Building on a s390x host, we currently end up with:
output/host/lib
output/host/lib32 -> lib
output/host/lib64
host-libopenssl installs to lib64, but since the kernel build doesn't
explicitly search there, it breaks:
>>> linux 6.6.32 Building
[...]
HOSTCC scripts/sign-file
/usr/bin/ld: cannot find -lcrypto: No such file or directory
collect2: error: ld returned 1 exit status
Fix this by creating a lib64 link instead of lib32, so we get:
output/host/lib
output/host/lib64 -> lib
Signed-off-by: Reza Arbab <arbab@linux.ibm.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 66a5f9bc742f517ad245e1ba0dcc8837205beedc)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
No functional change, but bump for consistency. For details, see the
release notes:
https://gstreamer.freedesktop.org/releases/1.22/
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 038c7df88e063fa10b0e1aa5e26159618fea21de)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
No functional change, but bump for consistency. For details, see the
release notes:
https://gstreamer.freedesktop.org/releases/1.22/
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit fd720980eb51401261438bb4f1928b54c2576438)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
No functional change, but bump for consistency. For details, see the
release notes:
https://gstreamer.freedesktop.org/releases/1.22/
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
[Julien: fixed commit log title]
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 8fd12c62022da53aee2872f8c912744b40393606)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
For various bugfixes. For details, see the release notes:
https://gstreamer.freedesktop.org/releases/1.22/
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit f20de77f15e5b32f299a3ac2f2524f82710bab18)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
For various bugfixes. For details, see the release notes:
https://gstreamer.freedesktop.org/releases/1.22/
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 17c57efe399ab6e18428f1073532f63f59a38a3e)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
For various bugfixes. For details, see the release notes:
https://gstreamer.freedesktop.org/releases/1.22/
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 3e5223d4e871c10dd4a9ae6e6b275a2ae74b9646)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
For various bugfixes. For details, see the release notes:
https://gstreamer.freedesktop.org/releases/1.22/
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 8fbadc1c060052e01cfdad7c705792d1d9821a67)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
For various bugfixes. For details, see the release notes:
https://gstreamer.freedesktop.org/releases/1.22/
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit a0c1f2383649e810459482f6614214122adcd78b)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
For various bugfixes. For details, see the release notes:
https://gstreamer.freedesktop.org/releases/1.22/
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 1fa7c453e4f1dd099b6818ede10a4404b572424f)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
For various bugfixes. For details, see the release notes:
https://gstreamer.freedesktop.org/releases/1.22/
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 84f8e7c18bfdcbab26b4fd52d5696992ce6d0bbe)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security issue:
CVE-2024-4453: Heap-based buffer overflow in the EXIF image tag parser when
handling certain malformed streams before GStreamer 1.24.3 or 1.22.12
https://gstreamer.freedesktop.org/security/sa-2024-0002.html
For more details, see the release notes:
https://gstreamer.freedesktop.org/releases/1.22/
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 197cd0de3b02fc66e35632644fc8437ad4464fe9)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
For various bugfixes. For details, see the release notes:
https://gstreamer.freedesktop.org/releases/1.22/
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 395dcfbb1e5c46870495b75e270613d60f1616e1)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Adds sha256 hash of the license files for GDB.
Signed-off-by: Thomas Bonnefille <thomas.bonnefille@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit b0207c1f15c12011782e46233effa61f5acbfcad)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
GCC14 removed the implicit int support.
This commit adds a patch to libsha1 to fix an implicit int declaration
as recommended.
Link: https://gcc.gnu.org/gcc-14/porting_to.html
Fixes:
http://autobuild.buildroot.net/results/87dc9ba9690cbb6a82875734ce9cb8dbaf878e46/
Signed-off-by: Thomas Bonnefille <thomas.bonnefille@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit d427d27aeeaec4ff52e948fdc7d4be3ce0c9e2bb)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
In commit
a9aa11544a ("package/qt6/qt6svg:
backport fix for CVE-2023-32573"), a fix for security issue
CVE-2023-32573 was added to qt6svg, with the appropriate
QT6SVG_IGNORE_CVES entry.
However, all CVEs against Qt are reported by the NVD on the qt:qt
vendor/product CPE. For example:
https://nvd.nist.gov/vuln/detail/CVE-2023-32573
Therefore, the QT6SVG_IGNORE_CVES entry added has no effect, and
CVE-2023-32573 continues to be reported against our qt6base package.
The only reasonable option is to collect all such CVE ignore entries
for Qt modules into the qt6base package, which is the one that matches
with the qt:qt CPE identifier. This commit does just that, with an
hopefully appropriate comment in qt6base.mk that explains what's going
on.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit 4009842cba ("package/qt6/qt6base:
backport fix for CVE-2023-51714") brought in a fix for CVE-2023-51714,
but got the QT6BASE_IGNORE_CVES update wrong, due to a copy/paste
error with the previous QT6BASE_IGNORE_CVES entry. Due to this
CVE-2023-51714 is still reported as affecting qt6base, while the
security fix is already there.
Fixes: 4009842cba ("package/qt6/qt6base: backport fix for CVE-2023-51714")
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security issues:
CVE-2024-38439: Netatalk 3.2.0 has an off-by-one error and resultant
heap-based buffer overflow because of setting ibuf[PASSWDLEN] to '\0' in
FPLoginExt in login in etc/uams/uams_pam.c.
https://github.com/advisories/GHSA-pcmr-ff73-xcj5
CVE-2024-38440: Netatalk 3.2.0 has an off-by-one error and resultant
heap-based buffer overflow because of incorrectly using FPLoginExt in
BN_bin2bn in etc/uams/uams_dhx_pam.c.
https://github.com/advisories/GHSA-52mm-rqxx-gfq6
CVE-2024-38441: Netatalk 3.2.0 has an off-by-one error and resultant
heap-based buffer overflow because of setting ibuf[len] to '\0' in FPMapName
in afp_mapname in etc/afp/directory.c.
https://github.com/advisories/GHSA-j764-4v6h-pqp7
Release notes:
https://github.com/Netatalk/netatalk/releases/tag/netatalk-3-1-19
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 9ab704699ea70b12478eac87313ec7d1ff902c7a)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security vulnerabilities:
CVE-2022-33065: Multiple signed integers overflow in function au_read_header
in src/au.c and in functions mat4_open and mat4_read_header in src/mat4.c in
Libsndfile, allows an attacker to cause Denial of Service or other
unspecified impacts.
CVE-2024-50612: libsndfile through 1.2.2 has an ogg_vorbis.c
vorbis_analysis_wrote out-of-bounds read.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit e675ffd964d65067bb115ee1e770ee44ba073958)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes CVE-2023-49582: Lax permissions set by the Apache Portable Runtime
library on Unix platforms would allow local users read access to named
shared memory segments, potentially revealing sensitive application data.
This issue does not affect non-Unix platforms, or builds with
APR_USE_SHMEM_SHMGET=1 (apr.h) Users are recommended to upgrade to APR
version 1.7.5, which fixes this issue.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit a60c38b381bbb46094f57fe1c252df962fab6673)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes build error
/home/buildroot/buildroot/output/build/wpewebkit-2.44.4/Source/WTF/wtf/StackBounds.cpp: In static member function 'static WTF::StackBounds WTF::StackBounds::newThreadStackBounds(WTF::PlatformThreadHandle)':
/home/buildroot/buildroot/output/build/wpewebkit-2.44.4/Source/WTF/wtf/StackBounds.cpp:117:5: error: 'pthread_getattr_np' was not declared in this scope; did you mean 'pthread_attr_t'?
117 | pthread_getattr_np(thread, &sattr);
using this defconfig (and libvpx bump to 1.15.0 reverted)
BR2_arm=y
BR2_TOOLCHAIN_BUILDROOT_UCLIBC=y
BR2_TOOLCHAIN_BUILDROOT_WCHAR=y
BR2_PTHREADS=y
BR2_TOOLCHAIN_BUILDROOT_CXX=y
BR2_PER_PACKAGE_DIRECTORIES=y
BR2_PACKAGE_RPI_USERLAND=y
BR2_PACKAGE_LIBGTK3=y
BR2_PACKAGE_WPEWEBKIT=y
A backport of this patch should be considered because the code is
present since 2011:
03f678fac7/Source/WTF/wtf/StackBounds.cpp (L117)
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 9f4a95e5c6e18413e913236f8e7d44cedecc2b2a)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes build error
/home/buildroot/buildroot/output/build/webkitgtk-2.44.2/Source/WTF/wtf/StackBounds.cpp: In static member function 'static WTF::StackBounds WTF::StackBounds::newThreadStackBounds(WTF::PlatformThreadHandle)':
/home/buildroot/buildroot/output/build/webkitgtk-2.44.2/Source/WTF/wtf/StackBounds.cpp:117:5: error: 'pthread_getattr_np' was not declared in this scope; did you mean 'pthread_attr_t'?
117 | pthread_getattr_np(thread, &sattr);
using this defconfig (and libvpx bump to 1.15.0 reverted)
BR2_arm=y
BR2_TOOLCHAIN_BUILDROOT_UCLIBC=y
BR2_TOOLCHAIN_BUILDROOT_WCHAR=y
BR2_PTHREADS=y
BR2_TOOLCHAIN_BUILDROOT_CXX=y
BR2_PER_PACKAGE_DIRECTORIES=y
BR2_PACKAGE_XORG7=y
BR2_PACKAGE_RPI_USERLAND=y
BR2_PACKAGE_LIBGTK3=y
BR2_PACKAGE_WEBKITGTK=y
A backport of this patch should be considered because the code is
present since 2011:
03f678fac7/Source/WTF/wtf/StackBounds.cpp (L117)
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 054e5c4d22e9e235d1818baa1333ca4abace50ea)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes build error
-- Could NOT find LibDRM (missing: LibDRM_INCLUDE_DIR LibDRM_LIBRARY)
CMake Error at Source/cmake/OptionsGTK.cmake:320 (message):
libdrm is required for USE_LIBDRM
Call Stack (most recent call first):
Source/cmake/WebKitCommon.cmake:237 (include)
CMakeLists.txt:21 (include)
with this defconfig:
BR2_arm=y
BR2_TOOLCHAIN_BUILDROOT_UCLIBC=y
BR2_TOOLCHAIN_BUILDROOT_WCHAR=y
BR2_PTHREADS=y
BR2_TOOLCHAIN_BUILDROOT_CXX=y
BR2_PER_PACKAGE_DIRECTORIES=y
BR2_PACKAGE_XORG7=y
BR2_PACKAGE_RPI_USERLAND=y
BR2_PACKAGE_LIBGTK3=y
BR2_PACKAGE_WEBKITGTK=y
due to libdrm being enabled by default:
f736325e66/Source/cmake/OptionsGTK.cmake (L59)
This is a port of buildroot commit 65f8174648a3df922892cfac1ad15279d1bffde3
for the wpewebkit package, quoting its commit message:
Pass USE_LIBDRM=OFF to the wpewebkit CMake configuration step when the
libdrm package has not been selected.
WPE WebKit can be built without libdrm support, and it will still work
with backends that use other platform-specific methods to handle
graphics buffers and/or presenting content onto an output. For example
this is the case with wpebackend-rdk configured to use rpi-userland,
which uses dispmanx to produce the output instead of DRM/KMS.
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 865457e76201f663cf81b09486485fbee961423d)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security vulnerabilities:
CVE-2024-52531: GNOME libsoup before 3.6.1 allows a buffer overflow in
applications that perform conversion to UTF-8 in
soup_header_parse_param_list_strict. Input received over the network cannot
trigger this.
https://www.cve.org/CVERecord?id=CVE-2024-52531
CVE-2024-52532: GNOME libsoup before 3.6.1 has an infinite loop, and memory
consumption. during the reading of certain patterns of WebSocket data from
clients.
https://www.cve.org/CVERecord?id=CVE-2024-52532
Changelog: https://gitlab.gnome.org/GNOME/libsoup/-/blob/3.6.1/NEWS
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit b9120736a7e1e6c6e685d70a5a93e4d861422d70)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This commit adds a patch, which is already in Debian, fixing the build
with gcc 14.x:
/home/autobuild/autobuild/instance-7/output-1/build/host-cdrkit-1.1.11/genisoimage/genisoimage.c:1509:17: error: implicit declaration of function 'parse_checksum_algo' [-Wimplicit-function-declaration]
1509 | if (parse_checksum_algo(optarg, &checksum_algo_iso))
| ^~~~~~~~~~~~~~~~~~~
make[3]: *** [genisoimage/CMakeFiles/genisoimage.dir/build.make:76: genisoimage/CMakeFiles/genisoimage.dir/genisoimage.o] Error 1
Fixes:
http://autobuild.buildroot.net/results/a9cca8da22774ecafdbb382697aae71f78e348f4/
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 0a0de4d86cd1fbeb5ff0439259b297756b3a5d98)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 347def2fd1f062be5d335d06aaaec577c5fa1d68)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security issues:
CVE-2024-53907: Potential denial-of-service in
django.utils.html.strip_tags()
The strip_tags() method and striptags template filter are subject to a
potential denial-of-service attack via certain inputs containing large
sequences of nested incomplete HTML entities.
CVE-2024-53908: Potential SQL injection in HasKey(lhs, rhs) on Oracle
Direct usage of the django.db.models.fields.json.HasKey lookup on Oracle is
subject to SQL injection if untrusted data is used as a lhs value.
Applications that use the jsonfield.has_key lookup through the __ syntax are
unaffected.
https://www.djangoproject.com/weblog/2024/dec/04/security-releases/
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security vulnerabilities:
CVE-2024-46901: mod_dav_svn denial-of-service via control characters in
paths
It has been discovered that the patch for CVE-2013-1968 was incomplete
and unintentionally left mod_dav_svn vulnerable to control characters
in filenames.
https://subversion.apache.org/security/CVE-2024-46901-advisory.txt
Subversion 1.14.4 also fixed a Windows-only vulnerability:
https://subversion.apache.org/security/CVE-2024-45720-advisory.txt
For change log, see:
https://svn.apache.org/repos/asf/subversion/tags/1.14.5/CHANGES
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
[Julien: add link to change log]
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 9975d28aa3ffbda2b727979b2e322fc8986d6d1b)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Release notes:
https://lists.gnu.org/archive/html/bug-wget/2024-11/msg00002.html
Fixes the following vulnerabilities:
- CVE-2024-38428: url.c in GNU Wget through 1.24.5 mishandles semicolons in
the userinfo subcomponent of a URI, and thus there may be insecure
behavior in which data that was supposed to be in the userinfo
subcomponent is misinterpreted to be part of the host subcomponent.
https://nvd.nist.gov/vuln/detail/CVE-2024-38428
- CVE-2024-10524: Applications that use Wget to access a remote resource
using shorthand URLs and pass arbitrary user credentials in the URL are
vulnerable. In these cases attackers can enter crafted credentials which
will cause Wget to access an arbitrary host.
https://www.openwall.com/lists/oss-security/2024/11/18/6
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 295b2c4f8ecaf0b6e03725a6c8412795e91888c8)
[Peter: mark as security bump]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The nettle package is distributed on the GNU project servers. See [1]
and [2]. Buildroot has the BR2_GNU_MIRROR configuration which can
be used for that purpose. See [3].
For consistency with all other GNU packages, this commit updates
the _SITE to use BR2_GNU_MIRROR.
Note: the nettle _SITE was updated to ftp.gnu.org in commit [4].
[1] https://www.lysator.liu.se/~nisse/nettle/
[2] https://www.gnu.org/prep/ftp.html
[3] https://gitlab.com/buildroot.org/buildroot/-/blob/2024.08.2/Config.in#L286
[4] 92f0ef5eaa
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Romain Naour <romain.naour@smile.fr>
(cherry picked from commit 9ccc0f5642cf173bcc8d51f778331acfea9dbde8)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The freeipmi package is distributed on the GNU project servers.
See [1] and [2]. Buildroot has the BR2_GNU_MIRROR configuration
which can be used for that purpose. See [3].
For consistency with all other GNU packages, this commit updates
the _SITE to use BR2_GNU_MIRROR.
[1] https://www.gnu.org/software/freeipmi/download.html
[2] https://www.gnu.org/prep/ftp.html
[3] https://gitlab.com/buildroot.org/buildroot/-/blob/2024.08.2/Config.in#L286
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Romain Naour <romain.naour@smile.fr>
(cherry picked from commit bfa2dbc2d679b88d8166359ec916590050fb5802)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The octave package is distributed on the GNU project servers. See [1]
and [2]. Buildroot has the BR2_GNU_MIRROR configuration which can
be used for that purpose. See [3].
For consistency with all other GNU packages, this commit updates
the _SITE to use BR2_GNU_MIRROR.
[1] https://www.octave.org/download
[2] https://www.gnu.org/prep/ftp.html
[3] https://gitlab.com/buildroot.org/buildroot/-/blob/2024.08.2/Config.in#L286
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Romain Naour <romain.naour@smile.fr>
(cherry picked from commit b0a1b0bab1238271ca99d6a453101d6b128b027a)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
As explained on [1], the primary GNU mirrors URL is https.
This commit updates BR2_GNU_MIRROR to switch to it.
[1] https://www.gnu.org/prep/ftp.html
Signed-off-by: Julien Olivain <ju.o@free.fr>
Reviewed-by: Vincent Jardin <vjardin@free.fr>
Signed-off-by: Romain Naour <romain.naour@smile.fr>
(cherry picked from commit 0f9da3934b9fc1425db49526ab7735a601ac1edb)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The grub2 package is distributed on the GNU project servers. See [1]
and [2]. Buildroot has the BR2_GNU_MIRROR configuration which can
be used for that purpose. See [3].
For consistency with all other GNU packages, this commit updates
the _SITE to use BR2_GNU_MIRROR.
Note: Commit [4] introduced the grub2 package using BR2_GNU_MIRROR.
Commit [5] changed it to use "http://ftp.gnu.org/gnu/grub" without
providing a justification for that change.
[1] https://www.gnu.org/software/grub/grub-download.html
[2] https://www.gnu.org/prep/ftp.html
[3] https://gitlab.com/buildroot.org/buildroot/-/blob/2024.08.2/Config.in#L286
[4] c24fdb3680
[5] 5ffafd2353
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Romain Naour <romain.naour@smile.fr>
(cherry picked from commit 51858c4a34f73c52ac9ff36ba7facf8a8ab9b711)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The bc package is distributed on the GNU project servers. See [1]
and [2]. Buildroot has the BR2_GNU_MIRROR configuration which can
be used for that purpose. See [3]
For consistency with all other GNU packages, this commit updates
the _SITE to use BR2_GNU_MIRROR.
As a side note, the bc package was introduced long time ago using
BR2_GNU_MIRROR. See [4]. It was then updated to an alpha version
in [5]. When the alpha version was no longer needed, it was switched
to the main GNU download server in [6].
[1] https://www.gnu.org/software/bc/
[2] https://www.gnu.org/prep/ftp.html
[3] https://gitlab.com/buildroot.org/buildroot/-/blob/2024.08.2/Config.in#L286
[4] c95dcd4645
[5] 1faa7c344e
[6] ed7572cc7f
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Romain Naour <romain.naour@smile.fr>
(cherry picked from commit 2956a3921548921adb5472e092901ff9d9861333)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
gh-122792: Changed IPv4-mapped ipaddress.IPv6Address to consistently use the
mapped IPv4 address value for deciding properties. Properties which have
their behavior fixed are is_multicast, is_reserved, is_link_local,
is_global, and is_unspecified.
https://github.com/python/cpython/issues/122792
CVE-2024-9287, gh-124651: Properly quote template strings in venv activation
scripts.
https://github.com/python/cpython/issues/124651
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>