Commit Graph

44482 Commits

Author SHA1 Message Date
André Hentschel
fdc21cddc3 configs/freescale_imx8qxpmek: new defconfig
Signed-off-by: André Hentschel <andre.hentschel@zf.com>
[Thomas: update DEVELOPERS file]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-02-23 16:30:36 +01:00
André Hentschel
7aaf176aea board/freescale/common/imx: add support for i.MX8X
Signed-off-by: André Hentschel <andre.hentschel@zf.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-02-23 16:23:08 +01:00
André Hentschel
57c67fed0e package/imx-mkimage: add support for i.MX8 and i.MX8X
Signed-off-by: André Hentschel <andre.hentschel@zf.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-02-23 15:59:37 +01:00
André Hentschel
c14d92d439 package/imx-mkimage: bump to rel_imx_4.14.78_1.0.0_ga
Signed-off-by: André Hentschel <andre.hentschel@zf.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-02-23 15:58:45 +01:00
André Hentschel
0366a0ec71 package/freescale-imx/imx-sc-firmware: new package
Signed-off-by: André Hentschel <andre.hentschel@zf.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-02-23 15:29:34 +01:00
André Hentschel
ba3d44891f package/freescale-imx/firmware-imx: add support for i.MX8X
Signed-off-by: André Hentschel <andre.hentschel@zf.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-02-23 15:28:56 +01:00
André Hentschel
c3568d58f8 package/freescale-imx: add option for i.MX8X
Signed-off-by: André Hentschel <andre.hentschel@zf.com>
[Thomas: split up from the firmware-imx patch]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-02-23 15:28:12 +01:00
Joseph Kogut
0cf6c82fc6 package/python-xlib: bump to version 0.25
LICENSE file changed due to line ending difference, updated checksum.

Signed-off-by: Joseph Kogut <joseph.kogut@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-02-23 14:52:50 +01:00
Bartosz Bilas
59d186454b boot/barebox: bump version to 2019.02.0
Signed-off-by: Bartosz Bilas <b.bilas@grinn-global.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-02-23 14:52:22 +01:00
Sergio Prado
0d9a2defb6 package/snort: build with OpenAppID support if luajit/openssl is enabled
Since version 2.9.12, OpenAppID [1] is enabled by default.

OpenAppID depends on luajit and openssl. If we leave it enabled by
default, snort would require luajit. Since luajit is not available on
all architectures, that would limit the usage of the snort package.

Since not all users will need/use OpenAppID, let's leave it disabled by
default. To build with OpenAppID support, the user will need to enable
luajit and libssl.

Also, it is necessary to apply a patch to fix a compile error when
building OpenAppID with uclibc and musl. The build fails when
dereferencing the rpcent structure because rpc.h is not been included.

[1] https://www.snort.org/downloads/openappid/9553

Signed-off-by: Sergio Prado <sergio.prado@e-labworks.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-02-23 14:51:48 +01:00
Sergio Prado
58a2000be8 package/snort: bump to version 2.9.12
Signed-off-by: Sergio Prado <sergio.prado@e-labworks.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-02-23 14:50:21 +01:00
Adrien Gallouët
910bfd57b4 package/glorytun: bump to version 0.1.0
The hash of the license file is only changed due to a year update:

-Copyright (c) 2015-2016, angt
+Copyright (c) 2015-2019, angt

Signed-off-by: Adrien Gallouët <adrien@gallouet.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-02-23 14:42:22 +01:00
Asaf Kahlon
d76942949d package/czmq: bump to version 4.2.0
Modified patch to fit the new version.

Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-02-23 14:39:20 +01:00
Asaf Kahlon
0e77e873ab package/python-pyzmq: bump to version 18.0.0
Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-02-23 14:30:30 +01:00
Asaf Kahlon
ad52e11078 package/python-py: bump to version 1.8.0
Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-02-22 22:40:20 +01:00
Asaf Kahlon
553bab0a28 package/python-psutil: bump to version 5.5.1
Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-02-22 22:39:15 +01:00
Asaf Kahlon
749e599a5b package/python-pip: bump to version 19.0.3
Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-02-22 22:32:30 +01:00
Markus Steinhilber
40d3f6e85c package/stm32flash: bump to version 0.5
Bump to latest official version.

Signed-off-by: Markus Steinhilber <markus.steinhilber@erbe-med.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-02-18 22:55:26 +01:00
Joseph Kogut
2f287be9cf package/python-sentry-sdk: bump to version 0.7.3
Signed-off-by: Joseph Kogut <joseph.kogut@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-02-18 22:47:38 +01:00
Joseph Kogut
634be864d9 package/python-websockets: bump to version 7.0
Signed-off-by: Joseph Kogut <joseph.kogut@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-02-18 22:47:36 +01:00
Etienne Carriere
2fc4790e67 package/optee-benchmark: new package
OP-TEE performance benchmark tools for the OP-TEE project.

This packages generates embedded Linux based OS materials used
to retrieve execution timing information on invocation of the
OP-TEE secure services.

It is added next to the OP-TEE client package in BR configuration.

This change references in Buildroot the today's latest OP-TEE
revision release tagged 3.4.0.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
[Thomas:
 - drop version selection
 - propagate the dependency of optee-client]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-02-17 23:01:11 +01:00
Etienne Carriere
7d1080a1b4 package/optee-test: new package
OP-TEE test package provide test materials as part of the OP-TEE
project helping platforms to verify their OP-TEE components
against a set of regression and performance tests.

Package is added in the BR package configuration next to the
OP-TEE client package.

This change references in Buildroot the today's latest OP-TEE
revision release tagged 3.4.0 with an added patch to fix an issue
reported by recent GCC toolchains.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
[Thomas:
 - drop version selection
 - propagate !BR2_STATIC_LIBS dependency of optee-client
 - make sure BR2_TARGET_OPTEE_OS_SDK is selected
 - use a patch generated by git format-patch
 - simplify the construct to build the examples]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-02-17 22:49:08 +01:00
Etienne Carriere
bd64fdb32c package/optee-examples: new package
This package generates embedded Linux based OS userland client
applications and OP-TEE OS trusted applications all embedded in the
file system. These applications shows how to use the APIs OP-TEE OS is
based on, both in the non secure and secure worlds.

Package is added next to the OP-TEE client package in the BR package
configuration.

This change references in Buildroot the today's latest OP-TEE revision
release tagged 3.4.0 with an added patch to fix an issue reported by
recent GCC toolchains.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
[Thomas:
 - drop version selection
 - propagate !BR2_STATIC_LIBS dependency of optee-client
 - make sure BR2_TARGET_OPTEE_OS_SDK is selected
 - use a patch generated by git format-patch
 - simplify the construct to build the examples]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-02-17 22:21:48 +01:00
Etienne Carriere
59cc325133 package/optee-client: new package
OP-TEE client API library and supplicant daemon from the
OP-TEE project are packaged in package/optee-client. An init script
launches the tee-supplicant deamon. Package is added to the
Security menu of BR configuration.

This change references in Buildroot the today's latest OP-TEE
revision release tagged 3.4.0.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
[Thomas:
 - remove version selection
 - add dependency on !BR2_STATIC_LIBS, as it unconditionally builds a
   shared library]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-02-17 21:03:25 +01:00
Peter Seiderer
05bbdb876d package/meson: bump version to 0.49.2
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-02-15 22:48:22 +01:00
Peter Seiderer
3777dc4bc8 package/ninja: bump version to 1.9.0
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-02-15 22:48:18 +01:00
Adrian Perez de Castro
5546dfd095 package/wpewebkit: security bump to version 2.22.4
This is a maintenance release of the current stable WPE WebKit version,
which contains security fixes for CVE identifiers: CVE-2019-6212,
CVE-2019-6215, CVE-2019-6216, CVE-2019-6217, CVE-2019-6226,
CVE-2019-6227, CVE-2019-6229, CVE-2019-6233, and CVE-2019-6234.
Additionally, it contains a few minor fixes.

Release notes can be found in the announcement:

  https://wpewebkit.org/release/wpe-2.22.4.html

More details on the issues covered by securit fixes can be found
in the corresponding security advisory:

  https://wpewebkit.org/security/WSA-2019-0001.html

Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-02-15 22:45:16 +01:00
Adrian Perez de Castro
33f0fd27fa package/wpebackend-fdo: bump to version 1.0.1
This release fixes contains a small fix which allows calling the
backend initialization routine more than once. Release notes:

  https://wpewebkit.org/release/wpebackend-fdo-1.0.1.html

Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-02-15 22:45:12 +01:00
Fabrice Fontaine
7c4d56a1cc package/libmad: remove LIBMAD_LIBTOOL_PATCH=NO
Since commit eae18d01ab "libmad: needs
autoreconf", autoreconf builds an up to date ltmain.sh so remove
LIBMAD_LIBTOOL_PATCH = NO which is not needed anymore

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-02-15 22:43:33 +01:00
Fabrice Fontaine
a36842af3b package/libcpprestsdk: add optional websocketpp dependency
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-02-15 22:31:50 +01:00
Peter Seiderer
b5e09f3899 package/edid-decode: bump version to 6def7bc
Changes since f56f329:

  0a454bc makefile: also honor LDFLAGS
  9e59ba9 edid-decode: update links, add README
  7684918 edid-decode: README: updates
  bc1e846 edid-decode: reformat to linux kernel coding style
  9cb3744 edid-decode: fix spurious warning about string termination
  3b26b8a edid-decode: fix wrong sample rate unit
  4437dd9 edid-decode: use const for unsigned char pointers to the EDID
  eee377b edid-decode: add support for QuantumData 980 EDID file format
  7d8f41f edid-decode: simplify data block parsing
  8c81ccf Add Samsung UE49KS8005 EDID
  ab18bef edid-decode: add HDMI Forum VSDB fields for HDMI 2.1b
  e9ffafc edid-decode: add options and new output formats
  b2da151 edid-decode: add --extract and --check options
  5eeb151 edid-decode: replace AdobeYCC/RGB by opYCC/RGB
  6def7bc edid-decode: make it easier to find the out-of-range monitor values

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-02-15 22:10:57 +01:00
Artem Senichev
46a4af5214 package/kexec: enable powerpc64le platforms
kexec has fully support of ppc64 platform:
https://www.kernel.org/doc/Documentation/kdump/kdump.txt

Signed-off-by: Artem Senichev <artemsen@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-02-15 22:00:24 +01:00
Thomas Petazzoni
c79fd35241 Release 2019.02-rc1
-----BEGIN PGP SIGNATURE-----
 
 iHAEABECADAWIQSrB9gG0s50H7iG7lCwJbqLWcNjGQUCXGPPyRIcamFjbWV0QHVj
 bGliYy5vcmcACgkQsCW6i1nDYxlq/ACg0grNI9aHdoTLXdIehHDes+9T+v4AoKaU
 g4JR3RkQ3gePPFlrwnJgBpRJ
 =le0M
 -----END PGP SIGNATURE-----

Merge tag '2019.02-rc1' into next

Release 2019.02-rc1
2019-02-13 22:47:01 +01:00
Peter Korsgaard
23a2885333 Update for 2019.02-rc1
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-02-13 09:03:54 +01:00
Gerome Burlats
fd8a02fd75 configs/qemu: Update defconfigs to Linux 4.19.16
Linux version are changed to 4.19.16 (LTS) for all qemu defconfigs,
except for riscv. riscv defconfigs are left unchanged because they have
a custom Linux repository causing more difficulties when upgrading to
4.19 for riscv32. And for the riscv64, it has been updated recently to
Linux 4.20 by another contributor.

Patch for arm-versatile-nommu is changed into a git format

Add cache attributes for xtensa-lx60-nommu config because the commit
7bb516ca54
added a new config variable for memory cache attribute:
CONFIG_MEMMAP_CACHEATTR

All these updated configs have been built successfully.

Signed-off-by: Gerome Burlats <gerome.burlats@smile.fr>
Cc: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-02-13 08:41:29 +01:00
Peter Korsgaard
a83e30ad63 utils/scanpypi: protect against zip-slip vulnerability in zip/tar handling
For details, see https://github.com/snyk/zip-slip-vulnerability

Older python versions do not validate that the extracted files are inside
the target directory.  Detect and error out on evil paths before extracting
.zip / .tar file.

Given the scope of this (zip issue was fixed in python 2.7.4, released
2013-04-06, scanpypi is only used by a developer when adding a new python
package), the security impact is fairly minimal, but it is good to get it
fixed anyway.

Reported-by: Bas van Schaik <security-reports@semmle.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-02-12 21:27:35 +01:00
Christian Stewart
424a90241c docker-engine: fix runc version check warning
Fixes the startup warning from Docker:

failed to retrieve runc version: unknown output format: runc version commit ...

Introduces a patch to replace the faulty version detection logic in the Docker
engine.

Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-02-12 20:21:44 +01:00
Christian Stewart
087e5147c3 docker-engine: bump to v18.09.2
Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-02-12 20:21:39 +01:00
Christian Stewart
97bdc36e3d docker-cli: bump to v18.09.2
Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-02-12 20:21:33 +01:00
Christian Stewart
f51e3a5004 docker-containerd: bump to v1.2.3
Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-02-12 20:21:30 +01:00
Fabrice Fontaine
c5b7678b4a package/mongodb: new package
Here is the list of the changes compared to the removed mongodb 3.3.4
version:
- Remove patch (not applicable anymore)
- Add patch (sent upstream) to fix openssl build with gcc 7 and
  -fpermissive
- Remove 32 bits x86 platforms, removed since version 3.4:
  https://docs.mongodb.com/manual/installation/#supported-platforms
- Change license: since October 2018, license is SSPL:
  - https://www.mongodb.com/community/licensing
  - https://jira.mongodb.org/browse/SERVER-38767
- gcc must be at least 5.3 so add a dependency on gcc >= 6
- Add a dependency on host-python-xxx modules:
  https://github.com/mongodb/mongo/blob/r4.0.6/docs/building.md
- Use system versions of boost, pcre, snappy, sqlite, yaml-cpp and zlib
  instead of embedded mongodb ones
- Add hash for license files

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Tested-by: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-02-12 20:13:40 +01:00
Fabrice Fontaine
dbbba13e71 package/python-typing: add host variant
host-python-typing is needed for mongodb 4.0.6

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-02-12 20:13:15 +01:00
Fabrice Fontaine
66d618cada package/python-pyyaml: add host variant
host-python-pyyaml is needed for mongodb 4.0.6

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[Peter: s/HOST_PYTHON/HOST_PYTHON_PYYAML/]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-02-12 20:12:14 +01:00
Fabrice Fontaine
e35fb62699 package/libyaml: add host variant
host-libyaml is needed for host-python-pyyaml

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-02-12 20:08:45 +01:00
Peter Korsgaard
6e3f7fbc07 package/runc: add upstream security fix for CVE-2019-5736
The vulnerability allows a malicious container to (with minimal user
interaction) overwrite the host runc binary and thus gain root-level
code execution on the host. The level of user interaction is being able
to run any command (it doesn't matter if the command is not
attacker-controlled) as root within a container in either of these
contexts:

  * Creating a new container using an attacker-controlled image.
  * Attaching (docker exec) into an existing container which the
    attacker had previous write access to.

For more details, see the advisory:

https://www.openwall.com/lists/oss-security/2019/02/11/2

The fix for this issue uses fexecve(3), which isn't available on uClibc, so
add a dependency on !uclibc to runc and propagate to the reverse
dependencies (containerd/docker-engine).

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-02-12 20:04:14 +01:00
Peter Korsgaard
11c55c94da support/testing: build a glibc toolchain for docker / docker-compose tests
runc (which is a reverse dependency of docker-engine) is about to gain a
!uclibc dependency, so move to a glibc toolchain instead.

There are currently no prebuilt x86_64 / core2 / glibc toolchains available,
so instead use the internal toolchain backend to build one.

While we are at it, drop the infra.basetest.BASIC_TOOLCHAIN_CONFIG
reference, as that ARM toolchain configuration doesn't make any sense for
this x86-64 based test.

add docker / docker-compose tests

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-02-12 20:03:46 +01:00
Baruch Siach
2e060d64e2 package/ghostscript: add upstream security fixes
CVE-2019-6116: Remote code execution.

https://www.openwall.com/lists/oss-security/2019/01/23/5

Cc: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-02-12 20:02:46 +01:00
Baruch Siach
0526c9f781 package/libarchive: add upstream security fixes
CVE-2019-1000019: Crash when parsing some 7zip archives.

CVE-2019-1000020: A corrupted or malicious ISO9660 image can cause
read_CE() to loop forever.

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-02-12 20:02:03 +01:00
Grégoire Delattre
9f1256e1aa board/pc: fix typo in board/pc/post-build.sh
Signed-off-by: Grégoire Delattre <gregoire.delattre@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-02-12 20:01:39 +01:00
Matt Weber
886f3109a5 package/sqlcipher: force libopenssl
v3.2.0 has a bug in the configure step which causes it to fail when being
built against libressl. As libopenssl is selected as the default, the
autobuilders have not uncovered this failure. The issue has been confirmed
in LTS 2018.02.10 (probably broken prior to that as well) and is not
related to the Openssl bump to 1.1.x.

Thread with more details
http://lists.busybox.net/pipermail/buildroot/2019-February/243133.html

Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-02-12 20:00:47 +01:00