Commit Graph

38079 Commits

Author SHA1 Message Date
Bernd Kuhls
0762015f14 package/w_scan: bump version to 20170107
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-10-31 22:56:07 +01:00
Francois Perrad
cb6759d36a perl-cross: bump to version 1.1.8
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-10-31 20:12:45 +01:00
Bernd Kuhls
de03ccb66f package/libdrm: bump version to 2.4.87
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-10-31 20:12:35 +01:00
Baruch Siach
d69946cd22 tmux: bump to version 2.6
Add license file hash.

Cc: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-10-31 20:11:56 +01:00
Baruch Siach
33cc29dac3 btrfs-progs: bump to version 4.13.3
Add a patch fixing build with musl.

Add license file hash.

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-10-31 20:11:25 +01:00
Baruch Siach
b44c395c0d sqlite: bump to version 3.21.0
Drop upstream patches.

Add license file hash.

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-10-31 20:11:08 +01:00
Baruch Siach
99a8cc1bef e2fsprogs: bump to version 1.43.7
Add license files hashes.

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-10-31 20:10:52 +01:00
Bartosz Golaszewski
078091b867 libgpiod: bump version to v0.3.2
Bug fix release:
- correctly handle signal interrupts when polling in gpiod_simple_event_loop()
- fix the linking order when building with static libraries
- pass the correct consumer string to gpiod_simple_get_value_multiple() in
  gpioget
- fix a line test case: don't use open-drain or open-source flags for input
  mode
- fix the flags passed to ar in order to supress a build warning
- set the last error code in gpiod_chip_open_by_label() to ENOENT if a chip
  can't be found

Signed-off-by: Bartosz Golaszewski <brgl@bgdev.pl>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-10-31 20:10:08 +01:00
Fabrice Fontaine
6c306f675f cjson: bump to version 1.6.0
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-10-31 20:09:53 +01:00
Bernd Kuhls
e8ba19ba60 package/git: bump version to 2.15.0
To avoid the build error

grep.c:(.text+0xa02): undefined reference to `pcre_jit_exec'

we need to add NO_LIBPCRE1_JIT=1 according to
https://www.spinics.net/lists/git/msg314515.html

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-10-31 20:09:20 +01:00
Jerzy Grzegorek
e41f4d239b package/dash: drop the default value of the DASH_SOURCE variable
Signed-off-by: Jerzy Grzegorek <jerzy.m.grzegorek@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-10-31 20:08:30 +01:00
Maksim Salau
7386925e2d swupdate: Fix SHA256 hash verification
swupdate 2017.07 has a bug which makes hash verification faulty.
The commit adds a patch to fix the issue. The fix has already been
pushed to upstream and is a copy of the commit
dba95dcd3739c604a81ffa2df2545e7a4cd430cf in the swupdate repo [1].

[1] https://github.com/sbabic/swupdate

Signed-off-by: Maksim Salau <msalau@iotecha.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-10-31 20:08:04 +01:00
Baruch Siach
1d3c611dee apr-util: security bump to version 1.6.1
Fixes CVE-2017-12618: Out-of-bounds access in corrupted SDBM database.

Switch to bz2 compressed tarball.

Use upstream provided SHA256 hash.

Add license hash.

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-10-30 20:43:40 +01:00
Baruch Siach
c91981a985 apr: security bump to version 1.6.3
Fixes CVE-2017-12613: Out-of-bounds array deref in apr_time_exp*()
functions.

Use upstream provided SHA256 hash.

Add license has.

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-10-30 20:43:39 +01:00
Fabrice Fontaine
3f7499471d libmediaart: bump to version 1.9.4
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-10-30 20:43:37 +01:00
Antoine Tenart
1a2a23a9a5 package/cryptodev-linux: bump to the latest version (0a54e38)
The build of the cryptodev-linux version used in Buildroot is currently
broken for kernels >= 4.13. A fix was pushed upstream:
f0d69774af

This patch bumps the cryptodev-linux package version to use the latest
available one, which includes the commit fixing the build for recent
kernels.

Signed-off-by: Antoine Tenart <antoine.tenart@free-electrons.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-10-30 20:43:36 +01:00
Fabrice Fontaine
29b3305cde domoticz: bump to version 3.8153
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-10-30 15:51:00 +01:00
Jerzy Grzegorek
ebe8538720 package/Config.in: fix alphabetical order
Signed-off-by: Jerzy Grzegorek <jerzy.m.grzegorek@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-10-30 09:54:46 +01:00
Baruch Siach
8333dedbde DEVELOPERS: add myself as interested in socat
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-10-30 09:54:37 +01:00
Peter Korsgaard
f71507d41b lvm2: make basic package available under musl
The basic lvm2 package (libdevmapper / dmsetup) does build under musl, only the
standard (full) installation doesn't.

Many setups only need the basic package, so move the !musl dependencies down
to the sub options and adjust the reverse dependencies (cryptsetup/dmraid)
to match.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
[Thomas: adjust Config.in comments and dependencies.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-10-29 20:55:25 +01:00
Scott Ellis
063b2a8121 package/python-pyqt5: fix build with Qt 5.6.3
This commit adds 5_6_3 to the Timeline patch that fixed the build with
Qt 5.6.2.

Signed-off-by: Scott Ellis <scott@jumpnowtek.com>
[Thomas: adjust patch existing patch description.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-10-29 20:46:43 +01:00
Jerzy Grzegorek
437d04b702 package/restorecond: indentation cleanup
Signed-off-by: Jerzy Grzegorek <jerzy.m.grzegorek@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-10-29 18:29:34 +01:00
Bernd Kuhls
2fe501818a package/libnfs: allow parallel build
Tested with BR2_JLEVEL=100.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-10-29 18:27:40 +01:00
Bernd Kuhls
271b8e19c6 package/libnfs: bump version to 2.0.0
Added license hash.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-10-29 18:25:59 +01:00
Bernd Kuhls
931899312e package/boinc: add optional dependency to freetype
No configure option present:
https://github.com/BOINC/boinc/blob/client_release/7.8/7.8.3/configure.ac#L497

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-10-29 18:21:51 +01:00
Fabrice Fontaine
6820ce4862 boinc: new package
Open-source software for volunteer computing and grid computing.

Use the idle time on your computer to cure diseases, study global
warming, discover pulsars, and do many other types of scientific
research.

https://boinc.berkeley.edu

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[Bernd:
- bumped to version 7.8.3
- removed patches which where applied upstream
- added myself to DEVELOPERS as well]
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-10-29 18:17:02 +01:00
Yann E. MORIN
73edec8943 package/libbsd: not available for ARC
libbsd has explicit, hard-coded checks about the architectures it can
work on, and ARC is not one of those.

We did not notice so far, because we only recently added support for
glibc on ARC (and only for a single variant) in 0633eb58a2 (toolchain:
add glibc support for ARCv2).

Add an explicit exclusion on arc.

Fixes:
    http://autobuild.buildroot.org/results/603baa77e95620ad1416e0d1dc4202c334801efc
    http://autobuild.buildroot.org/results/8a2ee5431501615cb150233e6d7bc9e7c3c5c1eb
    http://autobuild.buildroot.org/results/ea52364f536485ff4e43e3bc37f2175eb6178c5a
    http://autobuild.buildroot.org/results/32581f7a79372b525e4ad21e029ff0ede743ba94

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Evgeniy Didin <Evgeniy.Didin@synopsys.com>
Cc: Alexey Brodkin <abrodkin@synopsys.com>
Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-10-29 18:16:04 +01:00
Baruch Siach
e697d86d55 socat: bump down to version 1.7.3.2
Upstream socat2 branch seems to be dead. Last commit is from January
2016 . Over the last few years socat2 received only fixes cherry picked
from the master 1.x branch. Most major general purpose distros only
package socat 1.x.

Drop the threads dependency; not needed for 1.x.

Mention the OpenSSL exception in the license. Add hashes for license
files.

Correct the autoconf comment. The tarball configure script is recent
enough. But since we patch configure.in and Makefile.in we still need to
autoconf.

All patches we carry for socat2 are also needed for socat 1.x.

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-10-29 15:51:20 +01:00
Yann E. MORIN
88134135fc package/glibc: switch to using the maintenance branch
glibc upstream has ruled against doing regular point-releases, but they
do have a lot of interesting and important fixes for regressions and
security.

Backporting each patch, or cherry-picking individual patches is off
limits for us, so we just switch to using the currently-latest HEAD of
the maintenance branch instead.

The version number is obtained with:
    $ git describe --match 'glibc-*' --abbrev=40 origin/release/2.26/master

The alternative options were:
  - download the tarball from the git tree
    --> does not work; not an option
  - download the 2.26 tarball, and bundle the individual patches in
    Buildroot
    --> maintenance of patches is a burden; not an option
  - download the 2.26 tarball, maintain the list of patches to download from
    the git tree
    --> not an option for the same reason

So we end up just doing a git clone. The git tree is today about ten
times the size of the tarball, so a rough estimate makes it at about ten
times the download time.

Also upstream doesn't officially provide an https download location [1].
There is one but it's not reliable, sometimes the connection time out and
end-up with a corrupted git repo:

fatal: unable to access 'https://sourceware.org/git/glibc.git/': Failed to connect to sourceware.org port 443: Connection timed out

So switch to using a git mirror from github which is updated once a day [2].
This allow at the same time to clone the git repository faster.

Note: The glibc 2.26 patches are not kept for the arc toolchain since they
are fixing an issue with the new float128 support introduced in x86, x86_64
and powerpc64le.

[1] https://sourceware.org/git/?p=glibc.git;a=summary
[2] https://github.com/bminor/glibc.git

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Romain Naour <romain.naour@openwide.fr>
Cc: Peter Korsgaard <peter@korsgaard.com>
Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Cc: Evgeniy Didin <didin@synopsys.com>
CC: Alexey Brodkin <abrodkin@synopsys.com>
[Romain: bump 4b692dffb95ac4812b161eb6a16113d7e824982e]
Signed-off-by: Romain Naour <romain.naour@gmail.com>
[yann.morin.1998@free.fr: update comment to never decide on the mirror]
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Reviewed-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-10-29 15:49:58 +01:00
Romain Naour
27936318ae package/glibc: remove mips r6 nan208 hook
This hook is not needed since glibc 2.23 [1] and can be safely removed.

[1] https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=d5f2798a0ac9d5ad8ad7a506a2f840035135e2d2

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-10-29 15:47:31 +01:00
Bernd Kuhls
b7826807d1 package/tvheadend: transcoding depends on ffmpeg
Commit
https://git.buildroot.net/buildroot/commit/package/tvheadend?id=a9a14dc4357d32f705a52a5da73c782576ce6bc8
forgot to add the reverse dependency from ffmpeg.

Fixes
http://autobuild.buildroot.net/results/91a/91a08e63690421a0c197e987af15e91e78afb96f/

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-10-29 15:45:40 +01:00
Adam Duskett
c78e12f5ad boost: add help messages to libraries
All of the help messages come from http://www.boost.org/doc/libs/1_65_1/

Signed-off-by: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-10-29 15:41:03 +01:00
Adam Duskett
a43ddc79fe boost: add option for the stacktrace library
stacktrace requires dynamic library support, which was causing the
following build errors:

http://autobuild.buildroot.net/results/692ffad93a7bd867ecc7ccbfc8c6280735d29435/
http://autobuild.buildroot.net/results/6058ece804889abaaab0a29258e1de2904162d26/
http://autobuild.buildroot.net/results/12df9b345a90a4e011b8bb4cb1d1ef1c2c7040c0/
http://autobuild.buildroot.net/results/7473c433e93b3e785e44d9868fec517437f59847/

Adding an option for it allows to have it disabled by default, and
make sure it only gets enabled when shared library support is
available.

Signed-off-by: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-10-29 15:40:36 +01:00
Peter Korsgaard
765453a278 docs/website: update for 2017.02.7
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-10-28 21:26:15 +02:00
Peter Korsgaard
8b0dd65de8 Update for 2017.02.7
[Peter: drop Makefile changes]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 05a2e38af2)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-10-28 21:23:15 +02:00
Jerzy Grzegorek
5868ab5f22 package/util-linux: drop _VERSION_MINOR variable
Signed-off-by: Jerzy Grzegorek <jerzy.m.grzegorek@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-10-28 14:24:55 +02:00
Bernd Kuhls
8c3af6bbff package/libdrm: bump version to 2.4.85
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-10-28 14:21:29 +02:00
Bernd Kuhls
4b414ebe4e package/ffmpeg: bump version to 3.3.5
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-10-28 14:20:02 +02:00
Bernd Kuhls
8c4a432185 package/php: bump version to 7.1.11
Changelog: http://www.php.net/ChangeLog-7.php#7.1.11
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-10-28 14:19:32 +02:00
Bernd Kuhls
2be90f4a24 package/samba4: bump version to 4.6.9
Release notes: https://www.samba.org/samba/history/samba-4.6.9.html

Added license hash.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-10-28 14:18:53 +02:00
Martin Bark
4d257bbcdb package/tzdata: bump version to 2017c
Signed-off-by: Martin Bark <martin@barkynet.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-10-28 09:12:09 +02:00
Martin Bark
ec176933c2 package/zic: bump version to 2017c
Signed-off-by: Martin Bark <martin@barkynet.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-10-28 09:12:01 +02:00
Joshua Henderson
f2b022893f qt5wayland: fix config option indentation
Reorganize so the optional composer option for the qt5wayland package shows up
as an indented option.

Signed-off-by: Joshua Henderson <joshua.henderson@microchip.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-10-28 09:11:25 +02:00
Peter Korsgaard
aff7673602 wget: add optional zlib support
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-10-28 09:10:11 +02:00
Peter Korsgaard
86eb94636e wget: security bump to version 1.19.2
Fixes the following security issues:

CVE-2017-13089: The http.c:skip_short_body() function is called in some
circumstances, such as when processing redirects.  When the response is sent
chunked, the chunk parser uses strtol() to read each chunk's length, but
doesn't check that the chunk length is a non-negative number.  The code then
tries to skip the chunk in pieces of 512 bytes by using the MIN() macro, but
ends up passing the negative chunk length to connect.c:fd_read().  As
fd_read() takes an int argument, the high 32 bits of the chunk length are
discarded, leaving fd_read() with a completely attacker controlled length
argument.

CVE-2017-13090: The retr.c:fd_read_body() function is called when processing
OK responses.  When the response is sent chunked, the chunk parser uses
strtol() to read each chunk's length, but doesn't check that the chunk
length is a non-negative number.  The code then tries to read the chunk in
pieces of 8192 bytes by using the MIN() macro, but ends up passing the
negative chunk length to retr.c:fd_read().  As fd_read() takes an int
argument, the high 32 bits of the chunk length are discarded, leaving
fd_read() with a completely attacker controlled length argument.  The
attacker can corrupt malloc metadata after the allocated buffer.

Drop now upstreamed patch and change to .tar.lz as .tar.xz is no longer
available.

Also add a hash for the license file while we're at it.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-10-28 09:10:05 +02:00
Bernd Kuhls
fdace9e53c package/tor: bump version to 0.3.1.8
Release notes:
https://blog.torproject.org/new-stable-tor-releases-0318-03012-02913-02816-02515

Added license hash.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-10-28 09:07:02 +02:00
Bernd Kuhls
6c53b9141f linux: bump default to version 4.13.10
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-10-28 09:04:55 +02:00
Bernd Kuhls
ec2851f4b9 linux-headers: bump 4.{4, 9, 13}.x series
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-10-28 09:04:18 +02:00
Adrian Perez de Castro
e3459fd9c5 webkitgtk: security bump to version 2.18.2
This is a maintenance release of the current stable WebKitGTK+ version,
which contains bugfixes; mostly for crashes and rendering issues, plus
one important fix for the layout or Arabic text.

Release notes:

    https://webkitgtk.org/2017/10/27/webkitgtk2.18.2-released.html

Even though an acconpanying security advisory has not been published
for this release, the release contains fixes for several crashes (one
of them for the decoder of the very common GIF image format), which
arguably can be considered potential security issues.

Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-10-27 20:46:58 +02:00
Peter Seiderer
8e4f5b79ab barebox: bump to version 2017.09.0
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-10-27 20:46:17 +02:00