Commit Graph

55987 Commits

Author SHA1 Message Date
Jianhui Zhao
c3009cb497 package/rtty: bump version to 7.3.2
Signed-off-by: Jianhui Zhao <zhaojh329@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-07 10:30:16 +01:00
Fabrice Fontaine
59e890df27 package/redis: add REDIS_CPE_ID_VENDOR
cpe:2.3🅰️redislabs:redis is a valid CPE identifier for this package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Aredislabs%3Aredis

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-07 10:30:03 +01:00
Peter Korsgaard
0886898da2 package/mosquitto: bump version to 2.0.7
Includes a number of bugfixes.  For details, see the announcement:
https://mosquitto.org/blog/2021/02/version-2-0-7-released/

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-07 10:29:45 +01:00
Fabrice Fontaine
023644d193 package/python-flask-cors: bump to version 3.0.10
https://github.com/corydolphin/flask-cors/releases/tag/3.0.10

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-07 10:29:14 +01:00
Fabrice Fontaine
cab1f73025 package/libkrb5: add CPE variables
cpe:2.3🅰️mit:kerberos_5 is a valid CPE identifier for this package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Amit%3Akerberos_5

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-07 10:28:37 +01:00
Thomas Petazzoni
194da6a782 package/binutils: bump 2.36.x series to 2.36.1
Release notes:

  We are very sorry to have to report that a problem was found with the
  GNU Binutils 2.36 release.  It turns out that it contained a small
  portion of code that was not covered by an FSF copyright assignment.
  So we have created a replacement release - 2.36.1 - with that code
  removed.

  In addition we found that a fix for a theoretical security
  vulnerability[1] was itself broken and could result in the archiver
  program "ar" misbehaving.  So we have chosen to revert the fix from
  the 2.36.1 release whilst the problem is properly resolved.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-07 10:27:32 +01:00
Fabrice Fontaine
3265a4ce84 package/oniguruma: set ONIGURUMA_CPE_ID_VALID
cpe:2.3🅰️oniguruma_project:oniguruma is a valid CPE identifier for this
package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Aoniguruma_project%3Aoniguruma

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-07 10:27:12 +01:00
Fabrice Fontaine
cfc54b3d70 package/freetype: add FREETYPE_CPE_ID_VENDOR
cpe:2.3🅰️freetype:freetype is a valid CPE identifier for this package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Afreetype%3Afreetype

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-07 10:26:36 +01:00
Bernd Kuhls
975b7c68cb package/libcoap: bump version
Reformatted hashes, updated license hash due to copyright year bump:
12fd8a25f7

Release notes:
https://sourceforge.net/p/libcoap/mailman/message/36801445/

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-07 10:26:15 +01:00
Bernd Kuhls
2cacda2591 package/{apparmor, libapparmor}: bump version to 3.0.1
Release notes:
https://gitlab.com/apparmor/apparmor/-/wikis/Release_Notes_3.0.1

Removed patches which were applied upstream, updated _SITE.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-07 10:24:49 +01:00
Bernd Kuhls
3b973385ac package/libcli: bump version to 1.10.4
Removed whitespace and updated project URL in Config.in.
Reformatted hashes.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-07 10:23:42 +01:00
Bernd Kuhls
dec9741a8f package/libcap: bump version to 2.48
Release notes:
https://sites.google.com/site/fullycapable/release-notes-for-libcap

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-07 10:23:33 +01:00
Bartosz Bilas
f786969f2a package/rauc: package/rauc: bump version to 1.5.1
Removed patch applied upstream.

Signed-off-by: Bartosz Bilas <b.bilas@grinn-global.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-07 10:21:34 +01:00
Bernd Kuhls
b2dad74686 {linux, linux-headers}: bump 5.{4, 10}.x 4.{4, 9, 14, 19} series
Stick to 4.4.255 / 4.4.255 even though .256 is ready, as the wraparound of
the minor version may cause problems:

https://lkml.org/lkml/2021/2/5/747
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.256

https://lkml.org/lkml/2021/2/5/862
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.256

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
[Peter: stick to 4.{4,9}.255]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-07 10:12:16 +01:00
Petr Vorel
b6573f1131 package/iputils: update path for tftpd
tftpd has been installed into /usr/sbin in 20210202
(in upstream commit 8d1420f tftpd: install into sbindir).

Thus remove hook which expected it in /usr/bin and tried to move it into
/usr/sbin.

Fixes:
 - http://autobuild.buildroot.net/results/3d142a705f07d496b1342e04094cd03ce7d92994
 - http://autobuild.buildroot.net/results/dae643b2d23d74b5f91225d00e85c350861a0e8a
 - http://autobuild.buildroot.net/results/dcfcb082bc188e7f990e280c3fd5d971f32cc048

Fixes: ea422f9950 ("package/iputils: bump version to 20210202")

Signed-off-by: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-06 23:00:34 +01:00
Leonid Yuriev
fc7067df24 package/libmdbx: bump version to 0.9.3
Release notes: https://github.com/erthink/libmdbx/releases/tag/v0.9.3

Signed-off-by: Leonid Yuriev <leo@yuriev.ru>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-06 18:50:52 +01:00
Fabrice Fontaine
811846df48 package/htop: add lm-sensors optional dependency
lm-sensors is an optional dependency (enabled by default) since version
3.0.3 and
1b225cd7a0

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-06 18:50:21 +01:00
Yair Ben-Avraham
42db2c7236 package/tpm2-pkcs11: new package
A PKCS#11 interface for TPM2 hardware

Signed-off-by: Yair Ben-Avraham <yairba@protonmail.com>
[Peter: add openssl dependency, drop tpm2-tools, unconditionally pass -std=gnu99]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-06 18:25:13 +01:00
Fabrice Fontaine
47132eed6d package/tmux: bump to version 3.1c
- Drop patch (already in version)
- Update hash of COPYING (examples directory removed:
  e722ba38e3)
- Update indentation in hash file (two spaces)

https://raw.githubusercontent.com/tmux/tmux/3.1c/CHANGES

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-02-06 14:52:32 +01:00
Fabrice Fontaine
76c53c8877 package/p11-kit: set P11_KIT_CPE_ID_VALID
cpe:2.3🅰️p11-kit_project:p11-kit is a valid CPE identifier for this
package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Ap11-kit_project%3Ap11-kit

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-02-06 14:51:29 +01:00
Fabrice Fontaine
1338f9c49b package/nodejs: add CPE variables
cpe:2.3🅰️nodejs:node.js is a valid CPE identifier for this package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Anodejs%3Anode.js

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-02-06 14:51:28 +01:00
Fabrice Fontaine
6710d6e3ca package/tmux: set TMUX_CPE_ID_VALID
cpe:2.3🅰️tmux_project:tmux is a valid CPE identifier for this package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Atmux_project%3Atmux

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-02-06 14:51:26 +01:00
Fabrice Fontaine
b2ef0347c5 package/asterisk: add CPE variables
cpe:2.3🅰️asterisk:open_source is a valid CPE identifier for this
package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Aasterisk%3Aopen_source

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-02-06 14:51:25 +01:00
Fabrice Fontaine
53e7998dee package/raptor: add CPE variables
cpe:2.3🅰️librdf:raptor_rdf_syntax_library is a valid CPE identifier for
this package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Alibrdf%3Araptor_rdf_syntax_library

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-02-06 14:51:24 +01:00
Fabrice Fontaine
bcfe7db6e6 package/atftp: set ATFTP_CPE_ID_VALID
cpe:2.3🅰️atftp_project:atftp is a valid CPE identifier for this
package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Aatftp_project%3Aatftp

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-02-06 14:45:33 +01:00
Fabrice Fontaine
41cf0ec8e8 package/atftp: bump to version 0.7.4
- Drop patches (already in version) and so autoreconf
- Update indentation in hash file (two spaces)

https://sourceforge.net/p/atftp/code/ci/v0.7.4/tree/Changelog

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-02-06 14:45:32 +01:00
Peter Korsgaard
5405b29570 package/python3: add upstream security fix for CVE-2021-3177
Fixes the following security issue:

- CVE-2021-3177: Python 3.x through 3.9.1 has a buffer overflow in
  PyCArg_repr in _ctypes/callproc.c, which may lead to remote code execution
  in certain Python applications that accept floating-point numbers as
  untrusted input, as demonstrated by a 1e300 argument to
  c_double.from_param.  This occurs because sprintf is used unsafely.

For details, see the advisory:
https://python-security.readthedocs.io/vuln/ctypes-buffer-overflow-pycarg_repr.html

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-06 10:51:45 +01:00
Stefan Sørensen
87bef17922 package/netsnmp: bump version to 5.9
- Rebased patches 1 and 4
- Dropped upstreamed patches 5 and 6

Signed-off-by: Stefan Sørensen <stefan.sorensen@spectralink.com>
[yann.morin.1998@free.fr:
  - update patches 1-2 with actual backports, as noticed by Stefan
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-02-05 23:22:04 +01:00
Fabrice Fontaine
55565f18e1 package/python-bottle: add CPE variables
cpe:2.3🅰️bottlepy:bottle is a valid CPE identifier for this package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Abottlepy%3Abottle

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-05 22:42:23 +01:00
Fabrice Fontaine
dbc9a8a02a package/python-flask-cors: add CPE variables
cpe:2.3🅰️flask-cors_project:flask-cors is a valid CPE identifier for
this package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Aflask-cors_project%3Aflask-cors

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-05 20:38:16 +01:00
Fabrice Fontaine
28df31e8dc package/makedumpfile: fix build on sparc64
Fix the following build failure on sparc64:

/home/giuliobenetti/autobuild/run/instance-0/output-1/host/opt/ext-toolchain/bin/../lib/gcc/sparc64-buildroot-linux-gnu/9.3.0/../../../../sparc64-buildroot-linux-gnu/bin/ld: /tmp/ccylTux8.o: in function `find_kaslr_offsets':
/home/giuliobenetti/autobuild/run/instance-0/output-1/build/makedumpfile-1.6.8/makedumpfile.c:4017: undefined reference to `get_kaslr_offset'

Even if this build failure is only raised with version 1.6.8,
get_kaslr_offset was also undeclared on sparc64 in version 1.6.7

Fixes:
 - http://autobuild.buildroot.org/results/1421f54f7599bba62c0a4bd5c65ce21c8cc7ee1a

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-05 19:38:20 +01:00
Asaf Kahlon
5e2422d12a package/libfuse3: bump version to 3.10.2
Remove patch (already on upstream).

Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-05 19:36:48 +01:00
Stefan Sørensen
74e1fd6c42 package/libpwquality: bump version to 1.4.4
Signed-off-by: Stefan Sørensen <stefan.sorensen@spectralink.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-02-05 14:03:28 +01:00
Peter Korsgaard
5b36e91fda package/atftp: add security fix for CVE-2020-6097
Fixed the following security issue:

- CVE-2020-6097: An exploitable denial of service vulnerability exists in
  the atftpd daemon functionality of atftp 0.7.git20120829-3.1+b1.  A
  specially crafted sequence of RRQ-Multicast requests trigger an assert()
  call resulting in denial-of-service.  An attacker can send a sequence of
  malicious packets to trigger this vulnerability.

For more details, see the report:
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1029

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-02-05 13:48:16 +01:00
Maxim Kochetkov
b5aab68465 package/timescaledb: bump version to 2.0.1
Release notes: https://github.com/timescale/timescaledb/releases/tag/2.0.1

Signed-off-by: Maxim Kochetkov <fido_max@inbox.ru>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-05 13:47:18 +01:00
Fabrice Fontaine
9dd02b4a76 package/python-django: add CPE variables
cpe:2.3🅰️djangoproject:django is a valid CPE identifier for this
package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Adjangoproject%3Adjango

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-05 13:47:18 +01:00
Fabrice Fontaine
6d6b7f0e6c package/vala: add VALA_CPE_ID_VENDOR
cpe:2.3🅰️gnome:vala is a valid CPE identifier for this package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Agnome%3Avala

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-05 13:47:18 +01:00
Fabrice Fontaine
66acd81108 package/cryptodev-linux: set CRYPTODEV_LINUX_CPE_ID_VENDOR
cpe:2.3🅰️cryptodev-linux:cryptodev-linux is a valid CPE identifier for
this package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Acryptodev-linux%3Acryptodev-linux

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-05 13:47:18 +01:00
Fabrice Fontaine
5642358022 package/libtirpc: set LIBTIRPC_CPE_ID_VALID
cpe:2.3🅰️libtirpc_project:libtirpc is a valid CPE identifier for this
package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Alibtirpc_project%3Alibtirpc

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-05 13:47:17 +01:00
Peter Korsgaard
74c854bd51 package/wpa_supplicant: add upstream 2020-2 security fix
Fixes the following security issue:

 - wpa_supplicant P2P group information processing vulnerability (no CVE yet)

   A vulnerability was discovered in how wpa_supplicant processing P2P
   (Wi-Fi Direct) group information from active group owners.  The actual
   parsing of that information validates field lengths appropriately, but
   processing of the parsed information misses a length check when storing a
   copy of the secondary device types.  This can result in writing attacker
   controlled data into the peer entry after the area assigned for the
   secondary device type.  The overflow can result in corrupting pointers
   for heap allocations.  This can result in an attacker within radio range
   of the device running P2P discovery being able to cause unexpected
   behavior, including termination of the wpa_supplicant process and
   potentially arbitrary code execution.

For more details, see the advisory:
https://w1.fi/security/2020-2/wpa_supplicant-p2p-group-info-processing-vulnerability.txt

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
[yann.morin.1998@free.fr: keep _PATCH near _VERSION and _SITE]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-02-05 13:42:07 +01:00
Romain Naour
6490a11018 package/xenomai: disable cobalt for armv8
When a armv8 target is used in 32bits mode, xenomai fail to detect the
ARM architecture and abord the build. (__ARM_ARCH_7A__ is not defined
for armv8 cpus).

There are no autobuilder failures for this issue since cobalt is never
selected, but the following defconfig:

BR2_arm=y
BR2_cortex_a53=y
BR2_ARM_FPU_NEON_VFPV4=y
BR2_TOOLCHAIN_EXTERNAL=y
BR2_PACKAGE_XENOMAI=y
BR2_PACKAGE_XENOMAI_COBALT=y

This was initialy reproduced using the raspberrypi3_defconfig with
Xenomai package with cobalt selected.

In order to use Xenomai on raspberrypi3 in 32 bits mode, one has to
select BR2_cortex_a7 instead of BR2_cortex_a53 (see a13a388dd4).

See:
https://gitlab.denx.de/Xenomai/xenomai/-/blob/v3.1/lib/cobalt/arch/arm/include/asm/xenomai/features.h#L52

Signed-off-by: Romain Naour <romain.naour@gmail.com>
[yann.morin.1998@free.fr:
  - switch to independent conditional 'default y'
  - slightly reword the commit log
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-02-05 09:42:16 +01:00
Romain Naour
cb380c2e11 package/xenomai: smp support needs at least armv6
There are no autobuilder failures for this issue, but the following
defconfig:

BR2_arm=y
BR2_TOOLCHAIN_EXTERNAL=y
BR2_PACKAGE_XENOMAI=y
BR2_PACKAGE_XENOMAI_COBALT=y

See:
https://gitlab.denx.de/Xenomai/xenomai/-/blob/v3.1/lib/cobalt/arch/arm/include/asm/xenomai/features.h#L56

Signed-off-by: Romain Naour <romain.naour@gmail.com>
[yann.morin.1998@free.fr: fix the condition]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-02-05 09:39:51 +01:00
Thomas Petazzoni
e1c0360606 support/config-fragments/autobuild: use Bootlin toolchain for RISC-V 64 musl
Instead of using an external toolchain built specifically for the
autobuilders to test RISC-V 64/musl, use a pre-built Bootlin
toolchain.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-02-05 09:27:37 +01:00
Thomas Petazzoni
63485a6c1e support/config-fragments/autobuild: use Bootlin toolchain for RISC-V 64 glibc
Instead of using an external toolchain built specifically for the
autobuilders to test RISC-V 64/glibc, use a pre-built Bootlin
toolchain.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-02-05 09:25:23 +01:00
Arnout Vandecappelle (Essensium/Mind)
c7eefe19cc package/sox: remove EOL whitespace
Fixes https://gitlab.com/buildroot.org/buildroot/-/jobs/1010083301

Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-02-05 09:01:14 +01:00
Fabrice Fontaine
76e8a35711 package/libksba: set LIBKSBA_CPE_ID_VALID
cpe:2.3🅰️libksba_project:libksba is a valid CPE identifier for this
package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Alibksba_project%3Alibksba

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-05 08:06:33 +01:00
Fabrice Fontaine
d89ea3313d package/ghostscript: add GHOSTSCRIPT_CPE_ID_VENDOR
cpe:2.3🅰️artifex:ghostscript is a valid CPE identifier for this
package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Aartifex%3Aghostscript

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-05 08:05:33 +01:00
Fabrice Fontaine
1b1cf2db07 package/autofs: bump to version 5.1.7
- Drop patch (already in version)
- Update hash of license files (correction in FSF address):
  https://git.kernel.org/pub/scm/linux/storage/autofs/autofs.git/commit/?id=b74dcdd3f6b05522388729141c29286829c302fc
- Update indentation in hash file (two spaces)

https://git.kernel.org/pub/scm/linux/storage/autofs/autofs.git/tree/CHANGELOG?h=release_5_1_7

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-05 08:05:19 +01:00
Bernd Kuhls
87f8356a2b package/libcurl: bump version to 7.75.0
Updated license hash due to copyright year bump:
275c28e650

Changelog: https://curl.se/changes.html

Release notes:
https://daniel.haxx.se/blog/2021/02/03/curl-7-75-0-is-smaller/
"No new security advisories this time!"

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-05 08:05:06 +01:00
Bernd Kuhls
e1f17e2422 package/tor: bump version to 0.4.4.7
Release notes: https://blog.torproject.org/node/1990

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-04 22:11:14 +01:00