Commit Graph

38079 Commits

Author SHA1 Message Date
Carlos Santos
6cbdaba3e1 util-linux: bump to v2.30.2
Release notes:
https://www.kernel.org/pub/linux/utils/util-linux/v2.30/v2.30.2-ReleaseNotes

Signed-off-by: Carlos Santos <casantos@datacom.ind.br>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-09-21 21:33:57 +02:00
Peter Korsgaard
3853675ae0 gdk-pixbuf: security bump to version 2.36.10
Fixes the following security issues:

CVE-2017-2862 - An exploitable heap overflow vulnerability exists in the
gdk_pixbuf__jpeg_image_load_increment functionality of Gdk-Pixbuf 2.36.6.  A
specially crafted jpeg file can cause a heap overflow resulting in remote
code execution.  An attacker can send a file or url to trigger this
vulnerability.

CVE-2017-2870 - An exploitable integer overflow vulnerability exists in the
tiff_image_parse functionality of Gdk-Pixbuf 2.36.6 when compiled with
Clang.  A specially crafted tiff file can cause a heap-overflow resulting in
remote code execution.  An attacker can send a file or a URL to trigger this
vulnerability.

CVE-2017-6311 - gdk-pixbuf-thumbnailer.c in gdk-pixbuf allows
context-dependent attackers to cause a denial of service (NULL pointer
dereference and application crash) via vectors related to printing an error
message.

The host version now needs the same workaround as we do for the target to
not pull in shared-mime-info.

Also add a hash for the license file while we're at it.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-09-21 21:32:23 +02:00
Baruch Siach
57f4efed79 flashrom: fix static build with uClibc
Define HAVE_STRNLEN to avoid local strnlen() definition.

Fixes:
http://autobuild.buildroot.net/results/7dc/7dc4298e3a07c73e03f70205516d68a0f4c2d297/
http://autobuild.buildroot.net/results/e36/e362848eb45f6b8100131361e6e5faa546f0bbd8/
http://autobuild.buildroot.net/results/69e/69ef10ec710f418b4d10c1edb4f2ce2e49b522bf/

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-09-21 21:30:27 +02:00
Bernd Kuhls
4fbc0c9b53 Update github hashes
It seems github now sometimes provides slightly changed tarballs which
produce a different sha256 hash than before. This commit fixes the
hashes of the packages when sources.buildroot.net does not store a copy
of the tarball matching the current hash.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-09-21 11:33:40 +02:00
Bernd Kuhls
48fcf6eaec package/samba4: security bump to version 4.6.8
Release notes:
https://www.samba.org/samba/history/samba-4.6.8.html

Fixes
- CVE-2017-12150 (SMB1/2/3 connections may not require signing where
  they should)
- CVE-2017-12151 (SMB3 connections don't keep encryption across DFS
  redirects)
- CVE-2017-12163 (Server memory information leak over SMB1)

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-09-21 09:24:39 +02:00
Andrey Smirnov
2753d6df3a package/zstd: Install tools into /usr/bin, not /usr/local/bin
Install tools into /usr/bin, not /usr/local/bin, since /usr/local/bin
is not in PATH by deafault.

[Peter: set PREFIX to /usr to really install into /usr/bin]
Signed-off-by: Andrey Smirnov <andrew.smirnov@gmail.com>
Tested-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-09-20 20:04:04 +02:00
Andrey Smirnov
6e6e8d37b5 package/python3: bump to 3.6.2
Bump Python3 version to 3.6.2.

Patches dropped:

"Support PGEN_FOR_BUILD and FREEZE_IMPORTLIB_FOR_BUILD"

Rationale: With commit 9d02f562961efd12d3c8317a10916db7f77330cc, code
generation step of building CPython now became explicit (instead of
always performed as a part of 'make' invocation) and more granular. We
no longer need to use Parser/pgen at all and tricking the build system
into using different Programs/_freeze_importlib can be done as a part
of recipe.

Additional info about the build change can be found at
https://bugs.python.org/issue23404

Signed-off-by: Andrey Smirnov <andrew.smirnov@gmail.com>
Tested-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-09-20 19:53:42 +02:00
Bernd Kuhls
847048c58d package/tvheadend: bump version
It seems github now sometimes provides slightly changed tarballs which
produce a different sha256 hash than before, this is the case for
tvheadend. Instead of fixing the hash lets bump to current HEAD and
hope that the new hash will be valid for a longer period of time ;)

Fixes
http://autobuild.buildroot.net/results/59a/59ad7940dcd498cd0aaec26c8497b21e64379a6f/

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-09-20 19:41:20 +02:00
Baruch Siach
b34d7b7674 zstd: bump to version 1.3.1
In this release zstd added the GPLv2 license and removed the PATENTS
clause (upstream commit 4f73b3b55d83b).

Cc: Andrey Smirnov <andrew.smirnov@gmail.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Tested-by: Andrey Smirnov <andrew.smirnov@gmail.com>
Tested-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-09-20 19:34:58 +02:00
Peter Korsgaard
8fca8c1551 chrony: bump version to 3.2
Also add a hash for the license file while we're at it.

[Peter: use tuxfamily.org URL for annoucement]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-09-20 19:33:01 +02:00
Peter Korsgaard
883eb058af chrony: add optional seccomp support
seccomp support has been available since chrony-2.2

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-09-20 19:31:17 +02:00
Baruch Siach
fd70d0b434 lcdproc: fix build with musl libc
Add a patch adding missing linux ioctl header.

Fixes:
http://autobuild.buildroot.net/results/58a/58a9b98d08060c6ed9e8855ba9f59d03aa2f3e2c/
http://autobuild.buildroot.net/results/5b2/5b2c1bc872cebc7aadf93995b71178bba29e0b25/
http://autobuild.buildroot.net/results/125/12594e613f8fc106e477411f76093654a084c01c/

Cc: Sven Haardiek <sven.haardiek@greenbone.net>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-09-20 19:22:55 +02:00
Jörg Krause
74ac045c80 augeas: security bump to version 1.8.1
Fixes CVE-2017-7555 - Augeas versions up to and including 1.8.0 are
vulnerable to heap-based buffer overflow due to improper handling of escaped
strings.  Attacker could send crafted strings that would cause the
application using augeas to copy past the end of a buffer, leading to a
crash or possible code execution.

[Peter: extend description]
Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-09-20 19:20:48 +02:00
Bernd Kuhls
f1e499b778 linux: bump default to version 4.13.3
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-09-20 19:19:17 +02:00
Bernd Kuhls
b4afe7a8cf linux-headers: bump 3.2.x and 4.{4, 9, 12, 13}.x series
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-09-20 19:19:02 +02:00
Bernd Kuhls
52529df15c package/softether: bump version
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-09-20 19:07:38 +02:00
Bernd Kuhls
7afb827d4b package/softether: update patch to remove renames
Since
https://git.buildroot.net/buildroot/commit/?id=85f11d08c387c200dbb59a8559f2ba62376689bf
buildroot refuses to apply patches that contain renames.

Fixes
http://autobuild.buildroot.net/results/223/2237b9ec78044678aac9e743318ce5dc01309ab7/

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-09-20 18:56:05 +02:00
Bernd Kuhls
7d06330d37 package/softether: fix hash
The tarball downloaded today from github does not match the checksum
which once was valid.

Comparing both
1e17c9bcfd/softether-1e17c9bcfd7e7b31756aa5389bcbff76c2c9c88a.tar.gz
http://sources.buildroot.net/softether-1e17c9bcfd7e7b31756aa5389bcbff76c2c9c88a.tar.gz
shows no differences in content.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-09-20 18:55:43 +02:00
Thomas Petazzoni
85f11d08c3 support/scripts/apply-patches.sh: do not apply patches with renames
Patches with renames apply properly with patch >= 2.7, but not with
older patch versions. Since "git format-patch" by default generates
patches with renames, Buildroot developers often don't realize that
their patches will not apply properly on build machines that have
patch < 2.7. In order to prevent such a situation from happening
again, this commit adds some logic in apply-patches.sh to refuse
applying patches that contain renames.

Note that just searching for '^rename' is not sufficient, since the
patch commit message may contain the words "rename from" or "rename to"
as well. Therefore, the grep expression is made as accurate as possible,
checking both.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Reviewed-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
[Arnout: spaces instead of tabs (suggested by Yann);
 extend commit message.]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2017-09-19 22:51:25 +02:00
Cam Hutchison
b55ff5a7cd toolchain: detect external glibc in merged /usr
When using an external toolchain that was built with Buildroot and a
merged /usr, the dynamic linker is actually in /usr/lib.

But the check_glibc macro limits the depth it is looking for the dynamic
linker, and misses it when it is in /usr/lib because it is too deep.

We could fix that in two ways: increase the depth in which we look
for it, or follow symlinks. We choose the second solution.

Signed-off-by: Cam Hutchison <camh@xdna.net>
Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Cc: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Cc: "Yann E. MORIN" <yann.morin.1998@free.fr>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2017-09-19 22:43:10 +02:00
Bernd Kuhls
23eae11e0b package/luvi: needs git submodules
Luvi bundles several libraries previously provided by the upstream
tarball. Since the tarball is not available anymore we need to fetch
the git submodules. Unbundling is very hard, and we anyway don't have
the bundled libraries in Buildroot.

Fixes
http://autobuild.buildroot.net/results/26d/26d04350a761d362f40e7bd1ac09b639d61de91a/

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Acked-by: "Jörg Krause <joerg.krause@embedded.rocks>"
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2017-09-19 22:42:34 +02:00
Bernd Kuhls
4226d09444 package/tvheadend: add optional support for rpi-userland
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2017-09-19 22:20:09 +02:00
Bernd Kuhls
14670c2ce2 package/tvheadend: add optional support for libva-accelerated transcoding
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2017-09-19 22:19:44 +02:00
Bernd Kuhls
7e0633439e package/tvheadend: bump version, add optional dependencies to opus & x265
This bump
54e63e3f9a...303f418e1a
updated the transcoding support already present:
014bb9505e

To avoid these build errors

src/transcoding/codec/codecs/libs/libx26x.c:105:18: fatal error: x264.h: No such file or directory
 #include <x264.h>

src/transcoding/codec/codecs/libs/libx26x.c:213:18: fatal error: x265.h: No such file or directory
 #include <x265.h>

src/transcoding/codec/codecs/libs/libopus.c:23:31: fatal error: opus/opus_defines.h: No such file or directory
 #include <opus/opus_defines.h>

we need to add dependency handling already with this patch and keep the
hard dependency x264 as minimum codec for transcoding but we now need
to enable BR2_PACKAGE_FFMPEG_GPL to enable x264-support also in ffmpeg.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2017-09-19 22:18:15 +02:00
Bernd Kuhls
a9a14dc435 package/tvheadend: add option to en-/disable transcoding support
014bb9505e
extended the already present transcoding support and included vaapi-
accelerated transcoding.

In order to support these new options and their numerous dependencies
we add a new Kconfig option for transcoding support to allow users to
disable transcoding support, because they use tvheadend for recording
or by its internal hts protocol, for example with the kodi-pvr-hts
addon.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2017-09-19 22:17:13 +02:00
Julien BOIBESSOT
907618af4d package/freescale-imx: add support for i.MX6UL
Mostly to compile imx-lib (providing libpxp) on i.MX6UL (which have a
PXP hardware unit) and to prevent compilation of imx-lib's modules not
supported on i.MX6UL.

Signed-off-by: Julien BOIBESSOT <julien.boibessot@armadeus.com>
Acked-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2017-09-19 22:16:05 +02:00
Gaël PORTAY
f9a52fad7b support/download: fix check_one_hash description
Function check_one_hash takes three arguments:
 - algo hash
 - known hash
 - file to hash

Signed-off-by: Gaël PORTAY <gael.portay@savoirfairelinux.com>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2017-09-19 22:11:30 +02:00
Joel Stanley
74c5081467 openipmi: bump to version 2.0.24
Some changes in addition to the version bump:

 - The uint32_t patch is now upstream
 - Drop --no-glib12 flag as support was removed in 2.0.23
 - The host library path patch was refreshed

Signed-off-by: Joel Stanley <joel@jms.id.au>
Reviewed-by: Bernd Kuhls <bernd.kuhls@t-online.de>
[Arnout: remove uint32_t patch from hash file]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2017-09-19 22:06:15 +02:00
Alexey Brodkin
8fbb91c3ac python-numpy: Bump to the most recent release 1.13.1
Note previously used location for releases on SourceForge is no longer
supported (latest tarball v1.11.2 available there is dated 2016-10-04)
so as other distros
(see, Fedora http://pkgs.fedoraproject.org/cgit/rpms/numpy.git/tree/numpy.spec?id=7013948f8ba073c69a91a545f0a0898cb62652fa#n22)
we get release tarball directly from GitHub.

Also note 0001-no-fenv-on-uclibc.patch was rebased on v1.13.1.

0002-Don-t-blindly-enable-frexpl-and-ldexpl-for-uClibc.patch is no
longer needed. Since https://github.com/numpy/numpy/pull/4852, there
is a wrapper for frexpl and ldexpl like for the other math functions.

Signed-off-by: Alexey Brodkin <abrodkin@synopsys.com>
Cc: Rahul Bedarkar <rahulbedarkar89@gmail.com>
Cc: Gwenhael Goavec-Merou <gwenhael.goavec-merou@trabucayre.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Cc: Peter Korsgaard <peter@korsgaard.com>
Reviewed-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
[Arnout: improve explanation of 0002-Don-t-blindly-enable-frexpl-and-ldexpl-for-uClibc.patch]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2017-09-19 22:06:15 +02:00
Bernd Kuhls
2960a94fba package/poppler: bump version to 0.59.0
Removed patch applied upstream:
https://cgit.freedesktop.org/poppler/poppler/commit/poppler/Form.h?id=a9581e624fa62b3905b790ac10d1349b1f96048a

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Acked-by: Olivier Schonken <olivier.schonken@gmail.com>
Signed-off-by: Bernd Kuhls &lt;<a href="mailto:bernd.kuhls@t-online.de">bernd.kuhls@t-online.de</a>&gt;<br>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2017-09-19 22:06:15 +02:00
Bernd Kuhls
ec574bb3e9 package/poppler: fix libcurl support
BR2_PACKAGE_POPPLER_LIBCURL is not defined in poppler/Config.in.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Acked-by: Olivier Schonken <olivier.schonken@gmail.com>
Signed-off-by: Bernd Kuhls &lt;<a href="mailto:bernd.kuhls@t-online.de">bernd.kuhls@t-online.de</a>&gt;<br>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2017-09-19 22:06:15 +02:00
Baruch Siach
6a25fcd989 util-linux: add missing dynamic library dependency
Commit f52af61918 (util-linux: add menu items for login utilities)
forgot to propagate the !BR2_STATIC_LIBS dependency of linux-pam to
BR2_PACKAGE_UTIL_LINUX_LOGIN. Fix this.

Fixes:
http://autobuild.buildroot.net/results/e47/e472891a656e40f33081d9a5db1b1b6d71c1389f/
http://autobuild.buildroot.net/results/9e4/9e443720ca247292ea612851962c611a9bcd3450/
http://autobuild.buildroot.net/results/88f/88f4cecd7e2844701b0e75279c112e37283fc7f9/

Cc: Carlos Santos <casantos@datacom.ind.br>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Reviewed-by: Carlos Santos <casantos@datacom.ind.br>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2017-09-19 22:06:15 +02:00
Bernd Kuhls
79bff32405 package/libebur128: bump version to 1.2.2, add hash
Upstream removed the speex dependency:
54d61fd072

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-09-19 22:01:13 +02:00
Peter Korsgaard
d759d70acc cmake: expose the host variant in menuconfig
With the addition of the sdk support it may be interesting to build
host-cmake even though no packages need it, so expose it in menuconfig.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Acked-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2017-09-19 21:44:28 +02:00
Peter Korsgaard
304c93cdfb xen: add upstream post-4.9.0 security fixes
Fixes the following security issues:

XSA-226: multiple problems with transitive grants (CVE-2017-12135)
XSA-227: x86: PV privilege escalation via map_grant_ref (CVE-2017-12137)
XSA-228: grant_table: Race conditions with maptrack free list handling
         (CVE-2017-12136)
XSA-230: grant_table: possibly premature clearing of GTF_writing /
         GTF_reading (CVE-2017-12855)
XSA-231: Missing NUMA node parameter verification (CVE-2017-14316)
XSA-232: Missing check for grant table (CVE-2017-14318)
XSA-233: cxenstored: Race in domain cleanup (CVE-2017-14317)
XSA-234: insufficient grant unmapping checks for x86 PV guests
         (CVE-2017-14319)
XSA-235: add-to-physmap error paths fail to release lock on ARM

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Reviewed-by: Alistair Francis <alistair.francis@xilinx.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2017-09-19 21:44:28 +02:00
Peter Korsgaard
7eb21b66cf pkgconf: expose the host variant in menuconfig
With the addition of the sdk support it may be interesting to build
host-pkgconf even though no packages need it, so expose it in menuconfig.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2017-09-19 21:44:28 +02:00
Peter Korsgaard
13cb944aab pkgconf: update upstream URL in Config.in
The download location got changed two years ago when the version was bumped
to 0.9.12, but the upstream URL in Config.in wasn't updated.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2017-09-19 21:44:28 +02:00
Bernd Kuhls
6d24caf0cd package/apache: add patch to fix CVE-2017-9798
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2017-09-19 21:44:28 +02:00
Bernd Kuhls
dab996309e package/libinput: bump version to 1.8.2
Added all hashes applied upstream.

Renamed configure option -event-gui to -debug-gui after upstream commit
https://cgit.freedesktop.org/wayland/libinput/commit/configure.ac?h=1.8-branch&id=a69294251df92e818f695cd2456c8eb860e02522

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-09-19 16:01:53 +02:00
Bernd Kuhls
9d71b8978a package/proxychains-ng: security bump to version 4.11
Version 4.9 fixes CVE-2015-3887:
https://github.com/rofl0r/proxychains-ng/issues/60

Added md5 & sha1 hashes provided by upstream.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-09-19 16:01:37 +02:00
Naoki Matsumoto
9e07224ee9 DEVELOPERS: Remove email at pcre2
I'm going to leave current company and
this mail address is going to become invalid.

Signed-off-by: Naoki Matsumoto <n-matsumoto@melcoinc.co.jp>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-09-19 14:49:43 +02:00
Bernd Kuhls
ef77600279 package/x11r7/xdriver_xf86-input-libinput: bump version to 0.26.0
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-09-19 14:12:58 +02:00
Bernd Kuhls
e25705ffa9 package/{mesa3d, mesa3d-headers}: bump version to 17.2.1
Added all hashes provided by upstream.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-09-19 14:04:55 +02:00
Luca Ceresoli
e10e4d19e3 docs/manual: fix typo
Signed-off-by: Luca Ceresoli <luca@lucaceresoli.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-09-19 14:03:47 +02:00
Peter Korsgaard
f87138339b cmake: explicitly disable openssl support for host-cmake
host-cmake will optionally link with openssl for the embedded copy of
libarchive if available, leaking host dependencies and possibly causing
build issues in case of compatibility issues - E.G. the host-cmake version
we have in 2017.02.x doesn't build against openssl-1.1.0+:

https://github.com/libarchive/libarchive/issues/810

The openssl support in libarchive is unlikely to be needed, so explicitly
disable it.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-09-19 14:00:38 +02:00
Bernd Kuhls
c476094892 package/openal: bump version to 1.18.1
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-09-17 18:53:02 +02:00
Bernd Kuhls
48fec2f39f package/bluez5_utils: security bump version to 5.47
Fixes CVE-2017-1000250 - All versions of the SDP server in BlueZ 5.46 and
earlier are vulnerable to an information disclosure vulnerability which
allows remote attackers to obtain sensitive information from the bluetoothd
process memory.  This vulnerability lies in the processing of SDP search
attribute requests.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-09-17 18:52:22 +02:00
Sergio Prado
5323a83e73 stella: fix error when building with uClibc-ng
The uClibc-ng C library defines a type called R0 that conflits with a
global variable called R0 from PaddleReader.cxx.

src/emucore/tia/PaddleReader.cxx:25:3: error: ‘constexpr const double R0’ redeclared as different kind of symbol
   R0 = 1.5e3,
   ^

/home/sprado/workspace/build/buildroot/build/stella_uclibc/host/arm-buildroot-linux-uclibcgnueabi/sysroot/usr/include/sys/ucontext.h:42:3:note: previous declaration ‘<anonymous enum> R0’
   R0 = 0,
   ^~

So let's redefine R0 as a private member of the PaddleReader class.

This patch has already been accepted upstream [1] and should be removed in
the next version bump.

[1] 391601d238

Fixes:

http://autobuild.buildroot.net/results/9ab5772f01236eaa7def66a2f443f13efca8c34c
http://autobuild.buildroot.net/results/5a4a194fe85e04ab31b146367c5a45e4f7688fca
http://autobuild.buildroot.net/results/31f6bb3f5879d056fe152ca19b6b0367cc636212
...

Signed-off-by: Sergio Prado <sergio.prado@e-labworks.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-09-17 18:49:40 +02:00
Bernd Kuhls
24ca614e0c package/pinentry: bump version to 1.0.0
Removed patch applied upstream:
https://git.gnupg.org/cgi-bin/gitweb.cgi?p=pinentry.git;a=commitdiff;h=f0db3192463cccf4541820de36d985629c4df6ee

Added sha256 hash.

Added dependencies to libassuan & libgpg-error needed after
https://git.gnupg.org/cgi-bin/gitweb.cgi?p=pinentry.git;a=commit;h=302903f76b8d62b1e07219a203f7219cb3aff7d8

Removed CXXFLAGS added for gcc >= 5.x as noted by Thomas:
https://git.buildroot.net/buildroot/commit/package/pinentry?id=9694305ae0b2a7dbdcc74e2c646d392ceed9876f

Renamed configure option -pinentry-qt4 to -pinentry-qt after
https://git.gnupg.org/cgi-bin/gitweb.cgi?p=pinentry.git;a=commit;h=abb59f50abf698ff1e56490fb39bcc98c26ab44b
Qt5 support, also added by this upstream commit, will be added to this
package with a subsequent commit.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-09-17 18:40:56 +02:00
Bernd Kuhls
1cf1b98de6 package/imagemagick: security bump to version 7.0.7-1
Quoting CVE-related issues from
https://github.com/ImageMagick/ImageMagick/blob/master/ChangeLog

2017-07-29 7.0.6-5 Glenn Randers-Pehrson <glennrp@image...>
  * Fix improper use of NULL in the JNG decoder (CVE-2017-11750, Reference
    https://github.com/ImageMagick/ImageMagick/issues/632).

2017-07-24 7.0.6-4 Cristy <quetzlzacatenango@image...>
  * Fixed numerous memory leaks (reference
    https://github.com/ImageMagick/ImageMagick/issues) including
    https://github.com/ImageMagick/ImageMagick/issues/618 (CVE-2017-12676).

2017-07-23  7.0.6-3 Glenn Randers-Pehrson <glennrp@image...>
  * Fix memory leaks when reading a malformed JNG image:
    https://github.com/ImageMagick/ImageMagick/issues/600 (CVE-2017-13141),
    https://github.com/ImageMagick/ImageMagick/issues/602 (CVE-2017-12565).

2017-07-19 7.0.6-2 Cristy <quetzlzacatenango@image...>
  * coders/png.c: fixed memory leak of quantum_info (CVE-2017-11539, reference
    https://github.com/ImageMagick/ImageMagick/issues/582
  * coders/png.c: fixed NULL dereference when trying to write an empty MNG
    (CVE-2017-11522, reference
    https://github.com/ImageMagick/ImageMagick/issues/586).

2017-06-22  7.0.6-1 Glenn Randers-Pehrson <glennrp@image...>
  * Stop a memory leak in read_user_chunk_callback() (reference
    https://github.com/ImageMagick/ImageMagick/issues/517,
    CVE 2017-11310).

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-09-17 18:37:03 +02:00