- Mar 08, 2020
-
-
Peter Korsgaard authored
Signed-off-by:Peter Korsgaard <peter@korsgaard.com>
-
Fabrice Fontaine authored
Add an option to enable or disable mod_cap and select libcap accordingly instead of using bundled libcap which raise a build failure with headers < 4.3 due to PR_CAP_AMBIENT and will be removed in version 1.3.7: https://github.com/proftpd/proftpd/commit/8c845703fcf2c7978614784126bd074ffc4477f9 Fixes: - http://autobuild.buildroot.org/results/4d680d8204bdf1f3deec2c3eeb9a2d9e6eabe4d5 Signed-off-by:
Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by:
Thomas Petazzoni <thomas.petazzoni@bootlin.com>
-
Carlos Santos authored
Add a configuration to enable the JavaScript shell (default off). So far only libmozjs is required (by polkit) and the shell takes around 24MiB. Signed-off-by:
Carlos Santos <unixmania@gmail.com> Signed-off-by:
-
Fabrice Fontaine authored
Fixes: - http://autobuild.buildroot.org/results/bcc701055dd5876005fa6f78f38500399394cd75 Signed-off-by:
-
Alexey Lukyanchuk authored
The web-interface files (~1.8MB) are by default installed under /usr/share/doc/cups, which is unfortunate as Buildroot removes usr/share/doc in target-finalize, breaking the webui. As a fix, store the web-interface files under /usr/share/cups/doc-root, similar to how it is done in Debian. Signed-off-by:
Alexey Lukyanchuk <skif@skif-web.ru> [Peter: use --with-docdir, update description] Signed-off-by:
-
Fabrice Fontaine authored
Fixes: - http://autobuild.buildroot.org/results/298fb9c785e137bff432dd304eb56986e54ce3ed Signed-off-by:
-
Fabrice Fontaine authored
Fixes: - http://autobuild.buildroot.org/results/3355e4dc02b07ccfd9fe9b5cafb70c01fc88c158 Add an upstream patch to ensure tests needing GLESv3 are only built when that is available. Signed-off-by:
-
Peter Seiderer authored
Add patch to fix tests/amdpu dependency on atomic_ops. Fixes: http://autobuild.buildroot.net/results/e29dae423f3f80d2c34dde9a125bd216a75ad1c0 FAILED: tests/amdgpu/amdgpu_test .../host/bin/sparc-linux-gcc -o tests/amdgpu/amdgpu_test 'tests/amdgpu/b9f2b1d@@amdgpu_test@exe/amdgpu_test.c.o' 'tests/amdgpu/b9f2b1d@@amdgpu_test@exe/basic_tests.c.o' 'tests/amdgpu/b9f2b1d@@amdgpu_test@exe/bo_tests.c.o' 'tests/amdgpu/b9f2b1d@@amdgpu_test@exe/cs_tests.c.o' 'tests/amdgpu/b9f2b1d@@amdgpu_test@exe/vce_tests.c.o' 'tests/amdgpu/b9f2b1d@@amdgpu_test@exe/uvd_enc_tests.c.o' 'tests/amdgpu/b9f2b1d@@amdgpu_test@exe/vcn_tests.c.o' 'tests/amdgpu/b9f2b1d@@amdgpu_test@exe/deadlock_tests.c.o' 'tests/amdgpu/b9f2b1d@@amdgpu_test@exe/vm_tests.c.o' 'tests/amdgpu/b9f2b1d@@amdgpu_test@exe/ras_tests.c.o' 'tests/amdgpu/b9f2b1d@@amdgpu_test@exe/syncobj_tests.c.o' -Wl,--as-needed -Wl,--no-undefined -Wl,-O1 -Wl,--start-group libdrm.so.2.4.0 amdgpu/libdrm_amdgpu.so.1.0.0 .../host/sparc-buildroot-linux-uclibc/sysroot/usr/lib/libcunit.so -Wl,--end-group -pthread '-Wl,-rpath,$ORIGIN/../..:$ORIGIN/../../amdgpu' -Wl,-rpath-link,.../build/libdrm-2.4.100/build/ -Wl,-rpath-link,.../build/li bdrm-2.4.100/build/amdgpu .../host/opt/ext-toolchain/bin/../lib/gcc/sparc-buildroot-linux-uclibc/8.3.0/../../../../sparc-buildroot-linux-uclibc/bin/ld: tests/amdgpu/b9f2b1d@@amdgpu_test@exe/bo_tests.c.o: undefined reference to symbol 'AO_fetch_compare_and_swap_emulation' .../host/opt/ext-toolchain/bin/../lib/gcc/sparc-buildroot-linux-uclibc/8.3.0/../../../../sparc-buildroot-linux-uclibc/bin/ld: .../host/sparc-buildroot-linux-uclibc/sysroot/usr/lib/libatomic_ops.so.1: error adding symbols: DSO missing from command line Signed-off-by:
Peter Seiderer <ps.report@gmx.net> Signed-off-by:
-
Thomas Petazzoni authored
The SWUPDATE_SET_BUILD_OPTIONS macro sets a number of swupdate configuration options with local build details, especially the cross-compiler path and sysroot path. This means that if one stores an swupdate defconfig file as part of Buildroot, generated with "make swupdate-update-defconfig", it will contain things like: CONFIG_CROSS_COMPILE="/home/thomas/projets/buildroot/output/host/bin/arm-linux-" CONFIG_SYSROOT="/home/thomas/projets/buildroot/output/host/arm-buildroot-linux-uclibcgnueabi/sysroot" which obviously are not good, as they are specific to where the build was done. So instead this commit: - Uses the CROSS_COMPILE environment variable to pass the cross-compiler path. - Drops entirely the use of CONFIG_SYSROOT, since all it does is pass a --sysroot option to the compiler, which is not needed in the context of Buildroot. - Pass EXTRA_CFLAGS/EXTRA_LDFLAGS also through the environment. Thanks to that the swupdate defconfig file no longer contains any local build details, and can be re-used by different users of a given Buildroot configuration. Signed-off-by:
-
- Mar 07, 2020
-
-
Peter Seiderer authored
- disable introspection unconditionally (as already done for all other original gstreamer1 packages) - use '=' instead of '+=' for the first usage of GST1_VALIDATE_CONF_OPTS Fixes: http://autobuild.buildroot.net/results/e6e43fb85c71af9bb599ea8bbe2e805b392cf1ad GEN GstValidate-1.0.gir Couldn't find include 'GstPbutils-1.0.gir' (search path: '['/nvmedata/autobuild/instance-6/output-1/host/bin/../aarch64-buildroot-linux-gnu/sysroot/usr/bin/../share/gir-1.0', '/usr/share/gir-1.0', '/usr/share/gir-1.0', '/usr/share/gir-1.0', '/usr/share/gir-1.0', '/usr/share/gir-1.0', '/nvmedata/autobuild/instance-6/output-1/host/share', 'gir-1.0', '/nvmedata/autobuild/instance-6/output-1/host/share/gir-1.0', '/usr/share/gir-1.0']') make[5]: *** [Makefile:1612: GstValidate-1.0.gir] Error 1 Signed-off-by:
-
Peter Seiderer authored
For details see [1]. [1] https://lists.freedesktop.org/archives/wayland-devel/2020-March/041288.html Signed-off-by:
-
Fabrice Fontaine authored
host-thrift can fail if a broken Qt4 is found on host: CMake Error in lib/cpp/CMakeLists.txt: Imported target "Qt4::QtCore" includes non-existent path "/nvmedata/autobuild/instance-4/output-1/host/usr/mkspecs/default" in its INTERFACE_INCLUDE_DIRECTORIES. Possible reasons include: * The path was deleted, renamed, or moved to another location. * An install or uninstall procedure did not complete successfully. * The installation package was faulty and references files it does not provide. Fixes: - http://autobuild.buildroot.org/results/57cad5313896c868e99b0b9534678f1c83a386f2 Signed-off-by: -
Fabrice Fontaine authored
Fixes: - http://autobuild.buildroot.org/results/d0ab5334f195a400a6d6dd6c49e3c1a2001b2b70 Signed-off-by:
-
Fabrice Fontaine authored
Fixes: - http://autobuild.buildroot.org/results/9605aac6f760bfff190d0ab95fa50f65486ffe90 Signed-off-by:
-
Fabrice Fontaine authored
Fixes: - http://autobuild.buildroot.org/results/79310855f9a2abe569365ffd27e776f1a56dba2e Signed-off-by:
-
- Mar 05, 2020
-
-
Peter Seiderer authored
Changelog (since 1.60): - 1.61 2020-01-11 Fixed errors in the documentation for bcm2835_spi_write. Fixes issue seen on Raspberry Pi 4 boards where 64-bit off_t is used by default via -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64. The offset was being incorrectly converted, this way is clearer and fixes the problem. Contributed by Jonathan Perkin. - 1.62 2020-01-12 Fixed a problem that could cause compile failures with size_t and off_t Signed-off-by: -
Peter Seiderer authored
The tools option installs more than gst-launch and gst-inspect, so simplify its prompt to just "install tools", and update the Config.in help text. While at it, we list them alphabetically. Signed-off-by:
-
Peter Seiderer authored
Fixes: checking for a Python interpreter with version >= 2.6... none configure: error: no suitable Python interpreter found Signed-off-by:
-
Peter Seiderer authored
Activate already existing mesa3d solution for the isinf compile failure for uclibc based toolchains instead of using a custom workaround. - remove 0005-src-gallium-drivers-nouveau-codegen-nv50_ir_ra.cpp-p.patch - add 0004-c99_math-import-isinf-for-uclibc-based-toolchains.patch Fixes: http://autobuild.buildroot.net/results/cbefc5d4a4fefb674e596400fa1d2698cd89c5b3/ http://autobuild.buildroot.net/results/dc974da012f53fa4ed3be616f937b0afae423d66/ ../src/gallium/drivers/nouveau/codegen/nv50_ir_ra.cpp: In member function 'bool nv50_ir::GCRA::simplify()': ../src/gallium/drivers/nouveau/codegen/nv50_ir_ra.cpp:1348:19: error: expected unqualified-id before '(' token if (std::isinf(bestScore)) { ^ Signed-off-by:
Yann E. MORIN <yann.morin.1998@free.fr>
-
Adam Duskett authored
Fixes a number of regressions introduced in v12.16.0: https://github.com/nodejs/node/blob/master/doc/changelogs/CHANGELOG_V12.md#12.16.1 Tested on Debian 9 and Ubuntu 18.04 Signed-off-by:
Adam Duskett <Aduskett@gmail.com> Signed-off-by:
-
Fabrice Fontaine authored
It was discovered the fix for CVE-2018-19758 (libsndfile) was not complete and still allows a read beyond the limits of a buffer in wav_write_header() function in wav.c. A local attacker may use this flaw to make the application crash. Signed-off-by:
-
Fabrice Fontaine authored
There is a heap-based buffer over-read at wav.c in wav_write_header in libsndfile 1.0.28 that will cause a denial of service. Signed-off-by:
-
Yann E. MORIN authored
Several users of rolling-release distributions have been reporting on IRC that Buildroot is broken now that they have switched to the newly released make 4.3. It turns out that the constructs we use to generated and include the internal br2-external related fragments is no longer working with make-4.3. Indeed, an upstream bug report [0] seems to imply that it so far was working by chance. There has been no further feedback, whether this is really considered a fix for a previous ill-defined behaviour, or an actual regression... In the meantime, we add a workaround, suggested in that same bug report, that fixes the issue for make 4.3, and that should not break on older make versions either (verified on all relevant versions: from 3.81, 3.82, 4.0, 4.1, and 4.2). [0] https://savannah.gnu.org/bugs/?57676 Signed-off-by:
Mircea Gliga <mgliga@bitdefender.com> Signed-off-by:
-
Fabrice Fontaine authored
- Fix CVE-2019-1010301: jhead 3.03 is affected by: Buffer Overflow. The impact is: Denial of service. The component is: gpsinfo.c Line 151 ProcessGpsInfo(). The attack vector is: Open a specially crafted JPEG file. - Fix CVE-2019-1010302: jhead 3.03 is affected by: Incorrect Access Control. The impact is: Denial of service. The component is: iptc.c Line 122 show_IPTC(). The attack vector is: the victim must open a specially crafted JPEG file. - Fix CVE-2019-19035: jhead 3.03 is affected by: heap-based buffer over-read. The impact is: Denial of service. The component is: ReadJpegSections and process_SOFn in jpgfile.c. The attack vector is: Open a specially crafted JPEG file. - Update indentation of hash file (two spaces) Signed-off-by:
-
Peter Korsgaard authored
Fixes the following security vulnerabilities: - CVE-2020-9402: Potential SQL injection via tolerance parameter in GIS functions and aggregates on Oracle. GIS functions and aggregates on Oracle were subject to SQL injection, using a suitably crafted tolerance. For more details, see the advisory: https://www.djangoproject.com/weblog/2020/mar/04/security-releases/ Signed-off-by:
-
- Mar 04, 2020
-
-
Peter Seiderer authored
Add upstream patch [1]. Fixes: http://autobuild.buildroot.net/results/df5bcb8e4f6e98c4de347abbbe91e10a98047422 ../src/util/os_file.c:37:24: fatal error: linux/kcmp.h: No such file or directory [1] https://cgit.freedesktop.org/mesa/mesa/commit/?id=f7bfb10c69dfe48a91e35523cb5ee641bdbf6988 Signed-off-by:
Romain Naour <romain.naour@gmail.com> Signed-off-by:
-
Peter Korsgaard authored
Commit 9ea528f8 (package/python-nfc: bump to version 0.13.5) changed the python-nfc package to download from github, so the package no longer needs bzr on the host. Signed-off-by:
-
Peter Seiderer authored
- bump version to 1.3.1 Changelog: * Incorrect alpha value when converting 32-bit framebuffers. * Documentation for github instead of own homepage. - update project URL Fixes bug 12606 ([1]). [1] https://bugs.busybox.net/show_bug.cgi?id=12606 Signed-off-by:
Timo Ketola <timo.ketola@exertus.fi> Acked-by:
-
- Mar 03, 2020
-
-
Peter Seiderer authored
Add patch to fix static linking of tools. Fixes: http://autobuild.buildroot.net/results/b33019b3c9ad856aced34215c69bb292b536e25e .../bin/ld: .../usr/lib/libgstreamer-1.0.a(gstplugin.c.o): in function `gst_plugin_register_func': gstplugin.c:(.text+0x3bc): undefined reference to `g_module_make_resident' .../bin/ld: .../usr/lib/libgstreamer-1.0.a(gstplugin.c.o): in function `_priv_gst_plugin_load_file_for_registry': gstplugin.c:(.text+0x1228): undefined reference to `g_module_supported' .../bin/ld: gstplugin.c:(.text+0x126c): undefined reference to `g_module_open' .../bin/ld: gstplugin.c:(.text+0x1368): undefined reference to `g_module_symbol' .../bin/ld: gstplugin.c:(.text+0x1494): undefined reference to `g_module_supported' .../bin/ld: gstplugin.c:(.text+0x17f4): undefined reference to `g_module_close' .../bin/ld: gstplugin.c:(.text+0x1a2c): undefined reference to `g_module_error' Signed-off-by:
-
Peter Korsgaard authored
With classpath removed, no packages select these symbols any more - So drop them and their corresponding logic in dependencies.sh / genrandconfig. Signed-off-by: -
James Hilliard authored
This package has been abandoned by upstream since 2016 and has not had a release since 2012. In addition the GNU Compiler for Java that classpath was written to be used with has been removed as of GCC 7. It is no longer feasible to support classpath as it requires a java compiler capable of producing java 1.5 compatible bytecode which is not possible on hosts with a recent java compiler. Signed-off-by:
James Hilliard <james.hilliard1@gmail.com> Signed-off-by:
-
James Hilliard authored
JamVM has not had a release since 2014 and is unmaintained. Signed-off-by:
-
Fabrice Fontaine authored
Directory traversal vulnerability in ZZIPlib 0.13.69 allows attackers to overwrite arbitrary files via a .. (dot dot) in a zip file, because of the function unzzip_cat in the bins/unzzipcat-mem.c file. Signed-off-by:
-
Fabrice Fontaine authored
An issue was discovered in ZZIPlib through 0.13.69. There is a memory leak triggered in the function __zzip_parse_root_directory in zip.c, which will lead to a denial of service attack. Signed-off-by:
-
Fabrice Fontaine authored
GNU patch through 2.7.6 is vulnerable to OS shell command injection that can be exploited by opening a crafted patch file that contains an ed style diff payload with shell metacharacters. The ed editor does not need to be present on the vulnerable system. This is different from CVE-2018-1000156. Signed-off-by:
-
Fabrice Fontaine authored
In GNU patch through 2.7.6, the following of symlinks is mishandled in certain cases other than input files. This affects inp.c and util.c. Signed-off-by:
-
Fabrice Fontaine authored
do_ed_script in pch.c in GNU patch through 2.7.6 does not block strings beginning with a ! character. NOTE: this is the same commit as for CVE-2019-13638, but the ! syntax is specific to ed, and is unrelated to a shell metacharacter. Signed-off-by:
-
Fabrice Fontaine authored
Signed-off-by:
-
Fabrice Fontaine authored
Signed-off-by:
-
Thomas Petazzoni authored
The comment "Check files that are touched by more than one package" was previously located right before the calls to the check-uniq-files script. However, this script and the logic calling it have been removed in commit 2496189a ("core: drop check-uniq-files"), so the comment no longer makes any sense: let's drop it. Signed-off-by:
-
