Put together alsa-lib dependency and configure option code. As a side
effect we now avoid alsa-lib dependency when the required support in
alsa is missing.
Use positive logic.
Explicitly enable alsa support when available.
Signed-off-by: Baruch Siach <baruch@tkos.co.il> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Peter Korsgaard [Wed, 20 Dec 2017 11:26:01 +0000 (12:26 +0100)]
qemu: security bump to version 2.10.2
Fixes the following security issues:
CVE-2017-13672: QEMU (aka Quick Emulator), when built with the VGA display
emulator support, allows local guest OS privileged users to cause a denial
of service (out-of-bounds read and QEMU process crash) via vectors involving
display update.
CVE-2017-15118: Stack buffer overflow in NBD server triggered via long
export name
CVE-2017-15119: DoS via large option request
CVE-2017-15268: Qemu through 2.10.0 allows remote attackers to cause a
memory leak by triggering slow data-channel read operations, related to
io/channel-websock.c.
For more details, see the release announcement:
https://lists.nongnu.org/archive/html/qemu-devel/2017-12/msg03618.html
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Jagan Teki [Wed, 20 Dec 2017 09:53:30 +0000 (10:53 +0100)]
board: Add Bananapi M64 support
Add initial support for bananapi M64 board
with below features:
- U-Boot 2017.11
- Linux 4.14
- Default packages from buildroot
Cc: Jason <manager@sinovoip.com.cn> Cc: hailymei@banana-pi.com <hailymei@banana-pi.com> Signed-off-by: Jagan Teki <jagan@amarulasolutions.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Peter Korsgaard [Tue, 19 Dec 2017 11:56:28 +0000 (12:56 +0100)]
rsync: add upstream security fix for CVE-2017-16548
The receive_xattr function in xattrs.c in rsync 3.1.2 and 3.1.3-development
does not check for a trailing '\0' character in an xattr name, which allows
remote attackers to cause a denial of service (heap-based buffer over-read
and application crash) or possibly have unspecified other impact by sending
crafted data to the daemon.
For more details, see:
https://bugzilla.samba.org/show_bug.cgi?id=13112
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Baruch Siach [Tue, 19 Dec 2017 15:12:32 +0000 (17:12 +0200)]
pulseaudio: remove the ConsoleKit module
The ConsoleKit module is loaded by default from the default.pa
configuration file, but its initialization fails because Buildroot has
no ConsoleKit package yet. This breaks per-user pulseaudio daemon.
The default.pa configuration load module-console-kit only when it
exists. Remove module-console-kit to fix pulseaudio per-user startup.
Signed-off-by: Baruch Siach <baruch@tkos.co.il> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Damien Riegel [Mon, 18 Dec 2017 21:19:35 +0000 (16:19 -0500)]
lldpd: remove check on CXX compiler
lldpd currently depends on a C++ compiler to configure properly, but
the package doesn't select that option, so builds fail if
BR2_TOOLCHAIN_BUILDROOT_CXX is not selected with following errors:
checking how to run the C++ preprocessor... /lib/cpp
configure: error: in `/home/dkc/src/buildroot/build-zii/build/lldpd-0.9.4':
configure: error: C++ preprocessor "/lib/cpp" fails sanity check
This package actually builds fine without C++, so drop this check in
configure.ac. Attached patch has already been accepted upstream [1].
Thomas Petazzoni [Sun, 17 Dec 2017 08:55:53 +0000 (09:55 +0100)]
boot/arm-trusted-firmware: build fiptool separately with dependency on host-openssl
ATF >= 1.3 builds a host program called fiptool which uses
OpenSSL, so we need to build host-openssl. We could have made it an
optional dependency like U-Boot does, but since most ATF versions are
going to be >= 1.3 in the near future, we simply make host-openssl a
mandatory dependency.
However, the ATF build system is not very good, and you can't easily
pass flags that will affect the build of host programs. Therefore, we
take the approach of building fiptool separately before triggering the
real build process.
It would obviously be better to fix ATF itself, but as usual with
those bootloader packages, we fetch different versions depending on
the platform/configuration, making it difficult to use patches.
Mario Lang [Mon, 18 Dec 2017 09:51:43 +0000 (10:51 +0100)]
package/brltty: disable features and add optional dependencies
* --without-midi-package should fix a number of autobuild failures.
* Disable a number of speech drivers to avoid build failures
if they are installed on the host.
* Optional dependency on espeak and flite fixes builds where
espeak or flite are installed on the host.
added support for ffmpeg 3.0+ the next commit, which fixed the build of
the bundled mediastreamer2 library, added --disable-video:
https://git.buildroot.net/buildroot/commit/package/linphone?id=f3492b28d89c1f2448c9662a6f755cb48e8c0f0b
At this point the ffmpeg 3.0 patches could have been removed because
ffmpeg is only used if video support is enabled:
Thomas Petazzoni [Mon, 18 Dec 2017 08:52:00 +0000 (09:52 +0100)]
shapelib: fix legal information
Following the bump of shapelib in commit 333f5605958283c58f21a990bb5e36067489b72b, the licensing information
got broken, as the LICENSE.LGPL file is now named COPYING.
While at it, let's add the hashes for the license files.
Thomas Petazzoni [Mon, 18 Dec 2017 08:21:05 +0000 (09:21 +0100)]
package/*/Config.in: fix help text check-package warnings
This commit fixes the warnings reported by check-package on the help
text of all package Config.in files, related to the formatting of the
help text: should start with a tab, then 2 spaces, then at most 62
characters.
The vast majority of warnings fixed were caused by too long lines. A
few warnings were related to spaces being used instead of a tab to
indent the help text.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Mario Lang [Mon, 27 Nov 2017 22:56:45 +0000 (23:56 +0100)]
brltty: new package
Signed-off-by: Mario Lang <mlang@blind.guru>
[Thomas:
- wrap too long CONF_OPTS line that disables all the language
bindings
- use an intermediate BRLTTY_TEXT_TABLE variable to store the
qstripped version of BR2_PACKAGE_BRLTTY_TEXT_TABLE.] Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Zoltan Gyarmati [Sat, 16 Dec 2017 23:52:59 +0000 (00:52 +0100)]
proj: new package
Signed-off-by: Zoltan Gyarmati <mr.zoltan.gyarmati@gmail.com>
[Thomas:
- switch to the autotools build system, which supports static linking
properly
- add <pkg>_LICENSE_FILES
- add sha256 hash for the tarball, in addition to the md5 one
- add license file hash
- squash DEVELOPERS file addition] Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Peter Seiderer [Fri, 8 Dec 2017 21:29:52 +0000 (22:29 +0100)]
gdb: prevent installation of libbfd.so and libopcode.so
The gdb install target installs dynamic versions of libbfd and
libopcode, accidentally overwriting the binutils provided versions
(gdb itself links against the bundled static ones to avoid
version problems, so the dynamic ones are un-needed).
Prevent the installation by using the '--disable-install-libbfd'
configure option.
Signed-off-by: Peter Seiderer <ps.report@gmx.net> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Thomas Petazzoni [Sun, 17 Dec 2017 08:56:04 +0000 (09:56 +0100)]
traceroute: pass INSTALL=$(INSTALL) as install time
As reported by Peter, using cp during the installation isn't correct,
as it follows symbolic links, potentially over-writing the busybox
binary through its traceroute symbolic link. To avoid that, we pass
INSTALL=$(INSTALL) during the installation step.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Sergio Prado [Sat, 16 Dec 2017 13:01:49 +0000 (11:01 -0200)]
traceroute: new package
Tested on Beaglebone Black.
Build-tested with test-pkg.
Signed-off-by: Sergio Prado <sergio.prado@e-labworks.com>
[Thomas:
- remove file removal in install command
- use DESTDIR and prefix instead of just prefix in install command.] Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Add MacchiatoBin board by SolidRun. This board is based on Marvell
Armada 8040 SoC. Board support package includes the following
two options: mainline and vendor BSPs.
Marvell BSP with more hardware support enabled:
- Marvell ATF v1.3-armada-17.10
- Marvell U-Boot based on v2017.03
- Marvell Linux kernel based v4.4.52
More details about this board are available on wiki:
- http://wiki.macchiatobin.net
Signed-off-by: Sergey Matyukevich <geomatsi@gmail.com>
[Thomas: misc tweaks in readme.txt.] Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
CVE-2017-10378 - Vulnerability in the MySQL Server component of Oracle MySQL
(subcomponent: Server: Optimizer). Supported versions that are affected are
5.5.57 and earlier, 5.6.37 and earlier and 5.7.11 and earlier. Easily
exploitable vulnerability allows low privileged attacker with network access
via multiple protocols to compromise MySQL Server. Successful attacks of this
vulnerability can result in unauthorized ability to cause a hang or frequently
repeatable crash (complete DOS) of MySQL Server.
CVE-2017-10268 - Vulnerability in the MySQL Server component of Oracle MySQL
(subcomponent: Server: Replication). Supported versions that are affected are
5.5.57 and earlier, 5.6.37 and earlier and 5.7.19 and earlier. Difficult to
exploit vulnerability allows high privileged attacker with logon to the
infrastructure where MySQL Server executes to compromise MySQL Server.
Successful attacks of this vulnerability can result in unauthorized access to
critical data or complete access to all MySQL Server accessible data.
Signed-off-by: Ryan Coe <bluemrp9@gmail.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Since 0542bb79e8 (uboot: Support multiple environment source files),
missing user-supplied environment source files is no longer detected.
This is because we cat them all, and feed the concatenation to the stdin
of mkenvimage. So, if one source file is missing, the cat exits in error,
but the compound command exits with the exit code of the last command,
which is that of mkenvimage, which happens to be happy with whatever it
is fed on its stdin, even is empty.
We fix that by creating a temporary file, that we even leave afterward
for the user to inspect.
We also move it out of the _CMDS block and into a macro of its own, so
that it is easier to write and maintain.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr> Cc: Cam Hutchison <camh@xdna.net> Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Mario Lang [Tue, 12 Dec 2017 18:41:28 +0000 (19:41 +0100)]
lynx: new package
Signed-off-by: Mario Lang <mlang@blind.guru> Reviewed-by: Adrian Perez de Castro <aperez@igalia.com>
[Thomas: invert ncurses/slang select to avoid a circular dependency,
add BR2_USE_MMU dependency inherited from slang.] Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>