In this commit, we:
- move the sponsors of the Buildroot Meeting at ELCE 2018 to "Past
Sponsors"
- move Scaleway, as a sponsor of Hackathon in Paris in 2018 to "Past
Sponsors"
- merge the Free Electrons and Bootlin entries together in "Past
Sponsors"
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Smile is going to provide the meeting room for the 3 days of our
meeting on October 25-27 in Lyon, France, right before the Embedded
Linux Conference Europe.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
On July 3, 2019, Let's Encrypt deployed new ACME server software that no
longer returns the 'id' field in the account information JSON.
Dehydrated relied on this field, even though it is not specified by RFC
8555. Because of this, dehydrated can no longer create a new account on
Let's Encrypt.
This was fixed by upstream commits be13dcd and 4f358e2. But the latter
broke ACMEv1 support so was fixed again in commit f60f2f8.
Cherry-picking this correctly is tricky, so instead just bump the
version. There are quite a few non-bugfix changes that are included this
way, but it's more risky to try to cherry-pick.
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The TS-7680 defconfig does not build with gcc 8.x and 9.x because it
uses an old 3.14 kernel. Technologic Systems, the board manufacturer
recently released an updated 4.9 based kernel on a separate repository
on github.
Bump the kernel release from 3.14.28 to 4.19.186 and update the linux
defconfig name as requested in the TS-7680 documentation [1].
[1] https://wiki.embeddedarm.com/wiki/TS-7680#Linux_4.9.y
Signed-off-by: Julien Grossholtz <julien.grossholtz@openest.io>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fix CVE-2019-13115: In libssh2 before 1.9.0,
kex_method_diffie_hellman_group_exchange_sha256_key_exchange in kex.c
has an integer overflow that could lead to an out-of-bounds read in the
way packets are read from the server. A remote attacker who compromises
a SSH server may be able to disclose sensitive information or cause a
denial of service condition on the client system when a user connects to
the server. This is related to an _libssh2_check_length mistake, and is
different from the various issues fixed in 1.8.1, such as CVE-2019-3855.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Add a BR2_PACKAGE_GNUTLS_OPENSSL option, disabled by default since it is
not used by any package that depends on gnutls.
The library is licensed under GPLv3, which can be a problem for embedded
systems due to the so-called anti-tivoization clause.
Signed-off-by: Carlos Santos <unixmania@gmail.com>
[Thomas: don't repeat the license details for the gnutls-openssl case,
simply append to them]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Since version 4.10.0 the waf build system does not correctly take the values
from the cross answers file when configuring for the target machine,
resulting in wrong values, e.g.:
```
Checking for rpath library support : not found
```
Looking into sambas config.log shows that the check for rpath library
support aborts because of in internal exception.
The result is that the shared library libsmbclient.so does not have a
correct rpath section in its ELF header:
```
Library rpath: [/usr/lib]
```
This is incorrect, as libsmbclient links to secondary libraries located
in /usr/lib/samba.
When linking mpd (with libsmbclient feature enabled) against
libsmbclient, the linker does not find the secondary libraries for
libsmbclient and fails with:
```
/usr/lfs/v0/rc-buildroot-test/scripts/instance-2/output/host/opt/ext-toolchain/bin/../lib/gcc/powerpc64le-buildroot-linux-gnu/7.4.0/../../../../powerpc64le-buildroot-linux-gnu/bin/ld: warning: libcli-ldap-common-samba4.so, needed by /usr/lfs/v0/rc-buildroot-test/scripts/instance-2/output/host/usr/bin/../powerpc64le-buildroot-linux-gnu/sysroot/usr/lib/libsmbclient.so, not found (try using -rpath or -rpath-link)
[skip]
/usr/lfs/v0/rc-buildroot-test/scripts/instance-2/output/host/opt/ext-toolchain/bin/../lib/gcc/powerpc64le-buildroot-linux-gnu/7.4.0/../../../../powerpc64le-buildroot-linux-gnu/bin/ld: /usr/lfs/v0/rc-buildroot-test/scripts/instance-2/output/host/usr/bin/../powerpc64le-buildroot-linux-gnu/sysroot/usr/lib/libsamdb.so.0: undefined reference to `sec_privilege_id'
[skip]
```
The bug has been reported upstream [1]. Setting `WAF_NO_PREFORK=1` fixes
the internal exception by disabling the usage of pre-forked processes
which somehow fails in cross-compiling environment.
Now, the configuration takes the correct values from the cross answers file:
```
Checking for rpath library support : yes
```
And leads to a correct rpath entry in the ELF header:
```
Library rpath: [/usr/lib/samba:/usr/lib]
```
And fixes the build of with libsmbclient feature enabled.
Fixes:
http://autobuild.buildroot.net/results/1678a6c5e5c9ee44b7a90d059d95c5d385d75132/http://autobuild.buildroot.net/results/ba11b09c0d99b005c71ddd4db7fa4caa5e68af9c/
[1] https://bugzilla.samba.org/show_bug.cgi?id=13846
Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
go1.12.6 (released 2019/06/11) includes fixes to the compiler, the linker, the
go command, and the crypto/x509, net/http, and os packages.
go1.12.7 (released 2019/07/08) includes fixes to cgo, the compiler, and the
linker.
go1.12.8 (released 2019/08/13) includes security fixes to the net/http and
net/url packages.
https://golang.org/doc/devel/release.html
Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Andy Kennedy (andy.kennedy@adtran.com)<mailto:andy.kennedy@adtran.com>
The e-mail address you entered couldn't be found. Please check the
recipient's e-mail address and try to resend the message. If the
problem continues, please contact your helpdesk.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
<scjthm@live.com>: host live-com.olc.protection.outlook.com[104.47.5.33] said:
550 5.5.0 Requested action not taken: mailbox unavailable.
[HE1EUR02FT033.eop-EUR02.prod.protection.outlook.com] (in reply to RCPT TO
command)
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
<eswierk@skyportsystems.com>: host aspmx.l.google.com[108.177.127.27] said:
550-5.1.1 The email account that you tried to reach does not exist. Please
try 550-5.1.1 double-checking the recipient's email address for typos or
550-5.1.1 unnecessary spaces. Learn more at 550 5.1.1
https://support.google.com/mail/?p=NoSuchUser 33si1105652eds.275 - gsmtp
(in reply to RCPT TO command)
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
His e-mail address @imgtec.com is bouncing:
<abhilash.tuse@imgtec.com>: host
mxa-00376f01.gslb.pphosted.com[185.132.180.163] said: 550 5.1.1 User
Unknown (in reply to RCPT TO command)
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Add dnet-config to LIBDNET_CONFIG_SCRIPTS so this script can be used by
applications such as tcpreplay
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
qt5enginio requires SSL support in qt5base. However, the SSL support
in qt5base is a bit annoying: while it can be provided by either
openssl or libressl for Qt latest, it can only be provided by
libressl for Qt 5.6.
Fabrice Fontaine initially proposed [0] a dependency on
BR2_PACKAGE_QT5BASE_OPENSSL, and a long discussion
followed. Ultimately, we found the dependency to not be nice, as it
required users to know that they need to enable some SSL
implementation to be able to enable qt5enginio.
The current solution enables BR2_PACKAGE_OPENSSL (the virtual
package), which can be either openssl or libressl. This choice was
done under the assumption that we anyway don't test Qt 5.6 in the
autobuilders. However, this is incorrect: Qt latest needs gcc >= 4.8
on host and target, and we have configurations in the autobuilders
that don't meet this requirement, and therefore build Qt 5.6, and face
a build issue due to OpenSSL being used instead of LibreSSL.
After additional thinking, this commit simply gets back to the
original solution proposed by Fabrice: a "depends on". We simply add
Config.in comments to help the user in knowing what is missing to
enable qt5enginio.
An alternate solution would have been to disallow selecting qt5enginio
when Qt 5.6 is used. But fixing the qt5enginio build is also needed
for the LTS branch, and we can't drop qt5enginio on Qt 5.6 in the LTS
branch, as that could bother users.
Fixes:
http://autobuild.buildroot.net/results/227d4b9e2b48c5b3f2dcf0fad9eefa2816c1eb0c/
[0] https://patchwork.ozlabs.org/patch/1053883/
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
