Commit Graph

53602 Commits

Author SHA1 Message Date
Bernd Kuhls
ab0c98cac8 package/x11r7/xlib_libX11: security bump version to 1.6.12
Fixes CVE-2020-14363:
https://lists.x.org/archives/xorg-announce/2020-August/003056.html

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-08-28 09:11:04 +02:00
Bernd Kuhls
b7f0ee878c package/x11r7/xserver_xorg-server: security bump version to 1.20.9
Fixes CVE-2020-14345, CVE-2020-14346, CVE-2020-14361 & CVE-2020-1436:
https://lists.x.org/archives/xorg-announce/2020-August/003058.html

Removed patch 0002, not needed anymore due to upstream commit
https://cgit.freedesktop.org/xorg/xserver/commit/configure.ac?h=server-1.20-branch&id=c601c8faf54ff9e3bcbc653421828d71042deef7

Build-tested with wayland:
checking for a useful monotonic clock ......
checking whether CLOCK_MONOTONIC is declared... yes
guessing yes

Removed patch 0007, included in upstream release.

Rebased and renumbered remaining patches.

Reformatted license hashes.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-08-28 09:10:22 +02:00
Fabrice Fontaine
fd3dd9d9c5 package/shadowsocks-libev: security bump to version 3.3.4
- Fix CVE-2019-5163: An exploitable denial-of-service vulnerability
  exists in the UDPRelay functionality of Shadowsocks-libev 3.3.2. When
  utilizing a Stream Cipher and a local_address, arbitrary UDP packets
  can cause a FATAL error code path and exit. An attacker can send
  arbitrary UDP packets to trigger this vulnerability.
- Fix CVE-2019-5164: An exploitable code execution vulnerability exists
  in the ss-manager binary of Shadowsocks-libev 3.3.2. Specially crafted
  network packets sent to ss-manager can cause an arbitrary binary to
  run, resulting in code execution and privilege escalation. An attacker
  can send network packets to trigger this vulnerability.

Also update indentation in hash file (two spaces)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-08-27 23:29:37 +02:00
Fabrice Fontaine
77ef9c333c package/openjpeg: add CVE-2020-15389 entry
Commit b006cc373f forgot to add
the OPENJPEG_IGNORE_CVES entry

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-08-27 23:26:06 +02:00
Fabrice Fontaine
07b74f914d package/python-matplotlib: simplify version checks
Hopefully, this should fix the following error on one of the
autobuilders:

png: no  [The C/C++ header for libpng (png.h) could not
     be found.  You may need to install the development
     package.]

Fixes:
 - http://autobuild.buildroot.org/results/afddcc44b2fb7983244f24542bfae921869e4ab8

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-08-27 23:24:07 +02:00
Fabrice Fontaine
ee73779197 package/dillo: fix build with gcc 10
Fixes:
 - http://autobuild.buildroot.org/results/9c777af97fe50143c6a68f0170fc86c87d8ead3f

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-08-27 23:19:36 +02:00
Fabrice Fontaine
cb90b946a4 package/dillo: renumber patches
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-08-27 23:19:07 +02:00
Gwenhael Goavec-Merou
5209123494 package/gnuradio: backport patch to fix INTERFACE_INCLUDE_DIRECTORIES
gnuradio-runtimeTargets.cmake and gnuradio-pmtTargets.cmake are filled
using CMAKE_INSTALL_PREFIX for INSTALL_INTERFACE.

Since CMAKE_INSTALL_PREFIX, in buildroot, is set to /usr, these files contains
path to host system.

With BR2_COMPILER_PARANOID_UNSAFE_PATH package using gnuradio fails with:
arm-linux-gnueabihf-g++: ERROR: unsafe header/library path used in cross-compilation: '-isystem' '/usr/include'

By simply providing 'include', produced .cmake contains:
INTERFACE_INCLUDE_DIRECTORIES "${_IMPORT_PREFIX}/include"
instead of
INTERFACE_INCLUDE_DIRECTORIES "/usr/include"

[Upstream status: https://github.com/gnuradio/gnuradio/pull/3737]

Fix (many) gr-osmosdr build failure:
- http://autobuild.buildroot.net/results/66b76c07f15bb3e6db697c47796ae3dd15ecf4b9/

Signed-off-by: Gwenhael Goavec-Merou <gwenhael.goavec-merou@trabucayre.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-08-27 23:13:35 +02:00
Heiko Thiery
33aec0bed8 DEVELOPERS: add myself as contact for linuxptp+ipmitool
Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-08-27 23:12:25 +02:00
Fabrice Fontaine
b006cc373f package/openjpeg: fix CVE-2020-15389
Fix CVE-2020-15389: jp2/opj_decompress.c in OpenJPEG through 2.3.1 has a
use-after-free that can be triggered if there is a mix of valid and
invalid files in a directory operated on by the decompressor. Triggering
a double-free may also be possible. This is related to calling
opj_image_destroy twice.

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-08-27 23:10:12 +02:00
Fabrice Fontaine
071e719d58 package/json-c: security bump to version 0.15
Fix CVE-2020-12762: json-c through 0.14 has an integer overflow and
out-of-bounds write via a large JSON file, as demonstrated by
printbuf_memappend.

Also update indentation in hash file (two spaces)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-08-27 23:09:51 +02:00
Heiko Thiery
65f7a7d725 package/linuxptp: bump version to 3.0
- remove patch that is in new version
- update indentation in hash file (two spaces)

Run tests:

             br-arm-full [1/6]: OK
  br-arm-cortex-a9-glibc [2/6]: OK
   br-arm-cortex-m4-full [3/6]: OK
          br-x86-64-musl [4/6]: OK
      br-arm-full-static [5/6]: OK
            sourcery-arm [6/6]: OK

Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-08-27 23:07:04 +02:00
Giulio Benetti
b1be3277ba package/libnss: bump version to 3.56
Bump version to 3.56. Unfortunately local patch is still pending
upstream and not applied and I've just asked why:
https://bugzilla.mozilla.org/show_bug.cgi?id=1642174

This version requires NSPR 4.28.

Release Notes:
https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.56_release_notes

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-08-27 23:06:53 +02:00
Giulio Benetti
8e7aad6cfb package/libnspr: bump version to 4.28
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-08-27 23:06:49 +02:00
Marcin Niestroj
86834b0d9c package/netdata: bump to 1.21.1
Signed-off-by: Marcin Niestroj <m.niestroj@grinn-global.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-08-27 23:04:17 +02:00
Marcin Niestroj
d1563a5b10 package/python-packaging: new package
Signed-off-by: Marcin Niestroj <m.niestroj@grinn-global.com>
Reviewed-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-08-27 23:01:04 +02:00
Marcin Niestroj
03787685ea package/python-ansicolors: new package
Signed-off-by: Marcin Niestroj <m.niestroj@grinn-global.com>
Reviewed-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-08-27 22:59:29 +02:00
Jugurtha BELKALEM
f9f551a9d0 package/iptraf-ng: add dependency on Linux headers >= 3.14
iptraf-ng uses a number of definitions (like PACKET_KERNEL and
PACKET_USERSPACE) provided by the Linux kernel headers, which were
introduced in Linux 3.14 [1], so we need to add a dependency on
BR2_TOOLCHAIN_HEADERS_AT_LEAST_3_14.

[1] https://elixir.bootlin.com/linux/v3.14-rc1/source/include/uapi/linux/if_packet.h

Fixes:

  http://autobuild.buildroot.net/results/480b00b4b264cfe1da533c762595d21b72fa8211/

Signed-off-by: Jugurtha BELKALEM <jugurtha.belkalem@smile.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-08-27 22:25:30 +02:00
Heiko Thiery
c210fe93f8 package/netopeer2: bump version to 1.1.39
Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-08-27 22:24:53 +02:00
Heiko Thiery
9bce0009c0 package/sysrepo: bump version to 1.4.70
Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-08-27 21:30:21 +02:00
Heiko Thiery
939b4ac792 package/libyang: bump version to 1.0.184
Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-08-27 21:30:15 +02:00
Thomas Petazzoni
b3f959fe96 support/scripts/pkg-stats: drop erroneous "break" in CVE.affects()
Commit 7d2779ecbb
("support/script/pkg-stats: handle exception when version comparison
fails") erroneousy introduced a "break" within a try/expect block.

This break has the unfortunate consequence that every CVE that was
using the <= operator was skipped, and according to the current
CVE statistics, made us miss 74 CVEs out of 141 CVEs.

Here is for reference the complete list of CVEs we missed:

 - gnupg
   CVE-2006-3082
   CVE-2019-13050

 - jhead
   CVE-2020-6624
   CVE-2020-6625

 - patch
   CVE-2018-6952
   CVE-2019-20633

 - json-c
   CVE-2020-12762

 - git
   CVE-2018-1000110
   CVE-2018-1000182
   CVE-2019-1003010
   CVE-2020-2136

 - iperf2
   CVE-2016-4303

 - libtorrent
   CVE-2009-1760
   CVE-2016-5301

 - lua
   CVE-2020-15888
   CVE-2020-15889
   CVE-2020-15945
   CVE-2020-24342

 - openvpn
   CVE-2020-7224

 - smack
   CVE-2016-10027

 - bashtop
   CVE-2019-18276

 - links
   CVE-2008-3319

 - argus
   CVE-2011-3332

 - libraw
   CVE-2020-15503

 - netcat
   CVE-2008-5727
   CVE-2008-5728
   CVE-2008-5729
   CVE-2008-5730
   CVE-2008-5742
   CVE-2015-2214

 - subversion
   CVE-2017-1000085
   CVE-2018-1000111
   CVE-2020-2111

 - python
   CVE-2013-1753
   CVE-2015-5652
   CVE-2017-17522
   CVE-2017-18207
   CVE-2019-20907
   CVE-2019-9674

 - cereal
   CVE-2020-11104
   CVE-2020-11105

 - opencv
   CVE-2017-1000450
   CVE-2017-12597
   CVE-2017-12598
   CVE-2017-12599
   CVE-2017-12600
   CVE-2017-12601
   CVE-2017-12602
   CVE-2017-12603
   CVE-2017-12604
   CVE-2017-12605
   CVE-2017-12606
   CVE-2017-12862
   CVE-2017-12863
   CVE-2017-12864
   CVE-2019-15939

 - docker
   CVE-2015-1843
   CVE-2015-3627
   CVE-2015-3630
   CVE-2015-3631
   CVE-2016-3697
   CVE-2017-14992
   CVE-2019-16884

 - trousers
   CVE-2020-24330
   CVE-2020-24331
   CVE-2020-24332

 - libcroco
   CVE-2020-12825

 - libpupnp
   CVE-2020-13848

 - openjpeg
   CVE-2020-15389

 - flex
   CVE-2015-1773

 - libesmtp
   CVE-2019-19977

 - ed
   CVE-2015-2987

 - libmad
   CVE-2018-7263

 - grub
   CVE-2020-15705

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-08-27 18:04:33 +02:00
Sam Voss
32d27c2f4c package/ripgrep: fix build directories
RIPGREP_CARGO_MODE was no longer defined after 832c076f26 and caused
issues during the install step as the build directory was malformed.

This patch maintains the release/dev profile distinction, while also
assigning appropriate build folders.

Fixes:
 - http://autobuild.buildroot.net/results/a4cd7ecc6d983aa6f15d3be1e21529f17e04b825/
 - http://autobuild.buildroot.net/results/2bab8ffa590d4c4eabffe94ed27311c7f6607c98/

Signed-off-by: Sam Voss <sam.voss@gmail.com>
CC: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2020-08-27 09:42:10 +02:00
Fabrice Fontaine
430c6ef5ce package/libroxml: fix build with gcc 10
Fixes:
 - http://autobuild.buildroot.org/results/b6ac3664d61ad826515b57c4d057b6f001b5167d

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-08-26 23:37:15 +02:00
Bernd Kuhls
01af465ea1 package/kodi-visualisation-goom: bump version to 2.2.2-Leia
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-08-26 23:24:38 +02:00
Sergio Prado
b9f31a32ec package/mutt: bump version to 1.14.6
Signed-off-by: Sergio Prado <sergio.prado@e-labworks.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-08-26 23:23:48 +02:00
Sergio Prado
54f1cf2cff package/nano: bump version to 5.2
Signed-off-by: Sergio Prado <sergio.prado@e-labworks.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-08-26 23:23:44 +02:00
Sergio Prado
090a748aae package/nasm: bump version to 2.15.04
Also separate the fields in the hash file by two spaces.

Signed-off-by: Sergio Prado <sergio.prado@e-labworks.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-08-26 23:23:41 +02:00
Vadim Kochan
26d82d006b package/frr: new package
FRR is free software that implements and manages various IPv4 and IPv6
routing protocols. It runs on nearly all distributions of Linux and
BSD as well as Solaris and supports all modern CPU architectures.

FRR currently supports the following protocols:

    BGP
    OSPFv2
    OSPFv3
    RIPv1
    RIPv2
    RIPng
    IS-IS
    PIM-SM/MSDP
    LDP
    BFD
    Babel
    PBR
    OpenFabric
    VRRP
    EIGRP (alpha)
    NHRP (alpha)

Some not-needed features were disabled to minimize package
dependencies:

    - POSIX capabilities
    - RPKi

Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
[Thomas:
 - select bash instead of depending on it
 - switch to version 7.4, since 7.3 was not building (it's using
   TRUE/FALSE, which are not standard, and this was fixed in 7.4)
 - use the github macro to define FRR_SITE
 - use host-python3 instead of host-python]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-08-26 23:03:40 +02:00
Thomas Petazzoni
275a5650a9 package/assimp: also build with -mxgot on mips64(el)
Since the bump of assimp to 5.0.1, we have build failures on mips64el,
due to relocations being truncated. The issue seems to be quite
similar to the one on m68k coldfire, as both m68k and MIPS have this
-mxgot gcc option to switch to using a GOT that has no size limit (but
causes less efficient code to be produced).

Here as well, the overall relevance of assimp on mips64(el) platforms
being probably very limited, the incentive to search for a better
solution is pretty limited.

Fixes:

  http://autobuild.buildroot.net/results/7df487d5117b2ee440a07dbff9cae1b181566748/

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2020-08-25 23:25:21 +02:00
Thomas Petazzoni
e235d8fc8b package/assimp: workaround m68k build issues
On m68k coldfire, we already pass -mxgot, but since the bump to assimp
5.0.1, this is no longer sufficient, and we have failures such as:

/tmp/ccqmJLil.s: Assembler messages:
/tmp/ccqmJLil.s:307948: Error: value -43420 out of range
/tmp/ccqmJLil.s:307985: Error: value -38606 out of range
/tmp/ccqmJLil.s:308010: Error: value -38626 out of range
/tmp/ccqmJLil.s:308056: Error: value -33280 out of range

Since these issues only arise when building with -O2, let's disable
the optimization for this package on m68k. The very relative relevance
of assimp on m68k coldfire makes the research of a better solution not
really useful (for the record, assimp is a "library to import various
well-known 3D model formats in a uniform manner").

Fixes:

  http://autobuild.buildroot.net/results/a7d4fb2653b0f1be4d036ee46a44e72da0ed4376/

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2020-08-25 23:23:37 +02:00
Vadim Kochan
d97e54747c package/libyang: enable LYD_PRIV option for frr package
This option is required by frr package, so enable it by default as there
is no size difference with or without this option enabled.

Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-08-25 23:02:07 +02:00
Yann Sionneau
bcdb74512d package/patchelf: keep RPATH entries even without DT_NEEDED libraries
Our patch
0003-Add-option-to-make-the-rpath-relative-under-a-specif.patch adds
an option --make-rpath-relative, which we use to tweak RPATH of target
binaries.

However, one of the effect of this option is that it drops RPATH
entries if the corresponding directory does not contain a library that
is referenced by a DT_NEEDED entry of the binary.

This unfortunately isn't correct, as RPATH entries are not only used
by the dynamic linker to resolve the location of libraries listed
through DT_NEEDED entries: RPATH entries are also used by dlopen()
when resolving the location of libraries that are loaded at runtime.

Therefore, the removal of RPATH entries that don't correspond to
directories containing libraries referenced by DT_NEEDED entries break
legitimate uses of RPATH for dlopen()ed libraries.

This issue was even pointed out during the review of the upstream pull
request:

  https://github.com/NixOS/patchelf/pull/118#discussion_r329660138

This fixes tst-origin uClibc-ng unit test:

https://github.com/wbx-github/uclibc-ng-test/blob/master/test/dlopen/Makefile.in#L25
https://github.com/wbx-github/uclibc-ng-test/blob/master/test/dlopen/tst-origin.c#L15

Without this patch:

$ gcc -o toto toto.c -Wl,-rpath,/tmp/test/bar
$ readelf -d toto | grep PATH
 0x000000000000000f (RPATH)              Library rpath: [/tmp/test/bar]
$ ./output/host/bin/patchelf --debug --make-rpath-relative /tmp/
toto
patching ELF file `toto'
Kernel page size is 4096 bytes
removing directory '/tmp/test/bar' from RPATH because it does not contain needed libs
new rpath is `'
$ readelf -d toto | grep PATH
 0x000000000000001d (RUNPATH)            Library runpath: []

With the patch applied:

$ gcc -o toto toto.c -Wl,-rpath,/tmp/test/bar
$ readelf -d toto | grep PATH
 0x000000000000000f (RPATH)              Library rpath: [/tmp/test/bar]
$ ./output/host/bin/patchelf --debug --make-rpath-relative /tmp/ toto
patching ELF file `toto'
Kernel page size is 4096 bytes
keeping relative path of /tmp/test/bar
new rpath is `test/bar'
$ readelf -d toto | grep PATH
 0x000000000000001d (RUNPATH)            Library runpath: [test/bar]

Signed-off-by: Yann Sionneau <ysionneau@kalray.eu>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-08-25 13:11:24 +02:00
Jugurtha BELKALEM
a3cb9df7f5 package/iptraf-ng: bump to version 1.2.1
IPTraf-ng is a console-based network monitoring program for Linux that
displays information about IP traffic. It returns such information as:

- Current TCP connections
- UDP, ICMP, OSPF, and other types of IP packets
- Packet and byte counts on TCP connections
- IP, TCP, UDP, ICMP, non-IP, and other packet and byte counts
- TCP/UDP counts by ports
- Packet counts by packet sizes
- Packet and byte counts by IP address
- Interface activity
- Flag statuses on TCP packets
- LAN station statistics

V1.2.1 fixed multiple issues in V1.1.4 like :
- Introduce packet capturing abstraction: add recvmmsg(),
  TPACKET_V2 and TPACKET_V3 to capture in multigigabit speeds.
- Handling mlock() failures and carry on execution (without
  crashing iptraf-ng).
- Properly account non-IP packets.
- Show dropped packet count.

Signed-off-by: Jugurtha BELKALEM <jugurtha.belkalem@smile.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-08-25 09:14:24 +02:00
Thomas Petazzoni
1b464d73e0 support/config-fragments/autobuild: test Bootlin x86-64 toolchain
As we recently stopped testing the x86-64 Sourcery toolchain, it means
we no longer have any x86-64 glibc based toolchain in our
autobuilders. Since this is a pretty common configuration, it makes
sense to test it, which this commit does by adding a config fragment
to use the x86-64 glibc bleeding edge Bootlin toolchain.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2020-08-24 23:36:25 +02:00
Thomas Petazzoni
d87e114a8f toolchain/toolchain-external/toolchain-external-codesourcery-amd64: remove package
This toolchain uses an old gcc 6.2.0 compiler (not even the latest gcc
from the 6.x series), which fails to build the recent Boost
package. Since newer versions of this toolchain are no longer made
publicly available from Mentor Graphics, our only option is to drop
the toolchain.

Fixes:

  http://autobuild.buildroot.net/results/10edaed22c15b9d0f7de187085aeebc96e5ebe6c/

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2020-08-24 23:35:19 +02:00
Thomas Petazzoni
868ca33a7b support/config-fragments/autobuild: stop testing Sourcery AMD64 toolchain
This toolchain uses an old gcc 6.2.0, and newer versions of the
toolchain are no longer publicly available. This old gcc 6.2.0 causes
build issues of Boost, which are unfixable without updating the
toolchain. As we're about to drop support for this toolchain entirely,
we must stop testing it in our autobuilder infrastructure.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2020-08-24 23:32:41 +02:00
Bernd Kuhls
5956b08878 package/collectd: add nut support
The NUT plugin has status "supported":
https://collectd.org/wiki/index.php/Plugin:NUT

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-08-24 22:55:59 +02:00
Bernd Kuhls
bb73b7250d package/nut: install to staging
Needed for collectd plugin.

Added --with-dev to enable install of pkgconfig files:
https://github.com/networkupstools/nut/blob/master/lib/Makefile.am#L3

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-08-24 22:54:54 +02:00
Bernd Kuhls
b5a1fe3d29 package/{mesa3d, mesa3d-headers}: bump version to 20.1.6
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-08-24 22:54:43 +02:00
Fabrice Fontaine
afc8119d3c package/davfs2: bump to version 1.6.0
This bump is needed to fix a build failure with gcc 10:
https://savannah.nongnu.org/support/?func=detailitem&item_id=110186#options

Here is an extract of the bug report:

"It is not a bug to have variables with the same name in different source
files. The bug was the missing keyword "static".

But there was a different bug that was not tolerated by GCC 10. It was
same strange data type conversions in dav_coda.c. The resolution was to
drop coda altogether because there is still fuse which is better suited
anyway.

The new release 1.6.0 should fix all these problems. Please tell me if
there are still problems with GCC 10."

Also update indentation in hash file (two spaces)

Fixes:
 - http://autobuild.buildroot.org/results/42beafade6fd31927c8db14bc52110c0fc5b17c2

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-08-24 22:51:25 +02:00
Asaf Kahlon
e43a120393 package/python-sh: bump to version 1.13.1
Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-08-24 22:42:31 +02:00
Jianhui Zhao
699d4d6242 package/libuhttpd: bump version to 3.2.0
Signed-off-by: Jianhui Zhao <zhaojh329@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-08-24 22:41:44 +02:00
Petr Vorel
090bd36a96 package/iputils: bump version to 20200821
Remove patch from this version.

Remove USE_CRYPTO related config (configuration was removed in this
release).

tftpd is not built by default since this release, thus explicitly enable it.

Signed-off-by: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-08-24 22:39:58 +02:00
Peter Korsgaard
9b020359b1 package/hostapd: add upstream 2020-1 security patches
Fixes the following security vulnerabilities:

CVE-2020-12695: The Open Connectivity Foundation UPnP specification before
2020-04-17 does not forbid the acceptance of a subscription request with a
delivery URL on a different network segment than the fully qualified
event-subscription URL, aka the CallStranger issue.

For details, see the advisory:
https://w1.fi/security/2020-1/upnp-subscribe-misbehavior-wps-ap.txt

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-08-24 22:38:51 +02:00
Thomas Petazzoni
dac45969b6 package/ibm-sw-tpm2: re-fix build with uClibc-ng and older glibcs
In commit 26e37cef16, we started using
__WORDSIZE to get the size of longs on the given architecture, in
order to support all CPU architectures.

Unfortunately, __WORDSIZE is not enabled in musl, so in
19bd089004, we switched to using
LONG_BIT instead of __WORDSIZE.

However, LONG_BIT is not readily available on glibc, you need
_XOPEN_SOURCE to be defined, which was done in
a34e7f88f6.

However, in a34e7f88f6, _XOPEN_SOURCE
was just defined, with no specific value. This caused the build to
break again on uClibc-ng and older glibcs, because clock_gettime() and
CLOCK_MONOTONIC were no longer defined. In both uClibc-ng and glibc,
CLOCK_MONOTONIC is only defined if __USE_POSIX199309 is defined. It
turns out that simply defining _XOPEN_SOURCE with no value does not
lead to __USE_POSIX199309 being defined in uClibc-ng and old glibcs,
while it is defined in newer glibcs.

The difference comes from the following snippet of code, which is
present in recent enough glibc's <feature.h> but not uClibc-ng's or
older glibc's <feature.h>:

/* If none of the ANSI/POSIX macros are defined, or if _DEFAULT_SOURCE
   is defined, use POSIX.1-2008 (or another version depending on
   _XOPEN_SOURCE).  */

So the fact that we are defining _DEFAULT_SOURCE makes it assume that
we're using POSIX 2008.09, which obviously includes POSIX 1993.09.

Due to the lack of this code snippet, uClibc-ng <features.h> only
enables:

     !defined _POSIX_SOURCE && !defined _POSIX_C_SOURCE)

but not:

So we need an _XOPEN_SOURCE level of at least 500 for POSIX 1993.09
definitions to be available.

This is confirmed by the feature_test_macros man page, which states:

                  _XOPEN_SOURCE < 500
                         _POSIX_C_SOURCE is defined with the value 2.

                  500 <= _XOPEN_SOURCE < 600
                         _POSIX_C_SOURCE is defined with the value 199506L.

When this is fixed, another issue arises with older glibc toolchains
(such as Sourcery ARM), where fd_set is no longer defined. Inded, with
POSIX-1.2001 being enabled, we need to include <sys/select.h> to
access the fd_set definition and friends (see man fd_set for details).

This commit was tested with two glibc toolchains (recent and old), one
uClibc-ng toolchain and one musl toolchain.

Fixes:

  http://autobuild.buildroot.net/results/e20f9474fc0217036faa6561df33fa983466ddfe/
  (uClibc-ng)

  http://autobuild.buildroot.net/results/b5d944389fc96ef2c5e0608fe4ac34149e5f9739/
  (glibc)

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Acked-by: Vincent Fazio <vfazio@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-08-24 22:36:50 +02:00
Heiko Thiery
3a4a96cf11 package/netopeer2: add patch to solve issue with empty group name
When building on a host that has no name specified for the used group in
/etc/group the script in install step will fail due to missing group name.

CMake Error at CMakeLists.txt:80 (message):
  Learning server module group failed: id: cannot find name for group ID 8000

The patch was taken from upstream and modified manually because of merge
conflicts.

Fixes:
http://autobuild.buildroot.net/results/f197ca1def9dc1292e1e784757f2da9d95484431/

Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Cc: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Cc: Matthew Weber <matthew.weber@rockwellcollins.com>
Reviewed-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-08-24 22:07:55 +02:00
Fabrice Fontaine
ddb4a931e9 package/ipmitool: fix build with gcc 10
Fixes:
 - http://autobuild.buildroot.org/results/b6231d601d6051c97d3c2a0ed3065df03648c40d

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Tested-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-08-24 22:05:52 +02:00
Yann E. MORIN
7292cbe80b legacy: drop options that are now forcibly enabled
As Thomas said:

> In this sort of situation, we generally don't add any legacy
> handling.  Indeed, since the feature is now mandatory... the
> default behavior will always be OK.

> People who could be annoyed are people who had this feature
> disabled... which is now always enabled. But the legacy handling
> will anyway not help those people.

Reported-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2020-08-24 19:16:25 +02:00
Peter Korsgaard
1861514be3 docs/website/news.html: correct left/right ordering of 2020.08-rc2 entry
And drop the confusing class="timeline" tag from the 2020.08-rc1 entry.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-24 16:58:59 +02:00