Commit Graph

69225 Commits

Author SHA1 Message Date
Adam Duskett
0bc44d52c6 package/mesa3d: add vulkan broadcom driver support
Signed-off-by: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2023-09-02 11:49:37 +02:00
Adam Duskett
d5a7f213ab package/vulkan-tools: new package
Use $(VULKAN_HEADERS_VERSION) for VULKAN_TOOLS_VERSION as the vulkan packages
need to all be the same version.

Signed-off-by: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2023-09-02 11:49:36 +02:00
Adam Duskett
6aa1bc3167 package/vulkan-loader: new package
Use $(VULKAN_HEADERS_VERSION) for VULKAN_LOADER_VERSION as the vulkan packages
need to all be the same version.

Signed-off-by: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2023-09-02 11:49:36 +02:00
Adam Duskett
a95d65e495 package/vulkan-headers: bump version to 1.3.262
Update the license hash as the license file is now located at LICENSE.md
isntead of LICENSE.txt, and add MIT to the list of licenses.

Signed-off-by: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2023-09-02 10:25:25 +02:00
Kory Maincent
c82de32369 package/linux-firmware: add new option for Marvell prestera firmware
Add the Marvell prestera ethernet cards firmwares.

Signed-off-by: Kory Maincent <kory.maincent@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2023-09-02 10:15:16 +02:00
Julien Olivain
86fac42015 package/python-magic-wormhole: bump to version 0.13.0
For change log, see [1].

A notable change is that the package changed its HKDF implementation
from the python-hkdf package to python-cryptography. See [2].
This commit reflect that change in the runtime dependencies. The
python-cryptography was already an indirect dependency; it is now a
direct one.

[1] https://github.com/magic-wormhole/magic-wormhole/blob/0.13.0/NEWS.md
[2] https://github.com/magic-wormhole/magic-wormhole/pull/456

Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2023-09-02 09:45:11 +02:00
Giulio Benetti
9299ea4bff package/libnss: bump version to 3.93
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2023-09-02 09:44:51 +02:00
Michael Nosthoff
f38a2a95ac package/fmt: bump to version 10.1.1
Signed-off-by: Michael Nosthoff <buildroot@heine.tech>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2023-09-02 09:44:48 +02:00
Thomas Devoogdt
de9187eca2 package/libsrtp: bump to version 2.5.0
https://github.com/cisco/libsrtp/releases/tag/v2.5.0

See detailed change log:
https://github.com/cisco/libsrtp/blob/v2.5.0/CHANGES#L3-L43

Dropped patch wich was already upstream.

Signed-off-by: Thomas Devoogdt <thomas.devoogdt@barco.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2023-09-02 09:44:42 +02:00
Julien Olivain
d44a888c32 support/testing: python-magic-wormhole: fix random failures
The magic-wormhole "receive" command can output "waiting" messages
when key receival or verification are longer than a predefined
timeout:
https://github.com/magic-wormhole/magic-wormhole/blob/0.13.0/src/wormhole/cli/cmd_receive.py#L135

The intent is to have an interactive user experience.

This behavior makes the runtime test unreliable as the test always
expect the sent message as the exact output. When the test execution
is slower, it sometimes get the "waiting" message instead of the
expected message.

Some test jobs are succeeding:
https://gitlab.com/buildroot.org/buildroot/-/jobs/4968059737
while some other are failing.

magic-wormhole can override those timers with environment variables.
See:
https://github.com/magic-wormhole/magic-wormhole/blob/0.13.0/src/wormhole/cli/cmd_receive.py#L26

This commit sets those environment variable to larger values
(100 seconds instread of 1 by default), to make sure the test will
always pass.

Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/4962923235

Reported-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
Reviewed-by: Romain Naour <romain.naour@gmail.com>
Tested-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2023-09-02 09:43:55 +02:00
Romain Naour
aab82a29bc configs/beaglev_defconfig: fix build with binutils >= 2.38
Backport an upstream patch fixing the build with binutils >= 2.38
for riscv's for Zicsr and Zifencei.

Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/4987456149

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2023-09-02 09:40:27 +02:00
Romain Naour
698562e7f5 configs/hifive_unleashed_defconfig: uboot needs OpenSSL
Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/4987456270

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2023-09-02 09:40:22 +02:00
Daniel Lang
7dd5233b55 package/libxcrypt: fix another build issue with perl >= 5.38
perl 5.38 deprecated smartmatch (~~ and the given/when syntax).
Backport another upstream patch to drop uses of given.

Fixes:
- http://autobuild.buildroot.net/results/727/727aa831881af36394bafef9e13a0dcbd9d0db3a

Signed-off-by: Daniel Lang <dalang@gmx.at>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2023-09-02 09:40:18 +02:00
Thomas Devoogdt
ff6fae8bc1 package/lighttpd: bump to version 1.4.71
Changelog:
 - https://www.lighttpd.net/2023/5/10/1.4.70/
 - https://www.lighttpd.net/2023/5/27/1.4.71/

Signed-off-by: Thomas Devoogdt <thomas.devoogdt@barco.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2023-09-02 09:36:55 +02:00
Adam Duskett
94d48acba3 package/libopenssl: bump version to 3.1.2
Signed-off-by: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2023-09-02 09:36:52 +02:00
Francois Perrad
a0617d73c3 package/mc: bump to version 4.8.30
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2023-09-02 09:36:41 +02:00
Francois Perrad
e8e66020f3 package/libgpiod: bump to version 1.6.4
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2023-09-02 09:36:36 +02:00
Francois Perrad
d0e30b87f9 package/freetype: bump to version 2.13.2
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2023-09-02 09:36:29 +02:00
Julien Olivain
5b3388f1e2 package/ed: bump to version 1.19
See release announce:
https://lists.gnu.org/archive/html/bug-ed/2023-01/msg00000.html

Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2023-09-02 09:36:26 +02:00
Julien Olivain
3ef29343ae package/less: bump to version 643
For change log, see:
https://www.greenwoodsoftware.com/less/news.643.html

Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2023-09-02 09:36:21 +02:00
Julien Olivain
bf7926230c package/libgpgme: always use gpgrt-config from buildroot staging
gpgme updated its gpg-error.m4 macro files to detect gpgrt-config at
several occasions. Those changes are included since buildroot commit
13f3b8e124 "package/libgpgme: bump to version 1.20.0".

gpgrt-config path needs to be forced in _CONF_ENV to make sure it
will work in all host environments. See the log entry of commit
d7f2d8403e "package/gnupg2: fix build failure when host provides an
old gpgrt-config" [2] for a complete explanation.

[1] https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gpgme.git;a=history;f=m4/gpg-error.m4;h=gpgme-1.20.0
[2] https://git.buildroot.org/buildroot/commit/?id=d7f2d8403ec82f3b1772ec17bf1df8c42987a1f8

Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2023-09-02 09:35:42 +02:00
Peter Korsgaard
fbcc1bf533 docs/website: Update for 2023.02.4
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-08-31 21:30:47 +02:00
Peter Korsgaard
d283473ae4 Update for 2023.02.4
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 3b8e5b19ad)
[Peter: drop Makefile/Vagrantfile changes]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-08-31 21:28:50 +02:00
Peter Korsgaard
1f137a03ea docs/website: Update for 2023.05.2
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-08-31 20:28:40 +02:00
Peter Korsgaard
386b72ca22 Update for 2023.05.2
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 3923a4fac8)
[Peter: drop Makefile change]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-08-31 20:12:26 +02:00
Bernd Kuhls
d87d54d23d package/tor: bump version to 0.4.8.5
Release notes:
https://forum.torproject.org/t/stable-release-0-4-8-5/8996

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2023-08-30 23:49:09 +02:00
Bernd Kuhls
04811ff148 package/onevpl-intel-gpu: bump version to 23.3.2
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2023-08-30 23:49:07 +02:00
Bernd Kuhls
91aac180e0 package/intel-mediadriver: bump version to 23.3.2
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2023-08-30 23:49:03 +02:00
Bernd Kuhls
cd8aa311be package/transmission: bump version to 4.0.4
Release notes:
https://github.com/transmission/transmission/releases/tag/4.0.4

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2023-08-30 23:49:00 +02:00
Bernd Kuhls
16da1e0b04 package/libdrm: bump version to 2.4.116
Release notes:
https://lists.x.org/archives/xorg-announce/2023-August/003416.html

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2023-08-30 23:48:55 +02:00
Christian Stewart
06b2e496a0 package/go: bump to version 1.21.0
Go 1.21.0 is a major release of Go.

https://go.dev/doc/devel/release#go1.21.0

Set GOTOOLCHAIN=local to disable the new toolchain download feature. This
feature, introduced in Go 1.21.x, will automatically download pre-built compiler
binaries from Google for the toolchain version specified in go.mod. We do not
want this in Buildroot as we build from source instead: set GOTOOLCHAIN=local to
disable the feature and use the locally built toolchain.

https://go.dev/doc/toolchain

Signed-off-by: Christian Stewart <christian@aperture.us>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2023-08-30 23:48:51 +02:00
Sergey Bobrenok
93556f95a3 package/sdbus-cpp: bump to version 1.3.0
Changelog:
https://github.com/Kistler-Group/sdbus-cpp/releases/tag/v1.3.0

A trailing whitespace was removed in the COPYING-LGPL-Exception file,
so the hash differs.
dcd9d46b9c

Signed-off-by: Sergey Bobrenok <bobrofon@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2023-08-30 23:48:45 +02:00
Bernd Kuhls
16c3b4b92b {linux, linux-headers}: bump 4.{14, 19}.x / 5.{4, 10, 15}.x / 6.{1, 4}.x series
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2023-08-30 23:45:22 +02:00
Fabrice Fontaine
3c8d890c19 toolchain/helpers.mk: strengthen uClibc locale check
Currently, when verifying the configuration of a uClibc toolchain for
the presence of locale support, we check __UCLIBC_HAS_LOCALE__. It
turns out that we in fact also expect __UCLIBC_HAS_XLOCALE__ to be
defined, as without it locale_t is not defined, causing build failure
in some packages, such as libcpprestsdk:

In file included from /home/thomas/autobuild/instance-0/output-1/build/libcpprestsdk-2.10.18/Release/include/cpprest/json.h:18,
                 from /home/thomas/autobuild/instance-0/output-1/build/libcpprestsdk-2.10.18/Release/src/pch/stdafx.h:88,
                 from /home/thomas/autobuild/instance-0/output-1/build/libcpprestsdk-2.10.18/Release/src/http/client/http_client_msg.cpp:13:
/home/thomas/autobuild/instance-0/output-1/build/libcpprestsdk-2.10.18/Release/include/cpprest/asyncrt_utils.h:317:13: error: 'locale_t' does not name a type
  317 |     typedef locale_t xplat_locale;
      |             ^~~~~~~~

As essentially our requirement for uClibc in external toolchains is
"it should match the uClibc configuration used by Buildroot for
internal toolchains", it makes sense to verify
__UCLIBC_HAS_XLOCALE__. Note that of course checking
__UCLIBC_HAS_XLOCALE__ is sufficient, as it cannot be enabled if
__UCLIBC_HAS_LOCALE isn't.

This addresses an issue with the Synopsys ARC external toolchain,
which is built with __UCLIBC_HAS_LOCALE__, but without
__UCLIBC_HAS_XLOCALE__ causing a build failure with some
packages (such as libcpprestsdk).

Therefore, this patch also changes how the Synospys ARC external
toolchain is exposed in Buildroot: it no longer advertise locale
support.

Fixes:

  http://autobuild.buildroot.org/results/e6778e60cc1ea455f5b4511d5824f04d8040f67b

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2023-08-30 23:44:24 +02:00
Daniel Lang
6fa3a239ac support/scripts/gen-missing-cpe: remove rarely used script
The intention of this script is to generate the XML that can be sent to
NVD to request a new CPE identifier.

As discussed on the mailing list [0] keeping up with version numbers of
all registered CPE ID won't work.
In addition the feed used to generated the XML files will be retired
[1]. In the future an API needs to be used for fetching the data in
connection with a local database.
All of this works against keeping this script and porting it to the new
API.
As a last blow Matthew, the original author concluded [2]:
> Makes sense to drop it.  There never got to be enough momentum in the overall
> software community to make CVE or even the new identifier really accurate.

The intention is to ignore the version part of CPE IDs in the future,
and only look at the version range specified on a CVE. Therefore, a tool
to add new CPE ID versions isn't useful to us. It might still be useful
to have a tool to create the vendor and project parts of a CPE ID.
However, the current gen-missing-cpe tool doesn't support that, and the
API is anyway going to be retired. So there is no reason at all to keep
this around.

Remove gen-missing-cpe and the cpedb module. Remove the Makefile target
to call the script.

Since the cpedb module is removed, the CPEDB_URL definition must be
moved to the place where it is still used, in pkg-stats.

[0]: https://lists.buildroot.org/pipermail/buildroot/2023-August/672620.html
[1]: https://nvd.nist.gov/General/News/change-timeline
[2]: https://lists.buildroot.org/pipermail/buildroot/2023-August/672651.html

Signed-off-by: Daniel Lang <dalang@gmx.at>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
2023-08-30 22:39:23 +02:00
Martin Böh
060b88ace6 package/gr-osmosdr: add support for HACKRF receivers
Signed-off-by: Martin Böh <contact@martb.dev>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2023-08-30 22:38:30 +02:00
Daniel Lang
8997c746fa support/scripts/pkg-stats: fix typos
Signed-off-by: Daniel Lang <dalang@gmx.at>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
2023-08-30 22:22:05 +02:00
Thomas Petazzoni
829610c701 package/heirloom-mailx: ignore CVE-2004-2771
The CVE-2004-2771 is already fixed by the Debian patch
0014-globname-Invoke-wordexp-with-WRDE_NOCMD.patch. The Debian patch
description is:

Subject: [PATCH 4/4] globname: Invoke wordexp with WRDE_NOCMD (CVE-2004-2771)

See also https://marc.info/?l=oss-security&m=141875285203183&w=2 for
more details.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
2023-08-30 22:12:02 +02:00
Thomas Petazzoni
94716fdb48 package/heirloom-mailx: fix comment about ignore CVE-2014-7844
In commit
15972770cf ("package/heirloom-mailx:
security bump to version 12.5-5 from Debian"), we added CVE-2014-7844
in HEIRLOOM_MAILX_IGNORE_CVES, but with the wrong comment about it: it
is a different patch in the Debian stack of patches that fixes
it. Indeed the description of patch
0011-outof-Introduce-expandaddr-flag.patch is:

=====================================================================
Subject: [PATCH 1/4] outof: Introduce expandaddr flag

Document that address expansion is disabled unless the expandaddr
binary option is set.

This has been assigned CVE-2014-7844 for BSD mailx, but it is not
a vulnerability in Heirloom mailx because this feature was documented.
=====================================================================

See also https://marc.info/?l=oss-security&m=141875285203183&w=2 for
details.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
2023-08-30 22:05:13 +02:00
Thomas Petazzoni
cf686670b9 package/log4cxx: ignore CVE-2023-31038
CVE-2023-31038 affects log4cxx only if ODBC is supported. While
CVE-2023-31038 has been fixed in newer versions of log4cxx, there is
quite a huge gap to do a version bump, and the commit that fixes
CVE-2023-31038 could not be identified.

Therefore, we want to rely on the fact that our log4cxx package does
not support ODBC: there is indeed no explicit dependency on our
unixodbc package in log4cxx.mk. However, log4cxx automatically detects
if ODBC is available and if it is, it uses it.

So what we do in this commit is backport an upstream commit, which
adds explicitly options to enable/disable ODBC and ESMTP support, and
we use them to (1) always disable ODBC and (2) explicitly
enable/disable ESMTP support.

Thanks to ODBC being disabled, we're not affected by CVE-2023-31038.

Of course, there is a potential regression for users who were relying
on the implicit unixodbc dependency, but as we could not identify the
commit fixing the CVE-2023-31038, this is the best we can do at the
moment.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
2023-08-30 22:02:45 +02:00
Arnout Vandecappelle
6bee7c3eb2 .checkpackageignore: correct renamed path of openjdk 17.0.8+7 patch
Commit c1038fe47c renamed the patch, but didn't update
.checkpackageignore, leading to two failures:

.checkpackageignore:1055: ignored file package/openjdk/17.0.7+7/0001-Add-ARCv2-ISA-processors-support-to-Zero.patch is missing
package/openjdk/17.0.8+7/0001-Add-ARCv2-ISA-processors-support-to-Zero.patch:0: missing Upstream in the header (http://nightly.buildroot.org/#_additional_patch_documentation)

Rename the file in .checkpackageignore as well.

Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
2023-08-30 21:57:01 +02:00
Thomas Petazzoni
65c99394ff boot/grub2: backport fixes for numerous CVEs
Grub 2.06 is affected by a number of CVEs, which have been fixed in
the master branch of Grub, but are not yet part of any release (there
is a 2.12-rc1 release, but nothing else between 2.06 and 2.12-rc1).

So this patch backports the relevant fixes for CVE-2022-28736,
CVE-2022-28735, CVE-2021-3695, CVE-2021-3696, CVE-2021-3697,
CVE-2022-28733, CVE-2022-28734, CVE-2022-2601 and CVE-2022-3775.

It should be noted that CVE-2021-3695, CVE-2021-3696, CVE-2021-3697
are not reported as affecting Grub by our CVE matching logic because
the NVD database uses an incorrect CPE ID in those CVEs: it uses
"grub" as the product instead of "grub2" like all other CVEs for
grub. This issue has been reported to the NVD maintainers.

This requires backporting a lot of patches, but jumping from 2.06 to
2.12-rc1 implies getting 592 commits, which is quite a lot.

All Grub test cases are working fine:

  https://gitlab.com/tpetazzoni/buildroot/-/pipelines/984500585
  https://gitlab.com/tpetazzoni/buildroot/-/pipelines/984500679

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
[Arnout: fix check-package warning in patch 0002]
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
2023-08-30 21:54:23 +02:00
Yann E. MORIN
60f50a5e34 package/pcm-tools: fix github-download
The pcm-tools package contains a version.h with git attributes:

    $ cat version.h
    #define PCM_VERSION " ($Format:%ci ID=%h$)"

    $ man 5 gitattributes
       Creating an archive
         export-subst
           If the attribute export-subst is set for a file then Git
           will expand several placeholders when adding this file to
           an archive. The expansion depends on the availability of
           a commit ID, i.e., if git-archive(1) has been given a tree
           instead of a commit or a tag then no replacement will be
           done. The placeholders are the same as those for the option
           --pretty=format: of git-log(1), except that they need to be
           wrapped like this: $Format:PLACEHOLDERS$ in the file. E.g.
           the string $Format:%H$ will be replaced by the commit hash.

So, the archive generated by github has changed since we updated
pcm-tools in 2021-12-08 with commit d1d93d488c (package/pcm-tools:
bump to version 202110). The downlad was still OK in 2022-01-04 [0]
but has been failing at least since 202-08-25 [1].

Since the archive is generated on the github side, there is not much we
can do to fix this up.

We switch over to using git to do the download, and we generate the
archive localy, which we know is reproducible.

We fix the version.h so that it contains the same string as the backup
tarball we host on s.b.o.

There are three other files in pcm-tools that have git attributes, to
exclude them from the generated archive, all pertaining to CI/CD stuff:
    .cirrus.yml export-ignore
    .gitlab-ci.yml export-ignore
    .travis.yml export-ignore

We don't remove them, because they have no impact on the build, and they
are anyway already present in the archive by the time we could act on it
anyway...

[0] http://autobuild.buildroot.org/results/127/1276a3d49c8848039f034e7f03632df365097e94/
[1] http://autobuild.buildroot.org/results/8bb/8bbf9c36af332bbf5e7c1abcbb594a0b231ef97e/

Reported-by: Woody Douglass <wdouglass@carnegierobotics.com>
Reported-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
2023-08-30 21:40:46 +02:00
Adam Duskett
c1038fe47c package/openjdk{-bin}: security bump versions to 11.0.20+8 and 17.0.8+7
Fixed the following security issues:

* CVEs
  - CVE-2023-22006
  - CVE-2023-22036
  - CVE-2023-22041
  - CVE-2023-22044
  - CVE-2023-22045
  - CVE-2023-22049
  - CVE-2023-25193
* Security fixes
  - JDK-8298676: Enhanced Look and Feel
  - JDK-8300285: Enhance TLS data handling
  - JDK-8300596: Enhance Jar Signature validation
  - JDK-8301998, JDK-8302084: Update HarfBuzz to 7.0.1
  - JDK-8302475: Enhance HTTP client file downloading
  - JDK-8302483: Enhance ZIP performance
  - JDK-8303376: Better launching of JDI
  - JDK-8304468: Better array usages
  - JDK-8305312: Enhanced path handling
  - JDK-8308682: Enhance AES performance

For details, see the announcements:
https://mail.openjdk.org/pipermail/jdk-updates-dev/2023-July/024064.html
https://mail.openjdk.org/pipermail/jdk-updates-dev/2023-July/024063.html

Signed-off-by: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
2023-08-30 21:36:43 +02:00
Sebastian Weyer
bea949996e support/testing/tests/package/test_nu.py: new runtime test
Load sample script support/testing/tests/package/sample_nu.nu onto the
target and verify proper execution by nushell

Signed-off-by: Sebastian Weyer <sebastian.weyer@smile.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2023-08-29 23:57:22 +02:00
Sebastian Weyer
f8047ff598 package/nushell: new package
Nushell is a shell - written in Rust - that makes use of the nushell
language to interact with the operating system

Signed-off-by: Sebastian Weyer <sebastian.weyer@smile.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2023-08-29 23:33:21 +02:00
Nicolas Cavallari
1ae3f1748b package/libgit2: bump version to 1.7.1
This fixes a problem with the build system that would make it fail to
use pkg-config to detect libssh2.  It worked anyway because -lssh2
works.

Signed-off-by: Nicolas Cavallari <nicolas.cavallari@green-communications.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2023-08-29 23:28:38 +02:00
Charlie LEGER
a1f351a8db package/libzip: bump to version 1.10.1
- Release note libzip 1.10.1:
https://libzip.org/news/release-1.10.1.html
- Release note libzip 1.10.0:
https://libzip.org/news/release-1.10.0.html
- API changes between 1.9.x to 1.10.x:
https://github.com/nih-at/libzip/blob/v1.10.1/API-CHANGES.md

Signed-off-by: Charlie LEGER <c.leger@borea-dental.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2023-08-29 23:28:34 +02:00
Daniel Lang
47b79476fb package/libxcrypt: fix build with perl >= 5.38
perl 5.38 deprecated smartmatch (~~ and the given/when syntax).
Backport an upstream patch to drop uses of when.

Fixes:
- http://autobuild.buildroot.net/results/04c/04cf8d79fe8a58c3438e7be95ae781c9b2bef8a0/

Signed-off-by: Daniel Lang <dalang@gmx.at>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2023-08-29 23:27:58 +02:00
Peter Korsgaard
04bc804630 Update for 2023.08-rc3
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-08-29 15:00:27 +02:00