Francois Perrad [Sun, 22 Mar 2020 08:07:02 +0000 (09:07 +0100)]
package/luarocks: luajit is now detected automatically by luarocks
Since luarocks commit
https://github.com/luarocks/luarocks/commit/ffab9f32698431bb901b786460e4695806ebcf30,
available since luarocks v3.2.0, LuaJIT is now detected
automatically. It is therefore no longer necessary to explicitly
indicate in lua_interpreter that LuaJIT is used.
Ramon Fried [Mon, 23 Mar 2020 06:46:21 +0000 (08:46 +0200)]
package/gdb: add support for host-gdb with python3
host-gdb was limited to link only with Python 2 although it's possible
to build Python 3 for host. Add the ability to link with Python 3.
Signed-off-by: Ramon Fried <[email protected]>
[Thomas: add an option to the choice to not have Python support] Signed-off-by: Thomas Petazzoni <[email protected]>
James Hilliard [Wed, 8 Apr 2020 00:19:25 +0000 (18:19 -0600)]
package/python-txaio: drop python 2 support
As of upstream commit 735eb608637e7bbab4082a541ac802cc919fec22,
available since version v20.1.1, support for Python 2.x has been
dropped, and Python >= 3.5 is required. So we make python-txaio depend
on python3, and remove the python2 test of python-txaio.
package/python-crossbar: add missing runtime dependency on python-werkzeug
Upstream commit
https://github.com/crossbario/crossbar/commit/b9c295d3cfa923b383f93fe534d40e42c56576dc
which has been part of the releases since v19.10.1 has added
werkzeug dependency.
Without werkzeug package, the test TestPythonPy3Crossbar
is failing at runtime with this error:
In file included from ell/rtnl.c:28:0:
.../host/arm-buildroot-linux-gnueabi/sysroot/usr/include/linux/if.h:185:19: error: field 'ifru_addr' has incomplete type
.../host/arm-buildroot-linux-gnueabi/sysroot/usr/include/linux/if.h:186:19: error: field 'ifru_dstaddr' has incomplete type
.../host/arm-buildroot-linux-gnueabi/sysroot/usr/include/linux/if.h:187:19: error: field 'ifru_broadaddr' has incomplete type
.../host/arm-buildroot-linux-gnueabi/sysroot/usr/include/linux/if.h:188:19: error: field 'ifru_netmask' has incomplete type
.../arm-buildroot-linux-gnueabi/sysroot/usr/include/linux/if.h:189:20: error: field 'ifru_hwaddr' has incomplete type
ell/rtnl.c: In function 'l_rtnl_route_extract':
ell/rtnl.c:120:8: error: 'RTA_PREF' undeclared (first use in this function)
Build can fail because boinc uses curl-config that it founds on host:
checking for curl-config... /usr/bin/curl-config
checking for the version of libcurl... 7.47.0
checking for libcurl >= version 7.17.1... yes
checking whether libcurl is usable... no
>From the ChangeLog:
- Fix multiple CVEs: CVE-2020-11521 CVE-2020-11522 CVE-2020-11523
CVE-2020-11524 CVE-2020-11525 CVE-2020-11526
- Fix multiple other security related issues (#6005, #6006, #6007,
#6008, #6009, #6010, #6011, #6012, #6013)
- Retrieve official tarball
- Drop patch (already in version)
- libusb is needed for urbdrc channel since
https://github.com/FreeRDP/FreeRDP/commit/0927d7aa50c76b671b55c33e0f06c950d1f08e9a
- Add a patch to fix build on uclibc
- Update indentation in hash file (two spaces)
Peter Seiderer [Fri, 10 Apr 2020 16:32:37 +0000 (18:32 +0200)]
package/assimp: fix musl zlib/zip related compile failure
As assimp fails to use system provided zlib/zip (and is picky
about the provided versions) use assimp contributed one
and backport one part of upstream patch to fix musl compile.
In file included from .../assimp-5.0.1/code/3MF/D3MFExporter.cpp:61:
.../assimp-5.0.1/contrib/zip/src/zip.h:30:15: error: conflicting declaration 'typedef long int ssize_t'
typedef long ssize_t; /* byte count or error */
^~~~~~~
- Fix CVE-2020-11100: In hpack_dht_insert in hpack-tbl.c in the HPACK
decoder in HAProxy 1.8 through 2.x before 2.1.4, a remote attacker can
write arbitrary bytes around a certain location on the heap via a
crafted HTTP/2 request, possibly causing remote code execution.
- Update indentation of hash file (two spaces)
James Hilliard [Wed, 8 Apr 2020 00:09:48 +0000 (18:09 -0600)]
package/python-autobahn: drop python 2 support
Upstream commit
https://github.com/crossbario/autobahn-python/commit/c0223223f865603ce192e6d5cdbcf74849a4cdd8,
which has been part of the releases since v20.1.2 has dropped support
for Python 2.x. So python-autobahn is now only available for Python
3.x.
We therefore remove the Python 2.x autobahn tests, and while at it,
drop the python-six dependency, which is no longer needed since
upstream commit
https://github.com/crossbario/autobahn-python/commit/79bd2ba41b83950614a2928eeda4704c1d149a20,
part of the releases since v20.1.3.
Stefan Sørensen [Tue, 7 Apr 2020 07:36:44 +0000 (09:36 +0200)]
package/gnutls: security bump to 3.6.13
Fixes the following security issue:
* CVE-2020-11501: It was found that GnuTLS 3.6.3 introduced a
regression in the DTLS protocol implementation. This caused the DTLS
client to not contribute any randomness to the DTLS negotiation
breaking the security guarantees of the DTLS protocol.
This is due to the fact that the python-requests module has a strict
version dependency on the python-idna module: 'idna>=2.5,<2.9'.
Since Buildroot commit 237d31bf5289a46583aa4bbc1fb7ed008b798de5, we're
using python-idna in version 2.9, which no longer matches the version
dependency expressed by python-requests, causing the failure.
Upstream has addressed this issue in commit
https://github.com/psf/requests/commit/c46f55bd48dabc02f033d252f8c64e2011f37361,
which relaxes the version requirement.
Changes since v2.1.1:
https://github.com/FluidSynth/fluidsynth/releases/tag/v2.1.2
- fluidsynth now exits with error when user-provided command-line arguments are out-of-range
- add verbose error logging to opensles and oboe drivers
- fix a memory leak in oboe driver
- fix a NULL dereference in the fluidsynth commandline program
- Drop patch (already in version)
- Update hash of LICENSE.txt: Fixed Apache license not using canonical
version:
https://github.com/google/flatbuffers/commit/9834ee97874c95eee8b27677639eeb33aed12980
- Update indentation of hash file (two spaces)
Disable support for minizip since cegui is not compatible
with the existing buildroot's version due to lack of
necessary header. It will be restored when upstream will
switch to the new version.
package/freescale-imx/imx-vpu: bump version to 5.4.39.1
To match NXP BSP 4.19.35_1.1.0 release:
https://source.codeaurora.org/external/imx/meta-fsl-bsp-release/tree/imx/meta-bsp/recipes-bsp/imx-vpu?h=warrior-4.19.35-1.1.0
The license files have changed significantly, but it remains an NXP
Semiconductor Software License Agreement.
Drop patch because the linker error no longer appears on br-x86-64-musl.
v0.13.0 fixes the following CVEs:
CVE-2019-0205: In Apache Thrift all versions up to and including 0.12.0,
a server or client may run into an endless loop when feed with specific
input data. Because the issue had already been partially fixed in version
0.11.0, depending on the installed version it affects only certain
language bindings.
CVE-2019-0210: In Apache Thrift 0.9.3 to 0.12.0, a server implemented
in Go using TJSONProtocol or TSimpleJSONProtocol may panic when feed with
invalid input data.
Also update the hash file to the new two-spaces convention
which fails with:
../../../../libsanitizer/libbacktrace/../../libbacktrace/elf.c:772:21: error: ‘st.st_mode’ may be used uninitialized in this function [-Werror=maybe-uninitialized]
return S_ISLNK (st.st_mode);
^
Upstream has been unable to reproduce/fix properly, details:
https://gcc.gnu.org/legacy-ml/gcc-patches/2019-03/threads.html#00827
Upstream recommends passing -Wno-error as a workaround, see:
https://gcc.gnu.org/pipermail/gcc-patches/2019-April/519867.html
f4b9cde Allow negative offsets 45bf92a Detect sector size if not found in config 9f59db6 uboot_env: remove unused variables 65d243e README: libubootenv is now in oe-core
Add an option to enable nistbeacon which is available since version 6.1
and
https://github.com/nhorman/rng-tools/commit/aefe862e187a1ef608f9826b2b4a5bbabd5e9945
0001-make-netgroup-support-optional.patch patches configure.ac, but we
don't autoreconf the package, which is not good.
However, simply adding AUTORECONF = YES is not sufficient: polkit
Makefile.am use the automake conditional HAVE_INTROSPECTION, which is
"available" only when the gobject-introspection m4 file is installed.
Since we don't want to make gobject-introspection a mandatory
dependency of polkit, we take a simpler route: add a copy of
introspection.m4 into the polkit source tree. This is only a 142 lines
file, and it can be dropped when
0001-make-netgroup-support-optional.patch is merged upstream.
- Update site to get latest version
- First patch is not needed since
https://github.com/festvox/flite/commit/e7e4868ad7a65eb6ed2966dd5048c4bfeb14f23f
- Update second patch
- Drop third patch (not needed anymore)
- Update hash of COPYING:
- BSD-2-Clause for Palm source code removed
- Add SUN Microsystems license for g72x files
- Add Apache-2.0 for lang/cmu_grapheme_lex/grapheme_unitran_tables.c
- Update indentation of hash file (two spaces)
support/testing: don't use TestPythonPackageBase.config and linaro toolchain
TestPythonPackageBase.config provide already the basic uClibc toolchain.
So by adding the symbols for the linaro toolchain some warning are printed
at while loading the configuration:
.config:16:warning: override: reassigning to symbol BR2_TOOLCHAIN_EXTERNAL
.config:16:warning: override: BR2_TOOLCHAIN_EXTERNAL changes choice state
.config:17:warning: override: reassigning to symbol BR2_TARGET_ROOTFS_CPIO
.config:21:warning: override: BR2_TOOLCHAIN_EXTERNAL_LINARO_ARM changes choice state
So, some symbol disapear from the generated dot config (.config) leading
to an error due to a new check in the testsuite infra.
Since this test should use the Linaro toolchain, remove
TestPythonPackageBase.config add BR2_arm=y and disable the rootfs tar option.
While at it, re-order the options so that they appear in the same
order as they appear in a defconfig.
projects / buildroot-mgba.git / log