Commit Graph

57070 Commits

Author SHA1 Message Date
Fabrice Fontaine
a8eef7d2e6 package/uboot-tools: fix build with FIT
Build with FIT is broken since bump to version 2021.04 in commit
a4c38ae470

Fake a generated/autoconf.h with just the needed stuff as suggested by
Yann E. Morin in
https://patchwork.ozlabs.org/project/buildroot/patch/20210422210559.707845-1-fontaine.fabrice@gmail.com

It seems that an empty file is enough as make options are still
interpreted

As a side-effect, drop third patch

Fixes:
 - http://autobuild.buildroot.org/results/5771a7413c98ec202c9623672787a1eee74da5e0

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-04-25 10:42:07 +02:00
Fabrice Fontaine
3ab8aefa87 support/dependencies: set cmake version min to 3.16
domoticz requires cmake 3.16 since version 2020.2 and
275effddf0

Fixes:
 - http://autobuild.buildroot.org/results/0caec85c70341036a039dbc337ad99196b6005a9

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-04-24 23:10:17 +02:00
Fabrice Fontaine
2ce62b6423 package/cmake: bump to version 3.16.9
Update indentation in hash file (two spaces)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-04-24 23:10:17 +02:00
Francois Perrad
864f46ca61 package/perl-role-tiny: bump to version 2.002004
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-04-24 22:46:53 +02:00
Francois Perrad
4a76be3a1c package/perl-path-tiny: bump to version 0.118
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-04-24 22:46:51 +02:00
Francois Perrad
cd1d56bcde package/perl-net-ssh2: bump to version 0.72
diff README.pod:
-Copyright (C) 2011 - 2019 by Salvador FandiE<ntilde>o (salva@cpan.org).
+Copyright (C) 2011 - 2020 by Salvador FandiE<ntilde>o (salva@cpan.org).

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-04-24 22:46:50 +02:00
Francois Perrad
f40bd47602 package/perl-moo: bump to version 2.005004
diff LICENSE:
-This software is Copyright (c) 2020 by mst - Matt S. Trout (cpan:MSTROUT) <mst@shadowcat.co.uk>.
+This software is Copyright (c) 2021 by mst - Matt S. Trout (cpan:MSTROUT) <mst@shadowcat.co.uk>.

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-04-24 22:46:48 +02:00
Francois Perrad
7545da304d package/perl-mojolicious-plugin-authentication: bump to version 1.36
diff LICENSE:
-This software is copyright (c) 2018 by Ben van Staveren.
+This software is copyright (c) 2021 by Ben van Staveren.

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-04-24 22:46:47 +02:00
Francois Perrad
0c2a7ff2a9 package/perl-mojolicious: bump to version 9.17
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-04-24 22:46:46 +02:00
Francois Perrad
b3dd1034d5 package/perl-libwww-perl: bump to version 6.53
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-04-24 22:46:44 +02:00
Francois Perrad
9962e3020c package/perl-io-socket-ssl: bump to version 2.070
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-04-24 22:46:43 +02:00
Francois Perrad
db25a336cc package/perl-date-manip: bump to version 6.85
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-04-24 22:46:42 +02:00
Thomas Petazzoni
4ed540ddf5 package/numactl: make available on all architectures
Since its introduction in commit
b05e74ff92 in 2013, numactl has had an
explicit list of architectures that it supports. Interestingly, this
list does not include ARM, and now that rt-tests unconditionally needs
numactl, it meant the rt-tests package was no longer available on ARM.

Further investigation revealed that there is nothing in recent
versions of numactl that appears to be architecture-specific. It does
build with all of Buildroot toolchains currently used in the
autobuilders.

The only necessary changes are:

 * Exclude no-MMU architectures, as madvise() is used in the code
   base, and this is not available on no-MMU architectures.

 * Make sure to use -latomic when needed, as some atomic operations
   are used.

 * Backport a patch that fixes the .symver usage, which only affects
   really old gcc versions: only the old ARM Sourcery toolchain was
   affected by this. Newer gcc versions support the gcc "symver"
   attribute, so that the code that directly emits the assembly
   .symver directive is not invoked.

With these changes, numactl builds successfully on all our supported
toolchains.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-04-24 22:07:45 +02:00
Fabrice Fontaine
281b11105a package/libp11: bump to version 0.4.11
Update indentation in hash file (two spaces)

https://github.com/OpenSC/libp11/releases/tag/libp11-0.4.11

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-04-24 18:15:54 +02:00
Fabrice Fontaine
5c81a1a833 package/python-pytrie: bump to version 0.4.0
- python 2 support has been dropped since
  a60a601d85
- Use LICENSE instead of PKG-INFO which is available in the official
  tarball since
  1ba5d547df
- Update indentation in hash file (two spaces)

https://github.com/gsakkis/pytrie/blob/0.4.0/README.md

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-04-24 18:15:49 +02:00
Fabrice Fontaine
ee87422f97 package/python-sortedcontainers: bump to version 2.3.0
- Update indentation in hash file (two spaces)
- Update hash of LICENSE file (update in year:
  d127cdde5f)

https://github.com/grantjenks/python-sortedcontainers/blob/v2.3.0/HISTORY.rst

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-04-24 18:15:16 +02:00
Fabrice Fontaine
9192f465ea package/usb_modeswitch: bump to version 2.6.1
Update indentation in hash file (two spaces)

https://www.draisberghof.de/usb_modeswitch/ChangeLog

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-04-24 18:15:04 +02:00
Adam Duskett
2711944ae0 package/mender-artifact: bump version to 3.5.1
Also update various license hashes

Signed-off-by: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-04-24 18:14:28 +02:00
Adam Duskett
b32f95290f package/mender: bump version to 2.6.0
Also update the progressbarlicense hash due to a year bump

Signed-off-by: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-04-24 18:14:10 +02:00
Stephane Viau
46d2cfdf90 configs/freescale_imx8*: bump BSP components to lf-5.10.y-1.0.0
Bump ATF, U-Boot and Linux kernel to the NXP BSP 5.10.y_1.0.0 versions.

Signed-off-by: Stephane Viau <stephane.viau@oss.nxp.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-04-24 18:13:21 +02:00
Stephane Viau
fee1e1b85a configs/freescale_imx8m*: bump BSP components to lf-5.10.y-1.0.0
Bump ATF, U-Boot and Linux kernel to the NXP BSP 5.10.y_1.0.0 versions.

Signed-off-by: Stephane Viau <stephane.viau@oss.nxp.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-04-24 18:13:15 +02:00
Stephane Viau
1bc82677b6 configs/freescale_imx7dsabresd: bump BSP components to lf-5.10.y-1.0.0
Bump ATF, U-Boot and Linux kernel to the NXP BSP 5.10.y-1.0.0 versions.

Signed-off-by: Stephane Viau <stephane.viau@oss.nxp.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-04-24 18:13:12 +02:00
Stephane Viau
9c64575b0f configs/freescale_imx6*: bump BSP components to lf-5.10.y-1.0.0
Bump ATF, U-Boot and Linux kernel to the NXP BSP 5.10.y-1.0.0 versions.

Signed-off-by: Stephane Viau <stephane.viau@oss.nxp.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-04-24 18:13:09 +02:00
Sébastien Szymanski
6bfd10d6f4 package/freescale-imx/imx-sc-firmware: bump to version 1.8.0
- Same version as NXP release 5.10.9_1.0.0
- EULA/COPYING: update to LA_OPT_NXP_Software_License v19

Signed-off-by: Sébastien Szymanski <sebastien.szymanski@armadeus.com>
Reviewed-by: Stephane Viau <stephane.viau@oss.nxp.com>
Tested-by: Stephane Viau <stephane.viau@oss.nxp.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-04-24 18:11:41 +02:00
Sébastien Szymanski
a76cd6496f package/freescale-imx/imx-seco: bump to version 3.7.5
- Same version as NXP release 5.10.9_1.0.0

Signed-off-by: Sébastien Szymanski <sebastien.szymanski@armadeus.com>
Reviewed-by: Stephane Viau <stephane.viau@oss.nxp.com>
Tested-by: Stephane Viau <stephane.viau@oss.nxp.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-04-24 18:11:34 +02:00
Sébastien Szymanski
4bffe42d00 package/freescale-imx/imx-gpu-g2d: bump to version 6.4.3.p1.2
- Same version as NXP release 5.10.9_1.0.0
- EULA/COPYING: update to LA_OPT_NXP_Software_License v19

Signed-off-by: Sébastien Szymanski <sebastien.szymanski@armadeus.com>
Reviewed-by: Stephane Viau <stephane.viau@oss.nxp.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-04-24 18:11:25 +02:00
Sébastien Szymanski
8283e838f0 package/freescale-imx/imx-gpu-viv: bump to version 6.4.3.p1.2
- Same version as NXP release 5.10.9_1.0.0
- EULA/COPYING: update to LA_OPT_NXP_Software_License v19

Signed-off-by: Sébastien Szymanski <sebastien.szymanski@armadeus.com>
Reviewed-by: Stephane Viau <stephane.viau@oss.nxp.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-04-24 18:11:09 +02:00
Sébastien Szymanski
ef25382932 package/freescale-imx/firmware-imx: bump version to 8.11
- Same version as NXP release 5.10.9_1.0.0
- EULA/COPYING: update to LA_OPT_NXP_Software_License v19

Signed-off-by: Sébastien Szymanski <sebastien.szymanski@armadeus.com>
Reviewed-by: Stephane Viau <stephane.viau@oss.nxp.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-04-24 18:11:00 +02:00
Sébastien Szymanski
e8a70dad10 package/freescale-imx/imx-vpu-hantro: bump version to 1.21.0
- Same version as NXP release 5.10.9_1.0.0
- EULA/COPYING: update to LA_OPT_NXP_Software_License v19

Signed-off-by: Sébastien Szymanski <sebastien.szymanski@armadeus.com>
Reviewed-by: Stephane Viau <stephane.viau@oss.nxp.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-04-24 18:10:54 +02:00
Thomas Petazzoni
5e15bebd08 package/uftrace: fix build on i386
The --arch value on i386 must be "i386", and not i486, i586 or i686,
so let's have a special case for BR2_i386, and use $(BR2_ARCH) for the
other supported CPU architectures.

Fixes:

  http://autobuild.buildroot.net/results/01a28789bcec9af66137cbce5a8fda2d606de99f/

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-04-24 18:09:55 +02:00
Sébastien Szymanski
96142a5426 package/freescale-imx/imx-vpu: fix {EULA, COPYING} file hashes
Commit a646cd27b1 (package/freescale-imx/imx-vpu: bump version to
5.4.39.3) somehow messed up when updating the hashes of the licene
files:

    >>> imx-vpu 5.4.39.3 Collecting legal info
    ERROR: EULA has wrong sha256 hash:
    ERROR: expected: a39da2e94bd8b99eaac4325633854620ea3a55145259c3a7748c610a80714cfc
    ERROR: got     : 7ffad92e72e5f6b23027e7cf93a770a4acef00a92dcf79f22701ed401c5478c0
    ERROR: Incomplete download, or man-in-the-middle (MITM) attack

    ERROR: COPYING has wrong sha256 hash:
    ERROR: expected: 69cbb76b3f10ac5a8c36f34df7bbdf50825815560c00a946fff2922365ef01a2
    ERROR: got     : 2ceab29de5ea533b86f570bcc4e9ddbfb5fe85a1da4978a8613ff3fd9bed781d
    ERROR: Incomplete download, or man-in-the-middle (MITM) attack

The most probable cause is some confusion with imx-vpu-hantro, as the
faulty hashes reported above are those found in imx-vpu-hantro.

Signed-off-by: Sébastien Szymanski <sebastien.szymanski@armadeus.com>
[yann.morin.1998@free.fr: rewrite commit log with a probably reason]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-04-24 17:59:13 +02:00
Matt Weber
9486774bbf package/tar: ignore CVE-2007-4476
https://security-tracker.debian.org/tracker/CVE-2007-4476

Currently NVD has this incorrectly tagged for all versions.
The bug trackers on different distros show it was generally
fixed in versions >= 1.16 but because the impacted source
code is in the GNU paxutils, it is hard to follow in what
cases tar has been fixed around that 1.16 version.

https://bugs.gentoo.org/196978

https://www.itsecdb.com/oval/definition/oval/org.mitre.oval/def/9336/Buffer-overflow-in-the-safer-name-suffix-function-in-GNU-tar.html

Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-04-24 11:28:06 +02:00
Matt Weber
fb4402b516 package/rsyslog: ignore CVE-2015-3243
https://security-tracker.debian.org/tracker/CVE-2015-3243
 "Rsyslog uses weak permissions for generating log files."

Ignoring this CVE for Buildroot as normally there are not local
users and a build could customize the rsyslog.conf to be more
restrictive ($FileCreateMode 0640).

Example fix from Alpino Linux
 3cb5210cda

Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-04-24 11:28:05 +02:00
Matt Weber
675769791b package/ncurses: ignore CVE-2018-10754, CVE-2018-19211, CVE-2018-19217, CVE-2019-17594, CVE-2019-17595
Commit 4b21273d71 added upstream (security) patches up to 20200118
and in the commit description it outlines these CVEs were patched.

Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-04-24 11:28:04 +02:00
Matt Weber
2f6a6b8e50 package/wpa_supplicant: ignore CVE-2021-30004 when using openssl
The CVE can be ignored when the internal TLS impl isn't used.

https://security-tracker.debian.org/tracker/CVE-2021-30004
 "Issue only affects the "internal" TLS implementation
 (CONFIG_TLS=internal)"

Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-04-24 11:28:03 +02:00
Matt Weber
3d3348fd03 package/hostapd: ignore CVE-2021-30004 when using openssl
The CVE can be ignored when the internal TLS impl isn't used.

https://security-tracker.debian.org/tracker/CVE-2021-30004
 "Issue only affects the "internal" TLS implementation
 (CONFIG_TLS=internal)"

Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-04-24 11:28:02 +02:00
Matt Weber
120d1241d8 package/flex: ignore CVE-2019-6293
https://security-tracker.debian.org/tracker/CVE-2019-6293

https://github.com/NixOS/nixpkgs/issues/55386#issuecomment-683792976
 "But this bug does not cause stack overflows in the generated code.
 The function and file referred to in the bug (mark_beginning_as_normal
 in nfa.c) are part of the flex code generator, not part of the
 generated code. If flex crashes before generating any code, that
 can hardly be a vulnerability. If flex does not crash, the generated
 code is fine (or perhaps subject to other unreported bugs, who knows,
 but the NFA has been generated correctly)."

Upstream has chosen to not provide a fix
 https://github.com/westes/flex/issues/414

Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
[yann.morin.1998@free.fr: use actual upstream URL]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-04-24 11:25:33 +02:00
Matt Weber
5ce1e773b9 package/cmake: ignore CVE-2016-10642
This is specific to the npm package that installs cmake, so isn't
relevant to Buildroot.
14241ed09f/meta/recipes-devtools/cmake/cmake.inc

https://nvd.nist.gov/vuln/detail/CVE-2016-10642#vulnCurrentDescriptionTitle
 "cmake installs the cmake x86 linux binaries. cmake downloads
 binary resources over HTTP, which leaves it vulnerable to
 MITM attacks. It may be possible to cause remote code
 execution (RCE) by swapping out the requested binary with
 an attacker controlled binary if the attacker is on the
 network or positioned in between the user and the remote server."

Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-04-24 11:25:31 +02:00
Matt Weber
23fb8dd2d0 package/bind: ignore CVE-2019-6470
There had existed in one of the ISC BIND libraries a bug in a
function that was used by dhcpd when operating in DHCPv6 mode.
There was also a bug in dhcpd relating to the use of this function
per its documentation, but the bug in the library function
prevented this from causing any harm. All releases of dhcpd from
ISC contain copies of this, and other, BIND libraries in
combinations that have been tested prior to release and are known
to not present issues like this.

Affects: Builds of dhcpd versions prior to version 4.4.1 when
using BIND versions 9.11.2 or later.

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6470

Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-04-24 11:25:29 +02:00
Matt Weber
8ae9156d8b package/coreutils: ignore CVE-2013-0221, CVE-2013-0222, CVE-2013-0223
This CVE is only relevant to a build when the SUSE coreutils-i18n.patch
is included. The upstream codebase does not include this patch, nor
does Buildroot.

https://security-tracker.debian.org/tracker/CVE-2013-0221
https://security-tracker.debian.org/tracker/CVE-2013-0222
https://security-tracker.debian.org/tracker/CVE-2013-0223

Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-04-24 11:25:28 +02:00
Matt Weber
357dd51bbd package/bind: ignore CVE-2017-3139
This CVE is only relevant to the configuration of a specific
RHEL release (6.x).

https://bugzilla.redhat.com/show_bug.cgi?id=1447743

Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-04-24 11:25:26 +02:00
Thomas Petazzoni
ff299cff58 package/bash: add option to keep or remove loadable examples
bash has a concept of "loadables", which are "plugins" that can be
loaded at runtime by bash to add new builtin. For example:

    # type whoami
    whoami is hashed (/usr/bin/whoami)
    # whoami
    root

    # enable -f /usr/lib/bash/whoami whoami
    # type whoami
    whoami is a shell builtin
    # whoami
    root

    # enable -d whoami
    # type whoami
    whoami is hashed (/usr/bin/whoami)
    # whoami
    root

bash comes with a set of example loadables, installed in
/usr/lib/bash/. They take 312 KB on ARM32, and are by default not
used, and provide builtins that are for the most part already
available as external commands in Busybox/coreutils:

    Makefile.inc  finfo         mkfifo        realpath      sync
    accept        head          mktemp        rm            tee
    basename      id            mypid         rmdir         truefalse
    csv           ln            pathchk       seq           tty
    cut           loadables.h   print         setpgid       uname
    dirname       logname       printenv      sleep         unlink
    fdflags       mkdir         push          strftime      whoami

So instead of having them unconditionally installed, add an option to
enable/disable their installation (their build apparently cannot be
disabled via a configure option).

Normally, we try to keep backward compatibility by preserving the
existing behavior. In this case, this would have meant making this
option "default y". But this also breaks our principle of "being
minimal by default", and in this case, it feels preferable to be
"minimal by default" than preserving existing behavior.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Nicolas Cavallari <nicolas.cavallari@green-communications.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-04-24 09:42:04 +02:00
Thomas Petazzoni
24656c23f9 package/bash: drop SHOBJ_STATUS from BASH_CONF_ENV
SHOBJ_STATUS=unsupported was added in commit
4a2af11cba to work around a limitation
of the configure script that forgot to set this variable in
static-linking configurations.

It turns out that this issue has been fixed upstream as of bash 5.0:

  https://git.savannah.gnu.org/cgit/bash.git/diff/configure.ac?id=d233b485e83c3a784b803fb894280773f16f2deb

  (see hunk @@ -1151,6 +1179,9 @@)

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-04-24 09:28:35 +02:00
Thomas Petazzoni
73aed53c82 package/bash: use --bindir instead of exec_prefix=
We want bash to be installed as /bin/bash. For ages, Buildroot has
been doing this by overriding exec_prefix at install time. First of
all, it would be preferred to do this at configure time. But also,
overriding exec_prefix not only changes where "bash" goes, but also
where the pkgconfig file goes. Due to this, bash.pc goes into
/lib/pkgconfig/, and doesn't get removed by target-finalize.

Since all we want is to have 'bash' as /bin/bash, simply pass
--bindir=/bin at configure time. This allows to use the default target
installation logic for autotools-package. We keep a post-install
target hook to remove /bin/bashbug.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Nicolas Cavallari <nicolas.cavallari@green-communications.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-04-24 09:27:13 +02:00
James Hilliard
8cf034ab0f package/cups: bump to version 2.3.3op2
Switch to new OpenPrinting upstream repository.

NOTICE hash change due to date+copyright holder update in:
1bc199354e

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-04-23 23:22:48 +02:00
Jörg Krause
0f23267bc2 package/libupnp: security bump to version 1.14.6
The server part of pupnp (libupnp) appears to be vulnerable to DNS-rebinding
attacks because it does not check the value of the `Host` header.

Fixes CVE-2021-29462

https://github.com/pupnp/pupnp/security/advisories/GHSA-6hqq-w3jq-9fhg

Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-04-23 23:21:19 +02:00
Jörg Krause
adea5b316e package/libnpupnp: security bump to version 4.1.4
Fix vulnerability to DNS-rebind attacks.

This security fix addresses the same vulnerability isue which was reported
for libupnp (which libnpupnp is derived from) in CVE-2021-29462.

Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-04-23 23:20:56 +02:00
Fabrice Fontaine
be4869f393 package/protozero: disable tests
Add a patch to disable tests through the standard BUILD_TESTING variable
which is already passed by cmake-package.

While at it, drop protobuf dependency which is only needed for tests

This will fix a build failure on toolchains without wchar, toolchains
for sh4 (ICE) or toolchains where gcc is affected by bug 64735.

Upstream thinks that this is unecessary but no additional feedback was
received on how we should handle those build failures

Fixes:
 - http://autobuild.buildroot.org/results/1cd24b757d87b963c70bc7ff927c6d983d0b142a

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Reviewed-by: Maxim Kochetkov <fido_max@inbox.ru>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-04-23 23:20:36 +02:00
Bernd Kuhls
7bb1d96a52 package/kodi-inputstream-adaptive: bump version to 2.6.14-Matrix
Changelog:
https://github.com/xbmc/inputstream.adaptive/blob/Matrix/inputstream.adaptive/addon.xml.in#L22

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-04-23 23:19:48 +02:00
Bernd Kuhls
e7d0a1da84 package/{mesa3d, mesa3d-headers}: bump version to 21.0.3
Release notes:
https://lists.freedesktop.org/archives/mesa-announce/2021-April/000627.html

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-04-23 23:19:32 +02:00