libudev-zero bump to 1.0.3. Resolves bug with USBIP.
Error behavior with USBIP attach:
libusbip: error: no available ports
usbip: error: open vhci_driver
usbip: error: list imported devices
Expected behaviour - USBIP:
root@OpenWrt:~# usbip port
Imported USB devices
Signed-off-by: Taylor Brown <taylorami@hotmail.com>
Update to version 9.97.1 of easyloggingpp
Changelog from upstream
* Ensuring the build on ARM64 works
* Update gtest and cmake now requires C++14 because of that
Compile tested: arm_cortex-a7_neon-vfpv4, mips_24kc, aarch64_cortex-a53
Run tested: Linksys MR8300 (arm_cortex-a7_neon-vfpv4)
GL.iNet GL-A1800 (arm_cortex-a7_neon-vfpv4)
TP-Link_Archer A7 (mips_24kc),
GL.iNet GL-MT3000 (aarch64_cortex-a53)
Signed-off-by: Volker Christian <me@vchrist.at>
Maintainer: me@vchrist.at
Compile tested: OpenWRT-23.05-rc2, arm_cortex-a7_neon-vfpv4, mips_24kc
Run tested: arm_cortex-a7_neon-vfpv4 (Linksys MR8300), mips_24kc (tplink_archer-a7), OpenWrt 23.05-rc2
Description:
Easylogging++ is single header efficient logging library for C++ applications. It is extremely powerful,
highly extendable and configurable to user's requirements.
Signed-off-by: Volker Christian <me@vchrist.at>
Compile tested: OpenWRT-23.05-rc2, arm_cortex-a7_neon-vfpv4, mips_24kc
Run tested: arm_cortex-a7_neon-vfpv4 (Linksys MR8300), mips_24kc (tplink_archer-a7), OpenWrt 23.05-rc2)
* Update package nlohmannjson to version 3.11.2.
* Version 3.11.2 is source compatible with 3.10.2 so no package should fail to compile
* From version 3.11.2 on forward template declarations are collected in the file
json_fwd.hpp. The json.hpp still contains all template definitions.
Because in most compilation units of a software package only the file json_fwd.hpp
needs to be included, the compilation process is accelerated a lot.
Signed-off-by: Volker Christian <me@vchrist.at>
Executables depending on binary package libmagic segfault in case
package file is not installed. Libmagic needs file
/usr/share/misc/magic to not segfault. Thus, install
/usr/share/misc/magic along with libmagic and not with file.
Signed-off-by: Volker Christian <me@vchrist.at>
with gcc 13 libwebsockets fails with -Werror=enum-int-mismatch with both
SSL variants. These 2 patches work out that issue. Problem is mentioned
as a issue in openwrt/packages#20949 and instead of overriding issue
with appropriate CFLAGS, this approach was suggested for me as it's
been made as a PR (for openssl) at warmcat/libwebsockets#2824
Second patch for mbedtls, was made by me using same approach
as was used of openssl.
Eventually these propably will be merged into libwebsockets mainstream.
Signed-off-by: Oskari Rauta <oskari.rauta@gmail.com>
The initial value takes 80kB of memory for each HTTP/2 connection
which is a lot on small devices. Using 8kB instead saves a fair
amount of memory without sacrificing performance.
Signed-off-by: Remi Gacogne <remi.gacogne@powerdns.com>
The map takes a fair amount of memory and the only consumer of this
library, dnsdist, does not need it.
Signed-off-by: Remi Gacogne <remi.gacogne@powerdns.com>
The only package using this library, dnsdist, does not require it
so let's save space and PSS memory.
Signed-off-by: Remi Gacogne <remi.gacogne@powerdns.com>
This is a security and bugfix release.
Security
o CVE-2023-32067. High. 0-byte UDP payload causes Denial of Service
o CVE-2023-31147. Moderate. Insufficient randomness in generation of DNS query IDs
o CVE-2023-31130. Moderate. Buffer Underwrite in ares_inet_net_pton()
o CVE-2023-31124. Low. AutoTools does not set CARES_RANDOM_FILE during cross compilation
Fixing libcares.pc
The pkg-config file libcares.pc in version 1.19.1 has been changed to be unsuitable for OpenWrt
and causes build errors with Openwrt packages that use libcares.
For this reason, libcares.pc was replaced.
Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
1.45.0
* linux: introduce io_uring support
* src: add new metrics APIs
* unix,win: give thread pool threads an 8 MB stack
* win,unix: change execution order of timers
1.44.2
* loop: better align order-of-events behavior between platforms
* zos: fix fs event not fired if the watched file is moved/removed/recreated
* win: Fix pipe resource leak if closed during connect (and other bugs)
* zos: don't error when killing a zombie process
* macos: avoid posix_spawnp() cwd bug
* kqueue: skip EVFILT_PROC events when invalidating events for an fd.
Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
Tests are breaking compilation for mipsel targets because of the removal
of the sysmips call. Let's just not build them.
While at it, remove patches from 1.1 version and move the current ones
to the default 'patches' directory.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
ICU 73.2 updates to CLDR 43.1 locale data. These are maintenance releases for ICU 73 and CLDR 43, with limited sets of bug fixes and no API or structural changes.
Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
A compiler bug (suspiciously) blocks gnulib compilation for
mipsel_24kc_24kf. While we had this patch to disable gnulib, it was
accidentally removed by 5d27631d9f. Add it
back to fix the long broken build for mipsel_24kc_24kf.
Fixes: #19511
Signed-off-by: Jitao Lu <dianlujitao@gmail.com>
Imported patches included in debian and other package.
* 200-Fix-NULL-pointer-crashes-from-175.patch
CVE-2021-3502
A flaw was found in avahi 0.8-5. A reachable assertion is present in avahi_s_host_name_resolver_start function allowing a local attacker to crash the avahi service by requesting hostname resolutions through the avahi socket or dbus methods for invalid hostnames. The highest threat from this vulnerability is to the service availability.
* 201-Avoid-infinite-loop-in-avahi-daemon-by-handling-HUP-event.patch
CVE-2021-3468
A flaw was found in avahi in versions 0.6 up to 0.8. The event used to signal the termination of the client connection on the avahi Unix socket is not correctly handled in the client_work function, allowing a local attacker to trigger an infinite loop. The highest threat from this vulnerability is to the availability of the avahi service, which becomes unresponsive after this flaw is triggered.
* 202-avahi_dns_packet_consume_uint32-fix-potential-undefined-b.patch
avahi_dns_packet_consume_uint32 left shifts uint8_t values by 8, 16 and 24 bits to combine them into a 32-bit value. This produces an undefined behavior warning with gcc -fsanitize when fed input values of 128 or 255 however in testing no actual unexpected behavior occurs in practice and the 32-bit uint32_t is always correctly produced as the final value is immediately stored into a uint32_t and the compiler appears to handle this "correctly".
Cast the intermediate values to uint32_t to prevent this warning and ensure the intended result is explicit.
* 203-Do-not-disable-timeout-cleanup-on-watch-cleanup.patch
This was causing timeouts to never be removed from the linked list that tracks them, resulting in both memory and CPU usage to grow larger over time.
* 204-Emit-error-if-requested-service-is-not-found.patch
It currently just crashes instead of replying with error. Check return
value and emit error instead of passing NULL pointer to reply.
* 205-conf-file-line-lengths.patch
Allow avahi-daemon.conf file to have lines longer than 256 characters (new limit 1024).
Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
From the documentation:
GNU MPC is a portable library written in C for arbitrary precision
arithmetic on complex numbers providing correct rounding. It implements
a multiprecision equivalent of the C99 standard. It builds upon the GNU
MP and the GNU MPFR libraries.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
From the documentation:
MPFR is a portable library written in C for arbitrary precision
arithmetic on floating-point numbers. It is based on the GNU MP library.
It aims to provide a class of floating-point numbers with precise
semantics.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
Zabbix verifies the version of gnutls by search in the header gnutls.h.
This is done with 'cat' and 'egrep'. The problem here is now that the
preprocess definition did changed in gnutls.h, so the regex does not
match anymore.
The following error message acourse in the log:
> configure: error: GnuTLS library version requirement not met (>= 3.1.18)
To fix this backport an upstream patch to let the regex work again.
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
musl 1.2.4 deprecated legacy "LFS64" ("large file support") interfaces so
just having _GNU_SOURCE defined is not enough anymore.
Backport an upstream fix to replace these old data types.
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
pcre is no longer needed in the base repository. However, some packages
still rely on it in the packages and telephony feed.
Cross-reference to base repository:
e3e6652a550d ("pcre: move package to packages feed")
While working on it remove AUTORELEASE.
Signed-off-by: Nick Hainke <vincent@systemli.org>
The package is needed by selinux, so it was moved to the base repository.
Remove it from openwrt packages feed.
Cross-reference:
c39b0646f3f2 ("pcre2: import pcre2 from packages feed")
Signed-off-by: Nick Hainke <vincent@systemli.org>
musl 1.2.4 deprecated legacy "LFS64" ("large file support") interfaces so
just having _GNU_SOURCE defined is not enough anymore.
Manually pass -D_LARGEFILE64_SOURCE to allow to keep using LFS64 definitions.
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
Fix compilation warning due to wrong cast.
In file included from ./include/linux/kernel.h:19,
from /home/ansuel/openwrt-ansuel/openwrt/build_dir/target-aarch64_cortex-a53_musl/linux-ipq807x_generic/dmx_usb_module-19.12.1/dmx_usb.c:16:
/home/ansuel/openwrt-ansuel/openwrt/build_dir/target-aarch64_cortex-a53_musl/linux-ipq807x_generic/dmx_usb_module-19.12.1/dmx_usb.c: In function 'dmx_usb_write':
./include/linux/kern_levels.h:5:25: error: format '%d' expects argument of type 'int', but argument 4 has type 'size_t' {aka 'long unsigned int'} [-Werror=format=]
5 | #define KERN_SOH "\001" /* ASCII Start Of Header */
| ^~~~~~
./include/linux/printk.h:422:25: note: in definition of macro 'printk_index_wrap'
422 | _p_func(_fmt, ##__VA_ARGS__); \
| ^~~~
/home/ansuel/openwrt-ansuel/openwrt/build_dir/target-aarch64_cortex-a53_musl/linux-ipq807x_generic/dmx_usb_module-19.12.1/dmx_usb.c:41:45: note: in expansion of macro 'printk'
41 | #define dbg(format, arg...) do { if (debug) printk(KERN_DEBUG __FILE__ ": " format "\n" , ## arg); } while (0)
| ^~~~~~
./include/linux/kern_levels.h:15:25: note: in expansion of macro 'KERN_SOH'
15 | #define KERN_DEBUG KERN_SOH "7" /* debug-level messages */
| ^~~~~~~~
/home/ansuel/openwrt-ansuel/openwrt/build_dir/target-aarch64_cortex-a53_musl/linux-ipq807x_generic/dmx_usb_module-19.12.1/dmx_usb.c:41:52: note: in expansion of macro 'KERN_DEBUG'
41 | #define dbg(format, arg...) do { if (debug) printk(KERN_DEBUG __FILE__ ": " format "\n" , ## arg); } while (0)
| ^~~~~~~~~~
/home/ansuel/openwrt-ansuel/openwrt/build_dir/target-aarch64_cortex-a53_musl/linux-ipq807x_generic/dmx_usb_module-19.12.1/dmx_usb.c:409:9: note: in expansion of macro 'dbg'
409 | dbg("%s - minor %d, count = %d", __FUNCTION__, dev->minor, count);
| ^~~
cc1: all warnings being treated as errors
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Fix simple compilation warning with checking statically allocated
variables and missing fallthrough.
Fix compilation warning:
/home/ansuel/openwrt-ansuel/openwrt/build_dir/target-aarch64_cortex-a53_musl/linux-ipq807x_generic/PF_RING-8.0.0/kernel/pf_ring.c: In function 'ring_release':
/home/ansuel/openwrt-ansuel/openwrt/build_dir/target-aarch64_cortex-a53_musl/linux-ipq807x_generic/PF_RING-8.0.0/kernel/pf_ring.c:5489:6: error: the comparison will always evaluate as 'true' for the address of 'name' will never be NULL [-Werror=address]
5489 | && pfr->zc_device_entry->zc_dev.dev->name) {
| ^~
In file included from ./include/linux/rtnetlink.h:7,
from /home/ansuel/openwrt-ansuel/openwrt/build_dir/target-aarch64_cortex-a53_musl/linux-ipq807x_generic/PF_RING-8.0.0/kernel/pf_ring.c:84:
./include/linux/netdevice.h:1986:33: note: 'name' declared here
1986 | char name[IFNAMSIZ];
| ^~~~
/home/ansuel/openwrt-ansuel/openwrt/build_dir/target-aarch64_cortex-a53_musl/linux-ipq807x_generic/PF_RING-8.0.0/kernel/pf_ring.c: In function 'ring_bind':
/home/ansuel/openwrt-ansuel/openwrt/build_dir/target-aarch64_cortex-a53_musl/linux-ipq807x_generic/PF_RING-8.0.0/kernel/pf_ring.c:5620:18: error: the comparison will always evaluate as 'false' for the address of 'sa_data' will never be NULL [-Werror=address]
5620 | if(sa->sa_data == NULL)
| ^~
In file included from /home/ansuel/openwrt-ansuel/openwrt/build_dir/target-aarch64_cortex-a53_musl/linux-ipq807x_generic/PF_RING-8.0.0/kernel/pf_ring.c:82:
./include/linux/socket.h:34:25: note: 'sa_data' declared here
34 | char sa_data[14]; /* 14 bytes of protocol address */
| ^~~~~~~
/home/ansuel/openwrt-ansuel/openwrt/build_dir/target-aarch64_cortex-a53_musl/linux-ipq807x_generic/PF_RING-8.0.0/kernel/pf_ring.c: In function 'hash_pkt_cluster':
/home/ansuel/openwrt-ansuel/openwrt/build_dir/target-aarch64_cortex-a53_musl/linux-ipq807x_generic/PF_RING-8.0.0/kernel/pf_ring.c:3937:7: error: this statement may fall through [-Werror=implicit-fallthrough=]
3937 | if(l3_proto == IPPROTO_TCP)
| ^
/home/ansuel/openwrt-ansuel/openwrt/build_dir/target-aarch64_cortex-a53_musl/linux-ipq807x_generic/PF_RING-8.0.0/kernel/pf_ring.c:3944:3: note: here
3944 | case cluster_per_flow_2_tuple:
| ^~~~
cc1: all warnings being treated as errors
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Since a few days staging_dir/host/share/aclocal/ contains new m4 files
(libunistring-base.m4, libunistring-optional.m4, libunistring.m4 etc.)
that get applied during autoreconf. This changes the libunistring setup
enough that we run into problem (builds fail).
Load the libunistring-optional gnulib module in configure.ac to be able
to add/use the new configure switch "--with-included-libunistring".
This is at most a workaround. This should be followed up with gnutls
upstream to clean this up.
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
When building with cmake we don't get libvorbis*.so.N which means that
some applications may fail to dynamically load libvorbis libraries.
This seems to be a problem specific to cmake (autotools builds work).
Signed-off-by: Robert Högberg <robert.hogberg@gmail.com>
If buildsystem does not have a internet connection, then the build
fails. This is because of the fact, that glib2 is downloading and building
the missing dependencies during host compilation.
This cannot be allowed to happen. The package must also be built without
an internet connection.
Adding the missing host build dependency and removing the 'forcefallback'
fixes this issue.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
Fixes: https://github.com/openwrt/openwrt/issues/12542
The detailed list of changes follows:
* Version 3.8.0 (released 2023-02-09)
** libgnutls: Fix a Bleichenbacher oracle in the TLS RSA key exchange.
Reported by Hubert Kario (#1050). Fix developed by Alexander Sosedkin.
[GNUTLS-SA-2020-07-14, CVSS: medium] [CVE-2023-0361]
** libgnutls: C++ library is now header only. All definitions from
gnutlsxx.c have been moved into gnutlsxx.h. Users of the C++
interface have two options:
1. include gnutlsxx.h in their application and link against
the C library. (default)
2. include gnutlsxx.h in their application, compile with
GNUTLS_GNUTLSXX_NO_HEADERONLY macro defined and link
against the C++ library.
** libgnutls: GNUTLS_NO_STATUS_REQUEST flag and %NO_STATUS_REQUEST
priority modifier have been added to allow disabling of the
status_request TLS extension in the client side.
** libgnutls: TLS heartbeat is disabled by default.
The heartbeat extension in TLS (RFC 6520) is not widely used given
other implementations dropped support for it. To enable back
support for it, supply --enable-heartbeat-support to configure
script.
** libgnutls: SRP authentication is now disabled by default.
It is disabled because the SRP authentication in TLS is not up to
date with the latest TLS standards and its ciphersuites are based
on the CBC mode and SHA-1. To enable it back, supply
--enable-srp-authentication option to configure script.
** libgnutls: All code has been indented using "indent -ppi1 -linux".
CI/CD has been adjusted to catch regressions. This is implemented
through devel/indent-gnutls, devel/indent-maybe and .gitlab-ci.yml’s
commit-check. You may run devel/indent-gnutls to fix any
indentation issues if you make code modifications.
** guile: Guile-bindings removed.
They have been extracted into a separate project to reduce complexity
and to simplify maintenance, see <https://gitlab.com/gnutls/guile/>.
** minitasn1: Upgraded to libtasn1 version 4.19.
** API and ABI modifications:
GNUTLS_NO_STATUS_REQUEST: New flag
GNUTLS_SRTP_AEAD_AES_128_GCM: New gnutls_srtp_profile_t enum member
GNUTLS_SRTP_AEAD_AES_256_GCM: New gnutls_srtp_profile_t enum member
Signed-off-by: Antonio Flores <antflores627@gmail.com>
Remove libxml2 that was moved into the main OpenWrt repo.
Commit in OpenWrt: 9b0b46985c112c664354dc745d8cfb313166744b
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
Remove gperf that was moved into the main OpenWrt repo.
Commit in OpenWrt: 2070a2ca27bdb2b1e4e1587274e192e42f247516
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
SSL_get_peer_certificate() is deprecated, OpenSSL v3.0 added
SSL_get0_peer_certificate() and SSL_get1_peer_certificate().
Use the latter since the return value is explicitely X509_free()ed
here, see [0].
[0] https://www.openssl.org/docs/manmaster/man3/SSL_get_peer_certificate.html
Signed-off-by: Andre Heider <a.heider@gmail.com>
Do not build shared libraries to avoid host programs to dynamic link
libraries at non-standard paths.
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
Automatically compute and substitute current values for all
$(AUTORELEASE) instances as this feature is deprecated and shouldn't be
used.
The following temporary change was made to the core:
diff --git a/rules.mk b/rules.mk
index 57d7995d4fa8..f16367de87a8 100644
--- a/rules.mk
+++ b/rules.mk
@@ -429,7 +429,7 @@ endef
abi_version_str = $(subst -,,$(subst _,,$(subst .,,$(1))))
COMMITCOUNT = $(if $(DUMP),0,$(call commitcount))
-AUTORELEASE = $(if $(DUMP),0,$(call commitcount,1))
+AUTORELEASE = $(if $(DUMP),0,$(shell sed -i "s/\$$(AUTORELEASE)/$(call commitcount,1)/" $(CURDIR)/Makefile))
all:
FORCE: ;
And this command used to fix affected packages:
for i in $(cd feeds/packages; git grep -l PKG_RELEASE:=.*AUTORELEASE | \
sed 's^.*/\([^/]*\)/Makefile^\1^';);
do
make package/$i/download
done
Signed-off-by: Paul Fertser <fercerpav@gmail.com>
Description:
It updates to CLDR 43 locale data with various additions and corrections.
ICU 73 improves Japanese and Korean short-text line breaking, reduces C++ memory use in date formatting, and promotes the Java person name formatter from tech preview to draft.
ICU 73 and CLDR 43 are minor releases, mostly focused on bug fixes and small enhancements. (The fall CLDR/ICU releases will update to Unicode 15.1 which is planned for September.)
ICU 73 updates to the time zone data version 2023c (2023-mar). Note that pre-1970 data for a number of time zones has been removed, as has been the case in the upstream tzdata release since 2021b.
Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
See commit 07730ff3 "treewide: add support for "lto" in PKG_BUILD_FLAGS"
on the main repository.
Note: Some packages only added `-flto` to CFLAGS and not LDFLAGS. This
fixes it and properly enables LTO.
Signed-off-by: Andre Heider <a.heider@gmail.com>
See commit da370098 "treewide: add support for "gc-sections" in
PKG_BUILD_FLAGS" on the main repository.
Note: This only touches packages which use all three parts
(-ffunction-sections, -fdata-sections and -Wl,--gc-sections) enabled by
this build flag. Some packages only use a subset, and these are left
unchanged for now.
Signed-off-by: Andre Heider <a.heider@gmail.com>
See commit 5c545bdb "treewide: replace PKG_USE_MIPS16:=0 with
PKG_BUILD_FLAGS:=no-mips16" on the main repository.
Signed-off-by: Andre Heider <a.heider@gmail.com>
This adapts the package to the new include/openssl-module.mk, and
updated runtime configuration.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
This adapts the package to the new include/openssl-module.mk, and
updated runtime configuration.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
After recent autotools update, rpcsvc-proto no longer
compiles without autoreconf fixup because automake 1.15
is not found.
Signed-off-by: Oskari Rauta <oskari.rauta@gmail.com>
Allow build of libjpeg as a static library as well;
one is provided for libpng and possibly for other
formats as well.
Signed-off-by: Oskari Rauta <oskari.rauta@gmail.com>
This adds a host build which can be used later by tools,
e.g. swig - which in turn is used by gensio package to
provide python bindings.
While at, switch back from $(AUTORELEASE).
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
This reverts commit 983835afe6.
I merged the library update to v2.0 to fast, it breaks openocd build
due to API change.
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
This reverts commit 82ea104b97.
I merged the library update to v2.0 to fast, it breaks openocd build
due to API change.
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
This updates this library to the latest major version.
Since the Python binding build changed in this version,
let's switch to the Py3Package infrastructure.
Also the older v1 kernel interface is not used anymore,
so we can drop this part of the kernel configuration.
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
Commit 81d2b72 added a package providing libdeflate. Tiff by default
links to it, causing a build error.
Package libtiff is missing dependencies for the following libraries:
libdeflate.so.0
This commit forces libdeflate use off to avoid this. No revision bump is
done because the package is currently not compiling anyway.
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
Add package for libdeflate which is a library for fast, whole-buffer
DEFLATE-based compression and decompression.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
With OpenSSL soon to be updated to 3.0, the gost engine will have to be
bumped as well. Gost 3.0.0.1 will not build with OpenSSL 1.1.
To avoid disruption, this commit detects the OpenSSL version from
ENGINES_DIR in include/openssl-engin, and sets the package version
accordingly.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
When CC is set to e.g. "ccache mips-openwrt-linux-musl-gcc" it needs
to be quoted to avoid word splitting on substitution.
Signed-off-by: Paul Fertser <fercerpav@gmail.com>
libjaylink is a shared library written in C to access SEGGER J-Link
and compatible devices.
This is used by future OpenOCD versions to handle J-Link debug
adapters.
Signed-off-by: Paul Fertser <fercerpav@gmail.com>
See project release page[1] for more details.
Switch build to use CMake instead of autotools, allows removal of
local patch.
[1]: https://github.com/redis/hiredis/releases
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Fixes issue with use of x86-specific compiler primitives on non-x86
systems which we had previously patched downstream, remove this patch.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
https://www.postgresql.org/docs/release/15.0/https://www.postgresql.org/docs/release/15.1/
A dump/restore using pg_dumpall or use of pg_upgrade or logical
replication is required for those wishing to migrate data from any
previous release.
Do not backport to release branch which should remain on version 14.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Changelog from upstream (https://github.com/getdnsapi/getdns/releases/tag/v1.7.3):
* 2022-12-22: Version 1.7.3
* PR getdnsapi/getdns#532: Increase CMake required version 3.5 -> 3.20, because we
need cmake_path for Absolute paths in pkg-config (See Issue getdnsapi/getdns#517)
Thanks Gabriel Ganne
* Updated to Stubby 0.4.3 quickfix release
* 2022-08-19: Version 1.7.2
* Stubby updated to 0.4.2 quickfix release
* 2022-08-19: Version 1.7.1
* Always send the `dot` ALPN when using DoT
* Strengthen version determination for Libidn2 during cmake processing
(thanks jpbion).
* Fix for issue in UDP stream selection in case of timeouts.
Thanks Shikha Sharma
* Fix using asterisk in ipstr for any address. Thanks uzlonewolf.
* Issue getdnsapi/stubby#295: rdata not correctly written for validation for
certain RR type. Also, set default built type to RelWithDebInfo and
expose CFLAGS via GETDNS_BUILD_CFLAGS define and via
getdns_context_get_api_information()
* Issue getdnsapi/getdns#524: Bug fixes from submodules' upstream?
Thanks Johnnyslee
* Issue getdnsapi/getdns#517: Allow Absolute path CMAKE_INSTALL_{INCLUDE,LIB}DIR in
pkg-config files. Thanks Alex Shpilkin
* Issue getdnsapi/getdns#512: Update README.md to show correct PGP key location.
Thanks Katze Prior.
Signed-off-by: Aquila Cooper <aquila@cpr.is>
The commit adding uloop support failed to actually install the .so and
add the correct dependencies.
[2022/12/26 18:19:38:1835] E: lws_create_context: failed to load evlib_uloop
Fixes: 1557ac367a ("libwebsockets: enable built in uloop support")
Signed-off-by: John Crispin <john@phrozen.org>
This library needs the kernel config option 'CONFIG_GPIO_CDEV_V1=y' to
be set. If this is not set, the tool 'gpioinfo' produces the error message
'error creating line iterator'. Add the missing kernel config option to
build CDEV with API Version 1 fixes this.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
this Makefile still used `CONFIG_GCC_USE_VERSION_*` to select various
compilation options, for GCC versions that are antiquated
convert to parsing the major from the `CONFIG_GCC_VERSION` which will
always exist and can also be used with range logic
intent seemed to be:
* `-std=gnu++20` for "=10" (and newer, probably)
* `-std=gnu++14` for "=5"
* `-std=gnu++17` for "not =10 and not =5"
GCC 11 or 12 would likely revert to the default (6 through 9) option
with those, because 10 was the newest at the time, and 11 and 12 are
"not =10 and not =5"
probably the GCC 5 support could be removed, not sure about 9 and 10
Signed-off-by: Tony Butler <spudz76@gmail.com>
Remove no longer needed downstream patches.
Changes since 0.32:
add byte_start, byte_starts
add a man page for byte_equal_notimingattack
buffer_seek is no longer limited to the current buffer contents
add automated way to run unit test: make check
add parse.h
add bytestream abstraction for parsing data from a buffer or a file
add compiler.h to abstract gcc attributes
add fmt_strm_malloc
add cross references to open_* and mmap_* man pages
add fmt_strm_alloca and fmt_strm_malloc man pages
add buffer_init_allocbuf, buffer_init_read, buffer_init_write,
buffer_init_read_allocbuf, buffer_init_write_allocbuf
fix buffer overread for len=0 in scan_longn (Martin Castillo)
add iob_write2 with sendfile callback so caller can use OpenSSL's
SSL_sendfile
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
This commit updates boost to version 1.81.0
A new library is available:
- URL [1]: A library for parsing, modifying, and printing URLs using
only C++11, from Vinnie Falco and Alan de Freitas. Features include
fast compilation, strong invariants, and strict compliance using a
memory-friendly approach.
More info about Boost 1.81.0 can be found at the usual place [2].
[1]: https://www.boost.org/doc/libs/1_81_0/libs/url/doc/html/index.html
[2]: https://www.boost.org/users/history/version_1_81_0.html
Signed-off-by: Carlos Miguel Ferreira <carlosmf.pt@gmail.com>
1. Added a new option for SQLITE3_COLUMN_METADATA.
2. Minor cleanup Makefile and fixed 2 typo errors.
Fixes: CVE-2022-35737
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
Packages like libassuan and libksba would not compile after updating
libgpg-error to 1.46. This was because gpg-error.m4 (and thus the affected
packages' configure scripts) relies on gpgrt-config, which in turn needs
access to gpg-error.pc. This modifies the libgpg-error build process to
copy gpg-error.pc to OpenWrt's staging directory, so that it is available
for subsequent dependent package builds.
Fixes: https://github.com/openwrt/packages/issues/19880
Signed-off-by: W. Michael Petullo <mike@flyn.org>
This fixes the following error message seen when compiling against
glibc 2.36:
from scan/scan_httpdate.c:3:
include/sys/cdefs.h:338:65: error: macro "__has_attribute" requires an identifier
338 | #if __GNUC_PREREQ (3,2) || __glibc_has_attribute (__deprecated__)
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
By default, gdbm configures/builds with readline and curses support
if they exist.
This can cause race conditions when compiling gdbm and ncurses in
parallel, as gdbm may try to link to ncurses when it doesn't exist.
This commit forces gdbm to skip using readline/ncurses, since it's
unlikely that anybody is using the line-editing feature of gdbm.
See [gdbm's README][1] for more info.
[1]: https://git.gnu.org.ua/gdbm.git/tree/README?h=v1.21#n50
Signed-off-by: Alois Klink <alois@aloisklink.com>
While running `make menuconfig`, it was discovered then there is a
recursive dependency like this:
tmp/.config-package.in:59138:error: recursive dependency detected!
tmp/.config-package.in:59138: symbol PACKAGE_libwebsockets-openssl is selected by PACKAGE_libwebsockets-mbedtls
tmp/.config-package.in:59122: symbol PACKAGE_libwebsockets-mbedtls depends on PACKAGE_libwebsockets-openssl
It is not possible with the recently added conflicts that two packages
(OpenSSL and full variant, which uses OpenSSL as well), which are almost the same
provides the same named package libwebsockets as their conflict - Mbed
TLS.
Fixes: 676c5c72b5 ("libwebsockets: OpenSSL
and mbedTLS variants should conflict")
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
They provide the same files, but they don't conflict to each other, this
means that users can install them side by side.
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
For some time, it is not possible to install ttyd and mosquitto-ssl at the
same time, so let's solve it that libwebsockets-full provides
libwebsockets-openssl. This allows to install ttyd and mosquitto at
the same time.
Also, we need to add conflict, because we should not have installed
libwebsockets-openssl and libwebsockets-full at the same time as they
provides the same files.
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
The official download mirror does not host 3.1.12 anymore. Update to
newest version to solve the issue.
Signed-off-by: Nick Hainke <vincent@systemli.org>
It updates to Unicode 15, including new characters, scripts, emoji, and corresponding API constants. It also updates to CLDR 42 locale data with various additions and corrections.
ICU 72 adds technology preview implementations for person name formatting, as well as for a new version of message formatting based on a proposed draft Unicode specification.
Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
Noteworthy changes in version 1.6.2 (2022-10-07) [C22/A14/R2]
------------------------------------------------
* Fix integer overflow in the CRL parser. [rK4b7d9cd4a0]
Release-info: https://dev.gnupg.org/T6230
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
As wolfSSL is having hard time maintaining ABI compatibility between
releases, we need to manually force rebuild of packages depending on
libwolfssl and thus force their upgrade. Otherwise due to the ABI
handling we would endup with possibly two libwolfssl libraries in the
system, including the patched libwolfssl-5.5.1, but still have
vulnerable services running using the vulnerable libwolfssl-5.4.0.
So in order to propagate update of libwolfssl to latest stable release
done in commit ec8fb542ec3e4 ("wolfssl: fix TLSv1.3 RCE in uhttpd by
using 5.5.1-stable (CVE-2022-39173)") which fixes several remotely
exploitable vulnerabilities, we need to bump PKG_RELEASE of all packages
using wolfSSL library.
Same bump has been done in buildroot in commit f1b7e1434f66 ("treewide:
fix security issues by bumping all packages using libwolfssl").
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Changes since 4.2 are extensive, as always.
https://libwebsockets.org/git/libwebsockets/tree/changelog?h=v4.3-stable#n4
Eg, Adds CBOR, support for reduced memory CA verification, cookie jars,
mqtt client gains qos2, mbedtls v3, fault injection apis, better support
for event loops.
Signed-off-by: Karl Palsson <karlp@etactica.com>
This package is a dependency for building mausezahn as part of the
netsniff-ng sources. mausezahn is a multicast traffic generator used by
the upcoming kernel-selftests-net-forwarding package.
Signed-off-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com>
libmspack is a library for some loosely related Microsoft compression
formats: CAB, CHM, HLP, LIT, KWAJ and SZDD
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
When libjose is built statically, it must use --whole-archive as it uses
GCC's constructor attribute to initialize itself.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Change the CONFLICTS line from the libgd-full to libgd to fix a
recursive dependency.
While at it, remove the redundant +LIBGD_TIFF:libtiff
+LIBGD_FREETYPE:libfreetype dependencies from Package/libgd/default.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
Fixes a compile error when glib2 is missing.
get rid of nls.mk. iconv/gettext is not used. This was previously here
because of glib2.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Backport a bunch of patches that fixes build
when using new Autoconf and Automake.
The patches removed are replaced by upstream backports
which are more complete.
Signed-off-by: Michael Pratt <mcpratt@pm.me>
This release includes a fix for CVE-2022-1215, a format string
vulnerabilty in the evdev device handling. For details, see
https://gitlab.freedesktop.org/libinput/libinput/-/issues/752
Peter Hutterer (2):
evdev: strip the device name of format directives
libinput 1.19.4
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Release date: 2022-08-11
Adresses CVE-2022-2625.
For more details, please see the release notes[1].
[1]: https://www.postgresql.org/docs/release/14.5/
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Noteworthy changes in version 1.18.0 (2022-08-10)
-------------------------------------------------
* New keylist mode to force refresh via external methods. [T5951]
* The keylist operations now create an import result to report the
result of the locate keylist modes. [T5951]
* core: Return BAD_PASSPHRASE error code on symmetric decryption
failure. [T5939]
* cpp, qt: Do not export internal symbols anymore. [T5906]
* cpp, qt: Support revocation of own OpenPGP keys. [T5904]
* qt: The file name of (signed and) encrypted data can now be set. [T6056]
* cpp, qt: Support setting the primary user ID. [T5938]
* python: Fix segv(NULL) when inspecting contect after exeception. [T6060]
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
The SX1302 hardware abstraction layer is required by the basicstation
to control the concentrator based on SX1302/SX1303 chip.
Signed-off-by: Marcus Schref <mschref@web.de>
The full variant should conflict with the default variant. This prevents that
libgd and libgd-full could be installed side by side, and also, the full
variant should provide the libgd. Otherwise, if you install libgd-full,
you can not install vnstat.
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
This commit restores the patch for libboost_context for mips64 given
that the upstream update added in 1.80.0 does not fully fixes the issue.
Signed-off-by: Carlos Miguel Ferreira <carlosmf.pt@gmail.com>
- libgnutls: Fixed double free during verification of pkcs7 signatures.
Reported by Jaak Ristioja (#1383). [GNUTLS-SA-2022-07-07, CVSS: medium]
[CVE-2022-2509]
- libgnutls: gnutls_hkdf_expand now only accepts LENGTH argument less than or
equal to 255 times hash digest size, to comply with RFC 5869 2.3.
- libgnutls: Length limit for TLS PSK usernames has been increased
from 128 to 65535 characters (#1323).
- libgnutls: AES-GCM encryption function now limits plaintext
length to 2^39-256 bits, according to SP800-38D 5.2.1.1.
- libgnutls: New block cipher functions have been added to transparently
handle padding. gnutls_cipher_encrypt3 and gnutls_cipher_decrypt3 can be
used in combination of GNUTLS_CIPHER_PADDING_PKCS7 flag to automatically
add/remove padding if the length of the original plaintext is not a multiple
of the block size.
- libgnutls: New function for manual FIPS self-testing.
API and ABI modifications:
- gnutls_fips140_run_self_tests: New function
- gnutls_cipher_encrypt3: New function
- gnutls_cipher_decrypt3: New function
- gnutls_cipher_padding_flags_t: New enum
Signed-off-by: Nick Hainke <vincent@systemli.org>
Not really needed for anything. Patch taken from upstream.
Remove obsolete libpthread and librt dependencies.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Fixes compilation under some hosts.
Added PKG_BUILD_PARALLEL for faster compilation.
Some small cleanups for consistency between packages.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
The glib2 package fails to build when CONFIG_PKG_FORTIFY_SOURCE_1 or
CONFIG_PKG_FORTIFY_SOURCE_2 is enabled in the OpenWrt config:
In file included from ../glib/libcharset/localcharset.c:28:
/home/stijn/Development/OpenWrt/openwrt/staging_dir/toolchain-powerpc64_e5500_gcc-11.2.0_musl/include/fortify/stdio.h: In function 'snprintf':
/home/stijn/Development/OpenWrt/openwrt/staging_dir/toolchain-powerpc64_e5500_gcc-11.2.0_musl/include/fortify/stdio.h:101:9: error: format not a string literal, argument types not checked [-Werror=format-nonliteral]
101 | return __orig_snprintf(__s, __n, __f, __builtin_va_arg_pack());
| ^~~~~~
/home/stijn/Development/OpenWrt/openwrt/staging_dir/toolchain-powerpc64_e5500_gcc-11.2.0_musl/include/fortify/stdio.h: In function 'sprintf':
/home/stijn/Development/OpenWrt/openwrt/staging_dir/toolchain-powerpc64_e5500_gcc-11.2.0_musl/include/fortify/stdio.h:110:17: error: format not a string literal, argument types not checked [-Werror=format-nonliteral]
110 | __r = __orig_snprintf(__s, __b, __f, __builtin_va_arg_pack());
| ^~~
/home/stijn/Development/OpenWrt/openwrt/staging_dir/toolchain-powerpc64_e5500_gcc-11.2.0_musl/include/fortify/stdio.h:114:17: error: format not a string literal, argument types not checked [-Werror=format-nonliteral]
114 | __r = __orig_sprintf(__s, __f, __builtin_va_arg_pack());
| ^~~
Disable fortify source for the package as a workaround.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
No longer present. The original reason for having it was an unfortunate
side effect of the way meson uses HOST_LDFLAGS. Since the transistion to
use dependency('iconv'), this is no longer relevant.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
wolfssl/options.h needs to be included before the other wolfssl headers
to enable OpenSSL API required to build the package.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
libarchive looks for ext2fs headers during configure, and if it finds
them it will expect to find them during compile, or on the rare occasion
when they aren't it will fail:
libarchive/archive_entry.c:59:55: fatal error: ext2fs/ext2_fs.h: No such file or directory
As we just need headers for some type constants, let's re-use headers
from tools/e2fsprogs package which are always available.
Reported-by: Adam Dov <adov@maxlinear.com>
Suggested-by: Paul Eggleton <paul.eggleton@linux.intel.com>
References: https://git.yoctoproject.org/poky/commit/?id=f0b9a7cf9f80be1917e45266fa201f464a28c1e5
Signed-off-by: Petr Štetiar <ynezz@true.cz>
- Removed duplicate function definition from util.h
- Increased size of dictionary vendor and values to 32-bits from 16;
this breaks the ABI from the previous release.
- Corrected a string termination issue in rc_avpair_tostr()
- Added functions to create dictionary without a file:
rc_dict_addattr
rc_dict_addval
rc_dict_addvend
Signed-off-by: Nick Hainke <vincent@systemli.org>
The totem-pl-parser library seems to rely on freedesktop.org's MIME-type
definitions to parse playlist files. Without them, parsing will produce
a TOTEM_PL_PARSER_RESULT_IGNORED error.
Signed-off-by: W. Michael Petullo <mike@flyn.org>
glib2's meson.build runs check cc.has_function('ngettext', args :
osx_ldflags) and, if successful, it never looks for non-libc libintl.
For musl and glibc this test is always successful.
glib2 unconditionally sets ENABLE_NLS, so during compile <libintl.h>
gets included always. But then we have a disconnect when the OpenWrt pkg
is being built with BUILD_NLS=y, because the <libintl.h> will be from
libintl-full but glib2 will not link to libintl-full.
With BUILD_NLS=n there's no problem, because the <libintl.h> will be
from libc.
In lieu of proper libintl detection in glib2's meson build, removing the
SED call from the Makefile together with the added patch sorts this out.
The SED call can be removed because when we force libintl-full use, the
meson build will put the necessary linker flag into the pkg-config file
itself.
Alpine Linux does something similar (see [1]), but they always force
the use of the external libintl. I assume they always go for full NLS
support.
[1] https://git.alpinelinux.org/aports/tree/main/glib/musl-libintl.patch
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
This commit fixes an issue where the `libcoap-3-notls.so` is not installed,
in some cases leaving the target's root with no library and just a broken link
from `libcoap-3.so` to `libcoap-3-notls.so`.
Signed-off-by: Leo Soares <leo@hyper.ag>
This is the latest commit that touches the xr_usb_serial_common-1a dir.
The changes are restricted to whitespace fixes and kernel version
adaptations:
ecc6ebe xr_usb: Use tty_driver_kref_put for kernel 5.15 and above
caf6d25 xr_usb: Use tty_alloc_driver for kernel 5.15 and above
a42b7e6 xr_usb: Compilation fixes for kernel 5.14
497adb7 #39 fix compilation for newer linux kernels
9103471 xr_usb: fix some whitespace errors
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
Description:
ICU 71 updates to CLDR 41 locale data with various additions and corrections.
ICU 71 adds phrase-based line breaking for Japanese. Existing line breaking methods follow standards and conventions for body text but do not work well for short Japanese text, such as in titles and headings. This new feature is optimized for these use cases.
ICU 71 adds support for Hindi written in Latin letters (hi_Latn). The CLDR data for this increasingly popular locale has been significantly revised and expanded. Note that based on user expectations, hi_Latn incorporates a large amount of English, and can also be referred to as “Hinglish”
ICU 71 and CLDR 41 are minor releases, mostly focused on bug fixes and small enhancements. (The fall CLDR/ICU releases will update to Unicode 15 which is planned for September.) We are also working to re-establish continuous performance testing for ICU, and on development towards future versions.
ICU 71 updates to the time zone data version 2022a. Note that pre-1970 data for a number of time zones has been removed, as has been the case in the upstream tzdata release since 2021b.
Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
Daniel Golle