buildroot.git
5 years agopackage/usb_modeswitch: avoid overriding variables
Ricardo Martincoski [Sun, 27 Jan 2019 18:59:40 +0000 (16:59 -0200)]
package/usb_modeswitch: avoid overriding variables

Overriding variables in packages recipes is an error-prone practice.

Current behavior of installing either only as a script or only as a
binary is intended, as describe in the commit log of "d3e4db4e34
usb_modeswitch: bump to version 1.2.6" from 2013.

Rewrite the code to keep the same behavior while replacing variable
override [1] by conditional assignments [2].

[1]
VAR = ...
if ...
VAR = ...

[2]
if ...
VAR = ...
else
VAR = ...

Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/usb_modeswitch: drop unicode space in comment
Ricardo Martincoski [Sun, 27 Jan 2019 18:59:39 +0000 (16:59 -0200)]
package/usb_modeswitch: drop unicode space in comment

Commit "a554109af8 package/usb_modeswitch: disable parallel build" added
a unicode space in a comment. Replace it with a normal ASCII space for
consistency with elsewhere.

Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agoRevert "avrdude: add license information"
Ricardo Martincoski [Sun, 27 Jan 2019 18:59:38 +0000 (16:59 -0200)]
Revert "avrdude: add license information"

This reverts commit d1f545004bf0533064363d87c2d7c71e7acf7435 from 2014
because the added variables already existed. The real problem at the
time was that one of the pre-existent variables had a typo, fixed in a
later commit.

Currently AVRDUDE_LICENSE and AVRDUDE_LICENSE_FILES are declared twice
with the same values for each one. So remove one of them.

Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Cc: Wojciech M. Zabolotny <wzab01@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/sdl_sound: actually use the optional CONF_OPTS
Ricardo Martincoski [Sun, 27 Jan 2019 18:59:37 +0000 (16:59 -0200)]
package/sdl_sound: actually use the optional CONF_OPTS

Since "57ace26b6c package/sdl_sound: add optional support for
libmodplug" from 2016, optional CONF_OPTS are added but they do not
really take effect because there is an unconditional override below the
conditional append.

Currently this does not cause build failures, but it can lead to wrong
detection of dependencies because many explicit --enable/--disable are
not passed to configure.

Fix this by moving the unconditional code to the top.

Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/s6-networking: fix dependency when libressl is enabled
Ricardo Martincoski [Sun, 27 Jan 2019 18:59:36 +0000 (16:59 -0200)]
package/s6-networking: fix dependency when libressl is enabled

Commit "c5b85231fb s6-networking: enable SSL if libressl is selected"
actually dropped the dependency on s6-dns and s6 when libressl is
enabled.
Fix this by using += inside the conditional code.

Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Cc: Eric Le Bihan <eric.le.bihan.dev@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/lighttpd: bump to version 1.4.53
Peter Korsgaard [Sun, 27 Jan 2019 17:54:19 +0000 (18:54 +0100)]
package/lighttpd: bump to version 1.4.53

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/vboot-utils: Add support for openssl 1.1.x
Vadim Kochan [Fri, 25 Jan 2019 16:04:13 +0000 (17:04 +0100)]
package/vboot-utils: Add support for openssl 1.1.x

Backported changes from commit bce7904376beee2912932433a4634c1c25afe2f5,
there was some conflicts in few places which includes openssl_compat.h and
1 place in vb2_rsa_sig_alg function.

Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Patrick Havelange <patrick.havelange@essensium.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/upmpdcli: fix static build issue
Jörg Krause [Thu, 24 Jan 2019 10:07:17 +0000 (11:07 +0100)]
package/upmpdcli: fix static build issue

The spotify plugin requires shared library support and needs <dlfcn.h>.
Explicitly disable the spotify plugin when building upmpdcli in a static
context.

Fixes:
http://autobuild.buildroot.net/results/cb942d3c5f68959d6cbc85535ccff4a275369f91/

Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/libarchive: add four security patches
Thomas De Schampheleire [Fri, 25 Jan 2019 18:50:52 +0000 (19:50 +0100)]
package/libarchive: add four security patches

Add backported patches for the following four security issues in libarchive.
There is no new release yet including these patches.

- CVE-2018-1000877 (https://nvd.nist.gov/vuln/detail/CVE-2018-1000877)

"libarchive version commit 416694915449219d505531b1096384f3237dd6cc onwards
(release v3.1.0 onwards) contains a CWE-415: Double Free vulnerability in
RAR decoder - libarchive/archive_read_support_format_rar.c, parse_codes(),
realloc(rar->lzss.window, new_size) with new_size = 0 that can result in
Crash/DoS. This attack appear to be exploitable via the victim must open a
specially crafted RAR archive."

- CVE-2018-1000878 (https://nvd.nist.gov/vuln/detail/CVE-2018-1000878)

"libarchive version commit 416694915449219d505531b1096384f3237dd6cc onwards
(release v3.1.0 onwards) contains a CWE-416: Use After Free vulnerability in
RAR decoder - libarchive/archive_read_support_format_rar.c that can result
in Crash/DoS - it is unknown if RCE is possible. This attack appear to be
exploitable via the victim must open a specially crafted RAR archive."

- CVE-2018-1000879 (https://nvd.nist.gov/vuln/detail/CVE-2018-1000879)

"libarchive version commit 379867ecb330b3a952fb7bfa7bffb7bbd5547205 onwards
(release v3.3.0 onwards) contains a CWE-476: NULL Pointer Dereference
vulnerability in ACL parser - libarchive/archive_acl.c,
archive_acl_from_text_l() that can result in Crash/DoS. This attack appear
to be exploitable via the victim must open a specially crafted archive
file."

- CVE-2018-1000880 (https://nvd.nist.gov/vuln/detail/CVE-2018-1000880)

"libarchive version commit 9693801580c0cf7c70e862d305270a16b52826a7 onwards
(release v3.2.0 onwards) contains a CWE-20: Improper Input Validation
vulnerability in WARC parser -
libarchive/archive_read_support_format_warc.c, _warc_read() that can result
in DoS - quasi-infinite run time and disk usage from tiny file. This attack
appear to be exploitable via the victim must open a specially crafted WARC
file."

Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopython-pyasn1-modules: bump to version 0.2.4
Asaf Kahlon [Sat, 26 Jan 2019 19:46:06 +0000 (21:46 +0200)]
python-pyasn1-modules: bump to version 0.2.4

Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/rpi-userland: bump version to e5803f2c98
Peter Seiderer [Sun, 27 Jan 2019 17:08:08 +0000 (18:08 +0100)]
package/rpi-userland: bump version to e5803f2c98

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agoconfigs/raspberrypi*: bump kernel version to 83b36f98e1
Peter Seiderer [Sun, 27 Jan 2019 17:08:07 +0000 (18:08 +0100)]
configs/raspberrypi*: bump kernel version to 83b36f98e1

Now based on 4.14.95 (from 4.14.91).

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/freeswitch: bump version to 1.8.5
Bernd Kuhls [Sun, 27 Jan 2019 16:04:56 +0000 (17:04 +0100)]
package/freeswitch: bump version to 1.8.5

Removed patch 0002, not needed anymore after upstream commit
https://freeswitch.org/stash/projects/FS/repos/freeswitch/commits/13f6890f411598bd2c567762d457d1a8163a7a8a

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/libpng: bump version to 1.6.36
Bernd Kuhls [Sun, 27 Jan 2019 16:04:21 +0000 (17:04 +0100)]
package/libpng: bump version to 1.6.36

License[1] was bumped to v2, for details see
http://lists.opensource.org/pipermail/license-review_lists.opensource.org/2018-November/003791.html

[1] http://www.libpng.org/pub/png/src/libpng-LICENSE.txt

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
[Peter: use Libpng-2.0 as license tag]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/pngquant: bump version to 2.12.2
Bernd Kuhls [Sun, 27 Jan 2019 15:29:46 +0000 (16:29 +0100)]
package/pngquant: bump version to 2.12.2

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/znc: bump version to 1.7.2
Bernd Kuhls [Sun, 27 Jan 2019 15:12:48 +0000 (16:12 +0100)]
package/znc: bump version to 1.7.2

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agoprosody: bump to version 0.11.2
Francois Perrad [Sun, 27 Jan 2019 13:24:24 +0000 (14:24 +0100)]
prosody: bump to version 0.11.2

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agoperl-uri: bump to version 1.76
Francois Perrad [Sat, 26 Jan 2019 08:04:41 +0000 (09:04 +0100)]
perl-uri: bump to version 1.76

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agoperl-type-tiny: bump to version 1.004004
Francois Perrad [Sat, 26 Jan 2019 08:04:40 +0000 (09:04 +0100)]
perl-type-tiny: bump to version 1.004004

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agoperl-package-stash: bump to version 0.38
Francois Perrad [Sat, 26 Jan 2019 08:04:39 +0000 (09:04 +0100)]
perl-package-stash: bump to version 0.38

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agoperl-net-dns: bump to version 1.19
Francois Perrad [Sat, 26 Jan 2019 08:04:38 +0000 (09:04 +0100)]
perl-net-dns: bump to version 1.19

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agoperl-mojolicious: bump to version 8.11
Francois Perrad [Sat, 26 Jan 2019 08:04:37 +0000 (09:04 +0100)]
perl-mojolicious: bump to version 8.11

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agoperl-gd: bump to version 2.70
Francois Perrad [Sat, 26 Jan 2019 08:04:36 +0000 (09:04 +0100)]
perl-gd: bump to version 2.70

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agoperl-file-slurp: bump to version 9999.25
Francois Perrad [Sat, 26 Jan 2019 08:04:35 +0000 (09:04 +0100)]
perl-file-slurp: bump to version 9999.25

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agoperl-date-manip: bump to version 6.75
Francois Perrad [Sat, 26 Jan 2019 08:04:34 +0000 (09:04 +0100)]
perl-date-manip: bump to version 6.75

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years ago{linux, linux-headers}: bump 4.{4, 9, 14, 19, 20}.x series
Bernd Kuhls [Sat, 26 Jan 2019 10:18:12 +0000 (11:18 +0100)]
{linux, linux-headers}: bump 4.{4, 9, 14, 19, 20}.x series

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/clamav: add optional dependency to pcre2
Bernd Kuhls [Sat, 26 Jan 2019 10:10:37 +0000 (11:10 +0100)]
package/clamav: add optional dependency to pcre2

Upstream recommends pcre2 over pcre:
https://github.com/Cisco-Talos/clamav-devel/commit/1f71c2b21ccaef412280471444f4d01ec9b8099d

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/clamav: bump version to 0.101.1
Bernd Kuhls [Sat, 26 Jan 2019 10:10:36 +0000 (11:10 +0100)]
package/clamav: bump version to 0.101.1

Removed patch applied upstream.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/samba4: security bump to version 4.9.4
Bernd Kuhls [Sat, 26 Jan 2019 09:48:52 +0000 (10:48 +0100)]
package/samba4: security bump to version 4.9.4

Fixes the following security issues:

- CVE-2018-14629 dns: Fix CNAME loop prevention using counter regression
- CVE-2018-16853: Fix S4U2Self crash with MIT KDC build
- CVE-2018-16853: Do not segfault if client is not set

For more info, see the release notes:
https://www.samba.org/samba/history/samba-4.9.4.html

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
[Peter: mention security impact, add CVE info]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/x11r7/xdriver_xf86-video-neomagic: bump version to 1.3.0
Bernd Kuhls [Sat, 26 Jan 2019 09:35:46 +0000 (10:35 +0100)]
package/x11r7/xdriver_xf86-video-neomagic: bump version to 1.3.0

Added all hashes provided by upstream and license hash.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/x11r7/xdriver_xf86-video-mga: bump version to 2.0.0
Bernd Kuhls [Sat, 26 Jan 2019 08:56:38 +0000 (09:56 +0100)]
package/x11r7/xdriver_xf86-video-mga: bump version to 2.0.0

Added all hashes provided by upstream and license hash.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/x11r7/xdriver_xf86-video-i128: bump version to 1.4.0
Bernd Kuhls [Sat, 26 Jan 2019 08:53:32 +0000 (09:53 +0100)]
package/x11r7/xdriver_xf86-video-i128: bump version to 1.4.0

Removed patch applied upstream, added all hashes provided by upstream
and license hash.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/x11r7/xapp_xcursorgen: bump version to 1.0.7
Bernd Kuhls [Sat, 26 Jan 2019 08:45:35 +0000 (09:45 +0100)]
package/x11r7/xapp_xcursorgen: bump version to 1.0.7

Added all hashes provided by upstream and license hash.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/vlc: bump version to 3.0.6
Bernd Kuhls [Sat, 26 Jan 2019 08:41:27 +0000 (09:41 +0100)]
package/vlc: bump version to 3.0.6

Rebased patch 0006, removed patch 0008 which is included in upstream
release version, renumbered remaining patches.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/libva: bump version to 2.4.0
Bernd Kuhls [Sat, 26 Jan 2019 08:36:00 +0000 (09:36 +0100)]
package/libva: bump version to 2.4.0

Removed patch applied upstream:
https://github.com/intel/libva/commit/62bad1239d8ea1bb269ca69d3469aa267f57cdec

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopython-psycopg2: bump to version 2.7.7
Asaf Kahlon [Sat, 26 Jan 2019 06:33:16 +0000 (08:33 +0200)]
python-psycopg2: bump to version 2.7.7

Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopython-psutil: bump to version 5.5.0
Asaf Kahlon [Sat, 26 Jan 2019 06:33:15 +0000 (08:33 +0200)]
python-psutil: bump to version 5.5.0

Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopython-pip: bump to version 19.0.1
Asaf Kahlon [Sat, 26 Jan 2019 06:33:14 +0000 (08:33 +0200)]
python-pip: bump to version 19.0.1

License change - a year bump.

Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopython-msgpack: bump to version 0.6.1
Asaf Kahlon [Sat, 26 Jan 2019 06:33:13 +0000 (08:33 +0200)]
python-msgpack: bump to version 0.6.1

Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopython-engineio: bump to version 3.3.0
Asaf Kahlon [Sat, 26 Jan 2019 06:33:12 +0000 (08:33 +0200)]
python-engineio: bump to version 3.3.0

Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agolibwebsock: Fix openssl reporting in header
Clayton Shotwell [Fri, 25 Jan 2019 20:35:04 +0000 (14:35 -0600)]
libwebsock: Fix openssl reporting in header

The websock_config.h file currently ends up being installed into the
sysroot with a #include "config.h" line but the config.h file does not
get copied into the sysroot. Refactoring the original patch to have the
configure script properly report whether or not SSL support is enabled
without using the config.h file.

Patch has been submitted upstream but may never be merged since upstream
appears to be dead.
https://github.com/payden/libwebsock/pull/38

Signed-off-by: Clayton Shotwell <clayton.shotwell@rockwellcollins.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
5 years agopackage/x11r7/xdriver_xf86-video-intel: bump version
Bernd Kuhls [Thu, 24 Jan 2019 16:52:43 +0000 (17:52 +0100)]
package/x11r7/xdriver_xf86-video-intel: bump version

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/{mesa3d, mesa3d-headers}: bump version to 18.3.2
Bernd Kuhls [Thu, 24 Jan 2019 16:52:08 +0000 (17:52 +0100)]
package/{mesa3d, mesa3d-headers}: bump version to 18.3.2

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/libdrm: bump version to 2.4.97
Bernd Kuhls [Thu, 24 Jan 2019 16:33:04 +0000 (17:33 +0100)]
package/libdrm: bump version to 2.4.97

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/libqmi: bump to version 1.22.0
Nicolas Serafini [Thu, 24 Jan 2019 10:50:33 +0000 (10:50 +0000)]
package/libqmi: bump to version 1.22.0

Signed-off-by: Nicolas Serafini <nicolas.serafini@sensefly.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/libmbim: bum to version 1.18.0
Nicolas Serafini [Thu, 24 Jan 2019 10:51:54 +0000 (10:51 +0000)]
package/libmbim: bum to version 1.18.0

Signed-off-by: Nicolas Serafini <nicolas.serafini@sensefly.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/mobile-broadband-provider-info: bump to version 20190116
Nicolas Serafini [Thu, 24 Jan 2019 10:52:46 +0000 (10:52 +0000)]
package/mobile-broadband-provider-info: bump to version 20190116

Signed-off-by: Nicolas Serafini <nicolas.serafini@sensefly.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/ofono: bump to version 1.28
Nicolas Serafini [Thu, 24 Jan 2019 10:53:47 +0000 (10:53 +0000)]
package/ofono: bump to version 1.28

Add patch to fix musl TEMP_FAILURE_RETRY error

Signed-off-by: Nicolas Serafini <nicolas.serafini@sensefly.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/tor: bump version to 0.3.5.7
Bernd Kuhls [Thu, 24 Jan 2019 17:55:25 +0000 (18:55 +0100)]
package/tor: bump version to 0.3.5.7

Patch rebased and re-formatted with git.

Release notes:
https://blog.torproject.org/new-releases-tor-0357-03410-and-03311

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agorpi-firmware: bump version to 81cca1a93
Christian Stewart [Thu, 24 Jan 2019 08:22:05 +0000 (00:22 -0800)]
rpi-firmware: bump version to 81cca1a93

Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agogo: security bump to 1.11.5
Christian Stewart [Thu, 24 Jan 2019 08:16:33 +0000 (00:16 -0800)]
go: security bump to 1.11.5

Go 1.11.5 addresses a reported security issue, CVE-2019-6486.

Signed-off-by: Christian Stewart <christian@paral.in>
Acked-by: Anisse Astier <anisse@astier.eu>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agotslib: update to 1.19
Martin Kepplinger [Thu, 24 Jan 2019 08:05:55 +0000 (09:05 +0100)]
tslib: update to 1.19

For the curious, there's the short changelog summary:
https://github.com/kergoth/tslib/releases

Signed-off-by: Martin Kepplinger <martink@posteo.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agolibkcapi: fix build with gcc 8.2.x
Fabrice Fontaine [Wed, 23 Jan 2019 19:38:00 +0000 (20:38 +0100)]
libkcapi: fix build with gcc 8.2.x

Fixes:
 - http://autobuild.buildroot.org/results/8355bc42238e885f7f11ed3d9d37fc55ebdead2b

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/iperf: fixed hash to match v2.0.13 archive
Matt Weber [Wed, 23 Jan 2019 20:18:46 +0000 (14:18 -0600)]
package/iperf: fixed hash to match v2.0.13 archive

The iperf project changed the archive after the release without changing
the filename of the archive.

Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agomusl: fix hash of license file
Fabrice Fontaine [Wed, 23 Jan 2019 19:50:25 +0000 (20:50 +0100)]
musl: fix hash of license file

COPYRIGHT file has been updated between version 1.1.20 and 1.1.21:
https://git.musl-libc.org/cgit/musl/commit/COPYRIGHT?id=c50985d5c8e316c5c464f352e79eeebfed1121a9

Fixes:
 - http://autobuild.buildroot.org/results/8cfa70b906221442c9e6dfd46b64011c987d24bf

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/inadyn: bump version to 2.5
Ryan Coe [Wed, 23 Jan 2019 15:09:11 +0000 (07:09 -0800)]
package/inadyn: bump version to 2.5

Signed-off-by: Ryan Coe <bluemrp9@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/libite: bump version to 2.0.2
Ryan Coe [Wed, 23 Jan 2019 15:09:10 +0000 (07:09 -0800)]
package/libite: bump version to 2.0.2

Signed-off-by: Ryan Coe <bluemrp9@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/subversion: security bump to version 1.9.10
Peter Korsgaard [Wed, 23 Jan 2019 10:40:30 +0000 (11:40 +0100)]
package/subversion: security bump to version 1.9.10

Additional fixes for CVE-2017-9800: Malicious server can execute arbitrary
command on client and a number of crash fixes.

https://svn.apache.org/repos/asf/subversion/tags/1.9.10/CHANGES

Drop upstream SHA1 hash as that is no longer listed.  Also add a hash for
the license file.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years ago{linux, linux-headers}: bump 4.{9, 14, 19, 20}.x series
Peter Korsgaard [Wed, 23 Jan 2019 09:59:27 +0000 (10:59 +0100)]
{linux, linux-headers}: bump 4.{9, 14, 19, 20}.x series

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agodmalloc: fix build with strndup
Fabrice Fontaine [Mon, 21 Jan 2019 19:21:13 +0000 (20:21 +0100)]
dmalloc: fix build with strndup

Fixes:
 - http://autobuild.buildroot.org/results/5cfa01a41951ee3be2e8c1cb10edac3722d72c77

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agodmalloc: fix build with strdup
Fabrice Fontaine [Mon, 21 Jan 2019 19:21:12 +0000 (20:21 +0100)]
dmalloc: fix build with strdup

Fixes:
 - http://autobuild.buildroot.org/results/3f2518f7a9e87034cd501ac3d121ea3a33827e7d

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agosqlcipher: add license
Fabrice Fontaine [Mon, 21 Jan 2019 18:31:17 +0000 (19:31 +0100)]
sqlcipher: add license

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agolibssh: fix some -Werror=strict-overflow build failures
Baruch Siach [Tue, 22 Jan 2019 11:58:05 +0000 (13:58 +0200)]
libssh: fix some -Werror=strict-overflow build failures

Add fixes for some of the build failures caused by strict-overflow
warnings. Patches #1, #2, and #4 are upstream. Patch #3 is pending
upstream.

Fixes:
http://autobuild.buildroot.net/results/923/9239f230629ca4e381af5e8f43989997d9bfde99/
http://autobuild.buildroot.net/results/618/6187b92bcdfd9281683c37906ae74f2e0c5e6d0e/
http://autobuild.buildroot.net/results/9eb/9eb5ed92a923f0c038e3d913289eddc1cda1b62f/

Cc: Scott Fan <fancp2007@gmail.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/upmpdcli: add upstream patch to fix musl build issue
Jörg Krause [Tue, 22 Jan 2019 19:18:27 +0000 (20:18 +0100)]
package/upmpdcli: add upstream patch to fix musl build issue

upmpdcli 1.4.0 uses both the `uint64_t` and `u_int64_t` type. `uintN_t` is
standard C99 type available in `<stdint.h>`, whereas `u_intN_t` is defined in
`<sys/types.h>`.

Because of the missing include of `<sys/types.h>` building upmpdcli breaks now
when building with the musl C library, which is very strict:

```
src/mediaserver/cdplugins/netfetch.h:71:5: error: ‘u_int64_t’ does not name a type
     u_int64_t datacount() {
```

Add a patch from upstream which fixes the issue by replacing `u_int64_t`
with `uint64_t`.

Fixes:
http://autobuild.buildroot.net/results/f3082d2fdda8d73dbd9d3b65a08d844934066ef7

Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/apache: security bump to version 2.4.38
Peter Korsgaard [Tue, 22 Jan 2019 18:15:42 +0000 (19:15 +0100)]
package/apache: security bump to version 2.4.38

Fixes the following security vulnerabilities:

  *) SECURITY: CVE-2018-17199 (cve.mitre.org)
     mod_session: mod_session_cookie does not respect expiry time allowing
     sessions to be reused.  [Hank Ibell]

  *) SECURITY: CVE-2018-17189 (cve.mitre.org)
     mod_http2: fixes a DoS attack vector. By sending slow request bodies
     to resources not consuming them, httpd cleanup code occupies a server
     thread unnecessarily. This was changed to an immediate stream reset
     which discards all stream state and incoming data.  [Stefan Eissing]

  *) SECURITY: CVE-2019-0190 (cve.mitre.org)
     mod_ssl: Fix infinite loop triggered by a client-initiated
     renegotiation in TLSv1.2 (or earlier) with OpenSSL 1.1.1 and
     later.  PR 63052.  [Joe Orton]

For more details, see the CHANGES file:
https://www.apache.org/dist/httpd/CHANGES_2.4.38

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/xerces: use new website (was redirecting)
Matt Weber [Tue, 22 Jan 2019 13:58:46 +0000 (07:58 -0600)]
package/xerces: use new website (was redirecting)

Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/rp-pppoe: update website url
Matt Weber [Tue, 22 Jan 2019 13:55:00 +0000 (07:55 -0600)]
package/rp-pppoe: update website url

The website for rp-pppoe moved from Roaring Penguin's main site to
a personal project page.

Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/openresolv: update webpage URL
Matt Weber [Tue, 22 Jan 2019 13:48:43 +0000 (07:48 -0600)]
package/openresolv: update webpage URL

Update URL to point at the project page vs just the GIT repository
containing the source code.

Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/lsof: bump to version 4.91
Baruch Siach [Tue, 22 Jan 2019 19:12:20 +0000 (21:12 +0200)]
package/lsof: bump to version 4.91

Add upstream provided md5 hash.

Add license file hash.

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/iperf: bump to 2.0.13
Matt Weber [Tue, 22 Jan 2019 18:34:30 +0000 (12:34 -0600)]
package/iperf: bump to 2.0.13

Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/ipset: bump to version 7.1
Baruch Siach [Tue, 22 Jan 2019 17:47:33 +0000 (19:47 +0200)]
package/ipset: bump to version 7.1

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agoconfigs/qemu_riscv64_virt_defconfig: bump Linux version
Gwenhael Goavec-Merou [Mon, 21 Jan 2019 20:04:50 +0000 (21:04 +0100)]
configs/qemu_riscv64_virt_defconfig: bump Linux version

Since riscv64 works with linux default defconfig, this patch drop custom config.

Signed-off-by: Gwenhael Goavec-Merou <gwenhael.goavec-merou@trabucayre.com>
Tested-by: Mark Corbin <mark.corbin@embecosm.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/wavemon: add upstream patch to fix musl/uclibc build issue
Jörg Krause [Tue, 22 Jan 2019 08:01:05 +0000 (09:01 +0100)]
package/wavemon: add upstream patch to fix musl/uclibc build issue

In version 0.9.0 wavemon uses the GLIBC-specific extension `on_exit()`
which is not available in musl and uClibc.

According to the Linux kernel man page [1]: "Portable application should
avoid this function, and use the standard atexit(3) instead."

Add patch from upstream which is fixing this issue by dropping
`on_exit()` and using the standard `atexit()` instead. Note, that the commit
message of the upstream patch was changed to add some useful information.

[1] http://man7.org/linux/man-pages/man3/on_exit.3.html

Backported from: f6e20c9c6e9b50963caaf5483248d329473a6815

Fixes:
http://autobuild.buildroot.net/results/ae54441c65fe9a1bdcf743aa7f6a208e5545ca29
http://autobuild.buildroot.net/results/40fd66e6a351a1acd537ade715ab3e993eddb1c1

Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agomusl: bump to version 1.1.21
Jörg Krause [Tue, 22 Jan 2019 08:54:36 +0000 (09:54 +0100)]
musl: bump to version 1.1.21

>From the upstream release announcement:

"""
This release makes improvements with respect to default thread stack size,
including increasing the default from 80k to 128k, increasing the default
guard size from 4k to 8k, and allowing the default to be increased via ELF
headers so that programs that need larger stacks can be build without
source-level changes, using just LDFLAGS. Insufficient stack size for AIO
threads on kernels that don't honor the constant MINSIGSTKSZ is also fixed.

The glob core has been rewritten to fix inability to see past
searchable-but-unreadable path components, and to avoid excessive stack usage
and unnecessary syscalls. The tsearch AVL tree implementation has also been
rewritten for better size and performance. The math library adds more native
single-instruction implementations for arm, s390x, powerpc, and x86_64.

Various bugs are fixed, including several possible deadlocks, one of which was
a new regression in 1.1.20.
"""

Drop upstream patch 0002 which is included in the release.

Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopython-uvloop: bump to version 0.11.3
Asaf Kahlon [Mon, 21 Jan 2019 20:19:29 +0000 (22:19 +0200)]
python-uvloop: bump to version 0.11.3

Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopython-pyopenssl: bump to version 19.0.0
Asaf Kahlon [Mon, 21 Jan 2019 20:19:28 +0000 (22:19 +0200)]
python-pyopenssl: bump to version 19.0.0

Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agoconfigs/imx6-sabresd: Bump kernel version
Fabio Estevam [Mon, 21 Jan 2019 20:19:47 +0000 (18:19 -0200)]
configs/imx6-sabresd: Bump kernel version

Bump the kernel version to 4.19.16.

Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agolibcpprestsdk: bump to version 2.10.9
Fabrice Fontaine [Sat, 19 Jan 2019 16:24:11 +0000 (17:24 +0100)]
libcpprestsdk: bump to version 2.10.9

- Remove second patch (already in version)
- Fix build with gcc 4.7:
  https://github.com/Microsoft/cpprestsdk/commit/e6498b2f99cf20163d8224716d8127f9089b01ef

Fixes:
 - http://autobuild.buildroot.org/results/a080dbe2977cd35e4f8351d864bd71aaa8f9b743

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agoshadowsocks-libev: fix static build with netfilter_conntrack
Fabrice Fontaine [Fri, 18 Jan 2019 20:20:34 +0000 (21:20 +0100)]
shadowsocks-libev: fix static build with netfilter_conntrack

Fixes:
 - http://autobuild.buildroot.org/results/22a28e8fd8182e1c908541dbc5b0ee087c3803e6

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/sunxi-mali-mainline-driver: bump version
Giulio Benetti [Thu, 10 Jan 2019 22:42:35 +0000 (23:42 +0100)]
package/sunxi-mali-mainline-driver: bump version

For 4.20 support.

git shortlog --invert-grep --grep travis --no-merges 143ff2b17de63ce931c4f758771969e75c09a4c7..
Roman Stratiienko (1):
      mali: support building against 4.20

Signed-off-by: Giulio Benetti <giulio.benetti@micronovasrl.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/openresolv: update to fix install location
Jared Bents [Thu, 17 Jan 2019 15:05:42 +0000 (09:05 -0600)]
package/openresolv: update to fix install location

Update to install in /sbin as expected by other applications
such as strongswan instead of /usr/sbin

Signed-off-by: Jared Bents <jared.bents@rockwellcollins.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agoexempi: fix libiconv dependency
Fabrice Fontaine [Wed, 16 Jan 2019 21:46:18 +0000 (22:46 +0100)]
exempi: fix libiconv dependency

Fixes:
 - http://autobuild.buildroot.org/results/a77a891683ae9a135dc31be1b419061922d0e1ba

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agotekui: disable parallel build
Fabrice Fontaine [Sun, 20 Jan 2019 18:09:22 +0000 (19:09 +0100)]
tekui: disable parallel build

It seems tekui has parallel build issues since November 2017:
 - Fatal error: can't create build/posix/directfb_lua.lo: No such file or directory
 - /home/peko/autobuild/instance-3/output/host/bin/microblazeel-buildroot-linux-uclibc-ar: ../../lib/posix/libtekdebug.a: No such file or directory
 - Fatal error: can't create build/posix/visual_mod.lo: No such file or directory

So disable parallel build

Fixes:
 - http://autobuild.buildroot.org/results/0732568fcbaa6829154fa91c352b52f074384df0
 - http://autobuild.buildroot.org/results/580593e79bc4ecdea1dc71d16607e5c88f87403c

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agolibftdi1: fix python build with cmake < 3.7
Fabrice Fontaine [Sun, 20 Jan 2019 09:15:25 +0000 (10:15 +0100)]
libftdi1: fix python build with cmake < 3.7

Fixes:
 - http://autobuild.buildroot.org/results/1091872e2b77d789e361d1ddefd235c738933c55

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agortc-tools: rtc-sync needs threads support
Baruch Siach [Sun, 20 Jan 2019 18:43:45 +0000 (20:43 +0200)]
rtc-tools: rtc-sync needs threads support

Fixes:
http://autobuild.buildroot.net/results/573/57350271eff9284a8b07ceef02a9960f3568a0a3/
http://autobuild.buildroot.net/results/b6c/b6cf05deab77c7a84c721c95d9d618b1ddc2957e/
http://autobuild.buildroot.net/results/187/1877cfbbe37ef15c16cec5d6ad6e3d4d60bc3cbc/

Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agoocrad: bump to version 0.27
Gilles Talis [Sun, 20 Jan 2019 12:02:21 +0000 (13:02 +0100)]
ocrad: bump to version 0.27

Signed-off-by: Gilles Talis <gilles.talis@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agolibupnpp: remove AUTORECONF
Fabrice Fontaine [Sun, 20 Jan 2019 09:47:51 +0000 (10:47 +0100)]
libupnpp: remove AUTORECONF

Commit 9b551dacf74445d58aaefef349e2817e009c9d5d removed patch on
configure.ac so remove uneeded LIBUPNPP_AUTORECONF

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agolibupnpp: fix libupnp dependency
Fabrice Fontaine [Sun, 20 Jan 2019 09:47:50 +0000 (10:47 +0100)]
libupnpp: fix libupnp dependency

Commit 9b551dacf74445d58aaefef349e2817e009c9d5d added support for
libupnp18 but without updating LIBUPNPP_DEPENDENCIES

Fixes:
 - http://autobuild.buildroot.org/results/aa734318b9ad318d25e772585c8794429cc0f489

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agoodhcp6c: fix build with gcc 8
Fabrice Fontaine [Wed, 16 Jan 2019 19:29:10 +0000 (20:29 +0100)]
odhcp6c: fix build with gcc 8

Retrieve and backport upstream patch to fix build with gcc 8

Fixes:
 - http://autobuild.buildroot.org/results/1c6f0d1f2fcd3474af81b3851d875f834a3a0a4f

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/upmpdcli: bump to version 1.4.0
Jörg Krause [Wed, 16 Jan 2019 21:02:29 +0000 (22:02 +0100)]
package/upmpdcli: bump to version 1.4.0

upmpdcli switched license from GPL-2.0+ to LGPL-2.1+, therefore update
the hash file for the license file "COPYING".

Note, that upmpdcli depends on libupnpp 0.17.0.

Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/libupnpp: bump to version 0.17.0
Jörg Krause [Wed, 16 Jan 2019 21:02:28 +0000 (22:02 +0100)]
package/libupnpp: bump to version 0.17.0

libupnpp 0.17.0 adds compatibility for libupnp 1.8. Therefore, we prefer
selecting libupnp 1.8 and falling back to libupnp 1.6.

Drop patch 0001, which has been merged upstream.

Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopython-txtorcon: bump to version 19.0.0
Asaf Kahlon [Sat, 19 Jan 2019 08:44:54 +0000 (10:44 +0200)]
python-txtorcon: bump to version 19.0.0

Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopython-logbook: bump to version 1.4.3
Asaf Kahlon [Sat, 19 Jan 2019 08:44:53 +0000 (10:44 +0200)]
python-logbook: bump to version 1.4.3

Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopython-bcrypt: bump to version 3.1.6
Asaf Kahlon [Sat, 19 Jan 2019 08:44:52 +0000 (10:44 +0200)]
python-bcrypt: bump to version 3.1.6

Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agolibuv: bump to version 1.25.0
Asaf Kahlon [Sat, 19 Jan 2019 08:44:51 +0000 (10:44 +0200)]
libuv: bump to version 1.25.0

Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agounixodbc: needs dynamic library
Fabrice Fontaine [Fri, 18 Jan 2019 22:05:41 +0000 (23:05 +0100)]
unixodbc: needs dynamic library

Fixes:
 - http://autobuild.buildroot.org/results/1036ee061ce7f7747d5514c61866da60bcfae769

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[Peter: propagate to PHP_EXT_PDO_UNIXODBC as well]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agophp: security bump to 7.3.1
Adam Duskett [Sat, 19 Jan 2019 21:29:34 +0000 (16:29 -0500)]
php: security bump to 7.3.1

Fixes the following security issue:

- CVE-2018-19935: Allows remote attackers to cause a denial of service
  (NULL pointer dereference and application crash) via an empty string in the
  message argument to the imap_mail function.
https://www.cvedetails.com/cve/CVE-2018-19935/

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agophp: switch to pcre2
Fabrice Fontaine [Wed, 16 Jan 2019 21:00:16 +0000 (22:00 +0100)]
php: switch to pcre2

php moved from pcre to pcre2 since bump to version 7.3 and
http://github.com/php/php-src/commit/a5bc5aed71f7a15f14f33bb31b8e17bf5f327e2d

This fixes a build failure: without this change, if BR2_PACKAGE_PCRE is
set, external pcre support in php is (wrongly) enabled with
--with-pcre-regex but because pcre2 was not found, php fallbacks on
built-in pcre2 without the "SLJIT_SINGLE_THREADED hack"

Fixes:
 - http://autobuild.buildroot.org/results/40ef339019203d2cc49d388e222cf17c3ca37944

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agoRevert "package/php: fix building pcre extension"
Fabrice Fontaine [Wed, 16 Jan 2019 21:00:15 +0000 (22:00 +0100)]
Revert "package/php: fix building pcre extension"

This reverts commit 745f884e41b5f350296e8448f5fc31d20f67a077.

This was the wrong fix: issue is that php moves from pcre to pcre2 since
version 7.3.0 and
http://github.com/php/php-src/commit/a5bc5aed71f7a15f14f33bb31b8e17bf5f327e2d

This patch will always disable external pcre2 support and raise a build
failure when toolchaine does not have pthread

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopython-cython: bump to version 0.29.3
Asaf Kahlon [Sat, 19 Jan 2019 10:01:48 +0000 (12:01 +0200)]
python-cython: bump to version 0.29.3

Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>