Commit Graph

56891 Commits

Author SHA1 Message Date
Matt Weber
8c9724026c package/libtool: add _CPE_ID_VENDOR
cpe:2.3🅰️gnu:libtool:2.4.6:* is a valid CPE identifier for this package:

 https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe:2.3🅰️gnu:libtool

Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
[yann.morin.1998@free.fr: drop version from reference URL]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-04-20 23:27:51 +02:00
Matt Weber
281f0d90cb package/sysvinit: add _CPE_ID_VENDOR
cpe:2.3🅰️sysvinit_project:sysvinit:* is a valid CPE identifier for this package:

 https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe:2.3🅰️sysvinit_project:sysvinit

Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-04-20 23:23:13 +02:00
Matt Weber
9b3ea504db package/sysstat: add _CPE_ID_VENDOR
cpe:2.3🅰️sysstat_project:sysstat:* is a valid CPE identifier for this package:

 https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe:2.3🅰️sysstat_project:sysstat

Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-04-20 23:23:13 +02:00
Matt Weber
912342f833 package/rp-pppoe: add _CPE_ID_VENDOR
cpe:2.3🅰️rp-pppoe_project:rp-pppoe:* is a valid CPE identifier for this package:

 https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe:2.3🅰️rp-pppoe_project:rp-pppoe

Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
[yann.morin.1998@free.fr: move up, right after license]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-04-20 23:23:13 +02:00
Matt Weber
c44be545f6 package/rng-tools: add _CPE_ID_VENDOR
cpe:2.3🅰️rng-tools_project:rng-tools:* is a valid CPE identifier for this package:

 https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe:2.3🅰️rng-tools_project:rng-tools

Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
[yann.morin.1998@free.fr: move up, right after license]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-04-20 23:23:13 +02:00
Matt Weber
c819d20834 package/python3-setuptools: add _CPE_ID_VENDOR and_CPE_ID_PRODUCT
cpe:2.3🅰️python:setuptools:* is a valid CPE identifier for this package:

 https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe:2.3🅰️python:setuptools

Note: 63332c33aa already added those for the python(2) variant.

Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
[yann.morin.1998@free.fr:
  - add reference to 63332c33aa
  - move up, right after license
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-04-20 23:23:13 +02:00
Matt Weber
8b154320f0 package/python3-decorator: add _CPE_ID_VENDOR and _CPE_ID_PRODUCT
cpe:2.3🅰️python:decorator:* is a valid CPE identifier for this package:

 https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe:2.3🅰️python:decorator

Note: 4783e5fd8c already added those for the python(2) variant.

Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
[yann.morin.1998@free.fr:
  - add reference to 4783e5fd8c
  - move up, right after license
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-04-20 23:23:13 +02:00
Matt Weber
12e88b0d60 package/pugixml: add _CPE_ID_VENDOR
cpe:2.3🅰️pugixml_project:pugixml:* is a valid CPE identifier for this package:

 https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe:2.3🅰️pugixml_project:pugixml

Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
[yann.morin.1998@free.fr: move up, right after license]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-04-20 23:23:13 +02:00
Matt Weber
ba18dc36a4 package/popt: add _CPE_ID_VENDOR
cpe:2.3🅰️popt_project:popt:* is a valid CPE identifier for this package:

 https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe:2.3🅰️popt_project:popt

Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
[yann.morin.1998@free.fr: move up, right after license]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-04-20 23:23:13 +02:00
Matt Weber
2680b7dfea package/pkgconf: add _CPE_ID_VENDOR
cpe:2.3🅰️pkgconf:pkgconf:* is a valid CPE identifier for this package:

 https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe:2.3🅰️pkgconf:pkgconf

Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-04-20 23:23:13 +02:00
Matt Weber
cdfb226090 package/parted: add _CPE_ID_VENDOR
cpe:2.3🅰️parted_project:parted:* is a valid CPE identifier for this package:

 https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe:2.3🅰️parted_project:parted

Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-04-20 23:23:13 +02:00
Matt Weber
444d71e123 package/openresolv: add _CPE_ID_VENDOR
cpe:2.3🅰️openresolv_project:openresolv:* is a valid CPE identifier for this package:

 https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe:2.3🅰️openresolv_project:openresolv

Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-04-20 23:23:13 +02:00
Matt Weber
c15daccf1e package/make: add _CPE_ID_VENDOR
cpe:2.3🅰️gnu:make:* is a valid CPE identifier for this package:

 https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe:2.3🅰️gnu:make

Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
[yann.morin.1998@free.fr: move up, right after license]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-04-20 23:23:13 +02:00
Matt Weber
56d54119b1 package/libnl: add _CPE_ID_VENDOR
cpe:2.3🅰️libnl_project:libnl:* is a valid CPE identifier for this package:

 https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe:2.3🅰️libnl_project:libnl

Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
[yann.morin.1998@free.fr: move up, right after license]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-04-20 23:22:30 +02:00
Matt Weber
4baccb9c5b package/libdaemon: add _CPE_ID_VENDOR
cpe:2.3🅰️libdaemon_project:libdaemon:* is a valid CPE identifier for this package:

 https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe:2.3🅰️libdaemon_project:libdaemon

Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
[yann.morin.1998@free.fr: move up, right after license]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-04-20 23:22:29 +02:00
Matt Weber
74637c6e6f package/libcap: add _CPE_ID_VENDOR
cpe:2.3🅰️libcap_project:libcap:* is a valid CPE identifier for this package:

 https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe:2.3🅰️libcap_project:libcap

Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-04-20 23:22:29 +02:00
Matt Weber
c24fc9042a package/json-for-modern-cpp: add _CPE_ID_VENDOR
cpe:2.3🅰️json-for-modern-cpp_project:json-for-modern-cpp:* is a valid CPE identifier for this package:

 https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe:2.3🅰️json-for-modern-cpp_project:json-for-modern-cpp

Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
[yann.morin.1998@free.fr:move up, right after license]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-04-20 23:22:29 +02:00
Matt Weber
5ba5e631fa package/iputils: add _CPE_ID_VENDOR
cpe:2.3🅰️iputils_project:iputils:* is a valid CPE identifier for this package:

 https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe:2.3🅰️iputils_project:iputils

Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-04-20 23:22:29 +02:00
Matt Weber
9cf7caa186 package/iproute2: add _CPE_ID_VENDOR
cpe:2.3🅰️iproute2_project:iproute2:* is a valid CPE identifier for this package:

 https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe:2.3🅰️iproute2_project:iproute2

Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-04-20 23:22:29 +02:00
Matt Weber
3712e1dee7 package/gperf: add _CPE_ID_VENDOR and _CPE_ID_PRODUCT
cpe:2.3🅰️gperftools_project:gperftools:* is a valid CPE identifier for this package:

 https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe:2.3🅰️gperftools_project:gperftools

Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-04-20 23:22:29 +02:00
Matt Weber
12bd427340 package/cmake: add _CPE_ID_VENDOR
cpe:2.3🅰️cmake_project:cmake:* is a valid CPE identifier for this package:

 https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe:2.3🅰️cmake_project:cmake

Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-04-20 23:22:29 +02:00
Matt Weber
ad9f909ea6 package/cgroupfs-mount: add _CPE_ID_VENDOR
cpe:2.3🅰️cgroupfs-mount_project:cgroupfs-mount:* is a valid CPE identifier for this package:

 https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe:2.3🅰️cgroupfs-mount_project:cgroupfs-mount

Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-04-20 23:22:29 +02:00
Matt Weber
fc6a829abe package/c-periphery: add _CPE_ID_VENDOR
cpe:2.3🅰️c-periphery_project:c-periphery:* is a valid CPE identifier for this package:

 https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe:2.3🅰️c-periphery_project:c-periphery

Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-04-20 23:22:29 +02:00
Matt Weber
2de8724d54 package/automake: add _CPE_ID_VENDOR
cpe:2.3🅰️gnu:automake:* is a valid CPE identifier for this package:

 https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Agnu%3Aautomake

Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-04-20 23:22:29 +02:00
Maxim Kochetkov
990b14768c package/timescaledb: bump version to 2.1.1
Release notes: https://github.com/timescale/timescaledb/releases/tag/2.1.1

Signed-off-by: Maxim Kochetkov <fido_max@inbox.ru>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-04-20 23:13:34 +02:00
Thomas Petazzoni
3887e8c095 boot/at91bootstrap: add legal information
The old at91bootstrap version (1.x) uses a strange variant of the BSD
license, called "BSD Source Code Attribution" and referenced by SPDX
as BSD-Source-Code.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-04-20 23:00:55 +02:00
Grzegorz Blach
85d912cb9d package/python-falcon: bump to version 3.0.0
Depends on BR2_PACKAGE_PYTHON3

The hash of the license file has changed because a short license file
was replaced by the complete text of the Apache 2.0 license. The
license itself remains the same.

Signed-off-by: Grzegorz Blach <grzegorz@blach.pl>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-04-20 22:47:42 +02:00
Peter Seiderer
99362e8d17 package/gstreamer1/gst1-interpipe: bump version to 1.1.4
Changelog:

  - fix for memory leak in set of listen-to property

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-04-20 22:19:58 +02:00
Fabrice Fontaine
e55af2ff9e package/exfatprogs: bump to version 1.1.0
https://github.com/exfatprogs/exfatprogs/releases/tag/1.1.0

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-04-20 22:18:54 +02:00
Fabrice Fontaine
a4c38ae470 package/uboot-tools: security bump to version 2021.04
- Fix CVE-2021-27097: The boot loader in Das U-Boot before 2021.04-rc2
  mishandles a modified FIT.
- Fix CVE-2021-27138: The boot loader in Das U-Boot before 2021.04-rc2
  mishandles use of unit addresses in a FIT.

- Update second patch
- Drop fourth patch (already in version)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-04-20 22:18:38 +02:00
Fabrice Fontaine
ed653df573 package/nettle: security bump to version 3.7.2
Fix CVE-2021-20305: A flaw was found in Nettle in versions before 3.7.2,
where several Nettle signature verification functions (GOST DSA, EDDSA &
ECDSA) result in the Elliptic Curve Cryptography point (ECC) multiply
function being called with out-of-range scalers, possibly resulting in
incorrect results. This flaw allows an attacker to force an invalid
signature, causing an assertion failure or possible validation. The
highest threat to this vulnerability is to confidentiality, integrity,
as well as system availability.

https://git.lysator.liu.se/nettle/nettle/-/blob/nettle_3.7.2_release_20210321/NEWS

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-04-20 22:18:20 +02:00
Fabio Estevam
769d053f65 configs/imx6-sabresd: bump U-Boot and kernel versions
Bump to U-Boot 2021.04 and kernel 5.10.25 versions.

Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-04-20 21:33:31 +02:00
Fabio Estevam
bd62da59b9 boot/uboot: bump to version 2021.04
Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-04-20 21:31:49 +02:00
Fabrice Fontaine
34764dcfac package/python-botocore: drop docutils dependency
docutils is not a dependency since version 1.18.0 and
dd24dd1b2e

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-04-20 21:29:41 +02:00
Fabrice Fontaine
32c10f256b package/fmt: add FMT_CPE_ID_VENDOR
cpe:2.3🅰️fmt:fmt is a valid CPE identifier for this package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Afmt%3Afmt

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-04-20 21:24:58 +02:00
Alexander Egorenkov
55a7382564 package/multipath-tools: bump to version 0.8.6
https://github.com/opensvc/multipath-tools/releases/tag/0.8.6

Signed-off-by: Alexander Egorenkov <egorenar-dev@posteo.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-04-19 23:45:12 +02:00
Jörg Krause
40ebac416b package/libnpupnp: bump to version 4.1.3
Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-04-19 23:45:06 +02:00
Jörg Krause
ec15f89be9 package/mpd: bump to version 0.22.6
Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-04-19 23:45:02 +02:00
Alexander Dahl
3ce7afbe50 package/dnsmasq: security bump to 2.85
CVE-2021-3448 applies.  See announcement for details.

Link: https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2021q2/014962.html
Signed-off-by: Alexander Dahl <post@lespocky.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-04-19 23:29:48 +02:00
Ramon Fried
18c3d44a0a package/bitwise: bump version to 0.42
Signed-off-by: Ramon Fried <rfried.dev@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-04-19 23:29:15 +02:00
Fabrice Fontaine
b27fca6482 package/yavta: disable -Werror
Fix build failure which is raised since bump to latest version in commit
87ba7be02f

Fixes:
 - http://autobuild.buildroot.org/results/d5b4f69f46cef4dd11410fe48d21372cb883ae4a

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-04-19 23:28:25 +02:00
Michael Walle
bd82bedfd1 package/linux-serial-test: bump version
Give this package some love and update to the newest version. There are
no released versions, though. Therefore, use the latest commit.

Notable changes:
 - RS485 support fixes and features
 - internal loopback support

Signed-off-by: Michael Walle <michael@walle.cc>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-04-19 23:21:26 +02:00
Sam Voss
4732b78221 package/rsyslog: install default service file
As of v8.2008 rsyslog no longer provides a default service file, and now
suggests using the platform suggested defaults. For Buildroot, install
the Debian service file which has been added in the same version,
however is not included in the official release.

Upstream commit which adds this service file:
cfd07503ba

Signed-off-by: Sam Voss <sam.voss@rockwellcollins.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-04-19 23:21:04 +02:00
Jörg Krause
53f5dd3115 package/spdlog: bump to version 1.8.5
Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-04-19 22:54:46 +02:00
Jörg Krause
8974596836 package/gerbera: bump to version 1.8.0
Also recreate config.xml by building and running Gerbera using:

```
~/buildroot/output/target/usr/bin/gerbera --create-config > package/gerbera/config.xml

```

Note, that Gerbera sets the `<home>` parameter now to the runtime user's home by
default when generating the script. This is not appropriate when running Gerbera
on an embedded Linux system as we usually do not have multiple users or even
users at all. Therefore, we set the home directory to /var/lib/gerbera`.

As this directory is not created when installing Gerbera to the target,
it is created by the start script.

Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-04-19 22:54:27 +02:00
Francois Perrad
d72152ad8e package/luarocks: improve detection of license files
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-04-19 22:51:43 +02:00
Francois Perrad
2ff52ae939 package/luarocks: bump to version 3.7.0
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-04-19 22:45:20 +02:00
Jörg Krause
718b6c224a package/luv: bump to version 1.40.0-0
Also fix spacing to use 2 spaces in the hash file.

Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-04-19 22:45:06 +02:00
Maxim Kochetkov
75d1a5a046 DEVELOPERS: add Maxim Kochetkov for postgis
Signed-off-by: Maxim Kochetkov <fido_max@inbox.ru>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-04-19 22:44:11 +02:00
Fabrice Fontaine
4a48f2c180 package/oniguruma: bump to version 6.9.7.1
Update hash of COPYING (update in year:
56255e8b3e)

https://github.com/kkos/oniguruma/blob/v6.9.7.1/HISTORY

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-04-19 22:35:43 +02:00