Commit Graph

53610 Commits

Author SHA1 Message Date
Romain Naour
4c051c65ee package/rustc: RUSTC_TARGET_NAME is needed to build host-rust
As reported on bugzilla [1], the host-rust package fail when
the target architecture or the target libc is not supported.

The error is the following:
failed to parse TOML configuration 'config.toml': expected a table key, found a right bracket at line 15

In such case BR2_PACKAGE_HOST_RUSTC_TARGET_ARCH_SUPPORTS is
not set thus RUSTC_TARGET_NAME is also not set [2].

But RUSTC_TARGET_NAME is needed to generate the file config.toml [3]

Add BR2_PACKAGE_HOST_RUSTC_TARGET_ARCH_SUPPORTS in the host-rust
dependency.

The commit [4] that allowed to select host-rust when the target
architecture or the target libc is not supported, should have
allowed to select only host-rustc-bin.

Fixes:
Bug #12691

[1] https://bugs.busybox.net/show_bug.cgi?id=12691
[2] https://git.buildroot.net/buildroot/tree/package/rustc/rustc.mk?h=2020.05-rc1#n10
[3] https://git.buildroot.net/buildroot/tree/package/rust/rust.mk?h=2020.05-rc1#n41
[4] 025b863e6f

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Sam Voss <sam.voss@gmail.com>
Reviewed-by: Sam Voss <sam.voss@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-05-17 21:06:31 +02:00
Fabrice Fontaine
94cb0cc772 package/ezxml: remove package
ezXML is affected by several CVEs and is not maintained anymore (no
release since 2006) so remove it.

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2020-05-17 09:24:44 +02:00
James Hilliard
b5cd314296 package/meson: use wrappers for g-ir-scanner and g-ir-compiler
We need to backport a commit to allow us to override the g-ir-scanner
and g-ir-compiler binaries in the gnome module.

By default since meson looks for these binaries as native: true
dependencies it would use the host versions instead of the wrappers
which are not useable for target package builds. Override this behavior
by specifying the correct wrapper binaries in cross-compilation.conf.

Fixes:
http://autobuild.buildroot.net/results/f49/f49bb57a6ec2890f489fbd55ced9c9249d066334/build-end.log

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
[yann.morin.1998@free.fr:
  - expand on why the backported patch does not closely match upstream
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2020-05-17 09:10:00 +02:00
James Hilliard
864478f45b package/meson: bump to version 0.54.2
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2020-05-17 09:07:25 +02:00
Thomas Petazzoni
562e602442 configs/raspberrypi{3, 4}_64: enabling BR2_LINUX_KERNEL_DTB_OVERLAY_SUPPORT no longer needed
BR2_LINUX_KERNEL_DTB_OVERLAY_SUPPORT is now forcefully selected by
BR2_PACKAGE_RPI_FIRMWARE_INSTALL_DTB_OVERLAYS when the kernel is in
charge of building DTBs (BR2_LINUX_KERNEL_DTS_SUPPORT=y). So enabling
BR2_LINUX_KERNEL_DTB_OVERLAY_SUPPORT is no longer needed in the 64-bit
defconfigs for Raspberry Pi 3 and 4.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2020-05-16 21:41:16 +02:00
Thomas Petazzoni
9fd1d4fec1 package/rpi-firmware: select BR2_LINUX_KERNEL_DTB_OVERLAY_SUPPORT when needed
When BR2_PACKAGE_RPI_FIRMWARE_INSTALL_DTB_OVERLAYS is enabled, and the
DTBs are built by Linux (i.e BR2_LINUX_KERNEL_DTS_SUPPORT is enabled),
these DTBs should be built with the -@ Device Tree compiler option, so
that they can be used together with DTB overlays. So let's select
BR2_LINUX_KERNEL_DTB_OVERLAY_SUPPORT in this situation.

Fixes:

  https://bugs.busybox.net/show_bug.cgi?id=12831

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2020-05-16 21:39:52 +02:00
Danomi Manchego
7dccd3b248 package/libssh2: fix autoreconf comment
The comment explaining the autoreconf says that we are building from a git
clone - but we are not, currently.  However, the reconf is still needed due
to patches modifying ac files.

This commit corrects the comment.

Signed-off-by: Danomi Manchego <danomimanchego123@gmail.com>
[yann.morin.1998@free.fr: also mention acincludes.m4]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2020-05-16 18:24:59 +02:00
Thomas Petazzoni
fcfdd8a80d package/libunwind: enable on AArch64
Since version 1.2, libunwind has support for the AArch64 architecture.

It builds fine on glibc, needs a small patch on musl, but doesn't
build with uClibc (stack_t undefined).

Fixes:

  https://bugs.busybox.net/show_bug.cgi?id=12836

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-05-16 15:41:21 +02:00
Fabrice Fontaine
0f783ba66e package/lrzip: security bump to 8781292dd5833c04eeead51d4a5bd02dc6432dc7
Bump to latest upstream commit as it fixes a huge number of CVEs. Some
of them can't be linked to a given commit (e.g.
https://github.com/ckolivas/lrzip/issues/67). Moreover, upstream does
not plan to tag a new release any time soon:
https://github.com/ckolivas/lrzip/issues/99

- Fix CVE-2017-8842: The bufRead::get() function in libzpaq/libzpaq.h in
  liblrzip.so in lrzip 0.631 allows remote attackers to cause a denial
  of service (divide-by-zero error and application crash) via a crafted
  archive.
- Fix CVE-2017-8843: The join_pthread function in stream.c in
  liblrzip.so in lrzip 0.631 allows remote attackers to cause a denial
  of service (NULL pointer dereference and application crash) via a
  crafted archive.
- Fix CVE-2017-8844: The read_1g function in stream.c in liblrzip.so in
  lrzip 0.631 allows remote attackers to cause a denial of service
  (heap-based buffer overflow and application crash) or possibly have
  unspecified other impact via a crafted archive.
- Fix CVE-2017-8845: The lzo1x_decompress function in lzo1x_d.ch in LZO
  2.08, as used in lrzip 0.631, allows remote attackers to cause a
  denial of service (invalid memory read and application crash) via a
  crafted archive.
- Fix CVE-2017-8846: The read_stream function in stream.c in
  liblrzip.so in lrzip 0.631 allows remote attackers to cause a denial
  of service (use-after-free and application crash) via a crafted
  archive.
- Fix CVE-2017-8847: The bufRead::get() function in libzpaq/libzpaq.h in
  liblrzip.so in lrzip 0.631 allows remote attackers to cause a denial
  of service (NULL pointer dereference and application crash) via a
  crafted archive.
- Fix CVE-2017-9928: In lrzip 0.631, a stack buffer overflow was found
  in the function get_fileinfo in lrzip.c:979, which allows attackers to
  cause a denial of service via a crafted file.
- Fix CVE-2017-9929: In lrzip 0.631, a stack buffer overflow was found
  in the function get_fileinfo in lrzip.c:1074, which allows attackers
  to cause a denial of service via a crafted file.
- Fix CVE-2018-5747: In Long Range Zip (aka lrzip) 0.631, there is a
  use-after-free in the ucompthread function (stream.c). Remote
  attackers could leverage this vulnerability to cause a denial of
  service via a crafted lrz file.
- Fix CVE-2018-11496: In Long Range Zip (aka lrzip) 0.631, there is a
  use-after-free in read_stream in stream.c, because decompress_file in
  lrzip.c lacks certain size validation.

Also:
 - update indentation of hash file (two spaces)
 - drop patch (already in version)
 - manage host-nasm dependency which is enabled by default and has been
   fixed by:
   9f16f65705

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2020-05-16 13:46:55 +02:00
Peter Seiderer
1d430ddcfd package/python-pyqt5: fix QtLocation module dependency
The QT module location from qt5location depends on
QT quick from qt5declarative.

>From qt5location-5.14.2/src/src.pro:

  qtHaveModule(quick) {
      SUBDIRS += positioningquick location
      ...
  }

Adjust pyqt5 QtLocation module dependency accordingly.

Fixes:

  - http://autobuild.buildroot.net/results/122bb0a37d968cd79dc043b48f90f1ba4135491f

  Reading .../build/python-pyqt5-5.7/QtLocation/QtLocation.pro
  Project ERROR: Unknown module(s) in QT: location

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2020-05-16 13:44:46 +02:00
Joseph Kogut
8e79f54323 package/mesa3d: reorder platforms to fix EGL
Mesa chooses the first platform specified in -Dplatforms as the default
EGL native platform. [0]

    Configure Options

    -D platforms=...
        List the platforms (window systems) to support. Its argument is
        a comma separated string such as -D platforms=x11,drm. It
        decides the platforms a driver may support. The first listed
        platform is also used by the main library to decide the native
        platform.

This has the effect of breaking EGL applications running on X11 and
possibly Wayland when the first platform specified isn't x11 or wayland,
and EGL_PLATFORM isn't set.

Reorder the specified platforms to use x11, wayland, and drm before
surfaceless, as this is the order chosen by other common distributions,
such as Arch Linux [1], Debian [2], and Fedora [3].

Users preferring drm or surfaceless over x11 or wayland likely know how
to override the native EGL platform, and likely have x11 and wayland
disabled anyway.

[0] https://www.mesa3d.org/egl.html
[1] https://git.archlinux.org/svntogit/packages.git/tree/trunk/PKGBUILD?h=packages/mesa#n45
[2] fb8c1efb57/debian/rules (L38)
[3] https://src.fedoraproject.org/rpms/mesa/blob/master/f/mesa.spec#_337

Signed-off-by: Joseph Kogut <joseph.kogut@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2020-05-16 10:00:09 +02:00
Bernd Kuhls
df7ffdcc81 package/libaacs: bump version to 0.10.0
Changelog:
https://code.videolan.org/videolan/libaacs/-/blob/master/ChangeLog

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-05-15 23:04:32 +02:00
James Hilliard
d4201027cb package/python-janus: bump to version 0.5.0
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-05-15 23:03:57 +02:00
Thomas Petazzoni
339e1b3dd9 configs/nanopi_neo4: fix U-Boot dependencies
In fact, nanopi_neo4 does not need pylibfdt or pyelftools, but only a
host Python interpreter, to run
./arch/arm/mach-rockchip/make_fit_atf.py.

Since upstream U-Boot commit f05d5743567984b4fff6a862fc0f42760ff135da,
this script no longer needs pyelftools. However, since upstream commit
6d06ea34239ab5099783ce588ad4aead96e1fccb (merged in U-Boot 2020.01),
it requires Python 3.x.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
[yann.morin.1998@free.fr: update with the new NEEDS_PYTHON semantics]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2020-05-15 22:59:21 +02:00
Thomas Petazzoni
f51cbc33d9 configs/roc_pc_rk3399: fix U-Boot dependencies
In fact, roc_pc_rk3399 does not need pylibfdt or pyelftools, but only
a host Python interpreter, to run
./arch/arm/mach-rockchip/make_fit_atf.py.

Since upstream U-Boot commit f05d5743567984b4fff6a862fc0f42760ff135da,
this script no longer needs pyelftools. However, since upstream commit
6d06ea34239ab5099783ce588ad4aead96e1fccb (merged in U-Boot 2020.01),
it requires Python 3.x.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
[yann.morin.1998@free.fr: update with the new NEEDS_PYTHON semantics]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2020-05-15 22:59:21 +02:00
Thomas Petazzoni
ba593585ad configs/beelink_gs1: use Python 3.x
Since the bump to U-Boot 2020.01 in commit
e210080d2a, it needs Python 3.x on the
host.

Fixes:

  https://gitlab.com/buildroot.org/buildroot/-/jobs/535054357

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Acked-by: Clément Péron <peron.clem@gmail.com>
[yann.morin.1998@free.fr: update with the new NEEDS_PYTHON semantics]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2020-05-15 22:59:21 +02:00
Thomas Petazzoni
dfbff32543 configs/olimex_a20_olinuxino_lime{, 2}: use Python 3.x
The olimex_a20_olinuxino_lime{,2}_defconfig uses U-Boot 2020.04 since
commit 6b805c3ab7. This new U-Boot
version needs Python 3.x for pylibfdt.

Fixes:

  https://gitlab.com/buildroot.org/buildroot/-/jobs/535054468
  https://gitlab.com/buildroot.org/buildroot/-/jobs/535054466

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
[yann.morin.1998@free.fr: update with the new NEEDS_PYTHON semantics]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2020-05-15 22:59:21 +02:00
Thomas Petazzoni
df3d1f8177 boot/uboot: support building U-Boot with Python 3.x
U-Boot versions newer than 2020.01 use Python 3.x instead of Python
2.x in various scripts.

We already had the BR2_TARGET_UBOOT_NEEDS_PYLIBFDT and
BR2_TARGET_UBOOT_NEEDS_PYELFTOOLS options, but depending on the U-Boot
version, we now need to indicate if Python 2.x or Python 3.x should be
used.

In addition, it turns out that some U-Boot configurations need a
Python interpreter, without needing pylibfdt or pyelftools. Some of
our defconfigs were abusing the BR2_TARGET_UBOOT_NEEDS_PYLIBFDT option
to make sure a Python interpreter was built.

To solve this issue, we introduce a choice, that let the users specify
what, if any, host python version is needed. The default is 'no', to
preserve the previous behaviour, unless any of the pylibfdt or the
pyelftools options is enabled, in which case we hide the 'no' option,
and use python 2 by default. This dfault is guaranteed by the order of
options in the choice.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
[yann.morin.1998@free.fr:
  - explicitly make the choice a bool
  - make BR2_TARGET_UBOOT_NEEDS_PYTHON a blind option
  - introduce the 'no' option in the choice
  - reword the commit log accordingly
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2020-05-15 22:59:21 +02:00
Thomas Petazzoni
0704168abf package/python3-pyelftools: new package
We will need this Python 3.x variant of the host-python-pyelftools
package to be able to build some recent versions of U-Boot (>=
2020.01).

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2020-05-15 22:59:21 +02:00
James Hilliard
93afd6695b package/python-argon2-cffi: bump to version 20.1.0
Drop patch that is now upstream.

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-05-15 22:58:00 +02:00
Grzegorz Blach
41d80c72c6 package/python-redis: Bump to version 3.5.1
Signed-off-by: Grzegorz Blach <grzegorz@blach.pl>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-05-15 22:37:52 +02:00
Bernd Kuhls
b3ad18e8d2 package/freeswitch: bump version to 1.10.3
Release notes:
https://mailchi.mp/freeswitch.com/freeswitch-v1103-has-just-been-released

Changelog:
https://github.com/signalwire/freeswitch/releases/tag/v1.10.3

Reformatted hashes.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-05-15 22:37:27 +02:00
Fabrice Fontaine
81b3fd8654 package/python-markdown2: bump to version 2.3.9
- Drop patches (already in version)
- Update indentation in hash file (two spaces)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-05-15 22:35:45 +02:00
Fabrice Fontaine
604fe08806 package/python-markdown2: fix CVE-2020-11888
python-markdown2 through 2.3.8 allows XSS because element names are
mishandled unless a \w+ match succeeds. For example, an attack might use
elementname@ or elementname- with an onclick attribute.

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-05-15 22:35:42 +02:00
Matt Weber
564d9bdad8 package/kmod: modinfo support of signature details
Add conditional support to allow the module tools to use openssl
on target to inspect the signature of signed modules. If openssl
is not enabled the modinfo will show a hash algo as unknown.

Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Tested-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2020-05-15 22:24:19 +02:00
James Hilliard
fbad745139 package/exfatprogs: bump to version 1.0.3
Drop patches that are now upstream.

We don't need to autoreconf since we are using a release tarball.

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-05-15 22:07:29 +02:00
Bernd Kuhls
ae63a9c953 package/{mesa3d, mesa3d-headers}: bump version to 20.0.7
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-05-15 21:57:59 +02:00
Heiko Thiery
2c3dc380a0 package/sysrepo: bump version to 1.4.58
Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-05-15 21:56:49 +02:00
Heiko Thiery
6e683608da package/libnetconf2: bump to version 1.1.24
The LICENSE file hash changed due to Copyright year updating to include 2020.

Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-05-15 21:49:05 +02:00
Heiko Thiery
c2884cd6f8 package/libyang: bump to version 1.0.167
Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-05-15 21:48:58 +02:00
Nicolas Robin
fe29913fa9 package/sdl2: enable 3DNOW only if it's supported by the target
Signed-off-by: Nicolas Robin <nrosfs@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-05-15 21:47:55 +02:00
Nicolas Robin
f6cd56b9ce arch/x86: adds BR2_X86_CPU_HAS_3DNOW flag
Signed-off-by: Nicolas Robin <nrosfs@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-05-15 21:47:50 +02:00
Nicolas Robin
a14a962983 package/sdl2: enable SSE only if it's supported by the target
Signed-off-by: Nicolas Robin <nrosfs@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-05-15 21:47:38 +02:00
Petr Vorel
27d199a732 package/ltp-testsuite: bump to version 20200515
Also update list of tests incompatible with musl.
Removed patch backported from this release.

Signed-off-by: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-05-15 21:34:27 +02:00
Jörg Krause
2c3672edd2 package/luv: bump to version 1.36.0-0
Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-05-15 21:33:59 +02:00
James Hilliard
d5440491d6 package/python-multidict: bump to version 4.7.6
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-05-15 21:33:51 +02:00
Jörg Krause
e71f1af6da package/upmpdcli: bump to version 1.4.9
Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-05-15 21:33:47 +02:00
Jörg Krause
dda6a21937 package/mpd: bump to version 0.21.23
Changelog:
https://raw.githubusercontent.com/MusicPlayerDaemon/MPD/v0.21.23/NEWS

Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-05-15 21:33:42 +02:00
Bartosz Bilas
75c5de34ee boot/barebox: bump version to 2020.05.0
Signed-off-by: Bartosz Bilas <b.bilas@grinn-global.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-05-15 21:33:37 +02:00
Bernd Kuhls
1fcf0e27b3 package/postgresql: bump version to 12.3
Changelog: https://www.postgresql.org/about/news/2038/

Fixes CVE-2020-10733 which is only relevant for Windows.

Reformatted hashes.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-05-15 21:33:24 +02:00
Max Filippov
c99a3950d8 package/elf2flt: add support for XTENSA_[PN]DIFF relocations
Xtensa have added new relocation types R_XTENSA_[NP]DIFF{8,16,32} with
the same properties as the existing types R_XTENSA_DIFF{8,16,32}.
Add them to the list of ignored relocation types.

This fixes the following error when invoking elf2flt on xtensa binaries
built with the recent binutils:

  ERROR: reloc type R_XTENSA_PDIFF32 unsupported in this context

Reported-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-05-15 21:31:25 +02:00
Bernd Kuhls
1dd6d52226 package/php: security bump version to 7.4.6
Changelog: https://www.php.net/ChangeLog-7.php#7.4.6

Fixes CVE 2019-11048.

Reformatted hashes.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-05-15 21:25:46 +02:00
Fabrice Fontaine
a07a9d3216 package/cegui: remove tinyxml2 dependency
Remove tinyxml2 dependency as tinyxml2 is not a part of version 0.8.7.

Indeed, tinyxml2 has been added in September 2016 with
49b3fd9d6f
whereas version 0.8.7 has been released in April 2016

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2020-05-13 22:35:56 +02:00
Norbert Lange
e642e17982 package/fakeroot: fix for fchownat/fchmodat
fakeroot does mask out necessary flags, instead pass through
the flags that are supported by fstatat

Upstream BR: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=959876

Signed-off-by: Norbert Lange <nolange79@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2020-05-13 22:12:02 +02:00
Bernd Kuhls
3f617ac6ca package/clamav: security bump version to 0.102.3
Fixes CVE-2020-3327 & CVE-2020-3341.

Release notes:
https://blog.clamav.net/2020/05/clamav-01023-security-patch-released.html

Reformatted hashes.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2020-05-13 22:00:24 +02:00
Lecopzer Chen
afceb76e43 package/binutils: install libopcodes to target/
libopcodes was installed in staging/ in commit 6a508d9361 (binutils:
Also install libopcodes in staging), but was not installed in target/

Starting with linux-5.6, perf (linux-tools) will link to libopcodes when
it is present. Since it is available in staging, the build succeeds.
However, libopcodes missing in target, perf fails at runtime:

    perf: ...libopcodes-2.33.1.so: cannot open shared object file

Install libopcodes to target as well.

Signed-off-by: Lecopzer Chen <lecopzer@gmail.com>
[yann.morin.1998@free.fr: reword commit log]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2020-05-13 21:45:13 +02:00
Peter Korsgaard
3564bc1659 package/wireguard-linux-compat: bump version to 1.0.20200506
Synchronizes with upstream 5.7-rc5.  For details, see the announcement:
https://lists.zx2c4.com/pipermail/wireguard/2020-May/005408.html

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-05-12 22:13:53 +02:00
Peter Korsgaard
39a7f1e973 docs/website: update for 2020.02.2
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-05-12 15:17:16 +02:00
Peter Korsgaard
d011ca9b69 Update for 2020.02.2
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 2f7183d131)
[Peter: drop Makefile changes]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-05-12 15:15:23 +02:00
Peter Korsgaard
a388d7443e package/localedef: bump version to stay in sync with glibc
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-05-12 12:27:23 +02:00