buildroot.git
5 years agombedtls: security bump to version 2.7.9
Fabrice Fontaine [Tue, 29 Jan 2019 20:27:35 +0000 (21:27 +0100)]
mbedtls: security bump to version 2.7.9

CVE-2018-19608 is fixed by bumping mbdedtls to a version greater or
equal to 2.7.8, see
https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2018-03

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/syslog-ng: allow building with static libraries
Chris Packham [Mon, 28 Jan 2019 07:29:34 +0000 (20:29 +1300)]
package/syslog-ng: allow building with static libraries

Bring in an upstream patch to fix builds for targets which lack dlfcn.h
and revert "package/syslog-ng: depend on !BR2_STATIC_LIBS".

This reverts commit 44dbd2907c5995b0b0c56cb2274dc60415205dd8. Now that
upstream has different fix for the build issues with a static libc we
can re-enable syslog-ng on these systems.

Signed-off-by: Chris Packham <judge.packham@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agosupport/testing/infra/basetest: support br2-external
Ricardo Martincoski [Mon, 28 Jan 2019 23:22:06 +0000 (18:22 -0500)]
support/testing/infra/basetest: support br2-external

Some upcoming test cases can use one or more br2-external trees as
fixtures that provide packages used only in runtime tests.

Add support for br2-external into the BRTest class. Any test case can
then provide a list of paths for being used as br2-external trees
during the build of the image to test.

Signed-off-by: Ricardo Martincoski <ricardo.martincoski@datacom.ind.br>
Cc: Arnout Vandecappelle <arnout@mind.be>
Signed-off-by: Matt Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Daniel J. Leach <dleach@belcan.com>
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Tested-by: Matthew Weber <matthew.weber@rockwellcollins.com>
[Thomas: use named argument for make_extra_opts.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agosupport/testing/infra/builder: configure and build with make target and environment
Ricardo Martincoski [Mon, 28 Jan 2019 23:22:05 +0000 (18:22 -0500)]
support/testing/infra/builder: configure and build with make target and environment

Make the builder able to call 'VAR1=1 make VAR2=2 target'.

Allow sending extra parameters to be added to the end of make command
line. Uses for these purposes:
 - to configure a br2-external, using the 'BR2_EXTERNAL="dir" variable.
 - to specify a make target, such as 'foo-source.'

Allow adding variables to the environment when calling make.
These added variables allow a user to override default values from BuildRoot,
such as 'BR2_DL_DIR="dl"'.

Signed-off-by: Ricardo Martincoski <ricardo.martincoski@datacom.ind.br>
Cc: Arnout Vandecappelle <arnout@mind.be>
Signed-off-by: Matt Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Daniel J. Leach <dleach@belcan.com>
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/nut: Add support for openssl 1.1.x
Vadim Kochan [Tue, 29 Jan 2019 09:39:13 +0000 (10:39 +0100)]
package/nut: Add support for openssl 1.1.x

Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Patrick Havelange <patrick.havelange@essensium.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/libshout: Add support for openssl 1.1.x
Vadim Kochan [Tue, 29 Jan 2019 09:39:12 +0000 (10:39 +0100)]
package/libshout: Add support for openssl 1.1.x

Add patch from Debian:

https://sources.debian.org/data/main/libs/libshout/2.4.1-2/debian/patches/01-libshout-tls-compile-with-OpenSSL-1.1.0.patch

Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Patrick Havelange <patrick.havelange@essensium.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agoutils/check-package: handle ifdef/ifndef in .mk files
Ricardo Martincoski [Sun, 27 Jan 2019 18:59:42 +0000 (16:59 -0200)]
utils/check-package: handle ifdef/ifndef in .mk files

Currently check-package only knows about ifeq/ifneq.
Add code to handle ifdef/ifndef as well.

Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Reviewed-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agoutils/check-package: allow to disable warning for a line
Ricardo Martincoski [Sun, 27 Jan 2019 18:59:41 +0000 (16:59 -0200)]
utils/check-package: allow to disable warning for a line

Currently any exceptions for a check function need to be coded into the
check-package script itself.

Create a pattern that can be used in a comment to make check-package
ignore one or more warning types in the line immediately below:
 # check-package Indent, VariableWithBraces

Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Reviewed-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/busybox: drop empty configure command
Yann E. MORIN [Tue, 29 Jan 2019 12:36:08 +0000 (13:36 +0100)]
package/busybox: drop empty configure command

Since commit 50dc350c65 (package/busybox: update to 1.29.0), we no
longer define the BUSYBOX_NOCLOBBER_INSTALL macro, so it expands to an
empty string, so we end up with no action in BUSYBOX_CONFIGURE_CMDS.

Drop BUSYBOX_CONFIGURE_CMDS now that it serves no purpose.

Signed-off-by: Yann MORIN <yann.morin@orange.com>
Cc: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Adam Duskett <aduskett@gmail.com>
Cc: Carlos Santos <casantos@datacom.com.br>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agoRevert "ffmpeg: fix static linking build failure when using libavutil"
Arnout Vandecappelle (Essensium/Mind) [Tue, 29 Jan 2019 08:58:53 +0000 (09:58 +0100)]
Revert "ffmpeg: fix static linking build failure when using libavutil"

This reverts commit 483db9908985d023b858c0b59d4016f9abb4b6f9.

It was a test commit that was not supposed to be pushed. The patch
doesn't apply to ffmpeg 3.4.5.

Fixes:
  http://autobuild.buildroot.net/results/f3e/f3eaaff9e55ca7c75fe7094547dc2394b1288849

and many more.

5 years agodocs/manual: update package-make-target.txt with more targets
Thomas Petazzoni [Thu, 27 Dec 2018 16:45:33 +0000 (17:45 +0100)]
docs/manual: update package-make-target.txt with more targets

This commit updates package-make-target.txt with a few additional
useful per-package targets that have been added in recent times.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Tested-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
5 years agoffmpeg: fix static linking build failure when using libavutil
Giulio Benetti [Wed, 17 Oct 2018 12:49:12 +0000 (14:49 +0200)]
ffmpeg: fix static linking build failure when using libavutil

If a package tries to static link with libavutil it fails due to the
lack of libavutil private dependencies in libavutil.pc (-ldrm in this
case).

Add patch to:
- Check if libdrm is present.
- Add it to Libs.private: in libavutil.pc if present.

Fixes:
http://autobuild.buildroot.net/results/766/766de487f394490df8c712652ac364ebb4a3ab14/
http://autobuild.buildroot.net/results/041/041e29dfddb2da3309ac7d34a576c60c5a75fe4d/
http://autobuild.buildroot.net/results/780/78061b61cfe3f42554a475c048d54dacacfe11d5/
http://autobuild.buildroot.net/results/275/275e4e0030d26c029085b408cfb272d5633969c6/
http://autobuild.buildroot.net/results/515/5152dcca58944cf732d09fba6e6c9af8a9243c75/
http://autobuild.buildroot.net/results/395/395be1a9cab824b82ef34c2ebd84d54243029b33/

Signed-off-by: Giulio Benetti <giulio.benetti@micronovasrl.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
5 years agoskeleton-init-common: improve /etc/hosts generation
Carlos Santos [Fri, 19 Oct 2018 13:58:24 +0000 (10:58 -0300)]
skeleton-init-common: improve /etc/hosts generation

If BR2_TARGET_GENERIC_HOSTNAME contains a FQDN, strip the host part and
add it as an alias, e.g.

    127.0.1.1 hostname.example.com hostname

Signed-off-by: Carlos Santos <casantos@datacom.com.br>
Reviewed-by: Matt Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
5 years agojemalloc: allow on MIPS64
Thomas De Schampheleire [Fri, 25 Jan 2019 20:50:52 +0000 (21:50 +0100)]
jemalloc: allow on MIPS64

jemalloc uses architecture #ifdefs to determine LG_QUANTUM and gives an
error when an unsupported architecture is used.
For this reason, Buildroot commit 3baf996c6a2b57ffaaa4627c1e04ff67c30e9754
introduced BR2_PACKAGE_JEMALLOC_ARCH_SUPPORTS.

In the jemalloc sources, 'mips' is checked via '__mips__' which is set both
for 32-bit as 64-bit MIPS (including MIPS64 n32).
However, the Buildroot arch selection only includes 32-bit MIPS via BR2_mips
and BR2_mipsel.

Update the arch selection to support MIPS64.

Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
5 years agotpm2-tools: drop dependency on tpm2-abrmd
Peter Korsgaard [Fri, 25 Jan 2019 15:03:04 +0000 (16:03 +0100)]
tpm2-tools: drop dependency on tpm2-abrmd

tpm2-tools is commonly used with the resource manager, tpm2-abrmd - But it
CAN be used without, E.G. by setting the TPM2TOOLS_TCTI_NAME environment
variable to communicate directly with the kernel driver:

export TPM2TOOLS_TCTI_NAME=device

Either directly with the TPM device (/dev/tpmN) or through the in-kernel
resource manager provided by Linux kernel since 4.12 (/dev/tpmrmN)

For some use cases (E.G. initramfs) it makes sense to use tpm2-tools
without abrmd, so remove the tpm2-abrmd select, and instead a note in the
help text that it may be needed.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agolibxml2: security bump to version 2.9.9
Fabrice Fontaine [Mon, 28 Jan 2019 20:55:38 +0000 (21:55 +0100)]
libxml2: security bump to version 2.9.9

- Fixes CVE-2018-9251 and CVE-2018-14567:
  https://gitlab.gnome.org/GNOME/libxml2/commit/2240fbf5912054af025fb6e01e26375100275e74
- Fixes CVE-2018-14404: https://gitlab.gnome.org/GNOME/libxml2/issues/5
- Remove patch: CVE-2017-8872 was fixed by
  https://gitlab.gnome.org/GNOME/libxml2/issues/26

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agominizip: disable compatibility headers
Fabrice Fontaine [Mon, 28 Jan 2019 20:04:07 +0000 (21:04 +0100)]
minizip: disable compatibility headers

minizip enables zip.h and unzip.h compatibility headers since version
2.7.2 and
https://github.com/nmoinvaz/minizip/commit/1b2b32c8b8c7ea441b14a2fd827d7e2dc886776c

This is an issue as php fails to build if minizip is built after libzip
because minizip installs a zip.h header without zip_stat, ZIP_CREATE,
ZIP_FL_NOCASE, zip_fopen, etc ...

So until the compatibility headers are enhanced/fixed in minizip, disable them

Fixes:
 - http://autobuild.buildroot.org/results/7b41f4e4a521b1e17aa885aac4419b26e0dd8700

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agohaproxy: disable on sh4 with gcc < 7
Fabrice Fontaine [Mon, 28 Jan 2019 19:07:02 +0000 (20:07 +0100)]
haproxy: disable on sh4 with gcc < 7

Build fails on sh4:
src/dns.c:290:1: error: unable to find a register to spill in class 'R0_REGS'
 }

This build failure seems related to a known gcc bug that has been fixed
only in gcc 7:
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=60040

Fixes:
 - http://autobuild.buildroot.org/results/2e181cc874d5389f10ecddb0d11253c3aa5e7fc4

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agolibkcapi: bump to version 1.1.4
Fabrice Fontaine [Mon, 28 Jan 2019 18:57:08 +0000 (19:57 +0100)]
libkcapi: bump to version 1.1.4

Update hash of COPYING (year has been updated):
https://github.com/smuellerDD/libkcapi/commit/3c56934f44a8f5a1257c342942e6e034fc6f20be

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agojansson: bump to version 2.12
Fabrice Fontaine [Mon, 28 Jan 2019 18:55:04 +0000 (19:55 +0100)]
jansson: bump to version 2.12

Update hash of license file (update in year):
https://github.com/akheron/jansson/commit/3e13f514ce5185a057a686221b61d9a9d9e86889

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agoclamav: needs C++
Fabrice Fontaine [Mon, 28 Jan 2019 18:47:06 +0000 (19:47 +0100)]
clamav: needs C++

clamav needs C++ since bump to version 0.101.1 and
https://github.com/Cisco-Talos/clamav-devel/commit/d39cb6581f3c854476044f069d2393fc44702c36

Fixes:
 - http://autobuild.buildroot.org/results/be14aa571309cda32a5963feed9fd7f220e87fe6

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Acked-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agoqemu_riscv64_virt_defconfig: fix linux header selection
Gwenhael Goavec-Merou [Mon, 28 Jan 2019 09:48:17 +0000 (10:48 +0100)]
qemu_riscv64_virt_defconfig: fix linux header selection

When the kernel is built by Buildroot BR2_PACKAGE_HOST_LINUX_HEADERS_CUSTOM_X_YY
must be used and not BR2_KERNEL_HEADERS_X_YY.

Signed-off-by: Gwenhael Goavec-Merou <gwenhael.goavec-merou@trabucayre.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/gnutls: bump to version 3.6.6
Peter Korsgaard [Mon, 28 Jan 2019 16:08:54 +0000 (17:08 +0100)]
package/gnutls: bump to version 3.6.6

Drop now upstreamed 0001-configure.ac-check-if-libatomic-is-needed.patch and
autoreconf.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agognutls: fix build on sparc
Fabrice Fontaine [Thu, 17 Jan 2019 19:02:52 +0000 (20:02 +0100)]
gnutls: fix build on sparc

gnutls source code uses the C++11 <atomic> functionality since
https://github.com/gnutls/gnutls/commit/7978a733460f92b31033affd0e487c86d66c643d,
which internally is implemented using the __atomic_*() gcc built-ins

On certain architectures, the __atomic_*() built-ins are implemented in
the libatomic library that comes with the rest of the gcc runtime. Due
to this, code using <atomic> might need to link against libatomic,
otherwise one hits build issues such as:

../lib/.libs/libgnutls.so: undefined reference to `__atomic_fetch_sub_4'

on an architecture like SPARC.

To solve this, a configure.ac check is added to know if we need to
link against libatomic or not. The library is also added to gnutls.pc.

Fixes:
 - http://autobuild.buildroot.org/results/6c749bd592ceffeacadd2ab570d127936cce64b2
 - http://autobuild.buildroot.org/results/30aa83d3cf3482af8a59250c196c85f4a278d343

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Tested-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agosupport/testing: add atop test
Ricardo Martincoski [Mon, 28 Jan 2019 02:14:06 +0000 (00:14 -0200)]
support/testing: add atop test

Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/atop: bump to version 2.4.0
Ricardo Martincoski [Mon, 28 Jan 2019 02:14:05 +0000 (00:14 -0200)]
package/atop: bump to version 2.4.0

Drop patch 0001 as it was applied upstream [1].
This new version uses PERF_FLAG_FD_CLOEXEC therefore it needs a
toolchain with headers >= 3.14.

[1] https://github.com/Atoptool/atop/commit/414127c03669b4eedc85778a7bff80cf601311d8

Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agozbar: needs kernel headers >= 3.17
Fabrice Fontaine [Sat, 19 Jan 2019 09:37:10 +0000 (10:37 +0100)]
zbar: needs kernel headers >= 3.17

v4l2_query_ext_ctrl has been added in kernel 3.17:
https://github.com/torvalds/linux/commit/5082c2417841e64df975789011e182ce99a9dacd

Fixes:
 - http://autobuild.buildroot.org/results/d7b244cf9488eafb59ba8575f17884f4f8512db1

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agolibva-utils: fix build with gcc 4.8
Fabrice Fontaine [Sat, 19 Jan 2019 11:03:54 +0000 (12:03 +0100)]
libva-utils: fix build with gcc 4.8

Fixes:
 - http://autobuild.buildroot.org/results/64d9b79de5d31eb5a0c219081479bebb1f2527ed

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Acked-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agoqemu/aarch64-virt: Emulate cortex-a53 in qemu to match Buildroot config
Gerome Burlats [Thu, 24 Jan 2019 16:53:09 +0000 (17:53 +0100)]
qemu/aarch64-virt: Emulate cortex-a53 in qemu to match Buildroot config

qemu_aarch64_virt_defconfig (implicitly) specifies cortex-a53, so adjust the
QEMU command line to also emulate a a53 instead of a57.

Also adjust the defconfig to explicitly specify a53 for consistency/clarity.

Signed-off-by: Gerome Burlats <gerome.burlats@smile.fr>
Cc: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/usb_modeswitch: avoid overriding variables
Ricardo Martincoski [Sun, 27 Jan 2019 18:59:40 +0000 (16:59 -0200)]
package/usb_modeswitch: avoid overriding variables

Overriding variables in packages recipes is an error-prone practice.

Current behavior of installing either only as a script or only as a
binary is intended, as describe in the commit log of "d3e4db4e34
usb_modeswitch: bump to version 1.2.6" from 2013.

Rewrite the code to keep the same behavior while replacing variable
override [1] by conditional assignments [2].

[1]
VAR = ...
if ...
VAR = ...

[2]
if ...
VAR = ...
else
VAR = ...

Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/usb_modeswitch: drop unicode space in comment
Ricardo Martincoski [Sun, 27 Jan 2019 18:59:39 +0000 (16:59 -0200)]
package/usb_modeswitch: drop unicode space in comment

Commit "a554109af8 package/usb_modeswitch: disable parallel build" added
a unicode space in a comment. Replace it with a normal ASCII space for
consistency with elsewhere.

Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agoRevert "avrdude: add license information"
Ricardo Martincoski [Sun, 27 Jan 2019 18:59:38 +0000 (16:59 -0200)]
Revert "avrdude: add license information"

This reverts commit d1f545004bf0533064363d87c2d7c71e7acf7435 from 2014
because the added variables already existed. The real problem at the
time was that one of the pre-existent variables had a typo, fixed in a
later commit.

Currently AVRDUDE_LICENSE and AVRDUDE_LICENSE_FILES are declared twice
with the same values for each one. So remove one of them.

Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Cc: Wojciech M. Zabolotny <wzab01@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/sdl_sound: actually use the optional CONF_OPTS
Ricardo Martincoski [Sun, 27 Jan 2019 18:59:37 +0000 (16:59 -0200)]
package/sdl_sound: actually use the optional CONF_OPTS

Since "57ace26b6c package/sdl_sound: add optional support for
libmodplug" from 2016, optional CONF_OPTS are added but they do not
really take effect because there is an unconditional override below the
conditional append.

Currently this does not cause build failures, but it can lead to wrong
detection of dependencies because many explicit --enable/--disable are
not passed to configure.

Fix this by moving the unconditional code to the top.

Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/s6-networking: fix dependency when libressl is enabled
Ricardo Martincoski [Sun, 27 Jan 2019 18:59:36 +0000 (16:59 -0200)]
package/s6-networking: fix dependency when libressl is enabled

Commit "c5b85231fb s6-networking: enable SSL if libressl is selected"
actually dropped the dependency on s6-dns and s6 when libressl is
enabled.
Fix this by using += inside the conditional code.

Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Cc: Eric Le Bihan <eric.le.bihan.dev@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/lighttpd: bump to version 1.4.53
Peter Korsgaard [Sun, 27 Jan 2019 17:54:19 +0000 (18:54 +0100)]
package/lighttpd: bump to version 1.4.53

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/vboot-utils: Add support for openssl 1.1.x
Vadim Kochan [Fri, 25 Jan 2019 16:04:13 +0000 (17:04 +0100)]
package/vboot-utils: Add support for openssl 1.1.x

Backported changes from commit bce7904376beee2912932433a4634c1c25afe2f5,
there was some conflicts in few places which includes openssl_compat.h and
1 place in vb2_rsa_sig_alg function.

Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Patrick Havelange <patrick.havelange@essensium.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/upmpdcli: fix static build issue
Jörg Krause [Thu, 24 Jan 2019 10:07:17 +0000 (11:07 +0100)]
package/upmpdcli: fix static build issue

The spotify plugin requires shared library support and needs <dlfcn.h>.
Explicitly disable the spotify plugin when building upmpdcli in a static
context.

Fixes:
http://autobuild.buildroot.net/results/cb942d3c5f68959d6cbc85535ccff4a275369f91/

Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/libarchive: add four security patches
Thomas De Schampheleire [Fri, 25 Jan 2019 18:50:52 +0000 (19:50 +0100)]
package/libarchive: add four security patches

Add backported patches for the following four security issues in libarchive.
There is no new release yet including these patches.

- CVE-2018-1000877 (https://nvd.nist.gov/vuln/detail/CVE-2018-1000877)

"libarchive version commit 416694915449219d505531b1096384f3237dd6cc onwards
(release v3.1.0 onwards) contains a CWE-415: Double Free vulnerability in
RAR decoder - libarchive/archive_read_support_format_rar.c, parse_codes(),
realloc(rar->lzss.window, new_size) with new_size = 0 that can result in
Crash/DoS. This attack appear to be exploitable via the victim must open a
specially crafted RAR archive."

- CVE-2018-1000878 (https://nvd.nist.gov/vuln/detail/CVE-2018-1000878)

"libarchive version commit 416694915449219d505531b1096384f3237dd6cc onwards
(release v3.1.0 onwards) contains a CWE-416: Use After Free vulnerability in
RAR decoder - libarchive/archive_read_support_format_rar.c that can result
in Crash/DoS - it is unknown if RCE is possible. This attack appear to be
exploitable via the victim must open a specially crafted RAR archive."

- CVE-2018-1000879 (https://nvd.nist.gov/vuln/detail/CVE-2018-1000879)

"libarchive version commit 379867ecb330b3a952fb7bfa7bffb7bbd5547205 onwards
(release v3.3.0 onwards) contains a CWE-476: NULL Pointer Dereference
vulnerability in ACL parser - libarchive/archive_acl.c,
archive_acl_from_text_l() that can result in Crash/DoS. This attack appear
to be exploitable via the victim must open a specially crafted archive
file."

- CVE-2018-1000880 (https://nvd.nist.gov/vuln/detail/CVE-2018-1000880)

"libarchive version commit 9693801580c0cf7c70e862d305270a16b52826a7 onwards
(release v3.2.0 onwards) contains a CWE-20: Improper Input Validation
vulnerability in WARC parser -
libarchive/archive_read_support_format_warc.c, _warc_read() that can result
in DoS - quasi-infinite run time and disk usage from tiny file. This attack
appear to be exploitable via the victim must open a specially crafted WARC
file."

Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopython-pyasn1-modules: bump to version 0.2.4
Asaf Kahlon [Sat, 26 Jan 2019 19:46:06 +0000 (21:46 +0200)]
python-pyasn1-modules: bump to version 0.2.4

Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/rpi-userland: bump version to e5803f2c98
Peter Seiderer [Sun, 27 Jan 2019 17:08:08 +0000 (18:08 +0100)]
package/rpi-userland: bump version to e5803f2c98

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agoconfigs/raspberrypi*: bump kernel version to 83b36f98e1
Peter Seiderer [Sun, 27 Jan 2019 17:08:07 +0000 (18:08 +0100)]
configs/raspberrypi*: bump kernel version to 83b36f98e1

Now based on 4.14.95 (from 4.14.91).

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/freeswitch: bump version to 1.8.5
Bernd Kuhls [Sun, 27 Jan 2019 16:04:56 +0000 (17:04 +0100)]
package/freeswitch: bump version to 1.8.5

Removed patch 0002, not needed anymore after upstream commit
https://freeswitch.org/stash/projects/FS/repos/freeswitch/commits/13f6890f411598bd2c567762d457d1a8163a7a8a

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/libpng: bump version to 1.6.36
Bernd Kuhls [Sun, 27 Jan 2019 16:04:21 +0000 (17:04 +0100)]
package/libpng: bump version to 1.6.36

License[1] was bumped to v2, for details see
http://lists.opensource.org/pipermail/license-review_lists.opensource.org/2018-November/003791.html

[1] http://www.libpng.org/pub/png/src/libpng-LICENSE.txt

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
[Peter: use Libpng-2.0 as license tag]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/pngquant: bump version to 2.12.2
Bernd Kuhls [Sun, 27 Jan 2019 15:29:46 +0000 (16:29 +0100)]
package/pngquant: bump version to 2.12.2

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/znc: bump version to 1.7.2
Bernd Kuhls [Sun, 27 Jan 2019 15:12:48 +0000 (16:12 +0100)]
package/znc: bump version to 1.7.2

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agoprosody: bump to version 0.11.2
Francois Perrad [Sun, 27 Jan 2019 13:24:24 +0000 (14:24 +0100)]
prosody: bump to version 0.11.2

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agoperl-uri: bump to version 1.76
Francois Perrad [Sat, 26 Jan 2019 08:04:41 +0000 (09:04 +0100)]
perl-uri: bump to version 1.76

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agoperl-type-tiny: bump to version 1.004004
Francois Perrad [Sat, 26 Jan 2019 08:04:40 +0000 (09:04 +0100)]
perl-type-tiny: bump to version 1.004004

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agoperl-package-stash: bump to version 0.38
Francois Perrad [Sat, 26 Jan 2019 08:04:39 +0000 (09:04 +0100)]
perl-package-stash: bump to version 0.38

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agoperl-net-dns: bump to version 1.19
Francois Perrad [Sat, 26 Jan 2019 08:04:38 +0000 (09:04 +0100)]
perl-net-dns: bump to version 1.19

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agoperl-mojolicious: bump to version 8.11
Francois Perrad [Sat, 26 Jan 2019 08:04:37 +0000 (09:04 +0100)]
perl-mojolicious: bump to version 8.11

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agoperl-gd: bump to version 2.70
Francois Perrad [Sat, 26 Jan 2019 08:04:36 +0000 (09:04 +0100)]
perl-gd: bump to version 2.70

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agoperl-file-slurp: bump to version 9999.25
Francois Perrad [Sat, 26 Jan 2019 08:04:35 +0000 (09:04 +0100)]
perl-file-slurp: bump to version 9999.25

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agoperl-date-manip: bump to version 6.75
Francois Perrad [Sat, 26 Jan 2019 08:04:34 +0000 (09:04 +0100)]
perl-date-manip: bump to version 6.75

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years ago{linux, linux-headers}: bump 4.{4, 9, 14, 19, 20}.x series
Bernd Kuhls [Sat, 26 Jan 2019 10:18:12 +0000 (11:18 +0100)]
{linux, linux-headers}: bump 4.{4, 9, 14, 19, 20}.x series

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/clamav: add optional dependency to pcre2
Bernd Kuhls [Sat, 26 Jan 2019 10:10:37 +0000 (11:10 +0100)]
package/clamav: add optional dependency to pcre2

Upstream recommends pcre2 over pcre:
https://github.com/Cisco-Talos/clamav-devel/commit/1f71c2b21ccaef412280471444f4d01ec9b8099d

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/clamav: bump version to 0.101.1
Bernd Kuhls [Sat, 26 Jan 2019 10:10:36 +0000 (11:10 +0100)]
package/clamav: bump version to 0.101.1

Removed patch applied upstream.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/samba4: security bump to version 4.9.4
Bernd Kuhls [Sat, 26 Jan 2019 09:48:52 +0000 (10:48 +0100)]
package/samba4: security bump to version 4.9.4

Fixes the following security issues:

- CVE-2018-14629 dns: Fix CNAME loop prevention using counter regression
- CVE-2018-16853: Fix S4U2Self crash with MIT KDC build
- CVE-2018-16853: Do not segfault if client is not set

For more info, see the release notes:
https://www.samba.org/samba/history/samba-4.9.4.html

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
[Peter: mention security impact, add CVE info]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/x11r7/xdriver_xf86-video-neomagic: bump version to 1.3.0
Bernd Kuhls [Sat, 26 Jan 2019 09:35:46 +0000 (10:35 +0100)]
package/x11r7/xdriver_xf86-video-neomagic: bump version to 1.3.0

Added all hashes provided by upstream and license hash.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/x11r7/xdriver_xf86-video-mga: bump version to 2.0.0
Bernd Kuhls [Sat, 26 Jan 2019 08:56:38 +0000 (09:56 +0100)]
package/x11r7/xdriver_xf86-video-mga: bump version to 2.0.0

Added all hashes provided by upstream and license hash.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/x11r7/xdriver_xf86-video-i128: bump version to 1.4.0
Bernd Kuhls [Sat, 26 Jan 2019 08:53:32 +0000 (09:53 +0100)]
package/x11r7/xdriver_xf86-video-i128: bump version to 1.4.0

Removed patch applied upstream, added all hashes provided by upstream
and license hash.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/x11r7/xapp_xcursorgen: bump version to 1.0.7
Bernd Kuhls [Sat, 26 Jan 2019 08:45:35 +0000 (09:45 +0100)]
package/x11r7/xapp_xcursorgen: bump version to 1.0.7

Added all hashes provided by upstream and license hash.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/vlc: bump version to 3.0.6
Bernd Kuhls [Sat, 26 Jan 2019 08:41:27 +0000 (09:41 +0100)]
package/vlc: bump version to 3.0.6

Rebased patch 0006, removed patch 0008 which is included in upstream
release version, renumbered remaining patches.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/libva: bump version to 2.4.0
Bernd Kuhls [Sat, 26 Jan 2019 08:36:00 +0000 (09:36 +0100)]
package/libva: bump version to 2.4.0

Removed patch applied upstream:
https://github.com/intel/libva/commit/62bad1239d8ea1bb269ca69d3469aa267f57cdec

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopython-psycopg2: bump to version 2.7.7
Asaf Kahlon [Sat, 26 Jan 2019 06:33:16 +0000 (08:33 +0200)]
python-psycopg2: bump to version 2.7.7

Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopython-psutil: bump to version 5.5.0
Asaf Kahlon [Sat, 26 Jan 2019 06:33:15 +0000 (08:33 +0200)]
python-psutil: bump to version 5.5.0

Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopython-pip: bump to version 19.0.1
Asaf Kahlon [Sat, 26 Jan 2019 06:33:14 +0000 (08:33 +0200)]
python-pip: bump to version 19.0.1

License change - a year bump.

Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopython-msgpack: bump to version 0.6.1
Asaf Kahlon [Sat, 26 Jan 2019 06:33:13 +0000 (08:33 +0200)]
python-msgpack: bump to version 0.6.1

Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopython-engineio: bump to version 3.3.0
Asaf Kahlon [Sat, 26 Jan 2019 06:33:12 +0000 (08:33 +0200)]
python-engineio: bump to version 3.3.0

Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agolibwebsock: Fix openssl reporting in header
Clayton Shotwell [Fri, 25 Jan 2019 20:35:04 +0000 (14:35 -0600)]
libwebsock: Fix openssl reporting in header

The websock_config.h file currently ends up being installed into the
sysroot with a #include "config.h" line but the config.h file does not
get copied into the sysroot. Refactoring the original patch to have the
configure script properly report whether or not SSL support is enabled
without using the config.h file.

Patch has been submitted upstream but may never be merged since upstream
appears to be dead.
https://github.com/payden/libwebsock/pull/38

Signed-off-by: Clayton Shotwell <clayton.shotwell@rockwellcollins.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
5 years agopackage/x11r7/xdriver_xf86-video-intel: bump version
Bernd Kuhls [Thu, 24 Jan 2019 16:52:43 +0000 (17:52 +0100)]
package/x11r7/xdriver_xf86-video-intel: bump version

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/{mesa3d, mesa3d-headers}: bump version to 18.3.2
Bernd Kuhls [Thu, 24 Jan 2019 16:52:08 +0000 (17:52 +0100)]
package/{mesa3d, mesa3d-headers}: bump version to 18.3.2

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/libdrm: bump version to 2.4.97
Bernd Kuhls [Thu, 24 Jan 2019 16:33:04 +0000 (17:33 +0100)]
package/libdrm: bump version to 2.4.97

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/libqmi: bump to version 1.22.0
Nicolas Serafini [Thu, 24 Jan 2019 10:50:33 +0000 (10:50 +0000)]
package/libqmi: bump to version 1.22.0

Signed-off-by: Nicolas Serafini <nicolas.serafini@sensefly.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/libmbim: bum to version 1.18.0
Nicolas Serafini [Thu, 24 Jan 2019 10:51:54 +0000 (10:51 +0000)]
package/libmbim: bum to version 1.18.0

Signed-off-by: Nicolas Serafini <nicolas.serafini@sensefly.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/mobile-broadband-provider-info: bump to version 20190116
Nicolas Serafini [Thu, 24 Jan 2019 10:52:46 +0000 (10:52 +0000)]
package/mobile-broadband-provider-info: bump to version 20190116

Signed-off-by: Nicolas Serafini <nicolas.serafini@sensefly.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/ofono: bump to version 1.28
Nicolas Serafini [Thu, 24 Jan 2019 10:53:47 +0000 (10:53 +0000)]
package/ofono: bump to version 1.28

Add patch to fix musl TEMP_FAILURE_RETRY error

Signed-off-by: Nicolas Serafini <nicolas.serafini@sensefly.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/tor: bump version to 0.3.5.7
Bernd Kuhls [Thu, 24 Jan 2019 17:55:25 +0000 (18:55 +0100)]
package/tor: bump version to 0.3.5.7

Patch rebased and re-formatted with git.

Release notes:
https://blog.torproject.org/new-releases-tor-0357-03410-and-03311

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agorpi-firmware: bump version to 81cca1a93
Christian Stewart [Thu, 24 Jan 2019 08:22:05 +0000 (00:22 -0800)]
rpi-firmware: bump version to 81cca1a93

Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agogo: security bump to 1.11.5
Christian Stewart [Thu, 24 Jan 2019 08:16:33 +0000 (00:16 -0800)]
go: security bump to 1.11.5

Go 1.11.5 addresses a reported security issue, CVE-2019-6486.

Signed-off-by: Christian Stewart <christian@paral.in>
Acked-by: Anisse Astier <anisse@astier.eu>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agotslib: update to 1.19
Martin Kepplinger [Thu, 24 Jan 2019 08:05:55 +0000 (09:05 +0100)]
tslib: update to 1.19

For the curious, there's the short changelog summary:
https://github.com/kergoth/tslib/releases

Signed-off-by: Martin Kepplinger <martink@posteo.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agolibkcapi: fix build with gcc 8.2.x
Fabrice Fontaine [Wed, 23 Jan 2019 19:38:00 +0000 (20:38 +0100)]
libkcapi: fix build with gcc 8.2.x

Fixes:
 - http://autobuild.buildroot.org/results/8355bc42238e885f7f11ed3d9d37fc55ebdead2b

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/iperf: fixed hash to match v2.0.13 archive
Matt Weber [Wed, 23 Jan 2019 20:18:46 +0000 (14:18 -0600)]
package/iperf: fixed hash to match v2.0.13 archive

The iperf project changed the archive after the release without changing
the filename of the archive.

Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agomusl: fix hash of license file
Fabrice Fontaine [Wed, 23 Jan 2019 19:50:25 +0000 (20:50 +0100)]
musl: fix hash of license file

COPYRIGHT file has been updated between version 1.1.20 and 1.1.21:
https://git.musl-libc.org/cgit/musl/commit/COPYRIGHT?id=c50985d5c8e316c5c464f352e79eeebfed1121a9

Fixes:
 - http://autobuild.buildroot.org/results/8cfa70b906221442c9e6dfd46b64011c987d24bf

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/inadyn: bump version to 2.5
Ryan Coe [Wed, 23 Jan 2019 15:09:11 +0000 (07:09 -0800)]
package/inadyn: bump version to 2.5

Signed-off-by: Ryan Coe <bluemrp9@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/libite: bump version to 2.0.2
Ryan Coe [Wed, 23 Jan 2019 15:09:10 +0000 (07:09 -0800)]
package/libite: bump version to 2.0.2

Signed-off-by: Ryan Coe <bluemrp9@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/subversion: security bump to version 1.9.10
Peter Korsgaard [Wed, 23 Jan 2019 10:40:30 +0000 (11:40 +0100)]
package/subversion: security bump to version 1.9.10

Additional fixes for CVE-2017-9800: Malicious server can execute arbitrary
command on client and a number of crash fixes.

https://svn.apache.org/repos/asf/subversion/tags/1.9.10/CHANGES

Drop upstream SHA1 hash as that is no longer listed.  Also add a hash for
the license file.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years ago{linux, linux-headers}: bump 4.{9, 14, 19, 20}.x series
Peter Korsgaard [Wed, 23 Jan 2019 09:59:27 +0000 (10:59 +0100)]
{linux, linux-headers}: bump 4.{9, 14, 19, 20}.x series

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agodmalloc: fix build with strndup
Fabrice Fontaine [Mon, 21 Jan 2019 19:21:13 +0000 (20:21 +0100)]
dmalloc: fix build with strndup

Fixes:
 - http://autobuild.buildroot.org/results/5cfa01a41951ee3be2e8c1cb10edac3722d72c77

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agodmalloc: fix build with strdup
Fabrice Fontaine [Mon, 21 Jan 2019 19:21:12 +0000 (20:21 +0100)]
dmalloc: fix build with strdup

Fixes:
 - http://autobuild.buildroot.org/results/3f2518f7a9e87034cd501ac3d121ea3a33827e7d

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agosqlcipher: add license
Fabrice Fontaine [Mon, 21 Jan 2019 18:31:17 +0000 (19:31 +0100)]
sqlcipher: add license

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agolibssh: fix some -Werror=strict-overflow build failures
Baruch Siach [Tue, 22 Jan 2019 11:58:05 +0000 (13:58 +0200)]
libssh: fix some -Werror=strict-overflow build failures

Add fixes for some of the build failures caused by strict-overflow
warnings. Patches #1, #2, and #4 are upstream. Patch #3 is pending
upstream.

Fixes:
http://autobuild.buildroot.net/results/923/9239f230629ca4e381af5e8f43989997d9bfde99/
http://autobuild.buildroot.net/results/618/6187b92bcdfd9281683c37906ae74f2e0c5e6d0e/
http://autobuild.buildroot.net/results/9eb/9eb5ed92a923f0c038e3d913289eddc1cda1b62f/

Cc: Scott Fan <fancp2007@gmail.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/upmpdcli: add upstream patch to fix musl build issue
Jörg Krause [Tue, 22 Jan 2019 19:18:27 +0000 (20:18 +0100)]
package/upmpdcli: add upstream patch to fix musl build issue

upmpdcli 1.4.0 uses both the `uint64_t` and `u_int64_t` type. `uintN_t` is
standard C99 type available in `<stdint.h>`, whereas `u_intN_t` is defined in
`<sys/types.h>`.

Because of the missing include of `<sys/types.h>` building upmpdcli breaks now
when building with the musl C library, which is very strict:

```
src/mediaserver/cdplugins/netfetch.h:71:5: error: ‘u_int64_t’ does not name a type
     u_int64_t datacount() {
```

Add a patch from upstream which fixes the issue by replacing `u_int64_t`
with `uint64_t`.

Fixes:
http://autobuild.buildroot.net/results/f3082d2fdda8d73dbd9d3b65a08d844934066ef7

Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/apache: security bump to version 2.4.38
Peter Korsgaard [Tue, 22 Jan 2019 18:15:42 +0000 (19:15 +0100)]
package/apache: security bump to version 2.4.38

Fixes the following security vulnerabilities:

  *) SECURITY: CVE-2018-17199 (cve.mitre.org)
     mod_session: mod_session_cookie does not respect expiry time allowing
     sessions to be reused.  [Hank Ibell]

  *) SECURITY: CVE-2018-17189 (cve.mitre.org)
     mod_http2: fixes a DoS attack vector. By sending slow request bodies
     to resources not consuming them, httpd cleanup code occupies a server
     thread unnecessarily. This was changed to an immediate stream reset
     which discards all stream state and incoming data.  [Stefan Eissing]

  *) SECURITY: CVE-2019-0190 (cve.mitre.org)
     mod_ssl: Fix infinite loop triggered by a client-initiated
     renegotiation in TLSv1.2 (or earlier) with OpenSSL 1.1.1 and
     later.  PR 63052.  [Joe Orton]

For more details, see the CHANGES file:
https://www.apache.org/dist/httpd/CHANGES_2.4.38

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/xerces: use new website (was redirecting)
Matt Weber [Tue, 22 Jan 2019 13:58:46 +0000 (07:58 -0600)]
package/xerces: use new website (was redirecting)

Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/rp-pppoe: update website url
Matt Weber [Tue, 22 Jan 2019 13:55:00 +0000 (07:55 -0600)]
package/rp-pppoe: update website url

The website for rp-pppoe moved from Roaring Penguin's main site to
a personal project page.

Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/openresolv: update webpage URL
Matt Weber [Tue, 22 Jan 2019 13:48:43 +0000 (07:48 -0600)]
package/openresolv: update webpage URL

Update URL to point at the project page vs just the GIT repository
containing the source code.

Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/lsof: bump to version 4.91
Baruch Siach [Tue, 22 Jan 2019 19:12:20 +0000 (21:12 +0200)]
package/lsof: bump to version 4.91

Add upstream provided md5 hash.

Add license file hash.

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/iperf: bump to 2.0.13
Matt Weber [Tue, 22 Jan 2019 18:34:30 +0000 (12:34 -0600)]
package/iperf: bump to 2.0.13

Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/ipset: bump to version 7.1
Baruch Siach [Tue, 22 Jan 2019 17:47:33 +0000 (19:47 +0200)]
package/ipset: bump to version 7.1

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>