Julien Olivain
7e02d2e762
package/fluidsynth: bump to version 2.2.0
...
For change log since v2.1.5, see:
- https://github.com/FluidSynth/fluidsynth/releases/tag/v2.1.6
- https://github.com/FluidSynth/fluidsynth/releases/tag/v2.1.7
- https://github.com/FluidSynth/fluidsynth/releases/tag/v2.1.8
- https://github.com/FluidSynth/fluidsynth/releases/tag/v2.2.0
./utils/test-pkg --package fluidsynth
6 builds, 2 skipped, 0 build failed, 0 legal-info failed
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-04-09 23:15:19 +02:00
Bernd Kuhls
d69f1f7b32
package/libdrm: bump version to 2.4.105
...
Removed patch 0001, committed upstream:
https://cgit.freedesktop.org/mesa/drm/commit/?id=52f05d3d896480ee5431dcd444f53bb2a8e41cce
Renumbered remaining patch.
Updated license hash due to upstream commits:
https://cgit.freedesktop.org/mesa/drm/log/xf86drm.c
Release notes:
https://lists.freedesktop.org/archives/dri-devel/2021-April/302515.html
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-04-09 23:12:27 +02:00
John Keeping
eb8824ddc0
package/kexec: bump to version 2.0.21
...
https://lists.infradead.org/pipermail/kexec/2020-December/021835.html
Both patches were backports and are included in the 2.0.21 release so
they are deleted.
Signed-off-by: John Keeping <john@metanate.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-04-09 23:09:47 +02:00
Bernd Kuhls
e243ec75f3
package/ffmpeg: bump version to 4.4
...
Remove wavpack-related patch and configure options due to upstream
removal of wavpack support:
http://git.videolan.org/?p=ffmpeg.git;a=commit;h=45070eec4c089b06947f07e25cdb1bc8b2102553
Changelog:
http://git.videolan.org/?p=ffmpeg.git;a=blob;f=Changelog;;hb=refs/heads/release/4.4
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-04-09 22:53:50 +02:00
Bernd Kuhls
25135631d2
package/kodi-pvr-iptvsimple: bump version to 7.6.1-Matrix
...
Changelog:
https://github.com/kodi-pvr/pvr.iptvsimple/blob/Matrix/pvr.iptvsimple/changelog.txt
Upstream added a dependency to xz:
8f19dac9a5
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-04-09 22:46:18 +02:00
Bernd Kuhls
a70e5a708f
package/kodi-inputstream-ffmpegdirect: bump version to 1.20.1-Matrix
...
Changelog:
https://github.com/xbmc/inputstream.ffmpegdirect/blob/Matrix/inputstream.ffmpegdirect/changelog.txt
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-04-09 22:45:55 +02:00
Francois Perrad
8b65b4d60d
configs/mx6cubox: bump Linux and U-Boot versions
...
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-04-09 21:22:40 +02:00
Fabrice Fontaine
b1ce058e45
package/attr: bump to version 2.5.1
...
Drop second patch (already in version)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-04-09 21:22:18 +02:00
Fabrice Fontaine
a28e511cd7
package/acl: bump to version 2.3.1
...
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-04-09 21:21:48 +02:00
Fabrice Fontaine
678edb144b
package/acl: add ACL_CPE_ID_VENDOR
...
cpe:2.3🅰️ acl_project:acl is a valid CPE identifier for this package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Aacl_project%3Aacl
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-04-09 21:21:02 +02:00
Fabrice Fontaine
1feedcd845
package/openldap: bump to version 2.4.58
...
Drop fifth patch (already in version)
https://git.openldap.org/openldap/openldap/-/blob/OPENLDAP_REL_ENG_2_4_58/CHANGES
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-04-09 21:20:13 +02:00
Fabrice Fontaine
5f2d38df4f
package/bridge-utils: bump to version 1.7.1
...
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-04-09 21:19:34 +02:00
Bernd Kuhls
ad259f06cc
package/x11r7/xlib_libXaw: bump version to 1.0.14
...
Release notes:
https://lists.x.org/archives/xorg-announce/2021-March/003077.html
Reformatted hashes.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-04-09 21:18:05 +02:00
Bernd Kuhls
248fdccce4
package/x11r7/xlib_libXres: bump version to 1.2.1
...
Release notes:
https://lists.x.org/archives/xorg-announce/2021-March/003078.html
Reformatted hashes.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-04-09 21:17:56 +02:00
Bernd Kuhls
cff9e4bab0
package/x11r7/xdriver_xf86-input-libinput: bump version to 1.0.0
...
Release notes:
https://lists.x.org/archives/xorg-announce/2021-April/003079.html
Updated license hash due to upstream commit:
https://cgit.freedesktop.org/xorg/driver/xf86-input-libinput/commit/?id=2bbc4727a12471e3699e2803404a013656066a94
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-04-09 21:17:44 +02:00
Fabrice Fontaine
aaa96d7887
package/python-markdown2: add PYTHON_MARKDOWN2_CPE_ID_VENDOR
...
cpe:2.3🅰️ python-markdown2_project:python-markdown2 is a valid CPE
identifier for this package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Apython-markdown2_project%3Apython-markdown2
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-04-09 21:15:56 +02:00
Francois Perrad
22bb5c4e63
package/quickjs: bump to version 2021-03-27
...
- remove patch (merged upstream)
- file LICENSE added
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-04-09 21:14:18 +02:00
Fabrice Fontaine
24e26793bc
package/network-manager-openvpn: bump to version 1.8.14
...
Update indentation in hash file (two spaces)
https://gitlab.gnome.org/GNOME/NetworkManager-openvpn/-/blob/1.8.14/NEWS
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-04-09 21:13:11 +02:00
Bernd Kuhls
15a2f9b819
package/{mesa3d, mesa3d-headers}: bump version to 21.0.2
...
Release notes:
21.0.0: https://lists.freedesktop.org/archives/mesa-announce/2021-March/000622.html
21.0.1: https://lists.freedesktop.org/archives/mesa-announce/2021-March/000624.html
21.0.2: https://lists.freedesktop.org/archives/mesa-announce/2021-April/000625.html
DRI swrast driver was removed:
https://cgit.freedesktop.org/mesa/mesa/commit/?h=21.0&id=435de835cd639d1b9bb96f81fc224771dc90af6d
OSMesa classic support was removed:
https://cgit.freedesktop.org/mesa/mesa/commit/?h=21.0&id=ee802372180a2b4460cc7abb53438e45c6b6f1e4
To avoid any conflict, and to show that the new OSMesa is Gallium-based,
we name the new option with a _GALLIUM suffix, even though this is now
the only OSMesa implementation left.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
[yann.morin.1998@free.fr:
- rename the new option s/$/_GALLIUM/
- don't drop the the old (pre-classic) legacy option
- slightly reword the OSMesa help entry
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-04-07 23:24:25 +02:00
Bernd Kuhls
acd317d907
package/tor: do not install systemd service file
...
Upstream removed the sample service file for use with systemd:
https://gitweb.torproject.org/tor.git/commit/contrib?h=maint-0.4.5&id=915af1a65bc217fa33490876199bb69f760bea23
Fixes:
http://autobuild.buildroot.net/results/b80/b807f19283528b9f0d0c46250b660ea84695679c/
http://autobuild.buildroot.net/results/de4/de4f1a99b1c524b81579ee804156e26d3f8babe7/
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-04-07 21:27:05 +02:00
Fabrice Fontaine
552ba842b7
package/iwd: bump to version 1.13
...
iwd fails to build since bump of ell to version 0.39 in commit
9988ca9ead
:
/home/buildroot/autobuild/run/instance-0/output-1/host/opt/ext-toolchain/bin/../lib/gcc/powerpc64-buildroot-linux-gnu/9.3.0/../../../../powerpc64-buildroot-linux-gnu/bin/ld: src/ie.o: in function `ie_parse_data_rates':
ie.c:(.text+0x23ac): undefined reference to `minsize'
This is fixed by
https://git.kernel.org/pub/scm/network/wireless/iwd.git/commit/?id=17cf4da72613e80d08d51401399d02683ba8664b
Use official iwd tarball which will contain ell/useful.h header
https://git.kernel.org/pub/scm/network/wireless/iwd.git/tree/ChangeLog?h=1.13
Fixes:
- http://autobuild.buildroot.org/results/44e243530cbcec1c88511bb22f5e8e4655c43824
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-04-07 21:23:02 +02:00
Dick Olsson
09d3f13053
package/s6-rc: bump to version 0.5.2.1
...
Update license hash due to year change.
http://skarnet.org/cgi-bin/archive.cgi?1:mss:1515:mhcdpginfgieagphalne
Signed-off-by: Dick Olsson <hi@senzilla.io>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-04-07 21:17:50 +02:00
Dick Olsson
e88edae046
package/s6-networking: bump to version 2.4.1.0
...
Update license hash due to year change.
http://skarnet.org/cgi-bin/archive.cgi?1:mss:1535:lpehbljhhcpaopbnkkbf
Signed-off-by: Dick Olsson <hi@senzilla.io>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-04-07 21:17:29 +02:00
Dick Olsson
b14b2844f7
package/s6-dns: bump to version 2.3.5.0
...
Update license hash due to year change.
Refer to the change set described for s6-networking in the announcement:
http://skarnet.org/cgi-bin/archive.cgi?1:mss:1535:lpehbljhhcpaopbnkkbf
Signed-off-by: Dick Olsson <hi@senzilla.io>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-04-07 21:16:20 +02:00
Dick Olsson
6d49b14165
package/s6-linux-utils: bump to version 2.5.1.4
...
Update license hash due to year change.
http://skarnet.org/cgi-bin/archive.cgi?1:mss:1515:mhcdpginfgieagphalne
Signed-off-by: Dick Olsson <hi@senzilla.io>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-04-07 21:15:15 +02:00
Dick Olsson
4376edb2d0
package/s6-portable-utils: bump to version 2.2.3.1
...
Update license hash due to year change.
http://skarnet.org/cgi-bin/archive.cgi?1:mss:1515:mhcdpginfgieagphalne
Signed-off-by: Dick Olsson <hi@senzilla.io>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-04-07 21:14:42 +02:00
Dick Olsson
7f552c710f
package/s6: bump to version 2.10.0.2
...
Update license hash due to year change.
http://skarnet.org/cgi-bin/archive.cgi?1:mss:1535:lpehbljhhcpaopbnkkbf
Signed-off-by: Dick Olsson <hi@senzilla.io>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-04-07 21:13:54 +02:00
Dick Olsson
86f7634baf
package/execline: Fix license hash after bump to version 2.8.0.0
...
Updated license hash due to year change.
Commit bf66772c9b
was accidentally based
on v1 of this patch.
Signed-off-by: Dick Olsson <hi@senzilla.io>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-04-07 21:13:03 +02:00
Dick Olsson
965bf9e0ca
package/skalibs: Fix license hash after bump to version 2.10.0.2
...
Updated license hash due to year change.
Commit 4d5587cb56
was accidentally based
on v1 of this patch.
Signed-off-by: Dick Olsson <hi@senzilla.io>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-04-07 21:11:26 +02:00
Peter Seiderer
097da083b1
package/valgrind: fix musl compile
...
The file musl.supp is missing from the download source package, add a
patch deviated from reduced upstream commit ([1]) re-adding the missing file.
Fixes:
- http://autobuild.buildroot.net/results/b106be44d6e7d82a4e3ad16c995366a46d39ee3c
make[1]: *** No rule to make target 'musl.supp', needed by 'default.supp'. Stop.
[1] https://sourceware.org/git/?p=valgrind.git;a=patch;h=f4d98ff79d5a79102b777ea7e23002d9f7326489
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-04-07 21:07:37 +02:00
Dick Olsson
39763ca74e
DEVELOPERS: Add Dick Olsson for all skarnet and s6 packages
...
Signed-off-by: Dick Olsson <hi@senzilla.io>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-04-07 20:46:30 +02:00
Bernd Kuhls
47b1bbd2f4
package/kodi-pvr-iptvsimple: bump version to 7.6.0-Matrix
...
Release notes:
https://github.com/kodi-pvr/pvr.iptvsimple/releases/tag/7.6.0-Matrix
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-04-07 20:43:30 +02:00
Peter Korsgaard
3eadd76740
package/avahi: ignore CVE-2021-26720
...
CVE-2021-26720 is an issue in avahi-daemon-check-dns.sh, which is part of
the Debian packaging and not part of upstream avahi - So ignore the CVE.
https://security-tracker.debian.org/tracker/CVE-2021-26720
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-04-07 20:41:14 +02:00
Dick Olsson
bf66772c9b
package/execline: bump to version 2.8.0.0
...
http://skarnet.org/cgi-bin/archive.cgi?1:mss:1535:lpehbljhhcpaopbnkkbf
Signed-off-by: Dick Olsson <hi@senzilla.io>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-04-07 20:41:09 +02:00
Dick Olsson
4d5587cb56
package/skalibs: bump to version 2.10.0.2
...
- Drop patch that has been included upstream
http://skarnet.org/cgi-bin/archive.cgi?1:mss:1535:lpehbljhhcpaopbnkkbf
Signed-off-by: Dick Olsson <hi@senzilla.io>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-04-07 20:41:09 +02:00
Peter Korsgaard
168bb8c336
docs/website: update for 2021.02.1
...
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-04-07 13:37:12 +02:00
Peter Korsgaard
a74cb089cb
Update for 2021.02.1
...
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit bb10b0dfe6
)
[Peter: drop Makefile change]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-04-07 13:34:27 +02:00
Peter Korsgaard
0918d2bf2d
package/nodejs: security bump to version 12.22.1
...
Fixes the following security issues:
CVE-2020-7774: npm upgrade to 6.14.12 - Update y18n to fix
Prototype-Pollution (High)
This is a vulnerability in the y18n npm module which may be exploited by
prototype pollution.
https://github.com/advisories/GHSA-c4w7-xm78-47vh
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-04-07 11:21:12 +02:00
Peter Korsgaard
cb5bfd63d9
package/python-django: security bump to version 3.0.14
...
Fixes the following security issue:
CVE-2021-28658: Potential directory-traversal via uploaded files
MultiPartParser allowed directory-traversal via uploaded files with suitably crafted file names.
Built-in upload handlers were not affected by this vulnerability.
For more details, see the announcement:
https://www.djangoproject.com/weblog/2021/apr/06/security-releases/
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-04-07 09:26:25 +02:00
Peter Korsgaard
0f4ec05ed0
package/busybox: add upstream gunzip security fix
...
Fixes the following security issue:
- CVE-2021-28831: decompress_gunzip.c in BusyBox through 1.32.1 mishandles
the error bit on the huft_build result pointer, with a resultant invalid
free or segmentation fault, via malformed gzip data.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-04-07 09:26:16 +02:00
Fabrice Fontaine
d043f5775a
package/check: bump to version 0.15.2
...
https://github.com/libcheck/check/releases/tag/0.15.2
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-04-06 22:35:36 +02:00
Fabrice Fontaine
049ae2d7a6
package/rabbitmq-c: bump to version 0.11.0
...
Update indentation in hash file (two spaces)
https://github.com/alanxz/rabbitmq-c/releases/tag/v0.11.0
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-04-06 22:32:36 +02:00
Fabrice Fontaine
c9d339c3d1
package/libupnp: security bump to version 1.14.5
...
Non-recursive version of ixmlNode_free() avoids stack overflow
attack. Fixes CVE-2021-28302.
Also a number of other bugfixes:
https://github.com/pupnp/pupnp/blob/release-1.14.5/ChangeLog
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-04-06 22:31:31 +02:00
Fabrice Fontaine
042c2ccde2
package/python-iptables: bump to version 1.0.0
...
- Drop patches (already in version)
- Update indentation in hash file (two spaces)
https://github.com/ldx/python-iptables/compare/v0.14.0...v1.0.0
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-04-06 22:28:19 +02:00
Fabrice Fontaine
7133276bdf
package/python-zope-interface: bump to version 5.3.0
...
- Update indentation in hash file (two spaces)
- Update URL in Config.in as current URL returns 404 Not Found
https://github.com/zopefoundation/zope.interface/blob/5.3.0/CHANGES.rst
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-04-06 22:27:42 +02:00
Fabrice Fontaine
1e44b1b838
package/python-websocket-client: bump to version 0.58
...
- Update hash of LICENSE (license switched back to LGPL-2.1+:
6eaed48d49
)
- Update indentation in hash file (two spaces)
https://github.com/websocket-client/websocket-client/blob/v0.58.0/ChangeLog
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-04-06 22:22:09 +02:00
Fabrice Fontaine
2f1cf2eb83
package/fail2ban: bump to version 0.11.2
...
https://github.com/fail2ban/fail2ban/blob/0.11.2/ChangeLog
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-04-06 22:21:44 +02:00
Tian Yuanhao
da80fd4156
package/wpa_supplicant: handle CONFIG_CTRL_IFACE carefully
...
When BR2_PACKAGE_WPA_SUPPLICANT_CTRL_IFACE is not set and
BR2_PACKAGE_WPA_SUPPLICANT_DBUS=y, CONFIG_CTRL_IFACE_DBUS_NEW will be
enabled by 's/^#\(CONFIG_CTRL_IFACE_DBUS_NEW\)/\1/' first, and then
disabled by 's/^\(CONFIG_CTRL_IFACE\)/#\1/'.
CONFIG_CTRL_IFACE_DBUS_NEW does not depend on CONFIG_CTRL_IFACE, except
for using it as a prefix. Fix this wrong behavior by adding '\>' after
CONFIG_CTRL_IFACE.
Signed-off-by: Tian Yuanhao <tianyuanhao@aliyun.com>
Tested-by: Nicolas Cavallari <nicolas.cavallari@green-communications.fr>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-04-06 22:06:00 +02:00
Francois Perrad
008bd0afef
configs/olimex_a20_olinuxino_lime*: bump Linux and U-Boot versions
...
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-04-06 13:20:07 +02:00
Titouan Christophe
c32bb6ce1b
package/mosquitto: security bump to v2.0.10
...
Versions 2.0.10 of Mosquitto has been released. This is a security and bugfix release.
CVE-xxxx-xxxx: If an authenticated client connected with MQTT v5 sent a malformed
CONNACK message to the broker a NULL pointer dereference occurred, most likely
resulting in a segfault. This will be updated with the CVE number when it is assigned.
Affects versions 2.0.0 to 2.0.9 inclusive.
See the announcement: https://mosquitto.org/blog/2021/04/version-2-0-10-released/
Signed-off-by: Titouan Christophe <titouanchristophe@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-04-06 13:19:55 +02:00