libffi is optional, not mandatory since bump to version 1.22.0 in commit
1e12b7dd49 and
89b3207376
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 2c1cac10d8)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The MICROPYTHON_MAKE_ENV variable contained two things;
- the comon target environment variables CC, CFLAGS et al. defined in
TARGET_MAKE_ENV,
- the GIT_DIR workaround
Commit 9024e18665 (package/micropython: drop GIT_DIR=. workaround)
totally dropped the assignment to MICROPYTHON_MAKE_ENV, but did not
replace its expansin with TARGET_MAKE_ENV.
This yields build error like:
LINK build-standard/micropython
arm-linux-gcc: ERROR: unsafe header/library path used in cross-compilation: '-L/usr/lib64/../lib64'
Fix this by expanding TARGET_MAKE_ENV in lieu of MICROPYTHON_MAKE_ENV.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 6c9be611a8)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
See release notes (https://github.com/redis/redis/blob/7.2.4/00-RELEASENOTES):
================================================================================
Redis 7.2.4 Released Tue 09 Jan 2024 10:45:52 IST
================================================================================
Upgrade urgency SECURITY: See security fixes below.
Security fixes
==============
* (CVE-2023-41056) In some cases, Redis may incorrectly handle resizing of memory
buffers which can result in incorrect accounting of buffer sizes and lead to
heap overflow and potential remote code execution.
Bug fixes
=========
* Fix crashes of cluster commands clusters with mixed versions of 7.0 and 7.2 (#12805, #12832)
* Fix slot ownership not being properly handled when deleting a slot from a node (#12564)
* Fix atomicity issues with the RedisModuleEvent_Key module API event (#12733)
Signed-off-by: Titouan Christophe <titouanchristophe@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 5f59c175a4)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
cpe:2.3🅰️gunicorn:gunicorn is a valid CPE identifier for this package:
https://nvd.nist.gov/products/cpe/detail/DAF075D2-70F3-4D2A-B7C9-75A7A1C38C83
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 8c0bfcede9)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
cpe:2.3🅰️python:hpack is a valid CPE identifier for this package:
https://nvd.nist.gov/products/cpe/detail/9DD17147-CB76-4A8F-BE82-4AE1BC7BFCD5
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit d00b3f17f6)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
cpe:2.3🅰️html5lib:html5lib is a valid CPE identifier for this package:
https://nvd.nist.gov/products/cpe/detail/97A353CC-7402-4606-93CA-111308296748
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 4d361c3d32)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
cpe:2.3🅰️sqlalchemy:mako is a valid CPE identifier for this package:
https://nvd.nist.gov/products/cpe/detail/3A26A531-FD34-4F27-ADD5-C0C88FA337B3
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit d5a20c7f24)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
cpe:2.3🅰️numpy:numpy is a valid CPE identifier for this package:
https://nvd.nist.gov/products/cpe/detail/C19878E8-7FFC-4BB4-B1A8-F396CB169DF2
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 9899f06170)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
cpe:2.3🅰️oauthlib_project:oauthlib is a valid CPE identifier for this
package:
https://nvd.nist.gov/products/cpe/detail/204A2244-7F74-4AAE-BA8E-E9FE707EC833
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 5f905f06bd)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
cpe:2.3🅰️pycryptodome:pycryptodomex is a valid CPE identifier for this
package:
https://nvd.nist.gov/products/cpe/detail/2A88F7B5-C414-4104-9B59-A6E28A1E119A
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 71ff1bd8a4)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
cpe:2.3🅰️sqlparse_project:sqlparse is a valid CPE identifier for this
package:
https://nvd.nist.gov/products/cpe/detail/BB69AE3A-3268-4EDF-95AF-A05BB61B686F
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 8ed1bb3628)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
cpe:2.3🅰️qt:qt:6.4.3:*:*:*:*:*:*:* is a valid CPE identifier for this
package:
https://nvd.nist.gov/products/cpe/detail/8397D12E-2D77-458E-B9C3-DC7B4775B1A7
Signed-off-by: Christian Hitz <christian.hitz@bbv.ch>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit a1bac67ba7)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
cpe:2.3🅰️qt:qt:5.15.8:*:*:*:*:*:*:* is a valid CPE identifier for this
package:
https://nvd.nist.gov/products/cpe/detail/3A753A6D-0AFE-4E62-9C2F-58C8B630830C
Signed-off-by: Christian Hitz <christian.hitz@bbv.ch>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 107d39c1a7)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Remove and create the kernel_blob.bin file in the flutter_assets directory:
When Flutter compiles the source code, it creates the kernel_blob.bin file,
a Dart Kernel Bytecode of the application.
If kernel_blob.bin exists inside the flutter_assets directory, then the
application source code can be extracted with nothing more than apktool.
Not only is this a security risk, it's also redundant and a waste of space.
Removing the kernel_blob.bin file generated for flutter-gallery saves 86M!
Because this package is a reference package, and some applications may check
if the kernel_blob.bin file exists, we also touch a blank kernel_blob.bin
file.
Do not use relative symlinks:
Users may install their applications in any arbitaryt location, not
necessarily in the /usr/share/flutter/${package_name} directory. Because
flutter-gallery is a reference application, using exact symlinks to
icudtl.dat and libflutter_engine.so is preferable.
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 0805b8048f)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
As the flutter-gallery package is a reference package for users wishing to use
Flutter for their UX with Buildroot, this package must have the correct build
options. Indeed, this package currently starts and runs, but only because of
the 0001-remove-GetStorage.patch. Through testing, flutter-gallery fails to
run during the following scenario:
- The xdg-user-dirs package is ported and present.
- flutter-gallery depends on xdg-user-dirs.
- The 0001-remove-GetStorage.patch file is removed.
After extensive testing and comparing the current build arguments against what
the meta-flutter repository for Yocto passes to all of the applications that
inherit flutter-app, it is clear that handling the dart_plugin_registrant.dart
file is missing from the dart arguments in the flutter-gallery build step.
As the documentation for the dart_plugin_registrant.dart file is nonexistent
in any official documentation. However, there is a comment from an issue on
the official dart-lang/sdk page on Github that explains what this file is
(and refers to the Dark SDK source code instead of official documentation.)
From https://github.com/dart-lang/sdk/issues/52506#issuecomment-1562806787:
```
The dart_plugin_registrant.dart is a very special file. It's neither included
in the Dart app nor any dependent packages. Rather it's an artificially
created file by the flutter tools. It contains logic to run plugin
registration logic.
A flutter build will eventually compile the Dart application where it will add
<dir>/.dart_tool/flutter_build/dart_plugin_registrant.dart as an extra source
file (see here). Additionally it will also inject that uri as a constant into
Dart source code via a -Dflutter.dart_plugin_registrant=<uri>.
Once the app runs it will access the
package:flutter/src/dart_plugin_registrant.dart:dartPluginRegistrantLibrary
constant and use it to look up the library object and then invoke the plugin
registration logic.
```
Now that what the dart_plugin_registrant.dart does is understood, we need to
pass the following to the dart binary during the flutter-gallery build step:
-Dflutter.dart_plugin_registrant=file://[...]/dart_plugin_registrant.dart:
Injects a file containing the logic to run the plugin registration logic as
a constant into the flutter-application source code.
--source file://$(@D)/.dart_tool/flutter_build/dart_plugin_registrant.dart:
Adds the dart_plugin_registrant.dart file as a source file to compile.
--source package:flutter/src/dart_plugin_registrant.dart:
Binds the plugin implementation to the platform interface based on the
configuration of the app's pubpec.yaml, and the plugin's pubspec.yaml.
The native_assets.yaml file provides the native-assets mapping for
@Native external functions. The flutter-gallery package has no functions
marked as @Native; however, calling "flutter build bundle" creates a blank
template "native_assets.yaml" file, which is safe to include in the build.
This line, while not necessary for flutter-gallery, may be helpful for other
users who use @Native external functions in their applications, and this
example makes porting other applications quicker and easier.
Finally, there is a known issue when using the dart_plugin_registrant.dart
file outlined here: https://github.com/flutter/flutter/issues/137972.
To summarize: If a user fails to pass the --obfuscate flag to gen_snapshsot
when using the dart_plugin_registrant.dart file, their application may fail
to start. One such application is Gallery, which I have independently verified.
As such, pass the --obfuscate flag to gen_snapshot to ensure that
flutter-gallery properly starts when building with the additional
dart_plugin_registrant.dart arguments above.
However, I acknowledge that the obfuscate flag hides function and class names
in compiled Dart code, and there are some cases when a user should avoid using
the flag. For example, when using the runtimeType API:
https://api.flutter.dev/flutter/dart-core/Object/runtimeType.html. However,
this is not the case with flutter-gallery, and the --obfuscate flag is needed.
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
[yann.morin.1998@free.fr: restore FLUTTER_RUNTIME_MODES]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit a821aee2d2)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
To make the next patch easier to understand, add a configure step to the
flutter-gallery.mk file. The `$(HOST_FLUTTER_SDK_BIN_FLUTTER) build bundle`
command is placed in the configure step because it generates several files
needed for the flutter_gen_snapshot tool to generate the target .so file.
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 562ed3dfd4)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The canonical name for the 'pub' action is 'pub', while 'packages' is
just an alias. Switch to using the canonical name.
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
[yann.morin.1998@free.fr: split off to its own commit]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 1cc2c4bb86)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
As Yann mentioned in commit 9d8497e79d, a
dependency on a glibc toolchain implies a dependency on
BR2_TOOLCHAIN_HAS_THREADS_NPTL. As such, remove the dependency from
package/flutter-engine/Config.in.
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 019cfcfc4a)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The current depot-tools version is from Jul 13 2023, and there is a bug
where when building with PPD enabled, building a Flutter application on
my laptop running Fedora 39 or even in the Debian 11 container fails due
to permission issues when running rsync such as:
/usr/bin/sed: couldn't open temporary file [...]/output/per-package/flutter-gallery/host/share/flutter/sdk/.vpython-root/0e1e32/lib/python3.8/sed763MrF: Permission denied
make: *** [package/pkg-generic.mk:267: [...]/output/build/flutter-gallery-2.10.2/.stamp_configured] Error 123
After several hours of attempting to find the exact cause of the issue
by parsing git logs of the depot_tools repository and cross-referencing
bugs on https://bugs.chromium.org/p/chromium/issues I am unable to
determine the exact reason why the problem occurs or the exact commit
that fixes the issue.
However, updating depot-tools does indeed fix the issue, and looking at
the source code between 4e87f5bf and 8d14454b shows improvements to
several bash scripts, such as gclient, vpython3, and spid. All of which
could be culprits of this bug. As flutter-engine is the only package
that uses host-depot-tools, it is safe to update.
This permission bug is present on PPD and normal builds, but causes a
build to crash only on PPD because of rsyncing. On non-ppd builds, the
bug only causes some minor annoyance when trying to run `make clean`
because permission denials crop up when trying to remove the
.vpython-root directory.
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
[yann.morin.1998@free.fr:
- copy the cover-letter description as commit log
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 2b7b68cfe5)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
When running the command "flutter pub get," the plugins are stored in the
pub-cache directory along with their sha256sum hashes. The default location of
the pub-cache directory is current $(HOST_DIR)/share/flutter/sdk/.pub-cache,
which is not an acceptable choice by default because every plugin is
re-downloaded during every build of a flutter application either during a new
build or when building with the per-package-directory option enabled.
Furthermore, keeping the pub-cache in its current location prevents users from
committing the pub-cache directory to git for faster rebuilds of a
Buildroot-based system, as users cannot store the pub-cache for later use.
To fix the above issue completely, the following two changes must occur:
- Change the hard-coded Flutter pub-cache location to
$(DL_DIR)/br-flutter-pub-cache.
- Remove the `rm -rf $(HOST_FLUTTER_SDK_BIN_SDK)/.pub-cache` and the
associated comment about why the build system removes the .pub-cache
directory. After further research, the help text of the precache command
reads, "Populate the Flutter tool's cache of binary artifacts."
The current reasoning listed in the comments is not accurate for a
the following reasons:
1. We do not want to remove their directory if users already have a pub
cache they have symlinked to.
2. If the flutter-sdk-bin package previously set up the pub-cache, then
the pub-cache directory is set up with the options we want, and there
is no reason to remove the pub-cache directory.
Note that upstream considers it safe to have multiple instances of
readers/writers to the pub cache concurently, which is a situation that
can happen when two flutter-based pacakges are going to be built in
parallel. There have been reports upstream [0] [1] [2] where concurrency
was an issue, and they have always been fixed [3] [4] (or considered
fixed already). So we can assune that, if the conncurrent ccess to the
shared pub-cache causes issues, that will be an upstream bug that will
get solved.
If that turns out to be an unsolvable problem, we'll still have the
option to run the pub-get commands under flock.
[0] https://github.com/dart-lang/pub/issues/1178
[1] https://github.com/dart-lang/pub/issues/3404
[2] https://github.com/dart-lang/pub/issues/3420
[3] https://github.com/dart-lang/pub/issues/1178#issuecomment-1006489414
[4] https://github.com/dart-lang/pub/issues/1178#issuecomment-1007273739
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
[yann.morin.1998@free.fr: add blurb about concurrent access]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 37809258fc)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit 1567fbd72d didn't fully fix the
wolfssl build failure because the include on wolfssl/options.h was still
missing:
/home/autobuild/autobuild/instance-6/output-1/build/libuwsc-3.3.5/src/ssl.c:62:5: error: unknown type name 'SSL_CTX'
62 | SSL_CTX *ctx;
| ^~~~~~~
While at it, add upstream tag to patches
Fixes:
- http://autobuild.buildroot.org/results/edc49cce5b1f456d980841f4c315e7cd784b1561
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit e874fd08e0)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
cpe:2.3🅰️micropython:micropython is a valid CPE identifier for this
package:
https://nvd.nist.gov/products/cpe/detail/853A709B-B8CB-4E8C-BF5E-6621C3A1D994
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 30d5d1a229)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
As found out by Yann E. Morin in [1], apcupsd configure script is ugly,
and uses gcc to do the link line-wrapping which will raise the following
build failure with gcc 13:
/home/buildroot/autobuild/instance-1/output-1/host/opt/ext-toolchain/bin/../lib/gcc/powerpc64le-buildroot-linux-gnu/13.2.0/../../../../powerpc64le-buildroot-linux-gnu/bin/ld: /home/buildroot/autobuild/instance-1/output-1/host/opt/ext-toolchain/bin/../lib/gcc/powerpc64le-buildroot-linux-gnu/13.2.0/../../../../powerpc64le-buildroot-linux-gnu/lib/../lib64/libsupc++.a(eh_alloc.o): in function `std::basic_string_view<char, std::char_traits<char> >::compare(unsigned long, unsigned long, char const*, unsigned long) const':
eh_alloc.cc:(.text._ZNKSt17basic_string_viewIcSt11char_traitsIcEE7compareEmmPKcm[_ZNKSt17basic_string_viewIcSt11char_traitsIcEE7compareEmmPKcm]+0x44): undefined reference to `std::__throw_out_of_range_fmt(char const*, ...)'
It will also raise the following build failure on sparc/arc:
/home/autobuild/autobuild/instance-3/output-1/host/opt/ext-toolchain/bin/../lib/gcc/arceb-snps-linux-uclibc/9.2.1/../../../../arceb-snps-linux-uclibc/bin/ld: /home/autobuild/autobuild/instance-3/output-1/host/arceb-buildroot-linux-uclibc/sysroot/lib/libsupc++.a(eh_throw.o): in function `__exchange_and_add_dispatch':
/SCRATCH/arcjenkins2/slaves/ru20-custom-arcgnu2/workspace/arcoss_verification/arc_gnu_toolchain_release/arc_gnu_toolchain_release/bd-uclibceb/gcc-stage2/arceb-snps-linux-uclibc/libstdc++-v3/include/ext/atomicity.h:82: undefined reference to `__gnu_cxx::__exchange_and_add(int volatile*, int)'
/home/autobuild/autobuild/instance-3/output-1/host/opt/ext-toolchain/bin/../lib/gcc/arceb-snps-linux-uclibc/9.2.1/../../../../arceb-snps-linux-uclibc/bin/ld: /SCRATCH/arcjenkins2/slaves/ru20-custom-arcgnu2/workspace/arcoss_verification/arc_gnu_toolchain_release/arc_gnu_toolchain_release/bd-uclibceb/gcc-stage2/arceb-snps-linux-uclibc/libstdc++-v3/include/ext/atomicity.h:82: undefined reference to `__gnu_cxx::__exchange_and_add(int volatile*, int)'
Instead of trying to patch the configure script as advocated by
Yann E. Morin, set LD to TARGET_CXX as:
- this solution is quicker
- usptream is dead (last release in 2016)
- this solution has already been used in other packages (nodejs, zmqpp)
[1]: https://patchwork.ozlabs.org/project/buildroot/patch/20200812171821.2517-1-Evgeniy.Didin@synopsys.com/
Fixes:
- http://autobuild.buildroot.org/results/6096c3ddc5edf3204635c2c90246c2e8c8e074e7
- http://autobuild.buildroot.org/results/d8a/d8a3ab31c5b86871c7e1117f4ffa7b6cedfcb7e0/build-end.log
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit cd2dcaa6c6)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit 3e4b479f39 forgot to add C++
comment
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit b66ce2631c)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
mips raises the following build failure since the addition of the
package in commit 3e4b479f39:
compel/arch/mips/plugins/std/memcpy.S:7: Error: opcode not supported on this processor: mips32 (mips32) `dadd $2,$0,$4'
compel/arch/mips/plugins/std/memcpy.S:8: Error: opcode not supported on this processor: mips32 (mips32) `daddiu $13,$0,0'
Indeed, dadd and daddiu are specific to mips64
Building on mips64 doesn't work either as it raises the following build
failure:
/tmp/ccArXSfi.s:305: Error: opcode not supported on this processor: mips64 (mips64) `rdhwr $2,$29'
Fixes:
- http://autobuild.buildroot.org/results/b0341d0654e66bdac2c91d5949be3810a961d9da
- http://autobuild.buildroot.org/results/b7b8860476de04980bd8c7241d3dd5a01a0251c8
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 3865d88423)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
cpe:2.3🅰️libaio_project:libaio:-:*:*:*:*:*:*:*is a valid CPE identifier
for this package:
https://nvd.nist.gov/products/cpe/detail/69B8039E-7837-4DE3-8DFE-C2E4D834EE78
Signed-off-by: Christian Hitz <christian.hitz@bbv.ch>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 0d615aa138)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
cpe:2.3🅰️duktape_project:duktape:2.7.0:*:*:*:*:*:*:* is a valid CPE
identifier for this package:
https://nvd.nist.gov/products/cpe/detail/DEAF95D7-0DAB-4025-8C5A-9CCF80D75CF2
Signed-off-by: Christian Hitz <christian.hitz@bbv.ch>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit e8edf25ac8)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
- Fix#27: possible buffer overrun in uev_run()
- Update hash of LICENSE file (update in year with
0f59096154)
https://github.com/troglobit/libuev/blob/v2.4.1/ChangeLog.md
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Joachim Wiberg <troglobit@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit e3518dd952)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The condition checking whether the webrtc-audio-processing package is
enabled, added in commit
3ccd3b4c38 ("package/pipewire: bump to
version 0.3.32") is obviously incorrect, and can never be true.
Fix the condition to use the correct variable instead.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 52f8db409f)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Now that it is handled globally in TARGET_MAKE_ENV.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 9024e18665)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
A number of packages try to detect if they are running in a git repo and run
git describe at build time instead of using the hard coded version number if
it succeed, leading to odd version numbers as they end up picking up the
Buildroot git version if building inside a Buildroot git checkout, E.G.:
rauc --version
rauc 2023.11-562-g9c954953b4+
This is because rauc builds with meson and uses vcs_tag:
https://github.com/rauc/rauc/blob/v1.11/meson.build#L168-L171https://mesonbuild.com/Reference-manual_functions.html#vcs_tag
Another example is micropython, where we already work around it by passing
GIT_DIR=.
In the context of Buildroot the packages are never built in their own git
checkout, so pass GIT_DIR=. to ensure git doesn't walk back up the
directory tree and finds the Buildroot git repo, which fixes the rauc (and
similar) issues.
>>> rauc 1.11 Building
..
ninja: Entering directory `/home/peko/source/buildroot/output-rauc/build/rauc-1.11//build'
[1/29] Generating version.h with a custom command
fatal: not a git repository: '.'
cat output-rauc/build/rauc-1.11/build/version.h
#define PACKAGE_STRING "rauc 1.11"
#define PACKAGE_VERSION "1.11"
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit c07aafa087)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Building for i386 raises the following build failure since the additon
of the package in commit 3e4b479f39:
Makefile:23: *** "The architecture i386 isn't supported". Stop.
Setting ARCH=x86 won't work either as it results in the following build
failure:
compel/arch/x86/plugins/std/memcpy.S: Assembler messages:
compel/arch/x86/plugins/std/memcpy.S:20: Error: bad register name `%rdi'
compel/arch/x86/plugins/std/memcpy.S:21: Error: bad register name `%rdx'
compel/arch/x86/plugins/std/memcpy.S:22: Error: `shrq' is only supported in 64-bit mode
compel/arch/x86/plugins/std/memcpy.S:24: Error: `movsq' is only supported in 64-bit mode
compel/arch/x86/plugins/std/syscalls/syscall-common-x86-64.S: Assembler messages:
compel/arch/x86/plugins/std/syscalls/syscall-common-x86-64.S:13: Error: bad register name `%rcx'
compel/arch/x86/plugins/std/syscalls/syscall-common-x86-64.S:19: Error: bad register name `%rax'
Fixes:
- http://autobuild.buildroot.org/results/94cc463762b57efacf743d107a8dda7660a995a3
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit bb3ede3b36)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit 768f9f80f6 (support/download: generate even more reproducible
tarballs) causes non-reproducibility in tarballs we previousy
generated, especially the archives for two cargo-vendored packages,
ripgrep and sentry-cli.
The cause is that those two pakcages eventually vendor a file that has
the u+x bit set, but is otehrwise go-x. With 768f9f80f6, the files are
now go+x, so the hash for those generated archives has changed.
Besides, that commit was wrong: it did not account for the 'r' bit for
go part, leaving some non-reproducibility still unaccounted for.
So, to generate really reproducible archives, we would need to fix that
read bit as well, and that has the potential to affect all the archives
we generated so far. If we wanted to do so, we'd need a way to version
all generated archives, like we do for git and svn, but now for all the
different CVSes, as well as for all the vendoring post-processes.
For 768f9f80f6, all that was of conern was the working copies of CVSes
(i.e. git, svn, cvs...) that we cache in the Buildroot download dir, not
the temporary files during post-processing. Indeed, in that latter case,
the user has virtually no way to mangle with the mode of the
intermediate extract before repack.
And we do have a big fat warning that users should not attempt to meddle
with the git tree that Buildroot caches.
As 768f9f80f6 however demonstrates, is that it took quite a long time
between the introduction of the git caching, and the time someone
eventually discovered they could meddle in there. This shows that the
issue it not actually critical in most setups.
Also, the tar manual [0] hints at a better solution to handle
reproducibility, which even avoids touching the files on disk which is
even nicer:
‘--mode='go+u,go-w'’
Omit irrelevant information about file permissions.
If we were to actually handle the mode bit for reproducibility, we'd
need to:
- introduce archive versioning for all download backends and
prost-processing
- use the tar officially suggested method
So, revert that change, as it was incomplete, was not really fixing much
issues, and causes actual issues.
This reverts commit 768f9f80f6.
[0] https://www.gnu.org/software/tar/manual/tar.html#Reproducibility
Thanks to Vincent and Arnout for pointing at the tar manual.
Reported-by: Antoine Coutant <antoine.coutant@smile.fr>
Reported-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Vincent Fazio <vfazio@xes-inc.com>
Cc: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Tested-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Antoine Coutant <antoine.coutant@smile.fr>
(cherry picked from commit 9fbd3d8574)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit 6d163e12a4 (package/udev: move render and sgx to
package/systemd) moved the sgx group creation to the systemd package because
eudev at that time did not reference it. This changed in eudev 3.1.12 with
commit a8ffcd1b985fb4 (rules/50-udev-default.rules: fix issue 160) so move
it back to get rid of a warning from udevd:
udevd[303]: specified group 'sgx' unknown
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit edfa9ea45c)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
flutter-gallery was erroneously placed under the "Graphic libraries"
section of the menu "Graphic libraries and applications (graphic/text)"
menu. However, as flutter-gallery is a flutter-based graphical user
interface (GUI) application, it is better suited to be placed under the
"Graphic applications" section.
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 75d78e4225)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
flutter-pi was erroneously placed under the "Graphic libraries" section
of the menu "Graphic libraries and applications (graphic/text)" menu.
However, as flutter-pi is an application that runs graphic applicaitons
it is better suited to be placed under the "Graphic applications"
section.
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 1a2ae469d0)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix the following build failure on sparc64 raised since bump to version
0.85 in commit 470f0fb1ec:
error[E0308]: mismatched types
--> /home/autobuild/autobuild/instance-7/output-1/build/nushell-0.85.0/VENDOR/uucore/src/lib/features/fs.rs:121:16
|
111 | pub fn number_of_links(&self) -> u64 {
| --- expected `u64` because of return type
...
121 | return self.0.st_nlink;
| ^^^^^^^^^^^^^^^ expected `u64`, found `u32`
|
help: you can convert a `u32` to a `u64`
|
121 | return self.0.st_nlink.into();
| +++++++
For more information about this error, try `rustc --explain E0308`.
error: could not compile `uucore` (lib) due to previous error
Fixes:
- http://autobuild.buildroot.org/results/f9f0287a8e39c65895014ca513ed25071f020add
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit b7c163f190)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
C++ is no longer required for python-brotli as of version 1.1.0:
c8df4b3049
Drop python-brotli C++ depends comment from python-weasyprint
reverse dependency.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit a51c664ef5)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Upstream added various utilities, for example exim_id_update
with commit 46a36afae4
which is a "Utility for one-time upgrage/downgrade between exim message-
id formats, around the 4.97 transition" which would add a dependency to
host-perl/perl so we build and install only the needed exim binary.
Fixes:
http://autobuild.buildroot.net/results/111302dc3b4763befe9b159ae59b1b72de9162ea/
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 9bf9cac489)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
go1.21.6 (released 2024-01-09) includes fixes to the compiler, the runtime, and
the crypto/tls, maps, and runtime/pprof packages.
https://go.dev/doc/devel/release#go1.21.6
Signed-off-by: Christian Stewart <christian@aperture.us>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 22393c9326)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix the following build failure raised because madplay uses mad_f_mul
which is defined in usr/include/mad.h (installed by libmad which has
been fixed by a similar workaround in commit
0aaadd525f, unfortunately the fix works
for compiled code, not mad_f_mul define):
/tmp/cc5SGGoU.s:102: Error: selected processor does not support `smull r8,r9,r2,r4' in Thumb mode
Fixes:
- http://autobuild.buildroot.org/results/0c0955d4f6726b50cad721f4d3437dabde316e70
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit a9da692606)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
- Use official tarball
- Update hash of license file (some packages have been added or removed
but the list of licenses is the same)
- Fix CVE-2023-7158: A vulnerability was found in MicroPython up to
1.21.0. It has been classified as critical. Affected is the function
slice_indices of the file objslice.c. The manipulation leads to
heap-based buffer overflow. It is possible to launch the attack
remotely. The exploit has been disclosed to the public and may be
used. Upgrading to version 1.22.0 is able to address this issue. It is
recommended to upgrade the affected component. The identifier of this
vulnerability is VDB-249180.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 1e12b7dd49)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
