From 2499eabe445dd1122dccd1b2a10f03571478595d Mon Sep 17 00:00:00 2001 From: Daryl Ronningen Date: Mon, 4 Dec 2023 11:53:12 -0800 Subject: [PATCH] Squashed tag "2023.08.4" from upstream MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit commit 5abe7bd726493acd0b9ea4600b7a33ccfaefce2f Author: Peter Korsgaard Date: Mon Dec 4 14:06:08 2023 +0100 Update for 2023.08.4 Signed-off-by: Peter Korsgaard commit 6b68acec970b841acebfde492b59b1026d248d74 Author: Fabrice Fontaine Date: Sun Dec 3 19:44:00 2023 +0100 package/mariadb: security bump to version 10.11.6 This bump will fix the following build failure raised since bump of fmt to version 10.1.0 in commit 619b5585d92c8f701cd92e0e26c0883a753125ad thanks to https://github.com/MariaDB/server/commit/f4cec369a392c8a6056207012992ad4a5639965a: -- Performing Test HAVE_SYSTEM_LIBFMT -- Performing Test HAVE_SYSTEM_LIBFMT - Failed [...] -- Downloading... dst='/home/buildroot/autobuild/instance-3/output-1/build/mariadb-10.11.4/extra/libfmt/src/8.0.1.zip' timeout='none' inactivity timeout='none' -- Using src='https://github.com/fmtlib/fmt/archive/refs/tags/8.0.1.zip' CMake Error at libfmt-stamp/download-libfmt.cmake:170 (message): Each download failed! error: downloading 'https://github.com/fmtlib/fmt/archive/refs/tags/8.0.1.zip' failed status_code: 1 status_string: "Unsupported protocol" log: --- LOG BEGIN --- Protocol "https" not supported or disabled in libcurl This bump will also fix CVE-2023-22084 https://mariadb.com/kb/en/mariadb-10-11-5-release-notes/ https://mariadb.com/kb/en/mariadb-10-11-6-release-notes/ Fixes: - http://autobuild.buildroot.org/results/9cb577195aa939289102116df5a2eac03f0d5017 Signed-off-by: Fabrice Fontaine Signed-off-by: Peter Korsgaard (cherry picked from commit d20329ed76082553368241aa4b38f4dabf45bc76) Signed-off-by: Peter Korsgaard commit b1509f719d8d4ce7da1757fd29b0c0dd6bc38f25 Author: Fabrice Fontaine Date: Sun Dec 3 18:42:04 2023 +0100 package/libmemcached: fix static build Fix the following static build failure raised since bump to version 1.1.4 in commit 7205df8a4f3c729b11a5f0c34885e6cf592f24b9: CMake Error at /home/autobuild/autobuild/instance-13/output-1/build/libmemcached-1.1.4/src/bin/cmake_install.cmake:60 (file): file RPATH_CHANGE could not write new RPATH: $ORIGIN/../lib to the file: /home/autobuild/autobuild/instance-13/output-1/host/arc-buildroot-linux-uclibc/sysroot/usr/bin/memcapable No valid ELF RPATH or RUNPATH entry exists in the file; Call Stack (most recent call first): /home/autobuild/autobuild/instance-13/output-1/build/libmemcached-1.1.4/src/cmake_install.cmake:52 (include) /home/autobuild/autobuild/instance-13/output-1/build/libmemcached-1.1.4/cmake_install.cmake:52 (include) Fixes: - http://autobuild.buildroot.org/results/778ff517d465896f54a3cd5316a66c54f66fd4cb Signed-off-by: Fabrice Fontaine Signed-off-by: Peter Korsgaard (cherry picked from commit b47b2065b249b3f50f3164d8a8114b108f596559) Signed-off-by: Peter Korsgaard commit dedfab8614082e493b084b8c2085d1bd597be946 Author: Peter Korsgaard Date: Fri Dec 1 22:14:01 2023 +0100 toradex_apalis_imx6_defconfig: add download hashes for linux/uboot The defconfig fetches Linux and U-Boot from a git repo using the unauthenticated git:// protocol, so add download hashes for them to ensure we get the right sources by adding a global patch dir and running utils/add-custom-hashes. The defconfig uses the Linux sources for the kernel headers, so make linux-headers/linux-headers.hash a symlink to linux/linux.hash so the same hash file is used. Signed-off-by: Peter Korsgaard (cherry picked from commit cdc9b8a3a75c4c39f23feb4e3b0e296786e0132c) Signed-off-by: Peter Korsgaard commit 100ba3215908f4f214085b3b82f5695e9cfe4c4a Author: Fabrice Fontaine Date: Sun Dec 3 15:54:18 2023 +0100 package/xenomai: fix build with gcc >= 12 Fix the following build failure with gcc >= 12: task.c: In function 't_start': task.c:398:16: error: 'ret' may be used uninitialized [-Werror=maybe-uninitialized] 398 | return ret; | ^~~ task.c:364:13: note: 'ret' was declared here 364 | int ret; | ^~~ task.c: In function 't_resume': task.c:444:16: error: 'ret' may be used uninitialized [-Werror=maybe-uninitialized] 444 | return ret; | ^~~ task.c:428:13: note: 'ret' was declared here 428 | int ret; | ^~~ Fixes: - http://autobuild.buildroot.org/results/bc1b40de22e563b704ad7f20b6bf4d1f73a6ed8a Signed-off-by: Fabrice Fontaine Signed-off-by: Peter Korsgaard (cherry picked from commit a3db1dd1b7b4fca95eefb1f42a25881f89d881f7) Signed-off-by: Peter Korsgaard commit ce9b0d50c45ec26b3ab7b9351e5c411f04ba9cf4 Author: Fabrice Fontaine Date: Sun Dec 3 15:15:18 2023 +0100 package/speechd: fix NLS build Fix the following NLS build failure raised since the addition of the package in commit 9f4f8c5f8993c6d7c2ef730ac211ef84ac9ae26d: /home/buildroot/autobuild/run/instance-2/output-1/host/lib/gcc/arm-buildroot-linux-musleabihf/12.3.0/../../../../arm-buildroot-linux-musleabihf/bin/ld: ../../src/common/.libs/libcommon.a(libcommon_la-i18n.o): undefined reference to symbol 'libintl_bindtextdomain' Fixes: - http://autobuild.buildroot.org/results/8ab13cf474d732c95a1da65592d950b24b3d474b Signed-off-by: Fabrice Fontaine Signed-off-by: Peter Korsgaard (cherry picked from commit f6a7050d7191b9a534d1d2789ceb72d69f25da83) Signed-off-by: Peter Korsgaard commit 37dfdda3211e3fdf35aa6b996604e32755f32d6d Author: Fabrice Fontaine Date: Sun Dec 3 09:44:45 2023 +0100 package/libmemcached: fix build with gcc 4.8 Fix the following build failure with gcc 4.8 raised since bump to version 1.1.4 in commit 7205df8a4f3c729b11a5f0c34885e6cf592f24b9: /home/buildroot/autobuild/run/instance-0/output-1/build/libmemcached-1.1.4/src/libmemcachedprotocol/ascii_handler.c: In function 'ascii_get_response_handler': /home/buildroot/autobuild/run/instance-0/output-1/build/libmemcached-1.1.4/src/libmemcachedprotocol/ascii_handler.c:249:3: error: 'for' loop initial declarations are only allowed in C99 mode for (int x = 0; x < keylen; ++x) { ^ Fixes: - http://autobuild.buildroot.org/results/202aeec4dda822ac341d8882f84f968a303697c3 Signed-off-by: Fabrice Fontaine Signed-off-by: Peter Korsgaard (cherry picked from commit 5eb79ff3b951fb756e17d8a06b5608b179ddbd60) Signed-off-by: Peter Korsgaard commit 50abc2e77a249402bdbeef55ed7e64dd3a8641f1 Author: Fabrice Fontaine Date: Sun Dec 3 15:20:11 2023 +0100 package/libde265: security bump to version 1.0.14 Fix CVE-2023-43887: Libde265 v1.0.12 was discovered to contain multiple buffer overflows via the num_tile_columns and num_tile_row parameters in the function pic_parameter_set::dump. Fix CVE-2023-47471: Buffer Overflow vulnerability in strukturag libde265 v1.10.12 allows a local attacker to cause a denial of service via the slice_segment_header function in the slice.cc component. https://github.com/strukturag/libde265/releases/tag/v1.0.14 https://github.com/strukturag/libde265/releases/tag/v1.0.13 Signed-off-by: Fabrice Fontaine Signed-off-by: Peter Korsgaard (cherry picked from commit 4cf5d91d8bf1dc48af612e785bde869e47048ec3) Signed-off-by: Peter Korsgaard commit 2369c3b34ad9b31509907b01c44ff2013b6dee55 Author: Fabrice Fontaine Date: Sun Dec 3 09:02:14 2023 +0100 package/libmemcached: link with -latomic when needed Fix the following build failure raised since bump to version 1.1.4 in commit 7205df8a4f3c729b11a5f0c34885e6cf592f24b9: /home/buildroot/autobuild/instance-2/output-1/host/opt/ext-toolchain/bin/../lib/gcc/sparc-buildroot-linux-uclibc/11.3.0/../../../../sparc-buildroot-linux-uclibc/bin/ld: CMakeFiles/aslap.dir/ms_conn.c.o: undefined reference to symbol '__atomic_fetch_add_4@@LIBATOMIC_1.0' Fixes: - http://autobuild.buildroot.org/results/c8e4e1f9609d1339fe070afe440c63660892600e Signed-off-by: Fabrice Fontaine Signed-off-by: Peter Korsgaard (cherry picked from commit a73cbe68b2548308ff7590c4720ebf56f275a6ee) Signed-off-by: Peter Korsgaard commit 55678b84a153456ac4c55bab38ae8eba88d70f9b Author: Fabrice Fontaine Date: Sat Dec 2 22:45:29 2023 +0100 package/putty: disable gssapi PUTTY_GSSAPI is enabled by default resulting in the following build failure since bump to version 0.78 in commit 5673ea3ce4d4dd721bb17fc8d5b1283f5c1080b4: /home/fabrice/buildroot/output/build/putty-0.79/unix/gss.c:133:10: fatal error: gssapi/gssapi.h: No such file or directory 133 | #include | ^~~~~~~~~~~~~~~~~ Fixes: - http://autobuild.buildroot.org/results/d6d06b5aa0df070c3880399e044fb3cd3a830aec Signed-off-by: Fabrice Fontaine Signed-off-by: Peter Korsgaard (cherry picked from commit 499b4d6d22a704adf65d1db0808952ad386ee1a0) Signed-off-by: Peter Korsgaard commit 49da7a4ae362e7fe1ef77c743388d6d5d2f87e3e Author: Francois Perrad Date: Sun Dec 3 09:42:51 2023 +0100 package/perl: security bump to version 5.36.3 fix CVE-2023-47038 - Write past buffer end via illegal user-defined Unicode property note: 5.36.2 was a broken release Signed-off-by: Francois Perrad Signed-off-by: Peter Korsgaard (cherry picked from commit bc7b0e1002ed393c6ffb784aa245cbaa40569106) Signed-off-by: Peter Korsgaard commit 0b3f8449e79a6ad32a5b7c20228cceef60cea0a9 Author: Fabrice Fontaine Date: Fri Dec 1 22:23:18 2023 +0100 package/libpjsip: security bump to version 2.14 Fix CVE-2023-38703: PJSIP is a free and open source multimedia communication library written in C with high level API in C, C++, Java, C#, and Python languages. SRTP is a higher level media transport which is stacked upon a lower level media transport such as UDP and ICE. Currently a higher level transport is not synchronized with its lower level transport that may introduce use-after-free issue. This vulnerability affects applications that have SRTP capability (`PJMEDIA_HAS_SRTP` is set) and use underlying media transport other than UDP. This vulnerability’s impact may range from unexpected application termination to control flow hijack/memory corruption. The patch is available as a commit in the master branch. https://github.com/pjsip/pjproject/security/advisories/GHSA-f76w-fh7c-pc66 https://github.com/pjsip/pjproject/releases/tag/2.14 Signed-off-by: Fabrice Fontaine Signed-off-by: Peter Korsgaard (cherry picked from commit 38c4aa2826ce31bd77140a55b5dca78eb28e53a5) Signed-off-by: Peter Korsgaard commit 275d74bd64593ba1d10af458c410a0015cbfcb24 Author: Fabrice Fontaine Date: Fri Dec 1 21:38:22 2023 +0100 package/putty: fix static build Fix the following static build failure raised since bump to version 0.78 in commit 5673ea3ce4d4dd721bb17fc8d5b1283f5c1080b4: In file included from /home/buildroot/autobuild/instance-0/output-1/build/putty-0.78/putty.h:8, from /home/buildroot/autobuild/instance-0/output-1/build/putty-0.78/callback.c:8: /home/buildroot/autobuild/instance-0/output-1/build/putty-0.78/unix/platform.h:11:10: fatal error: dlfcn.h: No such file or directory 11 | #include /* Dynamic library loading */ | ^~~~~~~~~ Fixes: - http://autobuild.buildroot.org/results/06f0b14bd0414f97b06070198e290fb3253348c5 Signed-off-by: Fabrice Fontaine Signed-off-by: Peter Korsgaard (cherry picked from commit 3d8e0a263f277ca113b78b1f283292c418528c11) Signed-off-by: Peter Korsgaard commit 758b7799cad728c2ab4707e0f29f73f93f93b8d1 Author: Bernd Kuhls Date: Fri Dec 1 21:34:15 2023 +0100 package/samba4: security bump version to 4.18.9 Fixes CVE-2018-14628: https://www.samba.org/samba/security/CVE-2018-14628.html Release notes: https://www.samba.org/samba/history/samba-4.18.9.html Signed-off-by: Bernd Kuhls Signed-off-by: Peter Korsgaard commit 75abb665b1f8b8eb1657c76ca73bbc70cc9c180b Author: Fabrice Fontaine Date: Thu Nov 30 23:49:04 2023 +0100 package/rtty: fix wolfssl build Fix the following wolfssl build failure raised at least since bump to version 7.4.0 in commit 6b5907bf65d27ed98532e9783f92f5575f38b3d2: /home/autobuild/autobuild/instance-4/output-1/build/rtty-8.1.0/src/ssl/openssl.c: In function 'ssl_last_error_string': /home/autobuild/autobuild/instance-4/output-1/build/rtty-8.1.0/src/ssl/openssl.c:143:24: error: implicit declaration of function 'ERR_peek_error_line_data'; did you mean 'wolfSSL_ERR_get_error_line_data'? [-Werror=implicit-function-declaration] 143 | ssl_err_code = ERR_peek_error_line_data(&file, &line, &data, &flags); | ^~~~~~~~~~~~~~~~~~~~~~~~ | wolfSSL_ERR_get_error_line_data Fixes: - http://autobuild.buildroot.org/results/9db9f1dcc6760de4b78771bb79f109c4efd06c36 - http://autobuild.buildroot.org/results/16422af9469de114e552124542508c3b18ea8f19 Signed-off-by: Fabrice Fontaine [yann.morin.1998@free.fr: don't force wolfssl-all] Signed-off-by: Yann E. MORIN (cherry picked from commit 67cb7d8d093f57339e622e1f1f5a40d5013194f1) Signed-off-by: Peter Korsgaard commit 407357437dc00f8f81deff39e6f4dcf024b5be0c Author: José Luis Salvador Rufo Date: Fri Dec 1 08:33:05 2023 +0100 package/zfs: bump version to 2.2.2 This release contains an important fix for a data corruption bug. Full details are in the issue [1] and bug fix [2]. 1. https://github.com/openzfs/zfs/issues/15526 2. https://github.com/openzfs/zfs/pull/15571 Signed-off-by: José Luis Salvador Rufo Signed-off-by: Yann E. MORIN (cherry picked from commit c068fc4fa08051653229455dde0034427113a577) Signed-off-by: Peter Korsgaard commit 9e2e2cb6a9306df35c92ba62940d291de53213a3 Author: José Luis Salvador Rufo Date: Mon Nov 13 01:58:34 2023 +0100 package/zfs: bump version to 2.2.0 Removed backported patch: - https://github.com/openzfs/zfs/commit/bc3f12bfac152a0c28951cec92340ba14f9ccee9.patch Updated ZFS test to pass this new version; drop the explicit /pool mountpoint option to rely on the default location (which happens to be /pool already). Signed-off-by: José Luis Salvador Rufo Signed-off-by: Yann E. MORIN [yann.morin.1998@free.fr: - needed on master to further bump to a data-corruption fix ] (cherry picked from commit d153e58d13f262f96c6c7c9a2bc0d31b76c8973d) Signed-off-by: Yann E. MORIN (cherry picked from commit a44d1a1252572bcb7638e5b832c24841303f4800) Signed-off-by: Peter Korsgaard commit 236a009f6e5d8042925790bcdaa57db6a4b393e4 Author: Fabrice Fontaine Date: Wed Nov 29 18:39:01 2023 +0100 package/xtables-addons: bump to version 3.24 This bump will fix the following build failure with kernel >= 6.2 thanks to https://codeberg.org/jengelh/xtables-addons/commit/51761c3fe2454e0b4bc25274dd55d4ab72c54bf0: /home/buildroot/autobuild/instance-1/output-1/build/xtables-addons-3.22/extensions/xt_TARPIT.c: In function 'xttarpit_honeypot': /home/buildroot/autobuild/instance-1/output-1/build/xtables-addons-3.22/extensions/xt_TARPIT.c:110:26: error: implicit declaration of function 'prandom_u32_max'; did you mean 'prandom_u32_state'? [-Werror=implicit-function-declaration] 110 | (prandom_u32_max(0x20) - 0xf); | ^~~~~~~~~~~~~~~ | prandom_u32_state Fixes: - http://autobuild.buildroot.org/results/e8f2a0cb5b38ff98da97268c4b642554a0a732e1 - http://autobuild.buildroot.org/results/0191ee0590c08b73f17b35a5c8521796693772b5 Signed-off-by: Fabrice Fontaine Signed-off-by: Yann E. MORIN (cherry picked from commit 84b721c2bf88c3ae8f519680a64b1829427176c2) Signed-off-by: Peter Korsgaard commit 49e32695beaa86fc5abe56d30e0c03ac088521dc Author: Fabrice Fontaine Date: Wed Nov 29 18:39:00 2023 +0100 package/xtables-addons: drop unrecognized option --with-xtables is an unrecognized option since the addition of the package in commit 490917387a0ff6969f8130be38993eed5f06f73e: https://github.com/nawawi/xtables-addons/blob/a576f4d43e80f9f91705c9e6a86f2d58c283df14/configure.ac configure: WARNING: unrecognized options: --disable-gtk-doc, --disable-gtk-doc-html, --disable-doc, --disable-docs, --disable-documentation, --with-xmlto, --with-fop, --enable-ipv6, --disable-nls, --with-xtables Signed-off-by: Fabrice Fontaine Signed-off-by: Yann E. MORIN (cherry picked from commit e81dc9df53c406d0f65f5cb5e0fd6c5b0de32fd3) Signed-off-by: Peter Korsgaard commit 0ffbc8e28837ab094c744ecf3ea15b8922f34229 Author: Fabrice Fontaine Date: Wed Nov 29 22:43:08 2023 +0100 package/imagemagick: security bump to version 7.1.1-21 Fix CVE-2023-1289, CVE-2023-2157, CVE-2023-34151, CVE-2023-34152, CVE-2023-34153, CVE-2023-3428, CVE-2023-34474 and CVE-2023-34475 https://github.com/ImageMagick/Website/blob/main/ChangeLog.md Signed-off-by: Fabrice Fontaine Signed-off-by: Peter Korsgaard (cherry picked from commit 758d79faec0d95c57489296658517b1fd9fb5040) Signed-off-by: Peter Korsgaard commit fb3f6d1d1eb3fe089ab751a3bf9fe27355f6e652 Author: Fabrice Fontaine Date: Mon Nov 27 23:11:19 2023 +0100 package/gsl: fix musl build on m68k Update patch to fix the following musl build failure with m68k which is only raised (for an unknown reason) since bump to version 2.7.1 in commit 3e48f8358e519f9c24262a6549d8f6c78ee01add: In file included from fp.c:6: fp-gnum68k.c:21:10: fatal error: fpu_control.h: No such file or directory 21 | #include | ^~~~~~~~~~~~~~~ Add also upstream link to first patch iteration which was sent in November 2022 but didn't get it any reply (like most of the other emails sent to bug-gsl@gnu.org ...) Fixes: - http://autobuild.buildroot.org/results/e59636f6ac148807c1c67f09eef0e0a9f5d52303 Signed-off-by: Fabrice Fontaine Signed-off-by: Peter Korsgaard (cherry picked from commit 02e80e06c54af2863b622f1ecaa076656f1c16cf) Signed-off-by: Peter Korsgaard commit a17063e8ca72f69d119bcdd9c87067caf6a9dfdf Author: Yann E. MORIN Date: Mon Nov 27 10:40:44 2023 +0100 package/erlang: disable for uclibc, fix glibc-build Commit 2cfa86a54882(package/erlang: bump version to 26.0.2) added a patch to restore building on uClibc. However, that patch is not upstream, and has been rejected: https://github.com/erlang/otp/pull/7500 Please open a PR to https://github.com/asmjit/asmjit instead and we will get the fix next time we sync with upstream. We do not want theirs and our implementation to diverge. Furthermore, it happens to work on uClibc, because uClibc does not expose sys/auxv.h, but it fails to work on glibc, because the define is not propagated to "sub-trees", and thus is never defined where it is checked for, even when sys/auxv.h is available. This causes build failures such as: asmjit/core/cpuinfo.cpp: In function ‘void asmjit::_abi_1_10::detectHWCaps(CpuInfo&, long unsigned int, const LinuxHWCapMapping*, size_t)’: asmjit/core/cpuinfo.cpp:840:24: error: ‘getauxval’ was not declared in this scope 840 | unsigned long mask = getauxval(type); | ^~~~~~~~~ asmjit/core/cpuinfo.cpp: In function ‘void asmjit::_abi_1_10::detectARMCpu(CpuInfo&)’: asmjit/core/cpuinfo.cpp:972:21: error: ‘AT_HWCAP’ was not declared in this scope 972 | detectHWCaps(cpu, AT_HWCAP, hwCapMapping, ASMJIT_ARRAY_SIZE(hwCapMapping)); | ^~~~~~~~ asmjit/core/cpuinfo.cpp:973:21: error: ‘AT_HWCAP2’ was not declared in this scope 973 | detectHWCaps(cpu, AT_HWCAP2, hwCapMapping2, ASMJIT_ARRAY_SIZE(hwCapMapping2)); | ^~~~~~~~~ Yet, sys/auxv.h was detected at configure time: checking for sys/auxv.h... yes This defconfig is enough to reproduce the error: BR2_aarch64=y BR2_TOOLCHAIN_EXTERNAL=y BR2_TOOLCHAIN_EXTERNAL_BOOTLIN=y BR2_PACKAGE_ERLANG=y Since upstream refused the patch, and there is no fix that was submitted to the actual upstream (asmjit), drop the rejectred patch, and disable for uClibc: the patch is incorrect, and we can't fix a build issue on uClibc by introducing another on glibc. Fixes: http://autobuild.buildroot.org/results/fc1/fc19bad2263bdfacea594217d5ddfde0e27895b1/ http://autobuild.buildroot.org/results/114/11416d81d5b27fc0627b335a971154c088d5754a/ Signed-off-by: Yann E. MORIN Cc: Bernd Kuhls Cc: Maxim Kochetkov Changes v1 -> v2: - update comment when unavailable Signed-off-by: Peter Korsgaard (cherry picked from commit fb72418160417e9e872f626c356f898bff49cf48) Signed-off-by: Peter Korsgaard commit 7867302a726d559b2ca14fba9dbfa707c449e8f2 Author: Francois Perrad Date: Mon Nov 27 04:26:39 2023 +0100 package/perl: security bump to 5.36.2 fix CVE-2023-47038 - Write past buffer end via illegal user-defined Unicode property Signed-off-by: Francois Perrad Signed-off-by: Peter Korsgaard (cherry picked from commit 127986f3eda6cc8396f8f83269d525fe13dbde1a) Signed-off-by: Peter Korsgaard commit d353e51bcf0df323aef966873e9856e4f1444752 Author: Bernd Kuhls Date: Tue Nov 28 18:51:25 2023 +0100 {linux, linux-headers}: bump 4.{14, 19}.x / 5.{4, 10, 15}.x / 6.{1, 5, 6}.x series Signed-off-by: Bernd Kuhls Signed-off-by: Peter Korsgaard (cherry picked from commit c9222fe0fc73aadf42ea8ed2c3514b19e15e9a62) [Peter: drop 6.5.x / 6.6.x bump] Signed-off-by: Peter Korsgaard commit fe30c5797727a9a093d2056033157356175b5d2e Author: Fabrice Fontaine Date: Tue Nov 28 21:30:59 2023 +0100 package/libxml2: security bump to version 2.11.6 Fix CVE-2023-45322: libxml2 through 2.11.5 has a use-after-free that can only occur after a certain memory allocation fails. This occurs in xmlUnlinkNode in tree.c. NOTE: the vendor's position is "I don't think these issues are critical enough to warrant a CVE ID ... because an attacker typically can't control when memory allocations fail." https://gitlab.gnome.org/GNOME/libxml2/-/blob/v2.11.6/NEWS Signed-off-by: Fabrice Fontaine Signed-off-by: Peter Korsgaard (cherry picked from commit e5af07dce9eb2333a863b09ac1c06eb35f3adb70) Signed-off-by: Peter Korsgaard commit 11be509a03223ec5cff935399402538794713200 Author: Bernd Kuhls Date: Sat Oct 7 12:25:00 2023 +0200 package/libxml2: bump version to 2.11.5 Release notes: https://download.gnome.org/sources/libxml2/2.11/libxml2-2.11.5.news Signed-off-by: Bernd Kuhls Signed-off-by: Peter Korsgaard (cherry picked from commit 622698d78472aad0b4afa2775fd35dd5bff7a865) Signed-off-by: Peter Korsgaard commit 7241abcbdf2005e7a57d75f1d55351fd93af5b39 Author: Fabrice Fontaine Date: Tue Nov 28 21:23:52 2023 +0100 package/vim: security bump to version 9.0.2136 Fix CVE-2023-46246, CVE-2023-48231, CVE-2023-48232, CVE-2023-48233, CVE-2023-48234, CVE-2023-48235, CVE-2023-48236 and CVE-2023-48237 Signed-off-by: Fabrice Fontaine Signed-off-by: Peter Korsgaard (cherry picked from commit 6bd302c631f88698763a3cf3fd6d0a9b3f0a17c8) Signed-off-by: Peter Korsgaard commit e6eda1b6c7b37763787f1bb43d72c42ef65cc128 Author: Fabrice Fontaine Date: Tue Nov 28 21:21:13 2023 +0100 package/squid: security bump to version 6.5 Fix CVE-2023-5824, CVE-2023-46724, CVE-2023-46846, CVE-2023-46847 and CVE-2023-46848 https://github.com/squid-cache/squid/security/advisories/GHSA-543m-w2m2-g255 https://github.com/squid-cache/squid/security/advisories/GHSA-j83v-w3p4-5cqh https://github.com/squid-cache/squid/security/advisories/GHSA-73m6-jm96-c6r3 https://github.com/squid-cache/squid/security/advisories/GHSA-phqj-m8gv-cq4g https://github.com/squid-cache/squid/security/advisories/GHSA-2g3c-pg7q-g59w https://github.com/squid-cache/squid/blob/SQUID_6_5/ChangeLog Signed-off-by: Fabrice Fontaine Signed-off-by: Peter Korsgaard (cherry picked from commit 7fb3c96a7b4bfab1272991a997d6b507b38d19c5) Signed-off-by: Peter Korsgaard commit 722335175e58a93b8853ae43808a1b00ebb5e14c Author: Waldemar Brodkorb Date: Thu Oct 5 08:14:09 2023 +0200 package/squid: bump version to 6.3 Signed-off-by: Waldemar Brodkorb Signed-off-by: Peter Korsgaard (cherry picked from commit 0e15854fbcb12c22bda59affb658aecc002177ed) Signed-off-by: Peter Korsgaard commit bc63929d5b224f3e3050f2d460e506b8fba9e887 Author: Waldemar Brodkorb Date: Thu Aug 10 11:58:55 2023 +0200 package/squid: update to 6.2 See the release notes for Squid 6 for any news: http://www.squid-cache.org/Versions/v6/RELEASENOTES.html Tested with qemu_aarch64_virt_defconfig. Signed-off-by: Waldemar Brodkorb Signed-off-by: Thomas Petazzoni (cherry picked from commit 2a7c6816f02f45946e896577d78e3470331b2d63) Signed-off-by: Peter Korsgaard commit c06c12775b79fe44b870ab2d54934711fc09551e Author: Fabrice Fontaine Date: Tue Nov 28 21:14:33 2023 +0100 package/memcached: security bump to version 1.6.22 Fix CVE-2023-46852: In Memcached before 1.6.22, a buffer overflow exists when processing multiget requests in proxy mode, if there are many spaces after the "get" substring. Fix CVE-2023-46853: In Memcached before 1.6.22, an off-by-one error exists when processing proxy requests in proxy mode, if \n is used instead of \r\n. https://github.com/memcached/memcached/wiki/ReleaseNotes1622 Signed-off-by: Fabrice Fontaine Signed-off-by: Peter Korsgaard (cherry picked from commit bc96e9da0d8010482dcc50c055567d4625498088) Signed-off-by: Peter Korsgaard commit f86173d5f62cb0667cce77a705b59e417c0d91a8 Author: Fabrice Fontaine Date: Sun Oct 1 15:04:59 2023 +0200 package/memcached: fix uclibc-ng build Fix the following uclibc-ng build failure raised since bump to version 1.6.21 in commit 6ce55ab0ed3b7125cd11ecfe8c18aaf156b5f060 and https://github.com/memcached/memcached/commit/875371a75cbf1f92350de2d1fa0fae4a35ed572b: /home/buildroot/autobuild/instance-2/output-1/host/lib/gcc/arc-buildroot-linux-uclibc/10.2.0/../../../../arc-buildroot-linux-uclibc/bin/ld: memcached-thread.o: in function `thread_setname': thread.c:(.text+0xea2): undefined reference to `pthread_setname_np' Fixes: - http://autobuild.buildroot.org/results/e856d381f5ec7d2727f21c8bd46dacb456984416 Signed-off-by: Fabrice Fontaine Signed-off-by: Thomas Petazzoni (cherry picked from commit bfa3cd74d017ba47b91729f131daf5d5993c5265) Signed-off-by: Peter Korsgaard commit 1cdd0696d47867d88d0f87305cf9b7022ee44de8 Author: Fabrice Fontaine Date: Sun Sep 24 17:09:26 2023 +0200 package/memcached: bump to version 1.6.21 - Send first patch upstream - Drop second and third patches (already in version) and so drop autoreconf https://github.com/memcached/memcached/wiki/ReleaseNotes1618 https://github.com/memcached/memcached/wiki/ReleaseNotes1619 https://github.com/memcached/memcached/wiki/ReleaseNotes1620 https://github.com/memcached/memcached/wiki/ReleaseNotes1621 Signed-off-by: Fabrice Fontaine Signed-off-by: Peter Korsgaard (cherry picked from commit 6ce55ab0ed3b7125cd11ecfe8c18aaf156b5f060) Signed-off-by: Peter Korsgaard commit 8b0ba84e38240aecbb08d32f2a3ee69c3a26ac6b Author: Fabrice Fontaine Date: Tue Nov 28 21:12:50 2023 +0100 package/vlc: security bump to version 3.0.20 Fix CVE-2023-47359: Videolan VLC prior to version 3.0.20 contains an incorrect offset read that leads to a Heap-Based Buffer Overflow in function GetPacket() and results in a memory corruption. Fix CVE-2023-47360: Videolan VLC prior to version 3.0.20 contains an Integer underflow that leads to an incorrect packet length. https://code.videolan.org/videolan/vlc/-/blob/3.0.20/NEWS Signed-off-by: Fabrice Fontaine Signed-off-by: Peter Korsgaard (cherry picked from commit d675873f4fe9b601719b08cdd8a901d73ec7f731) Signed-off-by: Peter Korsgaard commit 31ddad909e1e0037a55ea1ba552399dd99c8a49b Author: Bernd Kuhls Date: Tue Oct 17 22:20:57 2023 +0200 package/vlc: bump version to 3.0.19 Rebased patch 0006 due to upstream commit https://code.videolan.org/videolan/vlc/-/commit/3f9fc44176cc5505132977885799fa988c5e7701 Release notes: https://code.videolan.org/videolan/vlc/-/blob/3.0.19/NEWS Signed-off-by: Bernd Kuhls Signed-off-by: Peter Korsgaard (cherry picked from commit f45fa3b4059373c7287eafeb6466cc491734b958) Signed-off-by: Peter Korsgaard commit 69f4ee8c5a33854f850adbe8c0814d94bf426a86 Author: Brandon Maier Date: Tue Nov 28 19:55:07 2023 +0000 docs/website: fix favicon When the favicon image was added in f26e61319f3f (docs/website: add favicon.png), it was added to a different directory then where the header's icon link points. This causes the favicon to fail to load with 404. While we are here, remove the "shortcut" rel attribute as it is non-standard and it's recommended not to use it[1]. [1] https://developer.mozilla.org/en-US/docs/Web/HTML/Attributes/rel#sect4 Signed-off-by: Brandon Maier Signed-off-by: Peter Korsgaard (cherry picked from commit 8ad1a2eaa5fa6c5eaa6614b007b968223e49448e) Signed-off-by: Peter Korsgaard commit 66acf3992eafb85bab31d3070ed41336f4482d79 Author: Fabrice Fontaine Date: Mon Nov 27 22:27:12 2023 +0100 package/motion: fix webp build Fix the following build failure raised since bump of webp to version 1.3.2 in commit c88c1d3319dd24fa833455a2e7d96bc4585bab7f: /home/autobuild/autobuild/instance-9/output-1/host/lib/gcc/aarch64_be-buildroot-linux-uclibc/13.2.0/../../../../aarch64_be-buildroot-linux-uclibc/bin/ld: picture.o: undefined reference to symbol 'WebPMemoryWriterClear' /home/autobuild/autobuild/instance-9/output-1/host/lib/gcc/aarch64_be-buildroot-linux-uclibc/13.2.0/../../../../aarch64_be-buildroot-linux-uclibc/bin/ld: /home/autobuild/autobuild/instance-9/output-1/host/aarch64_be-buildroot-linux-uclibc/sysroot/usr/lib64/libwebp.so.7: error adding symbols: DSO missing from command line Fixes: - http://autobuild.buildroot.org/results/9b859a701debeaddf1f9909e16adc6811a620576 Signed-off-by: Fabrice Fontaine Signed-off-by: Yann E. MORIN (cherry picked from commit 1267a234fff8c5270d8ead5541167053771636b1) Signed-off-by: Peter Korsgaard commit 30bfbf6f27dc2da14fa49047c71e30cec3016516 Author: Fabrice Fontaine Date: Mon Nov 27 22:25:58 2023 +0100 package/exfatprogs: security bump to version 1.2.2 Fix CVE-2023-45897: exfatprogs before 1.2.2 allows out-of-bounds memory access, such as in read_file_dentry_set. https://github.com/exfatprogs/exfatprogs/blob/1.2.2/NEWS Signed-off-by: Fabrice Fontaine Signed-off-by: Yann E. MORIN (cherry picked from commit 07dad085fa4663deeee95fc4e037324b7c3eb37c) Signed-off-by: Peter Korsgaard commit b68a8806df88a5918476f259a2f0077e99115564 Author: Peter Seiderer Date: Tue Aug 8 20:09:58 2023 +0200 board/raspberrypi/config_4_64bit.txt: remove testing dtoverlay entries (vc4-kms-v3d-pi4, imx219) Remove private/testing dtoverlay entries (vc4-kms-v3d-pi4, imx219 and commented out ov5647) wrongly introduced by commit 689b9ac439 ("package/rpi-firmware: rework boot/config file handling") [1]. [1] https://git.buildroot.net/buildroot/commit/?id=689b9ac439ab7b507c8982b6102bddf59d03efbf Signed-off-by: Peter Seiderer Signed-off-by: Yann E. MORIN (cherry picked from commit fbf0a6ea427c7c1c837f79c74d591ec35eab3ba6) Signed-off-by: Peter Korsgaard commit ec866af755162efec821a61b156dc562a326804f Author: Gaël PORTAY Date: Mon Nov 20 22:41:50 2023 +0100 board/raspberrypi: fix autoprobing of bluetooth driver The commit 689b9ac439 (package/rpi-firmware: rework boot/config file handling) has split in two the property: dtoverlay=miniuart-bt,krnbt=on Into: dtoverlay=miniuart-bt dtoverlay=krnbt=on The initial property contained the dtbo file miniuart-bt[1] and its parameter krnbt=on[2][3]. The first syntax is correct while the second is not. The krnbt=on is not a dtoverlay[4] but a dtparam[5]. Therefore the property dtparam must be used instead. This fixes: # cat /sys/firmware/devicetree/base/chosen/user-warnings Failed to load overlay 'krnbt=on' [1]: https://github.com/raspberrypi/linux/blob/rpi-5.10.y/arch/arm/boot/dts/overlays/miniuart-bt-overlay.dts [2]: https://github.com/raspberrypi/linux/blob/rpi-5.10.y/arch/arm/boot/dts/overlays/miniuart-bt-overlay.dts#L91 [3]: https://github.com/raspberrypi/linux/blob/rpi-5.10.y/arch/arm/boot/dts/overlays/README#L213-L215 [4]: https://www.raspberrypi.com/documentation/computers/config_txt.html#dtoverlay [5]: https://www.raspberrypi.com/documentation/computers/config_txt.html#dtparam Signed-off-by: Gaël PORTAY Signed-off-by: Yann E. MORIN (cherry picked from commit 5be42d8da3370e74b32190b97c4399749b4fa761) Signed-off-by: Peter Korsgaard commit d8bc17fa2f7bdafdac86e07106de05b0668f1829 Author: Fabrice Fontaine Date: Sun Nov 26 23:57:17 2023 +0100 package/exfatprogs: add EXFATPROGS_CPE_ID_VENDOR cpe:2.3:a:namjaejeon:exfatprogs is a valid CPE identifier for this package: https://nvd.nist.gov/products/cpe/detail/F174A846-F275-4AD8-A0E3-6D0CEFDFF308 Signed-off-by: Fabrice Fontaine Signed-off-by: Yann E. MORIN (cherry picked from commit 3da62675d730eec9b402f8edd1de5e046e94d71d) Signed-off-by: Peter Korsgaard commit ec2238b8bcdd114a1d0b0f0db9027f887e990c39 Author: Maxim Kochetkov Date: Thu Nov 23 09:15:00 2023 +0300 package/postgresql: security bump version to 15.5 Release notes: https://www.postgresql.org/about/news/postgresql-161-155-1410-1313-1217-and-1122-released-2749/ Fixes CVE-2023-5868, CVE-2023-5869, CVE-2023-5870. Signed-off-by: Maxim Kochetkov Signed-off-by: Yann E. MORIN (cherry picked from commit 4d549c071dcc7ede701ee91cb39bc4a9a2be7baf) Signed-off-by: Peter Korsgaard commit 8212d48c118456c1ca6a293c5e21adaeed2228d7 Author: Thomas Petazzoni Date: Thu Nov 16 14:51:35 2023 +0100 package/netsnmp: revert back to 5.9.3, backport security fix In commit 13fc9dcb34926e9b6310b23662920c55c96d83a1, netsnmp was bumped from 5.9.3 to 5.9.4 to fix two CVEs. However, even though it's a minor version bump, there are actually 163 commits upstream between those two minor releases, and some of them are breaking existing use-cases. In particular upstream a2cb167514ac0c7e1b04e8f151e0b015501362e0 now requires that config_() macros in MIB files are terminated with a semicolon, causing a build breakage with existing MIB files that were totally valid with 5.9.3. This commit therefore proposes to revert back to 5.9.3, by reverting those two commits: 56caafceab3ec12669ccb7aa6fc8b653778064e1 package/netsnmp: fix musl build 13fc9dcb34926e9b6310b23662920c55c96d83a1 package/netsnmp: security bump to version 5.9.4 and instead backport the one upstream commit that fixes both CVEs. Signed-off-by: Thomas Petazzoni [yann.morin.1998@free.fr: fix typo as reported by Baruch] Signed-off-by: Yann E. MORIN (cherry picked from commit 44243b4c80c3c6fd4364fa1582f6a8e8c8b928da) Signed-off-by: Peter Korsgaard commit bc63ab9623a43ef308dcfb9bc7ad776cae285995 Author: Gaël PORTAY Date: Wed Nov 22 02:04:08 2023 +0100 board/raspberrypi/readme.txt: fix typos Signed-off-by: Gaël PORTAY Signed-off-by: Yann E. MORIN (cherry picked from commit acd833c8c712268ecfec1080721c6f39192bbdb2) Signed-off-by: Peter Korsgaard commit 29e2700bda27f0156f17d4dfe1293f4c7fd1efb1 Author: José Luis Salvador Rufo Date: Sun Nov 12 23:11:17 2023 +0100 package/zfs: fix zfs autotools cross-compilation This commit addresses a long-standing bug encountered during ZFS compilation in cross-platform environments. The issue arises because ZFS autoconf triggers a `make modules` to detect if the kernel can compile modules [1]. The problem occurs when autoconf uses the host environment instead of the cross-platform environment. To fix this, we export necessary environment variables to ensure that ZFS autoconf utilizes the cross-platform environment correctly. This patch resolves ZFS cross-platform compilations: - http://autobuild.buildroot.net/results/ebeab256101bcba38c35fd55075c414e62f92caa/ - http://autobuild.buildroot.net/results/03b9f12a106bf100eec695a92b83bf09b22c68b0/ - http://autobuild.buildroot.net/results/c2da90337463607c2fadfeac7ad72e5c3899a61f/ - http://autobuild.buildroot.net/results/465a249f92d2f5db7ac4b61b4111e6cbaaa15688/ - http://autobuild.buildroot.net/results/7e2d3277e26fa5b0c8073a0e8b9e82f47ade9697/ - http://autobuild.buildroot.net/results/a8fb87336b09fef8787a7889dfcccf14fe1215b9/ - https://gitlab.com/kubu93/buildroot/-/jobs/1522848483 And fix a few emails: - alpine.DEB.2.22.394.2108181630280.2028262@ridzo [build zfs into buildroot for raspberry pi 4] - https://lists.buildroot.org/pipermail/buildroot/2021-August/621696.html - https://lists.buildroot.org/pipermail/buildroot/2021-August/621345.html - https://lists.buildroot.org/pipermail/buildroot/2022-July/646379.html - https://lists.buildroot.org/pipermail/buildroot/2023-June/668467.html [1] This is the full callback, you can just check the last link: - https://github.com/openzfs/zfs/blob/zfs-2.1.12/config/kernel-declare-event-class.m4#L7C11-L7C11 - https://github.com/openzfs/zfs/blob/zfs-2.1.12/config/kernel.m4#L883 - https://github.com/openzfs/zfs/blob/zfs-2.1.12/config/kernel.m4#L868 - https://github.com/openzfs/zfs/blob/zfs-2.1.12/config/kernel.m4#L668 Signed-off-by: José Luis Salvador Rufo Signed-off-by: Yann E. MORIN (cherry picked from commit 7fe685c510578435b8b7c0448478e71a3db4d9e4) Signed-off-by: Peter Korsgaard commit 76699a7770cbee6e35a417e3cda0310a832af434 Author: Yann E. MORIN Date: Sun Nov 26 17:11:18 2023 +0100 package/zfs: don't download patch generated from github Git-generated patches embed the short-hash of the objects in the repository. The length of those short hashes are subject to change in at least three cases: - the number of objects in the repository increases, so git increases the length of short hashes to get a good change there is no collision; - the git configuration changes, see core.abbrev in git-config; - the heuristic to compute the length changes in a newer git version. Since the bump to zfs 2.1.4 in commit 68dfd09708c6, the patch generated by github has changed, causing download failures: wget --passive-ftp -nd -t 3 -O '/home/ymorin/dev/buildroot/O/master/build/.bc3f12bfac152a0c28951cec92340ba14f9ccee9.patch.uoFq9e/output' 'https://github.com/openzfs/zfs/commit/bc3f12bfac152a0c28951cec92340ba14f9ccee9.patch' --2023-11-26 16:53:25-- https://github.com/openzfs/zfs/commit/bc3f12bfac152a0c28951cec92340ba14f9ccee9.patch Resolving github.com (github.com)... 140.82.121.3 Connecting to github.com (github.com)|140.82.121.3|:443... connected. HTTP request sent, awaiting response... 200 OK Length: 2976 (2.9K) [text/plain] Saving to: ‘/home/ymorin/dev/buildroot/O/master/build/.bc3f12bfac152a0c28951cec92340ba14f9ccee9.patch.uoFq9e/output’ /home/ymorin/dev/buildroot/O/ 100%[================================================>] 2.91K --.-KB/s in 0s 2023-11-26 16:53:25 (15.0 MB/s) - ‘/home/ymorin/dev/buildroot/O/master/build/.bc3f12bfac152a0c28951cec92340ba14f9ccee9.patch.uoFq9e/output’ saved [2976/2976] ERROR: while checking hashes from package/zfs//zfs.hash ERROR: bc3f12bfac152a0c28951cec92340ba14f9ccee9.patch has wrong sha256 hash: ERROR: expected: 96a27353fe717ff2c8b95deb8b009c4eb750303c6400e2d8a2582ab1ec12b25a ERROR: got : 246c80f66abca5a7e0c41cc7c56eec0b4cb7f16b142262480401142bbc2f999f ERROR: Incomplete download, or man-in-the-middle (MITM) attack And indeed, the length of short hashes has increased by one since then. Fix that by bundling the patch, with the short hashes that were known then, so that it matches the sha256 we had for it. Signed-off-by: Yann E. MORIN (cherry picked from commit 2c3946fcb45b07db5cc88cdc944745aa1ef8fa04) Signed-off-by: Peter Korsgaard commit b1a3096f1c65cf1f0d605a1e596cbcf41fbf31bf Author: Nicolas Cavallari Date: Wed Nov 22 16:47:36 2023 +0100 package/gcc: fix disabling the documentation gcc.mk attempts to disable building the documentation by setting MAKEINFO=missing, but it is not working. If makeinfo is installed and recent enough, gcc still uses it. This can be checked easily: grep BUILD_INFO='info' host-gcc-initial-*/build/gcc/config.log It happens because the root ./configure script will check $MAKEINFO --version (aka 'missing --version') and will overwrite it with MAKEINFO='missing makeinfo' because the version does not match. Having MAKEINFO='missing makeinfo' is a problem because 'missing makeinfo' will actually attempt to run 'makeinfo' before failing with an error message. If makeinfo is installed on the host, then 'missing makeinfo' will successfully run makeinfo anyway. Many gcc subprojects will check $MAKEINFO --version and enable building the documentation if it is recent enough. This patch overrides these checks by forcing gcc_cv_prog_makeinfo_modern=no. Building the GCC documentation can fail with the wrong makeinfo version. It happened at least when building GCC 11.3.0 with makeinfo 7.1. Signed-off-by: Nicolas Cavallari Signed-off-by: Yann E. MORIN (cherry picked from commit f7b9d3ad2b4acccad5252737003e8a0db4f43340) Signed-off-by: Peter Korsgaard commit d3302c337ed2d81a9019cfcfb2bd3c022ef1defb Author: Peter Korsgaard Date: Wed Nov 15 12:26:42 2023 +0100 package/intel-microcode: security bump to version 20231114 Includes fixes for INTEL-SA-00950: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00950.html https://lock.cmpxchg8b.com/reptar.html https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20231114 Signed-off-by: Peter Korsgaard Signed-off-by: Yann E. MORIN (cherry picked from commit c54407541cfd50c3bd9f4f46337448cd3ed1423d) Signed-off-by: Peter Korsgaard --- .checkpackageignore | 4 -- CHANGES | 18 +++++ Makefile | 4 +- board/raspberrypi/config_0w.txt | 2 +- board/raspberrypi/config_3.txt | 2 +- board/raspberrypi/config_3_64bit.txt | 2 +- board/raspberrypi/config_4.txt | 2 +- board/raspberrypi/config_4_64bit.txt | 6 +- board/raspberrypi/config_zero2w.txt | 2 +- board/raspberrypi/readme.txt | 6 +- .../patches/linux-headers/linux-headers.hash | 1 + .../apalis-imx6/patches/linux/linux.hash | 2 + .../apalis-imx6/patches/uboot/uboot.hash | 2 + configs/toradex_apalis_imx6_defconfig | 1 + docs/website/header.html | 2 +- linux/linux.hash | 12 ++-- .../0001-erts-check-for-sys-auxv.h.patch | 44 ------------ package/erlang/Config.in | 5 +- package/exfatprogs/exfatprogs.hash | 4 +- package/exfatprogs/exfatprogs.mk | 3 +- package/gcc/gcc.mk | 7 +- ...01-configure.ac-fix-build-on-powerpc.patch | 7 +- package/imagemagick/imagemagick.hash | 2 +- package/imagemagick/imagemagick.mk | 2 +- package/intel-microcode/intel-microcode.hash | 2 +- package/intel-microcode/intel-microcode.mk | 2 +- package/libde265/libde265.hash | 2 +- package/libde265/libde265.mk | 2 +- package/libmemcached/libmemcached.mk | 9 ++- package/libpjsip/libpjsip.hash | 2 +- package/libpjsip/libpjsip.mk | 2 +- package/libxml2/libxml2.hash | 4 +- package/libxml2/libxml2.mk | 2 +- package/linux-headers/Config.in.host | 12 ++-- package/mariadb/mariadb.hash | 4 +- package/mariadb/mariadb.mk | 2 +- .../0001-logger.c-initialize-rport.patch | 2 +- .../memcached/0002-check-for-sys-auxv.h.patch | 50 ------------- .../0002-fix-build-on-uclibc-ng.patch | 64 +++++++++++++++++ ...0003-configure.ac-add-disable-werror.patch | 65 ----------------- package/memcached/memcached.hash | 6 +- package/memcached/memcached.mk | 2 +- ...Include-libwebp-when-WEBP-is-enabled.patch | 26 +++++++ ...onfiguration-of-NETSNMP_FD_MASK_TYPE.patch | 38 ---------- ...agent-disallow-SET-with-NULL-varbind.patch | 72 +++++++++++++++++++ package/netsnmp/netsnmp.hash | 6 +- package/netsnmp/netsnmp.mk | 6 +- package/perl/perl.hash | 12 ++-- package/perl/perl.mk | 4 +- package/postgresql/postgresql.hash | 4 +- package/postgresql/postgresql.mk | 2 +- package/putty/putty.mk | 5 ++ package/rtty/rtty.mk | 2 +- package/samba4/samba4.hash | 4 +- package/samba4/samba4.mk | 2 +- package/speechd/speechd.mk | 7 +- package/squid/squid.hash | 8 +-- package/squid/squid.mk | 4 +- package/vim/vim.hash | 2 +- package/vim/vim.mk | 2 +- ...ient-run-time-fallback-to-real-time-.patch | 9 +-- package/vlc/vlc.hash | 8 +-- package/vlc/vlc.mk | 2 +- ...ib-psos-task.c-fix-build-with-gcc-12.patch | 56 +++++++++++++++ package/xtables-addons/xtables-addons.hash | 2 +- package/xtables-addons/xtables-addons.mk | 3 +- package/zfs/zfs.hash | 5 +- package/zfs/zfs.mk | 13 +++- support/misc/Vagrantfile | 2 +- support/testing/tests/package/test_zfs.py | 4 +- 70 files changed, 377 insertions(+), 309 deletions(-) create mode 120000 board/toradex/apalis-imx6/patches/linux-headers/linux-headers.hash create mode 100644 board/toradex/apalis-imx6/patches/linux/linux.hash create mode 100644 board/toradex/apalis-imx6/patches/uboot/uboot.hash delete mode 100644 package/erlang/0001-erts-check-for-sys-auxv.h.patch delete mode 100644 package/memcached/0002-check-for-sys-auxv.h.patch create mode 100644 package/memcached/0002-fix-build-on-uclibc-ng.patch delete mode 100644 package/memcached/0003-configure.ac-add-disable-werror.patch create mode 100644 package/motion/0002-Include-libwebp-when-WEBP-is-enabled.patch delete mode 100644 package/netsnmp/0001-Fix-configuration-of-NETSNMP_FD_MASK_TYPE.patch create mode 100644 package/netsnmp/0001-snmp_agent-disallow-SET-with-NULL-varbind.patch create mode 100644 package/xenomai/3.0.10/0004-lib-psos-task.c-fix-build-with-gcc-12.patch diff --git a/.checkpackageignore b/.checkpackageignore index 4a183a445cec..3c12cbc0e348 100644 --- a/.checkpackageignore +++ b/.checkpackageignore @@ -547,7 +547,6 @@ package/graphite2/0001-don-t-install-a-libtool-file-with-static-library.patch Up package/grpc/0002-wrap_memcpy.cc-add-GPR_DISABLE_WRAPPED_MEMCPY.patch Upstream package/grpc/0003-host-grpc-only-cpp-plugin.patch Upstream package/grpc/0004-disable-unconditionally-downloading-api-repos.patch Upstream -package/gsl/0001-configure.ac-fix-build-on-powerpc.patch Upstream package/gstreamer1/gstd/0001-Don-t-require-gstd-check-user-xenv.sh-for-systemd-se.patch Upstream package/guile/0001-calculate-csqrt_manually.patch Upstream package/guile/0002-Makefile.am-fix-build-without-makeinfo.patch Upstream @@ -901,9 +900,6 @@ package/matchbox/0001-defaulttheme.patch Upstream package/matchbox/0002-src-Fix-build-with-gcc-10.patch Upstream package/mediastreamer/0001-src-videofilters-nowebcam.c-fix-build-without-ffmpeg.patch Upstream package/mediastreamer/0002-Use-AV_INPUT_BUFFER_PADDING_SIZE-to-determine-paddin.patch Upstream -package/memcached/0001-logger.c-initialize-rport.patch Upstream -package/memcached/0002-check-for-sys-auxv.h.patch Upstream -package/memcached/0003-configure.ac-add-disable-werror.patch Upstream package/memstat/0001-PATH_MAX.patch Upstream package/mender-connect/S43mender-connect Shellcheck package/menu-cache/0001-Support-gcc10-compilation.patch Upstream diff --git a/CHANGES b/CHANGES index e9df7879b773..256ff78a9516 100644 --- a/CHANGES +++ b/CHANGES @@ -1,3 +1,21 @@ +2023.08.4, released December 4th, 2023 + + Important / security related fixes. + + Defconfigs: Raspberrypi: Fix DT overlay for autoproving of + bluetooth driver, Toradex apalis i.mx6: Add download hashes + for Linux and U-Boot. + + Updated/fixed packages: gcc, erlang, exfatprogs, gsl, + imagemagick, intel-microcode, libde265, libmemcached, + libpjsip, libxml2, mariadb, memcached, motion, netsnmp, perl, + postgresql, putty, rtty, samba4, speechd, squid, vim, vlc, + xenomai, xtables-addons, zfs + + Issues resolved (http://bugs.uclibc.org): + + #15856: Using BR2_CONFIG= on a different file-system... + 2023.08.3, released November 14th, 2023 Important / security related fixes. diff --git a/Makefile b/Makefile index ff33a3adfc73..6ca6a15324f8 100644 --- a/Makefile +++ b/Makefile @@ -90,9 +90,9 @@ all: .PHONY: all # Set and export the version string -export BR2_VERSION := 2023.08.3 +export BR2_VERSION := 2023.08.4 # Actual time the release is cut (for reproducible builds) -BR2_VERSION_EPOCH = 1699976000 +BR2_VERSION_EPOCH = 1701695000 # Save running make version since it's clobbered by the make package RUNNING_MAKE_VERSION := $(MAKE_VERSION) diff --git a/board/raspberrypi/config_0w.txt b/board/raspberrypi/config_0w.txt index 195bad449e8b..bc59d5fad2ef 100644 --- a/board/raspberrypi/config_0w.txt +++ b/board/raspberrypi/config_0w.txt @@ -26,4 +26,4 @@ gpu_mem_1024=100 dtoverlay=miniuart-bt # enable autoprobing of Bluetooth driver without need of hciattach/btattach -dtoverlay=krnbt=on +dtparam=krnbt=on diff --git a/board/raspberrypi/config_3.txt b/board/raspberrypi/config_3.txt index 195bad449e8b..bc59d5fad2ef 100644 --- a/board/raspberrypi/config_3.txt +++ b/board/raspberrypi/config_3.txt @@ -26,4 +26,4 @@ gpu_mem_1024=100 dtoverlay=miniuart-bt # enable autoprobing of Bluetooth driver without need of hciattach/btattach -dtoverlay=krnbt=on +dtparam=krnbt=on diff --git a/board/raspberrypi/config_3_64bit.txt b/board/raspberrypi/config_3_64bit.txt index 34412fa9e82b..667287112573 100644 --- a/board/raspberrypi/config_3_64bit.txt +++ b/board/raspberrypi/config_3_64bit.txt @@ -26,7 +26,7 @@ gpu_mem_1024=100 dtoverlay=miniuart-bt # enable autoprobing of Bluetooth driver without need of hciattach/btattach -dtoverlay=krnbt=on +dtparam=krnbt=on # enable 64bits support arm_64bit=1 diff --git a/board/raspberrypi/config_4.txt b/board/raspberrypi/config_4.txt index ea02d3f07130..74a7b270cdf5 100644 --- a/board/raspberrypi/config_4.txt +++ b/board/raspberrypi/config_4.txt @@ -26,4 +26,4 @@ gpu_mem_1024=100 dtoverlay=miniuart-bt # enable autoprobing of Bluetooth driver without need of hciattach/btattach -dtoverlay=krnbt=on +dtparam=krnbt=on diff --git a/board/raspberrypi/config_4_64bit.txt b/board/raspberrypi/config_4_64bit.txt index 41c7e97e99b2..a4ae327d2a2d 100644 --- a/board/raspberrypi/config_4_64bit.txt +++ b/board/raspberrypi/config_4_64bit.txt @@ -26,11 +26,7 @@ gpu_mem_1024=100 dtoverlay=miniuart-bt # enable autoprobing of Bluetooth driver without need of hciattach/btattach -dtoverlay=krnbt=on - -dtoverlay=vc4-kms-v3d-pi4 -dtoverlay=imx219 -#dtoverlay=ov5647 +dtparam=krnbt=on # enable 64bits support arm_64bit=1 diff --git a/board/raspberrypi/config_zero2w.txt b/board/raspberrypi/config_zero2w.txt index 9e6b7f5ccfd7..55095f64a7df 100644 --- a/board/raspberrypi/config_zero2w.txt +++ b/board/raspberrypi/config_zero2w.txt @@ -26,4 +26,4 @@ gpu_mem_1024=100 dtoverlay=miniuart-bt # enable autoprobing of Bluetooth driver without need of hciattach/btattach -dtoverlay=krnbt=on +dtparam=krnbt=on diff --git a/board/raspberrypi/readme.txt b/board/raspberrypi/readme.txt index c81fd801aede..21a136eb8326 100644 --- a/board/raspberrypi/readme.txt +++ b/board/raspberrypi/readme.txt @@ -17,8 +17,8 @@ How to build it Configure Buildroot ------------------- -There are two RaspberryPi defconfig files in Buildroot, one for each -major variant, which you should base your work on: +There are several Raspberry Pi defconfig files in Buildroot, one for +each major variant, which you should base your work on: For models A, B, A+ or B+: @@ -133,7 +133,7 @@ How to write to CM4 eMMC memory =============================== For CM4 modules without eMMC memory see above for booting from SD card, -for CM4 moduels with eMMC memory proceed as following: +for CM4 modules with eMMC memory proceed as following: - fit jumper on IO Board header J2 to disable eMMC boot - connect IO Board micro USB port (J11 USB slave) to your host linux system diff --git a/board/toradex/apalis-imx6/patches/linux-headers/linux-headers.hash b/board/toradex/apalis-imx6/patches/linux-headers/linux-headers.hash new file mode 120000 index 000000000000..5808d92afe89 --- /dev/null +++ b/board/toradex/apalis-imx6/patches/linux-headers/linux-headers.hash @@ -0,0 +1 @@ +../linux/linux.hash \ No newline at end of file diff --git a/board/toradex/apalis-imx6/patches/linux/linux.hash b/board/toradex/apalis-imx6/patches/linux/linux.hash new file mode 100644 index 000000000000..1138ec3b9349 --- /dev/null +++ b/board/toradex/apalis-imx6/patches/linux/linux.hash @@ -0,0 +1,2 @@ +# Locally calculated +sha256 9c69a1c283db6ee8042cc6f013a159473f257e71751887312c7dd2902f01bec8 linux-d899927728beca8357a5b4120b690cb3c1d80844-br1.tar.gz diff --git a/board/toradex/apalis-imx6/patches/uboot/uboot.hash b/board/toradex/apalis-imx6/patches/uboot/uboot.hash new file mode 100644 index 000000000000..a81a7d8d4abb --- /dev/null +++ b/board/toradex/apalis-imx6/patches/uboot/uboot.hash @@ -0,0 +1,2 @@ +# Locally calculated +sha256 9a540b08ccb7e8a0252f86d0bad5d676d0964725a7f2a06d798225c2a3024878 uboot-30a1208727729dae22cb42f9ba9ba17efe5e6f77-br1.tar.gz diff --git a/configs/toradex_apalis_imx6_defconfig b/configs/toradex_apalis_imx6_defconfig index 40a2d2d520d9..e447190e0cee 100644 --- a/configs/toradex_apalis_imx6_defconfig +++ b/configs/toradex_apalis_imx6_defconfig @@ -1,6 +1,7 @@ BR2_arm=y BR2_cortex_a9=y BR2_PACKAGE_HOST_LINUX_HEADERS_CUSTOM_4_9=y +BR2_GLOBAL_PATCH_DIR="board/toradex/apalis-imx6/patches" BR2_TARGET_GENERIC_GETTY_PORT="ttymxc0" BR2_ROOTFS_POST_IMAGE_SCRIPT="board/toradex/apalis-imx6/post-image.sh" BR2_LINUX_KERNEL=y diff --git a/docs/website/header.html b/docs/website/header.html index e1909291f68f..548ed7ad5329 100644 --- a/docs/website/header.html +++ b/docs/website/header.html @@ -6,7 +6,7 @@ - + Buildroot - Making Embedded Linux Easy diff --git a/linux/linux.hash b/linux/linux.hash index aff7360669e7..1c3caa735cc8 100644 --- a/linux/linux.hash +++ b/linux/linux.hash @@ -1,13 +1,13 @@ # From https://www.kernel.org/pub/linux/kernel/v6.x/sha256sums.asc sha256 9626ec84a39ecb009bf11a271dd520941159c165d4e62f82e3a77b79d20ff27d linux-6.4.16.tar.xz -sha256 b9fd616facd6becfceef88b9be718d0f16625cab3fe81d11384802a7091e85ec linux-6.1.62.tar.xz +sha256 629daa38f3ea67f29610bfbd53f9f38f46834d3654451e9474100490c66dc7e7 linux-6.1.64.tar.xz # From https://www.kernel.org/pub/linux/kernel/v5.x/sha256sums.asc -sha256 af84e54164e1c01f59764ba528448ed36b377d22aafbd81b4b0cf47792ef4aaa linux-5.15.138.tar.xz -sha256 9d2d961fbf87486e48b0087326ee35cb0af4dec03c770737b098652457205104 linux-5.10.200.tar.xz -sha256 9830820714c8f5985c50071cc9e1b40533ee81a4f6c704916c7148d16e54ebfe linux-5.4.260.tar.xz +sha256 be2bee8b346f3ccb35879f16c80a323edda571e36190403805c14a9ea24e4a47 linux-5.15.140.tar.xz +sha256 3212e0299d699dd6089505b1428bcb00643fbf19af69806e37fad22bfe12fa8b linux-5.10.202.tar.xz +sha256 7d3eaa0744456ab4b062e6da8764f776b6939b89a1dfccbe11fbeef9c6e864dc linux-5.4.262.tar.xz # From https://www.kernel.org/pub/linux/kernel/v4.x/sha256sums.asc -sha256 9da816bce896024c96b6c846be8f3e6315dd6ae82925698f534153d6a0c10f56 linux-4.19.298.tar.xz -sha256 de36689d713ed17f8bc1286fe4b9afcdb9a3de3b6f1d6aff52569f055c276bb7 linux-4.14.329.tar.xz +sha256 a8419582886120407f57d39280ef8a9b22aab9725c83c4fe25ecca4712d59346 linux-4.19.300.tar.xz +sha256 39dcdceecad2ca7347e2b2e7e30a189558c0a1700f793822389bb1fd9a40530f linux-4.14.331.tar.xz # Locally computed sha256 fb0edc3c18e47d2b6974cb0880a0afb5c3fa08f50ee87dfdf24349405ea5f8ae linux-cip-5.10.162-cip24.tar.gz sha256 b5539243f187e3d478d76d44ae13aab83952c94b885ad889df6fa9997e16a441 linux-cip-5.10.162-cip24-rt10.tar.gz diff --git a/package/erlang/0001-erts-check-for-sys-auxv.h.patch b/package/erlang/0001-erts-check-for-sys-auxv.h.patch deleted file mode 100644 index af4b66d05d05..000000000000 --- a/package/erlang/0001-erts-check-for-sys-auxv.h.patch +++ /dev/null @@ -1,44 +0,0 @@ -From ede1e17794c2caf091e810bdfa49040c75f513eb Mon Sep 17 00:00:00 2001 -From: Bernd Kuhls -Date: Sat, 15 Jul 2023 18:36:48 +0200 -Subject: [PATCH] erts: check for sys/auxv.h - -Upstream: https://github.com/erlang/otp/pull/7500 - -Signed-off-by: Bernd Kuhls ---- - erts/configure.ac | 2 +- - erts/emulator/asmjit/core/cpuinfo.cpp | 2 ++ - 2 files changed, 3 insertions(+), 1 deletion(-) - -diff --git a/erts/configure.ac b/erts/configure.ac -index a63d391fb3..9d3e338633 100644 ---- a/erts/configure.ac -+++ b/erts/configure.ac -@@ -1655,7 +1655,7 @@ AC_CHECK_HEADERS(fcntl.h limits.h unistd.h syslog.h dlfcn.h ieeefp.h \ - sys/socket.h sys/sockio.h sys/socketio.h \ - net/errno.h malloc.h arpa/nameser.h libdlpi.h \ - pty.h util.h libutil.h utmp.h langinfo.h poll.h sdkddkver.h \ -- elf.h) -+ elf.h sys/auxv.h) - - AC_CHECK_MEMBERS([struct ifreq.ifr_hwaddr], [], [], - [#ifdef __WIN32__ -diff --git a/erts/emulator/asmjit/core/cpuinfo.cpp b/erts/emulator/asmjit/core/cpuinfo.cpp -index fb2acfc09b..d8b72697ab 100644 ---- a/erts/emulator/asmjit/core/cpuinfo.cpp -+++ b/erts/emulator/asmjit/core/cpuinfo.cpp -@@ -15,8 +15,10 @@ - - // Required by `getauxval()` on Linux. - #if defined(__linux__) -+#if defined(HAVE_SYS_AUXV_H) - #include - #endif -+#endif - - //! Required to detect CPU and features on Apple platforms. - #if defined(__APPLE__) --- -2.39.2 - diff --git a/package/erlang/Config.in b/package/erlang/Config.in index d3fe0dbec10f..724f91123b14 100644 --- a/package/erlang/Config.in +++ b/package/erlang/Config.in @@ -15,11 +15,11 @@ config BR2_PACKAGE_ERLANG_ARCH_SUPPORTS # erlang needs host-erlang depends on BR2_PACKAGE_HOST_ERLANG_ARCH_SUPPORTS -comment "erlang needs a toolchain w/ dynamic library, threads, wchar" +comment "erlang needs a glibc or musl toolchain w/ dynamic library, threads, wchar" depends on BR2_USE_MMU # fork() depends on BR2_PACKAGE_ERLANG_ARCH_SUPPORTS depends on BR2_STATIC_LIBS || !BR2_TOOLCHAIN_HAS_THREADS \ - || !BR2_USE_WCHAR + || !BR2_USE_WCHAR || BR2_TOOLCHAIN_USES_UCLIBC config BR2_PACKAGE_ERLANG bool "erlang" @@ -27,6 +27,7 @@ config BR2_PACKAGE_ERLANG depends on BR2_USE_WCHAR depends on !BR2_STATIC_LIBS depends on BR2_TOOLCHAIN_HAS_THREADS + depends on !BR2_TOOLCHAIN_USES_UCLIBC depends on BR2_PACKAGE_ERLANG_ARCH_SUPPORTS select BR2_PACKAGE_ZLIB help diff --git a/package/exfatprogs/exfatprogs.hash b/package/exfatprogs/exfatprogs.hash index 49135b1da7e2..9f3100db7f75 100644 --- a/package/exfatprogs/exfatprogs.hash +++ b/package/exfatprogs/exfatprogs.hash @@ -1,5 +1,5 @@ -# From https://github.com/exfatprogs/exfatprogs/releases/download/1.2.0/exfatprogs-1.2.0.tar.xz.sha256 -sha256 56d9a49465deafc367d428afc71c8098705a30ee19a3cdf3c5320650b8880742 exfatprogs-1.2.0.tar.xz +# From https://github.com/exfatprogs/exfatprogs/releases/download/1.2.2/exfatprogs-1.2.2.tar.xz.sha256 +sha256 61d517231f8ec177eeb5955fd6edb89748d3f88ba412c48bcb32741b430e359a exfatprogs-1.2.2.tar.xz # Hash for license file sha256 8177f97513213526df2cf6184d8ff986c675afb514d4e68a404010521b880643 COPYING diff --git a/package/exfatprogs/exfatprogs.mk b/package/exfatprogs/exfatprogs.mk index d755c7a21455..40d907257173 100644 --- a/package/exfatprogs/exfatprogs.mk +++ b/package/exfatprogs/exfatprogs.mk @@ -4,11 +4,12 @@ # ################################################################################ -EXFATPROGS_VERSION = 1.2.0 +EXFATPROGS_VERSION = 1.2.2 EXFATPROGS_SOURCE = exfatprogs-$(EXFATPROGS_VERSION).tar.xz EXFATPROGS_SITE = https://github.com/exfatprogs/exfatprogs/releases/download/$(EXFATPROGS_VERSION) EXFATPROGS_LICENSE = GPL-2.0+ EXFATPROGS_LICENSE_FILES = COPYING +EXFATPROGS_CPE_ID_VENDOR = namjaejeon $(eval $(autotools-package)) $(eval $(host-autotools-package)) diff --git a/package/gcc/gcc.mk b/package/gcc/gcc.mk index 5d023d725ff3..834da24925d6 100644 --- a/package/gcc/gcc.mk +++ b/package/gcc/gcc.mk @@ -88,9 +88,12 @@ HOST_GCC_COMMON_CONF_OPTS += --with-debug-prefix-map=$(BASE_DIR)=buildroot endif # Don't build documentation. It takes up extra space / build time, -# and sometimes needs specific makeinfo versions to work +# and sometimes needs specific makeinfo versions to work. Override the check +# for a modern makeinfo otherwise the configure scripts will still enable it. HOST_GCC_COMMON_CONF_ENV = \ MAKEINFO=missing +HOST_GCC_COMMON_MAKE_OPTS = \ + gcc_cv_prog_makeinfo_modern=no GCC_COMMON_TARGET_CFLAGS = $(TARGET_CFLAGS) GCC_COMMON_TARGET_CXXFLAGS = $(TARGET_CXXFLAGS) @@ -295,7 +298,7 @@ HOST_GCC_COMMON_TOOLCHAIN_WRAPPER_ARGS += -DBR_CROSS_PATH_SUFFIX='".br_real"' # For gcc-final, the gcc logic to detect whether SSP support is # available or not in the C library is not working properly for # uClibc, so let's be explicit as well. -HOST_GCC_COMMON_MAKE_OPTS = \ +HOST_GCC_COMMON_MAKE_OPTS += \ gcc_cv_libc_provides_ssp=$(if $(BR2_TOOLCHAIN_HAS_SSP),yes,no) ifeq ($(BR2_CCACHE),y) diff --git a/package/gsl/0001-configure.ac-fix-build-on-powerpc.patch b/package/gsl/0001-configure.ac-fix-build-on-powerpc.patch index 13f6da4588c0..96ab78046793 100644 --- a/package/gsl/0001-configure.ac-fix-build-on-powerpc.patch +++ b/package/gsl/0001-configure.ac-fix-build-on-powerpc.patch @@ -1,9 +1,9 @@ From 84e62d57b90b41a0c96bb9fb6ec61ecaac76a1ab Mon Sep 17 00:00:00 2001 From: Fabrice Fontaine Date: Sat, 5 Nov 2022 21:31:36 +0100 -Subject: [PATCH] configure.ac: fix build on powerpc +Subject: [PATCH] configure.ac: fix build on powerpc and m68k -Fix the following powerpc build failures on: +Fix the following powerpc and m68k build failures on: - musl raised because fpu_control.h is not available: In file included from fp.c:8: @@ -25,6 +25,7 @@ Fixes: - http://autobuild.buildroot.org/results/48403946bb4cda9013e51db59c1b2ffdcf4e2854 Signed-off-by: Fabrice Fontaine +Upstream: https://lists.gnu.org/archive/html/bug-gsl/2022-11/msg00000.html --- configure.ac | 8 ++++++++ 1 file changed, 8 insertions(+) @@ -37,7 +38,7 @@ index bfd9ca30..1ee6dca0 100644 fi fi -+if test "$ac_cv_c_ieee_interface" = "gnuppc" ; then ++if test "$ac_cv_c_ieee_interface" = "gnuppc" -o "$ac_cv_c_ieee_interface" = "gnum68k" ; then + AC_CACHE_CHECK([for _FPU_RC_NEAREST], ac_cv_c__fpu_rc_nearest, + [ac_cv_c__fpu_rc_nearest=no + AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[#include diff --git a/package/imagemagick/imagemagick.hash b/package/imagemagick/imagemagick.hash index 8988dad5da04..fd80316ec572 100644 --- a/package/imagemagick/imagemagick.hash +++ b/package/imagemagick/imagemagick.hash @@ -1,3 +1,3 @@ # Locally computed -sha256 4333ef2fe63f2510988af82b726f5b1919ebd54037ea6674566c69fcceb67e11 imagemagick-7.1.0-51.tar.gz +sha256 09402e5f17c6575ef9f010bb2e21ae1710f1f3426f115ad4317ee9129c32608e imagemagick-7.1.1-21.tar.gz sha256 8cceeb67d4e783cb63075c7311fdb990fa0369ee80fbd0f481064cd02386ca2d LICENSE diff --git a/package/imagemagick/imagemagick.mk b/package/imagemagick/imagemagick.mk index 91dd208b0da1..719c6768af1a 100644 --- a/package/imagemagick/imagemagick.mk +++ b/package/imagemagick/imagemagick.mk @@ -4,7 +4,7 @@ # ################################################################################ -IMAGEMAGICK_VERSION = 7.1.0-51 +IMAGEMAGICK_VERSION = 7.1.1-21 IMAGEMAGICK_SITE = $(call github,ImageMagick,ImageMagick,$(IMAGEMAGICK_VERSION)) IMAGEMAGICK_LICENSE = Apache-2.0 IMAGEMAGICK_LICENSE_FILES = LICENSE diff --git a/package/intel-microcode/intel-microcode.hash b/package/intel-microcode/intel-microcode.hash index 64c50dd6f783..742332d552f3 100644 --- a/package/intel-microcode/intel-microcode.hash +++ b/package/intel-microcode/intel-microcode.hash @@ -1,3 +1,3 @@ # Locally computed -sha256 fe49bb719441f20335ed6004090ab38cdc374134d36d4f5d30be7ed93b820313 intel-microcode-20230808.tar.gz +sha256 cee26f311f7e2c039dd48cd30f995183bde9b98fb4c3039800e2ddaf5c090e55 intel-microcode-20231114.tar.gz sha256 03efb1491c7e899feb2665fa299363e64035e5444c1b8bc1f6ebed30de964e12 license diff --git a/package/intel-microcode/intel-microcode.mk b/package/intel-microcode/intel-microcode.mk index 0a89d3a603c9..a159baa93d37 100644 --- a/package/intel-microcode/intel-microcode.mk +++ b/package/intel-microcode/intel-microcode.mk @@ -4,7 +4,7 @@ # ################################################################################ -INTEL_MICROCODE_VERSION = 20230808 +INTEL_MICROCODE_VERSION = 20231114 INTEL_MICROCODE_SITE = $(call github,intel,Intel-Linux-Processor-Microcode-Data-Files,microcode-$(INTEL_MICROCODE_VERSION)) INTEL_MICROCODE_LICENSE = PROPRIETARY INTEL_MICROCODE_LICENSE_FILES = license diff --git a/package/libde265/libde265.hash b/package/libde265/libde265.hash index 168b5db39576..9bb3f20a71cf 100644 --- a/package/libde265/libde265.hash +++ b/package/libde265/libde265.hash @@ -1,3 +1,3 @@ # Locally computed -sha256 62185ea2182e68cf68bba20cc6eb4c287407b509cf0a827d7ddb75614db77b5c libde265-1.0.12.tar.gz +sha256 99f46ef77a438be639aa3c5d9632c0670541c5ed5d386524d4199da2d30df28f libde265-1.0.14.tar.gz sha256 02cc1585a20677992e0ba578fa692635dc193735f2691dc81de924b51c4e8020 COPYING diff --git a/package/libde265/libde265.mk b/package/libde265/libde265.mk index 208fa24e270a..8624d2f949c3 100644 --- a/package/libde265/libde265.mk +++ b/package/libde265/libde265.mk @@ -4,7 +4,7 @@ # ################################################################################ -LIBDE265_VERSION = 1.0.12 +LIBDE265_VERSION = 1.0.14 LIBDE265_SITE = https://github.com/strukturag/libde265/releases/download/v$(LIBDE265_VERSION) LIBDE265_LICENSE = LGPL-3.0+ LIBDE265_LICENSE_FILES = COPYING diff --git a/package/libmemcached/libmemcached.mk b/package/libmemcached/libmemcached.mk index f64ab5ec4834..b72f127a1d7f 100644 --- a/package/libmemcached/libmemcached.mk +++ b/package/libmemcached/libmemcached.mk @@ -16,7 +16,10 @@ LIBMEMCACHED_CPE_ID_VENDOR = awesome # Force Release otherwise libraries will be suffixed by -dbg which will raise # unexpected build failures with packages that use libmemcached (e.g. c-icap) -LIBMEMCACHED_CONF_OPTS += -DCMAKE_BUILD_TYPE=Release +LIBMEMCACHED_CONF_OPTS += \ + -DCMAKE_BUILD_TYPE=Release \ + -DCMAKE_C_FLAGS="$(TARGET_CFLAGS) -std=c99" \ + -DCMAKE_SKIP_RPATH=ON ifeq ($(BR2_PACKAGE_LIBEVENT),y) LIBMEMCACHED_DEPENDENCIES += libevent @@ -32,4 +35,8 @@ else LIBMEMCACHED_CONF_OPTS += -DENABLE_OPENSSL_CRYPTO=OFF endif +ifeq ($(BR2_TOOLCHAIN_HAS_LIBATOMIC),y) +LIBMEMCACHED_CONF_OPTS += -DCMAKE_EXE_LINKER_FLAGS=-latomic +endif + $(eval $(cmake-package)) diff --git a/package/libpjsip/libpjsip.hash b/package/libpjsip/libpjsip.hash index 2edd97bed4c8..d72e1090e3a2 100644 --- a/package/libpjsip/libpjsip.hash +++ b/package/libpjsip/libpjsip.hash @@ -1,3 +1,3 @@ # Locally computed -sha256 32a5ab5bfbb9752cb6a46627e4c410e61939c8dbbd833ac858473cfbd9fb9d7d pjproject-2.13.1.tar.gz +sha256 5805c1171acab4af9684d7ad096dcb92f71fc42809852144e97e1413468c9981 pjproject-2.14.tar.gz sha256 8177f97513213526df2cf6184d8ff986c675afb514d4e68a404010521b880643 COPYING diff --git a/package/libpjsip/libpjsip.mk b/package/libpjsip/libpjsip.mk index f97d547fd7bf..8169e0dceec4 100644 --- a/package/libpjsip/libpjsip.mk +++ b/package/libpjsip/libpjsip.mk @@ -4,7 +4,7 @@ # ################################################################################ -LIBPJSIP_VERSION = 2.13.1 +LIBPJSIP_VERSION = 2.14 LIBPJSIP_SOURCE = pjproject-$(LIBPJSIP_VERSION).tar.gz LIBPJSIP_SITE = $(call github,pjsip,pjproject,$(LIBPJSIP_VERSION)) diff --git a/package/libxml2/libxml2.hash b/package/libxml2/libxml2.hash index f3650c5ec585..78c1ddc6a230 100644 --- a/package/libxml2/libxml2.hash +++ b/package/libxml2/libxml2.hash @@ -1,4 +1,4 @@ -# From https://download.gnome.org/sources/libxml2/2.11/libxml2-2.11.4.sha256sum -sha256 737e1d7f8ab3f139729ca13a2494fd17bf30ddb4b7a427cf336252cab57f57f7 libxml2-2.11.4.tar.xz +# From https://download.gnome.org/sources/libxml2/2.11/libxml2-2.11.6.sha256sum +sha256 c90eee7506764abbe07bb616b82da452529609815aefef423d66ef080eb0c300 libxml2-2.11.6.tar.xz # License files, locally calculated sha256 c5c63674f8a83c4d2e385d96d1c670a03cb871ba2927755467017317878574bd Copyright diff --git a/package/libxml2/libxml2.mk b/package/libxml2/libxml2.mk index 9f7774f719ec..b7a2c796fc4c 100644 --- a/package/libxml2/libxml2.mk +++ b/package/libxml2/libxml2.mk @@ -5,7 +5,7 @@ ################################################################################ LIBXML2_VERSION_MAJOR = 2.11 -LIBXML2_VERSION = $(LIBXML2_VERSION_MAJOR).4 +LIBXML2_VERSION = $(LIBXML2_VERSION_MAJOR).6 LIBXML2_SOURCE = libxml2-$(LIBXML2_VERSION).tar.xz LIBXML2_SITE = \ https://download.gnome.org/sources/libxml2/$(LIBXML2_VERSION_MAJOR) diff --git a/package/linux-headers/Config.in.host b/package/linux-headers/Config.in.host index 7ef240428be1..ddf3ef1f2ffb 100644 --- a/package/linux-headers/Config.in.host +++ b/package/linux-headers/Config.in.host @@ -400,12 +400,12 @@ endchoice config BR2_DEFAULT_KERNEL_HEADERS string - default "4.14.329" if BR2_KERNEL_HEADERS_4_14 - default "4.19.298" if BR2_KERNEL_HEADERS_4_19 - default "5.4.260" if BR2_KERNEL_HEADERS_5_4 - default "5.10.200" if BR2_KERNEL_HEADERS_5_10 - default "5.15.138" if BR2_KERNEL_HEADERS_5_15 - default "6.1.62" if BR2_KERNEL_HEADERS_6_1 + default "4.14.331" if BR2_KERNEL_HEADERS_4_14 + default "4.19.300" if BR2_KERNEL_HEADERS_4_19 + default "5.4.262" if BR2_KERNEL_HEADERS_5_4 + default "5.10.202" if BR2_KERNEL_HEADERS_5_10 + default "5.15.140" if BR2_KERNEL_HEADERS_5_15 + default "6.1.64" if BR2_KERNEL_HEADERS_6_1 default "6.4.16" if BR2_KERNEL_HEADERS_6_4 default BR2_DEFAULT_KERNEL_VERSION if BR2_KERNEL_HEADERS_VERSION default "custom" if BR2_KERNEL_HEADERS_CUSTOM_TARBALL diff --git a/package/mariadb/mariadb.hash b/package/mariadb/mariadb.hash index 03ce5a968a9c..fd73cca4f3bb 100644 --- a/package/mariadb/mariadb.hash +++ b/package/mariadb/mariadb.hash @@ -1,5 +1,5 @@ -# From https://downloads.mariadb.org/mariadb/10.11.4 -sha512 62fc05395857dd036ebeed53b1ff0ecd9abd95ce8e5316194286521caae0f9452cf96a93613adec809e39e1d8ef20c330b24fee82b3bb90ee27a84f2bbd0d8d2 mariadb-10.11.4.tar.gz +# From https://downloads.mariadb.org/mariadb/10.11.6 +sha512 3d77f7be4a26d5a36af56150a5f8ed5e21adeed9bc8ea1bd694e47a25a571bd73468eada7c96e0dfe5a6c81bef625abf71a56d228cf43a738e555e3c0d824a6a mariadb-10.11.6.tar.gz # Hash for license files sha256 2b278a3a2f20696113a7c57c4f3e6a5cdb9a25f2a827e72e0c089a2f805ff91a README.md diff --git a/package/mariadb/mariadb.mk b/package/mariadb/mariadb.mk index 78e4703eee85..7f3755892aaa 100644 --- a/package/mariadb/mariadb.mk +++ b/package/mariadb/mariadb.mk @@ -4,7 +4,7 @@ # ################################################################################ -MARIADB_VERSION = 10.11.4 +MARIADB_VERSION = 10.11.6 MARIADB_SITE = https://downloads.mariadb.org/interstitial/mariadb-$(MARIADB_VERSION)/source MARIADB_LICENSE = GPL-2.0 (server), GPL-2.0 with FLOSS exception (GPL client library), LGPL-2.0 (LGPL client library) # Tarball no longer contains LGPL license text diff --git a/package/memcached/0001-logger.c-initialize-rport.patch b/package/memcached/0001-logger.c-initialize-rport.patch index 5fb13d5eee45..002a6896018e 100644 --- a/package/memcached/0001-logger.c-initialize-rport.patch +++ b/package/memcached/0001-logger.c-initialize-rport.patch @@ -23,7 +23,7 @@ Fixes: - http://autobuild.buildroot.org/results/7a46ac38d10b1859034017e0294961daa8f48dd2 Signed-off-by: Fabrice Fontaine -[Upstream status: not sent yet] +Upstream: https://github.com/memcached/memcached/pull/1077 --- logger.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/package/memcached/0002-check-for-sys-auxv.h.patch b/package/memcached/0002-check-for-sys-auxv.h.patch deleted file mode 100644 index a7d0dfdd0016..000000000000 --- a/package/memcached/0002-check-for-sys-auxv.h.patch +++ /dev/null @@ -1,50 +0,0 @@ -From 58b6de2135c10b64918f25c48f69f144d08a9c0d Mon Sep 17 00:00:00 2001 -From: Fabrice Fontaine -Date: Fri, 3 Jun 2022 19:10:15 +0200 -Subject: [PATCH] check for sys/auxv.h - -Check for sys/auxv.h to avoid the following uclibc build failure on -aarch64: - -crc32c.c:277:10: fatal error: sys/auxv.h: No such file or directory - 277 | #include - | ^~~~~~~~~~~~ - -Fixes: - - http://autobuild.buildroot.org/results/08591fbf9677ff126492c50c15170c641bcab56a - -Signed-off-by: Fabrice Fontaine -[Upstream status: not sent yet] ---- - configure.ac | 1 + - crc32c.c | 2 +- - 2 files changed, 2 insertions(+), 1 deletion(-) - -diff --git a/configure.ac b/configure.ac -index 0985f07..3337fe7 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -516,6 +516,7 @@ AH_BOTTOM([#ifdef HAVE_INTTYPES_H - #include - #endif - ]) -+AC_CHECK_HEADERS([sys/auxv.h]) - - dnl ********************************************************************** - dnl Figure out if this system has the stupid sasl_callback_ft -diff --git a/crc32c.c b/crc32c.c -index 26df879..05e61ff 100644 ---- a/crc32c.c -+++ b/crc32c.c -@@ -273,7 +273,7 @@ void crc32c_init(void) { - } - - #elif defined(__aarch64__) && (defined(__linux__) || defined(__APPLE__)) --#if defined(__linux__) -+#if defined(__linux__) && defined(HAVE_SYS_AUX_H) - #include - #elif defined(__APPLE__) - #include --- -2.35.1 - diff --git a/package/memcached/0002-fix-build-on-uclibc-ng.patch b/package/memcached/0002-fix-build-on-uclibc-ng.patch new file mode 100644 index 000000000000..a5af7a2adbdc --- /dev/null +++ b/package/memcached/0002-fix-build-on-uclibc-ng.patch @@ -0,0 +1,64 @@ +From c84e5e55e0e9e793849f721d30979242ed6a6ee3 Mon Sep 17 00:00:00 2001 +From: Fabrice Fontaine +Date: Sun, 1 Oct 2023 14:12:38 +0200 +Subject: [PATCH] fix build on uclibc-ng + +Fix the following build failure with uclibc-ng raised since version +1.6.18 and +https://github.com/memcached/memcached/commit/875371a75cbf1f92350de2d1fa0fae4a35ed572b: + +/home/buildroot/autobuild/instance-2/output-1/host/lib/gcc/arc-buildroot-linux-uclibc/10.2.0/../../../../arc-buildroot-linux-uclibc/bin/ld: memcached-thread.o: in function `thread_setname': +thread.c:(.text+0xea2): undefined reference to `pthread_setname_np' + +Fixes: + - http://autobuild.buildroot.org/results/e856d381f5ec7d2727f21c8bd46dacb456984416 + +Signed-off-by: Fabrice Fontaine +Upstream: unsent yet (waiting feedback on first patch) +--- + configure.ac | 1 + + extstore.c | 2 +- + thread.c | 2 +- + 3 files changed, 3 insertions(+), 2 deletions(-) + +diff --git a/configure.ac b/configure.ac +index d94f6fb..5ec5088 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -686,6 +686,7 @@ AC_CHECK_FUNCS(clock_gettime) + AC_CHECK_FUNCS(preadv) + AC_CHECK_FUNCS(pread) + AC_CHECK_FUNCS(eventfd) ++AC_CHECK_FUNCS([pthread_setname_np],[AC_DEFINE(HAVE_PTHREAD_SETNAME_NP, 1, [Define to 1 if support pthread_setname_np])]) + AC_CHECK_FUNCS([accept4], [AC_DEFINE(HAVE_ACCEPT4, 1, [Define to 1 if support accept4])]) + AC_CHECK_FUNCS([getopt_long], [AC_DEFINE(HAVE_GETOPT_LONG, 1, [Define to 1 if support getopt_long])]) + +diff --git a/extstore.c b/extstore.c +index b079465..f6a6180 100644 +--- a/extstore.c ++++ b/extstore.c +@@ -119,7 +119,7 @@ struct store_engine { + #define THR_NAME_MAXLEN 16 + static void thread_setname(pthread_t thread, const char *name) { + assert(strlen(name) < THR_NAME_MAXLEN); +-#if defined(__linux__) ++#if defined(__linux__) && defined(HAVE_PTHREAD_SETNAME_NP) + pthread_setname_np(thread, name); + #endif + } +diff --git a/thread.c b/thread.c +index ee120fa..76651c2 100644 +--- a/thread.c ++++ b/thread.c +@@ -635,7 +635,7 @@ static void thread_libevent_process(evutil_socket_t fd, short which, void *arg) + #define THR_NAME_MAXLEN 16 + void thread_setname(pthread_t thread, const char *name) { + assert(strlen(name) < THR_NAME_MAXLEN); +-#if defined(__linux__) ++#if defined(__linux__) && defined(HAVE_PTHREAD_SETNAME_NP) + pthread_setname_np(thread, name); + #endif + } +-- +2.40.1 + diff --git a/package/memcached/0003-configure.ac-add-disable-werror.patch b/package/memcached/0003-configure.ac-add-disable-werror.patch deleted file mode 100644 index dab9b8835dcf..000000000000 --- a/package/memcached/0003-configure.ac-add-disable-werror.patch +++ /dev/null @@ -1,65 +0,0 @@ -From 8497f7ed38146378a988bc22800b3a5eba38b0fd Mon Sep 17 00:00:00 2001 -From: Fabrice Fontaine -Date: Mon, 13 Jun 2022 16:29:38 +0200 -Subject: [PATCH] configure.ac: add --disable-werror - -Allow the user to disable -Werror to avoid the following build failure: - -In file included from hash.c:7: -xxhash.h:2667:5: error: #warning is a GCC extension [-Werror] - 2667 | # warning "XXH3 is highly inefficient without ARM or Thumb-2." - | ^~~~~~~ -xxhash.h:2667:5: error: #warning "XXH3 is highly inefficient without ARM or Thumb-2." [-Werror=cpp] - -Fixes: - - http://autobuild.buildroot.org/results/3124bae73c207f1a118e57e41e222ef464ccb297 - -Signed-off-by: Fabrice Fontaine -[Upstream status: https://github.com/memcached/memcached/pull/926] ---- - configure.ac | 11 +++++++++-- - 1 file changed, 9 insertions(+), 2 deletions(-) - -diff --git a/configure.ac b/configure.ac -index 3337fe7..7683b8f 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -114,6 +114,9 @@ AC_ARG_ENABLE(static, - AC_ARG_ENABLE(unix_socket, - [AS_HELP_STRING([--disable-unix-socket], [Disable unix domain socket])]) - -+AC_ARG_ENABLE(werror, -+ [AS_HELP_STRING([--disable-werror], [Disable -Werror])]) -+ - dnl ********************************************************************** - dnl DETECT_SASL_CB_GETCONF - dnl -@@ -783,6 +786,10 @@ AM_CONDITIONAL([BUILD_SPECIFICATIONS], - [test "x$enable_docs" != "xno" -a "x$XML2RFC" != "xno" -a "x$XSLTPROC" != "xno"]) - - -+if test "x$enable_werror" != "xno"; then -+ CFLAGS="$CFLAGS -Werror" -+fi -+ - dnl Let the compiler be a bit more picky. Please note that you cannot - dnl specify these flags to the compiler before AC_CHECK_FUNCS, because - dnl the test program will generate a compilation warning and hence fail -@@ -790,12 +797,12 @@ dnl to detect the function ;-) - if test "$ICC" = "yes" - then - dnl ICC trying to be gcc. -- CFLAGS="$CFLAGS -diag-disable 187 -Wall -Werror" -+ CFLAGS="$CFLAGS -diag-disable 187 -Wall" - AC_DEFINE([_GNU_SOURCE],[1],[make sure IOV_MAX is defined]) - elif test "$GCC" = "yes" - then - GCC_VERSION=`$CC -dumpversion` -- CFLAGS="$CFLAGS -Wall -Werror -pedantic -Wmissing-prototypes -Wmissing-declarations -Wredundant-decls" -+ CFLAGS="$CFLAGS -Wall -pedantic -Wmissing-prototypes -Wmissing-declarations -Wredundant-decls" - if test "x$enable_asan" = "xyes"; then - CFLAGS="$CFLAGS -fsanitize=address" - fi --- -2.35.1 - diff --git a/package/memcached/memcached.hash b/package/memcached/memcached.hash index 78875dde662b..bd2072df0b87 100644 --- a/package/memcached/memcached.hash +++ b/package/memcached/memcached.hash @@ -1,6 +1,6 @@ -# From http://www.memcached.org/files/memcached-1.6.17.tar.gz.sha1 -sha1 e25639473e15f1bd9516b915fb7e03ab8209030f memcached-1.6.17.tar.gz +# From http://www.memcached.org/files/memcached-1.6.22.tar.gz.sha1 +sha1 7a691f390d59616dbebfc9e2e4942d499c39a338 memcached-1.6.22.tar.gz # Locally computed -sha256 2055e373613d8fc21529aff9f0adce3e23b9ce01ba0478d30e7941d9f2bd1224 memcached-1.6.17.tar.gz +sha256 34783a90a4ccf74c4107085fd92b688749d23b276cfdad9f04e4f725a05d1ca7 memcached-1.6.22.tar.gz sha256 bc887c4ad8051fe690ace9528fe37a2e0bb362e6d963331d82e845ca9b585a0c COPYING diff --git a/package/memcached/memcached.mk b/package/memcached/memcached.mk index 7183da6c14e6..05ae69eb3294 100644 --- a/package/memcached/memcached.mk +++ b/package/memcached/memcached.mk @@ -4,7 +4,7 @@ # ################################################################################ -MEMCACHED_VERSION = 1.6.17 +MEMCACHED_VERSION = 1.6.22 MEMCACHED_SITE = http://www.memcached.org/files MEMCACHED_DEPENDENCIES = libevent MEMCACHED_CONF_ENV = ac_cv_prog_cc_c99='-std=gnu99' diff --git a/package/motion/0002-Include-libwebp-when-WEBP-is-enabled.patch b/package/motion/0002-Include-libwebp-when-WEBP-is-enabled.patch new file mode 100644 index 000000000000..a1536a7d2f93 --- /dev/null +++ b/package/motion/0002-Include-libwebp-when-WEBP-is-enabled.patch @@ -0,0 +1,26 @@ +From 40ecd71ff361442f1579089481619dd7cae90ffd Mon Sep 17 00:00:00 2001 +From: Piotr Mionskowski +Date: Sun, 9 Jul 2023 01:44:49 +0200 +Subject: [PATCH] Include libwebp when WEBP is enabled + +Upstream: https://github.com/Motion-Project/motion/commit/40ecd71ff361442f1579089481619dd7cae90ffd +Signed-off-by: Fabrice Fontaine +--- + configure.ac | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/configure.ac b/configure.ac +index ce588f65..ee45ac37 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -191,8 +191,8 @@ AS_IF([test "${WEBP}" = "yes" ], [ + AS_IF([pkg-config libwebpmux ], [ + AC_MSG_RESULT(yes) + AC_DEFINE([HAVE_WEBP], [1], [Define to 1 if WEBP is around]) +- TEMP_CFLAGS="$TEMP_CFLAGS "`pkg-config --cflags libwebpmux` +- TEMP_LIBS="$TEMP_LIBS "`pkg-config --libs libwebpmux` ++ TEMP_CFLAGS="$TEMP_CFLAGS "`pkg-config --cflags libwebpmux libwebp` ++ TEMP_LIBS="$TEMP_LIBS "`pkg-config --libs libwebpmux libwebp` + ],[ + AC_MSG_RESULT(no) + ] diff --git a/package/netsnmp/0001-Fix-configuration-of-NETSNMP_FD_MASK_TYPE.patch b/package/netsnmp/0001-Fix-configuration-of-NETSNMP_FD_MASK_TYPE.patch deleted file mode 100644 index 91a00aec2707..000000000000 --- a/package/netsnmp/0001-Fix-configuration-of-NETSNMP_FD_MASK_TYPE.patch +++ /dev/null @@ -1,38 +0,0 @@ -From a62169f1fa358be8f330ea8519ade0610fac525b Mon Sep 17 00:00:00 2001 -From: Adam Gajda -Date: Mon, 2 Oct 2023 16:40:31 +0200 -Subject: [PATCH] Fix configuration of NETSNMP_FD_MASK_TYPE - -Upstream: https://github.com/net-snmp/net-snmp/commit/a62169f1fa358be8f330ea8519ade0610fac525b -Signed-off-by: Fabrice Fontaine ---- - configure | 2 +- - configure.d/config_project_types | 2 +- - 2 files changed, 2 insertions(+), 2 deletions(-) - -diff --git a/configure b/configure -index 9f0a173d8a..945a27c663 100755 ---- a/configure -+++ b/configure -@@ -30871,7 +30871,7 @@ CFLAGS="$CFLAGS -Werror" - - { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for the type of fd_set::fds_bits" >&5 - printf %s "checking for the type of fd_set::fds_bits... " >&6; } --for type in __fd_mask __int32_t unknown; do -+for type in __fd_mask __int32_t long\ int unknown; do - cat confdefs.h - <<_ACEOF >conftest.$ac_ext - /* end confdefs.h. */ - -diff --git a/configure.d/config_project_types b/configure.d/config_project_types -index 1b4c66b95e..a78e8ebb06 100644 ---- a/configure.d/config_project_types -+++ b/configure.d/config_project_types -@@ -66,7 +66,7 @@ netsnmp_save_CFLAGS=$CFLAGS - CFLAGS="$CFLAGS -Werror" - - AC_MSG_CHECKING([for the type of fd_set::fds_bits]) --for type in __fd_mask __int32_t unknown; do -+for type in __fd_mask __int32_t long\ int unknown; do - AC_COMPILE_IFELSE([AC_LANG_PROGRAM([ - #include - #include diff --git a/package/netsnmp/0001-snmp_agent-disallow-SET-with-NULL-varbind.patch b/package/netsnmp/0001-snmp_agent-disallow-SET-with-NULL-varbind.patch new file mode 100644 index 000000000000..3a6321d7a7b3 --- /dev/null +++ b/package/netsnmp/0001-snmp_agent-disallow-SET-with-NULL-varbind.patch @@ -0,0 +1,72 @@ +From b07627fa67c686b07d1eab123cf3e4887a2a93aa Mon Sep 17 00:00:00 2001 +From: Bill Fenner +Date: Fri, 25 Nov 2022 08:41:24 -0800 +Subject: [PATCH] snmp_agent: disallow SET with NULL varbind + +Upstream: https://github.com/net-snmp/net-snmp/commit/4589352dac3ae111c7621298cf231742209efd9b + +[Thomas: this commit was merged as part of +https://github.com/net-snmp/net-snmp/pull/490/commits, which fixes +https://github.com/net-snmp/net-snmp/issues/474 (CVE-2022-44792) and +https://github.com/net-snmp/net-snmp/issues/475 (CVE-2022-44793). The +other two commits merged as part of this pull request are related to +adding a non-regression test for this, which is not relevant for the +security fix itself.] + +Signed-off-by: Thomas Petazzoni +--- + agent/snmp_agent.c | 32 ++++++++++++++++++++++++++++++++ + 1 file changed, 32 insertions(+) + +diff --git a/agent/snmp_agent.c b/agent/snmp_agent.c +index 867d0c166f..3f678fe2df 100644 +--- a/agent/snmp_agent.c ++++ b/agent/snmp_agent.c +@@ -3719,12 +3719,44 @@ netsnmp_handle_request(netsnmp_agent_session *asp, int status) + return 1; + } + ++static int ++check_set_pdu_for_null_varbind(netsnmp_agent_session *asp) ++{ ++ int i; ++ netsnmp_variable_list *v = NULL; ++ ++ for (i = 1, v = asp->pdu->variables; v != NULL; i++, v = v->next_variable) { ++ if (v->type == ASN_NULL) { ++ /* ++ * Protect SET implementations that do not protect themselves ++ * against wrong type. ++ */ ++ DEBUGMSGTL(("snmp_agent", "disallowing SET with NULL var for varbind %d\n", i)); ++ asp->index = i; ++ return SNMP_ERR_WRONGTYPE; ++ } ++ } ++ return SNMP_ERR_NOERROR; ++} ++ + int + handle_pdu(netsnmp_agent_session *asp) + { + int status, inclusives = 0; + netsnmp_variable_list *v = NULL; + ++#ifndef NETSNMP_NO_WRITE_SUPPORT ++ /* ++ * Check for ASN_NULL in SET request ++ */ ++ if (asp->pdu->command == SNMP_MSG_SET) { ++ status = check_set_pdu_for_null_varbind(asp); ++ if (status != SNMP_ERR_NOERROR) { ++ return status; ++ } ++ } ++#endif /* NETSNMP_NO_WRITE_SUPPORT */ ++ + /* + * for illegal requests, mark all nodes as ASN_NULL + */ +-- +2.41.0 + diff --git a/package/netsnmp/netsnmp.hash b/package/netsnmp/netsnmp.hash index 789894127138..e1e9d10898c3 100644 --- a/package/netsnmp/netsnmp.hash +++ b/package/netsnmp/netsnmp.hash @@ -1,7 +1,7 @@ # Locally calculated after checking pgp signature at -# https://sourceforge.net/projects/net-snmp/files/net-snmp/5.9.4/net-snmp-5.9.4.tar.gz.asc -# using key 6E6718AEF1EB5C65C32D1B2A356BC0B552D53CAB -sha256 8b4de01391e74e3c7014beb43961a2d6d6fa03acc34280b9585f4930745b0544 net-snmp-5.9.4.tar.gz +# https://sourceforge.net/projects/net-snmp/files/net-snmp/5.9.3/net-snmp-5.9.3.tar.gz.asc +# using key D0F8F495DA6160C44EFFBF10F07B9D2DACB19FD6 +sha256 2097f29b7e1bf3f1300b4bae52fa2308d0bb8d5d3998dbe02f9462a413a2ef0a net-snmp-5.9.3.tar.gz # Hash for license file sha256 ed869ea395a1f125819a56676385ab0557a21507764bf56f2943302011381e59 COPYING diff --git a/package/netsnmp/netsnmp.mk b/package/netsnmp/netsnmp.mk index b5cda30a7b12..fafd60487905 100644 --- a/package/netsnmp/netsnmp.mk +++ b/package/netsnmp/netsnmp.mk @@ -4,13 +4,17 @@ # ################################################################################ -NETSNMP_VERSION = 5.9.4 +NETSNMP_VERSION = 5.9.3 NETSNMP_SITE = https://downloads.sourceforge.net/project/net-snmp/net-snmp/$(NETSNMP_VERSION) NETSNMP_SOURCE = net-snmp-$(NETSNMP_VERSION).tar.gz NETSNMP_LICENSE = Various BSD-like NETSNMP_LICENSE_FILES = COPYING NETSNMP_CPE_ID_VENDOR = net-snmp NETSNMP_CPE_ID_PRODUCT = $(NETSNMP_CPE_ID_VENDOR) +# 0001-snmp_agent-disallow-SET-with-NULL-varbind.patch +NETSNMP_IGNORE_CVES = \ + CVE-2022-44792 \ + CVE-2022-44793 NETSNMP_SELINUX_MODULES = snmp NETSNMP_INSTALL_STAGING = YES NETSNMP_CONF_ENV = \ diff --git a/package/perl/perl.hash b/package/perl/perl.hash index 2165c8c60180..983b921e2798 100644 --- a/package/perl/perl.hash +++ b/package/perl/perl.hash @@ -1,10 +1,10 @@ -# Hashes from: https://www.cpan.org/src/5.0/perl-5.36.1.tar.xz.{md5,sha1,sha256}.txt -md5 825f6b1d7e03b22522e0bdb992fbb728 perl-5.36.1.tar.xz -sha1 7b766266af08a6cef0487308e80b40d5d8069df7 perl-5.36.1.tar.xz -sha256 bd91217ea8a8c8b81f21ebbb6cefdf0d13ae532013f944cdece2cd51aef4b6a7 perl-5.36.1.tar.xz +# Hashes from: https://www.cpan.org/src/5.0/perl-5.36.3.tar.xz.{md5,sha1,sha256}.txt +md5 17946060e6279cf32d08edc92c40efc3 perl-5.36.3.tar.xz +sha1 9949e79c92171b39f4fb2b19ffd4ea293b8dd589 perl-5.36.3.tar.xz +sha256 45a228daef66d02fdccc820e71f87e40d8e3df1fc4431f8d4580ec08033866bd perl-5.36.3.tar.xz -# Hash from: https://github.com/arsv/perl-cross/releases/download/1.4.1/perl-cross-1.4.1.hash -sha256 3e14bb4f28c83586c668c5f9f6b4e57b138b4ec2fae0271086e29d4e352670ca perl-cross-1.4.1.tar.gz +# Hash from: https://github.com/arsv/perl-cross/releases/download/1.5.2/perl-cross-1.5.2.hash +sha256 584dc54c48dca25e032b676a15bef377c1fed9de318b4fc140292a5dbf326e90 perl-cross-1.5.2.tar.gz # Locally calculated sha256 dd90d4f42e4dcadf5a7c09eea0189d93c7b37ae560c91f0f6d5233ed3b9292a2 Artistic diff --git a/package/perl/perl.mk b/package/perl/perl.mk index 734e8efec6d8..71aef9997b0e 100644 --- a/package/perl/perl.mk +++ b/package/perl/perl.mk @@ -6,7 +6,7 @@ # When updating the version here, also update utils/scancpan PERL_VERSION_MAJOR = 36 -PERL_VERSION = 5.$(PERL_VERSION_MAJOR).1 +PERL_VERSION = 5.$(PERL_VERSION_MAJOR).3 PERL_SITE = https://www.cpan.org/src/5.0 PERL_SOURCE = perl-$(PERL_VERSION).tar.xz PERL_LICENSE = Artistic or GPL-1.0+ @@ -15,7 +15,7 @@ PERL_CPE_ID_VENDOR = perl PERL_DEPENDENCIES = $(TARGET_NLS_DEPENDENCIES) PERL_INSTALL_STAGING = YES -PERL_CROSS_VERSION = 1.4.1 +PERL_CROSS_VERSION = 1.5.2 # DO NOT refactor with the github helper (the result is not the same) PERL_CROSS_SITE = https://github.com/arsv/perl-cross/releases/download/$(PERL_CROSS_VERSION) PERL_CROSS_SOURCE = perl-cross-$(PERL_CROSS_VERSION).tar.gz diff --git a/package/postgresql/postgresql.hash b/package/postgresql/postgresql.hash index 0640f883a753..4fc3bfcff04a 100644 --- a/package/postgresql/postgresql.hash +++ b/package/postgresql/postgresql.hash @@ -1,4 +1,4 @@ -# From https://ftp.postgresql.org/pub/source/v15.4/postgresql-15.4.tar.bz2.sha256 -sha256 baec5a4bdc4437336653b6cb5d9ed89be5bd5c0c58b94e0becee0a999e63c8f9 postgresql-15.4.tar.bz2 +# From https://ftp.postgresql.org/pub/source/v15.4/postgresql-15.5.tar.bz2.sha256 +sha256 8f53aa95d78eb8e82536ea46b68187793b42bba3b4f65aa342f540b23c9b10a6 postgresql-15.5.tar.bz2 # License file, Locally calculated sha256 1a7d13c3ab31961b91ba256f77d6e82e0b54bf992253060fe93bdb5466df416a COPYRIGHT diff --git a/package/postgresql/postgresql.mk b/package/postgresql/postgresql.mk index b951b14aa090..3108fe65e17f 100644 --- a/package/postgresql/postgresql.mk +++ b/package/postgresql/postgresql.mk @@ -4,7 +4,7 @@ # ################################################################################ -POSTGRESQL_VERSION = 15.4 +POSTGRESQL_VERSION = 15.5 POSTGRESQL_SOURCE = postgresql-$(POSTGRESQL_VERSION).tar.bz2 POSTGRESQL_SITE = https://ftp.postgresql.org/pub/source/v$(POSTGRESQL_VERSION) POSTGRESQL_LICENSE = PostgreSQL diff --git a/package/putty/putty.mk b/package/putty/putty.mk index 82b7464bb4e6..93e978a36ae2 100644 --- a/package/putty/putty.mk +++ b/package/putty/putty.mk @@ -10,6 +10,7 @@ PUTTY_LICENSE = MIT PUTTY_LICENSE_FILES = LICENCE PUTTY_CPE_ID_VENDOR = putty PUTTY_DEPENDENCIES = host-pkgconf +PUTTY_CONF_OPTS = -DPUTTY_GSSAPI=OFF ifeq ($(BR2_PACKAGE_LIBGTK3),y) PUTTY_DEPENDENCIES += libgtk3 @@ -17,4 +18,8 @@ else ifeq ($(BR2_PACKAGE_LIBGTK2),y) PUTTY_DEPENDENCIES += libgtk2 endif +ifeq ($(BR2_STATIC_LIBS),y) +PUTTY_CONF_OPTS += -DCMAKE_C_FLAGS="$(TARGET_CFLAGS) -DNO_LIBDL" +endif + $(eval $(cmake-package)) diff --git a/package/rtty/rtty.mk b/package/rtty/rtty.mk index 964ec04ec4b9..8a40f584def2 100644 --- a/package/rtty/rtty.mk +++ b/package/rtty/rtty.mk @@ -24,7 +24,7 @@ RTTY_CONF_OPTS += \ -DUSE_MBEDTLS=OFF \ -DUSE_OPENSSL=ON \ -DUSE_WOLFSSL=OFF -else ifeq ($(BR2_PACKAGE_WOLFSSL),y) +else ifeq ($(BR2_PACKAGE_WOLFSSL_ALL),y) RTTY_DEPENDENCIES += wolfssl RTTY_CONF_OPTS += \ -DSSL_SUPPORT=ON \ diff --git a/package/samba4/samba4.hash b/package/samba4/samba4.hash index 9843d419f09d..3a69e90675f1 100644 --- a/package/samba4/samba4.hash +++ b/package/samba4/samba4.hash @@ -1,4 +1,4 @@ # Locally calculated after checking pgp signature -# https://download.samba.org/pub/samba/stable/samba-4.18.8.tar.asc -sha256 4fb87bceaeb01d832a59046c197a044b7e8e8000581548b5d577a6cda03344d1 samba-4.18.8.tar.gz +# https://download.samba.org/pub/samba/stable/samba-4.18.9.tar.asc +sha256 f455c1d6351ed3a36fc2cb6e8ab1bfd0effe54a56686ffd495d64ab52d50f245 samba-4.18.9.tar.gz sha256 8ceb4b9ee5adedde47b31e975c1d90c73ad27b6b165a1dcd80c7c545eb65b903 COPYING diff --git a/package/samba4/samba4.mk b/package/samba4/samba4.mk index 9cf7a59d9b8d..9b2319791625 100644 --- a/package/samba4/samba4.mk +++ b/package/samba4/samba4.mk @@ -4,7 +4,7 @@ # ################################################################################ -SAMBA4_VERSION = 4.18.8 +SAMBA4_VERSION = 4.18.9 SAMBA4_SITE = https://download.samba.org/pub/samba/stable SAMBA4_SOURCE = samba-$(SAMBA4_VERSION).tar.gz SAMBA4_INSTALL_STAGING = YES diff --git a/package/speechd/speechd.mk b/package/speechd/speechd.mk index ae777c6d3069..c7c938a4541a 100644 --- a/package/speechd/speechd.mk +++ b/package/speechd/speechd.mk @@ -12,8 +12,11 @@ SPEECHD_INSTALL_STAGING = YES # speechd source code is released without configure script SPEECHD_AUTORECONF = YES SPEECHD_AUTOPOINT = YES -SPEECHD_DEPENDENCIES = host-pkgconf dotconf libglib2 libsndfile -SPEECHD_CONF_ENV = ac_cv_prog_HELP2MAN="" +SPEECHD_DEPENDENCIES = \ + host-pkgconf dotconf libglib2 libsndfile $(TARGET_NLS_DEPENDENCIES) +SPEECHD_CONF_ENV = \ + ac_cv_prog_HELP2MAN="" \ + LIBS=$(TARGET_NLS_LIBS) SPEECHD_CONF_OPTS = \ --disable-python \ --without-espeak \ diff --git a/package/squid/squid.hash b/package/squid/squid.hash index b00d14011e18..a163bd9ad3d2 100644 --- a/package/squid/squid.hash +++ b/package/squid/squid.hash @@ -1,6 +1,6 @@ -# From http://www.squid-cache.org/Versions/v5/squid-5.7.tar.xz.asc -md5 7a3764a3c5833631a779d7827901cda7 squid-5.7.tar.xz -sha1 141e8007d6b1cfee34654127a9ca025125b37b58 squid-5.7.tar.xz +# From http://www.squid-cache.org/Versions/v6/squid-6.5.tar.xz.asc +md5 da2797d899cf538fab7f504fdf3c18bf squid-6.5.tar.xz +sha1 07a08394625948750264778c82e19cf24ea7cb1f squid-6.5.tar.xz # Locally calculated -sha256 6b0753aaba4c9c4efd333e67124caecf7ad6cc2d38581f19d2f0321f5b7ecd81 squid-5.7.tar.xz +sha256 5070f8a3ae6666870c8fc716326befb0a1abe8b5ff3a6f3932cbc5543d7c8549 squid-6.5.tar.xz sha256 8177f97513213526df2cf6184d8ff986c675afb514d4e68a404010521b880643 COPYING diff --git a/package/squid/squid.mk b/package/squid/squid.mk index 355af0b9027d..c1477b1adff6 100644 --- a/package/squid/squid.mk +++ b/package/squid/squid.mk @@ -4,9 +4,9 @@ # ################################################################################ -SQUID_VERSION = 5.7 +SQUID_VERSION = 6.5 SQUID_SOURCE = squid-$(SQUID_VERSION).tar.xz -SQUID_SITE = http://www.squid-cache.org/Versions/v5 +SQUID_SITE = http://www.squid-cache.org/Versions/v6 SQUID_LICENSE = GPL-2.0+ SQUID_LICENSE_FILES = COPYING SQUID_CPE_ID_VENDOR = squid-cache diff --git a/package/vim/vim.hash b/package/vim/vim.hash index 8fdb6998c930..4ff64bada2ec 100644 --- a/package/vim/vim.hash +++ b/package/vim/vim.hash @@ -1,4 +1,4 @@ # Locally computed -sha256 29d0e5212daedbff1b781edba1b66f549b1a226020271f20aa9884abfdf39fc7 vim-9.0.2053.tar.gz +sha256 d826682fb839c0b99f80b9189af549d46dc087ef2cfc617ce161609ba5da4dc7 vim-9.0.2136.tar.gz sha256 0b3f1f330cb1b179bb17c7c687d4cec601e0aa3462bc7f890ad4c3888d37d720 LICENSE sha256 b475d5d3f8c855dc1a84813bbe45c44054d7f7aee20c800950bf89d5958873de README.txt diff --git a/package/vim/vim.mk b/package/vim/vim.mk index 37684e0aa3f0..b0b4ffe344db 100644 --- a/package/vim/vim.mk +++ b/package/vim/vim.mk @@ -4,7 +4,7 @@ # ################################################################################ -VIM_VERSION = 9.0.2053 +VIM_VERSION = 9.0.2136 VIM_SITE = $(call github,vim,vim,v$(VIM_VERSION)) VIM_DEPENDENCIES = ncurses $(TARGET_NLS_DEPENDENCIES) VIM_SUBDIR = src diff --git a/package/vlc/0006-posix-remove-ancient-run-time-fallback-to-real-time-.patch b/package/vlc/0006-posix-remove-ancient-run-time-fallback-to-real-time-.patch index 4fc639e2229c..5211ef882b68 100644 --- a/package/vlc/0006-posix-remove-ancient-run-time-fallback-to-real-time-.patch +++ b/package/vlc/0006-posix-remove-ancient-run-time-fallback-to-real-time-.patch @@ -23,6 +23,7 @@ posix/thread.c: In function ‘vlc_clock_setup_once’: posix/thread.c:88:18: error: lvalue required as left operand of assignment vlc_clock_id = (val < 0) ? CLOCK_REALTIME : CLOCK_MONOTONIC; +[Bernd: rebased for 3.0.19] Signed-off-by: Bernd Kuhls --- src/posix/thread.c | 96 +++++++----------------------------------------------- @@ -93,7 +94,7 @@ index dab8b71f97..8878941913 100644 -# warning Monotonic clock not available. Expect timing issues. -#endif /* _POSIX_TIMERS */ - - static struct timespec mtime_to_ts (mtime_t date) + static struct timespec mtime_to_ts (vlc_tick_t date) { lldiv_t d = lldiv (date, CLOCK_FREQ); @@ -233,14 +187,11 @@ void vlc_cond_init (vlc_cond_t *p_condvar) @@ -117,7 +118,7 @@ index dab8b71f97..8878941913 100644 @@ -625,44 +576,27 @@ void vlc_control_cancel (int cmd, ...) - mtime_t mdate (void) + vlc_tick_t mdate (void) { -#if (_POSIX_TIMERS > 0) struct timespec ts; @@ -140,7 +141,7 @@ index dab8b71f97..8878941913 100644 } #undef mwait - void mwait (mtime_t deadline) + void mwait (vlc_tick_t deadline) { -#if (_POSIX_CLOCK_SELECTION > 0) - vlc_clock_setup (); @@ -165,7 +166,7 @@ index dab8b71f97..8878941913 100644 } #undef msleep -@@ -670,15 +604,7 @@ void msleep (mtime_t delay) +@@ -670,15 +604,7 @@ void msleep (vlc_tick_t delay) { struct timespec ts = mtime_to_ts (delay); diff --git a/package/vlc/vlc.hash b/package/vlc/vlc.hash index 4b9940df33fd..40529bd6648d 100644 --- a/package/vlc/vlc.hash +++ b/package/vlc/vlc.hash @@ -1,7 +1,7 @@ -# From https://get.videolan.org/vlc/3.0.18/vlc-3.0.18.tar.xz.sha256 -sha256 57094439c365d8aa8b9b41fa3080cc0eef2befe6025bb5cef722accc625aedec vlc-3.0.18.tar.xz -# From https://get.videolan.org/vlc/3.0.18/vlc-3.0.18.tar.xz.sha1 -sha1 b11ccaa0f5ee15a550564817d60458eb0946f80e vlc-3.0.18.tar.xz +# From https://get.videolan.org/vlc/3.0.20/vlc-3.0.20.tar.xz.sha256 +sha256 adc7285b4d2721cddf40eb5270cada2aaa10a334cb546fd55a06353447ba29b5 vlc-3.0.20.tar.xz +# From https://get.videolan.org/vlc/3.0.20/vlc-3.0.20.tar.xz.sha1 +sha1 b834516ab701bf6311980ed5d67b77c834fdebe7 vlc-3.0.20.tar.xz # Locally computed sha256 8177f97513213526df2cf6184d8ff986c675afb514d4e68a404010521b880643 COPYING sha256 dc626520dcd53a22f727af3ee42c770e56c97a64fe3adb063799d8ab032fe551 COPYING.LIB diff --git a/package/vlc/vlc.mk b/package/vlc/vlc.mk index c6ae46f46940..d0fc1744c018 100644 --- a/package/vlc/vlc.mk +++ b/package/vlc/vlc.mk @@ -4,7 +4,7 @@ # ################################################################################ -VLC_VERSION = 3.0.18 +VLC_VERSION = 3.0.20 VLC_SITE = https://get.videolan.org/vlc/$(VLC_VERSION) VLC_SOURCE = vlc-$(VLC_VERSION).tar.xz VLC_LICENSE = GPL-2.0+, LGPL-2.1+ diff --git a/package/xenomai/3.0.10/0004-lib-psos-task.c-fix-build-with-gcc-12.patch b/package/xenomai/3.0.10/0004-lib-psos-task.c-fix-build-with-gcc-12.patch new file mode 100644 index 000000000000..fcc1f1e6730d --- /dev/null +++ b/package/xenomai/3.0.10/0004-lib-psos-task.c-fix-build-with-gcc-12.patch @@ -0,0 +1,56 @@ +From 6c6da9e6d75ccfaa83c1efe14211f080c14181c6 Mon Sep 17 00:00:00 2001 +From: Fabrice Fontaine +Date: Sun, 3 Dec 2023 15:28:50 +0100 +Subject: [PATCH] lib/psos/task.c: fix build with gcc >= 12 + +Fix the following build failure with gcc >= 12: + +task.c: In function 't_start': +task.c:398:16: error: 'ret' may be used uninitialized [-Werror=maybe-uninitialized] + 398 | return ret; + | ^~~ +task.c:364:13: note: 'ret' was declared here + 364 | int ret; + | ^~~ +task.c: In function 't_resume': +task.c:444:16: error: 'ret' may be used uninitialized [-Werror=maybe-uninitialized] + 444 | return ret; + | ^~~ +task.c:428:13: note: 'ret' was declared here + 428 | int ret; + | ^~~ + +Fixes: + - http://autobuild.buildroot.org/results/bc1b40de22e563b704ad7f20b6bf4d1f73a6ed8a + +Signed-off-by: Fabrice Fontaine +Upstream: https://lore.kernel.org/xenomai/20231203144307.1940139-1-fontaine.fabrice@gmail.com/T/#u +--- + lib/psos/task.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/lib/psos/task.c b/lib/psos/task.c +index f678be61d..27bcc28a9 100644 +--- a/lib/psos/task.c ++++ b/lib/psos/task.c +@@ -362,7 +362,7 @@ u_long t_start(u_long tid, + { + struct psos_task *task; + struct service svc; +- int ret; ++ int ret = SUCCESS; + + CANCEL_DEFER(svc); + +@@ -426,7 +426,7 @@ u_long t_resume(u_long tid) + { + struct psos_task *task; + struct service svc; +- int ret; ++ int ret = SUCCESS; + + CANCEL_DEFER(svc); + +-- +2.42.0 + diff --git a/package/xtables-addons/xtables-addons.hash b/package/xtables-addons/xtables-addons.hash index 840a31f9478f..7bdbbb85784f 100644 --- a/package/xtables-addons/xtables-addons.hash +++ b/package/xtables-addons/xtables-addons.hash @@ -1,3 +1,3 @@ # Locally calculated -sha256 faa16a27166275afbfe8df605f55c3a81ac693bf19da674d45ceded4137ae217 xtables-addons-3.22.tar.xz +sha256 3e823f71720519ced31c4c7d2bfaf7120d9c01c59a0843dfcbe93c95c64d81c1 xtables-addons-3.24.tar.xz sha256 ab15fd526bd8dd18a9e77ebc139656bf4d33e97fc7238cd11bf60e2b9b8666c6 LICENSE diff --git a/package/xtables-addons/xtables-addons.mk b/package/xtables-addons/xtables-addons.mk index e794538956c1..efd8bd98cecd 100644 --- a/package/xtables-addons/xtables-addons.mk +++ b/package/xtables-addons/xtables-addons.mk @@ -4,7 +4,7 @@ # ################################################################################ -XTABLES_ADDONS_VERSION = 3.22 +XTABLES_ADDONS_VERSION = 3.24 XTABLES_ADDONS_SOURCE = xtables-addons-$(XTABLES_ADDONS_VERSION).tar.xz XTABLES_ADDONS_SITE = https://inai.de/files/xtables-addons XTABLES_ADDONS_DEPENDENCIES = iptables linux host-pkgconf @@ -13,7 +13,6 @@ XTABLES_ADDONS_LICENSE_FILES = LICENSE XTABLES_ADDONS_CONF_OPTS = \ --with-kbuild="$(LINUX_DIR)" \ - --with-xtables="$(STAGING_DIR)/usr" \ --with-xtlibdir="/usr/lib/xtables" define XTABLES_ADDONS_BUILD_CMDS diff --git a/package/zfs/zfs.hash b/package/zfs/zfs.hash index 3a73e5e94f11..01c86f2bd69c 100644 --- a/package/zfs/zfs.hash +++ b/package/zfs/zfs.hash @@ -1,6 +1,5 @@ -# From https://github.com/openzfs/zfs/releases/download/zfs-2.1.12/zfs-2.1.12.sha256.asc -sha256 64daa26aed3e12c931f6f4413d7527c4ebdb8da35416b356152b5f9fdd4c6e6d zfs-2.1.12.tar.gz -sha256 96a27353fe717ff2c8b95deb8b009c4eb750303c6400e2d8a2582ab1ec12b25a bc3f12bfac152a0c28951cec92340ba14f9ccee9.patch +# From https://github.com/openzfs/zfs/releases/download/zfs-2.2.2/zfs-2.2.2.sha256.asc +sha256 76bc0547d9ba31d4b0142e417aaaf9f969072c3cb3c1a5b10c8738f39ed12fc9 zfs-2.2.2.tar.gz # Hash for license files: sha256 1ffb70c33c4f79f04e947facc5c7851f289609256aacb47fc115f700427d9520 LICENSE diff --git a/package/zfs/zfs.mk b/package/zfs/zfs.mk index b852d8d4e213..4aa165fd4c1e 100644 --- a/package/zfs/zfs.mk +++ b/package/zfs/zfs.mk @@ -4,15 +4,14 @@ # ################################################################################ -ZFS_VERSION = 2.1.12 +ZFS_VERSION = 2.2.2 ZFS_SITE = https://github.com/openzfs/zfs/releases/download/zfs-$(ZFS_VERSION) -ZFS_PATCH = https://github.com/openzfs/zfs/commit/bc3f12bfac152a0c28951cec92340ba14f9ccee9.patch ZFS_LICENSE = CDDL ZFS_LICENSE_FILES = LICENSE COPYRIGHT ZFS_CPE_ID_VENDOR = openzfs ZFS_CPE_ID_PRODUCT = openzfs -# 0001-removal-of-LegacyVersion-broke-ax_python_dev.m4.patch +# 0001-config-user-check-for-aio.h.patch ZFS_AUTORECONF = YES ZFS_DEPENDENCIES = libaio openssl udev util-linux zlib libcurl linux @@ -58,6 +57,14 @@ else ZFS_CONF_OPTS += --disable-pam endif +# Sets the environment for the `make` that will be run ZFS autotools checks. +ZFS_CONF_ENV += \ + ARCH=$(KERNEL_ARCH) \ + CROSS_COMPILE="$(TARGET_CROSS)" +ZFS_MAKE_ENV += \ + ARCH=$(KERNEL_ARCH) \ + CROSS_COMPILE="$(TARGET_CROSS)" + # ZFS userland tools are unfunctional without the Linux kernel modules. ZFS_MODULE_SUBDIRS = \ module/avl \ diff --git a/support/misc/Vagrantfile b/support/misc/Vagrantfile index 250a8810e52a..8757304f8949 100644 --- a/support/misc/Vagrantfile +++ b/support/misc/Vagrantfile @@ -5,7 +5,7 @@ ################################################################################ # Buildroot version to use -RELEASE='2023.08.3' +RELEASE='2023.08.4' ### Change here for more memory/cores ### VM_MEMORY=2048 diff --git a/support/testing/tests/package/test_zfs.py b/support/testing/tests/package/test_zfs.py index 1f01ddd76835..27dbc2869bc9 100644 --- a/support/testing/tests/package/test_zfs.py +++ b/support/testing/tests/package/test_zfs.py @@ -40,11 +40,11 @@ def base_test_run(self): cmds = [ # Init - "modprobe zfs", + "modprobe zfs && sleep 2", "mount -o remount,size=132M /tmp", "fallocate -l 64M /tmp/container1.raw", "fallocate -l 64M /tmp/container2.raw", - "zpool create -m /pool pool raidz /tmp/container1.raw /tmp/container2.raw", + "zpool create pool raidz /tmp/container1.raw /tmp/container2.raw", "dd if=/dev/urandom bs=1M count=8 of=/pool/urandom", "sha256sum /pool/urandom > /tmp/urandom.sha256", # Check ZFS