Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 6cb031802d100b36c086b1a732bf887bf4304aab)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Overridden is with double-r-double-d.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit d729696451c899b8db149f9f6346db3f1b678ad5)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Occurrence is with double-c-double-r.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 6ee748089347966eea5aced1e42fc25d9cbfc2aa)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
It is OR, not OT.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 777c081abef77511da585c53b9de4e44b913af46)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Occurrences is with double-c-double-r.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 6762761957f956b91ca3956370548e5a29e9bd42)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Plural of information is also information.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit c88a61759981562a85cb6a45b9db945ef6ccfa1e)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
As FOO_RESOURCES hints, the correct spelling is resources so use that.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 5fca562ee88b07472cdb68e166ebc7f576d1c6f1)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
And configure memory/CPU like for the other providers.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 75b543880ceaeb8ff039b0cf3a2ba3e1d38aba37)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Ubuntu Bionic (18.04) was EOL'ed in June 2023:
https://ubuntu.com//blog/18-04-end-of-standard-support
And the VM image is only available in virtualbox format:
https://app.vagrantup.com/ubuntu/boxes/bionic64
So move to Debian bullseye (12), matching what we do for the docker image.
This is available in virtualbox and libvirt (qemu) format:
https://app.vagrantup.com/debian/boxes/bullseye64
Bullseye does not come with rsync out of the box, so install it.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 6cedd92744341c1c9b5f76026db05a9fd653485d)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Currently, the gdbinit is generated and installed during post install
hooks, either from the gdb package, or from the external-toolchain
package. When using per-package directories (PPD), the staging directory
of the either package is stored in the generated gdbinit, which is not
going to be valid when all the PPD staging dirs get merged into the
final staging: it would lack any library installed afterwards, i.e.
mostly everything would be missing (but the libraries from the C
toolchain in the case of an external toolchain).
Similarly, all the RPATH will point to various PPD drectories. This
does not cause any issue when the final host is aggregated, because the
PPD directories still exist when we call programs from there (e.g. from
the fs infra, or from post-image scripts).
However, we knew that would not always be possible to keep the PPD
directories: we have the prepare-sdk rule that runs a cleanup pass on
the RPATH, and also applies the generic PPD fixups.
When we introduced prepare-sdk in c32ad51cbf (core/sdk: generate the
SDK tarball ourselves), we did not yet have support for PPD for the host
directory, and especially, we did not have the host-finalize rule, which
was only introduced in d0f4f95e39 (Makefile: rework main directory
creation logic) which kick-started the introduction of PPD.
At that point, we did not realise that the rpath fixups from
prepare-sdk, would be better moved to the new host-finalize rule,
because that had no impact unless one would need an SDK.
Later, in 25e60fbe1c (Makefile: fix SDK relocation for
per-package-dirs), we eventually introduced the PPD generic fixups in
the prepare-sdk rule. Again, we did not realise that those fixups would
be better placed in the host-finalize rule rather than the prepare-sdk.
While fixing the RPATH in host-finalize is not critical, fixing up the
PPD paths actually is, as the gdbinit case demonstrate.
As such, move the PPD fixups to the host-finalize step, and while at it,
also move the RPATH fixups.
This now does not leave much to do in the prepare-sdk step, and that
could very well be moved to the host-finalize rule as well. However,
some people may have started to rely on prepare-sdk in its 6 years of
existence, and the little script it installs is not needed unless one
really needs an SDK. So leave it as it is for now.
Reported-by: Casey Reeves <casey@xogium.me>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Tested-by: Casey Reeves <casey@xogium.me>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Brandon Maier <Brandon.Maier@collins.com>
Tested-by: Brandon Maier <brandon.maier@collins.com>
Acked-by: TIAN Yuanhao <tianyuanhao3@163.com>
(cherry picked from commit a87abcf6da65f3e6aa257aaab58a24eec32a5903)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit a7552293bb01e6189d3bad14bbf071431510a1ad)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 2ba879cc38733f5160b0729bac1b9e2f001f35e1)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Project moved to Github. Update download URL and hash.
License file got renamed, but it is still GPLv2.
Fixes:
http://autobuild.buildroot.org/results/6e0/6e0e34c342fe712d5314de80488a2d034a2f5983/
Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit ac51d214659139ad8260b21b1e94cb631994fc62)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Following an email exchange with Conrad Sand, one of the maintainers of
the project, I learned that version 9.900.2 has been moved to
https://sourceforge.net/projects/arma/files/retired/.
This patch fixes the package download error, waiting for a subsequent
patch that will restore the previous URL to bump to a more recent
version.
Adding the .RETIRED suffix to the downloaded tarball generated the
following error:
armadillo-9.900.2.tar.xz.RETIRED: OK (sha256: d78658c9442addf7f718eb05881150ee3ec25604d06dd3af4942422b3ce26d05)
>>> armadillo 9.900.2 Extracting
buildroot/dl/armadillo/armadillo-9.900.2.tar.xz.RETIRED | buildroot/output/host/bin/tar --strip-components=1 -C buildroot/output/build/armadillo-9.900.2 -xf -
/bin/bash: line 1: buildroot/dl/armadillo/armadillo-9.900.2.tar.xz.RETIRED: Permission denied
buildroot/output/host/bin/tar: This does not look like a tar archive
buildroot/output/host/bin/tar: Exiting with failure status due to previous errors
make[1]: *** [package/pkg-generic.mk:213: buildroot/output/build/armadillo-9.900.2/.stamp_extracted] Error 2
which required the addition of ARMADILLO_EXTRACT_CMDS to be fixed.
Finally, it was also necessary to modify the tarball's hash.
Fixes:
- http://autobuild.buildroot.org/results/d4e9e7b453960a4f62a199344b30b729a4f235bc
Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit f69fe48404edaf83514920beecc46b2ab83927f1)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
As reported in [1], version 1.9.2 has been moved to another archive, and
it is recommended to use https://github.com/jech/babeld as the official
repository.
The use of the github macro:
$(call github,jech,babeld,babeld-$(BABELD_VERSION))
would have downloaded a file with the same name (e.g. babeld-1.9.2.tar.gz)
but with a different hash from the one downloaded from the previous URL,
creating unacceptable backward compatibility issues.
Therefore, it was decided to download the package via the git method. In
this way, the downloaded file is babeld-babeld-1.9.2-br1.tar.gz, thus
with a different name, to which its SHA can be associated without side
effects, except for breaking the release monitoring process.
Unfortunately, for now, we will have to live with this limitation.
Particularly interesting are the explanations provided by Yann E. Morin,
which you can find in [2], that guided the creation of this patch.
Fixes:
- http://autobuild.buildroot.org/results/2447060c86acf1bd8d6ee0bcf8f9b6adcdfc50c9
[1] https://alioth-lists.debian.net/pipermail/babel-users/2024-August/004187.html
[2] https://patchwork.ozlabs.org/project/buildroot/patch/20240901063634.3504315-1-dario.binacchi@amarulasolutions.com/
Co-Developed-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 9172ffc3b425e2520827d0592b1fffef59b906c5)
[Peter: adjust filename and hash for 2024.02.x]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Patch v1 not set to 'superseded' when replying to <message-id> with v2.
I'm using git version 2.46.0. The manual says the following is the
correct way to use the '--in-reply-to' option:
git send-email --in-reply-to=<message-id>
Signed-off-by: Roy Kollen Svendsen <roykollensvendsen@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 6677d9c4e18107cbf3dc691dea3beb801e03df98)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix broken link.
While at it, use $(SZIP_VERSION) inside SZIP_SITE instead of
duplicating the version.
Fixes:
http://autobuild.buildroot.org/results/35d/35d08103bbd0da22a5e111f1f86f28aba7062ee6
Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 180216631a64d5319ab0420cf7b37acb4fa0799c)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The project moved to Gitlab and renamed it's archive.
Fix the download URL and update the hash.
Fixes:
http://autobuild.buildroot.org/results/734/734917ff9f613f07e6995c1f333eab1ee8bc5760
Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 62ccb5b25d421f5df5a6ee7a88db21159f3c5e23)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes:
http://autobuild.buildroot.org/results/9ff/9ffb4a9e3b2291498d0ccf3c9124bebc466860bc
Zabbix 6.2.x is EOL and the tarballs have now been moved under oldstable/.
Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
[Peter: extend commit message]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 345c94ad4e709116c7a22d143aae9ef815e8dfeb)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Replace the group name 'nogroup' with 'nobody' in the default ProFTPD
configuration file. This fixes the following error when starting the
server:
proftpd[110]: fatal: Group: Unknown group 'nogroup' on line 30 of '/etc/proftpd.conf'
Fixes: 0d887cc2b4 ("system: replace nogroup with nobody")
Signed-off-by: Mattia Narducci <mattianarducci1@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 2383768cdf03ad78a89a0b4355c4e1a576c2d219)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Scott Fan <fancp2007@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 74f327e2869841b499d66cac6a7bd8a83b1269f5)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security issues:
- CVE-2024-31080: Heap buffer overread/data leakage in ProcXIGetSelectedEvents
- CVE-2024-31081: Heap buffer overread/data leakage in ProcXIPassiveGrabDevice
- CVE-2024-31082: Heap buffer overread/data leakage in ProcAppleDRICreatePixmap
- CVE-2024-31083: User-after-free in ProcRenderAddGlyphs
For more details, see thee security page of Xorg:
https://www.x.org/wiki/Development/Security/
Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
[Peter: add actual list of CVEs]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit e33db30aab02188c8b3aae6451d26288d06d7a15)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The x264 package uses large amounts of non-PIC assembly code
(e.g. common/x86/dct-a.asm), which results in textrels, which aren't
supported by musl-libc's dynamic linker.
Disable x264's assembly code when compiling for x86 with PIC/PIE and
musl-libc to avoid this particular incompatibility.
Reported-by: Yann Morin <yann.morin@orange.com>
Fixes: https://lore.kernel.org/buildroot/ZrsirnrvgsEIpAJI@tl-lnx-nyma7486-2/
Signed-off-by: J. Neuschäfer <j.neuschaefer@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 0196ec4198771e5fe83d6df02c7cd3b13c0ce05f)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes:
http://autobuild.buildroot.org/results/de08bd5c68f5fcdaa5c0374a4f5051c4751ebb88/
and many others.
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 71f54e07804437df8cc389e618e7374e5c3e40d2)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security issue:
- CVE-2024-43167: A NULL pointer dereference flaw was found in the
ub_ctx_set_fwd function in Unbound. This issue could allow an attacker
who can invoke specific sequences of API calls to cause a segmentation
fault
See announcement:
https://nlnetlabs.nl/news/2024/Aug/15/unbound-1.21.0-released/
See also change log:
https://nlnetlabs.nl/projects/unbound/download/#unbound-1-21-0
This commit also updates the _SITE url from [1] to [2], to follow the
HTTP redirect, and the url published on the download page [3].
Finally, this commit adds a comment in the hash file that the PGP
signature was checked.
[1] https://www.unbound.net/downloads
[2] https://nlnetlabs.nl/downloads/unbound
[3] https://nlnetlabs.nl/projects/unbound/download
Signed-off-by: Julien Olivain <ju.o@free.fr>
[Peter: Mark as security bump, add CVE info]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit ed34c4c77b8b2a830c7a9ffb1d75c7bf1e35a7c4)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
I lack the time (and interest) to properly keep these entries up to
date, so drop them from my section.
Signed-off-by: Thomas Huth <huth@tuxfamily.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 6fdbab87a2b9d00743ed9fe6caa6db365d7ca326)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
As explained in:
https://security-tracker.debian.org/tracker/CVE-2024-1048https://www.openwall.com/lists/oss-security/2024/02/06/3
CVE-2024-1048 is related to a tool called grub-set-bootflag which only
exists in the Redhat fork of Grub, and which we don't use in
Buildroot, so this CVE should be ignored.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 2495630383c4a6659b6b91a58e4f71cdda283f2f)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Update the site path to reflect the recent organizational changes on the
chronox.de website.
Fixes:
- http://autobuild.buildroot.org/results/77243633783ac2d037d15d7e9c01384781fe700e
Signed-off-by: Tan En De <ende.tan@starfivetech.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit d4d8881731ed745aff676b860a05abdff9ff1a0c)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The following build failure on xtensa:
Waf: Entering directory `/home/buildroot/instance-0/output-1/build/ntpsec-1.2.3/build/host'
[1/2] Processing ntpd/ntp_parser.y
[2/2] Compiling build/host/ntpd/ntp_parser.tab.c
gcc: error: unrecognized command-line option '-mlongcalls'
gcc: error: unrecognized command-line option '-mauto-litpools'
reveals that the target's CFLAGS are being used for host compilation.
The patch fixes the host compilation by correctly setting the CFLAGS to
be used.
It should be noted that the build script used by ntpsec applies CFLAGS
for host compilation and --cross-cflags for target compilation.
Fixes:
- http://autobuild.buildroot.org/results/9321a637f2c340ce8dcb24249676bb6c44d0dfc6
Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 064e4c09fa788ccf0927fcaf3987e0f0fdc08eb7)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
