Commit Graph

40617 Commits

Author SHA1 Message Date
Ilya Kuzmich
28fac3973b merge_config.sh: add br2-external support
Pass BR2_EXTERNAL value via -e option.
This will prevent merge_config.sh from silently eating any symbols defined in
external trees on a clean buildroot tree invocation.

Signed-off-by: Ilya Kuzmich <ilya.kuzmich@gmail.com>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-01-29 14:54:42 +01:00
Matt Weber
6c211ffee8 python-flask-cors: new package
A Flask extension for handling Cross Origin Resource
Sharing (CORS), making cross-origin AJAX possible.

Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Reviewed-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-01-29 14:50:27 +01:00
Zoltan Gyarmati
37ebd3b782 package/gpsd: upgrade to 3.17, remove obsolete patch
The upstream patch which disables the build-time systemctl call made it into
this release so removing it here. Also adding hash for the COPYING file.

Signed-off-by: Zoltan Gyarmati <mr.zoltan.gyarmati@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-01-29 14:40:54 +01:00
Julien Corjon
cd431297e3 package/wf111: Fix manufacturer name and url
Signed-off-by: Julien Corjon <corjon.j@ecagroup.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-01-29 14:39:37 +01:00
Jörg Krause
3cd6faa04c augeas: bump to version 1.10.1
Remove upstream patches included in the version bump.

Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-01-29 14:39:17 +01:00
Laurent Charpentier
bd46df6808 open-lldp: requires dynamic linking interface (dlopen, ...)
Fixes:
http://autobuild.buildroot.net/results/516456c8e21759e1ecee4ef9f9689a8f720ecd90/

This patch is to fix the following build error:
weak_readline.c:30:19: fatal error: dlfcn.h: No such file or directory
 #include <dlfcn.h>
                   ^
compilation terminated.
Makefile:890: recipe for target 'weak_readline.o' failed

Signed-off-by: Laurent Charpentier <laurent_pubs@yahoo.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-01-29 14:38:21 +01:00
Stefan Becker
e2b85b4809 package/systemd: fix build with fallback hostname
Commit aebabb2780 used an automoake
configuration option. Replace it with the meson version.

Fixes #10716

Signed-off-by: Stefan Becker <chemobejk@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-01-29 14:36:08 +01:00
Peter Korsgaard
28adb37be4 dovecot: add upstream security fix for CVE-2017-15132
A flaw was found in dovecot 2.0 up to 2.2.33 and 2.3.0.  An abort of SASL
authentication results in a memory leak in dovecot's auth client used by
login processes.  The leak has impact in high performance configuration
where same login processes are reused and can cause the process to crash due
to memory exhaustion.

For more details, see:
http://www.openwall.com/lists/oss-security/2018/01/25/4

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-01-29 09:48:08 +01:00
Peter Korsgaard
8fb8dddbf4 openocd: add security fix for CVE-2018-5704
Open On-Chip Debugger (OpenOCD) 0.10.0 does not block attempts to use HTTP
POST for sending data to 127.0.0.1 port 4444, which allows remote attackers
to conduct cross-protocol scripting attacks, and consequently execute
arbitrary commands, via a crafted web site.

For more details, see:
https://sourceforge.net/p/openocd/mailman/message/36188041/

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-01-29 09:47:53 +01:00
Carlos Santos
b473cb1542 linux-firmware: add menu for Intel QuickAssist firmware
Firmware required when Intel QuickAssist is enabled in the kernel via
CRYPTO_DEV_QAT_DH895xCC, CRYPTO_DEV_QAT_C3XXX or CRYPTO_DEV_QAT_C62X.

See https://dpdk.org/doc/guides/cryptodevs/qat.html

Signed-off-by: Carlos Santos <casantos@datacom.ind.br>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-01-29 09:45:30 +01:00
Carlos Santos
445ad454b5 linux-firmware: add hashes for license files
Locally calculated, to fix legal-info generation.

Signed-off-by: Carlos Santos <casantos@datacom.ind.br>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-01-29 09:43:50 +01:00
Fabio Estevam
3b9f2b8bd0 configs/imx6-sabresd: Bump to kernel 4.15
Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-01-28 23:49:21 +01:00
Fabio Estevam
d6f7b7d535 linux: bump default to version 4.15
Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-01-28 23:49:12 +01:00
Fabio Estevam
79df9ad599 linux-headers: bump to 4.15 kernel version
Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-01-28 23:48:29 +01:00
Fabio Estevam
ea0f6e8f06 toolchain: add 4.15.x choice for headers
Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-01-28 23:48:21 +01:00
Baruch Siach
ca0ef6c3c0 nftables: bump to version 0.8.1
Add SHA256 and license hashes.

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-01-28 23:33:50 +01:00
Baruch Siach
fa0d1ebff9 libnftnl: bump to version 1.0.9
Add SHA256 hash, and a license hash.

Drop mxml dependency since XML support has been removed upstream.

Refresh the patch.

Cc: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-01-28 23:33:31 +01:00
Peter Korsgaard
2d920ad1b4 wireshark: security bump to version 2.2.12
Fixes the following security issues:

CVE-2017-17997: MRDISC dissector crash
https://www.wireshark.org/security/wnpa-sec-2018-02.html

CVE-2018-5334: IxVeriWave file parser crash
https://www.wireshark.org/security/wnpa-sec-2018-03.html

CVE-2018-5335: WCP dissector crash
https://www.wireshark.org/security/wnpa-sec-2018-04.html

CVE-2018-5336: Multiple dissectors could crash
https://www.wireshark.org/security/wnpa-sec-2018-01.html

For more information, see the release notes:
https://www.wireshark.org/docs/relnotes/wireshark-2.2.12.html

While we are at it, also add as hash for license file.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-01-28 22:11:28 +01:00
Chris Lesiak
aebabb2780 package/systemd: Set fallback hostname
When BR2_TARGET_GENERIC_HOSTNAME is set, use the config option
--with-fallback-hostname to specify the fallback hostname to use
if none is configured in /etc/hostname.  This is useful in a
pristine installation with an empty /etc.

Signed-off-by: Chris Lesiak <chris.lesiak@licor.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-01-28 21:47:21 +01:00
Chris Lesiak
5f2dc44590 Makefile: Store OS release in /usr/lib/os-release
It is recommended that vendor trees store OS release information
in /usr/lib/os-release and that /etc/os-release should be a relative
symlink to /usr/lib/os-release.

For more details, see:

http://0pointer.de/public/systemd-man/os-release.html

[Peter: don't hide command, simplify ln invocation]
Signed-off-by: Chris Lesiak <chris.lesiak@licor.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-01-28 21:45:19 +01:00
Bernd Kuhls
6e43a52aa8 package/transmission: security bump version to 2.93
Fixes CVE-2018-5702:
https://github.com/transmission/transmission/pull/468

Added license hash.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-01-28 20:28:43 +01:00
Romain Naour
e9ec7ae71c package/gcc: bump 7.x series to 7.3.0
Remove upstream patches:
0870-xtensa-fix-PR-target-82181.patch
0893-ARC-Configure-script-to-allow-non-uclibc-based-tripl.patch

See: https://www.mail-archive.com/gcc@gcc.gnu.org/msg84336.html

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-01-28 20:26:22 +01:00
Sam Voss
ef9be80526 package/pure-ftpd: Add uploadscript option
Enable option to compile with '--with-uploadscript' to allow running
script after successful uploads.

Signed-off-by: Sam Voss <sam.voss@rockwellcollins.com>
Acked-by: Bryce Ferguson <bryce.ferguson@rockwellcollins.com
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-01-28 17:20:04 +01:00
Matt Weber
20a4583ebf security hardening: add RELFO, FORTIFY options
This enables a user to build a complete system using these
options.  It is important to note that not all packages will
build correctly to start with.

Modeled after OpenWRT approach
https://github.com/openwrt/openwrt/blob/master/config/Config-build.in#L176

A good testing tool to check a target's elf files for compliance
to an array of hardening techniques can be found here:
https://github.com/slimm609/checksec.sh

[Peter: reword fortify help texts, glibc comment]
Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-01-28 15:21:14 +01:00
Matt Weber
d3732cf4a2 stack protector: moved option out of adv menu
Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-01-28 11:54:54 +01:00
Bernd Kuhls
5e7e27a3a7 package/git: bump version to 2.16.1
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-01-28 11:54:20 +01:00
Gary Bisson
7be86525de imx-m4fwloader: new package
This package provides a tool to load a firmware to the Cortex-M4 core
available in some i.MX processors such as i.MX6SX or i.MX7.

This package was tested on a i.MX7D Nitrogen7 platform:
 # imx-m4fwloader hello_world.bin 0x007F8000

Upstream repository:
https://github.com/codeauroraforum/imx-m4fwloader

[Peter: add license hash, install in /usr/sbin, tweak help text]
Signed-off-by: Gary Bisson <gary.bisson@boundarydevices.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-01-28 09:53:44 +01:00
Zoltan Gyarmati
4f6db0d504 package/tinc: upgrade to 1.0.33, install upstream's systemd files
Signed-off-by: Zoltan Gyarmati <mr.zoltan.gyarmati@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-01-27 19:12:27 +01:00
Bernd Kuhls
9a893f56ce package/freeswitch: bump version to 1.6.20
Added license hashes.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-01-27 15:56:16 +01:00
Bernd Kuhls
ffb5dee113 package/clamav: security bump to version 0.99.3
Fixes CVE-2017-12374, CVE-2017-12375, CVE-2017-12376, CVE-2017-12377,
CVE-2017-12378, CVE-2017-12379, CVE-2017-12380.

For details see upstream announcement:
http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html

Added license hashes.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-01-27 14:47:03 +01:00
Kurt Van Dijck
8e918d18e4 nilfs-utils: fix build with static toolchains
This commit adds a patch to respect the dependency libmount->libblkid->libuuid
properly in autoconf. This becomes necessary for static builds.

Fixes:
 http://autobuild.buildroot.net/results/acaac513eaaa39d4000268428407a9fa6989ef03
 http://autobuild.buildroot.net/results/41af95b9ed7bbbe319565e1c20d1f6e2665d445f

[Peter: add host-pkgconf to dependencies]
Signed-off-by: Kurt Van Dijck <dev.kurt@vandijck-laurijssen.be>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-01-27 13:15:53 +01:00
Romain Naour
53252f23b7 package/physfs: needs threads support
When physfs is built for a Linux system the PHYSFS_PLATFORM_POSIX (which
enable code that use pthread_*()) symbol must be defined, so threads support
is required.  The physfs build system used by the previous version didn't
correctly set PHYSFS_PLATFORM_POSIX for system without pthread support.

Add pthread dependency.

Fixes:
http://autobuild.buildroot.org/results/75d/75d68ff9da42d61f47d80b463445c12bc51ed1a4

Signed-off-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-01-27 11:22:33 +01:00
Baruch Siach
3c937807a3 ltp-testsuite: disable numa tests
The LTP_CHECK_SYSCALL_NUMA autoconf macro uses AC_RUN_IFELSE when it
detects the numaif.h header. This is incompatible with cross
compilation.

Fixes:
http://autobuild.buildroot.net/results/21a/21a6eeddbf5ccffc34c38527d0807305a5eb3917/
http://autobuild.buildroot.net/results/fc0/fc01921e8e8e1ea100461b29137c4219e6686c58/
http://autobuild.buildroot.net/results/962/96285d154abd65838ff5c66e96db309d9ac26c80/

Cc: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Acked-by: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-01-27 11:17:48 +01:00
Baruch Siach
eb2bb6648f ltp-testsuite: drop redundant arch dependency entries
BR2_TOOLCHAIN_HAS_SYNC_4 is enabled for all these architectures except
arc. There is no need to list them explicitly.

Cc: Romain Naour <romain.naour@gmail.com>
Cc: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Acked-by: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-01-27 11:17:20 +01:00
Carlos Santos
11a3d2a472 hwdata: bump to version 0.308
The hwdata collection is hosted at GitHub now and provides additional
databases, besides pci.ids and usb.ids:

- Individual Address Block (IAB) and Organizationally Unique Identifier
  (OUI) databases, from IEEE Registration Authority
- PNP ID database (from Microsoft)

Install only pci.ids and usb.ids by default, to keep compatibility with
previous versions.

In the future we can make other packages (pciutils, lshw) use the common
files instead of installing their own copies, thus saving some storage
space.

[Peter: drop BR2_PACKAGE_HWDATA_ANY and build time error, rework install step]
Signed-off-by: Carlos Santos <casantos@datacom.ind.br>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-01-27 11:14:16 +01:00
Jörg Krause
f8fcece3a1 swupdate: add upstream patch to fix build error
When building SWUpdate with the following defconfig:

```
CONFIG_DOWNLOAD=y
```

.. the build process breaks with:

```
corelib/channel_curl.c:27:10: fatal error: json-c/json.h: No such file or directory
 #include <json-c/json.h>
```

Looking at the SWUpdate Kconfig based build system shows that `CONFIG_DOWNLOAD`
depends on `HAVE_LIBCURL`, which selects CURL, which eventually enables the
(unnecessary) build of channel_curl.o.

The upstream fixes the condition for building channel_curl.o by adding a new
hidden config option `CHANNEL_CURL`, which is only selected by the
dependent options.

Backported from:
37a6666a53

Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-01-27 10:53:31 +01:00
Julien Corjon
b857c7481a package/wf111: bump to version 5.2.2-r3
Signed-off-by: Julien Corjon <corjon.j@ecagroup.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-01-27 10:15:47 +01:00
Mark Hirota
01955b5b6e ccache: bump to version 3.3.5
(Likely) fixes #10536

https://bugs.buildroot.org/show_bug.cgi?id=10536

Signed-off-by: Mark Hirota <markhirota@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-01-27 10:04:52 +01:00
Yegor Yefremov
09ec6d7f64 scanpypi: ignore empty elements in package requirements
Depending on how setup.py reads requirements files empty elements can occur.
This patch takes care, that such elements will be ignored and don't crash
the scanpypi script.

Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
Tested-by: Matt Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-01-26 14:43:28 +01:00
Tobias Klauser
bb5bb052c6 netsniff-ng: bump to version 0.6.4
Drop patches merged upstream.

Cc: Joris Lijssens <joris.lijssens@gmail.com>
Cc: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-01-26 13:39:54 +01:00
Baruch Siach
d91377c1a4 netcat-openbsd: bump to version 1.187-1
Cc: Maxime Hadjinlian <maxime.hadjinlian@gmail.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-01-26 13:39:34 +01:00
Baruch Siach
9c5419c09a libbsd: bump to version 0.8.7
Change download site; the latest version is not on the official site.

Add license hash.

Cc: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-01-26 13:39:08 +01:00
Baruch Siach
fc4a6abfa6 zbar: enable static build
libv4l supports static build since commit f837251785 (package/libv4l:
allow build of v4l2 utilities on noMMU platforms).

Cc: Volkov Viacheslav <sv99@inbox.ru>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-01-26 13:38:43 +01:00
Baruch Siach
b94c8cf7ca libv4l: bump to version 1.14.1
Drop upstream patches. autoreconf is no longer needed.

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-01-26 13:38:25 +01:00
Fabio Estevam
770c19df08 linux-headers: bump 4.{4, 9, 14}.x series
Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-01-26 09:31:24 +01:00
Fabio Estevam
965f348cae linux: bump default to version 4.14.15
Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-01-26 09:31:18 +01:00
Baruch Siach
e02dd5a492 libcurl: security bump to version 7.58.0
Fixes CVE-2018-1000007: libcurl might leak authentication data to third
parties.

https://curl.haxx.se/docs/adv_2018-b3bf.html

Fixes CVE-2018-1000005: libcurl contains an out bounds read in code handling
HTTP/2 trailers.

https://curl.haxx.se/docs/adv_2018-824a.html

Update license hash due to copyright year change.

[Peter: also add CVE-2018-1000005 reference]
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-01-26 09:11:23 +01:00
Carlos Santos
67170b76af util-linux: disable useless programs in the host package
Disable all programs that depend on ncurses, as well as utilities that
are useless on the host: agetty, chfn-chsh, chmem, login, lslogins,
mesg, more, newgrp, nologin, nsenter, pg, rfkill, schedutils, setpriv,
setterm, su, sulogin, tunelp, ul, unshare, uuidd, vipw, wall, wdctl,
write, zramctl.

Also add dependency on host-zlib if host cramfs utils are to be built.

Signed-off-by: Carlos Santos <casantos@datacom.ind.br>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-01-26 09:07:08 +01:00
Peter Korsgaard
0ed9392196 gnutls: bump to version 3.5.17
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-01-26 09:06:24 +01:00
Adrian Perez de Castro
54798893b8 webkitgtk: security bump to version 2.18.6
This is a maintenance release of the current stable WebKitGTK+ version,
which contains security fixes for CVE-2018-4088, CVE-2017-13885,
CVE-2017-7165, CVE-2017-13884, CVE-2017-7160, CVE-2017-7153,
CVE-2017-7153, CVE-2017-7161, and CVE-2018-4096. Additionally, it solves
a GStreamer deadlock when stopping video playback, and contains fixes
and improvements for the WebDriver implementation.

Release notes can be found in the announcement:

  https://webkitgtk.org/2018/01/24/webkitgtk2.18.6-released.html

Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-01-26 09:05:59 +01:00