We forcibly enable use of an extrernal openssl in rpm, so we must depend
on it.
openssl is correctly selected from kconfig, but there is no build-time
dependency to it.
It was not an issue so far, because openssl always sorts before rpm, so
gets built before. Unless one wants to just build rpm to debug an
autobuilder failure, that is.
Add that build-time dependency to openssl.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
clamav wants to use backtrace, and decides whether it can use it if it
detects a glibc >= 2.1.
But uClibc does impersonate a glibc >= 2.1, so clamav concludes it is
possible to use backtrace. So it includes execinfo.h, which is missing
in our default uClibc config file.
So, just extend the test so that backtrace support is disable on uClibc,
unless it has been configured with backtrace support.
A far better solution would be to add a ./configure check for backtrace,
but this patch is sufficient enough.
Fixes:
http://autobuild.buildroot.net/results/cff/cffa32fcedda735983d4805d6d4fa77844539b10/http://autobuild.buildroot.net/results/e0a/e0a765a94a538b0b936ea512f7aba0264fac6309/
...
Bugtracker: https://bugzilla.clamav.net/show_bug.cgi?id=11170
[Peter: add bugtracker URL as suggested by Bernd]
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Acked-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit 3ab9774 (package/duma: do not let Makefile guess OS) added a
define to not let duma's build system guess the OS, mostly to avoid a
warning, but forgot to add that same define to the install commands.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Two fixes in one:
- openssl's libcrypto needs -lz, but because aircrack-ng does not use
pkg-config, it misses this dependency. The proper fix would be to
use pkg-config, like is done for pcre with patch
0001-Makefile-use-pkg-config-to-find-libpcre-it-s-more-cros.patch
but adding -lz is much easier.
- sqlite needs -lpthread, so -lpthread must be added _after_ -lsqlite,
but we currently add it before. So, force -lpthread after -lsqlite
when we are doing a static build.
Fixes:
http://autobuild.buildroot.net/results/1ea/1ea877851e9d2aeeaf9d320bef12321ec2925b5b/http://autobuild.buildroot.net/results/cdf/cdf0203fc99d5f7e41e508f6d9edb78a0f0ea732/
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
at configure time, PREFIX is already set with $(HOST_DIR)/usr
so, don't use DESTDIR
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
We don't do it for busybox init so do the same for consistency here.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Acked-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes:
CVE-2014-7824 - Denial of service via incomplete fix for CVE-2014-3636
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
As investigated in bug #7646, wcsftime() doesn't work properly with
uClibc. Until it gets fixed in uClibc, let's tell Python 3 to not use
it. Python 3 will fall back to strftime(), which works properly.
[Peter: fix typo in comment]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Cc: Beyonlo <beyonlo@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes:
CVE-2014-8090 - Another Denial Of Service XML Expansion.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The qt5 build system currently unconditionally builds and installs into
staging these libraries, so ensure they also get installed into target to
make sure we don't end up with dynamic linker errors at runtime.
From src.pro:
SUBDIRS += src_network src_sql src_xml src_testlib
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The qt5 build system currently unconditionally builds and installs into
staging Qt5PrintSupport if widgets are enabled, so ensure it also gets
installed into target to make sure we don't end up with dynamic linker
errors at runtime:
test: error while loading shared libraries: libQt5PrintSupport.so.5: cannot
open shared object file: No such file or directory
From src.pro:
!contains(QT_CONFIG, no-gui) {
..
!wince*:!winrt {
SUBDIRS += src_printsupport
src_plugins.depends += src_printsupport
}
}
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
There are many build failures caused by schifra, due to upstream
changing the tarball without doing new releases. Since has been an
on-going problem for some time, and is now the #1 issue in the
autobuilders. So let's mark this package broken, until someone cares
enough to fix it, or until we remove it.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
test a == b is not available in e.g. dash.
Command(s) used for editing:
q=\[\"\'\]
operand="${q}?[$]?[a-zA-Z0-9_\?]+${q}?" ## doesn't detect ${VAR}
test_expr="(\[\s+${operand}\s+)==(\s+${operand}\s+\])"
find . -type f -name '[SK][0-9][0-9]*' | \
xargs sed -r -e "s@${test_expr}@\1=\2@g" -i
Signed-off-by: André Erdmann <dywi@mailerd.de>
Acked-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit 746116d1eb (tcpdump: use libpcap shared library) broke static build
of tcpdump, because its configure script doesn't take into account indirect
dependencies of libpcap. Add these dependencies to the LIBS configure
parameter.
Fixes:
http://autobuild.buildroot.net/results/fd231d34e4bb0306609b021e9e74eb862b7bd6bd/
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes:
CVE-2014-8321 - gps_tracer stack overflow
CVE-2014-8322 - tcp_test length parameter inconsistency
CVE-2014-8323 - buddy-ng missing check in data format
CVE-2014-8324 - net_get missing check for invalid values
Previous CVE patch dropped since the fix is upstream.
Also add hash file.
Drop iw runtime dep since it's only one of many required by airmon-zc (a
script) which require a ton of conditionals for just that tool.
It will tell somewhat nicely if they're missing. These would be:
awk - from busybox or gawk
ethtool
grep - from busybox or grep
ip or ifconfig - from busybox, iproute2 or net-tools
iw
lspci - from pciutils (needs full variant)
lsusb - from usbutils (needs full variant)
modprobe/modinfo - from busybox or kmod
uname - from busybox or coreutils
[Peter: drop double -lpthread from sqlite conditional]
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes:
CVE-2014-7202 - stream_engine.cpp in libzmq (aka ZeroMQ/C++)) 4.0.5
before 4.0.5 allows man-in-the-middle attackers to conduct downgrade
attacks via a crafted connection request.
CVE-2014-7203 - libzmq (aka ZeroMQ/C++) 4.0.x before 4.0.5 does not
ensure that nonces are unique, which allows man-in-the-middle attackers
to conduct replay attacks via unspecified vectors.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
alsa-utils needs to link with intl if the toolchain needs gettext and
locale is set. Otherwise we will see an error like this one:
alsamixer-cli.o: In function `main':
cli.c:(.text.startup+0x4d): undefined reference to `libintl_textdomain'
cli.c:(.text.startup+0xc1): undefined reference to `libintl_gettext'
cli.c:(.text.startup+0xd5): undefined reference to `libintl_gettext'
cli.c:(.text.startup+0xe9): undefined reference to `libintl_gettext'
cli.c:(.text.startup+0x1fd): undefined reference to `libintl_gettext'
cli.c:(.text.startup+0x223): undefined reference to `libintl_gettext'
Fixes:
http://autobuild.buildroot.net/results/707/707016a2490fc97b98d17e2b6a9c6423a56bb4a9/
[Peter: correct autobuilder reference]
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
In commit 442aa88f95 ("util-linux: bump
version and revamp options"), Gustavo disabled util-linux libmount and
binaries on microblaze, as it was not building properly.
However, as mentionned in the comment, these options were disabled on
Microblaze due to "libc lacks UTIME_NOW & UTIME_COMMIT for
libmount". This was true specifically for the microblaze external
toolchain that we were using at the time. But we are no longer using
this external toolchain (which proved to be broken in many ways), and
have microblaze support in our internal backend.
I have verified that with our internal toolchain, util-linux with
libmount and the binaries enabled builds fine.
Those options are not selected by anything else in Buildroot, so
there's no other package impacted by this dependency change.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
With this change we're moving to the latest version of rt-tests.
Existing patches were updated so they apply on sources without errors and
warnings.
In "01-fix-build-system.patch" CFLAGS substitution was removed because
now external CFLAGS are accepted:
http://git.kernel.org/cgit/linux/kernel/git/clrkwllms/rt-tests.git/commit/?id=dfcef6e557b7980a33aa30b45bde196ed1780eb1
Signed-off-by: Alexey Brodkin <abrodkin@synopsys.com>
Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Cc: Peter Korsgaard <peter@korsgaard.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Cc: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Origin of "rt-tests" is:
git://git.kernel.org/pub/scm/linux/kernel/git/clrkwllms/rt-tests.git
Switching to this new "origin" simplifies version bumping because there's
no need in updating Debian snapshot folder as it was done already here:
http://git.buildroot.net/buildroot/commit/package/rt-tests?id=da330e508c2d95e898ac52a2aa39426a5f6d0506
Signed-off-by: Alexey Brodkin <abrodkin@synopsys.com>
Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Cc: Peter Korsgaard <peter@korsgaard.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Cc: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
As a preparation to the introduction of an additional patch to rt-tests,
let's rename the existing patch to the new naming convention.
Signed-off-by: Alexey Brodkin <abrodkin@synopsys.com>
Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Cc: Peter Korsgaard <peter@korsgaard.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Cc: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
- Bump version to 3.14.5
- Add a hash file
- Add a new patch to fix a regression
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
It interprets disable as enable and wreaks havoc since it changes the
behaviour of the build, for instance not using configured leases files
paths.
Thanks to Nathaniel Roach for pointing me to this problem.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Reviewed-by: Nathaniel Roach <nroach44@gmail.com>
Tested-by: Nathaniel Roach <nroach44@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Some architectures are still stuck with non-NPTL toolchains.
These are for example ARC, Blackfin, Xtensa etc.
Still rt-tests are very good benchmarks and it would be good to enable use of
at least selected (those that will be built) tests on those architectures.
This change makes it possible to only build subset of tests that don't require
NPTL calls.
Following tests will be built with non-NPTL toolchain:
* signaltest
* ptsematest
* sigwaittest
* svsematest
* sendme
* hackbench
Still it's required to have a toolchain with threads support because most of
mentioned tests use threads.
03-fix-non-nptl-buil.patch was submitted upstream:
https://www.mail-archive.com/linux-kernel@vger.kernel.org/msg762958.html
so as soon as it is accepted with the next version bump this patch should be
removed.
[Thomas: fix the rt-tests.mk test on NPTL to use positive logic.]
Signed-off-by: Alexey Brodkin <abrodkin@synopsys.com>
Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Cc: Peter Korsgaard <peter@korsgaard.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Cc: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Fixes:
CVE-2014-8564 / GNUTLS-SA-2014-5 - Sean Burford reported that the
encoding of elliptic curves parameters GnuTLS 3 is vulnerable to a
denial of service (heap corruption). It affects clients and servers
which print information about the peer's certificate, e.g., the key ID,
and can be exploited via a specially crafted X.509 certificate.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
