OpenPOWER buildroot sources https://git.raptorcs.com/git/buildroot/atom?h=2016.02 2016-03-01T20:00:50+00:00 2016-03-01T20:00:50+00:00 Baruch Siach baruch@tkos.co.il 2016-03-01T19:09:23+00:00 urn:sha1:6aa9606e7a637709a7ef7c454f19d9cb316f4f67 slang forgets to link with ncurses that is a dependency of readline when linking the slsh binary. Correct this. While at it, also make sure to use staging ncurses5-config script and not the host one. slang uses ncurses5-config to find terminfo location, and only staging ncurses5-config provides the correct run-time location. Fixes: http://autobuild.buildroot.net/results/1dc/1dc52048254c32a24070fef1c1039cebb32e7ac1/ http://autobuild.buildroot.net/results/c17/c176511cbb147c2d8cb0ec0ff3c1612ce8971cb8/ http://autobuild.buildroot.net/results/78d/78dc2ba07b1d7f888aab94e223f3e0b1a1df3af5/ Signed-off-by: Baruch Siach <baruch@tkos.co.il> Signed-off-by: Peter Korsgaard <peter@korsgaard.com> 2016-03-01T19:53:29+00:00 Gustavo Zacarias gustavo@zacarias.com.ar 2016-03-01T18:46:09+00:00 urn:sha1:318a4d84892e60e84cd1176f88e202c228feb624 Now that openssl has dropped SSLv2 support from the latest security bump we need to patch it out here as well. Fixes: http://autobuild.buildroot.net/results/dab/dab1629cfcb5cb33706d0c762dba57baa43299a5/ Patch status: debian upstream. Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Peter Korsgaard <peter@korsgaard.com> 2016-03-01T18:52:49+00:00 Peter Korsgaard peter@korsgaard.com 2016-03-01T18:52:49+00:00 urn:sha1:c2f6b5d69762edbcf820b74236683ca801b0c158 Fixes: http://autobuild.buildroot.net/results/83e/83e29482cad6adef18a0e97bc8e75df302467dbb/ The recent openssl security bump disabled SSLv2 support, but tn5250 was still referencing SSLv2 functions breaking the build. Include a patch from OpenBSD to only reference the SSLv2 / SSLv3 symbols if openssl is built with support for them. Signed-off-by: Peter Korsgaard <peter@korsgaard.com> 2016-03-01T17:13:58+00:00 Peter Korsgaard peter@korsgaard.com 2016-03-01T17:13:58+00:00 urn:sha1:aa016cd6537983d3d6adeeac8783568f015fe708 Fixes: http://autobuild.buildroot.net/results/018/0183ba8c9fccc87f9e72279c49c2fdc1a9fcb556/ The recent openssl security bump disabled SSLv2 support, but python-m2crypto was still referencing SSLv2 functions causing undefined symbols when the module was imported. Backport an upstream patch to only reference these symbols if openssl is built with SSLv2 support. Signed-off-by: Peter Korsgaard <peter@korsgaard.com> 2016-03-01T16:46:52+00:00 Antoine Ténart antoine.tenart@free-electrons.com 2016-03-01T12:39:46+00:00 urn:sha1:1d916a5d16bc5ecb93639437677d977fb93c5d89 Packages like QT5 Base with OpenGL and X support link against libGAL.so at build time. This results in an error because some X functions used in libGAL.so aren't referenced as the libXdamage, libXext and libXfixes packages aren't built and installed into sysroot at the time. Fix this by adding these three packages as build dependencies of imx-gpu-viv. Signed-off-by: Antoine Tenart <antoine.tenart@free-electrons.com> Acked-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com> 2016-03-01T14:48:08+00:00 Gustavo Zacarias gustavo@zacarias.com.ar 2016-03-01T14:38:36+00:00 urn:sha1:25b218c144805a4fcd100396a936bc7bdccdedbc Fixes: CVE-2016-0800 - Cross-protocol attack on TLS using SSLv2 (DROWN) CVE-2016-0705 - Double-free in DSA code CVE-2016-0798 - Memory leak in SRP database lookups CVE-2016-0797 - BN_hex2bn/BN_dec2bn NULL pointer deref/heap corruption CVE-2016-0799 - Fix memory issues in BIO_*printf functions CVE-2016-0702 - Side channel attack on modular exponentiation Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Peter Korsgaard <peter@korsgaard.com> 2016-03-01T11:48:29+00:00 Baruch Siach baruch@tkos.co.il 2016-03-01T11:34:55+00:00 urn:sha1:a6209d1b9759cd58fb2df17d2098b644cba9ca25 zsh configure script mis-detects the location of pcre-config, and may use that of host-pcre or that of the host instead of the target. Make configure use the correct pcre-config. Thanks to Thomas Petazzoni for pointing me at the right direction. Fixes: http://autobuild.buildroot.net/results/b12/b12aadf3016dab0941cae780fa9ee7bf9be8fcda/ http://autobuild.buildroot.net/results/8e8/8e8b12dbca4ef8cac2e5f33cd3cdcddd8e849840/ http://autobuild.buildroot.net/results/473/473197ec8e323ea7ae0e29e6363525dc42f9da2c/ Signed-off-by: Baruch Siach <baruch@tkos.co.il> Signed-off-by: Peter Korsgaard <peter@korsgaard.com> 2016-03-01T10:30:34+00:00 Vicente Olivert Riera Vincent.Riera@imgtec.com 2016-02-29T16:39:42+00:00 urn:sha1:1834024ba00caa91b5e6c32e15b142bfdfb19d15 MIPS Codescape toolchains don't support stack-smashing protection despite of using glibc, therefore we see failures like this one: mips-img-linux-gnu/bin/ld: cannot find -lssp Fixes: http://autobuild.buildroot.net/results/957/95721f7b88c46a20202fb02e408817097df965c3/ Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com> 2016-03-01T10:18:27+00:00 niranjan.reddy niranjan.reddy@rockwellcollins.com 2016-03-01T06:21:56+00:00 urn:sha1:2311d54ec4a2320505750655c2c3fb4c525e0872 Fix-CVE-2012-6687 - remote attackers cause a denial of service (crash) via a large number of connections (http://www.cvedetails.com/cve/CVE-2012-6687/). use poll in os_unix.c instead of select to avoid problem with > 1024 connections. The patch libfcgi_2.4.0-8.3.debian.tar.xz is taken from the below link: (https://launchpad.net/ubuntu/+source/libfcgi/2.4.0-8.3) The next release of libfcgi is 2.4.1 which may have this fix is yet to be released officially. Signed-off-by: Niranjan Reddy <niranjan.reddy@rockwellcollins.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com> 2016-03-01T08:43:37+00:00 Thomas Petazzoni thomas.petazzoni@free-electrons.com 2016-02-24T14:04:09+00:00 urn:sha1:18f3a22dcefe668a4522a936a0af59a2fa55f707 The linux-headers -> linux dependency causes a circular dependency, breaking the source/legal-info/graph-depends/.. targets: make graph-depends Getting targets Getting dependencies for ['toolchain-buildroot', 'toolchain', 'busybox', 'glibc', 'initscripts', 'linux-headers', 'skeleton', 'linux', 'host-fakeroot', 'host-makedevs', 'rootfs-cpio', 'rootfs-initramfs'] Getting dependencies for ['host-kmod', 'host-gcc-final', 'host-gcc-initial', 'host-gawk'] Getting dependencies for ['host-gmp', 'host-binutils', 'host-pkgconf', 'host-mpfr', 'host-mpc'] Getting dependencies for ['host-m4'] Recursion detected for : toolchain which is a dependency of: linux which is a dependency of: linux-headers which is a dependency of: glibc which is a dependency of: host-gcc-final which is a dependency of: toolchain-buildroot which is a dependency of: toolchain Makefile:721: recipe for target 'graph-depends' failed make: *** [graph-depends] Error 1 Fix it by instead duplicating in linux-headers the 10-20 lines of linux.mk logic that infer the _SOURCE/_SITE/_VERSION from the BR2_LINUX_KERNEL_* variables. This does mean that we extract the kernel sources twice though. [Peter: use same git/hg tarball as linux kernel to not clone twice, minor fixes] Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>