Francois Perrad [Sat, 16 Jun 2018 08:16:31 +0000 (10:16 +0200)]
perl-encode-locale: add license hash
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Francois Perrad [Sat, 16 Jun 2018 08:16:30 +0000 (10:16 +0200)]
perl-encode-detect: add license hash
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Francois Perrad [Sat, 16 Jun 2018 08:16:29 +0000 (10:16 +0200)]
perl-digest-sha1: add license hash
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Francois Perrad [Sat, 16 Jun 2018 08:16:28 +0000 (10:16 +0200)]
perl-digest-hmac: add license hash
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Francois Perrad [Sat, 16 Jun 2018 08:16:27 +0000 (10:16 +0200)]
perl-xml-sax: bump to version 1.00
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Francois Perrad [Sat, 16 Jun 2018 08:16:26 +0000 (10:16 +0200)]
perl-time-hires: bump to version 1.9758
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Francois Perrad [Sat, 16 Jun 2018 08:16:25 +0000 (10:16 +0200)]
perl-net-ssleay: bump to version 1.85
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Francois Perrad [Sat, 16 Jun 2018 08:16:24 +0000 (10:16 +0200)]
perl-mojolicious: bump to version 7.84
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Francois Perrad [Sat, 16 Jun 2018 08:16:23 +0000 (10:16 +0200)]
perl-io-socket: bump to version 2.056
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Francois Perrad [Sat, 16 Jun 2018 08:16:22 +0000 (10:16 +0200)]
perl-http-message: bump to version 6.18
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Francois Perrad [Sat, 16 Jun 2018 08:16:21 +0000 (10:16 +0200)]
perl-datetime-tiny: bump to version 1.07
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bernd Kuhls [Wed, 13 Jun 2018 16:28:26 +0000 (18:28 +0200)]
package/mediastreamer: add optional dependency to speexdsp
Fixes
http://autobuild.buildroot.net/results/594/
594ea96cd7b6726052268a3c0b094e00e7b8f12f/
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bernd Kuhls [Wed, 13 Jun 2018 16:28:25 +0000 (18:28 +0200)]
package/linphone: needs speexdsp
Fixes
http://autobuild.buildroot.net/results/956/
956b8cffa0a35a417763ad72bb7c8e8a8b2fe6b0/
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bernd Kuhls [Wed, 13 Jun 2018 16:28:24 +0000 (18:28 +0200)]
package/asterisk: add optional dependency to speexdsp
Fixes
http://autobuild.buildroot.net/results/9f6/
9f61192382ea4b57b0f0548626968752363bb13f/
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bernd Kuhls [Wed, 13 Jun 2018 16:28:23 +0000 (18:28 +0200)]
package/freeswitch: needs speexdsp
Fixes
http://autobuild.buildroot.net/results/a3f/
a3f9845681025fad93a4f867bb667822e87a08ea/
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bernd Kuhls [Wed, 13 Jun 2018 16:28:22 +0000 (18:28 +0200)]
package/speex: add optional dependency to speexdsp
Quoting speex release notes from https://www.speex.org
"Speex 1.2rc2 and SpeexDSP 1.2rc2 are out
December 6, 2014
This release splits the speex codec library and the speex DSP library
into separate source trees."
After bumping speex to 1.2.0 DSP support is provided by speexdsp.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bernd Kuhls [Wed, 13 Jun 2018 16:28:21 +0000 (18:28 +0200)]
package/speexdsp: new package
Quoting speex release notes from https://www.speex.org
"Speex 1.2rc2 and SpeexDSP 1.2rc2 are out
December 6, 2014
This release splits the speex codec library and the speex DSP library
into separate source trees."
After bumping speex to 1.2.0 this new package is necessary to provide
speex-based DSP support for packages like Freeswitch and Asterisk.
We use current git HEAD which received 21 commits since the 1.2rc3
tarball was released in 2015, including a fix for building on arm.
We still need another patch which was not committed to git master to
fix building on aarch64.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Peter Korsgaard [Fri, 15 Jun 2018 12:54:55 +0000 (14:54 +0200)]
package: add python-validators
Simple data validation library.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Bernd Kuhls [Fri, 15 Jun 2018 16:31:54 +0000 (18:31 +0200)]
package/python: bump version to 2.7.15
Rebased patch 0009, removed patch 0035 after upstream commit
https://github.com/python/cpython/commit/
0b91f8a668201fc58fa732b8acc496caedfdbae0
Updated license hash after 2018 bump.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Joseph Kogut [Thu, 14 Jun 2018 22:48:18 +0000 (15:48 -0700)]
clang: bump to version 6.0.0
Signed-off-by: Joseph Kogut <joseph.kogut@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Joseph Kogut [Thu, 14 Jun 2018 22:48:17 +0000 (15:48 -0700)]
llvm: bump to version 6.0.0
Signed-off-by: Joseph Kogut <joseph.kogut@gmail.com>
Tested-by: Valentin Korenblit <valentin.korenblit@smile.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Joseph Kogut [Thu, 14 Jun 2018 22:48:12 +0000 (15:48 -0700)]
atk: bump to version 2.28.1
Signed-off-by: Joseph Kogut <joseph.kogut@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Baruch Siach [Fri, 15 Jun 2018 04:02:14 +0000 (07:02 +0300)]
modem-manager: update package prompt name
Rename the prompt string for consistency with the package directory
name.
Cc: Aleksander Morgado <aleksander@aleksander.es>
Cc: Carlos Santos <casantos@datacom.com.br>
Cc: Petr Vorel <petr.vorel@gmail.com>
Cc: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Reviewed-by: Yegor Yefremov <yegorslists@googlemail.com>
Acked-by: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Baruch Siach [Fri, 15 Jun 2018 04:02:13 +0000 (07:02 +0300)]
modem-manager: fix build with musl
modem-manager version 1.8.0 introduced use of canonicalize_file_name(),
which is a GNU extension that musl does not implement. Add a patch
switching to POSIX standard realpath().
Fixes:
http://autobuild.buildroot.net/results/9f6/
9f6859f1854d94d3caba7b5c24d9ca6a14622042/
Cc: Aleksander Morgado <aleksander@aleksander.es>
Cc: Carlos Santos <casantos@datacom.com.br>
Cc: Petr Vorel <petr.vorel@gmail.com>
Cc: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Thomas Petazzoni [Fri, 15 Jun 2018 14:28:31 +0000 (16:28 +0200)]
librtlsdr: fix typo in LIBRTLSDR_CONF_OPTS variable name
Commit
9ff035839eef68eb16e90ae70c3e70dc7f57ca5e ("librtlsdr: fix
static build") introduced this obvious typo, which was spotted by
check-package:
package/librtlsdr/librtlsdr.mk:18: possible typo: LIBRTLSDRCONF_OPTS -> *LIBRTLSDR*
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Yegor Yefremov [Wed, 13 Jun 2018 07:37:10 +0000 (09:37 +0200)]
scanpypi: rework download_package error handling
Some packages don't provide source archive but only a wheel file. In
this case download variable is not defined. So define this variable at
the very beginning and check whether it is None after searching for
source archives in the metadata.
Bonus: fix PEP8 issue with wrong indentation.
Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Peter Korsgaard [Wed, 13 Jun 2018 20:16:43 +0000 (22:16 +0200)]
redis: security bump to version 3.2.12
>From the release notes:
================================================================================
Redis 3.2.12 Released Wed Jun 13 12:43:01 CEST 2018
================================================================================
Upgrade urgency CRITICAL:
* Multilple security issues fixed.
* Backport of an older AOF fsync=always fix. Check 4.x release notes.
* Backport of a *SCAN bug. Sometimes elements could be missing from the scan.
* Other minor things.
https://raw.githubusercontent.com/antirez/redis/3.2/00-RELEASENOTES
For more details about the lua related security issues, see the blog:
http://antirez.com/news/119
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Baruch Siach [Fri, 15 Jun 2018 08:22:08 +0000 (11:22 +0300)]
libressl: security bump to version 2.7.4
Fixes CVE-2018-0495: ECDSA signing side-channel attack.
Cc: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Baruch Siach [Fri, 15 Jun 2018 08:21:52 +0000 (11:21 +0300)]
libgcrypt: security bump to version 1.8.3
Fixes CVE-2018-0495: ECDSA signing side-channel attack.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Baruch Siach [Thu, 14 Jun 2018 18:38:48 +0000 (21:38 +0300)]
autossh: fix manual set of ssh path
The configure script that is bundled with autossh does not generate the
correct code for the AC_ARG_WITH() macro of --with-ssh. As a result, the
configure scripts always check the host location, and fails with ssh is
not found.
Restore the autoreconf that has been removed in the last bump to fix the
--with-ssh configure option.
Fixes:
http://autobuild.buildroot.net/results/25d/
25d681f9df22c07cdf5a6b8756bfc2d5ecf36247/
http://autobuild.buildroot.net/results/f0a/
f0ae62d0ed6bac011c507cfea7cd7157671baf39/
http://autobuild.buildroot.net/results/b15/
b1546bb3e861c14771bdd03cda9ce2e9176a2069/
Cc: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Thu, 14 Jun 2018 19:18:36 +0000 (21:18 +0200)]
docs/manual: fix scancpan path
scancpan is now in utils not in supports/scripts
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Antoine Tenart [Thu, 14 Jun 2018 11:44:15 +0000 (13:44 +0200)]
package/cryptodev-linux: add an hash for the license file
Add a locally computed hash for the license file to track possible
updates.
Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Baruch Siach [Fri, 15 Jun 2018 03:56:48 +0000 (06:56 +0300)]
file: add upstream security fix
Fixes CVE-2018-10360: The do_core_note function in readelf.c in
libmagic.a in file 5.33 allows remote attackers to cause a denial of
service (out-of-bounds read and application crash) via a crafted ELF
file.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
David Barbion [Thu, 7 Jun 2018 13:45:28 +0000 (15:45 +0200)]
qt5webengine: fix BR2_TOOLCHAIN_HAS_GCC_BUG_85862 condition
In commit
bd03966d4ebeb284ac3afb5f3b8cba13da2b9983 ("toolchain: GCC
bug 85862"), a dependency on BR2_TOOLCHAIN_HAS_GCC_BUG_85862 was added
to the qt5webengine package, but it should have been a dependency on
!BR2_TOOLCHAIN_HAS_GCC_BUG_85862. This commit fixes that.
Signed-off-by: David Barbion <david.barbion@ext.leroymerlin.fr>
Reviewed-by: Matt Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Tue, 12 Jun 2018 18:36:18 +0000 (20:36 +0200)]
mosquitto: bump to version 1.5
- Remove patch (already in version)
- Add patch to fix crash (retrieved from upstream)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Gary Bisson [Tue, 12 Jun 2018 15:06:35 +0000 (17:06 +0200)]
imx-usb-loader: enable package for 64-bit ARM platforms
Now that it works for i.MX8MQ processors (tested on Nitrogen8M).
Signed-off-by: Gary Bisson <gary.bisson@boundarydevices.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Gary Bisson [Tue, 12 Jun 2018 15:06:34 +0000 (17:06 +0200)]
imx-usb-loader: bump revision to
e539461
This latest revision supports starting i.MX8MQ via USB recovery mode.
Signed-off-by: Gary Bisson <gary.bisson@boundarydevices.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Peter Korsgaard [Tue, 12 Jun 2018 15:21:30 +0000 (17:21 +0200)]
perl: add upstream security fix for CVE-2018-12015
Fixes CVE-2018-12015 - In Perl through 5.26.2, the Archive::Tar module
allows remote attackers to bypass a directory-traversal protection
mechanism, and overwrite arbitrary files, via an archive file containing a
symlink and a regular file with the same name.
Patch from
https://github.com/jib/archive-tar-new/commit/
ae65651eab053fc6dc4590dbb863a268215c1fc5
with path rewritten to match perl tarball.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Baruch Siach [Wed, 13 Jun 2018 07:00:27 +0000 (10:00 +0300)]
DEVELOPERS: drop Stefan Fröberg's entry
Emails bounce. The domain does not resolve.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bernd Kuhls [Wed, 13 Jun 2018 16:39:06 +0000 (18:39 +0200)]
package/autossh: bump version to 1.4f
Removed patch applied upstream, added all upstream and license hashes.
Removed _AUTORECONF, configure and configure.ac in the tarball match,
also removed _INSTALL_TARGET_CMDS, the upstream install target works
just fine nowadays.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Alexey Brodkin [Wed, 13 Jun 2018 16:39:56 +0000 (19:39 +0300)]
binutils: fix glibc building for ARC with stock binutils 2.30
There're known issues with building glibc for ARC with vanilla
Binutils 2.30. Adding a couple of not yet upstreamed patches that
solve it.
Signed-off-by: Alexey Brodkin <abrodkin@synopsys.com>
[Thomas: remove numbering in patch titles, renumber patch file names.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bernd Kuhls [Wed, 13 Jun 2018 17:19:56 +0000 (19:19 +0200)]
package/unrar: bump version to 5.6.4
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bernd Kuhls [Wed, 13 Jun 2018 17:16:14 +0000 (19:16 +0200)]
package/file: bump version to 5.33
Added license hashes, added optional dependency to libseccomp provided
by upstream in this version bump.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bernd Kuhls [Wed, 13 Jun 2018 17:08:33 +0000 (19:08 +0200)]
package/connman: bump version to 1.36
Added licence hash, removed patch applied upstream
https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=
bdfb3526466f8fb8f13d9259037d8f42c782ce24
Renumbered remaining patch.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Acked-by: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabio Estevam [Wed, 13 Jun 2018 17:04:26 +0000 (14:04 -0300)]
linux-headers: bump 4.{4, 9}.x series
Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Baruch Siach [Wed, 13 Jun 2018 18:16:53 +0000 (21:16 +0300)]
f2fs-tools: fix build for uclinux
Add a patch making uclinux also linux.
Fixes:
http://autobuild.buildroot.net/results/357/
3577d413dc16bcec7a403fd8857ec5dd64470ba5/
http://autobuild.buildroot.net/results/819/
819a8a528764a68c02b1b98431a1d09929c387f1/
http://autobuild.buildroot.net/results/d98/
d987df1ea7f8043f05d5221342888892990e9252/
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Baruch Siach [Tue, 12 Jun 2018 17:40:50 +0000 (20:40 +0300)]
f2fs-tools: add selinux and libblk optional dependencies
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Baruch Siach [Tue, 12 Jun 2018 17:40:49 +0000 (20:40 +0300)]
f2fs-tools: bump to version 1.10.0
Add license file hash.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Baruch Siach [Tue, 12 Jun 2018 17:40:48 +0000 (20:40 +0300)]
f2fs-tools: update homepage link
As noted in the sourceforge page, the project is not using sourceforge
anymore. Use the gitweb summary page instead.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabio Estevam [Tue, 12 Jun 2018 18:04:54 +0000 (15:04 -0300)]
linux-headers: bump 4.{14, 16, 17}.x series
Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabio Estevam [Tue, 12 Jun 2018 18:04:53 +0000 (15:04 -0300)]
linux: bump default to version 4.17.1
Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Baruch Siach [Tue, 12 Jun 2018 12:28:44 +0000 (15:28 +0300)]
hiawatha: bump to version 10.8.1
Drop upstream patch.
Add license file hash.
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Baruch Siach [Tue, 12 Jun 2018 12:11:51 +0000 (15:11 +0300)]
lighttpd: bump to version 1.4.49
Cc: Matt Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Carlos Santos [Mon, 11 Jun 2018 06:00:16 +0000 (03:00 -0300)]
board/synopsys: synchronize custom inittab with BusyBox' one
Apply modifications made in recent commits:
-
456ea9871e busybox: add /dev/std{in, out, err} symlinks to inittab
-
13dbe73782 busybox: reduce number of mkdir calls in inittab
-
8a89d290d4 busybox: add an inittab entry to activate swap
Signed-off-by: Carlos Santos <casantos@datacom.com.br>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Carlos Santos [Mon, 11 Jun 2018 06:00:15 +0000 (03:00 -0300)]
busybox: add an inittab entry to activate swap
There is a call to swapoff in the shutdown sequence, so call "swapon -a"
on startup. As stated in the swapon man page,
All devices marked as "swap" in /etc/fstab are made available, except
for those with the "noauto" option. Devices that are already being
used as swap are silently skipped.
So even if the system has some init script to start/stop swap (e.g. from
a rootfs ovelay) calling swapon/swapoff would be harmless.
Signed-off-by: Carlos Santos <casantos@datacom.com.br>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Carlos Santos [Mon, 11 Jun 2018 06:00:14 +0000 (03:00 -0300)]
sysvinit: add an inittab entry to activate swap
There is a call to swapoff in the shutdown sequence, so call "swapon -a"
on startup. As stated in the swapon man page,
All devices marked as "swap" in /etc/fstab are made available, except
for those with the "noauto" option. Devices that are already being
used as swap are silently skipped.
So even if the system has some init script to start/stop swap (e.g. from
a rootfs ovelay) calling swapon/swapoff would be harmless.
Signed-off-by: Carlos Santos <casantos@datacom.com.br>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Carlos Santos [Mon, 11 Jun 2018 06:00:13 +0000 (03:00 -0300)]
sysvinit: reduce number of mkdir calls in inittab
The default sysvinit inittab does two separate mkdir calls to create
/dev/pts and /dev/shm. Reduce this to call mkdir only once for both
directories.
This removes id "si3" but keeps ids "si4".."si9" intact rather than
renumbering them. This would just increase the turmoil without any
practical effect.
Based on commit
e9db8122fb, by Florian La Roche <F.LaRoche@pilz.de>.
Signed-off-by: Carlos Santos <casantos@datacom.com.br>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Joseph Kogut [Mon, 11 Jun 2018 23:36:18 +0000 (16:36 -0700)]
libnss: bump to version 3.37.3
Fixes:
http://autobuild.buildroot.net/results/
fd64ee3486f9045dfbd83908b8f06ef62c0d9781/
http://autobuild.buildroot.net/results/
698500a92688c50e9cc71cf82c0848cb4adb81ad/
http://autobuild.buildroot.net/results/
adaa2f79b202cb01ae57fa0cdb0eac9c07b22ea2/
Signed-off-by: Joseph Kogut <joseph.kogut@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Baruch Siach [Sun, 10 Jun 2018 18:28:18 +0000 (21:28 +0300)]
flatcc: fix build with gcc 8
gcc 8 enables a strncpy() warning. This breaks the build of flatcc that
enables -Werror. Add upstream patch fixing the issue.
Fixes:
http://autobuild.buildroot.net/results/0e3/
0e3a959855fad5899db184f7d2c960c89df03672/
http://autobuild.buildroot.net/results/d2c/
d2c03bc253bdf135b0f31f3d1e6fd33f7d37d64b/
http://autobuild.buildroot.net/results/163/
1636ec6ddad92add95f42451d941156451c6d936/
Cc: Joel Carlson <JoelsonCarl@gmail.com>
Cc: Mikkel Fahnøe Jørgensen <mikkel@dvide.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Reviewed-by: Joel Carlson <JoelsonCarl@gmail.com>
Tested-by: Joel Carlson <JoelsonCarl@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Baruch Siach [Mon, 11 Jun 2018 18:24:48 +0000 (21:24 +0300)]
triggerhappy: add optional dependency on systemd
triggerhappy can use systemd for socket activation.
Cc: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Baruch Siach [Sun, 10 Jun 2018 19:09:22 +0000 (22:09 +0300)]
znc: fix build without openssl
Add a patch to include <memory> unconditionally.
Fixes:
http://autobuild.buildroot.net/results/4c3/
4c3d9f6f5214052b7eda4c7bbfabe5b463080b12/
http://autobuild.buildroot.net/results/d06/
d06176f00109ad0707032b0d76fe94f1d414106c/
Cc: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Baruch Siach [Sun, 10 Jun 2018 18:44:48 +0000 (21:44 +0300)]
x265: fix build
Add upstream patch fixing missing function argument issue.
Fixes:
http://autobuild.buildroot.net/results/caa/
caaaa5dc428c12ce7137194589153313911b000f/
http://autobuild.buildroot.net/results/741/
741d8bacbe12e2f40047e30f7765039a88d1ce8f/
http://autobuild.buildroot.net/results/2c3/
2c3f5b18efe5f42e1ab5269e106b9200690330af/
Cc: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Jared Bents [Mon, 11 Jun 2018 14:51:53 +0000 (09:51 -0500)]
modem-manager: update to version 1.8.0
Update to modem manager 1.8.0 which does not require udev.
Added option to build without udev but if udev exists in
the build, it build with libgudev.
Signed-off-by: Jared Bents <jared.bents@rockwellcollins.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Jan Kraval [Mon, 11 Jun 2018 17:01:13 +0000 (19:01 +0200)]
configs/orangepi_lite: Enable HDMI and analog audio in Linux config
Signed-off-by: Jan Kraval <jan.kraval@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Jan Kraval [Mon, 11 Jun 2018 17:01:12 +0000 (19:01 +0200)]
configs/orangepi_lite: Bump kernel and U-Boot versions
Bump kernel to version 4.17 and U-Boot to 2018.05.
Signed-off-by: Jan Kraval <jan.kraval@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Peter Korsgaard [Sat, 9 Jun 2018 14:31:32 +0000 (16:31 +0200)]
orangepi_pc_defconfig: bump linux to 4.17, u-boot to 2018.05
4.17 brings support for HDMI out, but sunxi_defconfig hasn't been updated to
enable the drivers - So add a kernel fragment to enable them.
Likewise, analog audio has been supported since 4.10, but the driver isn't
enabled in sunxi_defconfig, so enable it in the fragment.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Baruch Siach [Mon, 11 Jun 2018 18:24:47 +0000 (21:24 +0300)]
triggerhappy: use target pkg-config
triggerhappy uses pkg-config to detect the systemd library. Make sure it
uses the target pkg-config, not the host one.
Fixes build failure when the host has systemd pkg-config files:
.../host/bin/arm-linux-gcc -static th-cmd.o cmdsocket.o -lsystemd -o th-cmd
.../host/opt/ext-toolchain/bin/../lib/gcc/arm-buildroot-linux-uclibcgnueabi/6.4.0/../../../../arm-buildroot-linux-uclibcgnueabi/bin/ld: cannot find -lsystemd
Cc: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Baruch Siach [Mon, 11 Jun 2018 16:08:43 +0000 (19:08 +0300)]
gnupg: security bump to version 1.4.23
Fixes CVE-2018-12020: Unsanitized file names might cause injection of
terminal control characters into the status output of gnupg.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Baruch Siach [Mon, 11 Jun 2018 15:53:12 +0000 (18:53 +0300)]
gnupg2: security bump to version 2.2.8
Fixes CVE-2018-12020: Unsanitized file names might cause injection of
terminal control characters into the status output of gnupg.
Cc: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Mon, 11 Jun 2018 04:51:44 +0000 (06:51 +0200)]
yaml-cpp: disable tests
fork is used in tests so build fails without MMU
Fixes:
- http://autobuild.buildroot.net/results/
3cb7c4d93e466c6eef69aacd0e561a9fb569e69b
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Thomas Petazzoni [Sun, 10 Jun 2018 14:43:53 +0000 (16:43 +0200)]
mender: fix check-package warnings
Fixes:
package/mender/Config.in:7: help text: <tab><2 spaces><62 chars> (http://nightly.buildroot.org/#writing-rules-config-in)
package/mender/Config.in:8: help text: <tab><2 spaces><62 chars> (http://nightly.buildroot.org/#writing-rules-config-in)
package/mender/mender.mk:8: remove default value of _SOURCE variable (http://nightly.buildroot.org/#generic-package-reference)
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Yann E. MORIN [Sat, 2 Jun 2018 08:01:01 +0000 (10:01 +0200)]
docs/manual: always point to the correct license file
The manual is GPL-2, and points to the COPYING file in the repository.
When we do a rendering of the manual for a specific version, that URL
is currently always poitning to the latest version of the COPYING file.
If we ever have to change the content of that file (e.g. to add a new
exception, more clarifications, a license change, or whatever), then
an old manual would point to that newer version, which would then be
incorrect.
Include the sha1 of the commit in the URL, so that the manual always
point to the tree at the time the manual was rendered, not the time
it is consulted. Contrary to the informative text above, use the full
sha1, not the shortened one.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Thomas De Schampheleire <patrickdepinguin@gmail.com>
Cc: Luca Ceresoli <luca@lucaceresoli.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Sun, 10 Jun 2018 13:38:57 +0000 (15:38 +0200)]
librsvg: bump to version 2.42.5
- Add a dependency to host-cargo
- Add a patch to set RUST_TARGET
- Add a dependency to BR2_PACKAGE_HOST_RUSTC_ARCH_SUPPORTS
- Forward this dependency to efl svg, enlightment, gst-plugins-bad and
gst1-plugins-bad
- Add hash for license file
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[Thomas: propagate the new dependency to the gst-plugins-bad and
gst1-plugins-bad Config.in comments.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Thomas Petazzoni [Sun, 10 Jun 2018 13:58:29 +0000 (15:58 +0200)]
rustc: drop BR2_PACKAGE_HAS_HOST_RUSTC
This commit drops the option BR2_PACKAGE_HAS_HOST_RUSTC, which is no
longer used following commit
bd425f716f0a92ef627f7287869d88ca408fe55e
("host-cargo: select host-rustc").
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Sun, 10 Jun 2018 13:38:56 +0000 (15:38 +0200)]
host-cargo: select host-rustc
Buildroot documentation specifies that cargo-based package should only
depends on BR2_PACKAGE_HOST_RUSTC_ARCH_SUPPORTS and selects
BR2_PACKAGE_HOST_CARGO but this fails with the following error:
warning: (BR2_PACKAGE_LIBRSVG) selects BR2_PACKAGE_HOST_CARGO which has
unmet direct dependencies (BR2_PACKAGE_HAS_HOST_RUSTC)
Indeed, host-cargo depends on
BR2_PACKAGE_HAS_HOST_RUSTC which is selected only when host-rustc is
selected.
So instead of having to select both cargo and rustc in each cargo-based
package, replace BR2_PACKAGE_HAS_HOST_RUSTC dependency by
BR2_PACKAGE_HOST_RUSTC_ARCH_SUPPORTS and select
BR2_PACKAGE_HOST_RUSTC
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Yann E. MORIN [Sun, 3 Jun 2018 09:08:21 +0000 (11:08 +0200)]
support/testing: fix python syntax
Fix three issues with code style in our test infra:
- 'print' is now a function,
- exceptions need to be caught-assigned with the 'as' keyword,
- old-style "%s"%() formatting is deprecated.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Ricardo Martincoski <ricardo.martincoski@gmail.com>
[Thomas: drop indices in format strings.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Mikhail Karpenko [Thu, 7 Jun 2018 19:51:32 +0000 (22:51 +0300)]
numactl: change source code provider to GitHub
The original ftp with source code is not reachable any more and this
commit changes the location of the package to corresponding GitHub
project.
Signed-off-by: Mikhail Karpenko <karpenko@fastmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Sat, 9 Jun 2018 19:55:22 +0000 (21:55 +0200)]
libtirpc: bump to version 1.0.3
- Remove 0006-include-stdint.h-for-uintptr_t.patch (already in version)
- Add hash for license file
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Peter Korsgaard [Sat, 9 Jun 2018 16:02:29 +0000 (18:02 +0200)]
libvncserver: add upstream security fix for CVE-2018-7225
Fixes CVE-2018-7225 - An issue was discovered in LibVNCServer through
0.9.11. rfbProcessClientNormalMessage() in rfbserver.c does not sanitize
msg.cct.length, leading to access to uninitialized and potentially sensitive
data or possibly unspecified other impact (e.g., an integer overflow) via
specially crafted VNC packets.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Sat, 9 Jun 2018 10:46:37 +0000 (12:46 +0200)]
yaml-cpp: bump to version 0.6.2
- Remove boost dependency (not needed since 0.6)
- Add C++11 dependency (needed since 0.6)
- Add hash for license file
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bernd Kuhls [Sun, 10 Jun 2018 12:09:10 +0000 (14:09 +0200)]
package/mpg123: security bump to version 1.25.10
Version 1.25.4 fixes CVE-2017-9545, for details see release notes:
http://www.mpg123.org/cgi-bin/news.cgi
Added upstream hashes.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bernd Kuhls [Sun, 10 Jun 2018 10:11:23 +0000 (12:11 +0200)]
package/fdk-aac: bump version to 0.1.6
Added upstream and license hashes.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bernd Kuhls [Sun, 10 Jun 2018 10:29:46 +0000 (12:29 +0200)]
package/nvidia-driver: bump version to 390.67
Added license hash, adjusted upstream library names.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bernd Kuhls [Sun, 10 Jun 2018 10:28:14 +0000 (12:28 +0200)]
package/x265: bump version to 2.8
Added license hash.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bernd Kuhls [Sun, 10 Jun 2018 10:21:56 +0000 (12:21 +0200)]
package/imagemagick: security bump to version 7.0.7-38
Fixes CVE-2018-11625, CVE-2018-11624 & CVE-2018-10177.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bernd Kuhls [Sun, 10 Jun 2018 10:14:15 +0000 (12:14 +0200)]
package/dtv-scan-tables: bump version
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bernd Kuhls [Sun, 10 Jun 2018 10:10:24 +0000 (12:10 +0200)]
package/speex: bump version to 1.2.0
Added upstream md5 & locally computed license hashes, rebased patch,
updated SPEEX_SITE.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bernd Kuhls [Sun, 10 Jun 2018 10:10:23 +0000 (12:10 +0200)]
package/speex: use pkgconf to detect libogg
Upstream removed with-ogg-* configure options and switched to pkgconf
to detect libogg back in 2014:
https://git.xiph.org/?p=speex.git;a=commitdiff;h=
e1b1eeabce815283c5bbc42016a9d6a11eda2866
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bernd Kuhls [Sun, 10 Jun 2018 09:30:48 +0000 (11:30 +0200)]
package/wireless-regdb: bump version to 2018.05.31
Added license hash, updated project URL, old site is dead.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bernd Kuhls [Sun, 10 Jun 2018 09:16:56 +0000 (11:16 +0200)]
package/pngquant: bump version to 2.12.0
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bernd Kuhls [Sun, 10 Jun 2018 09:04:42 +0000 (11:04 +0200)]
DEVELOPERS: add myself for sqlite
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bernd Kuhls [Sun, 10 Jun 2018 09:04:41 +0000 (11:04 +0200)]
package/sqlite: bump version to 3.24.0
Release notes:
https://www.sqlite.org/releaselog/3_24_0.html
https://www.sqlite.org/releaselog/3_23_1.html
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Eric Le Bihan [Sat, 9 Jun 2018 10:05:35 +0000 (12:05 +0200)]
meson: bump version to 0.46.1
Signed-off-by: Eric Le Bihan <eric.le.bihan.dev@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Peter Korsgaard [Fri, 8 Jun 2018 16:44:34 +0000 (18:44 +0200)]
mariadb: security bump version to 10.1.33
Release notes: https://mariadb.com/kb/en/mariadb-10133-release-notes/
Changelog: https://mariadb.com/kb/en/mariadb-10133-changelog/
Fixes the following security vulnerabilities:
CVE-2018-2782 - Vulnerability in the MySQL Server component of Oracle MySQL
(subcomponent: InnoDB). Supported versions that are affected are 5.6.39 and
prior and 5.7.21 and prior. Easily exploitable vulnerability allows low
privileged attacker with network access via multiple protocols to compromise
MySQL Server. Successful attacks of this vulnerability can result in
unauthorized ability to cause a hang or frequently repeatable crash
(complete DOS) of MySQL Server.
CVE-2018-2784 - Vulnerability in the MySQL Server component of Oracle MySQL
(subcomponent: InnoDB). Supported versions that are affected are 5.6.39 and
prior and 5.7.21 and prior. Easily exploitable vulnerability allows low
privileged attacker with network access via multiple protocols to compromise
MySQL Server. Successful attacks of this vulnerability can result in
unauthorized ability to cause a hang or frequently repeatable crash
(complete DOS) of MySQL Server.
CVE-2018-2787 - Vulnerability in the MySQL Server component of Oracle MySQL
(subcomponent: InnoDB). Supported versions that are affected are 5.6.39 and
prior and 5.7.21 and prior. Easily exploitable vulnerability allows high
privileged attacker with network access via multiple protocols to compromise
MySQL Server. Successful attacks of this vulnerability can result in
unauthorized ability to cause a hang or frequently repeatable crash
(complete DOS) of MySQL Server as well as unauthorized update, insert or
delete access to some of MySQL Server accessible data.
CVE-2018-2766 - Vulnerability in the MySQL Server component of Oracle MySQL
(subcomponent: InnoDB). Supported versions that are affected are 5.6.39 and
prior and 5.7.21 and prior. Easily exploitable vulnerability allows high
privileged attacker with network access via multiple protocols to compromise
MySQL Server. Successful attacks of this vulnerability can result in
unauthorized ability to cause a hang or frequently repeatable crash
(complete DOS) of MySQL Server.
CVE-2018-2755 - Vulnerability in the MySQL Server component of Oracle MySQL
(subcomponent: Server: Replication). Supported versions that are affected
are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Difficult to
exploit vulnerability allows unauthenticated attacker with logon to the
infrastructure where MySQL Server executes to compromise MySQL Server.
Successful attacks require human interaction from a person other than the
attacker and while the vulnerability is in MySQL Server, attacks may
significantly impact additional products. Successful attacks of this
vulnerability can result in takeover of MySQL Server.
CVE-2018-2819 - Vulnerability in the MySQL Server component of Oracle MySQL
(subcomponent: InnoDB). Supported versions that are affected are 5.5.59 and
prior, 5.6.39 and prior and 5.7.21 and prior. Easily exploitable
vulnerability allows low privileged attacker with network access via
multiple protocols to compromise MySQL Server. Successful attacks of this
vulnerability can result in unauthorized ability to cause a hang or
frequently repeatable crash (complete DOS) of MySQL Server.
CVE-2018-2817 - Vulnerability in the MySQL Server component of Oracle MySQL
(subcomponent: Server: DDL). Supported versions that are affected are
5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Easily exploitable
vulnerability allows low privileged attacker with network access via
multiple protocols to compromise MySQL Server. Successful attacks of this
vulnerability can result in unauthorized ability to cause a hang or
frequently repeatable crash (complete DOS) of MySQL Server.
CVE-2018-2761 - Vulnerability in the MySQL Server component of Oracle MySQL
(subcomponent: Client programs). Supported versions that are affected are
5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Difficult to
exploit vulnerability allows unauthenticated attacker with network access
via multiple protocols to compromise MySQL Server. Successful attacks of
this vulnerability can result in unauthorized ability to cause a hang or
frequently repeatable crash (complete DOS) of MySQL Server.
CVE-2018-2781 - Vulnerability in the MySQL Server component of Oracle MySQL
(subcomponent: Server: Optimizer). Supported versions that are affected are
5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Easily exploitable
vulnerability allows high privileged attacker with network access via
multiple protocols to compromise MySQL Server. Successful attacks of this
vulnerability can result in unauthorized ability to cause a hang or
frequently repeatable crash (complete DOS) of MySQL Server.
CVE-2018-2771 - Vulnerability in the MySQL Server component of Oracle MySQL
(subcomponent: Server: Locking). Supported versions that are affected are
5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Difficult to
exploit vulnerability allows high privileged attacker with network access
via multiple protocols to compromise MySQL Server. Successful attacks of
this vulnerability can result in unauthorized ability to cause a hang or
frequently repeatable crash (complete DOS) of MySQL Server.
CVE-2018-2813 - Vulnerability in the MySQL Server component of Oracle MySQL
(subcomponent: Server: DDL). Supported versions that are affected are
5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Easily exploitable
vulnerability allows low privileged attacker with network access via
multiple protocols to compromise MySQL Server. Successful attacks of this
vulnerability can result in unauthorized read access to a subset of MySQL
Server accessible data.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Acked-by: Ryan Coe <bluemrp9@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Fri, 8 Jun 2018 21:35:40 +0000 (23:35 +0200)]
aubio: bump to version 0.4.6
Add hash for license file
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Fri, 8 Jun 2018 21:57:44 +0000 (23:57 +0200)]
jansson: bump to version 2.11
Add hash for license file
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Joel Carlson [Fri, 8 Jun 2018 19:27:39 +0000 (13:27 -0600)]
DEVELOPERS: update email for flatcc
Signed-off-by: Joel Carlson <JoelsonCarl@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Sat, 9 Jun 2018 10:13:17 +0000 (12:13 +0200)]
pugixml: bump to version 1.9
- Remove patch (already in version)
- Add hash for license file
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Sat, 9 Jun 2018 09:59:28 +0000 (11:59 +0200)]
json-glib: bump to version 1.4.2
- Switch to meson-package
- Add hash for license file
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Sat, 9 Jun 2018 08:41:39 +0000 (10:41 +0200)]
json-c: bump to version 0.13.1
Drop patch, issue has been properly fixed by:
https://github.com/json-c/json-c/commit/
0f814e52dd22ee959a29ffcce36923aff62147b3
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>