Bugfix release with many security fixes, including (but not limited to)
patches for CVE-2023-25358, CVE-2022-0108, CVE-2022-32885,
CVE-2023-27932, CVE-2023-27954, and CVE-2023-28205.
Release notes:
https://webkitgtk.org/2023/04/20/webkitgtk2.38.6-released.html
Accompanying security advisory:
https://webkitgtk.org/security/WSA-2023-0003.html
Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Bugfix release with many security fixes, including (but not limited to)
patches for CVE-2023-25358, CVE-2022-0108, CVE-2022-32885,
CVE-2023-27932, CVE-2023-27954, and CVE-2023-28205.
Release notes:
https://wpewebkit.org/release/wpewebkit-2.38.6.html
Accompanying security advisory:
https://wpewebkit.org/security/WSA-2023-0003.html
Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
- Drop 0003-Revert-Fix-maxminddb-link-on-FreeBSD.patch, handling of libmaxminddb
was fixed upstream in d2b700d
- Drop 0004-build-pcre.m4-fix-build-without-pcre.patch, handling of PCRE was
fixed upstream in 791964a
Signed-off-by: Frank Vanbever <frank.vanbever@mind.be>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
- Remove upstream patches as they are no more needed.
Signed-off-by: Francis Laniel <flaniel@linux.microsoft.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix three CVEs (CVE-2023-25652, CVE-2023-25815, and CVE-2023-29007).
For details on these, see release announcement at [1].
[1]: https://lore.kernel.org/git/xmqqa5yv3n93.fsf@gitster.g/
Signed-off-by: Bagas Sanjaya <bagasdotme@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The test chckes that the "Upstream:" tag be on the first column, without
any leading character (no space, no bracket of any kind).
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The past participle for "to fix" is "fix". The "did you forget" got
eluded into "forget", so again a past participle.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Currently, utils/docker-run spawns a container with a tty, so that he
user can interact properly in the container.
However, that requires a tty when calling docker-run, which is not
always guaranteed, e.g. if called from a git hook.
Since the script is a bash script already, we can use an array to store
options passed to docker, and only add the -t option when there is
actually a tty available.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Ricardo Martincoski <ricardo.martincoski@gmail.com>
This patch updates my email address in the DEVELOPERS file.
Signed-off-by: Christian Stewart <christian@aperture.us>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
- Drop "0001-meson-change-std-to-gnu99.patch" since change is available
in this version.
Signed-off-by: James Knight <james.d.knight@live.com>
[yann.morin.1998@free.fr: regenerate .checkpackageignore]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
- glib2 has moved from PCRE to PCRE2 [1].
- Drop `fam` option since it no longer available [2].
- Drop "0001-fix-compile-time-atomic-detection.patch" since upstream
patch was dropped and new atomic detection implementation has been
applied in this version.
- Drop "0002-remove-cpp-requirement.patch" since upstream has modified
its Meson scripts to have any C++ usage as optional.
- Drop "0003-Add-Wno-format-nonliteral-to-compiler-arguments.patch"
since change is available in this version.
- Add new patch to address new Werror compilation errors [3].
- Renamed "0004-*.patch" -> "0001-*.patch" since it should still be
applicable for its mentioned build case.
[1]: https://bugzilla.redhat.com/show_bug.cgi?id=1938974
[2]: https://gitlab.gnome.org/GNOME/glib/-/merge_requests/2570
[3]: https://gitlab.gnome.org/GNOME/glib/-/merge_requests/3390
Signed-off-by: James Knight <james.d.knight@live.com>
[yann.morin.1998@free.fr:
- update upstream status on new patch
- regenerate .checkpackageignore
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Providing an upstream status for the remaining libglib2 patch from a
recent version bump. This patch was introduced in Buildroot around
November 2021 to help deal with build errors where `GObject-2.0.gir`
could not be found (tied to Buildroot changes made in
`gobject-introspection.mk`). The discussion thread mentions this could
be submitted upstream, but looks like it never was. Reflecting that this
package has not been submitted upstream.
Signed-off-by: James Knight <james.d.knight@live.com>
[yann.morin.1998@free.fr: update .checkpackageignore]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Commit 5e1c238b72 (package/ltp-testsuite: require 5.11 headers for
musl) dropped a patch, which had no "upstream" status, and thus had an
ignore entry, which itself was ignored when the patch got removed.
Regenerate .checkpackage ignore now.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
As noted by Yann E. MORIN in [1] only the src/flash/nand/ecc.c file
refers to the eCos license.
The SPDX identifier for that file is:
SPDX-License-Identifier: GPL-2.0-or-later WITH eCos-exception-2.0
The file is part of the openocd executable via libopenocd.la, which being
a static library it is not installed.
Based on this, becomes more natural to associate the eCos exception with
the GPL 2.0+ license, rather than considering it separately as a license.
[1] https://patchwork.ozlabs.org/project/buildroot/patch/20230411203930.2455301-1-dario.binacchi@amarulasolutions.com/
Suggested-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Since upstream Linux commit ed21d6d7c48e6e96c2d617e304a7ebfbd17b1807
("perf tests: Add test for PE binary format support") present in >=
v5.10 there is an unconditional installation of PE binaries.
Some toolchains have a readelf tool that correctly interpret the PE
files, and reports ELF-alike fields. This causes check-bin-arch to
reject those files.
Make sure that these binaries are excluded from being checked to allow
the installation of the perf tests.
Fixes: 6fcdaa4c50 ("package/linux-tools: Allow installation of perf scripts")
Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Jobs with the syntax @hourly, @daily, ... were not executed since the
version bump from `v4.5` to commit `1ba33c3325df48de46263276a43ed76cf9d81518`.
This patch fixes the bug downstream.
Signed-off-by: Mario Haustein <mario.haustein@hrz.tu-chemnitz.de>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
