Jianhui Zhao [Mon, 7 Jun 2021 02:42:39 +0000 (10:42 +0800)]
package/libuhttpd: bump version to 3.12.1
CMake options have been renamed: UHTTPD_ prefix was dropped,
BUILD_STATIC_LIBS renamed to BUILD_STATIC.
Also fix handling of BUILD_STATIC: it should only be given when building
static libs, otherwise no dynamic lib is built.
Signed-off-by: Jianhui Zhao <zhaojh329@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Romain Naour [Mon, 7 Jun 2021 18:54:39 +0000 (20:54 +0200)]
package/gcc: bump to version 9.4.0
Remove upstream patches
Reorder remaining patches
See:
https://gcc.gnu.org/pipermail/gcc-announce/2021/000168.html
Runtime tested:
https://gitlab.com/kubu93/buildroot/-/pipelines/
315291768
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Michael Fischer [Mon, 7 Jun 2021 08:24:51 +0000 (10:24 +0200)]
package/gnuplot: bump version to 5.4.2
Signed-off-by: Michael Fischer <mf@go-sys.de>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Francois Perrad [Mon, 7 Jun 2021 17:56:26 +0000 (19:56 +0200)]
package/lualdap: bump to version 1.3.0
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Grzegorz Blach [Mon, 7 Jun 2021 12:09:47 +0000 (14:09 +0200)]
package/python-rpi-ws281x: Bump to version 4.3.0
Remove 0001-ws2811.c-fix-build-with-gcc-4.8.patch,
it has been merged upstream.
Signed-off-by: Grzegorz Blach <grzegorz@blach.pl>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Christian Stewart [Mon, 7 Jun 2021 06:07:30 +0000 (23:07 -0700)]
package/docker-cli: bump version to 20.10.7
Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Christian Stewart [Mon, 7 Jun 2021 06:07:29 +0000 (23:07 -0700)]
package/docker-engine: bump version to 20.10.7
Drop upstreamed patch fix-port-forwarding-with-ipv6.
Upstream commit:
d29a55c6c344a536089d6b1bcd92be9cdea20641
Signed-off-by: Christian Stewart <christian@paral.in>
Tested-by: Christian Stewart <christian@paral.in>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Christian Stewart [Mon, 7 Jun 2021 06:01:58 +0000 (23:01 -0700)]
package/fuse-overlayfs: bump to version 1.5.0
Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Christian Stewart [Mon, 7 Jun 2021 05:57:49 +0000 (22:57 -0700)]
package/batman-adv: bump to version 2021.1
Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Kamel Bouhara [Tue, 8 Jun 2021 12:32:10 +0000 (14:32 +0200)]
package/usbguard: new package
usbguard is a software framework to implement USB
device blacklisting and whitelisting based on their
attributes.
More info. on: https://usbguard.github.io/
Signed-off-by: Kamel Bouhara <kamel.bouhara@bootlin.com>
Tested-by: Miquel Raynal <miquel.raynal@bootlin.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
[Arnout:
- correct indirect dependencies from protobuf instead of libglib2;
- say in Config.in help text that rules.conf has to be created]
Kamel Bouhara [Tue, 8 Jun 2021 12:32:09 +0000 (14:32 +0200)]
package/libqb: new package
libqb is a library providing features for client-server architecture,
such as logging, tracing, inter-process communication (IPC) and polling.
see: https://github.com/ClusterLabs/libqb
Signed-off-by: Kamel Bouhara <kamel.bouhara@bootlin.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Dario Binacchi [Mon, 7 Jun 2021 16:31:49 +0000 (18:31 +0200)]
configs/stm32f469_disco: fix kernel bootup
As described by [1], the kernel generated by the configuration for the
STM32f469 Discovery board is buggy. Using a newer kernel, as suggested
by [1], increases the dtb and Kernel image size. In particular, the
5.12 version of the kernel generates a dtb and a kernel image whose sum
exceeds the 2 MByte of the flash module.
So I decided to replace the afboot-stm32 bootloader in the flash with
U-boot to easily boot the system from sdcard without having to worry
about the size of dtb, kernel and rootfs generated by the configuration.
This solution allows you to fix the kernel boot issue and makes it
possible to use its future versions.
[1] http://buildroot-busybox.
2317881.n4.nabble.com/Bug-11746-New-stm32f469-didn-t-work-correctly-td219644.html
Signed-off-by: Dario Binacchi <dariobin@libero.it>
Acked-by: Christophe Priouzeau <christophe.priouzeau@foss.st.com>
Tested-by: Christophe Priouzeau <christophe.priouzeau@foss.st.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
[Arnout:
- specify headers version explicitly, even though it's default;
- bump kernel to 5.12.11]
Yann E. MORIN [Sun, 13 Jun 2021 14:32:07 +0000 (16:32 +0200)]
core/pkg-generic: fix instrumentation for packages that install nowhere
A (target [0]) package can independently declare installing in various
locations: target, staging, or images. The default is to only install
in target.
When a package opts out from installing to target, but does not opts
in to install in any other location, the package is not downloaded,
extracted, patched, configured, nor built at all. As a consequence, none
of the per-step instrumentation is executed, specifically the listing
of files before/after the package sequence.
Down the line, the package infra does not cope well with that situation,
because the gathering-install step, the one that synchronises all the
optional target, staging, or images install steps, still gets run.
And as #13836 shows, this does not go well:
/bin/sh: /home/tbuild/myboard/build/foo/.files-list.after: No such file or directory
make[1]: *** [/home/tbuild/myboard/build/foo/.stamp_installed] Error 1
make: *** [_all] Error 2
So, we should have ensured that the gathering-install step itself
depends on the build step, which would have solved the issue.
However, this bug really illustrates a more fundamental issue: does it
even make sense to have a package that installs nothing in any location?
Indeed, why even bother with that package to begin with if it will not
provide anything at all?
It turns out that yes, this makes sense. We have some packages, that
do not install anything at all, and do not even build anything; they are
there just to ensure that we can download something that will ultimately
be used by another package. This is the case for example for packages
that provide linux extensions, like aufs [1].
Additionally, some ugly out-of-tree packages could conceivably install
things during the build (or even configure!) steps. That's not unheard
of... [2]
So, the solution is to ensure that the gathering-install step does
depend on the build step, to trigger the proper dependency chain and
have the instrumentation hooks properly run even in that degenerate
case.
Fixes: #13836
[0] a host package can't opt out of installing anything.
[1] that one is actually missing AUFS_INSTALL_TARGET = NO, so this
hides the issue.
[2] even us are not 100% clean on that topic: gcc will install files in
staging and target as part of the same step (not the build, granted,
but still...)
Reported-by: "Weber, Matthew L Collins" <Matthew.Weber@collins.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Tested-by: Matthew Weber <matthew.weber@collins.com
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Adrian Perez de Castro [Thu, 27 May 2021 13:35:03 +0000 (16:35 +0300)]
package/weston: enable libseat launcher if seatd is enabled
Enable building Weston's libseat launcher, now that the seatd package
is available.
Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Martin Elshuber [Wed, 16 Jun 2021 12:42:02 +0000 (14:42 +0200)]
package/weston: add configuration options for weston shells
Enable selection of used weston shells. By default all available
shells are enabled to keep the old behavior. The new configuration
options enable the user to select them individually.
Signed-off-by: Martin Elshuber <martin.elshuber@theobroma-systems.com>
[yann.morin.1998@free.fr:
- ensure at least one shell is enabled; desktop arbitrarily chosen
- s/BR2_PACKAGE_WESTON_SHELL_SELECTED/BR2_PACKAGE_WESTON_HAS_SHELL/
- reword associated comment
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Arnout Vandecappelle (Essensium/Mind) [Wed, 16 Jun 2021 17:33:03 +0000 (19:33 +0200)]
package/lvm2: default standard install to y
Until commit
5c07dfcc1a52e2804011574a3e022523a20546c8
BR2_PACKAGE_LVM2_STANDARD_INSTALL would default to y. Indeed, the
default read:
default y if !BR2_PACKAGE_LVM2_DMSETUP_ONLY # legacy 2013.11
Since the legacy symbol is normally not selected, this defaults to y.
Commit
5c07dfcc1a52e2804011574a3e022523a20546c8 inadvertedly removed the
entire line instead of just the condition.
Fixes: https://bugs.busybox.net/show_bug.cgi?id=13846
For-stable: 2021.02, 2021.05
Cc: dominique.tronche@atos.net
Cc: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fabrice Fontaine [Sun, 25 Apr 2021 17:22:23 +0000 (19:22 +0200)]
package/snort3: new package
Snort 3 is the next generation Snort IPS (Intrusion
Prevention System).
- Support multiple packet processing threads
- Shared configuration and attribute table
- Use a simple, scriptable configuration
- Make key components pluggable
- Autodetect services for portless configuration
- Support sticky buffers in rules
- Autogenerate reference documentation
- Provide better cross platform support
https://www.snort.org/snort3
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Reviewed-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fabrice Fontaine [Sun, 25 Apr 2021 17:22:22 +0000 (19:22 +0200)]
package/daq3: new package
Add daq3 package to be able to add the snort3 package.
daq3 is not compatatible with snort as daq_load_modules has been removed
daq3 package has been created from the daq package, here is a summary of
the changes:
- Drop patch (not needed anymore)
- Enable parallel build as there is no more tokdefs.h
- Drop libdnet dependency
- Drop host-bison and host-flex dependencies
- Drop libpcap workarounds
- ipq module dropped since version 3.0.0-alpha1 and
https://github.com/snort3/libdaq/commit/
80c62799a936118c80894bf91f396c8aa8ba45a6
- Add LICENSE file (same content than COPYING)
- Update hash of COPYING (project name and GPLv2 text updated with
https://github.com/snort3/libdaq/commit/
46e8722da230082a5728175270ea3c04432d1af0)
- Add a dependency on gcc 4.9 for {t,u}h_{d,s}port that are protected on
glibc by _FAVOR_BSD (and so !defined _GNU_SOURCE) until version 2.19:
https://sourceware.org/git/?p=glibc.git;a=commit;h=
7011c2622fe3e10a29dbe74f06aaebd07710127d
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Francois Perrad [Sun, 13 Jun 2021 15:42:39 +0000 (17:42 +0200)]
package/lua-zlib: new package
This module is only partially compatible with lzlib (which is no longer
maintained).
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
[yann.morin.1998@free.fr: amend commit log about limited compatibility]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fabrice Fontaine [Sun, 25 Apr 2021 09:29:31 +0000 (11:29 +0200)]
package/python-dataproperty: bump to version 0.50.1
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fabrice Fontaine [Sun, 25 Apr 2021 09:29:30 +0000 (11:29 +0200)]
package/python-dataproperty: drop python-six dependency
python-six is not a dependency since drop of python 2 in version 0.47.0:
https://github.com/thombashi/DataProperty/commit/
d3fdde41af0151e2f04a3a79bea1fb33a28a98f7
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Michael Nosthoff [Wed, 21 Apr 2021 13:17:23 +0000 (15:17 +0200)]
package/bluez5_utils: Clean up descriptions
The descriptions in this package have grown pretty confusing over time.
Try to make this a bit more consistent and up-to-date.
* drop references to old kernel versions not supported by BR anymore
* Remove "Bluez 5.x" string from options
* consistently use the term "plugin" (plugins implement profiles)
* make mentioned profile appreviations upper-case
* make descriptions closer to the ones in BlueZ Readme [0]
* make clear that "tests" refers to the python test scripts
[0] https://git.kernel.org/pub/scm/bluetooth/bluez.git/tree/README?h=5.58
Signed-off-by: Michael Nosthoff <buildroot@heine.tech>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
[Arnout:
- remove more 5.x references;
- Use official spelling BlueZ in main help text]
Norbert Lange [Tue, 25 May 2021 17:26:48 +0000 (19:26 +0200)]
package/zstd: Simplify host-build
1.5.0 uses Threads by default for cli tool and DSO,
should not be necessary to do anything special.
Signed-off-by: Norbert Lange <nolange79@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Norbert Lange [Tue, 25 May 2021 17:26:47 +0000 (19:26 +0200)]
package/zstd: bump to version 1.5.0
Signed-off-by: Norbert Lange <nolange79@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Romain Naour [Tue, 25 May 2021 12:03:41 +0000 (14:03 +0200)]
package/libiec61850: bump to version 1.5.0
Remove all upstream patches
Remove IGNORE_CVES for CVE-2020-15158
Build tested:
https://gitlab.com/kubu93/buildroot/-/pipelines/
309037705
Signed-off-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Peter Korsgaard [Sun, 13 Jun 2021 21:10:11 +0000 (23:10 +0200)]
package/intel-microcode: security bump to version
20210608
Fixes the following security issues:
- CVE-2020-24489: A potential security vulnerability in some Intel®
Virtualization Technology for Directed I/0 (VT-d) products may allow
escalation of privilege. Intel is releasing firmware updates to mitigate
this potential vulnerability.
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00442.html
- CVE-2020-24511: Potential security vulnerabilities in some Intel®
Processors may allow information disclosure. Intel is releasing firmware
updates to mitigate these potential vulnerabilities.
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00464.html
- CVE-2020-24513: A potential security vulnerability in some Intel Atom®
Processors may allow information disclosure. Intel is releasing firmware
updates to mitigate this potential vulnerability.
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00465.html
For more details, see the release notes:
https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-
20210608
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Bartosz Bilas [Sat, 12 Jun 2021 09:00:06 +0000 (11:00 +0200)]
DEVELOPERS: add myself for cegui
Signed-off-by: Bartosz Bilas <b.bilas@grinn-global.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Bartosz Bilas [Sat, 12 Jun 2021 08:57:40 +0000 (10:57 +0200)]
package/cegui: bump to current master
v0-8-7 is pretty old (2016) and raises a lot of build failures
so switch to the current master version while at it disable
support for irrlicht and fribidi that are broken on master.
Moreover disable samples and application templates that
are not required.
Fixes:
- http://autobuild.buildroot.net/results/5b9/
5b9ff0e8f16a2fd732ae25d5383656f7ae205748/
- http://autobuild.buildroot.net/results/333/
33397224f8a8067d8ecbd6661b84ca155a0525c0/
and more...
Signed-off-by: Bartosz Bilas <b.bilas@grinn-global.com>
[yann.morin.1998@free.fr: fix check-package]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Andy Shevchenko [Mon, 14 Jun 2021 11:14:44 +0000 (14:14 +0300)]
package/fb-test-app: Add myself to DEVELOPERS
Add myself to DEVELOPERS as maintainer of fb-test-app.
Suggested-by: Arnout Vandecappelle <arnout@mind.be>
Signed-off-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Andreas Ziegler [Tue, 8 Jun 2021 08:53:32 +0000 (10:53 +0200)]
package/rpcbind fix version number
Commit
d13b292cec8166c4712cf4a0defbeee827ffaf78 introduced a patch for rpcbind but also changed the version number to a non-existing value.
Change rpcbind to last released version and adapt hash value.
Signed-off-by: Andreas Ziegler <br015@umbiko.net>
Reviewed-by: Petr Vorel <petr.vorel@gmail.com>
[yann.morin.1998@free.fr: fix version in patch too, noticed by Baruch]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Francois Perrad [Mon, 7 Jun 2021 17:56:04 +0000 (19:56 +0200)]
package/perl-type-tiny: bump to version 1.012003
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Francois Perrad [Mon, 7 Jun 2021 17:56:03 +0000 (19:56 +0200)]
package/perl-net-dns: bump to version 1.31
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Francois Perrad [Mon, 7 Jun 2021 17:56:02 +0000 (19:56 +0200)]
package/perl-libwww-perl: bump to version 6.54
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Francois Perrad [Mon, 7 Jun 2021 17:56:01 +0000 (19:56 +0200)]
package/perl-io-socket-ssl: bump to version 2.071
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Francois Perrad [Mon, 7 Jun 2021 17:56:00 +0000 (19:56 +0200)]
package/perl-http-message: bump to version 6.32
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Francois Perrad [Mon, 7 Jun 2021 17:55:59 +0000 (19:55 +0200)]
package/perl-convert-asn1: bump to version 0.31
diff LICENSE:
- This software is copyright (c) 2014 by Graham Barr.
+ This software is copyright (c) 2021 by Graham Barr.
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fabrice Fontaine [Sun, 13 Jun 2021 15:23:38 +0000 (17:23 +0200)]
package/botan: requires RC4 and RMD160 support in openssl
Enable RC4 and RMD160 in openssl to fix build failure raised since
commit
a83d41867c8d69a77d5cd0a665aa216af5340359
Fixes:
- http://autobuild.buildroot.org/results/
795671a39b754747725b09cf0e196defd6b0e59a
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fabrice Fontaine [Sun, 13 Jun 2021 14:52:52 +0000 (16:52 +0200)]
package/php: requires MD4, RC4 and RMD160 support in openssl
Enable MD4, RC4 and RMD160 in openssl to fix build failure raised since
commit
a83d41867c8d69a77d5cd0a665aa216af5340359
Fixes:
- http://autobuild.buildroot.org/results/
bd884a34e8de8990fc85bf51389ec4d8d3424482
- http://autobuild.buildroot.org/results/
faaa667b72ca7b8621d6b13b1912cd5413767222
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fabrice Fontaine [Sun, 13 Jun 2021 14:14:21 +0000 (16:14 +0200)]
package/luvi: requires DES support in openssl
Enable DES in openssl to fix build failure raised since commit
a83d41867c8d69a77d5cd0a665aa216af5340359
Fixes:
- http://autobuild.buildroot.org/results/
d8452e2de1bd866953d3bb0cb951e9f877f9a6e0
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fabrice Fontaine [Sun, 13 Jun 2021 10:47:06 +0000 (12:47 +0200)]
package/tpm-tools: requires DES support in openssl
Enable DES in openssl to fix build failure raised since commit
a83d41867c8d69a77d5cd0a665aa216af5340359
Fixes:
- http://autobuild.buildroot.org/results/
c104263d0fb6f758ac1e654b114f68b4fbfcf6bd
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fabrice Fontaine [Sun, 13 Jun 2021 09:46:25 +0000 (11:46 +0200)]
package/libvncserver: requires DES support in openssl
Enable DES in openssl to fix build failure raised since commit
a83d41867c8d69a77d5cd0a665aa216af5340359
Fixes:
- http://autobuild.buildroot.org/results/
3dd9a97e7faa99bab12d7acb069e8414e17f67e9
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fabrice Fontaine [Sun, 13 Jun 2021 09:39:44 +0000 (11:39 +0200)]
package/proftpd: requires RMD160 support in openssl
Enable RMD160 in openssl to fix build failure raised since commit
a83d41867c8d69a77d5cd0a665aa216af5340359
Fixes:
- http://autobuild.buildroot.org/results/
4c3e7a77d8d6c326135fe467bfcae627df4a9b9b
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Dick Olsson [Sun, 13 Jun 2021 18:45:09 +0000 (18:45 +0000)]
package/bitcoin: unset the NDEBUG flag
Since https://git.buildroot.net/buildroot/commit/?id=
5a8c50fe05afacc3cbe8e7347e238da9f242fab0
all packages are now built with NDEBUG, which broke Bitcoin builds.
Bitcoin is using assert(...) extensively with the assumption of it
never being a noop at runtime. So we cannot build with NDEBUG.
See: https://github.com/bitcoin/bitcoin/blob/0.21/src/compat/assumptions.h
Fixes:
http://autobuild.buildroot.org/results/83b/
83b6dc0b97b19888fb1187bbbca485961e58ce90/
and so many more...
Signed-off-by: Dick Olsson <hi@senzilla.io>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Andy Shevchenko [Mon, 24 May 2021 19:32:33 +0000 (22:32 +0300)]
package/fb-test-app: bump version to 1.3.1 and update project URL
- bump version to 1.1.1
- update project URL
Signed-off-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Francois Perrad [Mon, 24 May 2021 14:46:01 +0000 (16:46 +0200)]
package/pango: bump to version 1.48.4
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Francois Perrad [Mon, 24 May 2021 14:45:51 +0000 (16:45 +0200)]
package/librsvg: bump to version 2.50.5
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Francois Perrad [Mon, 24 May 2021 14:45:25 +0000 (16:45 +0200)]
package/harfbuzz: bump to version 2.8.1
remove unknown option fontconfig
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Francois Perrad [Mon, 24 May 2021 14:45:08 +0000 (16:45 +0200)]
package/gdk-pixbuf: bump to version 2.42.4
remove merged patches
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Petr Vorel [Mon, 24 May 2021 18:05:52 +0000 (20:05 +0200)]
package/ltp-testsuite: bump version to
20210524
Add locally computed sha256 (+ keep sha1 from github checksum file).
sysinfo.h fix patch is still needed (until Buildroot MUSL toolchain gets
updated).
Signed-off-by: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fabrice Fontaine [Sun, 13 Jun 2021 09:10:43 +0000 (11:10 +0200)]
package/libkrb5: add openssl optional dependency
openssl is an optional dependency which is enabled by default since at
least 2007 and
https://github.com/krb5/krb5/commit/
4c17f25c0f106ec8e3aad2cee4e7a24f66b5a65d
Enable DES, MD4 and RC4 in openssl to fix build failure raised since
commit
a83d41867c8d69a77d5cd0a665aa216af5340359
Fixes:
- http://autobuild.buildroot.org/results/
d73b477bd2064aee076f9debfd8d3346c63ba657
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[yann.morin.1998@free.fr: squash the two commits together]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Markus Mayer [Wed, 9 Jun 2021 23:48:19 +0000 (16:48 -0700)]
mtd-utils-2.1.2: ubihealthd depends on ubifs support
ubihealthd is only being built, if mtd-utils are being built
--with-ubifs. Reflect that dependency within buildroot.
Signed-off-by: Markus Mayer <mmayer@broadcom.com>
Tested-by: Heiko Thiery <heiko.thiery@gmail.com>
[yann.morin.1998@free.fr: fix check-package]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Romain Naour [Sun, 6 Jun 2021 15:03:51 +0000 (17:03 +0200)]
package/gdb: improve gdb version choice comment
The comment has been introduced by commit [1] where the latest
gdb version has been used when cross-gdb is not enabled.
But since then the gdb package doesn't use the latest gdb version when
cross-gdb is not enabled. It's the "stable" version.
[1] https://git.buildroot.net/buildroot/commit/?id=
fda818390b5e6a585608f4523356eafa0c587f53
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Romain Naour [Sun, 6 Jun 2021 13:13:31 +0000 (15:13 +0200)]
package/gdb: enable nios2
It turn out that gdb/gdbserver support for nios2 is available since 7.7 release, since commit [1] [2].
[1] https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff;h=
a1217d97c4b0449d052fad3d2df2ab58b48f918c
[2] https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff;h=
68f5f83833e21b8c8466fe852b403b81db227ce4
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Baruch Siach [Thu, 3 Jun 2021 16:10:42 +0000 (19:10 +0300)]
package/gnutls: disable tests
Tests can't build with NDEBUG is defined. Since commit
5a8c50fe05afa
("core: enable 'NDEBUG' unless BR2_ENABLE_RUNTIME_DEBUG is set") NDEBUG
is defined on !BR2_ENABLE_RUNTIME_DEBUG. Just disable tests.
Fixes:
http://autobuild.buildroot.net/results/
9ec31793484a69c14a66b7338d795089c07b9937/
http://autobuild.buildroot.net/results/
6ef8f1534237f2df4cff0a0bc0364fe9a46a5343/
http://autobuild.buildroot.net/results/
05ff156687138627f244ca3f6cb58f1ce7d127c4/
Cc: Matt Weber <matthew.weber@collins.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Baruch Siach [Thu, 3 Jun 2021 12:22:33 +0000 (15:22 +0300)]
package/daemon: fix build without BR2_ENABLE_RUNTIME_DEBUG
Since commit
5a8c50fe05afa ("core: enable 'NDEBUG' unless
BR2_ENABLE_RUNTIME_DEBUG is set"), NDEBUG is defined in compile flags
when BR2_ENABLE_RUNTIME_DEBUG is not enabled. Add a patch to make the
daemon package build with NDEBUG as it should.
Fixes:
http://autobuild.buildroot.net/results/
995ef1b5d9fce05881b2a41025916fa45b68a9bc/
http://autobuild.buildroot.net/results/
98cd9fb348d6cfe676667205b1f79ec2cd1490de/
http://autobuild.buildroot.net/results/
a7c51e6f59656d8c1e1c82a7129a670a68eb8a62/
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Giulio Benetti [Wed, 2 Jun 2021 21:48:20 +0000 (23:48 +0200)]
DEVELOPERS: add Giulio Benetti to udisks package
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fabrice Fontaine [Sat, 29 May 2021 17:16:48 +0000 (19:16 +0200)]
package/boost: upstream patch to re-enable logs with riscv32
Commit
d72350e62a0833e4d1527f4040da2063972bf9b3 disabled boost::logs on
riscv32 due to the use of SYS_futex, which doesn't exist on riscv32.
Revert "package/boost: disable logs with riscv32" and add an upstream
patch that uses SYS_futex_time64 instead.
This reverts commit
d72350e62a0833e4d1527f4040da2063972bf9b3.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Peter Korsgaard [Sun, 13 Jun 2021 08:45:49 +0000 (10:45 +0200)]
docs/website: update for 2021.02.3
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Peter Korsgaard [Sat, 12 Jun 2021 14:58:31 +0000 (16:58 +0200)]
Update for 2021.02.3
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit
5293208a57ce78f9fc958704d7df52f28532cde6)
[Peter: drop Makefile change]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Sat, 12 Jun 2021 21:47:20 +0000 (23:47 +0200)]
package/pppd: requires DES support in openssl
Enable DES in openssl to fix build failure raised since commit
a83d41867c8d69a77d5cd0a665aa216af5340359
Fixes:
- http://autobuild.buildroot.org/results/
3cd38e6dfd5f94f0bd1689e7db4ea1d723dd2a80
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[yann.morin.1998@free.fr: only select it for glibc toolchains]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fabrice Fontaine [Sat, 12 Jun 2021 21:52:16 +0000 (23:52 +0200)]
package/snmppp: requires DES support in openssl
Enable DES in openssl to fix build failure raised since commit
a83d41867c8d69a77d5cd0a665aa216af5340359
Fixes:
- http://autobuild.buildroot.org/results/
2aece7e503d36ebee2bce526f11b2400b9df761e
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fabrice Fontaine [Sat, 12 Jun 2021 21:42:31 +0000 (23:42 +0200)]
package/neon: requires DES and MD4 support in openssl
Enable DES and MD4 in openssl to fix build failure raised since commit
a83d41867c8d69a77d5cd0a665aa216af5340359
Fixes:
- http://autobuild.buildroot.org/results/
9145df89497df52c7124b82525b76d365aa92fc9
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fabrice Fontaine [Sat, 12 Jun 2021 21:36:24 +0000 (23:36 +0200)]
package/znc: requires blowfish support in openssl
Enable blowfish in openssl to fix build failure raised since commit
a83d41867c8d69a77d5cd0a665aa216af5340359
Fixes:
- http://autobuild.buildroot.org/results/
600f2b09da919d511df87d3f19fea71149c1260c
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fabrice Fontaine [Sat, 12 Jun 2021 21:28:34 +0000 (23:28 +0200)]
package/heirloom-mailx: add CPE variables
cpe:2.3:a:heirloom:mailx is a valid CPE identifier for this package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Aheirloom%3Amailx
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fabrice Fontaine [Sat, 12 Jun 2021 21:22:09 +0000 (23:22 +0200)]
package/libfreefare: requires DES support in openssl
Enable DES in openssl to fix build failure raised since commit
a83d41867c8d69a77d5cd0a665aa216af5340359
Fixes:
- http://autobuild.buildroot.org/results/
889ac8e5799e5b48c5964592acefb67feec1c021
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fabrice Fontaine [Sat, 12 Jun 2021 21:04:00 +0000 (23:04 +0200)]
package/heirloom-mailx: requires DES and RC2 support in openssl
Enable DES and RC2 in openssl to fix build failure raised since commit
a83d41867c8d69a77d5cd0a665aa216af5340359
Fixes:
- http://autobuild.buildroot.org/results/
2da419416da0cc34b65c89aa966b327640a177e2
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fabrice Fontaine [Sat, 12 Jun 2021 20:58:35 +0000 (22:58 +0200)]
package/perl-crypt-openssl-rsa: requires RMD160 support in openssl
Enable RMD160 in openssl to fix build failure raised since commit
a83d41867c8d69a77d5cd0a665aa216af5340359
Fixes:
- http://autobuild.buildroot.org/results/
e61d2f06812ce171e20bac96b3573d57927030d0
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Yann E. MORIN [Sat, 12 Jun 2021 21:32:03 +0000 (23:32 +0200)]
package/perl-crypt-openssl-rsa: add missing dependency to openssl
perl-crypt-openssl-rsa inherits the dependency on openssl indirectly
from perl-crypt-openssl-random. Hwvere, perl-crypt-openssl-rsa needs
the openssl libraries for itself, so it must explicitly depend on it.
So far, this was totally unconsequential, but since commit
a83d41867c8d
(package/libopenssl: add option to enable some features), features can
be configured out, of which RMD160 that perl-crypt-openssl-rsa needs.
If we were to add the select to that option (in a followup commit),
without a dependency to openssl, that would be very confusing in the
future.
So, add the explicit dependency now.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fabrice Fontaine [Sat, 12 Jun 2021 15:19:08 +0000 (17:19 +0200)]
package/python-pymupdf: fix tarball name for sha256
Fix tarball name for sha256 which is wrong since the addition of the
package in commit
71f7fc8a27af383d3307945bf6e880491cb74bd4
While at it, also update indentation to 2 spaces
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fabrice Fontaine [Sat, 12 Jun 2021 15:20:03 +0000 (17:20 +0200)]
package/mupdf: add MUPDF_CPE_ID_VENDOR
cpe:2.3:a:artifex:mupdf is a valid CPE identifier for this package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Aartifex%3Amupdf
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fabrice Fontaine [Sat, 12 Jun 2021 14:38:35 +0000 (16:38 +0200)]
boot/edk2: add EDK2_CPE_ID_VENDOR
cpe:2.3:a:tianocore:edk2 is a valid CPE identifier for this package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Atianocore%3Aedk2
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fabrice Fontaine [Sat, 12 Jun 2021 13:52:33 +0000 (15:52 +0200)]
package/perl-net-ssleay: requires RMD160 support in openssl
Enable RMD160 in openssl to fix build failure raised since commit
a83d41867c8d69a77d5cd0a665aa216af5340359
Fixes:
- http://autobuild.buildroot.org/results/
c17e37e50d2f6c7a26a9d993ae822e312f7b1f21
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fabrice Fontaine [Sat, 12 Jun 2021 13:32:22 +0000 (15:32 +0200)]
package/softether: requires DES, MD4 and RC4 support in openssl
Enable DES, MD4 and RC4 in openssl to fix build failure raised since
commit
a83d41867c8d69a77d5cd0a665aa216af5340359
Fixes:
- http://autobuild.buildroot.org/results/
ce601fb26d143e03adb39c41f2fdfca3b3191127
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[yann.morin.1998@free.fr:
- drop conditionals on selects: libopenssl is forced
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Thomas Petazzoni [Wed, 9 Jun 2021 08:16:20 +0000 (10:16 +0200)]
docs/website: change wording about training provided by Bootlin
As suggested by Yann, let's avoid announcing the exact date of the
next course, as it gets outdated very often. Instead, use a more
generic wording and simply point to a Bootlin page that has all the
details.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fabrice Fontaine [Sat, 12 Jun 2021 12:02:10 +0000 (14:02 +0200)]
package/rsync: fix CVE-2020-14387
A flaw was found in rsync in versions since 3.2.0pre1. Rsync improperly
validates certificate with host mismatch vulnerability. A remote,
unauthenticated attacker could exploit the flaw by performing a
man-in-the-middle attack using a valid certificate for another hostname
which could compromise confidentiality and integrity of data transmitted
using rsync-ssl. The highest threat from this vulnerability is to data
confidentiality and integrity. This flaw affects rsync versions before
3.2.4.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[Peter: add a comment explaining what patch fixes this CVE]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Peter Korsgaard [Sat, 12 Jun 2021 11:43:42 +0000 (13:43 +0200)]
{linux, linux-headers}: bump 4.{4, 9, 14, 19}.x / 5.{4, 10, 11, 12}.x series
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Sat, 12 Jun 2021 12:11:40 +0000 (14:11 +0200)]
package/openvpn: requires DES support in openssl
Enable DES in openssl to fix build failure raised since commit
a83d41867c8d69a77d5cd0a665aa216af5340359
Fixes:
- http://autobuild.buildroot.org/results/
a371f455d9550cb1593b5e349278082001245178
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fabrice Fontaine [Sat, 12 Jun 2021 11:49:54 +0000 (13:49 +0200)]
package/vtun: requires blowfish support in openssl
Enable blowfish in openssl to fix build failure raised since commit
a83d41867c8d69a77d5cd0a665aa216af5340359
Fixes:
- http://autobuild.buildroot.org/results/
38f6b92ead5861c2e15ca768acea9742ad4e0fec
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fabrice Fontaine [Wed, 9 Jun 2021 16:58:37 +0000 (18:58 +0200)]
package/libtorrent: requires RC4 support in openssl
Enable RC4 in openssl to fix build failure raised since commit
a83d41867c8d69a77d5cd0a665aa216af5340359
Fixes:
- http://autobuild.buildroot.org/results/
c909fedb5f59d8a434a3bde469155ff550615e3c
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Yann E. MORIN [Sun, 6 Jun 2021 07:59:32 +0000 (09:59 +0200)]
package/freerdp: needs rc4 from libopenssl
Fixes:
http://autobuild.buildroot.org/results/
b21b21a66bef2bc09231e475037a8f9be5584fa4/
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fabrice Fontaine [Sat, 12 Jun 2021 11:37:07 +0000 (13:37 +0200)]
package/netsnmp: requires DES support in openssl
Enable DES in openssl to fix build failure raised since commit
a83d41867c8d69a77d5cd0a665aa216af5340359
Fixes:
- http://autobuild.buildroot.org/results/
76ddd42cfecc596e431490747e3a32b937f95a17
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fabrice Fontaine [Sat, 12 Jun 2021 11:27:22 +0000 (13:27 +0200)]
package/mender: requires MD4 and RMD160 support in openssl
Enable MD4 and RMD160 in openssl to fix build failure raised since
commit
a83d41867c8d69a77d5cd0a665aa216af5340359
Fixes:
- http://autobuild.buildroot.org/results/
0b9ad028609f7e3e4eddd4439deaf7b3aa1d1273
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fabrice Fontaine [Wed, 9 Jun 2021 21:54:22 +0000 (23:54 +0200)]
package/netatalk: requires CAST and DES support in openssl
Enable CAST and DES in openssl to fix build failures raised since commit
a83d41867c8d69a77d5cd0a665aa216af5340359
Fixes:
- http://autobuild.buildroot.org/results/
b7347e3e4b828901dcb954f7cc37b712b80ac49b
- http://autobuild.buildroot.org/results/
453c10ff24ef48f1340ec91412e504fe604033cf
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[yann.morin.1998@free.fr:
- move the 'select' of the options closer to the 'select' on openssl
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fabrice Fontaine [Wed, 9 Jun 2021 21:30:46 +0000 (23:30 +0200)]
package/rhash: requires RMD160 support in openssl
Enable RMD160 in openssl to fix build failure raised since commit
a83d41867c8d69a77d5cd0a665aa216af5340359
Fixes:
- http://autobuild.buildroot.org/results/
e3733ad25de55616b2eafff0b489aea2bee65e06
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fabrice Fontaine [Wed, 9 Jun 2021 19:52:57 +0000 (21:52 +0200)]
package/transmission: requires RC4 support in openssl
Enable RC4 in openssl to fix build failure raised since commit
a83d41867c8d69a77d5cd0a665aa216af5340359
Fixes:
- http://autobuild.buildroot.org/results/
c658beb245cbf06786aa4155c7649c3e1a613e39
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[yann.morin.1998@free.fr:
- move the 'select' of the option closer to the 'select' on openssl
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
John Keeping [Fri, 11 Jun 2021 18:00:27 +0000 (19:00 +0100)]
package/connman: security bump to 1.40
Fix CVE-2021-33833 which is a stack buffer overflow in dnsproxy.
Release notes:
https://lore.kernel.org/connman/
20210610113503.ob45lhssqy5hk4ki@beryllium.lan/
Signed-off-by: John Keeping <john@metanate.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Peter Korsgaard [Fri, 11 Jun 2021 10:03:08 +0000 (12:03 +0200)]
package/squid: security bump to version 4.15
Fixes the following security issues:
- CVE-2021-28651: Denial of Service in URN processing
Due to a buffer management bug Squid is vulnerable to a Denial of service
attack against the server it is operating on.
This attack is limited to proxies which attempt to resolve a "urn:"
resource identifier. Support for this resolving is enabled by default in
all Squid.
https://github.com/squid-cache/squid/security/advisories/GHSA-ch36-9jhx-phm4
- CVE-2021-28652: Denial of Service issue in Cache Manager
Due to an incorrect parser validation bug Squid is vulnerable to a Denial
of Service attack against the Cache Manager API.
https://github.com/squid-cache/squid/security/advisories/GHSA-m47m-9hvw-7447
- CVE-2021-28662: Denial of Service in HTTP Response Processing
Due to an input validation bug Squid is vulnerable to a Denial of Service
against all clients using the proxy.
https://github.com/squid-cache/squid/security/advisories/GHSA-jjq6-mh2h-g39h
- CVE-2021-31806, CVE-2021-31807, CVE-2021-31808: Multiple Issues in HTTP
Range header
Due to an incorrect input validation bug Squid is vulnerable to
a Denial of Service attack against all clients using the proxy.
https://github.com/squid-cache/squid/security/advisories/GHSA-pxwq-f3qr-w2xf
- CVE-2021-33620: Denial of Service in HTTP Response processing
Due to an input validation bug Squid is vulnerable to a Denial of Service
against all clients using the proxy.
https://github.com/squid-cache/squid/security/advisories/GHSA-572g-rvwr-6c7f
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Peter Korsgaard [Thu, 10 Jun 2021 21:47:30 +0000 (23:47 +0200)]
package/mpg123: bump version to 1.25.15
Bugfix release. From the release notes:
Some backports of important fixes to the 1.25 series, for very conservative
people.
libmpg123: Backport bit reservoir CRC fix from 1.26
libmpg123: Backport part2_3_length regression fix (bug 312).
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Wed, 9 Jun 2021 21:04:48 +0000 (23:04 +0200)]
package/libsoup: fix build with NLS
Fix build failure with NLS raised since bump to version 2.72.0 in commit
8e5f7f1cfc8fd7a9d5270f6a9707eb9eecfd21da
Fixes:
- http://autobuild.buildroot.org/results/
1793753629d81476a3cd6fea40029cbd7de0206c
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Peter Korsgaard [Mon, 7 Jun 2021 15:18:41 +0000 (17:18 +0200)]
package/udisks: drop unused lvm2 support
BR2_PACKAGE_UDISKS_LVM2 was dropped in commit
eb251b30084e38 (package/lvm2:
drop BR2_PACKAGE_LVM2_APP_LIBRARY), but missed when merging next. Drop it.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Peter Korsgaard [Mon, 7 Jun 2021 15:14:37 +0000 (17:14 +0200)]
Merge branch 'next'
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Peter Korsgaard [Mon, 7 Jun 2021 09:20:28 +0000 (11:20 +0200)]
Kickoff 2021.08 cycle
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Peter Korsgaard [Mon, 7 Jun 2021 09:19:43 +0000 (11:19 +0200)]
docs/website/news.html: add 2021.05 announcement link
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Peter Korsgaard [Sun, 6 Jun 2021 21:21:08 +0000 (23:21 +0200)]
Update for 2021.05
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Peter Korsgaard [Sun, 6 Jun 2021 21:12:11 +0000 (23:12 +0200)]
docs/website: update for 2021.05-rc3
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Yann E. MORIN [Sun, 6 Jun 2021 21:04:00 +0000 (23:04 +0200)]
DEVELOPPERS: remove Chakra Divi
The domain for their email is now a parking-site, and mails are not
delivered anymore.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fabrice Fontaine [Sun, 6 Jun 2021 17:38:04 +0000 (19:38 +0200)]
package/mimic: fix static build with gcc 10
Fixes:
- http://autobuild.buildroot.org/results/
bee20bbfa4fa64ed8704bfb9586d5a3148f39fdf
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Chan, Donald [Thu, 20 May 2021 01:49:43 +0000 (01:49 +0000)]
package/python3-cryptography: add python3 host variant
Add a python3 host variant since another downstream OSS component
(OP-TEE) uses buildroot and it will depend on a python3 host variant
of python-cryptography.
Signed-off-by: Donald Chan <hoiho@lab126.com>
[yann.morin.1998@free.fr:
- drop target _DEPENDENCIES since this is a host-only package
- instead, add host-openssl to dependencies
- add CPE variables
- also add sync comment for python-pip
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Chan, Donald [Thu, 20 May 2021 01:48:58 +0000 (01:48 +0000)]
package/python3-cffi: add python3 host variant
Add a python3 host variant since we are adding a python3 host variant of
python-cryptography and it is dependent on this.
Signed-off-by: Donald Chan <hoiho@lab126.com>
[yann.morin.1998@free.fr:
- drop target _DEPENDENCIES since this is a host-only package
- also add sync comment to python-cffi
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Chan, Donald [Thu, 20 May 2021 01:48:29 +0000 (01:48 +0000)]
package/python3-pycparser: add python3 host variant
Add a python3 host variant since we are adding a python3 host variant of
python-cryptography and it is dependent on this.
Signed-off-by: Donald Chan <hoiho@lab126.com>
[yann.morin.1998@free.fr: also add sync comment to python-pycparser]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>