Fabrice Fontaine [Tue, 14 Jul 2020 17:38:10 +0000 (19:38 +0200)]
package/gvfs: add optional libfuse3 dependency
libfuse3 is an optional dependency since version 1.41.1 and
https://github.com/GNOME/gvfs/commit/
7a0a06186b6fef07b8fce2360c04fd075fc84ed1
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Tue, 14 Jul 2020 22:23:12 +0000 (00:23 +0200)]
package/optee-client: fix static build
Add a patch that fix a build failure on version 3.9.0
Fixes:
- http://autobuild.buildroot.org/results/
fe2d0f5a956bf23635e51258f92d9ab2e5af7941
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Wed, 15 Jul 2020 06:33:01 +0000 (08:33 +0200)]
package/mongodb: security bump to version 4.2.8
Fix the following security issues:
- SERVER-45514 [FLE] Reject document validators with encryption-related
keywords if the validationAction is “warn”
- SERVER-48039 Unrecognized option: net.ssl.clusterCertificateSelector
in MongoDB v4.2
- SERVER-45803 mongodecrypt needs a ServiceContext
- SERVER-46834 Use monotonic time in UserCacheInvalidator
- SERVER-47113 LDAP connection pool acquisition state should own host
list
https://docs.mongodb.com/manual/release-notes/4.2
Also:
- Update indentation in hash file (two spaces)
- Tweak version to be "compliant" with https://release-monitoring.org
- Use official tarball
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabio Estevam [Tue, 14 Jul 2020 23:15:32 +0000 (20:15 -0300)]
boot/uboot: bump to version 2020.07
Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Antoine Tenart [Wed, 15 Jul 2020 13:07:40 +0000 (15:07 +0200)]
package/setools: bump to 4.3.0
setools is no longer hosted on https://github.com/TresysTechnology/setools/.
Update the source location to its new home,
https://github.com/SELinuxProject/setools/.
Refresh patches 0001-remove-werror-flag-from-setup.patch and
0002-Do-not-export-use-setools.InfoFlowAnalysis-and-setoo.patch for
4.3.0 and remove patch 0003-setup.py-drop-path-prefix-from-man-install.patch
that is now upstream.
Add a new dependency on host-python-cython, as setup.py now depends on
it.
Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Antoine Tenart [Wed, 15 Jul 2020 13:07:39 +0000 (15:07 +0200)]
package/selinux-python: bump to
20200710
Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Antoine Tenart [Wed, 15 Jul 2020 13:07:38 +0000 (15:07 +0200)]
package/semodule-utils: bump to
20200710
Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Antoine Tenart [Wed, 15 Jul 2020 13:07:37 +0000 (15:07 +0200)]
package/restorecond: bump to
20200710
Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Antoine Tenart [Wed, 15 Jul 2020 13:07:36 +0000 (15:07 +0200)]
package/checkpolicy: bump to
20200710
Patch 0001-checkpolicy-remove-unused-te_assertions.patch is now part of
the upstream release
20200710.
Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Antoine Tenart [Wed, 15 Jul 2020 13:07:35 +0000 (15:07 +0200)]
package/policycoreutils: bump to
20200710
Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Antoine Tenart [Wed, 15 Jul 2020 13:07:34 +0000 (15:07 +0200)]
package/libselinux: bump to
20200710
Refresh patch 0002-Do-not-use-PYCEXT-and-rely-on-the-installed-file-nam.patch
for 3.1; and remove patch 0003-fix-building-against-musl-and-uclibc-libraries.patch
that is now upstream.
Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com>
Reviewed-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Antoine Tenart [Wed, 15 Jul 2020 13:07:33 +0000 (15:07 +0200)]
package/libsemanage: bump to
20200710
Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Antoine Tenart [Wed, 15 Jul 2020 13:07:32 +0000 (15:07 +0200)]
package/libsepol: bump to
20200710
Patches 0002-libsepol-fix-CIL_KEY_-build-errors-with-fno-common.patch
and 0003-libsepol-remove-leftovers-of-cil_mem_error_handler.patch are
now upstream.
Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Tue, 14 Jul 2020 21:18:04 +0000 (23:18 +0200)]
package/libodb-mysql: fix static build
Use mysql_config to help libodb-mysql to retrieve mysql dependencies
such as -lz
Fixes:
- http://autobuild.buildroot.org/results/
a5447c5105f15606ed562b39ca84c06e7e6b78c0
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Tue, 14 Jul 2020 21:10:17 +0000 (23:10 +0200)]
package/open2300: use mysql_config to retrieve cflags and libs
oracle-mysql won't built its own bundled zlib since commit
6fed83a03047535d4a9c849352f8c21b30177fcd so don't unconditionally link
with zlib instead use mysql_config to retrieve cflags and libs as
suggested by Thomas Petazzoni in review of first iteration
Fixes:
- No autobuilder failures yet
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Eugen Hristev [Tue, 12 Nov 2019 15:24:33 +0000 (15:24 +0000)]
configs/microchip_sama5d27_wlsom1_ek: new defconfigs
Add the new SAMA5D27 WLSOM1 Evaluation Kit with linux4sam_6.2
components. Update README file with new defconfigs and new
packages/website.
Signed-off-by: Eugen Hristev <eugen.hristev@microchip.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Tue, 23 Jun 2020 21:38:03 +0000 (23:38 +0200)]
package/umtprd: fix build on musl
Fixes:
- http://autobuild.buildroot.org/results/
0b577a2f0582e38d33bd41a4d8e4cb7ec6eab52b
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Pierre-Jean Texier [Wed, 24 Jun 2020 11:05:59 +0000 (13:05 +0200)]
package/libubootenv: bump to version
86bd30a
This includes the following changes:
86bd30a Restore ability to feed script file via stdin, using `-s -`.
Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Peter Seiderer [Fri, 26 Jun 2020 07:25:25 +0000 (09:25 +0200)]
package/zd1211-firmware: bump version to 1.5
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Thu, 25 Jun 2020 22:10:25 +0000 (00:10 +0200)]
package/libnfc: bump to version 1.8.0
- Retrieve first patch from upstream (BUILD_EXAMPLES is already in
CMakeLists.txt)
- Update indentation in hash file (two spaces)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Thu, 25 Jun 2020 22:00:58 +0000 (00:00 +0200)]
package/libvncserver: security bump to version 0.9.13
- Drop all patches (already in version)
- Fix CVE-2018-21247: An issue was discovered in LibVNCServer before
0.9.13. There is an information leak (of uninitialized memory contents)
in the libvncclient/rfbproto.c ConnectToRFBRepeater function.
- Fix CVE-2019-20839: libvncclient/sockets.c in LibVNCServer before
0.9.13 has a buffer overflow via a long socket filename.
- Fix CVE-2019-20840: An issue was discovered in LibVNCServer before
0.9.13. libvncserver/ws_decode.c can lead to a crash because of
unaligned accesses in hybiReadAndDecode.
- Fix CVE-2020-14396: An issue was discovered in LibVNCServer before
0.9.13. libvncclient/tls_openssl.c has a NULL pointer dereference.
- Fix CVE-2020-14397: An issue was discovered in LibVNCServer before
0.9.13. libvncserver/rfbregion.c has a NULL pointer dereference.
- Fix CVE-2020-14398: An issue was discovered in LibVNCServer before
0.9.13. An improperly closed TCP connection causes an infinite loop in
libvncclient/sockets.c.
- Fix CVE-2020-14399: An issue was discovered in LibVNCServer before
0.9.13. Byte-aligned data is accessed through uint32_t pointers in
libvncclient/rfbproto.c.
- Fix CVE-2020-14400: An issue was discovered in LibVNCServer before
0.9.13. Byte-aligned data is accessed through uint16_t pointers in
libvncserver/translate.c.
- Fix CVE-2020-14401: An issue was discovered in LibVNCServer before
0.9.13. libvncserver/scale.c has a pixel_value integer overflow.
- Fix CVE-2020-14402: An issue was discovered in LibVNCServer before
0.9.13. libvncserver/corre.c allows out-of-bounds access via
encodings.
- Fix CVE-2020-14403: An issue was discovered in LibVNCServer before
0.9.13. libvncserver/hextile.c allows out-of-bounds access via
encodings.
- Fix CVE-2020-14404: An issue was discovered in LibVNCServer before
0.9.13. libvncserver/rre.c allows out-of-bounds access via encodings.
- Fix CVE-2020-14405: An issue was discovered in LibVNCServer before
0.9.13. libvncclient/rfbproto.c does not limit TextChat size.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Thu, 25 Jun 2020 21:40:11 +0000 (23:40 +0200)]
package/ngircd: security bump to version 26
- Fix CVE-2020-14148: The Server-Server protocol implementation in
ngIRCd before 26~rc2 allows an out-of-bounds access, as demonstrated
by the IRC_NJOIN() function.
- Fix a static build failure with openssl thanks to
https://github.com/ngircd/ngircd/commit/
ad86a41eeed9f85d74bb50a25fa0bf4515aaf3af
- Update indentation in hash file (two spaces)
Fixes:
- http://autobuild.buildroot.org/results/
078a7afc432786316a1d2ea03f96444ff741b942
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Stefan Sørensen [Thu, 25 Jun 2020 07:09:52 +0000 (09:09 +0200)]
package/bind: security bump to version 9.11.20
Fixes the following security issue:
* CVE-2020-8619: It was possible to trigger an INSIST failure when a
zone with an interior wildcard label was queried in a certain
pattern.
Release notes:
https://ftp.isc.org/isc/bind9/cur/9.11/RELEASE-NOTES-bind-9.11.20.txt
Signed-off-by: Stefan Sørensen <stefan.sorensen@spectralink.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Tue, 14 Jul 2020 20:28:50 +0000 (22:28 +0200)]
package/zstd: bump to version 1.4.5
- Get official tarball and its hash
- Update indentation in hash file (two spaces)
This is a fairly important release which includes performance
improvements and new major CLI features. It also fixes a few corner
cases, making it a recommended upgrade.
https://github.com/facebook/zstd/releases/tag/v1.4.5
https://github.com/facebook/zstd/releases/tag/v1.4.4
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Peter Seiderer [Tue, 14 Jul 2020 20:17:50 +0000 (22:17 +0200)]
board/raspberrypi: fix rpi4/rpi4-64 genimage config files
Since commit 'package/rpi-firmware: fix startup file names' ([1]) the
start and fixup file names are normalized to start.elf/fixup.dat,
adjust the rpi4 genimage config files accordingly.
Fixes:
ERROR: file(rpi-firmware/fixup4.dat): stat(.../images/rpi-firmware/fixup4.dat) failed: No such file or directory
ERROR: vfat(boot.vfat): could not setup rpi-firmware/fixup4.dat
[1] https://git.buildroot.net/buildroot/commit/?id=
1bdc0334ff6273761b2e7fda730cdcc7e1f46862
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Jared Bents [Tue, 14 Jul 2020 16:57:50 +0000 (11:57 -0500)]
package/qemu: add optional usb-redir support
Signed-off-by: Jared Bents <jared.bents@rockwellcollins.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Jared Bents [Tue, 14 Jul 2020 16:57:49 +0000 (11:57 -0500)]
package/qemu: add optional vnc support
Signed-off-by: Jared Bents <jared.bents@rockwellcollins.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Tue, 14 Jul 2020 14:34:02 +0000 (16:34 +0200)]
package/cups-filters: fix build without dejavu font
Since version 1.27.3, cups-filters needs dejavu (even if it is only used
for test programs):
https://github.com/OpenPrinting/cups-filters/commit/
1d66106e5ae45407b01459cb112ee09752166dba
Add a patch to avoid this build failure when cross-compiling and set
test font path to /dev/null to avoid setting TESTFONT to an incorrect
host path
Fixes:
- http://autobuild.buildroot.org/results/
0e141abc57e4185c74adce75cac4215dd8a3108b
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Matt Weber [Tue, 14 Jul 2020 20:02:02 +0000 (15:02 -0500)]
package/python-urllib3: security bump to 1.25.9
Fixes CVE-2020-7212 (1.25.2 - 1.25.7)
The _encode_invalid_chars function does not remove duplicate percent
encodings in the _percent_encodings array, which combined with the
normalization step could take O(N^2) time to compute for a URL of
length N. This results in a marginally higher CPU consumption
compared to the potential linear time achieved by deduplicating
the _percent_encodings array.
CC: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Tue, 14 Jul 2020 17:48:51 +0000 (19:48 +0200)]
package/lxc: bump to version 4.0.3
- Drop patches (already in version) and so drop autoreconf
- Update indentation in hash file (two spaces)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Tue, 14 Jul 2020 17:48:50 +0000 (19:48 +0200)]
package/lxc: disable examples
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Tue, 14 Jul 2020 17:25:29 +0000 (19:25 +0200)]
package/haproxy: set USE_DL if needed
haproxy uses dladdr since version 2.2.0 and
http://git.haproxy.org/?p=haproxy.git;a=commit;h=
eb8b1ca3eb4c8d4688e1a4a1d9c1b91f68324e09
So set USE_DL to enable linking with -ldl
Fixes:
- http://autobuild.buildroot.org/results/
7bb76153b7dd8f392b247569c53d0f4cbf408371
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Tue, 14 Jul 2020 16:31:52 +0000 (18:31 +0200)]
package/oracle-mysql: don't use bundled zlib
As spotted by Thomas Petazzoni during review of
https://patchwork.ozlabs.org/project/buildroot/patch/
20200713215943.
2240412-1-fontaine.fabrice@gmail.com,
oracle-mysql uses its bundled version of zlib if it is not found on the
system
So explictly disable zlib if needed and add a patch fixing build
failures without it
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Tue, 14 Jul 2020 16:31:51 +0000 (18:31 +0200)]
package/oracle-mysql: renumber patch
Renumber patch added by commit
94bad4fbf5759302a9f8f33267989d543f3a1167
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Sun, 12 Apr 2020 12:57:47 +0000 (14:57 +0200)]
package/gvfs: bump to version 1.44.1, switch to meson
- Remove all patches (already in version)
- Move to meson-package
- Add new gsettings-desktop-schemas mandatory dependency
- gdu option doesn't exist anymore:
https://gitlab.gnome.org/GNOME/gvfs/-/commit/
1db029df72bcd50dd877d388c2e0934d8ed3d321
- Use new gcrypt otion
- systemd-login option has been replaced by logind option
- avahi option has been replaced by dnsd option
- gtk3 optional dependency has been removed since
https://gitlab.gnome.org/GNOME/gvfs/-/commit/
dff13283c943c8b10265bd3925d86f17cdc4be6f
- Disable new sftp backend:
https://gitlab.gnome.org/GNOME/gvfs/-/commit/
44d45dca5d1ab2369fa7e5c2789b31c51e44f985
- Disable fuse (depends on fuse3 which is not available on buildroot)
- Remove gvfs-less workaround (not installed anymore)
- Update indentation of hash file
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Etienne Carriere [Fri, 29 May 2020 14:27:42 +0000 (16:27 +0200)]
package/optee-examples: bump to version 3.9.0
Bump OP-TEE Examples package version to OP-TEE release 3.9.0.
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Etienne Carriere [Fri, 29 May 2020 14:27:41 +0000 (16:27 +0200)]
package/optee-benchmark: bump to version 3.9.0
Bump OP-TEE benchmark package version to OP-TEE release 3.9.0.
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Etienne Carriere [Fri, 29 May 2020 14:27:40 +0000 (16:27 +0200)]
package/optee-test: bump to version 3.9.0
Bump OP-TEE Test package version to OP-TEE release 3.9.0.
Drop patch on scripts/file_to_c.py that is merged in 3.9.0.
Add patch from [1] for related issue found in 3.9.0 xtest tool.
Add patch to default disable xtest regression test 1027 and 1028 that
mandate changes in Linux kernel OP-TEE driver that are not available
in mainline, at least as of Linux kernel v5.7.
[1] https://github.com/OP-TEE/optee_test/commit/
e1af176af2bb274745e9b0d43456763f8946f107
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Etienne Carriere [Fri, 29 May 2020 14:27:39 +0000 (16:27 +0200)]
package/optee-client: bump to version 3.9.0
Bump OP-TEE Client package version to OP-TEE release 3.9.0.
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Etienne Carriere [Fri, 29 May 2020 14:27:38 +0000 (16:27 +0200)]
boot/optee-os: bump to version 3.9.0
Bump OP-TEE OS package version to OP-TEE release 3.9.0.
Update patch on pydrypto/pycryptodome to match 3.9.0.
Add patch on CFG_OPTEE_REVISION_MINOR that was not updated in release
3.9.0 and fixed only few commits above.
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Tested-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Joris Offouga [Sat, 27 Jun 2020 17:41:16 +0000 (19:41 +0200)]
package/swupdate: bump version to 2020.04
See full changelog : https://github.com/sbabic/swupdate/releases/tag/2020.04
Since commit
https://github.com/sbabic/swupdate/commit/
82a157e35e9d01599e3c5818caa568899c17e6d2,swupdate
only supports using libubootenv to manipulate the U-Boot environment,
and no longer directly using the U-Boot tools, so we adjust the
Config.in help text and .mk logic accordingly.
Regenarated the default .config
Signed-off-by: Joris Offouga <offougajoris@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Pierre-Jean Texier [Sun, 28 Jun 2020 09:16:59 +0000 (11:16 +0200)]
package/haveged: bump to version 1.9.13
Changes:
- Added support for --version
- Updated systemd SystemCallFilter settings
See https://github.com/jirka-h/haveged/releases/tag/v1.9.13
Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Sun, 28 Jun 2020 10:26:47 +0000 (12:26 +0200)]
package/bridge-utils: bump to version 1.7
- Update site to get latest release
- Add a deprecated note in Config.in:
https://git.kernel.org/pub/scm/linux/kernel/git/shemminger/bridge-utils.git/commit/?id=
ab8a2cc330253321be7bc69dea88bfaa3d48415e
- Drop patch, not needed since:
https://git.kernel.org/pub/scm/linux/kernel/git/shemminger/bridge-utils.git/commit/?id=
7b421143d1427e17380ff5bf93ef8fc718428c83
- Update indentation in hash file (two spaces)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Sun, 28 Jun 2020 10:23:13 +0000 (12:23 +0200)]
package/libfribidi: bump to version 1.0.9
- Drop patch (already in version)
- Update indentation in hash file (two spaces)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Sun, 28 Jun 2020 10:01:22 +0000 (12:01 +0200)]
package/keepalived: drop --{en, dis}able-libiptc option
--{en,dis}able-libiptc has been dropped since version 2.1.0 and
https://github.com/acassen/keepalived/commit/
05443e1efa3569fcd39a548c6c78b832b79bcf4e
So replace it by --{en,dis}able-iptables
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Tue, 30 Jun 2020 06:52:28 +0000 (08:52 +0200)]
package/gstreamer1/gst1-plugins-ugly: fix static build with libdvdcss
The double quotes from GST1_PLUGINS_UGLY_LDFLAGS += "-ldvdcss"
raise the following build failure:
sed -e 's%@TARGET_CROSS@%/home/buildroot/autobuild/run/instance-2/output-1/host/bin/arm-linux-%g' -e 's%@TARGET_ARCH@%arm%g' -e 's%@TARGET_CPU@%arm926ej-s%g' -e 's%@TARGET_ENDIAN@%little%g' -e 's%@TARGET_CFLAGS@%"-D_LARGEFILE_SOURCE", "-D_LARGEFILE64_SOURCE", "-D_FILE_OFFSET_BITS=64", "-Os", "-g2", "-static"%g' -e 's%@TARGET_LDFLAGS@%"-static", ""-ldvdcss""%g' -e 's%@TARGET_CXXFLAGS@%"-D_LARGEFILE_SOURCE", "-D_LARGEFILE64_SOURCE", "-D_FILE_OFFSET_BITS=64", "-Os", "-g2", "-static", "-static"%g' -e 's%@HOST_DIR@%/home/buildroot/autobuild/run/instance-2/output-1/host%g' -e 's%@STAGING_DIR@%/home/buildroot/autobuild/run/instance-2/output-1/host/arm-buildroot-linux-uclibcgnueabi/sysroot%g' -e 's%@STATIC@%true%g' -e "/^\[binaries\]$/s:$::" -e "/^\[properties\]$/s:$::" package/meson/cross-compilation.conf.in > /home/buildroot/autobuild/run/instance-2/output-1/build/gst1-plugins-ugly-1.16.2//build/cross-compilation.conf
PATH="/home/buildroot/autobuild/run/instance-2/output-1/host/bin:/home/buildroot/autobuild/run/instance-2/output-1/host/sbin:/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games" PYTHONNOUSERSITE=y /home/buildroot/autobuild/run/instance-2/output-1/host/bin/meson --prefix=/usr --libdir=lib --default-library=static --buildtype=debug --cross-file=/home/buildroot/autobuild/run/instance-2/output-1/build/gst1-plugins-ugly-1.16.2//build/cross-compilation.conf -Dbuild.pkg_config_path=/home/buildroot/autobuild/run/instance-2/output-1/host/lib/pkgconfig -Dexamples=disabled -Dtests=disabled -
Da52dec=disabled -Damrnb=disabled -Damrwbdec=disabled -Dcdio=disabled -Dsidplay=disabled -Dorc=disabled -Dasfdemux=enabled -Ddvdlpcmdec=disabled -Ddvdsub=disabled -Dxingmux=disabled -Drealmedia=disabled -Ddvdread=enabled -Dmpeg2dec=disabled -Dx264=disabled /home/buildroot/autobuild/run/instance-2/output-1/build/gst1-plugins-ugly-1.16.2/ /home/buildroot/autobuild/run/instance-2/output-1/build/gs
t1-plugins-ugly-1.16.2//build
ERROR: Malformed value in cross file variable c_link_args.
However since the switch to messon, this workaround is not needed so
drop it
Fixes:
- http://autobuild.buildroot.org/results/
56a830625cf6e6b0d63b6e7e2761496abc146152
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bernd Kuhls [Tue, 30 Jun 2020 05:49:29 +0000 (07:49 +0200)]
package/putty: security bump version to 0.74
Reformatted hashes, added md5 hash provided by upstream.
Release notes:
https://lists.tartarus.org/pipermail/putty-announce/2020/000030.html
Fixes CVE-2020-14002:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14002
Updated license hash due to upstream commits adding copyright holders
and bumping the copyright year:
https://git.tartarus.org/?p=simon/putty.git;a=history;f=LICENCE;h=
3e1d146289644749b3578f610c74715fa1c6bf0d;hb=HEAD
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Reviewed-by: Alexander Dahl <post@lespocky.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bernd Kuhls [Tue, 30 Jun 2020 05:30:24 +0000 (07:30 +0200)]
package/waylandpp: bump version to 0.2.8
Removed patch which was applied upstream, reformatted hashes.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Mon, 13 Jul 2020 22:28:01 +0000 (00:28 +0200)]
package/tinydtls: needs host-pkgconf
Add host-pkgconf dependency, it is only used to find cunit for tests
which are disabled by default but otherwise autoreconf will fail
Fixes:
- http://autobuild.buildroot.org/results/
721c9feb96f93c60505a12f546a64a86b7eb36aa
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Mon, 13 Jul 2020 21:40:23 +0000 (23:40 +0200)]
package/exiv2: drop unrecognized variable
EXIV2_ENABLE_LIBXMP has been dropped since version 0.27 and
https://github.com/Exiv2/exiv2/commit/
2784b1f7f7ddcc66211e6cf492de1588aa6093d9
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Mon, 13 Jul 2020 21:40:22 +0000 (23:40 +0200)]
package/exiv2: really disable samples
EXIV2_ENABLE_BUILD_SAMPLES has been renamed into EXIV2_BUILD_SAMPLES
since version 0.27 and
https://github.com/Exiv2/exiv2/commit/
60d436c96960fa314e2d12d017440253ce280d51
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Mon, 13 Jul 2020 21:17:10 +0000 (23:17 +0200)]
package/rp-pppoe: bump to version 3.14
Update patch and renumber it
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Tue, 14 Jul 2020 12:41:48 +0000 (14:41 +0200)]
package/libftdi1: bump to version 1.5
- Update first patch
- Drop second patch, not needed since
http://developer.intra2net.com/git/?p=libftdi;a=commitdiff;h=
0209a3633dc877a577af07d883eb5059e22f6a91
- Drop third, fourth and fifth patches (already in version)
http://developer.intra2net.com/git/?p=libftdi;a=blob;f=ChangeLog;hb=HEAD
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Tue, 14 Jul 2020 12:04:01 +0000 (14:04 +0200)]
package/minizip: bump to version 2.10.0
- Drop patch (already in version)
- Add zstd optional dependency, available since version 2.10.0 and
https://github.com/nmoinvaz/minizip/commit/
1f4758bd7f979a56b33667fbbcdb0305e8b4173f
- Use the new MZ_LIBBSD option available since version 2.10.0 and
https://github.com/nmoinvaz/minizip/commit/
29fcb4768050fbbf02d572a24a4e2ad29d51b60d
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Luca Ceresoli [Tue, 14 Jul 2020 08:52:09 +0000 (10:52 +0200)]
package/agentpp: fix build when BR2_PACKAGE_SNMPPP_SNMPV3 disabled
Agent++ 4.3.1 does not build if SNMPv3 is disabled due to incorrect #ifdef
clauses, esulting in errors such as:
../include/agent_pp/notification_originator.h:232:39: error: 'snmpCommunityEntry' has not been declared
void set_snmp_community_entry(snmpCommunityEntry* communityEntryRef) {
^
../include/agent_pp/notification_originator.h:296:32: error: 'nlmLogEntry' has not been declared
void set_nlm_log_entry(nlmLogEntry* nlmLogEntryRef) {
^
../include/agent_pp/notification_originator.h:321:9: error: 'nlmLogEntry' does not name a type
nlmLogEntry* _nlmLogEntry;
^
Fixes:
http://autobuild.buildroot.net/results/
d7a5fa5ba4ab6c9da23fcc93bf766be9ca630af3/
http://autobuild.buildroot.net/results/
40ce9bc4bed267dc762a0282a8da0ad1514ad7a8/
...
Fixes: 88355e967fef ("package/agentpp: bump version to 4.3.1")
Signed-off-by: Luca Ceresoli <luca@lucaceresoli.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Aaron Sierra [Tue, 14 Jul 2020 01:24:59 +0000 (20:24 -0500)]
package/x11r7/xfont_font-*: make outputs reproducible
Prior to gzip 1.10, the compression pipeline used with PCF fonts was
not reproducible due to the implicit -N/--name injecting a timestamp:
$ cat /path/to/file | gzip > /path/to/file.gz
This updates Portable Compiled Format font packages to have a host-gzip
dependency, so gzip version 1.10 or newer will reliably be used.
This change does not affect encodings, which use a seemingly
synonymous compression pipeline, but that happens to be reproducible
with gzip versions at least as old as version 1.3.13:
$ gzip < /path/to/file > /path/to/file.gz
Reported-by: Jordan Speicher <jspeicher@xes-inc.com>
Signed-off-by: Aaron Sierra <asierra@xes-inc.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Danomi Manchego [Tue, 14 Jul 2020 02:24:59 +0000 (22:24 -0400)]
Makefile: add /etc/bash_completion.d to non-bash purge
Currently, we delete /usr/share/bash-completion when bash is not enabled.
We need to delete /etc/bash_completion.d too. For example, the jo package
installs files there:
/etc/bash_completion.d/jo.bash
Signed-off-by: Danomi Manchego <danomimanchego123@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Danomi Manchego [Tue, 14 Jul 2020 02:25:54 +0000 (22:25 -0400)]
Makefile: delete debug libs when debug is not enabled
Some toolchains, like the Linaro gcc7 toolchains, now install libstdc++ debug
library symbols to /lib/debug, which can be as large as the library itself.
This commit removes the extra debug content if debugging is not enabled.
Signed-off-by: Danomi Manchego <danomimanchego123@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Robert Hancock [Tue, 14 Jul 2020 03:38:48 +0000 (21:38 -0600)]
package/gpsd: bump version to 3.20
Removes BR2_PACKAGE_GPSD_PPS config option, since PPS functionality is
no longer optional and always enabled in gpsd's SCons configuration.
Removed passing ntpshm=y to SCons since that feature is also no longer
optional.
Added a patch adapted from changes merged upstream post-3.20 to fix a
build failure during cross-compilation when checking sizeof(time_t)
and where shared libraries were being linked with ld rather than g++.
Signed-off-by: Robert Hancock <hancock@sedsystems.ca>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Jared Bents [Mon, 29 Jun 2020 20:50:00 +0000 (15:50 -0500)]
package/qemu: add optional spice support
Signed-off-by: Jared Bents <jared.bents@rockwellcollins.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Joel Stanley [Mon, 13 Jul 2020 05:03:59 +0000 (14:33 +0930)]
package/pdbg: bump version to v3.0
This includes a patch to fix building with uclibc, where pdbg was
missing a header for ssize_t.
Signed-off-by: Joel Stanley <joel@jms.id.au>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Thomas Petazzoni [Mon, 13 Jul 2020 21:12:25 +0000 (23:12 +0200)]
package/parprouted: bump version to 0.7
This was supposed to be part of
fce71d09fb139ed2b29ad1f3158da50731c7ca48, which introduced the
parprouted package, but due to a missed "git commit --amend", it
wasn't included in this commit, so let's add it now.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Sun, 12 Jul 2020 22:06:57 +0000 (00:06 +0200)]
package/jq: fix license
Commit
c94794175fab58823fde539eac83ec0234768f36 forgot to update hash of
COPYING
ICU license has been added for decNumber library since
https://github.com/stedolan/jq/commit/
b6be13d5de6dd7d8aad5fd871eb6b0b30fc7d7f6
Fixes:
- http://autobuild.buildroot.org/results/
569aa7ba86a022d3c32a65fb8b58f558aba7ae4c
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Mon, 13 Jul 2020 10:12:42 +0000 (12:12 +0200)]
package/mbedtls: security bump to version 2.16.7
- Fix a side channel vulnerability in modular exponentiation that could
reveal an RSA private key used in a secure enclave.
- Fix side channel in mbedtls_ecp_check_pub_priv() and
mbedtls_pk_parse_key() / mbedtls_pk_parse_keyfile() (when loading a
private key that didn't include the uncompressed public key), as well
as mbedtls_ecp_mul() / mbedtls_ecp_mul_restartable() when called with
a NULL f_rng argument. An attacker with access to precise enough
timing and memory access information (typically an untrusted operating
system attacking a secure enclave) could fully recover the ECC private
key.
- Fix issue in Lucky 13 counter-measure that could make it ineffective
when hardware accelerators were used (using one of the
MBEDTLS_SHAxxx_ALT macros). This would cause the original Lucky 13
attack to be possible in those configurations, allowing an active
network attacker to recover plaintext after repeated timing
measurements under some conditions.
https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2020-07
Switch to github to get latest release
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Nicolas Serafini [Mon, 13 Jul 2020 10:25:13 +0000 (12:25 +0200)]
package/exiv2: bump version to 0.27.3
Bump version 0.27.3 and remove 0001[1] and 0002[2] local patches that
has been upstreamed.
Release notes:
https://github.com/Exiv2/exiv2/blob/v0.27.3/releasenotes/releasenotes.txt
[1]: https://github.com/Exiv2/exiv2/commit/
b7890776c62398ca1005e8edc32786859d60fcf7
[2]: https://github.com/Exiv2/exiv2/commit/
1b917c3f7dd86336a9f6fda4456422c419dfe88c
Signed-off-by: Nicolas Serafini <nicolas.serafini@sensefly.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Mon, 13 Jul 2020 09:01:40 +0000 (11:01 +0200)]
package/dhcpcd: fix build without fork
- Add a patch to fix build without fork in src/dhcpcd.c. This
regression was introduced in upstream commit
3063ebb6c8ac7c96196fa923cdd5f7c0384de23b, which was merged in dhcpcd
9.0.0. Therefore, Buildroot is affected since we bumped from 8.0.3
to 9.1.4 in commit
809f548e79c6c099f1fa3e3728d90842be7059a7, which
was applied after 2020.05
- Disable privsep as it unconditionally uses fork (privsep has been
enabled by default since version 9.0.0 and
https://github.com/rsmarples/dhcpcd/commit/
3a4c2e5604d72151b06ed365aa71493740a3ad75)
Fixes:
- http://autobuild.buildroot.org/results/
9fcc88abedcb8a02946f37837dcf4fff02f66c23
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Mon, 13 Jul 2020 09:10:03 +0000 (11:10 +0200)]
package/python-pyparted: needs python3
python3 is a mandatory dependency since version 3.11.5 and
https://github.com/dcantrell/pyparted/commit/
c4949263538784036a5917195f956f8fcda9cf20
Fixes:
- http://autobuild.buildroot.org/results/
7d93b4e5c3afebef8c4c19d1c6a0c26e71423191
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Reviewed-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Mon, 13 Jul 2020 17:06:25 +0000 (19:06 +0200)]
package/python-backcall: bump to version 0.2.0
- Update indentation in hash file (two spaces)
- Add license file and its hash
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Mon, 13 Jul 2020 16:49:20 +0000 (18:49 +0200)]
package/libmpdclient: bump to version 2.19
* fix off-by-one bug in MPD_HOST parser
* add function mpd_lookup_replay_gain_mode()
* identify messages with length over the buffer limit
* support MPD protocol 0.16
- replay gain
* support MPD protocol 0.19
- idle events "neighbor" and "mount"
* support MPD protocol 0.20
- rangeid
* support MPD protocol 0.21
- command "tagtypes all"
https://raw.githubusercontent.com/MusicPlayerDaemon/libmpdclient/v2.19/NEWS
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Mon, 13 Jul 2020 16:42:52 +0000 (18:42 +0200)]
package/libnetfilter_queue: bump to version 1.0.5
Update indentation in hash file (two spaces)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Mon, 13 Jul 2020 16:38:30 +0000 (18:38 +0200)]
package/libmatroska: bump to version 1.6.0
Update indentation in hash file (two spaces)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Mon, 13 Jul 2020 16:38:29 +0000 (18:38 +0200)]
package/libebml: bump to version 1.4.0
Update indentation in hash file (two spaces)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Mon, 13 Jul 2020 16:20:24 +0000 (18:20 +0200)]
package/haproxy: bump to version 2.2.0
This is the new LTS branch (EOL in 2025-Q2)
https://www.mail-archive.com/haproxy@formilux.org/msg37852.html
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Mon, 13 Jul 2020 16:14:58 +0000 (18:14 +0200)]
package/lcms2: bump to version 2.11
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fabrice Fontaine [Mon, 13 Jul 2020 14:41:59 +0000 (16:41 +0200)]
package/fuse-overlayfs: needs headers >= 3.15
fuse-overlayfs unconditionally uses SYS_renameat2 since version 0.2 and
https://github.com/containers/fuse-overlayfs/commit/
616119093a5d37bf201a7b7970eeb5f7ba32de22
which is not available until kernel 3.15 and
https://github.com/torvalds/linux/commit/
5fb6b953bb7aa86a9c8ea760934982cedc45c52b
Fixes:
- http://autobuild.buildroot.org/results/
3c97e25c69ab949e51f04b5d0134bc4b4059982d
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fabrice Fontaine [Mon, 13 Jul 2020 12:59:52 +0000 (14:59 +0200)]
package/wireshark: security bump to version 3.2.5
Fix CVE-2020-15466: It may be possible to make Wireshark consume
excessive CPU resources by injecting a malformed packet onto the wire or
by convincing someone to read a malformed packet trace file.
https://www.wireshark.org/security/wnpa-sec-2020-09.html
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Titouan Christophe [Mon, 13 Jul 2020 14:51:10 +0000 (16:51 +0200)]
package/{avro-c, python-avro}: bump to version 1.10.0
Drop patches that have been released upstream.
Signed-off-by: Titouan Christophe <titouan.christophe@railnova.eu>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fabrice Fontaine [Mon, 13 Jul 2020 13:11:25 +0000 (15:11 +0200)]
package/freerdp: security bump to version 2.1.2
- Fix CVE-2020-4030: In FreeRDP before version 2.1.2, there is an out of
bounds read in TrioParse. Logging might bypass string length checks
due to an integer overflow.
- Fix CVE-2020-4031: In FreeRDP before version 2.1.2, there is a
use-after-free in gdi_SelectObject. All FreeRDP clients using
compatibility mode with /relax-order-checks are affected.
- Fix CVE-2020-4032: In FreeRDP before version 2.1.2, there is an
integer casting vulnerability in update_recv_secondary_order. All
clients with +glyph-cache /relax-order-checks are affected.
- Fix CVE-2020-4033: In FreeRDP before version 2.1.2, there is an out of
bounds read in RLEDECOMPRESS. All FreeRDP based clients with sessions
with color depth < 32 are affected.
- Fix CVE-2020-11095: In FreeRDP before version 2.1.2, an out of bound
reads occurs resulting in accessing a memory location that is outside
of the boundaries of the static array
PRIMARY_DRAWING_ORDER_FIELD_BYTES.
- Fix CVE-2020-11096: In FreeRDP before version 2.1.2, there is a global
OOB read in update_read_cache_bitmap_v3_order. As a workaround, one
can disable bitmap cache with -bitmap-cache (default).
- Fix CVE-2020-11097: In FreeRDP before version 2.1.2, an out of bounds
read occurs resulting in accessing a memory location that is outside
of the boundaries of the static array
PRIMARY_DRAWING_ORDER_FIELD_BYTES.
- Fix CVE-2020-11098: In FreeRDP before version 2.1.2, there is an
out-of-bound read in glyph_cache_put. This affects all FreeRDP clients
with `+glyph-cache` option enabled.
- Fix CVE-2020-11099: In FreeRDP before version 2.1.2, there is an out
of bounds read in license_read_new_or_upgrade_license_packet. A
manipulated license packet can lead to out of bound reads to an
internal buffer.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fabrice Fontaine [Mon, 13 Jul 2020 16:08:19 +0000 (18:08 +0200)]
package/gssdp: bump to version 1.2.3
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fabrice Fontaine [Mon, 13 Jul 2020 16:08:20 +0000 (18:08 +0200)]
package/gupnp: security bump to version 1.2.3
It includes the following commits:
https://github.com/GNOME/gupnp/commit/
66a73e96f5a733a149803a985686a4e4e196f90b
https://github.com/GNOME/gupnp/commit/
f943904e2d7f21601337b90058faf74b49c02796
which mitigate CVE-2020-12695
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Owen Walpole [Thu, 2 Jul 2020 03:53:27 +0000 (22:53 -0500)]
package/parprouted: new package
parprouted is a daemon for transparent IP (Layer 3) proxy ARP
bridging. This is useful for creation of transparent firewalls
and bridging networks with different MAC protocols. Also,
unlike standard bridging, proxy ARP bridging allows to bridge
Ethernet networks behind wireless nodes without using WDS or
layer 2 bridging.
https://www.hazard.maks.net/parprouted
Signed-off-by: Owen Walpole <owen@walpole.dev>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Sun, 12 Jul 2020 21:35:43 +0000 (23:35 +0200)]
package/keepalived: bump to version 2.1.4
This will fix a build failure with kernel 4.15 thanks to:
https://github.com/acassen/keepalived/commit/
d47ae3b1c853adefb9680ba31cf05c037d844445
Fixes:
- http://autobuild.buildroot.org/results/
db7f149f63e9180b22460caa74850673362aa17c
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Sun, 12 Jul 2020 21:32:05 +0000 (23:32 +0200)]
package/xvisor: needs host-dtc
host-dtc is a mandatory dependency since version 0.3.0 and
https://github.com/xvisor/xvisor/commit/
e31344c9b5835c8a12bfffb3a359f343b273fab5
Fixes:
- http://autobuild.buildroot.org/results/
3f49302e7d05d666a51db0cb51365620a63e3b40
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Grzegorz Blach [Tue, 30 Jun 2020 09:56:02 +0000 (11:56 +0200)]
package/pigpio: bump to version 77
Signed-off-by: Grzegorz Blach <grzegorz@blach.pl>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Eloi Bail [Thu, 2 Jul 2020 08:36:19 +0000 (10:36 +0200)]
package/gst1-plugins-bayer2rgb-neon: bump to 0.4
Bump gst1-plugins-bayer2rgb-neon to 0.4.
Signed-off-by: Eloi Bail <eloi.bail@savoirfairelinux.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Giulio Benetti [Tue, 30 Jun 2020 22:07:14 +0000 (00:07 +0200)]
package/nfs-utils: bump version to 2.5.1
Bump to version 2.5.1 and remove local already upstreamed patch.
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Reviewed-by: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
James Hilliard [Wed, 1 Jul 2020 04:42:12 +0000 (22:42 -0600)]
package/zlib-ng: bump to version
9609cb56a8f62868ccf264493bc9c3b4d5762fcf
We need to update the location to point to the current maintained
upstream repo as well since the existing one is unmaintained.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
James Hilliard [Wed, 1 Jul 2020 04:36:05 +0000 (22:36 -0600)]
package/redis: bump to version 6.0.5
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Acked-by: Titouan Christophe <titouan.christophe@railnova.eu>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bernd Kuhls [Wed, 1 Jul 2020 05:18:51 +0000 (07:18 +0200)]
package/libva-utils: bump version to 2.8.0
Release notes:
https://github.com/intel/libva-utils/blob/v2.8-branch/NEWS
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bernd Kuhls [Wed, 1 Jul 2020 05:18:50 +0000 (07:18 +0200)]
package/libva: bump version to 2.8.0
Release notes: https://github.com/intel/libva/blob/v2.8-branch/NEWS
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Yegor Yefremov [Thu, 2 Jul 2020 12:23:54 +0000 (14:23 +0200)]
package/ntp: bump to version 4.2.8p15
Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Giulio Benetti [Thu, 2 Jul 2020 16:05:00 +0000 (18:05 +0200)]
package/libnss: bump version to 3.54
Bump version to 3.54 and remove 0002[1] and 0003[2] local patches that
has been upstreamed.
Release Notes:
https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.54_release_notes
[1]: https://hg.mozilla.org/projects/nss/rev/
e955ece90b050e9da67528f09648945156d2bcea
[2]: https://hg.mozilla.org/projects/nss/rev/
f46fca8ced7fca6aa6de60e3170b2a3b6b2df565
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Paul Cercueil [Sun, 12 Jul 2020 19:57:12 +0000 (21:57 +0200)]
package/sdl_image: disable dynamic loading of libraries
The thing with Buildroot, is that we know in advance what will be in the
root filesystem. Therefore, we don't need SDL_image to probe for the
presence of libpng, libjpeg, libtiff or libwebp and dynamically load
them; SDL_image can be linked to them directly at compilation time.
Signed-off-by: Paul Cercueil <paul@crapouillou.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Paul Cercueil [Sun, 12 Jul 2020 19:57:11 +0000 (21:57 +0200)]
package/sdl_image: fix WebP dynamically loaded on host build
Just like with libjpeg and libpng, we don't want libwebp to be
dynamically loaded by SDL_image at runtime.
Signed-off-by: Paul Cercueil <paul@crapouillou.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Tian Yuanhao [Thu, 2 Jul 2020 05:30:21 +0000 (13:30 +0800)]
package/ttyd: bump to version 1.6.1
Removed patches applied upstream.
Signed-off-by: Tian Yuanhao <tianyuanhao@aliyun.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bernd Kuhls [Thu, 2 Jul 2020 05:35:56 +0000 (07:35 +0200)]
package/samba4: bump version to 4.11.10
Changelog:
https://www.samba.org/samba/history/samba-4.11.10.html
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Yegor Yefremov [Thu, 2 Jul 2020 05:25:47 +0000 (07:25 +0200)]
package/gensio: bump to version 2.1.1
Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bernd Kuhls [Thu, 2 Jul 2020 05:19:50 +0000 (07:19 +0200)]
package/libudfread: bump version to 1.1.0
Changelog:
https://code.videolan.org/videolan/libudfread/-/blob/master/ChangeLog
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Sergio Prado [Wed, 1 Jul 2020 20:42:52 +0000 (17:42 -0300)]
package/stella: bump version to 6.2.1
Signed-off-by: Sergio Prado <sergio.prado@e-labworks.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Martin Kepplinger [Wed, 1 Jul 2020 10:50:41 +0000 (12:50 +0200)]
package/tslib: update to 1.22
The removed patches are of course part of this release and
https://github.com/libts/tslib/releases has a very short changelog.
Signed-off-by: Martin Kepplinger <martink@posteo.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>