Peter Korsgaard [Wed, 18 Sep 2019 14:38:39 +0000 (16:38 +0200)]
package/mosquitto: security bump to version 1.6.6
Fixes a security issue. From the annoncement:
A vulnerability exists in Mosquitto versions 1.5 to 1.6.5 inclusive.
If a client sends a SUBSCRIBE packet containing a topic that consists of
approximately 65400 or more '/' characters, i.e. the topic hierarchy
separator, then a stack overflow will occur.
The issue is fixed in Mosquitto 1.6.6 and 1.5.9. Patches for older versions
are available at https://mosquitto.org/files/cve/2019-hier
The fix addresses the problem by restricting the allowed number of topic
hierarchy levels to 200. An alternative fix is to increase the size of the
stack by a small amount.
https://mosquitto.org/blog/2019/09/version-1-6-6-released/
Also notice that 1.6.5 silently fixed a security issue:
CVE-2019-11778
A vulnerability exists in Mosquitto version 1.6 to 1.6.4 inclusive, known as CVE-2019-11778
If an MQTT v5 client connects to Mosquitto, sets a last will and testament,
sets a will delay interval, sets a session expiry interval, and the will
delay interval is set longer than the session expiry interval, then a use
after free error occurs, which has the potential to cause a crash in some
situations.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
James Hilliard [Tue, 3 Sep 2019 21:28:12 +0000 (15:28 -0600)]
package/systemd-bootchart: enable systemd-bootchart.service
This would normally be enabled by systemctl preset-all however since we
don't have a host systemctl we need to enable the service manually.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Mon, 16 Sep 2019 18:31:03 +0000 (20:31 +0200)]
package/rpcbind: bump to version 1.2.5
- Remove all patches except first one (already in version)
- Add hash for license file
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Sun, 15 Sep 2019 18:40:00 +0000 (20:40 +0200)]
package/chocolate-doom: bump to version 3.0.0
- Remove patch (already in version)
- Switch to sdl2
- Add hash for license file
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Ricardo Martincoski [Mon, 16 Sep 2019 02:09:08 +0000 (23:09 -0300)]
DEVELOPERS: trim runtime tests for Ricardo Martincoski
Keep listing the test infra so the developer is included in reviews, but
trim the list of tests to those the developer are most interested in.
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Francois Perrad [Mon, 16 Sep 2019 19:04:34 +0000 (21:04 +0200)]
utils/scancpan: improve license file detection
MANIFEST may contains line like this:
"LICENSE LICENSE file (added by Distar)"
so, retains only the first word.
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Peter Korsgaard [Mon, 16 Sep 2019 13:50:48 +0000 (15:50 +0200)]
package/luksmeta: do not build man pages
Fixes:
http://autobuild.buildroot.net/results/
a6247b95f1578fe1daec485589582310c75b5d84/
luksmeta-v9 generates man pages at build if a2x is available since:
commit
3fa51bb22350fee101fc52044949f6eb394114ae
Author: Daniel Kopeček <dkopecek@redhat.com>
Date: Fri Jul 13 01:52:45 2018 +0200
Generate manual page from source during build time
If a2x (asciidoc) is not available during configure time,
a warning will be generated and the manual page wont be
generated nor installed.
Man pages are not needed on target and the build step fails in certain
setups, so disable it.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Peter Korsgaard [Mon, 16 Sep 2019 12:41:45 +0000 (14:41 +0200)]
package/bwm-ng: bump version to 0.6.2
Add hash for license file, and drop 'v' from version for compatibility with
release-monitoring.org.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Pierre-Jean Texier [Mon, 16 Sep 2019 15:39:12 +0000 (17:39 +0200)]
package/python-periphery: bump to version 1.1.2
Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Peter Korsgaard [Mon, 16 Sep 2019 14:34:25 +0000 (16:34 +0200)]
package/python-validators: bump version to 0.12.6
Includes a number of post-0.12.2 fixes, including a python 3.7 compatibility
fix:
https://github.com/kvesteri/validators/blob/master/CHANGES.rst
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Adrian Perez de Castro [Sun, 15 Sep 2019 22:57:43 +0000 (01:57 +0300)]
support/dependencies/dependencies.sh: check for JSON:PP Perl module
The JSON::PP Perl module is used at build time by the webkitgtk and
wpewebkit packages.
Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Francois Perrad [Tue, 17 Sep 2019 18:16:24 +0000 (20:16 +0200)]
package/perl-role-tiny: bump to version 2.000008
The project now ships a proper LICENSE file, with the complete license
text, so we use it instead of the README file. The license remains the
same as Perl, i.e Artistic license or GPL-1.0+.
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Francois Perrad [Tue, 17 Sep 2019 18:16:23 +0000 (20:16 +0200)]
package/perl-net-dns: bump to version 0.56
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Francois Perrad [Tue, 17 Sep 2019 18:16:22 +0000 (20:16 +0200)]
package/perl-mailtools: bump to version 2.21
The license file hash has changed, due to changes in the installation
instructions.
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Francois Perrad [Tue, 17 Sep 2019 18:16:21 +0000 (20:16 +0200)]
package/perl-file-slurp: bump to version 9999.28
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Francois Perrad [Tue, 17 Sep 2019 18:16:20 +0000 (20:16 +0200)]
package/perl-devel-stacktrace: bump to version 2.04
The copyright year in the LICENSE file was changed, which explains why
the hash is modified:
-This software is Copyright (c) 2000 - 2017 by David Rolsky.
+This software is Copyright (c) 2000 - 2019 by David Rolsky.
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Francois Perrad [Tue, 17 Sep 2019 18:16:19 +0000 (20:16 +0200)]
package/perl-date-manip: bump to version 6.78
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Francois Perrad [Tue, 17 Sep 2019 18:16:18 +0000 (20:16 +0200)]
package/perl-class-method-modifiers: bump to version 2.13
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Mon, 16 Sep 2019 16:51:02 +0000 (18:51 +0200)]
package/fio: bump to version 3.15
- Remove patch (already in version)
- Change FIO_SITE to http://brick.kernel.dk/snaps to remove 'fio-'
prefix from FIO_VERSION to match what is given by
release-monitoring.org
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Mon, 16 Sep 2019 16:51:01 +0000 (18:51 +0200)]
package/fio: fix build with glibc 2.30
Fixes:
- http://autobuild.buildroot.org/results/
ec93c8e7f046b081aaa9e0a76708d61ba1ab921c
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Adam Duskett [Mon, 16 Sep 2019 16:51:25 +0000 (09:51 -0700)]
package/python-pip: bump to version 19.2.3
Also:
Select PYTHON_SSL or PYTHON3_SSL as pip connects to https://pypi.org
making SSL mandatory for runtime.
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Mon, 16 Sep 2019 16:53:31 +0000 (18:53 +0200)]
package/grpc: fix build with glibc 2.30
Fixes:
- http://autobuild.buildroot.org/results/
42eb63a89228d340cab05c7ab65fab9b02814689
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Mon, 16 Sep 2019 17:01:24 +0000 (19:01 +0200)]
package/haproxy: depends on BR2_TOOLCHAIN_HAS_SYNC_1
Fixes:
- http://autobuild.buildroot.org/results/
512904ace780508de5e3a56b0094bbe6287d751e
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Mon, 16 Sep 2019 17:16:57 +0000 (19:16 +0200)]
boot/afboot-stm32: bump to version 0.2
Remove patch (already in version)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Adam Duskett [Mon, 16 Sep 2019 19:16:05 +0000 (12:16 -0700)]
package/libglib2: make util-linux an optional dependency
libglib2 needs util-linux only for libmount, which is a configuration option.
Instead, check if util-linux-libmount is selected, and if so, set the option
to true.
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Adam Duskett [Mon, 16 Sep 2019 19:16:04 +0000 (12:16 -0700)]
package/libglib2: bump to version 2.62.0
Other changes:
- Refactor 0002-add-option-to-build-tests.patch to work with the new version.
- Add the new option oss_fuzz=disabled to HOST_LIBGLIB2_CONF_OPTS and
LIBGLIB2_CONF_OPTS.
- Change -Diconv=gnu to -Diconv=external as the option has changed.
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Giulio Benetti [Mon, 16 Sep 2019 20:04:45 +0000 (22:04 +0200)]
DEVELOPERS: adjust e-mail address for Giulio Benetti
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Pierre-Jean Texier [Mon, 16 Sep 2019 21:13:41 +0000 (23:13 +0200)]
DEVELOPERS: add Pierre-Jean Texier for mxml
Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Pierre-Jean Texier [Mon, 16 Sep 2019 21:13:40 +0000 (23:13 +0200)]
package/mxml: bump to version 3.1
See https://github.com/michaelrsweet/mxml/releases/tag/v3.1
Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Chris Packham [Tue, 17 Sep 2019 08:51:20 +0000 (20:51 +1200)]
package/syslog-ng: version bump to 3.23.1
Update to latest syslog-ng version.
Signed-off-by: Chris Packham <judge.packham@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Peter Korsgaard [Mon, 16 Sep 2019 21:14:38 +0000 (23:14 +0200)]
package/wireguard: bump version to 0.0.
20190913
For details of the changes, see the announcement:
https://lists.zx2c4.com/pipermail/wireguard/2019-September/004539.html
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Peter Korsgaard [Tue, 17 Sep 2019 13:23:18 +0000 (15:23 +0200)]
package/libopenssl: security bump to version 1.1.1d
Fixes the following security vulnerabilities:
- ECDSA remote timing attack (CVE-2019-1547)
Severity: Low
- Fork Protection (CVE-2019-1549)
Severity: Low
- Padding Oracle in PKCS7_dataDecode and CMS_decrypt_set1_pkey (CVE-2019-1563)
Severity: Low
For more details, see the advisory:
https://www.openssl.org/news/secadv/
20190910.txt
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Simon Rowe [Tue, 17 Sep 2019 09:31:41 +0000 (10:31 +0100)]
package/openvmtools: source default file
In the SYSV init script allow /etc/default/vmtoolsd to override $ARGS
(if it present)
Signed-off-by: Simon Rowe <simon.rowe@citrix.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bernd Kuhls [Sat, 31 Aug 2019 10:35:19 +0000 (12:35 +0200)]
package/libcroco: bump version to 0.6.13
Removed patches applied upstream:
https://github.com/GNOME/libcroco/commit/
898e3a8c8c0314d2e6b106809a8e3e93cf9d4394
https://github.com/GNOME/libcroco/commit/
9ad72875e9f08e4c519ef63d44cdbd94aa9504f7
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Peter Korsgaard [Mon, 16 Sep 2019 07:32:01 +0000 (09:32 +0200)]
package/mosquitto: bump version to 1.6.5
Bugfix release, fixing a number of issues:
- Fix v5 DISCONNECT packets with remaining length == 2 being treated as a
protocol error. Closes #1367.
- Fix support for libwebsockets 3.x (excluding 3.2.0)
- Fix slow websockets performance when sending large messages. Closes
#1390.
- Fix bridges potentially not connecting on Windows. Closes #478.
- Fix clients authorised using use_identity_as_username or
use_subject_as_username being disconnected on SIGHUP. Closes #1402.
- Improve error messages in some situations when clients disconnect.
Reduces the number of "Socket error on client X, disconnecting" messages.
- Fix Will for v5 clients not being sent if will delay interval was greater
than the session expiry interval. Closes #1401.
- Fix CRL file not being reloaded on HUP. Closes #35.
- Fix repeated "Error in poll" messages on Windows when only websockets
listeners are defined. Closes #1391.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Sébastien Szymanski [Mon, 16 Sep 2019 07:19:55 +0000 (09:19 +0200)]
python-flask-login: bump to version 0.4.1
Signed-off-by: Sébastien Szymanski <sebastien.szymanski@armadeus.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bernd Kuhls [Wed, 4 Sep 2019 21:21:17 +0000 (23:21 +0200)]
package/ytree: new package
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bernd Kuhls [Wed, 4 Sep 2019 18:50:22 +0000 (20:50 +0200)]
package/vnstat: bump version to 2.4
Added license hash.
vnstat as of version 2.0 requires sqlite:
https://github.com/vergoh/vnstat/commit/
bb24d7bd0f5e9051872f88a98f8b7906b4959aa7
Added --disable-extra-paths to _CONF_OPTS to prevent build error:
https://github.com/vergoh/vnstat/commit/
fffc15d877edf37ff42ab057e1f30c70e6e99314
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bernd Kuhls [Wed, 4 Sep 2019 18:03:20 +0000 (20:03 +0200)]
package/libite: bump version to 2.1.0
Added md5 hash provided by upstream.
Switched _SOURCE to .xz tarball provided by upstream.
This tarball contains a configure script so we do not need to
autoreconf anymore.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bernd Kuhls [Wed, 4 Sep 2019 19:33:15 +0000 (21:33 +0200)]
package/apr: fix non-portable atomics
apr-1.7.0 added support for 8 bytes atomics for 32 bit archs
https://github.com/apache/apr/commit/
2f61f960c81e4a45f3849baa7563812e7e526436
We need to adjust our _CONF_OPTS which fixes an apache build error.
Fixes:
http://autobuild.buildroot.net/results/f24/
f2461c1ed542e050afd761db5faeaaff1f51775b/
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Reviewed-by: Giulio Benetti <giulio.benetti@micronovasrl.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bernd Kuhls [Wed, 4 Sep 2019 21:02:38 +0000 (23:02 +0200)]
package/jsoncpp: bump version to 1.9.1
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bernd Kuhls [Wed, 4 Sep 2019 21:02:37 +0000 (23:02 +0200)]
package/jsoncpp: switch build system to meson
Bumping jsoncpp to 1.9.1 will cause a CMake-related build error:
https://github.com/open-source-parsers/jsoncpp/issues/970
To fix the bug upstream suggests to switch to meson:
"Our official policy has been only supporting the meson build, and
having users submit fixes for the CMake build."
https://github.com/open-source-parsers/jsoncpp/issues/970#issuecomment-
509794015
Remove all _CONF_OPTS as they are not supported by meson.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Luca Ceresoli [Thu, 5 Sep 2019 10:01:09 +0000 (12:01 +0200)]
package/libpjsip: bump to 2.9
Updates:
- remove patch now upstream
- remove --disable-oss, not supported anymore
- 2.9 supports gnutls, add optional dependency
- bonus: switch to https for downloading
Signed-off-by: Luca Ceresoli <luca@lucaceresoli.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Sam Lancia [Sun, 8 Sep 2019 08:03:16 +0000 (09:03 +0100)]
package/lrzip: new package
lrzip is a compression utility that excels at compressing
large files (usually > 10-50 MB)
Signed-off-by: Sam Lancia <sam@gpsm.co.uk>
[Thomas: license is GPL-2.0+, not GPL-2.0]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Peter Korsgaard [Sun, 15 Sep 2019 20:21:42 +0000 (22:21 +0200)]
package/expat: security bump to version 2.2.8
Fixes the following security vulnerability:
CVE-2019-15903: In libexpat before 2.2.8, crafted XML input could fool the
parser into changing from DTD parsing to document parsing too early; a
consecutive call to XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber)
then resulted in a heap-based buffer over-read.
While we're at it, also change to use .tar.xz rather than the bigger
.tar.bz2.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Wed, 4 Sep 2019 21:32:56 +0000 (23:32 +0200)]
package/ltp-testsuite: fix build with glibc 2.30
Fixes:
- http://autobuild.buildroot.org/results/
e8b72f5d93d3565d41364a52c0024a0292a06b41
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Thu, 5 Sep 2019 17:07:31 +0000 (19:07 +0200)]
package/luv: install libluv.pc.in
Archive 1.30.1-0 doesn't contain libluv.pc.in which will break the build
Fixes:
- http://autobuild.buildroot.org/results/
5ec6b5a3622c343f7e401b7da7d4a1da15be2733
This issue has been fixed upstream in
https://github.com/luvit/luv/commit/
946784fba047bcd275554b5040949e3d70994b30,
which should be in the next release.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Acked-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Thu, 5 Sep 2019 16:53:06 +0000 (18:53 +0200)]
package/libcamera: link with atomic when needed
Fixes:
- http://autobuild.buildroot.org/results/
1f0b8338f5f39aa86b9d432598dae2f53c5f7c84
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Vadim Kochan [Sun, 8 Sep 2019 07:29:59 +0000 (10:29 +0300)]
package/uclibc: fix termios redefinition issue for PowerPC
Fix redefinition of 'struct termios' by syncing termios powerpc headers
from glibc, the commit which fixed the same issue in glibc:
d4795e4a43e6f0c221bc5dc64c612206a21a177b PowerPC: Fix termios definitions
https://sourceware.org/git/?p=glibc.git;a=commit;h=
d4795e4a43e6f0c221bc5dc64c612206a21a177b
it fixed the following bug request:
https://bugzilla.redhat.com/show_bug.cgi?id=
1122714
In case of Buildroot it fixes flashrom build for PowerPC.
Fixes:
http://autobuild.buildroot.net/results/
797dde5cbf0e94162c7cc7b557841605c78ac2f3/
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Christopher McCrory [Sun, 8 Sep 2019 16:13:16 +0000 (09:13 -0700)]
package/x11r7/xlib_libXpm: add license file, add hashes
Add COPYRIGHT to LICENSE_FILES, and add hashes for both license files.
Signed-off-by: Christopher McCrory <chrismcc@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Christopher McCrory [Sun, 8 Sep 2019 16:13:09 +0000 (09:13 -0700)]
package/x11r7/xlib_libXt: add license file hash
Signed-off-by: Christopher McCrory <chrismcc@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Christopher McCrory [Sun, 8 Sep 2019 16:12:58 +0000 (09:12 -0700)]
package/x11r7/xlib_libXaw: add license file hash
Signed-off-by: Christopher McCrory <chrismcc@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Christopher McCrory [Sun, 8 Sep 2019 16:12:52 +0000 (09:12 -0700)]
package/zsh: bump to version 5.7.1
Signed-off-by: Christopher McCrory <chrismcc@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Christopher McCrory [Sun, 8 Sep 2019 16:12:43 +0000 (09:12 -0700)]
package/xxhash: bump to version 0.7.1
update hash for xxhsum.c, only code changes, not license.
Signed-off-by: Christopher McCrory <chrismcc@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Christopher McCrory [Sun, 8 Sep 2019 16:12:37 +0000 (09:12 -0700)]
package/xterm: bump to version 348
Replace version.c by COPYING in LICENSE_FILES, and add a hash for the
license file.
Signed-off-by: Christopher McCrory <chrismcc@gmail.com>
[Thomas: drop version.c in the license files, the newly introduced
COPYING file is much better]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Christopher McCrory [Sun, 8 Sep 2019 16:12:29 +0000 (09:12 -0700)]
package/xtables-addons: bump to version 3.4
Add hash for LICENSE.
This version works with linux kernel 5.0 and newer. It requires
CONFIG_NF_NAT enabled in the kernel configuration, otherwise it fails
to build:
ERROR: "nf_nat_setup_info" [/home/thomas/projets/buildroot/output/build/xtables-addons-3.4/extensions/xt_DNETMAP.ko] undefined!
Signed-off-by: Christopher McCrory <chrismcc@gmail.com>
[Thomas: enable CONFIG_NF_NAT in the kernel configuration.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Christopher McCrory [Sun, 8 Sep 2019 16:12:23 +0000 (09:12 -0700)]
package/xfsprogs: bump to version 5.2.1
Signed-off-by: Christopher McCrory <chrismcc@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Christopher McCrory [Sun, 8 Sep 2019 16:12:17 +0000 (09:12 -0700)]
package/wireshark: bump to version 3.0.3
Signed-off-by: Christopher McCrory <chrismcc@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Christopher McCrory [Sun, 8 Sep 2019 16:11:52 +0000 (09:11 -0700)]
package/slang: bump to version 2.3.2
Signed-off-by: Christopher McCrory <chrismcc@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Christopher McCrory [Sun, 8 Sep 2019 16:11:47 +0000 (09:11 -0700)]
package/rrdtool: bump to version 1.7.2
Update hash for license files (update in year and address, some
whitespace changes)
Signed-off-by: Christopher McCrory <chrismcc@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Sun, 8 Sep 2019 08:01:39 +0000 (10:01 +0200)]
package/aespipe: bump to version 2.4e
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Thomas Petazzoni [Thu, 12 Sep 2019 16:55:22 +0000 (18:55 +0200)]
support/scripts/pkg-stats: simplify Git commit id retrieval
As suggested by Baruch Siach, using "git rev-parse HEAD" is a lot
simpler than playing around with "git log" to just retrieve the commit
id corresponding to the current HEAD.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Wed, 11 Sep 2019 18:19:01 +0000 (20:19 +0200)]
package/luvi: fixup the 'v' prefix in the version
In order for the luvi version to match what is given by
release-monitoring.org, the 'v' prefix should be encoded in
LUVI_SOURCE and LUVI_SITE and not LUVI_VERSION.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Wed, 11 Sep 2019 18:14:40 +0000 (20:14 +0200)]
package/openpowerlink: fixup the 'V' prefix in the version
In order for the openpowerlink version to match what is given by
release-monitoring.org, the 'V' prefix should be encoded in
OPENPOWERLINK_SOURCE and OPENPOWERLINK_SITE and not
OPENPOWERLINK_VERSION.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Mohana Datta Yelugoti [Wed, 11 Sep 2019 13:47:18 +0000 (19:17 +0530)]
package/python-sip: add hashes for license files
Signed-off-by: Mohana Datta Yelugoti <ymdatta.work@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Peter Korsgaard [Sat, 14 Sep 2019 05:56:20 +0000 (07:56 +0200)]
configs/lafrite: new defconfig
Add basic support for the Libre Computer "La Frite" SBC.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Carlos Santos [Sun, 15 Sep 2019 12:32:30 +0000 (09:32 -0300)]
package/eudev: add missing user/groups "kvm" and "render"
They are required by the default udev rules.
Fixes: https://bugs.busybox.net/show_bug.cgi?id=12141
Signed-off-by: Carlos Santos <unixmania@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Pierre-Jean Texier [Sun, 15 Sep 2019 13:02:04 +0000 (15:02 +0200)]
DEVELOPERS: add Pierre-Jean Texier for fping
Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Pierre-Jean Texier [Sun, 15 Sep 2019 13:02:03 +0000 (15:02 +0200)]
package/fping: bump to version 4.2
See full Changelog: http://fping.org/dist/CHANGELOG.md
Also add hash for license file
Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Francois Perrad [Tue, 10 Sep 2019 03:30:09 +0000 (05:30 +0200)]
package/luarocks: refactor Buildroot addon with new argparse module
The wellknown module `argparse` is now used by LuaRocks 3.2.0, instead
of a homemade argument parsing.
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Francois Perrad [Tue, 10 Sep 2019 03:30:08 +0000 (05:30 +0200)]
package/luarocks: fix generated configuration when luajit
this trick removes the need of the patch
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Francois Perrad [Tue, 10 Sep 2019 03:30:07 +0000 (05:30 +0200)]
package/luarocks: bump to version 3.2.1
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Chris Packham [Mon, 9 Sep 2019 09:54:32 +0000 (21:54 +1200)]
package/eventlog: remove package
Since syslog-ng 3.11.1 eventlog has been bundled with the sources.
Remove the separate package.
We don't add Config.in.legacy handling because eventlog was only used
by syslog-ng, and was not really meant to be used by anyone else, so
there is no point in warning users who had this package enabled in
their configuration that it no longer exists, as it was only used by
syslog-ng, and syslog-ng now bundles eventlog.
Signed-off-by: Chris Packham <judge.packham@gmail.com>
[Thomas: extend explanation about why we don't have any
Config.in.legacy handling]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Julien Grossholtz [Mon, 9 Sep 2019 08:35:31 +0000 (10:35 +0200)]
package/paho-mqtt-c: bump to version 1.3.1
paho-mqtt-c 1.3.1 is the latest stable release. The latest release
contains various bug fixes and adds TLS-PSK encryption support.
Release notes: https://github.com/eclipse/paho.mqtt.c/milestone/6?closed=1
Signed-off-by: Julien Grossholtz <julien.grossholtz@openest.io>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Yegor Yefremov [Mon, 9 Sep 2019 08:54:36 +0000 (10:54 +0200)]
DEVELOPERS: add Yegor Yefremov to dhcpcd and nftables package
Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Refik TUZAKLI [Mon, 9 Sep 2019 08:47:12 +0000 (08:47 +0000)]
package/paho-mqtt-cpp: bump to version 1.0.1
Signed-off-by: Refik Tuzakli <refik.tuzakli@savronik.com.tr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Alexander Dahl [Wed, 11 Sep 2019 08:40:39 +0000 (10:40 +0200)]
package/qemu: add optional dependency on nettle
Qemu can optionally depend on nettle if available, so we should take
into account this optional dependency.
Cc: Florian Wolters <florian@florian-wolters.de>
Signed-off-by: Alexander Dahl <post@lespocky.de>
[Thomas: reword commit log, so that it makes sense in the context of
upstream Buildroot]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Carlos Santos [Wed, 28 Aug 2019 02:16:25 +0000 (23:16 -0300)]
package/thttpd: fix systemd startup
Create the configuration file as /etc/thttpd.conf, as expected by the
systemd unit file.
This matches other web server packages that install configuration files
at /etc/lighttpd/, /etc/apache2, etc.
Signed-off-by: Carlos Santos <unixmania@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Matt Weber [Fri, 13 Sep 2019 18:57:42 +0000 (13:57 -0500)]
package/bc: bump to 1.07.1
* Added license hash files
* Updated site to new GNU location
* Reconfig required to use newer automake
* Dropped patch for 01_array_initialize.patch as it was fixed
* Refactored patches for makeinfo variable and write io errs
* Added new dc fix exit code patch from Debian sid
* Added new libmath offline gen cross-compile patch from Yocto
Upstream patch status: Pending
Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Petr Vorel [Fri, 13 Sep 2019 21:13:53 +0000 (23:13 +0200)]
package/links: add hash for COPYING file
Suggested-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Peter Korsgaard [Sat, 14 Sep 2019 12:05:29 +0000 (14:05 +0200)]
configs/raspberrypi0: use dedicated rpi0 dts file
Since the bump to the
20190819 snapshot there is now a dedicated dts file
for the rpi0, so use that rather than the rpi-b-plus one:
https://github.com/raspberrypi/linux/commit/
bd1336d8b6544ce5c7ddb197c3d8c539082dac66
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Peter Korsgaard [Sat, 14 Sep 2019 12:05:28 +0000 (14:05 +0200)]
configs/raspberrypi0w: fix dts file name after kernel bump
Fixes #12816
Commit
42d22f3bdba41da ({configs/raspberrypi,package/rpi-firmware}: bump
kernel/firmware to
20190819 version) updated the kernel version but failed
to take into consideration that the rpi0w dts file has been renamed:
https://github.com/raspberrypi/linux/commit/
6f91b5dbfdb62a434571a73f2dc15181963e3bea
Fix it by renaming the dts/dtb file referenced from the kernel build and
genimage.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Carlos Santos [Sat, 14 Sep 2019 16:41:43 +0000 (13:41 -0300)]
package/util-linux: create $(TARGET_DIR)/etc/pam.d if necessary
Useful for test purposes when we want to install util-linux with a
custom TARGET_DIR, e.g.
$ make util-linux-reinstall TARGET_DIR=/tmp/util-linux
Signed-off-by: Carlos Santos <unixmania@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Sat, 14 Sep 2019 14:52:42 +0000 (16:52 +0200)]
package/kompexsqlite: use github macro
Use github macro and drop SOURCE variable to keep the default SOURCE
value which gives a much more sensible tarball name
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Carlos Santos [Sun, 15 Sep 2019 00:06:57 +0000 (21:06 -0300)]
package/thttpd: fix init script
The init script provided by thttpd is for FreeBSD. Add a custom one,
made specifically for Buildroot.
Signed-off-by: Carlos Santos <unixmania@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Sun, 15 Sep 2019 11:43:58 +0000 (13:43 +0200)]
package/flatcc: bump to version 0.6.0
Remove patch (already in version)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Sun, 15 Sep 2019 11:32:46 +0000 (13:32 +0200)]
package/findutils: bump to version 4.7
- Remove patches (already in version)
- Add hash for license file
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Wed, 11 Sep 2019 17:46:30 +0000 (19:46 +0200)]
package/sslh: fixup the 'v' prefix in the version
In order for the sslh version to match what is given by
release-monitoring.org, the 'v' prefix should be encoded in
SSLH_SOURCE and not SSLH_VERSION.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Sat, 14 Sep 2019 09:32:27 +0000 (11:32 +0200)]
package/chrony: drop musl patch
This patch is not needed as musl defines SCM_TIMESTAMPING_PKTINFO since
version 1.1.19 and
https://git.musl-libc.org/cgit/musl/commit/?id=
c35a8bf456ca6ef74e3cc7c4d8f63572bc1e1167
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Sat, 14 Sep 2019 09:32:26 +0000 (11:32 +0200)]
package/chrony: bump to version 3.5
Remove second patch (already in version)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Sat, 14 Sep 2019 07:24:17 +0000 (09:24 +0200)]
package/cbootimage: bump to version 1.8
- Remove patch (already in version)
- Remove glic or uclibc toolchain dependency, not needed since
https://github.com/NVIDIA/cbootimage/commit/
3b3c3cccf0640326229935be5ff702ac948fd51b
- Add hash for license file
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Peter Korsgaard [Wed, 11 Sep 2019 13:19:14 +0000 (15:19 +0200)]
package/wireguard: bump version to 0.0.
20190905
For details of the changes, see the announcement:
https://lists.zx2c4.com/pipermail/wireguard/2019-September/004483.html
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Giulio Benetti [Wed, 11 Sep 2019 13:17:11 +0000 (15:17 +0200)]
package/libnss: fix build failure on aarch64_be
Fixes:
http://autobuild.buildroot.net/results/
bfd29593bb6c53d3e9e2d02d2ed6bea360d99c00/
In libnss there is a bug leading to build failure due to double declared
functions. This is due to 2 different #ifdef statements treating the
same function-set.
Add patch to fix this by making the 2 #ifdef statements equal.
Signed-off-by: Giulio Benetti <giulio.benetti@micronovasrl.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Peter Korsgaard [Wed, 11 Sep 2019 11:40:35 +0000 (13:40 +0200)]
{linux, linux-headers}: bump 4.{4, 9, 14, 19}.x / 5.2.x series
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Peter Korsgaard [Wed, 11 Sep 2019 11:27:35 +0000 (13:27 +0200)]
package/libcurl: security bump to version 7.66.0
Fixes the following security vulnerabilities:
CVE-2019-5481: FTP-KRB double-free
https://curl.haxx.se/docs/CVE-2019-5481.html
CVE-2019-5482: TFTP small blocksize heap buffer overflow
https://curl.haxx.se/docs/CVE-2019-5482.html
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Wed, 11 Sep 2019 17:22:56 +0000 (19:22 +0200)]
package/kompexsqlite: fixup the 'v' prefix in the version
In order for the kompexsqlite version to match what is given by
release-monitoring.org, the 'v' prefix should be encoded in
KOMPEXSQLITE_SOURCE and not KOMPEXSQLITE_VERSION.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Wed, 11 Sep 2019 17:06:33 +0000 (19:06 +0200)]
package/zziplib: fixup the 'v' prefix in the version
In order for the zziplib version to match what is given by
release-monitoring.org, the 'v' prefix should be encoded in
ZZIPLIB_SITE and not ZZIPLIB_VERSION.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Wed, 11 Sep 2019 17:01:50 +0000 (19:01 +0200)]
package/perl-class-std-fast: fixup the 'v' prefix in the version
In order for the perl-class-std-fast version to match what is given by
release-monitoring.org, the 'v' prefix should be encoded in
PERL_CLASS_STD_FAST_SOURCE and not PERL_CLASS_STD_FAST_VERSION.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Peter Korsgaard [Thu, 12 Sep 2019 19:43:54 +0000 (21:43 +0200)]
package/nodejs: security bump to version v10.16.3
Fixes the following security vulnerabilities:
- CVE-2019-9511 "Data Dribble": The attacker requests a large amount of data
from a specified resource over multiple streams. They manipulate window
size and stream priority to force the server to queue the data in 1-byte
chunks. Depending on how efficiently this data is queued, this can
consume excess CPU, memory, or both, potentially leading to a denial of
service.
- CVE-2019-9512 "Ping Flood": The attacker sends continual pings to an
HTTP/2 peer, causing the peer to build an internal queue of responses.
Depending on how efficiently this data is queued, this can consume excess
CPU, memory, or both, potentially leading to a denial of service.
- CVE-2019-9513 "Resource Loop": The attacker creates multiple request
streams and continually shuffles the priority of the streams in a way that
causes substantial churn to the priority tree. This can consume excess
CPU, potentially leading to a denial of service.
- CVE-2019-9514 "Reset Flood": The attacker opens a number of streams and
sends an invalid request over each stream that should solicit a stream of
RST_STREAM frames from the peer. Depending on how the peer queues the
RST_STREAM frames, this can consume excess memory, CPU, or both,
potentially leading to a denial of service.
- CVE-2019-9515 "Settings Flood": The attacker sends a stream of SETTINGS
frames to the peer. Since the RFC requires that the peer reply with one
acknowledgement per SETTINGS frame, an empty SETTINGS frame is almost
equivalent in behavior to a ping. Depending on how efficiently this data
is queued, this can consume excess CPU, memory, or both, potentially
leading to a denial of service.
- CVE-2019-9516 "0-Length Headers Leak": The attacker sends a stream of
headers with a 0-length header name and 0-length header value, optionally
Huffman encoded into 1-byte or greater headers. Some implementations
allocate memory for these headers and keep the allocation alive until the
session dies. This can consume excess memory, potentially leading to a
denial of service.
- CVE-2019-9517 "Internal Data Buffering": The attacker opens the HTTP/2
window so the peer can send without constraint; however, they leave the
TCP window closed so the peer cannot actually write (many of) the bytes on
the wire. The attacker then sends a stream of requests for a large
response object. Depending on how the servers queue the responses, this
can consume excess memory, CPU, or both, potentially leading to a denial
of service.
- CVE-2019-9518 "Empty Frames Flood": The attacker sends a stream of frames
with an empty payload and without the end-of-stream flag. These frames
can be DATA, HEADERS, CONTINUATION and/or PUSH_PROMISE. The peer spends
time processing each frame disproportionate to attack bandwidth. This can
consume excess CPU, potentially leading to a denial of service.
(Discovered by Piotr Sikora of Google)
Notice that this version bump requires nghttp2 1.39.2. It also includes an
(unconditional) embedded copy of brotli.
Update the license hash because of copyright year changes and the addition
of the MIT-style license text for large_pages and brotli.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Peter Korsgaard [Thu, 12 Sep 2019 19:43:53 +0000 (21:43 +0200)]
package/nghttp2: security bump to version 1.39.2
Fixes the following security issues:
CVE-2019-9511: Data Dribble
CVE-2019-9513: Resource Loop
For details, see the advisory:
https://nghttp2.org/blog/2019/08/19/nghttp2-v1-39-2/
Notice that libnghttp2 itself is not affected by these vulnerabilities, only
nghttpx and nghttpd (which are currently not built).
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>