The videotestsrc Gstreamer plugin is very useful for testing.
Enable it by default.
Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fixes the following security vulnerability:
- CVE-2019-19844: Potential account hijack via password reset form
By submitting a suitably crafted email address making use of Unicode
characters, that compared equal to an existing user email when lower-cased
for comparison, an attacker could be sent a password reset token for the
matched account
In addition, a number of bugs have been fixed. For details, see the release
notes:
https://docs.djangoproject.com/en/dev/releases/3.0.1/
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Currently, the sysv-rcs script has two issues:
- The return code of each RCS script is not checked.
- The output does not match the formatting of the other openrc
init scripts.
Modify the script in the following ways to fix both issues:
- Remove the "einfo "Starting sysv rc scripts"" at the top of the
start function in favor of "einfo "Starting $i" in the loop
itself.
- Add a "> /dev/null" to the end of $i start; this suppresses
stdout while still allowing for stderr messages to print to the
terminal.
- add an "eend $? to both the start and stop functions, this
allows for openrc to show if an RCS script returned 0 or
not.
The following is the startup output of OpenRC on a minimal system
with S01syslogd modified to exit with a return code 1 for testing
purposes:
Before:
* Adding static routes ...
[ ok ]
Starting default runlevel
* Starting sysv rc scripts
Starting syslogd: OK
Starting klogd: OK
Running sysctl: OK
After:
* Adding static routes ...
[ ok ]
Starting default runlevel
* Starting /etc/init.d/S01syslogd ...
[ !! ]
* Starting /etc/init.d/S02klogd ...
[ ok ]
* Starting /etc/init.d/S02sysctl ...
[ ok ]
Signed-off-by: Adam Duskett <aduskett@greenlots.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
jq 1.6 has a severe performance regression compared to 1.5. The problem is
reported [1] and fixed [2] upstream, but there are different commits and
later subsequent fixes on top of them that make it cumbersome to patch
specifically.
Instead, bump to a recent git version.
[1] https://github.com/stedolan/jq/issues/1826
[2] https://github.com/stedolan/jq/pull/1834
Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This commit adds a patch from upstream chromium[1] that allows passing
-I instead of -isystem to CFLAGS.
Fixes:
In file included from /usr/lib/gcc/x86_64-pc-linux-gnu/6.1.0/include/g++-v6/bits/stl_algo.h:59:0,
from /usr/lib/gcc/x86_64-pc-linux-gnu/6.1.0/include/g++-v6/algorithm:62,
from /usr/include/qt5/QtCore/qglobal.h:85,
from /usr/include/qt5/QtCore/qalgorithms.h:37,
from /usr/include/qt5/QtCore/qlist.h:37,
from /usr/include/qt5/QtCore/qstringlist.h:34,
from /usr/include/qt5/QtCore/QStringList:1,
from base/http/requestparser.cpp:32:
/usr/lib/gcc/x86_64-pc-linux-gnu/6.1.0/include/g++-v6/cstdlib:75:25: fatal error: stdlib.h: No such file or directory
#include_next <stdlib.h>
[1] a8c8396fd2
Signed-off-by: Bartosz Bilas <b.bilas@grinn-global.com>
[Thomas: improved commit log with comments from Giulio.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Import "0001-image-vfat-Add-label-option-to-set-volume-name.patch" from
the upstream repository. The changes made to the README.rst file had to
be removed from the patch so that the package can be compiled in
buildroot. The patch has been accepted upstream, but no releases have
been made yet which includes the feature.
Signed-off-by: Dario Binacchi <dariobin@libero.it>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
- Switch to meson-package
- Drop second patch (not needed anymore)
- Drop third patch (after feedback from upstream:
https://gitlab.freedesktop.org/vdpau/libvdpau/merge_requests/5)
- Disable documentation
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
package/openrc has the file sysv-rcs which starts sysvinit services
not written for openrc. However, currently it is not installed to
the target.
Install this file to $(TARGET_DIR)/etc/init.d during the
target_install step.
Signed-off-by: Adam Duskett <aduskett@greenlots.com>
[yann.morin.1998@free.fr: use full-path for destination, not just dir]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
There is no posix.wrappers anymore, but cobalt and modechk. Those only
play a role when building in combination with wrap-link.sh.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
That's a testsuite tool.
Rename XENOMAI_REMOVE_SKIN_LIST at this chance as it's cleaning
libraries, not only skins. Ditto, rename the hook accordingly.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
[yann.morin.1998@free.fr: also rename the hook]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Update the upstream URL in the help text in Config.in. This
addresses the 'Invalid(Err)' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fixes the following security vulnerabilities:
- CVE-2019-14889: Unsanitized location in scp could lead to unwanted command
execution.
And adds various hardening improvements. For details, see the announcement:
https://www.libssh.org/2019/12/10/libssh-0-9-3-and-libssh-0-8-8-security-release/
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
BR2_PACKAGE_GLIBC_UTILS config must not exist if we use other libc than glibc
Signed-off-by: Arthur Courtel <arthur.courtel@smile.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Switched to latest version on GitHub as linuxco.de is no longer
active. The appropriate entry for tcping on release-monitoring.org
has been updated and a new mapping has been added for the Buildroot
project.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fixes the following security vulnerabilities (in npm):
- CVE-2019-16775: Versions of the npm CLI prior to 6.13.3 are vulnerable to
an Arbitrary File Write. It is possible for packages to create symlinks
to files outside of thenode_modules folder through the bin field upon
installation
https://www.npmjs.com/advisories/1436
- CVE-2019-16776: Versions of the npm CLI prior to 6.13.3 are vulnerable to
an Arbitrary File Write. It fails to prevent access to folders outside of
the intended node_modules folder through the bin field
https://www.npmjs.com/advisories/1434
- CVE-2019-16777: Versions of the npm CLI prior to 6.13.4 are vulnerable to
an Arbitrary File Overwrite. It fails to prevent existing
globally-installed binaries to be overwritten by other package
installations
https://www.npmjs.com/advisories/1437
For further details, see the upstream announcements:
https://blog.npmjs.org/post/189618601100/binary-planting-with-the-npm-clihttps://nodejs.org/en/blog/vulnerability/december-2019-security-releases/
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
wavpack optionally depends on libcrypto since version 5.2.0 and
e158df5353
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
- Switch to github to get latest version
- Drop patches (already in version)
- Fix CVE-2018-19840: The function WavpackPackInit in pack_utils.c in
libwavpack.a in WavPack through 5.1.0 allows attackers to cause a
denial-of-service (resource exhaustion caused by an infinite loop) via
a crafted wav audio file because WavpackSetConfiguration64 mishandles
a sample rate of zero.
- Fix CVE-2018-19841: The function WavpackVerifySingleBlock in
open_utils.c in libwavpack.a in WavPack through 5.1.0 allows attackers
to cause a denial-of-service (out-of-bounds read and application
crash) via a crafted WavPack Lossless Audio file, as demonstrated by
wvunpack.
- Add hash for license file
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Microblaze ld emits warnings like:
'
FDE encoding in
CMakeFiles/KF5CoreAddons.dir/KF5CoreAddons_autogen/mocs_compilation.cpp.o(.eh_frame)
prevents .eh_frame_hdr table being created
'
Since '-Wl,--fatal-warnings' is passed by default, build fails, so don't
treat warnings as errors by appending "-Wl,--no-fatal-warnings" to
CMAKE_SHARED_LINKER_FLAGS that is previously defined in package
dependency kf5-extra-cmake-modules.
Fixes:
http://autobuild.buildroot.net/results/f19/f198c86930535c50393e17fc7a70fb4f27b096ee/
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The polkit daemon requires a polkitd user with permission to access the
following directories:
- /etc/polkit-1
- /usr/share/polkit-1
The /usr/bin/pkexec file must be owned by owned by root with the
permissions 4755 or else the error "pkexec must be setuid root" is
thrown when it's ran.
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
compatibility with Lua 5.0 was removed in LuaJIT/moonjit 2.1.x
(Lua 5.1.x and LuaJIT 2.0.x have this compatibility)
Fixes:
http://autobuild.buildroot.org/results/4e428df01def186cb034a1774f6c00e2e7c9468c/
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
[Thomas: add comment on .mk file]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Add an upstream URL to the help text in Config.in. This
addresses the 'Missing' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
[yann.morin.1998@free.fr:
- use the git tree instead of the 8-year old freshmeat webpage
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Update the upstream URL in the help text in Config.in. This
addresses the 'Invalid(Err)' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Update the upstream URL in the help text in Config.in. This
addresses the 'Invalid(Err)' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
[yann.morin.1998@free.fr: use offical (de) homepage]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
License files were updated since the previous version.
This patch update to the new license hashes. It also fixes the
"make legal-info" command failure due to the hash mismatch.
Fixes:
- http://autobuild.buildroot.org/results/d9d/d9d82dd6727b82a643cbb75ca33b88a4636bd5fe
Signed-off-by: Julien Olivain <juju@cotds.org>
[yann.morin.1998@free.fr: add autobuilder reference]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cthe test-case for python-gitdb2 consists solely in verifying that the
module can indeed be imported.
However, flake8 errors out on unused imports. Furthermore, it also
errors about wildcard imports, as it can detect unused symbols.
Squelch those errors.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
This allows the user to enable/disable manually the unit.
It is enabled by default
Signed-off-by: Jérémy Rosen <jeremy.rosen@smile.fr>
[yann.morin.1998@free.fr:
- split logn lines
- no need for continued line (no use for ';\' )
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
upstream-provided service has no WantedBy, which means that rauc won't
be enabled by default
Add a WantedBy instead of manually creating the symlink so the user can
enable/disable the unit properly
Signed-off-by: Jérémy Rosen <jeremy.rosen@smile.fr>
[yann.morin.1998@free.fr:
- split long line
- no need for continued line (no use for ';\' )
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Instead of using a manual symlink we use add a DefaultInstance= to the
config file
This is how upstream wants us to do it and allows systemctl preset to
correctly restore it if needed
Signed-off-by: Jérémy Rosen <jeremy.rosen@smile.fr>
[yann.morin.1998@free.fr:
- split long line
- no need for continued line (no use for ';\' )
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
All services were installed but not enabled.
This change enables the non-templated service but disables the
templated ones.
Enabling the templates creates weird links which are probably an
upstream bug.
Signed-off-by: Jérémy Rosen <jeremy.rosen@smile.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
NM has three services
* NetworkManger.service : the main daemon
* NetworkManger-dispatcher.service : a daemon handling network callbacks
* NetworkManager-wait-online.service : sync of other services with network-online
Only the first two were activated. We now also enable
wait-online. Not enabling it was probably a bug.
Note that buildroot adds an alias dbus-org.freedesktop.NetworkManager
Adding an alias that is not known upstream is not clean,
but I left it for backward compatibility
Signed-off-by: Jérémy Rosen <jeremy.rosen@smile.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
linuxptp has two services
* linuxptp.service : the actual daemon
* linuxptp-system-clock.service : sync the linux clock to the phc clock
The first was enabled, the second was not, we now enable both
The second has an incorrect (though harmless) WantedBy : there is an
explicit Wants= in linuxptp.service
Signed-off-by: Jérémy Rosen <jeremy.rosen@smile.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
connman has two services
* connman.service which is the real daemon
* connman-wait-online.service which is a sync point for network-online.target
Only the first one was enabled. This adaptation enables both.
Not enabling connman-wait-online.service is probably a bug
Signed-off-by: Jérémy Rosen <jeremy.rosen@smile.fr>
[yann.morin.1998@free.fr: fix check-package errors]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
All these packages have an upstream-provided service, but buildroot
enabled manually the services in exactly the same way as the [Install]
section.
This is not needed anymore
Signed-off-by: Jérémy Rosen <jeremy.rosen@smile.fr>
[yann.morin.1998@free.fr: fix check-package errors]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
All the packages in this list have the following properties
* units are provided by buildroot in the package directory
* the SYSTEMD_INSTALL_INIT_HOOK is exactly equivalent to what the
[Install] section of the unit does
The fix removes the soflinking in the .mk file
Signed-off-by: Jérémy Rosen <jeremy.rosen@smile.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>