Peter Seiderer [Fri, 8 Dec 2017 21:29:52 +0000 (22:29 +0100)]
gdb: prevent installation of libbfd.so and libopcode.so
The gdb install target installs dynamic versions of libbfd and
libopcode, accidentally overwriting the binutils provided versions
(gdb itself links against the bundled static ones to avoid
version problems, so the dynamic ones are un-needed).
Prevent the installation by using the '--disable-install-libbfd'
configure option.
Signed-off-by: Peter Seiderer <ps.report@gmx.net> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
(cherry picked from commit b54c7931952874a814e48df75093e13ad955604f) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
CVE-2017-10378 - Vulnerability in the MySQL Server component of Oracle MySQL
(subcomponent: Server: Optimizer). Supported versions that are affected are
5.5.57 and earlier, 5.6.37 and earlier and 5.7.11 and earlier. Easily
exploitable vulnerability allows low privileged attacker with network access
via multiple protocols to compromise MySQL Server. Successful attacks of this
vulnerability can result in unauthorized ability to cause a hang or frequently
repeatable crash (complete DOS) of MySQL Server.
CVE-2017-10268 - Vulnerability in the MySQL Server component of Oracle MySQL
(subcomponent: Server: Replication). Supported versions that are affected are
5.5.57 and earlier, 5.6.37 and earlier and 5.7.19 and earlier. Difficult to
exploit vulnerability allows high privileged attacker with logon to the
infrastructure where MySQL Server executes to compromise MySQL Server.
Successful attacks of this vulnerability can result in unauthorized access to
critical data or complete access to all MySQL Server accessible data.
Signed-off-by: Ryan Coe <bluemrp9@gmail.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit e299197a2c2a267d05e5ae7cb7298bce0faceb51) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Since 0542bb79e8 (uboot: Support multiple environment source files),
missing user-supplied environment source files is no longer detected.
This is because we cat them all, and feed the concatenation to the stdin
of mkenvimage. So, if one source file is missing, the cat exits in error,
but the compound command exits with the exit code of the last command,
which is that of mkenvimage, which happens to be happy with whatever it
is fed on its stdin, even is empty.
We fix that by creating a temporary file, that we even leave afterward
for the user to inspect.
We also move it out of the _CMDS block and into a macro of its own, so
that it is easier to write and maintain.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr> Cc: Cam Hutchison <camh@xdna.net> Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
(cherry picked from commit c9b6604fa7871087120cd8a469452807d14a4c1c) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
package/linux-tools: fixes build of iio with 4.14+ kernels
Since Linux kernel commit [1], the build of the iio tool has been
changed to use the common Linux tools build system. The installation
directory is now given by DESTDIR, like for all other Linux tools.
We keep the INSTALL_DIR environment in the 'install' target to be
compatible with kernels older than 4.14.
Peter Korsgaard [Mon, 11 Dec 2017 11:20:14 +0000 (12:20 +0100)]
wireguard: bump version
Various bugfixes, including a compat fix for <= 3.10.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 6bfa6b2a046775abe90506930fd1a6aa13d02531) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
For more information, see the release notes:
https://www.wireshark.org/docs/relnotes/wireshark-2.2.11.html
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit d2bc1e2bbbabc70f2e9436387b8a40ff96216372) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Baruch Siach [Fri, 8 Dec 2017 07:12:56 +0000 (09:12 +0200)]
glibc: security bump to the latest 2.26 branch
List of fixes from the 2.26 branch NEWS files:
CVE-2017-15670: The glob function, when invoked with GLOB_TILDE,
suffered from a one-byte overflow during ~ operator processing (either
on the stack or the heap, depending on the length of the user name).
Reported by Tim Rühsen.
CVE-2017-15671: The glob function, when invoked with GLOB_TILDE,
would sometimes fail to free memory allocated during ~ operator
processing, leading to a memory leak and, potentially, to a denial
of service.
CVE-2017-15804: The glob function, when invoked with GLOB_TILDE and
without GLOB_NOESCAPE, could write past the end of a buffer while
unescaping user names. Reported by Tim Rühsen.
CVE-2017-17426: The malloc function, when called with an object size near
the value SIZE_MAX, would return a pointer to a buffer which is too small,
instead of NULL. This was a regression introduced with the new malloc
thread cache in glibc 2.26. Reported by Iain Buclaw.
Cc: Waldemar Brodkorb <wbx@openadk.org> Signed-off-by: Baruch Siach <baruch@tkos.co.il> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 971ed9653e7434d5c02488405d6572483ee201e0) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Petr Vorel <petr.vorel@gmail.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 9e46f59482282364fdcc816cd5961ccb42b3cdb3) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Johan Oudinet [Wed, 6 Dec 2017 14:47:53 +0000 (15:47 +0100)]
flann: Disable find package for HDF5
The HDF5 package is used by flann for testing purpose only and is
not part of buildroot packages. However, if present in the host, it will
be used and trigger the unsafe header/library path used in
cross-compilation error.
Signed-off-by: Johan Oudinet <johan.oudinet@gmail.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
(cherry picked from commit f6ee339e92360fc43ebe17928656c06634b09c97) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
[Peter: drop 4.14.x bump] Signed-off-by: Fabio Estevam <festevam@gmail.com>
[Thomas: adjust commit description to mention the CVE being fixed.] Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
(cherry picked from commit 9f5178fa3495b5b59c4d86c2d1a6fca23bf4e6f3) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Bernd Kuhls [Sun, 3 Dec 2017 18:23:10 +0000 (19:23 +0100)]
package/kodi-pvr-stalker: needs libxml2
Since
https://git.buildroot.net/buildroot/commit/package/kodi?id=bf9bfd065ba3fab328fd041ca040f2bf134fecf2
kodi itself does not depend on libxml2 anymore which previously
provided libxml2 still needed by kodi-pvr-stalker:
https://github.com/kodi-pvr/pvr.stalker/blob/Krypton/CMakeLists.txt#L12
Fixes a build error not caught by autobuilders because they do not have
host jdk installed:
CMake Error at /usr/share/cmake-3.7/Modules/FindPackageHandleStandardArgs.cmake:138 (message):
Could NOT find LibXml2 (missing: LIBXML2_LIBRARIES LIBXML2_INCLUDE_DIR)
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
(cherry picked from commit 7be5653b865938af3fdbcbd1553145a8e90426a1) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
CC clients/weston_simple_dmabuf_drm-simple-dmabuf-drm.o
clients/simple-dmabuf-drm.c: In function 'create_display':
clients/simple-dmabuf-drm.c:758:15: warning: implicit declaration of function 'eglQueryString' [-Wimplicit-function-declaration]
extensions = eglQueryString(EGL_NO_DISPLAY, EGL_EXTENSIONS);
^~~~~~~~~~~~~~
clients/simple-dmabuf-drm.c:758:30: error: 'EGL_NO_DISPLAY' undeclared (first use in this function)
extensions = eglQueryString(EGL_NO_DISPLAY, EGL_EXTENSIONS);
^~~~~~~~~~~~~~
clients/simple-dmabuf-drm.c:758:30: note: each undeclared identifier is reported only once for each function it appears in
clients/simple-dmabuf-drm.c:758:46: error: 'EGL_EXTENSIONS' undeclared (first use in this function)
extensions = eglQueryString(EGL_NO_DISPLAY, EGL_EXTENSIONS);
^~~~~~~~~~~~~~
clients/simple-dmabuf-drm.c:759:21: warning: implicit declaration of function 'weston_check_egl_extension' [-Wimplicit-function-declaration]
if (extensions && !weston_check_egl_extension(extensions,
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
(cherry picked from commit be420d12f10d5b2c9c5d3675c73b2dffc3a66e3c) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Yann E. MORIN [Wed, 29 Nov 2017 23:08:39 +0000 (00:08 +0100)]
package/checkpolicy: rename variable
We use package names as poor-man's namespace, so fix that.
Reported by utils/check-package.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr> Cc: Adam Duskett <aduskett@gmail.com> Cc: Clayton Shotwell <clayton.shotwell@rockwellcollins.com> Cc: Matt Weber <matthew.weber@rockwellcollins.com>
[Thomas: use CHECKPOLICY_MAKE_OPTS instead of
CHECKPOLICY_TARGET_MAKE_OPTS, as it is more consistent with
HOST_CHECKPOLICY_MAKE_OPTS being used for the host variant.] Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
(cherry picked from commit d9f771b9020bda091804fdc3ff75a2d5b18a0e6c) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Yegor Yefremov [Fri, 1 Dec 2017 12:40:20 +0000 (13:40 +0100)]
uboot-tools: fix dtc invocation
Since uboot 2017.09 path to dtc will be configured via Kconfig. As BR
skips this step for uboot-tools building one has to provide
CONFIG_MKIMAGE_DTC_PATH=dtc on the build command line. Otherwise
mkimage will not be able to create FIT images, i.e.:
mkimage -f kernel-fit.its kernel-fit.itb
will fail with very weird errors.
Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
(cherry picked from commit 21ab88c4171ff9efa8a364bd8015c7d46628f9ec) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
https://git.buildroot.net/buildroot/commit/package/linknx?id=b56083099f113817edc6811e2cdd820df1c80450
removed autoreconf but did not re-add libcurl as optional dependency by
mistakenly assuming that libcurl is needed only for autoreconf.
checking for curl-config... /usr/bin/curl-config
checking for the version of libcurl... 7.52.1
checking for libcurl >= version 7.14.0... yes
checking whether libcurl is usable... no
and with this patch
checking for curl-config... /home/buildroot/br4/output/host/i586-buildroot-linux-uclibc/sysroot/usr/bin/curl-config
checking for the version of libcurl... 7.57.0
checking for libcurl >= version 7.14.0... yes
checking whether libcurl is usable... yes
checking for curl_free... yes
Inspired by the fli4l project
https://web.nettworks.org/repo/changelog/fli4l?cs=49347
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
(cherry picked from commit 22c8b9fce95740c2d34d533110f6c2c6cfd77203) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
(cherry picked from commit 42dfbdfe51a62d6c2c007c3c47ec64647179f306) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr> Cc: Philippe Proulx <eeppeliteloop@gmail.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Andrey Yurovsky [Tue, 28 Nov 2017 03:37:07 +0000 (19:37 -0800)]
support/scripts/size-stats: avoid divide-by-zero
Some packages (ex: skeleton-init-systemd) have a zero size so we cannot
divide by the package size. In that case make their percent zero
explicitly and avoid a ZeroDivisionError exception.
Signed-off-by: Andrey Yurovsky <yurovsky@gmail.com> Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Danomi Manchego [Wed, 29 Nov 2017 02:55:24 +0000 (21:55 -0500)]
samba4: ensure that copied cache.txt is writable
If the Buildroot tree is read-only, then cache.txt is copied read-only into
the build directory, and the configuration step fails. Fix this in the
same way we do in other places, by opening permissions as we copy the file
using $(INSTALL).
Signed-off-by: Danomi Manchego <danomimanchego123@gmail.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
webkitgtk: Add upstream patch to ensure CMAKE_BUILD_TYPE is honored
Make WebKitGTK+ honor the value of CMAKE_BUILD_TYPE defined in the CMake
toolchain file by backporting the following upstream WebKit patch:
https://trac.webkit.org/changeset/225168
This reduces the generated binary sizes when building in "Release" mode
(BR2_ENABLE_DEBUG=n), for example when targeting ARMv8 the size reduction
is ~17 MiB.
Signed-off-by: Adrian Perez de Castro <aperez@igalia.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Carlos Santos [Tue, 28 Nov 2017 16:06:51 +0000 (14:06 -0200)]
mtools: do not link to libbsd
If libbsd is found by the configuration process, mtools unnecessarily
adds a NEEDED field with libbsd to its dynamic section, but it does not
actually use anything from libbsd under Linux. The same may happen to
host-mtools if some libbsd package is installed on the host machine.
Prevent this by forcing configure to bypass the checking for the
existence of a gethostbyname function in libbsd.
I stumbled on this problem when I built host-mtools and later removed
libbsd to upgrade to Fedora 27, due to Bug 1504831[1]. The previously
built host/bin/mtools started to fail due to the missing libbsd.so.0.
Baruch Siach [Tue, 28 Nov 2017 15:23:21 +0000 (17:23 +0200)]
libevent: disable openssl for host
As host-libevent does not depend on host-openssl, it might attempt to
build against the host installed openssl. This does not work very well
on various hosts. Since we don't really need encryption support in
host-libevent just disable openssl support.
Disable build of example code as we already do for the target libevent.
Peter Korsgaard [Wed, 29 Nov 2017 07:37:49 +0000 (08:37 +0100)]
Update for 2017.08.2
[Peter: drop Makefile changes] Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 1d02d0be586bfdaff926a7c6c8930d186cdd92b2) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Peter Korsgaard [Mon, 27 Nov 2017 21:56:06 +0000 (22:56 +0100)]
Update for 2017.02.8
[Peter: drop Makefile changes] Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit d745e94683d70d12a10a413a58e833df60042c50) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Thomas Petazzoni [Tue, 21 Nov 2017 08:08:15 +0000 (09:08 +0100)]
board/qemu/x86*: use quotes around -append Qemu option value
This helps the toolchains.free-electrons.com build logic re-use
directly the Qemu command lines from this readme.txt file, by having a
-append option similar to the ones used in other readme.txt files.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Thomas Petazzoni [Tue, 21 Nov 2017 08:08:14 +0000 (09:08 +0100)]
board/qemu/ppc64-pseries: adjust Qemu command line
This helps the toolchains.free-electrons.com build logic re-use
directly the Qemu command lines from this readme.txt file, by having a
-append option similar to the ones used in other readme.txt files.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Thomas Petazzoni [Sun, 26 Nov 2017 14:40:19 +0000 (15:40 +0100)]
google-breakpad: take into account host architecture dependencies
Building the target google-breakpad requires building the host variant
of google-breakpad. Just like the target google-breakpad only supports
a limited number of architectures, it is the same for the host
google-breakpad.
We therefore introduce a
BR2_PACKAGE_HOST_GOOGLE_BREAKPAD_ARCH_SUPPORTS option that is used
where necessary to prevent the user from choosing Google Breakpad when
building on unsupported host platforms.
and the perl script section_generate.pl will create both the .c and .h
files in one go, but given the construct above, there can be two such
script that run in parallel, which can clobber the generated .c and/or
.h files.
So, make dvb-apps a MAKE1 package.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Fabrice Fontaine [Sun, 26 Nov 2017 21:26:40 +0000 (22:26 +0100)]
linphone: add optional dependency on libupnp
linphone can optionally use libupnp, so this dependency should be
accounted for in linphone.mk. In addition, linphone is not compatible
with libupnp18, but misdetects it as a a proper libupnp, causing a
build failure.
The build failure with libupnp18 currently only happens on the next
branch (because libupnp18 has only been added there), but adding the
optional dependency on libupnp makes sense for the master branch
anyway.
Thomas Petazzoni [Sun, 26 Nov 2017 15:25:09 +0000 (16:25 +0100)]
pdbg: add patch fixing the build on Blackfin
This commit adds a patch to pdbg that fixes the build on the Blackfin
architecture. The build failure was due to the recently introduced
assembly code to embed the DTB into an object file. This code was not
taking into account the fact that Blackfin has a non-empty
__USER_LABEL_PREFIX__.
Sam Voss [Fri, 17 Nov 2017 18:50:34 +0000 (12:50 -0600)]
support/download: svn non-interactive in BR2_SVN
Instead of overriding the _svn command and injecting --non-interactive,
change the default value of BR2_SVN to include this flag so the end user
can choose not to use the flag.
This change helps users behind corporate system rules which may not
allow them to locally cache credentials and require interactive mode.
Signed-off-by: Sam Voss <sam.voss@rockwellcollins.com>
[Originally implemented by] CC: "Yann E. MORIN" <yann.morin.1998@free.fr> Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Adam Duskett [Sat, 25 Nov 2017 19:33:05 +0000 (14:33 -0500)]
package/freerdp: fix dependency on walyand
Currently, wayland support is enabled when the wayland package is
enabled, not when the FreeRDP wayland client is enabled.
But the dependency on libxkbcomon is only enforced from Config.in
when the FreeRDP wayland client is enabled., but is added to build
dependencies when the wayland package is enabled.
As such, we can end up in a situation where the FreeRDP wayland
client is disabled, the wayland package is enabled, and the
libxkbcommon package is also disabled, which casues the build to
fail with:
Makefile:539: *** libxkbcommon is in the dependency chain of
freerdp that has added it to its _DEPENDENCIES variable without
selecting it or depending on it from Config.in. Stop.
Change the build dependency to actually be on the FreeRDP client
being enabled.
Signed-off-by: Adam Duskett <Adamduskett@outlook.com> Tested-by: "Yann E. MORIN" <yann.morin.1998@free.fr> Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Peter Seiderer [Tue, 21 Nov 2017 19:13:30 +0000 (20:13 +0100)]
Fix makefile include order by using sort/wildcard.
The 'include' directive in GNU make supports wildcards, but their
expansion has no defined sort order (GLOB_NOSORT is passed to glob()).
Usually this doesn't matter. However, there is at least one case where
it does make a difference: toolchain/*/*.mk includes both the
definitions of the external toolchain packages and
pkg-toolchain-external.mk, but pkg-toolchain-external.mk must be
included first.
For predictability, use ordered 'include $(sort $(wildcard ...))'
instead of unordered direct 'include */*.mk' everywhere.
Fixes [1] reported by Petr Vorel:
make: *** No rule to make target 'toolchain-external-custom', needed by '.../build/toolchain-external/.stamp_configured'. Stop.
Signed-off-by: Peter Seiderer <ps.report@gmx.net> Tested-by: Petr Vorel <petr.vorel@gmail.com>
[Arnout: also sort the one remaining include, of the external docs] Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Romain Naour [Wed, 22 Nov 2017 21:08:28 +0000 (22:08 +0100)]
package/google-breakpad: replace references to 'struct ucontext' with 'ucontext_t'
In glibc, since
https://sourceware.org/git/?p=glibc.git;h=251287734e89a52da3db682a8241eb6bccc050c9
the 'struct ucontext' tag has been replaced with 'struct ucontext_t'.
The tag itself is anyway not POSIX - only the 'ucontext_t' typedef is
specified. And that type has existed since at least 1997 in glibc.
Therefore, replace references to 'struct ucontext' with 'ucontext_t',
which works in all versions of glibc, uClibc and musl.
parted uses libiconv but doesn't link with it. Add a patch to add it
to LIBADD of the library that uses it. iconv was already checked in
configure.ac, but only if i18n is enabled, so the iconv check is also
added unconditionally in configure.ac.
Also add an optional dependency on libiconv, so it is reproducible.
This was not detected in the autobuilders, since it only occurs when
libiconv exists (otherwise uClibc stubs will be used). libiconv
depends on !BR2_ENABLE_LOCALE and parted depends on BR2_USE_WCHAR. We
don't have such a configuration in the autobuilders.
Upstream status: sent to mailing list
http://lists.alioth.debian.org/pipermail/parted-devel/2017-November/005131.html
Jörg Krause [Thu, 23 Nov 2017 19:36:41 +0000 (20:36 +0100)]
shairport-sync: security bump to version 3.1.4
The bundled tinysvcmdns library is affected by CVE-2017-12087 [1]:
> An exploitable heap overflow vulnerability exists in the tinysvcmdns library
> version 2016-07-18. A specially crafted packet can make the library overwrite
> an arbitrary amount of data on the heap with attacker controlled values. An
> attacker needs send a dns packet to trigger this vulnerability.
shairport-sync has incorparated upstreams fixes in [2].
Philippe Proulx [Wed, 22 Nov 2017 22:56:36 +0000 (17:56 -0500)]
lttng-tools: fix build errors and warnings for musl/uClibc-ng
Add 0001-Fix-detect-dlmopen-and-disable-corresponding-tests-i.patch to
detect if dlmopen() exists and disable parts of the build accordingly if
not. This fixes a bug when building with musl or uClibc-ng.
Add 0002-Fix-src-common-pipe.h-include-sys-types.h-for-ssize_.patch to
fix an #include bug when building with musl.
Add 0003-Fix-warning-src-bin-lttng-utils.c-cast-incompatible-.patch to
remove compilation warnings.
All three new patches are in upstream's master branch as of this date
and will be part of an eventual release.
Thomas Petazzoni [Wed, 22 Nov 2017 22:25:40 +0000 (23:25 +0100)]
boost: do not allow selecting fiber module on mips32/mips64
The fiber module uses the cpu_relax() macro, for which the MIPS
implementation uses the "pause" instruction, only available since
mips32r2 and mips64r2. In order to avoid build failures on
mips32/mips64, we disallow the selection of the fiber module for such
architecture variants.
This solution was suggested by Arnout Vandecappelle.
As reported on IRC, runc v1.0.0-rc4 is not compatible with the docker-engine
version we are using, so lets revert for 2017.11:
20:27 < eschu> It looks like 25 days ago buildroot had runc updated to
1.0.0-rc4, which breaks compatibility with the docker-engine
version 17.05. Is there somewhere issues like this are
reported? Or is it just expected on non-release versions of
buildroot?
20:47 < Jacmet> eschu: ahh, so the new runc doesn't work with the old
docker-engine? what kind of errors do you get exactly?
20:49 < eschu> Jacmet: yes, runc made a change from -console to
--console-socket, which results in "Incorrect Usage" error
"flag provided but not defined: -console"
20:51 < eschu> Jacmet: basically docker-engine 17.05 uses -console, but
support for that was cut off in runc around the first 1.0.0
versions. I'll check the patches out, or might just
downgrade to buildroot 2017.08 release
20:51 < agb> Jacmet: unfortunately this issue has hit a number of distributions
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877146
20:53 < Jacmet> agb: thanks. I'll send a revert for 2017.11 and hopefully
we can make progress on the other docker packages for
2018.02
Cc: Christian Stewart <christian@paral.in> Signed-off-by: Peter Korsgaard <peter@korsgaard.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
[Thomas: move patch to 5.9.2 subfolder, since it only applies to 5.9.] Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Peter Seiderer [Mon, 20 Nov 2017 18:36:58 +0000 (19:36 +0100)]
localedef: fix xlocale.h related compile failure
Add upstream patch 'Don't include <xlocale.h>'.
Fixes Bug-10501 ([1]):
In file included from ./include/locale.h:1:0,
from /usr/include/libintl.h:103,
from ./include/libintl.h:2,
from glibc/locale/programs/charmap.c:25:
glibc/locale/locale.h:146:11: fatal error: xlocale.h: No such file or directory
# include <xlocale.h>
Peter Korsgaard [Tue, 21 Nov 2017 22:43:13 +0000 (23:43 +0100)]
samba4: security bump to version 4.6.11
Fixes the following security issues:
- CVE-2017-14746:
All versions of Samba from 4.0.0 onwards are vulnerable to a use after
free vulnerability, where a malicious SMB1 request can be used to
control the contents of heap memory via a deallocated heap pointer. It
is possible this may be used to compromise the SMB server.
- CVE-2017-15275:
All versions of Samba from 3.6.0 onwards are vulnerable to a heap
memory information leak, where server allocated heap memory may be
returned to the client without being cleared.
There is no known vulnerability associated with this error, but
uncleared heap memory may contain previously used data that may help
an attacker compromise the server via other methods. Uncleared heap
memory may potentially contain password hashes or other high-value
data.
For more details, see the release notes:
https://www.samba.org/samba/history/samba-4.6.11.html
Signed-off-by: Peter Korsgaard <peter@korsgaard.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Cyril Bur [Mon, 20 Nov 2017 05:48:40 +0000 (16:48 +1100)]
kvm-unit-tests: bump version to fix build issue
Since binutils commit 1a9ccd70f9a7 ("Fix the linker so that it will not
silently generate ELF binaries with invalid program headers. Fix readelf
to report such invalid binaries.") the behaviour has changed and
binutils tries to create a program header segment for which there is no
space. Thanks to Nicholas Piggin and his patch to Linux:
https://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux.git/commit/?h=next&id=ff45000fcb56b5b0f
Cedric fixed this in kvm-unit-tests commit 95062c20790d ("powerpc: add
-n to LDFLAGS") so bump to that version.
Since the patch 0001-remove-werror.patch needs to be adjusted, we take
this opportunity to reformat is as a Git patch.
Signed-off-by: Cyril Bur <cyrilbur@gmail.com>
[Thomas: add necessary hash change, refresh patch that was not
applying anymore.] Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Thomas Petazzoni [Fri, 17 Nov 2017 23:02:25 +0000 (00:02 +0100)]
qt: add patch to fix build on non-x86 platforms
This commit adds a patch to Qt that adjusts its build system to
properly support building on non-x86 platforms. The problem was due to
the PLATFORM and XPLATFORM variables having the same value when
building on a ppc64le system targetting an uncommon architecture
(Xtensa or ARC for example). We fix this problem by making sure
PLATFORM and XPLATFORM will always be different.
Fixes the following build failures occuring on gcc112 (a ppc64le
autobuilder machine):
Thomas Petazzoni [Fri, 17 Nov 2017 15:14:16 +0000 (16:14 +0100)]
libfastjson: indicate explicitly which gcc -std option to use
This commit fixes the following build issue of libfastjson with old
enough compilers (4.8) and wchar disabled:
json_object.c: In function 'fjson_object_object_delete':
json_object.c:385:3: error: 'for' loop initial declarations are only allowed in C99 mode
for (int i = 0 ; i < FJSON_OBJECT_CHLD_PG_SIZE ; ++i) {
^
The code of libfastjson requires C99. If your compiler is recent
enough (gcc 5.x), then no problem, it is C99 by default, no additional
flags are needed.
If your compiler is older (for example gcc 4.8), then -std=c99 or
-std=gnu99 is explicitly needed to tell the compiler to accept C99
constructs. Testing the compiler for the availability of such flags is
done by libfastjson configure script. However, the test program used
by the configure script uses some wchar_t types, and therefore the
test checking for C99 availability fails on toolchains with wchar
disabled. From config.log:
configure:3928: checking for /home/test/buildroot/output/host/usr/bin/i586-buildroot-linux-uclibc-gcc option to accept ISO C99
[...]
configure:4077: /home/test/buildroot/output/host/usr/bin/i586-buildroot-linux-uclibc-gcc -std=gnu99 -c -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -Os -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 conftest.c >&5
conftest.c:54:3: error: unknown type name 'wchar_t'
const wchar_t *name;
^
So, just like we did in libv4l in commit f01396a158f14c53b781c35f7ff29da0bea8c8d6 ("libv4l: fix uclibc-ng
configure/compile"), let's hint directly the configure script that it
should use -std=gnu99. This fixes the build of libfastjson with old
compilers and wchar disabled.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This is needed to get the autobuilders to use a toolchain that
includes the fix merged in 9d544feb8a277a43abec889450f917017d666e49
("fwup: fix for ARC toolchain").
In addition, this new toolchain version also fixes for real the RPATH
issue that should have been fixed by f90f28a6dfe85439d11e5fd83f2462ff29502e11, but wasn't done properly.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>