACKAGE_QT5BASE_XCB condition,
instead make them depend on BR2_PACKAGE_LIBXKBCOMMON. Since
BR2_PACKAGE_QT5BASE_XCB selects BR2_PACKAGE_LIBXKBCOMMON they are still
included if xcb is selected.

Cc: Quentin Schulz <foss+buildroot@0leil.net>
Signed-off-by: Quentin Schulz <quentin.schulz@theobroma-systems.com>
[Arnout: remove the already existing xkbcommon entries]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2022-03-28 21:49:39 +02:00