Commit Graph

68119 Commits

Author SHA1 Message Date
Daniel Lang
17393a78e5 package/at-spi2-core: security bump to version 2.48.3
https://gitlab.gnome.org/GNOME/at-spi2-core/-/blob/AT_SPI2_CORE_2_48_3/NEWS

Fixes a couple of use after frees when finalizing devices.
Added systemd option to not fail if dbus-broker is detected on the host
machine.

Fixes:
- http://autobuild.buildroot.net/results/a4908a2c8cb75b602794e890fccb8dd42ef6ff41

Signed-off-by: Daniel Lang <dalang@gmx.at>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-06-07 22:24:34 +02:00
Bernd Kuhls
29e79c1f54 package/php: Fix GCC 12 -Og
Fixes:
http://autobuild.buildroot.net/results/316451459139e250ba2d0c7b554606fd97eebd9a/

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-06-07 22:23:03 +02:00
Bernd Kuhls
62200879d4 package/libdeflate: force arm mode instead of Thumb mode
Fix the following build failure:

/tmp/ccGKQdKj.s: Assembler messages:
/tmp/ccGKQdKj.s:199: Error: invalid constant (7) after fixup
/tmp/ccGKQdKj.s:327: Error: invalid constant (0) after fixup
/tmp/ccGKQdKj.s:338: Error: invalid constant (1) after fixup
/tmp/ccGKQdKj.s:345: Error: invalid constant (20) after fixup
/tmp/ccGKQdKj.s:354: Error: invalid constant (20) after fixup
/tmp/ccGKQdKj.s:372: Error: invalid constant (20) after fixup
/tmp/ccGKQdKj.s:528: Error: invalid constant (3f) after fixup
/tmp/ccGKQdKj.s:531: Error: invalid constant (3f) after fixup
/tmp/ccGKQdKj.s:202: Error: invalid constant (20000) after fixup
/tmp/ccGKQdKj.s:482: Error: invalid constant (20000) after fixup
/tmp/ccGKQdKj.s:549: Error: invalid constant (20000) after fixup

Fixes:
http://autobuild.buildroot.net/results/0103d64a4a6a9b0a708bfb77bf1714edc7acc714/

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-06-07 22:20:35 +02:00
Romain Naour
a4fec34ba2 package/libjxl: requires host-cmake >= 3.19
libjxl requires cmake 3.19 since version v0.7 due to the
new behavior of cmake [1].

-- Configuring done
CMake Error at cmake/FindLCMS2.cmake:40 (add_library):
  INTERFACE_LIBRARY targets may only have whitelisted properties.  The
  property "INCLUDE_DIRECTORIES" is not allowed.
Call Stack (most recent call first):
  third_party/CMakeLists.txt:114 (find_package)

The portability issue has already been reported upstream [2].

Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/4322819095

[1] afb998704e
[2] https://github.com/libjxl/libjxl/issues/1425

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Julien Olivain <ju.o@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-06-06 22:14:36 +02:00
Romain Naour
53beb8fc1a support/dependencies: introduce BR2_HOST_CMAKE_AT_LEAST
Some packages (e.g. libjxl) requires a quite recent cmake version,
that is not yet available in most distributions, especially those
LTS versions.

Currently, when we bump the minimum cmake version we require, it gets
bumped for all packages, regardless of their own minimum required
version, which means that a given configuration will trigger the
build of our host-cmake even if the packages that require it are not
enabled and those that are would be content with the system-provided
cmake.

Since host-cmake can take quite some time to build, this can get a
bit annoying to pay the price of a host-cmake build that would
otherwise not be needed.

Some packages even use an alternative build system when available
since they requires a more recent version of cmake than the our
minimum cmake version
(wpewebkit use Ninja: 78d499409f).

We introduce config options that packages can select to indicate
what minimal cmake version they require, and use that version as the
required minimal version required by the current configuration [0].

We would like to ensure that the currently selected minimum cmake
version is indeed lower (or equal) to the cmake version we package,
but that is not possible: dependencies.mk is parsed before we parse
packages, so we do not yet know the cmake version we have, and we
can't invert the parsing order as we need to know the required
dependencies before we parse packages (so that we can build their
dependency rules in Makefile). So we can only add comments in both
places, that refer to the other location.

[0] note that this is yet not optimal, as in such a case, host-cmake
would be in the dependency chain of all cmake-based packages, even
for those packages that do not require it. The optimum would be for
each package to gain such a dependency on an as-needed basis, but
this is by far more complex to achieve, and would only speed up
cases where a single package is built from scratch (e.g. with:
make clean; make foo), which is not worth optimising (yet?)

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Julien Olivain <ju.o@free.fr>
Cc: Arnout Vandecappelle <arnout@mind.be>
Cc: Peter Korsgaard <peter@korsgaard.com>
Cc: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-06-06 22:06:49 +02:00
Peter Korsgaard
620ce32227 package/go: security bump to version 1.9.10
Fixes the following security issues:

- cmd/go: cgo code injection

  The go command may generate unexpected code at build time when using cgo.
  This may result in unexpected behavior when running a go program which
  uses cgo.

  This may occur when running an untrusted module which contains directories
  with newline characters in their names.  Modules which are retrieved using
  the go command, i.e.  via "go get", are not affected (modules retrieved
  using GOPATH-mode, i.e.  GO111MODULE=off, may be affected).

  Thanks to Juho Nurminen of Mattermost for reporting this issue.

  This is CVE-2023-29402 and Go issue https://go.dev/issue/60167.

- runtime: unexpected behavior of setuid/setgid binaries

  The Go runtime didn't act any differently when a binary had the
  setuid/setgid bit set.  On Unix platforms, if a setuid/setgid binary was
  executed with standard I/O file descriptors closed, opening any files
  could result in unexpected content being read/written with elevated
  prilieges.  Similarly if a setuid/setgid program was terminated, either
  via panic or signal, it could leak the contents of its registers.

  Thanks to Vincent Dehors from Synacktiv for reporting this issue.

  This is CVE-2023-29403 and Go issue https://go.dev/issue/60272.

- cmd/go: improper sanitization of LDFLAGS

  The go command may execute arbitrary code at build time when using cgo.
  This may occur when running "go get" on a malicious module, or when
  running any other command which builds untrusted code.  This is can by
  triggered by linker flags, specified via a "#cgo LDFLAGS" directive.

  Thanks to Juho Nurminen of Mattermost for reporting this issue.

  This is CVE-2023-29404 and CVE-2023-29405 and Go issues
  https://go.dev/issue/60305 and https://go.dev/issue/60306.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-06-06 21:56:00 +02:00
Bernd Kuhls
2b0c6c0b72 {linux, linux-headers}: bump 5.{4, 10, 15}.x / 6.{1, 3}.x series
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-06-06 21:40:50 +02:00
Neal Frager
48c3d9f396 board/zynqmp: fix shellcheck issues
This patch cleans up board/zynqmp shellcheck issues.

Signed-off-by: Neal Frager <neal.frager@amd.com>
[Peter: wrap long lines, use quotes around entire word]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-06-06 21:37:19 +02:00
Neal Frager
7db2ab3041 board/zynq: fix shellcheck issues
This patch cleans up board/zynq shellcheck issues.

Signed-off-by: Neal Frager <neal.frager@amd.com>
[Peter: use ${} for variables, quotes around entire word]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-06-06 21:26:34 +02:00
Romain Naour
757251a0de configs/qemu s390x: increase image size to 120M
The default kernel configuration for s390x enable a lot of
drivers by default so increase the image site to 120M.

Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/4364600444

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-06-06 16:45:49 +02:00
Romain Naour
e0e64e9ede support/testing/infra/emulator.py: fix typo in comment
Artefact (British) and Artifact (American) are both valid spelling
but ARTIFACTS_URL is used in the emulator code.

Surprisingly, the url actually use "artefacts"

  http://autobuild.buildroot.net/artefacts

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-06-06 16:44:16 +02:00
Romain Naour
35dea785ef package/perl-http-message: add missing reverse dependency from perl-clone
Commit [1] added dependency on perl-clone but forgot to propagate
the reverse dependency on !BR2_STATIC_LIBS.

Fixes:

WARNING: unmet direct dependencies detected for BR2_PACKAGE_PERL_CLONE
  Depends on [n]: BR2_PACKAGE_PERL [=y] && !BR2_STATIC_LIBS [=y]
  Selected by [y]:
  - BR2_PACKAGE_PERL_HTTP_MESSAGE [=y] && BR2_PACKAGE_PERL [=y]

http://autobuild.buildroot.org/results/5d5/5d503aaa94b56523c684be7946123921747ebf52

[1] 742258fec0

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-06-05 11:36:57 +02:00
Titouan Christophe
c29bf1d2db package/redis: security bump to v7.0.11
From the release notes
(see https://github.com/redis/redis/blob/7.0/00-RELEASENOTES):

================================================================================
Redis 7.0.11 Released Mon Apr 17 16:00:00 IST 2023
================================================================================

Upgrade urgency: SECURITY, contains fixes to security issues.

Security Fixes:
* (CVE-2023-28856) Authenticated users can use the HINCRBYFLOAT command to create
  an invalid hash field that will crash Redis on access

...

================================================================================
Redis 7.0.10 Released Mon Mar 20 16:00:00 IST 2023
================================================================================

Upgrade urgency: SECURITY, contains fixes to security issues.

Security Fixes:
* (CVE-2023-28425) Specially crafted MSETNX command can lead to assertion and denial-of-service

...

================================================================================
Redis 7.0.9 Released Tue Feb 28 12:00:00 IST 2023
================================================================================

Upgrade urgency: SECURITY, contains fixes to security issues.

Security Fixes:
* (CVE-2023-25155) Specially crafted SRANDMEMBER, ZRANDMEMBER, and HRANDFIELD
  commands can trigger an integer overflow, resulting in a runtime assertion
  and termination of the Redis server process.
* (CVE-2022-36021) String matching commands (like SCAN or KEYS) with a specially
  crafted pattern to trigger a denial-of-service attack on Redis, causing it to
  hang and consume 100% CPU time.

...

================================================================================
Redis 7.0.8 Released Mon Jan 16 12:00:00 IDT 2023
================================================================================

Upgrade urgency: SECURITY, contains fixes to security issues.

Security Fixes:
* (CVE-2022-35977) Integer overflow in the Redis SETRANGE and SORT/SORT_RO
  commands can drive Redis to OOM panic
* (CVE-2023-22458) Integer overflow in the Redis HRANDFIELD and ZRANDMEMBER
  commands can lead to denial-of-service

...

Signed-off-by: Titouan Christophe <titouanchristophe@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-06-05 11:35:09 +02:00
Peter Korsgaard
25e485f462 Update for 2023.05-rc3
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-06-04 13:10:30 +02:00
Paul Cercueil
fe567a8184 package/strace: bump to version 6.3
Signed-off-by: Paul Cercueil <paul@crapouillou.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-06-04 12:54:24 +02:00
Julien Olivain
108bb3395b package/z3: bump to version 4.12.2
For change log since v4.12.1, see:
- https://github.com/Z3Prover/z3/releases/tag/z3-4.12.2

Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-06-04 12:52:50 +02:00
Paul Cercueil
6b26999abc package/lightning: bump version to 2.2.1
And restore support for MIPS64, which is supported by Lightning.

Signed-off-by: Paul Cercueil <paul@crapouillou.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-06-04 12:52:33 +02:00
itzwam
eb940ab43d package/bird: bump to version 2.0.12
Bugfix release, with "Important bugfixes".  For details, see the
announcement:

https://bird.network.cz/pipermail/bird-users/2023-January/016560.html

Signed-off-by: Itz 'toinux' Wam <itz.wam@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-06-04 12:47:21 +02:00
Michael Fischer
2e511e791d package/gnuplot: bump version to 5.4.7
Signed-off-by: Michael Fischer <mf@go-sys.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-06-04 12:43:31 +02:00
Bagas Sanjaya
2cd0059419 package/git: bump to version 2.41.0
Bump the package version to 2.41.0. For the release announcement and
notes, see [1].

Link: https://lore.kernel.org/git/xmqqleh3a3wm.fsf@gitster.g/ [1]
Signed-off-by: Bagas Sanjaya <bagasdotme@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-06-04 12:42:06 +02:00
Laurent Vivier
d2c1d8dfb5 kexec: fix sys/random.h with uclibc
Fixes: http://autobuild.buildroot.net/results/b5a/b5a46cc164cb0fe6bf37dacb917b3664d2710a4a

Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
2023-06-03 22:44:41 +02:00
Bernd Kuhls
579f5a9782 package/vdr: fix musl build
Fixes:
http://autobuild.buildroot.net/results/bdacedd845a2bf4db9826f0d3868f6b48d456d2a/

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
2023-06-03 21:48:50 +02:00
Bernd Kuhls
c9b2e252ca package/vdr: reformatted patches
git-formatted patches due to the upstream repo using git:
http://git.tvdr.de/?p=vdr.git

Sent patches upstream and added Upstream: tags.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
2023-06-03 21:47:56 +02:00
Bernd Kuhls
f3b46aa2aa package/vdr: Fix patch for uclibc build
uClibc-ng 1.0.42 added support for getloadavg:
https://cgit.uclibc-ng.org/cgi/cgit/uclibc-ng.git/commit/?id=ad3a130dad88ad7a59dcd965b0cf9bd0d713595e

leading to build errors of the vdr package:

skinlcars.c:1105:12: error: 'int getloadavg(double*, int)' was declared 'extern' and later 'static' [-fpermissive]

since its version bump in buildroot:
https://git.busybox.net/buildroot/commit/?id=61ae6add9e5d4761536fa4ff24150d5f8f82a61d

Fixes:
http://autobuild.buildroot.net/results/d3a/d3a65044fabdafa1b6d75a508eae006a2cfebdc0/

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
2023-06-03 21:44:04 +02:00
Bernd Kuhls
11db2d6fde package/mesa3d: fix build error with the i915 Gallium driver
The error was introduced by mesa3d commit
https://cgit.freedesktop.org/mesa/mesa/commit/?id=dfd20f002f388be3f168938bc1f25e91bb08bf98
which was first introduced in mesa3d 23.0.0, added with buildroot commit
89944e2c45

Fixes:
http://autobuild.buildroot.net/results/9c1/9c1407ca5be221dbb3ee03d2a95ada65bb7eb36b/

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
[Arnout:
 - rename 0005 -> 0006 - another patch was added in parallel;
 - use gitlab instead of cgit for upstream link
]
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
2023-06-03 21:33:33 +02:00
Bernd Kuhls
51b60c8acf package/mesa3d: needs gcc >= 8
Needed since upstream commit
f9057cea51
which was first released with mesa3d-22.3.0, added to buildroot with
commit e4a1183d8f.

Fixes:
http://autobuild.buildroot.net/results/011/01109560288f933019eea726a91c4109fbcca794/

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
2023-06-03 21:23:00 +02:00
Bernd Kuhls
558afd87d9 package/kodi-skin-confluence: bump version to Nexus branch
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
2023-06-03 21:21:42 +02:00
Romain Naour
1c54f2170b support/testing: test_clang: update to the next LTS kernel (4.19.x)
The kernel 4.16.7 curently used by the test doesn't build with host
bison (GNU Bison 3.7.5) probably due a missing fix [1] in 4.16.x branch.

Since kernel 4.16 is EOL, bump to the next LTS kernel (4.19.x) in order
to ease backport to previous Buildroot releases.

Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/4114986744

[1] https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=d59fbbd09d5d6bdf4ea1f0b4090d175e081ff421

Signed-off-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
2023-06-03 21:17:17 +02:00
Witold Lipieta
465f670e6c package/python-matplotlib: add Pillow dependency
Pillow is mandatory dependency since version 3.3.0.

Signed-off-by: Witold Lipieta <witold.lipieta@thaumatec.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
2023-06-03 21:13:27 +02:00
Romain Naour
37e23e0dd7 support/testing/tests/package/test_kexec.py: fix kexec test for qemu 5.2
The commit f69c972ae6 (support/testing/tests/package/test_kexec.py:
new runtime test) was tested locally with a qemu version (>= 7.x) more
recent than the one available in our buidroot/base Docker image (5.2).
As a consequence, that test fails to run in gitlab-ci as reported by [1].

Remove "dtb-kaslr-seed=off" from the Qemu command line and pass
a custom devicetree to qemu virt machine. This devicetree is
based on qemu aarch64 5.2 dts with kaslr-seed set 0.

The qemu aarch64 devicetree has been exported [2] and updated with the
following method:

  qemu-system-aarch64 -machine virt -machine dumpdtb=qemu-aarch64-virt-5.2-machine.dtb
  dtc -I dtb qemu-aarch64-virt-5.2-machine.dtb > qemu-aarch64-virt-5.2-machine.dts
  edit the dts and replace kaslr-seed parameter by "kaslr-seed = <0 0>;"

As soon as our buidroot/base Docker image is updated and a newer qemu version
is available, we can safely revert this change and use the initial method.

Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/4322819092

[1] http://lists.busybox.net/pipermail/buildroot/2023-May/668091.html
[2] https://u-boot.readthedocs.io/en/latest/develop/devicetree/dt_qemu.html#obtaining-the-qemu-devicetree

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Signed-off-by: Julien Olivain <ju.o@free.fr>
Tested-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
2023-06-03 21:01:54 +02:00
Neal Frager
6aa637737f board/kria/kv260/kv260.sh: remove trailing spaces
Signed-off-by: Neal Frager <neal.frager@amd.com>
[Arnout: update .checkpackageignore]
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
2023-06-03 20:59:34 +02:00
Bernd Kuhls
4ba8a13d7b package/minidlna: bump version to 1.3.3
Release notes:
https://sourceforge.net/p/minidlna/git/ci/master/tree/NEWS

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-06-03 13:24:07 +02:00
Peter Korsgaard
e2f4ac35fe package/sdl2_net: fix license hash after 2.2.0 bump
Fixes:
http://autobuild.buildroot.net/results/37e5075a5c790d5c96bdc72c44d4362a16ae00bb/

Commit b41ff7dd46 (package/sdl2_net: bump version to 2.2.0) forgot to
update the license hash / filename, breaking the build.

Upstream renamed COPYING.txt to LICENSE.txt, changed white space and updated
the copyright years, so update the hash to match:

diff -uw sdl2_net-2.0.1/COPYING.txt sdl2_net-2.2.0/LICENSE.txt
--- sdl2_net-2.0.1/COPYING.txt  2016-01-03 08:57:09.000000000 +0100
+++ sdl2_net-2.2.0/LICENSE.txt  2022-08-17 18:55:22.000000000 +0200
@@ -1,6 +1,4 @@
-/*
-  SDL_net:  An example cross-platform network library for use with SDL
-  Copyright (C) 1997-2016 Sam Lantinga <slouken@libsdl.org>
+Copyright (C) 1997-2022 Sam Lantinga <slouken@libsdl.org>

   This software is provided 'as-is', without any express or implied
   warranty.  In no event will the authors be held liable for any damages
@@ -17,4 +15,4 @@
   2. Altered source versions must be plainly marked as such, and must not be
      misrepresented as being the original software.
   3. This notice may not be removed or altered from any source distribution.
-*/
+

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-06-03 12:18:29 +02:00
Bernd Kuhls
e7d40576fa package/libcurl: bump version to 8.1.2
Changelog: https://curl.se/changes.html#8_1_2

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-06-03 00:31:42 +02:00
Bernd Kuhls
a46ac23465 package/openvpn: bump version to 2.6.4
Changelog:
https://github.com/OpenVPN/openvpn/blob/release/2.6/ChangeLog
https://github.com/OpenVPN/openvpn/blob/release/2.6/Changes.rst

Added mandatory dependency to libcap-ng due to upstream commit
2e359a0882

Added optional dependency to libnl due to upstream commit
f63c9b1edb

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-06-03 00:28:29 +02:00
Andreas Ziegler
502dcf46af package/mpd: update to version 0.23.13
- Bug fixes in input, archive/zzip, database/simple, decoder,
  output/pipewire, process termination
- determine systemd unit directories via pkg-config
- support libfmt 10

Change log:
	https://raw.githubusercontent.com/MusicPlayerDaemon/MPD/v0.23.13/NEWS

Commit:
	https://github.com/MusicPlayerDaemon/MPD/commit/9027e5c

Tested on:
	i386 (build, run)
	Aarch64 (build, run)

Signed-off-by: Andreas Ziegler <br015@umbiko.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-06-03 00:27:24 +02:00
Christian Stewart
bab89b35f0 package/containerd: bump version to v1.6.21
https://github.com/containerd/containerd/releases/tag/v1.6.21

Signed-off-by: Christian Stewart <christian@aperture.us>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-06-02 22:26:09 +02:00
Adam Duskett
0cd8abda1b package/openjdk{-bin}: security bump versions to 11.0.19+7 and 17.0.7+7
Fixes the following security issues:

* CVEs
  - CVE-2023-21930
  - CVE-2023-21937
  - CVE-2023-21938
  - CVE-2023-21939
  - CVE-2023-21954
  - CVE-2023-21967
  - CVE-2023-21968
* Security fixes
  - JDK-8287404: Improve ping times
  - JDK-8288436: Improve Xalan supports
  - JDK-8294474: Better AES support
  - JDK-8295304: Runtime support improvements
  - JDK-8296676, JDK-8296622: Improve String platform support
  - JDK-8296684: Improve String platform support
  - JDK-8296692: Improve String platform support
  - JDK-8296832: Improve Swing platform support
  - JDK-8297371: Improve UTF8 representation redux
  - JDK-8298191: Enhance object reclamation process
  - JDK-8298310: Enhance TLS session negotiation
  - JDK-8298667: Improved path handling
  - JDK-8299129: Enhance NameService lookups

For details, see the announcements:
https://mail.openjdk.org/pipermail/jdk-updates-dev/2023-April/021899.html
https://mail.openjdk.org/pipermail/jdk-updates-dev/2023-April/021900.html

Signed-off-by: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-06-02 22:02:55 +02:00
Peter Korsgaard
be861867cf .checkpackageignore: update after gcc 11.x bump
The bump to 11.4.0 in commit f1e3d02cd4 missed
0001-or1k-Add-mcmodel-option-to-handle-large-GOTs.patch, so add it back
again to keep checkpackage happy.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-06-02 22:00:07 +02:00
Romain Naour
8d93c999a3 package/ipython: add missing dependencies
As reported [1], the test TestIPythonPy3 fail since it was updated
to 8.6.0 release just after 2022.11.

  ModuleNotFoundError: No module named 'stack_data'

Indeed there is no such python3-stack-data in Buildroot.
For example, Fedora packaging added python3-stack-data while updating
to ipython 8.0.1.

With python-stack-data added, the test TestIPythonPy3 still fail
with:

  ModuleNotFoundError: No module named 'sqlite3'

Since ipython 8 sqlite3 fallback imports has been removed [2].

Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/4322819089

[1] http://lists.busybox.net/pipermail/buildroot/2023-May/668086.html
[2] 7a0bdabecf

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-06-02 21:46:07 +02:00
Romain Naour
a1c55ea6dd package/python-stack-data: new package
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-06-02 21:45:38 +02:00
Romain Naour
aa5c233c36 package/python-asttokens: new package
Signed-off-by: Romain Naour <romain.naour@gmail.com>
[Peter: fix alphabetical ordering]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-06-02 21:44:02 +02:00
Romain Naour
c8e93f4a6b package/python-pure-eval: new package
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-06-02 21:40:58 +02:00
Romain Naour
91b7bd01ec package/python-executing: new package
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-06-02 21:40:40 +02:00
Sergey Bobrenok
239dd7dcbd package/earlyoom: unhardcode package version in CFLAGS
'earlyoom --help' still says 'earlyoom 1.6' though it's already
version 1.7. '-DVERSION' flag value should be either unhardcoded,
either updated with each package version bump.

Signed-off-by: Sergey Bobrenok <SIBobrenok@sberdevices.ru>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-06-02 21:24:51 +02:00
Sergey Bobrenok
281a80dc93 package/earlyoom: restore missing startup message in the init script
'/etc/init.d/S02earlyoom start' simply prints 'OK' instead of
'Starting earlyoom: OK' because of a typo in the printf function call.

Signed-off-by: Sergey Bobrenok <SIBobrenok@sberdevices.ru>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-06-02 21:24:24 +02:00
Sergey Bobrenok
b2fb3a7e2a package/earlyoom: fix daemon executable path in the init script
earlyoom.mk file explicitly sets 'PREFIX=/usr', and the init script
fails to start earlyoom because of a nonexistent executable path:

  # /etc/init.d/S02earlyoom start
  start-stop-daemon: unable to stat /bin/earlyoom (No such file or directory)
  FAIL

Signed-off-by: Sergey Bobrenok <SIBobrenok@sberdevices.ru>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-06-02 21:23:54 +02:00
Romain Naour
f1e3d02cd4 package/gcc: bump to version 11.4
Add Upstream tag to backported patches.
Remove patches merged in gcc 11.4.

See announce:
https://gcc.gnu.org/pipermail/gcc-announce/2023/000177.html

Runtime tested:
https://gitlab.com/kubu93/buildroot/-/pipelines/882299806

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-06-02 20:54:18 +02:00
Romain Naour
0a623d4955 package/gcc: bump to version 12.3
Remove upstream patch.

See announce:
https://gcc.gnu.org/pipermail/gcc-announce/2023/000176.html

Runtime tested:
https://gitlab.com/kubu93/buildroot/-/pipelines/882178578

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-06-02 20:54:06 +02:00
Francois Perrad
2bcfcec502 package/libopenssl: security bump to version 1.1.1u
fix CVE-2023-2650  Possible DoS translating ASN.1 object identifiers

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-06-02 20:50:46 +02:00