Commit Graph

56493 Commits

Author SHA1 Message Date
Giulio Benetti
bf89616368 package/belle-sip: fix build failure due to gcc bug 99410
The belle-sip package exhibits gcc bug 99410 when built for the Nios2
architecture with optimization enabled, which causes a build failure.

As done for other packages in Buildroot work around this gcc bug by
setting optimization to -O0 if BR2_TOOLCHAIN_HAS_GCC_BUG_99410=y.

Fixes:
http://autobuild.buildroot.net/results/71f26fd81db8e9b19b3f18f3f3cefd9c768f094f/

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-03-06 16:46:46 +01:00
Giulio Benetti
d667267b8f toolchain: introduce BR2_TOOLCHAIN_HAS_GCC_BUG_99410
belle-sip package fails to build for the Nios2 architecture with
optimization enabled with gcc < 8.x:
http://autobuild.buildroot.net/results/71f26fd81db8e9b19b3f18f3f3cefd9c768f094f/

It's been reported upstream:
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=99410

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-03-06 16:46:28 +01:00
Giulio Benetti
830fb82822 package/asterisk: fix build failure due to gcc bug 93847
The asterisk package exhibits gcc bug 93847 when built for the Nios2
architecture with optimization enabled, which causes a build failure.

As done for other packages in Buildroot work around this gcc bug by
setting optimization to -O0 if BR2_TOOLCHAIN_HAS_GCC_BUG_93847=y.

Fixes:
http://autobuild.buildroot.net/results/24c0a6ca3b272711a1e6ceaa033925182d0d49c4

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-03-06 16:39:50 +01:00
Giulio Benetti
eaba3c8e13 package/asterisk: remove default -O3 optimization flag
Actually asterisk package gets built with -O3 cflag since it's defaulted
into its sources, but it's not what we want, so let's empty its OPTIMIZE
Makefile variable letting Buildroot CFLAGS to take place instead.

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-03-06 16:39:34 +01:00
Thomas De Schampheleire
b4df526ce3 package/openblas: respect the optimization level specified by Buildroot
openblas internally sets -O2, after the flags being passed by Buildroot
(e.g. -Os).

Patch openblas to let the Buildroot-specified flag survive.

Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-03-06 16:35:44 +01:00
Thomas De Schampheleire
a0508b5705 package/openblas: strip any optimization flag where needed
openblas strips off -O1-O3 for certain source files, but forgets to handle
-Os, -Og and -O. This means that the intended effect of 'no optimization' is
not always reached.

Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-03-06 16:34:13 +01:00
Thomas De Schampheleire
2793167b57 package/openblas: fix build failure due to forced FFLAGS
Buildroot specifies a value for FFLAGS on the make command-line.
While the openblas makefiles allowed this principle for the most part by
using 'override FFLAGS += ....', the make.inc file generated for the shipped
'lapack' sources just used a 'FFLAGS = ...' statement, whose value is then
eclipsed by the command-line FFLAGS.

This meant that -fPIC may be passed to the link step but not to all relevant
source files, causing relocation failures.

Fixes: http://autobuild.buildroot.net/results/d530db0f37e1e0462e3af1e1787e15f94ff21884/
Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-03-06 16:33:10 +01:00
Fabrice Fontaine
11ac2ab581 package/libeXosip2: fix build with libressl
Build with libressl is broken since version 5.1.0 and
https://git.savannah.nongnu.org/cgit/exosip.git/commit/?id=d7488b7bbf59870192372384ef338a44be23e888

For an unknown reason, we only have one autobuilder failure with version
5.2.0

Fixes:
 - http://autobuild.buildroot.org/results/89d8d4ba99d6dcc1618cf6b5302c124a92d75be9

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-03-06 16:27:42 +01:00
Peter Seiderer
32b27fd1ac package/rust-bin: add i586 download hash
Fixes:

  - https://bugs.busybox.net/show_bug.cgi?id=13576

  ERROR: No hash found for rust-std-1.48.0-i586-unknown-linux-gnu.tar.xz

Reported-by: ingineru_de_sistem@yahoo.com
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-03-06 14:39:35 +01:00
Giulio Benetti
123ad9c722 package/libgeos: disable package while building for Nios II
This package fails to build with Nios II up to gcc version 10.x and no
work around has been found. So let's disable it whil building for Nios
II.

Fixes:
http://autobuild.buildroot.net/results/a05fdf1958f93a206c5c66c7f636b6650683626d

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-03-06 11:20:03 +01:00
Fabrice Fontaine
ad97d01b84 package/expat: update CPE variables
libexpat:expat has been replaced by libexpat_project:libexpat:
  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Alibexpat_project%3Alibexpat

  <cpe-item name="cpe:/a:libexpat:expat:2.2.10" deprecated="true" deprecation_date="2021-01-25T15:44:50.537Z">
    <title xml:lang="en-US">libexpat Expat 2.2.10</title>
      <reference href="https://github.com/libexpat/libexpat/">Version</reference>
    <cpe-23:cpe23-item name="cpe:2.3🅰️libexpat:expat:2.2.10:*:*:*:*:*:*:*">
        <cpe-23:deprecated-by name="cpe:2.3🅰️libexpat_project:libexpat:2.2.10:*:*:*:*:*:*:*" type="NAME_CORRECTION"/>

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-03-06 11:19:03 +01:00
Fabrice Fontaine
87c9fd60d4 package/libmodsecurity: add CPE variables
cpe:2.3🅰️trustwave:modsecurity is a valid CPE identifier for this
package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Atrustwave%3Amodsecurity

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-03-06 11:18:24 +01:00
Asaf Kahlon
d64a905d9f package/python{3}-pyyaml: switch to setuptools
Since version 5.4.0 pyyaml uses setuptools (see
https://github.com/yaml/pyyaml/blob/master/CHANGES)

Fixes:
  - http://autobuild.buildroot.net/results/bc36ae51a1e4d70c5fd2a3eb4b458aba4220f2dc

Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-03-06 11:17:29 +01:00
Yann E. MORIN
b83184de67 package/libjpeg: switch to s.b.o. as source site
Fixes #13581

The tarball for version 9d, released 2020-01-12, has been silently
replaced upstream (a unicode BOM was removed from a few files),
causing hash mismatch.

This means that all our versions since 2020.02 will fail the hash
check, and fallback to using s.b.o. so we can't update the copy we
have on s.b.o.

As a consequence, we can't update the hash in master (soon 2021.02)
otherwise it would not match what we have on s.b.o.

This means that users will see hash mismatch by default, which is not
very nice. Although we can't do anything for all previous releases,
we can still try to paper over the problem for the future ones, like
2021.02, by switching the upstream to be s.b.o.

Sigh... :-(

Reported-by: Nick Shaforostov <mshaforostov@airmusictech.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Cc: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-03-06 11:11:59 +01:00
Michael Vetter
5742a0f33e package/jasper: bump version to 2.0.26
Changes:
* Fix JP2 decoder bug that can cause a null pointer dereference for
  some invalid CDEF boxes. (#268)

Signed-off-by: Michael Vetter <jubalh@iodoru.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-03-05 23:30:50 +01:00
Fabrice Fontaine
941fccf376 package/kismet: fix uclibc build
Fixes:
 - http://autobuild.buildroot.org/results/1c2885d75219aabadbb66ab66fe0dc4b4346ff1e

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-03-05 23:27:29 +01:00
Fabrice Fontaine
6c6840049b package/dhcpcd: fix build on m68k
Fixes:
 - http://autobuild.buildroot.org/results/56301b566e210f06ac581e04ad1ec2ca3f9b7103

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-03-05 23:23:39 +01:00
Fabrice Fontaine
f70a50423f package/libshout: disable tools
This will fix static build of libshout in version 2.4.5 with openssl
(tools were added by
34a535bdbb)

Fixes:
 - http://autobuild.buildroot.net/results/a6b/a6b7df5d4b4bccbfe54f3173365e88d849ed0e30/

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-03-05 23:21:43 +01:00
Bartosz Bilas
b5e8f1c147 package/janet: add -std=c99 to CFLAGS
As upstream says Janet should be compiled with -std=c99
so pass this in order to fix the failures below.

Fixes:
 http://autobuild.buildroot.net/results/192/1922ec115b9dc9e879760a6868969d9677093510/build-end.log
 ...
 http://autobuild.buildroot.net/results/355/355e0992338a8d132050517f83a3884606b00529/build-end.log

Signed-off-by: Bartosz Bilas <b.bilas@grinn-global.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-03-05 23:15:17 +01:00
Fabrice Fontaine
8d2c4f696c package/sdl2: update SDL2_CPE_ID_PRODUCT
libsdl:sdl has been replaced by libsdl:simple_directmedia_layer:
  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Alibsdl%3Asimple_directmedia_layer

  <cpe-item name="cpe:/a:libsdl:sdl:2.0.12" deprecated="true" deprecation_date="2021-02-08T18:56:07.243Z">
      <reference href="https://www.libsdl.org/release/">Version</reference>
    <cpe-23:cpe23-item name="cpe:2.3🅰️libsdl:sdl:2.0.12:*:*:*:*:*:*:*">
        <cpe-23:deprecated-by name="cpe:2.3🅰️libsdl:simple_directmedia_layer:2.0.12:*:*:*:*:*:*:*" type="NAME_CORRECTION"/>

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-03-05 22:52:02 +01:00
Fabrice Fontaine
d3b6a0e6aa package/sdl: add CPE variables
cpe:2.3🅰️libsdl:simple_directmedia_layer is a valid CPE identifier for
this package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Alibsdl%3Asdl

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-03-05 22:51:51 +01:00
Fabrice Fontaine
c115ef807e package/sdl_image: add SDL_IMAGE_CPE_ID_VENDOR
cpe:2.3🅰️libsdl:sdl_image is a valid CPE identifier for this package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Alibsdl%3Asdl_image

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-03-05 22:33:29 +01:00
Fabrice Fontaine
752354aa79 package/sdl2_image: add SDL2_IMAGE_CPE_ID_PRODUCT
cpe:2.3🅰️libsdl:sdl_image is a valid CPE identifier for this package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Alibsdl%3Asdl2_image

Indeed, cpe:2.3🅰️libsdl:sdl2_image contains a single CPE entry for
version 2.0.4, all the other entries have been deprecated in favor of
cpe:2.3🅰️libsdl:sdl_image:

  <cpe-item name="cpe:/a:libsdl:sdl2_image:2.0.3" deprecated="true" deprecation_date="2020-07-28T15:42:37.767Z">
      <reference href="https://www.libsdl.org/projects/SDL_image/">Product</reference>
    <cpe-23:cpe23-item name="cpe:2.3🅰️libsdl:sdl2_image:2.0.3:*:*:*:*:*:*:*">
        <cpe-23:deprecated-by name="cpe:2.3🅰️libsdl:sdl_image:2.0.3:*:*:*:*:*:*:*" type="NAME_CORRECTION"/>
  <cpe-item name="cpe:/a:libsdl:sdl2_image:2.0.4">
      <reference href="http://hg.libsdl.org/SDL_image/">Version</reference>
    <cpe-23:cpe23-item name="cpe:2.3🅰️libsdl:sdl2_image:2.0.4:*:*:*:*:*:*:*"/>
  <cpe-item name="cpe:/a:libsdl:sdl2_image:2.0.5" deprecated="true" deprecation_date="2020-07-28T15:42:40.500Z">
      <reference href="http://hg.libsdl.org/SDL_image/">Version</reference>
    <cpe-23:cpe23-item name="cpe:2.3🅰️libsdl:sdl2_image:2.0.5:*:*:*:*:*:*:*">
        <cpe-23:deprecated-by name="cpe:2.3🅰️libsdl:sdl_image:2.0.5:*:*:*:*:*:*:*" type="NAME_CORRECTION"/>:

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-03-05 22:30:50 +01:00
Fabrice Fontaine
79d0ffa94e package/python-werkzeug: add CPE variables
cpe:2.3🅰️palletsprojects:werkzeug is a valid CPE identifier for this
package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Apalletsprojects%3Awerkzeug

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-03-05 22:29:30 +01:00
Fabrice Fontaine
813a2b3b77 package/python-twisted: add CPE variables
cpe:2.3🅰️twistedmatrix:twisted is a valid CPE identifier for this
package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Atwistedmatrix%3Atwisted

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-03-05 22:29:19 +01:00
Fabrice Fontaine
c05e6aa361 package/lzo: set LZO_CPE_ID_VALID
cpe:2.3🅰️lzo_project:lzo is a valid CPE identifier for this package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Alzo_project%3Alzo

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-03-05 14:01:22 +01:00
Fabrice Fontaine
42488c58fc package/python-simplejson: add CPE variables
cpe:2.3🅰️simplejson_project:simplejson is a valid CPE identifier for
this package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Asimplejson_project%3Asimplejson

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-03-05 14:00:55 +01:00
Fabrice Fontaine
2b396fce90 package/flac: set FLAC_CPE_ID_VALID
cpe:2.3🅰️flac_project:flac is a valid CPE identifier for this package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Aflac_project%3Aflac

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-03-05 14:00:38 +01:00
Fabrice Fontaine
bea3d1f657 package/libyaml: add LIBYAML_CPE_ID_VENDOR
cpe:2.3🅰️pyyaml:libyaml is a valid CPE identifier for this package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Apyyaml%3Alibyaml

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-03-05 14:00:26 +01:00
Fabrice Fontaine
88772b90fb package/libevent: set LIBEVENT_CPE_ID_VALID
cpe:2.3🅰️libevent_project:libevent is a valid CPE identifier for this
package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Alibevent_project%3Alibevent

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-03-05 14:00:11 +01:00
Fabrice Fontaine
3bf0127971 package/poppler: add POPPLER_CPE_ID_VENDOR
cpe:2.3🅰️freedesktop:poppler is a valid CPE identifier for this
package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Afreedesktop%3Apoppler

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-03-05 13:59:54 +01:00
Fabrice Fontaine
c9052d92b0 package/erlang: add CPE variables
cpe:2.3🅰️erlang:erlang\/otp is a valid CPE identifier for this package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&orderBy=2.3&keyword=cpe%3A2.3%3Aa%3Aerlang%3Aerlang%5C%2Fotp&status=FINAL

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-03-05 13:58:55 +01:00
Fabrice Fontaine
c35140ae1b package/libsrtp: add LIBSRTP_CPE_ID_VENDOR
cpe:2.3🅰️cisco:libsrtp is a valid CPE identifier for this package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Acisco%3Alibsrtp

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-03-05 13:58:42 +01:00
Fabrice Fontaine
51ad8461c7 package/imlib2: add IMLIB2_CPE_ID_VENDOR
cpe:2.3🅰️enlightenment:imlib2 is a valid CPE identifier for this
package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Aenlightenment%3Aimlib2

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-03-05 13:58:30 +01:00
Fabrice Fontaine
95fe85b273 package/dosfstools: set DOSFSTOOLS_CPE_ID_VALID
cpe:2.3🅰️dosfstools_project:dosfstools is a valid CPE identifier for
this package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Adosfstools_project%3Adosfstools

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-03-05 13:58:11 +01:00
Fabrice Fontaine
b676a92e3c package/fontconfig: set FONTCONFIG_CPE_ID_VALID
cpe:2.3🅰️fontconfig_project:fontconfig is a valid CPE identifier for
this package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Afontconfig_project%3Afontconfig

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-03-05 13:57:48 +01:00
Fabrice Fontaine
d82129ac6a package/libopenh264: add CPE variables
cpe:2.3🅰️cisco:openh264 is a valid CPE identifier for this package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Acisco%3Aopenh264

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-03-05 13:57:24 +01:00
Fabrice Fontaine
3e5c0eae2b package/libpng: set LIBPNG_CPE_ID_VENDOR
cpe:2.3🅰️libpng:libpng is a valid CPE identifier for this package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Alibpng%3Alibpng

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-03-05 13:57:17 +01:00
Bernd Kuhls
9b29e94980 package/dovecot-pigeonhole: bump version to 0.5.14
Release notes:
https://dovecot.org/pipermail/dovecot-news/2021-March/000456.html

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-03-05 13:52:31 +01:00
Bernd Kuhls
5a16d45360 package/dovecot: bump version to 2.3.14
Release notes:
https://dovecot.org/pipermail/dovecot-news/2021-March/000455.html

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-03-05 13:52:27 +01:00
Fabrice Fontaine
d412539dbc package/dhcpcd: disable privsep on older kernels
Commit e5594f7239 fixed privsep for sh,
or1k, microblaze, xtensa, arc, nds32 and nios2, but failed to take into
account that the audit functionality is only available in recent kernels
on those architectures.

Pass the --disable-privsep configure option if the kernel is too old in
those architectures.

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-03-05 11:18:40 +01:00
Yann E. MORIN
c72be5dd2f package/libopenssl does not support riscv32
riscv32 is (surprise!) a 32-bit architecture. But it has been Y2038-safe
from its inception. As such, there are no legacy binaries that may use
the 32-bit time syscalls, and thus they are not available on riscv32.

Code that directly calls to the syscalls without using the C libraries
wrappers thus need to handle this case by themselves. That's what
upstream tried to do with:
    5b5e2985f3

We initially carried that patch with 2bb26c1a1d (package/libopenssl:
fix build on riscv32).

However, as Arnd Bergmann puts it [0]:

    The patch looks wrong to me: __NR_io_pgetevents_time64 must be used
    whenever time_t is 64-bit wide on a 32-bit architecture, while
    __NR_io_getevents/__NR_io_pgetevents must be used when time_t is the
    same width as 'long'.

    Checking whether __NR_io_getevents is defined is wrong for all
    architectures other than riscv

And Arnd agrees that patch should be reverted [1] [2] (there are further
comments in that stream, that are worth reading).

As such, we've reverted 2bb26c1a1d with 6cfb4ad7f7.

This means we have no working solution to enable openssl on riscv32 for
now. So, rather than fail the build, or backport a dysfunctional patch,
let's just forbid openssl on riscv32.

Drop the default from the choice selection; it was anyway superfluous:
the default of a choice, if left unspecified, is the first entry of the
choice. Also, having a default means we'd have to also propagate the
dependencies of the defaulted-to symbol, which is yet a little bit more
maintenance. Since the chances we get a third implementation of openssl
are pretty slim (very, very slim), reasoning about what is the default
is still very easy.

When propagating dependencies to tpm2-tss' users, we've tried to keep
the architecture dependency toward the top when possible, and otherwise
we've added it together with existing arch dependencies (MMU).

While at it, drop a useless redundant comment in ibm-sw-tpm2: if we
select FORCE_LIBOPENSSL, it is obvious that's because libressl is not
supported... Besides none of the other users of FORCE_LIBOPENSSL have
such a comment.

Fixes:
    http://autobuild.buildroot.org/results/eb9/eb9a64d4ffae8569b5225083f282cf87ffa7c681/
    ...
    http://autobuild.buildroot.org/results/07e/07e413b24ba8adc9558c80267ce16dda339bf032/

[0] 5b5e2985f3 (commitcomment-44782859)
[1] 5b5e2985f3 (commitcomment-47826509)
[2] 5b5e2985f3 (commitcomment-47830530)

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Reviewed-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Cc: Peter Korsgaard <peter@korsgaard.com>
Cc: Matthew Weber <matthew.weber@rockwellcollins.com>
Cc: Mark Corbin <mark@dibsco.co.uk>
2021-03-04 22:53:08 +01:00
Arnout Vandecappelle (Essensium/Mind)
e5594f7239 package/dhcpcd: cherry-pick upstream arch-specific privsep fixes
dhcpcd includes privsep-linux.c which contains platform-specific
definitions for the seccomp fixes. A lot of our architectures were not
supported yet in the 9.4.0 release, but are supported now thanks to
Fabrice Fontaine.

Cherry-pick those patches. All of them affect the same code, but they
are cherry-picked individually to keep the correspondence with upstream.
Slight adjustments had to be made but there were no merge conflicts.

Fixes:
 - http://autobuild.buildroot.org/results/9ed863b3ba5e6e0587a48e619395e5bdb7e9c557
 - http://autobuild.buildroot.org/results/affd2f094084c4f53a324830539d07050b83587e
 - http://autobuild.buildroot.org/results/67f39606054930d307ddd0eb7743f06316d41544

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-03-04 21:27:07 +01:00
Fabrice Fontaine
5d9fb6a2ae package/gnuchess: security bump to version 6.2.7
Fix CVE-2019-15767: In GNU Chess 6.2.5, there is a stack-based buffer
overflow in the cmd_load function in frontend/cmd.cc via a crafted chess
position in an EPD file.

Update indentation in hash file (two spaces)

https://lists.gnu.org/archive/html/info-gnu-chess/2020-04/msg00000.html
https://lists.gnu.org/archive/html/info-gnu-chess/2020-05/msg00000.html

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-03-04 21:19:45 +01:00
Fabrice Fontaine
183d583fb5 package/sox: fix static build with magic
This build failure is raised since bump to
7524160b29a476f7e87bc14fddf12d349f9a3c5e

Fixes:
 - http://autobuild.buildroot.org/results/d96f27cd96926060046e2e1115777f5bceda3741

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-03-04 20:40:52 +01:00
Fabrice Fontaine
f007b62cc2 package/kismet: fix build when time_t is defined as long long
On some platforms time_t is defined as long long. At the moment, the
compilation of sqlite3_column_as<time_t>(...) fails on these systems
because the appropriate getter is not defined

Fixes:
 - http://autobuild.buildroot.org/results/3a76afdbd8b564579bfb08a4d75b438dbd73ac2e

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-03-04 20:39:52 +01:00
Fabrice Fontaine
e9fbb8dccb package/libminiupnpc: add CPE variables
cpe:2.3🅰️miniupnp_project:miniupnpc is a valid CPE identifier for this
package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Aminiupnp_project%3Aminiupnpc

Split the _VERSION into the traditional major/minor separation, even
though it is not strictly speaking major/minor. This allows re-using for
the CPE versioning.

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[yann.morin.1998@free.fr:
  - inverse the split: rather than defining _VERSION based on the CPE
    values, split the _VERSION and use that to define the CPE variables
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-03-04 20:04:26 +01:00
Fabrice Fontaine
043a23a6b7 package/gnuchess: add CPE variables
cpe:2.3🅰️gnu:chess is a valid CPE identifier for this package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Agnu%3Achess

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-03-04 19:55:29 +01:00
Fabrice Fontaine
ac3bbc4e03 package/systemd: add SYSTEMD_CPE_ID_VENDOR
cpe:2.3🅰️freedesktop:systemd is a valid CPE identifier for this
package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Afreedesktop%3Asystemd

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-03-04 19:55:29 +01:00
Fabrice Fontaine
f6bbaaa886 package/rabbitmq-server: add CPE variables
cpe:2.3🅰️pivotal_software:rabbitmq is a valid CPE identifier for this
package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Apivotal_software%3Arabbitmq

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-03-04 19:55:29 +01:00