since 2021.01, tools/binman is broken.
tools/binman/control.py imports pkg_resources
the module pkg_resources is supplied by setuptools,
so this new dependency is required.
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security issue:
CVE-2021-27135: xterm through Patch #365 allows remote attackers to cause a
denial of service (segmentation fault) or possibly have unspecified other
impact via a crafted UTF-8 character sequence.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security issue:
CVE-2020-17525: Remote unauthenticated denial-of-service in Subversion
mod_authz_svn
Subversion's mod_authz_svn module will crash if the server is using
in-repository authz rules with the AuthzSVNReposRelativeAccessFile option
and a client sends a request for a non-existing repository URL.
For more details, see the advisory:
https://subversion.apache.org/security/CVE-2020-17525-advisory.txt
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
From commit 20fb6d3288 this package was
disabled for musl because can-utils used the error() glibc extension
at that time.
Since then, can-utils fixed compilation on musl by replacing this
error() calls with err().
791b6de786
This commit disables the musl check.
Signed-off-by: Diego Hurtado de Mendoza <diego.hdmp@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This package is not needed anymore since 2014:
e36e4f0e2a
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The tool 'protoc' and its associated library libprotoc.so are only
needed during development, to convert a protocol buffer definition in the
associated code for a specific code language.
Buildroot does not officially support creating a development environment on
target, so remove these files to reduce disk usage by more than 1.5 MB
(stripped, uncompressed).
Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the gitlab build:
https://gitlab.com/buildroot.org/buildroot/-/jobs/1019385566/
HOSTCC scripts/extract-cert
scripts/extract-cert.c:21:25: fatal error: openssl/bio.h: No such file or directory
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
On install step the host tool syrepoctl is used to install some YANG
modules. Unfortunatly syrepoctl creates some files in /dev/shm folder and
does not cleanup afterwards. This files can be incompatible depending on
the used sysrepo version. This causes autobuilder failures when updating
the package [1].
To make sure we can remove this leftovers of sysrepoctl we specify a
build specific SYSREPO_SHM_PREFIX. With this the files can deleted safely
after installation is completed. This also ensures that concurrent
parallel builds will not affected mutualy.
The prfix must be unique between concurrent builds, so we use the build
directory ($(CONFIG_DIR)) to discriminate builds. It must also be unique
between top-level parallel package builds, so we also use the name of
the current package to discriminate.
Fixes:
[1] http://autobuild.buildroot.net/results/6e559c4f98b7ed93d7b5af638264e907492a6532/
Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Co-Developed-by: Yann E. MORIN <yann.morin.1998@free.fr>
[yann.morin.1998@free.fr:
- also use the package name as discriminant
- expand commit log accordingly
- rename the variable to start with the package name
- explain why we clean up before as well
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The sysrepoctl executable from the host-sysrepo package is used to
install YANG modules during installation. So add the dependency here.
Also make sure we use this executable by setting the make environment
variable SYSREPOCTL_EXECUTABLE. Otherwise a system wide installed
sysrepoctl would be used that is not what we want.
Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Client fixes:
- Check contexts before importing them to reduce risk of extracted files escaping context store
Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Security fixes:
- CVE-2021-21285 Prevent an invalid image from crashing docker daemon
- CVE-2021-21284 Lock down file permissions to prevent remapped root from accessing docker state
- Ensure AppArmor and SELinux profiles are applied when building with BuildKit
Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
go1.15.8 (released 2021/02/04) includes fixes to the compiler, linker, runtime,
the go command, and the net/http package.
https://golang.org/doc/go1.15
Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
When a developer has package/pkg-<infra>.mk assigned to him/her in the
DEVELOPERS file, this has 3 implications:
(1) Patches adding new packages using this infrastructure are Cc'ed
to this developer. This is done by the analyze_patch() function,
which matches the regexp r"^\+\$\(eval
\$\((host-)?([^-]*)-package\)\)$" in the patch, i.e where an
added line contains a reference to the infra maintained by the
developer.
(2) Patches touching the package/pkg-<infra>.mk file itself are Cc'ed
to this developer.
(3) Any patch touching a package using this infra are also Cc'ed to
this developer.
Point (3) causes a significant amount of patches to be sent to
developers who have package/pkg-generic.mk and
package/pkg-autotools.mk assigned to them in the DEVELOPERS
file. Basically, all patches touching generic or autotools packages
get CC'ed to such developers, which causes a massive amount of patches
to be received.
So this patch adjusts the getdeveloperlib.py to drop point (3), but
preserves point (1) and (2). Indeed, it makes sense to be Cc'ed on new
package additions (to make a review that they use the package
infrastructure correctly), and it makes sense to be Cc'ed on patches
that touch the infrastructure code itself.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
GNURadio has a block to use USRP, through UHD, to receive or transmit RF
signals.
Signed-off-by: Gwenhael Goavec-Merou <gwenhael.goavec-merou@trabucayre.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Complete uhd package with the rest of USRP, octoclock and python support.
Signed-off-by: Gwenhael Goavec-Merou <gwenhael.goavec-merou@trabucayre.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
libfuse is optional since its addition in version 2016.2 with
e9ccdd2d00
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Reviewed-by: Marcus Folkesson <marcus.folkesson@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Drop patches that are upstream now and fix hash file indentation.
Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The license is specified in https://github.com/relan/exfat/blob/master/COPYING and indicates GPL-2.0+
The license changed from from GPL-3.0+ to GPL-2.0+ in 2013 but was never updated in buildroot.
48573fff5d
Signed-off-by: Pieter Ronsijn <pieterronsijn@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Python 2.7 is EOL, so people should use the python3 package instead if
possible. Make it a bit more obvious that 'python' is not the right package
to use by explicitly mentioning that this is about python 2.7 and that it is
deprecated.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Reviewed-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security issues:
- CVE-2021-26675: Remote (adjacent network) code execution flaw
- CVE-2021-26676: Remote stack information leak
For details, see the advisory:
https://www.openwall.com/lists/oss-security/2021/02/08/2
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Very similar to the other stm32mp157-based boards, except that we use the
multi_v7 defconfig for ease of maintenance.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The memtester build system does not use CFLAGS/LDFLAGS variables.
Everything should be written to conf-cc and conf-ld.
Use '%' as sed expression delimiter because comma might appear in
LDFLAGS.
Cc: Matt Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
New U-Boot versions need Python 3.x for pylibfdt.
Fixes:
- https://gitlab.com/buildroot.org/buildroot/-/jobs/1006924823
Cc: Michael Walle <michael@walle.cc>
Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>