Fixes the following security issue:
CVE-2017-3145: Improper sequencing during cleanup can lead to a
use-after-free error, triggering an assertion failure and crash in
named.
For more details, see the advisory:
https://lists.isc.org/pipermail/bind-announce/2018-January/001072.html
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
systemd is no longer an autotools package, as such, it has now been converted
over to meson.
Even though systemd234 has meson support, it is broken with gcc7, as such
the revision bump and conversion to meson must be in a single patch.
Changes include:
- Change systemd from an autotools package to a generic package
- Changing all the options from --enable/disable to -Doption=true/false
- Remove --without-python (no longer an option)
- Remove all of the ac_cv_path_ variables, and move them into CONF_OPTS
with the prefix -Doption-path=/path.
- Add sha256sum's for the license files.
- Remove 0002-build-check-for-ln-relative.patch and add
0002-install-dont-use-ln-relative.patch in its place, the old patch relied on autotools and is no longer relevant.
- Add 0004-add-false-option-for-tests.patch. With the conversion to meson,
systemd no longer has the option to disable unit tests from being built.
This patch re-adds the functionality. This prevents 381 files from being
built, and prevents gcrypt from becoming a dependency.
Signed-off-by: Adam Duskett <Adamduskett@outlook.com>
Tested-by: Jérémy Rosen <jeremy.rosen@smile.fr>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Tested-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Tested-by: gitlab-ci https://gitlab.com/ymorin/buildroot-ci/pipelines/15857672/builds
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
The lldpad package comes with utilities to manage an LLDP interface with
support for reading and configuring TLVs. TLVs and interfaces are individual
controlled allowing flexible configuration for TX only, RX only, or TX/RX
modes per TLV.
http://open-lldp.org/
Signed-off-by: Laurent Charpentier <laurent_pubs@yahoo.com>
Reviewed-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Patch the Makefiles to make PREFIX and DESTDIR follow standard
semantics to get rid of DESTDIR during compile time in
libsemanage.mk and generate proper pkg-config files.
Signed-off-by: Marcus Folkesson <marcus.folkesson@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Patch the Makefiles to make PREFIX and DESTDIR follow standard
semantics to get rid of DESTDIR during compile time in
libsepol.mk and generate proper pkg-config files.
Signed-off-by: Marcus Folkesson <marcus.folkesson@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Patch the Makefiles to make PREFIX and DESTDIR follow standard
semantics to get rid of DESTDIR during compile time in
libselinux.mk and generate proper pkg-config files.
Fixes:
http://autobuild.buildroot.net/results/74d27370c7623e89e401203a485193340e992e7c/
Signed-off-by: Marcus Folkesson <marcus.folkesson@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Apply an upstream patch which addresses a compilation issue with respect
to an undefined 'timeval' structure. This issue exists in at least v6.0.
It is expected that this patch can be removed when libpqxx provides a
new releases (either v6.0.1 or v6.1).
Fixes:
http://autobuild.buildroot.net/results/48b015650ede4e55e199538072c7228cccf64422
Signed-off-by: James Knight <james.knight@rockwellcollins.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Bump U-Boot to 2017.11 and kernel to 4.14.13 versions.
Signed-off-by: Fabio Estevam <fabio.estevam@nxp.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Drop LDFLAGS forcing. Makefile now uses appends to environment LDFLAGS.
Add license hash.
Cc: Matt Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Tested-by: Matt Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Remove patch since it is in mainline.
Signed-off-by: Marcus Folkesson <marcus.folkesson@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
All the rtlwifi firmware files were not installed, so added the
missing ones.
Signed-off-by: Romain Reignier <rom.reignier@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Supposedly, older kernels could require that an older firmware be used,
so leave to the user the opportunity to choose the one they require.
Simplify the pattern as suggested by Peter. Thanks!
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Peter Korsgaard <peter@korsgaard.com>
Cc: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This version adds support for libva 2.0, added license hash.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The C++ REST SDK is a Microsoft project for cloud-based client-server
communication in native code using a modern asynchronous C++ API design.
This project aims to help C++ developers connect to and interact with
services.
This package is licensed under the MIT package and depends on BOOST
and OpenSSL/LibreSSL.
Signed-off-by: Adam Duskett <aduskett@codeblue.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
FlatBuffers is an efficient cross platform serialization
library for C++, C#, C, Go, Java, JavaScript, PHP, and
Python. It was originally created at Google for game
development and other performance-critical applications.
http://google.github.io/flatbuffers/
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Store the list of detected licence files in the main object and
automatically add their sha256 checksums when creating *.hash file.
Bonus: fix wrong indentation.
Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
The aoetools are programs for users of the ATA over Ethernet (AoE)
network storage protocol, a simple protocol for using storage over an
ethernet LAN.
Tested on Beaglebone Black.
Build tested with test-pkg.
Signed-off-by: Sergio Prado <sergio.prado@e-labworks.com>
[Thomas:
- fix check-package warnings
- use SPDX license code, GPL-2.0
- use github helper
- pass TARGET_CONFIGURE_OPTS instead of just CC]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Currently, only post-build and post-image scripts were tested, each with
their own test-script.
The two test-scripts only differ in the name of the log file they
create, and it is based on the name of the script, so it is easy to
share the script.
This allows us to easily re-use it for testing post-fakeroot scripts.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Cc: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Reviewed-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Tested-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Like we do for post-build and post-image scripts, pass EXTRA_ENV to
post-fakeroot script.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Buildroot's "make nconfig" command stopped working a while ago on
Gentoo systems. Running the command would result in a crash.
The issue is caused by lxdialog's cflags which are also used to build
nconfig; It would detect *ncursesw* and turn on WIDECHAR support --
but the Makefile would still link to plain *ncurses* while building
nconfig (which was built without WIDECHAR support).
This would cause a crash after using *wattrset* on a WINDOW instance.
WIDECHAR *wattrset* would try to set the _color member in the WINDOW
struct which does not exist in the NON-WIDECHAR ncurses instance. It
would end up clobbering data outside the struct (usually _line entries).
An upstream patch fixes the issue, so we're applying it to Buildroot's
kconfig.
Signed-off-by: Guillermo A. Amaral <g@maral.me>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Add two patches from upstream to fix a build issue when building an
example. Ideally, the examples should not be build at all. However,
upstream disliked the idea of adding configure options like
`--disable-examples` [1]. So we'll make do with the patches and force a
autoreconf.
Additionaly, the signature was checked and a hash for the license file
is added.
[1] https://github.com/hercules-team/augeas/issues/535
Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
When a file is listed to be installed but is missing from the package
source currently the first tar command exits with error code but it is
ignored and the build succeeds.
This issue by itself is minor because those listed files that are
present in the package source get installed to the target.
But the code is currently error prone, e.g. to a typo in the file list.
Fix this by first creating a tarball in the build directory and then
installing it, instead of using a pipe between the two tar invocations.
Also use && between the commands, so the first command that exits with
error code fails the build.
Since the two tar invocations remain in use, the desired behavior
remains the same:
- list of files can contain *;
- list of files can contain file inside path, and the path is then
replicated in the target;
- symlinks are not followed but are installed.
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Cc: Sergey Matyukevich <geomatsi@gmail.com>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
It's broken for the last 3 version bumps, since
1c9846ecc9 "linux-firmware: Bump to the latest version"
Fix it by updating the name of the file to install.
Do not use * since it would install also old versions that would take
1MB extra space in the target.
A comment to remember to update the file name when bumping the package
is not needed because a previous patch in the series makes the build
to fail for missing file.
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Cc: Fabio Estevam <festevam@gmail.com>
Cc: Peter Korsgaard <peter@korsgaard.com>
Cc: Peter Seiderer <ps.report@gmx.net>
Cc: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Yegor Yefremov <yegorslists@googlemail.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
When a file is listed to be installed but is missing from the package
source currently the first tar command exits with error code but it is
ignored and the build succeeds.
This issue by itself is minor because those listed files that are
present in the package source get installed to the target.
But the code is currently error prone, e.g. to a typo in the file list.
Fix this by first creating a tarball in the build directory and then
installing it, instead of using a pipe between the two tar invocations.
Also use && between the commands, so the first command that exits with
error code fails the build.
Since the two tar invocations remain in use, the desired behavior
remains the same:
- list of files can contain *;
- list of files can contain file inside path, and the path is then
replicated in the target;
- symlinks are not followed but are installed.
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Cc: Fabio Estevam <festevam@gmail.com>
Cc: Peter Korsgaard <peter@korsgaard.com>
Cc: Peter Seiderer <ps.report@gmx.net>
Cc: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Yegor Yefremov <yegorslists@googlemail.com>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Joseph Kogut <joseph.kogut@gmail.com>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The build fails when the host binutils isn't at least 2.23
(2.22.x introduced RDSEED).
The host toolchain is used for x86_64 target builds where
we need to do a 32bit build. Most other buildroot builds
are using a much newer binutils unless it's a external
older toolchain.
Fixes:
http://autobuild.buildroot.net/results/c39/c3987a3cbd2960b0ff50f872636bdfd8d1a9c820/
Upstream:
https://marc.info/?l=kvm&m=151580743523259&w=2
Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
When bash is selected, /bin/bash is not added to /etc/shells
(see man shells). So, login tools like dropbear reject the ssh
connexions for users using bash as shell in /etc/passwd.
buildroot authpriv.warn dropbear[853]: User 'kubu' has invalid shell, rejected
Reported-by: Jeremy Rosen <jeremy.rosen@smile.fr>
Signed-off-by: Romain Naour <romain.naour@smile.fr>
Cc: "Yann E. MORIN" <yann.morin.1998@free.fr>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>