Fabrice Fontaine [Sun, 4 Apr 2021 20:53:04 +0000 (22:53 +0200)]
package/python-flask: add CPE variables
cpe:2.3:a:palletsprojects:flask is a valid CPE identifier for this
package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Apalletsprojects%3Aflask
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Sun, 4 Apr 2021 20:46:59 +0000 (22:46 +0200)]
package/python-parso: add CPE variables
cpe:2.3:a:parso_project:parso is a valid CPE identifier for this
package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Aparso_project%3Aparso
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Sun, 4 Apr 2021 20:27:33 +0000 (22:27 +0200)]
package/python-pygments: add CPE variables
cpe:2.3:a:pygments:pygments is a valid CPE identifier for this package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Apygments%3Apygments
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Chris Packham [Sun, 4 Apr 2021 20:06:58 +0000 (08:06 +1200)]
package/syslog-ng: Bump version to 3.31.2
https://github.com/syslog-ng/syslog-ng/releases/tag/syslog-ng-3.31.2
Signed-off-by: Chris Packham <judge.packham@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Sun, 4 Apr 2021 16:06:52 +0000 (18:06 +0200)]
package/libvips: add LIBVIPS_CPE_ID_VENDOR
cpe:2.3:a:libvips_project:libvips is a valid CPE identifier for this
package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Alibvips_project%3Alibvips
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Heiko Thiery [Wed, 24 Mar 2021 12:36:06 +0000 (13:36 +0100)]
package/ser2net: bump verstion to 4.3.3
Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Heiko Thiery [Wed, 24 Mar 2021 12:36:04 +0000 (13:36 +0100)]
package/gensio: bump version to 2.2.4
Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Wed, 24 Mar 2021 07:04:13 +0000 (08:04 +0100)]
package/openmpi: drop unrecognized option
--disable-vt has been dropped since version 2.0.0 and
https://github.com/open-mpi/ompi/commit/
94190bf04b0877e878223a04c236443774e57ef2
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Francois Perrad [Wed, 24 Mar 2021 08:51:42 +0000 (09:51 +0100)]
package/lualogging: bump to version 1.5.1
diff LICENSE:
-Copyright (c) 2004-2020 Kepler Project.
+Copyright (c) 2004-2021 Kepler Project.
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Tue, 23 Mar 2021 19:18:26 +0000 (20:18 +0100)]
package/qhull: bump to version 8.0.2
- Static libs are supported since version 8.0.2 and
https://github.com/qhull/qhull/commit/
613debeaea72ee66626dace9ba1a2eff11b5d37d
- Update hash of COPYING, update year and authors with
https://github.com/qhull/qhull/commit/
4733a95be0298919a646a1d6044c1bee7a552880
- Update indentation in hash file (two spaces)
https://github.com/qhull/qhull/releases/tag/v8.0.2
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Sun, 4 Apr 2021 14:30:48 +0000 (16:30 +0200)]
package/libvips: add webp optional dependency
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Sun, 4 Apr 2021 14:30:47 +0000 (16:30 +0200)]
package/libvips: add matio optional dependency
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Sun, 4 Apr 2021 14:30:46 +0000 (16:30 +0200)]
package/libvips: add lcms2 optional dependency
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Sun, 4 Apr 2021 14:30:45 +0000 (16:30 +0200)]
package/libvips: add orc optional dependency
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Sun, 4 Apr 2021 14:30:44 +0000 (16:30 +0200)]
package/libvips: add {image, graphics}magick optional dependencies
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Sun, 4 Apr 2021 14:30:43 +0000 (16:30 +0200)]
package/libvips: add librsvg optional dependency
librsvg is an optional dependency which is enabled by default since
version 8.3.0 and
https://github.com/libvips/libvips/commit/
153886d2eb71eebcdca860cb691d8fbb976ad816
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Sun, 4 Apr 2021 14:30:42 +0000 (16:30 +0200)]
package/libvips: add zlib optional dependency
zlib is an optional dependency which is enabled by default since version
8.4.2 and
https://github.com/libvips/libvips/commit/
5ab0001ec68a5f61396aecd8d2d7a619b1dbe1fa
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Chris Packham [Mon, 29 Mar 2021 07:28:28 +0000 (20:28 +1300)]
package/micropython: define MICROPY_NLR_SETJMP for xtensa
As suggested on https://github.com/micropython/micropython/issues/6551
define MICROPY_NLR_SETJMP to avoid the xtensa specific implementation
of nlr_push.
Fixes:
- http://autobuild.buildroot.net/results/
5fc8669b5c768ccfc02bd20d1159bce7fe43683e
Signed-off-by: Chris Packham <judge.packham@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Grzegorz Blach [Wed, 31 Mar 2021 12:26:24 +0000 (14:26 +0200)]
package/python-hiredis: bump to version 2.0.0
Depends on BR2_PACKAGE_PYTHON3
Signed-off-by: Grzegorz Blach <grzegorz@blach.pl>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bernd Kuhls [Sun, 4 Apr 2021 12:15:42 +0000 (14:15 +0200)]
package/tvheadend: add option to enable IPTV support
Some IPTV streams will need ffmpef, the command line tool), while some
won't, so we just suggest that to the user in the help text.
There were two alternatives, but neither were very convincing:
- always enforce that ffmpeg is enabled
- only enforce ffmpeg to be enabled when the package is already
enabled
In either case, that may cary the ffmpeg tool when it really is not
needed. So leave it to the user to decide whether they want it or not.
tvheadend now has a bunch of options, so make it a sub-menu.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
[yann.morin.1998@free.fr:
- do not forcibly enable ffmpeg-the-commandline-tool
- one option per-commit
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Bernd Kuhls [Sun, 4 Apr 2021 12:10:55 +0000 (14:10 +0200)]
package/tvheadend: add option to enable timeshift support
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
[yann.morin.1998@free.fr: one option per-commit]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Bernd Kuhls [Sun, 4 Apr 2021 12:09:32 +0000 (14:09 +0200)]
package/tvheadend: add option to enable Satellite/IP support
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
[yann.morin.1998@free.fr: one option per-commit]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Bernd Kuhls [Sat, 3 Apr 2021 15:22:34 +0000 (17:22 +0200)]
package/tvheadend: add option to enable descrambler support
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
[yann.morin.1998@free.fr: one option per-commit]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fabrice Fontaine [Mon, 29 Mar 2021 19:06:33 +0000 (21:06 +0200)]
package/pcmanfm: fix build with gettext-tiny
Fix build of pcmanfm in version 1.3.2 with gettext-tiny
Fixes:
- http://autobuild.buildroot.org/results/
69f4e5fa44208429b143011640971a61d709d5b1
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Peter Seiderer [Mon, 29 Mar 2021 17:41:11 +0000 (19:41 +0200)]
package/valgrind: bump version to 3.17.0
- bump version to 3.17.0
- adjust tool remove hooks according to the change to libexec
- fix massive remove hook, ms_script vs. ms_print
- add additional sha256 source package hash
For details see [1].
[1] https://www.valgrind.org/docs/manual/dist.news.html
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Thu, 1 Apr 2021 06:02:22 +0000 (08:02 +0200)]
package/wget: fix build with uclibc < 1.0.35
Build of wget with uclibc < 1.0.35 is broken since bump to version
1.21.1 in commit
89a3f73910402ed40066eed076d5a53ac270307c
Fixes:
- http://autobuild.buildroot.org/results/
d507f8d8ae4dd6aac1e83b7cc81017caf0d2c30e
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Peter Seiderer [Wed, 31 Mar 2021 21:09:36 +0000 (23:09 +0200)]
package/sane-backends: add patch to fix compile for toolchains without thread support
Fixes:
- http://autobuild.buildroot.net/results/
c9b0e41d66211bcab231b5db78c6eebe4b1d78ba
genesys/scanner_interface_usb.cpp: In member function ‘virtual void genesys::ScannerInterfaceUsb::sleep_us(unsigned int)’:
genesys/scanner_interface_usb.cpp:484:10: error: ‘std::this_thread’ has not been declared
484 | std::this_thread::sleep_for(std::chrono::microseconds{microseconds});
| ^~~~
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Wed, 31 Mar 2021 18:59:43 +0000 (20:59 +0200)]
package/libvips: add giflib optional dependency
giflib is an optional dependency which is enabled by default since
version 8.3.0 and
https://github.com/libvips/libvips/commit/
d79407f285c768a7338e73ccfc6cf09480b95582
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Francois Perrad [Sat, 3 Apr 2021 12:42:30 +0000 (14:42 +0200)]
package/jimtcl: bump to version 0.80
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Marcus Folkesson [Fri, 26 Mar 2021 07:41:50 +0000 (08:41 +0100)]
package/libostree: bump to version 2021.1
Signed-off-by: Marcus Folkesson <marcus.folkesson@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Peter Seiderer [Wed, 24 Mar 2021 21:27:55 +0000 (22:27 +0100)]
package/libinput: bump version to 1.17.1
For details see [1].
[1] https://lists.freedesktop.org/archives/wayland-devel/2021-March/041758.html
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Tue, 23 Mar 2021 19:44:22 +0000 (20:44 +0100)]
package/ipset: bump to version 7.11
Update indentation in hash file (two spaces)
http://git.netfilter.org/ipset/tree/ChangeLog?h=v7.11
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Tue, 23 Mar 2021 19:36:16 +0000 (20:36 +0100)]
package/smartmontools: bump to version 7.2
Drop patch (already in version) and so autoreconf
https://www.smartmontools.org/browser/tags/RELEASE_7_2/smartmontools/NEWS
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Michael Vetter [Mon, 29 Mar 2021 17:15:02 +0000 (19:15 +0200)]
package/jasper: bump version to 2.0.28
Changes:
* Fix potential null pointer dereference in the JP2/JPC decoder. (#269)
* Fix ignoring of JAS_STREAM_FILEOBJ_NOCLOSE at stream close time. (#286)
* Fix integral type sizing problem in JP2 codec. (#284)
Signed-off-by: Michael Vetter <jubalh@iodoru.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Wed, 31 Mar 2021 21:32:47 +0000 (23:32 +0200)]
package/upx: fix CVE-2021-20285
A flaw was found in upx canPack in p_lx_elf.cpp in UPX 3.96. This flaw
allows attackers to cause a denial of service (SEGV or buffer overflow
and application crash) or possibly have unspecified other impacts via a
crafted ELF. The highest threat from this vulnerability is to system
availability.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Wed, 31 Mar 2021 21:47:05 +0000 (23:47 +0200)]
package/gnutls: security bump to version 3.7.1
- Fix CVE-2021-20231 and CVE-2021-20232:
https://www.gnutls.org/security-new.html#GNUTLS-SA-2021-03-10
- Drop patch (not needed since:
https://git.savannah.gnu.org/cgit/gnulib.git/commit/?id=
b2d4b6c87827e34a694278d085a31508af052a37)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Sat, 3 Apr 2021 15:29:30 +0000 (17:29 +0200)]
package/botan: add support for riscv32
Backport an upstream patch to add support for riscv32. Although this is
a new feature (new arch support), this is an upstream commit, so we can
expect it to be available in a future release.
Fixes:
- http://autobuild.buildroot.org/results/
1c399312dbec5d7a28ec90d62fdd8f47fa14ff4b
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[yann.morin.1998@free.fr:
- technically, this is not a bug fix, but new arch support
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fabrice Fontaine [Sat, 3 Apr 2021 15:38:01 +0000 (17:38 +0200)]
package/perl-xml-libxml: add CPE variables
cpe:2.3:a:xml-libxml_project:xml-libxml is a valid CPE identifier for
this package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Axml-libxml_project%3Axml-libxml
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Bernd Kuhls [Sun, 4 Apr 2021 08:49:33 +0000 (10:49 +0200)]
package/samba4: update samba4-cache.txt for fcntl flags check
Fixes:
http://autobuild.buildroot.net/results/76a/
76a411b78d764561457decd47b268f65059ba1b0/
Checking whether fcntl supports setting/geting hints : not found
..
Cross answers file /home/giuliobenetti/autobuild/run/instance-2/output-1/build/samba4-4.14.2/cache.txt is incomplete
Samba4 has added a check for fcntl F_{G,S}ET_RW_HINT /
F_{G,S}ET_FILE_RW_HINT handling since:
https://gitlab.com/samba-team/devel/samba/-/commit/
5084a69de14f24e9d804998580eefcba773fdd5a
Which is supported by the Linux kernel since 4.13 in commit
c75b1d9421f80f41 (fs: add fcntl() interface for setting/getting
write life time hints), so add it to the cache file.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fabrice Fontaine [Sat, 3 Apr 2021 13:23:49 +0000 (15:23 +0200)]
package/cifs-utils: add missing python dependencies
Add missing python dependencies which have been forgotten when bumping
to version 6.12 in commit
b5dede7d1a03ab2b8caa0a8e79b09c8df6c62fe4
Fixes:
- http://autobuild.buildroot.org/results/
acdbf7c58ec8ae648f8048bc75650dcdcdca6285
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[yann.morin.1998@free.fr:
- dependencies are because of python3, not python
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fabrice Fontaine [Sat, 3 Apr 2021 08:55:30 +0000 (10:55 +0200)]
package/libvpx: add LIBVPX_CPE_ID_VENDOR
cpe:2.3:a:webmproject:libvpx is a valid CPE identifier for this package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Awebmproject%3Alibvpx
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bernd Kuhls [Sat, 3 Apr 2021 07:56:04 +0000 (09:56 +0200)]
package/x11r7/xkeyboard-config: bump version to 2.32
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bernd Kuhls [Sat, 3 Apr 2021 07:50:47 +0000 (09:50 +0200)]
package/perl-net-http: bump version to 6.21
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bernd Kuhls [Sat, 3 Apr 2021 07:50:46 +0000 (09:50 +0200)]
package/perl-net-dns: bump version to 1.30
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bernd Kuhls [Sat, 3 Apr 2021 07:50:44 +0000 (09:50 +0200)]
package/perl-digest-hmac: bump version to 1.04
Added by scancpan:
- new project URL
- new SITE
- new license file
- reformatted hashes
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bernd Kuhls [Sat, 3 Apr 2021 07:50:43 +0000 (09:50 +0200)]
package/perl-uri: bump version to 5.09
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bernd Kuhls [Sat, 3 Apr 2021 07:50:42 +0000 (09:50 +0200)]
package/perl-http-message: bump version to 6.29
Reformatted hashes.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bernd Kuhls [Fri, 2 Apr 2021 17:38:26 +0000 (19:38 +0200)]
perl-html-parser: bump version to 3.76
Added by scancpan:
- runtime dependencies
- new project URL
- new SITE
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bernd Kuhls [Fri, 2 Apr 2021 17:38:25 +0000 (19:38 +0200)]
package/perl-crypt-openssl-guess: bump version to 0.12
Reformatted hashes.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bernd Kuhls [Fri, 2 Apr 2021 17:12:24 +0000 (19:12 +0200)]
package/libvpx: bump version to 1.10.0
Release notes:
https://chromium.googlesource.com/webm/libvpx/+/refs/tags/v1.10.0
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bernd Kuhls [Fri, 2 Apr 2021 16:48:03 +0000 (18:48 +0200)]
package/libhdhomerun: bump version to
20210224
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bernd Kuhls [Fri, 2 Apr 2021 16:46:28 +0000 (18:46 +0200)]
package/libebur128: bump version to 1.2.6
Reformatted hashes.
Release notes:
https://github.com/jiixyj/libebur128/blob/master/README.md
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bernd Kuhls [Fri, 2 Apr 2021 16:43:32 +0000 (18:43 +0200)]
package/libva-utils: bump version to 2.11.1
Release notes:
https://github.com/intel/libva-utils/releases/tag/2.11.1
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bernd Kuhls [Fri, 2 Apr 2021 16:43:31 +0000 (18:43 +0200)]
package/libva: bump version to 2.11.0
Release notes:
https://github.com/intel/libva/blob/master/NEWS
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Giulio Benetti [Fri, 2 Apr 2021 22:20:38 +0000 (00:20 +0200)]
configs/amarula_vyasa_rk3288: bump Linux version to 5.11
Bump Linux and headers version to 5.11
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Giulio Benetti [Fri, 2 Apr 2021 22:20:37 +0000 (00:20 +0200)]
configs/amarula_vyasa_rk3288: bump u-boot version to 2021.01
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Adam Duskett [Thu, 1 Apr 2021 15:44:53 +0000 (08:44 -0700)]
package/mender: add nodbus to tags if dbus is not selected
The README.md file suggests passing "nodbus" as a tag if dbus is not selected.
Signed-off-by: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Adam Duskett [Thu, 1 Apr 2021 15:44:52 +0000 (08:44 -0700)]
package/mender: make xz optional
According to the README.md file, xz is optional.
- Remove the dependency on the xz package.
- If the xz package is not selected, add "nolzma" to MENDER_TAGS
Signed-off-by: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Adam Duskett [Thu, 1 Apr 2021 15:44:51 +0000 (08:44 -0700)]
package/mender/mender.mk: fix license list
The license files were updated in the .hash file, but not in the .mk file.
Fixes:
http://autobuild.buildroot.org/results/
42c2987e5cf2bb8918f7fdbd8303951f34b8ead1
Signed-off-by: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Peter Korsgaard [Fri, 2 Apr 2021 18:25:19 +0000 (20:25 +0200)]
package/samba4: update samba4-cache.txt for fcntl flags check
Fixes:
http://autobuild.buildroot.net/results/a5d/
a5db81fca8ec07159b69b108b742f3d060e3316a/
Checking whether fcntl supports flags to send direct I/O availability signals : not found
..
Cross answers file /srv/storage/autobuild/run/instance-3/output-1/build/samba4-4.14.2/cache.txt is incomplete
Samba4 has added a check for fcntl F_{G,S}ETOWN_EX handling since:
https://gitlab.com/samba-team/devel/samba/-/commit/
5084a69de14f24e9d804998580eefcba773fdd5a
Which is supported by the Linux kernel since 2.6.32 in commit
ba0a6c9f6fceed11 (fcntl: add F_[SG]ETOWN_EX), so add it to the cache file.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fabrice Fontaine [Fri, 2 Apr 2021 19:33:43 +0000 (21:33 +0200)]
package/rpm: security bump to version 4.16.1.3
- Fix arbitrary data copied from signature header past signature
checking (CVE-2021-3421)
- Fix signature check bypass with corrupted package (CVE-2021-20271)
- Fix missing bounds checks in headerImport() and headerCheck()
(CVE-2021-20266)
- Fix missing sanity checks on header entry count and region data
overlap
- Fix access past end of header if the last entry is string type
- Fix unsafe headerCopyLoad() still used in codebase
Drop all patches (already in version)
https://rpm.org/wiki/Releases/4.16.1.3.html
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fabrice Fontaine [Fri, 2 Apr 2021 19:54:07 +0000 (21:54 +0200)]
package/lldpd: add LLDPD_CPE_ID_VENDOR
cpe:2.3:a:lldpd_project:lldpd is a valid CPE identifier for this
package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Alldpd_project%3Alldpd
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fabrice Fontaine [Fri, 2 Apr 2021 19:52:52 +0000 (21:52 +0200)]
package/lldpd: security bump to version 1.0.9
- Out-of-bound read access when parsing LLDP-MED civic address in
liblldpctl for malformed fields.
- Fix memory leak when receiving LLDPU with duplicate fields.
CVE-2020-27827.
- More memory leak fixes on duplicate TLVs in LLDP, CDP and EDP
(related to CVE-2020-27827).
https://github.com/lldpd/lldpd/blob/1.0.9/NEWS
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Bernd Kuhls [Sat, 3 Apr 2021 06:35:59 +0000 (08:35 +0200)]
package/kodi-vfs-libarchive: bump version to 2.0.1-Matrix
Release notes:
https://github.com/xbmc/vfs.libarchive/releases/tag/2.0.1-Matrix
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Christian Stewart [Sat, 3 Apr 2021 06:45:38 +0000 (23:45 -0700)]
package/go: bump version to 1.16.3
go1.16.3 (released 2021/04/01) includes fixes to the compiler, linker, runtime,
the go command, and the testing and time packages.
https://golang.org/doc/go1.16
Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fabrice Fontaine [Fri, 2 Apr 2021 16:33:43 +0000 (18:33 +0200)]
package/qpid-proton: fix build without C++
Fixes:
- http://autobuild.buildroot.org/results/
05f344151100219c159ca4d466a453df96bf07fa
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[yann.morin.1998@free.fr:
- move code in thread condition, to avoid setting -DBUILD_CPP twice
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fabrice Fontaine [Fri, 2 Apr 2021 16:33:41 +0000 (18:33 +0200)]
package/qpid-proton: fix build without threads
Build of qpid-proton is broken since bump to version 0.33.0 in commit
d4c0fde91da0d79204a21ed8de1bd410efa1c4d6 because epoll proactor
unconditonally uses pthread
Fixes:
- http://autobuild.buildroot.org/results/
ec34da16a11f0600ecfbbbc4039e8210aea0498c
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[yann.morin.1998@free.fr: C++ precision in comment]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fabrice Fontaine [Fri, 2 Apr 2021 16:33:42 +0000 (18:33 +0200)]
package/pkg-cmake.mk: don't unconditionally set CMAKE_CXX_COMPILER
Don't unconditionally set CMAKE_CXX_COMPILER as it will raise a build
failure on qpid-proton because "if the toolchain specifies a value for
CMAKE_CXX_COMPILER, then CMake assumes the compiler works and goes
straight ahead trying to use it":
https://cmake.org/cmake/help/latest/module/CheckLanguage.html
https://issues.apache.org/jira/browse/PROTON-2365
Fixes:
- http://autobuild.buildroot.org/results/
05f344151100219c159ca4d466a453df96bf07fa
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[yann.morin.1998@free.fr: rename placeholder]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Nicolas Cavallari [Wed, 31 Mar 2021 08:14:47 +0000 (10:14 +0200)]
package/netsnmp: fix script net-snmp-create-v3-user's usage of 'ps'.
net-snmp-create-v3-user uses ps to check if snmpd is running. To know
how to invoke 'ps', the build system use 'which ps' and does other
checks for the output format of 'ps', therefore inspecting 'ps' on the
build machine instead of the target.
If the build machine runs a OS like Debian, that uses a merged-usr and a
PATH of '/usr/bin:/bin', then 'which ps' returns /usr/bin/ps, which will
not work on the target if it does not also use a merged-usr.
Hardcode 'ps' to be /bin/ps to fix this issue and to improve build
reproducibility.
Signed-off-by: Nicolas Cavallari <nicolas.cavallari@green-communications.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Baruch Siach [Wed, 31 Mar 2021 17:15:52 +0000 (20:15 +0300)]
package/libcurl: security bump to version 7.76.0
CVE-2021-22890: TLS 1.3 session ticket proxy host mixup (since 7.63.0)
CVE-2021-22876: Automatic referer leaks credentials (since 7.1.1)
This version adds optional dependency on libgsasl.
Cc: Matt Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fabrice Fontaine [Tue, 30 Mar 2021 21:43:31 +0000 (23:43 +0200)]
package/libvips: add poppler optional dependency
poppler is an optional dependency which is enabled by default since
version 8.3.0 and
https://github.com/libvips/libvips/commit/
8da4e706dd60aba1a69e49bd562d8de225d2404d
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Tue, 30 Mar 2021 21:42:13 +0000 (23:42 +0200)]
package/libupnp: disable samples
Disable samples which are built (but not installed) by default since at
least version 1.6.0 and
https://github.com/pupnp/pupnp/commit/
89e7a40fcc5c51afacdc9d5f3d18f5338b2bc5e9
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Adam Duskett [Sat, 20 Mar 2021 22:28:35 +0000 (15:28 -0700)]
package/mender: install dbus authentication file if dbus is selected
While not a requirement to run mender itself, the mender-connect package
requires this file to be installed to talk to mender.
Signed-off-by: Adam Duskett <Aduskett@rivian.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bernd Kuhls [Sat, 27 Mar 2021 12:59:47 +0000 (13:59 +0100)]
package/x11r7/xapp_xkbcomp: bump version to 1.4.5
Release notes:
https://lists.x.org/archives/xorg-announce/2021-March/003075.html
Update license hash after upstream removed trailing whitespaces:
https://cgit.freedesktop.org/xorg/app/xkbcomp/commit/COPYING?id=
3b3d25dd32ba48fd6d15ca98baf7109af21e1d97
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Peter Seiderer [Sun, 21 Mar 2021 14:38:32 +0000 (15:38 +0100)]
package/xtables-addons: bump version to 3.17
Changelog ([1]):
v3.18 (2021-03-11)
==================
- xt_pknock: fix a build failure on ARM 32-bit
v3.17 (2021-02-28)
==================
- xt_pknock: cure a NULL deref
v3.16 (2021-02-24)
==================
- xt_pknock: build fix for ILP32 targets
v3.15 (2021-02-05)
==================
- xt_ECHO: support new function signature of security_skb_classify_flow
- xt_lscan: add --mirai option
- Support for Linux 5.11
v3.14 (2020-11-24)
==================
- DELUDE, ECHO, TARPIT: use actual tunnel socket (ip_route_me_harder).
- geoip: scripts for use with MaxMind DB have been brought back,
partly under new names.
- Gave xt_geoip_fetch a more fitting name, xt_geoip_query.
[1] https://fossies.org/linux/privat/xtables-addons-3.18.tar.xz/xtables-addons-3.18/doc/changelog.txt
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Peter Seiderer [Sun, 21 Mar 2021 10:31:20 +0000 (11:31 +0100)]
package/qwt: bump version to 6.1.6
Changelog ([1]):
1) Maintenance
- QwtPlotLayout::activate: avoid compiler issues with Qt 5.15
- QwtPointPolar: missing copy constructor added
[1] https://sourceforge.net/p/qwt/code/HEAD/tree/tags/qwt-6.1.6/CHANGES-6.1
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Alexander Dahl [Wed, 17 Mar 2021 06:11:33 +0000 (07:11 +0100)]
package/siproxd: remove license file hash for internal libltdl
In a first draft of what ended up in commit
3efc5a250c1c
("package/siproxd: new package") libltdl was optionally built from an
internal copy of siproxd. Now external libltdl is selected
unconditionally, thus the license file of the internal copy of libtool
does not apply anymore.
Signed-off-by: Alexander Dahl <post@lespocky.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Adam Duskett [Sat, 20 Mar 2021 22:28:34 +0000 (15:28 -0700)]
package/mender: bump version to 2.5.0
Other changes:
- Add host-pkgconf as a dependency. It's used to find OpenSSL.
- Set new license hashes.
Signed-off-by: Adam Duskett <Aduskett@rivian.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Adam Duskett [Sat, 20 Mar 2021 22:28:33 +0000 (15:28 -0700)]
package/mender/mender.mk: fix linker version argument
The current linker flag "-X main.Version=$(MENDER_VERSION)" no longer points
to the correct location, which results in "version: unknown" when runnning
"mender -version." Update the linker flag to point to the correct location.
Signed-off-by: Adam Duskett <Aduskett@rivian.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Adam Duskett [Sat, 20 Mar 2021 22:28:32 +0000 (15:28 -0700)]
package/mender/mender.mk: use MENDER_PKGDIR variable
Currently there is a mix of calls to package/mender and $(MENDER_PKGDIR) in the
mender.mk file. Standardize the calls to only $(MENDER_PKGDIR).
Signed-off-by: Adam Duskett <Aduskett@rivian.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Mon, 22 Mar 2021 07:00:47 +0000 (08:00 +0100)]
package/efivar: disable -Werror
Fix the following build failure with gcc 10:
/home/buildroot/autobuild/run/instance-1/output-1/host/bin/aarch64-none-linux-gnu-gcc -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -O2 -I/home/buildroot/autobuild/run/instance-1/output-1/build/efivar-37/src/include/ -specs=/home/buildroot/autobuild/run/instance-1/output-1/build/efivar-37/gcc.specs -L. -fPIC -Wl,-z,muldefs -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -o efivar efivar.c -lefivar -ldl
In file included from efivar.h:28,
from efivar.c:40:
In function 'text_to_guid',
inlined from 'parse_name.constprop' at efivar.c:157:8:
guid.h:106:2: error: 'strncpy' output may be truncated copying 8 bytes from a string of length 38 [-Werror=stringop-truncation]
106 | strncpy(eightbytes, text, 8);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~
cc1: all warnings being treated as errors
Fixes:
- http://autobuild.buildroot.org/results/
fcba72d359f4128515560e9105384cd4deff5043
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Peter Seiderer [Sun, 21 Mar 2021 21:00:13 +0000 (22:00 +0100)]
package/start-stop-daemon: bump version to 1.20.7.1
- rebased 0001-add-uclibc-alias-and-musl.patch
- rebased 0002-just-warn-on-missing-arch.patch
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Peter Seiderer [Sun, 21 Mar 2021 20:58:06 +0000 (21:58 +0100)]
package/tzdata: bump version to 2021a
For details see [1].
[1] https://mm.icann.org/pipermail/tz-announce/2021-January/000065.html
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Sun, 21 Mar 2021 16:21:28 +0000 (17:21 +0100)]
package/sdl2: drop tslib
non existing tslib support has been dropped since version 2.0.14 and
https://github.com/libsdl-org/SDL/commit/
4c96faee578efcba3f2d6afe8e2122f26b1dfb0b
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bert Outtier [Mon, 29 Mar 2021 10:55:54 +0000 (12:55 +0200)]
support/scripts: fix pycompile for short filenames
Signed-off-by: Bert Outtier <outtierbert@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Edgar Bonet [Mon, 22 Mar 2021 17:14:24 +0000 (18:14 +0100)]
configs/acmesystems_acqua_a5: new defconfigs
The Acqua A5 is a system on module based on the Microchip SAMA5D31 SoC:
https://www.acmesystems.it/acqua
It is available in both 256 MiB and 512 MiB versions, hence the two
defconfig files. These configs build microSD card images with:
- AT91Bootstrap 3
- Linux 5.4.107
- default buildroot packages (uClibc, Busybox)
The device tree blob comes from Acme Systems:
https://github.com/AcmeSystems/dts-archive
It is licensed under GPLv2 or later.
Signed-off-by: Edgar Bonet <bonet@grenoble.cnrs.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Mon, 22 Mar 2021 07:44:42 +0000 (08:44 +0100)]
package/s390-tools: fix zkey build
Build of zkey fails since bump to version 2.16.0 in commit
b82b58a8ddc3d079aa2976b3dafbc965b6107648
Fixes:
- http://autobuild.buildroot.org/results/
e7f229a98dab188ee9c40e4709fd26bfa67358d3
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Adrian Perez de Castro [Tue, 30 Mar 2021 19:51:18 +0000 (22:51 +0300)]
package/wpebackend-fdo: bump to version 1.8.3
This minor release fixes an issue which would cause applications using
wpewebkit and webkitgtk freeze under certain conditions during normal
browsing. Release notes:
https://wpewebkit.org/release/wpebackend-fdo-1.8.3.html
Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fabrice Fontaine [Mon, 22 Mar 2021 19:13:16 +0000 (20:13 +0100)]
package/wpa_supplicant: annotate CVE-2021-27803
Add a WPA_SUPPLICANT_IGNORE_CVES entry for CVE-2021-27803 which was
fixed by commit
9ada4eb2f1c3d67ee49f6f5466738bcd821fc647, which we
have backported as
0001-P2P-Fix-a-corner-case-in-peer-addition-based-on-PD-R.patch.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Giulio Benetti [Mon, 22 Mar 2021 15:56:55 +0000 (16:56 +0100)]
package/binutils: add patches to fix OpenRisc bug 27624
These patches fix OpenRisc linker bug 27624 that affects packages
libtheora, protobuf and zeromq.
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Giulio Benetti [Mon, 29 Mar 2021 22:41:54 +0000 (00:41 +0200)]
package/pkg-kconfig: fix error string
Current error string speaks only about "fragment" but here we also deal
with Kconfig files, so let's add "file or fragment" instead of "fragment".
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Francois Perrad [Tue, 30 Mar 2021 09:00:26 +0000 (11:00 +0200)]
package/perl-parse-yapp: remove useless dependencies
Parse-Yapp comes with a Makefile.PL,
so it is built with the perl core module ExtUtils-MakeMaker
regenerated with `utils/scancpan -force -host Parse-Yapp`
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Petr Vorel [Mon, 29 Mar 2021 18:49:34 +0000 (20:49 +0200)]
package/modem-manager: bump version to 1.16.2
It requires libqmi >= 1.28.0
Signed-off-by: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Vadym Kochan [Mon, 22 Mar 2021 13:12:28 +0000 (15:12 +0200)]
package/frr: bump to 7.5.1 version
This is a maintenance release of FRR 7.5 with lots of bug fixes:
https://github.com/FRRouting/frr/releases/tag/frr-7.5.1
Signed-off-by: Vadym Kochan <vadym.kochan@plvision.eu>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Mon, 29 Mar 2021 19:30:58 +0000 (21:30 +0200)]
package/gnutls: drop unrecognized option
crywrap has been dropped since version 3.6.12 and
https://github.com/gnutls/gnutls/commit/
c991b5223140e4ef311afac0f25272e602238826
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Aleksander Morgado [Mon, 29 Mar 2021 22:35:42 +0000 (00:35 +0200)]
package/libqmi: fix build when libc doesn't define ARPHRD_RAWIP
The ARPHRD_RAWIP symbol is used in the rmnet backend in the link
management support now included in libqmi.
If libc doesn't provide this symbol yet, define it ourselves. The
symbol will only be used if rmnet is enabled in the kernel anyway.
This patch will be included in the next libqmi 1.28.4.
Signed-off-by: Aleksander Morgado <aleksander@aleksander.es>
[yann.morin.1998@free.fr:
- do an actual backport now it's been applied upstream
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Alexander Dahl [Mon, 29 Mar 2021 19:29:05 +0000 (21:29 +0200)]
package/fastd: add FASTD_CPE_ID_VERSION
With that FASTD_CPE_ID expands to:
cpe:2.3:a:fastd_project:fastd:21.0:*:*:*:*:*:*:*
That's the same as listed on
https://nvd.nist.gov/products/cpe/detail/826746
Signed-off-by: Alexander Dahl <post@lespocky.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Mon, 29 Mar 2021 21:19:56 +0000 (23:19 +0200)]
package/libqmi: switch to the new option to disable -Werror
--enable-more-warnings has been dropped since version 1.26.0 and
https://github.com/freedesktop/libqmi/commit/
9f31a45d5fc137431705d47b83669f35259932b4
Instead, a new --disable-Werror option has been added, through the use
of AX_COMPILER_FLAGS, so use that to explicitly request wrnings not be
treated as errors.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[yann.morin.1998@free.fr: use --disable-Werror instead of nothing]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Peter Korsgaard [Tue, 30 Mar 2021 06:10:03 +0000 (08:10 +0200)]
package/squid: security bump to version 4.14
Fixes the following security issues:
- CVE-2020-25097: HTTP Request Smuggling
Due to improper input validation Squid is vulnerable to an HTTP Request
Smuggling attack.
For more details, see the advisory:
https://github.com/squid-cache/squid/security/advisories/GHSA-jvf6-h9gj-pmj6
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Francois Perrad [Tue, 30 Mar 2021 09:01:13 +0000 (11:01 +0200)]
package/lua: bump to version 5.4.3
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>