Commit e51d69a3b (mosquitto: specify that hash is taken from upstream)
changed the .hash description header, but the upstream hash only applies
to the tarball, not the patch.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
It's a major release, but the API seems to be mostly
backwards-compatible. The only package depending on this library in
buildroot is libsigrok and it builds fine.
Signed-off-by: Bartosz Golaszewski <brgl@bgdev.pl>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
The patches are now upstream and can be removed. Remove the comment
about Qt4 - it's no longer valid. Add boost-serialization to
dependencies.
Signed-off-by: Bartosz Golaszewski <brgl@bgdev.pl>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
The patch is now upstream and can be removed.
Signed-off-by: Bartosz Golaszewski <brgl@bgdev.pl>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Latest release fixed dlmopen detection, so that
musl/uClibc-ng toolchains can be used.
Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Qt5Multimedia builds the alsa plugin if it detects libasound in the
system. Add alsa-lib to dependencies if BR2_PACKAGE_ALSA_LIB is
selected.
Signed-off-by: Bartosz Golaszewski <brgl@bgdev.pl>
Reviewed-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Qt5Multimedia includes support for pulseaudio if it detects libpulse
and libpulse-mainloop-glib in the system at build-time. We need to
depend on pulseaudio and libglib2 if it is selected.
Signed-off-by: Bartosz Golaszewski <brgl@bgdev.pl>
Reviewed-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Commit 67117adc89 backed out the
deployment of libmtd headers (libmtd.h, libubi.h, ubi-media.h) to
staging and these may be needed by packages that work directly with MTD,
for example swupdate. mtd also produces libmtd.a and libubi.a which are
needed by those packages.
Tested by configuring swupdate to use MTD and verifying that swupdate
now compiles and links.
Signed-off-by: Andrey Yurovsky <yurovsky@gmail.com>
[Thomas: change to a post-install staging hook, and add comment.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Curently, we have a choice to select between stripping and not
stripping. This is legacy code from back when we had a third option,
sstrip (super-strip).
Since we removed sstrip, stripping or not stripping is now just a
boolean rather than a choice.
Make it so.
We make BR2_STRIP_strip default to 'y' to keep the current behaviour of
defaulting to stripping.
Move BR2_STIP_none to legacy, and instruct the user to review the new
setting.
Drop any reference to BR2_STRIP_none in comments.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Arnout Vandecappelle <arnout@mind.be>
Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Since BR2_STRIP_strip and BR2_STRIP_noine are mutually exclusive (being
part of a choice), we can simplify the logic.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Arnout Vandecappelle <arnout@mind.be>
Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
In some cases, passing STRIP=true is not sufficient to disable striping
altogether, as some (incorrectly generated?) configure scripts will
ignore a ${STRIP} that is not a full path.
This is the case, for example, for nmap, which ends up using the host
strip command when we pass STRIP=true:
checking for arm-buildroot-linux-gnueabihf-strip... no
checking for strip... /usr/bin/strip
configure: WARNING: using cross tools not prefixed with host triplet
[--SNIP--]
/usr/bin/install -c -c -m 755 nping /home/ymorin/dev/buildroot/O/target/usr/bin/nping
/usr/bin/strip -x /home/ymorin/dev/buildroot/O/target/usr/bin/nping
/usr/bin/strip: Unable to recognise the format of the input file `/home/ymorin/dev/buildroot/O/target/usr/bin/nping'
We fix that by forcing a full path to the strip sommand when it is
disabled: STRIP=/bin/true
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
RAUC is the Robust Auto-Update Controller developed by the folks at
Pengutronix. It supports updating embedded systems from the network
(ex: HawkBit) or from a disk and provides a d-bus interface.
Signed-off-by: Andrey Yurovsky <yurovsky@gmail.com>
Reviewed-by: Yegor Yefremov <yegorslists@googlemail.com>
Acked-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Remove upstreamed readline related patch.
Add a patch, that enables parted to be compiled without lvm2.
Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Add an upstream patch that fixes segfaults when executed on MIPS due to
incorrect handling of system call numbers on MIPS platforms.
Signed-off-by: Marcin Nowakowski <marcin.nowakowski@imgtec.com>
Cc: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Upgrade the Xen package to Xen 4.9.0. This also means we can remove
almost all of the patches we were previously carrying.
Signed-off-by: Alistair Francis <alistair.francis@xilinx.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Fix a "duplicate 'const' declaration specifier" error that occurs when
building Xen. As the issue has already been fixed in upstream Xen let's
just backport the fix to apply here.
Fixes:
http://autobuild.buildroot.net/results/3a0/3a03c328bc6a6c30cc4f619925608d735632211f/
Signed-off-by: Alistair Francis <alistair.francis@xilinx.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
>From the NEWS file:
- Mitigate a flush+reload side-channel attack on RSA secret keys
dubbed "Sliding right into disaster". For details see
<https://eprint.iacr.org/2017/627>. [CVE-2017-7526]
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Build tested with Qemu X86 sample.
Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
As all librt and libpthread functions are integrated into
libc for a while, workaround no longer required.
Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
Reviewed-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Acked-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
glibc contains a vulnerability that allows specially crafted LD_LIBRARY_PATH
values to manipulate the heap/stack, causing them to alias, potentially
resulting in arbitrary code execution. Please note that additional
hardening changes have been made to glibc to prevent manipulation of stack
and heap memory but these issues are not directly exploitable, as such they
have not been given a CVE.
https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt
Patches are identical to upstream, except that the ChangeLog modifications
have been stripped.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes CVE-2017-9868: In Mosquitto through 1.4.12, mosquitto.db (aka the
persistence file) is world readable, which allows local users to obtain
sensitive MQTT topic information.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add a fix for CVE-2017-9445: In systemd through 233, certain sizes passed to
dns_packet_new in systemd-resolved can cause it to allocate a buffer that's
too small. A malicious DNS server can exploit this via a response with a
specially crafted TCP payload to trick systemd-resolved into allocating a
buffer that's too small, and subsequently write arbitrary data beyond the
end of it.
The other patch fixes an issue with the security fix.
[Peter: use CVE description from MITRE]
Cc: Maxime Hadjinlian <maxime.hadjinlian@gmail.com>
Cc: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes#9976.
Reported-by: Nick Wright <nwright98@gmail.com>
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
