Commit Graph

41189 Commits

Author SHA1 Message Date
Fabrice Fontaine
16d29ab852 cairo: bump to version 1.15.12
- Remove second patch (LTO support removed since 1.14.0 in August 2014:
  https://cgit.freedesktop.org/cairo/commit/?id=c7ff9bb32e20679d6da4e8a2856be716e5bd9e12
- Add hash for license files

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-06-02 12:37:55 +02:00
Francois Perrad
000f8a63ed perl-libwww-perl: fix SITE
Fixes:
http://autobuild.buildroot.net/results/6f7745010ca589876a24d522bc0cb4a0dca26768/

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-06-02 12:36:53 +02:00
Peter Korsgaard
8b0fd3cb49 Merge branch 'next'
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-06-02 11:21:20 +02:00
Peter Korsgaard
ef01260b3d Kickoff 2018.08 cycle
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-06-02 11:11:56 +02:00
Peter Korsgaard
67009fd269 docs/website/news.html: add 2018.05 announcement link
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-06-01 22:53:36 +02:00
Peter Korsgaard
f3d114a1ef Update for 2018.05
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-06-01 22:22:57 +02:00
Peter Korsgaard
d937f908f1 linux: reword binutils 2.29+ comment
This issue only applies to kernels built with CONFIG_THUMB2=y, so reword the
comment to make that more clear.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-06-01 21:43:06 +02:00
Yann E. MORIN
c2c0623bff linux: may fail to boot for binutils 2.29+ even without armv7m
Commit f13477b (linux: config.in: add comment for Arm Cortex-M) added a
comment so that the user that the linux kernel may miscompile with
binutils 2.29+, when the target is an armv7m CPU.

However, the real trigger is a compilation in thumb2 mode, which happens
to be the only option for armv7m CPUs.

We can't know whether the kernel will be built in arm or thumb2 mode,
though, because we do not have that information: it is only available in
the Linux' .config file, which we don;t have access to at the time we
run our menuconfig.

So, relax the conditions under which the comment is made, so that it
appears as soon as binutils are >= 2.29 (i.e. not 2.28, which is the
oldest we support) for ARM CPUs.

[Peter: reword comment]
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Christophe Priouzeau <christophe.priouzeau@st.com>
Cc: Laurent GONZALEZ <br22@gezedo.com>
Cc: Peter Korsgaard <peter@korsgaard.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-06-01 21:42:29 +02:00
Yann E. MORIN
3dbc5a6279 package/binutils: extend the 2.28 default to thumb mode
Commit 17f352ac (package/binutils: default to 2.29 for Cortex-M targets)
made the default version 2.28 (and not 2.29!) when the target is an
arm-v7m CPU.

However, the real trigger is compilation in Thumb mode, not the fact
that the target is v7m.

The fact that it was noticed on a v7m target is because Thumb is the
only mode valid on those CPUs.

Tighten the defaults to 2.28 for Thumb and Thumb2 modes.

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Laurent GONZALEZ <br22@gezedo.com>
Cc: Christophe Priouzeau <christophe.priouzeau@st.com>
Cc: Peter Korsgaard <peter@korsgaard.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-06-01 19:31:26 +02:00
Valentin Korenblit
71b3df1cbb package/clang: fix host-clang binaries
This patch fixes the following error when trying to execute clang compiler
(host-variant):

CommandLine Error: Option 'x86-use-base-pointer' registered more than once!
LLVM ERROR: inconsistency in registered CommandLine options

The same happens for the other binaries, such as clang-format:

./clang-format
: CommandLine Error: Option 'help-list' registered more than once!
LLVM ERROR: inconsistency in registered CommandLine options

Clang binaries are tools, and given that DLLVM_LINK_LLVM_DYLIB is set,
they are linked against libLLVM.so. The problem is that binaries are
also linking against some LLVM static libraries, resulting in the error
shown above. However, it is not the same case for libclang, which is also
a tool but links only against libLLVM.so.

To fix this problem, add LLVM_DYLIB_COMPONENTS=all.

Signed-off-by: Valentin Korenblit <valentin.korenblit@smile.fr>
Tested-by: Joseph Kogut <joseph.kogut@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-06-01 18:24:18 +02:00
Florian La Roche
09ebf6f316 configs/socrates_cyclone5: change over to current upstream releases
Since all cyclone5 development changes are upstream, change over to an
upstream release of the Linux kernel and u-boot for buildroot.

Signed-off-by: Florian La Roche <Florian.LaRoche@googlemail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit ef94c736ec)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-06-01 17:52:32 +02:00
Christophe PRIOUZEAU
714d9e61c9 Revert "configs/stm32f469: force usage of binutils 2.28.x"
This reverts commit 12049cc8b8.

Now that the binutils default has been changed for ARMv7M, this is no longer
needed.

Signed-off-by: Christophe Priouzeau <christophe.priouzeau@st.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-06-01 16:41:01 +02:00
Christophe PRIOUZEAU
371b45fe4a Revert "configs/stm32f429: force usage of binutils 2.28.x"
This reverts commit cbe43fd417.

Now that the binutils default has been changed for ARMv7M, this is no longer
needed.

Signed-off-by: Christophe Priouzeau <christophe.priouzeau@st.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-06-01 16:40:11 +02:00
Christophe PRIOUZEAU
f13477b68f linux: config.in: add comment for Arm Cortex-M
When binutils > 2.28 are selected on Arm Cortex-M cpu,
linux kernel does not boot due to a new implementation
of 'adr pseudo instruction' on binutils.

Bugzilla thread: https://bugs.busybox.net/show_bug.cgi?id=11051

Signed-off-by: Christophe Priouzeau <christophe.priouzeau@st.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-06-01 16:37:48 +02:00
Laurent GONZALEZ
17f352acde package/binutils: default to 2.29 for Cortex-M targets
binutils 2.29 changed the implementation of adr pseudo instruction
it breaks linux kernel and impacts Cortex-M targets (eg. stm32)

[Peter: simplify Config.in logic, adjust message to make it clear this is
	just a default]
Signed-off-by: Laurent GONZALEZ <br22@gezedo.com>
Signed-off-by: Christophe Priouzeau <christophe.priouzeau@st.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-06-01 16:36:54 +02:00
Fabrice Fontaine
ca668476b3 jpeg-turbo: add license details
- jpeg-turbo is covered by 3 licenses: IJG (libjpeg),
  BSD-3-Clause (TurboJPEG) and Zlib (SIMD)
- Add README.ijg
- Add hash for license files

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-06-01 16:19:59 +02:00
Fabrice Fontaine
1350678212 libjpeg: use SPDX short identifier
Use IJG instead of jpeg-license

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-06-01 16:19:52 +02:00
Arnout Vandecappelle (Essensium/Mind)
23ab6cb162 package/expect: download tarball instead of cvs
More than 3 years after the 5.45.3 release, a tarball for that release
was uploaded to sourceforge.net. The differences between this tarball
and the CVS checkout are minimal:

- There are no CVS directories, of course, but we don't need them.
- File timestamps are different.
- expect.tests is missing, but we don't execute tests anyway.
- configure script is different, but we AUTORECONF anyway.
- 'fixcat' script is missing, but it is not called anywhere.

Since sourceforge.net has broken CVS downloads, now is a good time to
switch away from it.

While we're at it, add a hash file including license.

Fixes:
http://autobuild.buildroot.net/results/db3/db33d4fa507fb3b4132423cd0a7e25a1fe6e4105
http://autobuild.buildroot.net/results/b6d/b6d927dcc73ac8d754422577dacefff4ff918a5c
http://autobuild.buildroot.net/results/23d/23d1034b33d0354de15de2ec4a8ccd0603e8db78
http://autobuild.buildroot.net/results/127/1272a3aa3077e434c9805ec3034f35e6fcc330d4

Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Cc: Fabio Porcedda <fabio.porcedda@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-05-31 19:35:36 +02:00
Arnout Vandecappelle (Essensium/Mind)
66f40a7242 download/cvs: add a 10 minute timeout
Apparently, CVS servers can be deadlocked and in that case clients will
retry connecting to them indefinitely. Cfr.
http://autobuild.buildroot.net/results/23d/23d1034b33d0354de15de2ec4a8ccd0603e8db78/build-end.log
Apparently, the sf.net CVS server got in such a deadlock on 2018-05-18,
and almost 2 weeks later it is still not fixed.

Instead of just hanging, we should fall back on BR2_SECONDARY_SITE. To
achieve this, it's sufficient to add a timeout to the CVS command.

The timeout value is of course arbitrary. However, we can assume that
nobody will be putting large projects under CVS any more. So if the
download takes more than 5 minutes, it's probably broken. Let's put the
timeout at 10 minutes then.

Fixes:
http://autobuild.buildroot.net/results/db3/db33d4fa507fb3b4132423cd0a7e25a1fe6e4105
http://autobuild.buildroot.net/results/b6d/b6d927dcc73ac8d754422577dacefff4ff918a5c
http://autobuild.buildroot.net/results/23d/23d1034b33d0354de15de2ec4a8ccd0603e8db78
http://autobuild.buildroot.net/results/127/1272a3aa3077e434c9805ec3034f35e6fcc330d4

Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-05-31 19:32:45 +02:00
Fabio Estevam
8f038e6b30 linux-headers: bump 4.{1, 4, 9, 14, 16}.x series
Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-05-31 19:29:59 +02:00
Peter Korsgaard
002348de68 xen: security bump to version 4.10.1
The 4.10.1 version brings a large number of fixes:

https://www.xenproject.org/downloads/xen-archives/xen-project-410-series/xen-4101.html

Including a number of security fixes:

XSA-252: DoS via non-preemptable L3/L4 pagetable freeing (CVE-2018-7540)
XSA-253: x86: memory leak with MSR emulation (CVE-2018-5244)
XSA-254: Information leak via side effects of speculative execution
	 (CVE-2017-5753 CVE-2017-5715 CVE-2017-5754)
XSA-255: grant table v2 -> v1 transition may crash Xen (CVE-2018-7541)
XSA-256: x86 PVH guest without LAPIC may DoS the host (CVE-2018-7542)
XSA-258: Information leak via crafted user-supplied CDROM (CVE-2018-10472)
XSA-259: x86: PV guest may crash Xen with XPTI (CVE-2018-10471)

Also add a hash for the license file while we are at it.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-05-31 19:29:24 +02:00
Romain Naour
6b02b8210a package/openvmtools: depend on host-nfs-utils
host-nfs-utils provides the host rpcgen utility. This fixes the build on
recent Fedora systems that removed rpcgen from the glibc package.

Fixes:
http://autobuild.buildroot.net/results/e21/e219b8bacb52bb661eb6663b82f549ed941f26fe

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-05-31 00:18:50 +02:00
Fabio Estevam
754bf0d07a linux: bump default to version 4.16.13
Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-05-31 00:17:56 +02:00
Angelo Compagnucci
243627efbd package/python-pillow: bump to version 5.1.0
This patch bumps python-pillow to version 5.1.0.

Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-05-30 23:24:18 +02:00
Angelo Compagnucci
8519dea4b9 package/python-can: bump to version 2.1.0
This patch bumps python-can to version 2.1.0.

Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-05-30 23:24:13 +02:00
Matt Weber
fd97bc80c5 toolchain: allow disabling packages affected by gcc bug 85180
Works around https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85180 which
is an issue where the Microblaze architecture had code that caused a
infinite recursion while optimizing in versions of GCC earlier than
8.x. More BR discussion can be found on this thread.
http://buildroot-busybox.2317881.n4.nabble.com/autobuild-buildroot-net-Build-results-for-2018-04-25-td192721.html

Resolves:
http://autobuild.buildroot.net/results/b42d68c66d8ea035845a28c5530ef0682fd95713 (boost)
http://autobuild.buildroot.net/results/af976a4805fb8b3f0c17a8e3a1f901b2255caa0b (flare-engine)
http://autobuild.buildroot.net/results/d20/d20700bd538ba1e9d45ab8a61ecbbba1a320ef38 (gst-ffmpeg)

CC: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-05-30 23:23:21 +02:00
Romain Naour
ebcb46f560 toolchain-external: bump CodeSourcery NIOSII to 2018.05
Re-add BR2_TOOLCHAIN_HAS_SSP since the toolchain support SSP.

Tested with qemu_nios2_10m50_defconfig and Qemu 2.10.1-3.fc27 release.

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-05-30 22:51:29 +02:00
Eric Le Bihan
25179df46f enlightenment: convert to pkg-meson infra
Signed-off-by: Eric Le Bihan <eric.le.bihan.dev@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-05-30 22:20:35 +02:00
Eric Le Bihan
166949e5dd mpd-mpc: convert to pkg-meson infra
Signed-off-by: Eric Le Bihan <eric.le.bihan.dev@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-05-30 22:20:27 +02:00
Eric Le Bihan
cd2d47477f ncmpc: convert to pkg-meson infra
Signed-off-by: Eric Le Bihan <eric.le.bihan.dev@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-05-30 22:20:19 +02:00
Eric Le Bihan
ebcf58ad07 systemd: convert to pkg-meson infra
Signed-off-by: Eric Le Bihan <eric.le.bihan.dev@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-05-30 22:20:02 +02:00
Eric Le Bihan
2f0dbd1afb libmpdclient: convert to pkg-meson infra
Signed-off-by: Eric Le Bihan <eric.le.bihan.dev@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-05-30 22:19:28 +02:00
Eric Le Bihan
7a23af4773 meson: prevent RPATH stripping
By default, Meson strips RPATH from the executable it builds [1,2],
unless explicitly set via install_rpath.

This will make support/scripts/check-host-rpath fail when building the
host variant of a Meson-based package.

So add a patch to prevent RPATH from being stripped if install_rpath is
not set and notify user about it.

[1] https://github.com/mesonbuild/meson/issues/2567
[2] https://github.com/mesonbuild/meson/issues/314#issuecomment-157658562

Signed-off-by: Eric Le Bihan <eric.le.bihan.dev@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-05-30 22:19:20 +02:00
Eric Le Bihan
12e56136e2 docs/manual: document pkg-meson infra
Update documentation about adding meson-based packages with instructions for
using pkg-meson infrastructure.

Signed-off-by: Eric Le Bihan <eric.le.bihan.dev@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-05-30 21:59:05 +02:00
Eric Le Bihan
91f7f38106 pkg-meson: new infrastructure
Add a new infrastructure to ease the development of packages that use Meson as
their build system.

Signed-off-by: Eric Le Bihan <eric.le.bihan.dev@free.fr>
[Thomas:
 - move global variables definition outside of the inner-meson-package
   macro
 - for consistency, remove double quote around value passed to meson
   in the host configure step.
 - minor formatting fixes.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-05-30 21:58:08 +02:00
Romain Naour
ce67f68882 package/gcc: switch to gcc 6.x as the default
Even if gcc 6 is still maintained for some time (gcc 6.5 is pending),
switch to gcc 7.x since it has been released since 2017-05-02 and
gcc 8.x is available since 2018-05-02.

We have been having toolchains in the autobuilders with gcc
7.x for a while, so the vast majority of the problems should have
already been solved.

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-05-30 21:45:28 +02:00
Romain Naour
86220d0973 toolchain-external: add gcc 8 entry
This patch allows to use an external toolchain based on gcc 8.

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-05-30 21:45:19 +02:00
Romain Naour
91b1fbb766 package/gcc: add support for gcc 8.1.0
Remove 0860-cilk-fix-build-without-wchar.patch since cilk has
been removed from gcc.

Rebase 0900-remove-selftests.patch on gcc 8.1.0

Remove upstream patches 0001-m68k-coldfire-pr68467.patch and
0892-microblaze-Revert.patch.

Use bz2 release tarball only for gcc 4.9 since all other version
now use xz tarball.

Runtime tested on x86_64 with binutils 2.30, gcc 8.1.0,
kernel headers 4.14 and glibc 2.27.

Buildtime tested with glibc with all supported architectures.

Buildtime tested on x86_64 with musl and uClibc-ng

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-05-30 21:44:40 +02:00
Romain Naour
0eb91bf1d1 toolchain: add gcc 8 entry
In order to add gcc 8 support for internal and external toolchain in
follow-up commits, introduce BR2_TOOLCHAIN_GCC_AT_LEAST_8 symbol.

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-05-30 21:44:12 +02:00
Romain Naour
c9216bc1d0 arch: add BR2_ARCH_NEEDS_GCC_AT_LEAST_8
This new symbol will be used by architectures introduced with gcc 8 and
by external toolchains based on gcc 8.

[1] https://gcc.gnu.org/gcc-8/changes.html

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-05-30 21:44:01 +02:00
Fabrice Fontaine
242227dd86 aircrack-ng: bump to version 1.2
- Remove patch (already in version)
- Add three patches (first one sent and merged upstream, second and
  third patchs retrieved upstream)
- Move to autotools-package
- Remove workaround for static handling of pthread as it isn't needed
  anymore
- Remove deactivation of libnl in static build as it isn't needed
  anymore
- Set libnl and zlib dependencies as optional and not mandatory
- Add duma and libgcrypt optional dependencies
- Update workaround for static handling of libpcap
- Add hash for license file

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-05-30 21:38:40 +02:00
Carlos Santos
df2497336d kexec: bump to version v2.0.17
Also add license hash for "make legal-info".

Signed-off-by: Carlos Santos <casantos@datacom.ind.br>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-05-30 21:36:44 +02:00
Peter Korsgaard
30d52c67a7 docs/website/news.html: fix s/2018.05/2018.02/ typos
Reported-by: Andreas Naumann <dev@andin.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-05-30 17:55:28 +02:00
Angelo Compagnucci
80821d3ed8 package/mono: bump to version 5.12.0.226
This patch bumps mono to version 5.12.0.226 and it's monolite dependency
to version 1051200002, doing so it removes also a couple of upstreamed
patches.
This new mono version requires also a different option for
managing aot, so this patch refactors also the configure options.

Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-05-29 23:33:29 +02:00
Baruch Siach
ae1f047295 git: security bump to version 2.16.4
Forward port of security fixes from the 2.13.7 release. The 2.13.7
release notes say this:

 * Submodule "names" come from the untrusted .gitmodules file, but we
   blindly append them to $GIT_DIR/modules to create our on-disk repo
   paths. This means you can do bad things by putting "../" into the
   name. We now enforce some rules for submodule names which will cause
   Git to ignore these malicious names (CVE-2018-11235).

   Credit for finding this vulnerability and the proof of concept from
   which the test script was adapted goes to Etienne Stalmans.

 * It was possible to trick the code that sanity-checks paths on NTFS
   into reading random piece of memory (CVE-2018-11233).

Cc: Matt Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-05-29 21:45:36 +02:00
Yann E. MORIN
50d443cbf7 package/dash: don't build in paralle
dash has races in its Makefile, but upstream is not too keen in fixing
those, and just suggests that dash not be built in parallel:

    https://www.mail-archive.com/dash@vger.kernel.org/msg01675.html

Fixes:
    http://autobuild.buildroot.org/results/793/7934c815a3009af688c2f1183e67dfe542c9a009/
    http://autobuild.buildroot.org/results/fc4/fc4e4ab47455ac47dd4a3a60083cec2848e74dbb/
    http://autobuild.buildroot.org/results/6bf/6bfdd44ea5d55a6ca3ef92254eab18c7c0416b7b/
    [...]

Reported-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-05-29 21:43:59 +02:00
Fabrice Fontaine
f5d68512c2 log4cplus: needs gcc >= 4.8
log4cplus needs std::map::emplace

Fixes:
 - http://autobuild.buildroot.net/results/ef0d8d7fae835ff555202f6de320945226ec00bf

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-05-29 21:43:43 +02:00
Baruch Siach
b3057380b9 conntrack-tools: bump to version 1.4.5
Drop the musl workaround. musl can handle the suppression of conflicting
kernel headers definitions.

Add license file hash.

This bump fixes compatibility with newer versions of
libnetfilter_conntrack.

Fixes:
http://autobuild.buildroot.net/results/0ae/0aee137c9977e0fb33e7e557b75481780b90edcc/
http://autobuild.buildroot.net/results/9c1/9c178ec5ad84224a385c3184f09ea9b65867a302/
http://autobuild.buildroot.net/results/5e1/5e1ea89e01a9cc13bd384c97903e1726df6d2228/

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-05-29 21:42:04 +02:00
Fabrice Fontaine
4e4dd94dec libqrencode: bump to version 4.0.0
- Use new --with[out]-png option
- Add hash for license file

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-05-29 21:38:48 +02:00
Fabrice Fontaine
a853849e4d libpwquality: bump to version 1.4.0
- Remove both patches (already in version)
- Add hash for license file

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-05-29 21:35:27 +02:00