Commit Graph

56995 Commits

Author SHA1 Message Date
Dick Olsson
643b03b62f package/s6-linux-init: bump to version 1.0.6.3
https://www.mail-archive.com/skaware@list.skarnet.org/msg01579.html

Signed-off-by: Dick Olsson <hi@senzilla.io>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-05-01 16:50:00 +02:00
Dick Olsson
db807a1452 package/s6-networking: bump to version 2.4.1.1
Change hash file indentation to 2 spaces.

https://www.mail-archive.com/skaware@list.skarnet.org/msg01579.html

Signed-off-by: Dick Olsson <hi@senzilla.io>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-05-01 16:49:31 +02:00
Dick Olsson
6066d67d05 package/s6-dns: bump to version 2.3.5.1
Change hash file indentation to 2 spaces.

https://www.mail-archive.com/skaware@list.skarnet.org/msg01579.html

Signed-off-by: Dick Olsson <hi@senzilla.io>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-05-01 16:49:10 +02:00
Dick Olsson
340f47b649 package/s6-linux-utils: bump to version 2.5.1.5
Change hash file indentation to 2 spaces.

https://www.mail-archive.com/skaware@list.skarnet.org/msg01579.html

Signed-off-by: Dick Olsson <hi@senzilla.io>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-05-01 16:48:48 +02:00
Dick Olsson
92fb4ed491 package/s6-portable-utils: bump to version 2.2.3.2
Change hash file indentation to 2 spaces.

https://www.mail-archive.com/skaware@list.skarnet.org/msg01579.html

Signed-off-by: Dick Olsson <hi@senzilla.io>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-05-01 16:48:03 +02:00
Dick Olsson
dac412acfd package/s6-rc: bump to version 0.5.2.2
Change hash file indentation to 2 spaces.

https://www.mail-archive.com/skaware@list.skarnet.org/msg01579.html

Signed-off-by: Dick Olsson <hi@senzilla.io>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-05-01 16:47:02 +02:00
Dick Olsson
650aa24671 package/s6: bump to version 2.10.0.3
Change hash file indentation to 2 spaces.

https://www.mail-archive.com/skaware@list.skarnet.org/msg01579.html

Signed-off-by: Dick Olsson <hi@senzilla.io>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-05-01 16:46:14 +02:00
Dick Olsson
1c0daf5186 package/execline: bump to version 2.8.0.1
https://www.mail-archive.com/skaware@list.skarnet.org/msg01579.html

Signed-off-by: Dick Olsson <hi@senzilla.io>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-05-01 16:45:33 +02:00
Dick Olsson
662355082a package/skalibs: bump to version 2.10.0.3
- Remove upstream patch that has been committed
- Change hash file indentation to 2 spaces

https://www.mail-archive.com/skaware@list.skarnet.org/msg01579.html

Signed-off-by: Dick Olsson <hi@senzilla.io>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-05-01 16:44:52 +02:00
Dick Olsson
d87e069d98 package/s6-networking: support building with bearssl
Signed-off-by: Dick Olsson <hi@senzilla.io>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-05-01 16:37:36 +02:00
Charles Hardin
421bcc8470 package/imx-uuc: bump version and enable for i.MX8 architecture
The imx-uuc package was only selectable on 32-bit arm targets; this
patch allows aarch64 targets such as i.MX8 to select the package
and use the ufb for fastboot support against the mfgtools "uuu".

Also bumping to latest upstream commit before uuc is removed from the
standard build, from
    https://github.com/NXPmicro/imx-uuc

Tested on i.MX8QXP.

Signed-off-by: Charles Hardin <ckhardin@gmail.com>
Reviewed-by: Gary Bisson <gary.bisson@boundarydevices.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-05-01 15:23:09 +02:00
Peter Seiderer
27b30ee742 package/libtomcrypt: update home page URL to https
- update home page URL to https

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-05-01 15:16:44 +02:00
Fabrice Fontaine
19ec872f16 package/dmalloc: needs -fPIC
Drop first patch and pass -fPIC to configure to fix the following build
failure on ARC:

ERROR: architecture for "/usr/lib/libdmalloc.so" is "ARCompact", should be "ARCv2"
ERROR: architecture for "/usr/lib/libdmallocth.so" is "ARCompact", should be "ARCv2"
ERROR: architecture for "/usr/lib/libdmallocthcxx.so" is "ARCompact", should be "ARCv2"
ERROR: architecture for "/usr/lib/libdmallocxx.so" is "ARCompact", should be "ARCv2"

This build failure is due to the following configure error:

checking shared library link args... ./configure: line 4467: 10229 Segmentation fault      ( ${LD-ld} -shared --whole-archive -soname conftest.so -o conftest.so.t conftest.a ) 2>&5
/home/buildroot/autobuild/run/instance-0/output-1/host/bin/arc-buildroot-linux-gnu-ld -G -o $@.t

This configure error is due to missing -fPIC:

configure:4392: checking shared library link args
configure:4398: /home/buildroot/autobuild/run/instance-0/output-1/host/bin/arc-buildroot-linux-gnu-gcc -c -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64  -Os -g2  -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 conftest.c >&5
configure:4404: $? = 0
configure:4408: test -z
			 || test ! -s conftest.err
configure:4411: $? = 0
configure:4414: test -s conftest.o
configure:4417: $? = 0
/home/buildroot/autobuild/run/instance-0/output-1/host/bin/arc-buildroot-linux-gnu-ld: conftest.a(conftest.o): relocation R_ARC_32_ME against `__stack_chk_guard' can not be used when making a shared object; recompile with -fPIC
/home/buildroot/autobuild/run/instance-0/output-1/host/bin/arc-buildroot-linux-gnu-ld: BFD (GNU Binutils) 2.33.50.20191002 assertion fail elf32-arc.c:1805
/home/buildroot/autobuild/run/instance-0/output-1/host/bin/arc-buildroot-linux-gnu-ld: unrecognized option '-all'
/home/buildroot/autobuild/run/instance-0/output-1/host/bin/arc-buildroot-linux-gnu-ld: use the --help option for usage information
configure:4475: result: /home/buildroot/autobuild/run/instance-0/output-1/host/bin/arc-buildroot-linux-gnu-ld -G -o $@.t

Fixes:
 - http://autobuild.buildroot.org/results/65677d889c27649e1f3ca1f3b6c70df7c89779f6

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-05-01 15:04:30 +02:00
Gleb Mazovetskiy
7333207eaf Fix -latomic for CMake packages
The poppler package failed to build for me with errors such as this one:

    host/aarch64-buildroot-linux-gnu/include/c++/10.3.0/cstdlib:75:15: fatal error: stdlib.h: No such file or directory
       75 | #include_next <stdlib.h>
          |               ^~~~~~~~~~

Changing the CMake option to a link-specific one fixes the issue.

Also change other packages with the same issue: cutelyst, gerbera,
kf5-modemmanager-qt, kodi and wampcc.

Signed-off-by: Gleb Mazovetskiy <glex.spb@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-05-01 15:00:18 +02:00
Peter Korsgaard
862609b389 package/bind: security bump to version 9.11.31
Fixes the following security issues:

- A malformed incoming IXFR transfer could trigger an assertion failure in
  named, causing it to quit abnormally.  (CVE-2021-25214)

- named crashed when a DNAME record placed in the ANSWER section during
  DNAME chasing turned out to be the final answer to a client query.
  (CVE-2021-25215)

- When a server's configuration set the tkey-gssapi-keytab or
  tkey-gssapi-credential option, a specially crafted GSS-TSIG query could
  cause a buffer overflow in the ISC implementation of SPNEGO (a protocol
  enabling negotiation of the security mechanism used for GSSAPI
  authentication).  This flaw could be exploited to crash named binaries
  compiled for 64-bit platforms, and could enable remote code execution when
  named was compiled for 32-bit platforms.  (CVE-2021-25216)

For more details, see the release notes:
https://downloads.isc.org/isc/bind9/9.11.31/RELEASE-NOTES-bind-9.11.31.html

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-05-01 14:57:33 +02:00
Charles Hardin
ea8c740008 package/imx-seco: use the c0 revision for the imx8qxp ahab image
Update the selection of the ahab container image to use based upon
a choice in the Config.in - there are multiple ASIC revisions that
use AHAB and the firmware images need to match. This extends the
support beyond a default image for just the imx8 amd imx8x based
upon the current contents of the imx-seco firmware extraction.

Files from 3.7.4:
    mx8dxla0-ahab-container.img
    mx8dxla1-ahab-container.img
    mx8qmb0-ahab-container.img
    mx8qxb0-ahab-container.img
    mx8qxc0-ahab-container.img

The original defaults prior to this patch were mx8qmb0 for IMX8
and mx8qxb0 for the IMX8X selections. However, this patch will
change the default selection of the IMX8X from the B0 option to
C0 because the IMX8X C0 HW variant is widespread and the current
release of hardware silicon. Because there are still B0's in
circulation an option is being kept for that as well.

Signed-off-by: Charles Hardin <ckhardin@gmail.com>
[yann.morin.1998@free.fr: 1 minor code style]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-05-01 14:55:59 +02:00
Peter Seiderer
d3a8ca9371 package/sane-backends: poppler-glib needs cairo
- poppler-glib depends on cairo (see poppler-0.84.0/CMakeLists.txt):

  185 else()
  186   set(CAIRO_FEATURE "#undef POPPLER_HAS_CAIRO")
  187   set(ENABLE_GLIB OFF)
  188 endif()

Fixes:

  - http://autobuild.buildroot.net/results/9a345f82c7a010f6b2a3361f25b14caefa9dcbef

  checking for POPPLER_GLIB... no
  configure: error: poppler-glib requested but not found

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-05-01 14:46:15 +02:00
Fabrice Fontaine
73d0da2dd6 package/python-rpi-ws281w: fix build with gcc 4.8
Fix build failure with gcc 4.8 which is raised since bump to version
4.2.6 in commit f21d46bf99

Fixes:
 - http://autobuild.buildroot.org/results/3d037922484bfc45d0f985f87b38f20c5a4ab064

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-05-01 14:41:11 +02:00
Fabrice Fontaine
d4f166d951 package/nginx: add libxcrypt optional dependency
Fix build failure on uclibc with libxcrypt which has been added in
commit 464bbe26ff

Fixes:
 - http://autobuild.buildroot.org/results/79a51b0d348e756517b5c9ce815a67f5c657e7e6

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-05-01 14:30:54 +02:00
Fabrice Fontaine
c5f3c6ff1a package/sox: fix static build with magic and bzip2
Update patch added by commit 183d583fb5 to
use pkg-config instead of linking with zlib to fix the following static
build failure with a bzip2-enabled libmagic:

/home/buildroot/autobuild/instance-1/output-1/host/opt/ext-toolchain/bin/../lib/gcc/arc-buildroot-linux-uclibc/9.3.1/../../../../arc-buildroot-linux-uclibc/bin/ld: /home/buildroot/autobuild/instance-1/output-1/host/arc-buildroot-linux-uclibc/sysroot/usr/lib/libmagic.a(compress.o): in function `uncompressbuf':
compress.c:(.text+0x422): undefined reference to `BZ2_bzDecompressInit'
/home/buildroot/autobuild/instance-1/output-1/host/opt/ext-toolchain/bin/../lib/gcc/arc-buildroot-linux-uclibc/9.3.1/../../../../arc-buildroot-linux-uclibc/bin/ld: compress.c:(.text+0x422): undefined reference to `BZ2_bzDecompressInit'

Fixes:
 - http://autobuild.buildroot.org/results/4c511c02e4c63b35ecf77a2658f88e8a0d9dbb4d

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-05-01 14:21:55 +02:00
Yann E. MORIN
bc2e555eb1 package/openjdk: drop patch left over after last bump
Commit 5871e278f8 (package/openjdk{, -bin}: security bump to version
11.0.11_9) forgot to account for the openjdk patch in the versioned
directory.

That patch was a collection of backports from upstream ,that are now all
present in 11.0.11+9, so drop that patch.

Fixes: 5871e278f8
Reported-by: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-05-01 08:57:08 +02:00
Tian Yuanhao
40dee9a19f package/e2fsprogs: add option for e2scrub
The e2scrib tool has various requirements:

  - e2scrub and its associated helpers, are bash scripts

  - e2scrub_all depends on coreutils' readlink; busybox readlink is
    missing some options:
        readlink: invalid option -- 'e'

  - by design, e2scrub only works on an LVM volume

Add an option to enable e2scrub. This is probably seldom used, so it
does not warrant the usual dance about BR2_PACKAGE_BUSYBOX_SHOW_OTHERS
and selecting the tools; we can just depend on the required tools.

Signed-off-by: Tian Yuanhao <tianyuanhao@aliyun.com>
Cc: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: James Hilliard <james.hilliard1@gmail.com>
[yann.morin.1998@free.fr:
  - add a kconfig option like for other tools
  - move the conditions to that new option
  - reword the commit log accordingly
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-05-01 00:02:11 +02:00
Bernd Kuhls
ac3234acd8 package/php: security bump version to 7.4.18
Changelog: https://www.php.net/ChangeLog-7.php#7.4.18

Release notes: https://www.php.net/releases/7_4_18.php

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-04-30 14:55:14 +02:00
Petr Vorel
a7dd48babc package/feh: bump version to 3.6.3
Signed-off-by: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-04-30 14:54:55 +02:00
Bernd Kuhls
f3513d4c56 package/samba4: security bump version to 4.14.4
Fixes CVE-2021-20254:
https://www.samba.org/samba/security/CVE-2021-20254.html

Release notes: https://www.samba.org/samba/history/samba-4.14.4.html

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-04-30 14:54:32 +02:00
Bernd Kuhls
9fea6712f5 package/fetchmail: bump version to 6.4.19
Updated license hash due to upstream typo fix:
2409d4f0ba/

Release notes:
https://sourceforge.net/p/fetchmail/mailman/message/37267719/

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-04-30 14:53:16 +02:00
Thomas Petazzoni
fe1353020e boot/opensbi: allow using U-Boot as a payload
The opensbi package already allows to use Linux as a payload for
OpenSBI, but in some cases, U-Boot as payload is useful. This commit
adds a BR2_TARGET_OPENSBI_UBOOT_PAYLOAD option, modeled after the
existing BR2_TARGET_OPENSBI_LINUX_PAYLOAD.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-04-30 09:49:15 +02:00
Thomas Petazzoni
5c7166d387 boot/opensbi: add support for version configuration
OpenSBI contains platform-specific code, so very much like Linux,
U-Boot or other bootloaders, using the upstream version of OpenSBI
will very often not be sufficient.

This commit therefore adds the possibility of specifying a custom
version of OpenSBI, either custom from upstream, custom tarball, or
custom from Git. Support for other version control systems has not
been implemented for now, but could be added later if needed.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-04-30 09:46:21 +02:00
Bernd Kuhls
bad244ea45 package/kodi-pvr-nextpvr: bump version to 8.2.2-Matrix
Changelog:
https://github.com/kodi-pvr/pvr.nextpvr/blob/Matrix/pvr.nextpvr/changelog.txt

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-04-30 09:45:17 +02:00
Peter Korsgaard
607e7fd7a8 {linux, linux-headers}: bump 4.{4, 9, 14, 19}.x / 5.{4, 10, 11}.x series
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-04-30 09:44:53 +02:00
Romain Naour
28b4947ed8 package/bullet: bump to version 3.09
See:
https://github.com/bulletphysics/bullet3/releases/tag/3.09

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-04-29 11:16:15 +02:00
Romain Naour
31eb7bf7ae package/clinfo: bump to version 3.0.21.02.21
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-04-29 11:15:55 +02:00
Romain Naour
6ac557a54b package/terminology: bump to version 1.9.0
See:
https://www.enlightenment.org/news/2021-01-18-terminology-1.9.0

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-04-29 11:15:42 +02:00
Romain Naour
47aff8e8ef package/enet: bump to version 1.3.17
See:
https://github.com/lsalzman/enet/blob/v1.3.17/ChangeLog

Update file hash due to update license dates:
5b93d08fa5

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-04-29 11:15:32 +02:00
Romain Naour
f62aa54676 package/minetest{-game}: bump to version 5.4.1
See Changelog [1]

Update minetest-game licence file hash for:
  mods/player_api/license.txt [2]

Update minetest license file hash for:
  LICENSE.txt [3][4]

[1] https://dev.minetest.net/Changelog#5.3.0_.E2.86.92_5.4.0
[2] 63cffc4bd1
[3] 5066fe7583
[4] 92aac69b36

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-04-29 11:15:07 +02:00
Romain Naour
2814c077f8 package/efl: bump to version 1.25.1
See:
https://www.enlightenment.org/news/efl-1.25.1

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-04-29 11:14:04 +02:00
Romain Naour
696d2dbcda package/solarus: bump to version 1.6.5
See:
https://www.solarus-games.org/en/news/2021-04-06-solarus-1-6-5-bugfix-release

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-04-29 11:13:22 +02:00
Peter Korsgaard
89d4e1ccdb package/mkpimage: define extract step to allow patching
As recently discussed on the list:
http://lists.busybox.net/pipermail/buildroot/2021-April/308373.html

Packages like mkpimage where the source code is included in the Buildroot
tree, currently doesn't use an extract step (which also skips the patch
step), so they cannot be patched by a patch in BR2_GLOBAL_PATCH_DIR (or the
pkgdir), which is a bit confusing.

As a fix, add a simple extract step that copies the source file to the build
directory, so the patch step gets run as well.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-04-28 23:44:36 +02:00
Peter Korsgaard
a052e6e883 package/mkpaswd: define extract step to allow patching
As recently discussed on the list:
http://lists.busybox.net/pipermail/buildroot/2021-April/308373.html

Packages like mkpasswd where the source code is included in the Buildroot
tree, currently doesn't use an extract step (which also skips the patch
step), so they cannot be patched by a patch in BR2_GLOBAL_PATCH_DIR (or the
pkgdir), which is a bit confusing.

As a fix, add a simple extract step that copies the source files to the
build directory, so the patch step gets run as well.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-04-28 23:44:33 +02:00
Peter Korsgaard
c3355e31d2 package/makedevs: define extract step to allow patching
As recently discussed on the list:
http://lists.busybox.net/pipermail/buildroot/2021-April/308373.html

Packages like makedevs where the source code is included in the Buildroot
tree, currently doesn't use an extract step (which also skips the patch
step), so they cannot be patched by a patch in BR2_GLOBAL_PATCH_DIR (or the
pkgdir), which is a bit confusing.

As a fix, add a simple extract step that copies the source file to the build
directory, so the patch step gets run as well.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-04-28 23:44:27 +02:00
Bartosz Bilas
64dfbb0795 package/fmt: get rid of extra space
Commit 32c10f256b
introduced extra space so let's remove that in
order to be consistent with other variables.

Signed-off-by: Bartosz Bilas <b.bilas@grinn-global.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-04-28 23:40:44 +02:00
Francois Perrad
94a4dbceaa package/moarvm: bump to version 2021.04
zstd is a new dependency (since 2021.03)

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-04-28 23:40:21 +02:00
Fabrice Fontaine
f9335fe270 package/python-typepy: bump to version 1.1.5
- python-dateutil and python-pytz are optional since version 0.0.20 and
  a54dc97598
- python 2 and python-six dependency have been dropped in version 1.0.0 and
  764812d01d
- Update indentation in hash file (two spaces)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-04-28 23:38:17 +02:00
Gary Bisson
affb91fe8e board/boundarydevices: update readme.txt for nitrogen8mp
Add mention about nitrogen8mp_defconfig which is meant for our
Nitrogen8MPlus SOM device.

Signed-off-by: Gary Bisson <gary.bisson@boundarydevices.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-04-28 23:37:00 +02:00
Peter Korsgaard
5871e278f8 package/openjdk{, -bin}: security bump to version 11.0.11_9
Fixes the following security issues:

CVE-2020-14779, CVE-2020-14781, CVE-2020-14782, CVE-2020-14792,
CVE-2020-14796, CVE-2020-14797, CVE-2020-14798, CVE-2020-14803,
CVE-2021-2161, CVE-2021-2163

For details. see the advisories:
https://openjdk.java.net/groups/vulnerability/advisories/2020-10-20
https://openjdk.java.net/groups/vulnerability/advisories/2021-01-19
https://openjdk.java.net/groups/vulnerability/advisories/2021-04-20

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-04-28 23:35:38 +02:00
Thomas De Schampheleire
4d6c6b1bd4 support/download/hg: fix broken method
Commit 54d3d94b6e broke the 'hg' download
method, in a similar way as it broke the 'git' download method (later fixed
with commit b70ce56651), by introducing extra
output on stdout in a case where the output is redirected.

In the case of 'hg', the 'hg archive' step uses shell redirection rather
than directly letting hg write the output file, since commit
76b51f90c0.

As a result, the extra print added by the _hg function is prepended to the
actual archive, causing an invalid archive.

Fix by using the _plain_hg function instead. The disadvantage is that the
command for 'hg archive' is no longer printed.

Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-04-28 21:51:10 +02:00
Fabrice Fontaine
c5aedfe041 package/lxc: bump to version 4.0.6
"The LXC 4.0 branch is supported until June 2025. Only bugfixes and
securitiy issues get included into the stable bugfix releases, so it's
always safe and recommended to keep up and run the latest bugfix
release."

https://discuss.linuxcontainers.org/t/lxc-4-0-6-lts-has-been-released/9926

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-04-28 12:12:48 +02:00
Fabrice Fontaine
74a8e8670a package/uftrace: add missing dependency to comment
Commit f06d79255f forgot to add
BR2_PACKAGE_UFTRACE_ARCH_SUPPORTS dependency to threads comment

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-04-28 12:11:58 +02:00
Peter Korsgaard
a8fbe67b9b package/wpa_supplicant: add upstream patch to fix CVE-2021-30004
Fixes the following security issue for the internal TLS backend:

- CVE-2021-30004: In wpa_supplicant and hostapd 2.9, forging attacks may
  occur because AlgorithmIdentifier parameters are mishandled in tls/pkcs1.c
  and tls/x509v3.c.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-04-28 12:11:51 +02:00
Peter Korsgaard
d65586f45a package/hostapd: add upstream patch to fix CVE-2021-30004
Fixes the following security issue for the internal TLS backend:

- CVE-2021-30004: In wpa_supplicant and hostapd 2.9, forging attacks may
  occur because AlgorithmIdentifier parameters are mishandled in tls/pkcs1.c
  and tls/x509v3.c.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-04-28 12:11:43 +02:00