Commit Graph

66204 Commits

Author SHA1 Message Date
Angelo Compagnucci
2a2db09451 package/rtl8723ds-bt: new package
This package install the required firmware for enabling the
Bluetooth device embedded in the RTL8723DS chip.
The driver is included in Linux main tree and can be enabled
with the BT_HCIUART_RTL symbol.

Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Tested-by: Indrek Kruusa <indrek.kruusa@gmail.com>
[Peter: use install -D]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2022-12-18 15:51:01 +01:00
Bernd Kuhls
f51e1f9522 package/supertuxkart: bump version to 1.4
Changelog:
https://github.com/supertuxkart/stk-code/blob/1.4/CHANGELOG.md

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2022-12-18 15:35:43 +01:00
Giulio Benetti
5aceee9b1d package/rtl8189fs: bump to 2022-10-30 version to fix build failure with Linux up to 6.1
Drop local patch that has been upstreamed[0] and drop the endianness
handling too since from this commit[1] on it's handled by using Linux
macro __LITTLE_ENDIAN.

[0]: 4a555ffb77
[1]: b3da33576d

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2022-12-18 15:34:45 +01:00
James Hilliard
8ef654997c package/swupdate: bump to version 2022.12
Drop patch which is now upstream.

Update service files based on latest versions in:
https://github.com/sbabic/meta-swupdate/tree/master/recipes-support/swupdate/swupdate

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2022-12-18 15:34:04 +01:00
Andreas Klinger
b9612601b0 package/ply: bump to version 2.3.0
Signed-off-by: Andreas Klinger <ak@it-klinger.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2022-12-18 15:33:35 +01:00
Bernd Kuhls
d7c99eaa30 package/hddtemp: link to libintl when needed
Fixes:
http://autobuild.buildroot.net/results/e84/e84b7131f996302301dd0a8fd47362c9f2eab0bf/
http://autobuild.buildroot.net/results/524/52428940034d59887e0172fbd8481943d86db13b/

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2022-12-18 15:32:09 +01:00
Fabrice Fontaine
384b75098b package/domoticz: bump to version 2022.2
https://github.com/domoticz/domoticz/blob/2022.2/History.txt

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2022-12-18 14:57:57 +01:00
Bernd Kuhls
78504fca92 linux: bump _KERNEL_LATEST_VERSION to 6.1
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2022-12-18 14:57:08 +01:00
Bernd Kuhls
79bb1ab519 {toolchain, linux-headers}: add support for 6.1 headers
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2022-12-18 14:56:37 +01:00
Bernd Kuhls
298bcb0455 {linux, linux-headers}: bump 4.{9, 14, 19}.x / 5.{4, 10, 15}.x / 6.0.x series
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2022-12-18 14:56:15 +01:00
Fabrice Fontaine
6081a48f0f package/motion: bump to version 4.5.1
https://github.com/Motion-Project/motion/releases/tag/release-4.5.1

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2022-12-18 14:55:35 +01:00
Fabrice Fontaine
af9454f8c1 package/davfs2: needs glibc
davfs2 unconditionally uses fstab.h since
https://git.savannah.nongnu.org/cgit/davfs2.git/commit/?id=6e2053cd7f44b0ca58af09905c044c178df34497
resulting in the following build failure since bump to version 1.7.0 in
commit 76423bd3a6:

mount_davfs.c:78:10: fatal error: fstab.h: No such file or directory
   78 | #include <fstab.h>
      |          ^~~~~~~~~

Fixes:
 - http://autobuild.buildroot.org/results/793c71e4f731a18e203d6eaa3ac8b6e2a9620c27

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2022-12-18 14:54:28 +01:00
Brandon Maier
d4c41ac00c package/mtd: add lsmtd option
lsmtd is a new utility added in v2.1.0[1].

[1] http://git.infradead.org/mtd-utils.git/commit/c26ce774a7209012c0505ee841d54898c6665e20

Signed-off-by: Brandon Maier <brandon.maier@collins.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2022-12-18 14:53:02 +01:00
James Hilliard
63cd5db509 package/python-maturin: bump to version 0.14.5
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2022-12-18 14:52:32 +01:00
James Hilliard
15f7b944df package/python-aiocoap: bump to version 0.4.5
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2022-12-18 14:51:43 +01:00
James Hilliard
8332d747df package/python-bleak: bump to version 0.19.5
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Reviewed-by: Marcin Niestroj <m.niestroj@grinn-global.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2022-12-18 14:51:34 +01:00
Giulio Benetti
08dc145a75 package/libnss: bump version to 3.86
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2022-12-18 14:50:38 +01:00
James Hilliard
b7963d4a5d package/python-fire: bump to version 0.5.0
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2022-12-18 14:50:07 +01:00
Bernd Kuhls
10b329956a package/x11r7/xkeyboard-config: bump version to 2.37
Release notes:
https://gitlab.freedesktop.org/xorg/data/xkeyboard-config/-/blob/master/NEWS

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2022-12-18 14:48:42 +01:00
Bernd Kuhls
b9c948df18 package/x11r7/xlib_libXft: bump version to 2.3.7
Release notes:
https://lists.x.org/archives/xorg/2022-November/061175.html

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2022-12-18 14:48:27 +01:00
Bernd Kuhls
30bc9e5aef package/inih: bump version to 56
Release notes: https://github.com/benhoyt/inih/releases/tag/r56

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2022-12-18 14:48:10 +01:00
Bernd Kuhls
4b879cfe0e package/libfreeglut: bump version to 3.4.0
Release notes:
https://github.com/FreeGLUTProject/freeglut/releases/tag/v3.4.0

Upstream switched to github:
https://freeglut.sourceforge.net/news.php
https://sourceforge.net/p/freeglut/mailman/message/37622871/

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2022-12-18 14:45:40 +01:00
Bernd Kuhls
d005917d72 package/x11r7/xutil_makedepend: bump version to 1.0.8
Release notes:
https://lists.x.org/archives/xorg-announce/2022-December/003300.html

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2022-12-18 14:44:02 +01:00
Paul Cercueil
af6f7aa76d package/lightning: bump version to 2.2.0
Notable changes in this new version include support for the Apple
Aarch64 ABI, and compare-and-swap atomic instructions.

Signed-off-by: Paul Cercueil <paul@crapouillou.net>
[Peter: drop _AUTORECONF]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2022-12-18 14:42:49 +01:00
James Hilliard
7165965fe5 package/python-ipdb: bump to version 0.13.11
Drop no longer required setuptools runtime dependency.

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2022-12-18 14:40:24 +01:00
James Hilliard
4b869587c6 package/python-pip: bump to version 22.3.1
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2022-12-18 14:40:12 +01:00
James Hilliard
5ebc1545b2 package/python-traitlets: bump to version 5.7.1
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2022-12-18 14:27:50 +01:00
Bagas Sanjaya
a6105112e8 package/git: bump to version 2.39.0
The git package in Buildroot is quite lagging behind (v2.31.4, released
on July 12, 2022 while the baseline v2.31.0 was released on March 15,
2021). Bump the package to v2.39.0 (released December 12, 2022).

While at it, also replace patch fixing uclibc no threads build with two
patches cherry-picked from upstream next branch, which fixes the same
issue by fixing the handling of flockfile(), funlockfile(), and
getc_unlocked() declarations. These patches missed the release but
planned for next maintenance release (v2.39.1).

The reason for replacing the patch is when original fix patch was
upstreamed [1], Jeff King noted that the build failure root cause
was flockfile() is defined regardless of whether uclibc is configured with
threads support or not [2].

Release notes for v2.39.0 is available on release announcement on Git
mailing list at [3].

[1]: https://lore.kernel.org/git/20221125092339.29433-1-bagasdotme@gmail.com/
[2]: https://lore.kernel.org/git/Y4RAr04vS%2FTOM5uh@coredump.intra.peff.net/
[3]: https://lore.kernel.org/git/xmqqlencspnl.fsf@gitster.g/

Signed-off-by: Bagas Sanjaya <bagasdotme@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2022-12-18 13:37:42 +01:00
Maxim Kochetkov
48a3fc3f36 package/timescaledb: bump version to 2.9.0
Release notes: https://github.com/timescale/timescaledb/blob/2.9.0/CHANGELOG.md

Signed-off-by: Maxim Kochetkov <fido_max@inbox.ru>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2022-12-18 11:43:11 +01:00
Julien Olivain
7aeb6c654e Revert "package/gperf: add _CPE_ID_VENDOR and _CPE_ID_PRODUCT"
This reverts commit 3712e1dee7.

gperf -- the GNU perfect hash function generator
https://www.gnu.org/software/gperf/

and

gperftools -- the Google Performance Tools
https://github.com/gperftools/gperftools

are two different and unrelated projects.

Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2022-12-18 11:37:09 +01:00
Maxim Kochetkov
46686174e5 package/libgeos: bump version to 3.11.1
Changelog: https://github.com/libgeos/geos/releases/tag/3.11.1

Signed-off-by: Maxim Kochetkov <fido_max@inbox.ru>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2022-12-18 11:33:49 +01:00
Bernd Kuhls
de93736550 package/x11r7/xlib_libX11: bump version to 1.8.3
Release notes:
https://lists.x.org/archives/xorg-announce/2022-December/003305.html

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2022-12-18 11:33:11 +01:00
Bernd Kuhls
b382fb4a04 package/{mesa3d, mesa3d-headers}: bump version to 22.3.1
Release notes:
https://lists.freedesktop.org/archives/mesa-announce/2022-December/000697.html

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2022-12-18 11:32:46 +01:00
Fabrice Fontaine
1975c53176 package/arp-scan: bump to version 1.10.0
- Use official tarball and so drop autoreconf
- libcap is an optional dependency since
  923f123a28

https://github.com/royhills/arp-scan/releases/tag/1.10.0

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2022-12-18 11:32:08 +01:00
Fabrice Fontaine
c2baa583c3 package/mbedtls: security bump to version 2.28.2
Fix the following security issues:
- Fix potential heap buffer overread and overwrite in DTLS if
  MBEDTLS_SSL_DTLS_CONNECTION_ID is enabled and
  MBEDTLS_SSL_CID_IN_LEN_MAX > 2 * MBEDTLS_SSL_CID_OUT_LEN_MAX.
- An adversary with access to precise enough information about memory
  accesses (typically, an untrusted operating system attacking a secure
  enclave) could recover an RSA private key after observing the victim
  performing a single private-key operation if the window size used for
  the exponentiation was 3 or smaller.

Drop patch (already in version:
9d9d45c6b2)

https://github.com/Mbed-TLS/mbedtls/releases/tag/v2.28.2

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2022-12-18 11:31:23 +01:00
Marcus Folkesson
9febd64bb0 package/libostree: bump to version 2022.7
Signed-off-by: Marcus Folkesson <marcus.folkesson@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2022-12-18 11:27:26 +01:00
Bernd Kuhls
f62d409cb8 package/x11r7/xapp_xhost: bump version to 1.0.9
Release notes:
https://lists.x.org/archives/xorg-announce/2022-December/003301.html

Updated license hash due to copyright year bump:
167ad7fa3a

Switched tarball to xz, updated _SITE.

Added optional support for gettext:
167ad7fa3a

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2022-12-14 23:14:16 +01:00
Bernd Kuhls
aa409d82fc DEVELOPERS: add Bernd Kuhls to package intel-microcode
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2022-12-14 23:12:46 +01:00
Bernd Kuhls
f83377b7b3 package/intel-microcode: security bump version to 20221108
Fixes the following security issues:

- CVE-2021-0146: Hardware allows activation of test or debug logic at
  runtime for some Intel(R) processors which may allow an unauthenticated
  user to potentially enable escalation of privilege via physical access.

  https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00528.html

- CVE-2021-0127: Insufficient control flow management in some Intel(R)
  Processors may allow an authenticated user to potentially enable a denial
  of service via local access.

  https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00532.html

- CVE-2022-21151: Processor optimization removal or modification of
  security-critical code for some Intel(R) Processors may allow an
  authenticated user to potentially enable information disclosure via local
  access.

  https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00617.html

- CVE-2022-0005: Sensitive information accessible by physical probing of
  JTAG interface for some Intel(R) Processors with SGX may allow an
  unprivileged user to potentially enable information disclosure via
  physical access.

  https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00614.html

- CVE-2022-21233: Improper isolation of shared resources in some Intel(R)
  Processors may allow a privileged user to potentially enable information
  disclosure via local access.

  https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00657.html

For more details, see the release notes:
https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/blob/main/releasenote.md

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
[Peter: extend commit message with security fix details]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2022-12-14 23:08:15 +01:00
Francois Perrad
f095f5a8be package/sudo: bump to version 1.9.12p1
remove merged patch

diff LICENSE.md
-    Copyright (C) 1995-2017 Jean-loup Gailly and Mark Adler
+    Copyright (C) 1995-2022 Jean-loup Gailly and Mark Adler
-    Copyright (c) 2008-2018, Dave Benson and the protobuf-c authors.
+    Copyright (c) 2008-2022, Dave Benson and the protobuf-c authors.

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2022-12-14 23:06:17 +01:00
Francois Perrad
380341b249 package/libarchive: bump to version 3.6.2
remove merged patch

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2022-12-14 23:05:31 +01:00
James Hilliard
4d05fa00fd package/wayland-protocols: bump to version 1.31
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2022-12-14 20:30:07 +01:00
Yann E. MORIN
319d2735f9 fs/ext2: generate Y2K38-resilient filesystems
When creating a filesystem, mkfs.ext will chose the inode size depending
on the size of the filesystem. Small filesystem get 128-bytes inodes,
while bigger filesystems use 256-byte inodes (inode must be a power of 2
larger or equal to 128, and smaller or equal to the blocksize).

However, 128-byte inodes can't store timestamps past the dreaded
2038-01-19 03:14:07Z deadline, while inodes larger than or equal to 256
do not have the issue.

It turns out that the tipping point to decide whether a filesystem is
small or big, is about around the size of the filesystems we generate
for our runtime tests. This causes the kernel to emit warning like:

    ext2 filesystem being remounted at / supports timestamps until 2038 (0x7fffffff)

We add a new option to our ext2 filesystem, so that user can specify the
size of the inode. That new option defaults to 256 to be resilient to
the Y2K38 problem.

Note: it was already possible for users to explicitly pass the -I
option, through BR2_TARGET_ROOTFS_EXT2_MKFS_OPTIONS. We could have
chosen to extend the existing value with a -I 256, but that is not
satisfactory. Indeed, we do want to ensure that the default is now
Y2K38-OK, even for existing configurations that did not have explicit
setting.

We also pass that new option before the user-specified arbitrary ones,
so that BR2_TARGET_ROOTFS_EXT2_MKFS_OPTIONS still wins (in case -I was
set there).

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
[Peter: tweak help text]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2022-12-14 20:29:11 +01:00
Francois Perrad
be3a6bf2e7 package/xz: bump to version 5.2.10
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2022-12-14 20:05:36 +01:00
Quentin Schulz
111ab56d84 package/cairo: fix CVE-2020-35492
Add an upstream patch to fix CVE-2020-35492:
A flaw was found in cairo's image-compositor.c in all versions prior to
1.17.4. This flaw allows an attacker who can provide a crafted input
file to cairo's image-compositor (for example, by convincing a user to
open a file in an application using cairo, or if an application uses
cairo on untrusted input) to cause a stack buffer overflow ->
out-of-bounds WRITE. The highest impact from this vulnerability is to
confidentiality, integrity, as well as system availability.

Important note: this is not the exact upstream patch. Indeed, the
upstream patch[1] contains a png file which appears as a binary diff
inside the patch. The `patch` tool which is used by Buildroot to apply
patches does not handle that kind of diff. Since it is just a test, it
shouldn't impact the quality of the CVE fix and all changes related to
the test are removed from the patch.

[1] 03a820b173
Cc: Quentin Schulz <foss+buildroot@0leil.net>
Signed-off-by: Quentin Schulz <quentin.schulz@theobroma-systems.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2022-12-14 20:02:45 +01:00
Quentin Schulz
b38286d7e5 package/cairo: fix CVE-2019-6462
Add an upstream patch to fix CVE-2019-6462:

An issue was discovered in cairo 1.16.0. There is an infinite loop in
the function _arc_error_normalized in the file cairo-arc.c, related to
_arc_max_angle_for_tolerance_normalized.

Cc: Quentin Schulz <foss+buildroot@0leil.net>
Signed-off-by: Quentin Schulz <quentin.schulz@theobroma-systems.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2022-12-14 20:02:14 +01:00
James Hilliard
e38d5190ea package/python-lxml: bump to version 4.9.2
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2022-12-14 20:01:56 +01:00
Francois Perrad
ee8d02ea6d package/iproute2: bump to version 6.1.0
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2022-12-14 19:59:00 +01:00
Bernd Kuhls
b8881d4d7e package/x11r7/xserver_xorg-server: security bump version to 21.1.5
Release notes:
https://lists.x.org/archives/xorg-announce/2022-December/003303.html

Security advisory:
https://lists.x.org/archives/xorg-announce/2022-December/003302.html

Fixes CVE-2022-46340, CVE-2022-46341, CVE-2022-46342, CVE-2022-46343,
CVE-2022-46344 and CVE-2022-4283.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2022-12-14 19:57:52 +01:00
Peter Korsgaard
0a3a7169d6 boot/sun20i-d1-spl: drop package
U-Boot has now gained SPL support for D1, so this temporary bootloader is no
longer supported.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2022-12-13 21:20:53 +01:00