Commit Graph

56680 Commits

Author SHA1 Message Date
Guillaume W. Bres
4e827d930f package/libxcrypt: bump version to 4.4.18
Drop patch which has been merged into mainline.

LICENSING file identifies individual files in the tree, and some have
moved between 4.4.17 and 4.4.18 (upstream commit 3436c6a94b8d).

Fix two -spaces in hash file as well.

Signed-off-by: Guillaume W. Bres <guillaume.bressaix@gmail.com>
[yann.morin.1998@free.fr:
  - explain license hash change
  - two-spaces in hash file
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-02-26 23:05:01 +01:00
Guillaume W. Bres
8a854214bd package/libxcrypt: fix legal info
When the initial package has been submitted, the hashes for the
license files were computed against the files from the repository,
not the release tarball, but the files had changed in the repo
since the version was cut.

Fix that hash.

Fixes:
    http://autobuild.buildroot.net/results/206aac81799074ef45c0cc7b9979cbf02c3935d5
    http://autobuild.buildroot.net/results/8db5df1286673fdedb854bad2b9e5757d5218950

Signed-off-by: Guillaume W. Bres <guillaume.bressaix@gmail.com>
[yann.morin.1998@free.fr: expand commit log with root cause]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-02-26 22:44:21 +01:00
Markus Mayer
ba05d01476 package/readline: disable bracketed paste by default
As of readline 8.1, "bracketed paste" is enabled by default. However,
the feature causes control characters to appear in captured (telnet)
session output. This can throw off pattern matching if the output is to
be processed by scripts.

Let's keep the previous default of leaving this feature disabled and
provide a configuration option for users to enable it.

Signed-off-by: Markus Mayer <mmayer@broadcom.com>
[yann.morin.1998@free.fr:
  - explicit enable/disable
  - no indentation in conditional block
  - rewrap help text
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-02-26 22:42:56 +01:00
Romain Naour
8ef20378b7 package/qemu: disable tests
tests/fp/fp-bench.c use fenv.h that is not always provided
by the libc (uClibc).

To workaround this issue, add an new meson option to
disable tests while building Qemu.

Fixes:
http://autobuild.buildroot.net/results/53f5d8baa994d599b9da013ee643b82353366ec3/build-end.log

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-26 09:32:20 +01:00
Giulio Benetti
f50c212218 package/nfs-utils: bump version to 2.5.3
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Reviewed-by: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-26 08:48:19 +01:00
Antoine Tenart
d1d5c1c914 package/refpolicy: bump to 2.20210203
Changelog:
https://github.com/SELinuxProject/refpolicy/releases/tag/RELEASE_2_20210203

Signed-off-by: Antoine Tenart <atenart@kernel.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-26 08:47:43 +01:00
Fabrice Fontaine
6e9409ea3b package/botan: avoid empty -l
Add upstream patch to fix upstream commit
af63fe89228172e5a395f7e6491fae3bfa9da4b1 which was added to buildroot in
commit d71de4143d

Fixes:
 - http://autobuild.buildroot.org/results/801007860b7787b28b2b2e3611b59350034a3694

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-02-25 22:58:22 +01:00
Fabrice Fontaine
1b3c8ce97f package/libuwsc: disable example
BUILD_EXAMPLE=OFF is already passed by cmake-package

Fixes:
 - http://autobuild.buildroot.org/results/f5256d5a3a86112f008506f1910d0600c491a2a0

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-02-25 22:47:05 +01:00
Fabrice Fontaine
ceb2317a7a package/brltty: fix build with gcc < 5
Fix build of brltty in version 6.2 with gcc < 5

Fixes:
 - http://autobuild.buildroot.org/results/b758c6ffc7a14b24d5482e65ba6f90bc046ebd01

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[yann.morin.1998@free.fr: do an actual backport]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-02-25 22:38:16 +01:00
Fabrice Fontaine
c79f050de7 package/babeltrace2: link with libatomic if needed
Fix build of babeltrace2 in version 2.0.3 with Bootlin SPARC uclibc
toolchain added with commit 1348c569d0

Fixes:
 - http://autobuild.buildroot.org/results/31770bf70f9ce4e3be8fb310d084b214820c6829

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-02-25 22:27:20 +01:00
Bernd Kuhls
2a3cfb2381 package/ffmpeg: bump version to 4.3.2
Removed patch which was applied upstream.

Changelog:
http://git.videolan.org/?p=ffmpeg.git;a=blob;f=Changelog;h=28d79ea1aed0a59f43ee922f5b6efa82dc7e2b18;hb=refs/heads/release/4.3

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-25 22:26:40 +01:00
Fabrice Fontaine
51b5df23b2 package/elfutils: link with libatomic if needed
Fix build of elfutils 0.181 with Bootlin SPARC uclibc toolchain added
with commit 1348c569d0

Fixes:
 - http://autobuild.buildroot.org/results/31ce9e3861c6229a7869a15d322f5d2f5bfc6165

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-02-25 22:21:38 +01:00
Fabrice Fontaine
aead2e1ec2 package/intel-mediasdk: disable samples and tutorials
Disable samples and tutorials which are enabled by default and fail to
build with gcc 10 without upstream commit:
c7d40371eb

Fixes:
 - http://autobuild.buildroot.org/results/9ee28e5dc0b2ba854766d9bc82b95c28be2722d3

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-02-25 22:11:40 +01:00
Peter Korsgaard
7cb44a2011 package/nodejs: security bump to version v12.21.0
Fixes the following security issues:

CVE-2021-22883: HTTP2 'unknownProtocol' cause Denial of Service by resource exhaustion

Affected Node.js versions are vulnerable to denial of service attacks when
too many connection attempts with an 'unknownProtocol' are established.
This leads to a leak of file descriptors.  If a file descriptor limit is
configured on the system, then the server is unable to accept new
connections and prevent the process also from opening, e.g.  a file.  If no
file descriptor limit is configured, then this lead to an excessive memory
usage and cause the system to run out of memory.

CVE-2021-22884: DNS rebinding in --inspect

Affected Node.js versions are vulnerable to denial of service attacks when
the whitelist includes “localhost6”.  When “localhost6” is not present in
/etc/hosts, it is just an ordinary domain that is resolved via DNS, i.e.,
over network.  If the attacker controls the victim's DNS server or can spoof
its responses, the DNS rebinding protection can be bypassed by using the
“localhost6” domain.  As long as the attacker uses the “localhost6” domain,
they can still apply the attack described in CVE-2018-7160.

For more details, see the advisory:
https://nodejs.org/en/blog/vulnerability/february-2021-security-releases/

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-25 21:29:29 +01:00
Peter Korsgaard
f3b292d907 package/wireguard-tools: bump version to 1.0.20210223
For details, see the announcement:
https://lists.zx2c4.com/pipermail/wireguard/2021-February/006407.html

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-25 20:31:22 +01:00
Peter Korsgaard
5211e74894 package/wireguard-linux-compat: bump version to 1.0.20210219
Includes various compat fixes and lowers memory requirements.  For details,
see the announcement:

https://lists.zx2c4.com/pipermail/wireguard/2021-February/006404.html

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-25 20:31:17 +01:00
Andreas Klinger
81e0421285 package/ply: build needs flex and bison
Building needs flex and bison installed on the host system.

Fixes:
http://autobuild.buildroot.net/results/7cfe75725f4746367f2870ee9545f31ba56f6ec1

Signed-off-by: Andreas Klinger <ak@it-klinger.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-25 20:30:20 +01:00
Baruch Siach
8b2934e0ae package/daemon: bump to version 0.7.1
Add COPYING to _LICENSE_FILES.

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-25 20:21:40 +01:00
Baruch Siach
7328b08c56 package/uhubctl: bump to version 2.4.0
Add COPYING license text to _LICENSE_FILES.

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-25 20:21:12 +01:00
Pierre-Jean Texier
38b58a0d65 package/stunnel: bump to version 5.58
Update COPYING hash; copyright year update:

-_Copyright (C) 1998-2020 Michal Trojnara_
+_Copyright (C) 1998-2021 Michal Trojnara_

See full changelog https://www.stunnel.org/NEWS.html

Signed-off-by: Pierre-Jean Texier <texier.pj2@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-25 20:20:28 +01:00
Pierre-Jean Texier
50cfedc86d package/genimage: bump to version 14
Signed-off-by: Pierre-Jean Texier <texier.pj2@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-25 20:20:19 +01:00
Fabrice Fontaine
81efd0da9a package/faketime: bump to version 0.9.9
Update indentation in hash file (two spaces)

https://github.com/wolfcw/libfaketime/releases/tag/v0.9.9

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-25 20:13:00 +01:00
Fabrice Fontaine
564371c1f3 package/bwm-ng: bump to version 0.6.3
https://github.com/vgropp/bwm-ng/releases/tag/v0.6.3

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-25 20:12:46 +01:00
Fabrice Fontaine
028aa3986d package/screen: add SCREEN_CPE_ID_VENDOR
cpe:2.3🅰️gnu:screen is a valid CPE identifier for this package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Agnu%3Ascreen

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-25 20:11:22 +01:00
Fabrice Fontaine
879772f8e7 package/xterm: add XTERM_CPE_ID_VENDOR
cpe:2.3🅰️invisible-island:xterm is a valid CPE identifier for this
package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Ainvisible-island%3Axterm

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-25 20:11:11 +01:00
Peter Korsgaard
4e6ee9eb53 package/python3: security bump to version 3.9.2
Fixes the following security issue:

- CVE-2021-23336: urllib.parse.parse_qsl(): Web cache poisoning - `; ` as a
  query args separator
  https://bugs.python.org/issue42967

And fixes a number of issues. For details, see the changelog:
https://docs.python.org/release/3.9.2/whatsnew/changelog.html

Drop the now upstreamed security patch and update the license hash for a
change of copyright year:

-2011, 2012, 2013, 2014, 2015, 2016, 2017, 2018, 2019, 2020 Python Software Foundation;
+2011, 2012, 2013, 2014, 2015, 2016, 2017, 2018, 2019, 2020, 2021 Python Software Foundation;

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-25 08:10:36 +01:00
Yegor Yefremov
af3a264b3b package/python-pyusb: bump to version 1.1.1
Along with the version bump the following changes were
needed to get the package built:

- since 1.1.1 PyUSB supports only Python3
- change download file name to lowercase
- the package now requires setuptools and setuptools_scm
- change LICENSE checksum as the copyright year changed to 2021

Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-23 14:05:10 +01:00
Yegor Yefremov
f3f64705b9 package/python-dialog3: bump to version 3.5.1
Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-23 14:04:05 +01:00
Bernd Kuhls
8939392424 package/dav1d: bump version to 0.8.2
Release notes: https://code.videolan.org/videolan/dav1d/-/releases

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-23 14:03:56 +01:00
Francois Perrad
e648dfa6f7 package/mc: bump to version 4.8.26
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-23 14:03:09 +01:00
Peter Seiderer
7a3a47cc74 package/libuev: bump version to 2.3.2
- update license hash (copyright year, maintainer surname, see [1])

[1] 86e01be26e (diff-c693279643b8cd5d248172d9c22cb7cf4ed163a3c98c8a3f69c2717edd3eacb7)

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-23 14:02:53 +01:00
Peter Seiderer
542097b11a package/iwd: bump version to 1.12
- remove 0001-configure.ac-fix-static-build-with-readline.patch
  (upstream [1])

[1] https://git.kernel.org/pub/scm/network/wireless/iwd.git/commit/?id=62d31539d6e31a40d7d33c73637e37b50c59ef40

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-23 14:01:39 +01:00
Peter Seiderer
24575ad614 package/ell: bump version to 0.38
- remove 0001-build-Add-rawmemchr-to-missing.h.patch
  (upstream [1])

- remove 0002-ell-add-missing-include-in-dhcp-server.patch
  (upstream [2])

[1] https://git.kernel.org/pub/scm/libs/ell/ell.git/commit/?id=3916c1cc32be205e185a8a56de5cde1b9ec60e81
[2] https://git.kernel.org/pub/scm/libs/ell/ell.git/commit/?id=6dfff19d4716ba216de1a3298ed0f667d7782810

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-23 14:01:18 +01:00
Francois Perrad
49bb8ebd81 package/iptables: bump to version 1.8.7
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-23 14:01:10 +01:00
Peter Korsgaard
dacf9d78f2 linux: build after linux-firmware if enabled for early loading support
To support building in (a subset of) the linux-firmware files into the
kernel using the CONFIG_EXTRA_FIRMWARE option, we need to ensure that the
firmware files are installed before the Linux kernel is built, similar to
how it is done for intel-microcode.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-23 13:50:06 +01:00
Peter Korsgaard
af49734349 package/linux-firmware: also install into images for early loading support
Some drivers request their firmware very early when built into the kernel,
even before the initramfs is mounted - So the only way to provide firmware
for those drivers is to include them directly in the kernel with the
CONFIG_EXTRA_FIRMWARE option.

An example of this is the uC firmware for modern Intel GPUs.

Conceptually you can point CONFIG_EXTRA_FIRMWARE to
${TARGET_DIR}/lib/firmware, but then you cannot remove the firmware from the
initramfs and pay the size cost twice (inside the kernel + in initramfs), so
instead also install linux-firmware to the images dir, similar to how we do
it for intel-microcode.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-23 13:49:21 +01:00
Peter Korsgaard
4cadbbfdb1 package/linux-firmware: make install logic macro accept a destination parameter
So it can be reused for also installing into the images directory.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-23 13:49:13 +01:00
Yann E. MORIN
f1c9c07b54 package/linux-firmware: rationalise install step
The logic we have for the installation of the firmware files is, to say
the least, non conventional. It is split in two parts:

  - one that copies files via an intermediate tarball: the tarball
    creation is used to detect if firmware files are missing (i.e. on
    a version bump) and fail the build if so, while the tarball
    extraction is the actual firmware installation;

  - one that copies directories one by one in a loop, removing the
    destination before the copy, to maintain a proper layout.

Needless to say, this is not very clean. First, there is no reason why
the directories can not be copied with the same mechanism as the files
themselves; not sure what I had in mind with b55bd5a9e25e...

Second, we're soon going to need the same installation step to copy the
firmware files in the images/ directory, to ease embedding in the kernel
image.

Rationalise this installation procedure.

Cherry-picking files and directories with cp, while still maintaining
the directory layout, is not trivial; rsync is not one of our
pre-requisites. So we're left with tar, which makes it easy. So we keep
using an intermediate tarball, but we use it for both files and
directories, and we generate it at build time, not install time.

That archive is then extracted during the installation.

Now the installation complexity is mostly located in the creation of the
symlinks, so we merge all of that directly into the _INSTALL_TARGET_CMDS
and drop the intermediate macros that have no longer any reason to exist.

This will also make it pretty simple to later install in the images/
directory.

Reported-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-23 13:49:09 +01:00
Christian Stewart
9c035502bf package/go: bump version to 1.16
Release notes: https://golang.org/doc/go1.16

The latest Go release, version 1.16, arrives six months after Go 1.15. Most of
its changes are in the implementation of the toolchain, runtime, and libraries.

The linker changes in 1.16 extend the 1.15 improvements to all supported
architecture/OS combinations (the 1.15 performance improvements were primarily
focused on ELF-based OSes and amd64 architectures). For a representative set of
large Go programs, linking is 20-25% faster than 1.15 and requires 5-15% less
memory on average for linux/amd64, with larger improvements for other
architectures and OSes. Most binaries are also smaller as a result of more
aggressive symbol pruning.

According to the release notes, Go 1.16 drops support for x87 mode
compilation (GO386=387).  Support for non-SSE2 processors is now available
using soft float mode.  Buildroot will automatically set GO386=softfloat on
non-SSE2 processors.

Signed-off-by: Christian Stewart <christian@paral.in>

v1 -> v2:

 - added 386=softfloat handling re: Peter's review

Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-23 13:48:27 +01:00
Christian Stewart
e92ec59450 package/go: bump to version 1.15.8
go1.15.8 (released 2021/02/04) includes fixes to the compiler, linker, runtime,
the go command, and the net/http package.

https://golang.org/doc/go1.15

Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-23 13:47:04 +01:00
Titouan Christophe
947f982ded package/micropython: bump to v1.14
Micropython 1.4 brings many changes, see the release notes:
https://github.com/micropython/micropython/releases/tag/v1.14

Amongst these changes, Micropython can now produce reproducible
builds, using the standard SOURCE_DATE_EPOCH.

The LICENSE hash changed because the copyright year range was extended
to 2021.

Signed-off-by: Titouan Christophe <titouanchristophe@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-23 13:44:23 +01:00
Bernd Kuhls
795fe88cf8 package/tor: bump version to 0.4.5.6
Rebased patch, part of it was committed upstream:
https://gitweb.torproject.org/tor.git/commit/?id=c5817a0dafc67882f15730ee818fbcdba1b7b915

Release notes: https://blog.torproject.org/node/2000

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-23 13:43:52 +01:00
Bartosz Bilas
4c488c7385 boot/barebox: bump version to 2021.01.0
Signed-off-by: Bartosz Bilas <b.bilas@grinn-global.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-23 13:43:32 +01:00
Vincent Fazio
b50eef1dfd support/download: drop sub-second precision in tarball creation
Some download backends, like svn, will provide timestamps with a
sub-second precision, e.g.

    $ svn info --show-item last-changed-date [...]
    2021-02-19T20:22:34.889717Z

However, the PAX headers do not accept sub-second precision, leading to
failure to download from subversion:

    tar: Time stamp is out of allowed range
    tar: Exiting with failure status due to previous errors
    make[1]: *** [package/pkg-generic.mk:148: [...]/build/subversion-1886712/.stamp_downloaded] Error 1

Fix that by massaging the timestamp to drop the sub-second part. We
do that in the generic helper, rather than the svn backend, so that
all callers to the generic helper benefit from this, as this is more
an internal details of the tarball limitations, than of the backends
themselves.

Reported-by: Roosen Henri <Henri.Roosen@ginzinger.com>
Signed-off-by: Vincent Fazio <vfazio@xes-inc.com>
[yann.morin.1998@free.fr:
  - add Henri as reporter
  - move it out of the svn backend, and to the generic helper
  - reword the commit log accordingly
  - use an explicit time format rather than -Iseconds
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-02-22 23:01:27 +01:00
Peter Korsgaard
6376decbda package/bind: security bump to version 9.11.28
Fixes the following security issue:

- CVE-2020-8625: When tkey-gssapi-keytab or tkey-gssapi-credential was
  configured, a specially crafted GSS-TSIG query could cause a buffer
  overflow in the ISC implementation of SPNEGO (a protocol enabling
  negotiation of the security mechanism to use for GSSAPI authentication).
  This flaw could be exploited to crash named.  Theoretically, it also
  enabled remote code execution, but achieving the latter is very difficult
  in real-world conditions

For details, see the advisory:
https://kb.isc.org/docs/cve-2020-8625

In addition, 9.11.26-27 fixed a number of issues, see the release notes for
details:
https://downloads.isc.org/isc/bind9/9.11.28/RELEASE-NOTES-bind-9.11.28.html

Drop now upstreamed patches, update the GPG key for the 2021-2022 variant
and update the COPYRIGHT hash for a change of year:

-Copyright (C) 1996-2020  Internet Systems Consortium, Inc. ("ISC")
+Copyright (C) 1996-2021  Internet Systems Consortium, Inc. ("ISC")

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-22 14:35:10 +01:00
Ryan Barnett
e41b170b32 package/fakeroot: fix glibc detection on patch for new wrappers
Commit f45925a951 add the patch:

0003-libfakeroot.c-add-wrappers-for-new-glibc-2.33-symbol.patch

which allowed fakeroot to be compiled with GLIBC 2.33 or above.
However, this introduce a bug for building with a non-GLIBC based
toolchain as a GLIBC macro - __GLIBC_PREREQ - is used on the same line
as the detection of GLIBC.

Fix this by backporting the fix to this incorrect macro from upstream
commit:

8090dffdad

CC: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Ryan Barnett <ryanbarnett3@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-02-21 23:55:38 +01:00
Guillaume W. Bres
04f0ed0a44 package/libxcrypt: fix conversion error
Fixes: http://autobuild.buildroot.net/results/e9a058a8c98daf197cd9d7ac632e0cb5707d524f

Some sensitive compilers may raise a warning that turns into an error on this line.

Signed-off-by: Guillaume W. Bres <guillaume.bressaix@gmail.com>
[yann.morin.1998@free.fr: backport the actual commit]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-02-21 22:54:55 +01:00
Stefan Ott
048f772354 package/unbound: bump to version 1.13.1
This release contains a number of bug fixes. There is added support
for the EDNS Padding option (RFC7830 and RFC8467), and the EDNS NSID
option (RFC 5001). Unbound control has added commands to enable and
disable rpz processing. Reply callbacks have a start time passed to
them that can be used to calculate time, these are callbacks for
response processing. With the option serve-original-ttl the TTL served
in responses is the original, not counted down, value, for when in
front of authority service.

https://github.com/NLnetLabs/unbound/releases/tag/release-1.13.1

Signed-off-by: Stefan Ott <stefan@ott.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-02-21 08:55:37 +01:00
Peter Seiderer
f204e58740 package/irqbalance: fix irqbalance/irqbalance-ui socket communication
Add patch to fix irqbalance/irqbalance-ui socket communication by
fixing uint64_t printf format usage.

Fixes:

  $ irqbalance-ui
  Invalid data sent.  Unexpected token: (null)TYPE

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
[yann.morin.1998@free.fr:
  - do an actual backport as upstream applied the patch
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-02-21 08:49:20 +01:00
Scott Fan
6c5caa8f43 package/open62541: fix library version definition
Manually specified version must start with letter 'v',
otherwise, the generated version macro will be zero
in the <build_dir>/src_generated/open62541/config.h file:
  #define UA_OPEN62541_VER_MAJOR 0
  #define UA_OPEN62541_VER_MINOR 0
  #define UA_OPEN62541_VER_PATCH 0

Reference from the following link:
https://open62541.org/doc/current/building.html

Signed-off-by: Scott Fan <fancp2007@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-02-20 23:12:54 +01:00