Commit Graph

66257 Commits

Author SHA1 Message Date
Danilo Bargen
22bdfbdfc7 package/tealdeer: exclude unsupported targets
Not all target architectures are supported by the "ring" dependency:
  - mips:    https://github.com/briansmith/ring/issues/562
  - PowerPC: https://github.com/briansmith/ring/issues/389
  - Sparc:   https://github.com/briansmith/ring/issues/1512
  - s390x:   4d2e1a8fb8

Signed-off-by: Danilo Bargen <mail@dbrgn.ch>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2022-12-11 17:32:27 +01:00
Heiko Thiery
e7c20ad548 package/network-manager: bump to version 1.40.6
Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2022-12-11 17:27:53 +01:00
Giulio Benetti
3fbb447cde package/xr819-xradio: fix build failure with Linux 6.0
Bump to latest version to fix build failure with Linux 6.0.

Fixes:
http://autobuild.buildroot.net/results/434c1d2a5104090366519278314bf750324d3710/

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2022-12-11 17:24:26 +01:00
Bernd Kuhls
d5a0c2b779 package/x11r7/xdriver_xf86-video-voodoo: bump version to 1.2.6
https://lists.x.org/archives/xorg-announce/2022-December/003298.html

Added hash file, removed autoreconf.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2022-12-11 17:17:51 +01:00
Bernd Kuhls
8f79282503 package/x11r7/xdriver_xf86-video-vesa: bump version to 2.6.0
https://lists.x.org/archives/xorg-announce/2022-December/003297.html

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2022-12-11 17:17:48 +01:00
Bernd Kuhls
8e242cde92 package/x11r7/xdriver_xf86-video-ast: bump version to 1.1.6
https://lists.x.org/archives/xorg-announce/2022-December/003291.html

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2022-12-11 17:17:46 +01:00
Bernd Kuhls
7255c2b317 package/x11r7/xdriver_xf86-input-joystick: bump version to 1.6.4
https://lists.x.org/archives/xorg-announce/2022-December/003290.html

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2022-12-11 17:17:44 +01:00
Heiko Thiery
d23d6fde81 package/pkg-meson.mk: add 'setup' as meson command in config step
When building/configure meson packages the following warning is
displayed:
    WARNING: Running the setup command as meson [options] instead
    of meson setup [options] is ambiguous and deprecated.

This warning was introduced in meson release 0.64.0 [0], which we are
using since commit 9afa3e3c7d (package/meson: bump to version 0.64.0),
and is dpcumented in the manual [1].

Follow the advise and the manual, and add the 'setup' argument as the
meson command.

[0] 3c7ab542c0
[1] https://mesonbuild.com/Commands.html#setup

Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2022-12-11 16:38:34 +01:00
Yann E. MORIN
071fdbf963 package/opensc: propagate dependencies from pcsc-lite
Commit d590003e31 (package/pcsc-lite: needs gcc >= 4.9) propagated
that new dependency to a bunch of packages that select pcsc-lite.

Then commit 8aaa7ecbce (package/opensc: new package) introduced
opensc, which selects pcsc-lite. However, the package was submitted
before the dependency to gcc 4.8+ was added to pcsc-lite, and that was
missed during the review.

Add it now.

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2022-12-11 15:59:24 +01:00
Yann E. MORIN
28f31d4694 package/optee-client: fix util-linux dependency
When applying 917a961d9c (package/optee-client: bump to version
3.19.0), a last-minute change was made in Config.in to change the
dependency to util-linux instead of util-linux-libs, but the
counterpart to that change in the .mk was omitted.

Fix that now.

Reported-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2022-12-11 14:49:49 +01:00
Heiko Thiery
eea24067ad package/libqmi: bump version to 1.32.2
Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2022-12-11 14:43:11 +01:00
Heiko Thiery
57bea338e9 package/libmbim: bump version to 1.28.2
Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2022-12-11 14:43:06 +01:00
Michael Nosthoff
b5dc226a41 package/json-for-modern-cpp: bump to version 3.11.2
Signed-off-by: Michael Nosthoff <buildroot@heine.tech>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2022-12-11 14:43:01 +01:00
Thomas Petazzoni
65e0351adc package/swupdate: indent with tabs
Commit eb2f2886b2 ("package/swupdate:
add staging install") has introduced some commands indented with
spaces, which check-package doesn't like.

Fix that by using tabs instead, and while we're at it, wrap the line
that is a bit too long.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2022-12-11 14:42:01 +01:00
Fabrice Fontaine
de7850f946 package/fail2ban: bump to version 1.0.2
https://github.com/fail2ban/fail2ban/blob/1.0.2/ChangeLog

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2022-12-11 14:33:25 +01:00
Fabrice Fontaine
3046605251 package/utf8proc: bump to version 2.8.0
https://github.com/JuliaStrings/utf8proc/blob/v2.8.0/NEWS.md

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2022-12-11 14:33:22 +01:00
Christian Stewart
155d3ac6e5 package/batman-adv: bump to version 2022.3
Bug fixes and code cleanups.

https://www.open-mesh.org/news/110

Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2022-12-11 14:33:18 +01:00
Christian Stewart
c833234cb4 package/docker-cli: security bump to version 20.10.21
Partial mitigations for CVE-2022-39253 Git vulnerability and other fixes:

https://github.com/moby/moby/releases/tag/v20.10.21

Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2022-12-11 14:33:14 +01:00
Christian Stewart
309bc5d2d4 package/docker-engine: security bump to version 20.10.21
Partial mitigations for CVE-2022-39253 Git vulnerability and other fixes:

https://github.com/moby/moby/releases/tag/v20.10.21

Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2022-12-11 14:33:11 +01:00
Fabrice Fontaine
fc47afdc57 package/pugixml: bump to version 1.13
https://pugixml.org/docs/manual.html#v1.13

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2022-12-11 14:33:08 +01:00
Christian Stewart
4634a22cf7 package/containerd: security bump to version 1.6.12
CVE-2022-23471: https://github.com/advisories/GHSA-2qjp-425j-52j9

and other bugfixes, see:

https://github.com/containerd/containerd/releases/tag/v1.6.12

Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2022-12-11 14:33:05 +01:00
Fabrice Fontaine
3324161873 package/psmisc: bump to version 23.5
https://gitlab.com/psmisc/psmisc/-/blob/v23.5/ChangeLog

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2022-12-11 14:33:01 +01:00
Fabrice Fontaine
84463af7c4 package/ipset: bump to version 7.16
https://ipset.netfilter.org/changelog.html

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2022-12-11 14:32:57 +01:00
Fabrice Fontaine
3f8dacd79b package/hans: bump to version 1.1
https://github.com/friedrich/hans/blob/v1.1/CHANGES

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2022-12-11 14:32:54 +01:00
Andrey Grafin
eb2f2886b2 package/swupdate: add staging install
SWupdate provides API for external programs, so some headers and
libraries must be install to staging.

This patch installs headers and libs to STAGING_DIR, to prevent a
header name collision a subdirectory /usr/include/swupdate creates.

Signed-off-by: Andrey Grafin <conquistador@yandex-team.ru>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2022-12-11 14:23:30 +01:00
Fabrice Fontaine
ef13132fd3 package/dehydrated: bump to version 0.7.1
Update hash of LICENSE (update in year:
dd0bbd2405)

https://github.com/dehydrated-io/dehydrated/releases/tag/v0.7.1

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2022-12-11 14:22:42 +01:00
Fabrice Fontaine
2d94e7a621 package/lttng-tools: bump to version 2.13.8
This bump will fix the following build failure without NPTL thanks to
27f2b8400c
which is raised since bump to version 2.13.2 in commit
8e5f2d0f8e and
014d7d3b5e:

In file included from thread.c:10:
../../src/common/compat/pthread.h: In function 'lttng_pthread_setname_np':
../../src/common/compat/pthread.h:63:27: error: 'LTTNG_UST_ABI_PROCNAME_LEN' undeclared (first use in this function)
   63 |         if (strnlen(name, LTTNG_UST_ABI_PROCNAME_LEN) >= LTTNG_UST_ABI_PROCNAME_LEN) {
      |                           ^~~~~~~~~~~~~~~~~~~~~~~~~~

https://github.com/lttng/lttng-tools/blob/v2.13.8/ChangeLog

Fixes:
 - http://autobuild.buildroot.org/results/bbc8d6621822bb5da7513331e69799ca25a03f66

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2022-12-11 14:22:13 +01:00
Fabrice Fontaine
040ab175df package/capnproto: security bump to version 0.9.2
Fix CVE-2022-46149: Cap'n Proto is a data interchange format and remote
procedure call (RPC) system. Cap'n Proro prior to versions 0.7.1, 0.8.1,
0.9.2, and 0.10.3, as well as versions of Cap'n Proto's Rust
implementation prior to 0.13.7, 0.14.11, and 0.15.2 are vulnerable to
out-of-bounds read due to logic error handling list-of-list. This issue
may lead someone to remotely segfault a peer by sending it a malicious
message, if the victim performs certain actions on a list-of-pointer
type. Exfiltration of memory is possible if the victim performs
additional certain actions on a list-of-pointer type. To be vulnerable,
an application must perform a specific sequence of actions, described in
the GitHub Security Advisory. The bug is present in inlined code,
therefore the fix will require rebuilding dependent applications. Cap'n
Proto has C++ fixes available in versions 0.7.1, 0.8.1, 0.9.2, and
0.10.3.

https://github.com/capnproto/capnproto/security/advisories/GHSA-qqff-4vw4-f6hx
https://dwrensha.github.io/capnproto-rust/2022/11/30/out_of_bounds_memory_access_bug.html

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2022-12-11 14:21:44 +01:00
Peter Korsgaard
66f3cc0b96 package/x11r7/xserver_xorg-server: add upstream security fixes for CVE-2022-355{0, 1}
Fixes the following security issues:

- CVE-2022-3550: A vulnerability classified as critical was found in X.org
  Server.  Affected by this vulnerability is the function _GetCountedString
  of the file xkb/xkb.c.  The manipulation leads to buffer overflow.  It is
  recommended to apply a patch to fix this issue.  The associated identifier
  of this vulnerability is VDB-211051.

- CVE-2022-3551: A vulnerability, which was classified as problematic, has
  been found in X.org Server.  Affected by this issue is the function
  ProcXkbGetKbdByName of the file xkb/xkb.c.  The manipulation leads to
  memory leak.  It is recommended to apply a patch to fix this issue.  The
  identifier of this vulnerability is VDB-211052.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2022-12-11 14:17:24 +01:00
Peter Korsgaard
c34e0b1cd5 package/asterisk: security bump to version 16.29.1
Fixes the following security issues:

- CVE-2022-37325: A zero length Called or Calling Party Number can cause a
  buffer under-run and Asterisk crash.

  https://downloads.asterisk.org/pub/security/AST-2022-007.html

- CVE-2022-42705: Use after free in res_pjsip_pubsub.c may allow a remote
  authenticated attacker to crash Asterisk (denial of service) by performing
  activity on a subscription via a reliable transport at the same time
  Asterisk is also performing activty on that subscription.

  https://downloads.asterisk.org/pub/security/AST-2022-008.html

- CVE-2022-42706: AMI Users with “config” permissions may read files outside
  of Asterisk directory via GetConfig AMI Action even if “live_dangerously"
  is set to "no"

  https://downloads.asterisk.org/pub/security/AST-2022-009.html

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2022-12-11 14:16:27 +01:00
Fabrice Fontaine
63b540638c package/exempi: bump to version 2.6.3
Samples can be disabled since version 2.6.2 and
a8db9f4e7e

This bump will fix the following build failure on arm with gcc 10 raised
since bump to version 2.6.0 in commit
55f1d0a359 and
0872e35a30
0872e35a30
thanks to
f26d77ba26:

/home/giuliobenetti/autobuild/run/instance-3/output-1/host/lib/gcc/arm-buildroot-linux-uclibcgnueabi/10.3.0/../../../../arm-buildroot-linux-uclibcgnueabi/bin/ld: ../../XMPFiles/source/.libs/libXMPFiles.a(XMPFiles_Impl.o):(.rodata+0x5c): multiple definition of `typeinfo name for TXMPMeta<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > >'; XMPFilesCoverage.o:(.rodata+0x0): first defined here

https://gitlab.freedesktop.org/libopenraw/exempi/-/blob/2.6.3/NEWS

Fixes:
 - http://autobuild.buildroot.org/results/c440719de02a154c6bdae11bda06ea30c131c71d

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2022-12-11 14:15:56 +01:00
Fabrice Fontaine
f39ac8336e package/neon: bump to version 0.32.4
https://github.com/notroj/neon/blob/0.32.4/NEWS

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2022-12-11 14:09:51 +01:00
Fabrice Fontaine
953e288973 package/freeradius-server: disable with libressl
Building with libressl results in the following build failure since the
addition of the package in commit
736c4c1655:

src/modules/rlm_eap/types/rlm_eap_fast/rlm_eap_fast.c: In function '_session_secret':
src/modules/rlm_eap/types/rlm_eap_fast/rlm_eap_fast.c:228:47: error: invalid use of incomplete typedef 'SSL' {aka 'struct ssl_st'}
  228 |         eap_fast_session_ticket(tls_session, s->s3->client_random, s->s3->server_random, secret, secret_len);
      |                                               ^~

Disable building with libressl following upstream feedback:
https://github.com/FreeRADIUS/freeradius-server/pull/4689

Fixes:
 - http://autobuild.buildroot.org/results/c8df444f4c39f83e254dbb642a5852a1c956f7bb

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2022-12-11 14:09:18 +01:00
Julien Olivain
6ad775fc81 support/testing/tests/package/test_ncdu.py: new runtime test
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2022-12-11 11:50:15 +01:00
Julien Olivain
94170d3ecb package/ncdu: bump to version 1.18
For change log since 1.17, see:
- https://dev.yorhel.nl/ncdu/changes

This commit also adds md5 and sha1 hashes published on the web site.

Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2022-12-11 11:50:05 +01:00
Francois Perrad
c5a009920f package/autoconf-archive: bump to version 2022.09.03
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2022-12-11 11:45:59 +01:00
Francois Perrad
260924e239 package/swig: bump to version 4.1.1
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2022-12-11 11:42:38 +01:00
Francois Perrad
20f7ed86aa package/ruby: security bump to version 3.1.3
fix CVE-2021-33621: HTTP response splitting in CGI

see https://www.ruby-lang.org/en/news/2022/11/24/ruby-3-1-3-released/

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2022-12-11 11:41:52 +01:00
James Hilliard
67895bf33c package/pipewire: bump to version 0.3.62
Add support for new optional gsettings meson config option.

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2022-12-11 11:41:09 +01:00
Christian Stewart
717cf468c4 package/nerdctl: bump to version 1.0.0
Nerdctl has reached version 1.0.0.

https://github.com/containerd/nerdctl/releases/tag/v1.0.0

Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2022-12-11 11:39:48 +01:00
Christian Stewart
271ad374ce package/mosh: bump to version 1.4.0
Many new features & bugfixes.

https://github.com/mobile-shell/mosh/releases

Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2022-12-11 11:39:10 +01:00
Christian Stewart
b69acab54b package/moby-buildkit: security bump to version 0.10.6
CVE-2022-39253: git vulnerability mitigation.

... and other bugfixes.

https://github.com/moby/buildkit/releases/tag/v0.10.6

Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2022-12-11 11:38:53 +01:00
Christian Stewart
e744cc2490 package/gocryptfs: bump to version 2.3
Rebase the patch for riscv compatibility as well.

"go mod tidy" insists on updating x/sys so pin it to the version from upstream
release v2.3 using a replace statement.

https://github.com/rfjakob/gocryptfs/releases/tag/v2.3

Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2022-12-11 11:38:19 +01:00
Christian Stewart
498b9c2942 package/fuse-overlayfs: bump to version 1.10
Contains various bugfixes.

https://github.com/containers/fuse-overlayfs/releases/tag/v1.10

Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2022-12-11 11:36:43 +01:00
Christian Stewart
1576b09b5c package/docker-compose: bump to version 2.14.0
https://github.com/docker/compose/releases/tag/v2.14.0

Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2022-12-11 11:35:52 +01:00
Fabrice Fontaine
994113674a package/usbutils: bump to version 015
https://github.com/gregkh/usbutils/blob/v015/NEWS

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2022-12-11 11:34:10 +01:00
Christian Stewart
a49ab07e76 package/delve: bump to version 1.20.0
https://github.com/go-delve/delve/blob/master/CHANGELOG.md#1200-2022-12-07
https://github.com/go-delve/delve/releases/tag/v1.20.0

Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2022-12-11 11:33:41 +01:00
Christian Stewart
6987b92da5 package/crun: bump to version 1.7.2
Bugfixes:

https://github.com/containers/crun/releases/tag/1.7.2

Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2022-12-11 11:33:41 +01:00
Bernd Kuhls
5449ea7d20 package/linux-headers: drop 5.19.x option
The 5.19.x series is now EOL upstream, so drop the linux-headers option and
add legacy handling for it.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2022-12-11 11:32:26 +01:00
Bernd Kuhls
6936ec7ec6 {linux, linux-headers}: bump 4.{9, 14, 19}.x / 5.{4, 10, 15}.x / 6.0.x series
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2022-12-11 11:32:26 +01:00