buildroot.git
4 years agopackage/kodi-pvr-iptvsimple: bump version to 7.6.0-Matrix
Bernd Kuhls [Wed, 7 Apr 2021 06:44:28 +0000 (08:44 +0200)]
package/kodi-pvr-iptvsimple: bump version to 7.6.0-Matrix

Release notes:
https://github.com/kodi-pvr/pvr.iptvsimple/releases/tag/7.6.0-Matrix

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
4 years agopackage/avahi: ignore CVE-2021-26720
Peter Korsgaard [Wed, 7 Apr 2021 13:54:23 +0000 (15:54 +0200)]
package/avahi: ignore CVE-2021-26720

CVE-2021-26720 is an issue in avahi-daemon-check-dns.sh, which is part of
the Debian packaging and not part of upstream avahi - So ignore the CVE.

https://security-tracker.debian.org/tracker/CVE-2021-26720

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
4 years agopackage/execline: bump to version 2.8.0.0
Dick Olsson [Tue, 6 Apr 2021 17:57:20 +0000 (17:57 +0000)]
package/execline: bump to version 2.8.0.0

http://skarnet.org/cgi-bin/archive.cgi?1:mss:1535:lpehbljhhcpaopbnkkbf

Signed-off-by: Dick Olsson <hi@senzilla.io>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
4 years agopackage/skalibs: bump to version 2.10.0.2
Dick Olsson [Tue, 6 Apr 2021 17:57:13 +0000 (17:57 +0000)]
package/skalibs: bump to version 2.10.0.2

- Drop patch that has been included upstream

http://skarnet.org/cgi-bin/archive.cgi?1:mss:1535:lpehbljhhcpaopbnkkbf

Signed-off-by: Dick Olsson <hi@senzilla.io>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
4 years agodocs/website: update for 2021.02.1
Peter Korsgaard [Wed, 7 Apr 2021 11:37:12 +0000 (13:37 +0200)]
docs/website: update for 2021.02.1

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
4 years agoUpdate for 2021.02.1
Peter Korsgaard [Wed, 7 Apr 2021 10:18:44 +0000 (12:18 +0200)]
Update for 2021.02.1

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit bb10b0dfe690a77e137395ad91290d799bf018c5)
[Peter: drop Makefile change]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
4 years agopackage/nodejs: security bump to version 12.22.1
Peter Korsgaard [Wed, 7 Apr 2021 07:12:20 +0000 (09:12 +0200)]
package/nodejs: security bump to version 12.22.1

Fixes the following security issues:

CVE-2020-7774: npm upgrade to 6.14.12 - Update y18n to fix
Prototype-Pollution (High)

This is a vulnerability in the y18n npm module which may be exploited by
prototype pollution.

https://github.com/advisories/GHSA-c4w7-xm78-47vh

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
4 years agopackage/python-django: security bump to version 3.0.14
Peter Korsgaard [Tue, 6 Apr 2021 20:48:31 +0000 (22:48 +0200)]
package/python-django: security bump to version 3.0.14

Fixes the following security issue:

CVE-2021-28658: Potential directory-traversal via uploaded files

MultiPartParser allowed directory-traversal via uploaded files with suitably crafted file names.

Built-in upload handlers were not affected by this vulnerability.

For more details, see the announcement:
https://www.djangoproject.com/weblog/2021/apr/06/security-releases/

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
4 years agopackage/busybox: add upstream gunzip security fix
Peter Korsgaard [Tue, 6 Apr 2021 13:11:59 +0000 (15:11 +0200)]
package/busybox: add upstream gunzip security fix

Fixes the following security issue:

- CVE-2021-28831: decompress_gunzip.c in BusyBox through 1.32.1 mishandles
  the error bit on the huft_build result pointer, with a resultant invalid
  free or segmentation fault, via malformed gzip data.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
4 years agopackage/check: bump to version 0.15.2
Fabrice Fontaine [Tue, 6 Apr 2021 20:10:58 +0000 (22:10 +0200)]
package/check: bump to version 0.15.2

https://github.com/libcheck/check/releases/tag/0.15.2

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
4 years agopackage/rabbitmq-c: bump to version 0.11.0
Fabrice Fontaine [Tue, 6 Apr 2021 18:29:11 +0000 (20:29 +0200)]
package/rabbitmq-c: bump to version 0.11.0

Update indentation in hash file (two spaces)

https://github.com/alanxz/rabbitmq-c/releases/tag/v0.11.0

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
4 years agopackage/libupnp: security bump to version 1.14.5
Fabrice Fontaine [Tue, 6 Apr 2021 18:39:27 +0000 (20:39 +0200)]
package/libupnp: security bump to version 1.14.5

Non-recursive version of ixmlNode_free() avoids stack overflow
attack. Fixes CVE-2021-28302.

Also a number of other bugfixes:
https://github.com/pupnp/pupnp/blob/release-1.14.5/ChangeLog

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
4 years agopackage/python-iptables: bump to version 1.0.0
Fabrice Fontaine [Tue, 6 Apr 2021 18:47:59 +0000 (20:47 +0200)]
package/python-iptables: bump to version 1.0.0

- Drop patches (already in version)
- Update indentation in hash file (two spaces)

https://github.com/ldx/python-iptables/compare/v0.14.0...v1.0.0

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
4 years agopackage/python-zope-interface: bump to version 5.3.0
Fabrice Fontaine [Tue, 6 Apr 2021 19:55:49 +0000 (21:55 +0200)]
package/python-zope-interface: bump to version 5.3.0

- Update indentation in hash file (two spaces)
- Update URL in Config.in as current URL returns 404 Not Found

https://github.com/zopefoundation/zope.interface/blob/5.3.0/CHANGES.rst

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
4 years agopackage/python-websocket-client: bump to version 0.58
Fabrice Fontaine [Tue, 6 Apr 2021 20:04:31 +0000 (22:04 +0200)]
package/python-websocket-client: bump to version 0.58

- Update hash of LICENSE (license switched back to LGPL-2.1+:
  https://github.com/websocket-client/websocket-client/commit/6eaed48d49ea6a1a792b152a477bf9026f0c29b4)
- Update indentation in hash file (two spaces)

https://github.com/websocket-client/websocket-client/blob/v0.58.0/ChangeLog

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
4 years agopackage/fail2ban: bump to version 0.11.2
Fabrice Fontaine [Tue, 6 Apr 2021 20:09:10 +0000 (22:09 +0200)]
package/fail2ban: bump to version 0.11.2

https://github.com/fail2ban/fail2ban/blob/0.11.2/ChangeLog

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
4 years agopackage/wpa_supplicant: handle CONFIG_CTRL_IFACE carefully
Tian Yuanhao [Sat, 3 Apr 2021 02:23:16 +0000 (19:23 -0700)]
package/wpa_supplicant: handle CONFIG_CTRL_IFACE carefully

When BR2_PACKAGE_WPA_SUPPLICANT_CTRL_IFACE is not set and
BR2_PACKAGE_WPA_SUPPLICANT_DBUS=y, CONFIG_CTRL_IFACE_DBUS_NEW will be
enabled by 's/^#\(CONFIG_CTRL_IFACE_DBUS_NEW\)/\1/' first, and then
disabled by 's/^\(CONFIG_CTRL_IFACE\)/#\1/'.

CONFIG_CTRL_IFACE_DBUS_NEW does not depend on CONFIG_CTRL_IFACE, except
for using it as a prefix. Fix this wrong behavior by adding '\>' after
CONFIG_CTRL_IFACE.

Signed-off-by: Tian Yuanhao <tianyuanhao@aliyun.com>
Tested-by: Nicolas Cavallari <nicolas.cavallari@green-communications.fr>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
4 years agoconfigs/olimex_a20_olinuxino_lime*: bump Linux and U-Boot versions
Francois Perrad [Tue, 6 Apr 2021 10:38:17 +0000 (12:38 +0200)]
configs/olimex_a20_olinuxino_lime*: bump Linux and U-Boot versions

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
4 years agopackage/mosquitto: security bump to v2.0.10
Titouan Christophe [Tue, 6 Apr 2021 11:16:13 +0000 (13:16 +0200)]
package/mosquitto: security bump to v2.0.10

Versions 2.0.10 of Mosquitto has been released. This is a security and bugfix release.

CVE-xxxx-xxxx: If an authenticated client connected with MQTT v5 sent a malformed
CONNACK message to the broker a NULL pointer dereference occurred, most likely
resulting in a segfault. This will be updated with the CVE number when it is assigned.
Affects versions 2.0.0 to 2.0.9 inclusive.

See the announcement: https://mosquitto.org/blog/2021/04/version-2-0-10-released/

Signed-off-by: Titouan Christophe <titouanchristophe@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
4 years agoboot/shim: re-enable on ARM32
Thomas Petazzoni [Mon, 5 Apr 2021 20:21:55 +0000 (22:21 +0200)]
boot/shim: re-enable on ARM32

shim 15.4 builds just fine on ARM32.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
4 years agoboot/shim: bump to version 15.4
Thomas Petazzoni [Mon, 5 Apr 2021 20:21:54 +0000 (22:21 +0200)]
boot/shim: bump to version 15.4

- Use the tarball provided by upstream developers instead of the one
  generated by Github. Indeed
  https://github.com/rhboot/shim/releases/tag/15.4 indicates "As
  usual, please use the shim-15.4.tar.bz2 tarball, rather than the
  other two archives github automatically produces."

- The tarball now includes the gnu-efi code, so we no longer need to
  select gnu-efi and have it as a build dependency. We continue to use
  BR2_PACKAGE_GNU_EFI_ARCH_SUPPORTS as we still only build for those
  architectures that have gnu-efi support. We also drop the
  EFI_INCLUDE, EFI_PATH and LIBDIR variables, as gnu-efi no longer
  needs to be searched in STAGING_DIR.

- Drop all four patches, which were backports from upstream.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
4 years agoboot/shim: fix build issues with gcc 9.x
Thomas Petazzoni [Mon, 5 Apr 2021 20:21:53 +0000 (22:21 +0200)]
boot/shim: fix build issues with gcc 9.x

Backport a set of upstream patches to fix:

MokManager.c: In function ‘write_back_mok_list’:
MokManager.c:1081:19: error: taking address of packed member of ‘struct <anonymous>’ may result in an unaligned pointer value [-Werror=address-of-packed-member]
 1081 |   if (CompareGuid(&(list[i].Type), &X509_GUID) == 0)
      |                   ^~~~~~~~~~~~~~~
MokManager.c:1103:19: error: taking address of packed member of ‘struct <anonymous>’ may result in an unaligned pointer value [-Werror=address-of-packed-member]
 1103 |   if (CompareGuid(&(list[i].Type), &X509_GUID) == 0) {
      |                   ^~~~~~~~~~~~~~~
MokManager.c: In function ‘delete_cert’:
MokManager.c:1144:19: error: taking address of packed member of ‘struct <anonymous>’ may result in an unaligned pointer value [-Werror=address-of-packed-member]
 1144 |   if (CompareGuid(&(mok[i].Type), &X509_GUID) != 0)
      |                   ^~~~~~~~~~~~~~
MokManager.c: In function ‘delete_hash_in_list’:
MokManager.c:1195:20: error: taking address of packed member of ‘struct <anonymous>’ may result in an unaligned pointer value [-Werror=address-of-packed-member]
 1195 |   if ((CompareGuid(&(mok[i].Type), &Type) != 0) ||
      |                    ^~~~~~~~~~~~~~
MokManager.c: In function ‘delete_keys’:
MokManager.c:1359:19: error: taking address of packed member of ‘struct <anonymous>’ may result in an unaligned pointer value [-Werror=address-of-packed-member]
 1359 |   if (CompareGuid(&(del_key[i].Type), &X509_GUID) == 0) {
      |                   ^~~~~~~~~~~~~~~~~~
cc1: all warnings being treated as errors
make[1]: *** [<builtin>: MokManager.o] Error 1

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
4 years agoboot/shim: fix build issue due to gnu-efi
Thomas Petazzoni [Mon, 5 Apr 2021 20:21:52 +0000 (22:21 +0200)]
boot/shim: fix build issue due to gnu-efi

shim fails to build with:

console.c:448:5: error: ‘EFI_WARN_UNKOWN_GLYPH’ undeclared here (not in a function); did you mean ‘EFI_WARN_UNKNOWN_GLYPH’?
  448 |  {  EFI_WARN_UNKOWN_GLYPH,      L"Warning Unknown Glyph"},
      |     ^~~~~~~~~~~~~~~~~~~~~
      |     EFI_WARN_UNKNOWN_GLYPH
make[2]: *** [<builtin>: console.o] Error 1
make[2]: *** Waiting for unfinished jobs....

Backport upstream commit d230d02f990f02293736dca78b108f86c86d1bd0 to
resolve this issue.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
4 years agopackage/python-colorlog: bump to version 4.8.0
Fabrice Fontaine [Mon, 5 Apr 2021 20:36:31 +0000 (22:36 +0200)]
package/python-colorlog: bump to version 4.8.0

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
4 years agopackage/python-simplelogging: bump to version 0.11.0
Fabrice Fontaine [Mon, 5 Apr 2021 20:37:03 +0000 (22:37 +0200)]
package/python-simplelogging: bump to version 0.11.0

Update indentation in hash file (two spaces)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
4 years agopackage/python-toml: bump to version 0.10.2
Fabrice Fontaine [Mon, 5 Apr 2021 19:52:57 +0000 (21:52 +0200)]
package/python-toml: bump to version 0.10.2

- Update hash of LICENSE (update in year and author added:
  https://github.com/uiri/toml/commit/a86fc1fbd650a19eba313c3f642c9e2c679dc8d6)
- Update indentation in hash file (two spaces)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
4 years agopackage/hidapi: bump to version 0.10.1
Fabrice Fontaine [Mon, 5 Apr 2021 19:43:36 +0000 (21:43 +0200)]
package/hidapi: bump to version 0.10.1

- Drop patch (already in version)
- Update indentation in hash file (two spaces)

https://github.com/libusb/hidapi/releases/tag/hidapi-0.10.0
https://github.com/libusb/hidapi/releases/tag/hidapi-0.10.1

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
4 years agopackage/xen: add upstream xsa-36{0, 4, 8} security fixes
Peter Korsgaard [Mon, 5 Apr 2021 19:17:53 +0000 (21:17 +0200)]
package/xen: add upstream xsa-36{0, 4, 8} security fixes

Fixes the following security issues:

- CVE-2021-3308: IRQ vector leak on x86
  https://xenbits.xenproject.org/xsa/advisory-360.html

- CVE-2021-26933: arm: The cache may not be cleaned for newly allocated
  scrubbed pages
  https://xenbits.xenproject.org/xsa/advisory-364.html

- CVE-2021-28687: HVM soft-reset crashes toolstack
  https://xenbits.xenproject.org/xsa/advisory-368.html

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
4 years agopackage/janus-gateway: bump to version 0.10.10
Fabrice Fontaine [Mon, 5 Apr 2021 19:32:18 +0000 (21:32 +0200)]
package/janus-gateway: bump to version 0.10.10

https://github.com/meetecho/janus-gateway/blob/v0.10.10/CHANGELOG.md

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
4 years agopackage/python-iso8601: bump to version 0.1.14
Fabrice Fontaine [Mon, 5 Apr 2021 19:14:18 +0000 (21:14 +0200)]
package/python-iso8601: bump to version 0.1.14

https://github.com/micktwomey/pyiso8601/releases/tag/0.1.14

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
4 years agoboot/grub2: ignore the last 3 remaining CVEs
Thomas Petazzoni [Mon, 5 Apr 2021 18:52:30 +0000 (20:52 +0200)]
boot/grub2: ignore the last 3 remaining CVEs

An analysis of the last 3 remaining CVEs that are reported to affect
the grub2 package has allowed to ensure that we can safely ignore
them:

 * CVE-2020-14372 is already fixed by a patch we have in our patch
   stack for grub2

 * CVE-2019-14865 and CVE-2020-15705 are both distro-specific and do
   not affect grub2 upstream, nor grub2 with the stack of patches we
   have in Buildroot

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
4 years agopackage/libfreeglut: fix build with gcc 10
Fabrice Fontaine [Mon, 5 Apr 2021 18:32:44 +0000 (20:32 +0200)]
package/libfreeglut: fix build with gcc 10

Fixes:
 - http://autobuild.buildroot.org/results/48c11cfc19784cc9c3ba5c6ba3d91ddae192734e

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
4 years agopackage/python-py: security bump to version 1.10.0
Fabrice Fontaine [Mon, 5 Apr 2021 17:30:27 +0000 (19:30 +0200)]
package/python-py: security bump to version 1.10.0

Fix CVE-2020-29651: A denial of service via regular expression in the
py.path.svnwc component of py (aka python-py) through 1.9.0 could be
used by attackers to cause a compute-time denial of service attack by
supplying malicious input to the blame functionality.

Add py/_vendored_packages/iniconfig-1.1.1.dist-info/LICENSE (MIT) which
has been added with
https://github.com/pytest-dev/py/commit/94cf44fd41d957eb50773d3e4fb54e931836779e

https://github.com/pytest-dev/py/blob/1.10.0/CHANGELOG.rst

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
4 years agopackage/python-py: add CPE variables
Fabrice Fontaine [Mon, 5 Apr 2021 17:30:26 +0000 (19:30 +0200)]
package/python-py: add CPE variables

cpe:2.3:a:pytest:py is a valid CPE identifier for this package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Apytest%3Apy

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
4 years agopackage/python-aiohttp: add CPE variables
Fabrice Fontaine [Mon, 5 Apr 2021 17:12:18 +0000 (19:12 +0200)]
package/python-aiohttp: add CPE variables

cpe:2.3:a:aiohttp_project:aiohttp is a valid CPE identifier for this
package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Aaiohttp_project%3Aaiohttp

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
4 years agopackage/python-pip: add CPE variables
Fabrice Fontaine [Mon, 5 Apr 2021 16:59:48 +0000 (18:59 +0200)]
package/python-pip: add CPE variables

cpe:2.3:a:pypa:pip is a valid CPE identifier for this package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Apypa%3Apip

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
4 years agopackage/python-pillow: add CPE variables
Fabrice Fontaine [Mon, 5 Apr 2021 16:33:06 +0000 (18:33 +0200)]
package/python-pillow: add CPE variables

cpe:2.3:a:python:pillow is a valid CPE identifier for this package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Apython%3Apillow

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
4 years agopackage/python-ipython: add CPE variables
Fabrice Fontaine [Mon, 5 Apr 2021 16:25:04 +0000 (18:25 +0200)]
package/python-ipython: add CPE variables

cpe:2.3:a:ipython:ipython is a valid CPE identifier for this package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Aipython%3Aipython

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
4 years agopackage/python-psutil: add CPE variables
Fabrice Fontaine [Mon, 5 Apr 2021 16:45:36 +0000 (18:45 +0200)]
package/python-psutil: add CPE variables

cpe:2.3:a:psutil_project:psutil is a valid CPE identifier for this
package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Apsutil_project%3Apsutil

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
4 years agopackage/python3: security bump to version 3.9.4
Peter Korsgaard [Mon, 5 Apr 2021 15:29:54 +0000 (17:29 +0200)]
package/python3: security bump to version 3.9.4

Fixes the following security issues:

- bpo-42988: CVE-2021-3426: Remove the getfile feature of the pydoc module
  which could be abused to read arbitrary files on the disk (directory
  traversal vulnerability).  Moreover, even source code of Python modules
  can contain sensitive data like passwords.  Vulnerability reported by
  David Schwörer.

- bpo-43285: ftplib no longer trusts the IP address value returned from the
  server in response to the PASV command by default.  This prevents a
  malicious FTP server from using the response to probe IPv4 address and
  port combinations on the client network.

  Code that requires the former vulnerable behavior may set a
  trust_server_pasv_ipv4_address attribute on their ftplib.FTP instances to
  True to re-enable it.

- bpo-43439: Add audit hooks for gc.get_objects(), gc.get_referrers() and
  gc.get_referents().  Patch by Pablo Galindo.

Note: 3.9.3 was recalled due to introducing unintentional ABI
incompatibility, and fixes re-released as 3.9.4:

https://www.python.org/downloads/release/python-394/

Add host-autoreconf-archive, as it is needed for autoreconf since:
https://github.com/python/cpython/commit/064bc07f241dceec2fc577cbf5c31fa6d63fe320

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
4 years agopackage/python-ecdsa: bump to version 0.16.1
Fabrice Fontaine [Mon, 5 Apr 2021 14:45:21 +0000 (16:45 +0200)]
package/python-ecdsa: bump to version 0.16.1

Update indentation in hash file (two spaces)

https://github.com/tlsfuzzer/python-ecdsa/blob/python-ecdsa-0.16.1/NEWS

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
4 years agopackage/python-paramiko: bump to version 2.7.2
Fabrice Fontaine [Mon, 5 Apr 2021 14:47:08 +0000 (16:47 +0200)]
package/python-paramiko: bump to version 2.7.2

Update indentation in hash file (two spaces)

https://github.com/paramiko/paramiko/blob/2.7.2/sites/www/changelog.rst

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[Peter: fix LICENSE hash]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
4 years agopackage/boinc: bump to version 7.16.16
Fabrice Fontaine [Mon, 5 Apr 2021 13:59:30 +0000 (15:59 +0200)]
package/boinc: bump to version 7.16.16

Update indentation in hash file (two spaces)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
4 years agopackage/ncmpc: bump to version 0.45
Fabrice Fontaine [Mon, 5 Apr 2021 13:52:33 +0000 (15:52 +0200)]
package/ncmpc: bump to version 0.45

https://github.com/MusicPlayerDaemon/ncmpc/blob/v0.45/NEWS

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
4 years agopackage/whois: bump to version 5.5.9
Fabrice Fontaine [Mon, 5 Apr 2021 14:03:10 +0000 (16:03 +0200)]
package/whois: bump to version 5.5.9

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
4 years agopackage/python-yatl: bump to version 20210326.1
Fabrice Fontaine [Mon, 5 Apr 2021 13:40:30 +0000 (15:40 +0200)]
package/python-yatl: bump to version 20210326.1

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
4 years agopackage/python-jedi: bump to version 0.18.0
Fabrice Fontaine [Mon, 5 Apr 2021 13:36:12 +0000 (15:36 +0200)]
package/python-jedi: bump to version 0.18.0

python 2 support has been dropped since version 0.18.0 and
https://github.com/davidhalter/jedi/commit/d67dfba7f5a65d5ee064d37e1fb894a25b39bdab

Add django-stubs license file (MIT)

https://github.com/davidhalter/jedi/blob/v0.18.0/CHANGELOG.rst

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
4 years agopackage/python-parso: bump to version 0.8.2
Fabrice Fontaine [Mon, 5 Apr 2021 13:36:11 +0000 (15:36 +0200)]
package/python-parso: bump to version 0.8.2

python 2 support has been dropped since versio 0.8.0 and
https://github.com/davidhalter/parso/commit/b601ade90b5e5d89cf1e56a00997d6e32588e930

https://github.com/davidhalter/parso/blob/v0.8.2/CHANGELOG.rst

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
4 years agopackage/libgee: bump to version 0.20.4
Fabrice Fontaine [Mon, 5 Apr 2021 13:14:24 +0000 (15:14 +0200)]
package/libgee: bump to version 0.20.4

https://gitlab.gnome.org/GNOME/libgee/-/blob/0.20.4/NEWS

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
4 years agopackage/enchant: bump to version 2.2.15
Francois Perrad [Mon, 5 Apr 2021 13:08:06 +0000 (15:08 +0200)]
package/enchant: bump to version 2.2.15

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
4 years agopackage/libmaxminddb: bump to version 1.5.2
Fabrice Fontaine [Mon, 5 Apr 2021 13:04:58 +0000 (15:04 +0200)]
package/libmaxminddb: bump to version 1.5.2

https://github.com/maxmind/libmaxminddb/blob/1.5.2/Changes.md

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
4 years agopackage/lcms2: bump to version 2.12
Fabrice Fontaine [Mon, 5 Apr 2021 09:53:16 +0000 (11:53 +0200)]
package/lcms2: bump to version 2.12

Update hash of COPYING (word wrap:
https://github.com/mm2/Little-CMS/commit/48a1b9a1cae31b6ae001cd1963ab0170b9bebb34)

https://littlecms.com/blog/2021/02/06/lcms2-2.12

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
4 years agopackage/scapy: add CPE variables
Fabrice Fontaine [Mon, 5 Apr 2021 10:12:22 +0000 (12:12 +0200)]
package/scapy: add CPE variables

cpe:2.3:a:scapy:scapy is a valid CPE identifier for this package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Ascapy%3Ascapy

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
4 years agopackage/haproxy: bump to version 2.2.13
Fabrice Fontaine [Mon, 5 Apr 2021 13:53:21 +0000 (15:53 +0200)]
package/haproxy: bump to version 2.2.13

http://www.haproxy.org/download/2.2/src/CHANGELOG

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
4 years agopackage/python-networkx: add CPE variables
Fabrice Fontaine [Mon, 5 Apr 2021 11:33:28 +0000 (13:33 +0200)]
package/python-networkx: add CPE variables

cpe:2.3:a:python:networkx is a valid CPE identifier for this package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Apython%3Anetworkx

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
4 years agopackage/python-tornado: add CPE variables
Fabrice Fontaine [Mon, 5 Apr 2021 11:28:45 +0000 (13:28 +0200)]
package/python-tornado: add CPE variables

cpe:2.3:a:tornadoweb:tornado is a valid CPE identifier for this package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Atornadoweb%3Atornado

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
4 years agopackage/python-pyro: add CPE variables
Fabrice Fontaine [Mon, 5 Apr 2021 11:24:07 +0000 (13:24 +0200)]
package/python-pyro: add CPE variables

cpe:2.3:a:pyro_project:pyro is a valid CPE identifier for this package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Apyro_project%3Apyro

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
4 years agopackage/python-jinja2: add CPE variables
Fabrice Fontaine [Mon, 5 Apr 2021 11:14:59 +0000 (13:14 +0200)]
package/python-jinja2: add CPE variables

cpe:2.3:a:pocoo:jinja2 is a valid CPE identifier for this package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Apocoo%3Ajinja2

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
4 years agopackage/janus-gateway: add CPE variables
Fabrice Fontaine [Mon, 5 Apr 2021 11:07:15 +0000 (13:07 +0200)]
package/janus-gateway: add CPE variables

cpe:2.3:a:meetecho:janus is a valid CPE identifier for this package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Ameetecho%3Ajanus

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
4 years agopackage/python-docker: add CPE variables
Fabrice Fontaine [Mon, 5 Apr 2021 11:00:36 +0000 (13:00 +0200)]
package/python-docker: add CPE variables

cpe:2.3:a:docker:docker-py is a valid CPE identifier for this package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Adocker%3Adocker-py

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
4 years agopackage/python-decorator: add CPE variables
Fabrice Fontaine [Mon, 5 Apr 2021 10:49:03 +0000 (12:49 +0200)]
package/python-decorator: add CPE variables

cpe:2.3:a:python:decorator is a valid CPE identifier for this package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Apython%3Adecorator

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
4 years agopackage/python-bsdiff4: add CPE variables
Fabrice Fontaine [Mon, 5 Apr 2021 10:37:45 +0000 (12:37 +0200)]
package/python-bsdiff4: add CPE variables

cpe:2.3:a:pypi:bsdiff4 is a valid CPE identifier for this package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Apypi%3Absdiff4

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
4 years agodocs/website: update for 2020.02.12
Peter Korsgaard [Mon, 5 Apr 2021 12:03:54 +0000 (14:03 +0200)]
docs/website: update for 2020.02.12

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
4 years agoUpdate for 2020.02.12
Peter Korsgaard [Mon, 5 Apr 2021 10:36:40 +0000 (12:36 +0200)]
Update for 2020.02.12

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 1a6bd98fa87996f50f42a27857a9e9f029cc83e0)
[Peter: drop Makefile/Vagrantfile changes]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
4 years agopackage/coreutils: fix build without threads
Fabrice Fontaine [Sun, 4 Apr 2021 19:19:44 +0000 (21:19 +0200)]
package/coreutils: fix build without threads

Build of coreutils without threads is broken since bump to version 8.32
in commit b4a0f9fb0e45aded46eb7259e25a1113eabf93c0

Fixes:
 - http://autobuild.buildroot.org/results/8d00bdabef73daa2a1d1f4c6e183dda447a82134

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[yann.morin.1998@free.fr:
  - do an actual backport of patch 0002
  - add upstream status for patch 0003
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
4 years agodocs/website: update for 2020.11.4
Peter Korsgaard [Mon, 5 Apr 2021 10:16:27 +0000 (12:16 +0200)]
docs/website: update for 2020.11.4

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
4 years agoUpdate for 2020.11.4
Peter Korsgaard [Mon, 5 Apr 2021 09:13:57 +0000 (11:13 +0200)]
Update for 2020.11.4

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit f748088fa65b6862f943ed28e669db4b0f52c679)
[Peter: drop Makefile/Vagrantfile changes]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
4 years agopackage/expat: bump to version 2.3.0
Fabrice Fontaine [Mon, 5 Apr 2021 09:44:02 +0000 (11:44 +0200)]
package/expat: bump to version 2.3.0

https://github.com/libexpat/libexpat/blob/R_2_3_0/expat/Changes

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
4 years agopackage/python-web2py: add CPE variables
Fabrice Fontaine [Mon, 5 Apr 2021 09:38:49 +0000 (11:38 +0200)]
package/python-web2py: add CPE variables

cpe:2.3:a:web2py:web2py is a valid CPE identifier for this package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Aweb2py%3Aweb2py

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
4 years agopackage/python-sqlalchemy: add CPE variables
Fabrice Fontaine [Mon, 5 Apr 2021 09:31:50 +0000 (11:31 +0200)]
package/python-sqlalchemy: add CPE variables

cpe:2.3:a:sqlalchemy:sqlalchemy is a valid CPE identifier for this
package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Asqlalchemy%3Asqlalchemy

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
4 years agopackage/python-validators: add CPE variables
Fabrice Fontaine [Mon, 5 Apr 2021 09:31:11 +0000 (11:31 +0200)]
package/python-validators: add CPE variables

cpe:2.3:a:validators_project:validators is a valid CPE identifier for
this package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Avalidators_project%3Avalidators

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
4 years agopackage/python-m2crypto: add CPE variables
Fabrice Fontaine [Mon, 5 Apr 2021 09:30:25 +0000 (11:30 +0200)]
package/python-m2crypto: add CPE variables

cpe:2.3:a:m2crypto_project:m2crypto is a valid CPE identifier for this
package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Am2crypto_project%3Am2crypto

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
4 years agopackage/python-pygments: security bump to version 2.7.4
Peter Korsgaard [Sun, 4 Apr 2021 18:59:07 +0000 (20:59 +0200)]
package/python-pygments: security bump to version 2.7.4

Fixes the following security issues:

- CVE-2021-20270: An infinite loop in SMLLexer in Pygments versions 1.5 to
  2.7.3 may lead to denial of service when performing syntax highlighting of
  a Standard ML (SML) source file, as demonstrated by input that only
  contains the "exception" keyword

- CVE-2021-27291: In pygments 1.1+, fixed in 2.7.4, the lexers used to parse
  programming languages rely heavily on regular expressions.  Some of the
  regular expressions have exponential or cubic worst-case complexity and
  are vulnerable to ReDoS.  By crafting malicious input, an attacker can
  cause a denial of service

Python 2.x support was dropped in pygments 2.6, so adjust (reverse)
dependencies:

Version 2.6
-----------
(released March 8, 2020)

- Running Pygments on Python 2.x is no longer supported.
  (The Python 2 lexer still exists.)

Adjust the license hash for a change of copyright years:
https://github.com/pygments/pygments/commit/a590ac5ea7c00a41e253834306bfa19e38349c0b

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
4 years agopackage/libvips: bump to version 8.10.6
Fabrice Fontaine [Sun, 4 Apr 2021 16:35:32 +0000 (18:35 +0200)]
package/libvips: bump to version 8.10.6

Update indentation in hash file (two spaces)

https://github.com/libvips/libvips/blob/v8.10.6/ChangeLog

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
4 years agopackage/{bluez5_utils, bluez5_utils-headers}: bump to version 5.58
Bernd Kuhls [Sun, 4 Apr 2021 17:48:58 +0000 (19:48 +0200)]
package/{bluez5_utils, bluez5_utils-headers}: bump to version 5.58

Release notes:
http://www.bluez.org/release-of-bluez-5-58-and-5-57/

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
4 years agopackage/ell: bump version to 0.39
Bernd Kuhls [Sun, 4 Apr 2021 17:48:57 +0000 (19:48 +0200)]
package/ell: bump version to 0.39

Changelog:
https://git.kernel.org/pub/scm/libs/ell/ell.git/tree/ChangeLog

Needed for bluez5_utils bump to 5.58:
http://www.bluez.org/release-of-bluez-5-58-and-5-57/

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
4 years agopackage/samba4: AD DC support needs ADS
Bernd Kuhls [Sun, 4 Apr 2021 17:28:58 +0000 (19:28 +0200)]
package/samba4: AD DC support needs ADS

Needed due to upstream commit:
https://gitlab.com/samba-team/samba/-/commit/607c9ab307db36aee0604d209a13b45d28c63d9b

Fixes:
http://autobuild.buildroot.net/results/b3f/b3fe797408b9041de37433602b3a47211818e44b/

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
4 years agopackage/python-enum34: add CPE variables
Fabrice Fontaine [Sun, 4 Apr 2021 22:01:54 +0000 (00:01 +0200)]
package/python-enum34: add CPE variables

cpe:2.3:a:python:enum34 is a valid CPE identifier for this package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Apython%3Aenum34

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
4 years agopackage/python-ecdsa: add PYTHON_ECDSA_CPE_ID_VENDOR
Fabrice Fontaine [Sun, 4 Apr 2021 21:45:36 +0000 (23:45 +0200)]
package/python-ecdsa: add PYTHON_ECDSA_CPE_ID_VENDOR

cpe:2.3:a:python-ecdsa_project:python-ecdsa is a valid CPE identifier
for this package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Apython-ecdsa_project%3Apython-ecdsa

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
4 years agopackage/python-pyjwt: add CPE variables
Fabrice Fontaine [Sun, 4 Apr 2021 21:41:26 +0000 (23:41 +0200)]
package/python-pyjwt: add CPE variables

cpe:2.3:a:pyjwt_project:pyjwt is a valid CPE identifier for this
package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Apyjwt_project%3Apyjwt

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
4 years agopackage/python-pyopenssl: add CPE variables
Fabrice Fontaine [Sun, 4 Apr 2021 21:32:18 +0000 (23:32 +0200)]
package/python-pyopenssl: add CPE variables

cpe:2.3:a:pyopenssl:pyopenssl is a valid CPE identifier for this
package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Apyopenssl%3Apyopenssl

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
4 years agopackage/python-cryptography: add CPE variables
Fabrice Fontaine [Sun, 4 Apr 2021 21:25:52 +0000 (23:25 +0200)]
package/python-cryptography: add CPE variables

cpe:2.3:a:cryptography_project:cryptography is a valid CPE identifier
for this package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Acryptography_project%3Acryptography

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
4 years agopackage/python-paramiko: drop python-pyasn1 dependency
Fabrice Fontaine [Sun, 4 Apr 2021 21:13:26 +0000 (23:13 +0200)]
package/python-paramiko: drop python-pyasn1 dependency

python-pyasn1 is truly optional since version 2.5.0 and
https://github.com/paramiko/paramiko/commit/a31818c28556055341ae3d249e3893d40eb2b232

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
4 years agopackage/python-paramiko: add CPE variables
Fabrice Fontaine [Sun, 4 Apr 2021 21:01:22 +0000 (23:01 +0200)]
package/python-paramiko: add CPE variables

cpe:2.3:a:paramiko:paramiko is a valid CPE identifier for this package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Aparamiko%3Aparamiko

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
4 years agopackage/python-flask: add CPE variables
Fabrice Fontaine [Sun, 4 Apr 2021 20:53:04 +0000 (22:53 +0200)]
package/python-flask: add CPE variables

cpe:2.3:a:palletsprojects:flask is a valid CPE identifier for this
package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Apalletsprojects%3Aflask

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
4 years agopackage/python-parso: add CPE variables
Fabrice Fontaine [Sun, 4 Apr 2021 20:46:59 +0000 (22:46 +0200)]
package/python-parso: add CPE variables

cpe:2.3:a:parso_project:parso is a valid CPE identifier for this
package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Aparso_project%3Aparso

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
4 years agopackage/python-pygments: add CPE variables
Fabrice Fontaine [Sun, 4 Apr 2021 20:27:33 +0000 (22:27 +0200)]
package/python-pygments: add CPE variables

cpe:2.3:a:pygments:pygments is a valid CPE identifier for this package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Apygments%3Apygments

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
4 years agopackage/syslog-ng: Bump version to 3.31.2
Chris Packham [Sun, 4 Apr 2021 20:06:58 +0000 (08:06 +1200)]
package/syslog-ng: Bump version to 3.31.2

https://github.com/syslog-ng/syslog-ng/releases/tag/syslog-ng-3.31.2

Signed-off-by: Chris Packham <judge.packham@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
4 years agopackage/libvips: add LIBVIPS_CPE_ID_VENDOR
Fabrice Fontaine [Sun, 4 Apr 2021 16:06:52 +0000 (18:06 +0200)]
package/libvips: add LIBVIPS_CPE_ID_VENDOR

cpe:2.3:a:libvips_project:libvips is a valid CPE identifier for this
package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Alibvips_project%3Alibvips

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
4 years agopackage/ser2net: bump verstion to 4.3.3
Heiko Thiery [Wed, 24 Mar 2021 12:36:06 +0000 (13:36 +0100)]
package/ser2net: bump verstion to 4.3.3

Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
4 years agopackage/gensio: bump version to 2.2.4
Heiko Thiery [Wed, 24 Mar 2021 12:36:04 +0000 (13:36 +0100)]
package/gensio: bump version to 2.2.4

Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
4 years agopackage/openmpi: drop unrecognized option
Fabrice Fontaine [Wed, 24 Mar 2021 07:04:13 +0000 (08:04 +0100)]
package/openmpi: drop unrecognized option

--disable-vt has been dropped since version 2.0.0 and
https://github.com/open-mpi/ompi/commit/94190bf04b0877e878223a04c236443774e57ef2

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
4 years agopackage/lualogging: bump to version 1.5.1
Francois Perrad [Wed, 24 Mar 2021 08:51:42 +0000 (09:51 +0100)]
package/lualogging: bump to version 1.5.1

diff LICENSE:
-Copyright (c) 2004-2020 Kepler Project.
+Copyright (c) 2004-2021 Kepler Project.

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
4 years agopackage/qhull: bump to version 8.0.2
Fabrice Fontaine [Tue, 23 Mar 2021 19:18:26 +0000 (20:18 +0100)]
package/qhull: bump to version 8.0.2

- Static libs are supported since version 8.0.2 and
  https://github.com/qhull/qhull/commit/613debeaea72ee66626dace9ba1a2eff11b5d37d
- Update hash of COPYING, update year and authors with
  https://github.com/qhull/qhull/commit/4733a95be0298919a646a1d6044c1bee7a552880
- Update indentation in hash file (two spaces)

https://github.com/qhull/qhull/releases/tag/v8.0.2

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
4 years agopackage/libvips: add webp optional dependency
Fabrice Fontaine [Sun, 4 Apr 2021 14:30:48 +0000 (16:30 +0200)]
package/libvips: add webp optional dependency

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
4 years agopackage/libvips: add matio optional dependency
Fabrice Fontaine [Sun, 4 Apr 2021 14:30:47 +0000 (16:30 +0200)]
package/libvips: add matio optional dependency

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
4 years agopackage/libvips: add lcms2 optional dependency
Fabrice Fontaine [Sun, 4 Apr 2021 14:30:46 +0000 (16:30 +0200)]
package/libvips: add lcms2 optional dependency

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
4 years agopackage/libvips: add orc optional dependency
Fabrice Fontaine [Sun, 4 Apr 2021 14:30:45 +0000 (16:30 +0200)]
package/libvips: add orc optional dependency

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
4 years agopackage/libvips: add {image, graphics}magick optional dependencies
Fabrice Fontaine [Sun, 4 Apr 2021 14:30:44 +0000 (16:30 +0200)]
package/libvips: add {image, graphics}magick optional dependencies

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
4 years agopackage/libvips: add librsvg optional dependency
Fabrice Fontaine [Sun, 4 Apr 2021 14:30:43 +0000 (16:30 +0200)]
package/libvips: add librsvg optional dependency

librsvg is an optional dependency which is enabled by default since
version 8.3.0 and
https://github.com/libvips/libvips/commit/153886d2eb71eebcdca860cb691d8fbb976ad816

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>