Commit Graph

34019 Commits

Author SHA1 Message Date
Adam Duskett
6873873264 pps-tools: bump to version 97eaef2ab82a46d13ea5e00270712d6475fbe42b
Signed-off-by: Adam Duskett <aduskett@codeblue.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-02-06 15:49:36 +01:00
Adam Duskett
0437dcc33c x264: bump to version 97eaef2ab82a46d13ea5e00270712d6475fbe42b
Signed-off-by: Adam Duskett <aduskett@codeblue.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-02-06 15:49:25 +01:00
Adam Duskett
efc93ffadd nginx-naxsi: bump to version 0.55.2
Signed-off-by: Adam Duskett <aduskett@codeblue.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-02-06 15:24:21 +01:00
Adam Duskett
3ff5896ff5 linux-firmware: bump to version 6d3bc8886517d171068fd1263176b8b5c51df204
Signed-off-by: Adam Duskett <aduskett@codeblue.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-02-06 15:11:23 +01:00
Bernd Kuhls
2ac3045453 package/libplatform: bump version to 2.1.0
Rebased patch 0001.

Updated license info after
a1e5905874

Fixes:
    http://autobuild.buildroot.org/results/052/052b29efb3e5b208003ea40aa6499297bbbb7ad4/
    http://autobuild.buildroot.org/results/0d4/0d4d7fefc86269e825c6cc842077daccf9b4f7ee/
    http://autobuild.buildroot.org/results/700/7003798bbb8dbed72d651863149490221583057b/
    ...

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Samuel Martin <s.martin49@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-02-06 14:13:25 +01:00
Dagg Stompler
ab72923a1f configs/odroidc2: bump kernel version to a7fe6f2258e30c7a547908b5480bdbe6b56d6d3c
this kernel rev has numerous bug fixes, framework upgrades and new
features added.

Signed-off-by: Dagg Stompler <daggs@gmx.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-02-06 14:04:16 +01:00
Dagg Stompler
ae5af87e61 configs/odroidc2: bump uboot version to eb5d2d16fd45f52ec49e9b4ff9d562630c08e61c
this version bump allows usage of hardkernel's secure signatures when
booting a system

Signed-off-by: Dagg Stompler <daggs@gmx.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-02-06 14:04:04 +01:00
Dagg Stompler
e715914a38 configs/odroidc2: update boot.ini to 5ce6bcc6d8048ba5ff351516b751d52f5cda6981
changes:
 - add multicam support
 - add the new options
 - organization and add uhs and card remove controls
 - clarify hdmi/dvi/vga selection

Signed-off-by: Dagg Stompler <daggs@gmx.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-02-06 14:03:55 +01:00
Bernd Kuhls
5b544cec8c package/sngrep: fix static linking against libpcap
Inspired by
https://git.buildroot.net/buildroot/tree/package/aircrack-ng/aircrack-ng.mk#n30

Fixes
http://autobuild.buildroot.net/results/699/6993c398649469e25f2491fdb8f1ac9b6d6d8c3c/
http://autobuild.buildroot.net/results/846/8468df3462ac6d53faef228ca241bc500b2d7a52/

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-02-06 14:00:30 +01:00
Jörg Krause
c1a77961c1 package/mbedtls: fix zlib support
To enable compression support using zlib it is necessary to uncomment
the define for MBEDTLS_ZLIB_SUPPORT in config.h [1].

Note, that enabling TLS compression may make mbedTLS vulnerable to the
CRIME attack [1]. It should not be enabled unless is is sure CRIME and
similar attacks are not applicable to the particulare situation.

As zlib is probably enabled in most systems, maybe it is best to make
the compression support a user choice and add the warning from [1]?

[1] https://tls.mbed.org/kb/how-to/deflate-compression-in-ssl-tls

Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-02-06 13:53:01 +01:00
Thomas De Schampheleire
412e6c80ad graph-depends: split off get_rdepends from get_depends
The use of a 'rule' variable that can contain 'show-depends' or
'show-rdepends' is not logical if get_depends is considered as a reusable
function from various scripts. The name of these rules are too much an
implementation detail.

Therefore, split the existing get_depends into two separate functions
get_depends and get_rdepends, while keeping code duplication to a minimum.

Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-02-06 12:28:00 +01:00
Thomas De Schampheleire
12683184b1 graph-depends: split off get_version/get_depends into pkgutil.py
Functions to obtain the version and dependencies of a package from Python
can be useful for several scripts. Extract this logic out of graph-depends
into pkgutil.py.

Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
[Thomas: remove shebang from pkgutil.py, noticed by Yann E. Morin.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-02-06 12:26:55 +01:00
Lionel Flandrin
a7399b257a DEVELOPERS: Add Lionel Flandrin to package/python-gunicorn
Signed-off-by: Lionel Flandrin <lionel@svkt.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-02-05 23:00:24 +01:00
Lionel Flandrin
c0ccf24082 python-gunicorn: new package
Gunicorn ‘Green Unicorn’ is a Python WSGI HTTP Server for UNIX. It’s a
pre-fork worker model ported from Ruby’s Unicorn project. The Gunicorn
server is broadly compatible with various web frameworks, simply
implemented, light on server resource usage, and fairly speedy.

Signed-off-by: Lionel Flandrin <lionel@svkt.org>
Reviewed-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-02-05 22:51:45 +01:00
Angelo Compagnucci
18426200e6 docs/website: switching from gmane to nabble
Gmane mailing list infrastructure is broken from some time,
switching to nabble both for rss and search services.

Signed-off-by: Angelo Compagnucci <angelo.compagnucci@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-02-05 22:47:29 +01:00
Angelo Compagnucci
aa32078ed8 docs/website: fix google feed API
Google deprecated feed api to cenvert rss to json, switching
to yahoo yql. This patch also reorganize the javascript code
to accomodate the fixings.

Signed-off-by: Angelo Compagnucci <angelo.compagnucci@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-02-05 22:47:21 +01:00
Angelo Compagnucci
ad2f351a1d docs/website: bump jquery and bootstrap
This patch bumps jquery and bootstrap to the latest versions.

Signed-off-by: Angelo Compagnucci <angelo.compagnucci@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-02-05 22:47:01 +01:00
Yann E. MORIN
7d987f16ed package/tmux: fix build
The bump to the latest libevent version exposed a latent bug in tmux,
which tries to re-define a variable exposed by the C library.

This breaks with uClibc-ng which defines it const char*, while glibc and
musl define it as non-const.

Fixes:
    http://autobuild.buildroot.org/results/31d/31d37c95b40d297b90a6181ec79c42ee1e2e5090/
    http://autobuild.buildroot.org/results/ccc/ccc9d2e995ba1eaf19f6b325b0af5ebeb8066e7f/
    http://autobuild.buildroot.org/results/8a2/8a28d43bd0c079c1b49b61b0c6ef7de79eda0549/

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-02-05 21:59:26 +01:00
Fabio Estevam
c9ebd70fb1 linux-headers: bump 4.{4, 9}.x series
Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-02-05 20:01:06 +01:00
Fabio Estevam
bc0bd6fe92 linux: bump default to version 4.9.8
Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-02-05 20:00:50 +01:00
Dagg Stompler
465d0ee718 libamcodec: bump version to 296f39bc6fc47ddf5d88b9fd3cfb82a5b39048ca
- remove 0001-Include-stdint.h-where-needed.patch as it was merged into
   the tree.

Signed-off-by: Dagg Stompler <daggs@gmx.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-02-05 15:53:32 +01:00
Thomas De Schampheleire
bd8b531d24 graph-depends: avoid use of global var 'rule' in get_depends
Function get_depends was recently changed to support both normal
dependencies as reverse dependencies, via a global variable 'rule' that
equals 'show-depends' or 'show-rdepends'.

As a subsequent function will extract this function get_depends to a
separate file, the use of globals is problematic.

Instead, pass the global as an argument.

Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-02-05 15:20:02 +01:00
Jörg Krause
ff28d37dfa package/mpd: bump to version 0.20.4
Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-02-05 15:16:47 +01:00
Jörg Krause
f60f3e610a package/libuv: bump to version 0.11.0
Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-02-05 15:16:40 +01:00
Alexey Brodkin
971a13472d toolchain-external: Update Synopsys prebuilt toolchain for ARC cores
Sync external prebuilt toolchain with the one we now build in Buildroot,
i.e. arc-2016.09. Since that prebuilt toolchain finally has IPv6 enabled
it works pretty fine for building packages in Buildroot.

Still note:
 1) There might be subtle differences between uClibc configuration
    compared to Buildroot's one.
 2) A couple of patches we apply on top of Builroot-built toolchain
    are obviously missing in the prebuilt version - they will be
    available in the next release.

Signed-off-by: Alexey Brodkin <abrodkin@synopsys.com>
Cc: Vlad Zakharov <vzakhar@synopsys.com>
Cc: Peter Korsgaard <peter@korsgaard.com>
Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-02-04 23:57:43 +01:00
Bernd Kuhls
bf1c9828f2 package/libcec: bump version to 4.0.2
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-02-04 23:56:09 +01:00
Bernd Kuhls
0064b2fb74 package/unixodbc: add optional dependency to libtool
To get reproducible builds of unixodbc add libtool as optional
dependency.

Without libtool:

$ host/usr/bin/x86_64-linux-readelf -a target/usr/lib/libodbc.so.2.0.0 | grep NEEDED
 0x0000000000000001 (NEEDED)             Shared library: [libc.so.0]

With libtool:

$ host/usr/bin/x86_64-linux-readelf -a target/usr/lib/libodbc.so.2.0.0 | grep NEEDED
 0x0000000000000001 (NEEDED)             Shared library: [libltdl.so.7]
 0x0000000000000001 (NEEDED)             Shared library: [libc.so.0]

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-02-04 23:55:20 +01:00
Adam Duskett
fbc5bdf8b9 portaudio: bump to version 190600_20161030
Signed-off-by: Adam Duskett <aduskett@codeblue.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-02-04 17:23:07 +01:00
Adam Duskett
c225bd9762 openvmtools: bump version to 5a9033ddfa95786d867e4d02bbb9a29bac8fb64f
Technically this is 10.1.0, however the initial release left out a config
directory causing autoconfig to fail.  See this post:
https://github.com/vmware/open-vm-tools/issues/115#issuecomment-269963907

As such, I specified the hash to fix the release:
5a9033ddfa

Signed-off-by: Adam Duskett <aduskett@codeblue.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-02-04 17:20:15 +01:00
Adam Duskett
648fef3edf nginx-naxsi: bump version to 0.55.1
Signed-off-by: Adam Duskett <aduskett@codeblue.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-02-04 17:16:06 +01:00
Adam Duskett
181a3e6fba nginx: bump version to 1.10.3
Signed-off-by: Adam Duskett <aduskett@codeblue.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-02-04 17:15:39 +01:00
Adam Duskett
faacba1693 libv4l: bump version to 1.12.2
Signed-off-by: Adam Duskett <aduskett@codeblue.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-02-04 17:14:47 +01:00
Adam Duskett
c24187114f libmicrohttpd: bump version to 0.9.52
Signed-off-by: Adam Duskett <aduskett@codeblue.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-02-04 17:14:16 +01:00
Adam Duskett
4af22306f5 libevent: bump to version 2.1.8
I also modified the Disable-building-test-programs.patch to work
with the newer Makefile.

[Peter: add s-o-b / note to patch]
Signed-off-by: Adam Duskett <aduskett@codeblue.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-02-04 17:13:07 +01:00
Adam Duskett
b30764ba2d jansson: bump to version 2.9
Signed-off-by: Adam Duskett <aduskett@codeblue.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-02-04 13:07:14 +01:00
Adam Duskett
7858e7fd5c audit: bump to version 2.7.1
Signed-off-by: Adam Duskett <aduskett@codeblue.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-02-04 13:04:22 +01:00
Adam Duskett
215773d063 acpid: bump to version 2.0.28
Signed-off-by: Adam Duskett <aduskett@codeblue.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-02-04 13:04:08 +01:00
Bernd Kuhls
738871e601 package/git: bump version to 2.11.1
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-02-04 13:03:09 +01:00
Alexey Brodkin
600c507f07 configs: Update Synopsys VDK for ARC HS38
This updates Linux kernel for Synopsys ARC HS38 VDK so it matches real
platform and while at it bump kernel version to the latest.

Main changes:
 * Linux kernel v4.9.6 (latest in 4.9.x series in buildroot)
 * Add support of MMC controller which is used for rootfs
 * Add support of UIO which is used to communicate with EVSS

Now with this update image built by vanilla Buildroot VDK has
working UART, MMC, LCD, Ethernet, UIO etc.

And while at it we rename defconfing so it:
 1) Doesn't mention SMP any more - that's the only option anyways now
 2) Matches common naming scheme: vendor_arch_platform

Signed-off-by: Alexey Brodkin <abrodkin@synopsys.com>
Cc: Zakharov Vlad <Vladislav.Zakharov@synopsys.com>
Cc: Peter Korsgaard <peter@korsgaard.com>
Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-02-04 10:23:22 +01:00
Thomas De Schampheleire
774e7b0bfd gengetopt: add patch to fix compilation warnings in generated code
getgetopt generates code that causes compilation warnings in current
versions of gcc. If gengetopt is used for programs that set -Werror during
compilation, these compilation warnings become real problems.

Unfortunately, the gengetopt project seems dead for several years now. Last
release dates back to 2012. There is an open bug for this problem [1], with
a proposed patch, but no response from the maintainers.

Apply the patch from the bug report to fix the problem.

[1]  http://savannah.gnu.org/bugs/?40243

Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-02-04 09:25:43 +01:00
Thomas De Schampheleire
ee90313c64 squashfs: bump to fix RHEL 5 compilation error
Bump squashfs with one commit to fix a compilation error on the ancient RHEL
5 distribution.

Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-02-04 09:18:55 +01:00
Bartosz Golaszewski
058b7f6a65 package/libgpiod: bump version to v0.1.2
This is a small bug-fix release:
  - include <poll.h> instead of <sys/poll.h> in gpioset
  - fix a formatting issue in gpioinfo for chips with >100 GPIO lines
  - fix a bug when requesting both-edges event notifications

Signed-off-by: Bartosz Golaszewski <bgolaszewski@baylibre.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-02-04 09:15:37 +01:00
Waldemar Brodkorb
00995e0e49 uclibc: allow to build aarch64 internal toolchain
uClibc-ng from 1.0.22 and up supports aarch64 architecture.

Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-02-03 20:58:56 +01:00
Waldemar Brodkorb
2b3d493095 uclibc: enable mips{32,64}r6 support
The config for ISA choice is removed for a long time as
the buildsystem does not pass -march=mips* to the compiler anymore.
For mips{32,64}r6 support NAN selection is required.

Tested with qemu mips32/mips64 defconfigs.

A small patch is required. Bug found while testing qemu defconfigs.

Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-02-03 20:56:18 +01:00
Waldemar Brodkorb
9be8837ad2 uclibc: update to 1.0.22
- fixes mips{32,64}r6 support
- adds experimental aarch64 support
- fixes syscalls with 6 arguments for x86
- removes PID caching and simplifies architecture specific code

Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-02-03 20:56:00 +01:00
Baruch Siach
183b443e57 tcpdump: security bump to version 4.9.0
Security fixes in this release (from the Debian changelog):

    + CVE-2016-7922: buffer overflow in print-ah.c:ah_print().
    + CVE-2016-7923: buffer overflow in print-arp.c:arp_print().
    + CVE-2016-7924: buffer overflow in print-atm.c:oam_print().
    + CVE-2016-7925: buffer overflow in print-sl.c:sl_if_print().
    + CVE-2016-7926: buffer overflow in print-ether.c:ethertype_print().
    + CVE-2016-7927: buffer overflow in print-802_11.c:ieee802_11_radio_print().
    + CVE-2016-7928: buffer overflow in print-ipcomp.c:ipcomp_print().
    + CVE-2016-7929: buffer overflow in print-juniper.c:juniper_parse_header().
    + CVE-2016-7930: buffer overflow in print-llc.c:llc_print().
    + CVE-2016-7931: buffer overflow in print-mpls.c:mpls_print().
    + CVE-2016-7932: buffer overflow in print-pim.c:pimv2_check_checksum().
    + CVE-2016-7933: buffer overflow in print-ppp.c:ppp_hdlc_if_print().
    + CVE-2016-7934: buffer overflow in print-udp.c:rtcp_print().
    + CVE-2016-7935: buffer overflow in print-udp.c:rtp_print().
    + CVE-2016-7936: buffer overflow in print-udp.c:udp_print().
    + CVE-2016-7937: buffer overflow in print-udp.c:vat_print().
    + CVE-2016-7938: integer overflow in print-zeromq.c:zmtp1_print_frame().
    + CVE-2016-7939: buffer overflow in print-gre.c, multiple functions.
    + CVE-2016-7940: buffer overflow in print-stp.c, multiple functions.
    + CVE-2016-7973: buffer overflow in print-atalk.c, multiple functions.
    + CVE-2016-7974: buffer overflow in print-ip.c, multiple functions.
    + CVE-2016-7975: buffer overflow in print-tcp.c:tcp_print().
    + CVE-2016-7983: buffer overflow in print-bootp.c:bootp_print().
    + CVE-2016-7984: buffer overflow in print-tftp.c:tftp_print().
    + CVE-2016-7985: buffer overflow in print-calm-fast.c:calm_fast_print().
    + CVE-2016-7986: buffer overflow in print-geonet.c, multiple functions.
    + CVE-2016-7992: buffer overflow in print-cip.c:cip_if_print().
    + CVE-2016-7993: a bug in util-print.c:relts_print() could cause a
      buffer overflow in multiple protocol parsers (DNS, DVMRP, HSRP, IGMP,
      lightweight resolver protocol, PIM).
    + CVE-2016-8574: buffer overflow in print-fr.c:frf15_print().
    + CVE-2016-8575: buffer overflow in print-fr.c:q933_print().
    + CVE-2017-5202: buffer overflow in print-isoclns.c:clnp_print().
    + CVE-2017-5203: buffer overflow in print-bootp.c:bootp_print().
    + CVE-2017-5204: buffer overflow in print-ip6.c:ip6_print().
    + CVE-2017-5205: buffer overflow in print-isakmp.c:ikev2_e_print().
    + CVE-2017-5341: buffer overflow in print-otv.c:otv_print().
    + CVE-2017-5342: a bug in multiple protocol parsers (Geneve, GRE, NSH,
      OTV, VXLAN and VXLAN GPE) could cause a buffer overflow in
      print-ether.c:ether_print().
    + CVE-2017-5482: buffer overflow in print-fr.c:q933_print().
    + CVE-2017-5483: buffer overflow in print-snmp.c:asn1_parse().
    + CVE-2017-5484: buffer overflow in print-atm.c:sig_print().
    + CVE-2017-5485: buffer overflow in addrtoname.c:lookup_nsap().
    + CVE-2017-5486: buffer overflow in print-isoclns.c:clnp_print().

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-02-03 14:14:49 +01:00
Adam Duskett
ebd029c9d9 sepolgen: bump to version 2.6
Signed-off-by: Adam Duskett <aduskett@codeblue.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-02-01 22:19:16 +01:00
Baruch Siach
0b4848d6b9 dbus: remove init script status op
The status command calls the Upstart status utility which we don't have.

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-02-01 22:12:50 +01:00
Lionel Flandrin
c06aa42f7c python-pyzmq: bump to version 16.0.2
Updated the zmq version detection patch to apply cleanly on 16.0.2.

Added patch #2 to replace compile_and_run with compile_and_forget in the setup
code: this function is only used to check for the availability of "sys/un.h" and
we only need to compile the test code to make sure of that. This fixes the
cross-compilation.

Signed-off-by: Lionel Flandrin <lionel@svkt.org>
Reviewed-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-02-01 22:11:58 +01:00
Thomas De Schampheleire
cee060e98e core infra: make sure apply-patches is called with correct tar
Buildroot has a mechanism to detect a too-old or missing tar program on the
host machine, and builds a custom host-tar if needed. An example situation
is a RHEL5 host machine, where tar is knowingly too old.

The apply-patches script also employs tar, in case the patches come as an
archive. However, tar is called as 'tar' without any absolute path, and the
environment does not point in any way to the possibly custom tar. As a
result, the too-old-tar is called. A particular problem is the flag '-a'
which is missing on e.g. RHEL5.

Previously, this problem went unnoticed: tar would fail, but apply-patches
did not notice it, and the overall return code of the script was 'success'.
However, commit d5ae67b4 added 'set -e' to the script, causing any error to
halt execution of the script with an error.

Fix the problem by adding the Buildroot-built host tools to the PATH when
calling apply-patches.

Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-02-01 22:10:44 +01:00