| Commit message (Collapse) | Author | Age |
|---|
| |
|
|
| |
Signed-off-by: Lucian Cristian <lucian.cristian@gmail.com>
|
| |
|
|
| |
Signed-off-by: Lucian Cristian <lucian.cristian@gmail.com>
|
| |\
| |
| | |
libxml2: update to 2.10.3
|
| | |
| |
| |
| |
| |
| |
| |
| | |
This fixes:
- CVE-2022-40303
- CVE-2022-40304
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
|
| |/
|
|
|
|
|
|
|
|
|
| |
Noteworthy changes in version 1.6.2 (2022-10-07) [C22/A14/R2]
------------------------------------------------
* Fix integer overflow in the CRL parser. [rK4b7d9cd4a0]
Release-info: https://dev.gnupg.org/T6230
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
|
| |\
| |
| | |
gnutls: update to 3.7.8
|
| | |
| |
| |
| |
| |
| |
| | |
Release Notes:
https://lists.gnupg.org/pipermail/gnutls-help/2022-September/004765.html
Signed-off-by: Nick Hainke <vincent@systemli.org>
|
| |\ \
| |/
|/| |
libzip: update to 1.9.2
|
| | |
| |
| |
| |
| |
| | |
Also drop already mainlined patch.
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
|
| | |
| |
| |
| |
| |
| |
| |
| | |
Update to stable release 1.6.1.
See commit log since version 1.6.0 for changes[1].
[1]: https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libksba.git;a=shortlog;h=d3c1e063d708a46ef39152256f8b1ea466b61be0
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
|
| |\ \
| |/
|/| |
libgd: avoid recursive and redundant dependencies
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Change the CONFLICTS line from the libgd-full to libgd to fix a
recursive dependency.
While at it, remove the redundant +LIBGD_TIFF:libtiff
+LIBGD_FREETYPE:libfreetype dependencies from Package/libgd/default.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
As wolfSSL is having hard time maintaining ABI compatibility between
releases, we need to manually force rebuild of packages depending on
libwolfssl and thus force their upgrade. Otherwise due to the ABI
handling we would endup with possibly two libwolfssl libraries in the
system, including the patched libwolfssl-5.5.1, but still have
vulnerable services running using the vulnerable libwolfssl-5.4.0.
So in order to propagate update of libwolfssl to latest stable release
done in commit ec8fb542ec3e4 ("wolfssl: fix TLSv1.3 RCE in uhttpd by
using 5.5.1-stable (CVE-2022-39173)") which fixes several remotely
exploitable vulnerabilities, we need to bump PKG_RELEASE of all packages
using wolfSSL library.
Same bump has been done in buildroot in commit f1b7e1434f66 ("treewide:
fix security issues by bumping all packages using libwolfssl").
Signed-off-by: Petr Štetiar <ynezz@true.cz>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Fixes CVE-2022-40674.
Release Notes:
- https://github.com/libexpat/libexpat/blob/R_2_4_8/expat/Changes
- https://github.com/libexpat/libexpat/blob/R_2_4_9/expat/Changes
Signed-off-by: Nick Hainke <vincent@systemli.org>
|
| | |
| |
| |
| |
| |
| |
| | |
- drop obsolete configure argument
- update download url
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Changes since 4.2 are extensive, as always.
https://libwebsockets.org/git/libwebsockets/tree/changelog?h=v4.3-stable#n4
Eg, Adds CBOR, support for reduced memory CA verification, cookie jars,
mqtt client gains qos2, mbedtls v3, fault injection apis, better support
for event loops.
Signed-off-by: Karl Palsson <karlp@etactica.com>
|
| | |
| |
| |
| |
| |
| |
| | |
This is a bugfix release.
Full release notes available at: https://github.com/DaveGamble/cJSON/releases/tag/v1.7.15
Signed-off-by: Karl Palsson <karlp@etactica.com>
|
| | |
| |
| |
| | |
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
|
| | |
| |
| |
| |
| |
| | |
This reverts commit 02d6c8346cfae7c2de456800a862a7dd90782858.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
|
| | |
| |
| |
| |
| |
| | |
This reverts commit c61b70918b6c10f6fd726b098474736a7e0ae9cd.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
|
| | |
| |
| |
| |
| |
| | |
Fixes compilation with non English locale.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
|
| | |
| |
| |
| |
| |
| | |
Ported Fedora patch.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
|
| | |
| |
| |
| | |
Signed-off-by: Rosen Penev <rosenp@gmail.com>
|
| | |
| |
| |
| | |
Signed-off-by: Rosen Penev <rosenp@gmail.com>
|
| | |
| |
| |
| |
| |
| |
| |
| | |
This package is a dependency for building mausezahn as part of the
netsniff-ng sources. mausezahn is a multicast traffic generator used by
the upcoming kernel-selftests-net-forwarding package.
Signed-off-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com>
|
| | |
| |
| |
| |
| |
| |
| | |
libmspack is a library for some loosely related Microsoft compression
formats: CAB, CHM, HLP, LIT, KWAJ and SZDD
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
|
| | |
| |
| |
| |
| |
| | |
Remove upstreamed patch and delete pointless one.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This fixes:
- CVE-2022-2309
Release Notes:
- https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.10.0
- https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.10.1
- https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.10.2
Also drop removed docbook compile switch.
Disable PKG_FIXUP to allow backporting.
Signed-off-by: Nick Hainke <vincent@systemli.org>
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
|
| |/
|
|
|
|
|
| |
When libjose is built statically, it must use --whole-archive as it uses
GCC's constructor attribute to initialize itself.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
Fixes a compile error when glib2 is missing.
get rid of nls.mk. iconv/gettext is not used. This was previously here
because of glib2.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
|
| |
|
|
| |
Signed-off-by: Maxim Anisimov <maxim.anisimov.ua@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
Backport a bunch of patches that fixes build
when using new Autoconf and Automake.
The patches removed are replaced by upstream backports
which are more complete.
Signed-off-by: Michael Pratt <mcpratt@pm.me>
|
| |\
| |
| | |
basicstation, sx1302_hal: initial commit
|
| | |
| |
| |
| |
| |
| |
| | |
The SX1302 hardware abstraction layer is required by the basicstation
to control the concentrator based on SX1302/SX1303 chip.
Signed-off-by: Marcus Schref <mschref@web.de>
|
| | |
| |
| |
| | |
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This release includes a fix for CVE-2022-1215, a format string
vulnerabilty in the evdev device handling. For details, see
https://gitlab.freedesktop.org/libinput/libinput/-/issues/752
Peter Hutterer (2):
evdev: strip the device name of format directives
libinput 1.19.4
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
|
| | |
| |
| |
| | |
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
Release date: 2022-08-11
Adresses CVE-2022-2625.
For more details, please see the release notes[1].
[1]: https://www.postgresql.org/docs/release/14.5/
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Noteworthy changes in version 1.18.0 (2022-08-10)
-------------------------------------------------
* New keylist mode to force refresh via external methods. [T5951]
* The keylist operations now create an import result to report the
result of the locate keylist modes. [T5951]
* core: Return BAD_PASSPHRASE error code on symmetric decryption
failure. [T5939]
* cpp, qt: Do not export internal symbols anymore. [T5906]
* cpp, qt: Support revocation of own OpenPGP keys. [T5904]
* qt: The file name of (signed and) encrypted data can now be set. [T6056]
* cpp, qt: Support setting the primary user ID. [T5938]
* python: Fix segv(NULL) when inspecting contect after exeception. [T6060]
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
|
| |\ \
| | |
| | | |
libfmt: bump to upstream version 9.1.0
|
| | | |
| | |
| | |
| | | |
Signed-off-by: Othmar Truniger <github@truniger.ch>
|
| | | |
| | |
| | |
| | | |
Signed-off-by: Eric Luehrsen <ericluehrsen@gmail.com>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
Release notes:
https://www.libssh.org/2022/09/05/libssh-0-10-3/
Signed-off-by: Nick Hainke <vincent@systemli.org>
|
| | | |
| | |
| | |
| | | |
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
Release notes:
https://www.libssh.org/2022/09/02/libssh-0-10-2/
Signed-off-by: Nick Hainke <vincent@systemli.org>
|
| |/ /
| |
| |
| |
| |
| |
| | |
Release Notes:
https://www.libssh.org/2022/08/26/libssh-0-10-0/
Signed-off-by: Nick Hainke <vincent@systemli.org>
|
| |\ \
| | |
| | | |
libpam: update to 1.5.2
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Release Notes:
https://github.com/linux-pam/linux-pam/releases/tag/v1.5.2
Install the pkgconfig files for provided libraries.
Signed-off-by: Nick Hainke <vincent@systemli.org>
|
| |/ /
| |
| |
| |
| |
| |
| | |
Release Notes:
https://www.libssh2.org/changes.html
Signed-off-by: Nick Hainke <vincent@systemli.org>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
The full variant should conflict with the default variant. This prevents that
libgd and libgd-full could be installed side by side, and also, the full
variant should provide the libgd. Otherwise, if you install libgd-full,
you can not install vnstat.
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
|