Commit Graph

69353 Commits

Author SHA1 Message Date
Bernd Kuhls
ff82db21f8 package/intel-gmmlib: bump version to 22.3.12
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-09-27 21:09:27 +02:00
Bernd Kuhls
2a711479d3 package/linux-headers: drop 6.4.x option
The 6.4.x series is now EOL upstream, so drop the linux-headers option
and add legacy handling for it.

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-09-27 21:06:30 +02:00
Bernd Kuhls
b5ba9f80ad linux: bump latest version to 6.5
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-09-27 21:06:19 +02:00
Bernd Kuhls
18d21c9cfc {toolchain, linux-headers}: add support for 6.5 headers
And add (and default to) 6.5 to linux-headers.

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-09-27 21:06:02 +02:00
Bernd Kuhls
181cf756ca {linux, linux-headers}: bump 4.{14, 19}.x / 5.{4, 10, 15}.x / 6.{1, 4}.x series
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-09-27 21:05:41 +02:00
Fabrice Fontaine
6ce55ab0ed package/memcached: bump to version 1.6.21
- Send first patch upstream
- Drop second and third patches (already in version) and so drop
  autoreconf

https://github.com/memcached/memcached/wiki/ReleaseNotes1618
https://github.com/memcached/memcached/wiki/ReleaseNotes1619
https://github.com/memcached/memcached/wiki/ReleaseNotes1620
https://github.com/memcached/memcached/wiki/ReleaseNotes1621

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-09-27 21:04:40 +02:00
Fabrice Fontaine
56c7da8e08 package/xxhash: bump to version 0.8.2
- Drop all patches (already in version)
- Update hash of LICENSE file (year updated with
  f035303b8a)

https://github.com/Cyan4973/xxHash/releases/tag/v0.8.2

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-09-27 21:04:14 +02:00
Fabrice Fontaine
757c81f126 package/openresolv: bump to version 3.13.2
https://github.com/NetworkConfiguration/openresolv/compare/v3.12.0...v3.13.2

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-09-27 21:03:50 +02:00
Fabrice Fontaine
cf155e0d04 package/openipmi: bump to version 2.0.34
https://sourceforge.net/p/openipmi/news/2023/09/openipmi-2034-released/

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-09-27 21:03:29 +02:00
Fabrice Fontaine
9e2b91b7ac package/omniorb: bump to version 4.3.1
https://sourceforge.net/projects/omniorb/files/omniORB/omniORB-4.3.1/

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-09-27 21:03:15 +02:00
Fabrice Fontaine
df78ca175c package/newt: bump to version 0.52.23
https://pagure.io/newt/blob/6e3a852c6becac7f2f231453682089577ad3de3d/f/CHANGES

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-09-27 21:02:59 +02:00
Bernd Kuhls
1c7d532ee9 package/tor: bump version to 0.4.8.6
Release notes:
https://gitlab.torproject.org/tpo/core/tor/-/raw/release-0.4.8/ReleaseNotes

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-09-27 21:02:36 +02:00
Michael Fischer
6dc3d3c360 package/gnuplot: bump version to 5.4.9
Changelog:
http://www.gnuplot.info/ReleaseNotes_5_4_9.html

Signed-off-by: Michael Fischer <mf@go-sys.de>
[Peter: use --without-qt for consistency]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-09-27 21:01:12 +02:00
Fabrice Fontaine
da8bd82e3b package/ndisc6: bump to version 1.0.7
https://git.remlab.net/gitweb/?p=ndisc6.git;a=blob;f=NEWS;h=34d9a653087a8e89f595156a4ec69969e5ca3013

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-09-27 19:49:53 +02:00
Fabrice Fontaine
35dcf9ee56 package/nanomsg: bump to version 1.2
https://github.com/nanomsg/nanomsg/releases/tag/1.2

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-09-27 19:46:32 +02:00
Fabrice Fontaine
c76f5f24c7 package/libdnet: bump to version 1.16.4
Drop second patch (already in version)

https://github.com/ofalk/libdnet/releases/tag/libdnet-1.16.2
https://github.com/ofalk/libdnet/releases/tag/libdnet-1.16.3
https://github.com/ofalk/libdnet/releases/tag/libdnet-1.16.4

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-09-27 19:46:09 +02:00
Michael Fischer
285f136a15 package/sdl2: bump version to 2.28.3
Signed-off-by: Michael Fischer <mf@go-sys.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-09-27 19:44:17 +02:00
Peter Korsgaard
5fdc797aba docs/website: Update for 2023.02.5
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-09-27 19:35:36 +02:00
Peter Korsgaard
7239f204cb docs/website/news.html: fix left/right ordering for 2023.05.3 announcement
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-09-27 19:33:08 +02:00
Peter Korsgaard
8ea74a5b49 Update for 2023.02.5
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit df2c4a2301)
[Peter: drop Makefile/Vagrantfile changes]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-09-27 19:32:20 +02:00
Peter Korsgaard
de48ecb83d docs/website: Update for 2023.05.3
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-09-27 08:20:29 +02:00
Peter Korsgaard
a0831dd5f5 Update for 2023.05.3
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 70638523a7)
[Peter: drop Makefile/Vagrantfile changes]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-09-27 08:16:19 +02:00
Fabrice Fontaine
0a0dd63c82 package/pppd: drop PPPD_DROP_INTERNAL_IF_PPOL2TP_H
PPPD_DROP_INTERNAL_IF_PPOL2TP_H is not needed since bump to version
2.4.6 in commit 49b239ab20 and
c41092dd4c

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2023-09-24 20:20:10 +02:00
Jens Maus
278d1db56b package/nodejs: fix cross-compile builds
When nodejs is build, a qemu wrapper script is used to execute some
programs built for the target in user-mode emulation. However, when the
target and build machines are similar (e.g. x86_74), running those
programs fails, with errors such as:

    cd ../../tools/v8_gypfiles; python ../../deps/v8/tools/run.py ../../out/Release/v8-qemu-wrapper ../../out/Release/bytecode_builtins_list_generator ../../out/Release/obj.host/gen/generate-bytecode-output-root/builtins-generated/bytecodes-builtins-list.h
    ../../out/Release/bytecode_builtins_list_generator: /lib/x86_64-linux-gnu/libstdc++.so.6: version `GLIBCXX_3.4.29' not found (required by ../../out/Release/bytecode_builtins_list_generator)
    ../../out/Release/bytecode_builtins_list_generator: /lib/x86_64-linux-gnu/libc.so.6: version `GLIBC_2.33' not found (required by ../../out/Release/bytecode_builtins_list_generator)
    ../../out/Release/bytecode_builtins_list_generator: /lib/x86_64-linux-gnu/libc.so.6: version `GLIBC_2.32' not found (required by ../../out/Release/bytecode_builtins_list_generator)
    ../../out/Release/bytecode_builtins_list_generator: /lib/x86_64-linux-gnu/libc.so.6: version `GLIBC_2.34' not found (required by ../../out/Release/bytecode_builtins_list_generator)
    Return code is 1

So the question is: why the heck does Qemu use the host C library?

To answer this question, we first have to look at how the -L option of
Qemu is implemented. This option is documented as such:

    -L path     QEMU_LD_PREFIX   set the elf interpreter prefix to 'path'

The v8-qemu-wrapper script makes this option point to $(STAGING_DIR),
so that the ELF interpreter used is the one in $(STAGING_DIR).

However, contrary to what the option documentation says, this option
does much more than setting the ELF interpreter prefix: it is going to
affect how *all* system calls manipulating files (open, etc.) are
going to work.

When this option is passed, the function init_paths() in
https://git.qemu.org/?p=qemu.git;a=blob;f=util/path.c is called at
initialization time, and essentially its sets the global "base"
variable to point to the directory passed as -L argument.

Then, for every single syscall that manipulates a path, this path will
be passed through the path() function in the same file. This function
will first attempt to resolve the path with "base" as a prefix, and if
not, return the unprefixed path.

After adding some traces into this function, I was able to understand
what happens:

(1) -L$(STAGING_DIR) is passed, causing "base" to point to
$(STAGING_DIR)

(2) The target ELF interpreter from $(STAGING_DIR) is properly invoked

(3) When this ELF interpreter then resolves the libc.so.6 library, it
    first looks for /etc/ld.so.cache.

(4) Qemu first looks for /etc/ld.so.cache with the -L prefix, i.e
    $(STAGING_DIR)/etc/ld.so.cache, but it does not exist. So, the Qemu
    system call emulation falls back to /etc/ld.so.cache, which means
    the target ELF interpreter reads the /etc/ld.so.cache of the host
    system.

(5) This /etc/ld.so.cache of the host system says that libc.so.6 is in
    /lib/x86_64-linux-gnu/

(6) The target ELF interpreter therefore tries to use
    /lib/x86_64-linux-gnu/libc.so.6. The Qemu system call emulation
    first tries $(STAGING_DIR)/lib/x86_64-linux-gnu/libc.so.6, but
    this library does not exist (it is in
    $(STAGING_DIR)/lib/libc.so.6), so the Qemu system call emulation
    falls back to /lib/x86_64-linux-gnu/libc.so.6 of the host system,
    which exist... but is too old compared to the target C library.
    Indeed, results from ld.so.cache take precedence over the simple
    resolution of library paths in /usr/lib and /lib.

We see 3 possible ideas to resolve this problem:

(A) Change the behavior of Qemu to not fallback to unprefixed paths:
    when -L is passed, all path-related system calls should see the
    paths prefixed by the -L option.

    Issue with this is that this change is unlikely to get accepted by
    Qemu upstream. And there might be some side effects we have not
    really identified.

(B) Create an empty $(STAGING_DIR)/etc/ld.so.cache. We have tested
    this solution and it works: it gets used instead of the host
    /etc/ld.so.cache. Because $(STAGING_DIR)/etc/ld.so.cache is empty,
    there's no libc.so.6 match, so the target ELF interpreter goes
    through its normal library location resolution logic, which falls
    back to trying in /usr/lib and /lib, which works as those paths
    ends up being prefixed with $(STAGING_DIR) by Qemu.

(C) Pass LD_LIBRARY_PATH pointing to $(STAGING_DIR)/lib and
    $(STAGING_DIR)/usr/lib in the Qemu wrapper. This works because
    LD_LIBRARY_PATH paths have precedence over paths given by
    ld.so.cache.

    This is the solution already used by the GOI qemu wrapper in
    package/gobject-introspection/g-ir-scanner-qemuwrapper.in.

We chose to go with the third option, because it has been proven to work
for the GOI wrapper, and has been reported to solve #14366. Even though
the first option would be the best, it is also the one that has the
least chances to land any time soon (if ever); the second has not been
exercised, and the impact is not fully understood either (e.g what about
non-glibc toolchains?).

Fixes: #14366

Signed-off-by: Jens Maus <mail@jens-maus.de>
[yann.morin.1998@free.fr:
  - add whole analsys done by Thomas in:
    https://lore.kernel.org/buildroot/20221031213926.50d3c778@windsurf/
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2023-09-24 18:21:11 +02:00
Fabrice Fontaine
2314928cf8 package/open-iscsi: bump to version 2.1.9
- Drop patch (already in version)
- Drop license comment and add REAMDE and libopeniscsiusr/COPYING as
  license files due to
  10d50ed4bc

https://github.com/open-iscsi/open-iscsi/blob/2.1.9/Changelog

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2023-09-24 12:25:19 +02:00
Fabrice Fontaine
3e8e2e0b43 package/libostree: needs headers >= 5.4
linux/fsverity.h is only available since kernel 5.4 and
085771ec14
resulting in the following build failure since bump to version 2023.5 in
commit c64a3e9767 and
d3b4b1a259:

composefs/libcomposefs/lcfs-writer-erofs.c:37:10: fatal error: linux/fsverity.h: No such file or directory
   37 | #include <linux/fsverity.h>
      |          ^~~~~~~~~~~~~~~~~~

Fixes:
 - http://autobuild.buildroot.org/results/045987a09cf9061dae80db6ada1f912b2867db26

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2023-09-24 12:25:13 +02:00
Bernd Kuhls
33e5043eba package/cmake: bump version to 3.27.6
Changelog: https://cmake.org/cmake/help/v3.27/release/3.27.html#updates

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2023-09-24 12:25:07 +02:00
Bernd Kuhls
2c811e7aa3 package/dovecot-pigeonhole: bump version to 0.5.21
Release notes:
https://dovecot.org/mailman3/archives/list/dovecot-news@dovecot.org/thread/Y5SJWAIAVEAQ2KKSWJM7VSJUUFRMFAH5/

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2023-09-24 12:25:00 +02:00
Bernd Kuhls
3ea7e8b80b package/dovecot: bump version to 2.3.21
Release notes:
https://dovecot.org/mailman3/archives/list/dovecot-news@dovecot.org/thread/KYDR7WWPEQOBZA3IA4NL5XDSLODZLG6N/

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2023-09-24 12:24:54 +02:00
Bernd Kuhls
28c7d82600 package/libva-utils: bump version to 2.20.0
Release notes:
https://github.com/intel/libva-utils/blob/v2.20-branch/NEWS

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2023-09-24 12:24:48 +02:00
Bernd Kuhls
e926c83928 package/libva: bump version to 2.20.0
Release notes: https://github.com/intel/libva/blob/v2.20-branch/NEWS

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2023-09-24 12:24:42 +02:00
Bernd Kuhls
f7ae22240b package/alsa-utils: bump version to 1.2.10
Updated patch due to upstream commit
8ed9d7607f

Changelog:
https://www.alsa-project.org/wiki/Changes_v1.2.9_v1.2.10#alsa-utils

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2023-09-24 12:24:36 +02:00
Bernd Kuhls
227d414ded package/alsa-lib: bump version to 1.2.10
Removed patch which is included in this release:
c72bbed825

Changelog:
https://www.alsa-project.org/wiki/Changes_v1.2.9_v1.2.10#alsa-lib

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2023-09-24 12:24:29 +02:00
Bernd Kuhls
fb8999f59b package/libopenssl: bump version to 3.1.3
Fixes CVE-2023-4807 (Windows-only):
https://www.openssl.org/news/vulnerabilities.html

Changelog: https://www.openssl.org/news/cl31.txt

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2023-09-24 12:24:23 +02:00
Bernd Kuhls
9194e8cded package/{mesa3d, mesa3d-headers}: bump version to 23.1.8
Release notes:
https://lists.freedesktop.org/archives/mesa-announce/2023-September/000729.html
https://lists.freedesktop.org/archives/mesa-announce/2023-September/000730.html

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2023-09-24 12:24:16 +02:00
Jens Maus
84c24ab1b5 package/nodejs: fix parallel build
Unless told otherwise, ninja will spawn as many jobs as there are CPU
(plus 2). Nodejs is built with ninja, but it is a generic package, so
there is no variable (like with cmake-package) that passes the proper
number of parallel jobs as configured by the user.

As a consequence, the nodejs build will use as many CPU as are
available, possibly overcommitting the rsources the user expected to be
used.

Set the JOBS variableto limit that number.

Signed-off-by: Jens Maus <mail@jens-maus.de>
[yann.morin.1998@free.fr: reword commit log]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2023-09-24 11:49:41 +02:00
Peter Korsgaard
7447700f05 package/libpjsip: security bump to version 2.13.1
Fixes the following security vulnerability:

- CVE-2023-27585: Heap buffer overflow when parsing DNS packet
  https://github.com/pjsip/pjproject/security/advisories/GHSA-q9cp-8wcq-7pfr

Drop now upstreamed security fixes for CVE-2022-23537 and CVE-2022-23547.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2023-09-24 11:01:06 +02:00
Jens Maus
cd46e1b143 package/nut: package/nut: specify --with-user/group when building NUT
This commit fixes a problem where the NUT package couldn't be
used as a NUT server due to the fact that the default group for
nobody is "nogroup" and not "nobody" like the internal default
of NUT. Thus, when starting a NUT server daemon the daemon starts
with incorrect group permissions. This commit fixes this
shortcoming by introducing a dedicated 'nut' user and 'nut' group
to drop priviledges to it.

Signed-off-by: Jens Maus <mail@jens-maus.de>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2023-09-23 22:29:02 +02:00
Julien Olivain
719921bebe package/kexec: bump to version 2.0.27
For release announce, see:
https://lists.infradead.org/pipermail/kexec/2023-August/027830.html

This new version introduced a usage of memfd_create() in [1]. This
function was introduced in Kernel 3.17. Therefore, this commit adds
this new dependency. This direct use of memfd_create() requires a
glibc >= 2.27. As is, this version would no longer work with uclibc-ng
or musl libc. This commit also adds a patch to allow compilation with
glibc < 2.27, and also uclibc and musl. See the patch commit log for
more details.

[1] https://git.kernel.org/pub/scm/utils/kernel/kexec/kexec-tools.git/commit/?id=714fa11590febc9cf6fd3c6309374a040a05ebb0

Signed-off-by: Julien Olivain <ju.o@free.fr>
[yann.morin.1998@free.fr: add arch dependency to comment]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2023-09-23 22:11:31 +02:00
Daniel Lang
20c023a3b1 package/libcoap: ignore CVE-2023-35862
According to a collaborator [0] the affected code isn't in 4.3.1

[0]: https://github.com/obgm/libcoap/issues/1117

Signed-off-by: Daniel Lang <dalang@gmx.at>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
2023-09-22 21:09:11 +02:00
Daniel Lang
868be6f6ae package/libcoap: fix CVE-2023-30362
Signed-off-by: Daniel Lang <dalang@gmx.at>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
2023-09-22 21:04:46 +02:00
Daniel Lang
a34a370f4e package/libssh: ignore CVE-2023-3603
The affected code isn't present in any release, see [0].

[0]: https://www.libssh.org/2023/07/14/cve-2023-3603-potential-null-dereference-in-libsshs-sftp-server/

The CPE entry for this CVE is
  cpe:2.3🅰️libssh:libssh:-:*:*:*:*:*:*:*
We interpret the "-" as matching any version. It actually means
"unspecified version", which is the cop-out in case there is nothing
useful to match. We can't really make our infrastructure ignore "-"
entirely, because for all we know our version is an unreleased commit
sha which _is_ vulnerable. Thus, the only way out is an exclusion which
we'll never be able to remove.

Signed-off-by: Daniel Lang <dalang@gmx.at>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
2023-09-22 20:53:13 +02:00
Julien Olivain
38063994d6 package/tcllib: bump to version 1.21
For change log, see:
https://core.tcl-lang.org/tcllib/doc/tcllib-1-21/support/releases/history/README-1.21.txt

Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
2023-09-22 20:04:33 +02:00
Adrian Perez de Castro
a23251d3f7 package/webkitgtk: allow both X11 and Wayland
Allow enabling support for both the X11 and Wayland backends.

This in turn needs reorganizing how desktop GL or OpenGL ES is chosen,
as it no longer can depend on whether Wayland support is enabled: the
BR2_PACKAGE_HAS_LIBGL and BR2_PACKAGE_HAS_LIBGLES variables are both
checked, and ENABLE_GLES2 is set only if the package providing OpenGL
claims only GLES is supported; otherwise desktop GL is preferred. This
matches the existing logic.

The existing comment indicating that only one of both windowing systems
can be enabled was wrong: the same WebKitGTK build can target both
X11 and Wayland at the same time, as long as GTK itself has been built
accordingly. Enabling both is the approach taken by most Linux
distributions, and has been supported for years.

Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Thomas Devoogdt <thomas.devoogdt@barco.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2023-09-22 18:00:05 +02:00
Thomas Devoogdt
3ba27e682a package/webkitgtk: security bump to version 2.40.5
Bugfix release with many security fixes, including (but not limited to)
patches for CVE-2023-37450, CVE-2023-38133, CVE-2023-38572, CVE-2023-38592,
CVE-2023-38594, CVE-2023-38595, CVE-2023-38597, CVE-2023-38599,
CVE-2023-38600, and CVE-2023-38611.

Release notes:

  https://webkitgtk.org/2023/07/21/webkitgtk2.40.4-released.html
  https://webkitgtk.org/2023/08/01/webkitgtk2.40.5-released.html

Accompanying security advisory:

  https://webkitgtk.org/security/WSA-2023-0006.html
  https://webkitgtk.org/security/WSA-2023-0007.html

Signed-off-by: Thomas Devoogdt <thomas.devoogdt@barco.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2023-09-22 17:19:25 +02:00
Giulio Benetti
de349df08c docs/manual: add section to explain how to give credits to a sponsor
Sometimes it happens that a Company or a Physical Person sponsors the
creation and/or the upstreaming process of a patch, but at the moment
there is no way to give credits to it. In Linux they prepend '+sponsor'
to the e-mail of the contributor in both authorship and commit log tag as
discussed here[0]. So let's describe in the manual how to do that as a
standard.

[0]: https://lore.kernel.org/linux-doc/20230817220957.41582-1-giulio.benetti@benettiengineering.com/

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
[yann.morin.1998@free.fr:
  - reword to reference sub-addressing and the RFC
  - move to the "submitting patches" section, that already deals with
    SoB tags
  - differentiate between Your/Their names
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2023-09-21 23:57:26 +02:00
Fabrice Fontaine
6e7bc7ee8c package/swupdate: fix musl build
Fix the following musl build failure raised since bump to version
2023.05 in commit b86542085d and
8228b13906:

In file included from core/bootloader.c:9:
include/util.h:210:23: error: unknown type name 'mode_t'
  210 | int mkpath(char *dir, mode_t mode);
      |                       ^~~~~~

Fixes:
 - http://autobuild.buildroot.org/results/e545f294c7f032fd7434fdb91aa18a38b2e19038

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
2023-09-21 21:43:31 +02:00
Fabrice Fontaine
5724145b1e package/libuv: needs gcc >= 4.9
libuv unconditionally uses stdatomic since
2f33980a91
resulting in the following build failure with gcc < 4.9 since bump to
version 1.45.0 in commit 21764235cb:

In file included from src/fs-poll.c:23:0:
src/uv-common.h:41:24: fatal error: stdatomic.h: No such file or directory
 # include <stdatomic.h>
                        ^

Fixes:
 - http://autobuild.buildroot.org/results/6b9ce25ba7e5c5602313d533f460f8829f767f81

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
2023-09-21 21:40:46 +02:00
Fabrice Fontaine
c6e40c2e3e package/pound: include limits.h
Fix the following build failure raised since bump to version 4.8 in
commit 525cb6a8fb and
c951f2357d:

Fixes:
 - http://autobuild.buildroot.org/results/4edfffcd5d4383c57947d97139331e0bf2cb6155

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
2023-09-21 21:28:43 +02:00
Jens Maus
056958724b package/fio: remove -march=native
Per default, the fio package uses the "-march=native" GCC option. This
is of course wildly inappropriate for cross-compilation and can result
in illegal instructions. Thus we make sure fio will not use that
compiler option by adding --disable-native to FIO_OPTS.

Signed-off-by: Jens Maus <mail@jens-maus.de>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
2023-09-21 21:24:14 +02:00