Commit Graph

71173 Commits

Author SHA1 Message Date
Fabrice Fontaine
ae2baf1771 package/c-ares: update C_ARES_CPE_ID_VENDOR
cpe:2.3🅰️c-ares_project:c-ares has been deprecated in favor of
cpe:2.3🅰️c-ares:c-ares in September 2023:

  <cpe-item name="cpe:/a:c-ares_project:c-ares:1.17.1" deprecated="true" deprecation_date="2023-09-15T11:42:40.183Z">
    <title xml:lang="en-US">C-ares Project C-ares 1.17.1</title>
      <reference href="https://github.com/c-ares/c-ares/releases">Change Log</reference>
    <cpe-23:cpe23-item name="cpe:2.3🅰️c-ares_project:c-ares:1.17.1:*:*:*:*:*:*:*">
        <cpe-23:deprecated-by name="cpe:2.3🅰️c-ares:c-ares:1.17.1:*:*:*:*:*:*:*" type="NAME_CORRECTION"/>

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2024-02-04 11:16:39 +01:00
Fabrice Fontaine
363b4ebf1a package/dbus: fix CPE variables
cpe:2.3🅰️d-bus_project:d-bus has been deprecated in favor of
cpe:2.3🅰️freedesktop:dbus in December 2023:

  <cpe-item name="cpe:/a:d-bus_project:d-bus:1.15.6" deprecated="true" deprecation_date="2023-12-27T16:36:56.510Z">
    <title xml:lang="en-US">D-Bus Project D-Bus 1.15.6</title>
      <reference href="https://gitlab.freedesktop.org/dbus/dbus/-/tags">Version</reference>
      <reference href="https://gitlab.freedesktop.org/dbus/dbus/-/issues/457">Advisory</reference>
    <cpe-23:cpe23-item name="cpe:2.3🅰️d-bus_project:d-bus:1.15.6:*:*:*:*:*:*:*">
        <cpe-23:deprecated-by name="cpe:2.3🅰️freedesktop:dbus:1.15.6:*:*:*:*:*:*:*" type="NAME_CORRECTION"/>

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2024-02-04 11:16:34 +01:00
Fabrice Fontaine
c438422d49 package/flex: update FLEX_CPE_ID_VENDOR
cpe:2.3🅰️flex_project:flex has been deprecated in favor of
cpe:2.3🅰️westes:flex in October 2023:

  <cpe-item name="cpe:/a:flex_project:flex:2.6.4" deprecated="true" deprecation_date="2023-10-06T17:12:20.950Z">
    <title xml:lang="en-US">Flex Fast Lexical Analyser 2.6.4</title>
      <reference href="https://github.com/westes/flex/releases">Version</reference>
      <reference href="https://github.com/westes/flex/">Product</reference>
    <cpe-23:cpe23-item name="cpe:2.3🅰️flex_project:flex:2.6.4:*:*:*:*:*:*:*">
        <cpe-23:deprecated-by name="cpe:2.3🅰️westes:flex:2.6.4:*:*:*:*:*:*:*" type="NAME_CORRECTION"/>

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2024-02-04 11:16:29 +01:00
Fabrice Fontaine
63118fbb55 package/json-c: update JSON_C_CPE_ID_VENDOR
cpe:2.3🅰️json-c_project:json-c has been deprecated in favor of
cpe:2.3🅰️json-c:json-c in September 2023:

  <cpe-item name="cpe:/a:json-c_project:json-c:0.14" deprecated="true" deprecation_date="2023-09-16T13:05:58.643Z">
    <title xml:lang="en-US">JSON-C Project JSON-C 0.14</title>
      <reference href="https://github.com/json-c/json-c/releases">Version</reference>
    <cpe-23:cpe23-item name="cpe:2.3🅰️json-c_project:json-c:0.14:*:*:*:*:*:*:*">
        <cpe-23:deprecated-by name="cpe:2.3🅰️json-c:json-c:0.14-20200419:*:*:*:*:*:*:*" type="NAME_CORRECTION"/>

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2024-02-04 11:16:23 +01:00
Fabrice Fontaine
03a9171cce package/x11r7/xlib_libXpm: update XLIB_LIBXPM_CPE_ID_VENDOR
cpe:2.3🅰️libxpm_project:libxpm has been deprecated in favor of
cpe:2.3🅰️x.org:libxpm in October 2023:

  <cpe-item name="cpe:/a:libxpm_project:libxpm:3.5.15" deprecated="true" deprecation_date="2023-10-17T15:55:35.850Z">
    <title xml:lang="en-US">Libxpm Project Libxpm 3.5.15</title>
      <reference href="https://gitlab.freedesktop.org/xorg/lib/libxpm/-/tags">Version</reference>
    <cpe-23:cpe23-item name="cpe:2.3🅰️libxpm_project:libxpm:3.5.15:*:*:*:*:*:*:*">
        <cpe-23:deprecated-by name="cpe:2.3🅰️x.org:libxpm:3.5.15:*:*:*:*:*:*:*" type="NAME_CORRECTION"/>

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2024-02-04 11:16:18 +01:00
Fabrice Fontaine
5ae38ec621 package/netatalk: update NETATALK_CPE_ID_VENDOR
cpe:2.3🅰️netatalk_project:netatalk has been deprecated in favor of
cpe:2.3🅰️netatalk:netatalk in September 2023:

  <cpe-item name="cpe:/a:netatalk_project:netatalk:3.1.13" deprecated="true" deprecation_date="2023-09-29T11:15:00.340Z">
      <reference href="https://sourceforge.net/projects/netatalk/files/netatalk/">Version</reference>
    <cpe-23:cpe23-item name="cpe:2.3🅰️netatalk_project:netatalk:3.1.13:*:*:*:*:*:*:*">
        <cpe-23:deprecated-by name="cpe:2.3🅰️netatalk:netatalk:3.1.13:*:*:*:*:*:*:*" type="NAME_CORRECTION"/>

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2024-02-04 11:16:13 +01:00
Fabrice Fontaine
92f3f04146 package/python-wheel: add CPE variables
cpe:2.3🅰️wheel_project:wheel is a valid CPE identifier for this
package:

  https://nvd.nist.gov/products/cpe/detail/402C4B59-237A-4399-8189-CC9FC1B4BF39

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2024-02-04 11:16:07 +01:00
Fabrice Fontaine
ed40db6dfb package/rauc-hawkbit-updater: drop RAUC_HAWKBIT_UPDATER_CPE_ID_VENDOR
cpe:2.3🅰️pengutronix:rauc-hawkbit-updater added by commit
928b7219cd has never been a valid CPE ID
for this package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe:2.3🅰️pengutronix:rauc-hawkbit-updater

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2024-02-04 11:06:18 +01:00
Fabrice Fontaine
380d4a75f5 package/linux-firmware: drop LINUX_FIRMWARE_CPE_ID_VENDOR
cpe:2.3🅰️kernel:linux-firmware added by commit
63332c33aa has never been a valid CPE ID
for this package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe:2.3🅰️kernel:linux-firmware

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2024-02-04 11:06:13 +01:00
Fabrice Fontaine
05617160dd package/wireless-regdb: drop WIRELESS_REGDB_CPE_ID_VENDOR
cpe:2.3🅰️kernel:wireless-regdb added by commit
63332c33aa has never been a valid CPE ID
for this package:

  https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3🅰️kernel:wireless-regdb

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2024-02-04 11:06:06 +01:00
Fabrice Fontaine
5e4eba6414 package/libvips: update LIBVIPS_CPE_ID_VENDOR
cpe:2.3🅰️libvips_project:libvips has been deprecated in favor of
cpe:2.3🅰️libvips:libvips in September 2023:

<cpe-item name="cpe:/a:libvips_project:libvips:8.10.6:-" deprecated="true" deprecation_date="2023-09-29T11:18:01.067Z">
    <title xml:lang="en-US">libvips Project libvips 8.10.6 -</title>
      <reference href="https://libvips.github.io/libvips/">Project</reference>
      <reference href="https://github.com/libvips/libvips/releases">Change Log</reference>
    <cpe-23:cpe23-item name="cpe:2.3🅰️libvips_project:libvips:8.10.6:-:*:*:*:*:*:*">
        <cpe-23:deprecated-by name="cpe:2.3🅰️libvips:libvips:8.10.6:-:*:*:*:*:*:*" type="NAME_CORRECTION"/>

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2024-02-03 11:11:24 +01:00
Fabrice Fontaine
f1e05a8199 package/minizip: fix CPE variables
cpe:2.3🅰️minizip_project:minizip added by commit
425339dcdf is not a valid CPE identifier
for this package, cpe:2.3🅰️zlib-ng:minizip-ng is the correct one:

  https://nvd.nist.gov/products/cpe/detail/64E392F1-65DD-42E5-B618-AD893BA37FB3

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2024-02-03 11:10:41 +01:00
Fabrice Fontaine
8c0d9795a7 package/lvm2: fix CPE variable
Commit d70da0be78 wrongly set
LVM2_CPE_ID_PRODUCT instead of LVM2_CPE_ID_VENDOR

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2024-02-03 11:07:45 +01:00
Fabrice Fontaine
186883f497 package/mpfr: fix CPE variables
cpe:2.3🅰️gnu:mpfr added by commit
63332c33aa has never been a valid CPE
identifier for this package

cpe:2.3🅰️mpfr:gnu_mpfr is a valid CPE identifier for this package:

  https://nvd.nist.gov/products/cpe/detail/7B981E0A-5BAC-4A80-A734-5FD4B51B04EF

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2024-02-03 11:06:08 +01:00
Fabrice Fontaine
27fafa94a7 package/depot-tools: drop DEPOT_TOOLS_CPE_ID_VENDOR
cpe:2.3🅰️google:depot-tools added by commit
48730a1a9d has never been a valid CPE ID
for this package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe:2.3🅰️google:depot-tools

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2024-02-03 11:05:30 +01:00
Fabrice Fontaine
85d300f102 package/crda: drop CRDA_CPE_ID_VENDOR
cpe:2.3🅰️kernel:crda added by commit
63332c33aa has never been a valid CPE ID
for this package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe:2.3🅰️kernel:crda

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2024-02-03 11:04:49 +01:00
Waldemar Brodkorb
7251775773 package/libjwt: new package
JSON Web Tokens are an open, industry standard RFC 7519
method for representing claims securely between two parties.

This Library is used by Asterisk 20.6.0 and newer.
We need to use autotools to install pkgconfig file.

Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
[Peter: drop _SOURCE, add host-pkgconf, add to DEVELOPERS]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2024-02-03 11:02:05 +01:00
Bernd Kuhls
62a5510c21 package/onevpl-intel-gpu: bump version to 24.1.3
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2024-02-03 10:15:28 +01:00
Bernd Kuhls
bd31d973d7 package/intel-mediadriver: bump version to 24.1.3
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2024-02-03 10:15:12 +01:00
Bernd Kuhls
49ee9ca5ac package/kodi-peripheral-joystick: bump version to 20.1.15-Nexus
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2024-02-03 10:15:02 +01:00
Bernd Kuhls
52a15667b1 {linux, linux-headers}: bump 6.{1, 6}.x series
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2024-02-03 10:14:20 +01:00
Bernd Kuhls
881fbdb674 package/{mesa3d, mesa3d-headers}: bump version to 23.3.5
Release notes:
https://lists.freedesktop.org/archives/mesa-announce/2024-February/000748.html

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2024-02-03 10:14:12 +01:00
Fabrice Fontaine
dbe037dc99 package/freerdp: security bump to version 2.11.5
- Fix CVE-2024-22211
- Update Upstream tag in patches

https://github.com/FreeRDP/FreeRDP/blob/2.11.5/ChangeLog

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2024-02-01 12:01:23 +01:00
Fabrice Fontaine
0694cef47b package/cpio: fix tar.bz2 hash
Commit b0306d94b2 forgot to update
cpio-2.13.tar.bz2 to cpio-2.14.tar.bz2

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2024-02-01 12:00:58 +01:00
Fabrice Fontaine
3ffb716da3 package/libpsl: fix legal info
Commit 863131cad9 forgot to update hash of
COPYING (update in year with:
80c17cc237)

Fixes:
 - http://autobuild.buildroot.org/results/2b09ca88a08fdba8ca75153688ed5dd9362c7520

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Reviewed-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2024-02-01 11:59:22 +01:00
Peter Korsgaard
75e7c7ba8c package/{glibc, localedef}: security bump to version glibc-2.38-44-gd37c2b20a4787463d192b32041c3406c2bd91de0
Fixes the following security issues:

CVE-2023-6246: syslog: Fix heap buffer overflow in __vsyslog_internal
https://sourceware.org/git/?p=glibc.git;a=blob_plain;f=advisories/GLIBC-SA-2024-0001;hb=HEAD

CVE-2023-6779: syslog: Heap buffer overflow in __vsyslog_internal
https://sourceware.org/git/?p=glibc.git;a=blob_plain;f=advisories/GLIBC-SA-2024-0002;hb=HEAD

CVE-2023-6780: syslog: Integer overflow in __vsyslog_internal
https://sourceware.org/git/?p=glibc.git;a=blob_plain;f=advisories/GLIBC-SA-2024-0003;hb=HEAD

For details, see the Qualys advisory:
https://www.openwall.com/lists/oss-security/2024/01/30/6

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2024-02-01 11:58:51 +01:00
Peter Korsgaard
62b767fd3e package/glibc: add CVE ignore for CVE-2023-4806
Commit 8519de517e (package/{glibc, localedef}: security bump to version
glibc-2.38-27-g750a45a783906a19591fb8ff6b7841470f1f5701) correctly mentioned
CVE-2023-4806 in the commit message, but forgot to add an ignore for it.

Fix that.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2024-02-01 11:58:42 +01:00
Peter Korsgaard
d932f84d9f package/syslog-ng: needs pcre2, not pcre
Syslog-ng-uses pcre2 instead of pcre since 4.3.0 with:
cb6de08dc9

No autobuilder failures, as pcre2 is implicitly available through libglib2.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2024-01-31 21:24:34 +01:00
Sébastien Szymanski
f24e85238f docs/manual/contribute.txt: fix typo
"who sponsored who sponsored" -> "who sponsored"

Signed-off-by: Sébastien Szymanski <sebastien.szymanski@armadeus.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2024-01-31 21:23:18 +01:00
Fabrice Fontaine
ef5d3327a1 package/lynx: fix openssl static build
Use LDFLAGS instead of LIBS to fix the following openssl static build
failure raised because lynx filters out duplicates (i.e. -lz) in
CF_ADD_LIBS:

configure:12958: checking for inet_ntoa
configure:12995: /home/autobuild/autobuild/instance-7/output-1/host/bin/x86_64-buildroot-linux-uclibc-gcc -o conftest -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -Ofast -g0 -static -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -D_GNU_SOURCE -DLINUX  -static conftest.c -L/home/autobuild/autobuild/instance-7/output-1/host/bin/../x86_64-buildroot-linux-uclibc/sysroot/usr/lib64 -lssl -L/home/autobuild/autobuild/instance-7/output-1/host/bin/../x86_64-buildroot-linux-uclibc/sysroot/usr/lib64 -lz -pthread -lcrypto -lz -pthread  >&5
configure:12998: $? = 0
configure:13001: test -s conftest
configure:13004: $? = 0
configure:13014: result: yes
configure:13095: checking for gethostbyname
configure:13151: result: yes
configure:13232: checking for strcasecmp
configure:13288: result: yes
configure:13401: checking for inet_aton function
configure:13443: /home/autobuild/autobuild/instance-7/output-1/host/bin/x86_64-buildroot-linux-uclibc-gcc -o conftest -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -Ofast -g0 -static -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -D_GNU_SOURCE -DLINUX  -static conftest.c  -L/home/autobuild/autobuild/instance-7/output-1/host/bin/../x86_64-buildroot-linux-uclibc/sysroot/usr/lib64 -lssl -lz -pthread -lcrypto >&5

[...]

/home/autobuild/autobuild/instance-7/output-1/host/bin/x86_64-buildroot-linux-uclibc-gcc -DHAVE_CONFIG_H  -DLOCALEDIR=\"/usr/share/locale\" -I. -I.. -Ichrtrans -I./chrtrans -I.. -I../src -I.././WWW/Library/Implementation    -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -D_GNU_SOURCE -DLINUX -I/home/autobuild/autobuild/instance-7/output-1/host/x86_64-buildroot-linux-uclibc/sysroot/usr/include -I/home/autobuild/autobuild/instance-7/output-1/host/x86_64-buildroot-linux-uclibc/sysroot/usr/include/openssl  -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -Ofast -g0 -static  -Wl,-rpath,/home/autobuild/autobuild/instance-7/output-1/host/bin/../x86_64-buildroot-linux-uclibc/sysroot/usr/lib64 -Wl,-rpath,/home/autobuild/autobuild/instance-7/output-1/host/x86_64-buildroot-linux-uclibc/sysroot/usr/lib   -L/home/autobuild/autobuild/instance-7/output-1/host/x86_64-buildroot-linux-uclibc/sysroot/usr/lib -static -o lynx  LYebcdic.o LYClean.o LYShowInfo.o LYEdit.o L
 YStrings.o LYMail.o HTAlert.o GridText.o LYGetFile.o LYMain.o LYMainLoop.o LYCurses.o LYBookmark.o LYmktime.o LYUtils.o LYOptions.o LYReadCFG.o LYSearch.o LYHistory.o LYForms.o LYPrint.o LYrcFile.o LYDownload.o LYNews.o LYKeymap.o HTML.o HTFWriter.o HTInit.o DefaultStyle.o LYUpload.o LYLeaks.o LYexit.o LYJump.o LYList.o LYCgi.o LYTraversal.o LYEditmap.o LYCharSets.o LYCharUtils.o LYMap.o LYCookie.o LYStyle.o LYHash.o LYPrettySrc.o TRSTable.o parsdate.o UCdomap.o UCAux.o UCAuto.o  LYSession.o LYLocal.o  .././WWW/Library/Implementation/libwww.a -lz -static -lncurses -lssl -lcrypto -L/home/autobuild/autobuild/instance-7/output-1/host/bin/../x86_64-buildroot-linux-uclibc/sysroot/usr/lib64 -pthread
/home/autobuild/autobuild/instance-7/output-1/host/lib/gcc/x86_64-buildroot-linux-uclibc/11.4.0/../../../../x86_64-buildroot-linux-uclibc/bin/ld: /home/autobuild/autobuild/instance-7/output-1/host/x86_64-buildroot-linux-uclibc/sysroot/usr/lib/libcrypto.a(libcrypto-lib-c_zlib.o): in function `zlib_oneshot_expand_block':
c_zlib.c:(.text+0xb8b): undefined reference to `uncompress'

Patching aclocal.m4 is not possible as autoreconf fails due to missing
AC_DIVERT_HELP macro.

This build failure is only raised by autobuilders since 2024 for an
unknown reason.

Fixes:
 - http://autobuild.buildroot.org/results/6d4119b54fc6b6111a03f81e131e83bae0d844d1

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2024-01-31 21:21:18 +01:00
Bernd Kuhls
459620aa98 package/intel-gmmlib: bump version to 22.3.17
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2024-01-30 23:16:29 +01:00
Bernd Kuhls
adf323fc45 package/{mesa3d, mesa3d-headers}: bump version to 23.3.4
Release notes:
https://lists.freedesktop.org/archives/mesa-announce/2024-January/000745.html

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2024-01-30 23:16:13 +01:00
Bernd Kuhls
44292dabc0 {linux, linux-headers}: bump 4.19.x / 5.{4, 10, 15}.x / 6.{1, 6}.x series
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2024-01-30 23:15:16 +01:00
Bernd Kuhls
8b83d96145 package/kodi-pvr-mythtv: bump version to 20.5.10-Nexus
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2024-01-30 23:15:09 +01:00
Julien Olivain
c7c6778d2a package/opencsd: bump to version 1.5.1
For change log, see:
https://github.com/Linaro/OpenCSD/blob/v1.5.1/README.md?plain=1#L316

Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2024-01-30 23:13:53 +01:00
Kieran Bingham
6f96d2d315 package/libcamera: bump to version 0.2.0
Signed-off-by: Kieran Bingham <kieran.bingham@ideasonboard.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2024-01-30 23:12:28 +01:00
Francois Perrad
41839480c4 package/libgtk3: bump to version 3.24.41
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2024-01-30 23:11:01 +01:00
Adrian Perez de Castro
863131cad9 package/libpsl: bump to version 0.21.5
The main changes are improvements to the Meson build system, including
a fix for a build issue related to iconv:

  https://github.com/rockdaboot/libpsl/releases/tag/0.21.3
  https://github.com/rockdaboot/libpsl/releases/tag/0.21.4
  https://github.com/rockdaboot/libpsl/releases/tag/0.21.5

Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2024-01-30 23:06:19 +01:00
Robert Marko
b0fabbd2aa package/mdio-tools: bump version to 1.3.1
[v1.3.1] - 2023-12-02
---------------------

Fixes mvls to work with kernels 6.2 and onwards.

- mdio: Multiple registers can now be dumped at once, via the generic
  dump operation.

- mvls: Relax the driver matching to accept the strings used in
  kernels 6.2 and newer.

Signed-off-by: Robert Marko <robimarko@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2024-01-30 23:04:58 +01:00
Fabrice Fontaine
2953cd2644 package/joe: add JOE_CPE_ID_VENDOR
cpe:2.3🅰️joseph_allen:joe is a valid CPE identifier for this package:

  https://nvd.nist.gov/products/cpe/detail/5F530947-2060-4842-92B9-5BC61D9C5430

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2024-01-30 22:56:49 +01:00
David Barbion
1dfa4c56fe package/dhcpcd: bump to version 10.0.5
This version contains a fix for aarch64 based systems.
On such systems, dhcpcd would crash without setting any IP addresses.
See 6a36f96740
and https://github.com/NetworkConfiguration/dhcpcd/issues/260 for more
details.

Signed-off-by: David Barbion <davidb@230ruedubac.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2024-01-30 22:56:33 +01:00
Julien Olivain
e784eb8538 package/z3: bump to version 4.12.5
For change log since 4.12.4, see:
https://github.com/Z3Prover/z3/blob/z3-4.12.5/RELEASE_NOTES.md#version-4125

Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2024-01-30 09:26:27 +01:00
Ismael Luceno
50ba0b0a40 package/axel: bump version to 2.17.12
Signed-off-by: Ismael Luceno <ismael@iodev.co.uk>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2024-01-30 09:26:13 +01:00
Abilio Marques
8f403f0137 package/micropython-lib: merge with, and install as part of micropython
Until now, micropython-lib was a package that installed v1.9.3, which is
more than 6 years old. This was acceptable since micropython never made
any other official release of the library until v1.20.

Meanwhile, the libraries underwent a reorganization, and they are now
available in a directory structure that cannot be copied directly into
the target. This might explain why v1.9.3 is still present in the
current day buildroot (which comes with micropython v1.22).

As part of the changes made by the micropython project, the libraries
are now released together with the interpreter. They are cloned as a
submodule into the lib/micropython-lib directory, and are present in the
release tarball.

This commit introduces an auxiliary script to collect those libraries
and reorder them into a structure that can then be copied into
/usr/lib/micropython. The script utilizes a module from the tools
directory of the micropython repo.

The helper script is kept as simple as possible, and makes use of
existing micropython tools (used to process manifests) to discover the
list of packages available in micropython-lib. The hope is that by
relying on them, any future changes in directory structure will be
covered by the official "manifestfile.py" tool.

It is to be noted that, even though the manifestfile.py script/module is
part of the micropython package, it is actually written for CPython, and
is not expected to even work when using micropython as an interpreter.
This we do not need to introduce host-micropython to use that tool, and
microython already depends on host-python3 for other parts of the build.

With this commit, micropython-lib is installed (optionally) as part
of micropython, and thus a separate package is no longer needed. The
original config variable name was retained as it fits with the
micropython package "namespace", and thus this is backward compatible
and no legacy handling is needed.

This commit also ensures that the libraries in micropython-lib will
be updated together with newer versions of micropython in the future.

Signed-off-by: Abilio Marques <abiliojr@gmail.com>
[yann.morin.1998@free.fr:
  - use if-block in Config.in
  - simplify PYTHONPATH
  - fix check-package
  - reword and reorder parts of the commit log
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2024-01-29 21:38:53 +01:00
Bernd Kuhls
2fbeacf91f package/tor: Fix build with libressl >= 3.8.1
Fixes:
http://autobuild.buildroot.net/results/85c/85cde3bcd12fb5adafb94c85d5fa636e1b5b9068/

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
[yann.morin.1998@free.fr: fix Upstream tag]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2024-01-28 18:46:07 +01:00
Fabrice Fontaine
c3cf06e0a8 package/frr: security bump to version 8.5.4
Fix CVE-2023-38802, CVE-2023-41360, CVE-2023-46752, CVE-2023-46753,
CVE-2023-47234 and CVE-2023-47235

https://frrouting.org/security/
https://frrouting.org/release/8.5.4/

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2024-01-28 17:39:30 +01:00
Fabrice Fontaine
b80705800a package/x11r7/xserver_xorg-server: add CPE variables
cpe:2.3🅰️x.org:xorg-server is a valid CPE identifier for this package:

  https://nvd.nist.gov/products/cpe/detail/79A86C02-31A5-4F25-8CA6-7C4A8CD92B7B

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2024-01-28 17:37:34 +01:00
Francois Perrad
46d4f5c751 package/perl-posix-strftime-compiler: bump to version 0.46
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2024-01-27 21:48:34 +01:00
Francois Perrad
a1f9433885 package/perl-plack: bump to version 1.0051
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2024-01-27 21:48:30 +01:00
Francois Perrad
f32f348f65 package/perl-net-dns: bump to version 1.42
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2024-01-27 21:48:26 +01:00