Peter Korsgaard [Wed, 22 Sep 2021 08:53:06 +0000 (10:53 +0200)]
package/libcurl: security bump to version 7.79.1
Fixes the following security issues:
- CVE-2021-22945: UAF and double-free in MQTT sending
When sending data to an MQTT server, libcurl could in some circumstances
erroneously keep a pointer to an already freed memory area and both use
that again in a subsequent call to send data and also free it again.
https://curl.se/docs/CVE-2021-22945.html
- CVE-2021-22946: Protocol downgrade required TLS bypassed
A user can tell curl to require a successful upgrade to TLS when speaking
to an IMAP, POP3 or FTP server (--ssl-reqd on the command line or
CURLOPT_USE_SSL set to CURLUSESSL_CONTROL or CURLUSESSL_ALL with libcurl).
This requirement could be bypassed if the server would return a properly
crafted but perfectly legitimate response.
This flaw would then make curl silently continue its operations without
TLS contrary to the instructions and expectations, exposing possibly
sensitive data in clear text over the network.
https://curl.se/docs/CVE-2021-22946.html
- CVE-2021-22947: STARTTLS protocol injection via MITM
When curl connects to an IMAP, POP3, SMTP or FTP server to exchange data
securely using STARTTLS to upgrade the connection to TLS level, the server
can still respond and send back multiple responses before the TLS upgrade.
Such multiple "pipelined" responses are cached by curl. curl would then
upgrade to TLS but not flush the in-queue of cached responses and instead
use and trust the responses it got before the TLS handshake as if they
were authenticated.
Using this flaw, it allows a Man-In-The-Middle attacker to first inject
the fake responses, then pass-through the TLS traffic from the legitimate
server and trick curl into sending data back to the user thinking the
attacker's injected data comes from the TLS-protected server.
Over POP3 and IMAP an attacker can inject fake response data.
https://curl.se/docs/CVE-2021-22947.html
In addition, 7.79.1 fixes a number of regressions in 7.79.0:
https://daniel.haxx.se/blog/2021/09/22/curl-7-79-1-patched-up-and-ready/
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Peter Korsgaard [Tue, 21 Sep 2021 19:16:50 +0000 (21:16 +0200)]
package/ghostscript: add upstream security patch for CVE-2021-3781
The file access protection built into Ghostscript proved insufficient for
the "%pipe%" PostScript device, when combined with Ghostscript's requirement
to be able to create and control temporary files in the conventional
temporary file directories (for example, "/tmp" or "/temp). This exploit is
restricted to Unix-like systems (i.e., it doesn't affect Windows). The most
severe claimed results are only feasible if the exploit is run as a "high
privilege" user (root/superuser level) \u2013 a practice we would discourage
under any circumstances.
For more details, see the advisory:
https://ghostscript.com/CVE-2021-3781.html
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Peter Korsgaard [Tue, 21 Sep 2021 09:32:49 +0000 (11:32 +0200)]
package/lynx: add security patch for CVE-2021-38165
Lynx through 2.8.9 mishandles the userinfo subcomponent of a URI, which
allows remote attackers to discover cleartext credentials because they may
appear in SNI data.
https://lists.nongnu.org/archive/html/lynx-dev/2021-08/msg00002.html
Upstream unfortunately does not provide a public VCS (only source
snapshots), so fetch the security patch from Debian.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Peter Korsgaard [Mon, 20 Sep 2021 22:02:34 +0000 (00:02 +0200)]
package/xen: security bump to version 4.14.3
Includes a number of bugfixes and the security fixes up to xsa-384:
https://xenproject.org/downloads/xen-project-archives/xen-project-4-14-series/xen-project-4-14-3/
Drop the now upstream
0002-libs-foreignmemory-Fix-osdep_xenforeignmemory_map-prototype.patch, and
renumber the remaining patches.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Adrian Perez de Castro [Mon, 20 Sep 2021 18:43:41 +0000 (21:43 +0300)]
package/webkitgtk: security bump to version 2.32.4
This is a minor release which provides fixes for CVE-2021-30858 and
a number of other potential security issues without an associated CVE.
Patch "0001-Add-ldp-and-stp-support-for-FP-registers-plus-some-b.patch"
is deleted as it has been included in this release.
Full release notes can be found at:
https://webkitgtk.org/2021/09/17/webkitgtk2.32.4-released.html
An accompanying security advisory has been published at:
https://webkitgtk.org/security/WSA-2021-0005.html
Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Adrian Perez de Castro [Mon, 20 Sep 2021 12:46:32 +0000 (15:46 +0300)]
package/wpewebkit: security bump to version 2.32.4
This is a minor release which provides fixes for CVE-2021-30858 and
a number of other potential security issues without an associated CVE.
Patch "0001-Add-ldp-and-stp-support-for-FP-registers-plus-some-b.patch"
is deleted as it has been included in this release.
Full release notes can be found at:
https://wpewebkit.org/release/wpewebkit-2.32.4.html
An accompanying security advisory has been published at:
https://wpewebkit.org/security/WSA-2021-0005.html
Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fabrice Fontaine [Sun, 19 Sep 2021 19:37:11 +0000 (21:37 +0200)]
package/python-pip: security bump to version 21.2.4
- SECURITY: Stop splitting on unicode separators in git references,
which could be maliciously used to install a different revision on the
repository. (#9827)
- Update hash of LICENSE.txt (update in year)
- Update indentation in hash file (two spaces)
https://pip.pypa.io/en/stable/news/#v21-2-4
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
James Hilliard [Wed, 22 Sep 2021 08:03:47 +0000 (02:03 -0600)]
package/{python-}protobuf: bump to version 3.18.0
python-protobuf no longer supports python2, so depend on
BR2_PACKAGE_PYTHON3. Reverse dependencies already depend on
python3.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Reviewed-by: Michael Nosthoff <buildroot@heine.tech>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fabrice Fontaine [Mon, 20 Sep 2021 16:30:31 +0000 (18:30 +0200)]
package/iwd: fix build with uclibc-ng
Fix the following build failure with uclibc-ng raised since bump to
version 1.17 in commit
9badccc9d4887aa2365d7350e3b26bd4250dad48:
/home/giuliobenetti/autobuild/run/instance-3/output-1/host/lib/gcc/xtensa-buildroot-linux-uclibc/10.3.0/../../../../xtensa-buildroot-linux-uclibc/bin/ld: src/sae.o: in function `sae_rx_authenticate':
sae.c:(.text+0xd74): undefined reference to `reallocarray'
Fixes:
- http://autobuild.buildroot.org/results/
c6d3f86282c44645b4f1c61882dc63ccfc8eb35a
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Reviewed-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Thomas De Schampheleire [Mon, 13 Sep 2021 07:29:42 +0000 (09:29 +0200)]
toolchain/helpers.mk: gdbinit: set auto-load-safe-path before sysroot
The gdbinit supplied by Buildroot does two things:
A. specify the sysroot where gdb can find shared libraries
B. mark the sysroot as a 'safe path' for its auto-load feature, to make sure
that pretty printers for libstdc++.so are added automatically (see commit
6fb3216a80c64c08375429d89497eaeec5622150)
When debugging a core file, and the gdbinit file is specified via '-x'
rather than '-ix', then the order of these settings matters: If you first
set the sysroot, then gdb will immediately start finding the shared
libraries it needs for the core file, detect libstdc++ and its associated
libstdc++-gdb.py file, then give a big warning about safe paths:
warning: File ".../i686-buildroot-linux-gnu/sysroot/lib/libstdc++.so.6.0.24-gdb.py"
auto-loading has been declined by your `auto-load safe-path' set
to "$debugdir:$datadir/auto-load".
To enable execution of this file add
add-auto-load-safe-path .../i686-buildroot-linux-gnu/sysroot/lib/libstdc++.so.6.0.24-gdb.py
line to your configuration file "/home/me/.gdbinit".
To completely disable this security protection add
set auto-load safe-path /
line to your configuration file "/home/me/.gdbinit".
For more information about this security protection see the
"Auto-loading safe path" section in the GDB manual. E.g., run from the shell:
info "(gdb)Auto-loading safe path"
and the pretty printing code is not loaded. This is because the second
line from the gdbinit file was not yet parsed at this point.
By changing the order (first configuring the safe path, then setting the
sysroot), this issue does not appear and everything is as expected.
Note that when '-ix' were used instead of '-x' to pass the gdbinit file to
gdb, then the order would not matter, because the entire gdbinit file would
be parsed before considering the core file.
However, even though the Buildroot manual now suggests '-ix', users may not
have noticed this change and continue to use '-x'.
Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Thomas De Schampheleire [Mon, 13 Sep 2021 07:29:41 +0000 (09:29 +0200)]
docs/manual/using-buildroot-debugger: suggest '-ix' iso '-x' when loading gdbinit
A gdbinit file passed via '-x' will be read _after_ parsing any
object/core file passed on the command-line. In cross-compilation context,
this is particularly a problem when loading a core file, because without the
'sysroot' specified in the gdbinit file, it will give a lot of warnings,
like:
warning: .dynamic section for "/lib/libstdc++.so.6" is not at the expected address (wrong library or version mismatch?)
warning: .dynamic section for "/lib/librt.so.1" is not at the expected address (wrong library or version mismatch?)
warning: .dynamic section for "/lib/libm.so.6" is not at the expected address (wrong library or version mismatch?)
warning: .dynamic section for "/lib/libgcc_s.so.1" is not at the expected address (wrong library or version mismatch?)
warning: .dynamic section for "/lib/libc.so.6" is not at the expected address (wrong library or version mismatch?)
warning: .dynamic section for "/lib/ld-linux.so.2" is not at the expected address (wrong library or version mismatch?)
warning: .dynamic section for "/lib/libanl.so.1" is not at the expected address (wrong library or version mismatch?)
warning: .dynamic section for "/lib/libdl.so.2" is not at the expected address (wrong library or version mismatch?)
warning: .dynamic section for "/lib/libpthread.so.0" is not at the expected address (wrong library or version mismatch?)
warning: .dynamic section for "/usr/lib/libz.so.1" is not at the expected address (wrong library or version mismatch?)
warning: .dynamic section for "/lib/libnss_files.so.2" is not at the expected address (wrong library or version mismatch?)
warning: Could not load shared library symbols for 17 libraries, e.g. [...]
Use the "info sharedlibrary" command to see the complete listing.
Do you need "set solib-search-path" or "set sysroot"?
In contrast, the '-ix' option will load the specified gdbinit file _before_
parsing object/core files. This will remove said warnings.
See also: https://sourceware.org/bugzilla/show_bug.cgi?id=28330
Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
James Hilliard [Sun, 12 Sep 2021 22:04:57 +0000 (16:04 -0600)]
package/wireplumber: new package
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
James Hilliard [Sun, 12 Sep 2021 20:47:41 +0000 (14:47 -0600)]
package/pipewire: add option to enable media-session support
The example media-session pipewire session manager requires
pipewire to be built with examples enabled, add support for
enabling this while depending on examples being enabled.
To simplify adding support for additional session managers in
the future such as wireplumber we pass a comma separated list
to the -Dsession-managers meson config option. This also will
ensure that systemd services that depend on media-session are
only installed if media-session support is enabled.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Romain Naour [Sun, 12 Sep 2021 14:11:34 +0000 (16:11 +0200)]
support/testing: switch to prebuilt toolchain, core2duo to Nehalem
To avoid spending some time to build the x86_64 toolchain (~20min),
switch to corei7 cpu (Nahalem) and use the prebuilt Bootlin toolchain.
We have to use the "stable" Bootlin toolchain to use the same kernel version
for the toolchain kernel headers and the running kernel.
With the "bleeding-edge" toolchain we have the "kernel too old" issue
(running kernel 4.19 vs kernel headers 5.4)
Runtime tested locally.
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Romain Naour [Sun, 12 Sep 2021 14:11:33 +0000 (16:11 +0200)]
support/testing: test_openssh: use a prebuilt toolchain
Switch from the Buildroot internal toolchain for armv5 to
the prebuilt Bootlin external toolchain.
The test doesn't require to build a toolchain, there was
no prebuilt glibc toolchain recent enough at the time this
test has been introduced.
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Romain Naour [Sun, 12 Sep 2021 14:11:32 +0000 (16:11 +0200)]
support/testing: test_rust: remove kernel build
This test already use builtin kernel provided by the testsuite infra:
self.emulator.boot(arch="armv7",
kernel="builtin",
options=["-initrd", img])
But a second kernel is build from the its defconfig. This second kernel
is not used by the test.
The TestRust (using BR2_PACKAGE_HOST_RUST=y) is really long to build,
save some cpu time by removing the kernel build.
This unused kernel (based on 4.11.3 release) doesn't even build with
host gcc >= 10.
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Romain Naour [Sun, 12 Sep 2021 14:11:31 +0000 (16:11 +0200)]
support/testing: test_lxc bump to kernel 4.19.204
The kernel 4.19.79 curently used by the test doesn't build with host
gcc >= 10 due the gcc default -fno-common. See GCC 10 porting guide [1].
/usr/bin/ld: scripts/dtc/dtc-parser.tab.o:(.bss+0x20): multiple definition of `yylloc'; scripts/dtc/dtc-lexer.lex.o:(.bss+0x0): first defined here
The issue was fixed in 4.19.114 [2]
Bump to the latest 4.19.x version.
[1] https://gcc.gnu.org/gcc-10/porting_to.html
[2] http://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=
621f2ded601546119fabccd1651b1ae29d26cd38
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Romain Naour [Sun, 12 Sep 2021 14:11:30 +0000 (16:11 +0200)]
support/testing: test_iso9660: bump to kernel 4.19.204
The kernel 4.11 curently used by the test doesn't build with host
gcc >= 10 due the gcc default -fno-common. See GCC 10 porting guide [1].
/usr/bin/ld: scripts/dtc/dtc-parser.tab.o:(.bss+0x20): multiple definition of `yylloc'; scripts/dtc/dtc-lexer.lex.o:(.bss+0x0): first defined here
Update to the latest 4.19 LTS version but doing so requires to
disable CONFIG_RETPOLINE since the toolchain is not retpoline
capable [2].
Fixes:
https://gitlab.com/kubu93/buildroot/-/jobs/
1564202078
[1] https://gcc.gnu.org/gcc-10/porting_to.html
[2] https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=
8c4ad5d39144776c2987e81609204e1766ed4190
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Romain Naour [Sun, 12 Sep 2021 14:11:29 +0000 (16:11 +0200)]
support/testing: test_openrc: switch to ARM arm toolchain and builtin kernel
The kernel 5.5.7 curently used by the test doesn't build with host
gcc >= 10 due the gcc default -fno-common. See GCC 10 porting guide [1].
/usr/bin/ld: scripts/dtc/dtc-parser.tab.o:(.bss+0x20): multiple definition of `yylloc'; scripts/dtc/dtc-lexer.lex.o:(.bss+0x0): first defined here
But we can't just update this test to the next linux kernel LTS 5.10.y since
the minimum gcc version has been updated to gcc 4.9 since 5.8 kernel [2]
and the Sourcery CodeBench ARM 2014.05 is used (gcc 4.8 based).
Enable arm cortex A9 and VFP support to switch to the ARM arm prebuilt
toolchain (the Bootlin toolchain could be used).
While at it use the prebuilt buildin kernel for the vexpress target
recently updated to 5.10.7.
Fixes:
https://gitlab.com/kubu93/buildroot/-/jobs/
1564202094
[1] https://gcc.gnu.org/gcc-10/porting_to.html
[2] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=
6ec4476ac82512f09c94aff5972654b70f3772b2
[3]
3cf2782906d5cc05a3966c25518d2ce01f11afc8
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Romain Naour [Sun, 12 Sep 2021 14:11:28 +0000 (16:11 +0200)]
support/testing: test_glxinfo: bump to kernel 4.19.204
The kernel 4.16.7 curently used by the test doesn't build with host
gcc >= 10 due the gcc default -fno-common. See GCC 10 porting guide [1].
/usr/bin/ld: scripts/dtc/dtc-parser.tab.o:(.bss+0x20): multiple definition of `yylloc'; scripts/dtc/dtc-lexer.lex.o:(.bss+0x0): first defined here
Bump to the next LTS release.
[1] https://gcc.gnu.org/gcc-10/porting_to.html
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Romain Naour [Sun, 12 Sep 2021 14:11:27 +0000 (16:11 +0200)]
support/testing: test_f2fs: bump to kernel 4.19.204
The kernel 4.16.7 curently used by the test doesn't build with host
gcc >= 10 due the gcc default -fno-common. See GCC 10 porting guide [1].
/usr/bin/ld: scripts/dtc/dtc-parser.tab.o:(.bss+0x20): multiple definition of `yylloc'; scripts/dtc/dtc-lexer.lex.o:(.bss+0x0): first defined here
Bump to the next LTS release.
[1] https://gcc.gnu.org/gcc-10/porting_to.html
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Romain Naour [Sun, 12 Sep 2021 14:06:44 +0000 (16:06 +0200)]
support/testing: test_systemd: bump to kernel 4.19.204
The kernel 4.11.3 curently used by the test doesn't build with host
gcc >= 10 due the gcc default -fno-common. See GCC 10 porting guide [1].
/usr/bin/ld: scripts/dtc/dtc-parser.tab.o:(.bss+0x20): multiple definition of `yylloc'; scripts/dtc/dtc-lexer.lex.o:(.bss+0x0): first defined here
Bump to the next LTS release.
[1] https://gcc.gnu.org/gcc-10/porting_to.html
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Romain Naour [Sun, 12 Sep 2021 14:06:43 +0000 (16:06 +0200)]
support/testing: test_file_capabilities: bump to kernel 4.19.204
The kernel 4.11.3 curently used by the test doesn't build with host
gcc >= 10 due the gcc default -fno-common. See GCC 10 porting guide [1].
/usr/bin/ld: scripts/dtc/dtc-parser.tab.o:(.bss+0x20): multiple definition of `yylloc'; scripts/dtc/dtc-lexer.lex.o:(.bss+0x0): first defined here
Bump to the next LTS release.
[1] https://gcc.gnu.org/gcc-10/porting_to.html
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fabrice Fontaine [Sun, 12 Sep 2021 10:04:55 +0000 (12:04 +0200)]
package/diffutils: bump to version 3.8
- Update indentation in hash file (two spaces)
- Fix the following build failure with glibc 2.34 thanks to
https://git.savannah.gnu.org/cgit/diffutils.git/commit/?id=
498f88de4de761c1b5741fd8c78d4f5db9f3ce8b
https://git.savannah.gnu.org/cgit/gnulib.git/commit/?id=
f9e2b20a12a230efa30f1d479563ae07d276a94b
In file included from /home/giuliobenetti/autobuild/run/instance-0/output-1/host/arc-buildroot-linux-gnu/sysroot/usr/include/signal.h:328,
from ./signal.h:52,
from c-stack.c:49:
c-stack.c:55:26: error: missing binary operator before token "("
55 | #elif HAVE_LIBSIGSEGV && SIGSTKSZ < 16384
| ^~~~~~~~
https://savannah.gnu.org/forum/forum.php?forum_id=10031
Fixes:
- http://autobuild.buildroot.org/results/
6abde124e3124932d3c14d3b699f0572a2f4632d
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Adrian Perez de Castro [Sun, 12 Sep 2021 09:28:55 +0000 (12:28 +0300)]
package/cog: bump to version 0.10.1
Update to version 0.10.1, which fixes the build when the DRM platform
module is enabled, fixes handling of absolute pointer events, and makes
the headless platform optional.
Although the headless platform is optional, Buildroot keeps it enabled
unconditionally (as previously) because the wpebackend-fdo dependency
is always needed anyway because Buildroot does not include any other
WPE backend.
Release notes:
https://wpewebkit.org/release/cog-0.10.1.html
Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fabrice Fontaine [Fri, 10 Sep 2021 21:40:22 +0000 (23:40 +0200)]
package/liblinear: bump to version 2.43
- Update hash of COPYRIGHT (update in year:
https://github.com/cjlin1/liblinear/commit/
65115f742683b21ed10582c1664829e0146fcaec
https://github.com/cjlin1/liblinear/commit/
acf2f9caf166574a23912fe0e57e16187f74f5a6)
- Refresh second patch
- Update indentation in hash file (two spaces)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Marcin Niestroj [Fri, 10 Sep 2021 18:54:55 +0000 (20:54 +0200)]
package/python-pluggy: bump to version 1.0.0
Signed-off-by: Marcin Niestroj <m.niestroj@grinn-global.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Marcin Niestroj [Fri, 10 Sep 2021 18:54:54 +0000 (20:54 +0200)]
package/python-pytest: bump to version 6.2.5
Signed-off-by: Marcin Niestroj <m.niestroj@grinn-global.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Marcin Niestroj [Fri, 10 Sep 2021 18:52:12 +0000 (20:52 +0200)]
package/python-packaging: bump to version 21.0
Signed-off-by: Marcin Niestroj <m.niestroj@grinn-global.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Marcin Niestroj [Fri, 10 Sep 2021 18:51:30 +0000 (20:51 +0200)]
package/python-bleak: bump to version 0.12.1
Signed-off-by: Marcin Niestroj <m.niestroj@grinn-global.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Marcin Niestroj [Fri, 10 Sep 2021 18:50:38 +0000 (20:50 +0200)]
package/python-typing-extensions: bump to version 3.10.0.2
Signed-off-by: Marcin Niestroj <m.niestroj@grinn-global.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Christian Stewart [Fri, 10 Sep 2021 10:47:58 +0000 (03:47 -0700)]
package/protobuf-c: bump to version 1.4.0
Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Marcus Folkesson [Fri, 10 Sep 2021 08:10:30 +0000 (10:10 +0200)]
package/libostree: bump to version 2021.4
Signed-off-by: Marcus Folkesson <marcus.folkesson@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
James Hilliard [Thu, 9 Sep 2021 22:41:21 +0000 (16:41 -0600)]
package/pipewire: install systemd services when using systemd
Also create a pipewire user, which is used for systemd service. There is
no sysvinit start script at the moment, but if there were, it should
also take care of changing the uid to pipewire before starting the
daemon.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Illia Bitkov [Thu, 9 Sep 2021 15:17:39 +0000 (17:17 +0200)]
package/alsa-lib: smixer-python module supports python3
Add simple mixer python bindings to build when "Python support for
alsa-lib" is active. smixer-python is the only python module which
exists in alsa-lib. It is compatible with Python2 and Python3.
Signed-off-by: Illia Bitkov <illia.bitkov@mind.be>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Francois Perrad [Thu, 9 Sep 2021 08:36:21 +0000 (10:36 +0200)]
package/webp: bump to version 1.2.1
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Illia Bitkov [Wed, 8 Sep 2021 18:08:25 +0000 (20:08 +0200)]
package/mono: fix external libatomic_ops linkage
Added patch fixes linkage of libgc with external libtomic-ops.
Mono uses bundeled bdwgc which doesn't link external libatomic-ops.
Patch is a fix cherry-picked from bdwgc upstream.
Problem found on ARMv5 processors, on newer ARM processors
it uses header based functions and doesn't need built library.
Error:
/home/buildroot/autobuild/instance-3/output-1/host/opt/ext-toolchain/bin/../lib/gcc/arm-buildroot-linux-uclibcgnueabi/9.3.0/../../../../arm-buildroot-linux-uclibcgnueabi/bin/ld: ../../external/bdwgc/.libs/libgc.a(gc.o): in function `GC_steal_mark_stack':
gc.c:(.text+0x2020): undefined reference to `AO_store_full_emulation'
Fixes:
http://autobuild.buildroot.net/results/
ebc54e5dea63aca21a4072d294fdede41de559c7
http://autobuild.buildroot.net/results/
6d10a4bd43fbc9c1d3fa26d5eef394c8023cb85f
Signed-off-by: Illia Bitkov <illia.bitkov@mind.be>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
David GOUARIN [Thu, 9 Sep 2021 08:02:21 +0000 (10:02 +0200)]
package/libtalloc: bump to version 2.3.3
license is now LGPL-3.0+ for both talloc and pytalloc. Therefore, remove
pytalloc.h from the license files.
Signed-off-by: David GOUARIN <david.gouarin@thalesgroup.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fabrice Fontaine [Thu, 9 Sep 2021 05:57:58 +0000 (07:57 +0200)]
package/refpolicy: bump version to 2.
20210908
- Drop upstreamed patches
- Add Upstream status to remaining patch
- Update indentation in hash file (two spaces)
- Fix the following build failure with wireshark raised since commit
975ab2fa88a0c94b362499ea8ad99222f335fb45 thanks to
https://github.com/SELinuxProject/refpolicy/commit/
d5c571c85567fe191fcc64dfb99b36788f806ceb:
Compiling targeted policy.31
env LD_LIBRARY_PATH="/tmp/instance-0/output-1/host/lib:/tmp/instance-0/output-1/host/usr/lib" /tmp/instance-0/output-1/host/usr/bin/checkpolicy -c 31 -U deny -S -O -E policy.conf -o policy.31
policy/modules/apps/wireshark.te:96:ERROR 'unknown type xdg_downloads_t' at token ';' on line 645315:
#line 96
allow wireshark_t xdg_downloads_t:dir { getattr search open };
checkpolicy: error(s) encountered while parsing configuration
make[1]: *** [Rules.monolithic:79: policy.31] Error 1
https://github.com/SELinuxProject/refpolicy/releases/tag/RELEASE_2_20210908
Fixes:
- http://autobuild.buildroot.org/results/
dfbc667e0c17072ddab89a03244f572d5234da50
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fabrice Fontaine [Wed, 8 Sep 2021 20:27:52 +0000 (22:27 +0200)]
package/gupnp: bump to version 1.3.1
https://gitlab.gnome.org/GNOME/gupnp/-/blob/gupnp-1.3.1/NEWS
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fabrice Fontaine [Wed, 8 Sep 2021 20:25:09 +0000 (22:25 +0200)]
package/gssdp: bump to version 1.3.1
Disable gtk_doc (enabled by default since
https://gitlab.gnome.org/GNOME/gssdp/-/commit/
652edd5c0145c0a542017840e3f3bc22b9ade159)
https://gitlab.gnome.org/GNOME/gssdp/-/blob/gssdp-1.3.1/NEWS
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fabrice Fontaine [Wed, 8 Sep 2021 20:11:52 +0000 (22:11 +0200)]
package/i2pd: bump to version 2.39.0
https://github.com/PurpleI2P/i2pd/releases/tag/2.39.0
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fabrice Fontaine [Wed, 8 Sep 2021 20:10:37 +0000 (22:10 +0200)]
package/libupnp: bump to version 1.14.10
https://github.com/pupnp/pupnp/blob/release-1.14.10/ChangeLog
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fabrice Fontaine [Wed, 8 Sep 2021 20:00:58 +0000 (22:00 +0200)]
package/tinycbor: bump to version 0.5.4
- Drop patch (already in version)
- Update indentation in hash file (two spaces)
https://github.com/intel/tinycbor/releases/tag/v0.5.4
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fabrice Fontaine [Wed, 8 Sep 2021 19:51:10 +0000 (21:51 +0200)]
package/civetweb: bump to version 1.15
https://github.com/civetweb/civetweb/releases/tag/v1.15
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fabrice Fontaine [Wed, 8 Sep 2021 19:48:47 +0000 (21:48 +0200)]
package/kismet: bump to version 2021-08-R1
Drop patch (already in version)
https://www.kismetwireless.net/release/kismet-2021-08-R1
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Nicolas Cavallari [Wed, 8 Sep 2021 13:30:10 +0000 (15:30 +0200)]
package/libressl: depend on threads
If the toolchain does not have threads (e.g. br-arm-full-nothread),
compilation fails:
In file included from /home/fail/br-test-pkg/br-arm-full-nothread/build/libressl-3.3.3/crypto/cryptlib.c:117:
/home/fail/br-test-pkg/br-arm-full-nothread/build/libressl-3.3.3/crypto/../include/compat/pthread.h:114:15: fatal error: pthread.h: No such file or directory
114 | #include_next <pthread.h>
| ^~~~~~~~~~~
compilation terminated.
Signed-off-by: Nicolas Cavallari <nicolas.cavallari@green-communications.fr>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Nicolas Cavallari [Wed, 8 Sep 2021 13:30:09 +0000 (15:30 +0200)]
package/libgit2: bump to version 1.2.0
COPYING was updated with a copy of the openssl licence since libgit2 now
include openssl headers so it can dlopen it:
openssl: dynamically load libssl and symbols (optionally)
Provide an interface around OpenSSL to dynamically load the
libraries and symbols, so that users can distribute a libgit2
library that is not linked directly against OpenSSL. This enables
users to target multiple distributions with a single binary.
This mechanism is optional and disabled by default. Configure cmake
with -DUSE_HTTPS=OpenSSL-Dynamic to use it.
We do not use that option so the headers are not even used, plus the
headers are not installed on the target anyway, so this patch includes
no license changes.
Upstream also stopped providing release tarballs, relying on
github-generated tarballs instead.
Signed-off-by: Nicolas Cavallari <nicolas.cavallari@green-communications.fr>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Asaf Kahlon [Wed, 8 Sep 2021 08:21:10 +0000 (11:21 +0300)]
package/uftrace: bump to version 0.10
Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Asaf Kahlon [Wed, 8 Sep 2021 08:21:09 +0000 (11:21 +0300)]
package/{libuv, uvw}: bump to versions 1.42.0, 2.10.0_libuv_v1.42
Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Asaf Kahlon [Wed, 8 Sep 2021 08:19:27 +0000 (11:19 +0300)]
package/python-scapy: bump to version 2.4.5
Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Asaf Kahlon [Wed, 8 Sep 2021 08:19:26 +0000 (11:19 +0300)]
package/python-ipdb: bump to version 0.13.9
Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Asaf Kahlon [Wed, 8 Sep 2021 08:19:25 +0000 (11:19 +0300)]
package/python-bsdiff4: bump to version 1.2.1
Plus, use two spaces for indentation in the hash file.
Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Asaf Kahlon [Wed, 8 Sep 2021 08:19:24 +0000 (11:19 +0300)]
package/python-bitstring: bump to version 3.1.9
License updated with a minor change at the copyright year.
SETUP_TYPE changed to setuptools.
Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Asaf Kahlon [Wed, 8 Sep 2021 08:19:23 +0000 (11:19 +0300)]
package/python-attrs: bump to version 21.2.0
Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Asaf Kahlon [Wed, 8 Sep 2021 08:19:22 +0000 (11:19 +0300)]
package/python{3}-six: bump to version 1.16.0
Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Asaf Kahlon [Wed, 8 Sep 2021 08:19:21 +0000 (11:19 +0300)]
package/python{3}-psutil: bump to version 5.8.0
Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Raphaël Mélotte [Tue, 7 Sep 2021 12:07:48 +0000 (14:07 +0200)]
package/x11r7/xserver_xorg-server: fix building on mips with GCC10
Port the following upstream commit:
https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/591/diffs?commit_id=
0148a15da1616a868d71abe1b56e3f28cc79533c
This fixes the following build error on mips with GCC10:
CCLD libint10.la
buildroot/output/host/lib/gcc/mips64el-buildroot-linux-gnu/10.3.0/../../../../mips64el-buildroot-linux-gnu/bin/ld: .libs/helper_mem.o:(.bss+0x0): multiple definition of `IOPortBase'; .libs/helper_exec.o:(.bss+0x0): first defined here
Signed-off-by: Raphaël Mélotte <raphael.melotte@mind.be>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Chris Packham [Tue, 7 Sep 2021 08:43:45 +0000 (20:43 +1200)]
package/gstreamer1/gst1-shark: Bump version to v0.7.3
Signed-off-by: Chris Packham <judge.packham@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Chris Packham [Tue, 7 Sep 2021 08:43:43 +0000 (20:43 +1200)]
package/syslog-ng: Bump version to 3.33.2
Signed-off-by: Chris Packham <judge.packham@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Giulio Benetti [Mon, 6 Sep 2021 21:27:45 +0000 (23:27 +0200)]
package/libnss: bump to version 3.70
Drop local patch that has been upstream(even if with another authorship).
Release Notes (not yet available, but should eventually land):
https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.70_release_notes
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Leonid Yuriev [Mon, 6 Sep 2021 18:23:42 +0000 (21:23 +0300)]
package/libmdbx: bump version to 0.10.3
Signed-off-by: Leonid Yuriev <leo@yuriev.ru>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fabrice Fontaine [Mon, 6 Sep 2021 16:39:37 +0000 (18:39 +0200)]
package/libgpgme: fix build with glibc >= 2.34
Fix the following build failure with glibc >= 2.34:
posix-io.c: In function '_gpgme_io_spawn':
posix-io.c:577:23: error: void value not ignored as it ought to be
577 | while ((i = closefrom (fd)) && errno == EINTR)
| ^
Fixes:
- http://autobuild.buildroot.org/results/
b11094ddd35263071b7dd453a6590c5b684026ff
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fabrice Fontaine [Sun, 19 Sep 2021 10:08:42 +0000 (12:08 +0200)]
package/cryptopp: bump to version 8.5.0
https://www.cryptopp.com/release850.html
https://www.cryptopp.com/release840.html
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fabrice Fontaine [Sun, 19 Sep 2021 10:00:29 +0000 (12:00 +0200)]
package/tclap: bump to version 1.2.4
Update indentation in hash file (two spaces)
https://sourceforge.net/p/tclap/code/ci/v1.2.4/tree/ChangeLog
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fabrice Fontaine [Sun, 19 Sep 2021 09:53:43 +0000 (11:53 +0200)]
package/cppzmq: bump to version 4.8.1
https://github.com/zeromq/cppzmq/releases/tag/v4.8.1
https://github.com/zeromq/cppzmq/releases/tag/v4.8.0
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fabrice Fontaine [Sun, 19 Sep 2021 09:39:01 +0000 (11:39 +0200)]
package/wayland-protocols: fix build without host-wayland
Don't require wayland-scanner if tests are disabled to avoid the
following build failure raised since bump to version 1.23 in commit
7eedc9cc1e0c3cce1c18cb150157cb2346075b23:
Build-time dependency wayland-scanner found: NO (tried pkgconfig and cmake)
../output-1/build/wayland-protocols-1.23/meson.build:11:0: ERROR: Dependency "wayland-scanner" not found, tried pkgconfig and cmake
Fixes:
- http://autobuild.buildroot.org/results/
2744e50465a9cd9d3726d23298ad6c943ef49a21
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
James Hilliard [Sun, 19 Sep 2021 08:09:02 +0000 (02:09 -0600)]
package/swupdate: add option to enable USB install
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
[yann.morin.1998@free.fr:
- do not default to 'y'
- add comment
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fabrice Fontaine [Sun, 19 Sep 2021 08:52:44 +0000 (10:52 +0200)]
package/python-rsa: add PYTHON_RSA_CPE_ID_VENDOR
cpe:2.3:a:python-rsa_project:python-rsa is a valid CPE identifier for
this package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Apython-rsa_project%3Apython-rsa
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Giulio Benetti [Sun, 19 Sep 2021 00:51:54 +0000 (02:51 +0200)]
package/mesa3d: fix build on m68k
mesa3d uses very big switch statements, which causes the build to fail
on m68k, beause the offsets there are only 16-bit.
We fix that by using -mlong-jump-table-offsets on m68k, to use 32-bit
offsets for switch statements, but this is only available starting with
gcc 7 [0] [1].
Fixes:
http://autobuild.buildroot.net/results/
60c4653c2a93125edbdd0beb43cd47301643464a/
Note: we have two packages that select mesa3d, but:
package/intel-mediadriver/
-> already depends on x86_64, so implies !m68k
package/x11r7/xdriver_xf86-video-imx-viv/
-> imx is an ARM, but xdriver_xf86-video-imx-viv is missing
a depends on BR2_arm (although the comments do have that
dependency). However, it depends on other imx related
packages, and they depend on either arm or aarch64, so
that implies !m68k.
As such, we do not need to propagate that new dependency.
[0] https://gcc.gnu.org/bugzilla/show_bug.cgi?id=57583#c15
[1] https://gcc.gnu.org/bugzilla/show_bug.cgi?id=57583#c16
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
[yann.morin.1998@free.fr:
- add comment
- reword commit log, add BZ references, add non-propagation notes
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
James Hilliard [Sat, 18 Sep 2021 22:46:53 +0000 (16:46 -0600)]
package/gstreamer1/gstd: new package
We need to backport a few upstream still-pending PRs, to fix
cross-compilation, out-of-tree installation, and to relax requirements
on some tools.
The python support PR is backported too, but because python support was
not tested, it is forcibly disabled.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
[yann.morin.1998@free.fr:
- expand commit log with explanations
- backport upstream 253 (python) too
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
James Hilliard [Sat, 11 Sep 2021 16:50:19 +0000 (10:50 -0600)]
package/swupdate: use $(SWUPDATE_PKGDIR) for pkgdir path
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Giulio Benetti [Mon, 6 Sep 2021 21:39:38 +0000 (23:39 +0200)]
package/libfuse3: bump to version 3.10.5
Bump libfuse3 to version 3.10.5 and remove local patch that has been
upstreamed.
Release notes:
Various improvements to make unit tests more robust.
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fabrice Fontaine [Sun, 12 Sep 2021 19:40:57 +0000 (21:40 +0200)]
package/libfuse: fix build with glibc >= 2.34
Fix the following build failure with glibc >= 2.34:
ulockmgr_server.c:127:12: error: conflicting types for 'closefrom'; have 'int(int)'
127 | static int closefrom(int minfd)
| ^~~~~~~~~
In file included from ulockmgr_server.c:14:
/home/buildroot/autobuild/instance-1/output-1/host/arm-buildroot-linux-gnueabihf/sysroot/usr/include/unistd.h:363:13: note: previous declaration of 'closefrom' with type 'void(int)'
363 | extern void closefrom (int __lowfd) __THROW;
| ^~~~~~~~~
Fixes:
- http://autobuild.buildroot.org/results/
3769b18ca804fba3b5974af799972a7d889b39a6
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Martin Elshuber [Mon, 13 Sep 2021 14:26:50 +0000 (16:26 +0200)]
package/strongswan: fix broken dependency relation
The AKA backend for 3GPP2 requires libgmp (see
https://wiki.strongswan.org/projects/strongswan/wiki/Autoconf). Since
the AKA backend for 3GPP2 is included by BR2_PACKAGE_STRONGSWAN_EAP,
when selecting a crypto backend different from
BR2_PACKAGE_STRONGSWAN_GMP, there is no guarantee the gmp package is
selected as well. When doing so, make fails since the package is in the
dependency chain but not selected:
$ make
Makefile:585: *** gmp is in the dependency chain of strongswan that has added it to its _DEPENDENCIES variable without selecting it or depending on it from Config.in. Stop.
make: *** [Makefile:23: _all] Error 2
To fix this, select BR2_PACKAGE_GMP when selecting BR2_PACKAGE_STRONGSWAN_EAP.
Signed-off-by: Martin Elshuber <martin.elshuber@theobroma-systems.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Giulio Benetti [Sun, 12 Sep 2021 23:20:56 +0000 (01:20 +0200)]
DEVELOPERS: add myself to trace-cmd package
Add myself to trace-cmd package.
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Giulio Benetti [Sun, 12 Sep 2021 23:20:55 +0000 (01:20 +0200)]
package/trace-cmd: bump to version 2.9.5
Update to version 2.9.5 and remove local patches that have been upstreamed.
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Giulio Benetti [Sun, 12 Sep 2021 23:08:56 +0000 (01:08 +0200)]
package/trace-cmd: fix build for Sparc64
Trace-cmd needs -fPIC for Sparc64 platform otherwise it fails on linking,
so add -fPIC to CFLAGS when building for such platform.
Fixes;
http://autobuild.buildroot.net/results/c59/
c596f6308b7f4d44d9ba009ed0c395396fc72f47/
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Peter Seiderer [Sat, 18 Sep 2021 20:34:37 +0000 (22:34 +0200)]
package/libxkbcommon: change homepage/download url to https
- change homepage url to https (and remove trailing slash)
- change download url to https
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Michael Nosthoff [Mon, 13 Sep 2021 16:46:03 +0000 (18:46 +0200)]
package/grpc: bump version to 1.40
Signed-off-by: Michael Nosthoff <buildroot@heine.tech>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fabrice Fontaine [Sun, 12 Sep 2021 20:07:06 +0000 (22:07 +0200)]
package/minicom: drop autoreconf
autoreconf (and so AM_ICONV) is not needed since commit
2df32e0d4437b422175089edf1917219656fccef
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Reviewed-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Reviewed-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fabrice Fontaine [Sun, 12 Sep 2021 19:53:33 +0000 (21:53 +0200)]
package/dovecot: drop host-gettext
AM_ICONV is not needed since drop of autoreconf in commit
03fbb81b8bab7bad135b59267533be7688babe39
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fabrice Fontaine [Sun, 12 Sep 2021 16:48:19 +0000 (18:48 +0200)]
package/fio: bump to version 3.28
This will fix the following build failure with kernel >= 5.14 thanks to
https://github.com/axboe/fio/commit/
382975557e632efb506836bc1709789e615c9094:
In file included from crc/../os/os.h:39,
from crc/crc32c-arm64.c:2:
crc/../os/os-linux.h:17:10: fatal error: linux/raw.h: No such file or directory
17 | #include <linux/raw.h>
| ^~~~~~~~~~~~~
Fixes:
- http://autobuild.buildroot.org/results/
d85c044263c76ff7ef0fe47921d893a472954da9
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Peter Korsgaard [Sat, 18 Sep 2021 18:58:14 +0000 (20:58 +0200)]
package/libyang: security bump to version 1.0.240
Fixes the following security issues:
- CVE-2021-28902: In function read_yin_container() in libyang <= v1.0.225,
it doesn't check whether the value of retval->ext[r] is NULL. In some
cases, it can be NULL, which leads to the operation of
retval->ext[r]->flags that results in a crash.
- CVE-2021-28903: A stack overflow in libyang <= v1.0.225 can cause a denial
of service through function lyxml_parse_mem(). lyxml_parse_elem()
function will be called recursively, which will consume stack space and
lead to crash.
- CVE-2021-28904: In function ext_get_plugin() in libyang <= v1.0.225, it
doesn't check whether the value of revision is NULL. If revision is NULL,
the operation of strcmp(revision, ext_plugins[u].revision) will lead to a
crash.
- CVE-2021-28905: In function lys_node_free() in libyang <= v1.0.225, it
asserts that the value of node->module can't be NULL. But in some cases,
node->module can be null, which triggers a reachable assertion (CWE-617).
- CVE-2021-28906: In function read_yin_leaf() in libyang <= v1.0.225, it
doesn't check whether the value of retval->ext[r] is NULL. In some cases,
it can be NULL, which leads to the operation of retval->ext[r]->flags that
results in a crash.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Peter Korsgaard [Sat, 18 Sep 2021 18:01:36 +0000 (20:01 +0200)]
package/fetchmail: security bump to version 6.4.22
Fixes the following security issues:
- CVE-2021-39272: Fetchmail before 6.4.22 fails to enforce STARTTLS session
encryption in some circumstances, such as a certain situation with IMAP
and PREAUTH.
https://www.fetchmail.info/fetchmail-SA-2021-02.txt
Update COPYING hash for a clarification of the license situation with
openssl 3.x (which is Apache 2.0 licensed):
https://gitlab.com/fetchmail/fetchmail/-/commit/
8eed56c21ca5bbdf3c00aaf74d807bcad8713ba9
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Peter Seiderer [Tue, 14 Sep 2021 21:04:23 +0000 (23:04 +0200)]
package/libinput: bump version to 1.19.0
- add new optional wayland, wayland-protocoll and libx11 dependencies
in case the debug gui is enabled (libgtk3 available)
For details see [1], [2].
[1] https://lists.freedesktop.org/archives/wayland-devel/2021-September/041971.html
[2] https://lists.freedesktop.org/archives/wayland-devel/2021-September/041977.html
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Peter Seiderer [Tue, 14 Sep 2021 21:01:54 +0000 (23:01 +0200)]
package/libxkbcommon: bump version to 1.3.1
For details (since 1.1.0) see [1]
[1] https://lists.freedesktop.org/archives/wayland-devel/2021-April/041762.html
[2] https://lists.freedesktop.org/archives/wayland-devel/2021-May/041816.html
[3] https://lists.freedesktop.org/archives/wayland-devel/2021-September/041976.html
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Peter Seiderer [Tue, 14 Sep 2021 21:00:36 +0000 (23:00 +0200)]
package/iwd: bump version to 1.17
- Changelog (since 1.14, from [1]):
ver 1.17:
Fix issue with sending additional and vendor IEs.
Fix issue with IE ordering for 802.11-2020 support.
Fix issue with frequency update on channel switch events.
Fix issue with drivers and handling of IF_OPER_UP setting.
ver 1.16:
Fix issue with writing provisioning files with a passphrase.
Add support for Authenticator & Supplicant RSN Extension elements.
Add support for handling Transition Disable info.
Add support for SAE Hash-to-Element feature.
ver 1.15:
Add support for FT-over-DS procedure with multiple BSS.
Add support for estimation of VHT RX data rate.
Add support for exporting Daemon information.
[1] https://git.kernel.org/pub/scm/network/wireless/iwd.git/tree/ChangeLog
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Peter Seiderer [Tue, 14 Sep 2021 21:00:35 +0000 (23:00 +0200)]
package/openresolv: bump version to 3.12.0
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Peter Seiderer [Tue, 14 Sep 2021 21:00:34 +0000 (23:00 +0200)]
package/ell: bump version to 0.43
- Changelog (since 0.41, from [1]):
ver 0.43:
Add support for DHCP Rapid Commit feature.
Add support for DHCP authoritative mode feature.
ver 0.42:
Add support for constant time security functions.
Add support for manipulating DHCP leases.
[1] https://git.kernel.org/pub/scm/libs/ell/ell.git/tree/ChangeLog
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Petr Vorel [Tue, 14 Sep 2021 17:53:51 +0000 (19:53 +0200)]
package/feh: bump version to 3.7.1
Signed-off-by: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Michael Nosthoff [Tue, 14 Sep 2021 13:50:57 +0000 (15:50 +0200)]
package/botan: fix boost dependency
only build --with-boost when both required modules (filesystem and system) are
also selected.
Fixes:
http://autobuild.buildroot.net/results/
4fbf2a63f9ddfbc540ce7dabd10964b311477c06
Signed-off-by: Michael Nosthoff <buildroot@heine.tech>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fabrice Fontaine [Tue, 14 Sep 2021 21:11:06 +0000 (23:11 +0200)]
package/apitrace: fix build with glibc >= 2.34
Fix the following build failure with glibc >= 2.34:
/tmp/instance-0/output-1/host/lib/gcc/s390x-buildroot-linux-gnu/10.3.0/../../../../s390x-buildroot-linux-gnu/bin/ld: CMakeFiles/egltrace.dir/dlsym.cpp.o: in function `dlsym':
dlsym.cpp:(.text+0x34): undefined reference to `__libc_dlopen_mode'
/tmp/instance-0/output-1/host/lib/gcc/s390x-buildroot-linux-gnu/10.3.0/../../../../s390x-buildroot-linux-gnu/bin/ld: dlsym.cpp:(.text+0x46): undefined reference to `__libc_dlsym'
Fixes:
- http://autobuild.buildroot.org/results/
ac5e5b1e30249ae0fb8b9179338b47c60c026bcc
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fabrice Fontaine [Tue, 14 Sep 2021 21:25:48 +0000 (23:25 +0200)]
package/pv: bump to version 1.6.20
- Drop patch (already in version)
- Update indentation in hash file (two spaces)
https://github.com/a-j-wood/pv/releases/tag/v1.6.19
https://github.com/a-j-wood/pv/releases/tag/v1.6.20
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Peter Korsgaard [Sat, 18 Sep 2021 16:59:46 +0000 (18:59 +0200)]
package/erlang: ignore Windows specific CVE-2021-29221
CVE-2021-29221 is a Windows specific issue:
A local privilege escalation vulnerability was discovered in Erlang/OTP
prior to version 23.2.3. By adding files to an existing installation's
directory, a local attacker could hijack accounts of other users running
Erlang programs or possibly coerce a service running with "erlsrv.exe" to
execute arbitrary code as Local System. This can occur only under specific
conditions on Windows with unsafe filesystem permissions.
So ignore it.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Peter Korsgaard [Sat, 18 Sep 2021 16:42:46 +0000 (18:42 +0200)]
package/botan: add upstream security fix for CVE-2021-40529
Fixes the following security issue:
- CVE-2021-40529: The ElGamal implementation in Botan through 2.18.1, as
used in Thunderbird and other products, allows plaintext recovery because,
during interaction between two cryptographic libraries, a certain
dangerous combination of the prime defined by the receiver's public key,
the generator defined by the receiver's public key, and the sender's
ephemeral exponents can lead to a cross-configuration attack against
OpenPGP
For more details, see the upstream bug and issue writeup:
- https://github.com/randombit/botan/pull/2790
- https://ibm.github.io/system-security-research-updates/2021/07/20/insecurity-elgamal-pt1
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Peter Korsgaard [Sat, 18 Sep 2021 16:11:30 +0000 (18:11 +0200)]
package/nodejs: security bump to version 12.22.6
Fixes the following security issues:
- CVE-2021-37701: Arbitrary File Creation/Overwrite via insufficient symlink
protection due to directory cache poisoning using symbolic links
- CVE-2021-37712: Arbitrary File Creation/Overwrite via insufficient symlink
protection due to directory cache poisoning using symbolic links
- CVE-2021-37713: Arbitrary File Creation/Overwrite on Windows via
insufficient relative path sanitization
- CVE-2021-39134: UNIX Symbolic Link (Symlink) Following in @npmcli/arborist
- CVE-2021-39135: UNIX Symbolic Link (Symlink) Following in @npmcli/arborist
For more details, see the advisory:
https://nodejs.org/en/blog/vulnerability/aug-2021-security-releases2/
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Peter Seiderer [Mon, 13 Sep 2021 21:04:12 +0000 (23:04 +0200)]
package/gst1-interpipe: bump version to 1.1.5
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Peter Seiderer [Mon, 13 Sep 2021 21:04:11 +0000 (23:04 +0200)]
package/gst1-python: bump version to 1.18.5
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Peter Seiderer [Mon, 13 Sep 2021 21:04:10 +0000 (23:04 +0200)]
package/gst-omx: bump version to 1.18.5
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>