aboutsummaryrefslogtreecommitdiff
path: root/package
Commit message (Collapse)AuthorAgeFilesLines
* host-mkpasswd: fix crash on Fedora 28 build hostGravatar Stefan Becker2018-05-031-0/+5
| | | | | | | | | | | | | | | | | | | crypt() is an optional glibc feature. Some distros, like Fedora 28, are phasing it out to be replaced with libxcrypt [1]. Unfortunately this change is only ABI compatible, not source code compatible, i.e. the code will compile with warnings about undefined crypt(), but the resulting binary will crash. Follow the guidance in the Fedora bug and include crypt.h when _XOPEN_CRYPT is not defined. [1] https://bugzilla.redhat.com/show_bug.cgi?id=1566464 Signed-off-by: Stefan Becker <chemobejk@gmail.com> Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com> (cherry picked from commit 3c514c2dc5186c4357b2c0fc2e1c4b47e0f555c7) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* linux-headers: bump 4.{4, 9, 14, 16}.x seriesGravatar Fabio Estevam2018-05-031-3/+3
| | | | | | | | [Peter: drop 4.16.x change] Signed-off-by: Fabio Estevam <festevam@gmail.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com> (cherry picked from commit c3cce05ac772e7803c81a8e8cb7fdcc1c21129cb) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* package/python: add upstream GCC8 build fixGravatar Stefan Becker2018-05-021-0/+65
| | | | | | | | | | Fedora 28 switched to GCC8. Signed-off-by: Stefan Becker <chemobejk@gmail.com> [Thomas: fixup location of SoB in the patch.] Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com> (cherry picked from commit a1b7f5e64d392a802adb586b97deea0a6f4f500e) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* core/pkg-generic: only save latest package listGravatar John Keeping2018-05-011-0/+2
| | | | | | | | | | | | | | | | | | | | When rebuilding a package, simply appending the package's file list to the global list means that the package list grows for every rebuild, as does the time taken to check for files installed by multiple packages. Furthermore, we get false positives where a file is reported as being installed by multiple copies of the same package. With this approach we may end up with orphaned files in the target filesystem if a package that has been updated and rebuilt no longer installs the same set of files, but we know that only a clean build will produce reliable results. In fact it may be helpful to identify these orphaned files as evidence that the build is not clean. Signed-off-by: John Keeping <john@metanate.com> Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com> (cherry picked from commit d3dca1e9936bcaa0eed226a5bcb8c6a4d1fd1472) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* linux-headers: bump 4.{9, 14, 16}.x seriesGravatar Fabio Estevam2018-05-011-2/+2
| | | | | | | | [Peter: drop 4.16.x change] Signed-off-by: Fabio Estevam <festevam@gmail.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com> (cherry picked from commit 1b503923497837e48e713b8deb8c3e06a11c9344) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* bluez5_utils: add patch to fix readline issueGravatar Thomas Petazzoni2018-05-012-0/+34
| | | | | | | | | | | | | | | | Since bluez5_utils 5.48, some code using readline was compiled even if readline was not available. After this issue was reported upstream, a patch was proposed by an upstream developer to address the issue. This commit integrates this patch (under review upstream), which fixes the problem. Fixes: http://autobuild.buildroot.net/results/3e266a79acab8b8eb33360f7afbc1cd6db46f7cb/ Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com> (cherry picked from commit d4158df6c19c76ea3405975b87f13b1c092a40e0) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* sdl2: update license file hashGravatar Baruch Siach2018-05-011-1/+1
| | | | | | | | | | | | | Copyright year update. Fixes: http://autobuild.buildroot.net/results/2c8/2c865463a4b7524114518c04dce9c94252433460/ Cc: Guillaume Gardet <guillaume.gardet@oliseo.fr> Signed-off-by: Baruch Siach <baruch@tkos.co.il> Signed-off-by: Peter Korsgaard <peter@korsgaard.com> (cherry picked from commit 5a8f887e7ab6c28b2d5a4c01266bc75943cea90c) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* sdl2_image: security bump to version 2.0.3Gravatar Peter Korsgaard2018-04-302-2/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes the following security issues: CVE-2017-12122: An exploitable code execution vulnerability exists in the ILBM image rendering functionality of SDL2_image-2.0.2. A specially crafted ILBM image can cause a heap overflow resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability. CVE-2017-14440: An exploitable code execution vulnerability exists in the ILBM image rendering functionality of SDL2_image-2.0.2. A specially crafted ILBM image can cause a stack overflow resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability. CVE-2017-14441: An exploitable code execution vulnerability exists in the ICO image rendering functionality of SDL2_image-2.0.2. A specially crafted ICO image can cause an integer overflow, cascading to a heap overflow resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability. CVE-2017-14442: An exploitable code execution vulnerability exists in the BMP image rendering functionality of SDL2_image-2.0.2. A specially crafted BMP image can cause a stack overflow resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability. CVE-2017-14448: An exploitable code execution vulnerability exists in the XCF image rendering functionality of SDL2_image-2.0.2. A specially crafted XCF image can cause a heap overflow resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability. CVE-2017-14449: A double-Free vulnerability exists in the XCF image rendering functionality of SDL2_image-2.0.2. A specially crafted XCF image can cause a Double-Free situation to occur. An attacker can display a specially crafted image to trigger this vulnerability. CVE-2017-14450: A buffer overflow vulnerability exists in the GIF image parsing functionality of SDL2_image-2.0.2. A specially crafted GIF image can lead to a buffer overflow on a global section. An attacker can display an image to trigger this vulnerability. For details, see the announcement: https://discourse.libsdl.org/t/sdl-image-2-0-3-released/23958 Also add a hash for the license file while we're at it. Signed-off-by: Peter Korsgaard <peter@korsgaard.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com> (cherry picked from commit 5fb8fbbb3e776a186731ae929244a82ea2db1878) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* sdl2: bump version to 2.0.8Gravatar Peter Korsgaard2018-04-303-170/+3
| | | | | | | | | Drop now upstreamed patch. Signed-off-by: Peter Korsgaard <peter@korsgaard.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com> (cherry picked from commit f26654596ecfe40963cb51ba939c00de458fa82e) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* package/python-requests: needs hashlib for python 2Gravatar Sven Haardiek2018-04-301-0/+1
| | | | | | | | | | | | Requests need hashlib to run with Python 2. Otherwise it is not possible to import, due to missing e.g. md5. [Peter: tweak commit message] Signed-off-by: Sven Haardiek <sven.haardiek@iotec-gmbh.de> Signed-off-by: Peter Korsgaard <peter@korsgaard.com> (cherry picked from commit 2c2f6f6630294fa256a4f66db5a4ab1f920b0a65) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* libtomcrypt: fix headers installation pathGravatar Baruch Siach2018-04-301-1/+3
| | | | | | | | | | | | | | | | | | | | libtomcrypt installs its headers by default in /usr/local/include under the staging sysroot. This path is not in the default search patch of some toolchains. This breaks the build of dropbear. Set the PREFIX make variable to fix that. While at it, split the long install command for better readability. Fixes (dropbear): http://autobuild.buildroot.net/results/215/2157679e276623ae875d1b31f3e5a68caf586536/ http://autobuild.buildroot.net/results/956/956d254675e6500c19c3bb7ccdf12ce136858720/ http://autobuild.buildroot.net/results/01e/01ec89a81c4ec6e36e2f81b5a9394050a91df654/ Cc: Francois Perrad <francois.perrad@gadz.org> Signed-off-by: Baruch Siach <baruch@tkos.co.il> Signed-off-by: Peter Korsgaard <peter@korsgaard.com> (cherry picked from commit 73e1f9b0a46ccf55419f43c35ca762a8fdc3b32c) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* linux-headers: bump 4.4.x seriesGravatar Bernd Kuhls2018-04-301-1/+1
| | | | | | | Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com> (cherry picked from commit 5772a14d0bdd93a144672685c84951e9497b746e) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* python-watchdog: add missing runtime dependencyGravatar Yegor Yefremov2018-04-301-3/+4
| | | | | | | | | Script watchmedo requires python-setuptools. Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com> (cherry picked from commit 7a801da8eaa0f4c45d20519afd6d653c2ed76248) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* python-watchdog: add support for uClibcGravatar Yegor Yefremov2018-04-301-0/+43
| | | | | | | | | This patch fixes uClibc detection. Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com> (cherry picked from commit 13d946cbdfcc3e2b3ed2eb11b612e381ea7053b2) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* libcgi: add license file (with its hash)Gravatar Fabrice Fontaine2018-04-302-0/+4
| | | | | | | Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com> (cherry picked from commit b3d74f04a8df1bd0a23ab1ca18f3224ebc90cc4f) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* package/php: security bump to version 7.2.5Gravatar Bernd Kuhls2018-04-304-64/+2
| | | | | | | | | | | | | | | | | | | | | | Changelog: http://www.php.net/ChangeLog-7.php#7.2.5 This release fixes several security-related bugs for which no CVE id's are assigned at the time of writing: https://bugs.php.net/bug.php?id=76129 https://bugs.php.net/bug.php?id=76130 https://bugs.php.net/bug.php?id=76248 https://bugs.php.net/bug.php?id=76249 Removed patch 0008, applied upstream: https://github.com/php/php-src/commit/2842aa2a078eb1cad55540b61e7edf111395150d Re-numbered patch 0009 -> 0008. Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com> (cherry picked from commit e14dc96df9998f35879854c60e61bcb898423900) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* package/gdb: don't remove support files if python chosenGravatar Jonas Zaddach2018-04-301-0/+2
| | | | | | | | | | | | | | | | | If one wants to use GDB with python support on the target, you need the support files installed by GDB. These get usually deleted to save some space, so I just wrapped the Makefile code deleting them in a conditional block depending on if python support is active or not. Signed-off-by: Jonas Zaddach <jzaddach@cisco.com> Reviewed-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be> [Thomas: - use positive logic "if python is disabled" - put the comment inside the condition, as suggested by Arnout] Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com> (cherry picked from commit fa5ca6974d2504dccc35f43dcabcf30f076d8685) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* package/flann: fix build with cmake >= 3.11Gravatar Romain Naour2018-04-301-0/+80
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | CMake < 3.11 doesn't support add_library() without any source file (i.e add_library(foo SHARED)). But flann CMake use a trick that use an empty string "" as source list (i.e add_library(foo SHARED "")). This look like a bug in CMake < 3.11. With CMake >= 3.11, the new behaviour of add_library() break the existing flann CMake code. >From CMake Changelog [1]: "add_library() and add_executable() commands can now be called without any sources and will not complain as long as sources are added later via the target_sources() command." Note: flann CMake code doesn't use target_sources() since no source file are provided intentionally since the flann shared library is created by linking with the flann_cpp_s static library with this line: target_link_libraries(flann_cpp -Wl,-whole-archive flann_cpp_s -Wl,-no-whole-archive) If you try to use "add_library(flann_cpp SHARED ${CPP_SOURCES})" (as it should be normally done), the link fail due to already defined symbol. They are building the shared version using the static library "to speedup the build time" [3] This issue is already reported upstream [2] with a proposed solution. Fixes: http://autobuild.buildroot.net/results/b2f/b2febfaf8c44ce477b3e4a5b9b976fd25e8d7454 [1] https://cmake.org/cmake/help/v3.11/release/3.11.html [2] https://github.com/mariusmuja/flann/issues/369 [3] https://github.com/mariusmuja/flann/commit/0fd62b43be2fbb0b8d791ee36290791224dc030c Signed-off-by: Romain Naour <romain.naour@gmail.com> Cc: Davide Viti <zinosat@tiscali.it> Cc: Bernd Kuhls <bernd.kuhls@t-online.de> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com> (cherry picked from commit 0c469478f64d0ddaf72c0622a1830d855306d51c) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* linux-headers: bump 4.{14, 16}.x seriesGravatar Fabio Estevam2018-04-301-1/+1
| | | | | | | | [Peter: drop 4.16.x change] Signed-off-by: Fabio Estevam <festevam@gmail.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com> (cherry picked from commit c43b3635cbc4e960cdfd98b53c59dd8bf2cbf67d) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* wireguard: bump to version 0.0.20180420Gravatar Jason A. Donenfeld2018-04-302-3/+3
| | | | | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com> (cherry picked from commit 062dcceed0ba0d2b1929597ad9b0393dbdb21628) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* wireguard: bump version to 0.0.20180304Gravatar Peter Korsgaard2018-04-302-3/+3
| | | | | | Signed-off-by: Peter Korsgaard <peter@korsgaard.com> (cherry picked from commit 54e210522faf7dff3e68e22bb802102f891098c8) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* libgpg-error: bump to version 1.29Gravatar Baruch Siach2018-04-303-62/+3
| | | | | | | | | Drop upstream patch. Signed-off-by: Baruch Siach <baruch@tkos.co.il> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com> (cherry picked from commit 4a92ee34daaf1515a048ce5ae59d9d4c6939de39) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* libgpg-error: bump to version 1.28Gravatar Baruch Siach2018-04-303-3/+67
| | | | | | | | | | | | | | | | Add upstream patch fixing arm/arm64 targets build failure. Use the smaller bz2 compressed tarball. Switch _SITE to https for better security and corporate firewall compatibility. Add license files hash. Signed-off-by: Baruch Siach <baruch@tkos.co.il> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com> (cherry picked from commit 692d191c8b0b3c86022e6a6ba3bd2d8f53b39f03) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* gnupg2: security bump to version 2.2.6Gravatar Baruch Siach2018-04-302-6/+6
| | | | | | | | | | | | | | Fixes CVE-2018-9234: Unenforced configuration allows for apparently valid certifications actually signed by signing subkeys. Remove --disable-doc from configure options. We pass this options to all autotools packages. Cc: Vicente Olivert Riera <Vincent.Riera@imgtec.com> Signed-off-by: Baruch Siach <baruch@tkos.co.il> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com> (cherry picked from commit 3db93884a442f6d0742ada5d8ed7818e24223ace) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* gnupg2: bump to version 2.2.5Gravatar Baruch Siach2018-04-302-5/+5
| | | | | | | | Cc: Vicente Olivert Riera <Vincent.Riera@imgtec.com> Signed-off-by: Baruch Siach <baruch@tkos.co.il> Signed-off-by: Peter Korsgaard <peter@korsgaard.com> (cherry picked from commit 379c34739082f3906ccf4877b85a2e714606bffe) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* libgpgme: fix run-time compatibility with gnupg2 2.2.6Gravatar Baruch Siach2018-04-301-0/+51
| | | | | | | | | | | | Add upstream patch fixing gpgme_op_verify regression with gnupg2 2.2.6. https://lists.gnupg.org/pipermail/gnupg-users/2018-April/060230.html Cc: Philipp Claves <claves@budelmann-elektronik.com> Signed-off-by: Baruch Siach <baruch@tkos.co.il> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com> (cherry picked from commit 5be60127e559d80daf27eea2248f206f9ac6d69c) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* linux-headers: bump 4.{4, 9, 14, 16}.x seriesGravatar Fabio Estevam2018-04-301-3/+3
| | | | | | | | [Peter: drop 4.16.x change] Signed-off-by: Fabio Estevam <festevam@gmail.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com> (cherry picked from commit e13a22f17a5041557a080150f1d260181fa99bee) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* mbedtls: security bump to version 2.7.2Gravatar Baruch Siach2018-04-303-37/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | The release announcement mentions these security fixes: Defend against Bellcore glitch attacks by verifying the results of RSA private key operations. Fix implementation of the truncated HMAC extension. The previous implementation allowed an offline 2^80 brute force attack on the HMAC key of a single, uninterrupted connection (with no resumption of the session). Reject CRLs containing unsupported critical extensions. Fix a buffer overread in ssl_parse_server_key_exchange() that could cause a crash on invalid input. (CVE-2018-9988) Fix a buffer overread in ssl_parse_server_psk_hint() that could cause a crash on invalid input. (CVE-2018-9989) Drop upstream patch. Signed-off-by: Baruch Siach <baruch@tkos.co.il> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com> (cherry picked from commit babc94e9dd4a1a04c4a0befdb6d32236a30b8ea8) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* linux-headers: bump 4.9.x seriesGravatar Bernd Kuhls2018-04-301-1/+1
| | | | | | | Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com> (cherry picked from commit 26148a247f3757b0ee7f24b10f13c0451f25a9ae) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* linux-headers: bump 4.{14, 15, 16}.x seriesGravatar Fabio Estevam2018-04-301-2/+2
| | | | | | | | [Peter: drop 4.16.x change] Signed-off-by: Fabio Estevam <festevam@gmail.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com> (cherry picked from commit ea4921d875a45fe03b86b672a432ff2e88268733) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* package/tcllib: update license to SPDX formatGravatar Romain Naour2018-04-302-1/+2
| | | | | | | | | While at it add the license file hash. Signed-off-by: Romain Naour <romain.naour@smile.fr> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com> (cherry picked from commit 2c82d7c605e53d3687ff63f31e135ec7ce92ea05) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* package/tcl: update license to SPDX formatGravatar Romain Naour2018-04-302-1/+2
| | | | | | | | | While at it add the license file hash. Signed-off-by: Romain Naour <romain.naour@smile.fr> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com> (cherry picked from commit 8fa4e9792917ae6beb2782ea5938cc4cf0d3f1e7) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* package/libcec: disable build infosGravatar Romain Naour2018-04-301-0/+7
| | | | | | | | | | | | | Build infos can break the build due to missing terminating " character. Fixes: http://autobuild.buildroot.net/results/3b1/3b1182783fc958dfed96c6b1c097993662fc7308 Signed-off-by: Romain Naour <romain.naour@gmail.com> Cc: Bernd Kuhls <bernd.kuhls@t-online.de> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com> (cherry picked from commit 4600c2444d3df3f709d6656f98e636223e0bc4af) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* syslog-ng: bump version header in conf file to 3.10Gravatar Ricardo Martincoski2018-04-302-1/+3
| | | | | | | | | | | | | | | | | Remove a runtime warning message about configuration file being too old. Do the same as commit 3dad25466d "syslog-ng: Bump version header in conf file to 3.9". Package version of syslog-ng is 3.10.1, so bump version number in syslog-ng.conf to 3.10. Also add a comment to avoid the same warning message reappears when the package is bumped. Signed-off-by: Ricardo Martincoski <ricardo.martincoski@datacom.ind.br> Cc: Chris Packham <judge.packham@gmail.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com> (cherry picked from commit 905f8d814ad21af9c3fd22ececce0824cb20db80) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* package/wmctrl: x-includes and x-libraries must be set for cross-compilingGravatar Romain Naour2018-04-301-0/+4
| | | | | | | | | | | | | | | set x-includes and x-libraries configure option for cross-compiling. wmctrl can use poisoned paths if these options are not passed to configure script. Fixes: http://autobuild.buildroot.net/results/7e5/7e5cba8a5650a00e10d1a5528f38cb2bf772aee1 Signed-off-by: Romain Naour <romain.naour@gmail.com> Cc: Jérôme Pouiller <jezz@sysmic.org> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com> (cherry picked from commit 046c5e25634bbf827c43617bf1967ab469418908) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* usb_modeswitch: set CXX to false when C++ is missingGravatar Baruch Siach2018-04-301-0/+1
| | | | | | | | | | | | | | | | | | | Similar to the openocd fix in commit 5966e2dc54 (package/openocd: fix fallout after no-C++ fixups) the jimctl that is bundled with usb_modeswitch also wants to find a binary. This broke with commit 4cd1ab158 (core: alternate solution to disable C++). Revert to 'false' instead of 'no' here as well. Fixes: http://autobuild.buildroot.net/results/b4d/b4d4e925763cb6558af915f9781afe07fc557ebc/ http://autobuild.buildroot.net/results/61b/61b9dc2148df2e8fd0b30e62aedbfd30bb755e19/ http://autobuild.buildroot.net/results/468/468a7e6b049f159fbb4e79d3a12b53ca890f6933/ Cc: "Yann E. MORIN" <yann.morin.1998@free.fr> Signed-off-by: Baruch Siach <baruch@tkos.co.il> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com> (cherry picked from commit 107e3ebf45931adfc9c995dbb5db3bf1d17311d3) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* qt5: qt5websockets: install missing qml modulesGravatar Manfred Schlaegl2018-04-301-0/+1
| | | | | | | | | | | | | | | QML modules for QtWebSockets are located in /usr/qml/QtWebSockets since Qt 5.5. /usr/qml/Qt/WebSockets still exists for compatibility reasons, but it contains only a qmldir file which points to ../../QtWebSockets/. see also: http://doc.qt.io/qt-5.6/qtwebsockets-qmlmodule.html Signed-off-by: Manfred Schlaegl <manfred.schlaegl@ginzinger.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com> (cherry picked from commit 4f726cef4c5709cf4f894e436b4022989adc9e9f) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* qt53d: install missing QML modules, plugins and examplesGravatar Romain Reignier2018-04-301-0/+10
| | | | | | | | | | | | | | | | Some files were missing on the first build of qt53d but added later: - by qt5base for the plugins because it copies the whole /usr/lib/qt/plugins directory - by qt5declarative for the QML modules because it copies the whole /usr/qml directory Also, the qt53d examples were not installed if BR2_PACKAGE_QT5BASE_EXAMPLES was set. Signed-off-by: Romain Reignier <rom.reignier@gmail.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com> (cherry picked from commit 4fd448c9c1e3ed7ca0f09441bf8a854eb9130190) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* systemd: add compatibility symlink for 'shutdown'Gravatar Anssi Hannula2018-04-301-0/+1
| | | | | | | | | | | In addition to the 'halt', 'poweroff', 'reboot' symlinks pointing to systemctl, add 'shutdown'. Signed-off-by: Anssi Hannula <anssi.hannula@bitwise.fi> Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com> (cherry picked from commit 36ed046623129bb879ef50cd40dcc65b27c9da0f) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* linux-headers: bump 4.{4, 9}.x seriesGravatar Fabio Estevam2018-04-301-2/+2
| | | | | | | Signed-off-by: Fabio Estevam <festevam@gmail.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com> (cherry picked from commit 338f32634069ce2610132fa70974a5b429ccc51c) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* linux-headers: bump 4.{15, 16}.x seriesGravatar Fabio Estevam2018-04-301-1/+1
| | | | | | | | [Peter: drop 4.16.x change] Signed-off-by: Fabio Estevam <festevam@gmail.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com> (cherry picked from commit 77ebc428d62ae2b40e723b401bc003f26fcbc601) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* libglib2: fix licenseGravatar Fabrice Fontaine2018-04-301-1/+1
| | | | | | | | | | libglib2 is licensed under LGPL-2.1+ and not LGPL-2.0+ since release 2.53.3 Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com> (cherry picked from commit fbd809c5f2c826b13d99843bf6fd003f8a5a128f) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* package/uclibc: Fix ffmpeg build on aarch64Gravatar Bernd Kuhls2018-04-291-0/+49
| | | | | | Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de> Reviewed-by: Romain Naour <romain.naour@gmail.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* Revert "package/bash: add /bin/bash to /etc/shells"Gravatar Arnout Vandecappelle (Essensium/Mind)2018-04-291-4/+0
| | | | | | | | | | | | | | | | | | | | | | | | | Commit 4d279697af added /bin/bash to /etc/shells. In the default skeleton, however, /etc/shells doesn't exist, so in fact it creates this file, containing only /bin/bash. Therefore, when bash is selected, /bin/sh does not appear in /etc/shells and bash is the only shell allowed. Since /bin/sh is the shell that is used for root in the default skeleton's /etc/passwd, root is no longer able to log in. The proper solution is to add all available shells to /etc/shells. For now, however, just revert commit 4d279697af as a stop-gap measure. That way, the default situation still works, and only people who update /etc/passwd with additional logins but don't update /etc/shells will suffer. This reverts commit 4d279697afbf8fb295274784103be2b837113d5e. Fixes: https://bugs.busybox.net/show_bug.cgi?id=10896 Cc: Romain Naour <romain.naour@smile.fr> Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be> Acked-by: Romain Naour <romain.naour@smile.fr> Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* patch: add upstream security fixGravatar Baruch Siach2018-04-093-0/+196
| | | | | | | | | | | | | Fixes CVE-2018-1000156: arbitrary command execution in ed-style patches. Depend on MMU for now, because the patch adds a fork() call. Upstream later switched to gnulib provided execute(), so this dependency can be dropped on the next version bump. Signed-off-by: Baruch Siach <baruch@tkos.co.il> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com> (cherry picked from commit f4a4df2084b923f29eca2130976ca10a7aa6b719) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* package/kmod: fix host installGravatar Yann E. MORIN2018-04-091-1/+1
| | | | | | | | | | | | | | | | The host directory no longer uses /usr. This currently works because we still have the legacy /usr symlink, but for correctness it is better that we just fix it. Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr> Cc: Yegor Yefremov <yegorslists@googlemail.com> Cc: Arnout Vandecappelle <arnout@mind.be> Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com> Cc: Peter Korsgaard <peter@korsgaard.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com> (cherry picked from commit dac25351e6453b35ded611ff367b95bb4b10a9cf) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* php: fix emalloc/efree/estrdup/... undefined referencesGravatar Thomas Petazzoni2018-04-091-0/+71
| | | | | | | | | | | | | | | | | | zend_alloc.h defines some macros such as: Where _estrdup is the actual function implemented by the PHP core. If this header file is not included, and some code uses estrdup, one ends up with an undefined reference. This happens when libexpat support is enabled. This commit adds a PHP patch that fixes this issue. The patch has been submitted upstream through a Github pull request. Fixes: http://autobuild.buildroot.net/results/889d2c1f509c035cd506e36061939bfddc8f1500/ Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com> (cherry picked from commit fc4b66dbc1b71e871129ce14b289fcda6eb3ea10) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* wireshark: bump version to 2.2.14 (security)Gravatar André Hentschel2018-04-092-3/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Security fixes since 2.2.12: - wnpa-sec-2018-15 The MP4 dissector could crash. (Bug 13777) - wnpa-sec-2018-16 The ADB dissector could crash. (Bug 14460) - wnpa-sec-2018-17 The IEEE 802.15.4 dissector could crash. (Bug 14468) - wnpa-sec-2018-18 The NBAP dissector could crash. (Bug 14471) - wnpa-sec-2018-19 The VLAN dissector could crash. (Bug 14469) - wnpa-sec-2018-20 The LWAPP dissector could crash. (Bug 14467) - wnpa-sec-2018-23 The Kerberos dissector could crash. (Bug 14576) - wnpa-sec-2018-05 The IEEE 802.11 dissector could crash. Bug 14442, CVE-2018-7335 - wnpa-sec-2018-06 Multiple dissectors could go into large infinite loops. All ASN.1 BER dissectors (Bug 14444), along with the DICOM (Bug 14411), DMP (Bug 14408), LLTD (Bug 14419), OpenFlow (Bug 14420), RELOAD (Bug 14445), RPCoRDMA (Bug 14449), RPKI-Router (Bug 14414), S7COMM (Bug 14423), SCCP (Bug 14413), Thread (Bug 14428), Thrift (Bug 14379), USB (Bug 14421), and WCCP (Bug 14412) dissectors were susceptible. - wnpa-sec-2018-07 The UMTS MAC dissector could crash. Bug 14339, CVE-2018-7334 - wnpa-sec-2018-09 The FCP dissector could crash. Bug 14374, CVE-2018-7336 - wnpa-sec-2018-10 The SIGCOMP dissector could crash. Bug 14398, CVE-2018-7320 - wnpa-sec-2018-11 The pcapng file parser could crash. Bug 14403, CVE-2018-7420 - wnpa-sec-2018-12 The IPMI dissector could crash. Bug 14409, CVE-2018-7417 - wnpa-sec-2018-13 The SIGCOMP dissector could crash. Bug 14410, CVE-2018-7418 - wnpa-sec-2018-14 The NBAP disssector could crash. Bug 14443, CVE-2018-7419 Full release notes: https://www.wireshark.org/docs/relnotes/wireshark-2.2.14.html Signed-off-by: André Hentschel <nerv@dawncrow.de> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com> (cherry picked from commit c5c87c2bb61efb31421b345bdbf6931b882ff6a9) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* linux-headers: bump 4.{4, 9, 14, 15}.x seriesGravatar Fabio Estevam2018-04-081-4/+4
| | | | | | | Signed-off-by: Fabio Estevam <festevam@gmail.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com> (cherry picked from commit 2661d47425f866cf56617d2928b6b96566db8de4) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* php: fix how PCRE JIT is disabledGravatar Thomas Petazzoni2018-04-081-6/+4
| | | | | | | | | | | | | | | | | | | When the internal PCRE library of PHP is used, it tries to use a JIT engine, which is only available on some architectures. However, the mechanism used to disable JIT has changed in recent PHP versions, and it now has a proper --without-pcre-jit option. Switch over to that to properly disable JIT on unsupported platforms. It has been tested to fix the build of PHP on ARC and Microblaze. Fixes: http://autobuild.buildroot.net/results/e1359fcad7bc57e3c5a7ecc37abaa2cf6a6a9ffa/ Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com> (cherry picked from commit 9850612ea5e9fc9c377d11ec9c2930bfd812754a) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>