Commit Graph

49284 Commits

Author SHA1 Message Date
Adam Duskett
f58ffc49ce package/python-django: bump to version 3.0
Other changes:
  - Select BR2_PACKAGE_PYTHON_ASGIREF as a new runtime dependency.
  - Select BR2_PACKAGE_PYTHON_SQLPARSE as a new runtime dependency.

Signed-off-by: Adam Duskett <aduskett@greenlots.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-12-05 23:00:47 +01:00
Eugen Hristev
8064095332 configs/atmel: use tarballs to fetch U-Boot and at91bootstrap
Use tarballs for U-Boot and at91bootstrap instead of cloning the
repositories.

Signed-off-by: Eugen Hristev <eugen.hristev@microchip.com>
Acked-by: Ludovic Desroches <ludovic.desroches@microchip.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-12-05 22:54:00 +01:00
Giulio Benetti
f8c2ed0f17 package/libnspr: bump to version 4.24
All patches have been upstreamed so remove them.

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-12-05 22:51:11 +01:00
Adrian Perez de Castro
39d35a48e9 package/libepoxy: bump to version 1.5.4
This release contains two minor improvements (smaller library size, and
updates to the GL registry), plus a couple of build fixes which are not
relevant for Buildroot (one for Solaris; another for unit tests, which
we do not build):

  https://github.com/anholt/libepoxy/releases/tag/1.5.4

Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-12-05 22:43:46 +01:00
Fabrice Fontaine
ba34e47004 package/php: properly propagate libargon2 dependencies
Fixes:
 - http://autobuild.buildroot.org/results/72412a68da44d7ecc87656436a17542cafcf1f95

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-12-05 22:28:01 +01:00
Tudor Holton
c55fe54d8a package/openjdk: use official hg.openjdk.java.net repository
Since Java 11 (and possibly earlier), OpenJDK now has its own official
repository at hg.openjdk.java.net which is referenced in all OpenJDK
documentation.  This patch brings buildroot into line with that
source, reducing the opportunity for code injection, and allowing
consistent patching both across projects and for patches specific to
buildroot environments.

diff -ru shows that the only changes between the downstream and upstream files at
this point in time is the addition of a .hg_archive.txt file,  containing:

repo: fd16c54261b32be1aaedd863b7e856801b7f8543
node: 7b6accc7c009304dd2979ea16c1cb15bf749a1fc
branch: default
tag: jdk-12.0.2+10
tag: jdk-12.0.2-ga

This does, however, change the hash for the tar.gz file (but not for the license).

With respect to the concern regarding upstream hash consistency, we have now been
using these archives for just over a year (since OpenJDK 11) and we haven't seen an
archive hash change in that time.  This was a vast improvement on the previous
Mercurial forest.  /archive is exactly as is sounds.  It's an archive that doesn't
change, which is why it effectively negates the need for a "downstream" mirror.

Tests completed successfully (which is not surprising since there are no code changes here):

$ ./support/testing/run-tests -d ./dl/ -k -o test_dir tests.package.test_openjdk.TestOpenJdk
14:35:25 TestOpenJdk                              Starting
['Hello, World']
['Test: Get JNI Version passed', 'Test: Read Native String Constant passed', 'Test: Write Java String to Native Library passed', 'Test: Write Java Char Array to Native Library passed', 'Test: Write String Member to Native Library passed', 'Test: Set String Member from Native Library passed', 'Test: Execeute Java Function from Native Library passed', 'Test: Instantiate Java Class passed', 'Test: Call Native Library to Set System Time passed']
14:35:46 TestOpenJdk                              Cleaning up
.
----------------------------------------------------------------------
Ran 1 test in 20.614s

OK

Signed-off-by: Tudor Holton <tudor@tudorholton.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-12-05 21:59:47 +01:00
Titouan Christophe
ccf67ebe3b package/rauc: select fw_printenv for uboot based systems
When operating on a uboot based system, rauc interacts with
the bootloader environment using fw_printenv and fw_setenv [1].

These commands should therefore be present on the target if
the system being built uses uboot.

[1] See:
https://github.com/rauc/rauc/blob/v1.2/src/bootchooser.c#L21-L22
https://github.com/rauc/rauc/blob/v1.2/src/bootchooser.c#L644-L645

Signed-off-by: Titouan Christophe <titouan.christophe@railnova.eu>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-12-05 21:38:01 +01:00
Giulio Benetti
dec2e0449d package/python-brotli: fix build failure due to gcc bug 68485
The python-brotli package exhibits gcc bug 68485 when built for the
Microblaze architecture with optimization enabled, which causes a build
failure.

As done for other packages in Buildroot work around this gcc bug by
setting optimization to -O0 if BR2_TOOLCHAIN_HAS_GCC_BUG_68485=y.

Fixes:

http://autobuild.buildroot.net/results/24b/24b23175ab27615fb377bb4d5f6c656dccf10a86/

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-12-05 21:37:01 +01:00
Angelo Compagnucci
d1f1947af1 package/pkg-kconfig: fix reconfigure for kconfig packages
Commit 4b81badbcc

    Currently, calling foo-reconfigure for a kconfig-based package will not
    re-trigger the configuration (kconfig-wise) step for the package.

was supposed to solve this problem and lately we had

Commit 05fea6e4a6

    infra/pkg-kconfig: do not rely on package's .config as a timestamp

that introduced the .stamp_dotconfig file.

For this reason, to trigger a kconfig package reconfigure is now
necessary to remove the .stamp_dotconfig file.

Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-12-05 21:32:58 +01:00
Adam Duskett
a991a6c834 package/mender: bump to version 2.1.2
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-12-05 21:28:38 +01:00
Adam Duskett
c20a107c15 package/mender-artifact: bump to version 3.2.1
Other changes:
  - Add a sha256sum for LIC_FILES_CHKSUM.sha256
  - Remove duplicated license file vendor/github.com/stretchr/testify/LICENSE

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-12-05 21:28:31 +01:00
Thomas Petazzoni
e6bbb78577 utils/genrandconfig: test per-package directories
Now that the support for per-package directories has been merged, it
is time to get some exposure for it in the autobuilders, so let's
build 1 out of 15 builds with this feature enabled, at least as an
initial step.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2019-12-05 10:30:48 +01:00
Adam Duskett
600132f8c0 support/testing: add python-gobject test
Add a simple test case that imports the module.

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2019-12-03 23:49:34 +01:00
Adam Duskett
4a392d1678 package/python-gobject: depend on python2
Version 2.86.6 of python-gobject is quite old and no longer works with
Python versions > 3.7. When importing a user will recieve the following error:

Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
  File "/usr/lib/python3.8/site-packages/gobject/__init__.py", line 26, in
  <module>
  File "/usr/lib/python3.8/site-packages/glib/__init__.py", line 22, in <module>
SystemError: initialization of _glib raised unreported exception

Because new versions of python-gobject require gobject-introspection, which is
not currently available in Buildroot, add a dependency on python2 to prevent
users from receiving the above error.

Fixes: https://bugs.busybox.net/show_bug.cgi?id=12286

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2019-12-03 23:49:05 +01:00
Francois Perrad
49b3a66be6 utils/scancpan: follow Perl version
linked to https://git.busybox.net/buildroot/commit?id=01134ca99a2c83932aee42984c81e51cc0428425

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2019-12-03 23:12:38 +01:00
Simon Rowe
e4732222e4 package/tini: compile executable static
One usecase for tini is as the init process for a container which has
a single executable and no C runtime library. It therefore needs to be
independent of any C runtime library within the container.

Previously, we didn't build statically to avoid problems with
BR2_SHARED_LIBS=y. However, it turns out that tini can successfully link
statically even with glibc and BR2_SHARED_LIBS=y, because libc.a is
still included in staging, and tini doesn't use any NSS functionality.

Signed-off-by: Simon Rowe <simon.rowe@citrix.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2019-12-03 23:03:25 +01:00
Pascal de Bruijn
d79bab065e package/postgresql: fix minor typo
pgsql as a tool does not exist, it's called psql

Signed-off-by: Pascal de Bruijn <p.debruijn@unilogic.nl>
Reviewed-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2019-12-03 23:02:00 +01:00
Thomas Petazzoni
5cfe5d7897 utils/genrandconfig: fix runtime issue with Python 3
With Python 3.7, genrandconfig fails with:

'str' object has no attribute 'decode'

We are already working on str objects, and there is no need to decode
them, so we drop the call to decode_byte_list() and its definition as
it was only used there.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2019-12-03 23:00:01 +01:00
Fabrice Fontaine
99767380ed package/alsa-lib: fix build without mixer
Fixes:
 - http://autobuild.buildroot.org/results/4d91c9f82a2a61c50c457a851073b85cc09ea345

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2019-12-03 22:51:46 +01:00
Peter Korsgaard
191c510ebb package/webrtc-audio-processing: bump to version 0.3.1
Drop 0001-configure.ac-fix-architecture-detection.patch as it is now
upstream.  Aarch64 is now supported, so update _ARCH_SUPPORTS to match.

Add a hash for the license file.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-12-03 08:32:26 +01:00
Pierre-Jean Texier
3a417b928c package/alsa-lib: bump to version 1.2.1.1
Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-12-03 08:17:13 +01:00
Pierre-Jean Texier
337bdb2b44 package/alsa-utils: bump to version 1.2.1
Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-12-03 08:17:05 +01:00
Viktar Palstsiuk
b376b91a36 configs/nanopi_neo: update kernel to 5.3 and u-boot to 2019.10
Signed-off-by: Viktar Palstsiuk <viktar.palstsiuk@promwad.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-12-03 08:14:24 +01:00
Viktar Palstsiuk
e3e31ad84b configs/nanopi_neo: remove custom post-build/post-image script
Instead use the generic infrastructure for u-boot scripts and genimage.

Signed-off-by: Viktar Palstsiuk <viktar.palstsiuk@promwad.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-12-03 08:13:36 +01:00
Fabrice Fontaine
5e321ccf07 package/cmocka: fix build on riscv64
Fixes:
 - http://autobuild.buildroot.org/results/30922c18150ea62aefe123d1b7cd1444efab963f

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Reviewed-by: Joel Carlson <JoelsonCarl@gmail.com>
Tested-by: Joel Carlson <JoelsonCarl@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-12-03 08:11:09 +01:00
Fabrice Fontaine
a94e62aa6e package/nss-mdns: disable tests
Disable tests that depend on check and have been added in version 0.11
with
7b649a3283

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-12-02 22:25:38 +01:00
Fabrice Fontaine
a1776d0ea5 package/nss-mdns: bump to version 0.14.1
Switch site to https://github.com/lathiat/nss-mdns to retrieve latest
version

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-12-02 22:25:17 +01:00
Fabrice Fontaine
059dc6887d package/kyua: bump to version 0.13
COPYING was renamed into LICENSE since version 0.12 and
db509f9d9e

So update KYUA_LICENSE_FILES and add hash for LICENSE file

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-12-02 22:24:26 +01:00
Pierre-Jean Texier
e0e65f83e1 configs/warp7: Bump the kernel version
Bump the kernel to version 5.4.1

Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-12-02 22:23:58 +01:00
Francois Perrad
af4d9d761a package/moarvm: bump to version 2019.11
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-12-02 22:23:04 +01:00
Fabrice Fontaine
93013e9b85 package/gr-osmosdr: bump to version 0.1.5
Add hash for license file

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-12-02 22:22:44 +01:00
Fabrice Fontaine
63d0762ab7 package/rabbitmq-c: security bump to version 0.10.0
Add additional input validation to prevent integer overflow when parsing
a frame header. This addresses CVE-2019-18609.

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-12-02 22:22:29 +01:00
Peter Korsgaard
6340272e88 package/python-django: security bump to version 2.2.8
Fixes the following security vulnerabilities:

- CVE-2019-19118: Privilege escalation in the Django admin

Additionally, 2.2.8 (and 2.2.7) fixes a number of bugs and adds python 3.8
support.

For more details, see the release notes:
https://docs.djangoproject.com/en/dev/releases/2.2.8/

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-12-02 22:22:19 +01:00
Adrian Perez de Castro
0f4bdc8fd1 package/bubblewrap: new package
Bubblewrap is a sandboxing tool based on kernel namespaces, typically
used as lower-level infastructure by other end-user tools e.g. Flatpak.

https://github.com/containers/bubblewrap

Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
[Peter: needs mmu and !musl toolchain]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-12-02 17:27:30 +01:00
Romain Naour
a4d38f029f package/binutils: remove version 2.30
Now that binutils 2.33.1 has been introduced, and we have moved to
2.32 as the default version, it is time to drop support for binutils
2.30.

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-12-02 13:57:11 +01:00
Romain Naour
cac5d01ce6 package/binutils: switch to use 2.32 as the default version
Now that binutils 2.33.1 has been released, it is time to move to
binutils 2.32 as the default binutils version, instead of 2.31.1.

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-12-02 13:50:10 +01:00
Romain Naour
7eee918ba3 package/binutils: add binutils 2.33.1
Keep sh-conf and poison-system-directories patches.
Remove xtensa patches already in this version [1] [2] [3].

Revert an upstream patch since it prevent booting a sh4 system under
Qemu as reported on the Binutils mailing list [5] [6].
This commit is not related to sh4, it's weird that it is the
only affected architecture.

[1] https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;a=commitdiff;h=2487ef07c28b961c6e2b8c51161f88f93b181d07
[2] https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;a=commitdiff;h=403b0b61f6d4358aee8493cb1d11814e368942c9
[3] https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;a=commitdiff;h=548791769dc737f05cb12e5ee4190b7e853beac9
[4] https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;a=commitdiff;h=ebd2263ba9a9124d93bbc0ece63d7e0fae89b40e
[5] https://sourceware.org/ml/binutils/2019-10/msg00105.html
[6] https://sourceware.org/ml/binutils/2019-11/msg00407.html

See:
https://www.sourceware.org/ml/binutils/2019-10/msg00103.html

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-12-02 13:45:19 +01:00
Michael Vetter
332a851a08 package/jasper: Apply fix for CVE-2018-19540
Add 0003-test-asclen-CVE-2018-19540.patch:
If txtdesc->asclen is < 1, the array index of
txtdesc->ascdata will be negative which causes the heap based overflow.

Patch was proposed upstream[1] but upstream is very inactive. Linux
distributions use the same fix to patch their packages.

1: https://github.com/mdadams/jasper/pull/198
Signed-off-by: Michael Vetter <jubalh@iodoru.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-12-02 13:40:00 +01:00
Michael Vetter
61703b82cd package/jasper: Apply fix for CVE-2018-19542
Add 0002-check-null-in-jp2_decode.patch:

Patch was proposed upstream[1] but upstream is very inactive.
Linux distributions use the same fix to patch their packages.

1: https://github.com/mdadams/jasper/pull/200
Signed-off-by: Michael Vetter <jubalh@iodoru.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-12-02 13:39:42 +01:00
Michael Vetter
fddee3cf74 package/jasper: Apply fix for CVE-2018-19541
Add 0001-verify-data-range-CVE-2018-19541.patch:
We need to verify the data is in the expected range. Otherwise we get
problems later.

Patch was proposed upstream[1] but upstream is very inactive. Linux
distributions use the same fix to patch their packages.

1: https://github.com/mdadams/jasper/pull/211
Signed-off-by: Michael Vetter <jubalh@iodoru.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-12-02 13:39:33 +01:00
Carlos Santos
3b1d9f74c7 board/pc/post-image-efi.sh: fail on any error
As already done in post-build.sh, to prevent hiding errors.

Signed-off-by: Carlos Santos <unixmania@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-12-02 12:47:47 +01:00
Michael Vetter
cf36b7c3ac DEVELOPERS: add Michael Vetter for libstrophe
Signed-off-by: Michael Vetter <jubalh@iodoru.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-12-02 12:47:18 +01:00
Alexander Lukichev
a191ae4b90 DEVELOPERS: change email address for Alexander Lukichev
Signed-off-by: Alexander Lukichev <alexander.lukichev@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-12-02 12:43:11 +01:00
Alexander Lukichev
071166c558 package/openpgm: drop release- prefix to match release-monitoring.org
Autobuild has a "version bump" checker that sends message to a package
maintainer if its declared version does not match the latest one on
release-monitoring.org.  In case of openpgm the version _is_ the latest one,
but a mismatch is caused by including a "release-" prefix into tags on
upstream and excluding them on other websites when referring to the
package's version.

This also fixes sha256 value for the downloaded archive.

Signed-off-by: Alexander Lukichev <alexander.lukichev@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-12-02 12:42:28 +01:00
Romain Naour
c0719217e1 package/gcc: bump to version 7.5.0
Remove upstream patch [1]
1002-xtensa-backport-fix-for-PR-target-90922.patch

[1] 0110ab63c0

See:
https://gcc.gnu.org/ml/gcc/2019-11/msg00099.html

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-12-02 12:16:11 +01:00
Peter Korsgaard
b5fd68a454 {linux, linux-headers}: bump 5.4 series to 5.4.1
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-12-02 12:14:10 +01:00
Marcus Folkesson
9e000606c3 {linux, linux-headers}: add version 5.4
Signed-off-by: Marcus Folkesson <marcus.folkesson@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-12-02 11:47:43 +01:00
Peter Korsgaard
7b24bd59c8 Merge branch 'next'
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-12-02 09:39:41 +01:00
Peter Korsgaard
14ec220df3 Kickoff 2020.02 cycle
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-12-02 08:57:02 +01:00
Peter Korsgaard
a4ff0817c5 docs/website/news.html: add 2019.11 announcement link
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-12-01 23:05:50 +01:00