Bump this package to the latest release of the package written in C.
Version 3.x are written in Rust: https://pngquant.org/rust.html
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
BR2_riscv_custom should only contain the basic I extension. The A
extension should be optional and selected by board configs.
Signed-off-by: Bin Meng <bmeng@tinylab.org>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
BR2_RISCV_ISA_CUSTOM_RVA is currently not explicitly listed as it is
selected by BR2_riscv_custom. This looks confusing. Let's enable it.
Signed-off-by: Bin Meng <bmeng@tinylab.org>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
BR2_RISCV_ISA_CUSTOM_RVA is currently not explicitly listed as it is
selected by BR2_riscv_custom. This looks confusing. Let's enable it.
Signed-off-by: Bin Meng <bmeng@tinylab.org>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
With upstream commit ae2d9506a36c ("riscv: sifive: Rename fu540 board to unleashed")
in U-Boot v2021.07 release, the defconfig for SiFive Unleashed board
has been changed to sifive_unleashed_defconfig.
Also newer U-Boot has deprecated the usage of SPL_FIT_GENERATOR
to generate u-boot.itb hence there is no 'u-boot.itb' target in
the U-Boot Makefile anymore. Instead binman is used to assemble
the u-boot.itb image.
We will need to switch to BR2_TARGET_UBOOT_FORMAT_CUSTOM for
installing u-boot.itb.
Switch over to use the latest U-Boot v2023.04 release.
Signed-off-by: Bin Meng <bmeng@tinylab.org>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Since the rest of RISC-V boards have been switched to use OpenSBI
1.2, let's update hifive_unleashed to use OpenSBI 1.2 too.
Resolves: https://bugs.busybox.net/show_bug.cgi?id=15658
Signed-off-by: Bin Meng <bmeng@tinylab.org>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fixes the following security issues:
- CVE-2023-1916: A flaw was found in tiffcrop, a program distributed by the
libtiff package. A specially crafted tiff file can lead to an
out-of-bounds read in the extractImageSection function in
tools/tiffcrop.c, resulting in a denial of service and limited information
disclosure. This issue affects libtiff versions 4.x.
- CVE-2023-25434: libtiff 4.5.0 is vulnerable to Buffer Overflow via
extractContigSamplesBytes() at /libtiff/tools/tiffcrop.c:3215.
- CVE-2023-26965: loadImage() in tools/tiffcrop.c in LibTIFF through 4.5.0
has a heap-based use after free via a crafted TIFF image
Drop the now upstream
0001-tiffcrop-Correct-simple-copy-paste-error-Fix-488.patch.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
In commit 9d58b525fc the newline at the
end got accidentally removed. Commit
fd6b334269 re-added the newline, but
accidentally added an empty line as well. Remove the empty line.
Reported by check-package.
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
The alsa-utils will remove and create the /usr/share/alsa dir
as a whole and since the alsa plugins needs to add config into
this same directory it should come after those install steps.
Also, the bluez alsa needs the plugins installed to find them
during the configuration phases - so, interlock the plugins
when configured.
Signed-off-by: Charles Hardin <ckhardin@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
In commit 9d58b525fc the newline at the
end got accidentally removed. Re-add it.
Reported by check-package.
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
This version included the patches removed by this commit, no new CVEs
were fixed.
Release notes: https://librdf.org/raptor/RELEASE.html#rel2_0_16
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
libcgroup depends on fts API which is missing in musl and uClibc
and provided by musl-fts package.
This patch makes libcgroup dependent on musl-fts for
non-glibc configurations.
Signed-off-by: Oleg Lyovin <ovlevin@sberdevices.ru>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Fixes the following security issues:
- CVE-2023-34969: Fix an assertion failure in dbus-daemon when a privileged
Monitoring connection (dbus-monitor, busctl monitor, gdbus monitor or
similar) is active, and a message from the bus driver cannot be delivered
to a client connection due to <deny> rules or outgoing message quota.
This is a denial of service if triggered maliciously by a local attacker.
- Fix an incorrect assertion that could be used to crash dbus-daemon or
other users of DBusServer prior to authentication, if libdbus was compiled
with assertions enabled.
For details, see the NEWS file:
https://gitlab.freedesktop.org/dbus/dbus/blob/dbus-1.12/NEWS
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
async-timeout dependency was dropped upstream for Python 3.11 (see [1]).
[1] 1b5c9e1cb9
Signed-off-by: Marcin Niestroj <m.niestroj@grinn-global.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Right now there is a LICENSE file included in the package, so use it for
license validation.
Signed-off-by: Marcin Niestroj <m.niestroj@grinn-global.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
setup.cfg seems to be mandatory since (at least) setuptools 67.8.0
otherwise gpiozero dependencies are not properly detected
File "/builds/buildroot.org/buildroot/test-output/TestPythonPy3Gpiozero/host/lib/python3.11/site-packages/pkg_resources/__init__.py",
line 868, in _resolve_dist
raise DistributionNotFound(req, requirers)
pkg_resources.DistributionNotFound: The 'colorzero' distribution was not found and is required by the application
See:
http://lists.busybox.net/pipermail/buildroot/2023-June/669207.html
Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/4505977906
Signed-off-by: Romain Naour <romain.naour@smile.fr>
Cc: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Release notes:
https://lists.x.org/archives/xorg-announce/2023-June/003399.html
Updated license hash due to upstream commit which removed "All rights
reserved" from Oracle copyright notices:
9d77996f9f
Added XLIB_XTRANS_INSTALL_TARGET = NO, quoting release notes:
"xtrans is a library of code that is shared among various X packages to
handle network protocol transport in a modular fashion, allowing a single
place to add new transport types - but it is *not* a shared library, more
like a "header-only" library."
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>