Fabrice Fontaine [Mon, 5 Apr 2021 19:52:57 +0000 (21:52 +0200)]
package/python-toml: bump to version 0.10.2
- Update hash of LICENSE (update in year and author added:
https://github.com/uiri/toml/commit/
a86fc1fbd650a19eba313c3f642c9e2c679dc8d6)
- Update indentation in hash file (two spaces)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Mon, 5 Apr 2021 19:43:36 +0000 (21:43 +0200)]
package/hidapi: bump to version 0.10.1
- Drop patch (already in version)
- Update indentation in hash file (two spaces)
https://github.com/libusb/hidapi/releases/tag/hidapi-0.10.0
https://github.com/libusb/hidapi/releases/tag/hidapi-0.10.1
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Peter Korsgaard [Mon, 5 Apr 2021 19:17:53 +0000 (21:17 +0200)]
package/xen: add upstream xsa-36{0, 4, 8} security fixes
Fixes the following security issues:
- CVE-2021-3308: IRQ vector leak on x86
https://xenbits.xenproject.org/xsa/advisory-360.html
- CVE-2021-26933: arm: The cache may not be cleaned for newly allocated
scrubbed pages
https://xenbits.xenproject.org/xsa/advisory-364.html
- CVE-2021-28687: HVM soft-reset crashes toolstack
https://xenbits.xenproject.org/xsa/advisory-368.html
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Mon, 5 Apr 2021 19:32:18 +0000 (21:32 +0200)]
package/janus-gateway: bump to version 0.10.10
https://github.com/meetecho/janus-gateway/blob/v0.10.10/CHANGELOG.md
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Mon, 5 Apr 2021 19:14:18 +0000 (21:14 +0200)]
package/python-iso8601: bump to version 0.1.14
https://github.com/micktwomey/pyiso8601/releases/tag/0.1.14
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Thomas Petazzoni [Mon, 5 Apr 2021 18:52:30 +0000 (20:52 +0200)]
boot/grub2: ignore the last 3 remaining CVEs
An analysis of the last 3 remaining CVEs that are reported to affect
the grub2 package has allowed to ensure that we can safely ignore
them:
* CVE-2020-14372 is already fixed by a patch we have in our patch
stack for grub2
* CVE-2019-14865 and CVE-2020-15705 are both distro-specific and do
not affect grub2 upstream, nor grub2 with the stack of patches we
have in Buildroot
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Mon, 5 Apr 2021 18:32:44 +0000 (20:32 +0200)]
package/libfreeglut: fix build with gcc 10
Fixes:
- http://autobuild.buildroot.org/results/
48c11cfc19784cc9c3ba5c6ba3d91ddae192734e
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Mon, 5 Apr 2021 17:30:27 +0000 (19:30 +0200)]
package/python-py: security bump to version 1.10.0
Fix CVE-2020-29651: A denial of service via regular expression in the
py.path.svnwc component of py (aka python-py) through 1.9.0 could be
used by attackers to cause a compute-time denial of service attack by
supplying malicious input to the blame functionality.
Add py/_vendored_packages/iniconfig-1.1.1.dist-info/LICENSE (MIT) which
has been added with
https://github.com/pytest-dev/py/commit/
94cf44fd41d957eb50773d3e4fb54e931836779e
https://github.com/pytest-dev/py/blob/1.10.0/CHANGELOG.rst
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Mon, 5 Apr 2021 17:30:26 +0000 (19:30 +0200)]
package/python-py: add CPE variables
cpe:2.3:a:pytest:py is a valid CPE identifier for this package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Apytest%3Apy
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Mon, 5 Apr 2021 17:12:18 +0000 (19:12 +0200)]
package/python-aiohttp: add CPE variables
cpe:2.3:a:aiohttp_project:aiohttp is a valid CPE identifier for this
package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Aaiohttp_project%3Aaiohttp
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Mon, 5 Apr 2021 16:59:48 +0000 (18:59 +0200)]
package/python-pip: add CPE variables
cpe:2.3:a:pypa:pip is a valid CPE identifier for this package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Apypa%3Apip
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Mon, 5 Apr 2021 16:33:06 +0000 (18:33 +0200)]
package/python-pillow: add CPE variables
cpe:2.3:a:python:pillow is a valid CPE identifier for this package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Apython%3Apillow
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Mon, 5 Apr 2021 16:25:04 +0000 (18:25 +0200)]
package/python-ipython: add CPE variables
cpe:2.3:a:ipython:ipython is a valid CPE identifier for this package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Aipython%3Aipython
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Mon, 5 Apr 2021 16:45:36 +0000 (18:45 +0200)]
package/python-psutil: add CPE variables
cpe:2.3:a:psutil_project:psutil is a valid CPE identifier for this
package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Apsutil_project%3Apsutil
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Peter Korsgaard [Mon, 5 Apr 2021 15:29:54 +0000 (17:29 +0200)]
package/python3: security bump to version 3.9.4
Fixes the following security issues:
- bpo-42988: CVE-2021-3426: Remove the getfile feature of the pydoc module
which could be abused to read arbitrary files on the disk (directory
traversal vulnerability). Moreover, even source code of Python modules
can contain sensitive data like passwords. Vulnerability reported by
David Schwörer.
- bpo-43285: ftplib no longer trusts the IP address value returned from the
server in response to the PASV command by default. This prevents a
malicious FTP server from using the response to probe IPv4 address and
port combinations on the client network.
Code that requires the former vulnerable behavior may set a
trust_server_pasv_ipv4_address attribute on their ftplib.FTP instances to
True to re-enable it.
- bpo-43439: Add audit hooks for gc.get_objects(), gc.get_referrers() and
gc.get_referents(). Patch by Pablo Galindo.
Note: 3.9.3 was recalled due to introducing unintentional ABI
incompatibility, and fixes re-released as 3.9.4:
https://www.python.org/downloads/release/python-394/
Add host-autoreconf-archive, as it is needed for autoreconf since:
https://github.com/python/cpython/commit/
064bc07f241dceec2fc577cbf5c31fa6d63fe320
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Mon, 5 Apr 2021 14:45:21 +0000 (16:45 +0200)]
package/python-ecdsa: bump to version 0.16.1
Update indentation in hash file (two spaces)
https://github.com/tlsfuzzer/python-ecdsa/blob/python-ecdsa-0.16.1/NEWS
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Mon, 5 Apr 2021 14:47:08 +0000 (16:47 +0200)]
package/python-paramiko: bump to version 2.7.2
Update indentation in hash file (two spaces)
https://github.com/paramiko/paramiko/blob/2.7.2/sites/www/changelog.rst
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[Peter: fix LICENSE hash]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Mon, 5 Apr 2021 13:59:30 +0000 (15:59 +0200)]
package/boinc: bump to version 7.16.16
Update indentation in hash file (two spaces)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Mon, 5 Apr 2021 13:52:33 +0000 (15:52 +0200)]
package/ncmpc: bump to version 0.45
https://github.com/MusicPlayerDaemon/ncmpc/blob/v0.45/NEWS
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Mon, 5 Apr 2021 14:03:10 +0000 (16:03 +0200)]
package/whois: bump to version 5.5.9
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Mon, 5 Apr 2021 13:40:30 +0000 (15:40 +0200)]
package/python-yatl: bump to version
20210326.1
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Mon, 5 Apr 2021 13:36:12 +0000 (15:36 +0200)]
package/python-jedi: bump to version 0.18.0
python 2 support has been dropped since version 0.18.0 and
https://github.com/davidhalter/jedi/commit/
d67dfba7f5a65d5ee064d37e1fb894a25b39bdab
Add django-stubs license file (MIT)
https://github.com/davidhalter/jedi/blob/v0.18.0/CHANGELOG.rst
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Mon, 5 Apr 2021 13:36:11 +0000 (15:36 +0200)]
package/python-parso: bump to version 0.8.2
python 2 support has been dropped since versio 0.8.0 and
https://github.com/davidhalter/parso/commit/
b601ade90b5e5d89cf1e56a00997d6e32588e930
https://github.com/davidhalter/parso/blob/v0.8.2/CHANGELOG.rst
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Mon, 5 Apr 2021 13:14:24 +0000 (15:14 +0200)]
package/libgee: bump to version 0.20.4
https://gitlab.gnome.org/GNOME/libgee/-/blob/0.20.4/NEWS
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Francois Perrad [Mon, 5 Apr 2021 13:08:06 +0000 (15:08 +0200)]
package/enchant: bump to version 2.2.15
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Mon, 5 Apr 2021 13:04:58 +0000 (15:04 +0200)]
package/libmaxminddb: bump to version 1.5.2
https://github.com/maxmind/libmaxminddb/blob/1.5.2/Changes.md
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Mon, 5 Apr 2021 09:53:16 +0000 (11:53 +0200)]
package/lcms2: bump to version 2.12
Update hash of COPYING (word wrap:
https://github.com/mm2/Little-CMS/commit/
48a1b9a1cae31b6ae001cd1963ab0170b9bebb34)
https://littlecms.com/blog/2021/02/06/lcms2-2.12
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Mon, 5 Apr 2021 10:12:22 +0000 (12:12 +0200)]
package/scapy: add CPE variables
cpe:2.3:a:scapy:scapy is a valid CPE identifier for this package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Ascapy%3Ascapy
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Mon, 5 Apr 2021 13:53:21 +0000 (15:53 +0200)]
package/haproxy: bump to version 2.2.13
http://www.haproxy.org/download/2.2/src/CHANGELOG
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Mon, 5 Apr 2021 11:33:28 +0000 (13:33 +0200)]
package/python-networkx: add CPE variables
cpe:2.3:a:python:networkx is a valid CPE identifier for this package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Apython%3Anetworkx
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Mon, 5 Apr 2021 11:28:45 +0000 (13:28 +0200)]
package/python-tornado: add CPE variables
cpe:2.3:a:tornadoweb:tornado is a valid CPE identifier for this package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Atornadoweb%3Atornado
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Mon, 5 Apr 2021 11:24:07 +0000 (13:24 +0200)]
package/python-pyro: add CPE variables
cpe:2.3:a:pyro_project:pyro is a valid CPE identifier for this package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Apyro_project%3Apyro
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Mon, 5 Apr 2021 11:14:59 +0000 (13:14 +0200)]
package/python-jinja2: add CPE variables
cpe:2.3:a:pocoo:jinja2 is a valid CPE identifier for this package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Apocoo%3Ajinja2
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Mon, 5 Apr 2021 11:07:15 +0000 (13:07 +0200)]
package/janus-gateway: add CPE variables
cpe:2.3:a:meetecho:janus is a valid CPE identifier for this package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Ameetecho%3Ajanus
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Mon, 5 Apr 2021 11:00:36 +0000 (13:00 +0200)]
package/python-docker: add CPE variables
cpe:2.3:a:docker:docker-py is a valid CPE identifier for this package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Adocker%3Adocker-py
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Mon, 5 Apr 2021 10:49:03 +0000 (12:49 +0200)]
package/python-decorator: add CPE variables
cpe:2.3:a:python:decorator is a valid CPE identifier for this package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Apython%3Adecorator
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Mon, 5 Apr 2021 10:37:45 +0000 (12:37 +0200)]
package/python-bsdiff4: add CPE variables
cpe:2.3:a:pypi:bsdiff4 is a valid CPE identifier for this package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Apypi%3Absdiff4
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Peter Korsgaard [Mon, 5 Apr 2021 12:03:54 +0000 (14:03 +0200)]
docs/website: update for 2020.02.12
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Peter Korsgaard [Mon, 5 Apr 2021 10:36:40 +0000 (12:36 +0200)]
Update for 2020.02.12
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit
1a6bd98fa87996f50f42a27857a9e9f029cc83e0)
[Peter: drop Makefile/Vagrantfile changes]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Sun, 4 Apr 2021 19:19:44 +0000 (21:19 +0200)]
package/coreutils: fix build without threads
Build of coreutils without threads is broken since bump to version 8.32
in commit
b4a0f9fb0e45aded46eb7259e25a1113eabf93c0
Fixes:
- http://autobuild.buildroot.org/results/
8d00bdabef73daa2a1d1f4c6e183dda447a82134
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[yann.morin.1998@free.fr:
- do an actual backport of patch 0002
- add upstream status for patch 0003
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Peter Korsgaard [Mon, 5 Apr 2021 10:16:27 +0000 (12:16 +0200)]
docs/website: update for 2020.11.4
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Peter Korsgaard [Mon, 5 Apr 2021 09:13:57 +0000 (11:13 +0200)]
Update for 2020.11.4
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit
f748088fa65b6862f943ed28e669db4b0f52c679)
[Peter: drop Makefile/Vagrantfile changes]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Mon, 5 Apr 2021 09:44:02 +0000 (11:44 +0200)]
package/expat: bump to version 2.3.0
https://github.com/libexpat/libexpat/blob/R_2_3_0/expat/Changes
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fabrice Fontaine [Mon, 5 Apr 2021 09:38:49 +0000 (11:38 +0200)]
package/python-web2py: add CPE variables
cpe:2.3:a:web2py:web2py is a valid CPE identifier for this package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Aweb2py%3Aweb2py
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fabrice Fontaine [Mon, 5 Apr 2021 09:31:50 +0000 (11:31 +0200)]
package/python-sqlalchemy: add CPE variables
cpe:2.3:a:sqlalchemy:sqlalchemy is a valid CPE identifier for this
package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Asqlalchemy%3Asqlalchemy
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fabrice Fontaine [Mon, 5 Apr 2021 09:31:11 +0000 (11:31 +0200)]
package/python-validators: add CPE variables
cpe:2.3:a:validators_project:validators is a valid CPE identifier for
this package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Avalidators_project%3Avalidators
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fabrice Fontaine [Mon, 5 Apr 2021 09:30:25 +0000 (11:30 +0200)]
package/python-m2crypto: add CPE variables
cpe:2.3:a:m2crypto_project:m2crypto is a valid CPE identifier for this
package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Am2crypto_project%3Am2crypto
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Peter Korsgaard [Sun, 4 Apr 2021 18:59:07 +0000 (20:59 +0200)]
package/python-pygments: security bump to version 2.7.4
Fixes the following security issues:
- CVE-2021-20270: An infinite loop in SMLLexer in Pygments versions 1.5 to
2.7.3 may lead to denial of service when performing syntax highlighting of
a Standard ML (SML) source file, as demonstrated by input that only
contains the "exception" keyword
- CVE-2021-27291: In pygments 1.1+, fixed in 2.7.4, the lexers used to parse
programming languages rely heavily on regular expressions. Some of the
regular expressions have exponential or cubic worst-case complexity and
are vulnerable to ReDoS. By crafting malicious input, an attacker can
cause a denial of service
Python 2.x support was dropped in pygments 2.6, so adjust (reverse)
dependencies:
Version 2.6
-----------
(released March 8, 2020)
- Running Pygments on Python 2.x is no longer supported.
(The Python 2 lexer still exists.)
Adjust the license hash for a change of copyright years:
https://github.com/pygments/pygments/commit/
a590ac5ea7c00a41e253834306bfa19e38349c0b
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Sun, 4 Apr 2021 16:35:32 +0000 (18:35 +0200)]
package/libvips: bump to version 8.10.6
Update indentation in hash file (two spaces)
https://github.com/libvips/libvips/blob/v8.10.6/ChangeLog
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bernd Kuhls [Sun, 4 Apr 2021 17:48:58 +0000 (19:48 +0200)]
package/{bluez5_utils, bluez5_utils-headers}: bump to version 5.58
Release notes:
http://www.bluez.org/release-of-bluez-5-58-and-5-57/
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bernd Kuhls [Sun, 4 Apr 2021 17:48:57 +0000 (19:48 +0200)]
package/ell: bump version to 0.39
Changelog:
https://git.kernel.org/pub/scm/libs/ell/ell.git/tree/ChangeLog
Needed for bluez5_utils bump to 5.58:
http://www.bluez.org/release-of-bluez-5-58-and-5-57/
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bernd Kuhls [Sun, 4 Apr 2021 17:28:58 +0000 (19:28 +0200)]
package/samba4: AD DC support needs ADS
Needed due to upstream commit:
https://gitlab.com/samba-team/samba/-/commit/
607c9ab307db36aee0604d209a13b45d28c63d9b
Fixes:
http://autobuild.buildroot.net/results/b3f/
b3fe797408b9041de37433602b3a47211818e44b/
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Sun, 4 Apr 2021 22:01:54 +0000 (00:01 +0200)]
package/python-enum34: add CPE variables
cpe:2.3:a:python:enum34 is a valid CPE identifier for this package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Apython%3Aenum34
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Sun, 4 Apr 2021 21:45:36 +0000 (23:45 +0200)]
package/python-ecdsa: add PYTHON_ECDSA_CPE_ID_VENDOR
cpe:2.3:a:python-ecdsa_project:python-ecdsa is a valid CPE identifier
for this package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Apython-ecdsa_project%3Apython-ecdsa
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Sun, 4 Apr 2021 21:41:26 +0000 (23:41 +0200)]
package/python-pyjwt: add CPE variables
cpe:2.3:a:pyjwt_project:pyjwt is a valid CPE identifier for this
package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Apyjwt_project%3Apyjwt
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Sun, 4 Apr 2021 21:32:18 +0000 (23:32 +0200)]
package/python-pyopenssl: add CPE variables
cpe:2.3:a:pyopenssl:pyopenssl is a valid CPE identifier for this
package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Apyopenssl%3Apyopenssl
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Sun, 4 Apr 2021 21:25:52 +0000 (23:25 +0200)]
package/python-cryptography: add CPE variables
cpe:2.3:a:cryptography_project:cryptography is a valid CPE identifier
for this package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Acryptography_project%3Acryptography
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Sun, 4 Apr 2021 21:13:26 +0000 (23:13 +0200)]
package/python-paramiko: drop python-pyasn1 dependency
python-pyasn1 is truly optional since version 2.5.0 and
https://github.com/paramiko/paramiko/commit/
a31818c28556055341ae3d249e3893d40eb2b232
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Sun, 4 Apr 2021 21:01:22 +0000 (23:01 +0200)]
package/python-paramiko: add CPE variables
cpe:2.3:a:paramiko:paramiko is a valid CPE identifier for this package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Aparamiko%3Aparamiko
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Sun, 4 Apr 2021 20:53:04 +0000 (22:53 +0200)]
package/python-flask: add CPE variables
cpe:2.3:a:palletsprojects:flask is a valid CPE identifier for this
package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Apalletsprojects%3Aflask
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Sun, 4 Apr 2021 20:46:59 +0000 (22:46 +0200)]
package/python-parso: add CPE variables
cpe:2.3:a:parso_project:parso is a valid CPE identifier for this
package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Aparso_project%3Aparso
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Sun, 4 Apr 2021 20:27:33 +0000 (22:27 +0200)]
package/python-pygments: add CPE variables
cpe:2.3:a:pygments:pygments is a valid CPE identifier for this package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Apygments%3Apygments
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Chris Packham [Sun, 4 Apr 2021 20:06:58 +0000 (08:06 +1200)]
package/syslog-ng: Bump version to 3.31.2
https://github.com/syslog-ng/syslog-ng/releases/tag/syslog-ng-3.31.2
Signed-off-by: Chris Packham <judge.packham@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Sun, 4 Apr 2021 16:06:52 +0000 (18:06 +0200)]
package/libvips: add LIBVIPS_CPE_ID_VENDOR
cpe:2.3:a:libvips_project:libvips is a valid CPE identifier for this
package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Alibvips_project%3Alibvips
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Heiko Thiery [Wed, 24 Mar 2021 12:36:06 +0000 (13:36 +0100)]
package/ser2net: bump verstion to 4.3.3
Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Heiko Thiery [Wed, 24 Mar 2021 12:36:04 +0000 (13:36 +0100)]
package/gensio: bump version to 2.2.4
Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Wed, 24 Mar 2021 07:04:13 +0000 (08:04 +0100)]
package/openmpi: drop unrecognized option
--disable-vt has been dropped since version 2.0.0 and
https://github.com/open-mpi/ompi/commit/
94190bf04b0877e878223a04c236443774e57ef2
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Francois Perrad [Wed, 24 Mar 2021 08:51:42 +0000 (09:51 +0100)]
package/lualogging: bump to version 1.5.1
diff LICENSE:
-Copyright (c) 2004-2020 Kepler Project.
+Copyright (c) 2004-2021 Kepler Project.
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Tue, 23 Mar 2021 19:18:26 +0000 (20:18 +0100)]
package/qhull: bump to version 8.0.2
- Static libs are supported since version 8.0.2 and
https://github.com/qhull/qhull/commit/
613debeaea72ee66626dace9ba1a2eff11b5d37d
- Update hash of COPYING, update year and authors with
https://github.com/qhull/qhull/commit/
4733a95be0298919a646a1d6044c1bee7a552880
- Update indentation in hash file (two spaces)
https://github.com/qhull/qhull/releases/tag/v8.0.2
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Sun, 4 Apr 2021 14:30:48 +0000 (16:30 +0200)]
package/libvips: add webp optional dependency
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Sun, 4 Apr 2021 14:30:47 +0000 (16:30 +0200)]
package/libvips: add matio optional dependency
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Sun, 4 Apr 2021 14:30:46 +0000 (16:30 +0200)]
package/libvips: add lcms2 optional dependency
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Sun, 4 Apr 2021 14:30:45 +0000 (16:30 +0200)]
package/libvips: add orc optional dependency
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Sun, 4 Apr 2021 14:30:44 +0000 (16:30 +0200)]
package/libvips: add {image, graphics}magick optional dependencies
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Sun, 4 Apr 2021 14:30:43 +0000 (16:30 +0200)]
package/libvips: add librsvg optional dependency
librsvg is an optional dependency which is enabled by default since
version 8.3.0 and
https://github.com/libvips/libvips/commit/
153886d2eb71eebcdca860cb691d8fbb976ad816
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Sun, 4 Apr 2021 14:30:42 +0000 (16:30 +0200)]
package/libvips: add zlib optional dependency
zlib is an optional dependency which is enabled by default since version
8.4.2 and
https://github.com/libvips/libvips/commit/
5ab0001ec68a5f61396aecd8d2d7a619b1dbe1fa
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Chris Packham [Mon, 29 Mar 2021 07:28:28 +0000 (20:28 +1300)]
package/micropython: define MICROPY_NLR_SETJMP for xtensa
As suggested on https://github.com/micropython/micropython/issues/6551
define MICROPY_NLR_SETJMP to avoid the xtensa specific implementation
of nlr_push.
Fixes:
- http://autobuild.buildroot.net/results/
5fc8669b5c768ccfc02bd20d1159bce7fe43683e
Signed-off-by: Chris Packham <judge.packham@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Grzegorz Blach [Wed, 31 Mar 2021 12:26:24 +0000 (14:26 +0200)]
package/python-hiredis: bump to version 2.0.0
Depends on BR2_PACKAGE_PYTHON3
Signed-off-by: Grzegorz Blach <grzegorz@blach.pl>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bernd Kuhls [Sun, 4 Apr 2021 12:15:42 +0000 (14:15 +0200)]
package/tvheadend: add option to enable IPTV support
Some IPTV streams will need ffmpef, the command line tool), while some
won't, so we just suggest that to the user in the help text.
There were two alternatives, but neither were very convincing:
- always enforce that ffmpeg is enabled
- only enforce ffmpeg to be enabled when the package is already
enabled
In either case, that may cary the ffmpeg tool when it really is not
needed. So leave it to the user to decide whether they want it or not.
tvheadend now has a bunch of options, so make it a sub-menu.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
[yann.morin.1998@free.fr:
- do not forcibly enable ffmpeg-the-commandline-tool
- one option per-commit
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Bernd Kuhls [Sun, 4 Apr 2021 12:10:55 +0000 (14:10 +0200)]
package/tvheadend: add option to enable timeshift support
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
[yann.morin.1998@free.fr: one option per-commit]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Bernd Kuhls [Sun, 4 Apr 2021 12:09:32 +0000 (14:09 +0200)]
package/tvheadend: add option to enable Satellite/IP support
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
[yann.morin.1998@free.fr: one option per-commit]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Bernd Kuhls [Sat, 3 Apr 2021 15:22:34 +0000 (17:22 +0200)]
package/tvheadend: add option to enable descrambler support
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
[yann.morin.1998@free.fr: one option per-commit]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fabrice Fontaine [Mon, 29 Mar 2021 19:06:33 +0000 (21:06 +0200)]
package/pcmanfm: fix build with gettext-tiny
Fix build of pcmanfm in version 1.3.2 with gettext-tiny
Fixes:
- http://autobuild.buildroot.org/results/
69f4e5fa44208429b143011640971a61d709d5b1
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Peter Seiderer [Mon, 29 Mar 2021 17:41:11 +0000 (19:41 +0200)]
package/valgrind: bump version to 3.17.0
- bump version to 3.17.0
- adjust tool remove hooks according to the change to libexec
- fix massive remove hook, ms_script vs. ms_print
- add additional sha256 source package hash
For details see [1].
[1] https://www.valgrind.org/docs/manual/dist.news.html
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Thu, 1 Apr 2021 06:02:22 +0000 (08:02 +0200)]
package/wget: fix build with uclibc < 1.0.35
Build of wget with uclibc < 1.0.35 is broken since bump to version
1.21.1 in commit
89a3f73910402ed40066eed076d5a53ac270307c
Fixes:
- http://autobuild.buildroot.org/results/
d507f8d8ae4dd6aac1e83b7cc81017caf0d2c30e
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Peter Seiderer [Wed, 31 Mar 2021 21:09:36 +0000 (23:09 +0200)]
package/sane-backends: add patch to fix compile for toolchains without thread support
Fixes:
- http://autobuild.buildroot.net/results/
c9b0e41d66211bcab231b5db78c6eebe4b1d78ba
genesys/scanner_interface_usb.cpp: In member function ‘virtual void genesys::ScannerInterfaceUsb::sleep_us(unsigned int)’:
genesys/scanner_interface_usb.cpp:484:10: error: ‘std::this_thread’ has not been declared
484 | std::this_thread::sleep_for(std::chrono::microseconds{microseconds});
| ^~~~
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Wed, 31 Mar 2021 18:59:43 +0000 (20:59 +0200)]
package/libvips: add giflib optional dependency
giflib is an optional dependency which is enabled by default since
version 8.3.0 and
https://github.com/libvips/libvips/commit/
d79407f285c768a7338e73ccfc6cf09480b95582
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Francois Perrad [Sat, 3 Apr 2021 12:42:30 +0000 (14:42 +0200)]
package/jimtcl: bump to version 0.80
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Marcus Folkesson [Fri, 26 Mar 2021 07:41:50 +0000 (08:41 +0100)]
package/libostree: bump to version 2021.1
Signed-off-by: Marcus Folkesson <marcus.folkesson@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Peter Seiderer [Wed, 24 Mar 2021 21:27:55 +0000 (22:27 +0100)]
package/libinput: bump version to 1.17.1
For details see [1].
[1] https://lists.freedesktop.org/archives/wayland-devel/2021-March/041758.html
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Tue, 23 Mar 2021 19:44:22 +0000 (20:44 +0100)]
package/ipset: bump to version 7.11
Update indentation in hash file (two spaces)
http://git.netfilter.org/ipset/tree/ChangeLog?h=v7.11
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Tue, 23 Mar 2021 19:36:16 +0000 (20:36 +0100)]
package/smartmontools: bump to version 7.2
Drop patch (already in version) and so autoreconf
https://www.smartmontools.org/browser/tags/RELEASE_7_2/smartmontools/NEWS
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Michael Vetter [Mon, 29 Mar 2021 17:15:02 +0000 (19:15 +0200)]
package/jasper: bump version to 2.0.28
Changes:
* Fix potential null pointer dereference in the JP2/JPC decoder. (#269)
* Fix ignoring of JAS_STREAM_FILEOBJ_NOCLOSE at stream close time. (#286)
* Fix integral type sizing problem in JP2 codec. (#284)
Signed-off-by: Michael Vetter <jubalh@iodoru.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Wed, 31 Mar 2021 21:32:47 +0000 (23:32 +0200)]
package/upx: fix CVE-2021-20285
A flaw was found in upx canPack in p_lx_elf.cpp in UPX 3.96. This flaw
allows attackers to cause a denial of service (SEGV or buffer overflow
and application crash) or possibly have unspecified other impacts via a
crafted ELF. The highest threat from this vulnerability is to system
availability.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Wed, 31 Mar 2021 21:47:05 +0000 (23:47 +0200)]
package/gnutls: security bump to version 3.7.1
- Fix CVE-2021-20231 and CVE-2021-20232:
https://www.gnutls.org/security-new.html#GNUTLS-SA-2021-03-10
- Drop patch (not needed since:
https://git.savannah.gnu.org/cgit/gnulib.git/commit/?id=
b2d4b6c87827e34a694278d085a31508af052a37)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Sat, 3 Apr 2021 15:29:30 +0000 (17:29 +0200)]
package/botan: add support for riscv32
Backport an upstream patch to add support for riscv32. Although this is
a new feature (new arch support), this is an upstream commit, so we can
expect it to be available in a future release.
Fixes:
- http://autobuild.buildroot.org/results/
1c399312dbec5d7a28ec90d62fdd8f47fa14ff4b
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[yann.morin.1998@free.fr:
- technically, this is not a bug fix, but new arch support
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fabrice Fontaine [Sat, 3 Apr 2021 15:38:01 +0000 (17:38 +0200)]
package/perl-xml-libxml: add CPE variables
cpe:2.3:a:xml-libxml_project:xml-libxml is a valid CPE identifier for
this package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Axml-libxml_project%3Axml-libxml
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Bernd Kuhls [Sun, 4 Apr 2021 08:49:33 +0000 (10:49 +0200)]
package/samba4: update samba4-cache.txt for fcntl flags check
Fixes:
http://autobuild.buildroot.net/results/76a/
76a411b78d764561457decd47b268f65059ba1b0/
Checking whether fcntl supports setting/geting hints : not found
..
Cross answers file /home/giuliobenetti/autobuild/run/instance-2/output-1/build/samba4-4.14.2/cache.txt is incomplete
Samba4 has added a check for fcntl F_{G,S}ET_RW_HINT /
F_{G,S}ET_FILE_RW_HINT handling since:
https://gitlab.com/samba-team/devel/samba/-/commit/
5084a69de14f24e9d804998580eefcba773fdd5a
Which is supported by the Linux kernel since 4.13 in commit
c75b1d9421f80f41 (fs: add fcntl() interface for setting/getting
write life time hints), so add it to the cache file.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fabrice Fontaine [Sat, 3 Apr 2021 13:23:49 +0000 (15:23 +0200)]
package/cifs-utils: add missing python dependencies
Add missing python dependencies which have been forgotten when bumping
to version 6.12 in commit
b5dede7d1a03ab2b8caa0a8e79b09c8df6c62fe4
Fixes:
- http://autobuild.buildroot.org/results/
acdbf7c58ec8ae648f8048bc75650dcdcdca6285
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[yann.morin.1998@free.fr:
- dependencies are because of python3, not python
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fabrice Fontaine [Sat, 3 Apr 2021 08:55:30 +0000 (10:55 +0200)]
package/libvpx: add LIBVPX_CPE_ID_VENDOR
cpe:2.3:a:webmproject:libvpx is a valid CPE identifier for this package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Awebmproject%3Alibvpx
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>