Commit Graph

60809 Commits

Author SHA1 Message Date
Thomas Petazzoni
8f0df6609a package/linux-pam: add missing BR2_USE_MMU dependency on comment
BR2_PACKAGE_LINUX_PAM depends on BR2_USE_MMU, but this dependency is
not taken into account in the Config.in comment, which this commit
fixes.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-12-17 22:46:55 +01:00
Herve Codina
403b62943b package/php-pam: new package
The php-pam package provides a PHP PAM (Pluggable Authentication
Modules) integration.

https://pecl.php.net/package/PAM

Based on initial work from Nicolas Carrier <nicolas.carrier@orolia.com>

Signed-off-by: Herve Codina <herve.codina@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-12-17 22:46:55 +01:00
Herve Codina
d49127dd4c package/php-lua: new package
The php-lua package provides a PHP extension that embeds the lua
interpreter and offers an OO-API to lua variables and functions.

https://pecl.php.net/package/lua

Based on initial work from Nicolas Carrier <nicolas.carrier@orolia.com>

Two patches are present and were retrieved from the following
upstream pull request in order to support PHP8:
https://github.com/laruence/php-lua/pull/47

Signed-off-by: Herve Codina <herve.codina@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-12-17 22:46:55 +01:00
Herve Codina
8ddeeffa18 package/php-apcu: new package
APCu is an in-memory key-value store for PHP.
Keys are of type string and values can be any PHP variables.
APCu only supports userland caching of variables

https://pecl.php.net/package/APCU

Based on initial work from Nicolas Carrier <nicolas.carrier@orolia.com>

Signed-off-by: Herve Codina <herve.codina@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-12-17 22:46:55 +01:00
Peter Seiderer
26642e4cc0 package/mesa3d: gallium/kmsro drivers require dri3 for X11
select BR2_PACKAGE_MESA3D_DRI3 for all gallium/kmsro drivers in case
X11 is selected, see meson.build:

  240 with_gallium_kmsro = with_gallium_v3d or with_gallium_vc4 or with_gallium_etnaviv or with_gallium_panfrost or with_gallium_lima or with_gallium_freedreno
  [...]
  524 if with_gallium_kmsro and (with_platform_x11 and not with_dri3)
  525   error('kmsro requires dri3 for X11 support')
  526 endif

Fixes:
  https://bugs.busybox.net/show_bug.cgi?id=13831

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-12-17 22:00:54 +01:00
Peter Seiderer
8892b25eda package/mesa3d: add config option for DRI3 support
Add config option for DRI3 support and use it instead
of DRI3 enable/disable logic in *.mk file.

Move the libxshmfence dependency to the DRI3 option, cfr. the following
in meson.build:

    if with_dri3
      ...
      dep_xshmfence = dependency('xshmfence', version : '>= 1.1')
    endif

Also select DRI3 in the Vulkan Intel driver.

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
[Arnout: make it a blind option, move xshmfence select to dri3]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-12-17 22:00:54 +01:00
Herve Codina
0d1da42fcc package/modsecurity2: new package
The modsecurity2 package provides an Apache module implementing
a web application firewall (WAF) module.

Based on initial work from Tom Marcuzzi <tom.marcuzzi@orolia.com>
and Nicolas Carrier <nicolas.carrier@orolia.com>

modsecurity2 will be superseeded sooner or later by modsecurity v3
ie. libmodsecurity [1] and its Apache connector [2]. libmodsecurity
is already supported in Buildroot with its Nginx connector.
According to the Apache connector web page and the discussion [3],
the Apache connector is not ready for production use.

  [1] https://github.com/SpiderLabs/ModSecurity
  [2] https://github.com/SpiderLabs/ModSecurity-apache
  [3] https://github.com/SpiderLabs/ModSecurity-apache/issues/80

The best we can do now is to still use modsecurity2 (v2.9.x) for
Apache:
  https://github.com/SpiderLabs/ModSecurity/tree/v2/master

Signed-off-by: Herve Codina <herve.codina@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-12-17 21:39:11 +01:00
Giulio Benetti
34ed9dae4d package/postgis: re-enable on Microblaze architecture
While adding this package with commit[1] Microblaze architecture has been
disabled by default pointing that it suffers from gcc ICE, but this is not
true, indeed the build error is referred to libgeos that is postgis
dependency:
```
  during RTL pass: reload
  .../bootlin-microblazeel-uclibc/build/libgeos-3.9.0/src/geom/util/Densifier.cpp: In static member function ‘static std::unique_ptr<std::vector<geos::geom::Coordinate> > geos::geom::util::Densifier::densifyPoints(geos::geom::Coordinate::Vect, double, const geos::geom::PrecisionModel*)’:
  .../bootlin-microblazeel-uclibc/build/libgeos-3.9.0/src/geom/util/Densifier.cpp:128:1: internal compiler error: in gen_reg_rtx, at emit-rtl.c:1155
  128 | }
      | ^
```

This build error has been worked around with this commit[2] and I've just
tested this build with Microblaze gcc 9.3/9.4/10.3 and 11.2 and it builds
succesfully since the bug above is gcc bug 90620[3] and it's been handled
in libgeos already.

So let's allow Microblaze(el/be) to build this postgis.

[1]: https://git.buildroot.net/buildroot/commit/?id=9bb1034455de299876dfd03c5074d8bb9622f873
[2]: https://git.buildroot.net/buildroot/commit/?id=847b441b1ca2230c4f26a49aaede69eca5e7e7ad
[3]: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=90620

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Reviewed-by: Maxim Kochetkov <fido_max@inbox.ru>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-12-17 19:02:58 +01:00
Bernd Kuhls
83b587a642 package/x11r7/xapp_xinput-calibrator: switch _SITE to https
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-12-17 18:42:13 +01:00
Bernd Kuhls
1b44913df9 package/pugixml: switch _SITE to https
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-12-17 18:42:13 +01:00
Bernd Kuhls
feeed6f38e package/intel-mediasdk: switch _SITE to https
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-12-17 18:42:12 +01:00
Fabrice Fontaine
a315d7c98b package/libmbim: fix build with help2man
Fix the following build failure with help2man raised since bump to
version 1.26.0 in commit be76508af2:

FAILED: docs/man/mbimcli.1
/usr/bin/help2man --output=docs/man/mbimcli.1 '--name=Control MBIM devices' '--help-option="--help-all"' /home/peko/autobuild/instance-1/output-1/build/libmbim-1.26.0/build/src/mbimcli/mbimcli
help2man: can't get `"--help-all"' info from /home/peko/autobuild/instance-1/output-1/build/libmbim-1.26.0/build/src/mbimcli/mbimcli
Try `--no-discard-stderr' if option outputs to stderr

Fixes:
 - http://autobuild.buildroot.org/results/eaa2ba54b9c74f07292d3cad4fa96c80e6079702

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-12-17 18:42:12 +01:00
Fabrice Fontaine
cbe8722680 package/tcllib: bump to version 1.20
Update hash of license.terms (reformatting with
628ec67635)

https://core.tcl-lang.org/tcllib/doc/tcllib-1-20/support/releases/history/README-1.20.txt

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-12-17 18:42:12 +01:00
Fabrice Fontaine
9cf314745a package/tcl: bump to version 8.6.12
- Refresh patch
- Update indentation in hash file (two spaces)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-12-17 18:42:12 +01:00
Fabrice Fontaine
f6229d3901 package/stella: bump to version 6.6
- C++17 is mandatory since version 6.5 and
  fe2b4d630e
- Update hash of Copyright.txt, year updated:
  21438a82cc

https://github.com/stella-emu/stella/blob/6.6/Changes.txt

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-12-17 18:42:12 +01:00
Fabrice Fontaine
8b6235af78 package/frr: add options for BMP and NHRPD
BMP and NHRPD default to enabled. Both of them require c-ares. However,
if BMP and NHRPD are disabled, it is possible to build without c-ares.

Create user-visible configuration options for BMP and NHRPD and only
depend on c-ares if either of them is selected.

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-12-17 18:39:52 +01:00
Fabrice Fontaine
44cd33baa2 Config.in.legacy: improve iputils options
Improve iputils options added by commit
db0c2a2879

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-12-17 18:30:07 +01:00
Bernd Kuhls
c9e545d98b package/intel-mediasdk: bump version to 21.4.3
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-12-17 18:30:04 +01:00
Bernd Kuhls
befdaea1df package/intel-gmmlib: bump version to 22.0.0
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-12-17 18:30:01 +01:00
Anssi Hannula
ac1c781149 package/icu: fix build failure due to a library clash
ICU build scripting adds some host libraries to LD_LIBRARY_PATH by
using constructs of the following form:

  LD_LIBRARY_PATH="custom-path:${LD_LIBRARY_PATH}"

If the original LD_LIBRARY_PATH is empty, this causes the last search
directory be an empty string, i.e. the working directory.

ICU build runs some basic host commands (e.g. "rm") in $(TARGET_DIR)/lib
under such an LD_LIBRARY_PATH, causing target libraries (e.g. libc) to
possibly get loaded instead of host system libraries if they are
compatible enough (e.g. arch matches).

Since the target libraries may not actually be ABI compatible with host
system binaries (e.g. target has an old libc), this can cause crashes
or other errors.

Observed errors include:
  (1) rm: libc.so.6: version `GLIBC_2.33' not found (required by rm)
  (2) sh: line 1: 1362670 Segmentation fault      (core dumped) rm -f libicudata.so.65

Workaround the issue by setting a dummy LD_LIBRARY_PATH when it would
otherwise be empty.

https://unicode-org.atlassian.net/browse/ICU-21417

Signed-off-by: Anssi Hannula <anssi.hannula@bitwise.fi>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-12-16 21:16:39 +01:00
Joe Schultz
e84bb6d295 package/linux-firmware: add option for Intel E800 Series Network Adapters
Signed-off-by: Joe Schultz <jschultz@xes-inc.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-12-16 21:08:50 +01:00
Fabrice Fontaine
7bb6ebea99 package/frr: add zeromq optional dependency
zeromq is an optional dependency since version 4.0 and
b6116506ec

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-12-16 21:08:46 +01:00
Fabrice Fontaine
7f38ce2103 package/libqmi: fix build with help2man
Fix the following build failure raised with help2man since bump to
version 1.30.0 in commit 50c5495f81:

FAILED: docs/man/qmicli.1
/usr/bin/help2man --output=docs/man/qmicli.1 '--name=Control QMI devices' '--help-option="--help-all"' /home/peko/autobuild/instance-1/output-1/build/libqmi-1.30.2/build/src/qmicli/qmicli
help2man: can't get `"--help-all"' info from /home/peko/autobuild/instance-1/output-1/build/libqmi-1.30.2/build/src/qmicli/qmicli
Try `--no-discard-stderr' if option outputs to stderr

Fixes:
 - http://autobuild.buildroot.org/results/15818b6de7378cd75c59b1d6dc732ed9a20c092a

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-12-16 21:08:43 +01:00
Peter Korsgaard
76cd1aa753 package/xserver_xorg-server: security bump to version 21.1.2
Fixes the following vulnerabilities:

* CVE-2021-4008/ZDI-CAN-14192 SProcRenderCompositeGlyphs out-of-bounds
  access

  The handler for the CompositeGlyphs request of the Render extension does
  not properly validate the request length leading to out of bounds memory
  write.

* CVE-2021-4009/ZDI-CAN 14950 SProcXFixesCreatePointerBarrier out-of-bounds
  access

  The handler for the CreatePointerBarrier request of the XFixes extension
  does not properly validate the request length leading to out of bounds
  memory write.

* CVE-2021-4010/ZDI-CAN-14951 SProcScreenSaverSuspend out-of-bounds access

  The handler for the Suspend request of the Screen Saver extension does not
  properly validate the request length leading to out of bounds memory
  write.

* CVE-2021-4011/ZDI-CAN-14952 SwapCreateRegister out-of-bounds access

  The handlers for the RecordCreateContext and RecordRegisterClients
  requests of the Record extension do not properly validate the request
  length leading to out of bounds memory write.

For details, see the advisory:
https://lists.x.org/archives/xorg-announce/2021-December/003122.html

Builds without systemd unfortunately got broken.  Add a patch fixing that
from an upstream merge request:
https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/827

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-12-16 21:08:40 +01:00
Michael Nosthoff
ebef618914 package/boost: bump to version 1.78.0
* drop all upstreamed patches

Signed-off-by: Michael Nosthoff <buildroot@heine.tech>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-12-16 21:08:36 +01:00
Fabrice Fontaine
cca2c19ea3 package/jansson: bump to version 2.14
https://jansson.readthedocs.io/en/latest/changes.html#version-2-14

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-12-16 21:08:33 +01:00
Fabrice Fontaine
59a1fcc696 package/lapack: security bump to version 3.10.0
- Fix CVE-2021-4048: An out-of-bounds read flaw was found in the CLARRV,
  DLARRV, SLARRV, and ZLARRV functions in lapack through version 3.10.0,
  as also used in OpenBLAS before version 0.3.18. Specially crafted
  inputs passed to these functions could cause an application using
  lapack to crash or possibly disclose portions of its memory.
- Update license hash, year changed:
  f67034373e
- Update indentation in hash file (two spaces)

http://netlib.org/lapack/lapack-3.10.0.html

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-12-16 21:06:03 +01:00
Bernd Kuhls
60d416fb6c package/tvheadend: add optional support for pcre2
pcre2 takes precedence of pcre:
https://github.com/tvheadend/tvheadend/blob/master/configure#L473

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-12-16 21:06:00 +01:00
Lothar Felten
7b55cb018d configs/beaglebone_qt5_defconfig: bump to u-boot 2021.04
Fixes:
  /usr/bin/ld: scripts/dtc/dtc-parser.tab.o:(.bss+0x10): multiple definition...
  scripts/dtc/dtc-lexer.lex.o:(.bss+0x0): first defined here

    Tested on beaglebone black and beaglebone white (A6)

Signed-off-by: Lothar Felten <lothar.felten@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-12-16 21:05:57 +01:00
Petr Vorel
db0c2a2879 package/iputils: bump version to 20211215
tftp and traceroute6 has been removed in this release [1][2].
Due that LICENSE file has been changed.

Also remove patch from this release.

[1] https://github.com/iputils/iputils/pull/369
[2] https://github.com/iputils/iputils/pull/362

Signed-off-by: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-12-16 20:30:14 +01:00
Fabrice Fontaine
966f8187c6 package/pcsc-lite: fix build without lib{udev, usb}
Fix the following build failure raised since bump to version 1.9.5 in
commit c7233ec2c3 and
6f8f170db3:

/home/giuliobenetti/autobuild/run/instance-2/output-1/host/lib/gcc/arm-buildroot-linux-gnueabihf/11.2.0/../../../../arm-buildroot-linux-gnueabihf/bin/ld: pcscd-pcscdaemon.o: in function `signal_thread':
pcscdaemon.c:(.text+0x444): undefined reference to `HPReCheckSerialReaders'

Fixes:
 - http://autobuild.buildroot.org/results/6cf323229f32967aa554418410dc94b7094d09af

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-12-16 20:23:20 +01:00
Fabrice Fontaine
f0dbd03a0c package/civetweb: fix BR2_STATIC_SHARED_LIBS typo
Fix typo BR2_STATIC_SHARED_LIBS -> BR2_SHARED_STATIC_LIBS added by
commit db47bc9997

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-12-16 20:23:17 +01:00
Giulio Benetti
9449089c6a package/libnss: bump to version 3.73.1
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-12-16 20:23:14 +01:00
Lothar Felten
0966f68dcf configs/bananapi_m2_ultra_defconfig: bump to u-boot 2021.10
Fixes:
  /usr/bin/ld: scripts/dtc/dtc-parser.tab.o:(.bss+0x10): multiple definition...
  scripts/dtc/dtc-lexer.lex.o:(.bss+0x0): first defined here

Tested on bananapi m2 ultra

Signed-off-by: Lothar Felten <lothar.felten@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-12-16 20:23:11 +01:00
Peter Korsgaard
2b906b975a package/libopenssl: bump version to 1.1.1m
Minor bugfix release:

 Changes between 1.1.1l and 1.1.1m [14 Dec 2021]

  *) Avoid loading of a dynamic engine twice.
     [Bernd Edlinger]

  *) Fixed building on Debian with kfreebsd kernels
     [Mattias Ellert]

  *) Prioritise DANE TLSA issuer certs over peer certs
     [Viktor Dukhovni]

  *) Fixed random API for MacOS prior to 10.12
     These MacOS versions don't support the CommonCrypto APIs
     [Lenny Primak]

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-12-16 20:23:09 +01:00
Fabrice Fontaine
f7f7124ee0 package/lighttpd: add xxhash mandatory dependency
Add xxhash mandatory dependency to avoid the following build failure
with the embedded xxhash (in version 0.8.1) and uclibc raised since
bump to version 1.4.63 in commit
2a00246645 and
23b07fa3ef:

/home/buildroot/autobuild/instance-0/output-1/host/lib/gcc/arm-buildroot-linux-uclibcgnueabi/10.3.0/../../../../arm-buildroot-linux-uclibcgnueabi/bin/ld: src/lighttpd.p/algo_xxhash.c.o: in function `XXH32_canonicalFromHash':
/home/buildroot/autobuild/instance-0/output-1/build/lighttpd-1.4.63/build/../src/algo_xxhash.h:2282: undefined reference to `static_assert'

Fixes:
 - http://autobuild.buildroot.org/results/7b644dce244a1aa4a193a3196059a56b2c4c7591

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-12-16 20:11:40 +01:00
Fabrice Fontaine
cc0c90aa83 package/xxhash: install in staging
Install xxhash in staging to allow lighttpd to use it

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-12-16 20:11:37 +01:00
Fabrice Fontaine
7cd070e4f0 package/taglib: fix build on sparc
Fix the following build failure on sparc raised since bump to version
1.12 in commit b4bdf704fe:

/home/giuliobenetti/autobuild/run/instance-3/output-1/build/taglib-1.12/taglib/toolkit/trefcounter.cpp:55:21: error: duplicate 'volatile'
   55 | # define ATOMIC_INT volatile int
      |                     ^~~~~~~~

Fixes:
 - http://autobuild.buildroot.org/results/387feeb6bcc190b3908e405ba5f8a888d7e1f348

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-12-16 20:07:37 +01:00
Fabrice Fontaine
03943b9b49 package/frr: disable cunit
Disable cunit to avoid the following build failure raised since bump to
version 8.1 in commit ca2753fd47 and
749714731e:

In file included from pceplib/test/pcep_utils_counters_test.c:33:
./pceplib/pcep_utils_counters.h:112:2: error: unknown type name 'time_t'
  112 |  time_t start_time;
      |  ^~~~~~

Fixes:
 - http://autobuild.buildroot.org/results/b68d3e369e2925938bde39508988aa9b701f1045

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-12-16 20:07:37 +01:00
Peter Korsgaard
44a97dcb93 package/privoxy: security bump to version 3.0.33
Fixes the following security issues:

  - cgi_error_no_template(): Encode the template name to prevent
    XSS (cross-site scripting) when Privoxy is configured to servce
    the user-manual itself.
    Commit 0e668e9409c. OVE-20211102-0001. CVE-2021-44543.
    Reported by: Artem Ivanov

  - get_url_spec_param(): Free memory of compiled pattern spec
    before bailing.
    Reported by Joshua Rogers (Opera) who also provided the fix.
    Commit 652b4b7cb0. OVE-20211201-0003. CVE-2021-44540.

  - process_encrypted_request_headers(): Free header memory when
    failing to get the request destination.
    Reported by Joshua Rogers (Opera) who also provided the fix.
    Commit 0509c58045. OVE-20211201-0002. CVE-2021-44541.

  - send_http_request(): Prevent memory leaks when handling errors
    Reported by Joshua Rogers (Opera) who also provided the fix.
    Commit c48d1d6d08. OVE-20211201-0001. CVE-2021-44542.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-12-16 20:07:37 +01:00
Peter Korsgaard
086d357dfb package/python-django: security bump to version 3.2.10
Fixes the following security issues:

- CVE-2021-44420: Potential bypass of an upstream access control based on
  URL paths

  HTTP requests for URLs with trailing newlines could bypass an upstream
  access control based on URL paths.

  This issue has low severity, according to the Django security policy.

  https://www.djangoproject.com/weblog/2021/dec/07/security-releases/

In addition, 3.2.8 / 3.2.9 fixes a number of bugs.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-12-16 20:07:37 +01:00
Peter Korsgaard
c0932240fb package/xen: add XSA-385, 386, 388, 389 security fixes
Fixes the following security issues:

- XSA-385: guests may exceed their designated memory limit
  https://xenbits.xenproject.org/xsa/advisory-385.html

- XSA-386: PCI devices with RMRRs not deassigned correctly
  https://xenbits.xenproject.org/xsa/advisory-386.html

- XSA-388: PoD operations on misaligned GFNs
  https://xenbits.xenproject.org/xsa/advisory-388.html

- XSA-389: issues with partially successful P2M updates on x86
  https://xenbits.xenproject.org/xsa/advisory-389.html

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-12-16 20:07:37 +01:00
Peter Korsgaard
ce81a6e6d2 package/python3: bump version to 3.9.9
Drop 0030-Fix-cross-compiling-the-uuid-module.patch as the patched code has
been reworked upstream and python3 is built with --disable-uuid:

91a51c5ffc

Rework 0033-configure.ac-fixup-CC-print-multiarch-output-for-mus.patch as
the MULTIARCH code is now conditional on !darwin:

9901d153c2

Refresh and renumber remaining patches.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-12-16 20:07:37 +01:00
Nuno Gonçalves
edc46a56f6 package/connman: remove iptables as a mandatory dependency
connman might depend on iptables or nftables, and those dependencies
are already selected later in this file as required.

Config.in already only selects iptables if BR2_PACKAGE_CONNMAN_IPTABLES.

Signed-off-by: Nuno Goncalves <nunojpg@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-12-16 19:17:11 +01:00
Fabrice Fontaine
2a28d25d0c package/haveged: bump to version 1.9.15
Drop patch (already in version) and so autoreconf

https://github.com/jirka-h/haveged/releases/tag/v1.9.15

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-12-16 19:08:55 +01:00
Fabrice Fontaine
8de5996e5c package/sqlcipher: bump to version 4.5.0
https://github.com/sqlcipher/sqlcipher/blob/v4.5.0/CHANGELOG.md

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-12-16 19:08:51 +01:00
Fabrice Fontaine
dc929dfa4d package/leveldb: bump to version 1.23
- Refresh second and fourth patches
- Update indentation in hash file (two spaces)

https://github.com/google/leveldb/releases/tag/1.23

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-12-16 19:08:48 +01:00
Fabrice Fontaine
d8bee3950a package/guile: bump to version 3.0.7
libtool is not a dependency since version 3.0.6 and
https://git.savannah.gnu.org/cgit/guile.git/commit/?id=2e26538d6a51bdd6c2e68ad4539ab3750ef8670a

https://git.savannah.gnu.org/cgit/guile.git/tree/NEWS?h=v3.0.7

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-12-16 19:08:45 +01:00
Fabrice Fontaine
54d962b768 package/openblas: bump to version 0.3.18
Drop first and second patches (already in version)

https://github.com/xianyi/OpenBLAS/blob/v0.3.18/Changelog.txt

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-12-16 19:08:42 +01:00
Fabrice Fontaine
4711bdbd25 package/rpi-rgb-led-matrix: fix build with gcc 4.8
Fix the following build failure with gcc 4.8 raised since the addition
of the package in commit e821078031:

In file included from framebuffer.cc:20:0:
framebuffer-internal.h:83:10: error: 'constexpr' does not name a type
   static constexpr int kBitPlanes = 11;
          ^
framebuffer-internal.h:83:10: note: C++11 'constexpr' only available with -std=c++11 or -std=gnu++11

Fixes:
 - http://autobuild.buildroot.org/results/c035da0d183f21343f19f7dee982e8e73ee781e4

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-12-16 19:08:38 +01:00