Disable documentation which is available (and enabled by default) since
bump to version 0.31 in commit 0186da2923
and
60e173c019
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Add a patch to disable building tests, building the tests can
fail unless the package is reconfigured.
Signed-off-by: Norbert Lange <nolange79@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fix the following build failure with kernel >= 5.15:
sys-linux.c:148:10: fatal error: linux/ipx.h: No such file or directory
148 | #include <linux/ipx.h>
| ^~~~~~~~~~~~~
This hook could be removed as soon as a new pppd version is released:
https://github.com/ppp-project/ppp/pull/326
Fixes:
- http://autobuild.buildroot.org/results/5a7f89e5178735f4d3e3f3360f0feb263f6ac431
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fix license hash which is wrong since the addition of the package in
commit 8ddeeffa18
While at it, update indentation in hash file (two spaces)
Fixes:
- http://autobuild.buildroot.org/results/0829e7f1f7a18976363b3e3f79ac9865cd099df4
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fixes the following security issues:
*) SECURITY: CVE-2021-44790: Possible buffer overflow when parsing
multipart content in mod_lua of Apache HTTP Server 2.4.51 and
earlier (cve.mitre.org)
A carefully crafted request body can cause a buffer overflow in
the mod_lua multipart parser (r:parsebody() called from Lua
scripts).
The Apache httpd team is not aware of an exploit for the
vulnerabilty though it might be possible to craft one.
This issue affects Apache HTTP Server 2.4.51 and earlier.
Credits: Chamal
*) SECURITY: CVE-2021-44224: Possible NULL dereference or SSRF in
forward proxy configurations in Apache HTTP Server 2.4.51 and
earlier (cve.mitre.org)
A crafted URI sent to httpd configured as a forward proxy
(ProxyRequests on) can cause a crash (NULL pointer dereference)
or, for configurations mixing forward and reverse proxy
declarations, can allow for requests to be directed to a
declared Unix Domain Socket endpoint (Server Side Request
Forgery).
This issue affects Apache HTTP Server 2.4.7 up to 2.4.51
(included).
For more details, see the changes file:
https://downloads.apache.org/httpd/CHANGES_2.4.52
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Remove upstream patches [1][2].
tinyxml has been replaced by pugixml [3].
Switch to git download method since github release without
the complete source code in the tarball [4].
Update indentation of hash file (two spaces).
Previous ogre version unconditionally include <sys/sysctl.h>
header that has been removed from glibc since 2.32.
This has been fixed since Ogre 1.12.7 [5].
[1] de4d5c920e
[2] 3f182b7e74
[3] 3381033240
[4] https://github.com/OGRECave/ogre/issues/1332#issuecomment-563189058
[5] 8ec086e9bc
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
janus-gateway is vulnerable to Improper Neutralization of Input During
Web Page Generation ('Cross-site Scripting')
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
- A vulnerability (GHSL-2021-1038) in the HTML cleaner allowed sneaking
script content through SVG images (CVE-2021-43818).
- A vulnerability (GHSL-2021-1037) in the HTML cleaner allowed sneaking
script content through CSS imports and other crafted constructs
(CVE-2021-43818).
https://github.com/lxml/lxml/blob/lxml-4.6.5/CHANGES.txt
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fix the following build failure without stack-protector raised since
bump to version 3.3.1 in commit 3965f09cb4
and
5b3cb7f35e:
/home/buildroot/autobuild/instance-0/output-1/host/opt/ext-toolchain/bin/../lib/gcc/i686-buildroot-linux-uclibc/9.3.0/../../../../i686-buildroot-linux-uclibc/bin/ld: src/jitterentropy-base.o: in function `jent_fips_enabled':
jitterentropy-base.c:(.text+0x131): undefined reference to `__stack_chk_fail_local'
If stack-protector is enabled in the Buildroot config, the toolchain
wrapper will make sure it is used, so there's no need for the
jitterentropy-library Makefile to handle it.
Fixes:
- http://autobuild.buildroot.org/results/8de/8dee462d16d934dd173d58f17933c6911e4336bf/build-end.log
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
- Switch to meson-package
- gdk-pixbuf and gupnp-dlna are now mandatory
- gstreamer1-editing-services is mandatory with gstreamer engine
https://gitlab.gnome.org/GNOME/rygel/-/blob/rygel-0.40.2/NEWS
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
- GStreamer 0.10 back-end has been dropped with
af50a8ac98
- Switch to meson-package (to avoid autoreconf as no configure is
shipped anymore)
- Update indention in hash file (two spaces)
https://gitlab.gnome.org/GNOME/gupnp-dlna/-/blob/gupnp-dlna-0.12.0/NEWS
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
- introspection support is needed to build latest rygel version
- build vala bindings to avoid a build failure as already done in other
packages such as gssdp in commit
d513e55930
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
support/testing/tests/package/test_php_lua.py:35:1: E302 expected 2 blank lines, found 1
Add the missing line before class definition.
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Evan has privately requested to no longer receive e-mails related to
this Buildroot package.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
BR2_PACKAGE_HOST_RUSTC_ARCH_SUPPORTS dependency was wrongly added to
BR2_PACKAGE_HOST_IMAGEMAGICK by commit
df20e45463, indeed host-librsvg is only
needed by BR2_PACKAGE_HOST_IMAGEMAGICK_SVG
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
License is GPL-3.0+, not GPL-3.0 since the addition of the package in
commit 1e4050b2d0
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fix the following build failure raised since commit
3db4d486d6:
../output-1/build/libmediaart-1.9.5/libmediaart/meson.build:63:2: ERROR: Program 'vapigen' not found
Fixes:
- http://autobuild.buildroot.org/results/189e12686b059ddadf84ced40efcd9875e5e1521
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fix CVE-2021-4048: An out-of-bounds read flaw was found in the CLARRV,
DLARRV, SLARRV, and ZLARRV functions in lapack through version 3.10.0,
as also used in OpenBLAS before version 0.3.18. Specially crafted inputs
passed to these functions could cause an application using lapack to
crash or possibly disclose portions of its memory.
It should be noted that commit 59a1fcc696
wrongly assumed that this CVE was fixed in version 3.10.0
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fix dependencies which are wrong since the addition of the package in
commit e13c9ccf43 resulting in the
following build failure:
Makefile:587: *** duktape is in the dependency chain of polkit that has added it to its _DEPENDENCIES variable without selecting it or depending on it from Config.in. Stop.
Fixes:
- http://autobuild.buildroot.org/results/706a09b245880e99109a4cc99faffe83f458afc4
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fix the following build failure with glibc >= 2.34:
In file included from timerobj.c:32:
In function 'threadobj_set_current',
inlined from 'server_prologue' at timerobj.c:94:2:
../../include/copperplate/threadobj.h:252:9: error: 'pthread_setspecific' expecting 1 byte in a region of size 0 [-Werror=stringop-overread]
252 | pthread_setspecific(threadobj_tskey, thobj);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Fixes:
- http://autobuild.buildroot.org/results/ed93f916eda304b30f320816c85d1b0d4488c699
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The kernel now has support for dma, ethernet, i2c, mmc, pinctrl, regulator,
so enable drivers for those, change to a ext4 rootfs and enable DHCP on
eth0.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
