buildroot.git
3 years agopackage/snort3: new package
Fabrice Fontaine [Sun, 25 Apr 2021 17:22:23 +0000 (19:22 +0200)]
package/snort3: new package

Snort 3 is the next generation Snort IPS (Intrusion
Prevention System).

 - Support multiple packet processing threads
 - Shared configuration and attribute table
 - Use a simple, scriptable configuration
 - Make key components pluggable
 - Autodetect services for portless configuration
 - Support sticky buffers in rules
 - Autogenerate reference documentation
 - Provide better cross platform support

https://www.snort.org/snort3

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Reviewed-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agopackage/daq3: new package
Fabrice Fontaine [Sun, 25 Apr 2021 17:22:22 +0000 (19:22 +0200)]
package/daq3: new package

Add daq3 package to be able to add the snort3 package.

daq3 is not compatatible with snort as daq_load_modules has been removed

daq3 package has been created from the daq package, here is a summary of
the changes:
- Drop patch (not needed anymore)
- Enable parallel build as there is no more tokdefs.h
- Drop libdnet dependency
- Drop host-bison and host-flex dependencies
- Drop libpcap workarounds
- ipq module dropped since version 3.0.0-alpha1 and
  https://github.com/snort3/libdaq/commit/80c62799a936118c80894bf91f396c8aa8ba45a6
- Add LICENSE file (same content than COPYING)
- Update hash of COPYING (project name and GPLv2 text updated with
  https://github.com/snort3/libdaq/commit/46e8722da230082a5728175270ea3c04432d1af0)
- Add a dependency on gcc 4.9 for {t,u}h_{d,s}port that are protected on
  glibc by _FAVOR_BSD (and so !defined _GNU_SOURCE) until version 2.19:
  https://sourceware.org/git/?p=glibc.git;a=commit;h=7011c2622fe3e10a29dbe74f06aaebd07710127d

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agopackage/lua-zlib: new package
Francois Perrad [Sun, 13 Jun 2021 15:42:39 +0000 (17:42 +0200)]
package/lua-zlib: new package

This module is only partially compatible with lzlib (which is no longer
maintained).

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
[yann.morin.1998@free.fr: amend commit log about limited compatibility]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/python-dataproperty: bump to version 0.50.1
Fabrice Fontaine [Sun, 25 Apr 2021 09:29:31 +0000 (11:29 +0200)]
package/python-dataproperty: bump to version 0.50.1

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agopackage/python-dataproperty: drop python-six dependency
Fabrice Fontaine [Sun, 25 Apr 2021 09:29:30 +0000 (11:29 +0200)]
package/python-dataproperty: drop python-six dependency

python-six is not a dependency since drop of python 2 in version 0.47.0:
https://github.com/thombashi/DataProperty/commit/d3fdde41af0151e2f04a3a79bea1fb33a28a98f7

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agopackage/bluez5_utils: Clean up descriptions
Michael Nosthoff [Wed, 21 Apr 2021 13:17:23 +0000 (15:17 +0200)]
package/bluez5_utils: Clean up descriptions

The descriptions in this package have grown pretty confusing over time.
Try to make this a bit more consistent and up-to-date.

* drop references to old kernel versions not supported by BR anymore
* Remove "Bluez 5.x" string from options
* consistently use the term "plugin" (plugins implement profiles)
* make mentioned profile appreviations upper-case
* make descriptions closer to the ones in BlueZ Readme [0]
* make clear that "tests" refers to the python test scripts

[0] https://git.kernel.org/pub/scm/bluetooth/bluez.git/tree/README?h=5.58

Signed-off-by: Michael Nosthoff <buildroot@heine.tech>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
[Arnout:
 - remove more 5.x references;
 - Use official spelling BlueZ in main help text]

3 years agopackage/zstd: Simplify host-build
Norbert Lange [Tue, 25 May 2021 17:26:48 +0000 (19:26 +0200)]
package/zstd: Simplify host-build

1.5.0 uses Threads by default for cli tool and DSO,
should not be necessary to do anything special.

Signed-off-by: Norbert Lange <nolange79@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agopackage/zstd: bump to version 1.5.0
Norbert Lange [Tue, 25 May 2021 17:26:47 +0000 (19:26 +0200)]
package/zstd: bump to version 1.5.0

Signed-off-by: Norbert Lange <nolange79@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agopackage/libiec61850: bump to version 1.5.0
Romain Naour [Tue, 25 May 2021 12:03:41 +0000 (14:03 +0200)]
package/libiec61850: bump to version 1.5.0

Remove all upstream patches
Remove IGNORE_CVES for CVE-2020-15158

Build tested:
https://gitlab.com/kubu93/buildroot/-/pipelines/309037705

Signed-off-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agopackage/intel-microcode: security bump to version 20210608
Peter Korsgaard [Sun, 13 Jun 2021 21:10:11 +0000 (23:10 +0200)]
package/intel-microcode: security bump to version 20210608

Fixes the following security issues:

- CVE-2020-24489: A potential security vulnerability in some Intel®
  Virtualization Technology for Directed I/0 (VT-d) products may allow
  escalation of privilege.  Intel is releasing firmware updates to mitigate
  this potential vulnerability.
  https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00442.html

- CVE-2020-24511: Potential security vulnerabilities in some Intel®
  Processors may allow information disclosure.  Intel is releasing firmware
  updates to mitigate these potential vulnerabilities.
  https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00464.html

- CVE-2020-24513: A potential security vulnerability in some Intel Atom®
  Processors may allow information disclosure.  Intel is releasing firmware
  updates to mitigate this potential vulnerability.
  https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00465.html

For more details, see the release notes:
https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20210608

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agoDEVELOPERS: add myself for cegui
Bartosz Bilas [Sat, 12 Jun 2021 09:00:06 +0000 (11:00 +0200)]
DEVELOPERS: add myself for cegui

Signed-off-by: Bartosz Bilas <b.bilas@grinn-global.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/cegui: bump to current master
Bartosz Bilas [Sat, 12 Jun 2021 08:57:40 +0000 (10:57 +0200)]
package/cegui: bump to current master

v0-8-7 is pretty old (2016) and raises a lot of build failures
so switch to the current master version while at it disable
support for irrlicht and fribidi that are broken on master.
Moreover disable samples and application templates that
are not required.

Fixes:
- http://autobuild.buildroot.net/results/5b9/5b9ff0e8f16a2fd732ae25d5383656f7ae205748/
- http://autobuild.buildroot.net/results/333/33397224f8a8067d8ecbd6661b84ca155a0525c0/

and more...

Signed-off-by: Bartosz Bilas <b.bilas@grinn-global.com>
[yann.morin.1998@free.fr: fix check-package]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/fb-test-app: Add myself to DEVELOPERS
Andy Shevchenko [Mon, 14 Jun 2021 11:14:44 +0000 (14:14 +0300)]
package/fb-test-app: Add myself to DEVELOPERS

Add myself to DEVELOPERS as maintainer of fb-test-app.

Suggested-by: Arnout Vandecappelle <arnout@mind.be>
Signed-off-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/rpcbind fix version number
Andreas Ziegler [Tue, 8 Jun 2021 08:53:32 +0000 (10:53 +0200)]
package/rpcbind fix version number

Commit d13b292cec8166c4712cf4a0defbeee827ffaf78 introduced a patch for rpcbind but also changed the version number to a non-existing value.

Change rpcbind to last released version and adapt hash value.

Signed-off-by: Andreas Ziegler <br015@umbiko.net>
Reviewed-by: Petr Vorel <petr.vorel@gmail.com>
[yann.morin.1998@free.fr: fix version in patch too, noticed by Baruch]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/perl-type-tiny: bump to version 1.012003
Francois Perrad [Mon, 7 Jun 2021 17:56:04 +0000 (19:56 +0200)]
package/perl-type-tiny: bump to version 1.012003

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/perl-net-dns: bump to version 1.31
Francois Perrad [Mon, 7 Jun 2021 17:56:03 +0000 (19:56 +0200)]
package/perl-net-dns: bump to version 1.31

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/perl-libwww-perl: bump to version 6.54
Francois Perrad [Mon, 7 Jun 2021 17:56:02 +0000 (19:56 +0200)]
package/perl-libwww-perl: bump to version 6.54

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/perl-io-socket-ssl: bump to version 2.071
Francois Perrad [Mon, 7 Jun 2021 17:56:01 +0000 (19:56 +0200)]
package/perl-io-socket-ssl: bump to version 2.071

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/perl-http-message: bump to version 6.32
Francois Perrad [Mon, 7 Jun 2021 17:56:00 +0000 (19:56 +0200)]
package/perl-http-message: bump to version 6.32

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/perl-convert-asn1: bump to version 0.31
Francois Perrad [Mon, 7 Jun 2021 17:55:59 +0000 (19:55 +0200)]
package/perl-convert-asn1: bump to version 0.31

diff LICENSE:
- This software is copyright (c) 2014 by Graham Barr.
+ This software is copyright (c) 2021 by Graham Barr.

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/botan: requires RC4 and RMD160 support in openssl
Fabrice Fontaine [Sun, 13 Jun 2021 15:23:38 +0000 (17:23 +0200)]
package/botan: requires RC4 and RMD160 support in openssl

Enable RC4 and RMD160 in openssl to fix build failure raised since
commit a83d41867c8d69a77d5cd0a665aa216af5340359

Fixes:
 - http://autobuild.buildroot.org/results/795671a39b754747725b09cf0e196defd6b0e59a

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/php: requires MD4, RC4 and RMD160 support in openssl
Fabrice Fontaine [Sun, 13 Jun 2021 14:52:52 +0000 (16:52 +0200)]
package/php: requires MD4, RC4 and RMD160 support in openssl

Enable MD4, RC4 and RMD160 in openssl to fix build failure raised since
commit a83d41867c8d69a77d5cd0a665aa216af5340359

Fixes:
 - http://autobuild.buildroot.org/results/bd884a34e8de8990fc85bf51389ec4d8d3424482
 - http://autobuild.buildroot.org/results/faaa667b72ca7b8621d6b13b1912cd5413767222

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/luvi: requires DES support in openssl
Fabrice Fontaine [Sun, 13 Jun 2021 14:14:21 +0000 (16:14 +0200)]
package/luvi: requires DES support in openssl

Enable DES in openssl to fix build failure raised since commit
a83d41867c8d69a77d5cd0a665aa216af5340359

Fixes:
 - http://autobuild.buildroot.org/results/d8452e2de1bd866953d3bb0cb951e9f877f9a6e0

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/tpm-tools: requires DES support in openssl
Fabrice Fontaine [Sun, 13 Jun 2021 10:47:06 +0000 (12:47 +0200)]
package/tpm-tools: requires DES support in openssl

Enable DES in openssl to fix build failure raised since commit
a83d41867c8d69a77d5cd0a665aa216af5340359

Fixes:
 - http://autobuild.buildroot.org/results/c104263d0fb6f758ac1e654b114f68b4fbfcf6bd

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/libvncserver: requires DES support in openssl
Fabrice Fontaine [Sun, 13 Jun 2021 09:46:25 +0000 (11:46 +0200)]
package/libvncserver: requires DES support in openssl

Enable DES in openssl to fix build failure raised since commit
a83d41867c8d69a77d5cd0a665aa216af5340359

Fixes:
 - http://autobuild.buildroot.org/results/3dd9a97e7faa99bab12d7acb069e8414e17f67e9

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/proftpd: requires RMD160 support in openssl
Fabrice Fontaine [Sun, 13 Jun 2021 09:39:44 +0000 (11:39 +0200)]
package/proftpd: requires RMD160 support in openssl

Enable RMD160 in openssl to fix build failure raised since commit
a83d41867c8d69a77d5cd0a665aa216af5340359

Fixes:
 - http://autobuild.buildroot.org/results/4c3e7a77d8d6c326135fe467bfcae627df4a9b9b

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/bitcoin: unset the NDEBUG flag
Dick Olsson [Sun, 13 Jun 2021 18:45:09 +0000 (18:45 +0000)]
package/bitcoin: unset the NDEBUG flag

Since https://git.buildroot.net/buildroot/commit/?id=5a8c50fe05afacc3cbe8e7347e238da9f242fab0
all packages are now built with NDEBUG, which broke Bitcoin builds.

Bitcoin is using assert(...) extensively with the assumption of it
never being a noop at runtime. So we cannot build with NDEBUG.
See: https://github.com/bitcoin/bitcoin/blob/0.21/src/compat/assumptions.h

Fixes:
    http://autobuild.buildroot.org/results/83b/83b6dc0b97b19888fb1187bbbca485961e58ce90/
    and so many more...

Signed-off-by: Dick Olsson <hi@senzilla.io>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/fb-test-app: bump version to 1.3.1 and update project URL
Andy Shevchenko [Mon, 24 May 2021 19:32:33 +0000 (22:32 +0300)]
package/fb-test-app: bump version to 1.3.1 and update project URL

- bump version to 1.1.1
- update project URL

Signed-off-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agopackage/pango: bump to version 1.48.4
Francois Perrad [Mon, 24 May 2021 14:46:01 +0000 (16:46 +0200)]
package/pango: bump to version 1.48.4

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agopackage/librsvg: bump to version 2.50.5
Francois Perrad [Mon, 24 May 2021 14:45:51 +0000 (16:45 +0200)]
package/librsvg: bump to version 2.50.5

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agopackage/harfbuzz: bump to version 2.8.1
Francois Perrad [Mon, 24 May 2021 14:45:25 +0000 (16:45 +0200)]
package/harfbuzz: bump to version 2.8.1

remove unknown option fontconfig

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agopackage/gdk-pixbuf: bump to version 2.42.4
Francois Perrad [Mon, 24 May 2021 14:45:08 +0000 (16:45 +0200)]
package/gdk-pixbuf: bump to version 2.42.4

remove merged patches

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agopackage/ltp-testsuite: bump version to 20210524
Petr Vorel [Mon, 24 May 2021 18:05:52 +0000 (20:05 +0200)]
package/ltp-testsuite: bump version to 20210524

Add locally computed sha256 (+ keep sha1 from github checksum file).

sysinfo.h fix patch is still needed (until Buildroot MUSL toolchain gets
updated).

Signed-off-by: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agopackage/libkrb5: add openssl optional dependency
Fabrice Fontaine [Sun, 13 Jun 2021 09:10:43 +0000 (11:10 +0200)]
package/libkrb5: add openssl optional dependency

openssl is an optional dependency which is enabled by default since at
least 2007 and
https://github.com/krb5/krb5/commit/4c17f25c0f106ec8e3aad2cee4e7a24f66b5a65d

Enable DES, MD4 and RC4 in openssl to fix build failure raised since
commit a83d41867c8d69a77d5cd0a665aa216af5340359

Fixes:
 - http://autobuild.buildroot.org/results/d73b477bd2064aee076f9debfd8d3346c63ba657

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[yann.morin.1998@free.fr: squash the two commits together]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agomtd-utils-2.1.2: ubihealthd depends on ubifs support
Markus Mayer [Wed, 9 Jun 2021 23:48:19 +0000 (16:48 -0700)]
mtd-utils-2.1.2: ubihealthd depends on ubifs support

ubihealthd is only being built, if mtd-utils are being built
--with-ubifs. Reflect that dependency within buildroot.

Signed-off-by: Markus Mayer <mmayer@broadcom.com>
Tested-by: Heiko Thiery <heiko.thiery@gmail.com>
[yann.morin.1998@free.fr: fix check-package]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/gdb: improve gdb version choice comment
Romain Naour [Sun, 6 Jun 2021 15:03:51 +0000 (17:03 +0200)]
package/gdb: improve gdb version choice comment

The comment has been introduced by commit [1] where the latest
gdb version has been used when cross-gdb is not enabled.

But since then the gdb package doesn't use the latest gdb version when
cross-gdb is not enabled. It's the "stable" version.

[1] https://git.buildroot.net/buildroot/commit/?id=fda818390b5e6a585608f4523356eafa0c587f53

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agopackage/gdb: enable nios2
Romain Naour [Sun, 6 Jun 2021 13:13:31 +0000 (15:13 +0200)]
package/gdb: enable nios2

It turn out that gdb/gdbserver support for nios2 is available since 7.7 release, since commit [1] [2].

[1] https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff;h=a1217d97c4b0449d052fad3d2df2ab58b48f918c
[2] https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff;h=68f5f83833e21b8c8466fe852b403b81db227ce4

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agopackage/gnutls: disable tests
Baruch Siach [Thu, 3 Jun 2021 16:10:42 +0000 (19:10 +0300)]
package/gnutls: disable tests

Tests can't build with NDEBUG is defined. Since commit 5a8c50fe05afa
("core: enable 'NDEBUG' unless BR2_ENABLE_RUNTIME_DEBUG is set") NDEBUG
is defined on !BR2_ENABLE_RUNTIME_DEBUG. Just disable tests.

Fixes:
http://autobuild.buildroot.net/results/9ec31793484a69c14a66b7338d795089c07b9937/
http://autobuild.buildroot.net/results/6ef8f1534237f2df4cff0a0bc0364fe9a46a5343/
http://autobuild.buildroot.net/results/05ff156687138627f244ca3f6cb58f1ce7d127c4/

Cc: Matt Weber <matthew.weber@collins.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agopackage/daemon: fix build without BR2_ENABLE_RUNTIME_DEBUG
Baruch Siach [Thu, 3 Jun 2021 12:22:33 +0000 (15:22 +0300)]
package/daemon: fix build without BR2_ENABLE_RUNTIME_DEBUG

Since commit 5a8c50fe05afa ("core: enable 'NDEBUG' unless
BR2_ENABLE_RUNTIME_DEBUG is set"), NDEBUG is defined in compile flags
when BR2_ENABLE_RUNTIME_DEBUG is not enabled. Add a patch to make the
daemon package build with NDEBUG as it should.

Fixes:
http://autobuild.buildroot.net/results/995ef1b5d9fce05881b2a41025916fa45b68a9bc/
http://autobuild.buildroot.net/results/98cd9fb348d6cfe676667205b1f79ec2cd1490de/
http://autobuild.buildroot.net/results/a7c51e6f59656d8c1e1c82a7129a670a68eb8a62/

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agoDEVELOPERS: add Giulio Benetti to udisks package
Giulio Benetti [Wed, 2 Jun 2021 21:48:20 +0000 (23:48 +0200)]
DEVELOPERS: add Giulio Benetti to udisks package

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agopackage/boost: upstream patch to re-enable logs with riscv32
Fabrice Fontaine [Sat, 29 May 2021 17:16:48 +0000 (19:16 +0200)]
package/boost: upstream patch to re-enable logs with riscv32

Commit d72350e62a0833e4d1527f4040da2063972bf9b3 disabled boost::logs on
riscv32 due to the use of SYS_futex, which doesn't exist on riscv32.

Revert "package/boost: disable logs with riscv32" and add an upstream
patch that uses SYS_futex_time64 instead.

This reverts commit d72350e62a0833e4d1527f4040da2063972bf9b3.

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
3 years agodocs/website: update for 2021.02.3
Peter Korsgaard [Sun, 13 Jun 2021 08:45:49 +0000 (10:45 +0200)]
docs/website: update for 2021.02.3

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
3 years agoUpdate for 2021.02.3
Peter Korsgaard [Sat, 12 Jun 2021 14:58:31 +0000 (16:58 +0200)]
Update for 2021.02.3

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 5293208a57ce78f9fc958704d7df52f28532cde6)
[Peter: drop Makefile change]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
3 years agopackage/pppd: requires DES support in openssl
Fabrice Fontaine [Sat, 12 Jun 2021 21:47:20 +0000 (23:47 +0200)]
package/pppd: requires DES support in openssl

Enable DES in openssl to fix build failure raised since commit
a83d41867c8d69a77d5cd0a665aa216af5340359

Fixes:
 - http://autobuild.buildroot.org/results/3cd38e6dfd5f94f0bd1689e7db4ea1d723dd2a80

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[yann.morin.1998@free.fr: only select it for glibc toolchains]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/snmppp: requires DES support in openssl
Fabrice Fontaine [Sat, 12 Jun 2021 21:52:16 +0000 (23:52 +0200)]
package/snmppp: requires DES support in openssl

Enable DES in openssl to fix build failure raised since commit
a83d41867c8d69a77d5cd0a665aa216af5340359

Fixes:
 - http://autobuild.buildroot.org/results/2aece7e503d36ebee2bce526f11b2400b9df761e

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/neon: requires DES and MD4 support in openssl
Fabrice Fontaine [Sat, 12 Jun 2021 21:42:31 +0000 (23:42 +0200)]
package/neon: requires DES and MD4 support in openssl

Enable DES and MD4 in openssl to fix build failure raised since commit
a83d41867c8d69a77d5cd0a665aa216af5340359

Fixes:
 - http://autobuild.buildroot.org/results/9145df89497df52c7124b82525b76d365aa92fc9

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/znc: requires blowfish support in openssl
Fabrice Fontaine [Sat, 12 Jun 2021 21:36:24 +0000 (23:36 +0200)]
package/znc: requires blowfish support in openssl

Enable blowfish in openssl to fix build failure raised since commit
a83d41867c8d69a77d5cd0a665aa216af5340359

Fixes:
 - http://autobuild.buildroot.org/results/600f2b09da919d511df87d3f19fea71149c1260c

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/heirloom-mailx: add CPE variables
Fabrice Fontaine [Sat, 12 Jun 2021 21:28:34 +0000 (23:28 +0200)]
package/heirloom-mailx: add CPE variables

cpe:2.3:a:heirloom:mailx is a valid CPE identifier for this package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Aheirloom%3Amailx

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/libfreefare: requires DES support in openssl
Fabrice Fontaine [Sat, 12 Jun 2021 21:22:09 +0000 (23:22 +0200)]
package/libfreefare: requires DES support in openssl

Enable DES in openssl to fix build failure raised since commit
a83d41867c8d69a77d5cd0a665aa216af5340359

Fixes:
 - http://autobuild.buildroot.org/results/889ac8e5799e5b48c5964592acefb67feec1c021

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/heirloom-mailx: requires DES and RC2 support in openssl
Fabrice Fontaine [Sat, 12 Jun 2021 21:04:00 +0000 (23:04 +0200)]
package/heirloom-mailx: requires DES and RC2 support in openssl

Enable DES and RC2 in openssl to fix build failure raised since commit
a83d41867c8d69a77d5cd0a665aa216af5340359

Fixes:
 - http://autobuild.buildroot.org/results/2da419416da0cc34b65c89aa966b327640a177e2

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/perl-crypt-openssl-rsa: requires RMD160 support in openssl
Fabrice Fontaine [Sat, 12 Jun 2021 20:58:35 +0000 (22:58 +0200)]
package/perl-crypt-openssl-rsa: requires RMD160 support in openssl

Enable RMD160 in openssl to fix build failure raised since commit
a83d41867c8d69a77d5cd0a665aa216af5340359

Fixes:
 - http://autobuild.buildroot.org/results/e61d2f06812ce171e20bac96b3573d57927030d0

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/perl-crypt-openssl-rsa: add missing dependency to openssl
Yann E. MORIN [Sat, 12 Jun 2021 21:32:03 +0000 (23:32 +0200)]
package/perl-crypt-openssl-rsa: add missing dependency to openssl

perl-crypt-openssl-rsa inherits the dependency on openssl indirectly
from perl-crypt-openssl-random. Hwvere, perl-crypt-openssl-rsa needs
the openssl libraries for itself, so it must explicitly depend on it.

So far, this was totally unconsequential, but since commit a83d41867c8d
(package/libopenssl: add option to enable some features), features can
be configured out, of which RMD160 that perl-crypt-openssl-rsa needs.
If we were to add the select to that option (in a followup commit),
without a dependency to openssl, that would be very confusing in the
future.

So, add the explicit dependency now.

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/python-pymupdf: fix tarball name for sha256
Fabrice Fontaine [Sat, 12 Jun 2021 15:19:08 +0000 (17:19 +0200)]
package/python-pymupdf: fix tarball name for sha256

Fix tarball name for sha256 which is wrong since the addition of the
package in commit 71f7fc8a27af383d3307945bf6e880491cb74bd4

While at it, also update indentation to 2 spaces

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/mupdf: add MUPDF_CPE_ID_VENDOR
Fabrice Fontaine [Sat, 12 Jun 2021 15:20:03 +0000 (17:20 +0200)]
package/mupdf: add MUPDF_CPE_ID_VENDOR

cpe:2.3:a:artifex:mupdf is a valid CPE identifier for this package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Aartifex%3Amupdf

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agoboot/edk2: add EDK2_CPE_ID_VENDOR
Fabrice Fontaine [Sat, 12 Jun 2021 14:38:35 +0000 (16:38 +0200)]
boot/edk2: add EDK2_CPE_ID_VENDOR

cpe:2.3:a:tianocore:edk2 is a valid CPE identifier for this package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Atianocore%3Aedk2

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/perl-net-ssleay: requires RMD160 support in openssl
Fabrice Fontaine [Sat, 12 Jun 2021 13:52:33 +0000 (15:52 +0200)]
package/perl-net-ssleay: requires RMD160 support in openssl

Enable RMD160 in openssl to fix build failure raised since commit
a83d41867c8d69a77d5cd0a665aa216af5340359

Fixes:
 - http://autobuild.buildroot.org/results/c17e37e50d2f6c7a26a9d993ae822e312f7b1f21

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/softether: requires DES, MD4 and RC4 support in openssl
Fabrice Fontaine [Sat, 12 Jun 2021 13:32:22 +0000 (15:32 +0200)]
package/softether: requires DES, MD4 and RC4 support in openssl

Enable DES, MD4 and RC4 in openssl to fix build failure raised since
commit a83d41867c8d69a77d5cd0a665aa216af5340359

Fixes:
 - http://autobuild.buildroot.org/results/ce601fb26d143e03adb39c41f2fdfca3b3191127

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[yann.morin.1998@free.fr:
  - drop conditionals on selects: libopenssl is forced
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agodocs/website: change wording about training provided by Bootlin
Thomas Petazzoni [Wed, 9 Jun 2021 08:16:20 +0000 (10:16 +0200)]
docs/website: change wording about training provided by Bootlin

As suggested by Yann, let's avoid announcing the exact date of the
next course, as it gets outdated very often. Instead, use a more
generic wording and simply point to a Bootlin page that has all the
details.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/rsync: fix CVE-2020-14387
Fabrice Fontaine [Sat, 12 Jun 2021 12:02:10 +0000 (14:02 +0200)]
package/rsync: fix CVE-2020-14387

A flaw was found in rsync in versions since 3.2.0pre1. Rsync improperly
validates certificate with host mismatch vulnerability. A remote,
unauthenticated attacker could exploit the flaw by performing a
man-in-the-middle attack using a valid certificate for another hostname
which could compromise confidentiality and integrity of data transmitted
using rsync-ssl. The highest threat from this vulnerability is to data
confidentiality and integrity. This flaw affects rsync versions before
3.2.4.

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[Peter: add a comment explaining what patch fixes this CVE]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
3 years ago{linux, linux-headers}: bump 4.{4, 9, 14, 19}.x / 5.{4, 10, 11, 12}.x series
Peter Korsgaard [Sat, 12 Jun 2021 11:43:42 +0000 (13:43 +0200)]
{linux, linux-headers}: bump 4.{4, 9, 14, 19}.x / 5.{4, 10, 11, 12}.x series

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
3 years agopackage/openvpn: requires DES support in openssl
Fabrice Fontaine [Sat, 12 Jun 2021 12:11:40 +0000 (14:11 +0200)]
package/openvpn: requires DES support in openssl

Enable DES in openssl to fix build failure raised since commit
a83d41867c8d69a77d5cd0a665aa216af5340359

Fixes:
 - http://autobuild.buildroot.org/results/a371f455d9550cb1593b5e349278082001245178

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/vtun: requires blowfish support in openssl
Fabrice Fontaine [Sat, 12 Jun 2021 11:49:54 +0000 (13:49 +0200)]
package/vtun: requires blowfish support in openssl

Enable blowfish in openssl to fix build failure raised since commit
a83d41867c8d69a77d5cd0a665aa216af5340359

Fixes:
 - http://autobuild.buildroot.org/results/38f6b92ead5861c2e15ca768acea9742ad4e0fec

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/libtorrent: requires RC4 support in openssl
Fabrice Fontaine [Wed, 9 Jun 2021 16:58:37 +0000 (18:58 +0200)]
package/libtorrent: requires RC4 support in openssl

Enable RC4 in openssl to fix build failure raised since commit
a83d41867c8d69a77d5cd0a665aa216af5340359

Fixes:
 - http://autobuild.buildroot.org/results/c909fedb5f59d8a434a3bde469155ff550615e3c

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/freerdp: needs rc4 from libopenssl
Yann E. MORIN [Sun, 6 Jun 2021 07:59:32 +0000 (09:59 +0200)]
package/freerdp: needs rc4 from libopenssl

Fixes:
    http://autobuild.buildroot.org/results/b21b21a66bef2bc09231e475037a8f9be5584fa4/

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/netsnmp: requires DES support in openssl
Fabrice Fontaine [Sat, 12 Jun 2021 11:37:07 +0000 (13:37 +0200)]
package/netsnmp: requires DES support in openssl

Enable DES in openssl to fix build failure raised since commit
a83d41867c8d69a77d5cd0a665aa216af5340359

Fixes:
 - http://autobuild.buildroot.org/results/76ddd42cfecc596e431490747e3a32b937f95a17

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/mender: requires MD4 and RMD160 support in openssl
Fabrice Fontaine [Sat, 12 Jun 2021 11:27:22 +0000 (13:27 +0200)]
package/mender: requires MD4 and RMD160 support in openssl

Enable MD4 and RMD160 in openssl to fix build failure raised since
commit a83d41867c8d69a77d5cd0a665aa216af5340359

Fixes:
 - http://autobuild.buildroot.org/results/0b9ad028609f7e3e4eddd4439deaf7b3aa1d1273

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/netatalk: requires CAST and DES support in openssl
Fabrice Fontaine [Wed, 9 Jun 2021 21:54:22 +0000 (23:54 +0200)]
package/netatalk: requires CAST and DES support in openssl

Enable CAST and DES in openssl to fix build failures raised since commit
a83d41867c8d69a77d5cd0a665aa216af5340359

Fixes:
 - http://autobuild.buildroot.org/results/b7347e3e4b828901dcb954f7cc37b712b80ac49b
 - http://autobuild.buildroot.org/results/453c10ff24ef48f1340ec91412e504fe604033cf

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[yann.morin.1998@free.fr:
  - move the 'select' of the options closer to the 'select' on openssl
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/rhash: requires RMD160 support in openssl
Fabrice Fontaine [Wed, 9 Jun 2021 21:30:46 +0000 (23:30 +0200)]
package/rhash: requires RMD160 support in openssl

Enable RMD160 in openssl to fix build failure raised since commit
a83d41867c8d69a77d5cd0a665aa216af5340359

Fixes:
 - http://autobuild.buildroot.org/results/e3733ad25de55616b2eafff0b489aea2bee65e06

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/transmission: requires RC4 support in openssl
Fabrice Fontaine [Wed, 9 Jun 2021 19:52:57 +0000 (21:52 +0200)]
package/transmission: requires RC4 support in openssl

Enable RC4 in openssl to fix build failure raised since commit
a83d41867c8d69a77d5cd0a665aa216af5340359

Fixes:
 - http://autobuild.buildroot.org/results/c658beb245cbf06786aa4155c7649c3e1a613e39

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[yann.morin.1998@free.fr:
  - move the 'select' of the option closer to the 'select' on openssl
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/connman: security bump to 1.40
John Keeping [Fri, 11 Jun 2021 18:00:27 +0000 (19:00 +0100)]
package/connman: security bump to 1.40

Fix CVE-2021-33833 which is a stack buffer overflow in dnsproxy.

Release notes:
https://lore.kernel.org/connman/20210610113503.ob45lhssqy5hk4ki@beryllium.lan/

Signed-off-by: John Keeping <john@metanate.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
3 years agopackage/squid: security bump to version 4.15
Peter Korsgaard [Fri, 11 Jun 2021 10:03:08 +0000 (12:03 +0200)]
package/squid: security bump to version 4.15

Fixes the following security issues:

- CVE-2021-28651: Denial of Service in URN processing
  Due to a buffer management bug Squid is vulnerable to a Denial of service
  attack against the server it is operating on.

  This attack is limited to proxies which attempt to resolve a "urn:"
  resource identifier.  Support for this resolving is enabled by default in
  all Squid.

  https://github.com/squid-cache/squid/security/advisories/GHSA-ch36-9jhx-phm4

- CVE-2021-28652: Denial of Service issue in Cache Manager
  Due to an incorrect parser validation bug Squid is vulnerable to a Denial
  of Service attack against the Cache Manager API.

  https://github.com/squid-cache/squid/security/advisories/GHSA-m47m-9hvw-7447

- CVE-2021-28662: Denial of Service in HTTP Response Processing
  Due to an input validation bug Squid is vulnerable to a Denial of Service
  against all clients using the proxy.

  https://github.com/squid-cache/squid/security/advisories/GHSA-jjq6-mh2h-g39h

- CVE-2021-31806, CVE-2021-31807, CVE-2021-31808: Multiple Issues in HTTP
  Range header
  Due to an incorrect input validation bug Squid is vulnerable to
  a Denial of Service attack against all clients using the proxy.

  https://github.com/squid-cache/squid/security/advisories/GHSA-pxwq-f3qr-w2xf

- CVE-2021-33620: Denial of Service in HTTP Response processing
  Due to an input validation bug Squid is vulnerable to a Denial of Service
  against all clients using the proxy.

  https://github.com/squid-cache/squid/security/advisories/GHSA-572g-rvwr-6c7f

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
3 years agopackage/mpg123: bump version to 1.25.15
Peter Korsgaard [Thu, 10 Jun 2021 21:47:30 +0000 (23:47 +0200)]
package/mpg123: bump version to 1.25.15

Bugfix release. From the release notes:

Some backports of important fixes to the 1.25 series, for very conservative
people.

libmpg123: Backport bit reservoir CRC fix from 1.26
libmpg123: Backport part2_3_length regression fix (bug 312).

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
3 years agopackage/libsoup: fix build with NLS
Fabrice Fontaine [Wed, 9 Jun 2021 21:04:48 +0000 (23:04 +0200)]
package/libsoup: fix build with NLS

Fix build failure with NLS raised since bump to version 2.72.0 in commit
8e5f7f1cfc8fd7a9d5270f6a9707eb9eecfd21da

Fixes:
 - http://autobuild.buildroot.org/results/1793753629d81476a3cd6fea40029cbd7de0206c

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
3 years agopackage/udisks: drop unused lvm2 support
Peter Korsgaard [Mon, 7 Jun 2021 15:18:41 +0000 (17:18 +0200)]
package/udisks: drop unused lvm2 support

BR2_PACKAGE_UDISKS_LVM2 was dropped in commit eb251b30084e38 (package/lvm2:
drop BR2_PACKAGE_LVM2_APP_LIBRARY), but missed when merging next.  Drop it.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
3 years agoMerge branch 'next'
Peter Korsgaard [Mon, 7 Jun 2021 15:14:37 +0000 (17:14 +0200)]
Merge branch 'next'

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
3 years agoKickoff 2021.08 cycle
Peter Korsgaard [Mon, 7 Jun 2021 09:20:28 +0000 (11:20 +0200)]
Kickoff 2021.08 cycle

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
3 years agodocs/website/news.html: add 2021.05 announcement link
Peter Korsgaard [Mon, 7 Jun 2021 09:19:43 +0000 (11:19 +0200)]
docs/website/news.html: add 2021.05 announcement link

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
3 years agoUpdate for 2021.05
Peter Korsgaard [Sun, 6 Jun 2021 21:21:08 +0000 (23:21 +0200)]
Update for 2021.05

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
3 years agodocs/website: update for 2021.05-rc3
Peter Korsgaard [Sun, 6 Jun 2021 21:12:11 +0000 (23:12 +0200)]
docs/website: update for 2021.05-rc3

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
3 years agoDEVELOPPERS: remove Chakra Divi
Yann E. MORIN [Sun, 6 Jun 2021 21:04:00 +0000 (23:04 +0200)]
DEVELOPPERS: remove Chakra Divi

The domain for their email is now a parking-site, and mails are not
delivered anymore.

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/mimic: fix static build with gcc 10
Fabrice Fontaine [Sun, 6 Jun 2021 17:38:04 +0000 (19:38 +0200)]
package/mimic: fix static build with gcc 10

Fixes:
 - http://autobuild.buildroot.org/results/bee20bbfa4fa64ed8704bfb9586d5a3148f39fdf

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
3 years agopackage/python3-cryptography: add python3 host variant
Chan, Donald [Thu, 20 May 2021 01:49:43 +0000 (01:49 +0000)]
package/python3-cryptography: add python3 host variant

Add a python3 host variant since another downstream OSS component
(OP-TEE) uses buildroot and it will depend on a python3 host variant
of python-cryptography.

Signed-off-by: Donald Chan <hoiho@lab126.com>
[yann.morin.1998@free.fr:
  - drop target _DEPENDENCIES since this is a host-only package
  - instead, add host-openssl to dependencies
  - add CPE variables
  - also add sync comment for python-pip
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/python3-cffi: add python3 host variant
Chan, Donald [Thu, 20 May 2021 01:48:58 +0000 (01:48 +0000)]
package/python3-cffi: add python3 host variant

Add a python3 host variant since we are adding a python3 host variant of
python-cryptography and it is dependent on this.

Signed-off-by: Donald Chan <hoiho@lab126.com>
[yann.morin.1998@free.fr:
  - drop target _DEPENDENCIES since this is a host-only package
  - also add sync comment to python-cffi
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/python3-pycparser: add python3 host variant
Chan, Donald [Thu, 20 May 2021 01:48:29 +0000 (01:48 +0000)]
package/python3-pycparser: add python3 host variant

Add a python3 host variant since we are adding a python3 host variant of
python-cryptography and it is dependent on this.

Signed-off-by: Donald Chan <hoiho@lab126.com>
[yann.morin.1998@free.fr: also add sync comment to python-pycparser]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/python3-pip: add python3 host variant
Chan, Donald [Thu, 20 May 2021 01:48:00 +0000 (01:48 +0000)]
package/python3-pip: add python3 host variant

Add a python3 host variant since we are adding a python3 host variant of
python-cryptography and it is dependent on this.

Signed-off-by: Donald Chan <hoiho@lab126.com>
[yann.morin.1998@free.fr:
  - add CPE variables
  - also add sync comment for python-pip
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/python3-six: add python3 host variant
Chan, Donald [Thu, 20 May 2021 01:47:26 +0000 (01:47 +0000)]
package/python3-six: add python3 host variant

Add a python3 host variant since we are adding a python3 host variant of
python-cryptography and it is dependent on this.

Signed-off-by: Donald Chan <hoiho@lab126.com>
[yann.morin.1998@free.fr: also add sync comment in python-six]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/go: security bump to version 1.16.5
Peter Korsgaard [Sun, 6 Jun 2021 11:50:18 +0000 (13:50 +0200)]
package/go: security bump to version 1.16.5

Fixes the following security issues:

- CVE-2021-33195: The LookupCNAME, LookupSRV, LookupMX, LookupNS, and
  LookupAddr functions in net, and their respective methods on the Resolver
  type may return arbitrary values retrieved from DNS which do not follow
  the established RFC 1035 rules for domain names.  If these names are used
  without further sanitization, for instance unsafely included in HTML, they
  may allow for injection of unexpected content.  Note that LookupTXT may
  still return arbitrary values that could require sanitization before
  further use

- CVE-2021-33196: The NewReader and OpenReader functions in archive/zip can
  cause a panic or an unrecoverable fatal error when reading an archive that
  claims to contain a large number of files, regardless of its actual size

- CVE-2021-33197: ReverseProxy in net/http/httputil could be made to forward
  certain hop-by-hop headers, including Connection.  In case the target of
  the ReverseProxy was itself a reverse proxy, this would let an attacker
  drop arbitrary headers, including those set by the ReverseProxy.Director

- CVE-2021-33198: The SetString and UnmarshalText methods of math/big.Rat
  may cause a panic or an unrecoverable fatal error if passed inputs with
  very large exponents

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
3 years agopackage/x11r7/xdriver_xf86-video-fbturbo: fix driver loading
Peter Seiderer [Wed, 2 Jun 2021 20:15:29 +0000 (22:15 +0200)]
package/x11r7/xdriver_xf86-video-fbturbo: fix driver loading

Port two xf86-video-fbdev upstream patches to xf86-video-fbturbo fixing
incompatibility with latest xorg release and add mandatory module loading
section to installed xorg.conf:

- patch 0002-Use-own-thunk-functions-instead-of-fbdevHW-Weak.patch, fixes:
  [    12.638] (II) LoadModule: "fbturbo"
  [    12.639] (II) Loading /usr/lib/xorg/modules/drivers/fbturbo_drv.so
  [    12.642] (EE) Failed to load /usr/lib/xorg/modules/drivers/fbturbo_drv.so: /usr/lib/xorg/modules/drivers/fbturbo_drv.so: undefined symbol: shadowUpdatePackedWeak
  [    12.642] (EE) Failed to load module "fbturbo" (loader failed, 0)

- patch 0003-Update-for-1.20-ABI.patch, fixes:
  [    12.551] (II) LoadModule: "fbturbo"
  [    12.553] (II) Loading /usr/lib/xorg/modules/drivers/fbturbo_drv.so
  [    12.556] (EE) Failed to load /usr/lib/xorg/modules/drivers/fbturbo_drv.so: /usr/lib/xorg/modules/drivers/fbturbo_drv.so: undefined symbol: xf86DisableRandR
  [    12.556] (EE) Failed to load module "fbturbo" (loader failed, 0)

- patch 0004-xorg.conf-add-mandatory-modules-fb-shadow-fbdevhw.patch, fixes:

  module fbdevhw:
  [   303.906] (II) LoadModule: "fbturbo"
  [   303.906] (II) Loading /usr/lib/xorg/modules/drivers/fbturbo_drv.so
  [   303.907] (EE) Failed to load /usr/lib/xorg/modules/drivers/fbturbo_drv.so: /usr/lib/xorg/modules/drivers/fbturbo_drv.so: undefined symbol: fbdevHWSave
  [   303.907] (EE) Failed to load module "fbturbo" (loader failed, 0)
  [   303.907] (EE) No drivers available.

  module shadow:
  [   426.403] (II) LoadModule: "fbturbo"
  [   426.404] (II) Loading /usr/lib/xorg/modules/drivers/fbturbo_drv.so
  [   426.404] (EE) Failed to load /usr/lib/xorg/modules/drivers/fbturbo_drv.so: /usr/lib/xorg/modules/drivers/fbturbo_drv.so: undefined symbol: shadowRemove
  [   426.404] (EE) Failed to load module "fbturbo" (loader failed, 0)
  [   426.404] (EE) No drivers available.

  module fb:
  [   471.912] (II) LoadModule: "shadow"
  [   471.913] (II) Loading /usr/lib/xorg/modules/libshadow.so
  [   471.913] (EE) Failed to load /usr/lib/xorg/modules/libshadow.so: /usr/lib/xorg/modules/libshadow.so: undefined symbol: fbGetScreenPrivateKey
  [   471.913] (EE) Failed to load module "shadow" (loader failed, 0)

Fixes:
  - https://bugs.busybox.net/show_bug.cgi?id=13816
  - http://lists.busybox.net/pipermail/buildroot/2021-June/311763.html

Reported-by: Jürgen Wack <juergen.wack@gmx.de>
Reported-by: Derek T <derek.tata1@gmail.com>
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
[yann.morin.1998@free.fr: fix check-package errors]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/ffmpeg: Fix build for mips
Bernd Kuhls [Sun, 6 Jun 2021 07:28:59 +0000 (09:28 +0200)]
package/ffmpeg: Fix build for mips

Fixes:
http://autobuild.buildroot.net/results/079/079df777211933b92ac5a67fc175839c8188850f/

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/mono-gtksharp3: fix build with latest mono
Fabrice Fontaine [Sat, 5 Jun 2021 21:14:25 +0000 (23:14 +0200)]
package/mono-gtksharp3: fix build with latest mono

Fix build failure with latest mono which is raised since commit
4c8a285b6e35c4028341f874760bfa9226ebff94

Fixes:
 - http://autobuild.buildroot.org/results/ff3edfe406f00a29429d2fa4258af12c87e5fb96

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/mpv: handle --{en,dis}able-libmpv-{shared,static}
Fabrice Fontaine [Sat, 5 Jun 2021 22:00:31 +0000 (00:00 +0200)]
package/mpv: handle --{en,dis}able-libmpv-{shared,static}

libmpv-static and libmpv-shared are disabled by default resulting in the
following build failure when building with gl but without rpi, wayland
or x11:

Checking for OpenGL without platform-specific code (e.g. for libmpv)      : libmpv-shared not found
Checking for OpenGL context support                                       : gl-cocoa not found
You manually enabled the feature 'gl', but the autodetection check failed.

Here is an extract of wscript:

    } , {
        'name': '--plain-gl',
        'desc': 'OpenGL without platform-specific code (e.g. for libmpv)',
        'deps': 'libmpv-shared || libmpv-static',
        'func': check_true,
    }, {
        'name': '--gl',
        'desc': 'OpenGL context support',
        'deps': 'gl-cocoa || gl-x11 || egl-x11 || egl-drm || '
                 + 'gl-win32 || gl-wayland || rpi || '
                 + 'plain-gl',
        'func': check_true,
        'req': True,
        'fmsg': "No OpenGL video output found or enabled. " +
                "Aborting. If you really mean to compile without OpenGL " +
                "video outputs use --disable-gl.",
    }, {

Enabling both the shared and static libraries is not allowed by mpv, so
we consider the BR2_STATIC_LIBS to be static, and otherwise (i.e.
BR2_SHARED_LIBS and BR2_SHARED_STATIC_LIBS) to be shared.

Fixes:
 - http://autobuild.buildroot.org/results/590d2a8b6746ef071dfb439e42b636f81dbdc35d

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[yann.morin.1998@free.fr:
  - expand config log about shared/static icompatibility
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agoconfigs/minnowboard_max-graphical_defconfig: unbreak X11/mesa
Peter Korsgaard [Sun, 6 Jun 2021 07:05:21 +0000 (09:05 +0200)]
configs/minnowboard_max-graphical_defconfig: unbreak X11/mesa

Fixes https://gitlab.com/buildroot.org/buildroot/-/jobs/1297337965

Commit 15a2f9b819806d38a7d8172a2 (package/{mesa3d, mesa3d-headers}: bump
version to 21.0.2) marked BR2_PACKAGE_MESA3D_DRI_DRIVER_SWRAST as legacy,
but forgot to update the defconfig.  The SW rasterizer isn't really needed
with the Intel GPU, so just drop it.

In addition, X11 now needs some help with loading the modules in the correct
order, similar to how it was done for the test in commit 4a3639bad01a
(support/testing: test_glxinfo load X11 modules in the right order).

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agoboot/beaglev-ddrinit: update to include upstream fixes
Drew Fustini [Sun, 6 Jun 2021 00:53:42 +0000 (17:53 -0700)]
boot/beaglev-ddrinit: update to include upstream fixes

Update commit ID to include recent upstream fixes:

- Fix I and D cache synchronization issue (2e2f6faaf105)
- Add carriage return to correct menu formatting (2f6ea51dbb51)
- Add copyright info (7d3413d2ffd9)
- Expand the limit on the size of uboot when update it (623888127a0e)

Signed-off-by: Drew Fustini <drew@beagleboard.org>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agoboot/beaglev-secondboot: update to include upstream fixes
Drew Fustini [Sun, 6 Jun 2021 00:51:23 +0000 (17:51 -0700)]
boot/beaglev-secondboot: update to include upstream fixes

Update the commit id to include upstream fixes:

- Fix print format in load_and_run_ddr(e976d186e69a)
- Update copyright info (f2b049b7fff2)
- Avoid chiplink address exception (86664be28e5d)

Signed-off-by: Drew Fustini <drew@beagleboard.org>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/qt5/qt5base: fix build with gcc 11
Fabrice Fontaine [Thu, 3 Jun 2021 05:56:44 +0000 (07:56 +0200)]
package/qt5/qt5base: fix build with gcc 11

Fix the following build failure with gcc 11:

/data/buildroot-autobuilder/instance-0/output-1/build/qt5base-5.15.2/include/QtCore/../../src/corelib/global/qfloat16.h:300:7: error: 'numeric_limits' is not a class template
  300 | class numeric_limits<QT_PREPEND_NAMESPACE(qfloat16)> : public numeric_limits<float>
      |       ^~~~~~~~~~~~~~

Fixes:
 - http://autobuild.buildroot.org/results/9a7a987af40b8408ccdfcae4890008c7090b41a1

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Reviewed-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/intel-mediadriver: disable -Werror
Fabrice Fontaine [Sat, 5 Jun 2021 15:15:09 +0000 (17:15 +0200)]
package/intel-mediadriver: disable -Werror

Disable -Werror to avoid the following build failure:

<command-line>: error: "_FORTIFY_SOURCE" redefined [-Werror]

MEDIA_BUILD_FATAL_WARNINGS option is available since version 18.2.0 and
https://github.com/intel/media-driver/commit/6932fc0ffb8228245052528820adafb6743f7482

Fixes:
 - http://autobuild.buildroot.org/results/52638d95312e464626d1c4047b3b26d4f57a1cd2

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/apcupsd: add APCUPSD_CPE_ID_VENDOR
Fabrice Fontaine [Thu, 3 Jun 2021 16:46:58 +0000 (18:46 +0200)]
package/apcupsd: add APCUPSD_CPE_ID_VENDOR

cpe:2.3:a:apcupsd:apcupsd is a valid CPE identifier for this package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Aapcupsd%3Aapcupsd

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/acpid: add CPE variables
Fabrice Fontaine [Thu, 3 Jun 2021 16:39:28 +0000 (18:39 +0200)]
package/acpid: add CPE variables

cpe:2.3:a:tedfelix:acpid2 is a valid CPE identifier for this package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Atedfelix%3Aacpid2

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agopackage/chrony: add CHRONY_CPE_ID_VENDOR
Fabrice Fontaine [Thu, 3 Jun 2021 19:13:56 +0000 (21:13 +0200)]
package/chrony: add CHRONY_CPE_ID_VENDOR

cpe:2.3:a:tuxfamily:chrony is a valid CPE identifier for this package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Atuxfamily%3Achrony

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
3 years agoDEVELOPERS: add Bernd Kuhls to gptfdisk package
Bernd Kuhls [Sat, 5 Jun 2021 08:15:05 +0000 (10:15 +0200)]
DEVELOPERS: add Bernd Kuhls to gptfdisk package

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>