Commit Graph

44512 Commits

Author SHA1 Message Date
James Grant
d69d9db3ce package/qt5/qt5base: add custom configure options last
This allows all options set by Buildroot to be overridden.

Signed-off-by: James Grant <james.grant@jci.com>
[Peter: drop original line as pointed out by Thomas]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-03-01 10:12:36 +01:00
Fabrice Fontaine
2eb31511f5 support/dependencies: require at least CMake 3.8
gerbera package in version 1.3 unfortunately now requires CMake >= 3.8
for C++17 macros:
b5fd39f30f

So we need to bump our requirement from 3.1 to 3.8. If the host doesn't
have a CMake >= 3.8, Buildroot will build its own host-cmake package.

Also drop patch that relax cmake requirement on json-for-modern-cpp

Fixes:
 - http://autobuild.buildroot.org/results/6405647b47b132ff5d0d211b92d407322d52d507

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-03-01 10:10:30 +01:00
Peter Seiderer
3e15083f18 package/zbar: needs c99 mode
Fixes [1]:

  bar/sqcode.c: In function 'sq_scan_shape':
  zbar/sqcode.c:171:5: error: 'for' loop initial declarations are only allowed in C99 or C11 mode
       for (int x = x0 - 1; x < x0 + width + 1; x++) {
       ^
  zbar/sqcode.c:171:5: note: use option -std=c99, -std=gnu99, -std=c11 or -std=gnu11 to compile your code

[1] http://autobuild.buildroot.net/results/7d544275756f655f9d42c05562aca653923155b1

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-02-28 23:40:30 +01:00
Peter Korsgaard
cbf1d861fa {linux, linux-headers}: bump 4.{4, 9, 14, 19, 20}.x series
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-02-27 14:38:41 +01:00
Christian Stewart
905e976a6a runc: depend on linux headers >= 3.11 for O_TMPFILE
Fixes:
http://autobuild.buildroot.net/results/63e9d88ae5177541be463f1e2aafec59aa410479

Add dependency on headers >= 3.11 for O_TMPFILE, used by runc after the
fix for CVE-2019-5736 and propagate to the reverse dependencies of runc.

Notice that C library support for O_TMPFILE is also needed, which was added
in glibc 2.19 and musl 0.9.15.

Signed-off-by: Christian Stewart <christian@paral.in>
[Peter: squash series, extend commit message, mention C library dependency,
	fix indentation]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-02-27 10:05:49 +01:00
Baruch Siach
c12b32ba46 package/systemd: add upstream security fixes
CVE-2019-6454: systemd (PID1) crash with specially crafted D-Bus message
from unprivileged user

Cc: Maxime Hadjinlian <maxime.hadjinlian@gmail.com>
Cc: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-02-26 19:41:17 +01:00
Baruch Siach
759c9623aa package/stress-ng: add libbsd optional dependency
stress-ng optionally detects and uses BSD wcsl* wchar string functions.

Cc: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-02-26 19:40:38 +01:00
Adam Duskett
55f45e6833 DEVELOPERS: Add myself to several packages.
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-02-26 19:37:47 +01:00
Peter Korsgaard
4b2fff01c0 package/cryptopp: fix dos/unix newlines in patch
Fixes:
http://autobuild.buildroot.net/results/0a26265961747600388258d32ba7dc9226c9249b/

Commit 40005b9a0d (package/cryptopp: fix build with gcc < 4.9) added a
patch to fix building with old toolchains.  The source code unfortunately
contains a mix of DOS and UNIX newlines, and the DOS new lines got stripped
by the mailing list, causing the patch to no longer apply.

Fix up the patch manually.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-02-26 14:48:45 +01:00
Romain Naour
d8605e4bb0 package/gcc: bump to version 8.3.0
Remove upsteam xtensa patches:
68ca69a485
972057cb25

Tested using Toolchain-builder:
https://gitlab.com/kubu93/toolchains-builder/pipelines/48904471

Signed-off-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-02-26 13:09:27 +01:00
Carlos Santos
b5c1639a83 boot/syslinux: fix build with EFI support
Commit 1a437fd22f bumped gnu-efi to version 3.0.9. This breaks the build
of syslinux with EFI support due to multiple definitions of 'memset' and
'memcpy'. Backport a patch already applied upstream to fix the problem.

Signed-off-by: Carlos Santos <casantos@datacom.com.br>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-02-26 13:07:46 +01:00
Thomas De Schampheleire
a669c0f2f5 package/iproute2: backport patch to fix compilation under glibc < 2.18
When compiling iproute2 using a toolchain containing glibc 2.17 and
older, it fails due to a missing definition of AF_VSOCK.

Add a submitted and accepted upstream patch to fix this issue.

Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Reviewed-by: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-02-25 22:25:44 +01:00
James Hilliard
3e4b82b996 package/pkg-meson: fix meson cpu_family format
meson requires a custom cpu_family format
https://mesonbuild.com/Reference-tables.html#cpu-families

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Reviewed-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-02-25 22:12:28 +01:00
Baruch Siach
da6bcf9e86 package/libssh: bump to version 0.8.7
Drop upstream patch.

Fixes strict-overflow build error with older toolchains.

Fixes:
http://autobuild.buildroot.net/results/b95b1939a55111fc6b90ef253a32402b87f9c4ab/
http://autobuild.buildroot.net/results/281cb7b940178e4fe98940ddeed07ad546b23931/
http://autobuild.buildroot.net/results/e95d5957c19ff01120903a66d1167279a34da2ce/

Cc: Scott Fan <fancp2007@gmail.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-02-25 22:07:40 +01:00
Vadim Kochan
d7c92f7e12 package/stress-ng: Fix author email in 0003-test-test-bsd-wchar-...patch
Author's and sign-off's emails differs, so fix the author's one which
is not valid anymore.

Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-02-25 13:47:31 +01:00
Peter Korsgaard
82c67d3050 package/ibrcommon: fix dos/unix newlines in patch
Fixes:
http://autobuild.buildroot.net/results/e88/e881667f388eea4cce2f804b373af4e3038e7b52/

commit fc9f9cd76f (package/ibrcommon: fix static build with openssl) added a
patch to fix static linking.  The source code unfortunately contains a mix
of DOS and UNIX newlines, and the DOS new lines got stripped by the mailing
list, causing the patch to no longer apply.

Fix up the patch manually.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-02-24 23:12:27 +01:00
Fabrice Fontaine
ae7ba64501 package/botan: link with libatomic when needed
On some architectures, atomic built-ins are provided by the libatomic
library from gcc. Linking with libatomic is therefore necessary,
otherwise the build fails with:

sparc-buildroot-linux-uclibc/sysroot/lib/libatomic.so.1: error adding symbols: DSO missing from command line

This is often for example the case on sparcv8 32 bit.

Fixes:
 - http://autobuild.buildroot.org/results/a442734c570e4a02854014d831ba3aab9f592430

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-02-24 22:06:15 +01:00
Fabrice Fontaine
cd70bde797 package/libcpprestsdk: link with libatomic when needed
On some architectures, atomic binutils are provided by the libatomic
library from gcc. Linking with libatomic is therefore necessary,
otherwise the build fails with:

sparc-buildroot-linux-uclibc/sysroot/lib/libatomic.so.1: error adding symbols: DSO missing from command line

This is often for example the case on sparcv8 32 bit.

Fixes:
 - http://autobuild.buildroot.org/results/983537ceb38add50ca0a2316f39a2964db1b83c5

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-02-24 22:05:18 +01:00
Fabrice Fontaine
f88bf61b29 package/i2pd: link with libatomic when needed
On some architectures, atomic binutils are provided by the libatomic
library from gcc. Linking with libatomic is therefore necessary,
otherwise the build fails with:

sparc-buildroot-linux-uclibc/sysroot/lib/libatomic.so.1: error adding symbols: DSO missing from command line

This is often for example the case on sparcv8 32 bit.

Fixes:
 - http://autobuild.buildroot.org/results/515160349b11f06a090f3e13992e30da9a402c17

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-02-24 22:02:32 +01:00
Francois Perrad
dd6e3c8f1a package/lua-curl: add variant definition of lcurl_url_t
lua-curl has separate code paths for compilers that support forward
typedef declarations and those who don't. For the latter case, one
structure was not properly defined, causing a build failure with older
compilers.

Fixes:

  http://autobuild.buildroot.org/results/8d76ad49837b368a7bba3c3dfd445a035471268a/

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
[Thomas: improve commit log]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-02-24 21:58:16 +01:00
Bernd Kuhls
50610dccfa package/clamav: link with libatomic when needed
Configure check for OpenSSL fails:

/accts/mlweber1/rclinux/rc-buildroot-test/scripts/instance-3/output/host/sparc-buildroot-linux-uclibc/sysroot/usr/lib/libcrypto.a(threads_pthread.o): In function `CRYPTO_atomic_add':
threads_pthread.c:(.text+0x1dc): undefined reference to `__atomic_is_lock_free'
threads_pthread.c:(.text+0x1f4): undefined reference to `__atomic_fetch_add_4'

Fixes
http://autobuild.buildroot.net/results/cae8da81adff3ba493154e0ba8b21d90367f82eb/

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-02-24 21:37:28 +01:00
Peter Seiderer
a7bcd202d7 package/qt5base: fix double-conversion compile for riscv
Fixes [1], [2]:

  ../3rdparty/double-conversion/include/double-conversion/utils.h:83:2: error: #error Target architecture was not detected as supported by Double-Conversion.

[1] http://autobuild.buildroot.net/results/8bdb6a2b56f6ea96649184e5fef6ce2c56b9ec2b
[2] http://autobuild.buildroot.net/results/63ba267674b424786bb10c97c565f4306147f95a

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-02-24 21:30:20 +01:00
Fabrice Fontaine
292c5a0ecd package/upmpdcli: needs NPTL
The software uses pthread_mutexattr_setrobust which isn't available in
uClibc-ng Linuxthreads support.

Fixes:
 - http://autobuild.buildroot.org/results/197615ad077b0a719954024c3ba182dac43a0555

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Acked-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-02-24 21:23:41 +01:00
Fabrice Fontaine
ff50cc8b05 package/systemd: fix build with older kernels
These 4 patches have been sent upstream and merged in version 241:
https://github.com/systemd/systemd/pull/11641

Fixes:
 - http://autobuild.buildroot.org/results/970b09e1d49b53dff12a07ca4ad424ef9dd29a69
 - http://autobuild.buildroot.org/results/0a671b08d5e74ff0b04024e729c498c4444e3e92

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-02-24 21:14:06 +01:00
Peter Korsgaard
a6c9317243 docs/website: update for 2018.11.3
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-02-24 08:00:01 +01:00
Peter Korsgaard
234525e782 Update for 2018.11.3
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 8147c71039)
[Peter: drop Makefile changes]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-02-24 07:57:43 +01:00
Peter Korsgaard
d42220921c docs/website: update for 2018.02.11
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-02-23 22:46:33 +01:00
Peter Korsgaard
ea5cf87d56 Update for 2018.02.11
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 56347fc8ea)
[Peter: drop Makefile changes]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-02-23 22:42:56 +01:00
Fabrice Fontaine
fc9f9cd76f package/ibrcommon: fix static build with openssl
gf_mul is already defined in libcrypto (openssl) so rename it into
ibrdtn_gf_mul to fix the following build failure in ibrdtnd package:

/home/buildroot/autobuild/instance-3/output/host/bin/../arm-buildroot-uclinux-uclibcgnueabi/sysroot/usr/lib/libcrypto.a(f_impl.o): In function `gf_mul':
f_impl.c:(.text+0x0): multiple definition of `gf_mul'
/home/buildroot/autobuild/instance-3/output/host/arm-buildroot-uclinux-uclibcgnueabi/sysroot/usr/lib/libibrcommon.a(gf128mul.o):gf128mul.cpp:(.text+0x30): first defined here
collect2: error: ld returned 1 exit status
Makefile:560: recipe for target 'dtnd' failed

Fixes:
 - http://autobuild.buildroot.org/results/1d3b4b6cf043a3e185ce758b617a0a18c3d36cdb

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-02-23 17:24:10 +01:00
Francois Perrad
98cb0faa4c package/luaexpat: restore getcurrentbytecount, required by prosody
Fixes:

  https://gitlab.com/buildroot.org/buildroot/-/jobs/158295314

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-02-23 17:00:55 +01:00
Peter Korsgaard
108c831230 Update for 2019.02-rc2
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-02-23 15:06:12 +01:00
Bernd Kuhls
e2c21905ff package/tor: security bump to 0.3.5.8
Release notes:
https://blog.torproject.org/new-releases-tor-0402-alpha-0358-03411-and-03312

Fixes CVE-2019-8955:
KIST can write above outbuf highwater mark
https://trac.torproject.org/projects/tor/ticket/29168

Updated license hash after upstream commit
https://gitweb.torproject.org/tor.git/commit/LICENSE?h=maint-0.3.5&id=efe55b88987c2539c218fdf1f46f16f9bdc3a8eb
which bumps copyright date to 2019.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-02-23 09:54:21 +01:00
Fabio Estevam
d76dce1f43 configs/imx23evk: Bump the U-Boot version
Thomas Petazzoni reports:

"The imx23evk_defconfig no longer builds:

  https://gitlab.com/buildroot.org/buildroot/-/jobs/158295124

This is due to the bump of OpenSSL to 1.1.x. This issue seems to have
been fixed in U-Boot commit 7bae13b7579a6bc42330427496330fe2a29cbd56,
which is part of U-Boot since 2017.01, but the defconfig is using
2016.09."

Bump to the U-Boot 2019.01 to fix this problem.

Fixes:  https://gitlab.com/buildroot.org/buildroot/-/jobs/158295124

Reported-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-02-23 09:53:50 +01:00
Vadim Kochan
2a358818e9 package/stress-ng: Fix build issue with libbsd wchar check
stress-ng uses test/test-bsd-wchar.c program to check if there is
support for libbsd's wchar, but the test fails because wchar.h also
requires the FILE* definition from stdio.h which is not included
automatically, so fix it by include stdio.h explicitly.

Fixes:
	http://autobuild.buildroot.net/results/6def1bba8e7ec05682e74c4edc3a35c8c118d28b

Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-02-23 09:44:36 +01:00
Fabrice Fontaine
40005b9a0d package/cryptopp: fix build with gcc < 4.9
Disable AVX2 if gcc < 4.9

Fixes:
 - http://autobuild.buildroot.org/results/195e40b34344f773da51a3fbff9d8e76c517eed1

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-02-22 22:30:29 +01:00
Thomas Petazzoni
c8b32ce8ac configs/orangepi_{lite2, one_plus}: use correct kernel headers version
In the following commits:

85f4bd9425 configs/orangepi_lite2: fix kernel headers option
506cdeb2d0 configs/orangepi_one_plus: fix kernel headers option

We fixed the orangepi_lite2 and orangepi_one_plus defconfigs to use
the BR2_PACKAGE_HOST_LINUX_HEADERS_CUSTOM_X_Y option. However, we were
mistaken by the existing comment saying that 4.18 kernel headers
should be used. This was wrong, as the kernel source code in use is
4.19, so this commit fixes the
BR2_PACKAGE_HOST_LINUX_HEADERS_CUSTOM_X_Y to use the correct version.

Fixes:

  https://gitlab.com/buildroot.org/buildroot/-/jobs/165766089
  https://gitlab.com/buildroot.org/buildroot/-/jobs/165766093

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-02-22 22:30:29 +01:00
Fabrice Fontaine
2a01a32819 package/gdb: disable inprocess-agent in static build
Fixes:
 - http://autobuild.buildroot.org/results/b40bdbca6669a81301fca523e982dbc9584a4e65

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-02-22 22:29:59 +01:00
Thomas Petazzoni
3e4b32691b configs/rock64: Linux needs host OpenSSL
The Linux configuration used in the rock64_defconfig requires
host-openssl to be built, otherwise the build fails with:

scripts/extract-cert.c:21:25: fatal error: openssl/bio.h: No such file or directory
 #include <openssl/bio.h>

So let's enable BR2_LINUX_KERNEL_NEEDS_HOST_OPENSSL.

Fixes:

  https://gitlab.com/buildroot.org/buildroot/-/jobs/165766161

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-02-22 22:25:57 +01:00
Fabrice Fontaine
26d0729789 package/reaver: fix build on m68k
Fixes:
 - http://autobuild.buildroot.org/results/935c038b921ffa0f185571de41223e4c201e964b

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-02-22 22:23:34 +01:00
Thomas Petazzoni
6327a8f0d6 configs/zynq_zybo: remove defconfig
This defconfig was added in October 2016 and was never updated since
then. It currently fails to build because U-Boot is too old and
doesn't build with host-openssl in version 1.1.x.

On February 13, 2019, the original submitter was notified, but didn't
reply, so let's remove the defconfig for this platform.

Fixes:

  https://gitlab.com/buildroot.org/buildroot/-/jobs/165766194

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-02-22 22:19:19 +01:00
Peter Korsgaard
12f644e2c5 package/bind: security bump to version 9.11.5-P4
Fixes the following security issues:

- named could crash during recursive processing of DNAME records when
  deny-answer-aliases was in use.  This flaw is disclosed in CVE-2018-5740.
  [GL #387]

- When recursion is enabled but the allow-recursion and allow-query-cache
  ACLs are not specified, they should be limited to local networks, but they
  were inadvertently set to match the default allow-query, thus allowing
  remote queries.  This flaw is disclosed in CVE-2018-5738.  [GL #309]

- Code change #4964, intended to prevent double signatures when deleting an
  inactive zone DNSKEY in some situations, introduced a new problem during
  zone processing in which some delegation glue RRsets are incorrectly
  identified as needing RRSIGs, which are then created for them using the
  current active ZSK for the zone.  In some, but not all cases, the
  newly-signed RRsets are added to the zone's NSEC/NSEC3 chain, but
  incompletely -- this can result in a broken chain, affecting validation of
  proof of nonexistence for records in the zone.  [GL #771]

- named could crash if it managed a DNSSEC security root with managed-keys
  and the authoritative zone rolled the key to an algorithm not supported by
  BIND 9.  This flaw is disclosed in CVE-2018-5745.  [GL #780]

- named leaked memory when processing a request with multiple Key Tag EDNS
  options present.  ISC would like to thank Toshifumi Sakaguchi for bringing
  this to our attention.  This flaw is disclosed in CVE-2018-5744.  [GL
  #772]

- Zone transfer controls for writable DLZ zones were not effective as the
  allowzonexfr method was not being called for such zones.  This flaw is
  disclosed in CVE-2019-6465.  [GL #790]

For more details, see the release notes:

http://ftp.isc.org/isc/bind9/9.11.5-P4/RELEASE-NOTES-bind-9.11.5-P4.html

Change the upstream URL to HTTPS as the webserver uses HSTS:

>>> bind 9.11.5-P4 Downloading
URL transformed to HTTPS due to an HSTS policy

Update the hash of the license file to account for a change of copyright
year:

-Copyright (C) 1996-2018  Internet Systems Consortium, Inc. ("ISC")
+Copyright (C) 1996-2019  Internet Systems Consortium, Inc. ("ISC")

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-02-22 17:58:55 +01:00
Baruch Siach
872561cd5b package/unzip: add security and bug fix patches from Debian
Debian bug #741384: Buffer overflow

Debian bug #744212: Buffer overflow

CVE-2014-8139: CRC32 verification heap-based overflow

CVE-2014-8140: Out-of-bounds write issue in test_compr_eb()

CVE-2014-8141: Out-of-bounds read issues in getZip64Data()

CVE-2014-9636: Heap overflow

CVE-2015-7696: Heap overflow when extracting password-protected archive

CVE-2015-7697: Infinite loop when extracting password-protected archive

Red Hat Bugzilla #1260944: Unsigned overflow on invalid input

Debian bug #842993: Do not ignore Unix Timestamps

CVE-2014-9913: Buffer overflow

CVE-2016-9844: Buffer overflow in zipinfo

CVE-2018-1000035: Buffer overflow in password protected ZIP archives

Cc: Luca Ceresoli <luca@lucaceresoli.net>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-02-22 14:45:04 +01:00
Matt Weber
51bb23652f package/proftpd: prevent openssl pthread detection
The proftpd configure script doesn't use pkg-config to detect openssl
libraries. Instead, it just adds -lcrypto. Since openssl may be linked
with pthread, it tries to detect that by calling 'openssl version -f',
which gives the arguments with which openssl was compiled.

Since the openssl executable used is either host-openssl or the system
installed openssl, the output of 'openssl version -f' is useless in
Buildroot context. If the target toolchain doesn't have threads support,
it will wrongly pick up -pthread from host-openssl.

Fortunately there is a simple workaround: --without-openssl-cmdline says
that there is no openssl executable and skips the test, so -pthread is
not added. It turns out -pthread is never needed, even in static linking
cases, because openssl/libressl puts the thread support in a separate
object file that only gets linked in if the program actually uses
threads (which proftpd doesn't).

Fixes:
http://autobuild.buildroot.net/results/9c25c3cb3cf93b76c0538c5376a803641bf6575b

Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
[Rewrite commit log, after additional analysis and testing]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2019-02-22 00:15:01 +01:00
Thomas De Schampheleire
4c24006b0e package/dtc: additional fix of include guards for older u-boot
With recent dtc but old u-boot, compilation issues occur related to libfdt.
These problems really are u-boot issue since it does not properly set
include paths so that its own headers are included. Nevertheless, since the
u-boot version is typically decided by users and stuck at some version
provided by a SoC or board vendor, it is not feasible to fix those old
versions.

Instead, already several fixes were made in the past, in Buildroot.
See commits:

c7ffd8a75d "package/dtc: fix include guards for older kernel/u-boot"
f437bf547c "uboot: fix build for older uboot source trees"
bf73334232 "uboot: fix build when libfdt-devel is installed system-wide"
0bf80e4bcd "uboot: ensure host includes are searched before system default
                includes"
b15a7a62d3 "uboot: revert "uboot: use local libfdt.h""
baae5156ce "uboot: use local fdt headers"
3a6573ccee "uboot: use local libfdt.h"

Commit c7ffd8a75d fixes the problem caused by
dtc having changed their include guards from _FOO_H to FOO_H (leading
underscore removed). Old u-boot would still use _FOO_H, which (combined with
host-dtc headers that use FOO_H) would cause the inclusion of two different
copies of the same nominal include file, e.g. libfdt.h or libfdt_env.h,
causing 'error: redefinition of xxx' compilation issues.
The fix sets the 'new' include guard when the 'old' one is detected,
preventing a second inclusion of the same nominal file.

For some u-boot versions, however, this change not only needs to be made in
libfdt.h and libfdt_env.h, but also in 'fdt.h'.

Update the dtc patch to do just that.

Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2019-02-21 23:50:59 +01:00
Fabrice Fontaine
da304a832b package/madplay: fix static build
Add a patch to use pkg-config to find id3tag dependency (-lz)

Fixes:
 - http://autobuild.buildroot.org/results/5e4882ddacf205a92a3ff1e79649cf16e4b6c0ae

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[Arnout: add comment to AUTORECONF to refer to the patch]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2019-02-21 00:17:22 +01:00
Fabrice Fontaine
aa813cd9ac package/libid3tag: fix id3tag.pc
Add -lz to id3tag.pc, this fix is needed to be able to use pkg-config in
madplay to find id3tag dependencies

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2019-02-21 00:12:07 +01:00
Fabrice Fontaine
d5f4b3621d package/swupdate: update license files
COPYING contains only the license for GPL-2.0 so use the new license
files that have been added in the Licenses directory since version
2018.03 and
32c1f98eac

Also update GPL-2.0+ to "GPL-2.0+ with OpenSSL exception" and add
Exceptions file, see:
66d0dbe80f

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2019-02-20 23:55:18 +01:00
Yann E. MORIN
858d2e9a27 package/imagemagick: fixup help text layout
Signed-off-by: "Yann E. MORIN" <yann.morin@orange.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2019-02-20 23:48:04 +01:00
Gary Bisson
74693e09ae DEVELOPERS: update email address for Gary Bisson
Signed-off-by: Gary Bisson <bisson.gary@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2019-02-20 23:40:58 +01:00
Fabrice Fontaine
6bc9ded5dd package/rabbitmq-c: needs dynamic library
syslog-ng expects that rabbitmq-c is built with openssl support however
currently we're disabling openssl on rabbitmq-c in static build.

To fix this issue, add a dependency on dynamic library on rabbitmq-c and
its reverse dependencies (only BR2_PACKAGE_JANUS_GATEWAY_RABBITMQ as
php-amqp already depends on dynamic library)

Fixes:
 - http://autobuild.buildroot.org/results/fce91b98fb199a26ad5f5f726c9bdec4f9d64486

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2019-02-20 23:27:57 +01:00