Francois Perrad [Sun, 31 Mar 2019 16:03:56 +0000 (18:03 +0200)]
package/dropbear: bump to version 2019.78
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Sun, 31 Mar 2019 14:49:34 +0000 (16:49 +0200)]
package/rpm: drop binutils optional dependency
Since bump to version 4.14.2.1, binutils is not an optional dependency
anymore as bfd.h has been droped in 4.14.0 with
https://github.com/rpm-software-management/rpm/commit/
245b5a3b4b6d616adf47361137987e90f8dab22c
So drop it and manage optional elfutils dependency through a
single line (and drop binutils/elfutils comment)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Francois Perrad [Sun, 31 Mar 2019 16:01:37 +0000 (18:01 +0200)]
package/lua-gd: compile with -fPIC
Fixes:
http://autobuild.buildroot.net/results/
756c20a09e3c1bd5295416894e4fbe0ca0db5328
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Yann E. MORIN [Sun, 31 Mar 2019 15:34:29 +0000 (17:34 +0200)]
package/gettext-tiny: fix build of libintl.a
Since libintl.a can be pulled in during the build of other shared libs,
it must be compiled with -fPIC, which is what gettext-tiny's Makefile
would do.
Since we provide our own CFLAGS, they override those in the Makefile.
Fix that by ensuring that -fPIC is used when building the static
library.
Fixes:
http://autobuild.buildroot.org/results/a38/
a3800fd4ef2536cc2b82d38ea752baa2b227bc64/
Also, since GETTEXT_TINY_OPTS is used only once and contains a single
definition, get rid of it altogether.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Vadim Kochan <vadim4j@gmail.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Yann E. MORIN [Sun, 31 Mar 2019 14:53:19 +0000 (16:53 +0200)]
package/gettext-tiny: fix licensing
Fix the license list: it should be a space-separated list of files, it
is not a comma-separated list.
Fixes:
http://autobuild.buildroot.org/results/74b/
74be940e5757d18452b0eb97b9973c278be20345/
Add hashes for the license files while at it, and cleanup the hash file
as well.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Vadim Kochan <vadim4j@gmail.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Thomas Petazzoni [Sun, 31 Mar 2019 13:23:45 +0000 (15:23 +0200)]
package/gettext-tiny: take GNU gettext from our own directory
Even though gettext-tiny re-uses the gettext-gnu source code, it makes
a separate download in the gettext-tiny download folder, so use this
one, and not the one from the gettext-gnu download folder, which may
not exist.
Fixes:
http://autobuild.buildroot.net/results/
4e289f30bc6e58ad81611e8e04779134dcbe1241/
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Sat, 30 Mar 2019 14:49:47 +0000 (15:49 +0100)]
package/rpm: add optional zstd dependency
zstd support has been in version 4.14.0 and
https://github.com/rpm-software-management/rpm/commit/
3684424fe297c996bb05bb64631336fa2903df12
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Sat, 30 Mar 2019 14:49:46 +0000 (15:49 +0100)]
package/rpm: add optional openssl dependency
openssl support has been added in version 4.14.0 with
https://github.com/rpm-software-management/rpm/commit/
64028f9a1c25ada8ffc7a48775f526600edcbf85
Add a patch from upstream to fix build with openssl ad MD2 is disabled
by default:
https://github.com/rpm-software-management/rpm/pull/453
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Sat, 30 Mar 2019 14:49:45 +0000 (15:49 +0100)]
package/rpm: fix threads comment
rpm depends on pthreads because it uses it, not because of beecrypt
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Sat, 30 Mar 2019 14:49:44 +0000 (15:49 +0100)]
package/rpm: add optional dbus dependency
It should be noted that dbus is enabled by default
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Sat, 30 Mar 2019 14:49:43 +0000 (15:49 +0100)]
package/rpm: add optional libcap dependency
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Sat, 30 Mar 2019 14:49:42 +0000 (15:49 +0100)]
package/rpm: add optional xz dependency
There is not --{disable,enable}-lzma option
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Sat, 30 Mar 2019 14:49:41 +0000 (15:49 +0100)]
package/rpm: add optional bzip2 dependency
There is no --{disable,enable}-bzip2 option
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Sat, 30 Mar 2019 14:49:40 +0000 (15:49 +0100)]
package/rpm: security bump to 4.14.2.1
- Remove first and second patches (already in version)
- Remove third and fourth patches (not needed since:
https://github.com/rpm-software-management/rpm/commit/
245b5a3b4b6d616adf47361137987e90f8dab22c)
- Add hash for license file
- Drop autoreconf (as configure.ac is not patched anymore)
- Use new --with-crypto option
- Restrict symlink following on installation (CVE-2017-7500,
CVE-2017-7501)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Fri, 29 Mar 2019 17:25:28 +0000 (18:25 +0100)]
package/quota: add optional netlink dependency
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Fri, 29 Mar 2019 17:25:27 +0000 (18:25 +0100)]
package/quota: bump to version 4.05
- Add COPYING and its hash to license files
- Drop all patches (not needed anymore or already in version)
- Drop autoreconf
- Drop --disable-strip-binaries (not available anymore)
- Drop all "hacks" as package now use pkg-config and automake
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Vadim Kochan [Wed, 27 Mar 2019 23:08:31 +0000 (01:08 +0200)]
package/gettext-tiny: new package
Add gettext-tiny package from the sabotage-linux project:
gettext-tiny provides lightweight replacements for tools typically used
from the GNU gettext suite, which is incredibly bloated and takes a lot
of time to build (in the order of an hour on slow devices). the most
notable component is msgfmt which is used to create binary translation
files in the .mo format out of textual input files in .po format. this
is the most important tool for building software from source, because it
is used from the build processes of many software packages.
Some files were taken from gettext-gnu (some po/* files and gettextize
script) to make possible perform gettextizing of packages.
The main purpose of gettext-tiny is to replace gettext for the "host" if
NLS support is not needed. There is no option to manually select
gettext-gnu or gettext-tiny, it is done automatically by virtual gettext
package. For the target gettext-tiny only installs gettext tool echo-wrapper
which might be called from shell scripts (i.e. ecryptfs-utils).
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Vadim Kochan [Wed, 27 Mar 2019 23:08:30 +0000 (01:08 +0200)]
package/gettext: turn into virtual package
Re-work gettext to be a virtual package which may allow to use
different gettext's providers, and rename the original one into
gettext-gnu package.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bernd Kuhls [Fri, 29 Mar 2019 19:01:31 +0000 (20:01 +0100)]
package/x11r7/xapp_xcompmgr: bump version to 1.1.8
Added hashes provided by upstream and license hash.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bernd Kuhls [Fri, 29 Mar 2019 19:00:29 +0000 (20:00 +0100)]
package/{mesa3d, mesa3d-headers}: bump version to 19.0.1
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Francois Perrad [Fri, 29 Mar 2019 18:05:25 +0000 (19:05 +0100)]
support/testing/tests/package/test_perl_*: regeneration
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Francois Perrad [Fri, 29 Mar 2019 18:05:24 +0000 (19:05 +0100)]
utils/scancpan: add a check of XS dependencies in generated test
The XS modules have a high propability to fail (compared to Pure Perl modules),
so it is valuable to check XS dependencies before the check of the main module.
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Sat, 30 Mar 2019 14:43:50 +0000 (15:43 +0100)]
package/vdr: bump to version 2.4.0
- Add a dependency to glibc for execinfo.h and drop first patch (as it
was useful only for uclibc)
- Add hash for license file
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Sat, 30 Mar 2019 17:48:33 +0000 (18:48 +0100)]
package/omxplayer: bump to version
f06235cc9690a6d58187514452df8cf8fcdaacec
- Fix build with ffmpeg 4.x
- Update hash of license file, GPL mailing address was fixed:
https://github.com/popcornmix/omxplayer/commit/
5da1379efc32878b6151110aef73f91b6c433cdb
Fixes:
- http://autobuild.buildroot.org/results/
e413c9b2ad7b97f0552f2477293ca5fe861df06c
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bernd Kuhls [Sat, 30 Mar 2019 17:42:49 +0000 (18:42 +0100)]
package/znc: security bump to version 1.7.3
Changelog: https://wiki.znc.in/ChangeLog/1.7.3
Fixes CVE-2019-9917:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9917
- ZNC before 1.7.3-rc1 allows an existing remote user to cause a Denial
of Service (crash) via invalid encoding.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Sat, 30 Mar 2019 15:46:31 +0000 (16:46 +0100)]
package/thttpd: security bump to version 2.29
- Switch site to "real" upstream instead of debian as debian does not
have latest version
- Drop patch (not needed anymore as getline was renamed in my_getline)
- Add hash for license file
- Fix CVE-2013-0348 and CVE-2017-17663
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Francois Perrad [Sun, 31 Mar 2019 06:48:45 +0000 (08:48 +0200)]
support/testing/tests/package/test_lua*: regeneration
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Francois Perrad [Sun, 31 Mar 2019 06:48:44 +0000 (08:48 +0200)]
package/luarocks: better choice of modules in generated test
the name derived from package name is not suitable,
so, we search in the built modules.
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Peter Korsgaard [Sat, 30 Mar 2019 19:53:52 +0000 (20:53 +0100)]
package/dovecot: security bump to version 2.3.5.1
Fixes the following security issue:
* CVE-2019-7524: Missing input buffer size validation leads into
arbitrary buffer overflow when reading fts or pop3 uidl header
from Dovecot index. Exploiting this requires direct write access to
the index files.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Jörg Krause [Sat, 30 Mar 2019 23:15:43 +0000 (00:15 +0100)]
package/luvi: bump to version 2.9.3
Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Jörg Krause [Sat, 30 Mar 2019 23:13:52 +0000 (00:13 +0100)]
package/luv: bump to version 1.27.0-0
Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Fri, 29 Mar 2019 17:10:08 +0000 (18:10 +0100)]
package/scons: bump to version 3.0.5
- Add hash for license file
- scons now supports python2 and python3 so remove host-python2
dependency
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Thomas Petazzoni [Sat, 30 Mar 2019 14:40:50 +0000 (15:40 +0100)]
package/uboot-tools: fix build on hosts with old compilers
The U-Boot tools code uses some C99 constructs, but old compilers such
as gcc 4.7 don't default to -std=c99. This commit adds a patch,
submitted upstream, that makes sure host tools are built with
-std=gnu99 (because the U-Boot code uses GNU extensions).
Fixes:
http://autobuild.buildroot.net/results/
5cc55f5eabd5005e071ad4eabab8202604ac7b66/
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Sat, 30 Mar 2019 13:28:30 +0000 (14:28 +0100)]
package/xenomai: fix build with gcc 8
Patch was wrongly removed in
d0dcca4705aaae85ce4ef0dc637b95fd4e81b9b3
Fixes:
- http://autobuild.buildroot.org/results/
beac5f07c3b56596a6d9d5a1bcf29eb2837c4829
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Sat, 30 Mar 2019 13:31:07 +0000 (14:31 +0100)]
package/haproxy: disable on nios2 and microblaze
Fixes:
- http://autobuild.buildroot.org/results/
4d7be00514f5276a9fd533adfdbc3d5183bb59ca
- http://autobuild.buildroot.org/results/
64706f96db793777de9d3ec63b0a47d776cf33fd
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Yann E. MORIN [Sat, 30 Mar 2019 08:46:41 +0000 (09:46 +0100)]
package/busybox: fix build with individual binaries
Fixes:
http://autobuild.buildroot.org/results/053/
0539b3765eaa99029c4185ae89db6adb9e867078/
Kudos to Thomas for pinpointing the actual issue.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Peter Korsgaard [Sat, 30 Mar 2019 08:18:11 +0000 (09:18 +0100)]
docs/website: update for 2019.02.1
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Peter Korsgaard [Fri, 29 Mar 2019 22:52:20 +0000 (23:52 +0100)]
Update for 2019.02.1
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
[Peter: drop Makefile changes]
(cherry picked from commit
863761ff3c6233e6e2ef836c4600590dc0d38197)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Peter Korsgaard [Sat, 30 Mar 2019 07:56:07 +0000 (08:56 +0100)]
website/news.html: left align 2018.02.12 release announcement
We use alternative left/right alignment of the announcement boxes.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Peter Korsgaard [Fri, 29 Mar 2019 21:19:35 +0000 (22:19 +0100)]
Makefile: release: really drop build/docs from release tarball
Commit
15cb98769e4 (release: remove manual build files from release
tarballs) tried to remove the temporary files from the manual build from the
release tarball, but manual-clean only removes build/docs/manual and leaves
build/docs in the tarball.
Instead use 'make clean' to completely remove the build directory from the
tarball.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Eloi Bail [Thu, 14 Mar 2019 15:34:35 +0000 (16:34 +0100)]
package/gst1-plugins-bayer2rgb-neon: new package
gst1-plugins-bayer2rgb-neon[1] is a gstreamer1 plugin which uses
bayer2rgb-neon library to decode raw camera bayer to RGB using NEON
hardware acceleration.
[1] https://git.phytec.de/gst-bayer2rgb-neon
Signed-off-by: Eloi Bail <eloi.bail@savoirfairelinux.com>
[Thomas:
- add entry to DEVELOPERS file
- add .hash file
- adjust Config.in to match bayer2rgb-neon
- add Config.in comment
- drop --prefix=/usr from CONF_OPTS]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Eloi Bail [Thu, 14 Mar 2019 15:34:34 +0000 (16:34 +0100)]
package/bayer2rgb-neon: new package
bayer2rgb-neon[1] is a library which allows decoding raw camera bayer
to RGB using NEON hardware acceleration.
[1]: https://git.phytec.de/bayer2rgb-neon/
Signed-off-by: Eloi Bail <eloi.bail@savoirfairelinux.com>
[Thomas:
- use "config" instead of "menuconfig"
- use BR2_ARM_CPU_HAS_NEON instead of BR2_ARM_ENABLE_NEON
- use BR2_INSTALL_LIBSTDCPP instead of BR2_TOOLCHAIN_BUILDROOT_CXX
- add dependency on BR2_TOOLCHAIN_GCC_AT_LEAST_4_9, because the code
is using C++11
- add missing Config.in comment
- drop --prefix=/usr from CONF_OPTS, it is passed by the
autotools-package infrastructure
- simplify CFLAGS logic
- move from "Applications" to "Libraries" in menuconfig
- add missing .hash file
- add entry in DEVELOPERS file]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Thu, 28 Mar 2019 19:22:27 +0000 (20:22 +0100)]
package/qlibc: bump to version 2.4.4
- Remove patches (already in version) and autoreconf
- Add hash for license file
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Fri, 29 Mar 2019 15:30:39 +0000 (16:30 +0100)]
package/gst1-libav: fix build on mips64el
Apply the same behavior for CPU in gst1-libav than in ffmpeg:
- use generic cpu for all mips architectures
- use GCC_TARGET_{ARCH,CPU} instead of BR2_TARGET_{ARCH,CPU}
Fixes:
- http://autobuild.buildroot.org/results/
776028a43bd180b4895efc74321e3aee56cbcb47
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Fri, 29 Mar 2019 14:55:47 +0000 (15:55 +0100)]
package/gst1-libav: fix powerpc build
AS "hack" is also needed for powerpc builds otherwise build fails on:
AS libavcodec/ppc/fft_altivec.o
/home/buildroot/autobuild/run/instance-2/output/host/bin/powerpc64-linux-as: invalid option -- '_'
This error is raised because CPPFLAGS are (wrongly) passed to AS
Fixes:
- http://autobuild.buildroot.org/results/
6710e72452fe70788d75191b8b735f90beff9361
- http://autobuild.buildroot.org/results/
a1f22975d4a4a6cfc553a450da464a431702800f
- http://autobuild.buildroot.org/results/
be2d161443c5ab24979e6b9389eb21a53d4b4066
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Fri, 29 Mar 2019 14:55:46 +0000 (15:55 +0100)]
package/gst1-libav: fix syntax error
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Giulio Benetti [Fri, 29 Mar 2019 14:49:44 +0000 (15:49 +0100)]
package/sunxi-mali-mainline-driver: bump version
For 5.0 support.
git shortlog --invert-grep --grep travis --no-merges
e28c274f85c65ebec82cdf0f8d021895e105d917..
Giulio Benetti (2):
README: update instructions to copy libraries
README: add arm64 build instructions
Roman Stratiienko (1):
mali: support building against 5.0
Signed-off-by: Giulio Benetti <giulio.benetti@micronovasrl.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Mark Corbin [Fri, 29 Mar 2019 14:39:59 +0000 (14:39 +0000)]
configs/qemu_riscv*_virt: use mainline kernel
Update the RISC-V QEMU virt machine defconfigs to use the
mainline 4.20.17 kernel instead of the version from the
riscv-linux repository.
This change has been tested with QEMU 3.1.0.
Signed-off-by: Mark Corbin <mark.corbin@embecosm.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Peter Korsgaard [Fri, 29 Mar 2019 10:24:14 +0000 (11:24 +0100)]
package/glibc: bump version for post-2.29 security fixes
Fixes the following security vulnerability:
CVE-2019-9169: Attempted case-insensitive regular-expression match
via proceed_next_node in posix/regexec.c leads to heap-based buffer
over-read. Reported by Hongxu Chen.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Baruch Siach [Fri, 29 Mar 2019 10:44:47 +0000 (13:44 +0300)]
package/mtd: add openssl optional dependency
mkfs.ubifs now uses openssl when available.
Cc: Matt Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Baruch Siach [Fri, 29 Mar 2019 10:44:46 +0000 (13:44 +0300)]
package/mtd: fix build without openssl
Add a patch that removes dependency on openssl header when openssl is
not installed.
Fixes:
http://autobuild.buildroot.net/results/a78/
a78544def5c17edccdf5db821318b8efa3fc7b8f/
http://autobuild.buildroot.net/results/ed8/
ed82ef6c15d7f59c9b93d237f53fc09513ed5c4f/
http://autobuild.buildroot.net/results/ede/
ede17d68948fd478c366673b7d22f07cee3bd09a/
Cc: Matt Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Peter Korsgaard [Fri, 29 Mar 2019 15:15:21 +0000 (16:15 +0100)]
docs/website: update for 2018.02.12
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Peter Korsgaard [Fri, 29 Mar 2019 14:27:56 +0000 (15:27 +0100)]
Update for 2018.02.12
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
[Peter: drop Makefile changes]
(cherry picked from commit
c2bc504367392fdcb1fa663d5d5f8a8057f89908)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Peter Korsgaard [Fri, 29 Mar 2019 14:09:44 +0000 (15:09 +0100)]
docs/website: update for 2018.11.4
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Peter Korsgaard [Thu, 28 Mar 2019 22:04:10 +0000 (23:04 +0100)]
Update for 2018.11.4
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
[Peter: drop Makefile changes]
(cherry picked from commit
962bef5d075581a7853af4e835b584a658b8f2c0)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Max Filippov [Fri, 29 Mar 2019 01:51:33 +0000 (18:51 -0700)]
package/binutils: xtensa: fix shrink_dynamic_reloc_sections
This fixes the following build error caused by link-time relaxation
removing copies of literals that reference undefined weak symbols with
PLT entries created due to -rdynamic option passed to g++ link command:
ld: BFD (GNU Binutils) 2.31.1 internal error, aborting at
elf32-xtensa.c:3292 in elf_xtensa_finish_dynamic_sections
Fixes:
http://autobuild.buildroot.net/results/d41/
d41aae8a448c316187f9fbde40f1d077182bb244/
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Peter Korsgaard [Thu, 28 Mar 2019 21:24:12 +0000 (22:24 +0100)]
{linux, linux-headers}: bump 4.{4, 9, 14, 19, 20}.x / 5.0.x series
Notice: 4.20.x is now EOL.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Ed Blake [Thu, 28 Mar 2019 18:48:15 +0000 (18:48 +0000)]
toolchain-external: add a check for OpenMP support
Signed-off-by: Ed Blake <ed.blake@sondrel.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Ed Blake [Thu, 28 Mar 2019 18:48:15 +0000 (18:48 +0000)]
toolchain-external: introduce BR2_TOOLCHAIN_EXTERNAL_OPENMP
Add a new option for custom external toolchains to enable OpenMP
support.
Signed-off-by: Ed Blake <ed.blake@sondrel.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Thomas Petazzoni [Thu, 28 Mar 2019 18:04:01 +0000 (19:04 +0100)]
.gitlab-ci.yml: update after licheepi_zero_defconfig addition
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Francois Perrad [Thu, 28 Mar 2019 17:20:48 +0000 (18:20 +0100)]
package/lua-resty-http: bump to 0.13
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Francois Perrad [Thu, 28 Mar 2019 17:20:47 +0000 (18:20 +0100)]
support/testing: add lua-http test
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Francois Perrad [Thu, 28 Mar 2019 17:20:46 +0000 (18:20 +0100)]
package/lua-http: bump to version 0.3
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Francois Perrad [Thu, 28 Mar 2019 17:20:45 +0000 (18:20 +0100)]
package/lua-binaryheap: new package
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Vadim Kochan [Mon, 4 Mar 2019 08:57:41 +0000 (10:57 +0200)]
package/netsniff-ng: allow to build with uclibc but w/o mausezahn
mausezahn can't be build with uclibc because uclibc does not provide
ceill() function, so it does not allow to build all netsniff-ng's
tools with uclibc.
Fix it by moving mausezahn under separate config option, which has own
dependencies and packages selection (libnet & libcli).
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
[Thomas:
- use the allbutmausezahn and install_allbutmausezahn targets inside
of enumerating all the tools in the .mk file
- stick to a "config" instead of introducing a "menuconfig"]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Michel Stempin [Tue, 5 Mar 2019 22:37:06 +0000 (23:37 +0100)]
configs/licheepi_zero: new defconfig
Signed-off-by: Michel Stempin <michel.stempin@wanadoo.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Thomas De Schampheleire [Thu, 28 Mar 2019 13:47:54 +0000 (14:47 +0100)]
package/mtd: bump to version 2.1.0
Patch is removed because it is included in the release.
>From the release notes:
-----------------------------------------------------------------
Changes from 2.0.2 to 2.1.0:
Features:
- mkfs.ubifs: Implement support for file system encryption
- mkfs.ubifs: Implement selinux labelling support
- ubinize: add support for skipping CRC check of a static volume when opening
- ubimkvol: add support for skipping CRC check of a static volume when opening
- Add lsmtd program
Fixes:
- update various kernel headers
- Instead of doing preprocessor magic, just output off_t as long long
- fix verification percent display in flashcp
- mkfs.ubifs: fix double free
- mkfs.ubifs: Fix xattr nlink value
- ubinize: avoid to create two UBI_LAYOUT_VOLUME_ID volume
- common.h: fix prompt function
- libmtd: don't print an error message for devices without ecc support
- io_paral: Fix error handling of update_volume()
- ubimkvol: Initialize req to zero to make sure no flags are set by default
- libubi: add volume flags to ubi_mkvol_request
- mkfs.ubifs: add_xattr is not depending on host XATTR support
- Revert "Return correct error number in ubi_get_vol_info1" which
introduced a regression.
- make sure pkg-config is installed in configure script
- ubiformat: process command line arguments before handling file arguments
Cleanup:
- ubiformat: remove no-volume-table option
-----------------------------------------------------------------
Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Angelo Compagnucci [Thu, 28 Mar 2019 13:41:00 +0000 (14:41 +0100)]
package/fail2ban: add fixup for default configuration
fail2ban default configuration is not compatible with buildroot as is.
In order to not force the user to overwrite it in an overlay and
having a fail2ban service running out of the box, this patch adds a
fixup step to adapt the default configuration to running on buildroot.
The dbfile is None to not add a dependency on
BR2_PACKAGE_PYTHON_SQLITE.
Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Francois Perrad [Tue, 19 Feb 2019 15:43:11 +0000 (16:43 +0100)]
support/testing: add rings test
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Francois Perrad [Tue, 19 Feb 2019 15:43:10 +0000 (16:43 +0100)]
support/testing: add luasocket test
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Francois Perrad [Tue, 19 Feb 2019 15:43:09 +0000 (16:43 +0100)]
support/testing: add luasec test
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Francois Perrad [Tue, 19 Feb 2019 15:43:08 +0000 (16:43 +0100)]
support/testing: add luaossl test
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Francois Perrad [Tue, 19 Feb 2019 15:43:07 +0000 (16:43 +0100)]
support/testing: add luafilesystem test
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Francois Perrad [Tue, 19 Feb 2019 15:43:06 +0000 (16:43 +0100)]
support/testing: add luaexpat test
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Francois Perrad [Tue, 19 Feb 2019 15:43:05 +0000 (16:43 +0100)]
support/testing: add lua-utf8 test
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Francois Perrad [Tue, 19 Feb 2019 15:43:04 +0000 (16:43 +0100)]
support/testing: add lua-curl test
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Francois Perrad [Tue, 19 Feb 2019 15:43:03 +0000 (16:43 +0100)]
support/testing: add lsqlite3 test
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Francois Perrad [Tue, 19 Feb 2019 15:43:02 +0000 (16:43 +0100)]
support/testing: add lpeg test
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Francois Perrad [Tue, 19 Feb 2019 15:43:01 +0000 (16:43 +0100)]
package/luarocks: add generation of test
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Francois Perrad [Wed, 27 Mar 2019 10:30:47 +0000 (11:30 +0100)]
package/lua-gd: new package
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Baruch Siach [Tue, 26 Mar 2019 18:27:20 +0000 (20:27 +0200)]
package/putty: fix build with uClibc
Add patches fixing a number of build issues with uClibc. The issue fixed
in patch #2 has been reported upstream. Patch #3 has been suggested by
upstream but not applied yet.
Drop the _SUBDIR assignment. The configure script moved to top level
directory since upstream commit
a947c49bec3 from 2014. This allows
AUTORECONF to find configure.ac.
Fixes:
http://autobuild.buildroot.net/results/801/
801e2b2909363b5dcd9735362bb921e017569edc/
http://autobuild.buildroot.net/results/398/
3984c6cdd3398645c8ad98bbe23af9090cf4bfcf/
http://autobuild.buildroot.net/results/632/
632f93046f9cceffd9b604911542426c10967e0f/
Cc: Alexander Dahl <post@lespocky.de>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Baruch Siach [Tue, 26 Mar 2019 18:27:19 +0000 (20:27 +0200)]
package/putty: enable static build
Add upstream patch fixing build when NO_GSSAPI is defined which is the
case on static builds.
Cc: Alexander Dahl <post@lespocky.de>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Wed, 27 Mar 2019 21:27:53 +0000 (22:27 +0100)]
package/rtptools: bump to version 1.0.22
- Remove patch (already in version) and drop autoreconf
- Replace COPYRIGHT by LICENSE (and add its hash)
- License is now BSD-3-Clause:
https://github.com/cu-irt/rtptools/commit/
ed971d5e2b875294f22c0762d60aa7e409823789
- Disable clang (enabled by default)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Wed, 27 Mar 2019 19:56:45 +0000 (20:56 +0100)]
package/sqlite: bump to version 3.27.2
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Wed, 27 Mar 2019 20:37:14 +0000 (21:37 +0100)]
package/rdesktop: security bump to version 1.8.4
- Switch site to github
- Remove second patch (already in version)
- Add hash for license file
- Fix memory corruption in process_bitmap_data - CVE-2018-8794
- Fix remote code execution in process_bitmap_data - CVE-2018-8795
- Fix remote code execution in process_plane - CVE-2018-8797
- Fix Denial of Service in mcs_recv_connect_response - CVE-2018-20175
- Fix Denial of Service in mcs_parse_domain_params - CVE-2018-20175
- Fix Denial of Service in sec_parse_crypt_info - CVE-2018-20176
- Fix Denial of Service in sec_recv - CVE-2018-20176
- Fix minor information leak in rdpdr_process - CVE-2018-8791
- Fix Denial of Service in cssp_read_tsrequest - CVE-2018-8792
- Fix remote code execution in cssp_read_tsrequest - CVE-2018-8793
- Fix Denial of Service in process_bitmap_data - CVE-2018-8796
- Fix minor information leak in rdpsnd_process_ping - CVE-2018-8798
- Fix Denial of Service in process_secondary_order - CVE-2018-8799
- Fix remote code execution in in ui_clip_handle_data - CVE-2018-8800
- Fix major information leak in ui_clip_handle_data - CVE-2018-20174
- Fix memory corruption in rdp_in_unistr - CVE-2018-20177
- Fix Denial of Service in process_demand_active - CVE-2018-20178
- Fix remote code execution in lspci_process - CVE-2018-20179
- Fix remote code execution in rdpsnddbg_process - CVE-2018-20180
- Fix remote code execution in seamless_process - CVE-2018-20181
- Fix remote code execution in seamless_process_line - CVE-2018-20182
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Wed, 27 Mar 2019 16:46:44 +0000 (17:46 +0100)]
package/pure-ftpd: add optional openldap dependency
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Peter Korsgaard [Wed, 27 Mar 2019 09:17:42 +0000 (10:17 +0100)]
package/libcurl: bump to version 7.64.1
Contains a number of fixes for issues discovered post-7.64.0. For details,
see the list of changes:
https://curl.haxx.se/changes.html#7_64_1
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Wed, 27 Mar 2019 16:52:36 +0000 (17:52 +0100)]
package/bird: BFD protocol needs threads
Fixes:
- http://autobuild.buildroot.org/results/
e1f879cb34f9cfbbd14b75f63d25897c5bee53cd
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Evgeniy Didin [Wed, 27 Mar 2019 10:55:55 +0000 (13:55 +0300)]
configs/snps_arc*_defconfig: update linux version
With this commit we update for ARC boards Linux kernel
version to 4.19.31 and Linux headers version to 4.19.
Signed-off-by: Evgeniy Didin <Evgeniy.Didin@synopsys.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: arc-buildroot@synopsys.com
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Tue, 26 Mar 2019 21:52:40 +0000 (22:52 +0100)]
package/qjson: drop Qt4 patch
Now that Qt4 has been removed, drop patch
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Wed, 27 Mar 2019 18:12:48 +0000 (19:12 +0100)]
package/keepalived: add optional libnftnl dependency
nftables support has been added since version 2.0.11 and
https://github.com/acassen/keepalived/commit/
aa12175ea638912a7789e832634d7ccf80fdf48d
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Wed, 27 Mar 2019 17:11:03 +0000 (18:11 +0100)]
package/glm: bump to version 0.9.9.4
- Disable tests as they are enabled by default since version 0.9.9.1:
https://github.com/g-truc/glm/commit/
d307d390193f4027faec48ac79d7f74b2bec6e56
- Static and shared libraries are always built since version 0.9.9.1:
https://github.com/g-truc/glm/commit/
a23dd2f800185a5e233534fed82fc5c2840fbe5c
So, disable them as GLM is header-only (it should be noted that
upstream wants to keep those libraries as the commit to disable them
has been reverted:
https://github.com/g-truc/glm/commit/
ca8372490eb8742d402878c9e930b891225982e6
- Add hash for license file (now in manual.md#section0)
Fixes:
- http://autobuild.buildroot.org/results/
3cf1fd3387bd4952470edcfcb93d44f58c9e7ff7
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Sat, 16 Feb 2019 18:20:48 +0000 (19:20 +0100)]
package/openvmtools: add resolutionkms option
resolutionkms has been added in version 10.2.5 and
https://github.com/vmware/open-vm-tools/commit/
dc95efcb7d4bb7d865b7d37f9aaafe6fb8009e59
It depends on udev and libdrm's vmwgfx option
Fixes:
- http://autobuild.buildroot.org/results/
92f7c88917066b1d3e15ee0d1baafe01c0cb29c8
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Sat, 16 Feb 2019 10:50:27 +0000 (11:50 +0100)]
package/wavemon: remove NPTL dependency
wavemon does not use pthread_mutexattr_setrobust since version 0.8.2 and
https://github.com/uoaerg/wavemon/commit/
d271685e03bc896829d8cc01ca0de28cd7b6ba72
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Asaf Kahlon [Tue, 26 Mar 2019 20:08:44 +0000 (22:08 +0200)]
package/python-uvloop: bump to version 0.12.2
Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Asaf Kahlon [Tue, 26 Mar 2019 20:08:43 +0000 (22:08 +0200)]
package/python-lxml: bump to version 4.3.3
Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Artem Senichev [Mon, 18 Feb 2019 12:15:08 +0000 (15:15 +0300)]
package/kexec: enable powerpc64 platform
kexec has fully support of ppc64 platform:
https://www.kernel.org/doc/Documentation/kdump/kdump.txt
Added BR2_powerpc64 platform support.
Signed-off-by: Artem Senichev <artemsen@gmail.com>
Reviewed-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bernd Kuhls [Tue, 26 Mar 2019 22:02:53 +0000 (23:02 +0100)]
package/clamav: security bump to version 0.101.2
Release notes:
https://blog.clamav.net/2019/03/clamav-01012-and-01003-patches-have.html
- Fixes for the following vulnerabilities affecting 0.101.1 and prior:
- CVE-2019-1787:
An out-of-bounds heap read condition may occur when scanning PDF
documents. The defect is a failure to correctly keep track of the number
of bytes remaining in a buffer when indexing file data.
- CVE-2019-1789:
An out-of-bounds heap read condition may occur when scanning PE files
(i.e. Windows EXE and DLL files) that have been packed using Aspack as a
result of inadequate bound-checking.
- CVE-2019-1788:
An out-of-bounds heap write condition may occur when scanning OLE2 files
such as Microsoft Office 97-2003 documents. The invalid write happens when
an invalid pointer is mistakenly used to initialize a 32bit integer to
zero. This is likely to crash the application.
- Fixes for the following vulnerabilities affecting 0.101.1 and 0.101.0 only:
- CVE-2019-1786:
An out-of-bounds heap read condition may occur when scanning malformed PDF
documents as a result of improper bounds-checking.
- CVE-2019-1785:
A path-traversal write condition may occur as a result of improper input
validation when scanning RAR archives. Issue reported by aCaB.
- CVE-2019-1798:
A use-after-free condition may occur as a result of improper error
handling when scanning nested RAR archives. Issue reported by David L.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Grzegorz Blach [Thu, 30 Aug 2018 10:18:48 +0000 (12:18 +0200)]
python-pyjwt: new package
PyJWT is a Python library which allows you to encode and decode
JSON Web Tokens (JWT). JWT is an open, industry-standard (RFC 7519)
for representing claims securely between two parties.
https://github.com/jpadilla/pyjwt
Signed-off-by: Grzegorz Blach <grzegorz@blach.pl>
[Arnout: bump to 1.7.1]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fabrice Fontaine [Mon, 4 Mar 2019 21:47:20 +0000 (22:47 +0100)]
package/swupdate: fix static build without lua
The lua_swupdate.so library was still built (without any object files)
and linked against swupdate even when HAVE_LUA was not set. This fails
in some static-only configurations.
Fixes:
- http://autobuild.buildroot.org/results/
c11c4d26983e0347d96f3dda62e6d72b031967bb
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>