summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* package/subversion: security bump to version 1.9.10Peter Korsgaard2019-01-232-5/+6
| | | | | | | | | | | | Additional fixes for CVE-2017-9800: Malicious server can execute arbitrary command on client and a number of crash fixes. https://svn.apache.org/repos/asf/subversion/tags/1.9.10/CHANGES Drop upstream SHA1 hash as that is no longer listed. Also add a hash for the license file. Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* {linux, linux-headers}: bump 4.{9, 14, 19, 20}.x seriesPeter Korsgaard2019-01-233-9/+9
| | | | Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* dmalloc: fix build with strndupFabrice Fontaine2019-01-231-0/+24
| | | | | | | | Fixes: - http://autobuild.buildroot.org/results/5cfa01a41951ee3be2e8c1cb10edac3722d72c77 Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* dmalloc: fix build with strdupFabrice Fontaine2019-01-231-0/+24
| | | | | | | | Fixes: - http://autobuild.buildroot.org/results/3f2518f7a9e87034cd501ac3d121ea3a33827e7d Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* sqlcipher: add licenseFabrice Fontaine2019-01-232-0/+3
| | | | | Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* libssh: fix some -Werror=strict-overflow build failuresBaruch Siach2019-01-224-0/+351
| | | | | | | | | | | | | | | Add fixes for some of the build failures caused by strict-overflow warnings. Patches #1, #2, and #4 are upstream. Patch #3 is pending upstream. Fixes: http://autobuild.buildroot.net/results/923/9239f230629ca4e381af5e8f43989997d9bfde99/ http://autobuild.buildroot.net/results/618/6187b92bcdfd9281683c37906ae74f2e0c5e6d0e/ http://autobuild.buildroot.net/results/9eb/9eb5ed92a923f0c038e3d913289eddc1cda1b62f/ Cc: Scott Fan <fancp2007@gmail.com> Signed-off-by: Baruch Siach <baruch@tkos.co.il> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* package/upmpdcli: add upstream patch to fix musl build issueJörg Krause2019-01-221-0/+72
| | | | | | | | | | | | | | | | | | | | | | | upmpdcli 1.4.0 uses both the `uint64_t` and `u_int64_t` type. `uintN_t` is standard C99 type available in `<stdint.h>`, whereas `u_intN_t` is defined in `<sys/types.h>`. Because of the missing include of `<sys/types.h>` building upmpdcli breaks now when building with the musl C library, which is very strict: ``` src/mediaserver/cdplugins/netfetch.h:71:5: error: ‘u_int64_t’ does not name a type u_int64_t datacount() { ``` Add a patch from upstream which fixes the issue by replacing `u_int64_t` with `uint64_t`. Fixes: http://autobuild.buildroot.net/results/f3082d2fdda8d73dbd9d3b65a08d844934066ef7 Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* package/apache: security bump to version 2.4.38Peter Korsgaard2019-01-222-3/+3
| | | | | | | | | | | | | | | | | | | | | | | | Fixes the following security vulnerabilities: *) SECURITY: CVE-2018-17199 (cve.mitre.org) mod_session: mod_session_cookie does not respect expiry time allowing sessions to be reused. [Hank Ibell] *) SECURITY: CVE-2018-17189 (cve.mitre.org) mod_http2: fixes a DoS attack vector. By sending slow request bodies to resources not consuming them, httpd cleanup code occupies a server thread unnecessarily. This was changed to an immediate stream reset which discards all stream state and incoming data. [Stefan Eissing] *) SECURITY: CVE-2019-0190 (cve.mitre.org) mod_ssl: Fix infinite loop triggered by a client-initiated renegotiation in TLSv1.2 (or earlier) with OpenSSL 1.1.1 and later. PR 63052. [Joe Orton] For more details, see the CHANGES file: https://www.apache.org/dist/httpd/CHANGES_2.4.38 Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* package/xerces: use new website (was redirecting)Matt Weber2019-01-221-1/+1
| | | | | Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* package/rp-pppoe: update website urlMatt Weber2019-01-221-1/+1
| | | | | | | | The website for rp-pppoe moved from Roaring Penguin's main site to a personal project page. Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* package/openresolv: update webpage URLMatt Weber2019-01-221-1/+1
| | | | | | | | Update URL to point at the project page vs just the GIT repository containing the source code. Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* package/lsof: bump to version 4.91Baruch Siach2019-01-222-2/+7
| | | | | | | | | Add upstream provided md5 hash. Add license file hash. Signed-off-by: Baruch Siach <baruch@tkos.co.il> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* package/iperf: bump to 2.0.13Matt Weber2019-01-222-3/+4
| | | | | Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* package/ipset: bump to version 7.1Baruch Siach2019-01-222-4/+4
| | | | | Signed-off-by: Baruch Siach <baruch@tkos.co.il> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* configs/qemu_riscv64_virt_defconfig: bump Linux versionGwenhael Goavec-Merou2019-01-222-28/+4
| | | | | | | | Since riscv64 works with linux default defconfig, this patch drop custom config. Signed-off-by: Gwenhael Goavec-Merou <gwenhael.goavec-merou@trabucayre.com> Tested-by: Mark Corbin <mark.corbin@embecosm.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* package/wavemon: add upstream patch to fix musl/uclibc build issueJörg Krause2019-01-221-0/+73
| | | | | | | | | | | | | | | | | | | | | | | In version 0.9.0 wavemon uses the GLIBC-specific extension `on_exit()` which is not available in musl and uClibc. According to the Linux kernel man page [1]: "Portable application should avoid this function, and use the standard atexit(3) instead." Add patch from upstream which is fixing this issue by dropping `on_exit()` and using the standard `atexit()` instead. Note, that the commit message of the upstream patch was changed to add some useful information. [1] http://man7.org/linux/man-pages/man3/on_exit.3.html Backported from: f6e20c9c6e9b50963caaf5483248d329473a6815 Fixes: http://autobuild.buildroot.net/results/ae54441c65fe9a1bdcf743aa7f6a208e5545ca29 http://autobuild.buildroot.net/results/40fd66e6a351a1acd537ade715ab3e993eddb1c1 Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* musl: bump to version 1.1.21Jörg Krause2019-01-223-58/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | >From the upstream release announcement: """ This release makes improvements with respect to default thread stack size, including increasing the default from 80k to 128k, increasing the default guard size from 4k to 8k, and allowing the default to be increased via ELF headers so that programs that need larger stacks can be build without source-level changes, using just LDFLAGS. Insufficient stack size for AIO threads on kernels that don't honor the constant MINSIGSTKSZ is also fixed. The glob core has been rewritten to fix inability to see past searchable-but-unreadable path components, and to avoid excessive stack usage and unnecessary syscalls. The tsearch AVL tree implementation has also been rewritten for better size and performance. The math library adds more native single-instruction implementations for arm, s390x, powerpc, and x86_64. Various bugs are fixed, including several possible deadlocks, one of which was a new regression in 1.1.20. """ Drop upstream patch 0002 which is included in the release. Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* python-uvloop: bump to version 0.11.3Asaf Kahlon2019-01-212-4/+4
| | | | | Signed-off-by: Asaf Kahlon <asafka7@gmail.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* python-pyopenssl: bump to version 19.0.0Asaf Kahlon2019-01-212-4/+4
| | | | | Signed-off-by: Asaf Kahlon <asafka7@gmail.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* configs/imx6-sabresd: Bump kernel versionFabio Estevam2019-01-212-6/+6
| | | | | | | Bump the kernel version to 4.19.16. Signed-off-by: Fabio Estevam <festevam@gmail.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* libcpprestsdk: bump to version 2.10.9Fabrice Fontaine2019-01-213-227/+2
| | | | | | | | | | | | - Remove second patch (already in version) - Fix build with gcc 4.7: https://github.com/Microsoft/cpprestsdk/commit/e6498b2f99cf20163d8224716d8127f9089b01ef Fixes: - http://autobuild.buildroot.org/results/a080dbe2977cd35e4f8351d864bd71aaa8f9b743 Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* shadowsocks-libev: fix static build with netfilter_conntrackFabrice Fontaine2019-01-202-0/+33
| | | | | | | | Fixes: - http://autobuild.buildroot.org/results/22a28e8fd8182e1c908541dbc5b0ee087c3803e6 Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* package/sunxi-mali-mainline-driver: bump versionGiulio Benetti2019-01-202-2/+2
| | | | | | | | | | | For 4.20 support. git shortlog --invert-grep --grep travis --no-merges 143ff2b17de63ce931c4f758771969e75c09a4c7.. Roman Stratiienko (1): mali: support building against 4.20 Signed-off-by: Giulio Benetti <giulio.benetti@micronovasrl.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* package/openresolv: update to fix install locationJared Bents2019-01-201-2/+1
| | | | | | | | Update to install in /sbin as expected by other applications such as strongswan instead of /usr/sbin Signed-off-by: Jared Bents <jared.bents@rockwellcollins.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* exempi: fix libiconv dependencyFabrice Fontaine2019-01-202-1/+3
| | | | | | | | Fixes: - http://autobuild.buildroot.org/results/a77a891683ae9a135dc31be1b419061922d0e1ba Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* tekui: disable parallel buildFabrice Fontaine2019-01-201-0/+3
| | | | | | | | | | | | | | | | It seems tekui has parallel build issues since November 2017: - Fatal error: can't create build/posix/directfb_lua.lo: No such file or directory - /home/peko/autobuild/instance-3/output/host/bin/microblazeel-buildroot-linux-uclibc-ar: ../../lib/posix/libtekdebug.a: No such file or directory - Fatal error: can't create build/posix/visual_mod.lo: No such file or directory So disable parallel build Fixes: - http://autobuild.buildroot.org/results/0732568fcbaa6829154fa91c352b52f074384df0 - http://autobuild.buildroot.org/results/580593e79bc4ecdea1dc71d16607e5c88f87403c Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* libftdi1: fix python build with cmake < 3.7Fabrice Fontaine2019-01-201-1/+4
| | | | | | | | Fixes: - http://autobuild.buildroot.org/results/1091872e2b77d789e361d1ddefd235c738933c55 Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* rtc-tools: rtc-sync needs threads supportBaruch Siach2019-01-201-1/+5
| | | | | | | | | | | | Fixes: http://autobuild.buildroot.net/results/573/57350271eff9284a8b07ceef02a9960f3568a0a3/ http://autobuild.buildroot.net/results/b6c/b6cf05deab77c7a84c721c95d9d618b1ddc2957e/ http://autobuild.buildroot.net/results/187/1877cfbbe37ef15c16cec5d6ad6e3d4d60bc3cbc/ Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com> Cc: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Baruch Siach <baruch@tkos.co.il> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* ocrad: bump to version 0.27Gilles Talis2019-01-202-2/+2
| | | | | Signed-off-by: Gilles Talis <gilles.talis@gmail.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* libupnpp: remove AUTORECONFFabrice Fontaine2019-01-201-2/+0
| | | | | | | | Commit 9b551dacf74445d58aaefef349e2817e009c9d5d removed patch on configure.ac so remove uneeded LIBUPNPP_AUTORECONF Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* libupnpp: fix libupnp dependencyFabrice Fontaine2019-01-201-1/+2
| | | | | | | | | | | Commit 9b551dacf74445d58aaefef349e2817e009c9d5d added support for libupnp18 but without updating LIBUPNPP_DEPENDENCIES Fixes: - http://autobuild.buildroot.org/results/aa734318b9ad318d25e772585c8794429cc0f489 Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* odhcp6c: fix build with gcc 8Fabrice Fontaine2019-01-191-0/+28
| | | | | | | | | | Retrieve and backport upstream patch to fix build with gcc 8 Fixes: - http://autobuild.buildroot.org/results/1c6f0d1f2fcd3474af81b3851d875f834a3a0a4f Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* package/upmpdcli: bump to version 1.4.0Jörg Krause2019-01-192-5/+5
| | | | | | | | | | upmpdcli switched license from GPL-2.0+ to LGPL-2.1+, therefore update the hash file for the license file "COPYING". Note, that upmpdcli depends on libupnpp 0.17.0. Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* package/libupnpp: bump to version 0.17.0Jörg Krause2019-01-194-40/+4
| | | | | | | | | | libupnpp 0.17.0 adds compatibility for libupnp 1.8. Therefore, we prefer selecting libupnp 1.8 and falling back to libupnp 1.6. Drop patch 0001, which has been merged upstream. Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* python-txtorcon: bump to version 19.0.0Asaf Kahlon2019-01-192-4/+4
| | | | | Signed-off-by: Asaf Kahlon <asafka7@gmail.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* python-logbook: bump to version 1.4.3Asaf Kahlon2019-01-192-4/+4
| | | | | Signed-off-by: Asaf Kahlon <asafka7@gmail.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* python-bcrypt: bump to version 3.1.6Asaf Kahlon2019-01-192-4/+4
| | | | | Signed-off-by: Asaf Kahlon <asafka7@gmail.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* libuv: bump to version 1.25.0Asaf Kahlon2019-01-192-2/+2
| | | | | Signed-off-by: Asaf Kahlon <asafka7@gmail.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* unixodbc: needs dynamic libraryFabrice Fontaine2019-01-193-0/+12
| | | | | | | | | Fixes: - http://autobuild.buildroot.org/results/1036ee061ce7f7747d5514c61866da60bcfae769 Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> [Peter: propagate to PHP_EXT_PDO_UNIXODBC as well] Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* php: security bump to 7.3.1Adam Duskett2019-01-192-2/+2
| | | | | | | | | | | | Fixes the following security issue: - CVE-2018-19935: Allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an empty string in the message argument to the imap_mail function. https://www.cvedetails.com/cve/CVE-2018-19935/ Signed-off-by: Adam Duskett <Aduskett@gmail.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* php: switch to pcre2Fabrice Fontaine2019-01-191-2/+2
| | | | | | | | | | | | | | | | php moved from pcre to pcre2 since bump to version 7.3 and http://github.com/php/php-src/commit/a5bc5aed71f7a15f14f33bb31b8e17bf5f327e2d This fixes a build failure: without this change, if BR2_PACKAGE_PCRE is set, external pcre support in php is (wrongly) enabled with --with-pcre-regex but because pcre2 was not found, php fallbacks on built-in pcre2 without the "SLJIT_SINGLE_THREADED hack" Fixes: - http://autobuild.buildroot.org/results/40ef339019203d2cc49d388e222cf17c3ca37944 Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* Revert "package/php: fix building pcre extension"Fabrice Fontaine2019-01-191-1/+1
| | | | | | | | | | | | | | This reverts commit 745f884e41b5f350296e8448f5fc31d20f67a077. This was the wrong fix: issue is that php moves from pcre to pcre2 since version 7.3.0 and http://github.com/php/php-src/commit/a5bc5aed71f7a15f14f33bb31b8e17bf5f327e2d This patch will always disable external pcre2 support and raise a build failure when toolchaine does not have pthread Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* python-cython: bump to version 0.29.3Asaf Kahlon2019-01-192-4/+4
| | | | | Signed-off-by: Asaf Kahlon <asafka7@gmail.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* python-crossbar: bump to version 19.1.2Asaf Kahlon2019-01-192-4/+4
| | | | | Signed-off-by: Asaf Kahlon <asafka7@gmail.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* gnu-efi: fix build with gcc 4.8Fabrice Fontaine2019-01-191-0/+35
| | | | | | | | Fixes: - http://autobuild.buildroot.org/results/a0ca37b5ed27af445344e3ac49dc87bb17512c50 Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* libgeotiff: bump to version 1.4.3Fabrice Fontaine2019-01-192-2/+2
| | | | | Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* tesseract-ocr: disable documentationFabrice Fontaine2019-01-191-0/+1
| | | | | | | | | Fixes: - http://autobuild.buildroot.org/results/a608e9bfb2b0161c45ae490e2866d96763593723 Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Acked-by: Gilles Talis <gilles.talis@gmail.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* package/syslog-ng: fix startup with systemdCarlos Santos2019-01-192-0/+18
| | | | | | | | | | | | By default syslog-ng installs a .service that requires a config file at /etc/default, so provide one with the default values. It's also necessary to enable the service by means of a symlink created at /etc/systemd/system/multi-user.target.wants. Signed-off-by: Carlos Santos <casantos@datacom.com.br> Reviewed-by: Chris Packham <judge.packham@gmail.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* package/pango: add upstream security fix for CVE-2018-15120Peter Korsgaard2019-01-191-0/+38
| | | | | | | | | | | libpango in Pango 1.40.8 through 1.42.3, as used in hexchat and other products, allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via crafted text with invalid Unicode sequences. https://nvd.nist.gov/vuln/detail/CVE-2018-15120 Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* package/libsndfile: add upstream post-1.0.28 security fixesPeter Korsgaard2019-01-193-0/+171
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes the following security vulnerabilities: CVE-2017-14634: In libsndfile 1.0.28, a divide-by-zero error exists in the function double64_init() in double64.c, which may lead to DoS when playing a crafted audio file CVE-2017-17456: The function d2alaw_array() in alaw.c of libsndfile 1.0.29pre1 may lead to a remote DoS attack (SEGV on unknown address 0x000000000000), a different vulnerability than CVE-2017-14245 CVE-2017-17457: The function d2ulaw_array() in ulaw.c of libsndfile 1.0.29pre1 may lead to a remote DoS attack (SEGV on unknown address 0x000000000000), a different vulnerability than CVE-2017-14246 CVE-2018-13139: A stack-based buffer overflow in psf_memset in common.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted audio file. The vulnerability can be triggered by the executable sndfile-deinterleave CVE-2018-19661: An issue was discovered in libsndfile 1.0.28. There is a buffer over-read in the function i2ulaw_array in ulaw.c that will lead to a denial of service CVE-2018-19662: An issue was discovered in libsndfile 1.0.28. There is a buffer over-read in the function i2alaw_array in alaw.c that will lead to a denial of service Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
OpenPOWER on IntegriCloud