Commit Graph

28281 Commits

Author SHA1 Message Date
Gustavo Zacarias
cd58dfcf2c sqlite: bump to version 3.11.1
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-03-03 22:02:38 +01:00
Gary Bisson
85721034ae board/boundarydevices: rename folder and update readme
It didn't make sense to keep the U-Boot scripts and post build/image
scripts under the nitrogen6x folder since they apply for all our
platforms.

Also update the readme.txt to make it clearer which defconfig should
be used depending on the platform targeted.

Signed-off-by: Gary Bisson <gary.bisson@boundarydevices.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-03-03 17:42:14 +01:00
Gary Bisson
c753aa226d board/boundarydevices: update u-boot scripts for i.MX7 support
Also remove useless tfp410 enablement since a basic kernel driver has
been added.

Signed-off-by: Gary Bisson <gary.bisson@boundarydevices.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-03-03 17:41:16 +01:00
Gustavo Zacarias
d226fa75bd stunnel: bump to version 5.31
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-03-03 15:08:18 +01:00
Gustavo Zacarias
2c8e5dd69f clamav: bump to version 0.99.1
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-03-03 15:08:04 +01:00
Gustavo Zacarias
42a499664d exim: security bump to version 4.86.2
Fixes:
CVE-2016-1531 - All installations having Exim set-uid root and using
'perl_startup' are vulnerable to a local privilege escalation. Any user
who can start an instance of Exim (and this is normally *any* user) can
gain root privileges. If you do not use 'perl_startup' you *should* be
safe.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-03-03 15:06:37 +01:00
Gustavo Zacarias
527b7b1153 cpio: add security patch to fix CVE-2016-2037
Fixes:
CVE-2016-2037 - The cpio_safer_name_suffix function in util.c in cpio
2.11 allows remote attackers to cause a denial of service (out-of-bounds
write) via a crafted cpio file.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-03-03 15:05:59 +01:00
Gustavo Zacarias
89ffdd42e2 python-cryptography: bump to version 1.2.3
Is now compatible with openssl 1.0.2g+ hence fixes:
http://autobuild.buildroot.net/results/5fc/5fc28bafa3cd7171ce6343d21f65af090536f443/

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-03-03 15:05:41 +01:00
Gustavo Zacarias
039c5dcfac attr: disable gettext for host variant
Otherwise it leads to build failure and we don't need it. Fixes:
http://autobuild.buildroot.net/results/59e/59e7e1db122523b292d34405df6dca9faa616da2/

Signed-off-by: Gustavo Zacarias <gustavo.zacarias@free-electrons.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-03-03 15:05:36 +01:00
Gustavo Zacarias
726f8f2f40 gnutls: bump to version 3.4.10
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-03-03 15:00:43 +01:00
Bernd Kuhls
30896c04ee package/kodi-pvr-mediaportal-tvserver: remove patch applied upstream
The recent version bump forgot to remove the patch.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-03-03 09:55:21 +01:00
Bernd Kuhls
3675bbc556 package/kodi-pvr-argustv: remove patch applied upstream
The recent version bump forgot to remove the patch.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-03-03 09:54:02 +01:00
Gustavo Zacarias
f6d3790bc6 graphite2: bump to version 1.3.6
Also change SOURCE since the tarball got renamed with the bump.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-03-03 09:49:33 +01:00
Bernd Kuhls
7e8b876a33 package/kodi-visualisation-shadertoy: bump version, add hash
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-03-02 23:55:36 +01:00
Bernd Kuhls
73e5f09c35 package/kodi-screensaver/visualisation-*: mass version bump, add hashes
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-03-02 23:55:00 +01:00
Bernd Kuhls
a07c026404 package/kodi-pvr-*: mass version bump, add hashes
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-03-02 23:54:54 +01:00
Bernd Kuhls
5fceea18c1 package/kodi-audio??coder-*: mass version bump, add hashes
This patch bumps all audio-en- and decoder addons.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-03-02 23:54:54 +01:00
Gustavo Zacarias
0fd32ecfbb iputils: really remove patch
It seems the appropiate git rm was missing from 8461038f. Fixes:
http://autobuild.buildroot.net/results/1b1/1b1f63e8c7ba10d4055fb422af6a15c044efc9a6/

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-03-02 23:48:57 +01:00
Peter Korsgaard
720552dd28 nvme: fix legal-info
Fixes:
http://autobuild.buildroot.net/results/441/441afa17dfd6f259642526850d92f1c9965d8353/

The license file is called LICENSE, not COPYING.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-03-02 23:47:29 +01:00
Gustavo Zacarias
574a2886ad lksctp-tools: new package
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Reviewed-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-03-02 23:21:03 +01:00
Gustavo Zacarias
db6b5ad9bb x265: depends on BR2_TOOLCHAIN_HAS_SYNC_4
It uses __sync_fetch_and_add_4() and other 32-bit atomics, fixes:
http://autobuild.buildroot.net/results/6cf/6cf4cdfdcd00f92176fd8a901884a3fd0c784f24/

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-03-02 23:01:18 +01:00
Gustavo Zacarias
d07488975d sg3_utils: bump to version 1.42
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-03-02 23:00:34 +01:00
Gustavo Zacarias
98f4409b4f lz4: fix legal info
It moved, and programs are GPLv2+. Fixes:
http://autobuild.buildroot.net/results/70a/70a526b265bb16a6be9f25c5044c65070706171c/

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-03-02 22:57:52 +01:00
Gustavo Zacarias
97827718df cantarell: bump to version 0.0.24
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-03-02 22:57:15 +01:00
Peter Korsgaard
cd03a12fc3 webkitgtk24: fix gstreamer dependency
Fixes:
http://autobuild.buildroot.net/results/a28/a280f23cc29f77ab440edbda05b4e58d6f4856e7/

The .mk file was checking for gst1-plugins-base but then adding
gst1-plugins-good to dependencies.

According to Source/autotools/FindDependencies.m4, the video and web audio
options need the .pc files provided by gst1-plugins-base, so use that.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-03-02 22:43:15 +01:00
Peter Korsgaard
557d34ba89 docs/website/news.html: add 2016.02 announcement link
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-03-02 21:35:12 +01:00
Peter Korsgaard
28cd1ed30a Merge branch 'next'
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-03-02 21:25:00 +01:00
Danomi Manchego
2dfabd10d1 avahi: move libdns_sd compat hook definition inside conditional block
As directed in the buildroot manual, "Optional hooks: keep hook
definition and assignment together in one if block".  And also
to be consistent with the rest of avahi.mk.

Signed-off-by: Danomi Manchego <danomimanchego123@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-03-02 21:20:27 +01:00
Peter Korsgaard
13222c0729 Kickoff 2016.05 cycle
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-03-02 21:09:15 +01:00
Peter Korsgaard
aaf6c28a5c Update for 2016.02
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-03-01 21:47:30 +01:00
Baruch Siach
6aa9606e7a slang: fix static link with readline
slang forgets to link with ncurses that is a dependency of readline when
linking the slsh binary. Correct this.

While at it, also make sure to use staging ncurses5-config script and not the
host one. slang uses ncurses5-config to find terminfo location, and only
staging ncurses5-config provides the correct run-time location.

Fixes:
http://autobuild.buildroot.net/results/1dc/1dc52048254c32a24070fef1c1039cebb32e7ac1/
http://autobuild.buildroot.net/results/c17/c176511cbb147c2d8cb0ec0ff3c1612ce8971cb8/
http://autobuild.buildroot.net/results/78d/78dc2ba07b1d7f888aab94e223f3e0b1a1df3af5/

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-03-01 21:00:50 +01:00
Gustavo Zacarias
318a4d8489 heirloom-mailx: disable SSLv2 support
Now that openssl has dropped SSLv2 support from the latest security bump
we need to patch it out here as well. Fixes:
http://autobuild.buildroot.net/results/dab/dab1629cfcb5cb33706d0c762dba57baa43299a5/

Patch status: debian upstream.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-03-01 20:53:29 +01:00
Peter Korsgaard
c2f6b5d697 tn5250: don't reference SSLv2/v3 functions if openssl is built without them
Fixes:
http://autobuild.buildroot.net/results/83e/83e29482cad6adef18a0e97bc8e75df302467dbb/

The recent openssl security bump disabled SSLv2 support, but tn5250 was
still referencing SSLv2 functions breaking the build.

Include a patch from OpenBSD to only reference the SSLv2 / SSLv3 symbols if
openssl is built with support for them.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-03-01 19:52:49 +01:00
Peter Korsgaard
aa016cd653 python-m2crypto: don't reference SSLv2 functions if openssl is built without SSLv2 support
Fixes:
http://autobuild.buildroot.net/results/018/0183ba8c9fccc87f9e72279c49c2fdc1a9fcb556/

The recent openssl security bump disabled SSLv2 support, but python-m2crypto
was still referencing SSLv2 functions causing undefined symbols when the
module was imported.  Backport an upstream patch to only reference these
symbols if openssl is built with SSLv2 support.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-03-01 18:13:58 +01:00
Antoine Ténart
1d916a5d16 imx-gpu-viv: fix build dependencies when linking against libGAL.so
Packages like QT5 Base with OpenGL and X support link against libGAL.so
at build time. This results in an error because some X functions used
in libGAL.so aren't referenced as the libXdamage, libXext and libXfixes
packages aren't built and installed into sysroot at the time. Fix this
by adding these three packages as build dependencies of imx-gpu-viv.

Signed-off-by: Antoine Tenart <antoine.tenart@free-electrons.com>
Acked-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-03-01 17:46:52 +01:00
Gustavo Zacarias
25b218c144 openssl: security bump to version 1.0.2g
Fixes:
CVE-2016-0800 - Cross-protocol attack on TLS using SSLv2 (DROWN)
CVE-2016-0705 - Double-free in DSA code
CVE-2016-0798 - Memory leak in SRP database lookups
CVE-2016-0797 - BN_hex2bn/BN_dec2bn NULL pointer deref/heap corruption
CVE-2016-0799 - Fix memory issues in BIO_*printf functions
CVE-2016-0702 - Side channel attack on modular exponentiation

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-03-01 15:48:08 +01:00
Sergio Prado
4eaa5a0e1b mongodb: bump to version 3.3.2
Signed-off-by: Sergio Prado <sergio.prado@e-labworks.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-03-01 14:34:34 +01:00
Gustavo Zacarias
3096fbd58b radvd: bump to version 2.12
musl build patch is upstream so it's no longer necessary.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-03-01 14:33:47 +01:00
Gustavo Zacarias
310f73e415 harfbuzz: bump to version 1.2.3
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-03-01 14:33:37 +01:00
Baruch Siach
a6209d1b97 zsh: use the correct target pcre-config
zsh configure script mis-detects the location of pcre-config, and may use that
of host-pcre or that of the host instead of the target. Make configure use the
correct pcre-config.

Thanks to Thomas Petazzoni for pointing me at the right direction.

Fixes:
http://autobuild.buildroot.net/results/b12/b12aadf3016dab0941cae780fa9ee7bf9be8fcda/
http://autobuild.buildroot.net/results/8e8/8e8b12dbca4ef8cac2e5f33cd3cdcddd8e849840/
http://autobuild.buildroot.net/results/473/473197ec8e323ea7ae0e29e6363525dc42f9da2c/

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-03-01 12:48:29 +01:00
Luca Ceresoli
2004003697 docs/manual: add section about patch licensing
Use the same text that is used in COPYING.

Signed-off-by: Luca Ceresoli <luca@lucaceresoli.net>
Cc: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Cc: Peter Korsgaard <peter@korsgaard.com>
Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Cc: Steve Calfee <stevecalfee@gmail.com>
Acked-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-03-01 12:46:58 +01:00
Vicente Olivert Riera
1834024ba0 sox: disable SSP when using MIPS Codescape toolchains
MIPS Codescape toolchains don't support stack-smashing protection
despite of using glibc, therefore we see failures like this one:

mips-img-linux-gnu/bin/ld: cannot find -lssp

Fixes:
  http://autobuild.buildroot.net/results/957/95721f7b88c46a20202fb02e408817097df965c3/

Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-03-01 11:30:34 +01:00
Luca Ceresoli
8b186e089d CHANGES: fix typo
Cc: Peter Korsgaard <peter@korsgaard.com>

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-03-01 11:23:34 +01:00
niranjan.reddy
2311d54ec4 libfcgi:add security patch for CVE-2012-6687
Fix-CVE-2012-6687 - remote attackers cause a denial of service (crash)
via a large number of connections (http://www.cvedetails.com/cve/CVE-2012-6687/).
use poll in os_unix.c instead of select to avoid problem with > 1024 connections.
The patch libfcgi_2.4.0-8.3.debian.tar.xz is taken from the below link:
(https://launchpad.net/ubuntu/+source/libfcgi/2.4.0-8.3)
The next release of libfcgi is 2.4.1 which may have this fix is yet to be released
officially.

Signed-off-by: Niranjan Reddy <niranjan.reddy@rockwellcollins.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-03-01 11:18:27 +01:00
Thomas Petazzoni
18f3a22dce linux-headers: fix circular dependency when HEADERS_AS_KERNEL is used
The linux-headers -> linux dependency causes a circular dependency, breaking
the source/legal-info/graph-depends/..  targets:

make graph-depends
Getting targets
Getting dependencies for ['toolchain-buildroot', 'toolchain', 'busybox',
'glibc', 'initscripts', 'linux-headers', 'skeleton', 'linux',
'host-fakeroot', 'host-makedevs', 'rootfs-cpio', 'rootfs-initramfs']
Getting dependencies for ['host-kmod', 'host-gcc-final',
'host-gcc-initial', 'host-gawk']
Getting dependencies for ['host-gmp', 'host-binutils', 'host-pkgconf',
'host-mpfr', 'host-mpc']
Getting dependencies for ['host-m4']

Recursion detected for  : toolchain
which is a dependency of: linux
which is a dependency of: linux-headers
which is a dependency of: glibc
which is a dependency of: host-gcc-final
which is a dependency of: toolchain-buildroot
which is a dependency of: toolchain
Makefile:721: recipe for target 'graph-depends' failed
make: *** [graph-depends] Error 1

Fix it by instead duplicating in linux-headers the 10-20 lines of linux.mk
logic that infer the _SOURCE/_SITE/_VERSION from the BR2_LINUX_KERNEL_*
variables.

This does mean that we extract the kernel sources twice though.

[Peter: use same git/hg tarball as linux kernel to not clone twice, minor fixes]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-03-01 09:43:37 +01:00
Bernd Kuhls
5be216b2c9 package/ffmpeg: Remove patch not needed anymore for Kodi 16.0-Jarvis
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-02-29 23:53:38 +01:00
Bernd Kuhls
b1b1762d18 package/kodi: Remove dependency for BR2_TOOLCHAIN_GCC_AT_LEAST_4_7 from sub packages
Kodi itself already depends on BR2_TOOLCHAIN_GCC_AT_LEAST_4_7, there is
no need to duplicate this as reverse dependencies in sub options which
depend on Kodi.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-02-29 23:52:35 +01:00
Bernd Kuhls
a95fae661d package/kodi: Remove dependency for BR2_STATIC_LIBS from sub packages
Kodi itself already depends on !BR2_STATIC_LIBS, there is no need to
duplicate this as reverse dependencies in sub options which depend on
Kodi.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-02-29 23:52:21 +01:00
Bernd Kuhls
c913784c98 package/kodi: reorder select/depends
>From [1]:
"Even though the ordering has absolutely no consequences in Kconfig, it
is not logical (when reading). It is more logical and far easier to
understand when depends come first, followed by the selects."

Also, the Config.in example in the manual suggests to use this coding
style [2].

[1] http://lists.busybox.net/pipermail/buildroot/2015-October/142955.html
[2] http://buildroot.uclibc.org/downloads/manual/manual.html#writing-rules-config-in

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-02-29 23:46:30 +01:00
Bernd Kuhls
898de0af5b package/kodi: not available using a musl-based toolchain
The build stops with
configure: error: unsupported host (i586-buildroot-linux-musl)
due to musl not being supported in
https://github.com/xbmc/xbmc/blob/Isengard/m4/xbmc_arch.m4

Removing this obstacle will show that musl is really not being
supported, the build will fail:

In file included from emu_msvcrt.cpp:64:0:
emu_msvcrt.h:93:3: error: ‘__off64_t’ does not name a type
   __off64_t dll_lseeki64(int fd, __off64_t lPos, int iWhence);
   ^
emu_msvcrt.h:94:3: error: ‘__off_t’ does not name a type
   __off_t dll_lseek(int fd, __off_t lPos, int iWhence);
   ^

I know these problems are fixable and the voidlinux projects seems to
have done it already for 15.2-Isengard:
99f74705bc/srcpkgs/kodi/patches

For Jarvis-16.0 these patches have to be rebased at a later stage.
For now block the Kodi package with musl-based toolchains to avoid
build errors.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-02-29 23:46:11 +01:00