Commit Graph

57021 Commits

Author SHA1 Message Date
Adam Duskett
ab2d472cde testing/tests/package/test_openjdk.py: bump kernel version to 5.10.34
Kernel 4.16.7 is old enough to produce the "multiple definition of `yylloc'"
error which is fixed in newer versions.

Bump the test kernel version from 4.16.7 to 5.10.34 to prevent this error wwhen
building the test image.

Signed-off-by: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-05-05 21:37:21 +02:00
Christian Stewart
35af2bb801 package/docker-containerd: rename package to containerd
containerd is now an independent project from Docker.

This commit renames the Buildroot package from docker-containerd to containerd,
adding a entry in Config.in.legacy accordingly.

containerd is an industry-standard container runtime with an emphasis on
simplicity, robustness and portability. It is available as a daemon for Linux
and Windows, which can manage the complete container lifecycle of its host
system: image transfer and storage, container execution and supervision,
low-level storage and network attachments, etc.

https://containerd.io

Signed-off-by: Christian Stewart <christian@paral.in>
Reviewed-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
[Arnout:
 - fix alphabetical ordering in package/Config.in
 - also do rename in DEVELOPERS
 - squash in second patch
]
2021-05-05 21:33:58 +02:00
Bernd Kuhls
1e96b6189a package/exim: security bump version to 4.94.2
Release announcement:
https://lists.exim.org/lurker/message/20210421.123632.08bb711a.en.html

According to
http://www.exim.org/static/doc/security/CVE-2020-qualys/21nails.txt
this version bump fixes

Local vulnerabilities
- CVE-2020-28007: Link attack in Exim's log directory
- CVE-2020-28008: Assorted attacks in Exim's spool directory
- CVE-2020-28014: Arbitrary file creation and clobbering
- CVE-2021-27216: Arbitrary file deletion
- CVE-2020-28011: Heap buffer overflow in queue_run()
- CVE-2020-28010: Heap out-of-bounds write in main()
- CVE-2020-28013: Heap buffer overflow in parse_fix_phrase()
- CVE-2020-28016: Heap out-of-bounds write in parse_fix_phrase()
- CVE-2020-28015: New-line injection into spool header file (local)
- CVE-2020-28012: Missing close-on-exec flag for privileged pipe
- CVE-2020-28009: Integer overflow in get_stdinput()

Remote vulnerabilities
- CVE-2020-28017: Integer overflow in receive_add_recipient()
- CVE-2020-28020: Integer overflow in receive_msg()
- CVE-2020-28023: Out-of-bounds read in smtp_setup_msg()
- CVE-2020-28021: New-line injection into spool header file (remote)
- CVE-2020-28022: Heap out-of-bounds read and write in extract_option()
- CVE-2020-28026: Line truncation and injection in spool_read_header()
- CVE-2020-28019: Failure to reset function pointer after BDAT error
- CVE-2020-28024: Heap buffer underflow in smtp_ungetc()
- CVE-2020-28018: Use-after-free in tls-openssl.c
- CVE-2020-28025: Heap out-of-bounds read in pdkim_finish_bodyhash()

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-05-04 22:36:30 +02:00
Fabrice Fontaine
50739073d6 Config.in: put back legacy comment for BR2_ENABLE_SSP
Put back legacy comment for BR2_ENABLE_SSP which was dropped with commit
810ba387be

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-05-04 22:35:14 +02:00
Sébastien Szymanski
34b893a6d7 package/freescale-imx/imx-gpu-viv: select libdrm
Some libraries (libGL.so, vivante_dri.so, libEGL.so, libgbm_viv.so) are
linked against libdrm so select libdrm package.

Fixes: 8283e838f0 ("package/freescale-imx/imx-gpu-viv: bump to version 6.4.3.p1.2")
Signed-off-by: Sébastien Szymanski <sebastien.szymanski@armadeus.com>
Reviewed-by: Gary Bisson <gary.bisson@boundarydevices.com>
Tested-by: Gary Bisson <gary.bisson@boundarydevices.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-05-04 22:32:46 +02:00
Fabrice Fontaine
5f154799b6 package/bullet: fix build
Since bump to version 3.09 in commit
28b4947ed8, build fails on:

[100%] Linking CXX shared library libBulletRoboticsGUI.so
/home/buildroot/autobuild/run/instance-0/output-1/host/opt/ext-toolchain/bin/../lib/gcc/sparc64-buildroot-linux-gnu/9.3.0/../../../../sparc64-buildroot-linux-gnu/bin/ld: cannot find -lBulletExampleBrowserLib

Upstream is aware of this issue and recommends to avoid changing any
options: https://github.com/bulletphysics/bullet3/issues/3143

So don't disable bullet3 and demos apps ...

Fixes:
 - http://autobuild.buildroot.org/results/1721df8b0859656f7420b0b166d1ca635e5ddc74

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
[Arnout: remove the options instead of setting to ON]
2021-05-04 22:30:14 +02:00
Fabrice Fontaine
41bdc460b6 package/pipewire: fix build with NLS
Fix build failure with NLS which is raised since bump to version 0.3.26
in commit a6d88d3ba5

Fixes:
 - http://autobuild.buildroot.org/results/4ed680dc91519c02db4fbfb396d75c5f74207d9b

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-05-04 22:19:21 +02:00
Peter Seiderer
ec2ee79ec1 package/libtomcrypt: compile with -fPIC to enable linking to dynamic libraries/exectuables
Fixes:

  .../x86_64-buildroot-linux-gnu/bin/ld: .../host/x86_64-buildroot-linux-gnu/sysroot/usr/lib/libtomcrypt.a(md5.o): relocation R_X86_64_32 against `.rodata.str1.1' can not be used when making a shared object; recompile with -fPIC

when building a shared library that links with libtomcrypt. Our only
internal user dropbear doesn't do this, so there are no autobuilder
failures.

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-05-04 22:14:37 +02:00
Vincent Stehlé
f01b0b1a3d configs/aarch64_efi: bump kernel version and update
- Bump kernel to version 5.11.16.

We remove the hardcoded ttyAMA0 and rely on the firmware to discover our
console. This enables serial console on systems, which do not have an Arm
pl011 UART.

We switch to GPT disklabel and discover our root filesystem using its
PARTLABEL. This enables booting from more media, such as HDD, SD card or
USB.

We update the readme, which hinted that ACPI was mandatory. This is not
strictly the case as we can also boot with a dtb and/or a U-Boot based
firmware, with no ACPI. While at it, mention EBBR, SystemReady and explain
how to build and use a U-Boot-based qemu firmware.

Signed-off-by: Vincent Stehlé <vincent.stehle@arm.com>
Cc: Erico Nunes <nunes.erico@gmail.com>
Reviewed-by: Erico Nunes <nunes.erico@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-05-04 22:12:36 +02:00
Christian Stewart
0b09d6feaa package/libfuse3: bump version to 3.10.3
Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-05-04 22:06:44 +02:00
Dick Olsson
c5497df7b3 support/testing: add s6-networking tests
Test that the TAICLOCK and TCP servers are working.

Signed-off-by: Dick Olsson <hi@senzilla.io>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
[Arnout: indent config lines more]
2021-05-04 21:58:51 +02:00
Dick Olsson
50c6e932dc support/testing: add s6-rc tests
Test that s6-rc service database compilation is working.

Signed-off-by: Dick Olsson <hi@senzilla.io>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
[Arnout: indent config lines more]
2021-05-04 21:56:49 +02:00
Dick Olsson
77c13ae989 support/testing: add s6-portable-utils tests
Test that a few basis utilities are working.

Signed-off-by: Dick Olsson <hi@senzilla.io>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
[Arnout: indent config lines more]
2021-05-04 21:53:52 +02:00
Dick Olsson
985d733f31 support/testing: add s6 tests
Test that directory scanning and supervision is working.

Signed-off-by: Dick Olsson <hi@senzilla.io>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
[Arnout: properly indent, and use textwrap to dedent again.]
2021-05-04 21:50:40 +02:00
Dick Olsson
f7ea0af883 support/testing: add execline tests
Test that the interpreter can run a basic command.

Signed-off-by: Dick Olsson <hi@senzilla.io>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
[Arnout: indent config lines more]
2021-05-04 21:34:36 +02:00
Dick Olsson
ac9e253f2f package/{skalibs, execline, s6*, mdevd}: root prefix
The skaware packages are frequently used as the init system and service
management for machines. Therefore it is more logical to install these
packages to the root prefix.

Signed-off-by: Dick Olsson <hi@senzilla.io>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-05-04 21:28:17 +02:00
Fabrice Fontaine
67d19f6014 package/libopenssl: fix performance issue in static build
Revert commit 8c2c959b02 as no-dso has
been added back to openssl since version 1.1.1e and
8dcd574619
and because gcc no-asm has performance issue

Fixes:
 - https://bugs.buildroot.org/show_bug.cgi?id=13751

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-05-04 21:22:52 +02:00
Federico Pellegrin
cadb8f2f31 package/kexec: bump to version 2.0.22
https://www.spinics.net/lists/kexec/msg26864.html

Signed-off-by: Federico Pellegrin <fede@evolware.org>
[yann.morin.1998@free.fr: two-spaces in hash file]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-05-04 21:19:57 +02:00
Norbert Lange
ee66864bcf package/kmod: create zstd option for host
Signed-off-by: Norbert Lange <nolange79@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-05-04 21:17:24 +02:00
Norbert Lange
df8d80ab5a package/kmod: support zstd compression if available
Signed-off-by: Norbert Lange <nolange79@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-05-04 21:17:23 +02:00
Fabrice Fontaine
810ba387be Config.in: enable FORTIFY_SOURCE, PIC/PIE, RELRO, SSP by default
Enhance security by enabling FORTIFY_SOURCE, PIC/PIE, RELRO and SSP by
default.

For SSP, SSP-all can have a significant impact on performance, so we do
not want to enable that unconditionally; instead we use SSP-strong if
available (since gcc-4.9), and resort to SSP-regular otherwise. People
who really, like really-really want to use SSP-all will still have to
enable it explicitly.

For FORTIFY, level 2 may change the behaviour of some glibc functions,
so may crash conforming programs, so may have adverse effects. As such,
we choose level 1 as the default, as it does not change the behaviour
of any function.

This could help making IoT more secure and fight against the assumption
that buildroot does not support binary hardening (see
https://cyber-itl.org/2019/08/26/iot-data-writeup.html)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[yann.morin.1998@free.fr:
  - relax SSP to strong when available, regular otherwise
  - extend commit log to explain why SSP-all is not used
  - extend commit log to explain why FORTIFY level 2 is not used
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-05-03 22:23:11 +02:00
Fabrice Fontaine
281e5af348 package/iostat: drop package
This package is not maintained anymore and even upstream site is dead.
As iostat can also be provided by sysstat, just drop the package.

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-05-02 21:36:13 +02:00
Mario Fink
02fcc814be package/docker-cli: bump version to 20.10.6
Signed-off-by: Mario Fink <mario.fink@record-evolution.de>
Tested-by: Christian Stewart <christian@paral.in>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-05-02 21:32:33 +02:00
Mario Fink
e1458fe943 package/docker-engine: bump version to 20.10.6
Fixes various networking issues:

- Fix a regression in docker 20.10, causing IPv6 addresses no longer to be
  bound by default when mapping ports moby/moby#42205

- Fix implicit IPv6 port-mappings not included in API response.  Before
  docker 20.10, published ports were accessible through both IPv4 and IPv6
  by default, but the API only included information about the IPv4 (0.0.0.0)
  mapping moby/moby#42205

- Fix a regression in docker 20.10, causing the docker-proxy to not be
  terminated in all cases moby/moby#42205

- Fix iptables forwarding rules not being cleaned up upon container removal
  moby/moby#42205

For more details, see the release notes:
https://docs.docker.com/engine/release-notes/#20106

Signed-off-by: Mario Fink <knif.oiram@gmail.com>
Tested-by: Christian Stewart <christian@paral.in>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-05-02 21:08:41 +02:00
Fabrice Fontaine
0c4c76759b Config.in.legacy: fix BR2_PACKAGE_SCONESERVER_HTTP_SCONESITE_IMAGE
Commit fdb6fc2b4a forgot to select
BR2_LEGACY

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-05-01 21:47:09 +02:00
Dick Olsson
92e0f91278 package/mdevd: bump to version 0.1.4.0
https://www.mail-archive.com/skaware@list.skarnet.org/msg01579.html

Signed-off-by: Dick Olsson <hi@senzilla.io>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-05-01 16:50:33 +02:00
Dick Olsson
643b03b62f package/s6-linux-init: bump to version 1.0.6.3
https://www.mail-archive.com/skaware@list.skarnet.org/msg01579.html

Signed-off-by: Dick Olsson <hi@senzilla.io>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-05-01 16:50:00 +02:00
Dick Olsson
db807a1452 package/s6-networking: bump to version 2.4.1.1
Change hash file indentation to 2 spaces.

https://www.mail-archive.com/skaware@list.skarnet.org/msg01579.html

Signed-off-by: Dick Olsson <hi@senzilla.io>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-05-01 16:49:31 +02:00
Dick Olsson
6066d67d05 package/s6-dns: bump to version 2.3.5.1
Change hash file indentation to 2 spaces.

https://www.mail-archive.com/skaware@list.skarnet.org/msg01579.html

Signed-off-by: Dick Olsson <hi@senzilla.io>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-05-01 16:49:10 +02:00
Dick Olsson
340f47b649 package/s6-linux-utils: bump to version 2.5.1.5
Change hash file indentation to 2 spaces.

https://www.mail-archive.com/skaware@list.skarnet.org/msg01579.html

Signed-off-by: Dick Olsson <hi@senzilla.io>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-05-01 16:48:48 +02:00
Dick Olsson
92fb4ed491 package/s6-portable-utils: bump to version 2.2.3.2
Change hash file indentation to 2 spaces.

https://www.mail-archive.com/skaware@list.skarnet.org/msg01579.html

Signed-off-by: Dick Olsson <hi@senzilla.io>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-05-01 16:48:03 +02:00
Dick Olsson
dac412acfd package/s6-rc: bump to version 0.5.2.2
Change hash file indentation to 2 spaces.

https://www.mail-archive.com/skaware@list.skarnet.org/msg01579.html

Signed-off-by: Dick Olsson <hi@senzilla.io>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-05-01 16:47:02 +02:00
Dick Olsson
650aa24671 package/s6: bump to version 2.10.0.3
Change hash file indentation to 2 spaces.

https://www.mail-archive.com/skaware@list.skarnet.org/msg01579.html

Signed-off-by: Dick Olsson <hi@senzilla.io>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-05-01 16:46:14 +02:00
Dick Olsson
1c0daf5186 package/execline: bump to version 2.8.0.1
https://www.mail-archive.com/skaware@list.skarnet.org/msg01579.html

Signed-off-by: Dick Olsson <hi@senzilla.io>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-05-01 16:45:33 +02:00
Dick Olsson
662355082a package/skalibs: bump to version 2.10.0.3
- Remove upstream patch that has been committed
- Change hash file indentation to 2 spaces

https://www.mail-archive.com/skaware@list.skarnet.org/msg01579.html

Signed-off-by: Dick Olsson <hi@senzilla.io>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-05-01 16:44:52 +02:00
Dick Olsson
d87e069d98 package/s6-networking: support building with bearssl
Signed-off-by: Dick Olsson <hi@senzilla.io>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-05-01 16:37:36 +02:00
Charles Hardin
421bcc8470 package/imx-uuc: bump version and enable for i.MX8 architecture
The imx-uuc package was only selectable on 32-bit arm targets; this
patch allows aarch64 targets such as i.MX8 to select the package
and use the ufb for fastboot support against the mfgtools "uuu".

Also bumping to latest upstream commit before uuc is removed from the
standard build, from
    https://github.com/NXPmicro/imx-uuc

Tested on i.MX8QXP.

Signed-off-by: Charles Hardin <ckhardin@gmail.com>
Reviewed-by: Gary Bisson <gary.bisson@boundarydevices.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-05-01 15:23:09 +02:00
Peter Seiderer
27b30ee742 package/libtomcrypt: update home page URL to https
- update home page URL to https

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-05-01 15:16:44 +02:00
Fabrice Fontaine
19ec872f16 package/dmalloc: needs -fPIC
Drop first patch and pass -fPIC to configure to fix the following build
failure on ARC:

ERROR: architecture for "/usr/lib/libdmalloc.so" is "ARCompact", should be "ARCv2"
ERROR: architecture for "/usr/lib/libdmallocth.so" is "ARCompact", should be "ARCv2"
ERROR: architecture for "/usr/lib/libdmallocthcxx.so" is "ARCompact", should be "ARCv2"
ERROR: architecture for "/usr/lib/libdmallocxx.so" is "ARCompact", should be "ARCv2"

This build failure is due to the following configure error:

checking shared library link args... ./configure: line 4467: 10229 Segmentation fault      ( ${LD-ld} -shared --whole-archive -soname conftest.so -o conftest.so.t conftest.a ) 2>&5
/home/buildroot/autobuild/run/instance-0/output-1/host/bin/arc-buildroot-linux-gnu-ld -G -o $@.t

This configure error is due to missing -fPIC:

configure:4392: checking shared library link args
configure:4398: /home/buildroot/autobuild/run/instance-0/output-1/host/bin/arc-buildroot-linux-gnu-gcc -c -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64  -Os -g2  -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 conftest.c >&5
configure:4404: $? = 0
configure:4408: test -z
			 || test ! -s conftest.err
configure:4411: $? = 0
configure:4414: test -s conftest.o
configure:4417: $? = 0
/home/buildroot/autobuild/run/instance-0/output-1/host/bin/arc-buildroot-linux-gnu-ld: conftest.a(conftest.o): relocation R_ARC_32_ME against `__stack_chk_guard' can not be used when making a shared object; recompile with -fPIC
/home/buildroot/autobuild/run/instance-0/output-1/host/bin/arc-buildroot-linux-gnu-ld: BFD (GNU Binutils) 2.33.50.20191002 assertion fail elf32-arc.c:1805
/home/buildroot/autobuild/run/instance-0/output-1/host/bin/arc-buildroot-linux-gnu-ld: unrecognized option '-all'
/home/buildroot/autobuild/run/instance-0/output-1/host/bin/arc-buildroot-linux-gnu-ld: use the --help option for usage information
configure:4475: result: /home/buildroot/autobuild/run/instance-0/output-1/host/bin/arc-buildroot-linux-gnu-ld -G -o $@.t

Fixes:
 - http://autobuild.buildroot.org/results/65677d889c27649e1f3ca1f3b6c70df7c89779f6

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-05-01 15:04:30 +02:00
Gleb Mazovetskiy
7333207eaf Fix -latomic for CMake packages
The poppler package failed to build for me with errors such as this one:

    host/aarch64-buildroot-linux-gnu/include/c++/10.3.0/cstdlib:75:15: fatal error: stdlib.h: No such file or directory
       75 | #include_next <stdlib.h>
          |               ^~~~~~~~~~

Changing the CMake option to a link-specific one fixes the issue.

Also change other packages with the same issue: cutelyst, gerbera,
kf5-modemmanager-qt, kodi and wampcc.

Signed-off-by: Gleb Mazovetskiy <glex.spb@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-05-01 15:00:18 +02:00
Peter Korsgaard
862609b389 package/bind: security bump to version 9.11.31
Fixes the following security issues:

- A malformed incoming IXFR transfer could trigger an assertion failure in
  named, causing it to quit abnormally.  (CVE-2021-25214)

- named crashed when a DNAME record placed in the ANSWER section during
  DNAME chasing turned out to be the final answer to a client query.
  (CVE-2021-25215)

- When a server's configuration set the tkey-gssapi-keytab or
  tkey-gssapi-credential option, a specially crafted GSS-TSIG query could
  cause a buffer overflow in the ISC implementation of SPNEGO (a protocol
  enabling negotiation of the security mechanism used for GSSAPI
  authentication).  This flaw could be exploited to crash named binaries
  compiled for 64-bit platforms, and could enable remote code execution when
  named was compiled for 32-bit platforms.  (CVE-2021-25216)

For more details, see the release notes:
https://downloads.isc.org/isc/bind9/9.11.31/RELEASE-NOTES-bind-9.11.31.html

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-05-01 14:57:33 +02:00
Charles Hardin
ea8c740008 package/imx-seco: use the c0 revision for the imx8qxp ahab image
Update the selection of the ahab container image to use based upon
a choice in the Config.in - there are multiple ASIC revisions that
use AHAB and the firmware images need to match. This extends the
support beyond a default image for just the imx8 amd imx8x based
upon the current contents of the imx-seco firmware extraction.

Files from 3.7.4:
    mx8dxla0-ahab-container.img
    mx8dxla1-ahab-container.img
    mx8qmb0-ahab-container.img
    mx8qxb0-ahab-container.img
    mx8qxc0-ahab-container.img

The original defaults prior to this patch were mx8qmb0 for IMX8
and mx8qxb0 for the IMX8X selections. However, this patch will
change the default selection of the IMX8X from the B0 option to
C0 because the IMX8X C0 HW variant is widespread and the current
release of hardware silicon. Because there are still B0's in
circulation an option is being kept for that as well.

Signed-off-by: Charles Hardin <ckhardin@gmail.com>
[yann.morin.1998@free.fr: 1 minor code style]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-05-01 14:55:59 +02:00
Peter Seiderer
d3a8ca9371 package/sane-backends: poppler-glib needs cairo
- poppler-glib depends on cairo (see poppler-0.84.0/CMakeLists.txt):

  185 else()
  186   set(CAIRO_FEATURE "#undef POPPLER_HAS_CAIRO")
  187   set(ENABLE_GLIB OFF)
  188 endif()

Fixes:

  - http://autobuild.buildroot.net/results/9a345f82c7a010f6b2a3361f25b14caefa9dcbef

  checking for POPPLER_GLIB... no
  configure: error: poppler-glib requested but not found

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-05-01 14:46:15 +02:00
Fabrice Fontaine
73d0da2dd6 package/python-rpi-ws281w: fix build with gcc 4.8
Fix build failure with gcc 4.8 which is raised since bump to version
4.2.6 in commit f21d46bf99

Fixes:
 - http://autobuild.buildroot.org/results/3d037922484bfc45d0f985f87b38f20c5a4ab064

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-05-01 14:41:11 +02:00
Fabrice Fontaine
d4f166d951 package/nginx: add libxcrypt optional dependency
Fix build failure on uclibc with libxcrypt which has been added in
commit 464bbe26ff

Fixes:
 - http://autobuild.buildroot.org/results/79a51b0d348e756517b5c9ce815a67f5c657e7e6

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-05-01 14:30:54 +02:00
Fabrice Fontaine
c5f3c6ff1a package/sox: fix static build with magic and bzip2
Update patch added by commit 183d583fb5 to
use pkg-config instead of linking with zlib to fix the following static
build failure with a bzip2-enabled libmagic:

/home/buildroot/autobuild/instance-1/output-1/host/opt/ext-toolchain/bin/../lib/gcc/arc-buildroot-linux-uclibc/9.3.1/../../../../arc-buildroot-linux-uclibc/bin/ld: /home/buildroot/autobuild/instance-1/output-1/host/arc-buildroot-linux-uclibc/sysroot/usr/lib/libmagic.a(compress.o): in function `uncompressbuf':
compress.c:(.text+0x422): undefined reference to `BZ2_bzDecompressInit'
/home/buildroot/autobuild/instance-1/output-1/host/opt/ext-toolchain/bin/../lib/gcc/arc-buildroot-linux-uclibc/9.3.1/../../../../arc-buildroot-linux-uclibc/bin/ld: compress.c:(.text+0x422): undefined reference to `BZ2_bzDecompressInit'

Fixes:
 - http://autobuild.buildroot.org/results/4c511c02e4c63b35ecf77a2658f88e8a0d9dbb4d

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-05-01 14:21:55 +02:00
Yann E. MORIN
bc2e555eb1 package/openjdk: drop patch left over after last bump
Commit 5871e278f8 (package/openjdk{, -bin}: security bump to version
11.0.11_9) forgot to account for the openjdk patch in the versioned
directory.

That patch was a collection of backports from upstream ,that are now all
present in 11.0.11+9, so drop that patch.

Fixes: 5871e278f8
Reported-by: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-05-01 08:57:08 +02:00
Tian Yuanhao
40dee9a19f package/e2fsprogs: add option for e2scrub
The e2scrib tool has various requirements:

  - e2scrub and its associated helpers, are bash scripts

  - e2scrub_all depends on coreutils' readlink; busybox readlink is
    missing some options:
        readlink: invalid option -- 'e'

  - by design, e2scrub only works on an LVM volume

Add an option to enable e2scrub. This is probably seldom used, so it
does not warrant the usual dance about BR2_PACKAGE_BUSYBOX_SHOW_OTHERS
and selecting the tools; we can just depend on the required tools.

Signed-off-by: Tian Yuanhao <tianyuanhao@aliyun.com>
Cc: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: James Hilliard <james.hilliard1@gmail.com>
[yann.morin.1998@free.fr:
  - add a kconfig option like for other tools
  - move the conditions to that new option
  - reword the commit log accordingly
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-05-01 00:02:11 +02:00
Bernd Kuhls
ac3234acd8 package/php: security bump version to 7.4.18
Changelog: https://www.php.net/ChangeLog-7.php#7.4.18

Release notes: https://www.php.net/releases/7_4_18.php

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-04-30 14:55:14 +02:00
Petr Vorel
a7dd48babc package/feh: bump version to 3.6.3
Signed-off-by: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-04-30 14:54:55 +02:00