Fabrice Fontaine
ac3bbc4e03
package/systemd: add SYSTEMD_CPE_ID_VENDOR
...
cpe:2.3🅰️ freedesktop:systemd is a valid CPE identifier for this
package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Afreedesktop%3Asystemd
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-03-04 19:55:29 +01:00
Fabrice Fontaine
f6bbaaa886
package/rabbitmq-server: add CPE variables
...
cpe:2.3🅰️ pivotal_software:rabbitmq is a valid CPE identifier for this
package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Apivotal_software%3Arabbitmq
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-03-04 19:55:29 +01:00
Fabrice Fontaine
93e94bde2d
package/harfbuzz: set HARFBUZZ_CPE_ID_VALID
...
cpe:2.3🅰️ harfbuzz_project:harfbuzz is a valid CPE identifier for this
package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Aharfbuzz_project%3Aharfbuzz
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-03-04 19:53:43 +01:00
Fabrice Fontaine
8cb2f4fd3a
package/icu: add CPE variables
...
cpe:2.3🅰️ icu-project:international_components_for_unicode is a valid
CPE identifier for this package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Aicu-project%3Ainternational_components_for_unicode
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-03-04 19:53:42 +01:00
Fabrice Fontaine
5aa8448ed1
package/heimdal: set HEIMDAL_CPE_ID_VALID
...
cpe:2.3🅰️ heimdal_project:heimdal is a valid CPE identifier for this
package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Aheimdal_project%3Aheimdal
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-03-04 19:53:41 +01:00
Fabrice Fontaine
d282eaebb0
package/minicom: set MINICOM_CPE_ID_VALID
...
cpe:2.3🅰️ minicom_project:minicom is a valid CPE identifier for this
package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Aminicom_project%3Aminicom
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-03-04 19:53:39 +01:00
Fabrice Fontaine
67c06e4710
package/rtmpdump: set RTMPDUMP_CPE_ID_VALID
...
cpe:2.3🅰️ rtmpdump_project:rtmpdump is a valid CPE identifier for this
package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Artmpdump_project%3Artmpdump
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-03-04 19:53:38 +01:00
Fabrice Fontaine
48b7f728f5
package/libmicrohttpd: add LIBMICROHTTPD_CPE_ID_VENDOR
...
cpe:2.3🅰️ gnu:libmicrohttpd is a valid CPE identifier for this package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Agnu%3Alibmicrohttpd
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-03-04 19:53:37 +01:00
Fabrice Fontaine
da903c2b95
package/libosip2: add CPE variables
...
cpe:2.3🅰️ gnu:osip is a valid CPE identifier for this package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Agnu%3Aosip
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-03-04 19:53:36 +01:00
Fabrice Fontaine
30c250eb59
package/iucode-tool: set IUCODE_TOOL_CPE_ID_VALID
...
cpe:2.3🅰️ iucode-tool_project:iucode-tool is a valid CPE identifier for
this package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Aiucode-tool_project%3Aiucode-tool
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-03-04 19:53:35 +01:00
Fabrice Fontaine
0029c467fe
package/lame: set LAME_CPE_ID_VALID
...
cpe:2.3🅰️ lame_project:lame is a valid CPE identifier for this package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Alame_project%3Alame
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-03-04 19:53:34 +01:00
Fabrice Fontaine
968418490c
package/apr-util: add CPE variables
...
cpe:2.3🅰️ apache:portable_runtime_utility is a valid CPE identifier for
this package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Aapache%3Aportable_runtime_utility
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-03-04 19:53:33 +01:00
Fabrice Fontaine
d5a669b999
package/libstrophe: fix tarball hash
...
Fix hash added by commit 28c7ff0bdb
:
https://patchwork.ozlabs.org/project/buildroot/patch/20210104101054.5392-1-jubalh@iodoru.org
Says Michael:
> ERROR: libstrophe-0.10.1.tar.gz has wrong sha256 hash:
> ERROR: expected: 4918c47029ecdea2deab4b0f9336ca4a8bb12c28b72b2cec397d98664b94c771
> ERROR: got : 5bf0bbc555cb6059008f1b748370d4d2ee1e1fabd3eeab68475263556405ba39
> ERROR: Incomplete download, or man-in-the-middle (MITM) attack
I'm sorry about that. We had some disagreement at JasPer and we removed
an existing tag and created the same tag on a different commit. Thus
generating a different tarball under the same tag..
I thought I only did the buildroot update after this, but maybe I
remember wrong.
While at it, also update indentation in hash file (two spaces)
Fixes:
- http://autobuild.buildroot.org/results/2f13af96eee20176ccb37ad32ec1472b4c9d6208
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[yann.morin.1998@free.fr: quote Michael's explanations]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-03-04 18:33:16 +01:00
Fabrice Fontaine
4c80672767
package/rpcbind: set RPCBIND_CPE_ID_VALID
...
cpe:2.3🅰️ rpcbind_project:rpcbind is a valid CPE identifier for this
package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Arpcbind_project%3Arpcbind
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-03-04 08:14:47 +01:00
Fabrice Fontaine
353395a0a6
package/transmission: add TRANSMISSION_CPE_ID_VENDOR
...
cpe:2.3🅰️ transmissionbt:transmission is a valid CPE identifier for this
package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Atransmissionbt%3Atransmission
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-03-04 08:14:23 +01:00
Fabrice Fontaine
20dbc17704
package/rsync: add RSYNC_CPE_ID_VENDOR
...
cpe:2.3🅰️ samba:rsync is a valid CPE identifier for this package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Asamba%3Arsync
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-03-04 08:13:58 +01:00
Fabrice Fontaine
4a6ea830a7
package/librsync: set LIBRSYNC_CPE_ID_VALID
...
cpe:2.3🅰️ librsync_project:librsync is a valid CPE identifier for this
package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Alibrsync_project%3Alibrsync
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-03-04 08:13:49 +01:00
Fabrice Fontaine
61eff3f988
package/librsvg: add LIBRSVG_CPE_ID_VENDOR
...
cpe:2.3🅰️ gnome:librsvg is a valid CPE identifier for this package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Agnome%3Alibrsvg
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-03-04 08:13:29 +01:00
Fabrice Fontaine
e51733c126
package/libpjsip: add CPE variables
...
cpe:2.3🅰️ pjsip:pjsip is a valid CPE identifier for this package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Apjsip%3Apjsip
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-03-04 08:12:21 +01:00
Michael Vetter
28c7ff0bdb
package/libstrophe: bump to version 0.10.1
...
Changes:
* Fixed compilation error when LibreSSL is used
* Fixed crash when NULL is provided as password
Signed-off-by: Michael Vetter <jubalh@iodoru.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-03-04 08:09:59 +01:00
Fabrice Fontaine
3a6d53c9f0
package/neon: add NEON_CPE_ID_VENDOR
...
cpe:2.3🅰️ webdav:neon is a valid CPE identifier for this package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Awebdav%3Aneon
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-03-04 08:08:41 +01:00
Fabrice Fontaine
831a1bd299
package/sdl2_image: add SDL2_IMAGE_CPE_ID_VENDOR
...
cpe:2.3🅰️ libsdl:sdl2_image is a valid CPE identifier for this package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Alibsdl%3Asdl2_image
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-03-04 08:07:51 +01:00
Fabrice Fontaine
84e239775f
package/procps-ng: set PROCPS_NG_CPE_ID_VALID
...
cpe:2.3🅰️ procps-ng_project:procps-ng is a valid CPE identifier for this
package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Aprocps-ng_project%3Aprocps-ng
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-03-04 08:07:42 +01:00
Fabrice Fontaine
24b1b6489b
package/libvorbis: add LIBVORBIS_CPE_ID_VENDOR
...
cpe:2.3🅰️ xiph.org:libvorbis is a valid CPE identifier for this package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Axiph.org%3Alibvorbis
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-03-04 08:06:50 +01:00
Fabrice Fontaine
5743d90008
package/libconfuse: set LIBCONFUSE_CPE_ID_VALID
...
cpe:2.3🅰️ libconfuse_project:libconfuse is a valid CPE identifier for
this package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Alibconfuse_project%3Alibconfuse
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-03-04 08:06:35 +01:00
Fabrice Fontaine
ca36994a88
package/libsoup: add LIBSOUP_CPE_ID_VENDOR
...
cpe:2.3🅰️ gnome:libsoup is a valid CPE identifier for this package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Agnome%3Alibsoup
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-03-04 08:06:16 +01:00
Fabrice Fontaine
01024f5612
package/stunnel: add STUNNEL_CPE_ID_VENDOR
...
cpe:2.3🅰️ stunnel:stunnel is a valid CPE identifier for this package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Astunnel%3Astunnel
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-03-04 08:05:14 +01:00
Fabrice Fontaine
0b4e8e430d
package/sane-backends: set SANE_BACKENDS_CPE_ID_VALID
...
cpe:2.3🅰️ sane-backends_project:sane-backends is a valid CPE identifier
for this package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Asane-backends_project%3Asane-backends
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-03-04 08:05:00 +01:00
Fabrice Fontaine
cac588d79a
package/suricata: bump to version 6.0.2
...
This release is a bug fix release, fixing numerous important issues:
https://suricata-ids.org/2021/03/02/suricata-6-0-2-and-5-0-6-released/
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-03-03 15:01:51 +01:00
Fabrice Fontaine
57cb108af0
package/libhtp: bump to version 0.5.37
...
https://github.com/OISF/libhtp/releases/tag/0.5.37
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-03-03 15:01:44 +01:00
Fabrice Fontaine
ff18652b42
package/libebml: security bump to version 1.4.2
...
Fix CVE-2021-3405: A flaw was found in libebml before 1.4.2. A heap
overflow bug exists in the implementation of EbmlString::ReadData and
EbmlUnicodeString::ReadData in libebml.
https://github.com/Matroska-Org/libebml/blob/release-1.4.2/ChangeLog
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-03-03 13:44:16 +01:00
Fabrice Fontaine
fc151128a9
package/elfutils: set ELFUTILS_CPE_ID_VALID
...
cpe:2.3🅰️ elfutils_project:elfutils is a valid CPE identifier for this
package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Aelfutils_project%3Aelfutils
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-03-03 13:42:46 +01:00
Fabrice Fontaine
20455e4767
package/prosody: add PROSODY_CPE_ID_VENDOR
...
cpe:2.3🅰️ prosody:prosody is a valid CPE identifier for this package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Aprosody%3Aprosody
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-03-03 13:42:33 +01:00
Fabrice Fontaine
608632bfe8
package/netatalk: set NETATALK_CPE_ID_VALID
...
cpe:2.3🅰️ netatalk_project:netatalk is a valid CPE identifier for this
package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Anetatalk_project%3Anetatalk
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-03-03 13:42:21 +01:00
Fabrice Fontaine
e1d4b088fb
package/liburiparser: add CPE variables
...
cpe:2.3🅰️ uriparser_project:uriparser is a valid CPE identifier for this
package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Auriparser_project%3Auriparser
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-03-03 13:42:00 +01:00
Fabrice Fontaine
e44dcbd953
package/pango: add PANGO_CPE_ID_VENDOR
...
cpe:2.3🅰️ pango:pango is a valid CPE identifier for this package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Apango%3Apango
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-03-03 13:41:52 +01:00
Fabrice Fontaine
94a331ed1e
package/jq: set JQ_CPE_ID_VALID
...
cpe:2.3🅰️ jq_project:jq is a valid CPE identifier for this package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Ajq_project%3Ajq
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-03-03 13:41:37 +01:00
Fabrice Fontaine
04b9f65f11
package/libseccomp: set LIBSECCOMP_CPE_ID_VALID
...
cpe:2.3🅰️ libseccomp_project:libseccomp is a valid CPE identifier for
this package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Alibseccomp_project%3Alibseccomp
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-03-03 13:41:28 +01:00
Fabrice Fontaine
8cdab4fc4a
package/rpm: add RPM_CPE_ID_VENDOR
...
cpe:2.3🅰️ rpm:rpm is a valid CPE identifier for this package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Arpm%3Arpm
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-03-03 13:41:09 +01:00
Fabrice Fontaine
88053c3bae
package/live555: add CPE variables
...
cpe:2.3🅰️ live555:streaming_media is a valid CPE identifier for this
package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Alive555%3Astreaming_media
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-03-03 13:40:57 +01:00
Fabrice Fontaine
1032d583f8
package/irssi: add IRSSI_CPE_ID_VENDOR
...
cpe:2.3🅰️ irssi:irssi is a valid CPE identifier for this package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Airssi%3Airssi
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-03-03 13:40:15 +01:00
Fabrice Fontaine
70c0ebf293
package/mpg123: add MPG123_CPE_ID_VENDOR
...
cpe:2.3🅰️ mpg123:mpg123 is a valid CPE identifier for this package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Ampg123%3Ampg123
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-03-03 13:39:38 +01:00
Fabrice Fontaine
266b935349
package/libmodplug: add LIBMODPLUG_CPE_ID_VENDOR
...
cpe:2.3🅰️ konstanty_bialkowski:libmodplug is a valid CPE identifier for
this package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Akonstanty_bialkowski%3Alibmodplug
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-03-03 13:39:29 +01:00
Yann E. MORIN
6cfb4ad7f7
Revert "package/libopenssl: fix build on riscv32"
...
This reverts commit 2bb26c1a1d
.
There was some negative feedback from Arnd Bergmann on that patch:
5b5e2985f3 (commitcomment-44782859)
The patch looks wrong to me: __NR_io_pgetevents_time64 must be used
whenever time_t is 64-bit wide on a 32-bit architecture, while
__NR_io_getevents/__NR_io_pgetevents must be used when time_t is the
same width as 'long'.
Checking whether __NR_io_getevents is defined is wrong for all
architectures other than riscv
And in light of the above, indeed the patch does not look so correct
after all.
Reported-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-03-03 11:15:29 +01:00
Yann E. MORIN
2bb26c1a1d
package/libopenssl: fix build on riscv32
...
riscv32 is (surprise!) a 32-bit architecture. But it has been Y2038-safe
from its inception. As such, there are no legacy binaries that may use
the 32-bit time syscalls, and thus they are not available on riscv32.
Code that directly calls to the syscalls without using the C libraries
wrappers thus need to handle this case by themselves.
Backport a patch from the upstream openssl development branch that will
eventually be openssl 3.0, but has not yet been backported to the 1.1.1
stable branch.
Fixes:
http://autobuild.buildroot.org/results/eb9/eb9a64d4ffae8569b5225083f282cf87ffa7c681/
...
http://autobuild.buildroot.org/results/07e/07e413b24ba8adc9558c80267ce16dda339bf032/
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Matt Weber <matthew.weber@rockwellcollins.com>
Cc: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-03-02 23:55:46 +01:00
Peter Korsgaard
a0aff89ed2
support/scripts/gen-bootlin-toolchains: correct xtensa-lx60 toolchain dependencies
...
Fixes:
http://autobuild.buildroot.net/results/011/0111c2ed54618daaeedfc66b0ea04eda00a7e855/
http://autobuild.buildroot.net/results/e53/e53e3880b63a23fa3b3e6d34664d40d5ddbdff89/
..
As listed in the br_fragment file of the toolchain, this is built for a
little-endian "custom" xtensa variant rather than the (big-endian) fsf one:
BR2_xtensa=y
BR2_XTENSA_CUSTOM=y
So update the dependencies in the script and regenerate Config.in.options /
toolchain test. Also fixup the autobuild config snippet to match.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-03-02 23:52:49 +01:00
Peter Korsgaard
9ada4eb2f1
package/wpa_supplicant: add upstream 2021-1 security fix
...
Fixes the following security issue:
- wpa_supplicant P2P provision discovery processing vulnerability (no CVE
yet)
A vulnerability was discovered in how wpa_supplicant processes P2P
(Wi-Fi Direct) provision discovery requests. Under a corner case
condition, an invalid Provision Discovery Request frame could end up
reaching a state where the oldest peer entry needs to be removed. With
a suitably constructed invalid frame, this could result in use
(read+write) of freed memory. This can result in an attacker within
radio range of the device running P2P discovery being able to cause
unexpected behavior, including termination of the wpa_supplicant process
and potentially code execution.
For more details, see the advisory:
https://w1.fi/security/2021-1/wpa_supplicant-p2p-provision-discovery-processing-vulnerability.txt
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
[yann.morin.1998@free.fr: actually add the patch URL to the patch list]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-03-02 23:11:25 +01:00
Fabrice Fontaine
b33f74823e
package/kismet: server needs wchar
...
kismet embeds its own copy of fmt since version 2019-04-R1 so add a
dependency on wchar to avoid the following build failure when building
the server:
./fmt/core.h:1245:1:
std::wstring vformat(wstring_view format_str, wformat_args args);
^~~
./fmt/core.h:1266:13: error: 'wstring' in namespace 'std' does not name a type
inline std::wstring format(wstring_view format_str, const Args & ... args) {
^~~~~~~
./fmt/core.h:1266:8: note: 'std::wstring' is defined in header '<string>'; did you forget to '#include <string>'?
Fixes:
- http://autobuild.buildroot.org/results/f19b3d080514a799a1c75b38ff5f7ae4e8d2628d
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-03-02 22:04:19 +01:00
Fabrice Fontaine
e0a2912440
package/perl: link with -lintl if needed
...
Link with TARGET_NLS_LIBS if needed to avoid the following build failure
with perl in version 5.32:
/home/buildroot/autobuild/instance-3/output-1/host/bin/arm-linux-gcc -lm -Wl,-E -o perl perlmain.o libperl.a -lm -lcrypt -lpthread -ldl
/home/buildroot/autobuild/instance-3/output-1/host/opt/ext-toolchain/bin/../lib/gcc/arm-buildroot-linux-uclibcgnueabi/9.3.0/../../../../arm-buildroot-linux-uclibcgnueabi/bin/ld: libperl.a(locale.o): in function `S_emulate_setlocale':
/home/buildroot/autobuild/instance-3/output-1/build/perl-5.32.1/locale.c:1182: undefined reference to `libintl_textdomain'
An upstream issue has been opened in:
https://github.com/Perl/perl5/issues/18467
Fixes:
- http://autobuild.buildroot.org/results/9df8d8d28006845b4f927548f8856dfa8f79802b
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-03-02 21:59:50 +01:00
Waldemar Brodkorb
563ecafd22
uclibc-ng-test: update to latest
...
Fixes:
http://autobuild.buildroot.net/results/877879987f7adea0fa239e879b056c248968b1e9
Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-03-02 21:51:41 +01:00