Fabrice Fontaine
e9b19c06ec
package/vsftpd: set VSFTPD_CPE_ID_VALID
...
cpe:2.3🅰️ vsftpd_project:vsftpd is a valid CPE identifier for this
package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Avsftpd_project%3Avsftpd
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-01-31 21:28:13 +01:00
Fabrice Fontaine
e63ac3bc5d
package/vdr: add VDR_CPE_ID_VENDOR
...
cpe:2.3🅰️ tvdr:vdr is a valid CPE identifier for this package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Atvdr%3Avdr
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-01-31 21:28:05 +01:00
Fabrice Fontaine
47b372aa30
package/squid: add SQUID_CPE_ID_VENDOR
...
cpe:2.3🅰️ squid-cache:squid is a valid CPE identifier for this package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Asquid-cache%3Asquid
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-01-31 21:28:00 +01:00
Fabrice Fontaine
2f4b54d51f
package/leptonica: fix legal info
...
Commit 5159f65660
forgot to update hash of
leptonica-license.txt which changed due to an update in year:
8193d341dd
Fixes:
- http://autobuild.buildroot.org/results/1644512ca52eed1b69d65d3ca145ec0d253888a8
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-01-31 21:26:57 +01:00
Fabrice Fontaine
dce35d8f71
package/leptonica: add LEPTONICA_CPE_ID_VENDOR
...
cpe:2.3🅰️ leptonica:leptonica is a valid CPE identifier for this
package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Aleptonica%3Aleptonica
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-01-31 21:26:53 +01:00
Fabrice Fontaine
fdb1127cd8
package/leptonica: add libwebp{demux, mux} optional dependency
...
leptonica optionally depends on webp/demux.h and webp/mux.h since
version 1.79.0:
a7c5bcdf04
0ce4b9cc08
Fixes:
- http://autobuild.buildroot.org/results/1f8531e1651e82a1e93707ccb205d0e7a3cae1a3
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-01-31 21:26:40 +01:00
Fabrice Fontaine
02815955d3
package/faad2: add CPE variables
...
cpe:2.3🅰️ audiocoding:freeware_advanced_audio_decoder_2 is a valid CPE
identifier for this package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Aaudiocoding%3Afreeware_advanced_audio_decoder_2
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-01-31 21:25:28 +01:00
Heiko Thiery
217035b5ed
package/ser2net: bump version to 4.3.2
...
Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-01-31 21:23:35 +01:00
Heiko Thiery
45089efbd7
package/gensio: bump version to 2.2.3
...
Drop upstream patch that is in new version.
Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-01-31 21:23:34 +01:00
Heiko Thiery
6d9a29b4a3
package/netopeer2: bump version to 1.1.53
...
Remove patch applied upstream.
Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-01-31 21:21:59 +01:00
Heiko Thiery
aaba56ce3f
package/sysrepo: bump version to 1.4.104
...
Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-01-31 21:21:58 +01:00
Heiko Thiery
8b9136b21b
package/libnetconf2: bump version to 1.1.36
...
Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-01-31 21:21:56 +01:00
Heiko Thiery
1b8ba471c9
package/libyang: bump to version 1.0.215
...
Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-01-31 21:21:55 +01:00
Fabrice Fontaine
5595799812
package/gdk-pixbuf: link with lintl if needed
...
Fixes:
- http://autobuild.buildroot.org/results/4dc94dadbc17e06a214478644f29877fe205f93d
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-01-31 18:04:36 +01:00
Thomas Petazzoni
52a53c97e5
support/scripts/pkg-stats: fix flake8 warnings
...
Fixes:
support/scripts/pkg-stats:148:17: E741 ambiguous variable name 'l'
support/scripts/pkg-stats:379:9: E741 ambiguous variable name 'l'
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-01-31 12:03:12 +01:00
Thomas Petazzoni
67768e97b0
support/scripts/pkg-stats: drop unused --cpeid option
...
The --cpeid option was mistakenly introduced by commit
92e7089a8c
("support/script/pkg-stats:
show CPE ID in results") but is in fact not necessary.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-01-31 12:03:11 +01:00
Thomas Petazzoni
cad5a69f83
support/scripts/pkg-stats: drop unused cpeid_name() function
...
The cpeid_name() function is not used anywhere, drop it.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-01-31 12:03:00 +01:00
Thomas Petazzoni
68364a4b58
support/scripts/pkg-stats: fix the status reporting of CVEs
...
Since commit bd665d182c
("support/scripts/pkg-stats: improve rendering of CVE information"),
we have better reporting of CVE related information, based on
pkg.status['cve']. However, this commit broke pkg-stats when the
--nvd-path option is not passed, and therefore no CVE information is
available.
This commit fixes that, by making use of the is_status_ok(),
is_status_error() and is_status_na() methods recently introduced.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-01-31 12:02:42 +01:00
Thomas Petazzoni
7f83ad7467
support/scripts/pkg-stats: improvements in is_status_*() methods
...
Make is_status_ok() work when the given status name is not even listed
in the status dict. This will be necessary for following commits.
Introduced similar methods for the error and na status, which will be
used in following commits.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-01-31 12:02:41 +01:00
Gilles Talis
92bb7938ab
package/xapian: bump to version 1.4.18
...
Signed-off-by: Gilles Talis <gilles.talis@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-01-31 11:29:45 +01:00
Gilles Talis
35ea1dd30c
package/opusfile: bump to version 0.12
...
also set the indentation to 2 spaces in hash file
Signed-off-by: Gilles Talis <gilles.talis@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-01-31 11:29:39 +01:00
Gilles Talis
5159f65660
package/leptonica: bump to version 1.80.0
...
Also added 2 spaces indentation in hash file
Signed-off-by: Gilles Talis <gilles.talis@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-01-31 11:29:28 +01:00
Gilles Talis
c126bb9c7d
package/faad2: bump to version 2.10.0
...
Signed-off-by: Gilles Talis <gilles.talis@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-01-31 11:29:20 +01:00
Gilles Talis
3af209f74d
DEVELOPERS: add Gilles Talis for opusfile
...
Signed-off-by: Gilles Talis <gilles.talis@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-01-31 11:27:49 +01:00
Gilles Talis
bf8f72c043
DEVELOPERS: Add Gilles Talis for faad2
...
Signed-off-by: Gilles Talis <gilles.talis@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-01-31 11:27:43 +01:00
Bernd Kuhls
fd0796a27a
package/{mesa3d, mesa3d-headers}: bump version to 20.3.4
...
Release notes:
https://lists.freedesktop.org/archives/mesa-announce/2021-January/000618.html
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-01-31 11:27:30 +01:00
Fabrice Fontaine
e35cacf050
package/libgpgme: bump to version 1.15.1
...
Update indentation in hash file (two spaces)
http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gpgme.git;a=blob;f=NEWS;h=f6c2b0d3c53b3a62ca71a2a85b2d9764cda359c0
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-01-30 22:19:52 +01:00
Fabrice Fontaine
6b79c8fb05
package/libgpgme: add CPE variables
...
cpe:2.3🅰️ gnupg:gpgme is a valid CPE identifier for this package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Agnupg%3Agpgme
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-01-30 22:19:45 +01:00
Fabrice Fontaine
2312e99499
package/mutt: add gpgme optional dependency
...
gpgme is supported since 2005 and
4bb5db92a8
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-01-30 22:18:53 +01:00
Fabrice Fontaine
b96a732c76
package/vde2: add CPE variables
...
cpe:2.3🅰️ vde_project:vde is a valid CPE identifier for this package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Avde_project%3Avde
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-01-30 22:16:22 +01:00
Fabrice Fontaine
a2a165eb49
package/haproxy: bump to version 2.2.8
...
https://www.mail-archive.com/haproxy@formilux.org/msg39408.html
https://www.mail-archive.com/haproxy@formilux.org/msg39470.html
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-01-30 22:15:10 +01:00
Fabrice Fontaine
11fc8ce9f3
package/logrotate: use official tarball
...
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-01-30 22:14:57 +01:00
Fabrice Fontaine
70acf563aa
package/bitcoin: add CPE variables
...
cpe:2.3🅰️ bitcoin:bitcoin_core is a valid CPE identifier for this
package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Abitcoin%3Abitcoin_core
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-01-30 17:02:35 +01:00
Fabrice Fontaine
f2050d050b
package/bitcoin: security bump to version 0.21.0
...
Tag as a security bump as having an up to date bitcoin is important:
https://patchwork.ozlabs.org/project/buildroot/patch/20200202085526.35742-1-james.hilliard1@gmail.com
https://github.com/bitcoin/bitcoin/blob/master/doc/release-notes/release-notes-0.21.0.md
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-01-30 17:02:08 +01:00
Fabrice Fontaine
1b18d9104f
package/socat: security bump to version 1.7.4.1
...
Buffer size option (-b) is internally doubled for CR-CRLF conversion,
but not checked for integer overflow. This could lead to heap based
buffer overflow, assuming the attacker could provide this parameter.
- Update indentation in hash file (two spaces)
- Update hash of README file due to minor updates:
https://repo.or.cz/socat.git/commit/b145170837d75bd7a1a5803283910ab075d47bea
https://repo.or.cz/socat.git/commit/0a115feadc3102f17e0a8a1a985319af0295f704
http://www.dest-unreach.org/socat/doc/CHANGES
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-01-30 13:41:50 +01:00
Geoffrey Le Gourriérec
1f50a44371
package/uclibc: Patch with updated kernel time definitions
...
Building uclibc 1.0.37 for SuperH architecture with linux-headers 5.10.7
fails at libpthread level due to missing time-related data structures,
usually defined by the kernel. Make uclibc correctly define those types.
A previous patch in buildroot [1] fixed the symptom by tampering with
linux-headers inclusions, but analysis [2] done in collaboration with
Linux folks concluded that the issue lied in (voluntary) include guard
"preemption" in uclibc kernel_types.h.
However, kernel_types.h was not up to date with relevant 64-bit time
data structures, so defining those here was needed.
The present uclibc patch was mailed to uclibc-ng mailing list and got
a positive response; I am not able to give a link to the discussion,
as it has not appeared yet [3] (perhaps I'm not looking at the right
place ?)
So until the patch is merged upstream and we bump uclibc version, keep
our patch here.
[1] https://git.buildroot.net/buildroot/commit/?id=742f37de8d0e3797698411dfc6a63bd7e98aafe2
[2] https://patchwork.kernel.org/project/linux-sh/patch/20210123165652.10884-1-geoffrey.legourrierec@gmail.com/
[3] https://mailman.uclibc-ng.org/pipermail/devel/2021-January/thread.html
Signed-off-by: Geoffrey Le Gourriérec <geoffrey.legourrierec@gmail.com>
Tested-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-01-30 13:39:08 +01:00
Geoffrey Le Gourriérec
fbbcacff7d
board/qemu/sh4*: Remove linux-headers patch
...
Previous patch about time data structures [1] provided a dirty fix
that did not solve the real issue.
After discussing with Linux folks on the SuperH mailing list [2],
the patch was deemed unnecessary, as the problem lied in uclibc.
[1] https://git.buildroot.net/buildroot/commit/?id=742f37de8d0e3797698411dfc6a63bd7e98aafe2
[2] https://patchwork.kernel.org/project/linux-sh/patch/20210123165652.10884-1-geoffrey.legourrierec@gmail.com/
Signed-off-by: Geoffrey Le Gourriérec <geoffrey.legourrierec@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-01-30 13:38:58 +01:00
Fabrice Fontaine
ca1afcb217
package/ply: needs headers >= 4.14
...
ply uses BPF_JLT is available only since kernel 4.14 with:
92b31a9af7
Fixes:
- http://autobuild.buildroot.org/results/632187ceb7ca5e2dc5a3e5185860ddb874b4274c
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-01-30 13:32:30 +01:00
Fabrice Fontaine
8f8606f2aa
package/wayland: add WAYLAND_CPE_ID_VENDOR
...
cpe:2.3🅰️ wayland:wayland is a valid CPE identifier for this package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Awayland%3Awayland
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-01-30 13:29:56 +01:00
Fabrice Fontaine
048dac0758
package/sox: add CPE variables
...
cpe:2.3🅰️ sound_exchange_project:sound_exchange is a valid CPE
identifier for this package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Asound_exchange_project%3Asound_exchange
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-01-30 13:29:19 +01:00
Fabrice Fontaine
eebf13ab96
package/libgeos: disable benchmarks
...
Fixes:
- http://autobuild.buildroot.org/results/790450f7541d690cdef3917d7056759cb9b403c5
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-01-30 13:27:59 +01:00
Fabrice Fontaine
8713001aad
package/dhcpcd: fix build with nds32
...
Fix build failure with dhcpcd due to SECCOMP_AUDIT_ARCH which is used
since version 9.3.0 and
a926ee6d8f
Fixes:
- http://autobuild.buildroot.org/results/af8ba07ea0c12ab8cd24d528ef98db05521f3d36
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-01-30 11:41:58 +01:00
Fabrice Fontaine
ea238f53eb
package/spice: set SPICE_CPE_ID_VALID
...
cpe:2.3🅰️ spice_project:spice is a valid CPE identifier for this
package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Aspice_project%3Aspice
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-01-30 11:39:05 +01:00
Fabrice Fontaine
767f7567e3
package/pinentry: bump to version 1.1.1
...
- add efl optional dependency which is available since
http://git.gnupg.org/cgi-bin/gitweb.cgi?p=pinentry.git;a=commit;h=948105b7a34ec9a9e5479d376b7c86bafee50a01
- Update indentation in hash file (two spaces)
http://git.gnupg.org/cgi-bin/gitweb.cgi?p=pinentry.git;a=blob;f=NEWS;h=c8b5195ace7bb3ffb1420ae479ac39d65b0fa17c
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-01-30 11:38:39 +01:00
Jianhui Zhao
d8efcd2ab2
package/rtty: bump version to 7.3.0
...
Signed-off-by: Jianhui Zhao <zhaojh329@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-01-30 11:37:37 +01:00
Bernd Kuhls
a55a3f27f1
package/libgcrypt: security bump version to 1.9.1
...
Removed patch which was applied upstream.
Release notes:
https://lists.gnupg.org/pipermail/gnupg-announce/2021q1/000456.html
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-01-30 11:31:20 +01:00
Peter Korsgaard
1c61297ec0
{linux, linux-headers}: bump 4.19.x / 5.{4, 10}.x series
...
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-01-30 11:31:09 +01:00
Michael Nosthoff
62f9d440ab
package/spdlog: bump to version 1.8.2
...
Signed-off-by: Michael Nosthoff <buildroot@heine.tech>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-01-30 11:30:42 +01:00
Gwenhael Goavec-Merou
c36367e909
package/python-remi: bump to version 2020.11.20
...
Add runtime dependencies to pythonX-ssl and python-setuptools.
Signed-off-by: Gwenhael Goavec-Merou <gwenhael.goavec-merou@trabucayre.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-01-30 11:28:05 +01:00
Fabrice Fontaine
7b7c0c6b78
package/pinentry: drop unrecognized option
...
Drop --with-x option which is not recognized:
configure: WARNING: unrecognized options: --disable-gtk-doc, --disable-gtk-doc-html, --disable-doc, --disable-docs, --disable-documentation, --with-xmlto, --with-fop, --enable-ipv6, --disable-nls, --disable-static, --enable-shared, --with-x
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-01-29 09:39:53 +01:00