Commit Graph

47393 Commits

Author SHA1 Message Date
Peter Korsgaard
f58ea370da package/bwm-ng: license is GPL-2.0+
The source files contain the "(at your option) any later version" text, so
change the licese to GPL-2.0+.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2019-09-21 15:50:10 +02:00
Peter Korsgaard
d8c2d82d7a package/ifplugd: license is GPL-2.0+
The source files contain the "(at your option) any later version" text and
the website states:

License

This program is free software; you can redistribute it and/or modify it
under the terms of the GNU General Public License as published by the Free
Software Foundation; either version 2 of the License, or (at your option)
any later version.

http://0pointer.de/lennart/projects/ifplugd/

So change the license to GPL-2.0+

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2019-09-21 15:49:06 +02:00
Peter Korsgaard
02e2fe2eca package/docker-proxy: bump version to 55685ba49593
Which is the version used by docker 18.09.9:

0a3767c7e9

Also add a hash for the license file.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2019-09-21 15:45:49 +02:00
Peter Korsgaard
c5568f9985 package/docker-cli: bump version to 18.09.9
Includes a number of post-18.09.7 bugfixes and to keep in sync with the
docker-engine version.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2019-09-21 15:45:44 +02:00
Peter Korsgaard
1d1fb619f9 package/docker-engine: security bump to version 18.09.9
Fixes the following security vulnerability:

CVE-2019-13509: Docker Engine in debug mode may sometimes add secrets to the
debug log.  This applies to a scenario where docker stack deploy is run to
redeploy a stack that includes (non external) secrets.  It potentially
applies to other API users of the stack API if they resend the secret.

And a number of other non-security issues.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2019-09-21 15:45:39 +02:00
Peter Korsgaard
893b9b662c {linux, linux-headers}: bump 4.{4, 9, 14, 19}.x / 5.2.x series
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2019-09-21 15:41:37 +02:00
Carlos Santos
f80ec7963a package/cups-filters: fix broken symlink in installation
The patch used previously to support versions of ln lacking the '-r'
option generated broken links:

    $ file target/usr/lib/cups/backend/driverless
    target/usr/lib/cups/backend/driverless: broken symbolic link to ../../usr/lib/cups/driver/driverless

Add a squashing of two patches already applied upstream that provide a
better solution:

    https://github.com/OpenPrinting/cups-filters/pull/154
    https://github.com/OpenPrinting/cups-filters/pull/157

Signed-off-by: Carlos Santos <unixmania@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2019-09-21 15:37:34 +02:00
Carlos Santos
5376b4b4e3 package/cups-filters: fix build without NLS
texttotext must be linked to libiconv if !BR2_ENABLE_LOCALE so pull a
patch applied upstream that adds libiconv discovery via autoconf.

With this change, autoreconf requires the config.rpath and ABOUT-NLS
files which are not in v1.25.4. Add a pre-configure hook to fake them.

Fixes: https://bugs.busybox.net/show_bug.cgi?id=12031

Signed-off-by: Carlos Santos <unixmania@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2019-09-21 15:35:00 +02:00
Giulio Benetti
e975f1cbef package/protobuf: work around gcc bug 85180
With Microblaze Gcc version < 8.x the build hangs due to gcc bug
85180: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85180. The bug
shows up when building protobuf with optimization but not when building
with -O0. To work around this, if BR2_TOOLCHAIN_HAS_GCC_BUG_85180=y we
force using -O0.

Fixes:
http://autobuild.buildroot.net/results/73dc9610a13d6e14eec58d529617210d93d5dec4/

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
[Arnout: fix variable name]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2019-09-21 15:19:33 +02:00
Sébastien Szymanski
eaafe3bca9 package/python-flask-login: add hash for the license file
Signed-off-by: Sébastien Szymanski <sebastien.szymanski@armadeus.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2019-09-21 15:11:51 +02:00
Matt Weber
c25dd2dd08 package/fakeroot: remove 1/1 numbering from patch
check-package warns with:
    0002-communicate-check-return-status-of-msgrcv.patch
    generate your patches with 'git format-patch -N'

Cc: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2019-09-21 15:09:26 +02:00
Matt Weber
fd1bcce989 package/fakeroot: test for SYSV IPC support
fakeroot can be built to either use SYSV IPC or TCP for message passing.

A bug was discovered where Microsoft Windows 10 Services for Linux
doesn't include support for SYSV IPC MsgQ.  This patch adds support to
detect this case and automatically build fakeroot to use the TCP
transport instead (It is assumed a TCP transport would definitely have
more overhead then MsgQs so the default wasn't changed to TCP).

Fixes
https://bugs.busybox.net/show_bug.cgi?id=11366

Cc: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Jean-Francois Doyon <jfdoyon@gmail.com>
Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
[Arnout: use a post-patch hook and AUTORECONF=YES]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2019-09-21 15:09:01 +02:00
Thomas Petazzoni
79bf5cb659 Revert "package/python-sip: bump to version 4.19.13"
This reverts commit 9135ab7a7c. This
version bump causes a major issue: the entire root filesystem of the
build machine is being copied into $(STAGING_DIR)/usr/lib/python2.7/,
causing the build to consume the entire disk space of the machine.

>>> python-sip 4.19.13 Installing to target
[...]
make[2]: Leaving directory `/home/test/buildroot/output/build/python-sip-4.19.13/siplib'
Traceback (most recent call last):
  File "/home/test/buildroot/output/build/python-sip-4.19.13/mk_distinfo.py", line 108, in <module>
    fn_f = open(fn, 'rb')
FileNotFoundError: [Errno 2] No such file or directory: '/home/test/buildroot/output/target/usr/lib/python3.7/site-packages/sip.pyi'
make[1]: *** [install_distinfo] Error 1
make[1]: *** Waiting for unfinished jobs....
cp: cannot open `/proc/fs/aufs/plink_maint' for reading: Permission denied
cp: cannot open `/proc/sys/fs/protected_fifos' for reading: Permission denied
cp: cannot open `/proc/sys/fs/protected_hardlinks' for reading: Permission denied
cp: cannot open `/proc/sys/fs/protected_regular' for reading: Permission denied
cp: cannot open `/proc/sys/fs/protected_symlinks' for reading: Permission denied
cp: cannot open `/proc/sys/kernel/cad_pid' for reading: Permission denied
cp: cannot open `/proc/sys/kernel/unprivileged_userns_apparmor_policy' for reading: Permission denied
cp: cannot open `/proc/sys/kernel/usermodehelper/bset' for reading: Permission denied
...

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-09-21 14:54:00 +02:00
Ryan Coe
9a58e7dac6 package/mariadb: bump to version 10.3.18
Release notes:
https://mariadb.com/kb/en/library/mariadb-10318-release-notes/

Changelog:
https://mariadb.com/kb/en/mariadb-10318-changelog/

Signed-off-by: Ryan Coe <bluemrp9@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2019-09-21 14:40:07 +02:00
Ryan Coe
899c6397a3 package/mariadb: bump to version 10.3.17
Release notes:
https://mariadb.com/kb/en/library/mariadb-10317-release-notes/

Changelog:
https://mariadb.com/kb/en/mariadb-10317-changelog/

Fixes the following security vulnerabilities:
CVE-2019-2805
CVE-2019-2740
CVE-2019-2739
CVE-2019-2737
CVE-2019-2758

Signed-off-by: Ryan Coe <bluemrp9@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2019-09-21 14:40:07 +02:00
Ryan Coe
db814692d2 package/mariadb: add bug tracker link to existing patch
Signed-off-by: Ryan Coe <bluemrp9@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2019-09-21 14:40:07 +02:00
Ryan Coe
c2ff8c63da package/mariadb: fix build error with newer cmake
When using a newer host system cmake to build MariaDB, the following build
error occurs:

    CMake Error at cmake/os/Linux.cmake:29 (STRING):
    STRING sub-command REPLACE requires at least four arguments.
    Call Stack (most recent call first):
    CMakeLists.txt:101 (INCLUDE)

    CMake Error at cmake/os/Linux.cmake:29 (STRING):
    STRING sub-command REPLACE requires at least four arguments.
    Call Stack (most recent call first):
    CMakeLists.txt:101 (INCLUDE)

Fixes: https://bugs.busybox.net/show_bug.cgi?id=11781

Signed-off-by: Ryan Coe <bluemrp9@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2019-09-21 14:39:39 +02:00
Peter Seiderer
fca2e83768 package/mariadb: use host-openssl from buildroot-system
mariadb no longer allows the WITH_SSL=OFF configure option. It will
instead search for openssl or gnutls headers, and if missing error out
with:

  CMake Error at /usr/share/cmake/Modules/FindPackageHandleStandardArgs.cmake:137 (message):
    Could NOT find GnuTLS (missing: GNUTLS_LIBRARY GNUTLS_INCLUDE_DIR)
    (Required is at least version "3.3.24")
  Call Stack (most recent call first):
    /usr/share/cmake/Modules/FindPackageHandleStandardArgs.cmake:378 (_FPHSA_FAILURE_MESSAGE)
    /usr/share/cmake/Modules/FindGnuTLS.cmake:54 (FIND_PACKAGE_HANDLE_STANDARD_ARGS)
    libmariadb/CMakeLists.txt:298 (FIND_PACKAGE)

Therefore, make host-mariadb depend on host-openssl, and tell mariadb
to use the system openssl.

This was not found by autobuilders because mariadb isn't built in the
autobuilders (it's part of a choice).

Note that the target mariadb already has an unconditional dependency
on openssl.

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Tested-by: Ryan Coe <bluemrp9@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2019-09-21 14:14:07 +02:00
Carlos Santos
c3aed7b0cd package/util-linux: revert logic regarding pam_selinux module
Leave pam_selinux enabled by default in su.pam and remove it from the
/etc/pam.d/su and /etc/pam.d/su-l files if libselinux is not selected.

This cosmetic change prevents leaving a misleading commented-out line
that references a PAM module that does not exist.

Signed-off-by: Carlos Santos <unixmania@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2019-09-21 13:47:10 +02:00
Fabrice Fontaine
53622826da package/gnutls: use __get_cpuid_count() only when available
Fixes:
 - http://autobuild.buildroot.org/results/4e874ed2fcc1f969f2f8ece88985ccd625f2c55b

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2019-09-21 13:24:45 +02:00
Fabrice Fontaine
f747238759 package/fltk: bump to version 1.3.5
Add hash for license file

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-09-20 23:24:31 +02:00
Fabrice Fontaine
ee554ea333 package/libgsm: bump to version 1.0.18
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-09-20 23:24:14 +02:00
Fabrice Fontaine
414fb48142 package/bcm2835: bump to version 1.60
Add hash for license file

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-09-20 23:23:57 +02:00
Bernd Kuhls
36079df92f package/tor: bump version to 0.4.1.6
Release notes: https://blog.torproject.org/new-release-tor-0416

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-09-20 23:07:20 +02:00
Fabrice Fontaine
19e0d11405 package/bdwgc: bump to version 8.0.4
Remove patch (already in version)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-09-20 23:06:13 +02:00
Fabrice Fontaine
857c51b0e4 package/bash-completion: bump to version 2.9
Remove patch (already on version)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-09-20 23:05:56 +02:00
Esben Haabendal
a7c4753998 package/python-kiwisolver: new package
Signed-off-by: Esben Haabendal <esben@geanix.com>
Reviewed-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-09-19 23:31:04 +02:00
Vadim Kochan
392b60f176 docs/manual: add missing external toolchain *.mk inclusion in sample
If follow through the customize-outside-br.txt with how to add external
toolchain in br-ext tree then one thing is missing - inclusion of
*.mk file with external toolchain package description.

Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Acked-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-09-19 23:26:27 +02:00
Joris Offouga
909d0dc6be package/python-simplelogging: new package
Simplelogging is easier implementation of logging.

Signed-off-by: Joris Offouga <offougajoris@gmail.com>
Reviewed-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-09-19 23:18:10 +02:00
Joris Offouga
9de35edfed package/python-colorlog: new package
Colorlog is a formatter for the python logging module.

Signed-off-by: Joris Offouga <offougajoris@gmail.com>
Reviewed-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-09-19 23:17:53 +02:00
Francois Perrad
7699ba4f38 package/collectl: new package
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-09-19 22:49:43 +02:00
Adam Duskett
bf023aaf10 package/libglib2: fix building on older distributions
When updating to libglib2 2.62.0, the file 0002-add-option-to-build-tests.patch
had to be refactored to work with the new build_tests checks. In the process of
refactoring, a missing check was overlooked in glib/meson.build causing
distributions with older versions of objcopy to fail because the older version
does not contain the --add-symbol argument.

Adding the check for the build_tests argument fixes the issue.

Fixes:
http://autobuild.buildroot.net/results/dcc2352a036aba9650eae8abaaa23819fc67332d

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-09-19 22:44:25 +02:00
Peter Seiderer
82dba48692 package/libevdev: bump version to 1.8.0
For details see [1].

[1] https://lists.freedesktop.org/archives/input-tools/2019-August/001521.html

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-09-19 22:44:25 +02:00
Peter Seiderer
74dec67a84 package/ytree: needs glibc/uclibc toolchain (re_comp/re_exec)
Fixes:

  match.o: In function `SetMatchSpec':
  match.c:(.text+0x9c): undefined reference to `re_comp'
  match.o: In function `Match':
  match.c:(.text+0xca): undefined reference to `re_exec'

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-09-19 22:44:25 +02:00
Peter Seiderer
da33c130e3 package/ytree: uses fork(), needs MMU
Fixes [1]:

  login.c:(.text+0x546): undefined reference to `fork'

[1] http://autobuild.buildroot.net/results/bcbd0b826d5af1d429c23255d63dce6c7080085e

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-09-19 22:44:25 +02:00
Fabrice Fontaine
ed58eabb83 package/acpid: bump to version 2.0.32
Add hash for license file

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-09-19 22:42:44 +02:00
Fabrice Fontaine
6bab018ee8 package/mbedtls: security bump to version 2.16.3
- Remove second patch (already in version)
- Fix a missing error detection in ECJPAKE. This could have caused a
  predictable shared secret if a hardware accelerator failed and the
  other side of the key exchange had a similar bug.
- When writing a private EC key, use a constant size for the private
  value, as specified in RFC 5915. Previously, the value was written as
  an ASN.1 INTEGER, which caused the size of the key to leak about 1 bit
  of information on average and could cause the value to be 1 byte too
  large for the output buffer.
- The deterministic ECDSA calculation reused the scheme's HMAC-DRBG to
  implement blinding. Because of this for the same key and message the
  same blinding value was generated. This reduced the effectiveness of
  the countermeasure and leaked information about the private key
  through side channels. Reported by Jack Lloyd.

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-09-19 22:42:20 +02:00
Fabrice Fontaine
35b0b2f8ea package/nilfs-utils: bump to version 2.2.8
- Change NILFS_UTILS_SITE to https://nilfs.sourceforge.io as this is the
  official site with the official tarballs
- Remove first and third patch (already in version)
- Drop fourth patch and host-pkgconf from dependencies, not needed since
  d5ce780856

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-09-19 22:41:34 +02:00
Fabrice Fontaine
395ad387e0 package/bind: security bump to version 9.11.10
- Remove all patches except first one (already in version)
- Update first patch
- Fix CVE-2019-6471: A race condition when discarding malformed packets
  can cause BIND to exit with an assertion failure

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-09-19 22:41:04 +02:00
Kieran Bingham
fc0e9bef63 package/libcamera: bump to version 448393f77ec9e37cb807e8e8d35c1a4877d253d4
Update to the latest version of libcamera, including a fix for toolchains
which require libatomic to be linked manually.

The patch which handles this locally is therefore removed.

Since the last version update, the option to disable building of the
unit tests has been renamed from '-Dtests=' to '-Dtest='

This is updated accordingly.

Signed-off-by: Kieran Bingham <kieran.bingham@ideasonboard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-09-19 22:10:10 +02:00
Adrian Perez de Castro
38b740ec6f package/webkitgtk: bump to version 2.26.0
This is a new major release which brings in many improvements and new
features. For a complete list, please refer to the release notes:

  https://webkitgtk.org/2019/09/09/webkitgtk2.26.0-released.html

A small patch is added which fixes a build failure when X11 headers
are not available (for example, when building a Wayland-only system)

The new support for the WPE renderer on Wayland and the new Bubblewrap
sandbox need additional dependencies and therefore are explicitly
disabled at the moment.

Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-09-19 22:08:57 +02:00
Mark Corbin
aee39cbf27 arch/riscv: set the default float ABI based on ISA extensions
This patch sets the default floating point ABI based on the ISA
extensions that have been selected rather than defaulting to soft
float.

For 64-bit:

ISA 'D' selects  lp64d
ISA 'F' selects  lp64f
Otherwise select lp64

For 32-bit:

ISA 'D' selects  ilp32d
ISA 'F' selects  ilp32f
Otherwise select ilp32

This change was proposed by Palmer Dabbelt at SiFive.

Signed-off-by: Mark Corbin <mark.corbin@embecosm.com>
Reviewed-by: Palmer Dabbelt <palmer@sifive.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-09-19 21:43:53 +02:00
Vivien Didelot
916497d7d5 DEVELOPERS: change Vivien Didelot e-mail address
I am exclusively using my Gmail address for now on. Reflect this in
the DEVELOPERS file.

Signed-off-by: Vivien Didelot <vivien.didelot@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-09-19 21:28:51 +02:00
Vivien Didelot
fd7f37606d DEVELOPERS: change Mathieu Audat's email address
Mathieu is no longer working at Savoir-faire Linux, update his email
address in the DEVELOPERS file.

Signed-off-by: Vivien Didelot <vivien.didelot@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-09-19 21:28:36 +02:00
Thomas Petazzoni
9ab72c73cc package/libglib2: remove empty consecutive lines
Fixes the following check-package warning:

package/libglib2/libglib2.mk:90: consecutive empty lines

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-09-18 23:02:50 +02:00
Matt Weber
2b5e835dcd package/bc: remove default value of _SOURCE var
check-package output:
package/bc/bc.mk:8: remove default value of _SOURCE variable

Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/295683825

Cc: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-09-18 17:53:25 +02:00
Simon Rowe
21262616ca package/openvmtools: base sysv script on current template
Signed-off-by: Simon Rowe <simon.rowe@citrix.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-09-18 17:52:36 +02:00
Baruch Siach
48cc4d658f package/lsof: bump to version 4.93.2
New upstream at github. Update homepage link and download site.

Drop the custom extract command; we now get the source tree from github.

Drop patch #2; the code detects rpc support.

Add optional dependency on libtirpc.

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-09-18 17:50:45 +02:00
Peter Korsgaard
c5c106e4e3 package/mosquitto: security bump to version 1.6.6
Fixes a security issue. From the annoncement:

A vulnerability exists in Mosquitto versions 1.5 to 1.6.5 inclusive.

If a client sends a SUBSCRIBE packet containing a topic that consists of
approximately 65400 or more '/' characters, i.e.  the topic hierarchy
separator, then a stack overflow will occur.

The issue is fixed in Mosquitto 1.6.6 and 1.5.9.  Patches for older versions
are available at https://mosquitto.org/files/cve/2019-hier

The fix addresses the problem by restricting the allowed number of topic
hierarchy levels to 200.  An alternative fix is to increase the size of the
stack by a small amount.

https://mosquitto.org/blog/2019/09/version-1-6-6-released/

Also notice that 1.6.5 silently fixed a security issue:

CVE-2019-11778

A vulnerability exists in Mosquitto version 1.6 to 1.6.4 inclusive, known as CVE-2019-11778

If an MQTT v5 client connects to Mosquitto, sets a last will and testament,
sets a will delay interval, sets a session expiry interval, and the will
delay interval is set longer than the session expiry interval, then a use
after free error occurs, which has the potential to cause a crash in some
situations.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-09-18 17:49:58 +02:00
James Hilliard
b81e00e2ed package/systemd-bootchart: enable systemd-bootchart.service
This would normally be enabled by systemctl preset-all however since we
don't have a host systemctl we need to enable the service manually.

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-09-17 23:14:27 +02:00