chromium: new package #11
Draft
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This patch is a backport from the rockchip tree.
Author: Jeffy Chen <jeffy.chen@rock-chips.com>
Date: Tue Nov 13 18:25:34 2018 +0800
package: cups: Add lp user as default cups user
Change-Id: Ic7434fe0a7b41b86b5b8b097fa29dd9718e29aa5
Signed-off-by: Jeffy Chen <jeffy.chen@rock-chips.com>
User lp is necessary for running the cups spooler.
Groups lpadmin grants administrative privileges to users.
Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
(cherry picked from commit 608c12c)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This patch is based on patch from the rockchip tree:
commit c8a337593660f27379c30248a11bf08dc8712113
Author: Jeffy Chen <jeffy.chen@rock-chips.com>
Date: Tue Nov 13 18:59:43 2018 +0800
package: cups: Add udev rules to assign usb printers' group to lp
Change-Id: Ieae17deaa7d3623e1f0e1cc826871f1719d98d88
Signed-off-by: Jeffy Chen <jeffy.chen@rock-chips.com>
but removes a hardcoded device usb vendor/id and keps only the usb
printer class.
Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Signed-off-by: Michael Trimarchi <michael@amarulasolutions.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
(cherry picked from commit 9c47056)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The manual has a section on adding board support to upstream buildroot, but it fails to mention some of the things we expect. Add more of them. - Internal toolchain. - Beautify defconfig file. - Fixed versions for components. Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be> Cc: Adam Duskett <Aduskett@gmail.com> Reviewed-by: Adam Duskett <aduskett@gmail.com> [yann.morin.1998@free.fr: - use +monospace+ for the variables - use _italic_ for sections in defconfig ] Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr> (cherry picked from commit af6cffb) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
"mkdir" (without "-p") fails if the target directory exists, which means that if alsa-utils is being reinstalled or if other files have previously been installed in the alsa-state.d or alsa-restore.d directories the installation will fail. Switch to "$(INSTALL) -d" which allows us to be explicit about the permissions and handles the case of a pre-existing directory correctly. Signed-off-by: John Keeping <john@metanate.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com> (cherry picked from commit a421da9) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Examples and tests are not needed especially because of them fails on some architectures because it wrongly tries to use wc_Sha256FinalRaw: CCLD tests/unit.test /tmp/instance-0/output-1/host/opt/ext-toolchain/bin/../lib/gcc/aarch64-none-linux-gnu/9.2.1/../../../../aarch64-none-linux-gnu/bin/ld: tests/tests_unit_test-api.o: in function `test_wc_Sha256FinalRaw': /tmp/instance-0/output-1/build/wolfssl-4.5.0-stable/tests/api.c:6504: undefined reference to `wc_Sha256FinalRaw' Fixes: - http://autobuild.buildroot.org/results/d5b6f97f7510874fe28c675e599be08cb8a78c7b Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com> (cherry picked from commit 5a33de8) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes: - http://autobuild.buildroot.org/results/8754bb4f7d749f999d5f8ddfec587470ceec4476 Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com> (cherry picked from commit 9e31511) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Extract from bug report:
"In usb_modeswitch Makefile dispatcher-script, dispatcher-dynlink and
dispatcher-statlink are .PHONY targets. The result is that sources are
compiled also when install targets are called.
USB_MODESWITCH_INSTALL_TARGET_CMDS calls $(MAKE) which is a call to
parallel make eg. make -j9. So the install phase can install empty
usb_modeswitch binary (happened once) if the compiler have just cleared
the binary and install command installs it before compiler writes the
binary. USB_MODESWITCH_INSTALL_TARGET_CMDS should call $(MAKE1)."
Instead of disabling parellel install, use install-common target instead
of install-{dyn,stat}link targets. Indeed, the dynamic or static
usb_modeswitch_dispatcher binary will be built by
all-with-{dyn,stat}link-dispatcher targets, there is no need to rebuild
it during the install step
Fixes:
- https://bugs.buildroot.org/show_bug.cgi?id=12911
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 345c68f)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
systemd 246 added support for zstd compression of large fields in journal files [1]. Since zstd is only used at runtime, we don't need it to enable its support in host-systemd. [1] https://github.com/systemd/systemd/blob/v246/NEWS#L323-L331 Signed-off-by: Titouan Christophe <titouan.christophe@railnova.eu> Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr> (cherry picked from commit f5b8956) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The ControlValue structure is currently defined with a 16-bit hole (causing unaligned access to the numElements_ field, though that's a separate topic). This structure has a static assertion to ensure that its size does not change without due care, as it forms part of our ABI and is used in Serialisation between the pipeline handlers and IPA components. The m68k architecture is the only target which fails this assertion, which is likely because it can pack the structure more efficiently, producing a different binary size. This is likely an area we will tackle before stabilising our ABI, but until then, disable m68k builds as libcamera is not expected to be supported on this target. Fixes; - http://autobuild.buildroot.net/results/9dce26e94299a2c61bba60cbc7803926e2f85e29/ Signed-off-by: Kieran Bingham <kieran.bingham@ideasonboard.com> [yann.morin.1998@free.fr, suggestions from Thomas: - introduce BR2_PACKAGE_LIBCAMERA_ARCH_SUPPORTS - propagate that to the comment - add autobuilder reference ] Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr> (cherry picked from commit 66526e3) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Cherry-pick a patch from upstream project that fixes the build when used with a uClibc based toolchain. Signed-off-by: Paul Cercueil <paul@crapouillou.net> Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr> (cherry picked from commit 0e3febb) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security issues: CVE-2020-25125: Importing an OpenPGP key having a preference list for AEAD algorithms will lead to an array overflow and thus often to a crash or other undefined behaviour (affected: 2.2.21 / 2.2.22) For more details, see the announcement: https://lists.gnupg.org/pipermail/gnupg-announce/2020q3/000448.html Signed-off-by: Peter Korsgaard <peter@korsgaard.com> (cherry picked from commit 918a9fb) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security issue: CVE-2020-16845: Go before 1.13.15 and 14.x before 1.14.7 can have an infinite read loop in ReadUvarint and ReadVarint in encoding/binary via invalid inputs golang/go#40620 Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
In commit c2009e9 ("package/linux-headers: license files hashes only valid for latest version"), we introduced BR2_KERNEL_HEADERS_LATEST, which should only be set for the most recent kernel headers versions. Indeed, the COPYING file of Linux has changed before/after Linux 5.6, causing its hash file to be different. Since linux-headers uses linux/linux.hash as the hash file, and this hash file contains the COPYING hash of Linux >= 5.6, we cannot use that hash for Linux versions older than 5.6. When newer versions of the headers than 5.4 were added, this BR2_KERNEL_HEADERS_LATEST was not moved as it should have been. We fix this, which fixes a legal-info failure happening when Linux kernel headers 5.4 are used: >>> linux-headers 5.4.61 Patching >>> linux-headers 5.4.61 Collecting legal info ERROR: COPYING has wrong sha256 hash: ERROR: expected: fb5a425bd3b3cd6071a3a9aff9909a859e7c1158d54d32e07658398cd67eb6a0 ERROR: got : ee5808b032a67f587d3541099d46de34f5bec8cd5976114ba07f1299ee6001ff ERROR: Incomplete download, or man-in-the-middle (MITM) attack make: *** [package/linux-headers/linux-headers.mk:158: linux-headers-legal-info] Error 1 Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes: - http://autobuild.buildroot.org/results/3f552248869d9842b3db8b71c1ca0b030b1a64ba Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr> (cherry picked from commit 8414e31) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
libgnutls: Fixed "no_renegotiation" alert handling at incorrect timing. The server sending a "no_renegotiation" alert in an unexpected timing, followed by an invalid second handshake was able to cause a TLS 1.3 client to crash via a null-pointer dereference. The crash happens in the application's error handling path, where the gnutls_deinit function is called after detecting a handshake failure (#1071). [GNUTLS-SA-2020-09-04, CVSS: medium] https://lists.gnupg.org/pipermail/gnutls-help/2020-September/004669.html Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr> (cherry picked from commit fb3b232) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr> (cherry picked from commit 32f8033) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes: - http://autobuild.buildroot.org/results/67367f43cf8b2cc74e9a4f51f9d685ef058d5745 Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr> (cherry picked from commit 95c51a3) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes: - http://autobuild.buildroot.org/results/547d9a803375cce93b8e3e7a59243190b71c7688 Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr> (cherry picked from commit 29cb5d4) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr> (cherry picked from commit 4013e91) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes: - http://autobuild.buildroot.org/results/858488774503c6cc6a5489bc1e080562f5fc6461 Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr> (cherry picked from commit 9523573) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com> Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr> (cherry picked from commit d25b9ea) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Per-package build of apparmor with apache fails on:
/usr/lfs/hdd_v1/rc-buildroot-test/scripts/instance-0/output-1/per-package/apparmor/host/x86_64-buildroot-linux-musl/sysroot/usr/bin/apxs -c mod_apparmor.c -L/usr/lfs/hdd_v1/rc-buildroot-test/scripts/instance-0/output-1/per-package/apparmor/host/bin/../x86_64-buildroot-linux-musl/sysroot/usr/lib -lapparmor
/usr/lfs/hdd_v1/rc-buildroot-test/scripts/instance-0/output-1/per-package/apache/host/x86_64-buildroot-linux-musl/sysroot/usr/bin/../../usr/build-1/libtool --silent --mode=compile /usr/lfs/hdd_v1/rc-buildroot-test/scripts/instance-0/output-1/per-package/apache/host/bin/x86_64-linux-gcc -prefer-pic -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -Os -g2 -I/usr/lfs/hdd_v1/rc-buildroot-test/scripts/instance-0/output-1/per-package/apache/host/x86_64-buildroot-linux-musl/sysroot/usr/include -I/usr/lfs/hdd_v1/rc-buildroot-test/scripts/instance-0/output-1/per-package/apache/host/x86_64-buildroot-linux-musl/sysroot/usr/bin/../../usr/include/apr-1 -I/usr/lfs/hdd_v1/rc-buildroot-test/scripts/instance-0/output-1/per-package/apache/host/x86_64-buildroot-linux-musl/sysroot/usr/bin/../../usr/include/apr-1 -I/usr/lfs/hdd_v1/rc-buildroot-test/scripts/instance-0/output-1/per-package/apache/host/x86_64-buildroot-linux-musl/sysroot/usr/bin/../../../../x86_64-buildroot-lin
ux-musl/sysroot/usr/include -c -o mod_apparmor.lo mod_apparmor.c && touch mod_apparmor.slo
mod_apparmor.c:28:10: fatal error: sys/apparmor.h: No such file or directory
#include <sys/apparmor.h>
^~~~~~~~~~~~~~~~
The issue is that sys/appamor.h is not installed in the apache
per-package directory which is mangled by
APACHE_FIX_STAGING_APACHE_CONFIG, i.e.
/usr/lfs/hdd_v1/rc-buildroot-test/scripts/instance-0/output-1/per-package/apache/host/x86_64-buildroot-linux-musl/sysroot/usr/include
So implement the same workaround made on apache to replace those wrong
apache paths by apparmor paths in apxs binary and its configuration file
(i.e. config_vars.mk) as suggested by Thomas Petazzoni and Yann E. Morin
during review of the first iteration of this patch
Fixes:
- http://autobuild.buildroot.org/results/ef1fcd57e0c09a2806bf2272bb21df6d3300b45b
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 3c836e5)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
No MINIDLNA_IGNORE_CVES entry is added as no CVE has been assigned to minidlna. Indeed, CallStranger vulnerability affect(ed) most of the UPnP stacks (e.g. gupnp, libupnp) Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com> (cherry picked from commit 9ab9118) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix a build failure with ltp-testsuite in version 20200515 Fixes: - http://autobuild.buildroot.org/results/fb0a67b15482e76b379b4b4d9c43b45bb0fccae1 Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com> (cherry picked from commit 951571a) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes: - http://autobuild.buildroot.org/results/7701c317e300f0b06d258aed2a3bda866e740f48 Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com> (cherry picked from commit fd5376a) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes: - http://autobuild.buildroot.org/results/ba8dcdece193b91845a30cd31d3574674ec30068 Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com> (cherry picked from commit f4d124b) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Contains fixes for overflows when input chunks are larger than 2 GiB, an uninitialized data access, and minor correctness and performance improvements. There does not seem to be any CVEs filed, but there is a security notice in the release notes at: https://github.com/google/brotli/releases/tag/v1.0.9 Patch "0001-CMake-Allow-using-BUILD_SHARED_LIBS-to-choose-static.patch" is rebased against the latest upstream changes. Signed-off-by: Adrian Perez de Castro <aperez@igalia.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com> (cherry picked from commit 777bbd1) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
demosaic packs have been removed since version 0.19.0 and LibRaw/LibRaw@b85690e Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com> (cherry picked from commit 68480c9) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
- Fix CVE-2020-15503: LibRaw before 0.20-RC1 lacks a thumbnail size range check. This affects decoders/unpack_thumb.cpp, postprocessing/mem_image.cpp, and utils/thumb_utils.cpp. For example, malloc(sizeof(libraw_processed_image_t)+T.tlength) occurs without validating T.tlength. - zlib is an optional dependency since LibRaw/LibRaw@b63f017 Also update indentation in hash file (two spaces) as well as README.md hash, no license changes: - LibRaw/LibRaw@d1975cb - LibRaw/LibRaw@d38361b Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com> (cherry picked from commit fd50e0f) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This package uses gcc filename without absolute path, which breaks the host build if host and target compiler have the same filename. (Can happen with an external toolchain). This patch adds the variables for the host as overrides, as they are otherwise not picked up from the environment. Signed-off-by: Norbert Lange <nolange79@gmail.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com> (cherry picked from commit efa95b1) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
paralin
force-pushed
the
skiff
branch
7 times, most recently
from
10f58ac
to
63be964
Compare
paralin
force-pushed
the
skiff
branch
2 times, most recently
from
a0fa5a7
to
9be1b53
Compare
paralin
force-pushed
the
skiff
branch
5 times, most recently
from
add2465
to
018e4f2
Compare
paralin
force-pushed
the
skiff
branch
2 times, most recently
from
bb288dd
to
d9d9100
Compare
paralin
force-pushed
the
skiff
branch
2 times, most recently
from
bb5b14b
to
b4f8d6d
Compare
paralin
force-pushed
the
skiff
branch
7 times, most recently
from
fc02d23
to
eabd080
Compare
paralin
force-pushed
the
skiff
branch
4 times, most recently
from
6281cb8
to
fb5b165
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Unfortunately chromium in Buildroot was never merged:
http://lists.buildroot.org/pipermail/buildroot/2018-July/225782.html
https://github.com/jakogut/buildroot/commits/chromium-v7-wip
Abandoned 2019
However: I have updated the patch series and adjusted it to build against latest
skiff and latest chromium (this PR).