Fix CVE-2020-26159: In Oniguruma 6.9.5_rev1, an attacker able to supply
a regular expression for compilation may be able to overflow a buffer by
one byte in concat_opt_exact_str in src/regcomp.c.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
- Use official tarball instead of github helper
- Update indentation in hash file (two spaces)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fix build of version 3.0.0 with uclibc. While the patch is added in
package/libapparmor, it in fact fixes a build issue that only occurs
when building package/apparmor, but as both packages share the same
source, they also share the same patches.
Fixes:
- http://autobuild.buildroot.org/results/aea20bd5539fad35385565ffeb7e6ac566507017
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fix build of version 3.0.0 with musl. Since the apparmor and
libapparmor packages share the same sources, we also share their
patches: this is why the patch is added in package/libapparmor/3.0.0,
and a symlink package/apparmor/3.0.0 -> package/libapparmor/3.0.0 is
added.
Fixes:
- http://autobuild.buildroot.org/results/22fb440240aa698acc68f026be790d5366c8f908
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
U-Boot 2020.10 no longer provides boot command in default environment for
Udoo Quad/Dual board. Boot script needs to be added to the image. In order
to keep using common infrastructure for freescale boards, move boot files
to root filesystem and add boot script there. Also switch Udoo Neo board
to common freescale infrastructure to simplify maintenance.
Signed-off-by: Sergey Matyukevich <geomatsi@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
After BSP update Udoo Quad/Dual board once again hangs on boot. On a
new kernel disabling CONFIG_USB option is not enough to work around
the troublesome usb host on Udoo Quad/Dual board. So in order to be
future-proof it makes sense to disable usbh1 block in device tree
rather than fine-tune kernel configuration after BSP updates.
Signed-off-by: Sergey Matyukevich <geomatsi@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bump Linux kernel to 5.8.13 and U-Boot to 2020.10.
Signed-off-by: Sergey Matyukevich <geomatsi@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bump ATF, U-Boot and kernel to the NXP BSP 5.4.24_2.1.0 versions.
On 5.4.24_2.1.0 the revC board is supported by default.
In case an older revB board is used, then the following step in U-Boot is
needed:
=> setenv fdt_file imx8mm-evk-revb.dtb
=> saveenv
=> reset
Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bump ATF, U-Boot and kernel to the NXP BSP 5.4.24_2.1.0 versions.
Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
When using the imx8 NXP kernel, it is preferred to use the imx_v8_defconfig
instead of the generic arm64 defconfig, as the NXP defconfig selects more
imx8 specific drivers.
Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
- 0001-Temporary-fix-for-build-without-C.patch, AC_PROG_CXX line
number changed.
- Makefile-fuzz-generated.am now in size zero.
- json-c, libcurl: new (FAPI) dependencies since tpm2-tss version 2.4.0
Signed-off-by: Yair Ben-Avraham <yairba@protonmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Use a fixed kernel version to have a reproducible and tested
configuration.
Signed-off-by: Michael Walle <michael@walle.cc>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The 2020.08-1 release of Bootlin toolchains has brought support for 3
additional architecture variants, so let's support them.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bootlin toolchains in version 2020.08-1 have just been released, so
let's update the toolchain-external-bootlin package to those new
toolchains.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
glibc toolchains must be disabled for static only configuration.
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
When building iputils for powerpc with BR2_PIC_PIE enabled, the
arping/rdisc/tftpd binaries will segfault at runtime. This can be
traced back to a few bugs in patchelf corrupting the ELFs when
resizing the RPATH to replace "$ORIGIN/" with "/usr/sbin".
This patch pulls in upstream fixes to prevent the binaries from being
needlessly inflated, prevent the startPage from always being adjusted,
fix a few minor bugs, and fix incorrect endianness handling.
Signed-off-by: Conrad Ratschan <conrad.ratschan@rockwellcollins.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
- Drop patch (already in version) and so autoreconf
- Update indentation in hash file
https://github.com/freedesktop/spice/blob/v0.14.3/CHANGELOG.md
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
- Add link to upstream sha256
- Switch to meson-package
- Update indentation in hash file
https://github.com/freedesktop/spice-protocol/blob/v0.14.3/CHANGELOG.md
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Brandon Maier <brandon.maier@rockwellcollins.com>
[yann.morin.1998@free.fr:
- move before skeletons
- select the custom 'mine' skeleton, not the sysv one
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Some externals may wish to provide custom init systems for tightly
integrated boot. This has been supported through the BR2_INIT_NONE,
however a downside to the BR2_INIT_NONE is it forces the custom init
system to use either skeleton-custom and roll a custom skeleton for
each target, or skeleton-init-none which isn't a complete skeleton.
Allowing br2-external to define custom BR2_INIT_* means they can now
safely 'select' the BR2_PACKAGE_SKELETON_INIT_*, and re-use any of the
skeletons in Buildroot, or one from a br2-external tree.
Signed-off-by: Brandon Maier <brandon.maier@rockwellcollins.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
In preparation for supporting br2-external inits, move the 'select' for
the BR2_PACKAGE_SKELETON_INIT_* to their respective init systems. This
will allow a br2-external init to 'select' which skeleton it needs as a
default skeleton.
Signed-off-by: Brandon Maier <brandon.maier@rockwellcollins.com>
[yann.morin.1998@free.fr:
- add comment to init choice, to remind why selecting skeletons is OK
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Brandon Maier <brandon.maier@rockwellcollins.com>
[yann.morin.1998@free.fr:
- alphabetical order (skeleton before toolchain)
- leave the list of choices 'open'
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Today, the BR2_ROOTFS_SKELETON_CUSTOM is the only way to build a custom
skeleton. But it's limiting as users must provide a pre-built skeleton
for each target. Supporting a br2-external package allows users to build
up a skeleton and customize it with their own KConfig options.
Signed-off-by: Brandon Maier <brandon.maier@rockwellcollins.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
1.8.0 adds support for both openssl and gnutls
Signed-off-by: David GOUARIN <dgouarin@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Some packages have their own waf copy, but not located at the
top-level directory. In order to support those packages, we allow
packages to override the default <pkg>_WAF location.
Signed-off-by: David GOUARIN <dgouarin@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This rebases the remaining patches for python 3.9.0 not included in
f26ce57760.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The -Dremote=true flag enables three tools: systemd-journal-gatewayd,
systemd-journal-remote and systemd-journal-upload.
It is not possible with simple means to install them seperately. So use
the systemd-journal-remote option to enable or disable them all together.
Drop systemd-journal-gatewayd option and add it to legacy.
Fixes: #12301
Signed-off-by: Michael Nosthoff <buildroot@heine.tech>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
systemds libqrencode support is independent from journal-gatewayd. In
v247 it will additionally be used in homectl for recovery key
generation.
Signed-off-by: Michael Nosthoff <buildroot@heine.tech>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This is compatible with release-monitoring.org, so it allows easier
tracking of update status.
There appears to be no easy way to use anything other than tag/commit
for _VERSION with the git download method. git.ti.com offers snapshot
download over https, so use use that instead. As added bonus, the https
download method is more firewall friendly.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Minimal rebase of patches on 3.9.0.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This version adds wrappers for getgroups and statx, the latter is used
by coreutils 8.32.
Removed patches that are now in upstream.
Added a patch to fix failure when installing.
Signed-off-by: Norbert Lange <nolange79@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>