By default, gdbm configures/builds with readline and curses support
if they exist.
This can cause race conditions when compiling gdbm and ncurses in
parallel, as gdbm may try to link to ncurses when it doesn't exist.
This commit forces gdbm to skip using readline/ncurses, since it's
unlikely that anybody is using the line-editing feature of gdbm.
See [gdbm's README][1] for more info.
[1]: https://git.gnu.org.ua/gdbm.git/tree/README?h=v1.21#n50
Signed-off-by: Alois Klink <alois@aloisklink.com>
While running `make menuconfig`, it was discovered then there is a
recursive dependency like this:
tmp/.config-package.in:59138:error: recursive dependency detected!
tmp/.config-package.in:59138: symbol PACKAGE_libwebsockets-openssl is selected by PACKAGE_libwebsockets-mbedtls
tmp/.config-package.in:59122: symbol PACKAGE_libwebsockets-mbedtls depends on PACKAGE_libwebsockets-openssl
It is not possible with the recently added conflicts that two packages
(OpenSSL and full variant, which uses OpenSSL as well), which are almost the same
provides the same named package libwebsockets as their conflict - Mbed
TLS.
Fixes: 676c5c72b5 ("libwebsockets: OpenSSL
and mbedTLS variants should conflict")
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
They provide the same files, but they don't conflict to each other, this
means that users can install them side by side.
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
For some time, it is not possible to install ttyd and mosquitto-ssl at the
same time, so let's solve it that libwebsockets-full provides
libwebsockets-openssl. This allows to install ttyd and mosquitto at
the same time.
Also, we need to add conflict, because we should not have installed
libwebsockets-openssl and libwebsockets-full at the same time as they
provides the same files.
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
The official download mirror does not host 3.1.12 anymore. Update to
newest version to solve the issue.
Signed-off-by: Nick Hainke <vincent@systemli.org>
It updates to Unicode 15, including new characters, scripts, emoji, and corresponding API constants. It also updates to CLDR 42 locale data with various additions and corrections.
ICU 72 adds technology preview implementations for person name formatting, as well as for a new version of message formatting based on a proposed draft Unicode specification.
Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
Noteworthy changes in version 1.6.2 (2022-10-07) [C22/A14/R2]
------------------------------------------------
* Fix integer overflow in the CRL parser. [rK4b7d9cd4a0]
Release-info: https://dev.gnupg.org/T6230
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
As wolfSSL is having hard time maintaining ABI compatibility between
releases, we need to manually force rebuild of packages depending on
libwolfssl and thus force their upgrade. Otherwise due to the ABI
handling we would endup with possibly two libwolfssl libraries in the
system, including the patched libwolfssl-5.5.1, but still have
vulnerable services running using the vulnerable libwolfssl-5.4.0.
So in order to propagate update of libwolfssl to latest stable release
done in commit ec8fb542ec3e4 ("wolfssl: fix TLSv1.3 RCE in uhttpd by
using 5.5.1-stable (CVE-2022-39173)") which fixes several remotely
exploitable vulnerabilities, we need to bump PKG_RELEASE of all packages
using wolfSSL library.
Same bump has been done in buildroot in commit f1b7e1434f66 ("treewide:
fix security issues by bumping all packages using libwolfssl").
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Changes since 4.2 are extensive, as always.
https://libwebsockets.org/git/libwebsockets/tree/changelog?h=v4.3-stable#n4
Eg, Adds CBOR, support for reduced memory CA verification, cookie jars,
mqtt client gains qos2, mbedtls v3, fault injection apis, better support
for event loops.
Signed-off-by: Karl Palsson <karlp@etactica.com>
This package is a dependency for building mausezahn as part of the
netsniff-ng sources. mausezahn is a multicast traffic generator used by
the upcoming kernel-selftests-net-forwarding package.
Signed-off-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com>
libmspack is a library for some loosely related Microsoft compression
formats: CAB, CHM, HLP, LIT, KWAJ and SZDD
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
When libjose is built statically, it must use --whole-archive as it uses
GCC's constructor attribute to initialize itself.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Change the CONFLICTS line from the libgd-full to libgd to fix a
recursive dependency.
While at it, remove the redundant +LIBGD_TIFF:libtiff
+LIBGD_FREETYPE:libfreetype dependencies from Package/libgd/default.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
Fixes a compile error when glib2 is missing.
get rid of nls.mk. iconv/gettext is not used. This was previously here
because of glib2.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Backport a bunch of patches that fixes build
when using new Autoconf and Automake.
The patches removed are replaced by upstream backports
which are more complete.
Signed-off-by: Michael Pratt <mcpratt@pm.me>
This release includes a fix for CVE-2022-1215, a format string
vulnerabilty in the evdev device handling. For details, see
https://gitlab.freedesktop.org/libinput/libinput/-/issues/752
Peter Hutterer (2):
evdev: strip the device name of format directives
libinput 1.19.4
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Release date: 2022-08-11
Adresses CVE-2022-2625.
For more details, please see the release notes[1].
[1]: https://www.postgresql.org/docs/release/14.5/
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Noteworthy changes in version 1.18.0 (2022-08-10)
-------------------------------------------------
* New keylist mode to force refresh via external methods. [T5951]
* The keylist operations now create an import result to report the
result of the locate keylist modes. [T5951]
* core: Return BAD_PASSPHRASE error code on symmetric decryption
failure. [T5939]
* cpp, qt: Do not export internal symbols anymore. [T5906]
* cpp, qt: Support revocation of own OpenPGP keys. [T5904]
* qt: The file name of (signed and) encrypted data can now be set. [T6056]
* cpp, qt: Support setting the primary user ID. [T5938]
* python: Fix segv(NULL) when inspecting contect after exeception. [T6060]
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
The SX1302 hardware abstraction layer is required by the basicstation
to control the concentrator based on SX1302/SX1303 chip.
Signed-off-by: Marcus Schref <mschref@web.de>
The full variant should conflict with the default variant. This prevents that
libgd and libgd-full could be installed side by side, and also, the full
variant should provide the libgd. Otherwise, if you install libgd-full,
you can not install vnstat.
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
This commit restores the patch for libboost_context for mips64 given
that the upstream update added in 1.80.0 does not fully fixes the issue.
Signed-off-by: Carlos Miguel Ferreira <carlosmf.pt@gmail.com>
- libgnutls: Fixed double free during verification of pkcs7 signatures.
Reported by Jaak Ristioja (#1383). [GNUTLS-SA-2022-07-07, CVSS: medium]
[CVE-2022-2509]
- libgnutls: gnutls_hkdf_expand now only accepts LENGTH argument less than or
equal to 255 times hash digest size, to comply with RFC 5869 2.3.
- libgnutls: Length limit for TLS PSK usernames has been increased
from 128 to 65535 characters (#1323).
- libgnutls: AES-GCM encryption function now limits plaintext
length to 2^39-256 bits, according to SP800-38D 5.2.1.1.
- libgnutls: New block cipher functions have been added to transparently
handle padding. gnutls_cipher_encrypt3 and gnutls_cipher_decrypt3 can be
used in combination of GNUTLS_CIPHER_PADDING_PKCS7 flag to automatically
add/remove padding if the length of the original plaintext is not a multiple
of the block size.
- libgnutls: New function for manual FIPS self-testing.
API and ABI modifications:
- gnutls_fips140_run_self_tests: New function
- gnutls_cipher_encrypt3: New function
- gnutls_cipher_decrypt3: New function
- gnutls_cipher_padding_flags_t: New enum
Signed-off-by: Nick Hainke <vincent@systemli.org>
Not really needed for anything. Patch taken from upstream.
Remove obsolete libpthread and librt dependencies.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Fixes compilation under some hosts.
Added PKG_BUILD_PARALLEL for faster compilation.
Some small cleanups for consistency between packages.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
The glib2 package fails to build when CONFIG_PKG_FORTIFY_SOURCE_1 or
CONFIG_PKG_FORTIFY_SOURCE_2 is enabled in the OpenWrt config:
In file included from ../glib/libcharset/localcharset.c:28:
/home/stijn/Development/OpenWrt/openwrt/staging_dir/toolchain-powerpc64_e5500_gcc-11.2.0_musl/include/fortify/stdio.h: In function 'snprintf':
/home/stijn/Development/OpenWrt/openwrt/staging_dir/toolchain-powerpc64_e5500_gcc-11.2.0_musl/include/fortify/stdio.h:101:9: error: format not a string literal, argument types not checked [-Werror=format-nonliteral]
101 | return __orig_snprintf(__s, __n, __f, __builtin_va_arg_pack());
| ^~~~~~
/home/stijn/Development/OpenWrt/openwrt/staging_dir/toolchain-powerpc64_e5500_gcc-11.2.0_musl/include/fortify/stdio.h: In function 'sprintf':
/home/stijn/Development/OpenWrt/openwrt/staging_dir/toolchain-powerpc64_e5500_gcc-11.2.0_musl/include/fortify/stdio.h:110:17: error: format not a string literal, argument types not checked [-Werror=format-nonliteral]
110 | __r = __orig_snprintf(__s, __b, __f, __builtin_va_arg_pack());
| ^~~
/home/stijn/Development/OpenWrt/openwrt/staging_dir/toolchain-powerpc64_e5500_gcc-11.2.0_musl/include/fortify/stdio.h:114:17: error: format not a string literal, argument types not checked [-Werror=format-nonliteral]
114 | __r = __orig_sprintf(__s, __f, __builtin_va_arg_pack());
| ^~~
Disable fortify source for the package as a workaround.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
No longer present. The original reason for having it was an unfortunate
side effect of the way meson uses HOST_LDFLAGS. Since the transistion to
use dependency('iconv'), this is no longer relevant.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
wolfssl/options.h needs to be included before the other wolfssl headers
to enable OpenSSL API required to build the package.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
libarchive looks for ext2fs headers during configure, and if it finds
them it will expect to find them during compile, or on the rare occasion
when they aren't it will fail:
libarchive/archive_entry.c:59:55: fatal error: ext2fs/ext2_fs.h: No such file or directory
As we just need headers for some type constants, let's re-use headers
from tools/e2fsprogs package which are always available.
Reported-by: Adam Dov <adov@maxlinear.com>
Suggested-by: Paul Eggleton <paul.eggleton@linux.intel.com>
References: https://git.yoctoproject.org/poky/commit/?id=f0b9a7cf9f80be1917e45266fa201f464a28c1e5
Signed-off-by: Petr Štetiar <ynezz@true.cz>
- Removed duplicate function definition from util.h
- Increased size of dictionary vendor and values to 32-bits from 16;
this breaks the ABI from the previous release.
- Corrected a string termination issue in rc_avpair_tostr()
- Added functions to create dictionary without a file:
rc_dict_addattr
rc_dict_addval
rc_dict_addvend
Signed-off-by: Nick Hainke <vincent@systemli.org>
The totem-pl-parser library seems to rely on freedesktop.org's MIME-type
definitions to parse playlist files. Without them, parsing will produce
a TOTEM_PL_PARSER_RESULT_IGNORED error.
Signed-off-by: W. Michael Petullo <mike@flyn.org>
glib2's meson.build runs check cc.has_function('ngettext', args :
osx_ldflags) and, if successful, it never looks for non-libc libintl.
For musl and glibc this test is always successful.
glib2 unconditionally sets ENABLE_NLS, so during compile <libintl.h>
gets included always. But then we have a disconnect when the OpenWrt pkg
is being built with BUILD_NLS=y, because the <libintl.h> will be from
libintl-full but glib2 will not link to libintl-full.
With BUILD_NLS=n there's no problem, because the <libintl.h> will be
from libc.
In lieu of proper libintl detection in glib2's meson build, removing the
SED call from the Makefile together with the added patch sorts this out.
The SED call can be removed because when we force libintl-full use, the
meson build will put the necessary linker flag into the pkg-config file
itself.
Alpine Linux does something similar (see [1]), but they always force
the use of the external libintl. I assume they always go for full NLS
support.
[1] https://git.alpinelinux.org/aports/tree/main/glib/musl-libintl.patch
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
This commit fixes an issue where the `libcoap-3-notls.so` is not installed,
in some cases leaving the target's root with no library and just a broken link
from `libcoap-3.so` to `libcoap-3-notls.so`.
Signed-off-by: Leo Soares <leo@hyper.ag>
