Commit Graph

48938 Commits

Author SHA1 Message Date
Christopher McCrory
7ba0ef5240 package/wireshark: bump to version 3.0.3
Signed-off-by: Christopher McCrory <chrismcc@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-09-15 21:08:31 +02:00
Christopher McCrory
84d9c3b080 package/slang: bump to version 2.3.2
Signed-off-by: Christopher McCrory <chrismcc@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-09-15 16:18:51 +02:00
Christopher McCrory
425be886e9 package/rrdtool: bump to version 1.7.2
Update hash for license files (update in year and address, some
whitespace changes)

Signed-off-by: Christopher McCrory <chrismcc@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-09-15 16:17:48 +02:00
Fabrice Fontaine
8136a0a083 package/aespipe: bump to version 2.4e
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-09-15 16:10:49 +02:00
Thomas Petazzoni
ffcd34af07 support/scripts/pkg-stats: simplify Git commit id retrieval
As suggested by Baruch Siach, using "git rev-parse HEAD" is a lot
simpler than playing around with "git log" to just retrieve the commit
id corresponding to the current HEAD.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-09-15 16:10:22 +02:00
Fabrice Fontaine
a014dc55d3 package/luvi: fixup the 'v' prefix in the version
In order for the luvi version to match what is given by
release-monitoring.org, the 'v' prefix should be encoded in
LUVI_SOURCE and LUVI_SITE and not LUVI_VERSION.

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-09-15 16:09:20 +02:00
Fabrice Fontaine
c2d0ea7aa9 package/openpowerlink: fixup the 'V' prefix in the version
In order for the openpowerlink version to match what is given by
release-monitoring.org, the 'V' prefix should be encoded in
OPENPOWERLINK_SOURCE and OPENPOWERLINK_SITE and not
OPENPOWERLINK_VERSION.

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-09-15 16:08:48 +02:00
Mohana Datta Yelugoti
195ac1a00a package/python-sip: add hashes for license files
Signed-off-by: Mohana Datta Yelugoti <ymdatta.work@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-09-15 16:02:49 +02:00
Peter Korsgaard
4bed0934bc configs/lafrite: new defconfig
Add basic support for the Libre Computer "La Frite" SBC.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-09-15 16:00:56 +02:00
Carlos Santos
0aa6634318 package/eudev: add missing user/groups "kvm" and "render"
They are required by the default udev rules.

Fixes: https://bugs.busybox.net/show_bug.cgi?id=12141

Signed-off-by: Carlos Santos <unixmania@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-09-15 15:57:13 +02:00
Pierre-Jean Texier
dcbebb64e4 DEVELOPERS: add Pierre-Jean Texier for fping
Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-09-15 15:55:42 +02:00
Pierre-Jean Texier
456ce0a15d package/fping: bump to version 4.2
See full Changelog: http://fping.org/dist/CHANGELOG.md

Also add hash for license file

Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-09-15 15:55:38 +02:00
Francois Perrad
a766aa818b package/luarocks: refactor Buildroot addon with new argparse module
The wellknown module `argparse` is now used by LuaRocks 3.2.0, instead
of a homemade argument parsing.

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-09-15 15:54:45 +02:00
Francois Perrad
f947d52b39 package/luarocks: fix generated configuration when luajit
this trick removes the need of the patch

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-09-15 15:53:53 +02:00
Francois Perrad
41278d88e3 package/luarocks: bump to version 3.2.1
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-09-15 15:42:39 +02:00
Chris Packham
5e0b1f9c23 package/eventlog: remove package
Since syslog-ng 3.11.1 eventlog has been bundled with the sources.
Remove the separate package.

We don't add Config.in.legacy handling because eventlog was only used
by syslog-ng, and was not really meant to be used by anyone else, so
there is no point in warning users who had this package enabled in
their configuration that it no longer exists, as it was only used by
syslog-ng, and syslog-ng now bundles eventlog.

Signed-off-by: Chris Packham <judge.packham@gmail.com>
[Thomas: extend explanation about why we don't have any
Config.in.legacy handling]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-09-15 15:36:37 +02:00
Julien Grossholtz
5b738d4780 package/paho-mqtt-c: bump to version 1.3.1
paho-mqtt-c 1.3.1 is the latest stable release. The latest release
contains various bug fixes and adds TLS-PSK encryption support.

Release notes: https://github.com/eclipse/paho.mqtt.c/milestone/6?closed=1

Signed-off-by: Julien Grossholtz <julien.grossholtz@openest.io>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-09-15 15:35:17 +02:00
Yegor Yefremov
cc74a1488b DEVELOPERS: add Yegor Yefremov to dhcpcd and nftables package
Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-09-15 15:24:45 +02:00
Refik TUZAKLI
1d1a57d159 package/paho-mqtt-cpp: bump to version 1.0.1
Signed-off-by: Refik Tuzakli <refik.tuzakli@savronik.com.tr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-09-15 15:23:05 +02:00
Alexander Dahl
c52a679b85 package/qemu: add optional dependency on nettle
Qemu can optionally depend on nettle if available, so we should take
into account this optional dependency.

Cc: Florian Wolters <florian@florian-wolters.de>
Signed-off-by: Alexander Dahl <post@lespocky.de>
[Thomas: reword commit log, so that it makes sense in the context of
upstream Buildroot]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-09-15 15:19:30 +02:00
Carlos Santos
349501320b package/thttpd: fix systemd startup
Create the configuration file as /etc/thttpd.conf, as expected by the
systemd unit file.

This matches other web server packages that install configuration files
at /etc/lighttpd/, /etc/apache2, etc.

Signed-off-by: Carlos Santos <unixmania@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-09-15 15:19:05 +02:00
Matt Weber
ed7572cc7f package/bc: bump to 1.07.1
* Added license hash files
* Updated site to new GNU location
* Reconfig required to use newer automake
* Dropped patch for 01_array_initialize.patch as it was fixed
* Refactored patches for makeinfo variable and write io errs
* Added new dc fix exit code patch from Debian sid
* Added new libmath offline gen cross-compile patch from Yocto

Upstream patch status: Pending

Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-09-15 15:14:42 +02:00
Petr Vorel
4a6e2d6560 package/links: add hash for COPYING file
Suggested-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-09-15 14:56:57 +02:00
Peter Korsgaard
fd69af5e24 configs/raspberrypi0: use dedicated rpi0 dts file
Since the bump to the 20190819 snapshot there is now a dedicated dts file
for the rpi0, so use that rather than the rpi-b-plus one:

bd1336d8b6

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-09-15 14:54:29 +02:00
Peter Korsgaard
fcecfb66d1 configs/raspberrypi0w: fix dts file name after kernel bump
Fixes #12816

Commit 42d22f3bdb ({configs/raspberrypi,package/rpi-firmware}: bump
kernel/firmware to 20190819 version) updated the kernel version but failed
to take into consideration that the rpi0w dts file has been renamed:

6f91b5dbfd

Fix it by renaming the dts/dtb file referenced from the kernel build and
genimage.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-09-15 14:54:14 +02:00
Carlos Santos
40af3a6661 package/util-linux: create $(TARGET_DIR)/etc/pam.d if necessary
Useful for test purposes when we want to install util-linux with a
custom TARGET_DIR, e.g.

    $ make util-linux-reinstall TARGET_DIR=/tmp/util-linux

Signed-off-by: Carlos Santos <unixmania@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-09-15 14:41:44 +02:00
Fabrice Fontaine
ca3232de35 package/kompexsqlite: use github macro
Use github macro and drop SOURCE variable to keep the default SOURCE
value which gives a much more sensible tarball name

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-09-15 14:40:42 +02:00
Carlos Santos
fc7488e99f package/thttpd: fix init script
The init script provided by thttpd is for FreeBSD. Add a custom one,
made specifically for Buildroot.

Signed-off-by: Carlos Santos <unixmania@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-09-15 14:37:54 +02:00
Fabrice Fontaine
af92693742 package/flatcc: bump to version 0.6.0
Remove patch (already in version)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-09-15 14:13:40 +02:00
Fabrice Fontaine
53c0e02bad package/findutils: bump to version 4.7
- Remove patches (already in version)
- Add hash for license file

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-09-15 14:13:23 +02:00
Fabrice Fontaine
70edac1bc0 package/sslh: fixup the 'v' prefix in the version
In order for the sslh version to match what is given by
release-monitoring.org, the 'v' prefix should be encoded in
SSLH_SOURCE and not SSLH_VERSION.

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-09-15 09:50:36 +02:00
Fabrice Fontaine
ebbfb5e55e package/chrony: drop musl patch
This patch is not needed as musl defines SCM_TIMESTAMPING_PKTINFO since
version 1.1.19 and
https://git.musl-libc.org/cgit/musl/commit/?id=c35a8bf456ca6ef74e3cc7c4d8f63572bc1e1167

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-09-15 09:19:43 +02:00
Fabrice Fontaine
d063e00ea8 package/chrony: bump to version 3.5
Remove second patch (already in version)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-09-15 09:19:38 +02:00
Fabrice Fontaine
e3d0793604 package/cbootimage: bump to version 1.8
- Remove patch (already in version)
- Remove glic or uclibc toolchain dependency, not needed since
  3b3c3cccf0
- Add hash for license file

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-09-15 09:19:04 +02:00
Peter Korsgaard
32e7096ff0 package/wireguard: bump version to 0.0.20190905
For details of the changes, see the announcement:
https://lists.zx2c4.com/pipermail/wireguard/2019-September/004483.html

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-09-15 09:18:21 +02:00
Giulio Benetti
82187f9481 package/libnss: fix build failure on aarch64_be
Fixes:
http://autobuild.buildroot.net/results/bfd29593bb6c53d3e9e2d02d2ed6bea360d99c00/

In libnss there is a bug leading to build failure due to double declared
functions. This is due to 2 different #ifdef statements treating the
same function-set.

Add patch to fix this by making the 2 #ifdef statements equal.

Signed-off-by: Giulio Benetti <giulio.benetti@micronovasrl.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-09-15 09:15:24 +02:00
Peter Korsgaard
dc82013bf5 {linux, linux-headers}: bump 4.{4, 9, 14, 19}.x / 5.2.x series
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-09-15 09:10:53 +02:00
Peter Korsgaard
2683200065 package/libcurl: security bump to version 7.66.0
Fixes the following security vulnerabilities:

CVE-2019-5481: FTP-KRB double-free
https://curl.haxx.se/docs/CVE-2019-5481.html

CVE-2019-5482: TFTP small blocksize heap buffer overflow
https://curl.haxx.se/docs/CVE-2019-5482.html

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-09-15 09:10:45 +02:00
Fabrice Fontaine
047f4bf128 package/kompexsqlite: fixup the 'v' prefix in the version
In order for the kompexsqlite version to match what is given by
release-monitoring.org, the 'v' prefix should be encoded in
KOMPEXSQLITE_SOURCE and not KOMPEXSQLITE_VERSION.

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-09-14 16:02:02 +02:00
Fabrice Fontaine
c421e718fa package/zziplib: fixup the 'v' prefix in the version
In order for the zziplib version to match what is given by
release-monitoring.org, the 'v' prefix should be encoded in
ZZIPLIB_SITE and not ZZIPLIB_VERSION.

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-09-14 15:42:54 +02:00
Fabrice Fontaine
e0ada56a2a package/perl-class-std-fast: fixup the 'v' prefix in the version
In order for the perl-class-std-fast version to match what is given by
release-monitoring.org, the 'v' prefix should be encoded in
PERL_CLASS_STD_FAST_SOURCE and not PERL_CLASS_STD_FAST_VERSION.

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-09-13 22:38:01 +02:00
Peter Korsgaard
8c3032414e package/nodejs: security bump to version v10.16.3
Fixes the following security vulnerabilities:

- CVE-2019-9511 "Data Dribble": The attacker requests a large amount of data
  from a specified resource over multiple streams.  They manipulate window
  size and stream priority to force the server to queue the data in 1-byte
  chunks.  Depending on how efficiently this data is queued, this can
  consume excess CPU, memory, or both, potentially leading to a denial of
  service.

- CVE-2019-9512 "Ping Flood": The attacker sends continual pings to an
  HTTP/2 peer, causing the peer to build an internal queue of responses.
  Depending on how efficiently this data is queued, this can consume excess
  CPU, memory, or both, potentially leading to a denial of service.

- CVE-2019-9513 "Resource Loop": The attacker creates multiple request
  streams and continually shuffles the priority of the streams in a way that
  causes substantial churn to the priority tree.  This can consume excess
  CPU, potentially leading to a denial of service.

- CVE-2019-9514 "Reset Flood": The attacker opens a number of streams and
  sends an invalid request over each stream that should solicit a stream of
  RST_STREAM frames from the peer.  Depending on how the peer queues the
  RST_STREAM frames, this can consume excess memory, CPU, or both,
  potentially leading to a denial of service.

- CVE-2019-9515 "Settings Flood": The attacker sends a stream of SETTINGS
  frames to the peer.  Since the RFC requires that the peer reply with one
  acknowledgement per SETTINGS frame, an empty SETTINGS frame is almost
  equivalent in behavior to a ping.  Depending on how efficiently this data
  is queued, this can consume excess CPU, memory, or both, potentially
  leading to a denial of service.

- CVE-2019-9516 "0-Length Headers Leak": The attacker sends a stream of
  headers with a 0-length header name and 0-length header value, optionally
  Huffman encoded into 1-byte or greater headers.  Some implementations
  allocate memory for these headers and keep the allocation alive until the
  session dies.  This can consume excess memory, potentially leading to a
  denial of service.

- CVE-2019-9517 "Internal Data Buffering": The attacker opens the HTTP/2
  window so the peer can send without constraint; however, they leave the
  TCP window closed so the peer cannot actually write (many of) the bytes on
  the wire.  The attacker then sends a stream of requests for a large
  response object.  Depending on how the servers queue the responses, this
  can consume excess memory, CPU, or both, potentially leading to a denial
  of service.

- CVE-2019-9518 "Empty Frames Flood": The attacker sends a stream of frames
  with an empty payload and without the end-of-stream flag.  These frames
  can be DATA, HEADERS, CONTINUATION and/or PUSH_PROMISE.  The peer spends
  time processing each frame disproportionate to attack bandwidth.  This can
  consume excess CPU, potentially leading to a denial of service.
  (Discovered by Piotr Sikora of Google)

Notice that this version bump requires nghttp2 1.39.2.  It also includes an
(unconditional) embedded copy of brotli.

Update the license hash because of copyright year changes and the addition
of the MIT-style license text for large_pages and brotli.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-09-13 22:32:42 +02:00
Peter Korsgaard
4c7e7acbe4 package/nghttp2: security bump to version 1.39.2
Fixes the following security issues:

CVE-2019-9511: Data Dribble
CVE-2019-9513: Resource Loop

For details, see the advisory:
https://nghttp2.org/blog/2019/08/19/nghttp2-v1-39-2/

Notice that libnghttp2 itself is not affected by these vulnerabilities, only
nghttpx and nghttpd (which are currently not built).

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-09-13 22:30:03 +02:00
Peter Korsgaard
8e2845eb1a package/jo: bump to version 1.2
Drop the v prefix on the download URL as the 1.2 git tag is just '1.2' and
add a hash for the license file.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-09-13 22:29:06 +02:00
Asaf Kahlon
f106a31654 package/ccache: bump to version 3.7.4
- Update CCACHE_SITE to github.

- The hash of the license file is updated. There were two changes:

  * The reference to the credits.html file changed from
    ccache.samba.org to ccache.dev

  * The MIT license text for minitrace.[ch] was added, but it doesn't
    change the fact that the whole is under GPL-3.0, and we anyway
    already had "GPL-3.0, others" in CCACHE_LICENSE

Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
[Thomas: update the license file hash]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-09-13 22:24:14 +02:00
Peter Korsgaard
8103460aa1 package/luksmeta: bump to version v9
Bugfix release, fixing a potential infinite loop when handling the LUKS
header:

git shortlog v8..v9
Daniel Kopeček (2):
      Use asciidoc as the manual page source format
      Generate manual page from source during build time

Milan Broz (1):
      Fix infinite loop when initializing trimmed LUKS header.

Nathaniel McCallum (3):
      Fix invalid man page section reference
      Fix typos in the man page
      Release version 9

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-09-13 22:16:01 +02:00
André Hentschel
8ad978b196 package/wine: bump to version 4.0.2
Signed-off-by: André Hentschel <nerv@dawncrow.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-09-13 21:56:37 +02:00
Petr Vorel
f95580cd3d package/links: bump to version 2.20
Signed-off-by: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-09-12 19:23:19 +02:00
Christopher McCrory
c5ffc43b21 package/gawk: bump to version 5.0.1
Signed-off-by: Christopher McCrory <chrismcc@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-09-12 19:20:53 +02:00
Carlos Santos
749334cb36 package/nfs-utils: always use libtirpc and enable IPv6
nfs-utils selects rpcbind, and rpcbind unconditionally selects
libtirpc. Therefore, nfs-utils will never be used with the C library
RPC implementation: libtirpc will always be used. Consequently, all
the conditional logic to use libtirpc only if available is useless,
and we can use libtirpc unconditionally.

As an added bonus, this means that we can enable IPv6, because
libtirpc provides an IPv6-compatible RPC implementation.

Fixes: https://bugs.busybox.net/show_bug.cgi?id=10806

Signed-off-by: Carlos Santos <unixmania@gmail.com>
[Thomas: rework commit log]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-09-12 19:10:33 +02:00