- Feb 23, 2019
-
-
Peter Korsgaard authored
Signed-off-by:Peter Korsgaard <peter@korsgaard.com>
-
Peter Korsgaard authored
Signed-off-by:
-
Fabrice Fontaine authored
gf_mul is already defined in libcrypto (openssl) so rename it into ibrdtn_gf_mul to fix the following build failure in ibrdtnd package: /home/buildroot/autobuild/instance-3/output/host/bin/../arm-buildroot-uclinux-uclibcgnueabi/sysroot/usr/lib/libcrypto.a(f_impl.o): In function `gf_mul': f_impl.c:(.text+0x0): multiple definition of `gf_mul' /home/buildroot/autobuild/instance-3/output/host/arm-buildroot-uclinux-uclibcgnueabi/sysroot/usr/lib/libibrcommon.a(gf128mul.o):gf128mul.cpp:(.text+0x30): first defined here collect2: error: ld returned 1 exit status Makefile:560: recipe for target 'dtnd' failed Fixes: - http://autobuild.buildroot.org/results/1d3b4b6cf043a3e185ce758b617a0a18c3d36cdb Signed-off-by:
Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by:
Thomas Petazzoni <thomas.petazzoni@bootlin.com>
-
Francois Perrad authored
Fixes: https://gitlab.com/buildroot.org/buildroot/-/jobs/158295314 Signed-off-by:
Francois Perrad <francois.perrad@gadz.org> Signed-off-by:
-
Peter Korsgaard authored
Signed-off-by: -
Bernd Kuhls authored
Release notes: https://blog.torproject.org/new-releases-tor-0402-alpha-0358-03411-and-03312 Fixes CVE-2019-8955: KIST can write above outbuf highwater mark https://trac.torproject.org/projects/tor/ticket/29168 Updated license hash after upstream commit https://gitweb.torproject.org/tor.git/commit/LICENSE?h=maint-0.3.5&id=efe55b88987c2539c218fdf1f46f16f9bdc3a8eb which bumps copyright date to 2019. Signed-off-by:
Bernd Kuhls <bernd.kuhls@t-online.de> Signed-off-by:
-
Fabio Estevam authored
Thomas Petazzoni reports: "The imx23evk_defconfig no longer builds: https://gitlab.com/buildroot.org/buildroot/-/jobs/158295124 This is due to the bump of OpenSSL to 1.1.x. This issue seems to have been fixed in U-Boot commit 7bae13b7579a6bc42330427496330fe2a29cbd56, which is part of U-Boot since 2017.01, but the defconfig is using 2016.09." Bump to the U-Boot 2019.01 to fix this problem. Fixes: https://gitlab.com/buildroot.org/buildroot/-/jobs/158295124 Reported-by:
Fabio Estevam <festevam@gmail.com> Signed-off-by:
-
Vadim Kochan authored
stress-ng uses test/test-bsd-wchar.c program to check if there is support for libbsd's wchar, but the test fails because wchar.h also requires the FILE* definition from stdio.h which is not included automatically, so fix it by include stdio.h explicitly. Fixes: http://autobuild.buildroot.net/results/6def1bba8e7ec05682e74c4edc3a35c8c118d28b Signed-off-by:
Vadim Kochan <vadim4j@gmail.com> Signed-off-by:
-
- Feb 22, 2019
-
-
Fabrice Fontaine authored
Disable AVX2 if gcc < 4.9 Fixes: - http://autobuild.buildroot.org/results/195e40b34344f773da51a3fbff9d8e76c517eed1 Signed-off-by:
-
Thomas Petazzoni authored
In the following commits: 85f4bd94 configs/orangepi_lite2: fix kernel headers option 506cdeb2 configs/orangepi_one_plus: fix kernel headers option We fixed the orangepi_lite2 and orangepi_one_plus defconfigs to use the BR2_PACKAGE_HOST_LINUX_HEADERS_CUSTOM_X_Y option. However, we were mistaken by the existing comment saying that 4.18 kernel headers should be used. This was wrong, as the kernel source code in use is 4.19, so this commit fixes the BR2_PACKAGE_HOST_LINUX_HEADERS_CUSTOM_X_Y to use the correct version. Fixes: https://gitlab.com/buildroot.org/buildroot/-/jobs/165766089 https://gitlab.com/buildroot.org/buildroot/-/jobs/165766093 Signed-off-by:
-
Fabrice Fontaine authored
Fixes: - http://autobuild.buildroot.org/results/b40bdbca6669a81301fca523e982dbc9584a4e65 Signed-off-by:
-
Thomas Petazzoni authored
The Linux configuration used in the rock64_defconfig requires host-openssl to be built, otherwise the build fails with: scripts/extract-cert.c:21:25: fatal error: openssl/bio.h: No such file or directory #include <openssl/bio.h> So let's enable BR2_LINUX_KERNEL_NEEDS_HOST_OPENSSL. Fixes: https://gitlab.com/buildroot.org/buildroot/-/jobs/165766161 Signed-off-by:
-
Fabrice Fontaine authored
Fixes: - http://autobuild.buildroot.org/results/935c038b921ffa0f185571de41223e4c201e964b Signed-off-by:
-
Thomas Petazzoni authored
This defconfig was added in October 2016 and was never updated since then. It currently fails to build because U-Boot is too old and doesn't build with host-openssl in version 1.1.x. On February 13, 2019, the original submitter was notified, but didn't reply, so let's remove the defconfig for this platform. Fixes: https://gitlab.com/buildroot.org/buildroot/-/jobs/165766194 Signed-off-by:
-
Peter Korsgaard authored
Fixes the following security issues: - named could crash during recursive processing of DNAME records when deny-answer-aliases was in use. This flaw is disclosed in CVE-2018-5740. [GL #387] - When recursion is enabled but the allow-recursion and allow-query-cache ACLs are not specified, they should be limited to local networks, but they were inadvertently set to match the default allow-query, thus allowing remote queries. This flaw is disclosed in CVE-2018-5738. [GL #309] - Code change #4964, intended to prevent double signatures when deleting an inactive zone DNSKEY in some situations, introduced a new problem during zone processing in which some delegation glue RRsets are incorrectly identified as needing RRSIGs, which are then created for them using the current active ZSK for the zone. In some, but not all cases, the newly-signed RRsets are added to the zone's NSEC/NSEC3 chain, but incompletely -- this can result in a broken chain, affecting validation of proof of nonexistence for records in the zone. [GL #771] - named could crash if it managed a DNSSEC security root with managed-keys and the authoritative zone rolled the key to an algorithm not supported by BIND 9. This flaw is disclosed in CVE-2018-5745. [GL #780] - named leaked memory when processing a request with multiple Key Tag EDNS options present. ISC would like to thank Toshifumi Sakaguchi for bringing this to our attention. This flaw is disclosed in CVE-2018-5744. [GL #772] - Zone transfer controls for writable DLZ zones were not effective as the allowzonexfr method was not being called for such zones. This flaw is disclosed in CVE-2019-6465. [GL #790] For more details, see the release notes: http://ftp.isc.org/isc/bind9/9.11.5-P4/RELEASE-NOTES-bind-9.11.5-P4.html Change the upstream URL to HTTPS as the webserver uses HSTS: >>> bind 9.11.5-P4 Downloading URL transformed to HTTPS due to an HSTS policy Update the hash of the license file to account for a change of copyright year: -Copyright (C) 1996-2018 Internet Systems Consortium, Inc. ("ISC") +Copyright (C) 1996-2019 Internet Systems Consortium, Inc. ("ISC") Signed-off-by:
-
Baruch Siach authored
Debian bug #741384: Buffer overflow Debian bug #744212: Buffer overflow CVE-2014-8139: CRC32 verification heap-based overflow CVE-2014-8140: Out-of-bounds write issue in test_compr_eb() CVE-2014-8141: Out-of-bounds read issues in getZip64Data() CVE-2014-9636: Heap overflow CVE-2015-7696: Heap overflow when extracting password-protected archive CVE-2015-7697: Infinite loop when extracting password-protected archive Red Hat Bugzilla #1260944: Unsigned overflow on invalid input Debian bug #842993: Do not ignore Unix Timestamps CVE-2014-9913: Buffer overflow CVE-2016-9844: Buffer overflow in zipinfo CVE-2018-1000035: Buffer overflow in password protected ZIP archives Cc: Luca Ceresoli <luca@lucaceresoli.net> Signed-off-by:
Baruch Siach <baruch@tkos.co.il> Signed-off-by:
-
- Feb 21, 2019
-
-
Matt Weber authored
The proftpd configure script doesn't use pkg-config to detect openssl libraries. Instead, it just adds -lcrypto. Since openssl may be linked with pthread, it tries to detect that by calling 'openssl version -f', which gives the arguments with which openssl was compiled. Since the openssl executable used is either host-openssl or the system installed openssl, the output of 'openssl version -f' is useless in Buildroot context. If the target toolchain doesn't have threads support, it will wrongly pick up -pthread from host-openssl. Fortunately there is a simple workaround: --without-openssl-cmdline says that there is no openssl executable and skips the test, so -pthread is not added. It turns out -pthread is never needed, even in static linking cases, because openssl/libressl puts the thread support in a separate object file that only gets linked in if the program actually uses threads (which proftpd doesn't). Fixes: http://autobuild.buildroot.net/results/9c25c3cb3cf93b76c0538c5376a803641bf6575b Signed-off-by:
Matthew Weber <matthew.weber@rockwellcollins.com> [Rewrite commit log, after additional analysis and testing] Signed-off-by:
Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
-
Thomas De Schampheleire authored
With recent dtc but old u-boot, compilation issues occur related to libfdt. These problems really are u-boot issue since it does not properly set include paths so that its own headers are included. Nevertheless, since the u-boot version is typically decided by users and stuck at some version provided by a SoC or board vendor, it is not feasible to fix those old versions. Instead, already several fixes were made in the past, in Buildroot. See commits: c7ffd8a7 "package/dtc: fix include guards for older kernel/u-boot" f437bf54 "uboot: fix build for older uboot source trees" bf733342 "uboot: fix build when libfdt-devel is installed system-wide" 0bf80e4b "uboot: ensure host includes are searched before system default includes" b15a7a62 "uboot: revert "uboot: use local libfdt.h"" baae5156 "uboot: use local fdt headers" 3a6573cc "uboot: use local libfdt.h" Commit c7ffd8a7 fixes the problem caused by dtc having changed their include guards from _FOO_H to FOO_H (leading underscore removed). Old u-boot would still use _FOO_H, which (combined with host-dtc headers that use FOO_H) would cause the inclusion of two different copies of the same nominal include file, e.g. libfdt.h or libfdt_env.h, causing 'error: redefinition of xxx' compilation issues. The fix sets the 'new' include guard when the 'old' one is detected, preventing a second inclusion of the same nominal file. For some u-boot versions, however, this change not only needs to be made in libfdt.h and libfdt_env.h, but also in 'fdt.h'. Update the dtc patch to do just that. Signed-off-by:
Thomas De Schampheleire <thomas.de_schampheleire@nokia.com> Signed-off-by:
-
- Feb 20, 2019
-
-
Fabrice Fontaine authored
Add a patch to use pkg-config to find id3tag dependency (-lz) Fixes: - http://autobuild.buildroot.org/results/5e4882ddacf205a92a3ff1e79649cf16e4b6c0ae Signed-off-by:
-
Fabrice Fontaine authored
Add -lz to id3tag.pc, this fix is needed to be able to use pkg-config in madplay to find id3tag dependencies Signed-off-by:
-
Fabrice Fontaine authored
COPYING contains only the license for GPL-2.0 so use the new license files that have been added in the Licenses directory since version 2018.03 and https://github.com/sbabic/swupdate/commit/32c1f98eaca69e362be074197f84a59d994c0876 Also update GPL-2.0+ to "GPL-2.0+ with OpenSSL exception" and add Exceptions file, see: https://github.com/sbabic/swupdate/commit/66d0dbe80f49eb49f8999c9d738579651fc38134 Signed-off-by:
-
Yann E. MORIN authored
Signed-off-by:
"Yann E. MORIN" <yann.morin@orange.com> Signed-off-by:
-
Gary Bisson authored
Signed-off-by:
Gary Bisson <bisson.gary@gmail.com> Signed-off-by:
-
Fabrice Fontaine authored
syslog-ng expects that rabbitmq-c is built with openssl support however currently we're disabling openssl on rabbitmq-c in static build. To fix this issue, add a dependency on dynamic library on rabbitmq-c and its reverse dependencies (only BR2_PACKAGE_JANUS_GATEWAY_RABBITMQ as php-amqp already depends on dynamic library) Fixes: - http://autobuild.buildroot.org/results/fce91b98fb199a26ad5f5f726c9bdec4f9d64486 Signed-off-by:
-
Fabrice Fontaine authored
rabbitmq-c is not an embedded submodule since version 3.16.1 and https://github.com/balabit/syslog-ng/commit/c0559593c377f04662368dbecf282d2670aad12f So enable/disable amqp depending on rabbitmq-c availability and remove uneeded -lrt from LIBS Signed-off-by:
Chris Packham <judge.packham@gmail.com> Signed-off-by: Fabrice Fontaine <<a href="mailto:fontaine.fabrice@gmail.com" target="_blank" rel="noreferrer">fontaine.fabrice@gmail.com</a>><br></blockquote></div></div><div dir="auto"><br></div><div dir="auto">Looks good to me</div><div dir="auto"><br></div><div dir="auto">Reviewed-by: Chris Packham <<a href="mailto:judge.packham@gmail.com">judge.packham@gmail.com</a>><br><br></div><div dir="auto"><div class="gmail_quote"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"> Signed-off-by:
-
Gervais, Francois authored
console-getty.service is not a template unit file (it doesn't have the @ specifier), so %I doesn't get properly expanded in it. Thus, getty startup will fail due to invalid options and no getty prompt is launched on the console. Fixes: No getty prompt on boot Signed-off-by:
Francois Gervais <fgervais@distech-controls.com> Signed-off-by:
-
Trent Piepho authored
When not using OpenSSL, the correct option to configure is --without-ssl with two dashes. Fixes: b8b78e7e ("libcurl: Allow selection of TLS package libcurl will use") Signed-off-by:
Trent Piepho <tpiepho@impinj.com> Signed-off-by:
-
Jörg Krause authored
Bump to latest release that bundles lua-openssl 0.7.4 to fix compatibility with OpenSSL 1.1.1a. Drop patches 0001 and 0002 that are included in the new release. Successfully build and runtime tested on Banana Pro, note that version string for lua-openssl does not match the tag name (0.7.4): ``` luvi v2.9.0 zlib: 1.2.11 libuv: 1.25.0 ssl: OpenSSL 1.1.1a 20 Nov 2018, lua-openssl 0.7.3 ``` Fixes: http://autobuild.buildroot.net/results/e87994a3dc987f5aa101a5e721ac927e21453373 http://autobuild.buildroot.net/results/ea725ad90cfcd3c5e242268a593dcabd7297fe70 http://autobuild.buildroot.net/results/f2fb9eea0044e4a5f674742d29ea95af49cf5a45 http://autobuild.buildroot.net/results/de4daa1b930f907f06640dc98a708016217ddea5 .. and many more. Signed-off-by:
Jörg Krause <joerg.krause@embedded.rocks> Signed-off-by:
-
Baruch Siach authored
poco does not support the riscv target. Fixes: http://autobuild.buildroot.net/results/9a8/9a8213c502df53222eafc3ecd2fcfa36db20950b/ http://autobuild.buildroot.net/results/dd4/dd48cac70e8cb697b42ee51561902df81edcea40/ http://autobuild.buildroot.net/results/030/030c6cc8e2a59b015f8f3793d76234a2ef4ab772/ Cc: Yegor Yefremov <yegorslists@googlemail.com> Signed-off-by:
-
Fabrice Fontaine authored
Fixes: - http://autobuild.buildroot.org/results/1d868798c5b80d7b41123f988449ef548dd95490 This works for libressl as well, because libressl does provide EVP_CIPHER_CTX_new() which is what gets enabled by -DSSL11 Signed-off-by:
-
- Feb 18, 2019
-
-
Peter Korsgaard authored
Fixes a long standing fsync issue and a number of other bugs: https://www.postgresql.org/docs/11/release-11-2.html https://wiki.postgresql.org/wiki/Fsync_Errors The hash of the license file is only changed due to a year update: -Portions Copyright (c) 1996-2018, PostgreSQL Global Development Group +Portions Copyright (c) 1996-2019, PostgreSQL Global Development Group Signed-off-by:
Peter Seiderer <ps.report@gmx.net> [Thomas: update commit log to explain why the license file hash has changed, as repoted by Peter Seiderer] Signed-off-by:
-
- Feb 17, 2019
-
-
Fabrice Fontaine authored
On some architectures, atomic binutils are provided by the libatomic library from gcc. Linking with libatomic is therefore necessary, otherwise the build fails with: sparc-buildroot-linux-uclibc/sysroot/lib/libatomic.so.1: error adding symbols: DSO missing from command line This is often for example the case on sparcv8 32 bit. Fixes: - http://autobuild.buildroot.org/results/16e360cb91afff7655f459a3d1fb906ca48f8464 Signed-off-by:
-
Fabrice Fontaine authored
Fixes: - http://autobuild.buildroot.org/results/3a53f54476828ee878602da9adddf1e1e70f7a69 Signed-off-by:
-
Fabrice Fontaine authored
Fixes: - http://autobuild.buildroot.org/results/f4fe6bf54d213ca75bc1f16df61f8f92e648288e Signed-off-by:
-
Yann E. MORIN authored
We have virtually no way to know the hashes for user-supplied patches, so we should just ignore them. Reported-by:
Simon van der Veldt <simon.vanderveldt@gmail.com> Signed-off-by:
"Yann E. MORIN" <yann.morin.1998@free.fr> Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com> Cc: Arnout Vandecappelle <arnout@mind.be> Cc: Peter Korsgaard <peter@korsgaard.com> Tested-by:
-
- Feb 15, 2019
-
-
Angelo Compagnucci authored
Mender is a service explicitly written for systemd and so it doesn't fork on background, doesn't redirect outputs and doesn't create a pid file by itself. To make the service running correctly is therefore necessary to use the -m switch of start-stop-daemon to create the pid file and -b option to send the process to background. Logging is preserved because the service will log anyway on syslog. Signed-off-by:
Angelo Compagnucci <angelo@amarulasolutions.com> Signed-off-by:
-
Angelo Compagnucci authored
Mender needs /var/lib directory to be available: on some configurations /var/lib is not available and thus the mender package installation fails. This patch does a mkdir to ensure the /var/lib directory is always available. Fixes: http://autobuild.buildroot.net/results/d2237083a13ab7688dd2b6dc8dbcd4226ed5651a/ Signed-off-by:
-
Peter Seiderer authored
The Qt configure auto detection (and announced runtime detection feature) failes (see e.g. [1]), so override the configuration with the buildroot determined settings. [1] http://lists.busybox.net/pipermail/buildroot/2019-January/241862.html Reported-by:
David Picard <dplamp@gmx.com> Signed-off-by:
-
Thomas Petazzoni authored
Signed-off-by: -
Peter Seiderer authored
- fix the following start warnings: W: [pulseaudio] main.c: Running in system mode, but --disallow-exit not set. W: [pulseaudio] main.c: Running in system mode, but --disallow-module-loading not set. N: [pulseaudio] main.c: Running in system mode, forcibly disabling SHM mode. N: [pulseaudio] main.c: Running in system mode, forcibly disabling exit idle time. - fix the following stop error: E: [pulseaudio] main.c: Failed to kill daemon: No such process Signed-off-by:
-
