- Jul 27, 2017
-
-
Peter Korsgaard authored
[Peter: drop Makefile changes] Signed-off-by:
Peter Korsgaard <peter@korsgaard.com> (cherry picked from commit 84eee43369a1afae6905f4a8f2c2b0afc23098f0) Signed-off-by:
-
Peter Korsgaard authored
Signed-off-by: -
Peter Korsgaard authored
[Peter: drop Makefile changes] Signed-off-by:
-
Peter Korsgaard authored
Signed-off-by:
-
- Jul 26, 2017
-
-
Thomas De Schampheleire authored
Fixes CVE-2017-11108/Fix bounds checking for STP Changelog: http://www.tcpdump.org/tcpdump-changes.txt [Peter: add signature link as suggested by Baruch] Signed-off-by:
Thomas De Schampheleire <thomas.de_schampheleire@nokia.com> Signed-off-by:
-
Peter Korsgaard authored
Fixes the following security issues: CVE-2017-7018 - An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. CVE-2017-7030 - An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. CVE-2017-7034 - An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. CVE-2017-7037 - An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. CVE-2017-7039 - An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. CVE-2017-7046 - An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. CVE-2017-7048 - An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. CVE-2017-7055 - An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. CVE-2017-7056 - An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. CVE-2017-7061 - An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. CVE-2017-7064 - An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. The issue involves the "WebKit" component. It allows attackers to bypass intended memory-read restrictions via a crafted app. For more details, see the announcement: https://webkitgtk.org/2017/07/24/webkitgtk2.16.6-released.html Signed-off-by:
"Adrian Perez de Castro" <aperez@igalia.com> Signed-off-by:
-
- Jul 25, 2017
-
-
Yann E. MORIN authored
We've had this mkdir, in various forms, for aeons. It dates back to the inception of Buildroot, at the dawn of ages, when the toolchain support was still nascent. Evolution had it morph from /include, to a tuple-prefixed directory and a symlink there-to, then back to the /include directory, to the final /usr/include directory we've had for the last 9 years. Anything that wants to install headers is supposed to be creating that directory beforehand; we don't need this legacy mkdir now. Signed-off-by:
"Yann E. MORIN" <yann.morin.1998@free.fr> Signed-off-by:
Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
-
Yann E. MORIN authored
Since we now request that the user sets the exact size of the ext2/3/4 filesystem, we've had quite a few users wondering what was going on when they enable too much and the default 60M are no longer enough. When mkfs.ext2 fails, print a hint that the user should check the size setting. Signed-off-by:
-
Thomas Petazzoni authored
When the ICU package is enabled (BR2_PACKAGE_ICU=y) but ICU support in cppcms is disabled (BR2_PACKAGE_CPPCMS_ICU is disabled), cppcms still detects ICU, but it fails to build since we don't get the proper ICU CXXFLAGS. In addition, this is not the intended behavior: when BR2_PACKAGE_CPPCMS_ICU is disabled, we expect cppcms to be built without ICU support. To achieve this, we pass -DDISABLE_ICU_LOCALE=ON when BR2_PACKAGE_CPPCMS_ICU is disabled (yes DISABLE_ICU_LOCALE means the logic is inverted). While at it, we pass DISABLE_ICU_LOCALE=OFF when ICU support is enabled, and not DISABLE_ICONV=ON. The latter has been passed in this condition since the cppcms package was introduced in Buildroot, but it doesn't seem to make sense. Fixes: http://autobuild.buildroot.net/results/b6a8c7000c5742efc9d8e13507dab86e36b62840/ Signed-off-by:
Thomas Petazzoni <thomas.petazzoni@free-electrons.com> Signed-off-by:
-
Thomas Petazzoni authored
Since we introduced the support for building Busybox as individual binaries, Busybox started failing to build on SPARC/SPARC64 with this feature enabled: appletlib.c:(.text.find_applet_by_name+0x14): relocation truncated to fit: R_SPARC_GOT13 against symbol `applet_nameofs' defined in .rodata.applet_nameofs section in libbb/lib.a(appletlib.o) appletlib.c:(.text.find_applet_by_name+0x18): relocation truncated to fit: R_SPARC_GOT13 against symbol `applet_names' defined in .rodata.applet_names section in libbb/lib.a(appletlib.o) [...] This commit adds two patches to Busybox to fix this issue, by adding -fPIC to CFLAGS when building on SPARC/SPARC64. The patches have been submitted upstream. Fixes: http://autobuild.buildroot.net/results/90144369ccea8c41ec7643a79a7ebfaa9b7db95c/ Signed-off-by:
-
Arnout Vandecappelle authored
It is supposedly more robust than just concatenating. Signed-off-by:
-
Arnout Vandecappelle authored
It is used by Kconfig's merge_config.sh. No alldefpackageconfig is added, since it's rather pointless: it would only enable busybox. Signed-off-by:
-
Arnout Vandecappelle authored
The rules for the *config targets are all very similar, so factor them together using $@. Signed-off-by:
-
Arnout Vandecappelle authored
This column is not used by either genrandconfig or test-pkg, so remove it. Signed-off-by:
-
Arnout Vandecappelle authored
Now we have the toolchain config fragments in the buildroot directory itself, it is no longer necessary to fetch it from the toolchain URL. The --toolchains-url option is renamed to --toolchains-csv. The paths in the toolchains_csv file should be either absolute, or relative to buildrootdir. After this change, the script should be called from autobuild-run as: subprocess.call([os.path.join(srcdir, "utils/genrandconfig"), "-o", outputdir, "-b", srcdir, "--toolchains-csv", kwargs['toolchains_csv']], stdout=devnull, stderr=log) Signed-off-by: -
Arnout Vandecappelle authored
Now we have the toolchain config fragments in the buildroot directory itself, it is no longer necessary to fetch it from the toolchain URL. Signed-off-by:
-
Arnout Vandecappelle authored
We currently have a list of toolchain configurations that are used by the autobuilders at [1]. However, this makes it a little more difficult for people to use these configurations, and also to have a different list of configurations for different branches. For example if a new architecture is introduced, the 2017.02.x branch doesn't have support for this architecture yet so it shouldn't try to run those configs. Therefore, include the autobuild config fragments directly in Buildroot, so they can be branched together with the rest. We create a new directory under support/ to store them. Generated with wget -nd --no-parent --recursive http://autobuild.buildroot.net/toolchains/configs/ The index.html file is removed. The toolchain-configs.csv file is adapted so the URLs become relative paths pointing to the config fragments. [1] http://autobuild.buildroot.net/toolchains/configs/toolchain-configs.csv Signed-off-by:
-
Arnout Vandecappelle authored
This has a number of side-effects which must be handled. The lines in minimal.config may be overridden by the random lines added by amending the configuration, so is_toolchain_usable() shouldn't take those into account, or indeed the random lines added. Therefore, make a copy of the config before appending minimal.config and the random lines. While we're at it, rename the variable to the more appropriate toolchainconfig. minimal.config sets BR2_INIT_NONE=y, but we really also want to test with BR2_INIT_BUSYBOX=y. Therefore, add a random line to use the busybox init system. We set its probability rather high. The probabilities of systemd and eudev are increased since they're now in the else branch of BR2_INIT_BUSYBOX, which halves the probability that we even get there. We now also generate configurations without busybox. Previously, busybox was almost always selected due to BR2_INIT_BUSYBOX=y. Only if systemd is selected there was a chance to build without busybox. We now set BR2_SYSTEM_BIN_SH_NONE=y, the other /bin/sh options are never tested. However, this is not really something that is relevant to test in the autobuilders. Signed-off-by:
-
Arnout Vandecappelle authored
When outputdir is 'output' (the default), genrandconfig didn't work correctly because it expects the configfile in outputdir, while Buildroot puts it in the buildroot directory. Fix this by explicitly checking if outputdir == buildrootdir/output. Because abspath is used for both paths, string comparison works reliably. Signed-off-by:
-
Arnout Vandecappelle authored
The path to the .config file is calculated in several places - replace it with a single calculation, and pass configfile as an argument to is_toolchain_usable and fixup_config. These functions also don't need outputdir any more. This makes it easier to fix the case when configfile is not in outputdir. Signed-off-by:
-
Arnout Vandecappelle authored
The --instance argument is just an artifact of genrandconfig's history as part of autobuild-run. It is much more logical to pass the output directory and the buildroot directory as arguments, with sane defaults. This also allows us to remove the hack of creating a symlink in the instance directory if it doesn't exist yet. Note that the default outputdir 'output' doesn't work yet, because in that case Buildroot will put the config file in the buildroot directory instead of the output directory. This will be fixed in a follow-up patch. After this change, the script should be called from autobuild-run as: subprocess.call([os.path.join(srcdir, "utils/genrandconfig"), "-o", outputdir, "-b", srcdir, "--toolchains-url", kwargs['toolchains_url']], stdout=devnull, stderr=log) Signed-off-by: -
Arnout Vandecappelle authored
This prepares for passing buildrootdir as an argument. Signed-off-by:
-
Arnout Vandecappelle authored
This prepares for passing outputdir as an argument. Signed-off-by:
-
Arnout Vandecappelle authored
The output of genrandconfig is currently very terse, which is annoying for debugging the script or generally seeing what is going on. Also the timing information added by log_write isn't very useful when the script is used stand-alone. In the new setup, (verbose) output goes to stdout and error output goes to stderr. Also the "INFO: generate the configuration" message is eliminated - it should go in the autobuild-run script. We also add an explicit message when a toolchain can't be used after the first defconfig, otherwise autobuild-run will just silently restart. Note that, since the output of make is no longer redirected to /dev/null, we get one more message on stderr that will be recorded in the autobuilder's log file: KCONFIG_SEED=0xXXXXXXXX. This approach allows us to optimise the error handling to use exceptions, where appropriate, which can be caught at the top level and converted to an error message to stderr. This, in turn, allows us to use subprocess.check_call, which eliminates a lot of conditions. Signed-off-by:
-
Arnout Vandecappelle authored
The SystemInfo class is instantiated globally and passed down to all functions, but it is really only used in fixup_config. So instead, instantiate it there. Signed-off-by:
-
Arnout Vandecappelle authored
kwargs is a left-over from the use of docopt, it's better to use argparse's Namespace object directly. In addition, most functions use just one or two fields of args, so these can just as well be passed directly as arguments to the function. Particularly for outputdir it doesn't make sense to reconstruct it all the time. Signed-off-by:
-
Arnout Vandecappelle authored
Warnings fixed: E731 do not assign a lambda expression, use a def -> urlopen_closing is defined with a def. urlopen is not used elsewhere so inlined. E302 expected 2 blank lines E501 line too long -> long lines due to a long string are NOT split E701 multiple statements on one line (colon) E722 do not use bare except' -> use "except Exception", so KeyInterrupt and SystemExit are still passed. We never intended to catch those. E741 ambiguous variable name 'l' -> variable name is replaced with the much more descriptive toolchains_csv E271 multiple spaces after keyword E231 missing whitespace after ',' Signed-off-by: -
Arnout Vandecappelle authored
Popen is more complicated and more difficult to understand. check_output raises an exception if the exit code is non-zero, but that's probably what we want if ldd can't be executed. Signed-off-by:
-
Arnout Vandecappelle authored
This script will be used by the autobuild-run script to generate the configuration to test. It is put in the utils directory because it can also be called directly to allow users to test things. For now, it is a direct copy of the relevant functions from the autobuild-run script. The only changes are: - unneeded import statements are removed; - code/decode wrappers are limited to decode_byte_list; - __main__ handling is added. For now, the only supported arguments are the ones needed for autobuild-run. Follow-up patches will refactor things and also change the way the script is called. In this version, it can be called from the autobuild-run script as: subprocess.call([os.path.join(srcdir, "utils/genrandconfig"), "-i", str(kwargs['instance']), "--toolchains-url", kwargs['toolchains_url']], stdout=log, stderr=log) Signed-off-by: -
Bernd Kuhls authored
Removed patch 0001, not needed anymore after https://github.com/DanBloomberg/leptonica/commit/4476d162cc191a0fefb2ce434153e12bbf188664 fixes the problem in a similar way. Signed-off-by:
Bernd Kuhls <bernd.kuhls@t-online.de> Signed-off-by:
-
Matt Weber authored
RUNDIR installs the test applications and shared libraries into a different folder then /usr/lib. This is desired as there are a lot of test apps which would get installed into /usr/lib without organization. Instead, set RUNDIR=/usr/lib/paxtest to install the test apps and libraries in a sub folder. The genpaxtest script accounts for this path and handles a LD_LIBRARY_PATH update as part of the paxtest script's exeuction. Signed-off-by:
Matthew Weber <matthew.weber@rockwellcollins.com> Signed-off-by:
-
Ricardo Martincoski authored
While at it, also move my professional entry near my personal one. Signed-off-by:
Ricardo Martincoski <ricardo.martincoski@gmail.com> Signed-off-by:
-
Bernd Kuhls authored
Signed-off-by:
-
Bernd Kuhls authored
Changed _SITE to https, added upstream md5 & sha1 hashes. Signed-off-by:
-
Julien Viard de Galbert authored
Fixes: http://autobuild.buildroot.net/results/b629754c6a820446ff38df8202ea1ed0041bc4ac http://autobuild.buildroot.net/results/e02325e06866618d9d3ee90600dc3326465c56a1 http://autobuild.buildroot.net/results/c1db73dcb25ea1db4be0f9d6ce2bf2d02f5bd5bb http://autobuild.buildroot.net/results/bd93120ee7cbfeb4fe7cbcd7f845f131743caf05 http://autobuild.buildroot.net/results/273ba504de31bc17fd41e91ee5d6c0b34797a4f9 http://autobuild.buildroot.net/results/37920b26f9c4853a0d620eb4a33b50b53e548888 http://autobuild.buildroot.net/results/ee668405ed234fbbd644a01d49e8d9d41d216cf6 http://autobuild.buildroot.net/results/5b76d62ad03d0cbe483792b32ea14ce7d7432983 http://autobuild.buildroot.net/results/cf08d42be8fcb659d59288e2cedf3f18b660e8a6 http://autobuild.buildroot.net/results/e1309fd2eea5daf854f4314b92ec441092239cd5 Signed-off-by:
Julien Viard de Galbert <julien@vdg.name> Signed-off-by:
-
Andrey Smirnov authored
Add package to provide Zstandard compression tools (see https://facebook.github.io/zstd ) Minimal config snippet for utils/test-pkg is as follows: BR2_PACKAGE_ZSTD=y Signed-off-by:
Andrey Smirnov <andrew.smirnov@gmail.com> [Thomas: - use "config" instead of "menuconfig" in Config.in - add missing final newline in Config.in - pass DESTDIR=$(TARGET_DIR) only at install time - wrap too long lines in the .mk file - remove useless empty newline at end of .hash file.] Signed-off-by:
-
Bernd Kuhls authored
Removed patch 0001 after bessel functions in uClibc were enabled by default: https://git.buildroot.net/buildroot/commit/package/uclibc?id=de56d58e5d26d78161ca3b7a1a2a4decfe4e89db Signed-off-by:
-
Matt Weber authored
When building against nginx 1.11.2+, requires additional -lcrypto dependency. (Nginx changed crypto approach and dependencies for openssl are no longer default) Upstream pull request: https://github.com/vkholodkov/nginx-upload-module/pull/93 Fixes: http://autobuild.buildroot.net/results/e25f8ba8d8743e47a77707cf582e58477e1860e6 http://autobuild.buildroot.net/results/c4aa6e22033be934bd311cd9761f646d44618dc0 http://autobuild.buildroot.net/results/75e935d248b46df11c32c95526423a2287ac8c62 Signed-off-by:
-
Bernd Kuhls authored
Upstream does not provide hashes anymore, replace with self-computed sha256 hash. Removed patches applied upstream, renumbered remaining patches: 0001-allow-building-of-the-shared-library-to-be-suppressed.patch https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/keyutils.git/commit/?id=a4deb71ddc05e951c8be8d46615beed9d408a5c8 0004-Makefile-for-buildroot.patch https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/keyutils.git/commit/?id=d83b9b827c6c4bc2377dfa073cf5c837b87465e8 Signed-off-by:
-
Bernd Kuhls authored
Removed patch applied upstream: 0001-vmcore-dmesg-Define-_GNU_SOURCE.patch https://git.kernel.org/pub/scm/utils/kernel/kexec/kexec-tools.git/commit/?id=2f6f6d6fef7872647cacc6741ac35ac2b4df7ed5 Signed-off-by:
-
