Commit Graph

69750 Commits

Author SHA1 Message Date
Etienne Carriere
62b5ef354e package/optee-examples: bump to version 4.0.0
Bumps OP-TEE examples package version to OP-TEE release 4.0.0.

Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2023-11-01 11:34:42 +01:00
Etienne Carriere
eac8e641fa package/optee-test: bump to version 4.0.0
Bumps OP-TEE test package version to OP-TEE release 4.0.0.
Removes the local patch on OpenSSL support that has been integrated
into mainline repository before release tag 4.0.0.

Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2023-11-01 11:34:30 +01:00
Etienne Carriere
8a8fa20068 package/optee-client: bump to version 4.0.0
Bumps OP-TEE client package version to OP-TEE release 4.0.0.

Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2023-11-01 11:34:18 +01:00
Etienne Carriere
d03195c90e boot/optee-os: bump to version 4.0.0
Bumps OP-TEE OS package version to OP-TEE release 4.0.0.

Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2023-11-01 11:32:58 +01:00
Alisa Volk
6e000dba5f package/libcurl: introduce option to enable WebSockets support
Signed-off-by: Alisa Volk <aolvolk@salutedevices.com>
[yann.morin.1998@free.fr: drop "default n"]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2023-10-31 21:47:28 +01:00
TIAN Yuanhao
9705d30026 package/tini: move docker-init to /usr/libexec/docker/
The docker-init is not intended to be a user-facing command, and as such
it is more appropriate for it to be found in /usr/libexec/ than in $PATH.

See:
6caaa8cadc
5a998af6f5

Signed-off-by: TIAN Yuanhao <tianyuanhao3@163.com>
[yann.morin.1998@free.fr: use mkdir -p, not install -d]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2023-10-31 21:41:49 +01:00
Fabrice Fontaine
c4658ede71 package/wolfssl: security bump to version 5.6.4
[Medium] A fix was added, but still under review for completeness, for a
Bleichenbacher style attack, leading to being able to decrypt a saved
TLS connection and potentially forge a signature after probing with a
large number of trial connections. This issue is around RSA decryption
and affects static RSA cipher suites on the server side, which are not
recommended to be used and are off by default. Static RSA cipher suites
were also removed from the TLS 1.3 protocol and only present in TLS 1.2
and lower. All padding versions of RSA decrypt are affected since the
code under review is outside of the padding processing. Information
about the private keys is NOT compromised in affected code. It's
recommended to disable static RSA cipher suites and update the version
of wolfSSL used if using RSA private decryption alone outside of TLS.

https://github.com/wolfSSL/wolfssl/releases/tag/v5.6.4-stable

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-10-31 19:02:57 +01:00
Peter Korsgaard
957e2d2ffd package/xen: security bump to version 4.14.6
Includes a number of bugfixes and the security fixes up to xsa-436:
https://xenproject.org/downloads/xen-project-archives/xen-project-4-14-series/xen-project-4-14-6/

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-10-31 19:02:45 +01:00
Yann E. MORIN
a9d2040b06 DEVELOPPERS: fix licheepi entries
Reported-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2023-10-29 22:03:38 +01:00
Yann E. MORIN
750392e95e configs/licheepi_zero: rename with manufacturer prefix
Commit 72c653367d (board/licheepi_zero: move board files to their own
directory) forgot to rename the defconfig file, even though the
readme.txt was updated.

Do the rename now.

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2023-10-29 19:50:07 +01:00
Francois Dugast
9a51a07a91 configs/sipeed_licheepi_nano: new board
Add support for the LicheePi Nano with mainline components:
  - U-Boot 2023.04
  - Linux 6.5.9

Board homepage and more usable WiKi:
  - https://wiki.sipeed.com/hardware/en/lichee/Nano/Nano.html
  - https://linux-sunxi.org/LicheePi_Nano

linux.fragment is required to disable some features in order to keep the
kernel size small, otherwise the board does not boot due to limited
memory. See note in readme.txt.

Signed-off-by: Francois Dugast <francois.dugast.foss@gmail.com>
[yann.morin.1998@free.fr:
  - use fixed kernel version
  - use manufacturer directory
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2023-10-29 19:43:29 +01:00
Francois Dugast
72c653367d board/licheepi_zero: move board files to their own directory
Group files for board licheepi_zero under the existing manufacturer
directory, like all the other boards by Sipeed.

Signed-off-by: Francois Dugast <francois.dugast.foss@gmail.com>
[yann.morin.1998@free.fr: use the manufacturer sub-dir]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2023-10-29 19:42:56 +01:00
Fabrice Fontaine
ffe48fac1d package/rabbitmq-c: bump to version 0.13.0
License file renamed and slightly updated without any change in
applicable terms:
    83a75b3943
    fd51cf8fdc

Detailed changelog:
    https://github.com/alanxz/rabbitmq-c/blob/v0.13.0/ChangeLog.md

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2023-10-29 12:13:21 +01:00
Fabrice Fontaine
477b39a1e0 package/pango: fix build with gcc >= 13
Fix the following build failure with gcc >= 13:

In function 'find_best_lang_match_cached',
    inlined from 'find_best_lang_match_cached' at ../pango/pango-language.c:501:1,
    inlined from 'pango_language_get_scripts' at ../pango/pango-language.c:661:21:
../pango/pango-language.c:518:12: error: array subscript 0 is outside array bounds of 'const void *[0]' {aka 'const void *[]'} [-Werror=array-bounds=]
  518 |     *cache = result;
      |     ~~~~~~~^~~~~~~~
In function 'pango_language_get_scripts':
cc1: note: source object is likely at address zero
cc1: some warnings being treated as errors

Fixes:
 - http://autobuild.buildroot.org/results/e8b5a752a62621099942b29c1642747eef2930cb

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2023-10-29 12:11:54 +01:00
Sergey Bobrenok
651b653814 package/sdbus-cpp: remove redundant SDBUS_CPP_SOURCE variable
There is no need to define SDBUS_CPP_SOURCE explicitly because the
github helper works perfectly well with the default _SOURCE value.

Signed-off-by: Sergey Bobrenok <bobrofon@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2023-10-29 12:03:22 +01:00
Bernd Kuhls
cf368a3d11 package/kodi: fix build with python 3.12
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2023-10-29 09:47:16 +01:00
Bernd Kuhls
ce7d054878 package/clamav: security bump version to 1.0.4
Release notes:
https://blog.clamav.net/2023/10/clamav-121-113-104-010311-patch.html

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2023-10-29 09:47:10 +01:00
Fabrice Fontaine
073b0fc9c1 package/flashrom: bump to version 1.3.0
https://www.flashrom.org/release_notes/v_1_3.html

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2023-10-29 09:33:31 +01:00
Bernd Kuhls
e110aad3ab package/kodi-pvr-iptvsimple: bump version to 20.11.1-Nexus
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2023-10-29 09:33:24 +01:00
Stefan Agner
ae2dc6ae61 package/docker-cli: bump version to v24.0.7
Minor bugfix in docker ps status description.

https://github.com/moby/moby/releases/tag/v24.0.7

Signed-off-by: Stefan Agner <stefan@agner.ch>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2023-10-29 09:33:17 +01:00
Stefan Agner
d2290e6141 package/docker-engine: bump version to v24.0.7
The overlay2 layers metadata are now written atomically. Many other
bugfixes and hardening against security issues around the power capping
framework.

https://github.com/moby/moby/releases/tag/v24.0.7

Signed-off-by: Stefan Agner <stefan@agner.ch>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2023-10-29 09:33:11 +01:00
Bernd Kuhls
c76fc2cda1 package/onevpl-intel-gpu: bump version to 23.4.0
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2023-10-29 09:33:04 +01:00
Sergey Bobrenok
b02338f066 package/sdbus-cpp: bump to version 1.4.0
Changelog:
https://github.com/Kistler-Group/sdbus-cpp/releases/tag/v1.4.0

Signed-off-by: Sergey Bobrenok <bobrofon@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2023-10-29 09:32:58 +01:00
Bernd Kuhls
c4006bff7c package/libopenssl: security bump version to 3.1.4
Fixes CVE-2023-5363:
https://www.openssl.org/news/secadv/20231024.txt
https://www.openssl.org/news/vulnerabilities.html

Changelog: https://www.openssl.org/news/cl31.txt

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2023-10-29 09:32:52 +01:00
Bernd Kuhls
c1b3aac218 package/tvheadend: bump version
Fixes build with python 3.12.

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2023-10-29 09:32:46 +01:00
Bernd Kuhls
96298d3b54 {linux, linux-headers}: bump 4.{14, 19}.x / 5.{4, 10, 15}.x / 6.{1, 5}.x series
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2023-10-29 09:32:40 +01:00
Bernd Kuhls
a40924107d package/php: bump version to 8.2.12
Changelog: https://www.php.net/ChangeLog-8.php#8.2.12
Release notes: https://www.php.net/releases/8_2_12.php

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2023-10-29 09:32:33 +01:00
Oleg Lyovin
3c6f3af24d package/python-pycryptodomex: fix package build with gcc 4.8
python-pycryptodomex uses C99 features like variable
declaration in for-loop statement, while old compilers
assumes C89 by default.

This patch explicitly specifies C99 standard.

Signed-off-by: Oleg Lyovin <ovlevin@salutedevices.com>
[yann.morin.1998@free.fr: use TARGET/HOST_CFLAGS]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2023-10-29 00:30:17 +02:00
Fabrice Fontaine
836a11aaa6 package/spirv-tools: needs C++17
Fix the following build failure raised since the addition of the package
in commit 0a01085abe:

CMake Error at CMakeLists.txt:17 (project):
  No CMAKE_CXX_COMPILER could be found.

Fixes:
 - http://autobuild.buildroot.org/results/aff5b968342bf05f036c8e1e557c404060345d30

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[yann.morin.1998@free.fr: needs C++ for itself, drop inherited comment]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2023-10-29 00:06:35 +02:00
Fabrice Fontaine
f1b14ea5a3 package/acsccid: bump to version 1.1.10
https://sourceforge.net/p/acsccid/news/2023/04/acsccid-119-released/
https://sourceforge.net/p/acsccid/news/2023/08/acsccid-1110-released/

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2023-10-28 23:05:37 +02:00
Fabrice Fontaine
1f3319e0bb package/cppzmq: bump to version 4.10.0
https://github.com/zeromq/cppzmq/releases/tag/v4.10.0

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2023-10-28 22:50:22 +02:00
Fabrice Fontaine
e324475294 package/cli11: bump to version 2.3.2
Update hash of LICENSE file (update in year:
39a5f1981e)

https://github.com/CLIUtils/CLI11/releases/tag/v2.3.2

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2023-10-28 22:50:16 +02:00
Fabrice Fontaine
654f18c617 package/cjson: bump to version 1.7.16
https://github.com/DaveGamble/cJSON/releases/tag/v1.7.16

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2023-10-28 22:50:10 +02:00
Fabrice Fontaine
98d0a7b95f package/x11r7/xlib_libX11: security bump to version 1.8.7
Fix CVE-2023-43785, CVE-2023-43786 and CVE-2023-43787

https://lists.x.org/archives/xorg-announce/2023-October/003424.html
https://lists.x.org/archives/xorg-announce/2023-October/003426.html

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2023-10-28 22:50:04 +02:00
Fabrice Fontaine
c709ab6fff package/x11r7/xlib_libXpm: security bump to version 3.5.17
Fix CVE-2023-43788, CVE-2023-43789 and CVE-2023-43786

https://lists.x.org/archives/xorg-announce/2023-October/003424.html
https://lists.x.org/archives/xorg-announce/2023-October/003425.html

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2023-10-28 22:49:58 +02:00
Fabrice Fontaine
e0e96336ab package/python-urllib3: security bump to version 2.0.7
Fix CVE-2023-43804 and CVE-2023-45803

https://github.com/urllib3/urllib3/security/advisories/GHSA-v845-jxx5-vc9f
https://github.com/urllib3/urllib3/security/advisories/GHSA-g4mx-q9vg-27p4
https://github.com/urllib3/urllib3/blob/2.0.7/CHANGES.rst

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2023-10-28 22:49:52 +02:00
Fabrice Fontaine
7217661e3a package/cryptopp: bump to version 8.9.0
- Drop patch (already in version)
- Update hash of License.txt (minor updates with:
  bc2c8423a1
  b418f93483
  2bce06d5db)

https://www.cryptopp.com/release890.html
https://www.cryptopp.com/release880.html
https://www.cryptopp.com/release870.html

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2023-10-28 22:49:46 +02:00
Fabrice Fontaine
c3fcaeaaa7 package/rabbitmq-c: fix CVE-2023-35789
An issue was discovered in the C AMQP client library (aka rabbitmq-c)
through 0.13.0 for RabbitMQ. Credentials can only be entered on the
command line (e.g., for amqp-publish or amqp-consume) and are thus
visible to local attackers by listing a process and its arguments.

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2023-10-28 22:49:40 +02:00
Fabrice Fontaine
afe32537d1 package/avrdude: bump to version 7.2
https://github.com/avrdudes/avrdude/blob/v7.2/NEWS

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2023-10-28 22:49:34 +02:00
Fabrice Fontaine
cf746901dd package/powerpc-utils: bump to version 1.3.11
https://github.com/ibm-power-utilities/powerpc-utils/blob/v1.3.11/Changelog

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2023-10-28 22:49:27 +02:00
Fabrice Fontaine
145f01ded5 package/dracut: bump to version 059
https://github.com/dracutdevs/dracut/blob/059/NEWS.md

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2023-10-28 22:49:20 +02:00
Fabrice Fontaine
e96b1c4b0b package/tiff: security bump to version 4.6.0
- Drop --without-x (now unrecognized)
- Fix CVE-2023-40745: LibTIFF is vulnerable to an integer overflow. This
  flaw allows remote attackers to cause a denial of service (application
  crash) or possibly execute an arbitrary code via a crafted tiff image,
  which triggers a heap-based buffer overflow.
- Fix CVE-2023-41175: A vulnerability was found in libtiff due to
  multiple potential integer overflows in raw2tiff.c. This flaw allows
  remote attackers to cause a denial of service or possibly execute an
  arbitrary code via a crafted tiff image, which triggers a heap-based
  buffer overflow.

https://libtiff.gitlab.io/libtiff/releases/v4.6.0.html

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2023-10-28 22:49:14 +02:00
Fabrice Fontaine
8c70374c4f package/atop: bump to version 2.9.0
https://www.atoptool.nl/downloadatop.php

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2023-10-28 22:49:08 +02:00
Fabrice Fontaine
8716942ca6 package/zchunk: security bump to version 1.3.2
- Drop patches (already in version)
- tests can be disabled since version 1.2.3 and
  e2e3d6b14e
- docs can be disabled since version 1.2.3 and
  af6c10e8be
- Fix CVE-2023-46228: zchunk before 1.3.2 has multiple integer overflows
  via malformed zchunk files to lib/comp/comp.c, lib/comp/zstd/zstd.c,
  lib/dl/multipart.c, or lib/header.c.

https://github.com/zchunk/zchunk/compare/1.2.2...1.3.2

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2023-10-28 22:49:02 +02:00
Fabrice Fontaine
3499c75ccf package/zchunk: add ZCHUNK_CPE_ID_VENDOR
cpe:2.3🅰️zchunk:zchunk is a valid CPE identifier for this package:

  https://nvd.nist.gov/products/cpe/detail/480C0B83-3109-49EE-9E06-7866A54878CA

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2023-10-28 22:48:55 +02:00
Fabrice Fontaine
3155bd54eb package/spirv-headers: needs C++
Fix the following build failure raised since the addition of the package
in commit 0a01085abe:

CMake Error at /home/buildroot/autobuild/instance-3/output-1/host/share/cmake-3.27/Modules/CMakeTestCXXCompiler.cmake:60 (message):
  The C++ compiler

    "/usr/bin/c++"

  is not able to compile a simple test program.

Fixes:
 - http://autobuild.buildroot.org/results/4b94edf6dee03e74ff53939aa228069cc6ba4292

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[yann.morin.1998@free.fr: propagate to spirv-tools]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2023-10-28 22:41:23 +02:00
Peter Korsgaard
ecce7bf95a package/dfu-programmer: bump version to 1.1.0
The update-bash-completion.sh issue is now fixed, so remove the workaround:

https://github.com/dfu-programmer/dfu-programmer/pull/91

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2023-10-28 21:30:36 +02:00
Peter Korsgaard
99d525028f package/aufs-util: use HTTPS for git.code.sf.net
git.code.sf.net is available over HTTPS, so use that for security and
consistency with the other packages.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2023-10-28 21:30:30 +02:00
Peter Korsgaard
f2a590750f package/aufs: use HTTPS for git.code.sf.net
git.code.sf.net is available over HTTPS, so use that for security and
consistency with the other packages.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2023-10-28 21:30:24 +02:00
Peter Korsgaard
05296ced36 Config.in: default to HTTPS for s.b.n backup site
Now that we have HTTPS support for sources.buildroot.net (through Lets
encrypt / Cloudflare), it makes sense to default to it for our backup site.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2023-10-28 21:30:18 +02:00