aboutsummaryrefslogtreecommitdiff
path: root/package
Commit message (Collapse)AuthorAgeFilesLines
* package/qemu: use a system-wide slirpHEADmasterGravatar Fabrice Fontaine8 hours2-2/+5
| | | | | | | | | | | Use a system-wide slirp now that we switched to the up to date https://gitlab.freedesktop.org/slirp/libslirp qemu already depends on libglib2 so we don't need to add any new dependencies Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* package/vsftpd: S70vsftpd: correct -x argument to start-stop-daemonGravatar Peter Korsgaard9 hours1-2/+2
| | | | | | | | | | | | Fixes #13341 The -x / --exec start-stop-daemon option expects the path to the executable, not just the name, leading to errors when running the init script: Starting vsftpd: start-stop-daemon: unable to stat //vsftpd (No such file or directory) Reported-by: tochansky@tochlab.net Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* package/minidlna: security bump version to 1.3.0Gravatar Bernd Kuhls9 hours4-187/+4
| | | | | | | | | | | | | | | | | Changelog: https://sourceforge.net/p/minidlna/git/ci/master/tree/NEWS Fixes CVE-2020-28926 & CVE-2020-12695. Removed patch 0001 which was applied upstream: https://sourceforge.net/p/minidlna/git/ci/b5e75ff7d160a02632cab416ff0af66504c7db8b/ Removed patch 0002 which was not applied upstream, upstream applied a different fix for CVE-2020-12695: https://sourceforge.net/p/minidlna/git/ci/06ee114731612462eb1eb1266f0431ccf59269d2/ Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* package/php: security bump version to 7.4.13Gravatar Bernd Kuhls9 hours4-6/+6
| | | | | | | | | | | | Rebased patches. Changelog: https://www.php.net/ChangeLog-7.php#7.4.13 According to the release notes this is a "security bug fix release": https://news-web.php.net/php.announce/301 Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* package/efl: fix build with wepbGravatar Fabrice Fontaine34 hours1-0/+1
| | | | | | | | | | | | webpdemux support in webp is mandatory since version 1.25.0 and https://github.com/Enlightenment/efl/commit/df06418b6f39f3b8d73631bda33308b67736bb9d Fixes: - http://autobuild.buildroot.org/results/736357e669c35bd56e818c0c7fabd1b455f40a5f Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Reviewed-by: Romain Naour <romain.naour@gmail.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* {linux, linux-headers}: bump 4.{4, 9, 14, 19}.x / 5.{4, 9}.x seriesGravatar Peter Korsgaard34 hours1-6/+6
| | | | Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* package/thermald: fix time_t related compile failureGravatar Peter Seiderer4 days1-0/+53
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add upstream patch [1] to fix (musl) time_t related compile failure. Fixes: - https://bugs.busybox.net/show_bug.cgi?id=13336 src/thd_trip_point.cpp: In member function ‘bool cthd_trip_point::thd_trip_point_check(int, unsigned int, int, bool*)’: src/thd_trip_point.cpp:250:19: error: format ‘%ld’ expects argument of type ‘long int’, but argument 6 has type ‘time_t’ {aka ‘long long int’} [-Werror=format=] 250 | thd_log_info("Too early to act zone:%d index %d tm %ld\n", | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 251 | zone_id, cdev->thd_cdev_get_index(), 252 | tm - cdevs[i].last_op_time); | ~~~~~~~~~~~~~~~~~~~~~~~~~~ | | | time_t {aka long long int} src/thermald.h:82:57: note: in definition of macro ‘thd_log_info’ 82 | #define thd_log_info(...) g_log(NULL, G_LOG_LEVEL_INFO, __VA_ARGS__) | ^~~~~~~~~~~ src/thd_trip_point.cpp:250:59: note: format string is defined here 250 | thd_log_info("Too early to act zone:%d index %d tm %ld\n", | ~~^ | | | long int | %lld [1] https://github.com/intel/thermal_daemon/commit/a7136682b9e6ebdb53c3c8b472bcd5039d62dc78.patch Signed-off-by: Peter Seiderer <ps.report@gmx.net> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* package/openrc: add upstream security fix for CVE-2018-21269Gravatar Heiko Thiery4 days2-0/+254
| | | | | | Cc: Peter Korsgaard <peter@korsgaard.com> Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* package/openrc: fix build with gcc 10Gravatar Heiko Thiery4 days1-0/+52
| | | | | | | | | Fixes: - https://bugs.busybox.net/show_bug.cgi?id=13331 Cc: mscdex@mscdex.net Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* package/cage: package does not require locale supportGravatar Paul Cercueil4 days1-3/+1
| | | | | | | | Drop dependency on BR2_ENABLE_LOCALE, which was marked as a dependency of wlroots, but wlroots does not depend on it anymore. Signed-off-by: Paul Cercueil <paul@crapouillou.net> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* package/wlroots: package does not require locale supportGravatar Paul Cercueil4 days1-3/+1
| | | | | | | | | | Drop dependency on BR2_ENABLE_LOCALE, which was marked as a dependency of libinput which is selected by wlroots. However, libinput does not depend on BR2_ENABLE_LOCALE since commit bef6b92b67e (package/libinput: remove dependency on BR2_ENABLE_LOCALE). Signed-off-by: Paul Cercueil <paul@crapouillou.net> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* package/xinetd: add upstream security fix for CVE-2013-4342Gravatar Peter Korsgaard4 days2-0/+32
| | | | | | | | | xinetd does not enforce the user and group configuration directives for TCPMUX services, which causes these services to be run as root and makes it easier for remote attackers to gain privileges by leveraging another vulnerability in a service. Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* package/python-pip: needs hashlib moduleGravatar Bartosz Bilas4 days1-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Without hashlib module pip returns the following errors: # pip ValueError: unsupported hash type sha224 ERROR:root:code for hash sha256 was not found. Traceback (most recent call last): File "/usr/lib/python2.7/hashlib.py", line 147, in <module> File "/usr/lib/python2.7/hashlib.py", line 97, in __get_builtin_constructor ValueError: unsupported hash type sha256 ERROR:root:code for hash sha384 was not found. Traceback (most recent call last): File "/usr/lib/python2.7/hashlib.py", line 147, in <module> File "/usr/lib/python2.7/hashlib.py", line 97, in __get_builtin_constructor ValueError: unsupported hash type sha384 ERROR:root:code for hash sha512 was not found. Traceback (most recent call last): File "/usr/lib/python2.7/hashlib.py", line 147, in <module> File "/usr/lib/python2.7/hashlib.py", line 97, in __get_builtin_constructor ValueError: unsupported hash type sha512 Traceback (most recent call last): File "/usr/bin/pip", line 11, in <module> load_entry_point('pip==20.0.2', 'console_scripts', 'pip')() File "/usr/lib/python2.7/site-packages/pip/_internal/cli/main.py", line 73, in main File "/usr/lib/python2.7/site-packages/pip/_internal/commands/__init__.py", line 96, in create_command File "/usr/lib/python2.7/importlib/__init__.py", line 37, in import_module File "/usr/lib/python2.7/site-packages/pip/_internal/commands/install.py", line 24, in <module> File "/usr/lib/python2.7/site-packages/pip/_internal/cli/req_command.py", line 15, in <module> File "/usr/lib/python2.7/site-packages/pip/_internal/index/package_finder.py", line 21, in <module> File "/usr/lib/python2.7/site-packages/pip/_internal/index/collector.py", line 12, in <module> File "/usr/lib/python2.7/site-packages/pip/_vendor/requests/__init__.py", line 43, in <module> File "/usr/lib/python2.7/site-packages/pip/_vendor/urllib3/__init__.py", line 7, in <module> File "/usr/lib/python2.7/site-packages/pip/_vendor/urllib3/connectionpool.py", line 29, in <module> File "/usr/lib/python2.7/site-packages/pip/_vendor/urllib3/connection.py", line 40, in <module> File "/usr/lib/python2.7/site-packages/pip/_vendor/urllib3/util/__init__.py", line 7, in <module> File "/usr/lib/python2.7/site-packages/pip/_vendor/urllib3/util/ssl_.py", line 8, in <module> ImportError: cannot import name md5 Signed-off-by: Bartosz Bilas <b.bilas@grinn-global.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* package/ncurses: mark CVE-2019-1759{4, 5} as fixed by 20191012 patchGravatar Peter Korsgaard5 days1-0/+3
| | | | | | | According to the NVE data, these are fixes in the 20191012 patch - So mark them as such. Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* package/spandsp: disable MMX on i686Gravatar Fabrice Fontaine5 days2-1/+64
| | | | | | | | | | | | | | | | MMX raises the following build failure on i686: gsm0610_rpe.c: In function 'gsm0610_rpe_encoding': gsm0610_rpe.c:132:5: error: invalid 'asm': invalid constraints for operand __asm__ __volatile__( ^~~~~~~ Fixes: - http://autobuild.buildroot.org/results/3e986c3109c392afe47fc98446a2563ac9776cf6 - http://autobuild.buildroot.org/results/00ed4a4285b35d8ec0be09217e5b503e4820d971 Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* package/wireless-regdb: bump version to 2020.11.20Gravatar Peter Seiderer5 days2-2/+2
| | | | | Signed-off-by: Peter Seiderer <ps.report@gmx.net> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* package/libkrb5: security bump to version 1.18.3Gravatar Peter Korsgaard5 days2-3/+3
| | | | | | | | | | | | | Fixes the following security issues: - CVE-2020-28196: MIT Kerberos 5 (aka krb5) before 1.17.2 and 1.18.x before 1.18.3 allows unbounded recursion via an ASN.1-encoded Kerberos message because the lib/krb5/asn.1/asn1_encode.c support for BER indefinite lengths lacks a recursion limit. Also fix .hash file indentation. Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* package/jpeg-turbo: bump to version 2.0.6Gravatar Fabrice Fontaine5 days2-6/+6
| | | | | | | | | | Update hash of README.ijg (URLs updated and Usenet info removed with https://github.com/libjpeg-turbo/libjpeg-turbo/commit/26e3aedbe569329d8ab005bad5481bcbd1f43ac8) https://sourceforge.net/projects/libjpeg-turbo/files/2.0.6 Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* package/raptor: fix CVE-2017-18926Gravatar Peter Korsgaard5 days2-0/+50
| | | | | | | | | | | | raptor_xml_writer_start_element_common in raptor_xml_writer.c in Raptor RDF Syntax Library 2.0.15 miscalculates the maximum nspace declarations for the XML writer, leading to heap-based buffer overflows (sometimes seen in raptor_qname_format_as_xml). For more details, see the oss-security discussion: https://www.openwall.com/lists/oss-security/2020/11/13/1 Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* package/xen: add XSA-333..344 security fixesGravatar Peter Korsgaard5 days2-0/+61
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes the following security issues: - XSA-333: x86 pv: Crash when handling guest access to MSR_MISC_ENABLE (CVE-2020-25602) https://xenbits.xenproject.org/xsa/advisory-333.html - XSA-334: Missing unlock in XENMEM_acquire_resource error path (CVE-2020-25598) https://xenbits.xenproject.org/xsa/advisory-334.html - XSA-336: race when migrating timers between x86 HVM vCPU-s (CVE-2020-25604) https://xenbits.xenproject.org/xsa/advisory-336.html - XSA-337: PCI passthrough code reading back hardware registers (CVE-2020-25595) https://xenbits.xenproject.org/xsa/advisory-337.html - XSA-338: once valid event channels may not turn invalid (CVE-2020-25597) https://xenbits.xenproject.org/xsa/advisory-338.html - XSA-339: x86 pv guest kernel DoS via SYSENTER (CVE-2020-25596) https://xenbits.xenproject.org/xsa/advisory-339.html - XSA-340: Missing memory barriers when accessing/allocating an event channel (CVE-2020-25603) https://xenbits.xenproject.org/xsa/advisory-340.html - XSA-342: out of bounds event channels available to 32-bit x86 domains (CVE-2020-25600) https://xenbits.xenproject.org/xsa/advisory-342.html - XSA-343: races with evtchn_reset() (CVE-2020-25599) https://xenbits.xenproject.org/xsa/advisory-343.html - XSA-344: lack of preemption in evtchn_reset() / evtchn_destroy() (CVE-2020-25601) https://xenbits.xenproject.org/xsa/advisory-344.html Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* package/libxkbcommon: bump version to 1.0.2Gravatar Peter Seiderer5 days2-3/+3
| | | | | | | | | For details see [1]. [1] https://lists.freedesktop.org/archives/wayland-devel/2020-November/041659.html Signed-off-by: Peter Seiderer <ps.report@gmx.net> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* package/cdrkit: fix static build with libmagicGravatar Fabrice Fontaine5 days1-0/+9
| | | | | | | | | | | | | | | | | | libmagic is an optional dependency of gensoimage that can raise the following build failure: /home/buildroot/autobuild/instance-0/output-1/host/opt/ext-toolchain/bin/../lib/gcc/arm-buildroot-linux-uclibcgnueabi/8.3.0/../../../../arm-buildroot-linux-uclibcgnueabi/bin/ld: /home/buildroot/autobuild/instance-0/output-1/host/arm-buildroot-linux-uclibcgnueabi/sysroot/usr/lib/libmagic.a(compress.o): in function `uncompressbuf': compress.c:(.text+0x7bc): undefined reference to `lzma_auto_decoder' /home/buildroot/autobuild/instance-0/output-1/host/opt/ext-toolchain/bin/../lib/gcc/arm-buildroot-linux-uclibcgnueabi/8.3.0/../../../../arm-buildroot-linux-uclibcgnueabi/bin/ld: compress.c:(.text+0x828): undefined reference to `lzma_code' /home/buildroot/autobuild/instance-0/output-1/host/opt/ext-toolchain/bin/../lib/gcc/arm-buildroot-linux-uclibcgnueabi/8.3.0/../../../../arm-buildroot-linux-uclibcgnueabi/bin/ld: compress.c:(.text+0x848): undefined reference to `lzma_end' collect2: error: ld returned 1 exit status genisoimage/CMakeFiles/genisoimage.dir/build.make:628: recipe for target 'genisoimage/genisoimage' failed Fixes: - http://autobuild.buildroot.org/results/7e06edc363817c9c9a1687ec89e9984a90a2012d Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* package/musl: add upstream security fix for CVE-2020-28928Gravatar Peter Korsgaard5 days1-0/+114
| | | | | | | | | | | | The wcsnrtombs function has been found to have multiple bugs in handling of destination buffer size when limiting the input character count, which can lead to infinite loop with no forward progress (no overflow) or writing past the end of the destination buffer. For more details, see the advisory: https://www.openwall.com/lists/oss-security/2020/11/20/4 Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* package/monkey: drop wrong commentGravatar Fabrice Fontaine5 days1-4/+0
| | | | | | | | Commit 5fea6e2a2fa816c0c551bca184fb64fc96d76a08 forgot to remove the generic-package comment Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* package/wpewebkit: bump to version 2.30.3Gravatar Adrian Perez de Castro5 days3-47/+5
| | | | | | | | | | | | | This is a minor release which solved a build issues and fixes a number of rendering issues. Release notes: https://wpewebkit.org/release/wpewebkit-2.30.3.html Patch "0002-WebProcess-InjectedBundle-fix-compile-without-video-.patch" can be removed because a similar fix is included in this release. Signed-off-by: Adrian Perez de Castro <aperez@igalia.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* package/webkitgtk: bump to version 2.30.3Gravatar Adrian Perez de Castro5 days2-5/+5
| | | | | | | | | | This is a minor release which solved a build issues and fixes a number of rendering issues. Release notes: https://webkitgtk.org/2020/11/20/webkitgtk2.30.3-released.html Signed-off-by: Adrian Perez de Castro <aperez@igalia.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* package/python-flask-cors: security bump to version 3.0.9Gravatar Peter Korsgaard7 days2-6/+5
| | | | | | | | | | | | | Fixes the following security issue: - CVE-2020-25032: An issue was discovered in Flask-CORS (aka CORS Middleware for Flask) before 3.0.9. It allows ../ directory traversal to access private resources because resource matching does not ensure that pathnames are in a canonical format. Also drop outdated md5 checksum and fix .hash indentation. Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* package/libcamera: fix BR2_PACKAGE_LIBCAMERA_ARCH_SUPPORTS handlingGravatar Peter Seiderer8 days1-1/+1
| | | | | | | | | Fix BR2_PACKAGE_LIBCAMERA_ARCH_SUPPORTS handling, change from 'depends on BR2_m68k' to 'depends on !BR2_m68k'. Signed-off-by: Peter Seiderer <ps.report@gmx.net> Reviewed-by: Kieran Bingham <kieran.bingham@ideasonboard.com> Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
* package/gvfs: show warning when BR2_STATIC_LIBS=yGravatar Michael Nosthoff9 days1-1/+1
| | | | | | | | | | Commit 4266c9f54f (package/gvfs: needs dynamic library) updated the dependency of gvfs, but inverted the comment dependency, causing it to only be shown if !static - Fix that. Signed-off-by: Michael Nosthoff <buildroot@heine.tech> Reviewed-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* package/c-ares: fix installGravatar Fabrice Fontaine10 days2-0/+39
| | | | | | | | | | | | c-ares 1.17.0 removed install of ares_dns.h which will result in build failures with libeXosip and resiprocate Fixes: - http://autobuild.buildroot.org/results/51573434303118fd92f32819e038971edee8bc28 - http://autobuild.buildroot.org/results/cbf158f0c037d44ef293a8804d18c84e3b731059 Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* package/jpeg-turbo: fix license hashGravatar Fabrice Fontaine10 days1-5/+5
| | | | | | | | | | | | | | Commit 105d61c85062b18bc9555011f909c8c8a5a33277 forgot to update hash of LICENSE.md (update in year: https://github.com/libjpeg-turbo/libjpeg-turbo/commit/00607ec260efa4cfe10f9b36d6e3d3590ae92d79) While at it, also update indentation in hash file (two spaces) Fixes: - http://autobuild.buildroot.org/results/66fb5c0171af73d4c1c93241b285fac8f8f494f7 Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* package/uhd: fix typoGravatar Fabrice Fontaine10 days1-1/+1
| | | | | | | | | | | | | | | | | | Replace ENABLE_DPKD by ENABLE_DPDK to fix the following error: Manually-specified variables were not used by the project: BUILD_DOC BUILD_DOCS BUILD_EXAMPLE BUILD_EXAMPLES BUILD_TEST BUILD_TESTING BUILD_TESTS ENABLE_DPKD Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* package/jpeg-turbo: security bump to version 2.0.5Gravatar Heiko Stuebner10 days2-5/+5
| | | | | | | | | | | | | | | Fixes the following security issue: - CVE-2020-13790: ibjpeg-turbo 2.0.4, and mozjpeg 4.0.0, has a heap-based buffer over-read in get_rgb_row() in rdppm.c via a malformed PPM input file For more details, see the release notes: https://github.com/libjpeg-turbo/libjpeg-turbo/releases/tag/2.0.5 Signed-off-by: Heiko Stuebner <heiko.stuebner@theobroma-systems.com> [Peter: mark as security bump / extend commit message] Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* package/modem-manager: bump to version 1.14.8Gravatar Aleksander Morgado10 days2-3/+2
| | | | | | | | | | | There should be no longer any need for the ac_cv_prog_XSLTPROC_CHECK hack, this release already removes xsltproc from being a build dependency when building from dist tarballs. https://lists.freedesktop.org/archives/modemmanager-devel/2020-November/008279.html Signed-off-by: Aleksander Morgado <aleksander@aleksander.es> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* package/c-ares: security bump to version 1.17.0Gravatar Fabrice Fontaine10 days2-2/+2
| | | | | | | | | | | | | | - avoid read-heap-buffer-overflow in ares_parse_soa_reply found during fuzzing - Avoid theoretical buffer overflow in RC4 loop comparison - Empty hquery->name could lead to invalid memory access - ares_parse_{a,aaaa}_reply() could return a larger *naddrttls than was passed in https://c-ares.haxx.se/changelog.html#1_17_0 Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* package/qemu: fix build with 64 bits time_tGravatar Fabrice Fontaine11 days1-0/+98
| | | | | | | | | | Fix build of qemu 5.0.0 and above with 64 bites time_t Fixes: - http://autobuild.buildroot.org/results/efd4474fb4b6c0ce0ab3838ce130429c51e43bbb Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* package/harfbuzz: fix build without threadsGravatar Fabrice Fontaine11 days1-0/+49
| | | | | | | | Fixes: - http://autobuild.buildroot.org/results/70c98e89b1d5e5b651d1f6928dc53f465103f57a Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* package/numactl: needs -fPICGravatar Fabrice Fontaine11 days1-0/+1
| | | | | | | | | | | | This will avoid the following build failure with qemu 5.0.0 and above: /srv/storage/autobuild/run/instance-2/output-1/host/opt/ext-toolchain/bin/../lib/gcc/x86_64-buildroot-linux-uclibc/8.3.0/../../../../x86_64-buildroot-linux-uclibc/bin/ld: /srv/storage/autobuild/run/instance-2/output-1/host/x86_64-buildroot-linux-uclibc/sysroot/usr/lib/../lib64/libnuma.a(libnuma.o): relocation R_X86_64_32 against `.rodata.str1.1' can not be used when making a PIE object; recompile with -fPIC Fixes: - http://autobuild.buildroot.org/results/616dff216a215dc0494c846d337e03e0795b2fb2 Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* package/dovecot-pigeonhole: fix build with per-package directoriesGravatar Bernd Kuhls11 days1-0/+8
| | | | | | | | | | | Fix wrong path in usr/lib/dovecot-config which was copied from the dovecot staging dir. Fixes: http://autobuild.buildroot.net/results/5fb/5fb1cd57bc3fdf4f75019c7b25d65ef887eea539/ Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* package/libpam-tacplus: remove duplicate LIBPAM_TACPLUS_AUTORECONFGravatar Romain Naour11 days1-2/+1
| | | | | | | | | | | | | | | | | The commit [1] added a second LIBPAM_TACPLUS_AUTORECONF because we are now patching configure.ac. But LIBPAM_TACPLUS_AUTORECONF was already used because the package is fetched from github. [1] bd85d82f61af0578a64e74e1cfb56c3c1bf46fe1 Fixes: https://gitlab.com/buildroot.org/buildroot/-/jobs/849509860 Signed-off-by: Romain Naour <romain.naour@gmail.com> Cc: Fabrice Fontaine <fontaine.fabrice@gmail.com> Reviewed-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* package/openntpd: needs host-bisonGravatar Baruch Siach11 days1-0/+1
| | | | | | | | | | | | Build fails when no yacc alternative is installed. Fixes: http://autobuild.buildroot.net/results/1ba8e339cbb5646663d0bf4e158d89e54433b242/ http://autobuild.buildroot.net/results/a00a53d6635c64e72c50d4841658155de5380110/ Signed-off-by: Baruch Siach <baruch@tkos.co.il> Acked-by: Yann E. MORIN <yann.morin.1998@free.fr> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* package/xorriso: fix host optionGravatar Fabrice Fontaine11 days1-1/+1
| | | | | | | | --disable-bzip2 is not a recognized option so replace it by --disable-libbz2 to match the target logic. Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* package/postgresql: security bump to version 12.5Gravatar Fabrice Fontaine11 days2-5/+5
| | | | | | | | | | | | | | | Fix the following CVEs: - CVE-2020-25695: Multiple features escape "security restricted operation" sandbox - CVE-2020-25694: Reconnection can downgrade connection security settings - CVE-2020-25696: psql's \gset allows overwriting specially treated variables https://www.postgresql.org/about/news/postgresql-131-125-1110-1015-9620-and-9524-released-2111 Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* package/redis: security bump to version 6.0.9Gravatar Fabrice Fontaine11 days3-3/+5
| | | | | | | | | | | This release fixes a potential heap overflow when using a heap allocator other than jemalloc or glibc's malloc. See: https://github.com/redis/redis/pull/7963 https://raw.githubusercontent.com/redis/redis/6.0/00-RELEASENOTES Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* Revert "package/linux-backports: bump version to 5.8"Gravatar Yann E. MORIN12 days3-18/+11
| | | | | | | This reverts commit d2159da6a034b8287984f738974f9f8738bac1e6. which should not have been applied to master, but to next... Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
* package/linux-backports: bump version to 5.8Gravatar Julien Olivain12 days3-11/+18
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | Attempting to compile this package with newer Kernel version (e.g. v5.4) fails with message: Generating local configuration database from kernel ...Kernel version parse failed! Upgrading the package to 5.8 fixes this issue. Anyways, v4.4 is now rather old and beat the very purpose of having newer drivers in older kernels. Since backports tag v4.14-rc4-1, the requirement on minimal kernel version changed from 3.0 to 3.10. See commit [1]. The minimal kernel version check is changed accordingly. License files are also updated: the linux backports package copies the license files from the kernel version used for its generation. v5.8 is now "GPL-2.0 WITH Linux-syscall-note". However, there is no such SPDX identifier (contrary to what is said in the COPYING file), so we keep it as GPL-2.0 (which also keeps it aligned to what we have in linux.mk). [1] https://git.kernel.org/pub/scm/linux/kernel/git/backports/backports.git/commit/?id=a0d05f9f9ca50ea8b1d60726fac6b54167257e76 Signed-off-by: Julien Olivain <ju.o@free.fr> Reviewed-by: Petr Vorel <petr.vorel@gmail.com> Tested-by: Petr Vorel <petr.vorel@gmail.com> [yann.morin.1998@free.fr: keep license as GPL-2.0, like for linux] Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
* package/rauc: disable systemd for host buildGravatar Bartosz Bilas14 days1-1/+2
| | | | | | | | | | | | | | Since there is not necessary to have support of systemd within the host variant let's disable it unconditionally to solve the following errors: /usr/bin/install -c -m 644 data/rauc.service '/usr/lib/systemd/system' /usr/bin/install: cannot create regular file '/usr/lib/systemd/system/rauc.service': Permission denied /usr/bin/install -c -m 644 data/de.pengutronix.rauc.conf 'no' make[4]: *** [Makefile:1700: install-nodist_systemdunitDATA] Error 1 make[4]: *** Waiting for unfinished jobs.... Signed-off-by: Bartosz Bilas <b.bilas@grinn-global.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* package/tcpdump: fix CVE-2020-8037Gravatar Fabrice Fontaine14 days2-0/+70
| | | | | | | | The ppp decapsulator in tcpdump 4.9.3 can be convinced to allocate a large amount of memory. Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* package/libpam-tacplus: disable -WerrorGravatar Fabrice Fontaine14 days2-0/+58
| | | | | | | | Fixes: - http://autobuild.buildroot.org/results/5c17226f12eba104d907693ec37fc101cc6d447f Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* package/mp4v2: fix build with gcc 10Gravatar Fabrice Fontaine14 days1-0/+99
| | | | | | | | Fixes: - http://autobuild.buildroot.org/results/4655626f1827245648a566a7223f247a130714c5 Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>