Drop patch merged upstream fixing jacobsa-crypto on riscv.
https://github.com/rfjakob/gocryptfs/releases/tag/v2.3.2
Signed-off-by: Christian Stewart <christian@aperture.us>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Update to 6.4 and use latest snapshot to fix CVE-2023-29491.
COPYING has been changed in snapshot 20230107 to update the year [0].
Update CVE version to major.minor.snapshot, as NVD uses the snapshot date as patch version [1].
[0]: eedb756850
[1]: https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe:2.3🅰️gnu:ncurses
Signed-off-by: Daniel Lang <dalang@gmx.at>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Get explicit compatibility with charset-normalizer 3.x
Signed-off-by: Aaron Sierra <aaron@bubbl-tek.com>
Acked-by: Yann E. MORIN <yann.morin@orange.com>
Tested-by: Yann E. MORIN <yann.morin@orange.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fix the following runtime failure raised since bump of popt to version
1.19 in commit 895bfba93f:
Segmentation fault (core dumped)
Fix the issue by backporting a fix found in upstream git repository [0].
[0] f5de3401b9/
Signed-off-by: Stefan Agner <stefan@agner.ch>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
- do not only disable NTLM delegation to winbinds ntlm_auth but
disable NTLM support overall (and drop enforced libopenssl DES
dependency introduced by 'package/libcurl: make sure openssl
supports DES' (commit f25c820a4f)
- change man page hint to https URL
- rearrange configure options to one option per line
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Update also the release url because the OpenPrinting https archive page
is out of sync with the current release archive on the main github
project.
Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Updated the link to the sources on github, the previous link no longer
exists.
Release notes:
https://github.com/Exiv2/exiv2/releases/tag/v0.27.6
Signed-off-by: Nicolas Serafini <nicolas.serafini@ik.me>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
* Remove patch applied upstream.
* Upstream fixed building inside the source tree, but still does not
recommend it, so keep LIBGIT2_SUPPORTS_IN_SOURCE_BUILD = NO
Signed-off-by: Nicolas Cavallari <nicolas.cavallari@green-communications.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The package has been orphan since commit ee58353 (2018-12-22).
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
- change download from git URL to https (and SITE_METHOD git)
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 8e11746492)
[Peter: drop Makefile / Vagrantfile changes]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
- add 'gl_cv_macro_MB_CUR_MAX_good=yes' to COREUTILS_CONF_ENV to fix
cross-compile failure since bump to 9.3
Fixes:
checking whether MB_CUR_MAX is correct... configure: error: in '.../build/coreutils-9.3':
configure: error: cannot run test program while cross compiling
See 'config.log' for more details
Reported-by: Christian Stewart <christian@aperture.us>
Link: https://lore.kernel.org/buildroot/CA+h8R2qSe6OepJMJr+KOUOAOqCRD9EX690Y+Yq4kx-M6x4uQBw@mail.gmail.com/
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
We do not need to add a hash for 6.3, as it was already added in
eadff4efe9 ({toolchain, linux-headers}: add support for 6.3 headers).
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
[yann.morin.1998@free.fr: explain why no hash update]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Adds the upstream patch that fixes the CVE.
No new release so far.
Signed-off-by: Daniel Lang <dalang@gmx.at>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
go1.19.9 (released 2023-05-02) includes three security fixes to the
html/template package, as well as bug fixes to the compiler, the runtime, and
the crypto/subtle, crypto/tls, net/http, and syscall packages.
CVE-2023-24539: html/template: improper sanitization of CSS values
CVE-2023-24540: html/template: improper handling of JavaScript whitespace
CVE-2023-29400: html/template: improper handling of empty HTML attributes
https://go.dev/doc/devel/release#go1.19.9https://github.com/golang/go/issues?q=milestone%3AGo1.19.9+label%3ACherryPickApproved
Signed-off-by: Christian Stewart <christian@aperture.us>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
When explicitly specifying printing backends libgtk3 requires file
to be one of them on linux.
Fixes:
- output/build/libgtk3-3.24.37/modules/printbackends/meson.build:39:4: ERROR: Problem encountered: 'file' print backed needs to be enabled
Signed-off-by: Daniel Lang <dalang@gmx.at>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Some patches were removed in recent version bumps:
- 492c803117 package/tbb: bump to version 2021.8.0.
- a1e0e7276c package/libmodsecurity: bump to version 3.0.9
- e4fb09f95f package/gstreamer1-editing-services: bump version to 1.22.2
- 460c9fa338 package/pciutils: bump to version 3.9.0
- 0f1d33b6c8 package/crun: bump to version 1.8.4
And some were renamed with a version bump:
- 60d8e52576 package/lua: bump to version 5.4.5
But the ignore list was not updated in any of those commits, the latter
causing issues because the patches are no longer ignored;
package/lua/5.4.5/0001-root-path.patch:0: missing Upstream in the header (http://nightly.buildroot.org/#_additional_patch_documentation)
package/lua/5.4.5/0002-shared-libs-for-lua.patch:0: missing Upstream in the header (http://nightly.buildroot.org/#_additional_patch_documentation)
package/lua/5.4.5/0011-linenoise.patch:0: missing Upstream in the header (http://nightly.buildroot.org/#_additional_patch_documentation)
384140 lines processed
3 warnings generated
Update the ignore list accordingly.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
A previous commit [1] (libcurl 7.19.2) configured `LD_LIBRARY_PATH` to
prevent cross-compiling errors when target == host; however, such an
override is no longer needed [2][3] (libcurl 7.37, 7.74) and causes
build errors in some environments. Dropping the override.
Fixes:
- https://bugs.busybox.net/show_bug.cgi?id=15181
[1]: a51ce31949
[2]: e48a821ed5
[3]: 6f3369bbcf
Signed-off-by: James Knight <james.d.knight@live.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
When browsing the help references for various systemd features, it was
observed that the `systemd-rfkill` link was dead (originally pointing to
`systemd-rfkill@.service.html`; now `systemd-rfkill.service.html`). This
commit corrects this link, as well as updates all other links to https
(since freedesktop.org now force redirects to https).
Signed-off-by: James Knight <james.d.knight@live.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
