Matt Weber
2680b7dfea
package/pkgconf: add _CPE_ID_VENDOR
...
cpe:2.3🅰️ pkgconf:pkgconf:* is a valid CPE identifier for this package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe:2.3🅰️ pkgconf:pkgconf
Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-04-20 23:23:13 +02:00
Matt Weber
cdfb226090
package/parted: add _CPE_ID_VENDOR
...
cpe:2.3🅰️ parted_project:parted:* is a valid CPE identifier for this package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe:2.3🅰️ parted_project:parted
Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-04-20 23:23:13 +02:00
Matt Weber
444d71e123
package/openresolv: add _CPE_ID_VENDOR
...
cpe:2.3🅰️ openresolv_project:openresolv:* is a valid CPE identifier for this package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe:2.3🅰️ openresolv_project:openresolv
Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-04-20 23:23:13 +02:00
Matt Weber
c15daccf1e
package/make: add _CPE_ID_VENDOR
...
cpe:2.3🅰️ gnu:make:* is a valid CPE identifier for this package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe:2.3🅰️ gnu:make
Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
[yann.morin.1998@free.fr: move up, right after license]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-04-20 23:23:13 +02:00
Matt Weber
56d54119b1
package/libnl: add _CPE_ID_VENDOR
...
cpe:2.3🅰️ libnl_project:libnl:* is a valid CPE identifier for this package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe:2.3🅰️ libnl_project:libnl
Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
[yann.morin.1998@free.fr: move up, right after license]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-04-20 23:22:30 +02:00
Matt Weber
4baccb9c5b
package/libdaemon: add _CPE_ID_VENDOR
...
cpe:2.3🅰️ libdaemon_project:libdaemon:* is a valid CPE identifier for this package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe:2.3🅰️ libdaemon_project:libdaemon
Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
[yann.morin.1998@free.fr: move up, right after license]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-04-20 23:22:29 +02:00
Matt Weber
74637c6e6f
package/libcap: add _CPE_ID_VENDOR
...
cpe:2.3🅰️ libcap_project:libcap:* is a valid CPE identifier for this package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe:2.3🅰️ libcap_project:libcap
Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-04-20 23:22:29 +02:00
Matt Weber
c24fc9042a
package/json-for-modern-cpp: add _CPE_ID_VENDOR
...
cpe:2.3🅰️ json-for-modern-cpp_project:json-for-modern-cpp:* is a valid CPE identifier for this package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe:2.3🅰️ json-for-modern-cpp_project:json-for-modern-cpp
Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
[yann.morin.1998@free.fr:move up, right after license]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-04-20 23:22:29 +02:00
Matt Weber
5ba5e631fa
package/iputils: add _CPE_ID_VENDOR
...
cpe:2.3🅰️ iputils_project:iputils:* is a valid CPE identifier for this package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe:2.3🅰️ iputils_project:iputils
Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-04-20 23:22:29 +02:00
Matt Weber
9cf7caa186
package/iproute2: add _CPE_ID_VENDOR
...
cpe:2.3🅰️ iproute2_project:iproute2:* is a valid CPE identifier for this package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe:2.3🅰️ iproute2_project:iproute2
Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-04-20 23:22:29 +02:00
Matt Weber
3712e1dee7
package/gperf: add _CPE_ID_VENDOR and _CPE_ID_PRODUCT
...
cpe:2.3🅰️ gperftools_project:gperftools:* is a valid CPE identifier for this package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe:2.3🅰️ gperftools_project:gperftools
Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-04-20 23:22:29 +02:00
Matt Weber
12bd427340
package/cmake: add _CPE_ID_VENDOR
...
cpe:2.3🅰️ cmake_project:cmake:* is a valid CPE identifier for this package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe:2.3🅰️ cmake_project:cmake
Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-04-20 23:22:29 +02:00
Matt Weber
ad9f909ea6
package/cgroupfs-mount: add _CPE_ID_VENDOR
...
cpe:2.3🅰️ cgroupfs-mount_project:cgroupfs-mount:* is a valid CPE identifier for this package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe:2.3🅰️ cgroupfs-mount_project:cgroupfs-mount
Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-04-20 23:22:29 +02:00
Matt Weber
fc6a829abe
package/c-periphery: add _CPE_ID_VENDOR
...
cpe:2.3🅰️ c-periphery_project:c-periphery:* is a valid CPE identifier for this package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe:2.3🅰️ c-periphery_project:c-periphery
Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-04-20 23:22:29 +02:00
Matt Weber
2de8724d54
package/automake: add _CPE_ID_VENDOR
...
cpe:2.3🅰️ gnu:automake:* is a valid CPE identifier for this package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Agnu%3Aautomake
Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-04-20 23:22:29 +02:00
Maxim Kochetkov
990b14768c
package/timescaledb: bump version to 2.1.1
...
Release notes: https://github.com/timescale/timescaledb/releases/tag/2.1.1
Signed-off-by: Maxim Kochetkov <fido_max@inbox.ru>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-04-20 23:13:34 +02:00
Thomas Petazzoni
3887e8c095
boot/at91bootstrap: add legal information
...
The old at91bootstrap version (1.x) uses a strange variant of the BSD
license, called "BSD Source Code Attribution" and referenced by SPDX
as BSD-Source-Code.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-04-20 23:00:55 +02:00
Grzegorz Blach
85d912cb9d
package/python-falcon: bump to version 3.0.0
...
Depends on BR2_PACKAGE_PYTHON3
The hash of the license file has changed because a short license file
was replaced by the complete text of the Apache 2.0 license. The
license itself remains the same.
Signed-off-by: Grzegorz Blach <grzegorz@blach.pl>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-04-20 22:47:42 +02:00
Peter Seiderer
99362e8d17
package/gstreamer1/gst1-interpipe: bump version to 1.1.4
...
Changelog:
- fix for memory leak in set of listen-to property
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-04-20 22:19:58 +02:00
Fabrice Fontaine
e55af2ff9e
package/exfatprogs: bump to version 1.1.0
...
https://github.com/exfatprogs/exfatprogs/releases/tag/1.1.0
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-04-20 22:18:54 +02:00
Fabrice Fontaine
a4c38ae470
package/uboot-tools: security bump to version 2021.04
...
- Fix CVE-2021-27097: The boot loader in Das U-Boot before 2021.04-rc2
mishandles a modified FIT.
- Fix CVE-2021-27138: The boot loader in Das U-Boot before 2021.04-rc2
mishandles use of unit addresses in a FIT.
- Update second patch
- Drop fourth patch (already in version)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-04-20 22:18:38 +02:00
Fabrice Fontaine
ed653df573
package/nettle: security bump to version 3.7.2
...
Fix CVE-2021-20305: A flaw was found in Nettle in versions before 3.7.2,
where several Nettle signature verification functions (GOST DSA, EDDSA &
ECDSA) result in the Elliptic Curve Cryptography point (ECC) multiply
function being called with out-of-range scalers, possibly resulting in
incorrect results. This flaw allows an attacker to force an invalid
signature, causing an assertion failure or possible validation. The
highest threat to this vulnerability is to confidentiality, integrity,
as well as system availability.
https://git.lysator.liu.se/nettle/nettle/-/blob/nettle_3.7.2_release_20210321/NEWS
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-04-20 22:18:20 +02:00
Fabio Estevam
769d053f65
configs/imx6-sabresd: bump U-Boot and kernel versions
...
Bump to U-Boot 2021.04 and kernel 5.10.25 versions.
Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-04-20 21:33:31 +02:00
Fabio Estevam
bd62da59b9
boot/uboot: bump to version 2021.04
...
Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-04-20 21:31:49 +02:00
Fabrice Fontaine
34764dcfac
package/python-botocore: drop docutils dependency
...
docutils is not a dependency since version 1.18.0 and
dd24dd1b2e
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-04-20 21:29:41 +02:00
Fabrice Fontaine
32c10f256b
package/fmt: add FMT_CPE_ID_VENDOR
...
cpe:2.3🅰️ fmt:fmt is a valid CPE identifier for this package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Afmt%3Afmt
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-04-20 21:24:58 +02:00
Alexander Egorenkov
55a7382564
package/multipath-tools: bump to version 0.8.6
...
https://github.com/opensvc/multipath-tools/releases/tag/0.8.6
Signed-off-by: Alexander Egorenkov <egorenar-dev@posteo.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-04-19 23:45:12 +02:00
Jörg Krause
40ebac416b
package/libnpupnp: bump to version 4.1.3
...
Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-04-19 23:45:06 +02:00
Jörg Krause
ec15f89be9
package/mpd: bump to version 0.22.6
...
Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-04-19 23:45:02 +02:00
Alexander Dahl
3ce7afbe50
package/dnsmasq: security bump to 2.85
...
CVE-2021-3448 applies. See announcement for details.
Link: https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2021q2/014962.html
Signed-off-by: Alexander Dahl <post@lespocky.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-04-19 23:29:48 +02:00
Ramon Fried
18c3d44a0a
package/bitwise: bump version to 0.42
...
Signed-off-by: Ramon Fried <rfried.dev@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-04-19 23:29:15 +02:00
Fabrice Fontaine
b27fca6482
package/yavta: disable -Werror
...
Fix build failure which is raised since bump to latest version in commit
87ba7be02f
Fixes:
- http://autobuild.buildroot.org/results/d5b4f69f46cef4dd11410fe48d21372cb883ae4a
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-04-19 23:28:25 +02:00
Michael Walle
bd82bedfd1
package/linux-serial-test: bump version
...
Give this package some love and update to the newest version. There are
no released versions, though. Therefore, use the latest commit.
Notable changes:
- RS485 support fixes and features
- internal loopback support
Signed-off-by: Michael Walle <michael@walle.cc>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-04-19 23:21:26 +02:00
Sam Voss
4732b78221
package/rsyslog: install default service file
...
As of v8.2008 rsyslog no longer provides a default service file, and now
suggests using the platform suggested defaults. For Buildroot, install
the Debian service file which has been added in the same version,
however is not included in the official release.
Upstream commit which adds this service file:
cfd07503ba
Signed-off-by: Sam Voss <sam.voss@rockwellcollins.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-04-19 23:21:04 +02:00
Jörg Krause
53f5dd3115
package/spdlog: bump to version 1.8.5
...
Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-04-19 22:54:46 +02:00
Jörg Krause
8974596836
package/gerbera: bump to version 1.8.0
...
Also recreate config.xml by building and running Gerbera using:
```
~/buildroot/output/target/usr/bin/gerbera --create-config > package/gerbera/config.xml
```
Note, that Gerbera sets the `<home>` parameter now to the runtime user's home by
default when generating the script. This is not appropriate when running Gerbera
on an embedded Linux system as we usually do not have multiple users or even
users at all. Therefore, we set the home directory to /var/lib/gerbera`.
As this directory is not created when installing Gerbera to the target,
it is created by the start script.
Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-04-19 22:54:27 +02:00
Francois Perrad
d72152ad8e
package/luarocks: improve detection of license files
...
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-04-19 22:51:43 +02:00
Francois Perrad
2ff52ae939
package/luarocks: bump to version 3.7.0
...
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-04-19 22:45:20 +02:00
Jörg Krause
718b6c224a
package/luv: bump to version 1.40.0-0
...
Also fix spacing to use 2 spaces in the hash file.
Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-04-19 22:45:06 +02:00
Maxim Kochetkov
75d1a5a046
DEVELOPERS: add Maxim Kochetkov for postgis
...
Signed-off-by: Maxim Kochetkov <fido_max@inbox.ru>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-04-19 22:44:11 +02:00
Fabrice Fontaine
4a48f2c180
package/oniguruma: bump to version 6.9.7.1
...
Update hash of COPYING (update in year:
56255e8b3e
)
https://github.com/kkos/oniguruma/blob/v6.9.7.1/HISTORY
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-04-19 22:35:43 +02:00
Giulio Benetti
59fedf02df
package/libnss: bump version to 3.64
...
Release Notes:
https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.64_release_notes
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-04-19 22:34:39 +02:00
Fabrice Fontaine
4b4d98e2c5
package/domoticz: drop boost date-time dependency
...
boost date-time is not a dependency since version 4.9700 and
a3eacbc987
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-04-19 22:33:55 +02:00
Fabrice Fontaine
8a46b41b4a
package/domoticz: drop first patch
...
Patch not needed since commit 37f197f863
which bumped host-cmake dependency from 3.10 to 3.15
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-04-19 22:33:34 +02:00
Michael Nosthoff
8d51ee7c79
package/libgpiod: bump to version 1.6.3
...
Signed-off-by: Michael Nosthoff <buildroot@heine.tech>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-04-19 22:26:46 +02:00
Bernd Kuhls
5dd2b7d774
package/meson: bump version to 0.57.2
...
Release notes: https://groups.google.com/g/mesonbuild/c/3YR_iOkh7co
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-04-19 22:26:28 +02:00
Michael Nosthoff
efd762feaa
package/grpc: bump to version 1.37.0
...
Signed-off-by: Michael Nosthoff <buildroot@heine.tech>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-04-19 22:26:25 +02:00
Bernd Kuhls
cffe295259
package/libcurl: bump version to 7.76.1
...
Bugfix release. For details, see the changelog:
https://curl.se/changes.html
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-04-19 22:23:55 +02:00
Fabrice Fontaine
5a9504831f
package/m4: fix build with glibc 2.34
...
m4 fails to build with glibc 2.34 because SIGSTKSZ is now a run-time
variable since
https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=6c57d320484988e87e446e2e60ce42816bf51d53
So backport an upstream patch from gnulib, see:
https://lists.gnu.org/archive/html/bug-m4/2021-03/msg00015.html
An other option would have been to apply patch from
https://lists.gnu.org/archive/html/bug-m4/2021-03/msg00024.html
but no feedback was received on this patch
Fixes:
- https://bugs.buildroot.org/show_bug.cgi?id=13721
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-04-19 22:18:27 +02:00
Thomas Petazzoni
d06bf96097
support/scripts/cve.py: use proper CPE ID version when available
...
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-04-18 18:20:27 +02:00