jeans/operating-system
jeans/operating-system
1
0
Fork 0
mirror of https://github.com/home-assistant/operating-system.git synced 2025-07-27 06:56:29 +00:00
Code Issues Packages Projects Releases Wiki Activity

Update buildroot to 2021.02.6 (#1607)

Browse Source 
* Update buildroot to 2021.02.6

* Renew buildroot-patches

This makes sure that docker-proxy gets bumped to the latest Docker version
as well.
This commit is contained in:
Stefan Agner 2021-10-25 22:00:01 +02:00 committed by GitHub
parent a3567cd462
commit 854fe94ab1
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
191 changed files with 1041 additions and 711 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
buildroot-patches/0001-docker-add-AppArmor-support.patch
View File

@ -1,5 +1,5 @@
From 09f9b55b419ef01ad24998bbacb1a49976b58bfa Mon Sep 17 00:00:00 2001 From 7bc8a611131f89c7773e75863be58a682bfefa46 Mon Sep 17 00:00:00 2001
Message-Id: <09f9b55b419ef01ad24998bbacb1a49976b58bfa.1627492452.git.stefan@agner.ch> Message-Id: <7bc8a611131f89c7773e75863be58a682bfefa46.1635185056.git.stefan@agner.ch>
From: Pascal Vizeli <pvizeli@syshack.ch> From: Pascal Vizeli <pvizeli@syshack.ch>
Date: Mon, 13 Jan 2020 12:27:06 +0000 Date: Mon, 13 Jan 2020 12:27:06 +0000
Subject: [PATCH 01/11] docker: add AppArmor support Subject: [PATCH 01/11] docker: add AppArmor support
@ -11,7 +11,7 @@ Signed-off-by: Stefan Agner <stefan@agner.ch>
1 file changed, 5 insertions(+) 1 file changed, 5 insertions(+)
diff --git a/package/docker-containerd/docker-containerd.mk b/package/docker-containerd/docker-containerd.mk diff --git a/package/docker-containerd/docker-containerd.mk b/package/docker-containerd/docker-containerd.mk
index e229d9cb54..e968518a69 100644 index 16026eb8e9..c2aaefdff8 100644
--- a/package/docker-containerd/docker-containerd.mk --- a/package/docker-containerd/docker-containerd.mk
+++ b/package/docker-containerd/docker-containerd.mk +++ b/package/docker-containerd/docker-containerd.mk
@@ -30,6 +30,11 @@ DOCKER_CONTAINERD_DEPENDENCIES += libapparmor @@ -30,6 +30,11 @@ DOCKER_CONTAINERD_DEPENDENCIES += libapparmor
@ -27,5 +27,5 @@ index e229d9cb54..e968518a69 100644
DOCKER_CONTAINERD_DEPENDENCIES += libseccomp host-pkgconf DOCKER_CONTAINERD_DEPENDENCIES += libseccomp host-pkgconf
DOCKER_CONTAINERD_TAGS += seccomp DOCKER_CONTAINERD_TAGS += seccomp
-- --
2.32.0 2.33.1

10
buildroot-patches/0002-network-manager-wpa_supplicant.patch
View File

@ -1,7 +1,7 @@
From e06ba47c59eec31475a8302fca569a0315158154 Mon Sep 17 00:00:00 2001 From 8510d87bd5dbbb23a55dd7bb4f17c7f375dfccef Mon Sep 17 00:00:00 2001
Message-Id: <e06ba47c59eec31475a8302fca569a0315158154.1627492452.git.stefan@agner.ch> Message-Id: <8510d87bd5dbbb23a55dd7bb4f17c7f375dfccef.1635185056.git.stefan@agner.ch>
In-Reply-To: <09f9b55b419ef01ad24998bbacb1a49976b58bfa.1627492452.git.stefan@agner.ch> In-Reply-To: <7bc8a611131f89c7773e75863be58a682bfefa46.1635185056.git.stefan@agner.ch>
References: <09f9b55b419ef01ad24998bbacb1a49976b58bfa.1627492452.git.stefan@agner.ch> References: <7bc8a611131f89c7773e75863be58a682bfefa46.1635185056.git.stefan@agner.ch>
From: Pascal Vizeli <pvizeli@syshack.ch> From: Pascal Vizeli <pvizeli@syshack.ch>
Date: Thu, 16 Apr 2020 14:32:45 +0000 Date: Thu, 16 Apr 2020 14:32:45 +0000
Subject: [PATCH 02/11] network-manager: wpa_supplicant Subject: [PATCH 02/11] network-manager: wpa_supplicant
@ -42,5 +42,5 @@ index 607c2b402b..c8351d8730 100644
NETWORK_MANAGER_LICENSE_FILES = COPYING COPYING.LGPL CONTRIBUTING NETWORK_MANAGER_LICENSE_FILES = COPYING COPYING.LGPL CONTRIBUTING
NETWORK_MANAGER_CPE_ID_VENDOR = gnome NETWORK_MANAGER_CPE_ID_VENDOR = gnome
-- --
2.32.0 2.33.1

10
buildroot-patches/0003-Fix-dhcp-client.patch
View File

@ -1,7 +1,7 @@
From 654f5326428f1f442369589ce74333a44293fac2 Mon Sep 17 00:00:00 2001 From f4d0ac532040a9194fd939e6be23233ca3976728 Mon Sep 17 00:00:00 2001
Message-Id: <654f5326428f1f442369589ce74333a44293fac2.1627492452.git.stefan@agner.ch> Message-Id: <f4d0ac532040a9194fd939e6be23233ca3976728.1635185056.git.stefan@agner.ch>
In-Reply-To: <09f9b55b419ef01ad24998bbacb1a49976b58bfa.1627492452.git.stefan@agner.ch> In-Reply-To: <7bc8a611131f89c7773e75863be58a682bfefa46.1635185056.git.stefan@agner.ch>
References: <09f9b55b419ef01ad24998bbacb1a49976b58bfa.1627492452.git.stefan@agner.ch> References: <7bc8a611131f89c7773e75863be58a682bfefa46.1635185056.git.stefan@agner.ch>
From: Pascal Vizeli <pvizeli@syshack.ch> From: Pascal Vizeli <pvizeli@syshack.ch>
Date: Thu, 16 Apr 2020 12:01:44 +0000 Date: Thu, 16 Apr 2020 12:01:44 +0000
Subject: [PATCH 03/11] Fix dhcp client Subject: [PATCH 03/11] Fix dhcp client
@ -26,5 +26,5 @@ index 1edb3c5e99..b945c46b18 100644
install-sbinPROGRAMS install-sbinPROGRAMS
$(INSTALL) -m 0644 -D package/dhcp/dhclient.conf \ $(INSTALL) -m 0644 -D package/dhcp/dhclient.conf \
-- --
2.32.0 2.33.1

10
buildroot-patches/0004-package-rpi-firmware-Allow-to-deploy-multiple-firmwa.patch
View File

@ -1,7 +1,7 @@
From 81093c8655737f9208df3b75371290600625bec8 Mon Sep 17 00:00:00 2001 From 9f590c153e042db3e15532c8cf8a9404383e2789 Mon Sep 17 00:00:00 2001
Message-Id: <81093c8655737f9208df3b75371290600625bec8.1627492452.git.stefan@agner.ch> Message-Id: <9f590c153e042db3e15532c8cf8a9404383e2789.1635185056.git.stefan@agner.ch>
In-Reply-To: <09f9b55b419ef01ad24998bbacb1a49976b58bfa.1627492452.git.stefan@agner.ch> In-Reply-To: <7bc8a611131f89c7773e75863be58a682bfefa46.1635185056.git.stefan@agner.ch>
References: <09f9b55b419ef01ad24998bbacb1a49976b58bfa.1627492452.git.stefan@agner.ch> References: <7bc8a611131f89c7773e75863be58a682bfefa46.1635185056.git.stefan@agner.ch>
From: Stefan Agner <stefan@agner.ch> From: Stefan Agner <stefan@agner.ch>
Date: Mon, 8 Feb 2021 14:08:28 +0100 Date: Mon, 8 Feb 2021 14:08:28 +0100
Subject: [PATCH 04/11] package/rpi-firmware: Allow to deploy multiple firmware Subject: [PATCH 04/11] package/rpi-firmware: Allow to deploy multiple firmware
@ -72,5 +72,5 @@ index f3d28ef825..58085a8ca8 100644
$(RPI_FIRMWARE_INSTALL_DTB) $(RPI_FIRMWARE_INSTALL_DTB)
$(RPI_FIRMWARE_INSTALL_DTB_OVERLAYS) $(RPI_FIRMWARE_INSTALL_DTB_OVERLAYS)
-- --
2.32.0 2.33.1

12
buildroot-patches/0005-package-linux-firmware-add-RTL87XX-RTL88XX-Bluetooth.patch
View File

@ -1,7 +1,7 @@
From f93e6246fbc58814dd4547eade63102c7626b76b Mon Sep 17 00:00:00 2001 From d064be35e78b286a30894071a4de353c33bdd09a Mon Sep 17 00:00:00 2001
Message-Id: <f93e6246fbc58814dd4547eade63102c7626b76b.1627492452.git.stefan@agner.ch> Message-Id: <d064be35e78b286a30894071a4de353c33bdd09a.1635185056.git.stefan@agner.ch>
In-Reply-To: <09f9b55b419ef01ad24998bbacb1a49976b58bfa.1627492452.git.stefan@agner.ch> In-Reply-To: <7bc8a611131f89c7773e75863be58a682bfefa46.1635185056.git.stefan@agner.ch>
References: <09f9b55b419ef01ad24998bbacb1a49976b58bfa.1627492452.git.stefan@agner.ch> References: <7bc8a611131f89c7773e75863be58a682bfefa46.1635185056.git.stefan@agner.ch>
From: Stefan Agner <stefan@agner.ch> From: Stefan Agner <stefan@agner.ch>
Date: Wed, 17 Mar 2021 14:48:43 +0100 Date: Wed, 17 Mar 2021 14:48:43 +0100
Subject: [PATCH 05/11] package/linux-firmware: add RTL87XX/RTL88XX Bluetooth Subject: [PATCH 05/11] package/linux-firmware: add RTL87XX/RTL88XX Bluetooth
@ -38,7 +38,7 @@ index a41310ff2a..ba3322fa18 100644
bool "TI CC2560" bool "TI CC2560"
help help
diff --git a/package/linux-firmware/linux-firmware.mk b/package/linux-firmware/linux-firmware.mk diff --git a/package/linux-firmware/linux-firmware.mk b/package/linux-firmware/linux-firmware.mk
index f23da171c6..9c512ab750 100644 index 9af35ccb1a..45c50e48a2 100644
--- a/package/linux-firmware/linux-firmware.mk --- a/package/linux-firmware/linux-firmware.mk
+++ b/package/linux-firmware/linux-firmware.mk +++ b/package/linux-firmware/linux-firmware.mk
@@ -64,6 +64,27 @@ LINUX_FIRMWARE_FILES += qca/rampatch_usb_00000302.bin qca/nvm_usb_00000302.bin @@ -64,6 +64,27 @@ LINUX_FIRMWARE_FILES += qca/rampatch_usb_00000302.bin qca/nvm_usb_00000302.bin
@ -70,5 +70,5 @@ index f23da171c6..9c512ab750 100644
ifeq ($(BR2_PACKAGE_LINUX_FIRMWARE_RALINK_RT61),y) ifeq ($(BR2_PACKAGE_LINUX_FIRMWARE_RALINK_RT61),y)
LINUX_FIRMWARE_FILES += rt2561.bin rt2561s.bin rt2661.bin LINUX_FIRMWARE_FILES += rt2561.bin rt2561s.bin rt2661.bin
-- --
2.32.0 2.33.1

26
buildroot-patches/0006-package-docker-proxy-bump-version-to-b3507428be5b.patch → buildroot-patches/0006-package-docker-proxy-bump-version-to-64b7a4574d14.patch
View File

@ -1,13 +1,13 @@
From 28a2450108743762b3b43629c86248f5fe45aa70 Mon Sep 17 00:00:00 2001 From 7a63448dce0599dbcf715a311bf63dbaa6ad0f8a Mon Sep 17 00:00:00 2001
Message-Id: <28a2450108743762b3b43629c86248f5fe45aa70.1627492452.git.stefan@agner.ch> Message-Id: <7a63448dce0599dbcf715a311bf63dbaa6ad0f8a.1635185056.git.stefan@agner.ch>
In-Reply-To: <09f9b55b419ef01ad24998bbacb1a49976b58bfa.1627492452.git.stefan@agner.ch> In-Reply-To: <7bc8a611131f89c7773e75863be58a682bfefa46.1635185056.git.stefan@agner.ch>
References: <09f9b55b419ef01ad24998bbacb1a49976b58bfa.1627492452.git.stefan@agner.ch> References: <7bc8a611131f89c7773e75863be58a682bfefa46.1635185056.git.stefan@agner.ch>
From: Stefan Agner <stefan@agner.ch> From: Stefan Agner <stefan@agner.ch>
Date: Thu, 15 Apr 2021 17:22:59 +0200 Date: Mon, 11 Oct 2021 14:45:41 +0200
Subject: [PATCH 06/11] package/docker-proxy: bump version to b3507428be5b Subject: [PATCH 06/11] package/docker-proxy: bump version to 64b7a4574d14
Which is the version used by docker 20.10.6: Which is the version used by docker 20.10.7:
https://github.com/moby/moby/commit/88470052e7d42f3dc774442241fd6bab817876f6 https://github.com/moby/moby/commit/d29a55c6c344a536089d6b1bcd92be9cdea20641
Signed-off-by: Stefan Agner <stefan@agner.ch> Signed-off-by: Stefan Agner <stefan@agner.ch>
--- ---
@ -16,16 +16,16 @@ Signed-off-by: Stefan Agner <stefan@agner.ch>
2 files changed, 3 insertions(+), 3 deletions(-) 2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/package/docker-proxy/docker-proxy.hash b/package/docker-proxy/docker-proxy.hash diff --git a/package/docker-proxy/docker-proxy.hash b/package/docker-proxy/docker-proxy.hash
index 58de697929..13da06170c 100644 index 58de697929..605a559806 100644
--- a/package/docker-proxy/docker-proxy.hash --- a/package/docker-proxy/docker-proxy.hash
+++ b/package/docker-proxy/docker-proxy.hash +++ b/package/docker-proxy/docker-proxy.hash
@@ -1,3 +1,3 @@ @@ -1,3 +1,3 @@
# Locally calculated # Locally calculated
-sha256 866c8d196b9396a383b437b0d775476459ed7c11f527c4f6bbf1fd08524b461d docker-proxy-55685ba49593e67f5e1c8180539379b16736c25e.tar.gz -sha256 866c8d196b9396a383b437b0d775476459ed7c11f527c4f6bbf1fd08524b461d docker-proxy-55685ba49593e67f5e1c8180539379b16736c25e.tar.gz
+sha256 90a8dc84bc5d2d74dee0b2c3544f8786598ff85e9fc9f6a55a15b60b7cd78d63 docker-proxy-b3507428be5b458cb0e2b4086b13531fb0706e46.tar.gz +sha256 ede21e645ff6552b3a508f6186d3f34d267015ec0f96eefecf6d08c03cbd2987 docker-proxy-64b7a4574d1426139437d20e81c0b6d391130ec8.tar.gz
sha256 cb5e8e7e5f4a3988e1063c142c60dc2df75605f4c46515e776e3aca6df976e14 LICENSE sha256 cb5e8e7e5f4a3988e1063c142c60dc2df75605f4c46515e776e3aca6df976e14 LICENSE
diff --git a/package/docker-proxy/docker-proxy.mk b/package/docker-proxy/docker-proxy.mk diff --git a/package/docker-proxy/docker-proxy.mk b/package/docker-proxy/docker-proxy.mk
index 6600b24ed9..7270834119 100644 index 6600b24ed9..7745853716 100644
--- a/package/docker-proxy/docker-proxy.mk --- a/package/docker-proxy/docker-proxy.mk
+++ b/package/docker-proxy/docker-proxy.mk +++ b/package/docker-proxy/docker-proxy.mk
@@ -4,8 +4,8 @@ @@ -4,8 +4,8 @@
@ -34,11 +34,11 @@ index 6600b24ed9..7270834119 100644
-DOCKER_PROXY_VERSION = 55685ba49593e67f5e1c8180539379b16736c25e -DOCKER_PROXY_VERSION = 55685ba49593e67f5e1c8180539379b16736c25e
-DOCKER_PROXY_SITE = $(call github,docker,libnetwork,$(DOCKER_PROXY_VERSION)) -DOCKER_PROXY_SITE = $(call github,docker,libnetwork,$(DOCKER_PROXY_VERSION))
+DOCKER_PROXY_VERSION = b3507428be5b458cb0e2b4086b13531fb0706e46 +DOCKER_PROXY_VERSION = 64b7a4574d1426139437d20e81c0b6d391130ec8
+DOCKER_PROXY_SITE = $(call github,moby,libnetwork,$(DOCKER_PROXY_VERSION)) +DOCKER_PROXY_SITE = $(call github,moby,libnetwork,$(DOCKER_PROXY_VERSION))
DOCKER_PROXY_LICENSE = Apache-2.0 DOCKER_PROXY_LICENSE = Apache-2.0
DOCKER_PROXY_LICENSE_FILES = LICENSE DOCKER_PROXY_LICENSE_FILES = LICENSE
-- --
2.32.0 2.33.1

10
buildroot-patches/0007-package-rpi-firmware-bump-version-to-1.20210303.patch
View File

@ -1,7 +1,7 @@
From 30030f11ea80bee5f25136a3caf070a9b97e8b10 Mon Sep 17 00:00:00 2001 From f9a4d9c76e695d8897f00dc57b6926cd0d3847b4 Mon Sep 17 00:00:00 2001
Message-Id: <30030f11ea80bee5f25136a3caf070a9b97e8b10.1627492452.git.stefan@agner.ch> Message-Id: <f9a4d9c76e695d8897f00dc57b6926cd0d3847b4.1635185056.git.stefan@agner.ch>
In-Reply-To: <09f9b55b419ef01ad24998bbacb1a49976b58bfa.1627492452.git.stefan@agner.ch> In-Reply-To: <7bc8a611131f89c7773e75863be58a682bfefa46.1635185056.git.stefan@agner.ch>
References: <09f9b55b419ef01ad24998bbacb1a49976b58bfa.1627492452.git.stefan@agner.ch> References: <7bc8a611131f89c7773e75863be58a682bfefa46.1635185056.git.stefan@agner.ch>
From: Stefan Agner <stefan@agner.ch> From: Stefan Agner <stefan@agner.ch>
Date: Mon, 19 Apr 2021 10:59:03 +0200 Date: Mon, 19 Apr 2021 10:59:03 +0200
Subject: [PATCH 07/11] package/rpi-firmware: bump version to 1.20210303 Subject: [PATCH 07/11] package/rpi-firmware: bump version to 1.20210303
@ -38,5 +38,5 @@ index 58085a8ca8..ea82836900 100644
RPI_FIRMWARE_LICENSE = BSD-3-Clause RPI_FIRMWARE_LICENSE = BSD-3-Clause
RPI_FIRMWARE_LICENSE_FILES = boot/LICENCE.broadcom RPI_FIRMWARE_LICENSE_FILES = boot/LICENCE.broadcom
-- --
2.32.0 2.33.1

12
buildroot-patches/0008-package-linux-firmware-add-rtl8761b-rtl8761bu-firmwa.patch
View File

@ -1,7 +1,7 @@
From af2981f04e79fc5d4298e027d7a02ecfd3316bd7 Mon Sep 17 00:00:00 2001 From 05d3380da24004da4e413cfc342e0f97c7aef631 Mon Sep 17 00:00:00 2001
Message-Id: <af2981f04e79fc5d4298e027d7a02ecfd3316bd7.1627492452.git.stefan@agner.ch> Message-Id: <05d3380da24004da4e413cfc342e0f97c7aef631.1635185056.git.stefan@agner.ch>
In-Reply-To: <09f9b55b419ef01ad24998bbacb1a49976b58bfa.1627492452.git.stefan@agner.ch> In-Reply-To: <7bc8a611131f89c7773e75863be58a682bfefa46.1635185056.git.stefan@agner.ch>
References: <09f9b55b419ef01ad24998bbacb1a49976b58bfa.1627492452.git.stefan@agner.ch> References: <7bc8a611131f89c7773e75863be58a682bfefa46.1635185056.git.stefan@agner.ch>
From: Stefan Agner <stefan@agner.ch> From: Stefan Agner <stefan@agner.ch>
Date: Sat, 19 Jun 2021 18:20:46 +0200 Date: Sat, 19 Jun 2021 18:20:46 +0200
Subject: [PATCH 08/11] package/linux-firmware: add rtl8761b/rtl8761bu firmware Subject: [PATCH 08/11] package/linux-firmware: add rtl8761b/rtl8761bu firmware
@ -27,7 +27,7 @@ index 12af68f2d3..df66b87c50 100644
sha256 8d5847d2971241d4d6a51c16e206379de53a6d4e203fa6f8e1c1e9279c7c4ad0 LICENSE.amdgpu sha256 8d5847d2971241d4d6a51c16e206379de53a6d4e203fa6f8e1c1e9279c7c4ad0 LICENSE.amdgpu
sha256 2d6062d63b91eb750bf741498691604f75184b9fee97608ec537cd09bd6a42b4 LICENCE.Marvell sha256 2d6062d63b91eb750bf741498691604f75184b9fee97608ec537cd09bd6a42b4 LICENCE.Marvell
diff --git a/package/linux-firmware/linux-firmware.mk b/package/linux-firmware/linux-firmware.mk diff --git a/package/linux-firmware/linux-firmware.mk b/package/linux-firmware/linux-firmware.mk
index 9c512ab750..96da50751b 100644 index 45c50e48a2..a4d54fff21 100644
--- a/package/linux-firmware/linux-firmware.mk --- a/package/linux-firmware/linux-firmware.mk
+++ b/package/linux-firmware/linux-firmware.mk +++ b/package/linux-firmware/linux-firmware.mk
@@ -4,7 +4,7 @@ @@ -4,7 +4,7 @@
@ -51,5 +51,5 @@ index 9c512ab750..96da50751b 100644
endif endif
-- --
2.32.0 2.33.1

10
buildroot-patches/0009-package-lvm2-fix-installation-of-systemd-units.patch
View File

@ -1,7 +1,7 @@
From f358c8ba53970154054bc2140fb4127a116d97ff Mon Sep 17 00:00:00 2001 From 36b65be42d138e54665ee508fc9021f90f134ee9 Mon Sep 17 00:00:00 2001
Message-Id: <f358c8ba53970154054bc2140fb4127a116d97ff.1627492452.git.stefan@agner.ch> Message-Id: <36b65be42d138e54665ee508fc9021f90f134ee9.1635185056.git.stefan@agner.ch>
In-Reply-To: <09f9b55b419ef01ad24998bbacb1a49976b58bfa.1627492452.git.stefan@agner.ch> In-Reply-To: <7bc8a611131f89c7773e75863be58a682bfefa46.1635185056.git.stefan@agner.ch>
References: <09f9b55b419ef01ad24998bbacb1a49976b58bfa.1627492452.git.stefan@agner.ch> References: <7bc8a611131f89c7773e75863be58a682bfefa46.1635185056.git.stefan@agner.ch>
From: "Yann E. MORIN" <yann.morin.1998@free.fr> From: "Yann E. MORIN" <yann.morin.1998@free.fr>
Date: Fri, 21 May 2021 16:44:36 +0200 Date: Fri, 21 May 2021 16:44:36 +0200
Subject: [PATCH 09/11] package/lvm2: fix installation of systemd units Subject: [PATCH 09/11] package/lvm2: fix installation of systemd units
@ -58,5 +58,5 @@ index 19e8757e54..87c1c761ea 100644
LVM2_CONF_ENV += ac_cv_flag_HAVE_PIE=no LVM2_CONF_ENV += ac_cv_flag_HAVE_PIE=no
endif endif
-- --
2.32.0 2.33.1

10
buildroot-patches/0010-package-rpi-wifi-firmware-bump-version-to-883b726.patch
View File

@ -1,7 +1,7 @@
From c8de13c1131adab0455eca939c4f168fd0ae30af Mon Sep 17 00:00:00 2001 From 62b542d08b9fee2fca6190daae858239331591b0 Mon Sep 17 00:00:00 2001
Message-Id: <c8de13c1131adab0455eca939c4f168fd0ae30af.1627492452.git.stefan@agner.ch> Message-Id: <62b542d08b9fee2fca6190daae858239331591b0.1635185056.git.stefan@agner.ch>
In-Reply-To: <09f9b55b419ef01ad24998bbacb1a49976b58bfa.1627492452.git.stefan@agner.ch> In-Reply-To: <7bc8a611131f89c7773e75863be58a682bfefa46.1635185056.git.stefan@agner.ch>
References: <09f9b55b419ef01ad24998bbacb1a49976b58bfa.1627492452.git.stefan@agner.ch> References: <7bc8a611131f89c7773e75863be58a682bfefa46.1635185056.git.stefan@agner.ch>
From: Stefan Agner <stefan@agner.ch> From: Stefan Agner <stefan@agner.ch>
Date: Wed, 28 Jul 2021 15:52:18 +0200 Date: Wed, 28 Jul 2021 15:52:18 +0200
Subject: [PATCH 10/11] package/rpi-wifi-firmware: bump version to 883b726 Subject: [PATCH 10/11] package/rpi-wifi-firmware: bump version to 883b726
@ -35,5 +35,5 @@ index 24ba5941b0..28926ff4f0 100644
RPI_WIFI_FIRMWARE_LICENSE = PROPRIETARY RPI_WIFI_FIRMWARE_LICENSE = PROPRIETARY
RPI_WIFI_FIRMWARE_LICENSE_FILES = LICENCE.broadcom_bcm43xx RPI_WIFI_FIRMWARE_LICENSE_FILES = LICENCE.broadcom_bcm43xx
-- --
2.32.0 2.33.1

10
buildroot-patches/0011-package-rpi-firmware-bump-version-to-1.20210527.patch
View File

@ -1,7 +1,7 @@
From c92d04a4315c71fcb83caa86130f38fc22b50722 Mon Sep 17 00:00:00 2001 From d52ee79002b228d8af627d9e68b4257aa3d54bd8 Mon Sep 17 00:00:00 2001
Message-Id: <c92d04a4315c71fcb83caa86130f38fc22b50722.1627492452.git.stefan@agner.ch> Message-Id: <d52ee79002b228d8af627d9e68b4257aa3d54bd8.1635185056.git.stefan@agner.ch>
In-Reply-To: <09f9b55b419ef01ad24998bbacb1a49976b58bfa.1627492452.git.stefan@agner.ch> In-Reply-To: <7bc8a611131f89c7773e75863be58a682bfefa46.1635185056.git.stefan@agner.ch>
References: <09f9b55b419ef01ad24998bbacb1a49976b58bfa.1627492452.git.stefan@agner.ch> References: <7bc8a611131f89c7773e75863be58a682bfefa46.1635185056.git.stefan@agner.ch>
From: Stefan Agner <stefan@agner.ch> From: Stefan Agner <stefan@agner.ch>
Date: Mon, 19 Apr 2021 10:59:03 +0200 Date: Mon, 19 Apr 2021 10:59:03 +0200
Subject: [PATCH 11/11] package/rpi-firmware: bump version to 1.20210527 Subject: [PATCH 11/11] package/rpi-firmware: bump version to 1.20210527
@ -38,5 +38,5 @@ index ea82836900..ac4c4a0788 100644
RPI_FIRMWARE_LICENSE = BSD-3-Clause RPI_FIRMWARE_LICENSE = BSD-3-Clause
RPI_FIRMWARE_LICENSE_FILES = boot/LICENCE.broadcom RPI_FIRMWARE_LICENSE_FILES = boot/LICENCE.broadcom
-- --
2.32.0 2.33.1

32
buildroot/CHANGES
View File

@ -1,3 +1,35 @@
2021.02.6, released October 11, 2021
Important / security related fixes.
gdbinit: Mark the sysroot as a "safe path" before configuring
it, so pretty printers work correctly without having to pass
-ix to gdb
Updated/fixed packages: alsa-lib, apache,
arm-trusted-firmware, atftp, bind, botan, cryptopp, dash,
dc3dd, docker-cli, docker-containerd, docker-engine, dovecot,
erlang, fetchmail, gdb, ghostscript, go, gst-omx,
gst1-devtools, gst1-interpipe, gst1-libav, gst1-plugins-bad,
gst1-plugins-base, gst1-plugins-good, gst1-plugins-ugly,
gst1-python, gst1-rtsp-server, gst1-vaapi, gstreamer1,
gstreamer1-editing-services, kodi-pvr-octonet, libcurl,
libkrb5, libressl, libsndfile, libyang, lxc, lynx, mesa3d,
micropython, minicom, mono, mtr, mv-ddr-marvell, net-tools,
nmap, nodejs, ntfs-3g, openjdk, openjdk-bin, openldap,
openssh, php, python-aioconsole, python-cffi, python-dateutil,
python-django, python-pip, python-texttable, python-urllib3,
python-webob, qt5location, redis, refpolicy, ripgrep, runc,
sispmctl, squid, strongswan, supervisor, syslinux, tinycbor,
trace-cmd, uboot-tools, uclibc, wavemon, wireless-regdb, xen,
xserver_xorg-server
Issues resolved (http://bugs.uclibc.org):
#14206: Kodi: even when not enabled, forcefully selects libevdev..
#14211: libffi-3.3.tar.gz repacked
#14221: mv-ddr-marvell fails license validation
2021.02.5, released September 15th, 2021 2021.02.5, released September 15th, 2021
Important / security related fixes. Important / security related fixes.

4
buildroot/DEVELOPERS
View File

@ -289,7 +289,6 @@ F: package/ebtables/
F: package/i2c-tools/ F: package/i2c-tools/
F: package/libcurl/ F: package/libcurl/
F: package/libpcap/ F: package/libpcap/
F: package/openipmi/
F: package/socat/ F: package/socat/
F: package/strace/ F: package/strace/
F: package/tcpdump/ F: package/tcpdump/
@ -1032,8 +1031,10 @@ F: package/libnspr/
F: package/libnss/ F: package/libnss/
F: package/minicom/ F: package/minicom/
F: package/nfs-utils/ F: package/nfs-utils/
F: package/python-uvloop/
F: package/sunxi-mali-mainline/ F: package/sunxi-mali-mainline/
F: package/sunxi-mali-mainline-driver/ F: package/sunxi-mali-mainline-driver/
F: package/trace-cmd/
F: package/udisks/ F: package/udisks/
F: toolchain/ F: toolchain/
@ -1287,6 +1288,7 @@ F: package/rtty/
N: Joachim Wiberg <troglobit@gmail.com> N: Joachim Wiberg <troglobit@gmail.com>
F: configs/globalscale_espressobin_defconfig F: configs/globalscale_espressobin_defconfig
F: board/globalscale/espressobin/ F: board/globalscale/espressobin/
F: package/libite/
F: package/mg/ F: package/mg/
F: package/netcalc/ F: package/netcalc/
F: package/ssdp-responder/ F: package/ssdp-responder/

4
buildroot/Makefile
View File

@ -92,9 +92,9 @@ all:
.PHONY: all .PHONY: all
# Set and export the version string # Set and export the version string
export BR2_VERSION := 2021.02.5 export BR2_VERSION := 2021.02.6
# Actual time the release is cut (for reproducible builds) # Actual time the release is cut (for reproducible builds)
BR2_VERSION_EPOCH = 1631718000 BR2_VERSION_EPOCH = 1633977000
# Save running make version since it's clobbered by the make package # Save running make version since it's clobbered by the make package
RUNNING_MAKE_VERSION := $(MAKE_VERSION) RUNNING_MAKE_VERSION := $(MAKE_VERSION)

2
buildroot/boot/arm-trusted-firmware/arm-trusted-firmware.hash
View File

@ -1,3 +1,3 @@
# Locally calculated # Locally calculated
sha256 4bfda9fdbe5022f2e88ad3344165f7d38a8ae4a0e2d91d44d9a1603425cc642d arm-trusted-firmware-v2.4.tar.gz sha256 4bfda9fdbe5022f2e88ad3344165f7d38a8ae4a0e2d91d44d9a1603425cc642d arm-trusted-firmware-v2.4.tar.gz
sha256 487795b8023df866259fa159bab94706b747fb0d623b7913f1c4955c0ab5f164 license.rst sha256 13676fa9170d3e6da3f7562d2d47b8b71090b1b45013fbd329ef847841f3a0b1 docs/license.rst

4
buildroot/boot/arm-trusted-firmware/arm-trusted-firmware.mk
View File

@ -18,10 +18,10 @@ else
# Handle stable official ATF versions # Handle stable official ATF versions
ARM_TRUSTED_FIRMWARE_SITE = $(call github,ARM-software,arm-trusted-firmware,$(ARM_TRUSTED_FIRMWARE_VERSION)) ARM_TRUSTED_FIRMWARE_SITE = $(call github,ARM-software,arm-trusted-firmware,$(ARM_TRUSTED_FIRMWARE_VERSION))
# The licensing of custom or from-git versions is unknown. # The licensing of custom or from-git versions is unknown.
# This is valid only for the official v1.4. # This is valid only for the latest (i.e. known) version.
ifeq ($(BR2_TARGET_ARM_TRUSTED_FIRMWARE_LATEST_VERSION),y) ifeq ($(BR2_TARGET_ARM_TRUSTED_FIRMWARE_LATEST_VERSION),y)
ARM_TRUSTED_FIRMWARE_LICENSE = BSD-3-Clause ARM_TRUSTED_FIRMWARE_LICENSE = BSD-3-Clause
ARM_TRUSTED_FIRMWARE_LICENSE_FILES = license.rst ARM_TRUSTED_FIRMWARE_LICENSE_FILES = docs/license.rst
endif endif
endif endif

2
buildroot/boot/mv-ddr-marvell/mv-ddr-marvell.hash
View File

@ -1,3 +1,3 @@
# Locally calculated # Locally calculated
sha256 bfab74a625d65238c569b9df282b55c0fc9a1e2d3decedcf194d44774df2ede4 mv-ddr-marvell-305d923e6bc4236cd3b902f6679b0aef9e5fa52d.tar.gz sha256 bfab74a625d65238c569b9df282b55c0fc9a1e2d3decedcf194d44774df2ede4 mv-ddr-marvell-305d923e6bc4236cd3b902f6679b0aef9e5fa52d.tar.gz
sha256 69208236fc322026920b92d1d839ebdc521ca65379bfdb3368a24945e794fc78 ddr3_init.c sha256 48bb930b6fbc3f5db72e29c849b096df3868e4a6d2bdc0e2dd3365c768241cd5 ddr3_init.c

8
buildroot/boot/syslinux/syslinux.mk
View File

@ -14,7 +14,12 @@ SYSLINUX_LICENSE_FILES = COPYING
SYSLINUX_INSTALL_IMAGES = YES SYSLINUX_INSTALL_IMAGES = YES
# host-util-linux needed to provide libuuid when building host tools # host-util-linux needed to provide libuuid when building host tools
SYSLINUX_DEPENDENCIES = host-nasm host-upx util-linux host-util-linux SYSLINUX_DEPENDENCIES = \
host-nasm \
host-python3 \
host-upx \
host-util-linux \
util-linux
ifeq ($(BR2_TARGET_SYSLINUX_LEGACY_BIOS),y) ifeq ($(BR2_TARGET_SYSLINUX_LEGACY_BIOS),y)
SYSLINUX_TARGET += bios SYSLINUX_TARGET += bios
@ -59,6 +64,7 @@ define SYSLINUX_BUILD_CMDS
CC_FOR_BUILD="$(HOSTCC)" \ CC_FOR_BUILD="$(HOSTCC)" \
CFLAGS_FOR_BUILD="$(HOST_CFLAGS)" \ CFLAGS_FOR_BUILD="$(HOST_CFLAGS)" \
LDFLAGS_FOR_BUILD="$(HOST_LDFLAGS)" \ LDFLAGS_FOR_BUILD="$(HOST_LDFLAGS)" \
PYTHON=$(HOST_DIR)/bin/python3 \
$(SYSLINUX_EFI_ARGS) -C $(@D) $(SYSLINUX_TARGET) $(SYSLINUX_EFI_ARGS) -C $(@D) $(SYSLINUX_TARGET)
endef endef

8
buildroot/docs/manual/manual.html
View File

File diff suppressed because one or more lines are too long

BIN
buildroot/docs/manual/manual.pdf
View File

Binary file not shown.

8
buildroot/docs/manual/manual.text
View File

@ -174,13 +174,13 @@ List of Examples
--------------------------------------------------------------------- ---------------------------------------------------------------------
Buildroot 2021.02.5 manual generated on 2021-09-15 15:21:07 UTC from Buildroot 2021.02.6 manual generated on 2021-10-11 18:45:17 UTC from
git revision 767a2da72f git revision b1e32fa954
The Buildroot manual is written by the Buildroot developers. It is The Buildroot manual is written by the Buildroot developers. It is
licensed under the GNU General Public License, version 2. Refer to licensed under the GNU General Public License, version 2. Refer to
the COPYING [http://git.buildroot.org/buildroot/tree/COPYING?id= the COPYING [http://git.buildroot.org/buildroot/tree/COPYING?id=
767a2da72fc1690fde33b665851f20492ba5cd75] file in the Buildroot b1e32fa954faae7dce51ebee48981af3ace3c0ba] file in the Buildroot
sources for the full text of this license. sources for the full text of this license.
Copyright © 2004-2020 The Buildroot developers Copyright © 2004-2020 The Buildroot developers
@ -1750,7 +1750,7 @@ from the cross gdb.
Then, on the host, you should start the cross gdb using the following Then, on the host, you should start the cross gdb using the following
command line: command line:
<buildroot>/output/host/bin/<tuple>-gdb -x <buildroot>/output/staging/usr/share/buildroot/gdbinit foo <buildroot>/output/host/bin/<tuple>-gdb -ix <buildroot>/output/staging/usr/share/buildroot/gdbinit foo
Of course, foo must be available in the current directory, built with Of course, foo must be available in the current directory, built with
debugging symbols. Typically you start this command from the debugging symbols. Typically you start this command from the

2
buildroot/docs/manual/using-buildroot-debugger.txt
View File

@ -35,7 +35,7 @@ Then, on the host, you should start the cross gdb using the following
command line: command line:
---------------------------- ----------------------------
<buildroot>/output/host/bin/<tuple>-gdb -x <buildroot>/output/staging/usr/share/buildroot/gdbinit foo <buildroot>/output/host/bin/<tuple>-gdb -ix <buildroot>/output/staging/usr/share/buildroot/gdbinit foo
---------------------------- ----------------------------
Of course, +foo+ must be available in the current directory, built Of course, +foo+ must be available in the current directory, built

16
buildroot/fs/ext2/ext2.mk
View File

@ -4,32 +4,32 @@
# #
################################################################################ ################################################################################
EXT2_SIZE = $(call qstrip,$(BR2_TARGET_ROOTFS_EXT2_SIZE)) ROOTFS_EXT2_SIZE = $(call qstrip,$(BR2_TARGET_ROOTFS_EXT2_SIZE))
ifeq ($(BR2_TARGET_ROOTFS_EXT2)-$(EXT2_SIZE),y-) ifeq ($(BR2_TARGET_ROOTFS_EXT2)-$(ROOTFS_EXT2_SIZE),y-)
$(error BR2_TARGET_ROOTFS_EXT2_SIZE cannot be empty) $(error BR2_TARGET_ROOTFS_EXT2_SIZE cannot be empty)
endif endif
EXT2_MKFS_OPTS = $(call qstrip,$(BR2_TARGET_ROOTFS_EXT2_MKFS_OPTIONS)) ROOTFS_EXT2_MKFS_OPTS = $(call qstrip,$(BR2_TARGET_ROOTFS_EXT2_MKFS_OPTIONS))
# qstrip results in stripping consecutive spaces into a single one. So the # qstrip results in stripping consecutive spaces into a single one. So the
# variable is not qstrip-ed to preserve the integrity of the string value. # variable is not qstrip-ed to preserve the integrity of the string value.
EXT2_LABEL = $(subst ",,$(BR2_TARGET_ROOTFS_EXT2_LABEL)) ROOTFS_EXT2_LABEL = $(subst ",,$(BR2_TARGET_ROOTFS_EXT2_LABEL))
#" Syntax highlighting... :-/ ) #" Syntax highlighting... :-/ )
EXT2_OPTS = \ ROOTFS_EXT2_OPTS = \
-d $(TARGET_DIR) \ -d $(TARGET_DIR) \
-r $(BR2_TARGET_ROOTFS_EXT2_REV) \ -r $(BR2_TARGET_ROOTFS_EXT2_REV) \
-N $(BR2_TARGET_ROOTFS_EXT2_INODES) \ -N $(BR2_TARGET_ROOTFS_EXT2_INODES) \
-m $(BR2_TARGET_ROOTFS_EXT2_RESBLKS) \ -m $(BR2_TARGET_ROOTFS_EXT2_RESBLKS) \
-L "$(EXT2_LABEL)" \ -L "$(EXT2_LABEL)" \
$(EXT2_MKFS_OPTS) $(ROOTFS_EXT2_MKFS_OPTS)
ROOTFS_EXT2_DEPENDENCIES = host-e2fsprogs ROOTFS_EXT2_DEPENDENCIES = host-e2fsprogs
define ROOTFS_EXT2_CMD define ROOTFS_EXT2_CMD
rm -f $@ rm -f $@
$(HOST_DIR)/sbin/mkfs.ext$(BR2_TARGET_ROOTFS_EXT2_GEN) $(EXT2_OPTS) $@ \ $(HOST_DIR)/sbin/mkfs.ext$(BR2_TARGET_ROOTFS_EXT2_GEN) $(ROOTFS_EXT2_OPTS) $@ \
"$(EXT2_SIZE)" \ "$(ROOTFS_EXT2_SIZE)" \
|| { ret=$$?; \ || { ret=$$?; \
echo "*** Maybe you need to increase the filesystem size (BR2_TARGET_ROOTFS_EXT2_SIZE)" 1>&2; \ echo "*** Maybe you need to increase the filesystem size (BR2_TARGET_ROOTFS_EXT2_SIZE)" 1>&2; \
exit $$ret; \ exit $$ret; \

2
buildroot/package/alsa-lib/Config.in
View File

@ -22,7 +22,7 @@ if BR2_PACKAGE_ALSA_LIB
config BR2_PACKAGE_ALSA_LIB_PYTHON config BR2_PACKAGE_ALSA_LIB_PYTHON
bool "Python support for alsa-lib" bool "Python support for alsa-lib"
depends on BR2_PACKAGE_PYTHON depends on BR2_PACKAGE_PYTHON || BR2_PACKAGE_PYTHON3
help help
Add python support for alsa-lib. Add python support for alsa-lib.
Python will be built and libpython will be installed Python will be built and libpython will be installed

10
buildroot/package/alsa-lib/alsa-lib.mk
View File

@ -57,12 +57,22 @@ ALSA_LIB_CONF_OPTS += --disable-old-symbols
endif endif
ifeq ($(BR2_PACKAGE_ALSA_LIB_PYTHON),y) ifeq ($(BR2_PACKAGE_ALSA_LIB_PYTHON),y)
ALSA_LIB_CONF_OPTS += \
--enable-mixer-pymods
ifeq ($(BR2_PACKAGE_PYTHON),y)
ALSA_LIB_CONF_OPTS += \ ALSA_LIB_CONF_OPTS += \
--with-pythonlibs=-lpython$(PYTHON_VERSION_MAJOR) \ --with-pythonlibs=-lpython$(PYTHON_VERSION_MAJOR) \
--with-pythonincludes=$(STAGING_DIR)/usr/include/python$(PYTHON_VERSION_MAJOR) --with-pythonincludes=$(STAGING_DIR)/usr/include/python$(PYTHON_VERSION_MAJOR)
ALSA_LIB_CFLAGS += -I$(STAGING_DIR)/usr/include/python$(PYTHON_VERSION_MAJOR) ALSA_LIB_CFLAGS += -I$(STAGING_DIR)/usr/include/python$(PYTHON_VERSION_MAJOR)
ALSA_LIB_DEPENDENCIES = python ALSA_LIB_DEPENDENCIES = python
else else
ALSA_LIB_CONF_OPTS += \
--with-pythonlibs=-lpython$(PYTHON3_VERSION_MAJOR) \
--with-pythonincludes=$(STAGING_DIR)/usr/include/python$(PYTHON3_VERSION_MAJOR)
ALSA_LIB_CFLAGS += -I$(STAGING_DIR)/usr/include/python$(PYTHON3_VERSION_MAJOR)
ALSA_LIB_DEPENDENCIES = python3
endif
else
ALSA_LIB_CONF_OPTS += --disable-python ALSA_LIB_CONF_OPTS += --disable-python
endif endif

2
buildroot/package/apache/Config.in
View File

@ -13,7 +13,7 @@ config BR2_PACKAGE_APACHE
server that provides HTTP services in sync with the current server that provides HTTP services in sync with the current
HTTP standards. HTTP standards.
http://httpd.apache.org https://httpd.apache.org
if BR2_PACKAGE_APACHE if BR2_PACKAGE_APACHE

6
buildroot/package/apache/apache.hash
View File

@ -1,5 +1,5 @@
# From http://archive.apache.org/dist/httpd/httpd-2.4.46.tar.bz2.{sha256,sha512} # From https://downloads.apache.org/httpd/httpd-2.4.51.tar.bz2.{sha256,sha512}
sha256 1bc826e7b2e88108c7e4bf43c026636f77a41d849cfb667aa7b5c0b86dbf966c httpd-2.4.48.tar.bz2 sha256 20e01d81fecf077690a4439e3969a9b22a09a8d43c525356e863407741b838f4 httpd-2.4.51.tar.bz2
sha512 6c250626f1e7d10428a92d984fd48ff841effcc8705f7816ab71b681bbd51d0012ad158dcd13763fe7d630311f2de258b27574603140d648be42796ab8326724 httpd-2.4.48.tar.bz2 sha512 9fb07c4b176f5c0485a143e2b1bb1085345ca9120b959974f68c37a8911a57894d2cb488b1b42fdf3102860b99e890204f5e9fa7ae3828b481119c563812cc66 httpd-2.4.51.tar.bz2
# Locally computed # Locally computed
sha256 47b8c2b6c3309282a99d4a3001575c790fead690cc14734628c4667d2bbffc43 LICENSE sha256 47b8c2b6c3309282a99d4a3001575c790fead690cc14734628c4667d2bbffc43 LICENSE

4
buildroot/package/apache/apache.mk
View File

@ -4,9 +4,9 @@
# #
################################################################################ ################################################################################
APACHE_VERSION = 2.4.48 APACHE_VERSION = 2.4.51
APACHE_SOURCE = httpd-$(APACHE_VERSION).tar.bz2 APACHE_SOURCE = httpd-$(APACHE_VERSION).tar.bz2
APACHE_SITE = http://archive.apache.org/dist/httpd APACHE_SITE = https://downloads.apache.org/httpd
APACHE_LICENSE = Apache-2.0 APACHE_LICENSE = Apache-2.0
APACHE_LICENSE_FILES = LICENSE APACHE_LICENSE_FILES = LICENSE
APACHE_CPE_ID_VENDOR = apache APACHE_CPE_ID_VENDOR = apache

4
buildroot/package/atftp/atftp.hash
View File

@ -1,3 +1,3 @@
# Locally computed # Locally computed
sha256 d3c9cd0d971dfc786d7a5f4055c35d4e66aafc8102ac03473ef225bdf7edb26a atftp-0.7.4.tar.gz sha256 93c87a4fb18218414e008e01c995dadd231ba4c752d0f894b34416d1e6d3038a atftp-0.7.5.tar.gz
sha256 32b1062f7da84967e7019d01ab805935caa7ab7321a7ced0e30ebe75e5df1670 LICENSE sha256 86dc744860e6dfacfeba2f33fea908db03fe67c7e37a878285b7aae8e4596735 LICENSE

2
buildroot/package/atftp/atftp.mk
View File

@ -4,7 +4,7 @@
# #
################################################################################ ################################################################################
ATFTP_VERSION = 0.7.4 ATFTP_VERSION = 0.7.5
ATFTP_SITE = http://sourceforge.net/projects/atftp/files ATFTP_SITE = http://sourceforge.net/projects/atftp/files
ATFTP_LICENSE = GPL-2.0+ ATFTP_LICENSE = GPL-2.0+
ATFTP_LICENSE_FILES = LICENSE ATFTP_LICENSE_FILES = LICENSE

6
buildroot/package/bind/bind.hash
View File

@ -1,4 +1,4 @@
# Verified from https://ftp.isc.org/isc/bind9/9.11.31/bind-9.11.31.tar.gz.asc # Verified from https://ftp.isc.org/isc/bind9/9.11.35/bind-9.11.35.tar.gz.asc
# with key 2455774D42FDFE6B9C383EB8FE1002BC5970811F # with key E9AB6E79233C0416E8993F450C03AFA90A5967C4
sha256 f5f24457f42b2e86870d887596e47500e4d40521a098dcb96f3a06f18adfa36a bind-9.11.31.tar.gz sha256 1c882705827b6aafa45d917ae3b20eccccc8d5df3c4477df44b04382e6c47562 bind-9.11.35.tar.gz
sha256 cad49daa42654bc241762cd998630168a2542c8fd6fad3881e2eac1510bb6fcd COPYRIGHT sha256 cad49daa42654bc241762cd998630168a2542c8fd6fad3881e2eac1510bb6fcd COPYRIGHT

2
buildroot/package/bind/bind.mk
View File

@ -4,7 +4,7 @@
# #
################################################################################ ################################################################################
BIND_VERSION = 9.11.31 BIND_VERSION = 9.11.35
BIND_SITE = https://ftp.isc.org/isc/bind9/$(BIND_VERSION) BIND_SITE = https://ftp.isc.org/isc/bind9/$(BIND_VERSION)
# bind does not support parallel builds. # bind does not support parallel builds.
BIND_MAKE = $(MAKE1) BIND_MAKE = $(MAKE1)

38
buildroot/package/botan/0004-Avoid-using-short-exponents-with-ElGamal.patch Normal file
View File

@ -0,0 +1,38 @@
From 9a23e4e3bc3966340531f2ff608fa9d33b5185a2 Mon Sep 17 00:00:00 2001
From: Jack Lloyd <jack@randombit.net>
Date: Tue, 3 Aug 2021 18:20:29 -0400
Subject: [PATCH] Avoid using short exponents with ElGamal
Some off-brand PGP implementation generates keys where p - 1 is
smooth, as a result short exponents can leak enough information about
k to allow decryption.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
[Peter: Drop tests, CVE-2021-40529]
---
src/lib/pubkey/elgamal/elgamal.cpp | 8 +++-
1 file changed, 1 insertions(+), 1 deletions(-)
diff --git a/src/lib/pubkey/elgamal/elgamal.cpp b/src/lib/pubkey/elgamal/elgamal.cpp
index b3ec6df2c..0e33c2ca5 100644
--- a/src/lib/pubkey/elgamal/elgamal.cpp
+++ b/src/lib/pubkey/elgamal/elgamal.cpp
@@ -113,8 +113,12 @@ ElGamal_Encryption_Operation::raw_encrypt(const uint8_t msg[], size_t msg_len,
if(m >= m_group.get_p())
throw Invalid_Argument("ElGamal encryption: Input is too large");
- const size_t k_bits = m_group.exponent_bits();
- const BigInt k(rng, k_bits);
+ /*
+ Some ElGamal implementations foolishly use prime fields where p - 1 is
+ smooth, as a result it is unsafe to use short exponents.
+ */
+ const size_t k_bits = m_group.p_bits() - 1;
+ const BigInt k(rng, k_bits, false);
const BigInt a = m_group.power_g_p(k, k_bits);
const BigInt b = m_group.multiply_mod_p(m, monty_execute(*m_monty_y_p, k, k_bits));
-
--
2.20.1

5
buildroot/package/botan/botan.mk
View File

@ -11,6 +11,9 @@ BOTAN_LICENSE = BSD-2-Clause
BOTAN_LICENSE_FILES = license.txt BOTAN_LICENSE_FILES = license.txt
BOTAN_CPE_ID_VENDOR = botan_project BOTAN_CPE_ID_VENDOR = botan_project
# 0001-Avoid-using-short-exponents-with-ElGamal.patch
BOTAN_IGNORE_CVES += CVE-2021-40529
BOTAN_INSTALL_STAGING = YES BOTAN_INSTALL_STAGING = YES
BOTAN_CONF_OPTS = \ BOTAN_CONF_OPTS = \
@ -50,7 +53,7 @@ ifeq ($(BR2_TOOLCHAIN_USES_UCLIBC),y)
BOTAN_CONF_OPTS += --without-os-feature=getauxval BOTAN_CONF_OPTS += --without-os-feature=getauxval
endif endif
ifeq ($(BR2_PACKAGE_BOOST),y) ifeq ($(BR2_PACKAGE_BOOST_FILESYSTEM)$(BR2_PACKAGE_BOOST_SYSTEM),yy)
BOTAN_DEPENDENCIES += boost BOTAN_DEPENDENCIES += boost
BOTAN_CONF_OPTS += --with-boost BOTAN_CONF_OPTS += --with-boost
endif endif

4
buildroot/package/cryptopp/cryptopp.hash
View File

@ -1,5 +1,5 @@
# Hash from: https://www.cryptopp.com/release830.html: # Hash from: https://www.cryptopp.com/release860.html:
sha512 ad5219a66c5924d330d3646d0ff996dd235006f6812074bc4eb9e8c662a4f000ba20449d377f24b133d19ce682f7b2a3b2eb4c08857ce0f5bb39743d1d425147 cryptopp830.zip sha512 e7773f5e4a7dc7e8e735b1702524bee56ba38e5211544c9c9778bc51ed8dc7b376c17f2e406410043b636312336f26f76dc963f298872f8c13933e88c232fc03 cryptopp860.zip
# Hash for license file: # Hash for license file:
sha256 e668af8c73a38a66a1e8951d14ec24e7582fee5254dd6c3dae488a416d105d5f License.txt sha256 e668af8c73a38a66a1e8951d14ec24e7582fee5254dd6c3dae488a416d105d5f License.txt

2
buildroot/package/cryptopp/cryptopp.mk
View File

@ -4,7 +4,7 @@
# #
################################################################################ ################################################################################
CRYPTOPP_VERSION = 8.3.0 CRYPTOPP_VERSION = 8.6.0
CRYPTOPP_SOURCE = cryptopp$(subst .,,$(CRYPTOPP_VERSION)).zip CRYPTOPP_SOURCE = cryptopp$(subst .,,$(CRYPTOPP_VERSION)).zip
CRYPTOPP_SITE = https://cryptopp.com CRYPTOPP_SITE = https://cryptopp.com
CRYPTOPP_LICENSE = BSL-1.0, BSD-3-Clause (CRYPTOGAMS), Public domain (ChaCha SSE2 and AVX) CRYPTOPP_LICENSE = BSL-1.0, BSD-3-Clause (CRYPTOGAMS), Public domain (ChaCha SSE2 and AVX)

4
buildroot/package/dash/dash.hash
View File

@ -1,4 +1,4 @@
# From http://gondor.apana.org.au/~herbert/dash/files/dash-0.5.11.2.tar.gz.sha256sum # From http://gondor.apana.org.au/~herbert/dash/files/dash-0.5.11.5.tar.gz.sha512sum
sha256 62b9f1676ba6a7e8eaec541a39ea037b325253240d1f378c72360baa1cbcbc2a dash-0.5.11.3.tar.gz sha512 5387e213820eeb44d812bb4697543023fd4662b51a9ffd52a702810fed8b28d23fbe35a7f371e6686107de9f81902eff109458964b4622f4c5412d60190a66bf dash-0.5.11.5.tar.gz
# Locally calculated # Locally calculated
sha256 254a7894923ff62e69184a991dcbccae97edee58a1105e8efbe78caf10595d72 COPYING sha256 254a7894923ff62e69184a991dcbccae97edee58a1105e8efbe78caf10595d72 COPYING

2
buildroot/package/dash/dash.mk
View File

@ -4,7 +4,7 @@
# #
################################################################################ ################################################################################
DASH_VERSION = 0.5.11.3 DASH_VERSION = 0.5.11.5
DASH_SITE = http://gondor.apana.org.au/~herbert/dash/files DASH_SITE = http://gondor.apana.org.au/~herbert/dash/files
DASH_LICENSE = BSD-3-Clause, GPL-2.0+ (mksignames.c) DASH_LICENSE = BSD-3-Clause, GPL-2.0+ (mksignames.c)
DASH_LICENSE_FILES = COPYING DASH_LICENSE_FILES = COPYING

2
buildroot/package/dc3dd/Config.in
View File

@ -1,6 +1,7 @@
config BR2_PACKAGE_DC3DD config BR2_PACKAGE_DC3DD
bool "dc3dd" bool "dc3dd"
depends on !BR2_RISCV_32 depends on !BR2_RISCV_32
depends on !BR2_arc
depends on BR2_TOOLCHAIN_HAS_THREADS depends on BR2_TOOLCHAIN_HAS_THREADS
depends on !BR2_TOOLCHAIN_USES_MUSL depends on !BR2_TOOLCHAIN_USES_MUSL
help help
@ -13,5 +14,6 @@ config BR2_PACKAGE_DC3DD
comment "dc3dd needs a glibc or uClibc toolchain w/ threads" comment "dc3dd needs a glibc or uClibc toolchain w/ threads"
depends on !BR2_RISCV_32 depends on !BR2_RISCV_32
depends on !BR2_arc
depends on !BR2_TOOLCHAIN_HAS_THREADS || \ depends on !BR2_TOOLCHAIN_HAS_THREADS || \
BR2_TOOLCHAIN_USES_MUSL BR2_TOOLCHAIN_USES_MUSL

2
buildroot/package/docker-cli/docker-cli.hash
View File

@ -1,3 +1,3 @@
# Locally calculated # Locally calculated
sha256 0a7848b1b5031483de075433506d0448ddf834368d9c73770e453e0b89b49747 docker-cli-20.10.7.tar.gz sha256 cde34bbefd70fa27b44dfa904c40db84b89abf237e5267dcd08603b459a89253 docker-cli-20.10.8.tar.gz
sha256 2d81ea060825006fc8f3fe28aa5dc0ffeb80faf325b612c955229157b8c10dc0 LICENSE sha256 2d81ea060825006fc8f3fe28aa5dc0ffeb80faf325b612c955229157b8c10dc0 LICENSE

2
buildroot/package/docker-cli/docker-cli.mk
View File

@ -4,7 +4,7 @@
# #
################################################################################ ################################################################################
DOCKER_CLI_VERSION = 20.10.7 DOCKER_CLI_VERSION = 20.10.8
DOCKER_CLI_SITE = $(call github,docker,cli,v$(DOCKER_CLI_VERSION)) DOCKER_CLI_SITE = $(call github,docker,cli,v$(DOCKER_CLI_VERSION))
DOCKER_CLI_LICENSE = Apache-2.0 DOCKER_CLI_LICENSE = Apache-2.0

2
buildroot/package/docker-containerd/docker-containerd.hash
View File

@ -1,3 +1,3 @@
# Computed locally # Computed locally
sha256 ac62c64664bf62fd44df0891c896eecdb6d93def3438271d7892dca75bc069d1 docker-containerd-1.4.4.tar.gz sha256 3bb9f54be022067847f5930d21ebbfe4e7a67f589d78930aa0ac713492c28bcc docker-containerd-1.4.9.tar.gz
sha256 4bbe3b885e8cd1907ab4cf9a41e862e74e24b5422297a4f2fe524e6a30ada2b4 LICENSE sha256 4bbe3b885e8cd1907ab4cf9a41e862e74e24b5422297a4f2fe524e6a30ada2b4 LICENSE

2
buildroot/package/docker-containerd/docker-containerd.mk
View File

@ -4,7 +4,7 @@
# #
################################################################################ ################################################################################
DOCKER_CONTAINERD_VERSION = 1.4.4 DOCKER_CONTAINERD_VERSION = 1.4.9
DOCKER_CONTAINERD_SITE = $(call github,containerd,containerd,v$(DOCKER_CONTAINERD_VERSION)) DOCKER_CONTAINERD_SITE = $(call github,containerd,containerd,v$(DOCKER_CONTAINERD_VERSION))
DOCKER_CONTAINERD_LICENSE = Apache-2.0 DOCKER_CONTAINERD_LICENSE = Apache-2.0
DOCKER_CONTAINERD_LICENSE_FILES = LICENSE DOCKER_CONTAINERD_LICENSE_FILES = LICENSE

2
buildroot/package/docker-engine/docker-engine.hash
View File

@ -1,3 +1,3 @@
# Locally calculated # Locally calculated
sha256 b80142035de46904605fb7b8f18075cd94154f8c3d67ff346ea554d1e9d579b9 docker-engine-20.10.7.tar.gz sha256 2505d00032f5d40ead5ac779c2840303dcead04713c93ba974be4c19b3ab8d0a docker-engine-20.10.8.tar.gz
sha256 7c87873291f289713ac5df48b1f2010eb6963752bbd6b530416ab99fc37914a8 LICENSE sha256 7c87873291f289713ac5df48b1f2010eb6963752bbd6b530416ab99fc37914a8 LICENSE

2
buildroot/package/docker-engine/docker-engine.mk
View File

@ -4,7 +4,7 @@
# #
################################################################################ ################################################################################
DOCKER_ENGINE_VERSION = 20.10.7 DOCKER_ENGINE_VERSION = 20.10.8
DOCKER_ENGINE_SITE = $(call github,moby,moby,v$(DOCKER_ENGINE_VERSION)) DOCKER_ENGINE_SITE = $(call github,moby,moby,v$(DOCKER_ENGINE_VERSION))
DOCKER_ENGINE_LICENSE = Apache-2.0 DOCKER_ENGINE_LICENSE = Apache-2.0

2
buildroot/package/docker-proxy/docker-proxy.hash
View File

@ -1,3 +1,3 @@
# Locally calculated # Locally calculated
sha256 90a8dc84bc5d2d74dee0b2c3544f8786598ff85e9fc9f6a55a15b60b7cd78d63 docker-proxy-b3507428be5b458cb0e2b4086b13531fb0706e46.tar.gz sha256 ede21e645ff6552b3a508f6186d3f34d267015ec0f96eefecf6d08c03cbd2987 docker-proxy-64b7a4574d1426139437d20e81c0b6d391130ec8.tar.gz
sha256 cb5e8e7e5f4a3988e1063c142c60dc2df75605f4c46515e776e3aca6df976e14 LICENSE sha256 cb5e8e7e5f4a3988e1063c142c60dc2df75605f4c46515e776e3aca6df976e14 LICENSE

2
buildroot/package/docker-proxy/docker-proxy.mk
View File

@ -4,7 +4,7 @@
# #
################################################################################ ################################################################################
DOCKER_PROXY_VERSION = b3507428be5b458cb0e2b4086b13531fb0706e46 DOCKER_PROXY_VERSION = 64b7a4574d1426139437d20e81c0b6d391130ec8
DOCKER_PROXY_SITE = $(call github,moby,libnetwork,$(DOCKER_PROXY_VERSION)) DOCKER_PROXY_SITE = $(call github,moby,libnetwork,$(DOCKER_PROXY_VERSION))
DOCKER_PROXY_LICENSE = Apache-2.0 DOCKER_PROXY_LICENSE = Apache-2.0

2
buildroot/package/dovecot/dovecot.mk
View File

@ -15,8 +15,6 @@ DOVECOT_DEPENDENCIES = \
host-pkgconf \ host-pkgconf \
$(if $(BR2_PACKAGE_LIBICONV),libiconv) \ $(if $(BR2_PACKAGE_LIBICONV),libiconv) \
openssl openssl
# add host-gettext for AM_ICONV macro
DOVECOT_DEPENDENCIES += host-gettext
# CVE-2016-4983 is an issue in a postinstall script in the dovecot rpm, which # CVE-2016-4983 is an issue in a postinstall script in the dovecot rpm, which
# is part of the Red Hat packaging and not part of upstream dovecot # is part of the Red Hat packaging and not part of upstream dovecot

3
buildroot/package/erlang/erlang.mk vendored
View File

@ -16,6 +16,9 @@ ERLANG_CPE_ID_VENDOR = erlang
ERLANG_CPE_ID_PRODUCT = erlang\/otp ERLANG_CPE_ID_PRODUCT = erlang\/otp
ERLANG_INSTALL_STAGING = YES ERLANG_INSTALL_STAGING = YES
# windows specific issue: https://nvd.nist.gov/vuln/detail/CVE-2021-29221
ERLANG_IGNORE_CVES += CVE-2021-29221
# Remove the leftover deps directory from the ssl app # Remove the leftover deps directory from the ssl app
# See https://bugs.erlang.org/browse/ERL-1168 # See https://bugs.erlang.org/browse/ERL-1168
define ERLANG_REMOVE_SSL_DEPS define ERLANG_REMOVE_SSL_DEPS

8
buildroot/package/fetchmail/fetchmail.hash
View File

@ -1,6 +1,4 @@
# From https://sourceforge.net/p/fetchmail/mailman/message/37327392/ # From https://sourceforge.net/p/fetchmail/mailman/message/37350119/
sha256 6a459c1cafd7a1daa5cd137140da60c18c84b5699cd8e7249a79c33342c99d1d fetchmail-6.4.21.tar.xz sha256 cc6818bd59435602169fa292d6d163d56b21c7f53112829470a3aceabe612c84 fetchmail-6.4.22.tar.xz
# From https://sourceforge.net/projects/fetchmail/files/branch_6.4/
sha1 a264c50256c2b42d2c7893f9efae7c9a29350786 fetchmail-6.4.21.tar.xz
# Locally computed: # Locally computed:
sha256 6346b5aa04e258fa4326272ea92372d796b4382aa963535ae98a3bb5f8cd5aeb COPYING sha256 001d1b8d111a83e3bab8b4d511ea4767d37d3bd0583560fccece630df1ba8f3c COPYING

2
buildroot/package/fetchmail/fetchmail.mk
View File

@ -5,7 +5,7 @@
################################################################################ ################################################################################
FETCHMAIL_VERSION_MAJOR = 6.4 FETCHMAIL_VERSION_MAJOR = 6.4
FETCHMAIL_VERSION = $(FETCHMAIL_VERSION_MAJOR).21 FETCHMAIL_VERSION = $(FETCHMAIL_VERSION_MAJOR).22
FETCHMAIL_SOURCE = fetchmail-$(FETCHMAIL_VERSION).tar.xz FETCHMAIL_SOURCE = fetchmail-$(FETCHMAIL_VERSION).tar.xz
FETCHMAIL_SITE = http://downloads.sourceforge.net/project/fetchmail/branch_$(FETCHMAIL_VERSION_MAJOR) FETCHMAIL_SITE = http://downloads.sourceforge.net/project/fetchmail/branch_$(FETCHMAIL_VERSION_MAJOR)
FETCHMAIL_LICENSE = GPL-2.0; some exceptions are mentioned in COPYING FETCHMAIL_LICENSE = GPL-2.0; some exceptions are mentioned in COPYING

2
buildroot/package/gdb/gdb.mk
View File

@ -156,7 +156,7 @@ ifeq ($(BR2_PACKAGE_GDB_DEBUGGER),y)
GDB_CONF_OPTS += \ GDB_CONF_OPTS += \
--enable-gdb \ --enable-gdb \
--with-curses --with-curses
GDB_DEPENDENCIES = ncurses \ GDB_DEPENDENCIES += ncurses \
$(if $(BR2_PACKAGE_LIBICONV),libiconv) $(if $(BR2_PACKAGE_LIBICONV),libiconv)
else else
GDB_CONF_OPTS += \ GDB_CONF_OPTS += \

234
buildroot/package/ghostscript/0002-Bug-704342-Include-device-specifier-strings-in-acces.patch Normal file
View File

@ -0,0 +1,234 @@
From a9bd3dec9fde03327a4a2c69dad1036bf9632e20 Mon Sep 17 00:00:00 2001
From: Chris Liddell <chris.liddell@artifex.com>
Date: Tue, 7 Sep 2021 20:36:12 +0100
Subject: [PATCH] Bug 704342: Include device specifier strings in access
validation
for the "%pipe%", %handle%" and %printer% io devices.
We previously validated only the part after the "%pipe%" Postscript device
specifier, but this proved insufficient.
This rebuilds the original file name string, and validates it complete. The
slight complication for "%pipe%" is it can be reached implicitly using
"|" so we have to check both prefixes.
Addresses CVE-2021-3781
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
---
base/gdevpipe.c | 22 +++++++++++++++-
base/gp_mshdl.c | 11 +++++++-
base/gp_msprn.c | 10 ++++++-
base/gp_os2pr.c | 13 +++++++++-
base/gslibctx.c | 69 ++++++++++---------------------------------------
5 files changed, 65 insertions(+), 60 deletions(-)
diff --git a/base/gdevpipe.c b/base/gdevpipe.c
index 96d71f5d8..5bdc485be 100644
--- a/base/gdevpipe.c
+++ b/base/gdevpipe.c
@@ -72,8 +72,28 @@ pipe_fopen(gx_io_device * iodev, const char *fname, const char *access,
#else
gs_lib_ctx_t *ctx = mem->gs_lib_ctx;
gs_fs_list_t *fs = ctx->core->fs;
+ /* The pipe device can be reached in two ways, explicltly with %pipe%
+ or implicitly with "|", so we have to check for both
+ */
+ char f[gp_file_name_sizeof];
+ const char *pipestr = "|";
+ const size_t pipestrlen = strlen(pipestr);
+ const size_t preflen = strlen(iodev->dname);
+ const size_t nlen = strlen(fname);
+ int code1;
+
+ if (preflen + nlen >= gp_file_name_sizeof)
+ return_error(gs_error_invalidaccess);
+
+ memcpy(f, iodev->dname, preflen);
+ memcpy(f + preflen, fname, nlen + 1);
+
+ code1 = gp_validate_path(mem, f, access);
+
+ memcpy(f, pipestr, pipestrlen);
+ memcpy(f + pipestrlen, fname, nlen + 1);
- if (gp_validate_path(mem, fname, access) != 0)
+ if (code1 != 0 && gp_validate_path(mem, f, access) != 0 )
return gs_error_invalidfileaccess;
/*
diff --git a/base/gp_mshdl.c b/base/gp_mshdl.c
index 2b964ed74..8d87ceadc 100644
--- a/base/gp_mshdl.c
+++ b/base/gp_mshdl.c
@@ -95,8 +95,17 @@ mswin_handle_fopen(gx_io_device * iodev, const char *fname, const char *access,
long hfile; /* Correct for Win32, may be wrong for Win64 */
gs_lib_ctx_t *ctx = mem->gs_lib_ctx;
gs_fs_list_t *fs = ctx->core->fs;
+ char f[gp_file_name_sizeof];
+ const size_t preflen = strlen(iodev->dname);
+ const size_t nlen = strlen(fname);
- if (gp_validate_path(mem, fname, access) != 0)
+ if (preflen + nlen >= gp_file_name_sizeof)
+ return_error(gs_error_invalidaccess);
+
+ memcpy(f, iodev->dname, preflen);
+ memcpy(f + preflen, fname, nlen + 1);
+
+ if (gp_validate_path(mem, f, access) != 0)
return gs_error_invalidfileaccess;
/* First we try the open_handle method. */
diff --git a/base/gp_msprn.c b/base/gp_msprn.c
index ed4827968..746a974f7 100644
--- a/base/gp_msprn.c
+++ b/base/gp_msprn.c
@@ -168,8 +168,16 @@ mswin_printer_fopen(gx_io_device * iodev, const char *fname, const char *access,
uintptr_t *ptid = &((tid_t *)(iodev->state))->tid;
gs_lib_ctx_t *ctx = mem->gs_lib_ctx;
gs_fs_list_t *fs = ctx->core->fs;
+ const size_t preflen = strlen(iodev->dname);
+ const size_t nlen = strlen(fname);
- if (gp_validate_path(mem, fname, access) != 0)
+ if (preflen + nlen >= gp_file_name_sizeof)
+ return_error(gs_error_invalidaccess);
+
+ memcpy(pname, iodev->dname, preflen);
+ memcpy(pname + preflen, fname, nlen + 1);
+
+ if (gp_validate_path(mem, pname, access) != 0)
return gs_error_invalidfileaccess;
/* First we try the open_printer method. */
diff --git a/base/gp_os2pr.c b/base/gp_os2pr.c
index f852c71fc..ba54cde66 100644
--- a/base/gp_os2pr.c
+++ b/base/gp_os2pr.c
@@ -107,9 +107,20 @@ os2_printer_fopen(gx_io_device * iodev, const char *fname, const char *access,
FILE ** pfile, char *rfname, uint rnamelen)
{
os2_printer_t *pr = (os2_printer_t *)iodev->state;
- char driver_name[256];
+ char driver_name[gp_file_name_sizeof];
gs_lib_ctx_t *ctx = mem->gs_lib_ctx;
gs_fs_list_t *fs = ctx->core->fs;
+ const size_t preflen = strlen(iodev->dname);
+ const int size_t = strlen(fname);
+
+ if (preflen + nlen >= gp_file_name_sizeof)
+ return_error(gs_error_invalidaccess);
+
+ memcpy(driver_name, iodev->dname, preflen);
+ memcpy(driver_name + preflen, fname, nlen + 1);
+
+ if (gp_validate_path(mem, driver_name, access) != 0)
+ return gs_error_invalidfileaccess;
/* First we try the open_printer method. */
/* Note that the loop condition here ensures we don't
diff --git a/base/gslibctx.c b/base/gslibctx.c
index 6dfed6cd5..318039fad 100644
--- a/base/gslibctx.c
+++ b/base/gslibctx.c
@@ -655,82 +655,39 @@ rewrite_percent_specifiers(char *s)
int
gs_add_outputfile_control_path(gs_memory_t *mem, const char *fname)
{
- char *fp, f[gp_file_name_sizeof];
- const int pipe = 124; /* ASCII code for '|' */
- const int len = strlen(fname);
- int i, code;
+ char f[gp_file_name_sizeof];
+ int code;
/* Be sure the string copy will fit */
- if (len >= gp_file_name_sizeof)
+ if (strlen(fname) >= gp_file_name_sizeof)
return gs_error_rangecheck;
strcpy(f, fname);
- fp = f;
/* Try to rewrite any %d (or similar) in the string */
rewrite_percent_specifiers(f);
- for (i = 0; i < len; i++) {
- if (f[i] == pipe) {
- fp = &f[i + 1];
- /* Because we potentially have to check file permissions at two levels
- for the output file (gx_device_open_output_file and the low level
- fopen API, if we're using a pipe, we have to add both the full string,
- (including the '|', and just the command to which we pipe - since at
- the pipe_fopen(), the leading '|' has been stripped.
- */
- code = gs_add_control_path(mem, gs_permit_file_writing, f);
- if (code < 0)
- return code;
- code = gs_add_control_path(mem, gs_permit_file_control, f);
- if (code < 0)
- return code;
- break;
- }
- if (!IS_WHITESPACE(f[i]))
- break;
- }
- code = gs_add_control_path(mem, gs_permit_file_control, fp);
+
+ code = gs_add_control_path(mem, gs_permit_file_control, f);
if (code < 0)
return code;
- return gs_add_control_path(mem, gs_permit_file_writing, fp);
+ return gs_add_control_path(mem, gs_permit_file_writing, f);
}
int
gs_remove_outputfile_control_path(gs_memory_t *mem, const char *fname)
{
- char *fp, f[gp_file_name_sizeof];
- const int pipe = 124; /* ASCII code for '|' */
- const int len = strlen(fname);
- int i, code;
+ char f[gp_file_name_sizeof];
+ int code;
/* Be sure the string copy will fit */
- if (len >= gp_file_name_sizeof)
+ if (strlen(fname) >= gp_file_name_sizeof)
return gs_error_rangecheck;
strcpy(f, fname);
- fp = f;
/* Try to rewrite any %d (or similar) in the string */
- for (i = 0; i < len; i++) {
- if (f[i] == pipe) {
- fp = &f[i + 1];
- /* Because we potentially have to check file permissions at two levels
- for the output file (gx_device_open_output_file and the low level
- fopen API, if we're using a pipe, we have to add both the full string,
- (including the '|', and just the command to which we pipe - since at
- the pipe_fopen(), the leading '|' has been stripped.
- */
- code = gs_remove_control_path(mem, gs_permit_file_writing, f);
- if (code < 0)
- return code;
- code = gs_remove_control_path(mem, gs_permit_file_control, f);
- if (code < 0)
- return code;
- break;
- }
- if (!IS_WHITESPACE(f[i]))
- break;
- }
- code = gs_remove_control_path(mem, gs_permit_file_control, fp);
+ rewrite_percent_specifiers(f);
+
+ code = gs_remove_control_path(mem, gs_permit_file_control, f);
if (code < 0)
return code;
- return gs_remove_control_path(mem, gs_permit_file_writing, fp);
+ return gs_remove_control_path(mem, gs_permit_file_writing, f);
}
int
--
2.20.1

3
buildroot/package/ghostscript/ghostscript.mk
View File

@ -21,6 +21,9 @@ GHOSTSCRIPT_DEPENDENCIES = \
libpng \ libpng \
tiff tiff
# 0002-Bug-704342-Include-device-specifier-strings-in-acces.patch
GHOSTSCRIPT_IGNORE_CVES += CVE-2021-3781
# Ghostscript includes (old) copies of several libraries, delete them. # Ghostscript includes (old) copies of several libraries, delete them.
# Inspired by linuxfromscratch: # Inspired by linuxfromscratch:
# http://www.linuxfromscratch.org/blfs/view/svn/pst/gs.html # http://www.linuxfromscratch.org/blfs/view/svn/pst/gs.html

2
buildroot/package/go/go.hash
View File

@ -1,3 +1,3 @@
# From https://golang.org/dl/ # From https://golang.org/dl/
sha256 8f2a8c24b793375b3243df82fdb0c8387486dcc8a892ca1c991aa99ace086b98 go1.16.8.src.tar.gz sha256 0a1cc7fd7bd20448f71ebed64d846138850d5099b18cf5cc10a4fc45160d8c3d go1.16.9.src.tar.gz
sha256 2d36597f7117c38b006835ae7f537487207d8ec407aa9d9980794b2030cbc067 LICENSE sha256 2d36597f7117c38b006835ae7f537487207d8ec407aa9d9980794b2030cbc067 LICENSE

2
buildroot/package/go/go.mk
View File

@ -4,7 +4,7 @@
# #
################################################################################ ################################################################################
GO_VERSION = 1.16.8 GO_VERSION = 1.16.9
GO_SITE = https://storage.googleapis.com/golang GO_SITE = https://storage.googleapis.com/golang
GO_SOURCE = go$(GO_VERSION).src.tar.gz GO_SOURCE = go$(GO_VERSION).src.tar.gz

4
buildroot/package/gstreamer1/gst-omx/gst-omx.hash
View File

@ -1,3 +1,3 @@
# From https://gstreamer.freedesktop.org/src/gst-omx/gst-omx-1.18.4.tar.xz.sha256sum # From https://gstreamer.freedesktop.org/src/gst-omx/gst-omx-1.18.5.tar.xz.sha256sum
sha256 e35051cf891eb2f31d6fcf176ff37d985f97f33874ac31b0b3ad3b5b95035043 gst-omx-1.18.4.tar.xz sha256 2cd457c1e8deb1a9b39608048fb36a44f6c9a864a6b6115b1453a32e7be93b42 gst-omx-1.18.5.tar.xz
sha256 dc626520dcd53a22f727af3ee42c770e56c97a64fe3adb063799d8ab032fe551 COPYING sha256 dc626520dcd53a22f727af3ee42c770e56c97a64fe3adb063799d8ab032fe551 COPYING

2
buildroot/package/gstreamer1/gst-omx/gst-omx.mk
View File

@ -4,7 +4,7 @@
# #
################################################################################ ################################################################################
GST_OMX_VERSION = 1.18.4 GST_OMX_VERSION = 1.18.5
GST_OMX_SOURCE = gst-omx-$(GST_OMX_VERSION).tar.xz GST_OMX_SOURCE = gst-omx-$(GST_OMX_VERSION).tar.xz
GST_OMX_SITE = https://gstreamer.freedesktop.org/src/gst-omx GST_OMX_SITE = https://gstreamer.freedesktop.org/src/gst-omx

4
buildroot/package/gstreamer1/gst1-devtools/gst1-devtools.hash
View File

@ -1,3 +1,3 @@
# From https://gstreamer.freedesktop.org/src/gst-devtools/gst-devtools-1.18.4.tar.xz.sha256sum # From https://gstreamer.freedesktop.org/src/gst-devtools/gst-devtools-1.18.5.tar.xz.sha256sum
sha256 ffbd194c40912cb5e7fca2863648bf9dd8257b7af97d3a60c4fcd4efd8526ccf gst-devtools-1.18.4.tar.xz sha256 fecffc86447daf5c2a06843c757a991d745caa2069446a0d746e99b13f7cb079 gst-devtools-1.18.5.tar.xz
sha256 6095e9ffa777dd22839f7801aa845b31c9ed07f3d6bf8a26dc5d2dec8ccc0ef3 validate/COPYING sha256 6095e9ffa777dd22839f7801aa845b31c9ed07f3d6bf8a26dc5d2dec8ccc0ef3 validate/COPYING

2
buildroot/package/gstreamer1/gst1-devtools/gst1-devtools.mk
View File

@ -4,7 +4,7 @@
# #
################################################################################ ################################################################################
GST1_DEVTOOLS_VERSION = 1.18.4 GST1_DEVTOOLS_VERSION = 1.18.5
GST1_DEVTOOLS_SOURCE = gst-devtools-$(GST1_DEVTOOLS_VERSION).tar.xz GST1_DEVTOOLS_SOURCE = gst-devtools-$(GST1_DEVTOOLS_VERSION).tar.xz
GST1_DEVTOOLS_SITE = https://gstreamer.freedesktop.org/src/gst-devtools GST1_DEVTOOLS_SITE = https://gstreamer.freedesktop.org/src/gst-devtools
GST1_DEVTOOLS_LICENSE = LGPL-2.1+ GST1_DEVTOOLS_LICENSE = LGPL-2.1+

2
buildroot/package/gstreamer1/gst1-interpipe/gst1-interpipe.hash
View File

@ -1,5 +1,5 @@
# locally computed hash # locally computed hash
sha256 2fd86aebfe03849a19e9d02db3a8f97bf6f77de835d36ae84282d6f734df323c gst1-interpipe-1.1.4-br1.tar.gz sha256 00d3a91625f6cc5d263f35b9330b4ba6eb40781be2e823231e5b2be9281e1fb4 gst1-interpipe-1.1.6-br1.tar.gz
# Hashes for license files: # Hashes for license files:
sha256 16d7caa6cabbfd0ca47e064a7b48cb446d013e84ca88c854d6470851752136d5 COPYING sha256 16d7caa6cabbfd0ca47e064a7b48cb446d013e84ca88c854d6470851752136d5 COPYING

2
buildroot/package/gstreamer1/gst1-interpipe/gst1-interpipe.mk
View File

@ -4,7 +4,7 @@
# #
################################################################################ ################################################################################
GST1_INTERPIPE_VERSION = 1.1.4 GST1_INTERPIPE_VERSION = 1.1.6
GST1_INTERPIPE_SITE = https://github.com/RidgeRun/gst-interpipe GST1_INTERPIPE_SITE = https://github.com/RidgeRun/gst-interpipe
GST1_INTERPIPE_SITE_METHOD = git GST1_INTERPIPE_SITE_METHOD = git
# fetch gst-interpipe/common sub module # fetch gst-interpipe/common sub module

4
buildroot/package/gstreamer1/gst1-libav/gst1-libav.hash
View File

@ -1,3 +1,3 @@
# From https://gstreamer.freedesktop.org/src/gst-libav/gst-libav-1.18.4.tar.xz.sha256sum # From https://gstreamer.freedesktop.org/src/gst-libav/gst-libav-1.18.5.tar.xz.sha256sum
sha256 344a463badca216c2cef6ee36f9510c190862bdee48dc4591c0a430df7e8c396 gst-libav-1.18.4.tar.xz sha256 822e008a910e9dd13aedbdd8dc63fedef4040c0ee2e927bab3112e9de693a548 gst-libav-1.18.5.tar.xz
sha256 f445dc78b88496f7e20c7a2a461b95baba5865c8919b8289ac24ac0a80c6ce7a COPYING sha256 f445dc78b88496f7e20c7a2a461b95baba5865c8919b8289ac24ac0a80c6ce7a COPYING

2
buildroot/package/gstreamer1/gst1-libav/gst1-libav.mk
View File

@ -4,7 +4,7 @@
# #
################################################################################ ################################################################################
GST1_LIBAV_VERSION = 1.18.4 GST1_LIBAV_VERSION = 1.18.5
GST1_LIBAV_SOURCE = gst-libav-$(GST1_LIBAV_VERSION).tar.xz GST1_LIBAV_SOURCE = gst-libav-$(GST1_LIBAV_VERSION).tar.xz
GST1_LIBAV_SITE = https://gstreamer.freedesktop.org/src/gst-libav GST1_LIBAV_SITE = https://gstreamer.freedesktop.org/src/gst-libav
GST1_LIBAV_LICENSE = LGPL-2.0+ GST1_LIBAV_LICENSE = LGPL-2.0+

4
buildroot/package/gstreamer1/gst1-plugins-bad/gst1-plugins-bad.hash
View File

@ -1,3 +1,3 @@
# From https://gstreamer.freedesktop.org/src/gst-plugins-bad/gst-plugins-bad-1.18.4.tar.xz.sha256sum # From https://gstreamer.freedesktop.org/src/gst-plugins-bad/gst-plugins-bad-1.18.5.tar.xz.sha256sum
sha256 74e806bc5595b18c70e9ca93571e27e79dfb808e5d2e7967afa952b52e99c85f gst-plugins-bad-1.18.4.tar.xz sha256 a164923b94f0d08578a6fcaeaac6e0c05da788a46903a1086870e9ca45ad678e gst-plugins-bad-1.18.5.tar.xz
sha256 dc626520dcd53a22f727af3ee42c770e56c97a64fe3adb063799d8ab032fe551 COPYING sha256 dc626520dcd53a22f727af3ee42c770e56c97a64fe3adb063799d8ab032fe551 COPYING

2
buildroot/package/gstreamer1/gst1-plugins-bad/gst1-plugins-bad.mk
View File

@ -4,7 +4,7 @@
# #
################################################################################ ################################################################################
GST1_PLUGINS_BAD_VERSION = 1.18.4 GST1_PLUGINS_BAD_VERSION = 1.18.5
GST1_PLUGINS_BAD_SOURCE = gst-plugins-bad-$(GST1_PLUGINS_BAD_VERSION).tar.xz GST1_PLUGINS_BAD_SOURCE = gst-plugins-bad-$(GST1_PLUGINS_BAD_VERSION).tar.xz
GST1_PLUGINS_BAD_SITE = https://gstreamer.freedesktop.org/src/gst-plugins-bad GST1_PLUGINS_BAD_SITE = https://gstreamer.freedesktop.org/src/gst-plugins-bad
GST1_PLUGINS_BAD_INSTALL_STAGING = YES GST1_PLUGINS_BAD_INSTALL_STAGING = YES

4
buildroot/package/gstreamer1/gst1-plugins-base/gst1-plugins-base.hash
View File

@ -1,3 +1,3 @@
# From https://gstreamer.freedesktop.org/src/gst-plugins-base/gst-plugins-base-1.18.4.tar.xz.sha256sum # From https://gstreamer.freedesktop.org/src/gst-plugins-base/gst-plugins-base-1.18.5.tar.xz.sha256sum
sha256 29e53229a84d01d722f6f6db13087231cdf6113dd85c25746b9b58c3d68e8323 gst-plugins-base-1.18.4.tar.xz sha256 960b7af4585700db0fdd5b843554e11e2564fed9e061f591fae88a7be6446fa3 gst-plugins-base-1.18.5.tar.xz
sha256 f445dc78b88496f7e20c7a2a461b95baba5865c8919b8289ac24ac0a80c6ce7a COPYING sha256 f445dc78b88496f7e20c7a2a461b95baba5865c8919b8289ac24ac0a80c6ce7a COPYING

2
buildroot/package/gstreamer1/gst1-plugins-base/gst1-plugins-base.mk
View File

@ -4,7 +4,7 @@
# #
################################################################################ ################################################################################
GST1_PLUGINS_BASE_VERSION = 1.18.4 GST1_PLUGINS_BASE_VERSION = 1.18.5
GST1_PLUGINS_BASE_SOURCE = gst-plugins-base-$(GST1_PLUGINS_BASE_VERSION).tar.xz GST1_PLUGINS_BASE_SOURCE = gst-plugins-base-$(GST1_PLUGINS_BASE_VERSION).tar.xz
GST1_PLUGINS_BASE_SITE = https://gstreamer.freedesktop.org/src/gst-plugins-base GST1_PLUGINS_BASE_SITE = https://gstreamer.freedesktop.org/src/gst-plugins-base
GST1_PLUGINS_BASE_INSTALL_STAGING = YES GST1_PLUGINS_BASE_INSTALL_STAGING = YES

4
buildroot/package/gstreamer1/gst1-plugins-good/gst1-plugins-good.hash
View File

@ -1,3 +1,3 @@
# From https://gstreamer.freedesktop.org/src/gst-plugins-good/gst-plugins-good-1.18.4.tar.xz.sha256sum # From https://gstreamer.freedesktop.org/src/gst-plugins-good/gst-plugins-good-1.18.5.tar.xz.sha256sum
sha256 b6e50e3a9bbcd56ee6ec71c33aa8332cc9c926b0c1fae995aac8b3040ebe39b0 gst-plugins-good-1.18.4.tar.xz sha256 3aaeeea7765fbf8801acce4a503a9b05f73f04e8a35352e9d00232cfd555796b gst-plugins-good-1.18.5.tar.xz
sha256 6095e9ffa777dd22839f7801aa845b31c9ed07f3d6bf8a26dc5d2dec8ccc0ef3 COPYING sha256 6095e9ffa777dd22839f7801aa845b31c9ed07f3d6bf8a26dc5d2dec8ccc0ef3 COPYING

2
buildroot/package/gstreamer1/gst1-plugins-good/gst1-plugins-good.mk
View File

@ -4,7 +4,7 @@
# #
################################################################################ ################################################################################
GST1_PLUGINS_GOOD_VERSION = 1.18.4 GST1_PLUGINS_GOOD_VERSION = 1.18.5
GST1_PLUGINS_GOOD_SOURCE = gst-plugins-good-$(GST1_PLUGINS_GOOD_VERSION).tar.xz GST1_PLUGINS_GOOD_SOURCE = gst-plugins-good-$(GST1_PLUGINS_GOOD_VERSION).tar.xz
GST1_PLUGINS_GOOD_SITE = https://gstreamer.freedesktop.org/src/gst-plugins-good GST1_PLUGINS_GOOD_SITE = https://gstreamer.freedesktop.org/src/gst-plugins-good
GST1_PLUGINS_GOOD_LICENSE_FILES = COPYING GST1_PLUGINS_GOOD_LICENSE_FILES = COPYING

4
buildroot/package/gstreamer1/gst1-plugins-ugly/gst1-plugins-ugly.hash
View File

@ -1,3 +1,3 @@
# From https://gstreamer.freedesktop.org/src/gst-plugins-ugly/gst-plugins-ugly-1.18.4.tar.xz.sha256sum # From https://gstreamer.freedesktop.org/src/gst-plugins-ugly/gst-plugins-ugly-1.18.5.tar.xz.sha256sum
sha256 218df0ce0d31e8ca9cdeb01a3b0c573172cc9c21bb3d41811c7820145623d13c gst-plugins-ugly-1.18.4.tar.xz sha256 df32803e98f8a9979373fa2ca7e05e62f977b1097576d3a80619d9f5c69f66d9 gst-plugins-ugly-1.18.5.tar.xz
sha256 6095e9ffa777dd22839f7801aa845b31c9ed07f3d6bf8a26dc5d2dec8ccc0ef3 COPYING sha256 6095e9ffa777dd22839f7801aa845b31c9ed07f3d6bf8a26dc5d2dec8ccc0ef3 COPYING

2
buildroot/package/gstreamer1/gst1-plugins-ugly/gst1-plugins-ugly.mk
View File

@ -4,7 +4,7 @@
# #
################################################################################ ################################################################################
GST1_PLUGINS_UGLY_VERSION = 1.18.4 GST1_PLUGINS_UGLY_VERSION = 1.18.5
GST1_PLUGINS_UGLY_SOURCE = gst-plugins-ugly-$(GST1_PLUGINS_UGLY_VERSION).tar.xz GST1_PLUGINS_UGLY_SOURCE = gst-plugins-ugly-$(GST1_PLUGINS_UGLY_VERSION).tar.xz
GST1_PLUGINS_UGLY_SITE = https://gstreamer.freedesktop.org/src/gst-plugins-ugly GST1_PLUGINS_UGLY_SITE = https://gstreamer.freedesktop.org/src/gst-plugins-ugly
GST1_PLUGINS_UGLY_LICENSE_FILES = COPYING GST1_PLUGINS_UGLY_LICENSE_FILES = COPYING

4
buildroot/package/gstreamer1/gst1-python/gst1-python.hash
View File

@ -1,3 +1,3 @@
# From https://gstreamer.freedesktop.org/src/gst-python/gst-python-1.18.4.tar.xz.sha256sum # From https://gstreamer.freedesktop.org/src/gst-python/gst-python-1.18.5.tar.xz.sha256sum
sha256 cb68e08a7e825e08b83a12a22dcd6e4f1b328a7b02a7ac84f42f68f4ddc7098e gst-python-1.18.4.tar.xz sha256 533685871305959d6db89507f3b3aa6c765c2f2b0dacdc32c5a6543e72e5bc52 gst-python-1.18.5.tar.xz
sha256 ea3ad127610e5ded2210b3a86a46314f2b3b28e438eccffdae19a4d6fbcdb0c2 COPYING sha256 ea3ad127610e5ded2210b3a86a46314f2b3b28e438eccffdae19a4d6fbcdb0c2 COPYING

2
buildroot/package/gstreamer1/gst1-python/gst1-python.mk
View File

@ -4,7 +4,7 @@
# #
################################################################################ ################################################################################
GST1_PYTHON_VERSION = 1.18.4 GST1_PYTHON_VERSION = 1.18.5
GST1_PYTHON_SOURCE = gst-python-$(GST1_PYTHON_VERSION).tar.xz GST1_PYTHON_SOURCE = gst-python-$(GST1_PYTHON_VERSION).tar.xz
GST1_PYTHON_SITE = https://gstreamer.freedesktop.org/src/gst-python GST1_PYTHON_SITE = https://gstreamer.freedesktop.org/src/gst-python
GST1_PYTHON_INSTALL_STAGING = YES GST1_PYTHON_INSTALL_STAGING = YES

4
buildroot/package/gstreamer1/gst1-rtsp-server/gst1-rtsp-server.hash
View File

@ -1,4 +1,4 @@
# From https://gstreamer.freedesktop.org/src/gst-rtsp-server/gst-rtsp-server-1.18.4.tar.xz.sha256sum # From https://gstreamer.freedesktop.org/src/gst-rtsp-server/gst-rtsp-server-1.18.5.tar.xz.sha256sum
sha256 a46bb8de40b971a048580279d2660e616796f871ad3ed00c8a95fe4d273a6c94 gst-rtsp-server-1.18.4.tar.xz sha256 04d63bf48816c6f41c73f6de0f912a7cef0aab39c44162a7bcece1923dfc9d1f gst-rtsp-server-1.18.5.tar.xz
sha256 f445dc78b88496f7e20c7a2a461b95baba5865c8919b8289ac24ac0a80c6ce7a COPYING sha256 f445dc78b88496f7e20c7a2a461b95baba5865c8919b8289ac24ac0a80c6ce7a COPYING
sha256 f445dc78b88496f7e20c7a2a461b95baba5865c8919b8289ac24ac0a80c6ce7a COPYING.LIB sha256 f445dc78b88496f7e20c7a2a461b95baba5865c8919b8289ac24ac0a80c6ce7a COPYING.LIB

2
buildroot/package/gstreamer1/gst1-rtsp-server/gst1-rtsp-server.mk
View File

@ -4,7 +4,7 @@
# #
################################################################################ ################################################################################
GST1_RTSP_SERVER_VERSION = 1.18.4 GST1_RTSP_SERVER_VERSION = 1.18.5
GST1_RTSP_SERVER_SOURCE = gst-rtsp-server-$(GST1_RTSP_SERVER_VERSION).tar.xz GST1_RTSP_SERVER_SOURCE = gst-rtsp-server-$(GST1_RTSP_SERVER_VERSION).tar.xz
GST1_RTSP_SERVER_SITE = http://gstreamer.freedesktop.org/src/gst-rtsp-server GST1_RTSP_SERVER_SITE = http://gstreamer.freedesktop.org/src/gst-rtsp-server
GST1_RTSP_SERVER_LICENSE = LGPL-2.0+ GST1_RTSP_SERVER_LICENSE = LGPL-2.0+

4
buildroot/package/gstreamer1/gst1-vaapi/gst1-vaapi.hash
View File

@ -1,3 +1,3 @@
# From https://gstreamer.freedesktop.org/src/gstreamer-vaapi/gstreamer-vaapi-1.18.4.tar.xz.sha256sum # From https://gstreamer.freedesktop.org/src/gstreamer-vaapi/gstreamer-vaapi-1.18.5.tar.xz.sha256sum
sha256 92db98af86f3150d429c9ab17e88d2364f9c07a140c8f445ed739e8f10252aea gstreamer-vaapi-1.18.4.tar.xz sha256 4a460fb95559f41444eb24864ad2d9e37922b6eea941510310319fc3e0ba727b gstreamer-vaapi-1.18.5.tar.xz
sha256 dc626520dcd53a22f727af3ee42c770e56c97a64fe3adb063799d8ab032fe551 COPYING.LIB sha256 dc626520dcd53a22f727af3ee42c770e56c97a64fe3adb063799d8ab032fe551 COPYING.LIB

2
buildroot/package/gstreamer1/gst1-vaapi/gst1-vaapi.mk
View File

@ -4,7 +4,7 @@
# #
################################################################################ ################################################################################
GST1_VAAPI_VERSION = 1.18.4 GST1_VAAPI_VERSION = 1.18.5
GST1_VAAPI_SITE = https://gstreamer.freedesktop.org/src/gstreamer-vaapi GST1_VAAPI_SITE = https://gstreamer.freedesktop.org/src/gstreamer-vaapi
GST1_VAAPI_SOURCE = gstreamer-vaapi-$(GST1_VAAPI_VERSION).tar.xz GST1_VAAPI_SOURCE = gstreamer-vaapi-$(GST1_VAAPI_VERSION).tar.xz
GST1_VAAPI_LICENSE = LGPL-2.1+ GST1_VAAPI_LICENSE = LGPL-2.1+

4
buildroot/package/gstreamer1/gstreamer1-editing-services/gstreamer1-editing-services.hash
View File

@ -1,5 +1,5 @@
# From https://gstreamer.freedesktop.org/src/gstreamer-editing-services/gst-editing-services-1.18.4.tar.xz.sha256sum # From https://gstreamer.freedesktop.org/src/gstreamer-editing-services/gst-editing-services-1.18.5.tar.xz.sha256sum
sha256 4687b870a7de18aebf50f45ff572ad9e0138020e3479e02a6f056a0c4c7a1d04 gst-editing-services-1.18.4.tar.xz sha256 8af4a8394d051f3e18280686db49a6efaccc95c0c59a17f0f564e32000590df5 gst-editing-services-1.18.5.tar.xz
# Hashes for license files: # Hashes for license files:
sha256 f445dc78b88496f7e20c7a2a461b95baba5865c8919b8289ac24ac0a80c6ce7a COPYING sha256 f445dc78b88496f7e20c7a2a461b95baba5865c8919b8289ac24ac0a80c6ce7a COPYING

2
buildroot/package/gstreamer1/gstreamer1-editing-services/gstreamer1-editing-services.mk
View File

@ -4,7 +4,7 @@
# #
################################################################################ ################################################################################
GSTREAMER1_EDITING_SERVICES_VERSION = 1.18.4 GSTREAMER1_EDITING_SERVICES_VERSION = 1.18.5
GSTREAMER1_EDITING_SERVICES_SOURCE = gst-editing-services-$(GSTREAMER1_EDITING_SERVICES_VERSION).tar.xz GSTREAMER1_EDITING_SERVICES_SOURCE = gst-editing-services-$(GSTREAMER1_EDITING_SERVICES_VERSION).tar.xz
GSTREAMER1_EDITING_SERVICES_SITE = https://gstreamer.freedesktop.org/src/gstreamer-editing-services GSTREAMER1_EDITING_SERVICES_SITE = https://gstreamer.freedesktop.org/src/gstreamer-editing-services
GSTREAMER1_EDITING_SERVICES_LICENSE = LGPL-2.0+ GSTREAMER1_EDITING_SERVICES_LICENSE = LGPL-2.0+

4
buildroot/package/gstreamer1/gstreamer1/gstreamer1.hash
View File

@ -1,3 +1,3 @@
# From https://gstreamer.freedesktop.org/src/gstreamer/gstreamer-1.18.4.tar.xz.sha256sum # From https://gstreamer.freedesktop.org/src/gstreamer/gstreamer-1.18.5.tar.xz.sha256sum
sha256 9aeec99b38e310817012aa2d1d76573b787af47f8a725a65b833880a094dfbc5 gstreamer-1.18.4.tar.xz sha256 55862232a63459bbf56abebde3085ca9aec211b478e891dacea4d6df8cafe80a gstreamer-1.18.5.tar.xz
sha256 f445dc78b88496f7e20c7a2a461b95baba5865c8919b8289ac24ac0a80c6ce7a COPYING sha256 f445dc78b88496f7e20c7a2a461b95baba5865c8919b8289ac24ac0a80c6ce7a COPYING

2
buildroot/package/gstreamer1/gstreamer1/gstreamer1.mk
View File

@ -4,7 +4,7 @@
# #
################################################################################ ################################################################################
GSTREAMER1_VERSION = 1.18.4 GSTREAMER1_VERSION = 1.18.5
GSTREAMER1_SOURCE = gstreamer-$(GSTREAMER1_VERSION).tar.xz GSTREAMER1_SOURCE = gstreamer-$(GSTREAMER1_VERSION).tar.xz
GSTREAMER1_SITE = https://gstreamer.freedesktop.org/src/gstreamer GSTREAMER1_SITE = https://gstreamer.freedesktop.org/src/gstreamer
GSTREAMER1_INSTALL_STAGING = YES GSTREAMER1_INSTALL_STAGING = YES

8
buildroot/package/kodi-pvr-octonet/Config.in
View File

@ -1,7 +1,7 @@
config BR2_PACKAGE_KODI_PVR_OCTONET config BR2_PACKAGE_KODI_PVR_OCTONET
bool "kodi-pvr-octonet" bool "kodi-pvr-octonet"
depends on BR2_TOOLCHAIN_GCC_AT_LEAST_4_9 # json-for-modern-cpp depends on BR2_TOOLCHAIN_GCC_AT_LEAST_4_7 # jsoncpp
select BR2_PACKAGE_JSON_FOR_MODERN_CPP select BR2_PACKAGE_JSONCPP
select BR2_PACKAGE_KODI_PLATFORM select BR2_PACKAGE_KODI_PLATFORM
select BR2_PACKAGE_LIBPLATFORM select BR2_PACKAGE_LIBPLATFORM
help help
@ -9,5 +9,5 @@ config BR2_PACKAGE_KODI_PVR_OCTONET
https://github.com/DigitalDevices/pvr.octonet https://github.com/DigitalDevices/pvr.octonet
comment "kodi-pvr-octonet needs a toolchain w/ gcc >= 4.9" comment "kodi-pvr-octonet needs a toolchain w/ gcc >= 4.7"
depends on !BR2_TOOLCHAIN_GCC_AT_LEAST_4_9 depends on !BR2_TOOLCHAIN_GCC_AT_LEAST_4_7

2
buildroot/package/kodi-pvr-octonet/kodi-pvr-octonet.mk
View File

@ -8,6 +8,6 @@ KODI_PVR_OCTONET_VERSION = e35cc373476a92aee11ec8e8a14fb8fc086a4f84
KODI_PVR_OCTONET_SITE = $(call github,DigitalDevices,pvr.octonet,$(KODI_PVR_OCTONET_VERSION)) KODI_PVR_OCTONET_SITE = $(call github,DigitalDevices,pvr.octonet,$(KODI_PVR_OCTONET_VERSION))
KODI_PVR_OCTONET_LICENSE = GPL-2.0+ KODI_PVR_OCTONET_LICENSE = GPL-2.0+
KODI_PVR_OCTONET_LICENSE_FILES = debian/copyright KODI_PVR_OCTONET_LICENSE_FILES = debian/copyright
KODI_PVR_OCTONET_DEPENDENCIES = json-for-modern-cpp kodi-platform libplatform KODI_PVR_OCTONET_DEPENDENCIES = jsoncpp kodi-platform libplatform
$(eval $(cmake-package)) $(eval $(cmake-package))

1
buildroot/package/libcurl/Config.in
View File

@ -71,6 +71,7 @@ config BR2_PACKAGE_LIBCURL_MBEDTLS
config BR2_PACKAGE_LIBCURL_WOLFSSL config BR2_PACKAGE_LIBCURL_WOLFSSL
bool "WolfSSL" bool "WolfSSL"
depends on BR2_PACKAGE_WOLFSSL depends on BR2_PACKAGE_WOLFSSL
select BR2_PACKAGE_WOLFSSL_ALL
config BR2_PACKAGE_LIBCURL_TLS_NONE config BR2_PACKAGE_LIBCURL_TLS_NONE
bool "None" bool "None"

4
buildroot/package/libcurl/libcurl.hash
View File

@ -1,5 +1,5 @@
# Locally calculated after checking pgp signature # Locally calculated after checking pgp signature
# https://curl.se/download/curl-7.78.0.tar.xz.asc # https://curl.se/download/curl-7.79.1.tar.xz.asc
# signed with key 27EDEAF22F3ABCEB50DB9A125CC908FDB71E12C2 # signed with key 27EDEAF22F3ABCEB50DB9A125CC908FDB71E12C2
sha256 be42766d5664a739c3974ee3dfbbcbe978a4ccb1fe628bb1d9b59ac79e445fb5 curl-7.78.0.tar.xz sha256 0606f74b1182ab732a17c11613cbbaf7084f2e6cca432642d0e3ad7c224c3689 curl-7.79.1.tar.xz
sha256 6fd1a1c008b5ef4c4741dd188c3f8af6944c14c25afa881eb064f98fb98358e7 COPYING sha256 6fd1a1c008b5ef4c4741dd188c3f8af6944c14c25afa881eb064f98fb98358e7 COPYING

2
buildroot/package/libcurl/libcurl.mk
View File

@ -4,7 +4,7 @@
# #
################################################################################ ################################################################################
LIBCURL_VERSION = 7.78.0 LIBCURL_VERSION = 7.79.1
LIBCURL_SOURCE = curl-$(LIBCURL_VERSION).tar.xz LIBCURL_SOURCE = curl-$(LIBCURL_VERSION).tar.xz
LIBCURL_SITE = https://curl.se/download LIBCURL_SITE = https://curl.se/download
LIBCURL_DEPENDENCIES = host-pkgconf \ LIBCURL_DEPENDENCIES = host-pkgconf \

47
buildroot/package/libkrb5/0001-Fix-KDC-null-deref-on-TGS-inner-body-null-server.patch Normal file
View File

@ -0,0 +1,47 @@
From d775c95af7606a51bf79547a94fa52ddd1cb7f49 Mon Sep 17 00:00:00 2001
From: Greg Hudson <ghudson@mit.edu>
Date: Tue, 3 Aug 2021 01:15:27 -0400
Subject: [PATCH] Fix KDC null deref on TGS inner body null server
After the KDC decodes a FAST inner body, it does not check for a null
server. Prior to commit 39548a5b17bbda9eeb63625a201cfd19b9de1c5b this
would typically result in an error from krb5_unparse_name(), but with
the addition of get_local_tgt() it results in a null dereference. Add
a null check.
Reported by Joseph Sutton of Catalyst.
CVE-2021-37750:
In MIT krb5 releases 1.14 and later, an authenticated attacker can
cause a null dereference in the KDC by sending a FAST TGS request with
no server field.
ticket: 9008 (new)
tags: pullup
target_version: 1.19-next
target_version: 1.18-next
[Retrieved from:
https://github.com/krb5/krb5/commit/d775c95af7606a51bf79547a94fa52ddd1cb7f49]
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
---
src/kdc/do_tgs_req.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/src/kdc/do_tgs_req.c b/src/kdc/do_tgs_req.c
index 582e497cc9..32dc65fa8e 100644
--- a/src/kdc/do_tgs_req.c
+++ b/src/kdc/do_tgs_req.c
@@ -204,6 +204,11 @@ process_tgs_req(krb5_kdc_req *request, krb5_data *pkt,
status = "FIND_FAST";
goto cleanup;
}
+ if (sprinc == NULL) {
+ status = "NULL_SERVER";
+ errcode = KRB5KDC_ERR_S_PRINCIPAL_UNKNOWN;
+ goto cleanup;
+ }
errcode = get_local_tgt(kdc_context, &sprinc->realm, header_server,
&local_tgt, &local_tgt_storage, &local_tgt_key);

3
buildroot/package/libkrb5/libkrb5.mk
View File

@ -16,6 +16,9 @@ LIBKRB5_CPE_ID_PRODUCT = kerberos_5
LIBKRB5_DEPENDENCIES = host-bison $(TARGET_NLS_DEPENDENCIES) LIBKRB5_DEPENDENCIES = host-bison $(TARGET_NLS_DEPENDENCIES)
LIBKRB5_INSTALL_STAGING = YES LIBKRB5_INSTALL_STAGING = YES
# 0001-Fix-KDC-null-deref-on-TGS-inner-body-null-server.patch
LIBKRB5_IGNORE_CVES += CVE-2021-37750
# The configure script uses AC_TRY_RUN tests to check for those values, # The configure script uses AC_TRY_RUN tests to check for those values,
# which doesn't work in a cross-compilation scenario. Therefore, # which doesn't work in a cross-compilation scenario. Therefore,
# we feed the configure script with the correct answer for those tests # we feed the configure script with the correct answer for those tests

2
buildroot/package/libressl/libressl.hash
View File

@ -1,4 +1,4 @@
# From https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/SHA256 # From https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/SHA256
sha256 798a65fd61d385e09d559810cdfa46512f8def5919264cfef241a7b086ce7cfe libressl-3.2.5.tar.gz sha256 7c32ff037597ce471c7cfd9dcb8471cda3a02983aeba3315059362ceb3934b84 libressl-3.2.7.tar.gz
# Locally computed # Locally computed
sha256 5c63613f008f16a9c0025c096bbd736cecf720494d121b5c5203e0ec6e5955b1 COPYING sha256 5c63613f008f16a9c0025c096bbd736cecf720494d121b5c5203e0ec6e5955b1 COPYING

2
buildroot/package/libressl/libressl.mk
View File

@ -4,7 +4,7 @@
# #
################################################################################ ################################################################################
LIBRESSL_VERSION = 3.2.5 LIBRESSL_VERSION = 3.2.7
LIBRESSL_SITE = https://ftp.openbsd.org/pub/OpenBSD/LibreSSL LIBRESSL_SITE = https://ftp.openbsd.org/pub/OpenBSD/LibreSSL
LIBRESSL_LICENSE = ISC (new additions), OpenSSL or SSLeay (original OpenSSL code) LIBRESSL_LICENSE = ISC (new additions), OpenSSL or SSLeay (original OpenSSL code)
LIBRESSL_LICENSE_FILES = COPYING LIBRESSL_LICENSE_FILES = COPYING

40
buildroot/package/libsndfile/0011-ms_adpcm-Fix-and-extend-size-checks.patch Normal file
View File

@ -0,0 +1,40 @@
From deb669ee8be55a94565f6f8a6b60890c2e7c6f32 Mon Sep 17 00:00:00 2001
From: bobsayshilol <bobsayshilol@live.co.uk>
Date: Thu, 18 Feb 2021 21:52:09 +0000
Subject: [PATCH] ms_adpcm: Fix and extend size checks
'blockalign' is the size of a block, and each block contains 7 samples
per channel as part of the preamble, so check against 'samplesperblock'
rather than 'blockalign'. Also add an additional check that the block
is big enough to hold the samples it claims to hold.
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=26803
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
---
src/ms_adpcm.c | 10 ++++++++--
1 file changed, 8 insertions(+), 2 deletions(-)
diff --git a/src/ms_adpcm.c b/src/ms_adpcm.c
index 5e8f1a31..a21cb994 100644
--- a/src/ms_adpcm.c
+++ b/src/ms_adpcm.c
@@ -128,8 +128,14 @@ wavlike_msadpcm_init (SF_PRIVATE *psf, int blockalign, int samplesperblock)
if (psf->file.mode == SFM_WRITE)
samplesperblock = 2 + 2 * (blockalign - 7 * psf->sf.channels) / psf->sf.channels ;
- if (blockalign < 7 * psf->sf.channels)
- { psf_log_printf (psf, "*** Error blockalign (%d) should be > %d.\n", blockalign, 7 * psf->sf.channels) ;
+ /* There's 7 samples per channel in the preamble of each block */
+ if (samplesperblock < 7 * psf->sf.channels)
+ { psf_log_printf (psf, "*** Error samplesperblock (%d) should be >= %d.\n", samplesperblock, 7 * psf->sf.channels) ;
+ return SFE_INTERNAL ;
+ } ;
+
+ if (2 * blockalign < samplesperblock * psf->sf.channels)
+ { psf_log_printf (psf, "*** Error blockalign (%d) should be >= %d.\n", blockalign, samplesperblock * psf->sf.channels / 2) ;
return SFE_INTERNAL ;
} ;
--
2.20.1

3
buildroot/package/libsndfile/libsndfile.mk
View File

@ -19,6 +19,9 @@ LIBSNDFILE_IGNORE_CVES += CVE-2018-13139 CVE-2018-19432
LIBSNDFILE_IGNORE_CVES += \ LIBSNDFILE_IGNORE_CVES += \
CVE-2017-14245 CVE-2017-14246 CVE-2017-17456 CVE-2017-17457 \ CVE-2017-14245 CVE-2017-14246 CVE-2017-17456 CVE-2017-17457 \
CVE-2018-19661 CVE-2018-19662 CVE-2018-19661 CVE-2018-19662
# 0011-ms_adpcm-Fix-and-extend-size-checks.patch
LIBSNDFILE_IGNORE_CVES += CVE-2021-3246
# disputed, https://github.com/erikd/libsndfile/issues/398 # disputed, https://github.com/erikd/libsndfile/issues/398
LIBSNDFILE_IGNORE_CVES += CVE-2018-13419 LIBSNDFILE_IGNORE_CVES += CVE-2018-13419
# 0004-src-wav.c-Fix-heap-read-overflow.patch # 0004-src-wav.c-Fix-heap-read-overflow.patch

2
buildroot/package/libyang/libyang.hash
View File

@ -1,3 +1,3 @@
# Locally calculated # Locally calculated
sha256 c4498a77a7c12a28c9911f993eeafbf2badd2ecea58bb74781bd61cfc635e4c9 libyang-1.0.215.tar.gz sha256 8576cad398b451b1c622b0652a2030fcf83ee1d9a39e6cd93d17b0a5a43118d6 libyang-1.0.240.tar.gz
sha256 f942fe693e03e4e3ff67a351c00dc8f468a042e0d7273b0aa6bc53060b568112 LICENSE sha256 f942fe693e03e4e3ff67a351c00dc8f468a042e0d7273b0aa6bc53060b568112 LICENSE

2
buildroot/package/libyang/libyang.mk
View File

@ -4,7 +4,7 @@
# #
################################################################################ ################################################################################
LIBYANG_VERSION = 1.0.215 LIBYANG_VERSION = 1.0.240
LIBYANG_SITE = $(call github,CESNET,libyang,v$(LIBYANG_VERSION)) LIBYANG_SITE = $(call github,CESNET,libyang,v$(LIBYANG_VERSION))
LIBYANG_LICENSE = BSD-3-Clause LIBYANG_LICENSE = BSD-3-Clause
LIBYANG_LICENSE_FILES = LICENSE LIBYANG_LICENSE_FILES = LICENSE

2
buildroot/package/lxc/Config.in
View File

@ -21,4 +21,4 @@ comment "lxc needs a glibc or musl toolchain w/ threads, headers >= 3.0, dynamic
|| !BR2_TOOLCHAIN_GCC_AT_LEAST_4_7 \ || !BR2_TOOLCHAIN_GCC_AT_LEAST_4_7 \
|| !BR2_TOOLCHAIN_HEADERS_AT_LEAST_3_0 \ || !BR2_TOOLCHAIN_HEADERS_AT_LEAST_3_0 \
|| BR2_STATIC_LIBS \ || BR2_STATIC_LIBS \
|| BR2_TOOLCHAN_USES_UCLIBC || BR2_TOOLCHAIN_USES_UCLIBC

2
buildroot/package/lxc/lxc.hash
View File

@ -1,4 +1,4 @@
# Locally calculated # Locally calculated
sha256 9165dabc0bb6ef7f2fda2009aee90b20fbefe77ed8008347e9f06048eba1e463 lxc-4.0.6.tar.gz sha256 a10c518056d2e497bd600e4ffac2853bdeab1e835bf455a6d87cc8df128bfae9 lxc-4.0.10.tar.gz
sha256 ab15fd526bd8dd18a9e77ebc139656bf4d33e97fc7238cd11bf60e2b9b8666c6 LICENSE.GPL2 sha256 ab15fd526bd8dd18a9e77ebc139656bf4d33e97fc7238cd11bf60e2b9b8666c6 LICENSE.GPL2
sha256 dc626520dcd53a22f727af3ee42c770e56c97a64fe3adb063799d8ab032fe551 LICENSE.LGPL2.1 sha256 dc626520dcd53a22f727af3ee42c770e56c97a64fe3adb063799d8ab032fe551 LICENSE.LGPL2.1

2
buildroot/package/lxc/lxc.mk
View File

@ -4,7 +4,7 @@
# #
################################################################################ ################################################################################
LXC_VERSION = 4.0.6 LXC_VERSION = 4.0.10
LXC_SITE = https://linuxcontainers.org/downloads/lxc LXC_SITE = https://linuxcontainers.org/downloads/lxc
LXC_LICENSE = GPL-2.0 (some tools), LGPL-2.1+ LXC_LICENSE = GPL-2.0 (some tools), LGPL-2.1+
LXC_LICENSE_FILES = LICENSE.GPL2 LICENSE.LGPL2.1 LXC_LICENSE_FILES = LICENSE.GPL2 LICENSE.LGPL2.1

1
buildroot/package/lynx/lynx.hash
View File

@ -1,3 +1,4 @@
# Locally calculated: # Locally calculated:
sha256 387f193d7792f9cfada14c60b0e5c0bff18f227d9257a39483e14fa1aaf79595 lynx2.8.9rel.1.tar.bz2 sha256 387f193d7792f9cfada14c60b0e5c0bff18f227d9257a39483e14fa1aaf79595 lynx2.8.9rel.1.tar.bz2
sha256 b2207e757dbbefc34a20a32b1b4a216b4a4316e1dc812bceca4ac6294871119a 90_CVE-2021-38165.patch
sha256 8406a30ff3134ec23cf752d1ceda92ddaabbe41b4f2dc07ea3cfa139de12d6d6 COPYING sha256 8406a30ff3134ec23cf752d1ceda92ddaabbe41b4f2dc07ea3cfa139de12d6d6 COPYING

4
buildroot/package/lynx/lynx.mk
View File

@ -7,6 +7,10 @@
LYNX_VERSION = 2.8.9rel.1 LYNX_VERSION = 2.8.9rel.1
LYNX_SOURCE = lynx$(LYNX_VERSION).tar.bz2 LYNX_SOURCE = lynx$(LYNX_VERSION).tar.bz2
LYNX_SITE = ftp://ftp.invisible-island.net/lynx/tarballs LYNX_SITE = ftp://ftp.invisible-island.net/lynx/tarballs
LYNX_PATCH = \
https://salsa.debian.org/lynx-team/lynx/-/raw/debian/2.9.0dev.6-3_deb11u1/debian/patches/90_CVE-2021-38165.patch
# 90_CVE-2021-38165.patch
LYNX_IGNORE_CVES += CVE-2021-38165
LYNX_LICENSE = GPL-2.0 LYNX_LICENSE = GPL-2.0
LYNX_LICENSE_FILES = COPYING LYNX_LICENSE_FILES = COPYING

Some files were not shown because too many files have changed in this diff Show More