Commit Graph

29250 Commits

Author SHA1 Message Date
Gustavo Zacarias
69a30b2817 imlib2: security bump to version 1.4.9
It already includes the fixes for CVE-2016-3994 and CVE-2011-5326 so
drop the patches, and additionally fixes:
CVE-2016-4024 - integer overflow in imlib2, which result in insufficient
heap allocation.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-05-01 22:34:30 +02:00
Frank Hunleth
2512fcf41f syslinux: fix boot hang when host-gcc is 5.3
Syslinux uses the host version of gcc to build to bootloader. On systems
with gcc 5.3, this results in a bootloader that hangs. This issue has
been addressed in upstream syslinux, but an official release has not
been made yet. This commit adds the upstream patch to fix the issue.

Most likely fixes bug #8866.

Signed-off-by: Frank Hunleth <fhunleth@troodon-software.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-05-01 22:22:11 +02:00
Jörg Krause
21e6112738 package/mpd: bump to version 0.19.15
Drop patches applied upstream:
 - 0001: notify: Don't use constexpr on Haiku
 - 0002: notify: use "constexpr" only with glibc

Renumber remaining patches.

Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-05-01 22:21:33 +02:00
Gustavo Zacarias
8490e8333d toolchain-external: remove Sourcery PowerPC toolchains
These are running long on the teeth - the bundled (e)glibc versions
are very old with several security bugs, they don't work reliably with
-Os and have several build failures related to internal compiler
errors such as:

http://autobuild.buildroot.net/results/fe7/fe7bdba5faf199275aedea2918705b5d19d228bf/
http://autobuild.buildroot.net/results/935/935ac42c30ed893939c06c077534f060aed80e9a/
http://autobuild.buildroot.net/results/a47/a476af82c8fe4a279117314b278b08af9a08fe54/
http://autobuild.buildroot.net/results/cae/cae720b5096be2672b4dc1311ae3fc4ed06a3b53/

The situation will not provide, and will in fact get worse with older kernel
headers precluding modern package versions and the old gcc version doing as
well so remove them.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Reviewed-by: Romain Naour <romain.naour@gmail.com>
[Thomas:
 - remove no longer needed comment in liquid-dsp Config.in file, as
   noticed by Romain Naour.
 - add Config.in.legacy options, as noticed by Romain Naour.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-05-01 15:05:34 +02:00
Romain Naour
230cfce93d toolchain-external: bump CodeSourcery MIPS to 2016.06-8
Add hash for the toolchain sources.

Runtime tested with Qemu with qemu_mips_malta_defconfig

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-05-01 14:56:06 +02:00
Romain Naour
14a75e09b9 toolchain-external: bump CodeSourcery AMD64 to 2015.11-139
>From getting-started.pdf:
- Linker bug fix.
- Fix CVE 2015-7547 getaddrinfo.
- Breakpoint in non-existent file bug fix.

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-05-01 14:46:17 +02:00
Romain Naour
8ed38d8b4b toolchain-external: bump CodeSourcery NiosII to 2015.11-130
>From getting-started.pdf:
- DWARF signed LEB128 encoding fix
- Fix CVE 2015-7547 getaddrinfo
- Breakpoint in non-existent file bug fix

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-05-01 14:46:06 +02:00
Christian Stewart
14bef025ec rtl8821au: bump to 4c298b
Includes numerous stablity and cleanup passes by ulli-kroll.

A hash file is also added, as it was missing before.

Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-05-01 14:44:18 +02:00
Jörg Krause
8f972c2aed toolchain-external: add GCC 6.x option
Commit 519d83bfa0 adds support for GCC
6. Add an GCC 6.x option for external toolchains, too.

Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-05-01 14:41:47 +02:00
Pieter Smith
76165265af barebox: support auxiliary config build
Adds support to build barebox with an auxiliary config.

This is useful for building an SPL (Secondary Program Loader) in
addition to the traditional TPL (Tertiary Program Loader). The
Beaglebone Black for example has two barebox configurations:

- am335x_defconfig builds the full barebox bootloader with device
  tree

- am335x_mlo_defconfig builds the smaller MLO bootloader that loads
  the full barebox bootloader from the eMMC or SD card.

Tested with the following defconfig:

  # architecture
  BR2_arm=y
  BR2_cortex_a8=y
  BR2_ARM_EABIHF=y

  # system
  BR2_TARGET_GENERIC_HOSTNAME="beaglebone"
  BR2_ROOTFS_DEVICE_CREATION_DYNAMIC_DEVTMPFS=y
  BR2_TARGET_GENERIC_REMOUNT_ROOTFS_RW=y

  # filesystem
  BR2_PACKAGE_AM33X_CM3=y
  BR2_TARGET_ROOTFS_EXT2=y
  BR2_TARGET_ROOTFS_EXT2_4=y

  # bootloader
  BR2_TARGET_BAREBOX=y
  BR2_TARGET_BAREBOX_BOARD_DEFCONFIG="am335x"
  BR2_TARGET_BAREBOX_IMAGE_FILE="images/barebox-am33xx-beaglebone.img"
  BR2_TARGET_BAREBOX_CUSTOM_ENV=y
  BR2_TARGET_BAREBOX_CUSTOM_ENV_PATH="board/beaglebone/barebox/barebox.env"
  BR2_TARGET_BAREBOX_AUX=y
  BR2_TARGET_BAREBOX_AUX_BOARD_DEFCONFIG="am335x_mlo"
  BR2_TARGET_BAREBOX_AUX_IMAGE_FILE="images/barebox-am33xx-beaglebone-mlo.img"

  # kernel
  BR2_LINUX_KERNEL=y
  BR2_LINUX_KERNEL_USE_DEFCONFIG=y
  BR2_LINUX_KERNEL_DEFCONFIG="omap2plus"
  BR2_LINUX_KERNEL_ZIMAGE=y

  # use the barebox built-in dtb
  # BR2_LINUX_KERNEL_DTS_SUPPORT is not set

Signed-off-by: Pieter Smith <pieter@boesman.nl>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-05-01 14:33:57 +02:00
Pieter Smith
4ce611b987 barebox: prepare for auxiliarry build
No functional changes. In preparation for the auxiliary barebox build,
boot/barebox is split into two parts:
1. boot/barebox:
   - The source and patch specification which are to be shared between the
     barebox and barebox-aux packages.
   - The barebox-package function and build logic.
2. boot/barebox/barebox:
   - The package configuration, fragments, barebox env, etc.
   - The actual barebox package make instantiation.

Signed-off-by: Pieter Smith <pieter@boesman.nl>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-05-01 14:27:45 +02:00
Thomas Petazzoni
31d1df0c7c toolchain-external: bump version of Linaro AArch64 toolchain
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Reviewed-by: Romain Naour <romain.naour@gmail.com>
Tested-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-04-30 21:10:36 +02:00
Thomas Petazzoni
df4f64c77c toolchain-external: bump version of Linaro ARMeb toolchain
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Reviewed-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-04-30 21:10:35 +02:00
Thomas Petazzoni
292fa50452 toolchain-external: bump version of Linaro ARM toolchain
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Reviewed-by: Romain Naour <romain.naour@gmail.com>
Tested-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-04-30 21:10:34 +02:00
Gustavo Zacarias
2766b07bca webkitgtk24: mark as deprecated
It's affected by 40+ security bugs, and upstream will only care to fix
the latest stable branch, which is 2.12.x
Some effort was made with the 2.4.10 release to address some security
bugs but it's incomplete.

See:
https://blogs.gnome.org/mcatanzaro/2016/02/01/on-webkit-security-updates/
https://blogs.gnome.org/mcatanzaro/2016/02/19/webkitgtk-gets-security-updates/

Also:
http://webkitgtk.org/security/WSA-2016-0002.html
http://webkitgtk.org/security/WSA-2016-0001.html
http://webkitgtk.org/security/WSA-2015-0002.html

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-04-30 21:07:27 +02:00
Gustavo Zacarias
54bbd88b1f midori: bump to version 0.5.11
Also drop BR2_PACKAGE_MIDORI_HTTPS option since it's now handled in the
webkitgtk package to satisfy MiniBrowser.

This version can't work with the older webkitgtk24 engine so it switches
to the new version.

Also make gcr support conditional on x11 support for libgtk3, it doesn't
work otherwise.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-04-30 19:10:07 +02:00
Gustavo Zacarias
1f5bb44544 webkitgtk: new package
Add the latest 2.12.x upstream stable branch.

Both 2.4.x and 2.12.x can live side-by-side, however only the latest
stable branch/releases are security-maintained, so add it unslotted.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-04-30 19:08:14 +02:00
Thomas Petazzoni
88cbfd1007 android-tools: add new package
This package allows to build the fastboot and adb host utilities,
which can be used to interact with target devices implementing one of
these protocols.

The work behind the host utilities was funded by ECA Group
<http://www.ecagroup.com>. ECA Group is the copyright owner of the
contributed code.

The package also allows to build fastboot, adb and adbd daemon for the
target.

Regarding adbd, the target is required to have the FunctionFS USB Gadget
configuration. Then the following commands enable the use of adb:
 # modprobe g_ffs idVendor=0x18d1 idProduct=0x4e42 \
   iSerialNumber="buildroot"
 # mkdir -p /dev/usb-ffs/adb
 # mount -t functionfs adb /dev/usb-ffs/adb -o uid=2000,gid=2000
 # adbd &

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Antoine Tenart <antoine.tenart@free-electrons.com>
Signed-off-by: Gary Bisson <gary.bisson@boundarydevices.com>
Tested-by: Julien Corjon <corjon.j@ecagroup.com>
[Thomas:
 - update on top of master.
 - fix Config.in.host prompt, it should have been "host android-tools"
   and not just "android-tools".]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-04-30 19:04:10 +02:00
Waldemar Brodkorb
644d020b65 board: add qemu coldfire support
Add kernel config and defconfig for Qemu Coldfire.

Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-04-30 18:50:46 +02:00
Waldemar Brodkorb
015322fccb toolchain: add coldfire support
Add support for m68k/coldfire. A gcc patch is required
to avoid gcc ICE.

Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-04-30 18:50:46 +02:00
Romain Naour
e7a682be31 toolchain-external: bump CodeSourcery aarch64 to 2014.11
Runtime tested using qemu_aarch64_virt_defconfig.

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Cc: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
[Thomas: updated to the latest master branch.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-04-30 18:19:46 +02:00
Romain Naour
4d39ca1c2a toolchain-external: fix installation for CodeSourcery AArch64 toolchain
The extracted toolchain sources contains a single symlink in the
aarch64-linux-gnu/libc/lib directory wich is lost during Buildroot's
staging install.

aarch64-linux-gnu/libc/lib/ld-linux-aarch64.so.1 -> ../lib64/ld-2.18.so

Add a custom post install staging and target hooks to create it
manually.

Signed-off-by: Romain Naour <romain.naour@openwide.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
[Thomas: also make the same tweak in the target.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-04-30 15:41:40 +02:00
Waldemar Brodkorb
5e1b132495 move busybox-minimal.config to be used by other noMMU targets
Config can be used by other noMMU targets as qemu-system-m68k
with coldfire emulation.

Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-04-30 15:28:32 +02:00
Gustavo Zacarias
f282b13a27 qemu/x86*: update instructions to use virtio
Switch the invocation command to use virtio-blk and virtio-net for
better performance.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-04-30 14:58:10 +02:00
Gustavo Zacarias
51501c0e85 qemu/x86*: enable virtio for kernel config
It has better performance for block and net.
Enable virgl (DRM_VIRTIO_GPU) support for 3D acceleration.
And also DRM_BOCHS for better stdvga acceleration.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-04-30 14:56:34 +02:00
Gustavo Zacarias
1f85a91221 qemu/x86: use symlinked kernel config
It's exactly the same as the x86_64 variant so just create a symlink.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-04-30 14:56:27 +02:00
Thomas De Schampheleire
54d979cf90 opkg: add missing dependency on libarchive
opkg requires libarchive. This was expressed in the Config.in file with a
select, but not in the .mk file.

Signed-off-by: Thomas De Schampheleire <thomas.de.schampheleire@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-04-30 14:55:29 +02:00
Francois Perrad
ab51fb01f0 libtommath: build with -fPIC
This fixes the build on x86_64, see:

  http://autobuild.buildroot.net/results/212/212469db5dc8399070390603c0fdf7f12b130cda/

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-04-30 14:54:41 +02:00
Francois Perrad
62c8864cad perl: bump to version 5.22.2
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-04-30 14:53:37 +02:00
Gustavo Zacarias
70fc85f969 linux-headers: bump 4.1.x series
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-04-29 19:37:18 +02:00
Jörg Krause
8b639c7f31 shairport-sync: bump to version 2.8.3
Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-04-29 08:49:33 +02:00
Gustavo Zacarias
915576a01c php: security bump to version 5.6.21
Fixes (CVEs not assigned yet):
bug #72094 - Out of bounds heap read access in exif header processing
bug #71912 - libgd: signedness vulnerability
bug #72061 - Out-of-bounds reads in zif_grapheme_stripos with negative offset
bug #71843 - null ptr deref ZEND_RETURN_SPEC_CONST_HANDLER
bug #71952 - Corruption inside imageaffinematrixget

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-04-29 08:49:22 +02:00
Trent Piepho
bbe29b9896 purge-locales: Handle empty locale directories better
If a locale directory is empty, shell code like "for langdir in
$$dir/*;" will loop once with langdir set to "path/to/dir/*", rather
than not looping at all, which would obviously be the desired
behavior.

Then "grep -qx $${langdir##*/}" ungoes two shell expansions (how?)
that transform the expression from "${langdir##*/}" to "*" to "list of
all files in buildroot root dir".  Which is most certainly not what
this command was supposed to do.

If one of those files happens to be an 8GB flash image, grep consumes
all available memory and crashes trying to search it.

Signed-off-by: Trent Piepho <tpiepho@kymetacorp.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-04-28 23:48:09 +02:00
Peter Korsgaard
61451d7dd9 configs/sheevaplug_defconfig: use 4.5.2 kernel, configure eth0
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-04-28 23:29:13 +02:00
Francois Perrad
b4a6e61876 moarvm: use libtommath
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-04-28 22:44:55 +02:00
Gustavo Zacarias
40dab2d18e xf86-input-libinput: bump to version 0.18.0
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-04-28 22:41:52 +02:00
Gustavo Zacarias
2aa0f88a0f xterm: bump to version 324
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-04-28 22:41:47 +02:00
Gustavo Zacarias
dd2e6d1738 libxkbcommon: bump to version 0.6.1
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-04-28 22:40:46 +02:00
Gustavo Zacarias
82d6c70261 sshfs: bump to version 2.7
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-04-28 22:39:51 +02:00
Gustavo Zacarias
2cae3b0c0a subversion: security bump to version 1.9.4
Fixes:
CVE-2016-2167 - svnserve/sasl may authenticate users using the wrong
realm.
CVE-2016-2168 - Remotely triggerable DoS vulnerability in mod_authz_svn
during COPY/MOVE authorization check.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-04-28 21:14:06 +02:00
Martin Bark
692005ae90 package/nodejs: bump version to 6.0.0
See https://nodejs.org/en/blog/release/v6.0.0/

The patches from 5.11.0 have been copied to 6.0.0 with the following
changes:

 - Removed 0001-Remove-dependency-on-Python-bz2-module.patch,
   0003-Fix-va_list-not-declared.patch and
   0004-Fix-support-for-uClibc-ng.patch as all 3 have been fixed upstream
 - Renamed 0002-gyp-force-link-command-to-use-CXX.patch to
   0001-gyp-force-link-command-to-use-CXX.patch

Signed-off-by: Martin Bark <martin@barkynet.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-04-28 20:38:03 +02:00
Gustavo Zacarias
038d82eda4 mpv: va-api requires egl-drm, wayland and/or x11
The VA-API acceleration requires one or more of the egl-drm, wayland
and/or x11 backends.
Since the egl-drm backend means LIBGL (X11) + EGL + DRM we'll handle it
later once the mesa3d libgl hidden knob is applied.
So for now we'll support wayland and x11 until that happens. Fixes:
http://autobuild.buildroot.net/results/4b9/4b98d0c2c0617715e77fb47b3d97037c6b7562ec/

[Peter: pass --disable-vaapi if libva isn't enabled,
 invert wayland/X11 test as suggested by Thomas]
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-04-28 20:35:39 +02:00
Bernd Kuhls
6f8851d49c package/libdrm: bump version to 2.4.68
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-04-28 20:15:08 +02:00
Francois Perrad
cbed1c3b4a libtomcrypt: new package
[Peter: fix building without wchar]
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Reviewed-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-04-28 19:41:27 +02:00
Francois Perrad
c2282f8276 libtommath: new package
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Reviewed-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-04-28 19:41:09 +02:00
Peter Korsgaard
506662f74a mpv: fix typo in xkbcommon comment
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-04-28 14:14:33 +02:00
Peter Korsgaard
dc208df5b9 chrony: bump version
From the release notes:

Enhancements
------------
* Add support for NTP and command response rate limiting
* Add support for dropping root privileges on Mac OS X, FreeBSD, Solaris
* Add require and trust options for source selection
* Enable logchange by default (1 second threshold)
* Set RTC on Mac OS X with rtcsync directive
* Allow binding to NTP port after dropping root privileges on NetBSD
* Drop CAP_NET_BIND_SERVICE capability on Linux when NTP port is disabled
* Resolve names in separate process when seccomp filter is enabled
* Replace old records in client log when memory limit is reached
* Don't reveal local time and synchronisation state in client packets
* Don't keep client sockets open for longer than necessary
* Ignore poll in KoD RATE packets as ntpd doesn't always set it correctly
* Warn when using keys shorter than 80 bits
* Add keygen command to generate random keys easily
* Add serverstats command to report NTP and command packet statistics

Bug fixes
---------
* Fix clock correction after making step on Mac OS X
* Fix building on Solaris

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-04-28 14:12:21 +02:00
Julian Scheel
b4ccab9060 package/cryptopp: Backport gcc compatibility patch
Import patch from cryptopp upstream which fixes the gcc version checks
for using attribute deprecated with messages. Fixes build with host
gcc versions < 4.5.

Signed-off-by: Julian Scheel <julian@jusst.de>
[Thomas:
 - directly use the patch from upstream through <pkg>_PATCH rather
   than storing it in package/cryptopp/, as it helps avoiding
   line-endings problems: upstream has the source code with DOS line
   endings.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-04-28 13:50:03 +02:00
Gustavo Zacarias
a451a94805 mpv: fix wayland deps
The wayland backend requires libxkbcommon, so when wayland is available
select it to avoid build failure and obscure dependencies. Fixes:
http://autobuild.buildroot.net/results/ed2/ed2660361c9720e48dd5959f2711fd7f14031b0d/

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-04-28 13:34:39 +02:00
Benoît Mauduit
28967c847e raspberrypi3_defconfig: bump to kernel version 4.4.8
Signed-off-by: Benoît Mauduit <bmauduit@beneth.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-04-28 08:52:44 +02:00