aboutsummaryrefslogtreecommitdiff
path: root/libs
Commit message (Collapse)AuthorAge
* libksba: update to version 1.6.1Daniel Golle2022-10-07
| | | | | | | | Update to stable release 1.6.1. See commit log since version 1.6.0 for changes[1]. [1]: https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libksba.git;a=shortlog;h=d3c1e063d708a46ef39152256f8b1ea466b61be0 Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* Merge pull request #19372 from cotequeiroz/libgdJosef Schlehofer2022-10-06
|\ | | | | libgd: avoid recursive and redundant dependencies
| * libgd: avoid recursive and redundant dependenciesEneas U de Queiroz2022-09-15
| | | | | | | | | | | | | | | | | | | | Change the CONFLICTS line from the libgd-full to libgd to fix a recursive dependency. While at it, remove the redundant +LIBGD_TIFF:libtiff +LIBGD_FREETYPE:libfreetype dependencies from Package/libgd/default. Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
* | treewide: fix security issues by bumping all packages using libwolfsslPetr Štetiar2022-10-04
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | As wolfSSL is having hard time maintaining ABI compatibility between releases, we need to manually force rebuild of packages depending on libwolfssl and thus force their upgrade. Otherwise due to the ABI handling we would endup with possibly two libwolfssl libraries in the system, including the patched libwolfssl-5.5.1, but still have vulnerable services running using the vulnerable libwolfssl-5.4.0. So in order to propagate update of libwolfssl to latest stable release done in commit ec8fb542ec3e4 ("wolfssl: fix TLSv1.3 RCE in uhttpd by using 5.5.1-stable (CVE-2022-39173)") which fixes several remotely exploitable vulnerabilities, we need to bump PKG_RELEASE of all packages using wolfSSL library. Same bump has been done in buildroot in commit f1b7e1434f66 ("treewide: fix security issues by bumping all packages using libwolfssl"). Signed-off-by: Petr Štetiar <ynezz@true.cz>
* | expat: update to 2.4.9Nick Hainke2022-10-03
| | | | | | | | | | | | | | | | | | | | Fixes CVE-2022-40674. Release Notes: - https://github.com/libexpat/libexpat/blob/R_2_4_8/expat/Changes - https://github.com/libexpat/libexpat/blob/R_2_4_9/expat/Changes Signed-off-by: Nick Hainke <vincent@systemli.org>
* | libmodbus: update to 3.1.8Michael Heimpold2022-09-28
| | | | | | | | | | | | | | - drop obsolete configure argument - update download url Signed-off-by: Michael Heimpold <mhei@heimpold.de>
* | libs/libwebsockets: Update to 4.3.xKarl Palsson2022-09-26
| | | | | | | | | | | | | | | | | | | | | | Changes since 4.2 are extensive, as always. https://libwebsockets.org/git/libwebsockets/tree/changelog?h=v4.3-stable#n4 Eg, Adds CBOR, support for reduced memory CA verification, cookie jars, mqtt client gains qos2, mbedtls v3, fault injection apis, better support for event loops. Signed-off-by: Karl Palsson <karlp@etactica.com>
* | libs/cjson: bump to 1.7.15Karl Palsson2022-09-26
| | | | | | | | | | | | | | This is a bugfix release. Full release notes available at: https://github.com/DaveGamble/cJSON/releases/tag/v1.7.15 Signed-off-by: Karl Palsson <karlp@etactica.com>
* | openblas: bump to version 0.3.21Alexandru Ardelean2022-09-25
| | | | | | | | Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
* | Revert "jose: remove libjose"Rosen Penev2022-09-25
| | | | | | | | | | | | This reverts commit 02d6c8346cfae7c2de456800a862a7dd90782858. Signed-off-by: Rosen Penev <rosenp@gmail.com>
* | Revert "jose: fix static library usage"Rosen Penev2022-09-25
| | | | | | | | | | | | This reverts commit c61b70918b6c10f6fd726b098474736a7e0ae9cd. Signed-off-by: Rosen Penev <rosenp@gmail.com>
* | glib2: backport locale fixRosen Penev2022-09-22
| | | | | | | | | | | | Fixes compilation with non English locale. Signed-off-by: Rosen Penev <rosenp@gmail.com>
* | libowfat: fix glibc compilationRosen Penev2022-09-23
| | | | | | | | | | | | Ported Fedora patch. Signed-off-by: Rosen Penev <rosenp@gmail.com>
* | libsoup3: update maintainerRosen Penev2022-09-22
| | | | | | | | Signed-off-by: Rosen Penev <rosenp@gmail.com>
* | libsoup3: addRosen Penev2022-09-22
| | | | | | | | Signed-off-by: Rosen Penev <rosenp@gmail.com>
* | libcli: Add new packageMartin Blumenstingl2022-09-22
| | | | | | | | | | | | | | | | This package is a dependency for building mausezahn as part of the netsniff-ng sources. mausezahn is a multicast traffic generator used by the upcoming kernel-selftests-net-forwarding package. Signed-off-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com>
* | libmspack: initial checkinFlorian Eckert2022-09-22
| | | | | | | | | | | | | | libmspack is a library for some loosely related Microsoft compression formats: CAB, CHM, HLP, LIT, KWAJ and SZDD Signed-off-by: Florian Eckert <fe@dev.tdt.de>
* | glib2: update to 2.74.0Rosen Penev2022-09-22
| | | | | | | | | | | | Remove upstreamed patch and delete pointless one. Signed-off-by: Rosen Penev <rosenp@gmail.com>
* | libxml2: update to 2.10.2 (closes #19288)Michael Heimpold2022-09-20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This fixes: - CVE-2022-2309 Release Notes: - https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.10.0 - https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.10.1 - https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.10.2 Also drop removed docbook compile switch. Disable PKG_FIXUP to allow backporting. Signed-off-by: Nick Hainke <vincent@systemli.org> Signed-off-by: Michael Heimpold <mhei@heimpold.de>
* | jose: fix static library usageRosen Penev2022-09-18
|/ | | | | | | When libjose is built statically, it must use --whole-archive as it uses GCC's constructor attribute to initialize itself. Signed-off-by: Rosen Penev <rosenp@gmail.com>
* liboil: small cleanupsRosen Penev2022-09-14
| | | | | | | | | Fixes a compile error when glib2 is missing. get rid of nls.mk. iconv/gettext is not used. This was previously here because of glib2. Signed-off-by: Rosen Penev <rosenp@gmail.com>
* libqmi: bump to 1.30.8Maxim Anisimov2022-09-14
| | | | Signed-off-by: Maxim Anisimov <maxim.anisimov.ua@gmail.com>
* apr: add autotools compatibility backportsMichael Pratt2022-09-09
| | | | | | | | | | Backport a bunch of patches that fixes build when using new Autoconf and Automake. The patches removed are replaced by upstream backports which are more complete. Signed-off-by: Michael Pratt <mcpratt@pm.me>
* Merge pull request #19188 from mars642/feature_lorawanFlorian Eckert2022-09-08
|\ | | | | basicstation, sx1302_hal: initial commit
| * sx1302_hal: initial check-inMarcus Schref2022-09-07
| | | | | | | | | | | | | | The SX1302 hardware abstraction layer is required by the basicstation to control the concentrator based on SX1302/SX1303 chip. Signed-off-by: Marcus Schref <mschref@web.de>
* | libp11: update to version 0.4.12Daniel Golle2022-09-07
| | | | | | | | Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* | libinput: update to version 1.19.4Daniel Golle2022-09-07
| | | | | | | | | | | | | | | | | | | | | | | | This release includes a fix for CVE-2022-1215, a format string vulnerabilty in the evdev device handling. For details, see https://gitlab.freedesktop.org/libinput/libinput/-/issues/752 Peter Hutterer (2): evdev: strip the device name of format directives libinput 1.19.4 Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* | libevdev: update to version 1.13.0Daniel Golle2022-09-07
| | | | | | | | Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* | postgresql: update to version 14.5Daniel Golle2022-09-07
| | | | | | | | | | | | | | | | | | Release date: 2022-08-11 Adresses CVE-2022-2625. For more details, please see the release notes[1]. [1]: https://www.postgresql.org/docs/release/14.5/ Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* | gpgme: update to version 1.18.0Daniel Golle2022-09-07
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Noteworthy changes in version 1.18.0 (2022-08-10) ------------------------------------------------- * New keylist mode to force refresh via external methods. [T5951] * The keylist operations now create an import result to report the result of the locate keylist modes. [T5951] * core: Return BAD_PASSPHRASE error code on symmetric decryption failure. [T5939] * cpp, qt: Do not export internal symbols anymore. [T5906] * cpp, qt: Support revocation of own OpenPGP keys. [T5904] * qt: The file name of (signed and) encrypted data can now be set. [T6056] * cpp, qt: Support setting the primary user ID. [T5938] * python: Fix segv(NULL) when inspecting contect after exeception. [T6060] Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* | Merge pull request #19285 from tru7/knxdFlorian Eckert2022-09-07
|\ \ | | | | | | libfmt: bump to upstream version 9.1.0
| * | libfmt: bump to upstream version 9.1.0Othmar Truniger2022-09-06
| | | | | | | | | | | | Signed-off-by: Othmar Truniger <github@truniger.ch>
* | | ldns: update to 1.8.3Eric Luehrsen2022-09-05
| | | | | | | | | | | | Signed-off-by: Eric Luehrsen <ericluehrsen@gmail.com>
* | | libssh: update to 0.10.3Nick Hainke2022-09-05
| | | | | | | | | | | | | | | | | | | | | Release notes: https://www.libssh.org/2022/09/05/libssh-0-10-3/ Signed-off-by: Nick Hainke <vincent@systemli.org>
* | | libtorrent-rasterbar: Update to 2.0.7Tianling Shen2022-09-04
| | | | | | | | | | | | Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
* | | libssh: update to 0.10.2Nick Hainke2022-09-03
| | | | | | | | | | | | | | | | | | | | | Release notes: https://www.libssh.org/2022/09/02/libssh-0-10-2/ Signed-off-by: Nick Hainke <vincent@systemli.org>
* | | libssh: update to 0.10.0Nick Hainke2022-08-31
|/ / | | | | | | | | | | | | Release Notes: https://www.libssh.org/2022/08/26/libssh-0-10-0/ Signed-off-by: Nick Hainke <vincent@systemli.org>
* | Merge pull request #19272 from PolynomialDivision/update-linux-pamNikos Mavrogiannopoulos2022-08-29
|\ \ | | | | | | libpam: update to 1.5.2
| * | libpam: update to 1.5.2Nick Hainke2022-08-28
| | | | | | | | | | | | | | | | | | | | | | | | | | | Release Notes: https://github.com/linux-pam/linux-pam/releases/tag/v1.5.2 Install the pkgconfig files for provided libraries. Signed-off-by: Nick Hainke <vincent@systemli.org>
* | | libssh2: update to 1.10.0Nick Hainke2022-08-27
|/ / | | | | | | | | | | | | Release Notes: https://www.libssh2.org/changes.html Signed-off-by: Nick Hainke <vincent@systemli.org>
* | libgd: add conflicts to each otherJosef Schlehofer2022-08-23
| | | | | | | | | | | | | | | | | | The full variant should conflict with the default variant. This prevents that libgd and libgd-full could be installed side by side, and also, the full variant should provide the libgd. Otherwise, if you install libgd-full, you can not install vnstat. Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
* | boost: restores patch for libboost_context for mips64Carlos Miguel Ferreira2022-08-23
| | | | | | | | | | | | | | This commit restores the patch for libboost_context for mips64 given that the upstream update added in 1.80.0 does not fully fixes the issue. Signed-off-by: Carlos Miguel Ferreira <carlosmf.pt@gmail.com>
* | liburcu: update to version 0.13.2Jan Hák2022-08-22
| | | | | | | | Signed-off-by: Jan Hák <jan.hak@nic.cz>
* | boost: bump to version 1.80.0Carlos Miguel Ferreira2022-08-18
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This commit updates boost to version 1.80.0 There are no new libraries in this version The following patches were removed due to upstream update: * 010-mips1.patch [1] * 910-json-array-erase-relocate.patch [2] More info about Boost 1.80.0 can be found at the usual place [3]. [1]: https://github.com/boostorg/config/pull/390 [2]: https://github.com/boostorg/json/pull/695 [3]: https://www.boost.org/users/history/version_1_80_0.html Signed-off-by: Carlos Miguel Ferreira <carlosmf.pt@gmail.com>
* | libpqxx: fix makefile typoIgor Bezzubchenko2022-08-16
| | | | | | | | Signed-off-by: Igor Bezzubchenko <garikello@gmail.com>
* | libpqxx: update to version 7.7.4Igor Bezzubchenko2022-08-16
| | | | | | | | Signed-off-by: Igor Bezzubchenko <garikello@gmail.com>
* | libwebp: bump to version 1.2.4Alexandru Ardelean2022-08-12
|/ | | | Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
* gnutls: update to 3.7.7Nick Hainke2022-08-07
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - libgnutls: Fixed double free during verification of pkcs7 signatures. Reported by Jaak Ristioja (#1383). [GNUTLS-SA-2022-07-07, CVSS: medium] [CVE-2022-2509] - libgnutls: gnutls_hkdf_expand now only accepts LENGTH argument less than or equal to 255 times hash digest size, to comply with RFC 5869 2.3. - libgnutls: Length limit for TLS PSK usernames has been increased from 128 to 65535 characters (#1323). - libgnutls: AES-GCM encryption function now limits plaintext length to 2^39-256 bits, according to SP800-38D 5.2.1.1. - libgnutls: New block cipher functions have been added to transparently handle padding. gnutls_cipher_encrypt3 and gnutls_cipher_decrypt3 can be used in combination of GNUTLS_CIPHER_PADDING_PKCS7 flag to automatically add/remove padding if the length of the original plaintext is not a multiple of the block size. - libgnutls: New function for manual FIPS self-testing. API and ABI modifications: - gnutls_fips140_run_self_tests: New function - gnutls_cipher_encrypt3: New function - gnutls_cipher_decrypt3: New function - gnutls_cipher_padding_flags_t: New enum Signed-off-by: Nick Hainke <vincent@systemli.org>
* mxml: update to 3.3.1Espen Jürgensen2022-08-06
| | | | Signed-off-by: Espen Jürgensen <espenjurgensen+openwrt@gmail.com>
* Merge pull request #19021 from borkra/fix_dependenciesEneas U de Queiroz2022-08-03
|\ | | | | Avoid building unused package dependencies