Commit Graph

44967 Commits

Author SHA1 Message Date
Romain Naour
70fb634c8d package/minetest: bump to version 5.0.0
"5.0.0 is a breaking release and not compatible to the 0.4 series", so
update minetest-game package in the same commit.

Update GCC dependency to 4.9+.

Use LICENSE.txt as license file instead of the README.md.

Update license files hash for minetest-game after checking what's changed.
Add new license files for minetest-game.

https://forum.minetest.net/viewtopic.php?t=22278

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-03-12 21:53:49 +01:00
Baruch Siach
32ef40a9d9 package/gnupg2: bump to version 2.2.13
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-03-12 21:51:53 +01:00
Baruch Siach
55c388d9d4 package/libgpg-error: bump to version 1.35
Release 1.34 added riscv32 support.

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-03-12 21:51:46 +01:00
Peter Korsgaard
24cc2eaa33 package/mosquitto: bump version to 1.5.8
Bugfix release, fixing a number of issues discovered post-1.5.7

https://mosquitto.org/blog/2019/02/version-1-5-8-released/

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-03-12 21:38:16 +01:00
Francois Perrad
800df729a4 package/lpeg: bump to version 1.0.2
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-03-12 21:36:11 +01:00
Baruch Siach
7aa057f2f1 package/iproute2: bump to version 4.20.0
Drop upstream patch. Renumber the remaining patch.

Add upstream patch fixing build with musl libc.

Cc: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-03-12 21:35:58 +01:00
Peter Korsgaard
b821ae3d63 package/php: security bump to version 7.3.3
php-7.3.3 fixes a number of security issues (no CVE known, bugtracker issues
not yet public): https://secure.php.net/ChangeLog-7.php#7.3.3

Drop 0004-OPcache-flock-mechanism-is-obviously-linux-so-force-.patch as the
flock detection has been removed since commit 9222702633 (Avoid dependency
on "struct flock" fields order.)

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-03-12 21:33:18 +01:00
Baruch Siach
7ffdc08f04 ntp: security bump to version 4.2.8p13
Fixes CVE-2019-8936: Crafted null dereference attack in authenticated
mode 6 packet.

Drop upstream patches.

Update COPYRIGHT file hash; text formatting (line width) changes.

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-03-12 16:20:51 +01:00
Baruch Siach
14d6e6df7b package/file: security bump to version 5.36
CVE-2019-8906: do_core_note in readelf.c in libmagic.a in file 5.35 has
an out-of-bounds read because memcpy is misused.

CVE-2019-8904: do_bid_note in readelf.c in libmagic.a in file 5.35 has a
stack-based buffer over-read, related to file_printf and file_vprintf.

Update license files hashes; removal of trailing white spaces.

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-03-12 16:16:34 +01:00
Fabrice Fontaine
f9fd193141 package/mongodb: disable on powerpc64
As stated in SConstruct, the altivec runtime test breaks
cross-compilation: "This checks for an altivec optimization we use in
full text search. Different versions of gcc appear to put output bytes
in different parts of the output vector produced by vec_vbpermq.  This
configure check looks to see which format the compiler produces. NOTE:
This breaks cross compiles, as it relies on checking runtime
functionality for the environment we're in."

Fixes:
 - http://autobuild.buildroot.org/results/162198617979a83b66f70ed6013251942ed04d67

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-03-11 22:58:43 +01:00
Fabrice Fontaine
ee772dad7b package/wireshark: add optional spandsp dependency
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-03-11 22:22:17 +01:00
Fabrice Fontaine
428a5029c7 package/cracklib: bump to version 2.9.7
- Remove first two patches (already in version)
 - Add hash for license file

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-03-11 22:20:10 +01:00
Fabrice Fontaine
82adf608cd package/czmq: use --without-docs
Use --without-docs option instead of setting
ac_cv_prog_czmq_have_asciidoc=no

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-03-11 22:19:20 +01:00
Fabrice Fontaine
1427ec7f4e package/czmq: remove uneeded werror patch
Remove patch and use --disable-Werror to disable -Werror

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-03-11 22:19:12 +01:00
Fabrice Fontaine
7144c81697 package/sqlcipher: fix static build
Fixes:
 - http://autobuild.buildroot.org/results/ebd8678a56a7dd8679fd4ec3ca1385c04866cc88

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-03-09 21:46:55 +01:00
Fabrice Fontaine
70e0b0565d package/ncmpc: requires gcc >= 6
Following reply from upstream on build failure with gcc 5
(https://github.com/MusicPlayerDaemon/ncmpc/pull/47), enforce gcc >= 6

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-03-09 21:46:08 +01:00
Fabrice Fontaine
4ca3f20347 Revert "package/ncmpc: fix build with gcc 5"
This reverts commit 56c476db99.

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-03-09 21:46:02 +01:00
Fabrice Fontaine
bd1ba229be package/cryptopp: don't build cryptest.exe
Replace install target by install-lib target to avoid building and
installing cryptest.exe

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-03-09 21:45:36 +01:00
Romain Naour
8f297cc033 package/tpm2-abrmd: rename libsapi to libtss2-sys in the help text
libsapi was renamed to libtss2-sys in tpm2-tss library:
5f0ab55d4e

Signed-off-by: Romain Naour <romain.naour@smile.fr>
Cc: Carlos Santos <casantos@datacom.com.br>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-03-09 15:36:22 +01:00
Romain Naour
fb9c137660 package/tpm2-tss: rename tpm2-tss libraries in the help text
Since tpm2-tss version 2.0.0, tpm2 libraries have been renamed.

libsapi renamed to libtss2-sys
5f0ab55d4e

libtcti-device renamed to libtss2-tcti-device
libtcti-socket renamed to libtss2-tcti-mssim
b8584accbd

Signed-off-by: Romain Naour <romain.naour@smile.fr>
Cc: Carlos Santos <casantos@datacom.com.br>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-03-09 15:36:11 +01:00
Fabrice Fontaine
9b2bf1b745 package/xen: fix build with gcc 8.1
Fixes:
 - http://autobuild.buildroot.org/results/df5abe6ca8b4c8935f3d5c257aef816190771200

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-03-09 15:13:19 +01:00
Fabrice Fontaine
50e1d12e07 package/gnuradio: add optional log4cpp dependency
Currently, logger component is enabled if log4cpp is found

Moreover, it should be noted that log4cpp is now mandatory in latest
upstream:
d242896120

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-03-09 15:07:09 +01:00
Fabrice Fontaine
3102d7d87c package/openldap: bump to version 2.4.47
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-03-09 15:01:16 +01:00
Fabrice Fontaine
c8c2954649 package/reaver: bump to version 1.6.5
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-03-09 15:00:29 +01:00
Fabrice Fontaine
bf57446a0b package/mongodb: needs host-python2
mongodb (like gnuradio) needs host-python2 however there is no way to
enforce this so add a dependency on !BR2_PACKAGE_PYTHON3.
Indeed, if BR2_PACKAGE_PYTHON3 is selected, then buildroot will only
build and install host-python-typing for host-python3.

This issue was not raised in the previous version of mongodb as
host-scons was the only dependency however we now have
host-python-typing and host-python-pyyaml dependencies and it
does not seem right to enforce python2 on those packages

Fixes:
 - http://autobuild.buildroot.org/results/693bdba2c01a1b69f56d6ee75094a6a0fc3f40b4

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[Thomas: propagate dependency to Config.in comment]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-03-09 14:57:11 +01:00
Fabrice Fontaine
56c476db99 package/ncmpc: fix build with gcc 5
Fixes:
 - http://autobuild.buildroot.org/results/655eb4905c6e308d34293658acee4fc4e1fe0bbc

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-03-09 14:51:46 +01:00
Fabrice Fontaine
2dbfe50f4f package/ncmpc: remove first patch
This patch has been rejected by upstream however the issue has been
fixed by a different approach since version 0.31 and
029523c8a2

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-03-09 14:49:20 +01:00
Fabrice Fontaine
24ff9d2c19 package/cryptopp: bump to version 8.1.0
- Remove patch (already in version)
- Add BSD-3-Clause (CRYPTOGAMS) and Public domain (ChaCha SSE2 and  AVX)
  to LICENSE, see:
  64a89bf352

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-03-09 14:30:10 +01:00
Fabrice Fontaine
0843cd1b46 package/sqlcipher: bump to version 4.0.1
Remove three patches (already in version)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-03-07 23:22:56 +01:00
Julien Olivain
332421c683 board/freescale/common/imx: fix imx8-bootloader-prepare for i.MX8M
The update of imx-mkimage in commit
c14d92d439

broke the imx8-bootloader-prepare.sh script for i.MX8M, used in
freescale_imx8mqevk_defconfig

The updated mkimage_fit_atf.sh script in imx-mkimage now needs
a ATF_LOAD_ADDR variable, which was set to 0x00910000 for i.MX8M.

Signed-off-by: Julien Olivain <juju@cotds.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-03-07 23:17:28 +01:00
Fabrice Fontaine
e68fdaf414 package/wireshark: fix build with uclibc
Fixes:
 - http://autobuild.buildroot.org/results/c41d42fe3489bc63c42e7ce7a9eccb1b4ca7b9b2

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-03-07 23:16:45 +01:00
Fabrice Fontaine
10a95d545a package/flashrom: add BR2_PACKAGE_FLASHROM_ARCH_SUPPORTS
Fixes:
 - http://autobuild.buildroot.org/results/22c72369cd5b7a8200bb03564bdc342ed026ccac
 - http://autobuild.buildroot.org/results/ef6869bc40382145fad1079b79107275c4973494
 - http://autobuild.buildroot.org/results/09d857102c469ede1db0bff8aa0dcd82a4001eaf

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[Thomas: change formatting of new option.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-03-07 23:15:34 +01:00
Fabrice Fontaine
57a7ed973a package/dmidecode: bump to version 3.2
Add hash for license file

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-03-07 23:13:18 +01:00
Fabrice Fontaine
d04b12d19e package/log4cplus: add optional qt5 dependency
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[Thomas: test BR2_PACKAGE_QT5BASE instead of BR2_PACKAGE_QT5, just for
consistency with the package we add to the DEPENDENCIES variable.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-03-07 23:10:56 +01:00
Sergio Prado
98bda7a194 package/stella: bump version to 6.0
- add hashes for license files
- remove patch with changes already upstream [1]

[1] 483013baa7

Signed-off-by: Sergio Prado <sergio.prado@e-labworks.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-03-07 23:00:32 +01:00
Fabrice Fontaine
7407ec0382 package/unixodbc: bump to version 2.3.7
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-03-07 22:59:34 +01:00
Fabrice Fontaine
140cfe30d2 package/ccid: bump to version 1.4.30
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-03-07 22:59:34 +01:00
Vadim Kochan
d12d3969d1 package/sunxi-tools: fix build meminfo with musl
musl does not provide inx/outx API for ARM arch, so use
io memory access via pointers which is actually done this
way in glibc/ulibc.

Fixes:
    http://autobuild.buildroot.net/results/bf10cbe40c0f672c34db72e4eea4c168d5932bd4/

Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-03-07 22:59:34 +01:00
Gaël PORTAY
2d7c746ed8 qt5webkit: select leveldb package and memenv
This patch fixes the build issue reported by autobuilder [0].

        /home/naourr/work/instance-2/output/build/qt5webkit-5.9.1/Source/WebCore//.obj/platform/leveldb/LevelDBDatabase.o: In function
	`WebCore::LevelDBDatabase::openInMemory(WebCore::LevelDBComparator const*)':
	LevelDBDatabase.cpp.text._ZN7WebCore15LevelDBDatabase12openInMemoryEPKNS_17LevelDBComparatorE+0x34): undefined reference to `leveldb::NewMemEnv(leveldb::Env*)'
        collect2: error: ld returned 1 exit status
        make[3]: *** [Makefile.api:97: ../lib/libQt5WebKit.so.5.9.1]
	Error 1

The issue happens when both packages leveldb and qt5webkit are enabled.

QtWebKit builds its own copy of leveldb [1] (as a third-party) if the
system does not provided it (i.e. buildroot). It builds it differently
and this is the origin of that issue. Instead of using the Makefile
provided by leveldb [2], QtWebKit uses qmake to build that library [3].

The missing symbol issue happens because the symbol leveldb::NewMemEnv
is bundled in the static library libmemenv.a (aside libleveldb.so).
This static library consists of this single symbol which is like an
extra that is built but *NOT* shipped by default at installation in the
staging directory. Unfortunatly, that symbol is required later by
WebCore [4].

The copy built by QtWebKit is an all-in-one library including both
libleveldb and libmemenv; thus QtWebKit links against libleveldb only.
Also, the linker finds the buildroot's copy first (not the third-party):
that explains why it is complaining about a missing symbol. That copy
does not have the symbol leveldb::NewMemEnv.

Fortunatly, QtWebKit provides a facility to link against the system
leveldb package. The qmake flag WEBKIT_CONFIG+=use_system_leveldb tells
Qt5WebKit to link against libleveldb *AND* libmemenv [5].

To fix that issue, this commit selects the package leveldb that now
installs the libmemenv static library and its header. It ensures that
QtWebKit has everything it needs to be built. It also sets the
appropriate qmake configure flags to tell QtWebKit to use the leveldb
copy built by buildroot instead of the bundled one.

[0]: http://autobuild.buildroot.net/results/46033e82adf592c3b92c6d50cfaf45bd58beeaa4
[1]: https://github.com/qt/qtwebkit/tree/5.9/Source/ThirdParty/leveldb
[2]: https://github.com/qt/qtwebkit/blob/5.9/Source/ThirdParty/leveldb/Makefile#L167-L169
[3]: https://github.com/qt/qtwebkit/blob/5.9/Source/ThirdParty/leveldb/Target.pri#L80
[4]: https://github.com/qt/qtwebkit/blob/5.9/Source/WebCore/platform/leveldb/LevelDBDatabase.cpp#L185
[5]: https://github.com/qt/qtwebkit/blob/5.9/Source/WebCore/WebCore.pri#L254
[6]: 739c25100e

Signed-off-by: Gaël PORTAY <gael.portay@collabora.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2019-03-07 22:45:49 +01:00
Gaël PORTAY
088f261dbb leveldb: generate pic for static libraries
The project's static libraries are not compiled with the -fPIC compiler
flag. This prevents dynamic libraries to link against those libraries.

This commit adds a patch that sets the -fPIC compiler flag to the list of
CFLAGS/CXXFLAGS.

The project now generates position independant code for all of its
outputs (i.e. not limited anymore to its shared libraries).

Fixes:

	/home/gportay/src/buildroot/output/host/opt/ext-toolchain/bin/../lib/gcc/x86_64-amd-linux-gnu/6.2.0/../../../../x86_64-amd-linux-gnu/bin/ld: /home/gportay/src/buildroot/output/host/x86_64-buildroot-linux-gnu/sysroot/usr/lib/libmemenv.a(memenv.o): relocation R_X86_64_32S against `.rodata' can not be used when making a shared object; recompile with -fPIC
	/home/gportay/src/buildroot/output/host/x86_64-buildroot-linux-gnu/sysroot/usr/lib/libmemenv.a: error adding symbols: Bad value
	collect2: error: ld returned 1 exit status

Signed-off-by: Gaël PORTAY <gael.portay@collabora.com>
[Arnout: renumber patch]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2019-03-07 22:45:49 +01:00
Gaël PORTAY
16f847340d leveldb: install memenv static library and header
The project builds a tiny static library that consists of a single
symbol which creates an in-memory LevelDB database.

That library is not installed by default and may be used by other
projects.

This commit installs in the staging directory the libmemenv.a static
library and the memenv.h header file.

Signed-off-by: Gaël PORTAY <gael.portay@collabora.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2019-03-07 22:45:48 +01:00
Fabrice Fontaine
c8421565b1 package/gst-plugins-bad: remove apexsink support
apexsink does not build with OpenSSL 1.1.x so remove this option
especially because there is no more apexsink option in gstreamer1 (since
version 1.12)

Fixes:
 - http://autobuild.buildroot.org/results/a29e8a8509190fc4b3c419dae2301cf72a601f62

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-03-07 22:32:18 +01:00
Etienne Carriere
aa02c6553c package/optee-*: packages depend on thread support
BR2_PACKAGE_OPTEE_CLIENT depends on BR2_TOOLCHAIN_HAS_THREADS.
Library teec uses pthread support to protect clients state management.

This change declares this dependency in package optee-client and
updates dependent packages accordingly: optee-benchmark, optee-client,
optee-examples and optee-test.

Fixes [1] and [2] where config selected an toolchain without thread
support and build failed with trace like:

  CMake Error at /home/buildroot/autobuild/run/instance-1/output/host/share/cmake-3.8/Modules/FindPackageHandleStandardArgs.cmake:137 (message):
    Could NOT find Threads (missing: Threads_FOUND)
  Call Stack (most recent call first):
    /home/buildroot/autobuild/run/instance-1/output/host/share/cmake-3.8/Modules/FindPackageHandleStandardArgs.cmake:377 (_FPHSA_FAILURE_MESSAGE)
    /home/buildroot/autobuild/run/instance-1/output/host/share/cmake-3.8/Modules/FindThreads.cmake:212 (FIND_PACKAGE_HANDLE_STANDARD_ARGS)
    libteec/CMakeLists.txt:8 (find_package)

[1] http://autobuild.buildroot.net/results/ed6ffe2197da4f3a970bd3c5522291236396cc8e
[2] http://autobuild.buildroot.net/results/406f90048db097580b626ef889823132f8676ba1

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
[Thomas: fix dependencies of Config.in comment, as noticed by Baruch.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-03-07 22:30:59 +01:00
Abdelmalek Benelouezzane
498dff7ea1 package/vsftpd: add patch to fix hang
This fixes a hang due to SIGCHLD not being handled correctly by
vsftpd. The patch comes from fedora and didn't make its way to
upstream yet.

More information about the bug can be found in:
 - https://bugzilla.redhat.com/show_bug.cgi?id=1198259

Signed-off-by: Abdelmalek Benelouezzane <abdelmalek.benelouezzane@savoirfairelinux.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-03-07 22:22:53 +01:00
Fabrice Fontaine
1de1fcb4d8 package/wireshark: security bump to version 2.6.7
Fixes CVE-2019-9208, CVE-2019-9209 and CVE-2019-9214

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-03-07 22:12:34 +01:00
Fabrice Fontaine
ec9b3aec53 package/gst-plugins-bad: allow static build of zbar plugin
zbar can be built statically since commit
fc4a6abfa6 so remove the dynamic library
dependency from BR2_PACKAGE_GST_PLUGINS_BAD_ZBAR

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-03-07 22:10:39 +01:00
Jared Bents
a49e8f34ff package/busybox: udhcp CVE-2019-5747 patch
Patch to resolve CVE-2019-5747 which affects versions prior
to 1.30.0

More information can be found at:
https://nvd.nist.gov/vuln/detail/CVE-2019-5747

This applies to both master and 2019.02

Signed-off-by: Jared Bents <jared.bents@rockwellcollins.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-03-07 22:09:42 +01:00
Jared Bents
d65d1d066b package/busybox: udhcp CVE-2018-20679 patch
Patch to resolve CVE-2018-20679 which affects versions prior
to 1.30.0

More information can be found at:
https://nvd.nist.gov/vuln/detail/CVE-2018-20679

This applies to both master and 2019.02

Signed-off-by: Jared Bents <jared.bents@rockwellcollins.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-03-07 22:06:58 +01:00
Bernd Kuhls
7cb7e663a8 package/dovecot-pigeonhole: bump version to 0.5.5
Release notes:
https://www.dovecot.org/list/dovecot-news/2019-March/000400.html

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-03-07 22:01:56 +01:00
Bernd Kuhls
b404245d6f package/dovecot: bump version to 2.3.5
Release notes:
https://www.dovecot.org/list/dovecot-news/2019-March/000399.html

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-03-07 22:01:49 +01:00