Commit Graph

47196 Commits

Author SHA1 Message Date
Bernd Kuhls
1edd9fa36b package/libglfw: bump version to 3.3
License file was renamed and whitespace was removed:
https://github.com/glfw/glfw/commits/master/LICENSE.md

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-09-07 23:15:55 +02:00
Bernd Kuhls
19626437f1 package/libdvdread: bump version to 6.0.1
Release notes:
https://code.videolan.org/videolan/libdvdread/blob/master/NEWS

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-09-07 23:06:26 +02:00
Bernd Kuhls
f0c1c6c9e2 package/libebur128: bump version to 1.2.4
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-09-07 23:04:40 +02:00
Gergely Imreh
42d22f3bdb {configs/raspberrypi,package/rpi-firmware}: bump kernel/firmware to 20190819 version
It's the latest original version. The defconfig and
package/rpi-firmware changes are done in a single patch, as they are
going together.

Signed-off-by: Gergely Imreh <imrehg@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-09-07 22:55:59 +02:00
Zoltan Gyarmati
9e1f53acf0 DEVELOPERS: add myself for libusb and libusb-compat
Signed-off-by: Zoltan Gyarmati <zgyarmati@zgyarmati.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-09-07 22:44:43 +02:00
Bernd Kuhls
d503003c36 package/libgpg-error: fix build with gawk 5.0
Fixes:

  http://autobuild.buildroot.net/results/e815bed0e7b3d9cbf50ebf605666a50e7032e5a1/

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
2019-09-07 22:18:37 +02:00
Giulio Benetti
7e509333ac package/libnss: security bump to version 3.46
Fixes the following security issues:

(3.44.1)
CVE-2019-11729: More thorough input checking
CVE-2019-11719: Don't unnecessarily strip leading 0's from key material
during PKCS11 import
CVE-2019-11727: Prohibit use of RSASSA-PKCS1-v1_5 algorithms in TLS 1.3

Note:
This version requires nspr 4.22 or newer provided by the previous patch.

Signed-off-by: Giulio Benetti <giulio.benetti@micronovasrl.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-09-07 22:10:01 +02:00
Giulio Benetti
385b5686a0 package/libnspr: bump to version 4.22
Rework all 3 patches to make that applicable to 4.22 version.

Signed-off-by: Giulio Benetti <giulio.benetti@micronovasrl.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-09-07 22:09:45 +02:00
James Hilliard
155e5f3b5f package/python-aioconsole: bump to version 0.1.15
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-09-07 22:06:46 +02:00
Pierre-Jean Texier
7af499631c package/lighttpd: bump to version 1.4.54
See http://www.lighttpd.net/2019/5/27/1.4.54/

Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-09-07 22:04:37 +02:00
Thomas Petazzoni
53197ba346 package/bitcoin: fixup the 'v' prefix in the version
In order for the bitcoin version to match what is given by
release-monitoring.org, the 'v' prefix should be encoded in
BITCOIN_SITE and not BITCOIN_VERSION.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-09-07 21:59:27 +02:00
Thomas Petazzoni
55814b8ef9 DEVELOPERS: remove Kevin Joly, e-mail is bouncing
Kevin Joly (kevin.joly@sensefly.com)<mailto:kevin.joly@sensefly.com>
Your message couldn't be delivered to the recipient because you don't have permission to send to it.

Looking at his LinkedIn profile, he left SenseFly in January 2019,
which quite certainly explains why his @sensefly.com e-mail address is
no longer working.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-09-07 21:59:02 +02:00
Lubomir Rintel
4032267507 system/skeleton: drop PAGER from /etc/profile
We couldn't track down the reason why the profile sets $PAGER other
than that it has always been there.

However, it defeats pager autodetection by various tool (systemctl,
nmcli, etc.) that would otherwise prefer less to more, in case both
were available.

Let's drop it. My desktop Linux distro (Fedora) doesn't seem to set it
either and the universe doesn't seem to have collapsed yet.

Signed-off-by: Lubomir Rintel <lkundrak@v3.sk>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-09-07 21:58:04 +02:00
Romain Naour
0525ca4711 configs/aarch64_efi: fix typo AARCH64 -> ARM64
There is no option BR2_TARGET_GRUB2_AARCH64_EFI but
BR2_TARGET_GRUB2_ARM64_EFI in grub2 package.

BR2_TARGET_GRUB2_ARM64_EFI was introduced by the commit [1].

[1] 273a27804a

Signed-off-by: Romain Naour <romain.naour@smile.fr>
Cc: Erico Nunes <nunes.erico@gmail.com>
Reviewed-by: Erico Nunes <nunes.erico@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-09-07 21:57:08 +02:00
Fabrice Fontaine
1ff62db925 package/agentpp: bump to version 4.1.2
Add hash for license file

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-09-07 21:54:42 +02:00
Fabrice Fontaine
4dcbaa6d40 package/snmppp: bump to version 3.3.11a
Update hash of license file (source file has been updated)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-09-07 21:54:37 +02:00
Alexander Mukhin
b519bcafe7 package/pppd: use uclibc libcrypt instead of openssl
glibc since 2.28 dropped DES encryption routines setkey() and encrypt(),
but uclibc still provides them. So, if building with uclibc, we can
avoid using huge openssl library.

Signed-off-by: Alexander Mukhin <alexander.i.mukhin@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-09-07 21:46:39 +02:00
Lubomir Rintel
7643ab05de package/network-manager: drop obsolete dependencies
Remove dependencies on libraries NetworkManager no longer uses.

Signed-off-by: Lubomir Rintel <lkundrak@v3.sk>
Acked-by: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-09-07 15:25:39 +02:00
Lubomir Rintel
acd9a24205 package/network-manager: bump to version 1.20.2
A straightforward bump. Tested.

Signed-off-by: Lubomir Rintel <lkundrak@v3.sk>
Acked-by: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-09-07 15:22:52 +02:00
Thomas Petazzoni
a1d95ce2f4 package/network-manager: fix legal-info following the 1.20.0 bump
In commit aee34c479a, network-manager
was bumped to 1.20.0. As part of this bump, the libnm-util/ subfolder
was removed, and therefore libnm-util/COPYING no longer exists,
breaking the legal-info of this package.

The only remaining COPYING file is at the top-level. However, it
documents only the GPL-2.0 license, while in fact many parts of
network-manager, especially libraries, are under LGPL-2.0. This is
well explained in the CONTRIBUTING file, which states:

"""
Legal
-----

NetworkManager is partly licensed under terms of GNU Lesser General Public License
version 2 or later (LGPL-2.0+). That is for example the case for libnm.
For historical reasons, the daemon itself is licensed under terms of GNU General
Public License, version 2 or later (GPL-2.0+). See the license comment in the source
files.
Note that all new contributions to NetworkManager MUST be made under terms of
LGPL-2.0+, that is also the case for parts that are currently licensed GPL-2.0+.
The reason for that is that we might eventually relicense everything as LGPL and
new contributions already must agree with that future change.
"""

So, we keep GPL-2.0 and LGPL-2.0 as license, drop libnm-util/COPYING
from the LICENSE_FILES variable, and instead add the CONTRIBUTING
file. We also add a comment above the LICENSE variable.

Fixes:

  http://autobuild.buildroot.net/results/44ce11d110a508821f76aae7ce996c1814c6a453/

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-09-07 15:22:35 +02:00
Gwenhael Goavec-Merou
1abb95c976 package/gmp: enable C++ support when BR2_INSTALL_LIBSTDCPP=y
gmp has optional C++ support, which is disabled by default. Let's
enabled it conditionally depending on the BR2_INSTALL_LIBSTDCPP
option.

Signed-off-by: Gwenhael Goavec-Merou <gwenhael.goavec-merou@trabucayre.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-09-07 15:03:04 +02:00
Fabrice Fontaine
6942a0badb package/lttng-babeltrace: bump to version 1.5.7
- Remove second patch (already in version)
- Add hash for license files

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-09-07 14:39:12 +02:00
Alexander Mukhin
ce812c49f0 DEVELOPERS: remove myself from hostapd developers
Signed-off-by: Alexander Mukhin <alexander.i.mukhin@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-09-07 14:36:47 +02:00
Alexander Mukhin
b35ac6fac9 package/hostapd: remove support for Realtek drivers
After hostapd update to 2.9, the patch provided no longer works,
although applies. Moreover, AP support for Realtek chips is broken
anyway in kernels > 4.9.

Signed-off-by: Alexander Mukhin <alexander.i.mukhin@gmail.com>
[Thomas: add Config.in.legacy handling]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-09-07 14:36:23 +02:00
Adam Duskett
bdc1bdf3a9 package/libglib2: bump to version 2.60.7
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-09-07 14:30:12 +02:00
Peter Korsgaard
965e26fd99 package/asterisk: security bump to version 16.5.1
Fixes the following security issues:

AST-2019-004: Crash when negotiating for T.38 with a declined stream
When Asterisk sends a re-invite initiating T.38 faxing, and the endpoint
responds with a declined media stream a crash will then occur in Asterisk.
https://downloads.asterisk.org/pub/security/AST-2019-004.pdf

AST-2019-005: Remote Crash Vulnerability in audio transcoding
When audio frames are given to the audio transcoding support in Asterisk the
number of samples are examined and as part of this a message is output to
indicate that no samples are present. A change was done to suppress this
message for a particular scenario in which the message was not relevant. This
change assumed that information about the origin of a frame will always exist
when in reality it may not.
https://downloads.asterisk.org/pub/security/AST-2019-005.pdf

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-09-07 14:29:17 +02:00
Asaf Kahlon
866dc545fa package/python-enum: bump to version 0.4.7
Also add hash for license file.

Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-09-07 14:28:38 +02:00
Asaf Kahlon
ad250c3d18 package/monit: bump to version 5.26.0
Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-09-07 14:25:04 +02:00
Peter Korsgaard
f2c8428bde package/exim: security bump to version 4.92.2
Fixes CVE-2019-15846: Local or remote attacker can execute programs with
root privileges

For details, see the advisory:
https://exim.org/static/doc/security/CVE-2019-15846.txt

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-09-07 14:24:02 +02:00
Christopher McCrory
86f4a76a10 package/e2fsprogs: bump to version 1.45.3
Signed-off-by: Christopher McCrory <chrismcc@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-09-06 10:27:38 +02:00
Bernd Kuhls
eb06ed1896 package/libdmtx: bump version to 0.7.5
According to https://sourceforge.net/projects/libdmtx the project was
moved to https://github.com/dmtx so update project URL in Config.in.

Updated license hash due to upstream commit
b65ff367ad

Added AUTORECONF because the github tarball does not include a
configure script.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-09-06 09:05:24 +02:00
Romain Naour
39c8202b75 package/aubio: bump to version 0.4.9
Remove upstream patch.

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-09-06 09:04:17 +02:00
Peter Korsgaard
5f97934b32 package/wireguard: bump version to 0.0.20190702
For details of the changes, see the announcement:
https://lists.zx2c4.com/pipermail/wireguard/2019-July/004271.html

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-09-06 09:03:58 +02:00
Bernd Kuhls
7001c64848 package/libogg: bump version to 1.3.4
Added all hashes provided by upstream.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-09-04 21:47:08 +02:00
Fabrice Fontaine
fc4ee4063b package/dav1d: disable tests and tools
Some tools need SDL2 which will break the build if SDL2 is found on host

Fixes:
 - http://autobuild.buildroot.org/results/4cea773805e62911019d0627dcdf5d17b71032b7

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-09-04 21:44:48 +02:00
Titouan Christophe
0bd7fd495e package/less: bump to version 530
Signed-off-by: Titouan Christophe <titouan.christophe@railnova.eu>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-09-04 21:39:26 +02:00
Titouan Christophe
9578de2286 package/nano: bump to version 4.4
Signed-off-by: Titouan Christophe <titouan.christophe@railnova.eu>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-09-04 21:38:47 +02:00
Baruch Siach
e287b7c5f9 package/iw: bump to version 5.3
Cc: Matt Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-09-04 21:36:55 +02:00
Fabrice Fontaine
fe519ffe0c package/cups-filters: bump to version 1.25.4
Update hash of license file (year, authors, files have been updated)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-09-04 21:36:16 +02:00
Pierre-Jean Texier
0ab5266c82 DEVELOPERS: add Pierre-Jean Texier for tree
Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-09-04 21:35:52 +02:00
Pierre-Jean Texier
5bc166f6e7 package/tree: bump to version 1.8.0
See http://mama.indstate.edu/users/ice/tree/changes.html

Also add a hash for license file.

Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-09-04 21:35:01 +02:00
Fabrice Fontaine
44c5c95760 package/cups: security bump to version 2.2.12
- Remove fifth patch (already in version)
- Fix CVE-2019-8696 and CVE-2019-8675: Fixed SNMP buffer overflows
  (rdar://51685251)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-09-04 21:34:46 +02:00
Sergio Prado
d2ae7c2c30 package/wolfssl: bump to version 4.1.0
Signed-off-by: Sergio Prado <sergio.prado@e-labworks.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-09-04 21:32:44 +02:00
Sergio Prado
8e3347e595 package/snort: bump to version 2.9.14.1
Since configure is using PKG_CHECK_MODULES macro, we need to
unconditionally depends on host-pkgconf.

Signed-off-by: Sergio Prado <sergio.prado@e-labworks.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-09-04 21:32:22 +02:00
Bernd Kuhls
4e574eaf06 package/samba4: security bump version to 4.10.8
Release notes: https://www.samba.org/samba/history/samba-4.10.8.html

Fixes CVE-2019-10197
 Combination of parameters and permissions can allow user
 to escape from the share path definition.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-09-04 21:31:49 +02:00
Jörg Krause
3a5a327a27 package/mpd: bump to version 0.21.14
Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-09-03 23:44:45 +02:00
Sébastien Szymanski
8a1a7dff4f package/unzip: add security patch from Debian
Fix the URL and add a new patch. Quoting changelog [1]:

unzip (6.0-25) unstable; urgency=medium

  * Apply one more patch by Mark Adler:
  - Do not raise a zip bomb alert for a misplaced central directory.
    This should allow Firefox to build again. Closes: #932404.
    Reported by Peter Green. Hopefully CVE-2019-13232 is fixed now.

 -- Santiago Vila <sanvila@debian.org>  Sat, 27 Jul 2019 18:01:36 +0200

[1] https://sources.debian.org/data/main/u/unzip/6.0-25/debian/changelog

Signed-off-by: Sébastien Szymanski <sebastien.szymanski@armadeus.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-09-03 22:57:08 +02:00
Giulio Benetti
fffd528c32 DEVELOPERS: add Giulio Benetti to libnspr and libnss package
Signed-off-by: Giulio Benetti <giulio.benetti@micronovasrl.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-09-03 22:55:22 +02:00
Ismael Luceno
24d9eb5453 package/axel: bump to version 2.17.6
Signed-off-by: Ismael Luceno <ismael@iodev.co.uk>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-09-03 22:51:57 +02:00
Pierre-Jean Texier
bc9487f89d package/logrotate: bump to version 3.15.1
See https://github.com/logrotate/logrotate/releases/tag/3.15.1

Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-09-03 22:49:32 +02:00