>From the release notes:
2018-06-06 7.0.7-39 <quetzlzacatenango@image...>
* Fixed numerous use of uninitialized values, integer overflow, memory
exceeded, and timeouts (credit to OSS Fuzz).
The most critical of these are:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=8772https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=8782
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 811734ef9044bbdfc067da76358153061fae2031)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Since glibc 2.28, sys/sysmacros.h is no longer included from sys/types.h
This patch fixes the resulting build error by explicitly including
sys/sysmacros.h
See also https://github.com/plougher/squashfs-tools/pull/52
Signed-off-by: Richard Kunze <richard.kunze@web.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit ed0e55675eaf91e61d8004128169cb195a4fb72a)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 10d4c1222ae99abf409a471b4649fdb1861bcf80)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
- delete patch 0001-musl.patch (superseeded by upstream commit [1])
- disable new zstd support for host/target
[1] https://git.kernel.org/pub/scm/fs/squashfs/squashfs-tools.git/commit/?id=a81678d6a698b8a016f9abac9f3d981281cc52eb
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 50b1a05fb6f96bff45e68799b4ac7d97d283b661)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The configure script enables the DirectFB video driver, but forgets to
enable the renderer driver, causing SDL_CreateRenderer() to fail. Add an upstream patch to fix this.
[Peter: reword/extend commit text,
add git formatted patch from https://github.com/spurious/SDL-mirror]
Signed-off-by: Peter Thompson <peter.macleod.thompson@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit d1144944565f0a852cddbb1dd6f8f012c304dc0a)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
For consistency with chromium-lts.inc, rename chromium.inc to
chromium-latest.inc.
Signed-off-by: Laurent Hartanerot <laurent.hartanerot@atos.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit b36fd21f2c55f73b36e262816a8f5c5cfe81236c)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The qtwebengine package used by Qt LTS has a different set of license
files for chromium, so this commit introduces a separate
chromium-lts.inc with the right contents.
This fixes legal-info of qt5webengine with Qt LTS.
Signed-off-by: Laurent Hartanerot <laurent.hartanerot@atos.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit b105dc2b0b7f248a8da82c64e0c71f1e987b3fa6)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
In minicom package hash file lacks sha256 entry for COPYING file even if
it is added to MINICOM_LICENSE_FILES.
Add COPYING sha256 entry to minicom.hash file.
Signed-off-by: Giulio Benetti <giulio.benetti@micronovasrl.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 6edfa41a0a472401a87f7f2ef354b041a7c2c797)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add kconfig help text that explains how to manually specify an
official Linux version to use for the kernel headers.
Signed-off-by: Mark Corbin <mark.corbin@embecosm.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 3beba26d7657840c07bf014e33f9e80b6f1b09af)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Similarly to c48f8a6462 (package/m4: fix build on host with glibc-2.28),
backport the two fixes fromn gnulib upstream, that allows building
host-bison on systems using glibc 2.28.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Reported-by: c32 on IRC
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 373ac58b82d2430b745e90c7c8b39e319949882a)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
qt5virtualkeyboard 2.0 (shipped with Qt 5.6) installs the QML plugin
under the directory Enterprise while the later versions install it
without that directory.
Differentiate installation to target of the QML plugin according to
the Qt major version in use.
Also, make sure the /usr/qml/QtQuick directory exists before the copy.
Fixes:
>>> qt5virtualkeyboard 2.0 Installing to target
mkdir -p /home/gportay/src/buildroot/output/target/usr/lib/qt/plugins/platforminputcontexts
cp -dpfr /home/gportay/src/buildroot/output/host/arm-buildroot-linux-gnueabi/sysroot/usr/lib/qt/plugins/platforminputcontexts/libqtvirtualkeyboardplugin.so /home/gportay/src/buildroot/output/target/usr/lib/qt/plugins/platforminputcontexts
cp -dpfr /home/gportay/src/buildroot/output/host/arm-buildroot-linux-gnueabi/sysroot/usr/qml/QtQuick/VirtualKeyboard /home/gportay/src/buildroot/output/target/usr/qml/QtQuick
cp: cannot stat '/home/gportay/src/buildroot/output/host/arm-buildroot-linux-gnueabi/sysroot/usr/qml/QtQuick/VirtualKeyboard': No such file or directory
package/pkg-generic.mk:310: recipe for target '/home/gportay/src/buildroot/output/build/qt5virtualkeyboard-2.0/.stamp_target_installed' failed
make: *** [/home/gportay/src/buildroot/output/build/qt5virtualkeyboard-2.0/.stamp_target_installed] Error 1
Signed-off-by: Gaël PORTAY <gael.portay@savoirfairelinux.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fixes CVE-2018-14618: NTLM password overflow via integer overflow
For more details, see the advisory:
https://curl.haxx.se/docs/CVE-2018-14618.html
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Files list maintained by me in DEVELOPERS file is not
in proper order, fix it with ascending order.
Signed-off-by: Jagan Teki <jagan@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Add missing license hashes for those three third-parties:
- src/virtualkeyboard/3rdparty/openwnn/NOTICE
- src/virtualkeyboard/3rdparty/pinyin/NOTICE
- src/virtualkeyboard/3rdparty/tcime/COPYING
Fixes:
>>> qt5virtualkeyboard 5.11.1 Collecting legal info
LICENSE.GPL3: OK (sha256: 8ceb4b9ee5adedde47b31e975c1d90c73ad27b6b165a1dcd80c7c545eb65b903)
ERROR: No hash found for src/virtualkeyboard/3rdparty/openwnn/NOTICE
ERROR: No hash found for src/virtualkeyboard/3rdparty/pinyin/NOTICE
ERROR: No hash found for src/virtualkeyboard/3rdparty/tcime/COPYING
src/virtualkeyboard/3rdparty/lipi-toolkit/MIT_LICENSE.txt: OK (sha256: 7a45a9769d19545480a241230e6ea520b5156fac00930dcd69b6886749743d10)
In order to make this possible, we use a different hash file for the
old version (2.0, used with Qt 5.6) and new (5.11, used with Qt 5.11)
versions of qt5virtualkeyboard.
Signed-off-by: Gaël PORTAY <gael.portay@savoirfairelinux.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Little CMS (aka Little Color Management System) 2.9 has an integer overflow
in the AllocateDataSet function in cmscgats.c, leading to a heap-based
buffer overflow in the SetData function via a crafted file in the second
argument to cmsIT8LoadFromFile.
For more details, see:
https://github.com/mm2/Little-CMS/issues/171https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16435
The upstream fix unfortunately includes a number of unrelated changes, but
thse files are not used when building for Linux.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
qt5virtualkeyboard 2.0 (shipped with Qt 5.6) doesn't contain any
"main" license files with the GPLv3 license text.
Conditionally remove LICENSE.GPL3 from QT5VIRTUALKEYBOARD_LICENSE_FILES
when Qt major version is set to 5.6.
Fixes:
>>> qt5virtualkeyboard 2.0 Collecting legal info
sha256sum: /home/gportay/src/buildroot/output/build/qt5virtualkeyboard-2.0/LICENSE.GPL3: No such file or directory
ERROR: LICENSE.GPL3 has wrong sha256 hash:
ERROR: expected: 8ceb4b9ee5adedde47b31e975c1d90c73ad27b6b165a1dcd80c7c545eb65b903
ERROR: got :
ERROR: Incomplete download, or man-in-the-middle (MITM) attack
Also, the lipi-toolkit has a different filename between both supported
Qt major version (5.6 and latest).
Conditionally set the license in QT5VIRTUALKEYBOARD_LICENSE_FILES for
lipi-toolkit according to the Qt major version used.
Fixes:
>>> qt5virtualkeyboard 2.0 Collecting legal info
ERROR: No hash found for src/virtualkeyboard/3rdparty/openwnn/NOTICE
ERROR: No hash found for src/virtualkeyboard/3rdparty/pinyin/NOTICE
ERROR: No hash found for src/virtualkeyboard/3rdparty/tcime/COPYING
sha256sum: /home/gportay/src/buildroot/output/build/qt5virtualkeyboard-2.0/src/virtualkeyboard/3rdparty/lipi-toolkit/MIT_LICENSE.txt: No such file or directory
ERROR: src/virtualkeyboard/3rdparty/lipi-toolkit/MIT_LICENSE.txt has wrong sha256 hash:
ERROR: expected: 7a45a9769d19545480a241230e6ea520b5156fac00930dcd69b6886749743d10
ERROR: got :
ERROR: Incomplete download, or man-in-the-middle (MITM) attack
Signed-off-by: Gaël PORTAY <gael.portay@savoirfairelinux.com>
[Thomas: add hash for lipi-toolkit license file, tweak commit log.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The patch 0001-remove-weird-install-path-for-example.patch using
patch: does not apply properly and needs to be fixed.
The patch was backported from 5.7 [1] with path adaptation in commit
(cb97d9473b qt5virtualkeyboard: allow to build with qt5.6), but the
submitted patch did not reflect that said adaptation.
Apply the said patch adaptation (i.e. add missing basic subdirectory) to
apply properly the patch.
Fixes:
>>> qt5virtualkeyboard 2.0 Patching
Applying 0001-remove-weird-install-path-for-example.patch using patch:
patching file examples/virtualkeyboard/basic/basic.pro
Hunk #1 FAILED at 7.
1 out of 1 hunk FAILED -- saving rejects to file examples/virtualkeyboard/basic/basic.pro.rej
make: ***[/home/test/autobuild/run/instance-2/output/build/qt5virtualkeyboard-2.0/.stamp_patched] Error 1
[1]: aef55eb7b3
Signed-off-by: Gaël PORTAY <gael.portay@savoirfairelinux.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
U-Boot fails to build in a GitLab CI context because the kconfig-package
build stage is unable to find bison or flex even though they are
installed in HOST_DIR.
To fix this, set UBOOT_MAKE_ENV so that UBOOT_KCONFIG_MAKE uses the
correct PATH.
Signed-off-by: Thomas Preston <thomas.preston@codethink.co.uk>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Build fails with:
In file included from dyncall_callback.c:35:0:
dyncall_callback_ppc64.c: In function 'dcbNewCallback':
dyncall_callback_ppc64.c:42:13: warning: implicit declaration of function 'dcAllocWX' [-Wimplicit-function-declaration]
int err = dcAllocWX(sizeof(DCCallback), (void**) &pcb);
^~~~~~~~~
dyncall_callback_ppc64.c: In function 'dcbFreeCallback':
dyncall_callback_ppc64.c:53:3: warning: implicit declaration of function 'dcFreeWX' [-Wimplicit-function-declaration]
dcFreeWX(pcb, sizeof(DCCallback));
^~~~~~~~
dyncall_callback_ppc64.S: Assembler messages:
dyncall_callback_ppc64.S:180: Error: operand out of range (3 is not between 0 and 1)
So select BR2_PACKAGE_LIBFFI for BR2_powerpc64 and BR2_powerpc64le as it
is already done for MIPS
Fixes:
- http://autobuild.buildroot.org/results/97b53a74d9847c07f26178daeb1daff3b6c24813
- http://autobuild.buildroot.org/results/c35ac4bbc5fb04aabf5a719eddeedf55f7f1f4eb
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Busybox 1.29.0 introduces a regression causing head to fail with negative
'-n' parameters, e.g. 'head -n -1'. Instead of showing all but the last one
line, no lines are printed whatsoever.
The issue was reported with
http://lists.busybox.net/pipermail/busybox/2018-August/086617.html . This
commit backports the revert applied upstream.
Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
/usr/lfs/v0/rc-buildroot-test/scripts/instance-2/output/host/bin/arm-none-linux-gnueabi-gcc -c -I. -I. -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -DETCSCREENRC='"/usr/etc/screenrc"' -DSCREENENCODINGS='"/usr/share/screen/utf8encodings"' -DHAVE_CONFIG_H -DGIT_REV=\"\" \
-D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -Os -D_GNU_SOURCE list_display.c
In file included from screen.h:150:0,
from list_display.c:36:
display.h:154:19: error: 'T_N' undeclared here (not in a function)
union tcu d_tcs[T_N]; /* terminal capabilities */
Macro T_N is defined in header file term.h but it may not be created
then fails. Backport patch to make sure term.h is created before compile
other source codes.
Fixes:
- http://autobuild.buildroot.org/results/a62bea1fd32246526d59f029df3dca60f1cd710f
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fixes:
http://autobuild.buildroot.net/results/9326cb85c8ce4f98aa9d0a1238ffdab3e9829637/
Similar in spirit to commit 83d33f76 (qt5quickcontrols: update license file
names for Qt 5.6 version), but on 2018.02.x the list of files was correct
for the 5.6 version but not the 5.9 version.
Also add hashes for these licese files.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes:
http://autobuild.buildroot.net/results/69cf9326539c8df8fa50c5e7acb2ce3bb985ede2/
The PDO mysql extension also needs the hash extension - so select it,
similar to how it was done for the mysqli extension in commit 65f96452636
(php: fix build with mysqli).
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 45215ffc8a75377228a477bebbf2ad9c78d40a35)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Build fails on:
/home/test/autobuild/run/instance-0/output/build/chipmunk-7.0.2/src/cpHastySpace.c:11:24: fatal error: sys/sysctl.h: No such file or directory
Indeed, sys/sysctl.h is not available on musl so include this header
only if __APPLE__ is defined as sysctlbyname is only used in this case.
Fixes:
- http://autobuild.buildroot.org/results/e5be2f8eb9315a9054e1c8d854dec37cbb28eed7
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Since glibc 2.28, sys/sysmacros.h is no longer included from sys/types.h
This patch fixes the resulting build error by explicitly including
sys/sysmacros.h
See also https://github.com/plougher/squashfs-tools/pull/52
Signed-off-by: Richard Kunze <richard.kunze@web.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The configure script enables the DirectFB video driver, but forgets to
enable the renderer driver, causing SDL_CreateRenderer() to fail. Add an upstream patch to fix this.
[Peter: reword/extend commit text,
add git formatted patch from https://github.com/spurious/SDL-mirror]
Signed-off-by: Peter Thompson <peter.macleod.thompson@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add my entry for expat, libv4l and minizip
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
