Commit Graph

53047 Commits

Author SHA1 Message Date
Sergio Prado
d360755aed package/check: bump version to 0.15.0
Also separate the fields in the hash file by two spaces.

Signed-off-by: Sergio Prado <sergio.prado@e-labworks.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-07-12 00:00:31 +02:00
Lyle Franklin
c94794175f package/jq: bump version to a17dd32
Bump jq package to latest to fix seg fault errors reported at
https://github.com/stedolan/jq/issues/2003

Signed-off-by: Lyle Franklin <lylejfranklin@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-07-11 23:59:41 +02:00
Sergio Prado
c2ad9937b0 package/ccid: bump version to 1.4.33
Also separate the fields in the hash file by two spaces.

Signed-off-by: Sergio Prado <sergio.prado@e-labworks.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-07-11 23:52:42 +02:00
Francois Perrad
a5e71f722d package/vsftpd: add systemd unit
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-07-11 23:51:25 +02:00
Bernd Kuhls
568ed934a0 package/ffmpeg: bump version to 4.3.1
Changelog:
http://git.videolan.org/?p=ffmpeg.git;a=blob;f=Changelog;h=be7588bbbf6d0568282a057e858d9aa694388e85;hb=refs/heads/release/4.3

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-07-11 23:50:49 +02:00
Heiko Thiery
52e9d6e13b package/aumix: add debian patch for fixing build with gcc 10
Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-07-11 23:50:13 +02:00
Bernd Kuhls
ad9125d7a3 package/tor: bump version to 0.4.3.6
Release notes for 0.4.3.5: https://blog.torproject.org/node/1872
"Tor 0.4.3.5 is the first stable release in the 0.4.3.x series."

Release notes for 0.4.3.6: https://blog.torproject.org/node/1900

The fix for CVE-2020-15572 "Fix a crash due to an out-of-bound memory
access when Tor is compiled with NSS support" does not affect buildroot
because we do not support building tor with libnss.

Rebased patch 0001.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-07-11 23:47:27 +02:00
Bernd Kuhls
d3ded3f26d package/libcec: bump version to 4.0.7
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-07-11 23:46:10 +02:00
Stephane Viau
fad2df39b9 package/freescale-imx/firmware-imx: clarify installation of firmware files
The newly introduced BR2_PACKAGE_FIRMWARE_IMX_NEEDS_xxx symbols are
used in lieu of the SoC type when installing images or binaries on
target.

Suggested-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Stephane Viau <stephane.viau@oss.nxp.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-07-11 22:39:03 +02:00
Stephane Viau
00cb4267a1 package/freescale-imx/firmware-imx: add options for all i.MX FW needs
Some SoCs need a HDMI FW for their bootloader, some other require
EPDC, SDMA and/or VPU.

Instead of trying to "guess" what firmware images need to be installed
in firmware-imx.mk, let the Config framework do the job and allow each
SoC to pick what firmware they need.

Note that this patch should also help introducing an eventual DP FW,
as Gary mentioned in a separate thread [1].

[1] http://lists.busybox.net/pipermail/buildroot/2020-May/283181.html

Suggested-by: Yann E. MORIN <yann.morin.1998@free.fr>
Suggested-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Stephane Viau <stephane.viau@oss.nxp.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-07-11 22:38:58 +02:00
Stephane Viau
dbb9568626 package/freescale-imx: move DDR FW choice down to firmware-imx package
The DDR FW along with all other FW code that need to be used in
bootloader or installed on target are related to the firmware-imx
package.

This patch does this job as well as fixing the conjugation of NEED*s*
in the symbol name. Also take advantage of this patch to make the DDR
FW dependant on BR2_PACKAGE_FIRMWARE_IMX.

In addition, the BR2_PACKAGE_FIRMWARE_DDRFW_* option was incorrect, as
there is no package matching this name. So we rename them to
BR2_PACKAGE_FIRMWARE_IMX_*, and add the appropriate Config.in.legacy
handling.

Suggested-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Stephane Viau <stephane.viau@oss.nxp.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-07-11 16:26:44 +02:00
Stephane Viau
fa0c1e0506 package/freescale-imx/firmware-imx: fix sdma/vpu firmware install path
In a patch set that did not get in for other reasons, Sebastien proposed
to fix the install path directory of the sdma and vpu firmware code [1]:

	"Mainline and NXP kernels expect the sdma firmware to be in
	/lib/firmware/imx/sdma so fix the install path [...]"

By looking at the code, I believe this is correct even though I have no
means to test it.

[1] http://lists.busybox.net/pipermail/buildroot/2020-June/284875.html

Suggested-by: Sébastien Szymanski <sebastien.szymanski at armadeus.com>
Signed-off-by: Stephane Viau <stephane.viau@oss.nxp.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-07-11 16:11:24 +02:00
Maeva Manuel
ee10b70ead configs/freescale_imx8qxpmek: bump BSP components to version 5.4.24_2.1.0
Tested-by: Maeva Manuel <maeva.manuel@oss.nxp.com>
Signed-off-by: Maeva Manuel <maeva.manuel@oss.nxp.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-07-11 16:07:41 +02:00
Maeva Manuel
69110be470 configs/freescale_imx8qmmek: bump BSP components to version 5.4.24_2.1.0
Tested-by: Maeva Manuel <maeva.manuel@oss.nxp.com>
Signed-off-by: Maeva Manuel <maeva.manuel@oss.nxp.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-07-11 16:07:38 +02:00
Adrian Perez de Castro
fa1185412e package/webkitgtk: security bump to version 2.28.3
This is a minor release which provides fixes for CVE-2020-9800,
CVE-2020-9802, CVE-2020-9803, CVE-2020-9805, CVE-2020-9806,
CVE-2020-9807, CVE-2020-9843, CVE-2020-9850, and CVE-2020-13753.

Updating from 2.28.2 also brings in the usual batch of fixes, including
important improvements to threading in the media player. Full release
notes can be found at:

  https://webkitgtk.org/2020/07/09/webkitgtk2.28.3-released.html

A detailed security advisory can be found at:

  https://webkitgtk.org/security/WSA-2020-0006.html

Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-07-11 16:00:00 +02:00
Adrian Perez de Castro
aa2c6cfd31 package/wpewebkit: security bump to version 2.28.3
This is a minor release which provides fixes for CVE-2020-9800,
CVE-2020-9802, CVE-2020-9803, CVE-2020-9805, CVE-2020-9806,
CVE-2020-9807, CVE-2020-9843, CVE-2020-9850, and CVE-2020-13753.

Updating from 2.28.2 also brings in the usual batch of fixes, including
important improvements to threading in the media player. Full release
notes can be found at:

  https://wpewebkit.org/release/wpewebkit-2.28.3.html

A detailed security advisory can be found at:

  https://wpewebkit.org/security/WSA-2020-0006.html

Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-07-11 15:59:21 +02:00
Bernd Kuhls
a6a500bb99 package/php: bump version to 7.4.8
Quoting https://www.php.net/
"For windows users running an official build, this release contains a
 patched version of libcurl addressing CVE-2020-8159.

For all other consumers of PHP, this is a bug fix release."

Changelog: https://www.php.net/ChangeLog-7.php#7.4.8

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-07-11 15:58:00 +02:00
Romain Naour
5cb0bae4bf board/qemu/aarch64-virt/linux.config: enable VIRTIO_FS driver
virtio-fs allow sharing a directory between the host and the guest.
It require virtiofsd daemon running before starting Qemu.

The wiki [1] recommand to enable the following kernel options:

      CONFIG_VIRTIO
      CONFIG_VIRTIO_FS
      CONFIG_DAX
      CONFIG_FS_DAX
      CONFIG_DAX_DRIVER
      CONFIG_ZONE_DEVICE

But virtio-fs works fine with only VIRTIO_FS.

Note: ZONE_DEVICE can only be enabled on aarch64 since kernel >= 5.7.
ARCH_ENABLE_MEMORY_HOTREMOVE support is missing for previous kernel [2].

[1] https://virtio-fs.gitlab.io/howto-qemu.html
[2] https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=bbd6ec605c0fc286c3f8ce60b4ed44635361d58b

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-07-11 15:54:17 +02:00
Romain Naour
532bc00153 board/qemu/aarch64-virt/linux.config: enable TPM tis support
Qemu aarch64 virt machine support TPM using a swtmp [1] TPM emulator
provided on the qemu command line [2].

[1] https://github.com/stefanberger/swtpm/wiki
[2] https://git.qemu.org/?p=qemu.git;a=commitdiff;h=c294ac327ca99342b90bd3a83d2cef9b447afaa7

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-07-11 15:53:55 +02:00
Romain Naour
e69b87ae38 board/qemu/aarch64-virt/linux.config: enable ARM_SMMU_V3
>From [1]:
Support for implementations of the ARM System MMU architecture
version 3 providing translation support to a PCIe root complex.

ARM SMMU is supported since Qemu v3.0.0 [2].

ARM_SMMU_V3 can be enabled with: -M virt,iommu=smmuv3

dmesg:
arm-smmu-v3 9050000.smmuv3: ias 44-bit, oas 44-bit (features 0x00000305)
arm-smmu-v3 9050000.smmuv3: allocated 262144 entries for cmdq
arm-smmu-v3 9050000.smmuv3: allocated 131072 entries for evtq

[1] https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/tree/drivers/iommu/Kconfig?h=v5.4.42#n390
[2] https://git.qemu.org/?p=qemu.git;a=commitdiff;h=527773eeef9f2225370f9c17c35074b2ed0ced92

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-07-11 15:53:51 +02:00
Romain Naour
61f60debcb board/qemu/aarch64-virt/linux.config: enable QEMU firmware configuration (fw_cfg)
>From [1]:
This kernel option allow exporting of the QEMU firmware configuration (fw_cfg)
file entries via sysfs. Entries are found under /sys/firmware/fw_cfg when this
option is enabled and loaded.

Enable the suboption to allow the qemu_fw_cfg device to be initialized via the
kernel command line or using a module parameter.

[1] https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/tree/drivers/firmware/Kconfig?h=v5.4.42#n187

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-07-11 15:53:47 +02:00
Romain Naour
f1ace6570d board/qemu/aarch64-virt/linux.config: enable VIRTIO_GPU driver
This driver is intended to be used by mesa virgl Gallium on the guest.
virtio-gpu is enabled by adding "-device virtio-gpu-pci" on the qemu
command line.

It's detected by lspci and dmesg log:

$ lspci
00:01.0 Display controller: Red Hat, Inc. Virtio GPU (rev 01)

$ dmesg
virtio-pci 0000:00:01.0: enabling device (0000 -> 0002)
[drm] pci: virtio-gpu-pci detected at 0000:00:01.0
[drm] virgl 3d acceleration not supported by host
[drm] EDID support available.
[TTM] Zone  kernel: Available graphics memory: 51876 KiB
[TTM] Initializing pool allocator
[TTM] Initializing DMA pool allocator
[drm] number of scanouts: 1
[drm] number of cap sets: 0
[drm] Initialized virtio_gpu 0.1.0 0 for virtio2 on minor 0

The framebuffer interface fb0 is now present in /dev

$ ls /dev/fb*
/dev/fb0

See:
https://www.kraxel.org/blog/2019/09/display-devices-in-qemu/
https://at.projects.genivi.org/wiki/display/WIK4/GENIVI+Technical+Summit+Session+Content+2018?preview=%2F28412356%2F28412481%2F2018-10-11_GeniviBangalorTechSummit_Virtio_GPU.pdf

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-07-11 15:52:23 +02:00
Romain Naour
6fb7513a9c board/qemu/aarch64-virt/linux.config: enable PCIe and PCI host generic driver
Add the CONFIG_PCI symbol due a change in kernel 5.0 [1].
The option was previously enabled by default (default y).

"PCI: consolidate PCI config entry in drivers/pci

There is no good reason to duplicate the PCI menu in every architecture.
Instead provide a selectable HAVE_PCI symbol that indicates availability
of PCI support, and a FORCE_PCI symbol to for PCI on and the handle the
rest in drivers/pci."

Qemu aarch64 provide a PCIe Host bridge but it require CONFIG_PCI_HOST_GENERIC
enabled in the kernel.

With CONFIG_PCI_HOST_GENERIC enabled PCIe host bridge is detected:

$ dmesg
pci-host-generic 4010000000.pcie: host bridge /pcie@10000000 ranges:
pci-host-generic 4010000000.pcie:    IO 0x3eff0000..0x3effffff -> 0x00000000
pci-host-generic 4010000000.pcie:   MEM 0x10000000..0x3efeffff -> 0x10000000
pci-host-generic 4010000000.pcie:   MEM 0x8000000000..0xffffffffff -> 0x8000000000
pci-host-generic 4010000000.pcie: ECAM at [mem 0x4010000000-0x401fffffff] for [bus 00-ff]
pci-host-generic 4010000000.pcie: PCI host bridge to bus 0000:00
pci_bus 0000:00: root bus resource [bus 00-ff]
pci_bus 0000:00: root bus resource [io  0x0000-0xffff]
pci_bus 0000:00: root bus resource [mem 0x10000000-0x3efeffff]
pci_bus 0000:00: root bus resource [mem 0x8000000000-0xffffffffff]
pci 0000:00:00.0: [1b36:0008] type 00 class 0x060000

$ lspci
00:00.0 Host bridge: Red Hat, Inc. QEMU PCIe Host bridge

[1] https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=eb01d42a77785ff96b6e66a2a2e7027fc6d78e4a

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-07-11 15:52:03 +02:00
Romain Naour
a3bf339907 board/qemu/aarch64-virt/linux.config: add RTC PL031 driver
Qemu for the aarch64 virt emulate an RTC PL031 device.
Enable the kernel support to allow setting the system time.

"date" now return the current time:
Sun Jul  5 20:38:50 UTC 2020

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-07-11 15:51:44 +02:00
Romain Naour
e933fd5f8f board/qemu/aarch64-virt/linux.config: regenerate after kernel version bump
Regenerate the with savedefconfig.

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-07-11 15:51:39 +02:00
Sergio Prado
12fa98b34f package/cutelyst: bump version to 2.11.0
Also separate the fields in the hash file by two spaces.

Signed-off-by: Sergio Prado <sergio.prado@e-labworks.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-07-11 15:27:51 +02:00
Giulio Benetti
3025da1eaf package/libnspr: bump version to 4.26
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-07-11 15:27:19 +02:00
Bernd Kuhls
28628c9c0d package/{mesa3d, mesa3d-headers}: bump version to 20.1.3
Renumbered patches, rebased patch 0003.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-07-11 15:26:21 +02:00
Sergio Prado
aff4e474b3 package/babeld: bump version to 1.9.2
Also separate the fields in the hash file by two spaces.

Signed-off-by: Sergio Prado <sergio.prado@e-labworks.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-07-11 15:25:35 +02:00
Sergio Prado
809f548e79 package/dhcpcd: bump version to 9.1.4
Also separate the fields in the hash file by two spaces and change the
hash of the license file (copyright message changed from 2019 to 2020).

Signed-off-by: Sergio Prado <sergio.prado@e-labworks.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-07-11 15:25:03 +02:00
Sam Voss
a231f01e4b package/sqlite: security bump to version 3.32.3
Fixes the following CVEs:

- CVE-2019-19923 (Fixed in 3.31.0)

SQLite is vulnerable to denial-of-service condition because of a NULL
pointer dereferencing while handling `SELECT DISTINCT`statements.

- CVE-2019-19924 (Fixed in 3.31.0)

The SQLite mishandles certain SQL commands due to improper error
handling by ` sqlite3WindowRewrite() ` function.

- CVE-2020-13435 (Fixed in 3.32.1)

SQLite is vulnerable to denial-of-service (DoS) due to improper handling
of query rewriting. An attacker could exploit this vulnerability by
supplying a system with maliciously crafted input.

- CVE-2020-13632 (Fixed in 3.32.0)

SQLite is vulnerable to denial-of-service (DoS) due to improper pointer
management in the FTS3 virtual table module. An attacker could exploit
this vulnerability by supplying a system with maliciously crafted input.

- CVE-2020-13434 (Fixed in 3.32.1)

SQLite is vulnerable to denial-of-service (DoS) due to improper handling
of floating-point operations. An attacker could exploit this
vulnerability by supplying a system with maliciously crafted input.

- CVE-2020-13871 (Fixed in 3.32.3)

SQLite 3.32.2 has a use-after-free in resetAccumulator in select.c
because the parse tree rewrite for window functions is too late.

- CVE-2020-13630 (Fixed in 3.32.0)

SQLite is vulnerable to denial-of-service (DoS) due to a use after free
issue in the FTS3 virtual table module. An attacker could exploit this
vulnerability by supplying a system with maliciously crafted input.

- CVE-2020-15358 (Fixed in 3.32.3)

SQLite is vulnerable to a heap-based buffer overflow flaw in part of an
optimization feature. An attacker able to issue specially crafted
queries could cause the application to crash, resulting in a
denial-of-service (DoS).

- CVE-2020-9327 (Fixed in 3.32.0)

SQLite is vulnerable to a Null pointer dereference flaw. A remote
attacker able to issue specially crafted SQL statements may be able to
cause a segmentation fault and application crash, resulting in a
denial-of-service (DoS).

- CVE-2019-19645 (Fixed in 3.31.0)

It was discovered that SQLite contains an denial-of-service (DoS)
vulnerability. An attacker could exploit this to trigger an infinite
recursion resulting in excessive resource consumption leading to a DoS
condition.

- CVE-2019-19926 (Fixed in 3.31.0)

The SQLite allows denial-of-service attack due to improper input
validation of user-supplied input.

- CVE-2020-11655 (Fixed in 3.32.0)

SQLite contains a memory corruption vulnerability. Successfully
exploiting this issue may allow attackers to cause a denial-of-service
(DoS). This allows an attacker to cause SQLite to crash by issuing a
crafted SQL query to the database.

- CVE-2019-19925 (Fixed in 3.31.0)

The INSERT statement fails when the zip file path is `NULL`.

- CVE-2019-19242 (Fixed in 3.31.0)

SQLite is vulnerable to a denial-of-service (DoS). An attacker could
exploit this vulnerability by supplying a maliciously crafted query to
cause an application crash.

- CVE-2019-19244 (Fixed in 3.31.0)

SQLite is vulnerable to a denial-of-service. An attacker could exploit
this vulnerability by providing a crafted SELECT statement to the SQL
server, resulting in an application crash.

- CVE-2020-13631 (Fixed in 3.32.0)

SQLite is vulnerable to data manipulation due to improper management of
virtual tables. An attacker could exploit this vulnerability by
supplying a system with maliciously crafted input.

- CVE-2020-11656 (Fixed in 3.32.0)

SQLite contains a Use-After-Free vulnerability. Successfully exploiting
this issue may allow attackers to cause a denial-of-service (DoS). This
allows an attacker to cause SQLite to crash by issuing a crafted SQL
query to the database.

- CVE-2019-19880 (Fixed in 3.31.0)

SQLite is vulnerable to denial-of-service (DoS) due to the mismanagement
of memory resources. A remote attacker could cause a victim's instance
of the application to crash by submitting crafted request that will lead
to the application parsing problematic integer values.

- CVE-2019-20218 (Fixed in 3.31.0)

SQLite is vulnerable to denial-of-service (DoS) due to improper
exception handling which could lead to unwinding of the `WITH` stack
following parsing errors. An attacker could exploit this vulnerability
by supplying a system with maliciously crafted input.

- CVE-2019-19603 (Fixed in 3.31.0)

It was discovered that SQLite contains a denial-of-service (DoS)
vulnerability. An authenticated attacker could exploit this
vulnerability by creating tables with the same name as shadow table
names.

- CVE-2019-19959 (Fixed in 3.31.0)

SQLite is vulnerable to denial-of-service (DoS) due to the mismanagement
of system memory resources. A remote attacker could cause a victim's
instance of the application to crash by causing it to process a SQL
statement that references a maliciously crafted file name.

- CVE-2019-19646 (Fixed in 3.31.0)

SQLite is vulnerable to a denial-of-service (DoS). An attacker could
exploit this vulnerability by supplying malicious SQL in order to crash
the application.

- CVE-2019-19317 (Fixed in 3.31.0)

SQLite contains a denial-of-service (DoS) vulnerability due to incorrect
logic in name lookups. An attacker could exploit this to cause a
application crash.

Signed-off-by: Sam Voss <sam.voss@rockwellcollins.com>
CC: Peter Korsgard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-07-11 15:20:21 +02:00
Francois Perrad
832c39f022 package/luaossl: bump to version 20200709
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-07-11 15:18:32 +02:00
Bernd Kuhls
7b77a0687e package/libcec: downgrade to version 4.0.5
According to
https://github.com/Pulse-Eight/libcec/releases/tag/libcec-5.0.0
version 5.0.0 is "not compatible with Kodi 18.x. Please use libCEC
4.0.5 instead."

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-07-11 15:17:13 +02:00
Baruch Siach
645ecd0dcc package/libcurl: fix no-proxy build with bearssl and nss
Add two patches fixing build against BearSSL and NSS TLS implementations
when BR2_PACKAGE_LIBCURL_PROXY_SUPPORT is disabled.

Fixes:
http://autobuild.buildroot.net/results/4d37d9163bfece536974f15f16b2ebfc5fabc539/
http://autobuild.buildroot.net/results/387e8baa13d0f07ed4dfd5b6ee3b933d4843c0e8/

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2020-07-09 22:17:58 +02:00
Sergio Prado
aaf689903c package/dvb-apps: add hash file
Signed-off-by: Sergio Prado <sergio.prado@e-labworks.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2020-07-09 21:59:10 +02:00
Stefan Sørensen
838f67c27f package/gnutls: fix build with uClibc
Since v3.6.14 gnutls wants to use the 'e' flag with fopen to set the
O_CLOEXEC flags. Since this is a glibc extension, it will trigger a
gnulib override of fopen on non-glibc systems, but that override
breaks the uClibc stdio.h header.

Fixes:
http://autobuild.buildroot.org/results/02f/02f2b524add307c8f7cc1af1ed0783bb1baf029a

Signed-off-by: Stefan Sørensen <stefan.sorensen@spectralink.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-07-09 09:16:35 +02:00
James Hilliard
b6141b2aa1 package/libcamera: fix install staging typo
This won't enable install to staging unless capitalized.

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2020-07-07 23:04:18 +02:00
Kamel Bouhara
c5b5b5ccab package/zip: install to staging
Install header files and libraries into the staging area.

Signed-off-by: Kamel Bouhara <kamel.bouhara@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2020-07-07 22:58:39 +02:00
James Hilliard
6a3893e441 package/python-greenlet: enable build for x86_64
Commit 30f1decec2 (package/python-greenlet: enable only on supported
architectures) forgot to allow x86_64.

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
[yann.morin.1998@free.fr: split off the x86_64 support to its own patch]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2020-07-07 22:51:14 +02:00
James Hilliard
b29eadf903 package/python-greenlet: really enable for i386
Commit 30f1decec2 (package/python-greenlet: enable only on supported
architectures) mis-typed the architecture name fox 286-32: BR2_x86
doesn't exist in buildroot; it is BR2_i386.

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
[yann.morin.1998@free.fr:
  - just do the s/x86/i386/ fix for easy backport
  - x86_64 split off to its own patch
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2020-07-07 22:51:10 +02:00
Pierre-Jean Texier
b572e1478f package/libevent: bump to version 2.1.12
See full changelog https://raw.githubusercontent.com/libevent/libevent/release-2.1.12-stable/ChangeLog

And update hash file formatting (2 spaces).

Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io>
[yann.morin.1998@free.fr: drop md5, add sha256]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2020-07-07 22:32:24 +02:00
Francois Perrad
5506f62ae5 configs/olimex_a20_olinuxino_lime*: bump Linux and U-Boot versions
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2020-07-07 22:09:40 +02:00
Francois Perrad
e08fdf9bb0 package/luaposix: bump to version 35.0
LICENSE diff:
- Copyright (C) 2006-2019 luaposix authors
+ Copyright (C) 2006-2020 luaposix authors

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
[yann.morin.1998@free.fr: simplify help entry]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2020-07-07 22:06:28 +02:00
Ignacy Gawędzki
4fc87ffb50 package/angularjs: bump version to 1.8.0
Signed-off-by: Ignacy Gawędzki <ignacy.gawedzki@green-communications.fr>
[yann.morin.1998@free.fr: two spaces in hash file]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2020-07-07 22:01:30 +02:00
Santosh Multhalli
93271c9e02 package/valijson: bump version to 0.3
Signed-off-by: Santosh Multhalli <santosh.multhalli@rockwellcollins.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2020-07-07 21:57:12 +02:00
Chris Packham
52c6f3f084 syslog-ng: version bump to 3.28.1
Signed-off-by: Chris Packham <judge.packham@gmail.com>
[yann.morin.1998@free.fr: two spaces in hash file]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2020-07-07 21:55:39 +02:00
Giulio Benetti
23e3cffa75 package/sunxi-mali-mainline-driver: bump version
For 5.6 and 5.7 support.

git shortlog --invert-grep --grep=Travis --no-merges ec654ee9caeb0c4348caacd0cf5eb2730d1d70e2..
Jonathan Liu (2):
      mali: Fix build for 5.6
      mali: Fix build for 5.7

Maxime Ripard (3):
      Create travis.yml
      actions: Add feedparser to the host
      travis: Try to fix the push code

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
[yann.morin.1998@free.fr: two spaces in hash file]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2020-07-07 21:53:23 +02:00
Mylène Josserand
5b3994abeb DEVELOPERS: Update Mylene's email
Signed-off-by: Mylène Josserand <mylene.josserand@collabora.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2020-07-07 21:44:10 +02:00
Sergio Prado
208d3eb045 package/azure-iot-sdk-c: bump version to LTS_02_2020_Ref01
Also:

- Add missing hash file.
- Add new libraries to the install target.
- Apply patch to fix build with musl (MR sent upstream in [1]).
- Since there is no maintainer for this package, I can help maintain it,
so add the package to the DEVELOPERS file.

[1] https://github.com/Azure/azure-c-shared-utility/pull/456

Signed-off-by: Sergio Prado <sergio.prado@e-labworks.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-07-05 15:51:53 +02:00
Antoine Tenart
19063d043c package/refpolicy: enable systemd support
This patch enables systemd support in the refpolicy by turning on the
'SYSTEMD' policy build option when systemd is enabled in Buildroot. This
enables conditional rules in SELinux policy modules (by defining
'init_systemd'), to better support systemd.

Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-07-05 15:35:36 +02:00