Commit Graph

55925 Commits

Author SHA1 Message Date
Thomas Petazzoni
e792b4d22d DEVELOPERS: drop Rahul Jain, user no longer exists
<rahul.jain@imgtec.com>: host mxa-00376f01.gslb.pphosted.com[185.132.180.163]
    said: 550 5.1.1 User Unknown (in reply to RCPT TO command)

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-02-16 09:45:44 +01:00
Thomas Petazzoni
cf77733dbb DEVELOPERS: drop Guillaume Gardet, domain no longer exists
The oliseo.fr domain no longer responds to SMTP requests:

smtplib.SMTPRecipientsRefused: {'Guillaume Gardet <guillaume.gardet@oliseo.fr>': (550, b'5.1.2 <guillaume.gardet@oliseo.fr>: Recipient address rejected: Domain not found')}

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-02-16 09:45:44 +01:00
Bernd Kuhls
f0b41307a3 package/x11r7/xdriver_xf86-video-nouveau: bump version to 1.0.17
Release notes:
https://lists.freedesktop.org/archives/nouveau/2021-January/037766.html

Reformatted hashes.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-16 08:34:31 +01:00
Thomas Petazzoni
f81b0998ea support/scripts/cpedb.py: drop CPE XML database caching
Currently, the CPE XML database is parsed into a Python dict, which is
then pickled into a local file, to speed up the processing of further
invocations.

However, it turns out that since the initial implementation, we have
switched the XML parsing from the out of tree xmltodict module to the
standard ElementTree one, which has made the parsing much faster. The
pickle caching only saves 6 seconds, on something that takes more than
13 minutes total.

In addition, this pickle caching consumes a significant amount of RAM,
causing the Python process to be OOM-killed on a server with 4 GB of
RAM.

So let's just drop this caching entirely.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-02-14 10:03:52 +01:00
Asaf Kahlon
797d63e603 package/python-uvloop: bump to version 0.15.0
Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-02-13 23:41:10 +01:00
Peter Seiderer
8fcdd2023e package/dnsmasq: bump version to 2.84
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-02-13 23:27:53 +01:00
Peter Seiderer
2854c31ace package/uhttpd: bump version to f53a639
- change download url to https

- update license file hash (uhttpd.h - license unrelated source
  code changes only)

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-02-13 23:27:53 +01:00
Peter Seiderer
2766ac8d57 package/ustream-ssl: bump version to 68d0924
- change download url to https

- change hash of ustream-ssl.h, which is used as license file. There
  are no changes to the license text, only changes in the code.

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-02-13 23:27:32 +01:00
Peter Seiderer
74515d8e58 package/odhcp6c: bump version to 53f07e9
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-02-13 23:24:23 +01:00
Peter Seiderer
351e6a9bce package/libuci: bump version to 52bbc99
- change download url to https

- update homepage url (the old one redirects to legacy read only
  OpenWrt wiki system)

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-02-13 23:24:22 +01:00
Peter Seiderer
1510a61f69 package/ubus: bump version to d1d9ddf
- change download url to https

- update homepage url (the old one redirects to legacy read only
  OpenWrt wiki system)

- update license file hash (ubusd_acl.h - license unrelated source
  code changes only)

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-02-13 23:24:21 +01:00
Peter Seiderer
7851f5a127 package/libubox: bump version to 5bc0146a
- change download url to https

- update homepage url (the old one returns 404 - No projects found)

- add hash file

- delete 0001-blobmsg-fix-array-out-of-bounds-GCC-10-warning.patch
  (from upstream [1])

[1] https://git.openwrt.org/?p=project/libubox.git;a=commit;h=eb7eb6393d47a918c420f5b287946dbd6c0d5f57

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-02-13 23:24:19 +01:00
Peter Seiderer
4feb7c37f2 package/util-linux: bump version to 2.36.2
For details see [1].

[1] http://lkml.iu.edu/hypermail/linux/kernel/2102.1/07236.html

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-02-13 22:50:08 +01:00
Nicolas Cavallari
f3dcb20125 package/wpa_supplicant: Simplify D-Bus support.
wpa_supplicant 2.8 dropped support for the old D-Bus interface, so
remove mentions of it and rename DBUS_NEW variables to just DBUS.

Signed-off-by: Nicolas Cavallari <nicolas.cavallari@green-communications.fr>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-02-13 13:42:00 +01:00
Nicolas Cavallari
1f24dcf480 package/wpa_supplicant: Add options to disable more features.
Together, they increase the size of the binary by a bit less than a
megabyte.

As a result, make the wpa_supplicant option a menuconfig.

Signed-off-by: Nicolas Cavallari <nicolas.cavallari@green-communications.fr>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-02-13 13:41:44 +01:00
Nicolas Cavallari
1276a1bd78 package/wpa_supplicant: Fix options to actually disable features.
Since wpa_supplicant 2.8, most features are now enabled by default,
instead of being disabled by default. Remove setting of options that are
already enabled by default, and turn ENABLE into DISABLE where
appropriate.

This also makes the existing options disable more features, otherwise,
it would still include dead code or even fail to compile.

Als correct/update some help texts.

Signed-off-by: Nicolas Cavallari <nicolas.cavallari@green-communications.fr>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-02-13 13:38:55 +01:00
Bernd Kuhls
516ce1f134 package/eudev: bump version to 3.2.10
Removed patch which was applied upstream:
799591c573

Reformatted hashes.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-12 23:21:33 +01:00
Francois Perrad
31a2195863 configs/olimex_a20_olinuxino_lime*: bump Linux and U-Boot versions
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-12 23:19:54 +01:00
Francois Perrad
682a2e75b0 configs/mx6cubox: bump Linux and U-Boot versions
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-12 23:19:46 +01:00
Peter Korsgaard
92237c45c5 Update for 2021.02-rc1
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-09 22:55:10 +01:00
Fabrice Fontaine
5e8c3b5833 package/ngircd: bump to version 26.1
https://github.com/ngircd/ngircd/releases/tag/rel-26.1

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-09 22:45:53 +01:00
Gwenhael Goavec-Merou
3572b30250 package/gnuradio: add gr-uhd option
GNURadio has a block to use USRP, through UHD, to receive or transmit RF
signals.

Signed-off-by: Gwenhael Goavec-Merou <gwenhael.goavec-merou@trabucayre.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-09 22:39:07 +01:00
Gwenhael Goavec-Merou
c577eac16e package/uhd: add missing support
Complete uhd package with the rest of USRP, octoclock and python support.

Signed-off-by: Gwenhael Goavec-Merou <gwenhael.goavec-merou@trabucayre.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-09 22:36:17 +01:00
Fabrice Fontaine
e12000bf63 package/libostree: libfuse is optional, not mandatory
libfuse is optional since its addition in version 2016.2 with
e9ccdd2d00

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Reviewed-by: Marcus Folkesson <marcus.folkesson@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-09 22:31:22 +01:00
Fabrice Fontaine
c2b532af15 package/attr: set ATTR_CPE_ID_VALID
cpe:2.3🅰️attr_project:attr is a valid CPE identifier for this package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Aattr_project%3Aattr

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-09 22:28:27 +01:00
Fabrice Fontaine
715ce49202 package/freerdp: add FREERDP_CPE_ID_VENDOR
cpe:2.3🅰️freerdp:freerdp is a valid CPE identifier for this package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Afreerdp%3Afreerdp

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-09 22:26:34 +01:00
Titouan Christophe
ccfb9e87f8 package/waf: bump to v2.0.22
Signed-off-by: Titouan Christophe <titouanchristophe@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-02-09 19:31:03 +01:00
Peter Korsgaard
9974d88362 package/intel-microcode: security bump to version 20201118
Fixes the following security issues:

- CVE-2020-8694: Insufficient access control in the Linux kernel driver for
  some Intel(R) Processors may allow an authenticated user to potentially
  enable information disclosure via local access.

  https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00389.html

- CVE-2020-8695: Observable discrepancy in the RAPL interface for some
  Intel(R) Processors may allow a privileged user to potentially enable
  information disclosure via local access.

  https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00389.html

- CVE-2020-8698: Improper removal of sensitive information before storage or
  transfer in some Intel(R) Processors may allow an authenticated user to
  potentially enable information disclosure via local access.

  https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00381.html

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-02-09 19:20:27 +01:00
Heiko Thiery
a8e524d274 package/connman: bump version to 1.39
Drop patches that are upstream now and fix hash file indentation.

Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-09 11:26:03 +01:00
Fabrice Fontaine
24401221d2 package/bison: add BISON_CPE_ID_VENDOR
cpe:2.3🅰️gnu:bison is a valid CPE identifier for this package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Agnu%3Abison

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-09 10:54:33 +01:00
Fabrice Fontaine
49f70aaf3b package/c-icap: set C_ICAP_CPE_ID_VALID
cpe:2.3🅰️c-icap_project:c-icap is a valid CPE identifier for this
package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Ac-icap_project%3Ac-icap

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-09 10:54:25 +01:00
Pieter Ronsijn
30a4dd20f3 package/exfat(-utils): change license to GPL-2.0+
The license is specified in https://github.com/relan/exfat/blob/master/COPYING and indicates GPL-2.0+
The license changed from from GPL-3.0+ to GPL-2.0+ in 2013 but was never updated in buildroot.

48573fff5d

Signed-off-by: Pieter Ronsijn <pieterronsijn@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-08 22:43:13 +01:00
Bernd Kuhls
03b0e40a31 package/fetchmail: bump version to 6.4.16
Release notes:
https://sourceforge.net/p/fetchmail/mailman/message/37215482/

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-08 22:15:26 +01:00
Fabrice Fontaine
2133651ddd package/c-icap: bump to version 0.5.7
https://sourceforge.net/p/c-icap/news/2020/10/the-c-icap-057-is-released

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-08 22:14:49 +01:00
Fabrice Fontaine
d10f4656cf package/bluez5_utils: add CPE variables
cpe:2.3🅰️bluez:bluez is a valid CPE identifier for this package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Abluez%3Abluez

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[Peter: fix s/BLUEZ5_CPE/BLUEZ5_UTILS_CPE/ typo]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-08 22:14:01 +01:00
Fabrice Fontaine
7d9dde68b3 package/berkeleydb: add CPE variables
cpe:2.3🅰️oracle:berkeley_db is a valid CPE identifier for this package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Aoracle%3Aberkeley_db

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-08 22:11:57 +01:00
Peter Korsgaard
c699ad1474 package/python: clarify that this refers to the deprecated 2.7 series
Python 2.7 is EOL, so people should use the python3 package instead if
possible.  Make it a bit more obvious that 'python' is not the right package
to use by explicitly mentioning that this is about python 2.7 and that it is
deprecated.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Reviewed-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-08 22:10:41 +01:00
Peter Korsgaard
cf1dd7e007 package/connman: add upstream security fixes for CVE-2021-2667{5, 6}
Fixes the following security issues:

- CVE-2021-26675: Remote (adjacent network) code execution flaw
- CVE-2021-26676: Remote stack information leak

For details, see the advisory:
https://www.openwall.com/lists/oss-security/2021/02/08/2

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-08 22:08:00 +01:00
Peter Korsgaard
4b8331fd6a CHANGES: update with recent changes
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-08 22:06:08 +01:00
Fabrice Fontaine
a03a9c51d5 package/at-spi2-atk: add AT_SPI2_ATK_CPE_ID_VENDOR
cpe:2.3🅰️gnome:at-spi2-atk is a valid CPE identifier for this package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Agnome%3Aat-spi2-atk

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-08 16:27:25 +01:00
Peter Korsgaard
2107f7a75b configs/avenger96_defconfig: add support for Arrow Avenger96 board
Very similar to the other stm32mp157-based boards, except that we use the
multi_v7 defconfig for ease of maintenance.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-08 16:25:00 +01:00
Baruch Siach
25e09fdb9e package/memtester: fix compile and link flags
The memtester build system does not use CFLAGS/LDFLAGS variables.
Everything should be written to conf-cc and conf-ld.

Use '%' as sed expression delimiter because comma might appear in
LDFLAGS.

Cc: Matt Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-08 16:24:38 +01:00
Fabrice Fontaine
f39b2b3d75 package/x11r7/xlib_libXrandr: add CPE variables
cpe:2.3🅰️x.org:libxrandr is a valid CPE identifier for this package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Ax.org%3Alibxrandr

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-08 16:23:35 +01:00
Heiko Thiery
dc1b3bed17 package/connman: set CONNMAN_CPE_ID_VENDOR
cpe:2.3🅰️intel:connman is a valid CPE identifier for this package:

  https://nvd.nist.gov/products/cpe/detail/702658?namingFormat=2.3&orderBy=CPEURI&keyword=connman&status=FINAL

Cc: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-08 16:23:20 +01:00
Heiko Thiery
ff727b6124 configs/kontron_smarc_sal28_defconfig: use Python 3.x for U-Boot build
New U-Boot versions need Python 3.x for pylibfdt.

Fixes:
 - https://gitlab.com/buildroot.org/buildroot/-/jobs/1006924823

Cc: Michael Walle <michael@walle.cc>
Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-08 16:22:34 +01:00
Fabrice Fontaine
c74f82f160 package/brotli: add BROTLI_CPE_ID_VENDOR
cpe:2.3🅰️google:brotli is a valid CPE identifier for this package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Agoogle%3Abrotli

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-08 16:22:08 +01:00
Fabrice Fontaine
8d93a30066 package/audiofile: drop package
The audiofile package is affected by multiple CVEs and is not maintained
anymore (no release since 2013):

  https://nvd.nist.gov/vuln/search/results?form_type=Advanced&results_type=overview&seach_type=all&query=cpe:2.3🅰️audio_file_library_project:audio_file_library:0.3.6:*:*:*:*:*:*:*

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-08 16:18:42 +01:00
Fabrice Fontaine
4c69951791 package/avahi: add AVAHI_CPE_ID_VENDOR
cpe:2.3🅰️avahi:avahi is a valid CPE identifier for this package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Aavahi%3Aavahi

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-08 16:14:59 +01:00
Fabrice Fontaine
8d0d7efa7a package/augeas: add AUGEAS_CPE_ID_VENDOR
cpe:2.3🅰️augeas:augeas is a valid CPE identifier for this package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Aaugeas%3Aaugeas

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-08 16:14:50 +01:00
Fabrice Fontaine
b4158a9554 package/x11r7/xlib_libXi: add CPE variables
cpe:2.3🅰️x.org:libxi is a valid CPE identifier for this package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Ax.org%3Alibxi

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-08 08:36:58 +01:00