Commit Graph

74698 Commits

Author SHA1 Message Date
James Hilliard
8d835ffc52 package/cups: security bump to version 2.4.11
Fixes the following security issue:

CVE-2024-35235: Cupsd Listen arbitrary chmod 0140777

https://github.com/OpenPrinting/cups/security/advisories/GHSA-vvwp-mv6j-hw6f
https://www.openwall.com/lists/oss-security/2024/06/11/1

Drop cups hash patches which are now upstream.

Rebase remaining patches.

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
[Peter: mark as security bump]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2024-10-01 22:07:45 +02:00
Bernd Kuhls
b52c204e6f package/samba4: bump version to 4.20.5
Release notes:
https://www.samba.org/samba/history/samba-4.20.5.html

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2024-10-01 22:01:18 +02:00
Bernd Kuhls
d3a12bc6f1 {linux, linux-headers}: bump 4.19.x / 5.{4, 10, 15}.x / 6.{1, 6, 10}.x series
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2024-10-01 22:00:35 +02:00
Bernd Kuhls
d4cbc887a3 package/python3: security bump version to 3.12.6
Release notes: https://www.python.org/downloads/release/python-3126/

Fixes CVE-2023-27043, CVE-2024-6232, CVE-2024-7592 & CVE-2024-8088.

The fixes for bundled libexpat are irrelevant for us because python3
depends on the buildroot package.

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2024-10-01 21:59:24 +02:00
Bernd Kuhls
0509885d8d package/expat: security bump version to 2.6.3
Changelog:
https://github.com/libexpat/libexpat/blob/R_2_6_3/expat/Changes

Fixes CVE-2024-45490, CVE-2024-45491 & CVE-2024-45492.

Follow upstream switch of project repository to github:
https://sourceforge.net/p/expat/news/2022/01/project-moved-to-github/

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2024-10-01 21:59:03 +02:00
Michael Fischer
5271e90a6a package/pure-ftpd: bump version to 1.0.52
This version fixes an out-of-bound reads in the MLSD command, so upgrading is recommended.
It also improves compatibility with various systems.

Update the COPYING hash because of a change in copyright year

Signed-off-by: Michael Fischer <mf@go-sys.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2024-10-01 21:54:59 +02:00
Michael Fischer
93c81b1b1f package/sdl2: bump version to 2.30.7
Signed-off-by: Michael Fischer <mf@go-sys.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2024-10-01 21:50:40 +02:00
Bernd Kuhls
a2da88519f package/php: security bump version to 8.3.12
Removed patch which is included in this release.

Fixes CVE-2024-8926, CVE-2024-8927, CVE-2024-9026, and CVE-2024-8925.

Changelog: https://www.php.net/ChangeLog-8.php#PHP_8_3
Release notes: https://news-web.php.net/php.announce/438

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2024-10-01 21:49:55 +02:00
Peter Korsgaard
09964bc5c0 package/systemd: fix typos in help text
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
2024-09-25 20:49:04 +02:00
Peter Korsgaard
74bef5945f package/sysklogd: fix typos in help text
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
[Arnout: fix additional 'recommended' typo]
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
2024-09-25 20:48:26 +02:00
Peter Korsgaard
b55759c516 package/supertux: fix 'according' typo in help text
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
2024-09-25 20:47:24 +02:00
Peter Korsgaard
3c4dd46791 package/stress-ng: fix 'correctly' typo in comment
Also fix conjugations of verbs.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
[Arnout: fix additional typoes]
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
2024-09-25 20:46:48 +02:00
Peter Korsgaard
930663032b package/sqlite: fix 'access' typo in help text
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
2024-09-25 20:45:38 +02:00
Peter Korsgaard
5af5c0ac0b package/softether: fix typos in patch description
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
2024-09-25 20:44:03 +02:00
Peter Korsgaard
4c5d82ea05 package/socat: fix 'incompatible' typo in comment
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
2024-09-25 20:43:44 +02:00
Peter Korsgaard
d6f90873eb package/smcroute: fix 'assume' typo
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
2024-09-25 20:43:28 +02:00
Peter Korsgaard
6183d8f494 package/slirp: fix typos in help text
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
2024-09-25 20:42:45 +02:00
Peter Korsgaard
eb83f8e09a package/skeleton-init-systemd: fix "won't" typo in comment
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
2024-09-25 20:42:13 +02:00
Peter Korsgaard
70ded7c212 package/selinux-python: fix 'family' typo in patch description
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
2024-09-25 20:40:49 +02:00
Peter Korsgaard
0dffd8ab1c package/rpi-firmware: fix 'partition' typo in help text
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
2024-09-25 20:40:31 +02:00
Peter Korsgaard
1441be898a package/rlwrap: fix 'whether' typo in help text
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
2024-09-25 20:40:16 +02:00
Peter Korsgaard
1e37c852a5 package/redis: fix 'defaults' typo in patch description
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
2024-09-25 20:40:00 +02:00
Peter Korsgaard
d21e6f815d package/rapidxml: fix 'usability' typo in help text
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
2024-09-25 20:39:05 +02:00
Peter Korsgaard
f301c007c7 package/rapidxml: fix 'compilation' typo in patch description
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
2024-09-25 20:38:10 +02:00
Peter Korsgaard
e23e49e5d5 package/qt5virtualkeyboard: fix 'Portuguese' typo in help text
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
2024-09-25 20:37:59 +02:00
Peter Korsgaard
6367eb4965 package/qt5connectivity: fix 'peripherals' typo in help text
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
2024-09-25 20:37:44 +02:00
Peter Korsgaard
7426aaddee package/qt5enginio: fix 'versioning' typo in comment
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
2024-09-25 20:37:28 +02:00
Peter Korsgaard
53e265522f package/qt5base: fix 'from' typo in patch description
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
2024-09-25 20:30:30 +02:00
Peter Korsgaard
296b549365 package/qt5: fix 'paths' typo in comment
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
2024-09-25 20:30:22 +02:00
Peter Korsgaard
4390361bb5 package/qlibc: fix 'consistent' typo in help text
Also add a missing article one line above.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
[Arnout: fix additional typo]
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
2024-09-25 20:30:21 +02:00
Francois Perrad
be0988ae33 package/nano: bump to version 8.2
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2024-09-25 19:34:13 +02:00
Francois Perrad
be03ddefc6 package/mc: bump to version 4.8.32
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2024-09-25 19:34:09 +02:00
Francois Perrad
5660a06c29 package/hicolor-icon-theme: bump to version 0.18
switch to meson build

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2024-09-25 19:34:03 +02:00
Francois Perrad
1f6075c634 package/gawk: bump to version 5.3.1
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2024-09-25 19:33:59 +02:00
Baruch Siach
a5cef5339b package/libcurl: drop link-with-openssl workaround
Upstream curl commit f057de5a1a950 ("libcurl.pc: add `Requires.private`,
`Requires` for static linking") deals with proper pkg-config
configuration since version 8.9.0.

Our local libcurl.pc modification we added back in commit 61d322c3d2
(package/cURL: fix static link whith openSSL) is no longer needed.

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
[yann.morin.1998@free.fr: this is not a "revert", reword commit log]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2024-09-25 19:28:24 +02:00
Akhilesh Nema
0982498c67 package/libpcap: bump version to 1.10.5
Changelog: bbcbc9174d/CHANGES

Signed-off-by: Akhilesh Nema <nemaakhilesh@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2024-09-23 21:46:30 +02:00
Akhilesh Nema
ad831a3de1 package/tcpdump: bump version to 4.99.5
Changelog: 4a789712f1/CHANGES

Signed-off-by: Akhilesh Nema <nemaakhilesh@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2024-09-23 21:46:26 +02:00
Waldemar Brodkorb
1c2fa85cb1 package/httping: update to latest git
Changes made to the Buildroot package:
 - use github url for download
 - switch to cmake infrastructure
 - add new option for TUI support
 - add new option for SSL support
 - TFO is always enabled now, and therefore we don't need to add
   Config.in.legacy handling for this option
 - remove no longer required patches 0001/0002
 - update license file to LICENSE
 - update license to AGPLv3
 - always build without gettext support

Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
[yann.morin.1998@free.fr:
  - update .checkpackageignore
  - don't use $(call github...)
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2024-09-23 21:34:29 +02:00
Bernd Kuhls
d28d24dbc5 package/busybox: patch to fix tc build on 6.8+ kernels
Fixes a build error introduced by bumping the linux kernel headers to
6.8 with buildroot commit 807a449256.

No autobuilder failures were recorded with this problem.

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2024-09-23 21:11:28 +02:00
James Hilliard
ddcddc4788 package/python-esptool: bump to version 4.8.0
Add new python-argcomplete runtime dependency.

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2024-09-22 20:14:11 +02:00
James Hilliard
d2fe9e861b package/python-argcomplete: new package
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2024-09-22 20:14:07 +02:00
Akhilesh Nema
5370103e64 package/libcurl: bump version to 8.10.1
Changelog - https://curl.se/ch/8.10.1.html

Signed-off-by: Akhilesh Nema <nemaakhilesh@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2024-09-22 20:08:11 +02:00
Bernd Kuhls
d68b999787 package/libcurl: security bump version to 8.10.0
Changelog: https://curl.se/changes.html#8_10_0

Fixes CVE-2024-8096.

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2024-09-22 20:03:54 +02:00
James Hilliard
0c15e04677 package/python-pytablereader: bump to version 0.31.4
Drop no longer required python-six and python-pathpy runtime
dependencies.

Add new python-path runtime dependency.

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2024-09-22 18:53:18 +02:00
James Hilliard
411e5e8021 package/python-path: new package
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2024-09-22 18:53:13 +02:00
James Hilliard
d33b4a9bc9 package/python-pysnmp: bump to version 7.1.3
License hash changed due to date update:
fa9909cbbf

Update license from BSD-3-Clause to BSD-2-Clause, the license
changed in 8122a1d85b but the commit
incorrectly indicated "no content changed" when updating the hash.

Add new python-pysnmpcrypto runtime dependency.

Drop no longer required python-pycryptodomex runtime dependency.

Migrate from setuptools to poetry build backend.

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
[yann.morin.1998@free.fr:
  - only list first-level dependency in rust arch support comment
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2024-09-22 18:50:14 +02:00
James Hilliard
143b6331a9 package/python-pysnmpcrypto: new package
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2024-09-22 18:49:51 +02:00
James Hilliard
8d3eae42cb package/python-maturin: bump to version 1.7.1
Restore cargo2 archive suffix format as well.

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2024-09-22 18:25:25 +02:00
James Hilliard
a2edfb9195 package/python-pydantic-core: bump to version 2.24.0
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2024-09-22 18:04:46 +02:00
James Hilliard
c84238b125 package/python-multipart: bump to version 0.0.10
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2024-09-22 18:04:42 +02:00