Backport a bunch of patches that fixes build
when using new Autoconf and Automake.
The patches removed are replaced by upstream backports
which are more complete.
Signed-off-by: Michael Pratt <mcpratt@pm.me>
This release includes a fix for CVE-2022-1215, a format string
vulnerabilty in the evdev device handling. For details, see
https://gitlab.freedesktop.org/libinput/libinput/-/issues/752
Peter Hutterer (2):
evdev: strip the device name of format directives
libinput 1.19.4
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Release date: 2022-08-11
Adresses CVE-2022-2625.
For more details, please see the release notes[1].
[1]: https://www.postgresql.org/docs/release/14.5/
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Noteworthy changes in version 1.18.0 (2022-08-10)
-------------------------------------------------
* New keylist mode to force refresh via external methods. [T5951]
* The keylist operations now create an import result to report the
result of the locate keylist modes. [T5951]
* core: Return BAD_PASSPHRASE error code on symmetric decryption
failure. [T5939]
* cpp, qt: Do not export internal symbols anymore. [T5906]
* cpp, qt: Support revocation of own OpenPGP keys. [T5904]
* qt: The file name of (signed and) encrypted data can now be set. [T6056]
* cpp, qt: Support setting the primary user ID. [T5938]
* python: Fix segv(NULL) when inspecting contect after exeception. [T6060]
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
The SX1302 hardware abstraction layer is required by the basicstation
to control the concentrator based on SX1302/SX1303 chip.
Signed-off-by: Marcus Schref <mschref@web.de>
The full variant should conflict with the default variant. This prevents that
libgd and libgd-full could be installed side by side, and also, the full
variant should provide the libgd. Otherwise, if you install libgd-full,
you can not install vnstat.
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
This commit restores the patch for libboost_context for mips64 given
that the upstream update added in 1.80.0 does not fully fixes the issue.
Signed-off-by: Carlos Miguel Ferreira <carlosmf.pt@gmail.com>
- libgnutls: Fixed double free during verification of pkcs7 signatures.
Reported by Jaak Ristioja (#1383). [GNUTLS-SA-2022-07-07, CVSS: medium]
[CVE-2022-2509]
- libgnutls: gnutls_hkdf_expand now only accepts LENGTH argument less than or
equal to 255 times hash digest size, to comply with RFC 5869 2.3.
- libgnutls: Length limit for TLS PSK usernames has been increased
from 128 to 65535 characters (#1323).
- libgnutls: AES-GCM encryption function now limits plaintext
length to 2^39-256 bits, according to SP800-38D 5.2.1.1.
- libgnutls: New block cipher functions have been added to transparently
handle padding. gnutls_cipher_encrypt3 and gnutls_cipher_decrypt3 can be
used in combination of GNUTLS_CIPHER_PADDING_PKCS7 flag to automatically
add/remove padding if the length of the original plaintext is not a multiple
of the block size.
- libgnutls: New function for manual FIPS self-testing.
API and ABI modifications:
- gnutls_fips140_run_self_tests: New function
- gnutls_cipher_encrypt3: New function
- gnutls_cipher_decrypt3: New function
- gnutls_cipher_padding_flags_t: New enum
Signed-off-by: Nick Hainke <vincent@systemli.org>
Not really needed for anything. Patch taken from upstream.
Remove obsolete libpthread and librt dependencies.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Fixes compilation under some hosts.
Added PKG_BUILD_PARALLEL for faster compilation.
Some small cleanups for consistency between packages.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
The glib2 package fails to build when CONFIG_PKG_FORTIFY_SOURCE_1 or
CONFIG_PKG_FORTIFY_SOURCE_2 is enabled in the OpenWrt config:
In file included from ../glib/libcharset/localcharset.c:28:
/home/stijn/Development/OpenWrt/openwrt/staging_dir/toolchain-powerpc64_e5500_gcc-11.2.0_musl/include/fortify/stdio.h: In function 'snprintf':
/home/stijn/Development/OpenWrt/openwrt/staging_dir/toolchain-powerpc64_e5500_gcc-11.2.0_musl/include/fortify/stdio.h:101:9: error: format not a string literal, argument types not checked [-Werror=format-nonliteral]
101 | return __orig_snprintf(__s, __n, __f, __builtin_va_arg_pack());
| ^~~~~~
/home/stijn/Development/OpenWrt/openwrt/staging_dir/toolchain-powerpc64_e5500_gcc-11.2.0_musl/include/fortify/stdio.h: In function 'sprintf':
/home/stijn/Development/OpenWrt/openwrt/staging_dir/toolchain-powerpc64_e5500_gcc-11.2.0_musl/include/fortify/stdio.h:110:17: error: format not a string literal, argument types not checked [-Werror=format-nonliteral]
110 | __r = __orig_snprintf(__s, __b, __f, __builtin_va_arg_pack());
| ^~~
/home/stijn/Development/OpenWrt/openwrt/staging_dir/toolchain-powerpc64_e5500_gcc-11.2.0_musl/include/fortify/stdio.h:114:17: error: format not a string literal, argument types not checked [-Werror=format-nonliteral]
114 | __r = __orig_sprintf(__s, __f, __builtin_va_arg_pack());
| ^~~
Disable fortify source for the package as a workaround.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
No longer present. The original reason for having it was an unfortunate
side effect of the way meson uses HOST_LDFLAGS. Since the transistion to
use dependency('iconv'), this is no longer relevant.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
wolfssl/options.h needs to be included before the other wolfssl headers
to enable OpenSSL API required to build the package.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
