The old one lasted for 10 years, lately spam
levels reached a rather uncomfortable level ...
Signed-off-by: Andreas Ziegler <br015@umbiko.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
Buildroot commit [1] "package/python-pyroute2: bump to version 0.9.4"
added the python3 ssl runtime dependency while updating the package
in the "next" branch. It incorrectly suggested the dependency was
introduced in version 0.9.4.
This dependency was in fact introduced in upstream commit [2],
first time included in pyroute2 0.8.1, which is the current version
in the Buildroot release stabilization branch. It is worth mentioning
that this package was updated to that version in Buildroot commit [3].
Running the command on target:
python3 -c 'import pyroute2'
Fails at runtime with error:
ModuleNotFoundError: No module named '_ssl'
This commit fixes the issue by adding this missing dependency,
the same was it was done in commit [1].
[1] 786557d859
[2] e87c14581b
[3] 816641bbe1
Signed-off-by: Yacin Belmihoub-Martel <yacin.belmihoub-martel@silabs.com>
[Julien:
- reword commit log
- add the "runtime" comment
]
Signed-off-by: Julien Olivain <ju.o@free.fr>
This patch removes the xilinx_v2024.2 hashes since all xilinx defconfigs have
been bumped to xilinx_v2025.1.
Signed-off-by: Neal Frager <neal.frager@amd.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
Fixes the following CVEs:
- CVE-2024-41957
- CVE-2024-41965
- CVE-2024-45306
- CVE-2024-47814
- CVE-2025-1215
- CVE-2025-22134
- CVE-2025-24014
- CVE-2025-26603
- CVE-2025-29768
- CVE-2025-53905
- CVE-2025-53906
README.txt got updated three times since the last bump:
- [0] updated some wording regarding who the developers are.
- [1] updated the link to the release archives
- [2] updated the goals of the project
netrw (the builtin file explorer of vim) changed maintainer and was
subsequently restructured [3]. Therefore we need to run installpack,
otherwise we run into this on startup (reported by Julien, thanks!):
Error detected while processing
/usr/share/vim/vim91/plugin/netrwPlugin.vim:
line 7:
E919: Directory not found in 'packpath': "pack/*/opt/netrw"
Press ENTER or type command to continue
[0]: b75825f749
[1]: 4225f28855
[2]: 2bfd1ee161
[3]: 9cfdabb074
Signed-off-by: Daniel Lang <dalang@gmx.at>
Signed-off-by: Julien Olivain <ju.o@free.fr>
Since Buildroot commit [1] "update to Bootlin toolchains 2025.08-1",
the TestXvisor fails when building xvisor with gcc 15.1.0.
Since xvisor is now fixed, opensbi 1.5 fail to build with gcc-15 for
the same reasons.
opensbi 1.6 include a fix for C23 enabled compilers [2]
[1] 947dbc92a2
[2] d539d64a23
Cc: Julien Olivain <ju.o@free.fr>
Signed-off-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Julien Olivain <ju.o@free.fr>
Since Buildroot commit [1] "update to Bootlin toolchains 2025.08-1",
the TestXvisor fails when building xvisor with gcc 15.1.0.
GCC 15 changed the default C standard version to C23 [2], resulting in
errors from the xvisor definitions of bool from core/include/vmm_types.h,
which is a reserved keyword under C23.
Since CFLAGS are hardcoded in the main Makefile, add '-std=gnu11' to
'cflags' to resolve the error.
[1] 947dbc92a2
[2] https://gcc.gnu.org/gcc-15/porting_to.html
Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/11042295047
Cc: Julien Olivain <ju.o@free.fr>
Signed-off-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Julien Olivain <ju.o@free.fr>
On both Buildroot 2025.02.x and master branch, php-lua build fails on
the following error:
lua.c:862:44: error: assignment to 'zend_object_write_property_t' {aka
'struct _zval_struct * (*)(struct _zend_object *, struct _zend_string *,
struct _zval_struct *, void **)'} from incompatible pointer type 'void
(*)(zval *, zval *, zval *, void **)' {aka 'void (*)(struct _zval_struct
*, struct _zval_struct *, struct _zval_struct *, void **)'}
[-Wincompatible-pointer-types]
862 | lua_object_handlers.write_property =
php_lua_write_property;
| ^
lua.c:863:44: error: assignment to 'zend_object_read_property_t' {aka
'struct _zval_struct * (*)(struct _zend_object *, struct _zend_string *,
int, void **, struct _zval_struct *)'} from incompatible pointer type
'zval * (*)(zval *, zval *, int, void **, zval *)' {aka 'struct
_zval_struct * (*)(struct _zval_struct *, struct _zval_struct *, int,
void **, struct _zval_struct *)'} [-Wincompatible-pointer-types]
863 | lua_object_handlers.read_property =
php_lua_read_property;
| ^
make[2]: *** [Makefile:214: lua.lo] Error 1
The error can be reproduced with the following minimal defconfig:
BR2_arm=y
BR2_cortex_a9=y
BR2_ARM_ENABLE_NEON=y
BR2_ARM_ENABLE_VFP=y
BR2_ARM_FPU_NEON=y
BR2_TOOLCHAIN_EXTERNAL=y
BR2_TOOLCHAIN_EXTERNAL_BOOTLIN=y
BR2_PACKAGE_LUA=y
BR2_PACKAGE_PHP=y
BR2_PACKAGE_PHP_LUA=y
This build failure is the result of two events/conditions:
- the update to PHP8 has changed the prototype for
zend_object_read_property_t (see [1]). But at this time, php-lua just
generated a new warning (-Wincompatible-pointer-types)
- using bootlin bleeding-edge toolchain brings in GCC14, which now turns
this warning into a systematic error (see [2])
This issue is still present on the upstream repository, but it has been
fixed on one of its forks. Bring the relevant patch from the fork to
allow building php-lua.
[1] https://github.com/php/php-src/commit/91ef4124e56
[2] https://gcc.gnu.org/gcc-14/porting_to.html#incompatible-pointer-types
Signed-off-by: Alexis Lothoré <alexis.lothore@bootlin.com>
[Romain: update Upstream link]
Signed-off-by: Romain Naour <romain.naour@smile.fr>
Fix the following vulnerability:
- CVE-2025-46728
cpp-httplib is a C++ header-only HTTP/HTTPS server and client library.
Prior to version 0.20.1, the library fails to enforce configured size
limits on incoming request bodies when `Transfer-Encoding: chunked` is
used or when no `Content-Length` header is provided. A remote attacker
can send a chunked request without the terminating zero-length chunk,
causing uncontrolled memory allocation on the server. This leads to
potential exhaustion of system memory and results in a server crash or
unresponsiveness. Version 0.20.1 fixes the issue by enforcing limits
during parsing. If the limit is exceeded at any point during reading,
the connection is terminated immediately. A short-term workaround
through a Reverse Proxy is available. If updating the library
immediately is not feasible, deploy a reverse proxy (e.g., Nginx,
HAProxy) in front of the `cpp-httplib` application. Configure the
proxy to enforce maximum request body size limits, thereby stopping
excessively large requests before they reach the vulnerable library
code.
For more information, see:
- https://www.cve.org/CVERecord?id=CVE-2025-46728
- 7b752106ac
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
(cherry picked from commit aea7c89396)
Signed-off-by: Julien Olivain <ju.o@free.fr>
This reverts commit 559bb33ae7, which
was disabling BR2_BACKUP_SITE in our tests with the following
reasoning:
support/testing: do not use s.b.o
Currently, the runtime tests will use the sources.buildroot.org backup
mirror, which is the default setup.
However, in some cases we do not want to use the backup site, because we
want to ensure that the download actually works.
This is the case for vendored packages, like cargo or golang packages,
for whbich we want to check that gthe download still works when we
update the rust or go versions, or when our download helpers change.
So, disable the use of the backup site in all runtime tests, and drop
the no-longer needed special cases.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
However, not using the backup site is causing a LOT of random failures
in Gitlab CI, making the results barely usable. Since it's more
important to get real failures than random ones due to download
issues, let's re-enable BR2_BACKUP_SITE in our testing infrastructure.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Romain Naour <romain.naour@smile.fr>
The 6.15.x series is now EOL upstream, so drop the linux-headers
option and add legacy handling for it.
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
Since upstream commit 312efb2acba7dba80b6652ccf98339dcbbd47695, the
JPEG loading code is using jpeg_read_icc_profile(), which is only
available when the jpeg-turbo implementation is used, not the classic
libjpeg. When classic jpeg is used, the build fails with:
../shared/image-loader.c:163:14: error: implicit declaration of function 'jpeg_read_icc_profile' [-Wimplicit-function-declaration]
163 | if (!jpeg_read_icc_profile(cinfo, &profdata, &proflen)) {
This commit first appeared in development version 13.0.91 and stable
version 14.0.0, which means the problem exists in Buildroot since
commit 430b80cfc1, when weston was
bumped from 13.0.3 to 14.0.0.
So let's enable the JPEG logic only when jpeg-turbo is used.
Fixes:
https://autobuild.buildroot.org/results/353e39902616bdbce40ac667e98cbaf51079f69e/
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
Since upstream commit 66e1614122c22d455cc3a28db08b3afac2b7be29, which
first appeared in version 1.11.0, back in 2016, jpeg is no longer a
mandatory dependency. And in fact, Buildroot no longer has it
unconditionally in WESTON_DEPENDENCIES since commit
f67a6e9b7a, but BR2_PACKAGE_WESTON is
still selecting in.
A build without libjpeg works just fine, so let's drop this select.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
When BR2_BINUTILS_GPROFNG=y, the build currently fails with GCC 15.x,
of course on architectures for which gprofng is actually
available. This issue only exists in binutils 2.42 and 2.43.1, as
binutils 2.44 has the necessary fixes.
Therefore, this commit backports the relevant commits from binutils
2.44 to 2.43.1 and 2.42.
Fixes:
https://autobuild.buildroot.net/results/7cf52019f87625c73ef3c4ca0b6270e20a4ab768/ (binutils 2.42)
https://autobuild.buildroot.net/results/478e24af1a03dea5ec64b77ca611b4f7225c9d39/ (binutils 2.43.1)
The following defconfig, built under a Fedora 42 Docker container
allows to reproduce the issue:
BR2_x86_nehalem=y
BR2_BINUTILS_VERSION_2_42_X=y
BR2_BINUTILS_GPROFNG=y
BR2_INIT_NONE=y
BR2_SYSTEM_BIN_SH_NONE=y
# BR2_PACKAGE_BUSYBOX is not set
# BR2_TARGET_ROOTFS_TAR is not set
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Romain Naour <romain.naour@smile.fr>
The binutils-gdb code base in Git does have a copy of readline that is
used by gdb.
The release tarballs of binutils do NOT contain readline as it's not
needed for binutils itself (only gdb).
However, when we build the ARC binutils, taken from Git, the readline/
folder is present, and therefore readline is built even if it is not
actually needed.
This causes build failures as the copy of readline in ARC binutils
2024.12 (based on binutils 2.43) does not build with GCC 15.x.
To work around this problem, we use a suggestion from Waldemar
Brodkorb: pass --with-system-readline. Indeed, this disables the build
of readline... but it does not actually check that we have a system
readline, since we're not building gdb.
Fixes:
https://autobuild.buildroot.net/results/976243181f7000fe2790b3450bdae51e8c12769e/
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Romain Naour <romain.naour@smile.fr>
Some packages such as SDL2 do this:
WAYLAND_SCANNER=`$PKG_CONFIG --variable=wayland_scanner wayland-scanner`
to find the path to the wayland-scanner tool.
Of course, since SDL2 is compiled for the target, it does that using
the pkg-config configured for cross-compilation, which looks at
$(STAGING_DIR)/usr/lib/pkgconfig/wayland-scanner.pc.
Since it looks at the variable wayland_scanner, which doesn't get
prefixed by PKG_CONFIG_SYSROOT_DIR, the SDL2 configure script is told
that wayland-scanner is in /usr/bin/wayland-scanner causing this kind
of build failure:
/bin/bash: line 1: /usr/bin/wayland-scanner: No such file or directory
/bin/bash: line 1: /usr/bin/wayland-scanner: No such file or directory
when building SDL2.
The target wayland package depends on host-wayland, which most notably
is responsible for installing wayland-scanner in $(HOST_DIR)/bin.
So in order to fix the SDL2 build issue but in a global way (possibly
helping other packages), what this patch does is tweak the
wayland-scanner.pc installed by the target wayland so that its
wayland_scanner variable points to the host wayland-scanner
executable. We find this a better solution than passing a
WAYLAND_SCANNER variable to each and every package that needs
wayland-scanner.
The issue is not visible in the autobuilders, but can be reproduced
using the following defconfig:
BR2_arm=y
BR2_cortex_a9=y
BR2_ARM_ENABLE_VFP=y
BR2_TOOLCHAIN_EXTERNAL=y
BR2_TOOLCHAIN_EXTERNAL_BOOTLIN=y
BR2_INIT_NONE=y
BR2_SYSTEM_BIN_SH_NONE=y
# BR2_PACKAGE_BUSYBOX is not set
BR2_PACKAGE_SDL2=y
BR2_PACKAGE_SDL2_WAYLAND=y
BR2_PACKAGE_SDL2_OPENGLES=y
BR2_PACKAGE_RPI_USERLAND=y
BR2_PACKAGE_WAYLAND=y
# BR2_TARGET_ROOTFS_TAR is not set
Note: Make sure that wayland-scanner is not be installed on the build
host to reproduce the issue.
The issue probably exists since WAYLAND_SCANNER was retrieved using
pkg-config in SDL2's configure.ac script, in upstream commit
19d3500ae19636f3f410e270f12e0bc5e83410d4, which got first introduced
in release-2.0.5 of SDL2.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
[Romain: add a comment about wayland-scanner to reproduce the issue]
Signed-off-by: Romain Naour <romain.naour@smile.fr>
The following defconfig:
BR2_arm=y
BR2_cortex_a9=y
BR2_ARM_ENABLE_VFP=y
BR2_TOOLCHAIN_EXTERNAL=y
BR2_TOOLCHAIN_EXTERNAL_BOOTLIN=y
BR2_INIT_NONE=y
BR2_SYSTEM_BIN_SH_NONE=y
# BR2_PACKAGE_BUSYBOX is not set
BR2_PACKAGE_RPI_USERLAND=y
# BR2_TARGET_ROOTFS_TAR is not set
will fail to build due to two issues in various part of rpi-userland
making GCC 15.x unhappy.
Patch 0008-Fix-conflicting-types-build-error.patch is taken from a
pull request already submitted by a contributor to the upstream
project.
Patch 0009-Fix-raspicommonsettings_parse_cmdline.patch is backported
from upstream, and can be dropped next time we bump rpi-userland.
Note that there are no autobuilder failures for this issue.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Romain Naour <romain.naour@smile.fr>
When Python 3 is built with -O2 or -O3 on SuperH, the build fails
with:
Objects/obmalloc.c:503:1: error: unable to find a register to spill in class ‘R0_REGS’
503 | }
| ^
Objects/obmalloc.c:503:1: error: this is the insn:
(insn 18 243 23 2 (parallel [
(set (subreg:SI (reg:QI 176) 0)
(unspec_volatile:SI [
(mem/v:QI (reg:SI 4 r4 [175]) [-1 S1 A32])
(reg:QI 7 r7 [178])
(reg:QI 6 r6 [180])
] UNSPECV_CMPXCHG_1))
(set (mem/v:QI (reg:SI 4 r4 [175]) [-1 S1 A32])
(unspec_volatile:QI [
(const_int 0 [0])
] UNSPECV_CMPXCHG_2))
(set (reg:SI 147 t)
(unspec_volatile:SI [
(const_int 0 [0])
] UNSPECV_CMPXCHG_3))
(clobber (scratch:SI))
(clobber (reg:SI 0 r0))
(clobber (reg:SI 1 r1))
]) "./Include/cpython/pyatomic_gcc.h":105:10 407 {atomic_compare_and_swapqi_soft_gusa}
(expr_list:REG_DEAD (reg:QI 6 r6 [180])
(expr_list:REG_DEAD (reg:QI 7 r7 [178])
(expr_list:REG_UNUSED (reg:QI 176)
(expr_list:REG_UNUSED (reg:SI 1 r1)
(expr_list:REG_UNUSED (reg:SI 0 r0)
(nil)))))))
Objects/obmalloc.c:503: confused by earlier errors, bailing out
THe bug has been reported upstream, but until it gets fixed, let's
work it around by using -O1 instead. Note that
BR2_TOOLCHAIN_HAS_GCC_BUG_121567 is only set when -O2 or -O3 is
configured, so there's no need to check again.
Fixes:
https://autobuild.buildroot.net/results/cac123ee9f3a6df6263b69dce3ac0d535518ec3f/
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
This will be needed to work around a GCC bug affecting python3. The
bug is reported at
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=121567.
This bug affects GCC at least since 6.x, but we couldn't test earlier
versions, so we simply assume all GCC versions are affected. Even GCC
15.x is still affected, as reported to upstream GCC.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
This is a minor version bump.
Release notes of 3.13.6:
https://www.python.org/downloads/release/python-3136/
"3.13.6 is the sixth maintenance release of 3.13, containing around
200 bugfixes, build improvements and documentation changes since
3.13.5.
Release notes of 3.13.7:
https://www.python.org/downloads/release/python-3137/
"3.13.7 is an expedited release to fix a significant issue with the
3.13.6 release:
gh-137583: Regression in ssl module between 3.13.5 and 3.13.6: reading
from a TLS-encrypted connection blocks"
Patches are just refreshed, except patch
0009-3.13-gh-130577-tarfile-now-validates-archives-to-ens.patch which
is dropped as it is upstream as of commit
cdae923ffe187d6ef916c0f665a31249619193fe. The corresponding
_IGNORE_CVES entry is also removed.
Passes our basic Python 3 tests:
https://gitlab.com/tpetazzoni/buildroot/-/pipelines/1990154299
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
[Julien: remove _IGNORE_CVES for removed patch #0009]
Signed-off-by: Julien Olivain <ju.o@free.fr>
Since commit-2882cf4ae649 ("package/wpewebkit: security bump to version
2.48.3") wpewebkit depends on cmake 3.20.
Fixes build on current Debian LTS (bullseye) which has only 3.18.4.
>>> wpewebkit 2.48.3 Configuring
...
CMake Error at CMakeLists.txt:9 (cmake_minimum_required):
CMake 3.20 or higher is required. You are running version 3.18.4
-- Configuring incomplete, errors occurred!
make: *** [package/pkg-generic.mk:263: /../buildroot/output/build/wpewebkit-2.48.3/.stamp_configured] Error 1
Fixes: 2882cf4ae6
Signed-off-by: Henri Roosen <henri.roosen@ginzinger.com>
Acked-By: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Romain Naour <romain.naour@smile.fr>
When building:
BR2_arm=y
BR2_cortex_a9=y
BR2_ARM_ENABLE_VFP=y
BR2_TOOLCHAIN_EXTERNAL=y
BR2_TOOLCHAIN_EXTERNAL_BOOTLIN=y
BR2_INIT_NONE=y
BR2_SYSTEM_BIN_SH_NONE=y
# BR2_PACKAGE_BUSYBOX is not set
BR2_PACKAGE_SDL=y
BR2_PACKAGE_SDL_X11=y
BR2_PACKAGE_XORG7=y
# BR2_TARGET_ROOTFS_TAR is not set
the build fails with:
./src/video/Xext/Xv/Xv.c:78:5: error: initialization of ‘int (*)(Display *, XEvent *, xEvent *)’ {aka ‘int (*)(Display *, XEvent *, struct _xEvent *)’} from incompatible pointer type ‘int (*)(void)’ [-Wincompatible-pointer-types]
and a number of similar errors in the X.org code.
We fix this by backporting an upstream commit.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Romain Naour <romain.naour@smile.fr>
- Replace patch 0001 by a properly Git-formatted patch, cherry-picked
from the upstream Git repository at
https://github.com/libsdl-org/SDL-1.2
- Add Upstream: tags on both patches, with the upstream Git
commit. Updated .checkpackageignore accordingly.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Romain Naour <romain.naour@smile.fr>
The each_cpe() method is careful that some CVEs have no
"configurations", but some CVEs such as
https://nvd.nist.gov/vuln/detail/CVE-2025-32915 apparently have a
"configurations" node, but no "nodes" inside the "configurations",
causing an exception:
Traceback (most recent call last):
File "/home/buildroot/buildroot-stats/./support/scripts/pkg-stats", line 1382, in <module>
__main__()
File "/home/buildroot/buildroot-stats/./support/scripts/pkg-stats", line 1371, in __main__
check_package_cves(args.nvd_path, packages)
File "/home/buildroot/buildroot-stats/./support/scripts/pkg-stats", line 679, in check_package_cves
check_package_cve_affects(cve, cpe_product_pkgs)
File "/home/buildroot/buildroot-stats/./support/scripts/pkg-stats", line 638, in check_package_cve_affects
for product in cve.affected_products:
^^^^^^^^^^^^^^^^^^^^^
File "/home/buildroot/buildroot-stats/support/scripts/cve.py", line 185, in affected_products
return set(cpe_product(p['id']) for p in self.each_cpe())
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/home/buildroot/buildroot-stats/support/scripts/cve.py", line 185, in <genexpr>
return set(cpe_product(p['id']) for p in self.each_cpe())
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/home/buildroot/buildroot-stats/support/scripts/cve.py", line 173, in each_cpe
for node in nodes['nodes']:
~~~~~^^^^^^^^^
KeyError: 'nodes'
Fixes:
54f8d97c91 ("support/scripts/pkg-stats: adapt to NVD v2 json format")
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
[Romain:
- add reference to buildroot commit introducing the issue
- a similar patch was sent by Daniel Lang (thanks!)
- needed on master to fix "Daily results" email]
(cherry picked from commit 67422b9d9c)
Signed-off-by: Romain Naour <romain.naour@smile.fr>
The AC_HEADER_STDBOOL macro used in configure.ac is expanded in the
shipped ./configure by a fairly old version, which misdetects our
<stdbool.h> as being not usable. Consequently, the code defines its
own bool type, with true/false, clashing with GCC 15.x.
Doing a pass of autoreconf addresses the problem.
The autoreconf needs pkg.m4, which comes from host-pkgconf, added as a
dependency.
Note that host-pkgconf was already a dependency for one of the
optional dependencies of p11-kit, and we're keeping it there even
though host-pkgconf is now also an unconditional dependency as we
expect this unconditional host-pkgconf dependency to be removed when
we drop autoreconf.
Fixes:
https://autobuild.buildroot.net/results/760df1a8c21afa893ade5181ce797e14c1f6bdce/
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
Add simple patch, submitted upstream, to fix the build with GCC 15.x:
userloc_formatter.c: In function 'userloc_format':
userloc_formatter.c:30:5: error: implicit declaration of function 'sd_debug' [-Wimplicit-function-declaration]
30 | sd_debug("Formatter s13_userloc checking location info for userdata %X",a_event->evt_loc->loc_data);
| ^~~~~~~~
make[4]: *** [Makefile:519: userloc_formatter.lo] Error 1
Fixes:
https://autobuild.buildroot.org/results/dab64025e6a1688d5fadc2b9bd3738a2c886aa9c/
Considering the level of upstream maintenance, we did hesitate with
dropping the package, but as the fix was quite simple, we did the fix
instead.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
The source code contains a number of variables named 'bool', which conflicts
with the C23 keyword. This is fixed upstream in 1.3.9 with
61be7eb14f
but that unfortunately does not cleanly backport to 1.3.8, so instead use
-std=gnu18 when building with GCC >= 15 to fix the following issues:
table.c:1280:31: error: ‘bool’ cannot be used here
1280 | int table_handling_signal(int bool) {
| ^~~~
table.c:1280:31: note: ‘bool’ is a keyword with ‘-std=c23’ onwards
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bugfix release, fixing the following issues:
1.3.8d - Released 14-Mar-2025
--------------------------------
- Issue 1855 - Use of HideNoAccess for SFTP sessions can lead to segfault
and/or unexpected behavior.
- Issue 1876 - SFTP channel allocations can lead to high memory utilization
over time.
1.3.8c - Released 11-Dec-2024
--------------------------------
- Issue 1770 - Using FTPS after upgrading from 1.3.8a to 1.3.8b leads to crash.
- Issue 1785 - Bad handling of lack of extended attributes leads to SFTP out of
memory error.
- Issue 1529 - mod_sftp_sql logs "header value too long" due to unexpected key
header text.
- Issue 1839 - SSH ECDSA host key algorithms not be used as expected despite
configuring appropriate key.
- Issue 1840 - RADIUS Message-Authenticator verification failed with ProFTPD
mod_radius.
- Issue 1830 - Supplemental group inheritance grants unintended access to
GID 0 due to lack of supplemental groups from mod_sql.
https://github.com/proftpd/proftpd/blob/1.3.8/NEWS
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fixes https://autobuild.buildroot.org/results/dbf55d0fd8d779f408e7ccca4c2a9083e7a11f6a/
GCC-15 has gained a new warning about non-NUL terminated strings and
dump1090 is built with -Werror leading to build errors like:
interactive.c:143:23: error: initializer-string for array of 'char' truncates
NUL terminator but destination lacks 'nonstring' attribute (5 chars into 4
available) [-Werror=unterminated-string-initialization]
143 | char spinner[4] = "|/-\\";
Add a patch from an upstream pull request to fix this by zero terminating
the strings.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
imx6ull is compatible with VFPV4. Update it from VFPV3
Signed-off-by: Michael Trimarchi <michael@amarulasolutions.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
Ever since upstream commit 01dd6da ("Rework the entire API"), first
introduced as part of release v3.0.0, openssl is a hard requirement for
building libjwt. As such, "-DWITH_OPENSSL=ON" also has become a no-op.
In Buildroot, this has been masked somewhat by the implicit select when
gnutls is disabled, but a failure can be reproduced using test-pkg with
a config like:
BR2_PACKAGE_GNUTLS=y
BR2_PACKAGE_LIBJWT=y
Fix this by requiring openssl. Furthermore, building against libressl
does not work because libjwt requires API surface that is not present
there[1], so we need to force libopenssl.
[1] https://autobuild.buildroot.org/results/463/4638a7d46c149ca0f46d3fe5f5f90dc5ee9d1e03
Signed-off-by: Florian Larysch <fl@n621.de>
[Peter: drop gnutls logic support for simplicity]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
