Commit Graph

58788 Commits

Author SHA1 Message Date
Bernd Kuhls
e6f8c403fe package/x11r7/xlib_libXfont2: bump version to 2.0.5
Release notes:
https://lists.x.org/archives/xorg-announce/2021-August/003103.html

Removed patch which was applied upstream.
Removed md5 and sha1 hashes, reformatted hashes, updated _SITE.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-09-10 19:52:25 +02:00
Bernd Kuhls
d3355d8625 package/x11r7/xlib_libXft: bump version to 2.3.4
Release notes:
https://lists.x.org/archives/xorg-announce/2021-August/003104.html

Removed md5 and sha1 hashes, reformatted hashes, updated _SITE.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-09-10 19:52:23 +02:00
Bernd Kuhls
0476b4f2fa package/x11r7/xapp_xrdb: bump version to 1.2.1
Release notes:
https://lists.x.org/archives/xorg-announce/2021-August/003107.html

Removed md5 and sha1 hashes, reformatted hashes, updated _SITE.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-09-10 19:52:19 +02:00
Bernd Kuhls
7bfe798e8f package/dav1d: bump version to 0.9.2
Release notes:
https://code.videolan.org/videolan/dav1d/-/blob/master/NEWS

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-09-10 19:00:28 +02:00
Yann E. MORIN
4ad23552c6 package/e2fsprogs: bump version to fix regression
Version 1.46.3 had a regression, which meant the file that would store
the filesystem image had to pre-exist, or mkfs.ext2 would fail to
generate the filesystem:

    mkfs.ext4: No such file or directory while trying to determine
    filesystem size

The regression was fixed upstream, and is now part of the 1.46.4
release, so bump to that release.

Fixes: #14196

Additionally, as noticed by Romain, the defaults settings for generating
"small" filesystems have changed: the inode size has been increased fom
128 to 256 bytes in 1.46.4 [0]. This causes the number of inodes to
diverge slightly from the requested number; instead of 8 more inodes,
there are now 8 fewer than requested.

Adapt our test accordingly.

[0] a23b50cdb5

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Reported-by: Kevin Tomary <kevin.tomary@hotmail.com>
Reported-by: Leon de Rooij <leon@exquisip.nl>
Reported-by: Romain Naour <romain.naour@gmail.com>
Tested-by: Michael Walle <michael@walle.cc>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-09-10 18:22:09 +02:00
Christian Stewart
280719ba7f package/go: security bump to 1.17.1
The fix for CVE-2021-33196 can be bypassed by crafted inputs. As a result, the
NewReader and OpenReader functions in archive/zip can still cause a panic or an
unrecoverable fatal error when reading an archive that claims to contain a large
number of files, regardless of its actual size.

This is CVE-2021-39293.

https://golang.org/doc/devel/release.html#go1.16.minor

Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-09-10 15:17:04 +02:00
Fabrice Fontaine
e5ff29c4a2 Config.in.legacy: drop 2021.08 entry duplicate
Drop 2021.08 entry duplicate added with commit
531b2a10cd

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-09-10 15:04:12 +02:00
James Knight
9f127cc420 utils/getdeveloperlib.py: explicitly set devs document encoding
Explicitly indicate the file encoding to UTF-8 for the DEVELOPERS
document. This prevents Unicode decoding errors when printing E-Mail
entries with Unicode characters on systems using an alternative default
encoding (e.g. 'CP1252').

This corrects the following observed error:

    $ ./utils/get-developers outgoing/*
    Traceback (most recent call last):
      File "utils\get-developers", line 105, in <module>
        __main__()
      File "utils\get-developers", line 47, in __main__
        devs = getdeveloperlib.parse_developers()
      File "...\buildroot\utils\getdeveloperlib.py", line 239, in parse_developers
        for line in f:
      File "...\Python<ver>\lib\encodings\cp1252.py", line 23, in decode
        return codecs.charmap_decode(input,self.errors,decoding_table)[0]
    UnicodeDecodeError: 'charmap' codec can't decode byte 0x81 in position 6659: character maps to <undefined>

Signed-off-by: James Knight <james.d.knight@live.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-09-05 16:08:10 +02:00
Giulio Benetti
7515f62017 package/udisks: bump to version 2.9.3
Bump to version 2.9.3:
This is a small bugfix release focusing on exfat and dosfstools upstream
changes, along with a couple of test fixes.

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-09-05 16:05:32 +02:00
Giulio Benetti
7b5d097d84 package/libnss: bump to version 3.69.1
Release Notes (not yet available, but should eventually land):
https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.69.1_release_notes

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-09-05 16:05:27 +02:00
Julien Olivain
fdcef80189 package/glslsandbox-player: add vivante fb default
When BR2_PACKAGE_IMX_GPU_VIV_OUTPUT_FB is selected, the native windowing
will be set to vivante frame buffer.

Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-09-05 16:03:52 +02:00
Julien Olivain
7744f8f350 package/glslsandbox-player: add mali-t76x support
mali-t76x frame buffer driver requires a "null" native windowing
system. With such a system, the default EGL display is selected.

Fixes:
http://autobuild.buildroot.net/results/4a579346463d0d946d6d2a05723270135d728981

Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-09-05 16:03:51 +02:00
Julien Olivain
2bc053c2b1 package/glslsandbox-player: bump to version v2021.08.24
Changes since v2019.08.23:
- Some X11 improvements (fullscreen support)
- New EGL driver debug messages
- Wayland improvements (xdg_shell, fullscreen support)
- KMS/DRM/GBM improvements (use drmGetDevices2())
- Use eglGetPlatformDisplay() if available
- New "nullws" native windowing system
- License hash changed due to copyright date update

Fixes:
http://autobuild.buildroot.net/results/a950e90d5f8405534566df5c7a8875c293cf8845

Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-09-05 16:03:50 +02:00
Bernd Kuhls
8b8a612833 package/kodi-visualisation-waveform: bump version to 19.0.1-Matrix
Release notes:
https://github.com/xbmc/visualization.waveform/releases/tag/19.0.1-Matrix

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-09-05 16:00:02 +02:00
Bernd Kuhls
0123cff637 package/kodi-visualisation-shadertoy: bump version to 19.0.1-Matrix
Changelog:
https://github.com/xbmc/visualization.shadertoy/blob/Matrix/visualization.shadertoy/changelog.txt

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-09-05 16:00:01 +02:00
Bernd Kuhls
ba22787a3f package/kodi-peripheral-joystick: bump version to 19.0.0-Matrix
Release notes:
https://github.com/xbmc/peripheral.joystick/releases/tag/19.0.0-Matrix

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-09-05 16:00:00 +02:00
Bernd Kuhls
3ffcdf48fd package/kodi-audioencoder-wav: bump version to 19.0.0-Matrix
Release notes:
https://github.com/xbmc/audioencoder.wav/releases/tag/19.0.0-Matrix

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-09-05 15:59:59 +02:00
Bernd Kuhls
a24fd00634 package/kodi-audioencoder-vorbis: bump version to 19.0.0-Matrix
Release notes:
https://github.com/xbmc/audioencoder.vorbis/releases/tag/19.0.0-Matrix

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-09-05 15:59:58 +02:00
Bernd Kuhls
a8e66715aa package/kodi-audioencoder-lame: bump version to 19.0.0-Matrix
Release notes:
https://github.com/xbmc/audioencoder.lame/releases/tag/19.0.0-Matrix

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-09-05 15:59:57 +02:00
Bernd Kuhls
2ebdf920fd package/kodi-audioencoder-flac: bump version to 19.0.0-Matrix
Release notes:
https://github.com/xbmc/audioencoder.flac/releases/tag/19.0.0-Matrix

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-09-05 15:59:56 +02:00
Titouan Christophe
d333eab3f0 package/mosquitto: security bump to v2.0.12
Mosquitto 2.0.12 is a security and bugfix release, notably:

* Fix possible DoS in the broker with MQTTv5
* Fix CVE-2020-13849
* Fix CVE-2021-34434

Read the full announcement on
https://mosquitto.org/blog/2021/08/version-2-0-12-released/

Signed-off-by: Titouan Christophe <titouanchristophe@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-09-05 15:56:56 +02:00
Francois Perrad
d0fb6778d3 package/libsoup: bump to version 2.74.0
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-09-05 15:56:55 +02:00
Francois Perrad
27cf1f659a package/librsvg: bump to version 2.50.7
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-09-05 15:56:54 +02:00
Francois Perrad
084b41266e package/harfbuzz: bump to version 2.9.0
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-09-05 15:56:53 +02:00
Francois Perrad
162e883f39 package/can-utils: bump to version 2021.08.0
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-09-05 15:56:52 +02:00
Francois Perrad
6a89a3b830 package/vsftpd: bump to 3.0.5
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-09-05 15:56:51 +02:00
Francois Perrad
966d33676f package/sqlite: bump to version 3.36.0
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-09-05 15:56:50 +02:00
Francois Perrad
ef29301847 package/liberation: bump to version 2.1.4
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-09-05 15:56:49 +02:00
Peter Korsgaard
72e1a75820 Merge branch 'next' 2021-09-04 19:57:30 +02:00
Peter Korsgaard
d89c4ae919 Kickoff 2021.11 cycle
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-09-04 13:46:21 +02:00
Peter Korsgaard
e421bc9217 docs/website/news.html: add 2021.08 announcement link
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-09-04 13:45:29 +02:00
Peter Korsgaard
aa433d1c5c Update for 2021.08
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-09-04 11:53:24 +02:00
Fabrice Fontaine
9524cdbc00 package/xvisor: fix build with gcc 11
Fix the following build failures with gcc 11:

/home/buildroot/autobuild/instance-3/output-1/host/lib/gcc/arm-buildroot-linux-gnueabihf/11.1.0/../../../../arm-buildroot-linux-gnueabihf/bin/ld: /home/buildroot/autobuild/instance-3/output-1/build/xvisor-0.3.0/build/drivers/drivers.o: in function `psmouse_extensions':
/home/buildroot/autobuild/instance-3/output-1/build/xvisor-0.3.0/drivers/input/mouse/psmouse-base.c:783: undefined reference to `lifebook_detect'
/home/buildroot/autobuild/instance-3/output-1/host/lib/gcc/arm-buildroot-linux-gnueabihf/11.1.0/../../../../arm-buildroot-linux-gnueabihf/bin/ld: /home/buildroot/autobuild/instance-3/output-1/build/xvisor-0.3.0/drivers/input/mouse/psmouse-base.c:783: undefined reference to `alps_detect'
/home/buildroot/autobuild/instance-3/output-1/host/lib/gcc/arm-buildroot-linux-gnueabihf/11.1.0/../../../../arm-buildroot-linux-gnueabihf/bin/ld: /home/buildroot/autobuild/instance-3/output-1/build/xvisor-0.3.0/drivers/input/mouse/psmouse-base.c:783: undefined reference to `ps2pp_init'
/home/buildroot/autobuild/instance-3/output-1/host/lib/gcc/arm-buildroot-linux-gnueabihf/11.1.0/../../../../arm-buildroot-linux-gnueabihf/bin/ld: /home/buildroot/autobuild/instance-3/output-1/build/xvisor-0.3.0/drivers/input/mouse/psmouse-base.c:783: undefined reference to `trackpoint_detect'
/home/buildroot/autobuild/instance-3/output-1/host/lib/gcc/arm-buildroot-linux-gnueabihf/11.1.0/../../../../arm-buildroot-linux-gnueabihf/bin/ld: /home/buildroot/autobuild/instance-3/output-1/build/xvisor-0.3.0/drivers/input/mouse/psmouse-base.c:783: undefined reference to `fsp_detect'

Fixes:
 - http://autobuild.buildroot.org/results/69062b9c80567d135edd48890165e69881cf7295

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-09-04 11:42:27 +02:00
Fabrice Fontaine
57aa6e718f package/python-pyudev: fix build with python 2
Build with python 2 is broken since bump to version 0.22.0 in commit
0adb141d34:

error:   File "/usr/lib/python2.7/site-packages/pyudev/_ctypeslib/utils.py", line 54
    lib = cdll.LoadLibrary(f'lib{name}.so')
                                         ^
SyntaxError: invalid syntax

Fixes:
 - http://autobuild.buildroot.org/results/8b35ca6910dfd881953968f8d88ac842d57c9262

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-09-04 11:24:32 +02:00
Fabrice Fontaine
301502b7f7 package/wlroots: fix uclibc build
Fix the following uclibc build failure raised since at least bump to
version 0.11.0 in commit 0bc9c89612:

In file included from ../include/wlr/types/wlr_data_device.h:13,
                 from ../types/data_device/wlr_drag.c:7:
../include/wlr/types/wlr_seat.h:221:18: error: field 'last_event' has incomplete type
  221 |  struct timespec last_event;
      |                  ^~~~~~~~~~

Fixes:
 - http://autobuild.buildroot.org/results/3501ceb4290638b2f6d70aaa4d8ce74feec3a525

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
2021-09-03 20:59:33 +02:00
Fabrice Fontaine
050be3ad35 package/qt5/qt5base: fix build on riscv32
Fix the following build failure on riscv32:

In file included from thread/qmutex_linux.cpp:45,
                 from thread/qmutex.cpp:804:
thread/qfutex_p.h: In function 'int QtLinuxFutex::_q_futex(int*, int, int, quintptr, int*, int)':
thread/qfutex_p.h:116:30: error: '__NR_futex' was not declared in this scope; did you mean '_q_futex'?
  116 |         int result = syscall(__NR_futex, addr, op | FUTEX_PRIVATE_FLAG, val, val2, addr2, val3);
      |                              ^~~~~~~~~~
      |                              _q_futex

Fixes:
 - http://autobuild.buildroot.org/results/ffedfc000029072d5d724e98ab4551fe973658ce

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
2021-09-03 20:57:58 +02:00
Fabrice Fontaine
4b437f57a4 package/gstreamer1/gstreamer1-mm: fix build with libglib 2.68
Fix the following build failure raised since bump of libglib2 to version
2.68.1 in commit c72524fb1b:

../gstreamer/gstreamermm/register.h: In function 'GType Gst::register_mm_type(const gchar*)':
/home/buildroot/autobuild/run/instance-2/output-1/host/bin/../arm-buildroot-linux-gnueabihf/sysroot/usr/include/glib-2.0/glib/gatomic.h:117:19: error: argument 2 of '__atomic_load' must not be a pointer to a 'volatile' type
  117 |     __atomic_load (gapg_temp_atomic, &gapg_temp_newval, __ATOMIC_SEQ_CST); \
      |     ~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Fixes:
 - http://autobuild.buildroot.org/results/1c75cdcc183642fd4c15d56825848b83f2ad11a5

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
2021-09-03 20:53:41 +02:00
Baruch Siach
de39a17f71 package/netsniff-ng: fix static build of mausezahn
The configure script fails to detect libpcap in static build because it
does not take into account the libnl dependency on link. As a result the
configure script silently disables mausezahn build even when
BR2_PACKAGE_NETSNIFF_NG_MAUSEZAHN is enabled. Add upstream patch to use
pkg-config for libpcap link flags.

Cc: Joris Lijssens <joris.lijssens@gmail.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-09-03 18:16:28 +02:00
Peter Korsgaard
c8bf903e7a package/python3: security bump to version 3.9.7
Fixes the following security issues:

- bpo-42278: Replaced usage of tempfile.mktemp() with TemporaryDirectory to
  avoid a potential race condition.

- bpo-41180: Add auditing events to the marshal module, and stop raising
  code.__init__ events for every unmarshalled code object.  Directly
  instantiated code objects will continue to raise an event, and audit event
  handlers should inspect or collect the raw marshal data.  This reduces a
  significant performance overhead when loading from .pyc files.

- bpo-44394: Update the vendored copy of libexpat to 2.4.1 (from 2.2.8) to
  get the fix for the CVE-2013-0340 “Billion Laughs” vulnerability.  This
  copy is most used on Windows and macOS.

- bpo-43124: Made the internal putcmd function in smtplib sanitize input for
  presence of \r and \n characters to avoid (unlikely) command injection.

https://www.python.org/downloads/release/python-397/

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-09-03 17:07:55 +02:00
Fabrice Fontaine
fc7eaf3bee package/openmpi: fix fortran build
Fix the following build failure with fortran raised since bump to
version 4.0.0 in commit 366e7f1ecb and
99730f798b:

checking size of Fortran type(test_mpi_handle)... (cached) 4
checking alignment of Fortran type(test_mpi_handle)... configure: error: Can not determine alignment of type(test_mpi_handle) when cross-compiling

Fixes:
 - http://autobuild.buildroot.org/results/86ffde2f67ffc0bfaeebe72fe742a5c241bc580b

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-09-03 17:07:03 +02:00
Nevo Hed
e205b5ec18 package/nginx: override endianness
Though several cross-compilation patches exist in buildroot's nginx
package dir they do not seem to address endianness.

The test program generated by the configure script compiles but fails
to run (as it is built for another architecture) but the script does
not distinguish between the failure to run the program and an
indication of certain endianness.  As such the fallback of big-endian
is used.  This setting then causes http2 headers (anything not in the
static dictionary) to come out as undecipherable trash on 64bit
targets (see ngx_http_v2_huff_encode_buf()).

This commit includes a patch to the configure script to allow a
`--force-endianness=big|little` flag as well as setting that flag in
buildroot's package makefile.

Signed-off-by: Nevo Hed <nhed+buildroot@starry.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-09-02 11:25:42 +02:00
Peter Korsgaard
7314f04f53 Update for 2021.08-rc3
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-09-01 08:00:35 +02:00
Fabrice Fontaine
2962697039 package/linux-pam: find libxcrypt through pkg-config
Find libxcryt through pkg-config to avoid the following build failure:

/home/buildroot/autobuild/run/instance-3/output-1/host/opt/ext-toolchain/bin/../lib/gcc/riscv64-buildroot-linux-musl/10.2.0/../../../../riscv64-buildroot-linux-musl/bin/ld: .libs/passverify.o: in function `.L30':
passverify.c:(.text+0x368): undefined reference to `crypt_checksalt'

Fixes:
 - http://autobuild.buildroot.org/results/20b14e222b35c2d1269960075832b784ba81aa1a

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-08-31 10:39:45 +02:00
Bernd Kuhls
b8a1d969b9 package/fetchmail: bump version to 6.4.21
Release notes:
https://sourceforge.net/p/fetchmail/mailman/message/37333073/

"It contains the security fix for CVE-2021-36386 of 6.4.20, and fixes
a regression/a bug that causes log message truncation/run-together
prominently visible with --logfile that was introduced into 6.4.20."

Updated note for CVE-2021-36386:
https://sourceforge.net/p/fetchmail/mailman/message/37333078/

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-08-31 08:30:13 +02:00
Bernd Kuhls
bd20e704ec package/php: security bump version to 8.0.10
Quoting https://www.php.net/
"This is a security fix release."

Changelog: https://www.php.net/ChangeLog-8.php#8.0.10

CVE-ID were not mentioned in any of the fixed bugs.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-08-31 08:28:53 +02:00
Bernd Kuhls
630e85f8f5 package/samba4: bump version to 4.14.7
Release notes of this bugfix release:
https://www.samba.org/samba/history/samba-4.14.7.html

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-08-31 08:28:45 +02:00
Fabrice Fontaine
2990d7dcb1 package/c-ares: add C_ARES_CPE_ID_VENDOR
cpe:2.3🅰️c-ares_project:c-ares is a valid CPE identifier for this
package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Ac-ares_project%3Ac-ares

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-08-29 23:19:53 +02:00
Fabrice Fontaine
a9ca15cf92 package/c-ares: fix build with latest nodejs
Fix the following build failure with nodejs raised since bump to version
12.22.5 in commit 7038b029d8:

../src/cares_wrap.cc:42:11: fatal error: ares_nameser.h: No such file or directory
   42 | # include <ares_nameser.h>
      |           ^~~~~~~~~~~~~~~~

Fixes:
 - http://autobuild.buildroot.org/results/a0f867d5e765fc1aa052de5e53ed350b3b20743f

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-08-29 23:19:51 +02:00
Fabrice Fontaine
6be5219c41 package/c-ares: security bump to version 1.17.2
- NodeJS passes NULL for addr and 0 for addrlen to
  ares_parse_ptr_reply() on systems where malloc(0) returns NULL. This
  would cause a crash.
- If ares_getaddrinfo() was terminated by an ares_destroy(), it would
  cause a crash
- Crash in sortaddrinfo() if the list size equals 0 due to an unexpected
  DNS response
- Expand number of escaped characters in DNS replies as per RFC1035 5.1
  to prevent spoofing follow-up
- Perform validation on hostnames to prevent possible XSS due to
  applications not performing valiation themselves

https://c-ares.haxx.se/changelog.html#1_17_2

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-08-29 23:19:48 +02:00
Michael Nosthoff
d7f0a9bd93 package/json-for-modern-cpp: bump version to 3.10.2
License file year changed to 2021.

Signed-off-by: Michael Nosthoff <buildroot@heine.tech>
[Arnout: update license hash]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-08-29 19:24:27 +02:00