Compare commits

...

1818 Commits

Author SHA1 Message Date
Peter Korsgaard 3386677f0a Update for 2025.08
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-09-07 22:58:34 +02:00
Arnout Vandecappelle b45400dad4 package/python3: do build-time detection of non-working toolchain
Since the bump to Python 3.13.2 in commit
d63e207eb8, there is a runtime assertion
in Python when the toolchain doesn't support time64 [1]. The only such
toolchain is one with uClibc and linux headers < 5.1.

Encoding this dependency in Config.in was deemed to complicated (cfr.
commit ffd0028031).

Instead, do a build-time check of the same condition. The check itself
is a bit complicated, but it is localized to python3.mk and doesn't need
to be propagated to all reverse dependencies.

Testing such a corner case toolchain is a bit complicated. It can be
done with the following configuration.

BR2_arm=y
BR2_cortex_a9=y
BR2_ARM_ENABLE_VFP=y
BR2_TOOLCHAIN_EXTERNAL=y
BR2_TOOLCHAIN_EXTERNAL_CUSTOM=y
BR2_TOOLCHAIN_EXTERNAL_DOWNLOAD=y
BR2_TOOLCHAIN_EXTERNAL_URL="http://toolchains.bootlin.com/downloads/releases/toolchains/armv7-eabihf/tarballs/armv7-eabihf--uclibc--stable-2018.02-1.tar.bz2"
BR2_TOOLCHAIN_EXTERNAL_GCC_6=y
BR2_TOOLCHAIN_EXTERNAL_HEADERS_4_1=y
BR2_TOOLCHAIN_EXTERNAL_LOCALE=y
BR2_TOOLCHAIN_EXTERNAL_CXX=y
BR2_PACKAGE_PYTHON3=y

It needs to be built in an environment that has libmpfr.so.4 installed
as the pre-built toolchain from that era did not include it. An easy
way to achieve this is to build this configuration under an old
Buildroot Docker container:

IMAGE=buildroot/base:20180205.0730 ./utils/docker-run make python3

With a build-time check, the autobuilders could get build failures when
generating such a config. However, the autobuilders cannot use a
toolchain with this configuration (they only use more recent
toolchains). Therefore, no update to genrandconfig is needed.

[1] https://gitlab.com/buildroot.org/buildroot/-/issues/95#note_2348479811

Cc: Vincent Fazio <vfazio@xes-inc.com>
Cc: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-09-07 17:47:23 +02:00
Romain Naour 50bc5aa17b package/micropython: fix segfault at exit() with gcc >= 14
Since Buildroot commit [1] "update to Bootlin toolchains 2025.08-1",
the TestMicroPython segfault when testing if micropython can return a
non-zero exit code.

   micropython -c "import sys ; sys.exit(123)"

This issue is related to the gcc version used to build micropython
(gcc 14 or newer). Using gcc 13 (like Bootlin toolchain 2024.05-1
previously used) micropython run without issue.

The issue has been reported upstream [2] and fixed in newer micropython
releases [3]. For now, apply a temporary workaround (suggested in the
bug report) using -DMICROPY_NLR_SETJMP=1 only for gcc 14 or newer.
MICROPY_NLR_SETJMP avoid the architecture specific implementation of
nlr_push.

Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/11176774762 (TestMicroPython)

[1] https://gitlab.com/buildroot.org/buildroot/-/commit/947dbc92a20c5acea7882166cae7893e6ea661e1
[2] https://github.com/micropython/micropython/issues/14115
[3] https://github.com/micropython/micropython/commit/35f3f0a87db2580041dd0f7dfd4361df48887796

Signed-off-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-09-07 16:57:30 +02:00
Romain Naour 10e289e0a9 support/testing: test_hardening: update toolchain to aarch64 for checksec tests
TestRelroPartial is broken since the last checksec update to 2.7.1 [1]
(Buildroot 2024.08) due to a relro check fix [2] that doesn't work for
powerpc architecture where .got.plt doesn't exist for some reasons
(that's why the expected result "full" is replaced by "Partial").

From [3]:

  if ${readelf} -d "${1}/exe" 2> /dev/null | grep -q 'BIND_NOW' || ! ${readelf} -l "${1}/exe" 2> /dev/null | grep -q '\.got\.plt'; then
    echo_message '\033[32mFull RELRO   \033[m   ' 'Full RELRO,' ' relro="full"' '"relro":"full",'
  else
    echo_message '\033[33mPartial RELRO\033[m   ' 'Partial RELRO,' ' relro="partial"' '"relro":"partial",'

checksec tool is problably tested upstream on more common architectures
like x86_64 or aarch64 than powerpc64 e5500. This may explain why
checksec broke on powerpc64 e5500 target.

Also, the Booltin powerpc64-e5500--glibc--stable-2018.02-2 toolchain
used by test_hardening tests was not updated since the hardening tests
were introduced back in 2018.11 release.

So, switch to the current Bootling aarch64 stable toolchain
(currently Bootlin aarch64 glibc stable 2025.08-1).

Checked that all 6 hardening tests pass with this new toolchain:

  tests.core.test_hardening.TestFortifyConserv
  tests.core.test_hardening.TestFortifyNone
  tests.core.test_hardening.TestRelro
  tests.core.test_hardening.TestRelroPartial
  tests.core.test_hardening.TestSspNone
  tests.core.test_hardening.TestSspStrong

Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/11176773995 (TestRelroPartial)

[1] 6150564974
[2] https://github.com/slimm609/checksec/commit/1c80e39c4956f902ed15c4baa8d9c17851096900
[3] https://github.com/slimm609/checksec/commit/1c80e39c4956f902ed15c4baa8d9c17851096900#diff-9e8d1b28dfaf1c704560ac51a5613b70d70de2dcd84e87b9fa20f28811e6484aL1491

Signed-off-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-09-06 23:44:15 +02:00
Thomas Petazzoni d98e15a363 package/gdb: really fix build with GCC 15.x by using external readline
The copy of readline bundled with gdb versions earlier than 16.x does
not build with GCC 15.x, despite our
0010-readline-tcap.h-Update-definitions-for-C23.patch. In GDB 16.x,
readline has been updated to 8.2, which fixes the issue, but
backporting this to older GDB versions results in a ~450 KB.

So let's take the approach we should have probably taken from the
ground up: use an external readline, instead of the bundled one. This
is exactly what this patch does. Instead of having gdb depend on
ncurses and host-gdb depend on host-ncurses, we make it depend on
readline/host-readline (which in turn already has a dependency on
ncurses). In fact, gdb does not need ncurses itself, it really needs
only readline.

Since the GDB TUI itself needs ncurses, we move the ncurses
select/dependency down to the GDB TUI option. This was pointed out by
Romain Naour.

Fixes:

  https://autobuild.buildroot.net/results/3b0ce5cfac81e150816027fc1259600ee02f0f1f/ (host gdb 14.x)
  https://autobuild.buildroot.net/results/e64e3cd7aa5e7315464e380982f7febaff5df908/ (host gdb 15.x)
  https://autobuild.buildroot.net/results/2f2616a4ac7d9cbc06ba7775eb57bdd2a0419cb5/ (host arc gdb)
  https://gitlab.com/buildroot.org/buildroot/-/jobs/11176774348 (TestGdbArc)
  https://gitlab.com/buildroot.org/buildroot/-/jobs/11176774349 (TestGdbFullTarget)
  https://gitlab.com/buildroot.org/buildroot/-/jobs/11176774355 (TestGdbserverOnly)

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
[Julien: as pointed out by Romain Naour:
 - also select and add readline dependency when
   BR2_PACKAGE_GDB_SERVER=y
 - add links to gitlab CI failures in commit log
]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-09-06 22:37:18 +02:00
Romain Naour f255b90afc package/lua-utf8: fix missing header
Backport an upstream patch adding missing limits.h.

https://gitlab.com/buildroot.org/buildroot/-/jobs/11176774630 (TestLuajitUtf8)

Signed-off-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-09-06 19:57:24 +02:00
Romain Naour d7233ae048 package/iozone: Fix parallel build problem
Apply a patch from meta-openembedded fixing a cross-build issue [1].

[1] https://github.com/openembedded/meta-openembedded/blob/walnascar/meta-oe/recipes-benchmark/iozone3/iozone3/parallelism.patch

Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/11176774405 (TestIozone)

Signed-off-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-09-06 18:57:17 +02:00
Romain Naour 70cefcac9e package/iozone: bump to version 3.508
iozone releases 3.507 and 3.508 seems to be only build fixes releases
for latest GCC compiler version but since there is no public vcs
it's not easy to review the history between releases and backport
any patches.

Based on the changelog from [1]:

  Revision 3.507
  Fix GCC compile warnings.

  Revision 3.508
  Put an end to the (&*% stupid GCC breaking builds for no valid reason.

So bump to the latest 508 release.

Rebase 0001-Add-new-targets-for-iozone.patch
Rebase 0002-fix-build-without-aio.patch and convert to git format

The TestIozone build issue is not yet fixed by the version bump [2].

[1] https://www.iozone.org/src/current/Changes.txt
[2] https://gitlab.com/buildroot.org/buildroot/-/jobs/11176774405

Signed-off-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-09-06 18:57:02 +02:00
Maxim Kochetkov d0fbebd52e package/postgis: bump to version 3.5.3
Changelog: https://github.com/postgis/postgis/blob/3.5.3/NEWS

Signed-off-by: Maxim Kochetkov <fido_max@inbox.ru>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-09-05 21:22:51 +02:00
Bernd Kuhls abed850772 {linux, linux-headers}: bump 5.{4, 10, 15}.x / 6.{1, 6, 12, 16}.x series
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-09-05 19:35:55 +02:00
Bernd Kuhls 5e99e8a382 package/exiv2: security bump version to 0.28.7
Changelog:
https://exiv2.org/whatsnew.html
https://github.com/Exiv2/exiv2/blob/v0.28.7/doc/ChangeLog

Release notes of 0.28.0 with a long list of security-related fixes:
https://github.com/Exiv2/exiv2/issues/2406#issuecomment-1529139799

0.28.1 fixed CVE-2023-44398: https://github.com/Exiv2/exiv2/issues/2813

0.28.2 fixed CVE-2024-24826 & CVE-2024-25112:
https://github.com/Exiv2/exiv2/issues/2914

0.28.3 fixed CVE-2024-39695: https://github.com/Exiv2/exiv2/issues/3008

0.28.5 fixed CVE-2025-26623: https://github.com/Exiv2/exiv2/issues/3181

0.28.6 fixed
* [CVE-2025-54080](https://github.com/Exiv2/exiv2/security/advisories/GHSA-496f-x7cq-cq39)
* [CVE-2025-55304](https://github.com/Exiv2/exiv2/security/advisories/GHSA-m54q-mm9w-fp6g)

Please read https://github.com/Exiv2/exiv2/issues/2406 for the discussion
whether these CVEs are relevant and their status of backporting to the
0.27.x branch.

Removed patch which is included in this release.
Switch to github helper due to upstream not providing tarballs anymore.

Added optional support for inih:
https://github.com/Exiv2/exiv2/commit/43c9ec0f5095d92e2dd748c6c0b6f7ae4e6c73bf
and brotli:
https://github.com/Exiv2/exiv2/commit/557a5cebd52ced79d11080089d8e2874126fb038
both introduced in the 0.28.x branch.

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-09-05 18:36:19 +02:00
Peter Korsgaard dc50e439b3 package/sslh: add upstream patch to fix build w/ gcc-15
Add an upstream patch to fix a build issue related to struct
sockaddr_storage:

udp-listener.c: In function 'cnx_cmp':
udp-listener.c:39:30: error: initialization of 'struct sockaddr *' from incompatible pointer type 'struct sockaddr_storage *' [-Wincompatible-pointer-types]
   39 |     struct sockaddr* addr1 = &cnx1->client_addr;
      |                              ^
udp-listener.c:42:30: error: initialization of 'struct sockaddr *' from incompatible pointer type 'struct sockaddr_storage *' [-Wincompatible-pointer-types]
   42 |     struct sockaddr* addr2 = &cnx2->client_addr;
      |                              ^
udp-listener.c: In function 'hash_make_key':
udp-listener.c:55:29: error: initialization of 'struct sockaddr *' from incompatible pointer type 'struct sockaddr_storage *' [-Wincompatible-pointer-types]
   55 |     struct sockaddr* addr = &new->client_addr;
      |                             ^
udp-listener.c: In function 'udp_s2c_forward':
udp-listener.c:330:18: error: passing argument 5 of 'sendto' from incompatible pointer type [-Wincompatible-pointer-types]
  330 |                  &cnx->client_addr, cnx->addrlen);
      |                  ^~~~~~~~~~~~~~~~~
      |                  |
      |                  struct sockaddr_storage *

Fixes:

  https://autobuild.buildroot.net/results/0cbbb75c4aab19b9d5f42695359ac6fe97e5989b/

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-09-05 13:18:07 +02:00
Peter Korsgaard 717138c83c package/mbpfan: fix musl / uclibc-ng patch
Commit 759a08633e ("package/mbpfan: fix build on musl / uclibc-ng") added a
patch for musl / uclibc-ng, but the upstream patch did not correctly apply
to the 2.4.0 release, breaking the build.

Fix that.  In the mean time the patch has been applied upstream, so add a
reference to the upstream commit.

Fixes:

  https://autobuild.buildroot.net/results/785be6231c1edc4e5461ce083a3d65fd27fc5843/

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-09-04 21:52:39 +02:00
Romain Gantois b24cc7f501 configs/ti_am62x_sk: bump Linux to version 6.12.43
The Cadence QSPI driver is broken in version 6.12.36. It was fixed by a
subsequent patch:

https://lore.kernel.org/all/20250730093234.216392179@linuxfoundation.org/

Which was later backported to the 6.12 stable branch.

Bump the kernel version to the latest 6.12.x stable version to fix QSPI
support.

Signed-off-by: Romain Gantois <romain.gantois@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-09-04 18:52:22 +02:00
Neal Frager 9e0bb3db39 configs/versal_*: bump to Linux 6.12.40
The memory leak patch is included with the Linux 6.12.40 release tag, so it no
longer needs to be applied to these defconfigs:
https://github.com/Xilinx/linux-xlnx/commit/9691533f6e6fd0a596ac7688e82eeea53f22c434

Also, since all Xilinx defconfigs have been bumped to Linux 6.12.40 with this
patch, the Linux 6.12.10 (2025.1) hash can be removed along with the
Linux 6.12.10 memory leak patch.

This patch has been run tested on the versal vek280 evaluation board.
This patch has been run tested on the versal vck190 evaluation board.

Signed-off-by: Neal Frager <neal.frager@amd.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-09-04 18:45:19 +02:00
Neal Frager dfed1003d9 board/versal: increase vfat partition to 64M
In the process of bumping Linux kernel 6.12.10 to 6.12.40, the size of the
default Linux kernel Image file for versal products is increasing from 23.4M
to 26.9M. This is leaving limited free space in the vfat partition meaning
users may unknowingly exceed the 32M size by just adding Linux kernel configs.

To avoid potential problems, this patch doubles the size of the vfat partition
to 64M, which should be plenty of space for any configuration.

Signed-off-by: Neal Frager <neal.frager@amd.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-09-04 18:45:19 +02:00
Romain Naour 681b92664d support/testing: TestOpenJdk: remove stime() function call
stime() has been deprecated in glibc 2.31 [1] and replaced with
clock_settime(). Let's replace the stime() function call used in
BR2_PACKAGE_OPENJDK_JNI_TEST sources with clock_settime().

Apply the same change as busybox [2]. Make sure that timeToSet
has been zeroed.

With that fixed, the test "Call Native Library to Set System Time"
succeed:

  [BRTEST# java -cp /usr/bin JniTest
  Test: Get JNI Version passed
  Test: Read Native String Constant passed
  Test: Write Java String to Native Library passed
  Test: Write Java Char Array to Native Library passed
  Test: Write String Member to Native Library passed
  Test: Set String Member from Native Library passed
  Test: Execeute Java Function from Native Library passed
  Test: Instantiate Java Class passed
  Test: Call Native Library to Set System Time passed
  [BRTEST# echo $?
  0

The last external toolchain using a glibc 2.30 was the Bootlin
aarch64--glibc--bleeding-edge-2020.02-2, so since then TestOpenJdk
is broken.

Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/11176774851

[1] https://lists.gnu.org/archive/html/info-gnu/2020-02/msg00001.html
[2] https://git.busybox.net/busybox/commit/?id=d3539be8f27b8cbfdfee460fe08299158f08bcd9
[3] https://toolchains.bootlin.com/downloads/releases/toolchains/aarch64/readmes/aarch64--glibc--bleeding-edge-2020.02-2.txt

Signed-off-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-09-04 18:41:25 +02:00
Romain Naour dac94834cc support/testing: TestSWIPL: increase timeout value
The swipl runtime test is unreliable, depending on the execution speed
of its runner or local host.

Running on a build server, the last test resolve the sudoku in
30sec while the timeout is 10sec.

  # time swipl -g top -t halt /root/sudoku.pl
  Sudoku solution:
  [9, 8, 7, 6, 5, 4, 3, 2, 1].
  [2, 4, 6, 1, 7, 3, 9, 8, 5].
  [3, 5, 1, 9, 2, 8, 7, 4, 6].
  [1, 2, 8, 5, 3, 7, 6, 9, 4].
  [6, 3, 4, 8, 9, 2, 1, 5, 7].
  [7, 9, 5, 4, 6, 1, 8, 3, 2].
  [5, 1, 9, 2, 8, 6, 4, 7, 3].
  [4, 7, 2, 3, 1, 9, 5, 6, 8].
  [8, 6, 3, 7, 4, 5, 2, 1, 9].
  real	0m 28.53s
  user	0m 27.99s
  sys	0m 0.51s

Increase the timout to 120sec.

Note: On Gitlab-CI, every emulator timeout are increased by a factor 10
to avoid sporadic failures in elastic runners.

https://gitlab.com/buildroot.org/buildroot/-/blame/2025.08-rc3/support/misc/gitlab-ci.yml.in?ref_type=tags#L101

Cc: Julien Olivain <ju.o@free.fr>
Signed-off-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-09-04 18:41:25 +02:00
El Mehdi YOUNES 3618f6b6f9 package/bat: fix build with GCC 15
Bat pulls in the onig crate (version 6.4.0) through syntect with the
default "regex-onig" feature. This crate depends on the Oniguruma C
library (via onig_sys), which fails to build with GCC 15 due to C23
keyword conflicts. Newer versions of onig fix this issue, but bat
cannot directly update the onig version because it is pinned by syntect.

To resolve the build failure, apply a patch that replaces the
"regex-onig" feature with "regex-fancy" in bat's minimal-application
feature set. This switches bat to use the pure-Rust fancy-regex engine
instead of Oniguruma, avoiding the problematic onig_sys dependency.

Fixes:

  https://autobuild.buildroot.net/results/ecc/ecc3b0c83e691e9a8ed5c7ff9d0a92ee06409f20

Signed-off-by: El Mehdi YOUNES <elmehdi.younes@smile.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-09-04 18:10:48 +02:00
Thomas Petazzoni 3b5e1205dc package/openal: bump to 1.24.3 to fix GCC 15.x build issues
openal 1.22.0 does not build with GCC 15.x, but the backport of the
fixes to 1.22.0 turns out to be too complicated, so let's bump to
1.24.3 instead.

Since 1.24.3 uses C++17, and after testing with GCC 7.x, then GCC 8.x
then GCC 9.x, we found out that GCC 9.x at least is
necessary. Therefore, reverse dependencies are updated accordingly.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-09-04 18:08:12 +02:00
Thomas Perale 5ce1d6f017 package/mariadb: fix openssl RMD160 requirement
On the autobuilder the mariadb package fails to build when the
BR2_PACKAGE_LIBOPENSSL_ENABLE_RMD160 variable is not set.

See the following autobuilder error:

```
/workdir/instance-0/output-1/build/mariadb-10.11.11/libmariadb/libmariadb/secure/openssl_crypt.c: In function 'ma_hash_get_algorithm':
/workdir/instance-0/output-1/build/mariadb-10.11.11/libmariadb/libmariadb/secure/openssl_crypt.c:40:12: error: implicit declaration of function 'EVP_ripemd160'; did you mean 'LN_ripemd160'? [-Wimplicit-function-declaration]
   40 |     return EVP_ripemd160();
      |            ^~~~~~~~~~~~~
      |            LN_ripemd160
/workdir/instance-0/output-1/build/mariadb-10.11.11/libmariadb/libmariadb/secure/openssl_crypt.c:40:12: error: returning 'int' from a function with return type 'const EVP_MD *' {aka 'const struct evp_md_st *'} makes pointer from integer without a cast [-Wint-conversion]
   40 |     return EVP_ripemd160();
      |            ^~~~~~~~~~~~~~~
```

This error can be reproduced with the following config:

```
cat <<EOF >.config
BR2_arm=y
BR2_cortex_a7=y
BR2_TOOLCHAIN_EXTERNAL=y
BR2_TOOLCHAIN_EXTERNAL_BOOTLIN=y
BR2_PACKAGE_LIBOPENSSL=y
# BR2_PACKAGE_LIBOPENSSL_ENABLE_RMD160 is not set
BR2_PACKAGE_MARIADB=y
EOF
make olddefconfig
make mariadb
```

This patch adds a requirement to the RMD160 crypto for the MariaDB
package.

Fixes: https://autobuild.buildroot.org/results/f2b/f2b749cb7019856c5434c27987e8bfb2dc179cda
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-09-04 18:01:36 +02:00
Maxim Kochetkov 1b8a1d1435 package/timescaledb: bump version to 2.21.3
Release notes: https://github.com/timescale/timescaledb/blob/2.21.3/CHANGELOG.md

Signed-off-by: Maxim Kochetkov <fido_max@inbox.ru>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-09-04 17:58:05 +02:00
Giulio Benetti b73204ed11 package/rtl8188eu: fix build failure with linux 6.16
Bump to version 2025-09-03 on branch v5.2.2.4 to fix build failure with
Linux 6.16.

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-09-04 17:45:10 +02:00
Peter Korsgaard bbb0164de0 package/netstat-nat: remove package
Fixes http://autobuild.buildroot.net/results/bc52c072121286ddde3eee98ac28feb98f33dbbd/

The package has not been updated in 15 years (since commit 60ce1b0842
"Bump netstat-nat to 1.4.10"), the upstream URL is gone and the package
fails to build on modern gcc versions because of missing prototypes, so drop
it.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-09-03 19:47:24 +02:00
Romain Naour 6e9ede1d79 package/firewalld: add missing nftables json runtime dependency
Now that firewalld has been fixed for Python 3.13,
TestFirewalldSysVInit still fail at runtime due to missing nftables json
support [1].

cat /var/log/firewalld
  2025-09-02 21:34:50 Traceback (most recent call last):
    File "/usr/lib/python3.13/site-packages/firewall/core/fw.py", line 649, in start
    File "/usr/lib/python3.13/site-packages/firewall/core/fw.py", line 613, in _start
    File "/usr/lib/python3.13/site-packages/firewall/core/fw.py", line 510, in _start_apply_objects
    File "/usr/lib/python3.13/site-packages/firewall/core/fw_transaction.py", line 133, in execute
  firewall.errors.FirewallError: COMMAND_FAILED: 'python-nftables' failed: Error: syntax error, unexpected '{'
  {"nftables": [{"metainfo": {"json_schema_version": 1}}, {"add": {"table": {"family": "inet", "name": "firewalld"}}}, {"delete": {"table": {"family": "inet", "name": "firewalld"}}}, {"add": {"table": {"family": "inet", "name": "firewalld"}}}]}
  ^

Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/11198422467 (TestFirewalldSystemd)

[1] https://github.com/firewalld/firewalld/commit/1582c5dd736a11177ec320eb4ecbeb09fcae313a

Signed-off-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-09-03 19:05:11 +02:00
Romain Naour cd0b373314 package/firewalld: backport Python 3.13 port
The module pipes is no longer part of the Python standard library. It
was removed in Python 3.13 after being deprecated in Python 3.11. The
last version of Python that provided the pipes module was Python 3.12.

Our firewalld 2.0.2 version is now superseded by several releases
(up to 2.3.1) that include this patch (since 2.1.0).

[1] https://github.com/firewalld/firewalld/releases/tag/v2.3.1

Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/11198422466 (TestFirewalldSysVInit)

Signed-off-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-09-03 19:05:11 +02:00
Thomas Petazzoni d3229d7fa0 package/avrdude: disable Python support to fix build issues
The build of avrdude sometimes fails with:

avrdude: installs files in /home/autobuild/autobuild/instance-1/output-1/target//home/autobuild/autobuild/instance-1/output-1

This is due to an issue in the installation logic for the Python
code. However, our avrdude.mk doesn't explicitly support building
avrdude's Python support, so it's really only by luck (or lack
thereof) that sometimes host-swig and python3 end up built before
avrdude, causing avrdude to build its Python support, which installs
at the wrong location.

In order to address this, we add a small patch, submitted upstream,
that allows to explicitly disable Python support, which we then use in
avrdude.mk.

The actual Python issue can be investigated at a later point if
someone needs it. But in any case, being able to explicitly disable
Python support if not needed is useful.

Fixes:

  http://autobuild.buildroot.net/results/f18d47289d8b4dee768275a468c25b4f4399cf8c/

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-09-03 18:24:59 +02:00
Thomas Petazzoni a4b0913280 package/apitrace: fix build with GCC 15.x
Fixes:

  /home/thomas/buildroot/buildroot/outputs/all/build/apitrace-10.0/retrace/metric_writer.cpp:50:70: error: ‘uint64_t’ does not name a type
   50 |         case CNT_NUM_UINT64: std::cout << "\t" << *(reinterpret_cast<uint64_t*>(data)); break;
      |                                                                      ^~~~~~~~

Fixes:

  http://autobuild.buildroot.net/results/6e4/6e4e841b4f0be29956fdfad43a406d2dab3003f3/build-end.log

Patch is backported from upstream.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-09-03 18:20:37 +02:00
Peter Korsgaard 2f309a6e0f package/ecryptfs-utils: ssl support needs engines support in openssl
Fixes https://autobuild.buildroot.net/results/f32ae62961aac7e8344f4be109040e7de2eb415e/

The openssl logic in ecryptfs uses the openssl engines API, which is always
available in libressl, but only available in libopenssl when
BR2_PACKAGE_LIBOPENSSL_ENGINES is enabled, leading to build failures when it
is not:

ecryptfs_key_mod_openssl.c: In function 'ecryptfs_openssl_read_key':
ecryptfs_key_mod_openssl.c:305:9: error: implicit declaration of function 'ENGINE_load_builtin_engines' [-Wimplicit-function-declaration]
  305 |         ENGINE_load_builtin_engines();

Fix it by only passing --enable-openssl if libressl or (libopenssl + engines
support) is enabled.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-09-03 18:20:28 +02:00
Peter Korsgaard fa4148d45a package/wipe: autoreconf to fix configure with >= gcc-15
Fixes https://autobuild.buildroot.net/results/9d4e2f156d76e2acc83e3a25adb5e5cf0705e7c6/

configure:781: checking whether the C compiler (/home/buildroot/instance-0/output-1/host/bin/armeb-buildroot-linux-gnueabi-gcc -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64  -Og -g0 -D_FORTIFY_SOURCE=1 ) works
configure:797: /home/buildroot/instance-0/output-1/host/bin/armeb-buildroot-linux-gnueabi-gcc -o conftest -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64  -Og -g0 -D_FORTIFY_SOURCE=1 -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64  conftest.c  1>&5
configure:794:1: error: return type defaults to 'int' [-Wimplicit-int]
  794 | main(){return(0);}
      | ^~~~
configure: failed program was:

 #line 792 "configure"
 #include "confdefs.h"

 main(){return(0);}

Wipe uses a very old configure script where the compile checks are missing
the return type on main(), breaking the configure step with >= gcc-15.

As a workaround, use AUTORECONF to regenerate the configure script.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-09-03 18:19:28 +02:00
Peter Korsgaard f19d98eee2 package/input-event-daemon: fix build w/ gcc-15
Fixes https://autobuild.buildroot.net/results/7c3556ec16c28b61bda62156a3bee858cf80cd1c/

The source code uses empty argument prototypes, which changed behaviour in
C23 (default in gcc-15):

https://gcc.gnu.org/gcc-15/porting_to.html#c23-fn-decls-without-parameters

Causing build issues.  Latest upstream release is from 2010, so work around
it by forcing gnu99 mode instead.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-09-03 18:18:30 +02:00
Peter Korsgaard f847653144 package/jose: needs shared libraries
Fixes https://autobuild.buildroot.net/results/bf23e75461877a4ca3a189626f30cf8cde24de36/

Jose unconditionally builds a shared library since v11 with:

 commit b72f8cad002edc87286dd1f2331c359158c512e8
 Author: Rosen Penev <rosenp@gmail.com>
 Date:   Tue May 30 12:18:30 2023 +0300

   jose: build library only as shared (#119)

   Needed because of constructor usage in library.

So add a dependency on BR2_SHARED_LIBS.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-09-03 18:17:49 +02:00
Titouan Christophe 04cd135b26 package/python-flask-cors: security bump to v6.0.1
This is a major version bump, because it could break user code that depends
on the (wrong) previous logic fixed by the new release

See the release notes:
- https://github.com/corydolphin/flask-cors/releases/tag/6.0.0
- https://github.com/corydolphin/flask-cors/releases/tag/6.0.1

This fixes the following vulnerabilities:
- CVE-2024-6839:
    corydolphin/flask-cors version 4.0.1 contains an improper regex path
    matching vulnerability. The plugin prioritizes longer regex patterns
    over more specific ones when matching paths, which can lead to less
    restrictive CORS policies being applied to sensitive endpoints. This
    mismatch in regex pattern priority allows unauthorized cross-origin
    access to sensitive data or functionality, potentially exposing
    confidential information and increasing the risk of unauthorized
    actions by malicious actors.
    https://www.cve.org/CVERecord?id=CVE-2024-6839

- CVE-2024-6844:
    A vulnerability in corydolphin/flask-cors version 4.0.1 allows for
    inconsistent CORS matching due to the handling of the '+' character in
    URL paths. The request.path is passed through the unquote_plus
    function, which converts the '+' character to a space ' '. This
    behavior leads to incorrect path normalization, causing potential
    mismatches in CORS configuration. As a result, endpoints may not be
    matched correctly to their CORS settings, leading to unexpected CORS
    policy application. This can cause unauthorized cross-origin access or
    block valid requests, creating security vulnerabilities and usability
    issues.
    https://www.cve.org/CVERecord?id=CVE-2024-6844

- CVE-2024-6866:
    corydolphin/flask-cors version 4.01 contains a vulnerability where the
    request path matching is case-insensitive due to the use of the
    `try_match` function, which is originally intended for matching hosts.
    This results in a mismatch because paths in URLs are case-sensitive,
    but the regex matching treats them as case-insensitive. This
    misconfiguration can lead to significant security vulnerabilities,
    allowing unauthorized origins to access paths meant to be restricted,
    resulting in data exposure and potential data leaks.
    https://www.cve.org/CVERecord?id=CVE-2024-6866

Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-09-03 18:16:57 +02:00
Titouan Christophe 0eefa1095d package/imagemagick: security bump to v7.1.2-3
This fixes the following vulnerabilities:
- CVE-2023-5341:
    A heap use-after-free flaw was found in coders/bmp.c in ImageMagick.
    https://www.cve.org/CVERecord?id=CVE-2023-5341

- CVE-2025-55004:
    ImageMagick is free and open-source software used for editing and
    manipulating digital images. Prior to version 7.1.2-1, ImageMagick is
    vulnerable to heap-buffer overflow read around the handling of images
    with separate alpha channels when performing image magnification in
    ReadOneMNGIMage. This can likely be used to leak subsequent memory
    contents into the output image. This issue has been patched in version
    7.1.2-1.
    https://www.cve.org/CVERecord?id=CVE-2025-55004

- CVE-2025-55005:
    ImageMagick is free and open-source software used for editing and
    manipulating digital images. Prior to version 7.1.2-1, when preparing
    to transform from Log to sRGB colorspaces, the logmap construction
    fails to handle cases where the reference-black or reference-white
    value is larger than 1024. This leads to corrupting memory beyond the
    end of the allocated logmap buffer. This issue has been patched in
    version 7.1.2-1.
    https://www.cve.org/CVERecord?id=CVE-2025-55005

- CVE-2025-55160:
    ImageMagick is free and open-source software used for editing and
    manipulating digital images. Prior to versions 6.9.13-27 and 7.1.2-1,
    there is undefined behavior (function-type-mismatch) in splay tree
    cloning callback. This results in a deterministic abort under UBSan
    (DoS in sanitizer builds), with no crash in a non-sanitized build.
    This issue has been patched in versions 6.9.13-27 and 7.1.2-1.
    https://www.cve.org/CVERecord?id=CVE-2025-55160

Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-09-03 18:15:38 +02:00
Titouan Christophe c4c282f8ec package/sqlite: add patch for CVE-2025-6965
This fixes the following vulnerability:
- CVE-2025-6965:
    There exists a vulnerability in SQLite versions before 3.50.2 where
    the number of aggregate terms could exceed the number of columns
    available. This could lead to a memory corruption issue. We recommend
    upgrading to version 3.50.2 or above.
    https://www.cve.org/CVERecord?id=CVE-2025-6965

Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-09-03 18:14:45 +02:00
Titouan Christophe 891ec88b6d package/wireshark: security bump to v4.2.13
See the release notes:
- https://www.wireshark.org/docs/relnotes/wireshark-4.2.12.html
- https://www.wireshark.org/docs/relnotes/wireshark-4.2.13.html

This fixes the following vulnerability:
- CVE-2025-5601:
    Column handling crashes in Wireshark 4.4.0 to 4.4.6 and 4.2.0 to
    4.2.12 allows denial of service via packet injection or crafted
    capture file
    https://www.cve.org/CVERecord?id=CVE-2025-5601

Also update hash for COPYING because of Wireshark commit
614add27f29269e681e4d32138bea4951985fe0a that changes the FSF address

Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-09-03 18:13:27 +02:00
Titouan Christophe c7a8c85d45 package/netavark: security bump to v1.16.1
Even though this is not mentioned in the release notes:
- https://github.com/containers/netavark/releases/tag/v1.16.0
- https://github.com/containers/netavark/releases/tag/v1.16.1

According to https://bugzilla.redhat.com/show_bug.cgi?id=2383941,
the fix for the CVE has been merged upstream, and is in netavark
since v1.16.0.

This fixes the following vulnerability:
- CVE-2025-8283:
    A vulnerability was found in the netavark package, a network stack for
    containers used with Podman. Due to dns.podman search domain being
    removed, netavark may return external servers if a valid A/AAAA record
    is sent as a response. When creating a container with a given name,
    this name will be used as the hostname for the container itself, as
    the podman's search domain is not added anymore the container is using
    the host's resolv.conf, and the DNS resolver will try to look into the
    search domains contained on it. If one of the domains contain a name
    with the same hostname as the running container, the connection will
    forward to unexpected external servers.
    https://www.cve.org/CVERecord?id=CVE-2025-8283

Also bump package/aardvark-dns in the same lockstep, as advised in
the packages .mk version comments.

Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-09-03 18:12:41 +02:00
Giulio Benetti f55145837e package/udisks: security bump to version 2.10.2
This fixes this security bug:
https://github.com/storaged-project/udisks/security/advisories/GHSA-742q-gggc-473g

Release notes:
https://github.com/storaged-project/udisks/releases/tag/udisks-2.10.2

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-09-01 23:29:22 +02:00
Titouan Christophe a49354e46f package/mosquitto: fix build failure with recent glibc
Fix link-time build failures because glibc>=2.34 no longer ships libanl.so
as it has been consolidated into libc.

See the inner patch message for more details.

Fixes: https://autobuild.buildroot.org/results/16223cd838876abc9b6f941f7dc20d23afa32c3b/

Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-09-01 13:16:05 +02:00
Peter Korsgaard 759a08633e package/mbpfan: fix build on musl / uclibc-ng
Fixes https://autobuild.buildroot.net/results/9526503fe8e756bd4444f1fb1e9cf1391c461901/

mbpfan uses vsyslog(), which is not in POSIX so only exposed by <syslog.h>
on musl and uclibc-ng if we define _DEFAULT_SOURCE:

https://git.musl-libc.org/cgit/musl/tree/include/syslog.h#n64
https://cgit.uclibc-ng.org/cgi/cgit/uclibc-ng.git/tree/include/sys/syslog.h#n200

Add a patch submitted upstream to do this.

[Peter: add patch rather than passing _DEFAULT_SOURCE in mbpfan.mk]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-09-01 12:33:56 +02:00
Peter Korsgaard 17259a2235 package/tstools: fix build w/ gcc-15
GCC-15 defaults to C23, which changes the meaning of an empty parameter
list:

https://gcc.gnu.org/gcc-15/porting_to.html#c23-fn-decls-without-parameters

Leading to a build failure:

tsserve.c: In function ‘set_child_exit_handler’:
tsserve.c:2988:21: error: assignment to ‘__sighandler_t’ {aka ‘void (*)(int)’} from incompatible pointer type ‘void (*)(void)’ [-Wincompatible-pointer-types]
 2988 |   action.sa_handler = on_child_exit;

Add a patch from an upstream PR to fix that.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-09-01 09:58:31 +02:00
Arnout Vandecappelle 8e91db90e2 Config.in.legacy: fix release where LIGHTTPD_LIBEV was removed
Commit 0d643a8636 which removed the
BR2_PACKAGE_LIGHTTPD_LIBEV symbol was originally meant for next and
therefore introduced the "Legacy options removed in 2025.11" comment.
However, in the end it was still applied to master for 2025.08, so the
legacy symbol was incorrectly placed.

Fix that.

Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-09-01 08:11:00 +02:00
Peter Korsgaard c7af01f47a package/ipmitool: move to codeberg
The github repo was deleted and moved to codeberg, so use that instead:

https://lwn.net/Articles/926101/

It is unclear if the auto generated tarballs from codeberg are reproducible,
so instead fetch through git.

[Peter: set _CPE_ID_VERSION to the correct value]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-08-31 21:17:34 +02:00
Peter Korsgaard 98e28829ae utils/genrandconfig: update bare metal logic after change to buildroot vendor name
Fixes https://autobuild.buildroot.net/results/c961d9edae0f1f3d17b5a6f078519bc7bad03a26/

Commit 053b0c9f66 ("boot/xilinx-embeddedsw: remove support for xilinx
vendor name" dropped support for microblazeel-xilinx-elf, so adjust the
genrandconfig logic to match.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-08-31 18:56:29 +02:00
Peter Korsgaard 73331b68a9 package/brcm-patchram-plus: fix build w/ gcc-15
Fixes http://autobuild.buildroot.net/results/2058934e442c0b3f3d0bd81bd7ed080c2eaade31/

The source code uses empty argument function pointer prototypes, which
changed behaviour in C23 (default in gcc-15):

https://gcc.gnu.org/gcc-15/porting_to.html#c23-fn-decls-without-parameters

Causing build issues. Fix it by forcing gnu99 mode instead.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-08-31 16:59:11 +02:00
Peter Korsgaard 7c47e8b1b2 package/squid: bump to version 6.14
Bufix release fixing a number of issues:

- Bug 5352: Do not get stuck in RESPMOD after pausing peer read(2)
- Bug 5489: Fix "make check" linking on Solaris
- Fix SNMP cacheNumObjCount -- number of cached objects
- Do not duplicate received Surrogate-Capability in sent requests
- Fix Mem::Segment::open() stub to fix build without shm_open()
- ... and CI and documentation updates

https://github.com/squid-cache/squid/releases/tag/SQUID_6_14

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-08-31 16:58:49 +02:00
Peter Korsgaard 2389965eaf package/python-h2: security bump to version 4.3.0
Fixes the following security vulnerability:

- CVE-2025-57804: HTTP/2 request splitting via CRLF injection

  https://github.com/python-hyper/h2/security/advisories/GHSA-847f-9342-265h

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-08-31 16:58:31 +02:00
Vincent Stehlé 6001601544 configs/qemu_{arm,aarch64}_{ebbr,sbsa}*: linux needs host python3
Since Buildroot commit [1] updating qemu defconfigs from Kernel 6.6.32
to 6.12.9, qemu_aarch64_ebbr_defconfig, qemu_aarch64_sbsa_defconfig
and qemu_arm_ebbr_defconfig can fail to build with error:

    /bin/sh: 1: python3: not found
    make[7]: *** [drivers/gpu/drm/msm/Makefile:182: drivers/gpu/drm/msm/generated/a2xx.xml.h] Error 127

The issue can happen on build hosts without Python, and if the Linux
kernel is built before any package having host-python3 in its
dependencies (e.g. host-qemu, optee-os, ...).

Starting with Linux 6.10, the arm and arm64 architecture defconfigs need
python3 to build. [2]

This commit fixes this issue by adding
BR2_LINUX_KERNEL_NEEDS_HOST_PYTHON3=y in those defconfigs.

[1] https://gitlab.com/buildroot.org/buildroot/-/commit/44075c19555df409ea7c2859729abb02d341df29
[2] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=0fddd045f88e34d6160785a3a5e506d374566454

Signed-off-by: Vincent Stehlé <vincent.stehle@arm.com>
Cc: Romain Naour <romain.naour@gmail.com>
[Julien:
 - reword commit log to add the commit introducing the issue
 - fix qemu_aarch64_sbsa_defconfig which has the same issue
]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-08-30 17:09:36 +02:00
Thomas Petazzoni 7d0456d510 package/libkrb5: fix GCC 15.x build issues
Backport upstream commit 4b9d7f7c107f01a61600fddcd8cde3812d0366a2
would allow to solve GCC 15.x issues, but it's a 313 KB patch. So
instead, let's build with -std=gnu99. It requires a bit of
reorganization on how CFLAGS are handled.

Fixes:

  http://autobuild.buildroot.net/results/4460089f5989277e6143f6e3d66f71371913ee4b/

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-08-29 21:35:12 +02:00
Thomas Perale 1869b4065c package/go: fix CPE id
This patch fixes the CPE ID for both go-bin and go-src packages.

The go-src package did had a CPE ID because GO_SRC_CPE_ID_VENDOR is
defined but the generated CPE ID would be the following:

cpe:2.3:a:golang:go-src:*:*:*:*:*:*:*:*

The CPE product go-src doesn't match to anything and should be 'go'
instead.

For go-bin no CPE_ID variable were defined so no CPE ID would be
generated if using a pre-build toolchain.

This patch duplicate the definition of the CPE_ID variables, I didn't
put the definition in the 'package/go/go.mk' file to avoid generate a
CPE for the go virtual package.

Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-08-29 20:45:53 +02:00
Thomas Petazzoni f7a5614c5d package/libfreeglut: fix build with GCC 15.x
Fixes:

/home/thomas/buildroot/buildroot/outputs/all/build/libfreeglut-3.4.0/src/x11/fg_init_x11.c:297:6: error: conflicting types for ‘fgPlatformDestroyContext’; have ‘void(SFG_PlatformDisplay,  struct __GLXcontextRec *)’ {aka ‘void(struct tagSFG_PlatformDisplay,  struct __GLXcontextRec *)’}
  297 | void fgPlatformDestroyContext ( SFG_PlatformDisplay pDisplay, SFG_WindowContextType MContext )

No autobuilder failures for this issue.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-08-29 20:41:14 +02:00
Thomas Petazzoni 7ed636069f package/libgsm: fix build failure with GCC 15.x
Fixes:

  http://autobuild.buildroot.net/results/95f0ff842e4fddcf9d2ffaeb7ddbb9abeb821319/

There is no proper upstream project with a Git repo or mailing list,
so we just sent the patch by e-mail to the project maintainer.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-08-29 20:31:21 +02:00
Giulio Benetti 31342fb5ff package/rtl8821au: bump to version 2025-08-29 branch v5.2.6
This version allows to build up to Linux version 6.16

Fixes:
https://autobuild.buildroot.org/results/588b834b133abfc983945beef37f7f2b0df71c5f

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-08-29 19:53:17 +02:00
Peter Korsgaard 59fe7547a4 package/libcap-ng: disable pthread support on nommu
Fixes: https://autobuild.buildroot.net/results/9c40c86a42882a6d56eb6d6d1418781a980b6f8f/

The pthread support uses pthread_atfork(), which is not available on nommu:

cap-ng.c: In function 'init_lib':
cap-ng.c:225:9: error: implicit declaration of function 'pthread_atfork';
  did you mean 'pthread_join'?  [-Wimplicit-function-declaration]

So disable pthread support on nommu to fix that.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-08-29 19:49:54 +02:00
Thomas Petazzoni 53a8616460 package/pkg-generic.mk: use more sensible default value for <pkg>_CPE_ID_UPDATE
Setting the "update" field in the CPE ID to * doesn't actually make
much sense, as * is a wildcard. Instead, this field should really
reflect the "subrelease" / "update" of the package, which unless
specified explicitly by the package .mk file, is empty.

Using a wildcard causes a few CVEs to be incorrectly identified as
affecting some of our packages.

For example https://nvd.nist.gov/vuln/detail/CVE-2013-1428 has a
CPE configuration that goes like this:

cpe:2.3:a:tinc-vpn:tinc:*:pre6:*:*:*:*:*:* up to including 1.1

and this CPE configuration is currently identified as affecting our
package. This isn't correct as our package is using 1.0.36, not a
"pre6" version. But because the CPE ID generated by Buildroot uses *
as the "update" field, and * is the wildcard, it does match with this
CPE configuration.

After this change, two CVEs are no longer identified as affecting
Buildroot packages:

  https://nvd.nist.gov/vuln/detail/CVE-2013-1428
  https://nvd.nist.gov/vuln/detail/CVE-2017-9454

and in both cases they are indeed CVEs not affecting our package.

Reported-by: Titouan Christophe <titouan.christophe@mind.be>
Cc: Titouan Christophe <titouan.christophe@mind.be>
Cc: Thomas Perale <thomas.perale@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Reviewed-by: Titouan Christophe <titouan.christophe@mind.be>
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-08-29 19:49:53 +02:00
Peter Korsgaard 2218f02155 package/vde2: fix build w/ gcc-15
Fixes: https://autobuild.buildroot.net/results/8d14173f31922a737c326be75aa24c9f9471342a/

The vde2 source code uses empty argument function pointer prototypes like:

typedef ssize_t (* ssize_fun)();
extern ssize_fun vdehist_vderead;

In C17 and earlier, such prototypes means unknown number of arguments,
whereas with C23 it means no arguments, leading to build failures:

libvdehist.c:39:27: error: initialization of 'ssize_fun' {aka 'long int
  (*)(void)'} from incompatible pointer type 'ssize_t (*)(int,  void *,
  size_t)' {aka 'long int (*)(int,  void *, long unsigned int)'}
  [-Wincompatible-pointer-types]

Workaround it using -std=gnu99.  Vde2 is provided both as a host and target
package, so do this unconditionally for both.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-08-29 19:35:34 +02:00
Waldemar Brodkorb 08a1e10fbe package/uclibc: fix grub2 compilation
Fixes:
 https://autobuild.buildroot.org/results/7a4/7a4d0f0571cd0cef1c87f3ef207618de72c1c78c/build-end.log

Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-08-29 19:24:03 +02:00
Thomas Devoogdt 0d643a8636 package/lighttpd: security bump to 1.4.81
News:
- https://www.lighttpd.net/2025/8/13/1.4.80/
  - detect and issue error trace for HTTP/2 MadeYouReset VU#767506 CVE-2025-8671
- https://www.lighttpd.net/2025/8/17/1.4.81/
  - security: fix to reject disallowed trailers

See Changes from 1.4.79:

[build] remove references to libev; no longer used

So drop here as well.

Signed-off-by: Thomas Devoogdt <thomas@devoogdt.com>
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-08-29 19:20:37 +02:00
Neal Frager 2dba44f168 configs/zynqmp_*: bump to Linux 6.12.40
This patch bumps the zynqmp defconfigs to Linux 6.12.40.

The memory leak patch is included with the Linux 6.12.40 release tag, so it no
longer needs to be applied to these defconfigs:
https://github.com/Xilinx/linux-xlnx/commit/9691533f6e6fd0a596ac7688e82eeea53f22c434

This patch has been run tested on the zynqmp zcu102 evaluation board.
This patch has been run tested on the kria kv260 evaluation board.

Signed-off-by: Neal Frager <neal.frager@amd.com>
Reviewed-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-08-29 19:15:01 +02:00
Neal Frager c7a45b8302 board/zynqmp: increase vfat partition to 64M
Now that the qspi.bin file is included for zynqmp images, the 32M vfat
partition is getting dangerously close to being full.

In the process of bumping Linux kernel 6.12.10 to 6.12.40, the size of the
default Linux kernel Image file for zynqmp products is increasing from 23.4M
to 26.9M. This is leaving less than 1M of free space in the vfat partition
meaning users may unknowingly exceed the 32M size by just adding Linux kernel
configs.

To avoid potential problems, this patch doubles the size of the vfat partition
to 64M, which should be plenty of space for any configuration.

Signed-off-by: Neal Frager <neal.frager@amd.com>
Reviewed-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-08-29 19:14:20 +02:00
Neal Frager 0c5cf118d0 configs/zynq_*: bump to Linux 6.12.40
This patch bumps the zynq defconfigs to Linux 6.12.40.

The memory leak patch is included with the Linux 6.12.40 release tag, so it no
longer needs to be applied to these defconfigs:
https://github.com/Xilinx/linux-xlnx/commit/9691533f6e6fd0a596ac7688e82eeea53f22c434

This patch has been run tested on the zynq zc702 evaluation board.

Signed-off-by: Neal Frager <neal.frager@amd.com>
Reviewed-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
[Arnout: squash addition of the hash into the same patch]
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-08-29 19:11:08 +02:00
Gero Schwäricke a87b1800b9 utils/bump-stable-kernel-versions: new tool
This tool helps to update Linux stable releases.

The script uses the versions found in linux/linux.hash. For each of the
versions it downloads the related hash list and tries to find an updated
stable release. If found it updates all related files and hashes.

Signed-off-by: Gero Schwäricke <gero.schwaericke@grandcentrix.net>
[Arnout: commonalize the sed expression for linux and linux-headers]
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-08-29 18:44:41 +02:00
Peter Korsgaard c7721b0174 package/unbound: mark CVE-2025-5994 as not applicable
Unbound is vulnerable to CVE-2025-5994: "Cache poisoning via the ECS-enabled
Rebirthday Attack" if built with --enable-subnet, which is not the case in
Buildroot, so mark it as not applicable.

https://nlnetlabs.nl/downloads/unbound/CVE-2025-5994.txt

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-08-29 17:48:28 +02:00
Thomas Petazzoni c719a73a21 package/ffmpeg: add optional support for libsoxr
Now that libsoxr no longer depends on ffmpeg, we can actually use
libsoxr in ffmpeg.

See:

  https://trac.ffmpeg.org/wiki/FFmpeg%20and%20the%20SoX%20Resampler

for some details.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-08-29 17:38:56 +02:00
Thomas Petazzoni 8db836d292 Reapply "package/ffmpeg: add support for pulseaudio"
This reverts commit fecc337d21,
re-adding optional support for pulseuadio in ffmpeg.

This is possible now that the circular dependency:

  pulseaudio -> libsoxr -> ffmpeg -> pulseaudio

has been broken between libsoxr and ffmpeg.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-08-29 17:38:23 +02:00
Thomas Petazzoni 4bf2a854f9 package/libsoxr: drop ffmpeg support
Having support for ffmpeg in libsoxr causes several circular
dependencies:

- pulseaudio -> libsoxr -> ffmpeg -> pulseaudio

  (This one was worked around in
  fecc337d21 by dropping the ffmpeg ->
  pulseaudio dependency, but it's annoying as being able to output
  audio from ffmpeg into pulseaudio seems useful)

- libopenmpt -> pulseaudio -> libsoxr -> ffmpeg -> libopenmpt

  (This is one exists, and is fixed by this commit)

To fix both circular dependencies, we propose to drop the dependency
of libsoxr on ffmpeg, which is used to get some optimized FFT
implementation. While not being useless, this is the point where
breaking the dependency seems the most logical.

Neither Debian nor Fedora build libsoxr with ffmpeg support.

In order to achieve that, we add a new patch making the option
WITH_AVFFT actually effective. Since we no longer build against
ffmpeg, the previously added patch that was fixing the pkg-config file
is no longer needed.

Fixes:

  https://autobuild.buildroot.net/results/bbfce69f35cafd56245ebeae79086a8b64592a16/

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-08-29 17:38:15 +02:00
Thomas Petazzoni d5a45fd443 package/webrtc-audio-processing: fix build with GCC 15.x
A missing include causes a build failure with GCC 15.x. There are no
known autobuilder failures for this issue, but the following defconfig
allows to reproduce the issue:

 BR2_arm=y
 BR2_cortex_a9=y
 BR2_ARM_ENABLE_VFP=y
 BR2_TOOLCHAIN_EXTERNAL=y
 BR2_TOOLCHAIN_EXTERNAL_BOOTLIN=y
 BR2_INIT_NONE=y
 BR2_SYSTEM_BIN_SH_NONE=y
 # BR2_PACKAGE_BUSYBOX is not set
 BR2_PACKAGE_WEBRTC_AUDIO_PROCESSING=y
 # BR2_TARGET_ROOTFS_TAR is not set

The affected code has completely changed in newer versions of
webrtc-audio-processing, so we add a non-upstream patch, which can be
dropped once we upgrade to a newer release.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-08-29 17:34:42 +02:00
Thomas Petazzoni e7aa0802a7 package/netsurf-buildsystem: remove package
This host package was only used as a build dependency of libsvgtiny,
which itself has been removed, so it can be dropped as well.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-08-29 17:30:37 +02:00
Thomas Petazzoni fdb0669e40 package/libsvgtiny: remove package
This package hasn't been updated in years. It has new releases, such
as 1.0.8 from December 2023, but nobody updated to it.

Doing the version bump is not straightforward, and the original
package submitter, Peter Korsgaard, is no longer using it. This
package also had no reverse dependency, and no maintainer in the
DEVELOPERS file.

Therefore, let's drop this package.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
[Peter: Add Config.in.legacy handling]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-08-29 17:30:14 +02:00
Thomas Petazzoni 6fdebc54b3 package/libsvgtiny: add patch to fix GCC 15.x build issue
Add a small, easily backportable patch to fix GCC 15.x build
issue. The issue is also fixed upstream in later releases, but this
patch is a minimal fix that can be backported to LTS independently
from a version bump.

Fixes:

  https://autobuild.buildroot.org/results/c3d703663faabe40448d908afbdbb351a016aece/

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-08-29 17:27:14 +02:00
Fiona Klute (WIWA) b10f50399a package/pkg-utils.mk: include package directory in show-info output
The new package_dir element contains the path of the package
directory. For Buildroot packages this is a path relative to the main
Buildroot directory, for packages from external trees an absolute
path.

Signed-off-by: Fiona Klute (WIWA) <fiona.klute@gmx.de>
Tested-by: Titouan Christophe <titouan.christophe@mind.be>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-08-29 17:15:21 +02:00
Thomas Petazzoni 44bba49507 package/mariadb: explicitly disable the column store plugin
Building the column store plugin (which gets automatically enabled
when Boost with a bunch of submodules is found) currently fails as it
requires a number of runtime checks that obviously cannot work when
cross-compiling.

OpenEmbedded has defined them as such:

  -DLSTAT_FOLLOWS_SLASHED_SYMLINK_EXITCODE=0 \
  -DSTAT_EMPTY_STRING_BUG_EXITCODE=0 \
  -DMASK_LONGDOUBLE_EXITCODE=0 \

but it really isn't clear whether those values are completely correct
for all CPU architectures, especially the last one.

So instead, let's disable the column store plugin until someone
actually needs it and figures out how to set those variables properly.

The issue fixed by this commit can be reproduced using the following
defconfig:

BR2_aarch64=y
BR2_ARM_FPU_VFPV3D16=y
BR2_TOOLCHAIN_EXTERNAL=y
BR2_TOOLCHAIN_EXTERNAL_BOOTLIN=y
BR2_PACKAGE_MARIADB=y
BR2_PACKAGE_MARIADB_SERVER=y
BR2_PACKAGE_BOOST=y
BR2_PACKAGE_BOOST_DATE_TIME=y
BR2_PACKAGE_BOOST_FILESYSTEM=y
BR2_PACKAGE_BOOST_REGEX=y
BR2_PACKAGE_BOOST_THREAD=y

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-08-29 16:28:06 +02:00
Bernd Kuhls c1512a76d7 {linux, linux-headers}: bump 5.{4, 10, 15}.x / 6.{1, 6, 12, 16}.x series
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-08-29 15:13:22 +02:00
Thomas Petazzoni 8964f0652c package/mariadb: fix sub-option indentation
The Config.in comment is between the main BR2_PACKAGE_MARIADB option
and its sub-options, causing the sub-options to not appear as nicely
indented in menuconfig.

Before:

[ ] mariadb
[ ] mariadb server
  [ ] mariadb embedded server

After:

[ ] mariadb
  [ ] mariadb server
    [ ] mariadb embedded server

which is what we want.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-08-29 15:11:28 +02:00
Yegor Yefremov 0f80622f1c package/tcpreplay: bump to version 4.5.2
Bugfix release, fixing compatibility w/ gcc-15.

For change log, see:
https://github.com/appneta/tcpreplay/releases/tag/v4.5.2

Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
[Peter: mention gcc+15 fix]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-08-29 14:58:07 +02:00
Titouan Christophe f3be464f7a utils/test-pkg: add new option -T/--toolchain-name
Recently when trying to reproduce a build error with test-pkg on the toolchain
br-arm-basic, I had to create a new CSV file with that toolchain only to be
able to run the test in that single case.

I believe having a command-line option right away in test-pkg would make this
much easier, as I can now run: `./utils/test-pkg -T br-arm-basic -p redis`

Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Tested-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-08-29 12:26:29 +02:00
Romain Naour c6b8ddab6e package/thttpd: remove package
Despite the last thttpd release 2.29 back in 2018, the package doesn't
build with modern compiler (gcc-15) and Autoconf (newer than 2.13) [1].

Remove TestThttpd from our testsuite.

[1] https://lore.kernel.org/buildroot/20250811203206.1506378-1-romain.naour@smile.fr/

Cc: Julien Olivain <ju.o@free.fr>
Signed-off-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-08-29 12:21:19 +02:00
Romain Naour 667871b06d support/testing: TestLibCurl: replace thttpd by Busybox's httpd server
In order to remove thttpd package from Buildroot, we have to replace it
from TestLibCurl.

Busybox's httpd server doesn't report server identification, update
TestLibCurl accordingly.

Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/11042294712

Cc: Julien Olivain <ju.o@free.fr>
Signed-off-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-08-29 12:19:07 +02:00
Romain Naour f547af0419 support/testing: TestWget: replace thttpd by Busybox's httpd server
In order to remove thttpd package from Buildroot, we have to replace it
from TestWget.

Busybox's httpd server doesn't report server identification, update
TestWget accordingly.

Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/11042295041

Cc: Julien Olivain <ju.o@free.fr>
Signed-off-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-08-29 12:18:11 +02:00
Romain Naour bcd97e1424 package/busybox: add httpd server startup script
In order to remove thttpd package from Buildroot, we have to replace it
from our testsuite (TestWget and TestLibCurl).

Busybox provide an httpd server applet but it's not enabled in our
default busybox configuration.

For the sake of those tests, add a new busybox option to build and
install the Busybox's httpd server and its init script.

Import S90thttpd from thttpd package to S90httpd but with some changes
following S01syslogd init script as a reference [1].

[1] https://gitlab.com/buildroot.org/buildroot/-/commit/3dc80614442cc3942a372a8c31abd22c1bc96241

Cc: Julien Olivain <ju.o@free.fr>
Cc: Fiona Klute (WIWA) <fiona.klute@gmx.de>
Signed-off-by: Romain Naour <romain.naour@smile.fr>
Reviewed-by: Fiona Klute <fiona.klute@gmx.de>
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-08-29 12:15:18 +02:00
Thomas Petazzoni 61d361c3c5 configs/engicam_imx6*: remove defconfigs, broken
Remove numerous Engicam i.MX6 defconfigs as they don't build:

  https://gitlab.com/buildroot.org/buildroot/-/jobs/11012273148
  https://gitlab.com/buildroot.org/buildroot/-/jobs/11012273147
  https://gitlab.com/buildroot.org/buildroot/-/jobs/11012273145
  https://gitlab.com/buildroot.org/buildroot/-/jobs/11012273144
  https://gitlab.com/buildroot.org/buildroot/-/jobs/11012273136

All of them are using outdated Linux kernel versions, not even LTS,
which fail to build with modern toolchains.

Unless fixes are provided, these defconfigs will be dropped.

Cc: Adam Duskett <adam.duskett@amarulasolutions.com>
Cc: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Cc: Jagan Teki <jagan@amarulasolutions.com>
Cc: Meena Murthy <meena.murthy@amarulasolutions.com>
Cc: Michael Trimarchi <michael@amarulasolutions.com>
Cc: Suniel Mahesh <sunil@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-08-29 12:09:08 +02:00
Julien Olivain db951a4c71 configs/sipeed_licheepi_zero: update Linux, U-Boot to fix build
Since Buildroot commit [1] dc0f7215c6 "package/gcc: switch to 13.x as
default", sipeed_licheepi_zero_defconfig fails when building the Linux
kernel with the error message:

    drivers/ata/libahci.c: In function 'ahci_led_store':
    ./include/linux/compiler.h:350:45: error: call to '__compiletime_assert_1138' declared with attribute error: BUILD_BUG_ON failed: sizeof(_s) > sizeof(long)
      350 |         _compiletime_assert(condition, msg, __compiletime_assert_, __LINE__)

This issue is fixed by upstream Kernel commit [2].

This commit fixes this issue by updating the Linux Kernel from v5.3.5
(which is not a LTS series) to v6.12.43 (which is a LTS series
including the fixes). With this update,
BR2_LINUX_KERNEL_INTREE_DTS_NAME is updated accordingly to follow the
new DTS organization.

This commit also updates U-Boot from 2022.01 to 2025.07. This new
version now requires BR2_TARGET_UBOOT_NEEDS_GNUTLS=y.

While at it, this commit also switches to a stable glibc Bootlin
external toolchain, to follow the new guidelines from [3].

Finally, this commit adds BR2_DOWNLOAD_FORCE_CHECK_HASHES=y and the
corresponding hash files. The .checkpackageignore is also updated to
reflect that change.

Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/11026771001

[1] https://gitlab.com/buildroot.org/buildroot/-/commit/dc0f7215c604e845009e03784a221332867bf35a
[2] https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=f07788079f515ca4a681c5f595bdad19cfbd7b1d
[3] https://elinux.org/Buildroot:DeveloperDaysELCE2024#Rules_for_defconfigs

Cc: Michel Stempin <michel.stempin@wanadoo.fr>
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-08-29 12:07:57 +02:00
Titouan Christophe 5a63bbb85e docs/download: rework download section
- Display active Buildroot versions as a table, similarly to kernel.org
- Add latest release date for all version
- Add expected End of Life dates for all versions
- Add link to the changelog

This makes the section much more compact, which makes it easier for
users to compare the versions and know what to expect from them

Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
Acked-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-08-29 12:06:26 +02:00
Julien Olivain c84762675c support/misc/gitlab-ci.yml.in: check legal-info in run_make
The script "utils/test-pkg" is systematically checking legal-info.
See [1]. This is useful to check all license hashes are up to date.

The Buildroot Gitlab CI integration has an identical testing
capability. It is faster because it can run all supported toolchain
test builds in parallel. See [2].

It was observed in [3] that the Gitlab CI test-pkg variant does not
check legal-info.

This commit align the Gitlab CI test-pkg behavior to the
"utils/test-pkg" script by adding legal-info in the run_make command
targets. Doing so checks legal-info in test-pkg cases, but also in
defconfigs (this was suggested by Arnout in [4]).

[1] https://gitlab.com/buildroot.org/buildroot/-/blob/2025.05/utils/test-pkg#L195
[2] https://gitlab.com/buildroot.org/buildroot/-/blob/2025.05/support/misc/gitlab-ci.yml.in#L129
[3] https://lore.kernel.org/buildroot/75e688887d95948c57a11416de3047b5@free.fr/
[4] https://lore.kernel.org/buildroot/614bec7e-0723-4bbd-8c3a-c801e91c29c3@rnout.be/T/#mcc803eeb38d09c1cc02b1333720845c54af86534

Cc: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-08-29 11:42:58 +02:00
Thomas Petazzoni b723ff555f package/b43-firmware: fix upstream URL
Unfortunately Larry Finger passed away in June 2024 [1], and
lwfinger.com is now squatted, and no longer has the same content as
before, causing a breakage when trying to download the 5.100.138
version of b43-firmware.

Since the exact same file is available from the OpenWrt mirror, and we
already use this mirror for the other b43-firmware version, let's use
the OpenWrt mirror for both.

Fixes:

  https://autobuild.buildroot.org/results/daf0aefbb10299f150c2c6a93df759ad07974752/

[1] https://lore.kernel.org/linux-wireless/77997185-86a6-41c5-af7a-74e4e9064437@lwfinger.net/

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-08-29 10:51:27 +02:00
Thomas Petazzoni ffd0028031 package/python3: drop !uclibc || headers 5.1 dependency
The following dependency:

  depends on !BR2_TOOLCHAIN_USES_UCLIBC || BR2_TOOLCHAIN_HEADERS_AT_LEAST_5_1

was added by commit d63e207eb8, which
bumped python3 from 3.12.9 to 3.13.2.

The commit message doesn't state it, but this dependency was introduced
because uClibc without time64 support (i.e. with kernel headers < 5.1)
causes a runtime assertion in Python [1]:

OverflowError: timestamp too large to convert to C PyTime_t

The problem is that this dependency has not been propagated to reverse
dependencies, causing this kind of kconfig warnings:

WARNING: unmet direct dependencies detected for BR2_PACKAGE_PYTHON3
  Depends on [n]: BR2_USE_WCHAR [=y] && BR2_USE_MMU [=y] && BR2_TOOLCHAIN_HAS_THREADS [=y] && !BR2_STATIC_LIBS [=n] && (!BR2_TOOLCHAIN_USES_UCLIBC [=y] || BR2_TOOLCHAIN_HEADERS_AT_LEAST_5_1 [=n])
  Selected by [y]:
  - BR2_PACKAGE_AVOCADO [=y] && BR2_USE_WCHAR [=y] && BR2_USE_MMU [=y] && BR2_TOOLCHAIN_HAS_THREADS [=y] && !BR2_STATIC_LIBS [=n]
  - BR2_PACKAGE_LIBSIGROKDECODE [=y] && BR2_USE_WCHAR [=y] && BR2_TOOLCHAIN_HAS_THREADS [=y] && BR2_USE_MMU [=y] && !BR2_STATIC_LIBS [=n]
  - BR2_PACKAGE_OPKG_UTILS [=y] && BR2_PACKAGE_BUSYBOX [=y] && BR2_USE_MMU [=y] && BR2_USE_WCHAR [=y] && BR2_TOOLCHAIN_HAS_THREADS [=y] && !BR2_STATIC_LIBS [=n]

However, propagating this dependency to all reverse dependencies of
python3 would be pretty annoying, especially as the dependency is kind
of "clunky". A configuration with uClibc and kernel headers < 5.1 is
such a corner case that it does not merit such complexity.

A later commit will check for this corner case at build time (while
allowing it in the .config). For now, already drop the dependency in
Config.in.

Cc: Vincent Fazio <vfazio@xes-inc.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>

[1] https://gitlab.com/buildroot.org/buildroot/-/issues/95#note_2348479811
2025-08-29 10:47:55 +02:00
Waldemar Brodkorb ba24015307 package/x11r7/xlib_libXt: bump to 1.3.1
Fixes http://autobuild.buildroot.net/results/40e2022a57170fd32fe9de1fdc042abb948288af/

For gcc-15 / C23 compatibility:

https://lists.freedesktop.org/archives/xorg-announce/2024-November/003560.html

Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
[Peter: add autobuilder ref, announcement, correct .hash file]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-08-29 10:32:41 +02:00
Thomas Petazzoni 2313c23242 package/lirc-tools: fix build with GCC 14.x
Since glibc 2.28, <sys/sysmacros.h> is no longer implicitly included
by <sys/types.h>, which means major() is only defined if you include
<sys/sysmacros.h>.

This wasn't really visible for a while in loadable plugins built by
lirc-tools as they could happily be built with undefined
symbols... except they would fail to load at runtime.

But then GCC 14.x brought more strict checking of having the function
prototype around, which now detects this issue at build time.

So the actual issue has been around since we switched to glibc 2.28,
but it only started failing to build since gcc 14.x. The first failure
is on August 2024, so this patch should be backported to our stable
branches.

The fix is backport from an upstream commit, post 0.10.2.

Fixes:

  https://autobuild.buildroot.net/results/2f64accd430d9467add3f1195f3f59eff8e99a4d/

Minimal reproducer:

 BR2_arm=y
 BR2_cortex_a9=y
 BR2_ARM_ENABLE_VFP=y
 BR2_TOOLCHAIN_EXTERNAL=y
 BR2_TOOLCHAIN_EXTERNAL_BOOTLIN=y
 BR2_TOOLCHAIN_EXTERNAL_BOOTLIN_ARMV7_EABIHF_GLIBC_STABLE=y
 BR2_INIT_NONE=y
 BR2_SYSTEM_BIN_SH_NONE=y
 # BR2_PACKAGE_BUSYBOX is not set
 BR2_PACKAGE_LIRC_TOOLS=y
 # BR2_TARGET_ROOTFS_TAR is not set

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-08-29 10:17:30 +02:00
Thomas Petazzoni edac3dba3b support/scripts/gen-bootin-toolchains: arcle-750d toolchain has no gdbserver
Since the build of gdbserver for ARC 750D is broken, Bootlin
toolchains since 2024.05 no longer provide gdbserver for ARC, causing
build failures when the autobuilders try to use it. Let's fix this by
telling gen-bootlin-toolchains that the arcle-750d toolchains don't
have gdbserver.

Fixes:

  https://autobuild.buildroot.net/results/77c865f941612e99d8b6a7f66b5bc06f90d6b7db/

Cc: Yuriy Kolerov <yuriy.kolerov@synopsys.com>
Cc: Alexey Brodkin <Alexey.Brodkin@synopsys.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-08-28 22:40:29 +02:00
Florian Larysch 47181a164c docs/manual: mention checkpackageignore file
Currently, the manual doesn't mention the checkpackageignore file at
all, leaving the user under the assumption that running "make
check-package" and running utils/check-package directly on the package
they have touched would be equivalent, when the former evaluates the
checkpackageignore file while the latter does not. This could cause them
to forget to remove stale entries from that file.

Point out this difference in behavior.

Signed-off-by: Florian Larysch <fl@n621.de>
[Arnout: add that stale lines should be removed from
.checkpackageignore]
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-08-28 22:22:55 +02:00
Thomas Perale 0bd88146ee python-yarl: bump to v1.20.1
Since the python-cython bump to v3.1.2 (see [1]), python-yarl has been
failing on the autobuilder with the following error message:

```
ERROR Missing dependencies:
	Cython~=3.0.0; python_version >= "3.12"
make: *** [package/pkg-generic.mk:273: /home/buildroot/instance-0/output-1/build/python-yarl-1.18.3/.stamp_built] Error 1
```

The cython dependency has been addressed in python-yarl v1.20.1, for
more information see the github issue [2].

For more information on the release, see:

  - https://github.com/aio-libs/yarl/releases/tag/v1.19.0
  - https://github.com/aio-libs/yarl/releases/tag/v1.20.0
  - https://github.com/aio-libs/yarl/releases/tag/v1.20.1

[1] b536caaec0 package/python-cython: bump to version 3.1.2
[2] https://github.com/aio-libs/yarl/pull/1514

Fixes: https://autobuild.buildroot.org/results/d36/d367b69b85a65fa94e923ecff3ba03723b2a6e88
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-08-28 22:15:31 +02:00
Thomas Petazzoni f87067d742 package/libftdi1: bump version to fix pkg-config file installation
Since the bump of libftdi1 to version v1.5-48-g22b4667a8 in commit
d8173e084e, the libftdi1.pc file is
installed in $(STAGING_DIR)/pkgconfig/libftdi1.pc instead of
$(STAGING_DIR)/lib/pkgconfig/libftdi1.pc, making it "invisible" to
pkg-config. This is turn causes flashrom to not find libftdi1 and
failing to build when libftdi1 is needed.

This issue is cause by CMAKE_INSTALL_LIBDIR being empty in libftdi1's
CMakeLists.txt, which in turn is due to include(GNUInstallDirs) being
missing. This has been fixed upstream a few commits later, so rather
than backporting a patch, let's just update to the commit containing
the fix, 5e67403c4fb5536a2effe2e91181dd73a2cff91b. The list of changes
upstream is:

5e67403c4fb5536a2effe2e91181dd73a2cff91b cmake: fix building static lib on windows/msvc
2e714eec137f86ca1950457d8226d8cb9b71c495 msvc: quiet uninteresting warnings
d96dbea887373f26755e9873b4ab020f922b7c3b fix unit var warning if ftdi_read_eeprom_location returned error, data would not be initialized
d31e3d5697eacbe87cd310b5bce615f3d8426cc0 cmake: fix elseif statement
c2b7c25e1272222c1719daea5761093fbc9c3010 msvc: fix shadowed variable warning
c4962c38a1ab470fbdc835c231567bd582eb5a5a msvc: fix warnings by using all enum values in case statements
2a992306c0acf938b29fa0cd5fbc160e24424209 Add SHAREDLIBS option
18499a2fa496c20e5e35590bb89eb701fa9fdfea Ignore VSCode temp folder
7676fb59ecd9fac9e5ea39439905c923ee7ee8c9 python/CMakeLists.txt: rework policy CMP0078
cfaec73e0a5ad9d05d62f1f5c393ab1c59ba771b C++ wrapper: get rid of the Boost dependency
12a8de0daba0816227c7010fc1b84d0abf70a500 .editorconfig: fix insert_final_newline option
3d7293651483130af9e8c5fe685d28b226baa99b Ignore clangd specific files
72e0e1e40126a2a9498fb249ca26a727bd670139 examples/async.c: remove unused includes
bfcdea286df81660b980a3bc91902b5970ff6347 examples/async.c: fix sometimes-uninitialized warning

(Yes the commit containing the fix is titled "cmake: fix building
static lib on windows/msvc", but because it adds
include(GNUInstallDirs), it also fixes our problem).

Fixes:

  https://autobuild.buildroot.net/results/3600a9b7f323b4610ac67feb7171c0e10b6383d7/

Cc: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Reviewed-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-08-28 22:13:10 +02:00
Thomas Petazzoni a933920ff0 configs/ts7680: remove defconfig, broken
This defconfig no longer builds:

  https://gitlab.com/buildroot.org/buildroot/-/jobs/11026774180

It has been broken for at least 2 months:

  https://gitlab.com/buildroot.org/buildroot/-/jobs?name=T%3Dts7680&kind=BUILD

It uses the outdated Linux 4.9 kernel, which is no longer maintained,
and no longer builds with recent toolchains.

Unless a fix is provided, this defconfig will be removed.

Fixes:

  https://gitlab.com/buildroot.org/buildroot/-/jobs/11026774180

Cc: Julien Grossholtz <julien.grossholtz@openest.io>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-08-28 15:16:31 +02:00
Thomas Petazzoni 1a3bae6424 configs/toradex_apalis_imx6: remove defconfig, broken
This defconfig no longer builds:

  https://gitlab.com/buildroot.org/buildroot/-/jobs/11026774072

It has been broken for at least 2 months:

  https://gitlab.com/buildroot.org/buildroot/-/jobs?name=T%3Dtoradex_apalis_imx6&kind=BUILD

It uses an outdated Linux 4.9 kernel, which no longer builds with
modern toolchains.

Unless a fix is provided, this defconfig will be removed.

Fixes:

  https://gitlab.com/buildroot.org/buildroot/-/jobs/11026774072

Cc: Sergio Prado <sergio.prado@e-labworks.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-08-28 15:16:10 +02:00
Thomas Petazzoni 908ce5b8bb configs/socrates_cyclone5: remove defconfig, broken
This defconfig no longer builds:

  https://gitlab.com/buildroot.org/buildroot/-/jobs/11026772887

It has been broken for at least 2 months:

  https://gitlab.com/buildroot.org/buildroot/-/jobs?name=T%3Dsocrates_cyclone5&kind=BUILD

It uses the outdated and not even LTS 4.16.7 Linux kernel, which no
longer builds with modern toolchains.

Unless a fix is provided, this defconfig will be removed.

Fixes:

  https://gitlab.com/buildroot.org/buildroot/-/jobs/11026772887

Cc: Michał Łyszczek <michal.lyszczek@bofc.pl>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-08-28 15:15:35 +02:00
Thomas Petazzoni 883ef369e4 configs/rock_pi_n8: remove defconfig, broken
This defconfig no longer builds:

  https://gitlab.com/buildroot.org/buildroot/-/jobs/11026769867

It has been broken for at least 2 months:

  https://gitlab.com/buildroot.org/buildroot/-/jobs?name=T%3Drock_pi_n8&kind=BUILD

This defconfig was maintained by Suniel Mahesh, but his e-mail at
Amarula is bouncing, so basically this defconfig is unmaintained.

Unless a fix is provided, this defconfig will be removed.

Fixes:

  https://gitlab.com/buildroot.org/buildroot/-/jobs/11026769867

Cc: Adam Duskett <adam.duskett@amarulasolutions.com>
Cc: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Cc: Jagan Teki <jagan@amarulasolutions.com>
Cc: Meena Murthy <meena.murthy@amarulasolutions.com>
Cc: Michael Trimarchi <michael@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-08-28 15:15:05 +02:00
Thomas Petazzoni 83af501540 configs/rock64: remove defconfig, broken
This defconfig no longer builds:

  https://gitlab.com/buildroot.org/buildroot/-/jobs/11026769723

It has been broken for at least 2 months:

  https://gitlab.com/buildroot.org/buildroot/-/jobs?name=T%3Drock64&kind=BUILD

The old u-boot-2020.07-rc4 no longer builds.

Unless a fix is provided, this defconfig will be removed.

Fixes:

    https://gitlab.com/buildroot.org/buildroot/-/jobs/11026769723

Cc: Michał Łyszczek <michal.lyszczek@bofc.pl>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-08-28 15:14:49 +02:00
Thomas Petazzoni caf055a96c configs/riotboard: remove defconfig, broken
This defconfig no longer builds:

  https://gitlab.com/buildroot.org/buildroot/-/jobs/11026769450

It has been broken for at least 2 months:

  https://gitlab.com/buildroot.org/buildroot/-/jobs?name=T%3Driotboard&kind=BUILD

It is using the outdated, not even LTS 4.18.x kernel, which most
likely explains why it no longer builds with modern toolchains.

Unless a fix is provided, this defconfig will be removed.

Fixes:

  https://gitlab.com/buildroot.org/buildroot/-/jobs/11026769450

Cc: Nikolay Dimitrov <nikolay.dimitrov@retrohub.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-08-28 15:14:26 +02:00
Thomas Petazzoni 54ac9c6450 configs/pine64_sopine: remove defconfig, broken
This defconfig no longer builds:

  https://gitlab.com/buildroot.org/buildroot/-/jobs/11012274147

It has been broken for at least 2 months:

  https://gitlab.com/buildroot.org/buildroot/-/jobs?name=T%3Dpine64_sopine&kind=BUILD

Unless a fix is provided, this defconfig will be removed.

Fixes:

  https://gitlab.com/buildroot.org/buildroot/-/jobs/11012274147

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-08-28 15:14:01 +02:00
Thomas Petazzoni 3601fb6fef configs/pcengines_apu2: remove defconfig, broken
This defconfig no longer builds:

  https://gitlab.com/buildroot.org/buildroot/-/jobs/11012274139

It is using the unmaintained, not even LTS 5.16 kernel, which no
longer builds with recent toolchains.

It has been broken for at least 2 months:

  https://gitlab.com/buildroot.org/buildroot/-/jobs?name=T%3Dpcengines_apu2&kind=BUILD

Unless a fix is provided, this defconfig will be removed.

Fixes:

  https://gitlab.com/buildroot.org/buildroot/-/jobs/11012274139

Cc: Danilo Bargen <mail@dbrgn.ch>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-08-28 15:13:45 +02:00
Thomas Petazzoni d1eadf2455 configs/orangepi_one_plus: remove defconfig, broken
This defconfig no longer builds:

  https://gitlab.com/buildroot.org/buildroot/-/jobs/11012274055

It has been broken for at least 2 months:

  https://gitlab.com/buildroot.org/buildroot/-/jobs?name=T%3Dorangepi_one_plus&kind=BUILD

Unless a fix is provided, this defconfig will be removed.

Fixes:

  https://gitlab.com/buildroot.org/buildroot/-/jobs/11012274055

Cc: Adam Duskett <adam.duskett@amarulasolutions.com>
Cc: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Cc: Jagan Teki <jagan@amarulasolutions.com>
Cc: Meena Murthy <meena.murthy@amarulasolutions.com>
Cc: Michael Trimarchi <michael@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-08-28 15:13:31 +02:00
Thomas Petazzoni ea24b22344 configs/orangepi_lite2: remove defconfig, broken
This defconfig no longer builds:

  https://gitlab.com/buildroot.org/buildroot/-/jobs/11012274018

It has been broken for at least 2 months:

  https://gitlab.com/buildroot.org/buildroot/-/jobs?name=T%3Dorangepi_lite2&kind=BUILD

Unless a fix is provided, this defconfig will be removed.

Fixes:

  https://gitlab.com/buildroot.org/buildroot/-/jobs/11012274018

Cc: Adam Duskett <adam.duskett@amarulasolutions.com>
Cc: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Cc: Jagan Teki <jagan@amarulasolutions.com>
Cc: Meena Murthy <meena.murthy@amarulasolutions.com>
Cc: Michael Trimarchi <michael@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-08-28 15:04:06 +02:00
Thomas Petazzoni 585527b872 configs/odroidxu4: remove defconfig, broken
This defconfig no longer builds:

  https://gitlab.com/buildroot.org/buildroot/-/jobs/11012273936

It has been broken for over 2 months:

  https://gitlab.com/buildroot.org/buildroot/-/jobs?name=T%3Dodroidxu4&kind=BUILD

Most likely the U-Boot version used is no longer compatible with
recent toolchains.

Unless a fix is provided, this defconfig will be removed.

Cc: Pierre Crokaert <pct@crookies.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-08-28 15:02:15 +02:00
Thomas Petazzoni ce76a11630 configs/galileo: remove defconfig, broken
This defconfig no longer builds:

  https://gitlab.com/buildroot.org/buildroot/-/jobs/11012273310

It started to break not long ago, about 1 month ago, most likely due a
toolchain update:

  https://gitlab.com/buildroot.org/buildroot/-/jobs?name=T%3Dgalileo&kind=BUILD

However, it is build a very old 3.14, which is anyway unmaintained,
and issues with newer toolchains are going to get worse and worse.

Unless a fix is provided, this defconfig is going to be removed.

Cc: Nicholas Sielicki <sielicki@yandex.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-08-28 15:01:07 +02:00
Thomas Petazzoni 9d1a7f5254 configs/chromebook_snow: remove defconfig, broken
This defconfig no longer builds:

  https://gitlab.com/buildroot.org/buildroot/-/jobs/11012273111

It has been failing for over 2 months:

  https://gitlab.com/buildroot.org/buildroot/-/jobs?name=T%3Dchromebook_snow&kind=BUILD

It builds a 4.15 kernel, which is not even a maintained LTS kernel.

Unless a fix is provided, this defconfig will be removed.

Cc: Alex Suykov <alex.suykov@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-08-28 15:00:03 +02:00
Thomas Petazzoni 509c63a49c configs/beelink_gs1: remove defconfig, broken
This defconfig no longer builds:

  https://gitlab.com/buildroot.org/buildroot/-/jobs/11012273071

It has been broken for at least 2 months:

  https://gitlab.com/buildroot.org/buildroot/-/jobs?name=T%3Dbeelink&kind=BUILD

Unless a fix is provided, this defconfig will be removed.

Cc: Clément Péron <peron.clem@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-08-28 13:43:57 +02:00
Thomas Petazzoni 754c399038 configs/bananapro: remove defconfig, broken
This defconfig no longer builds:

  https://gitlab.com/buildroot.org/buildroot/-/jobs/11012272989

It has been broken for at least 2 months, and it has no maintainer in
the DEVELOPERS file. We're adding Bartosz Bilas who has been the last
person doing updates to this defconfig.

Unless some fixes are provided, this defconfig will be dropped from
Buildroot.

Cc: Bartosz Bilas <b.bilas@grinn-global.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-08-28 13:43:24 +02:00
Thomas Petazzoni 76bd2fc38a configs/at91sam9rlek: remove defconfig, broken
This defconfig no longer builds:

  https://gitlab.com/buildroot.org/buildroot/-/jobs/11012272534

It is still based on the 4.8.6 kernel, which is not even an LTS
kernel, so we cannot easily update to fix the issues which are most
likely due to the newer gcc/binutils versions we're using now.

There is no DEVELOPERS entry attached to this configuration as well,
and this defconfig has been broken for at least 2 months, probably
more (our Gitlab CI history is only kept for ~2 months). So let's drop
it, unless someone volunteers to resurrect it.

Cc: Alexandre Belloni <alexandre.belloni@bootlin.com>
Cc: Ludovic Desroches <ludovic.desroches@microchip.com>
Cc: Nicolas Ferre <nicolas.ferre@microchip.com>
Cc: Patrice Vilchez <Patrice.Vilchez@microchip.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-08-28 13:38:53 +02:00
Thomas Petazzoni 5f4e2e61ff configs/at91sam9g45m10ek: remove defconfig, broken
This defconfig no longer builds:

  https://gitlab.com/buildroot.org/buildroot/-/jobs/11012272530

It is still based on the 4.8.6 kernel, which is not even an LTS
kernel, so we cannot easily update to fix the issues which are most
likely due to the newer gcc/binutils versions we're using now.

There is no DEVELOPERS entry attached to this configuration as well,
and this defconfig has been broken for at least 2 months, probably
more (our Gitlab CI history is only kept for ~2 months). So let's drop
it, unless someone volunteers to resurrect it.

Cc: Alexandre Belloni <alexandre.belloni@bootlin.com>
Cc: Ludovic Desroches <ludovic.desroches@microchip.com>
Cc: Nicolas Ferre <nicolas.ferre@microchip.com>
Cc: Patrice Vilchez <Patrice.Vilchez@microchip.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-08-28 13:38:29 +02:00
Thomas Petazzoni f9e0dc8ddf configs/at91sam9g20dfc: remove defconfig, broken
This defconfig no longer builds:

  https://gitlab.com/buildroot.org/buildroot/-/jobs/11012272524

It is still based on the 4.8.6 kernel, which is not even an LTS
kernel, so we cannot easily update to fix the issues which are most
likely due to the newer gcc/binutils versions we're using now.

There is no DEVELOPERS entry attached to this configuration as well,
and this defconfig has been broken for at least 2 months, probably
more (our Gitlab CI history is only kept for ~2 months). So let's drop
it, unless someone volunteers to resurrect it.

Cc: Alexandre Belloni <alexandre.belloni@bootlin.com>
Cc: Ludovic Desroches <ludovic.desroches@microchip.com>
Cc: Nicolas Ferre <nicolas.ferre@microchip.com>
Cc: Patrice Vilchez <Patrice.Vilchez@microchip.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-08-28 13:33:39 +02:00
Peter Korsgaard 56d9d5e8f0 Update for 2025.08-rc3
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-08-28 08:01:55 +02:00
Andreas Ziegler e13a3c95c1 DEVELOPERS: upgrade Andreas Ziegler's email address
The old one lasted for 10 years, lately spam
levels reached a rather uncomfortable level ...

Signed-off-by: Andreas Ziegler <br015@umbiko.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-08-27 23:55:58 +02:00
Thomas Petazzoni 34b585c099 package/liboauth: remove package
This package fails to build in the autobuilders:

  https://autobuild.buildroot.net/?reason=liboauth%

The last upstream release, 1.0.3, was done 11 years ago:

  https://sourceforge.net/projects/liboauth/

There is a Github repo at:

  https://github.com/x42/liboauth

with commits from 3 years ago, but no release.

We already carry a patch fixing the build with OpenSSL 1.1.x, which
has been submitted at https://github.com/x42/liboauth/issues/9 but
never merged, despite being opened since 2017.

This package also has no maintainer in DEVELOPERS, and it has no
reverse dependency in Buildroot, so let's get rid of it.

Fixes:

  https://autobuild.buildroot.net/results/8694ece6874a5fe297e707b12af85eeaef227675/

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-08-27 07:42:02 +02:00
Yacin Belmihoub-Martel c399b6d682 package/python-pyroute2: add missing python3 ssl dependency
Buildroot commit [1] "package/python-pyroute2: bump to version 0.9.4"
added the python3 ssl runtime dependency while updating the package
in the "next" branch. It incorrectly suggested the dependency was
introduced in version 0.9.4.

This dependency was in fact introduced in upstream commit [2],
first time included in pyroute2 0.8.1, which is the current version
in the Buildroot release stabilization branch. It is worth mentioning
that this package was updated to that version in Buildroot commit [3].

Running the command on target:

    python3 -c 'import pyroute2'

Fails at runtime with error:

    ModuleNotFoundError: No module named '_ssl'

This commit fixes the issue by adding this missing dependency,
the same was it was done in commit [1].

[1] https://gitlab.com/buildroot.org/buildroot/-/commit/786557d859dba7e52c883e5215e53e93fac13b88
[2] https://github.com/svinota/pyroute2/commit/e87c14581b883c12ecadc75bf0fd07bf359de842
[3] https://gitlab.com/buildroot.org/buildroot/-/commit/816641bbe1c60e881526510bd55fb2ed0d740298

Signed-off-by: Yacin Belmihoub-Martel <yacin.belmihoub-martel@silabs.com>
[Julien:
 - reword commit log
 - add the "runtime" comment
]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-08-26 23:55:36 +02:00
Edgar Bonet 36eed021b6 arch/Config.in.arm: fix typo in help text
Signed-off-by: Edgar Bonet <bonet@grenoble.cnrs.fr>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-08-26 22:00:25 +02:00
Neal Frager 30bc19f730 board/xilinx: remove xilinx_v2024.2 hashes
This patch removes the xilinx_v2024.2 hashes since all xilinx defconfigs have
been bumped to xilinx_v2025.1.

Signed-off-by: Neal Frager <neal.frager@amd.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-08-25 22:22:50 +02:00
Romain Naour 37741586af package/libv4l: backport fix jpeg-v9x/gcc-14.x build
This issue seems to caused by gcc-14 (added in 2024.05) which has
become the default version in 2025.08.

Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/11042295052 (TestZbar)
https://autobuild.buildroot.org/results/e0f/e0fac4a10181139d975c627f22a55d6681547d33

Signed-off-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-08-25 22:05:07 +02:00
Romain Naour e77bf9257e package/python-aexpect: backport Python 3.13 port
The module pipes is no longer part of the Python standard library. It
was removed in Python 3.13 after being deprecated in Python 3.11. The
last version of Python that provided the pipes module was Python 3.12.

A new 1.8.0 version that include this patch has just been released few
weeks ago [1].

[1] https://github.com/avocado-framework/aexpect/releases/tag/1.8.0

Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/11042294894 (TestPythonPy3Aexpect)

Signed-off-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-08-25 21:54:57 +02:00
Bernd Kuhls a3a1364f3d package/ffmpeg: security bump version to 6.1.3
Changelog:
http://git.videolan.org/?p=ffmpeg.git;a=blob;f=Changelog;h=01cd1ba06fa6570f34e41fd8374f543c7e181604;hb=01d3f764f79b2f571174a4cec855e651258f20ec

Fixes CVE-2023-6602:
https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=ceacc83011a0a5057769626faf14b9256bd3baa7
https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=c599745377199fa75fffb30058fb2a6f39d64ab7

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-08-25 21:21:56 +02:00
Daniel Lang 089731c8ea package/vim: security bump to version 9.1.1684
Fixes the following CVEs:
- CVE-2024-41957
- CVE-2024-41965
- CVE-2024-45306
- CVE-2024-47814
- CVE-2025-1215
- CVE-2025-22134
- CVE-2025-24014
- CVE-2025-26603
- CVE-2025-29768
- CVE-2025-53905
- CVE-2025-53906

README.txt got updated three times since the last bump:
- [0] updated some wording regarding who the developers are.
- [1] updated the link to the release archives
- [2] updated the goals of the project

netrw (the builtin file explorer of vim) changed maintainer and was
subsequently restructured [3]. Therefore we need to run installpack,
otherwise we run into this on startup (reported by Julien, thanks!):

Error detected while processing
/usr/share/vim/vim91/plugin/netrwPlugin.vim:
line    7:
E919: Directory not found in 'packpath': "pack/*/opt/netrw"
Press ENTER or type command to continue

[0]: https://github.com/vim/vim/commit/b75825f749cf87feb9ae8e7e5327bd2efe707c86
[1]: https://github.com/vim/vim/commit/4225f28855c5d3023662b3a90a70b22caf9b6ade
[2]: https://github.com/vim/vim/commit/2bfd1ee161e26ece8e5a72cdca4fff22d11728a2
[3]: https://github.com/vim/vim/commit/9cfdabb074feefc9848e9f7a4538f201e28c7f06

Signed-off-by: Daniel Lang <dalang@gmx.at>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-08-25 20:47:59 +02:00
Romain Naour bd397daf1c support/testing: TestXvisor: bump custom opensbi version to 1.6
Since Buildroot commit [1] "update to Bootlin toolchains 2025.08-1",
the TestXvisor fails when building xvisor with gcc 15.1.0.

Since xvisor is now fixed, opensbi 1.5 fail to build with gcc-15 for
the same reasons.

opensbi 1.6 include a fix for C23 enabled compilers [2]

[1] https://gitlab.com/buildroot.org/buildroot/-/commit/947dbc92a20c5acea7882166cae7893e6ea661e1
[2] https://github.com/riscv-software-src/opensbi/commit/d539d64a23bbd64ba324eed595449bcc9c7be0cb

Cc: Julien Olivain <ju.o@free.fr>
Signed-off-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-08-24 19:24:10 +02:00
Romain Naour 358b4116c7 package/xvisor: Use '-std=gnu11' to fix build with GCC 15
Since Buildroot commit [1] "update to Bootlin toolchains 2025.08-1",
the TestXvisor fails when building xvisor with gcc 15.1.0.

GCC 15 changed the default C standard version to C23 [2], resulting in
errors from the xvisor definitions of bool from core/include/vmm_types.h,
which is a reserved keyword under C23.

Since CFLAGS are hardcoded in the main Makefile, add '-std=gnu11' to
'cflags' to resolve the error.

[1] https://gitlab.com/buildroot.org/buildroot/-/commit/947dbc92a20c5acea7882166cae7893e6ea661e1
[2] https://gcc.gnu.org/gcc-15/porting_to.html

Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/11042295047

Cc: Julien Olivain <ju.o@free.fr>
Signed-off-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-08-24 19:24:06 +02:00
Alexis Lothoré b4d8147a95 package/php-lua: fix build with PHP8/GCC14
On both Buildroot 2025.02.x and master branch, php-lua build fails on
the following error:

lua.c:862:44: error: assignment to 'zend_object_write_property_t' {aka
'struct _zval_struct * (*)(struct _zend_object *, struct _zend_string *,
struct _zval_struct *, void **)'} from incompatible pointer type 'void
(*)(zval *, zval *, zval *, void **)' {aka 'void (*)(struct _zval_struct
*, struct _zval_struct *, struct _zval_struct *, void **)'}
[-Wincompatible-pointer-types]
  862 |         lua_object_handlers.write_property =
php_lua_write_property;
      |                                            ^
lua.c:863:44: error: assignment to 'zend_object_read_property_t' {aka
'struct _zval_struct * (*)(struct _zend_object *, struct _zend_string *,
int,  void **, struct _zval_struct *)'} from incompatible pointer type
'zval * (*)(zval *, zval *, int,  void **, zval *)' {aka 'struct
_zval_struct * (*)(struct _zval_struct *, struct _zval_struct *, int,
void **, struct _zval_struct *)'} [-Wincompatible-pointer-types]
  863 |         lua_object_handlers.read_property  =
php_lua_read_property;
      |                                            ^
make[2]: *** [Makefile:214: lua.lo] Error 1

The error can be reproduced with the following minimal defconfig:

BR2_arm=y
BR2_cortex_a9=y
BR2_ARM_ENABLE_NEON=y
BR2_ARM_ENABLE_VFP=y
BR2_ARM_FPU_NEON=y
BR2_TOOLCHAIN_EXTERNAL=y
BR2_TOOLCHAIN_EXTERNAL_BOOTLIN=y
BR2_PACKAGE_LUA=y
BR2_PACKAGE_PHP=y
BR2_PACKAGE_PHP_LUA=y

This build failure is the result of two events/conditions:
- the update to PHP8 has changed the prototype for
  zend_object_read_property_t (see [1]). But at this time, php-lua just
  generated a new warning (-Wincompatible-pointer-types)
- using bootlin bleeding-edge toolchain brings in GCC14, which now turns
  this warning into a systematic error (see [2])

This issue is still present on the upstream repository, but it has been
fixed on one of its forks. Bring the relevant patch from the fork to
allow building php-lua.

[1] https://github.com/php/php-src/commit/91ef4124e56
[2] https://gcc.gnu.org/gcc-14/porting_to.html#incompatible-pointer-types

Signed-off-by: Alexis Lothoré <alexis.lothore@bootlin.com>
[Romain: update Upstream link]
Signed-off-by: Romain Naour <romain.naour@smile.fr>
2025-08-24 17:30:44 +02:00
Thomas Perale fd313c4ceb package/cpp-httplib: add patch for CVE-2025-46728
Fix the following vulnerability:

- CVE-2025-46728

    cpp-httplib is a C++ header-only HTTP/HTTPS server and client library.
    Prior to version 0.20.1, the library fails to enforce configured size
    limits on incoming request bodies when `Transfer-Encoding: chunked` is
    used or when no `Content-Length` header is provided. A remote attacker
    can send a chunked request without the terminating zero-length chunk,
    causing uncontrolled memory allocation on the server. This leads to
    potential exhaustion of system memory and results in a server crash or
    unresponsiveness. Version 0.20.1 fixes the issue by enforcing limits
    during parsing. If the limit is exceeded at any point during reading,
    the connection is terminated immediately. A short-term workaround
    through a Reverse Proxy is available. If updating the library
    immediately is not feasible, deploy a reverse proxy (e.g., Nginx,
    HAProxy) in front of the `cpp-httplib` application. Configure the
    proxy to enforce maximum request body size limits, thereby stopping
    excessively large requests before they reach the vulnerable library
    code.

For more information, see:
  - https://www.cve.org/CVERecord?id=CVE-2025-46728
  - https://github.com/yhirose/cpp-httplib/commit/7b752106ac42bd5b907793950d9125a0972c8e8e

Signed-off-by: Thomas Perale <thomas.perale@mind.be>
(cherry picked from commit aea7c89396)
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-08-24 17:10:27 +02:00
Thomas Petazzoni d26f371758 support/testing: use again the default BR2_BACKUP_SITE
This reverts commit 559bb33ae7, which
was disabling BR2_BACKUP_SITE in our tests with the following
reasoning:

    support/testing: do not use s.b.o

    Currently, the runtime tests will use the sources.buildroot.org backup
    mirror, which is the default setup.

    However, in some cases we do not want to use the backup site, because we
    want to ensure that the download actually works.

    This is the case for vendored packages, like cargo or golang packages,
    for whbich we want to check that gthe download still works when we
    update the rust or go versions, or when our download helpers change.

    So, disable the use of the backup site in all runtime tests, and drop
    the no-longer needed special cases.

    Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
    Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

However, not using the backup site is causing a LOT of random failures
in Gitlab CI, making the results barely usable. Since it's more
important to get real failures than random ones due to download
issues, let's re-enable BR2_BACKUP_SITE in our testing infrastructure.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Romain Naour <romain.naour@smile.fr>
2025-08-24 16:50:33 +02:00
Bernd Kuhls 522b56cd50 {linux, linux-headers}: bump 6.{1, 6, 12, 16}.x series
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-08-24 16:36:21 +02:00
Bernd Kuhls 0ce896b28b package/linux-headers: drop 6.15.x option
The 6.15.x series is now EOL upstream, so drop the linux-headers
option and add legacy handling for it.

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-08-24 16:36:21 +02:00
Julien Olivain 8d6f9393ec support/testing: test_systemd_selinux: fix test after bootlin toolchains update
Since Buildroot commit [1] "update to Bootlin toolchains 2025.08-1",
the tests.init.test_systemd_selinux fails when building its
Kernel 6.1.26 with gcc 15.1.0.

This commit fixes the issue by updating the test Kernel to the
latest 6.1.y version (6.1.148 at the time of this commit) which
includes several fixes for gcc-15 like this one [2].

Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/10984685949
https://gitlab.com/buildroot.org/buildroot/-/jobs/10984685950

[1] https://gitlab.com/buildroot.org/buildroot/-/commit/947dbc92a20c5acea7882166cae7893e6ea661e1
[2] https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=0f82f6f1556389d6489795f03ac3f68cde99d5ad

Signed-off-by: Julien Olivain <ju.o@free.fr>
[Romain: Add a link to one of the kernel commit related to gcc-15]
Signed-off-by: Romain Naour <romain.naour@smile.fr>
2025-08-24 16:26:05 +02:00
Florian Larysch 2c627ac6b3 package/dtach: fix GCC 15 build
GCC 15 making C23 the default causes the dtach build to fail. Import the
upstream patch that fixes it.

Fixes: https://autobuild.buildroot.org/results/1ab/1ab2eead8309c138ad7a5190e2489e086c3d676d
Signed-off-by: Florian Larysch <fl@n621.de>
Signed-off-by: Romain Naour <romain.naour@smile.fr>
2025-08-24 16:14:50 +02:00
Thomas Petazzoni f74f7d4a03 package/weston: jpeg support needs jpeg-turbo
Since upstream commit 312efb2acba7dba80b6652ccf98339dcbbd47695, the
JPEG loading code is using jpeg_read_icc_profile(), which is only
available when the jpeg-turbo implementation is used, not the classic
libjpeg. When classic jpeg is used, the build fails with:

../shared/image-loader.c:163:14: error: implicit declaration of function 'jpeg_read_icc_profile' [-Wimplicit-function-declaration]
  163 |         if (!jpeg_read_icc_profile(cinfo, &profdata, &proflen)) {

This commit first appeared in development version 13.0.91 and stable
version 14.0.0, which means the problem exists in Buildroot since
commit 430b80cfc1, when weston was
bumped from 13.0.3 to 14.0.0.

So let's enable the JPEG logic only when jpeg-turbo is used.

Fixes:

  https://autobuild.buildroot.org/results/353e39902616bdbce40ac667e98cbaf51079f69e/

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-08-24 16:08:23 +02:00
Thomas Petazzoni c8edd532c2 package/weston: do not select JPEG, no longer needed
Since upstream commit 66e1614122c22d455cc3a28db08b3afac2b7be29, which
first appeared in version 1.11.0, back in 2016, jpeg is no longer a
mandatory dependency. And in fact, Buildroot no longer has it
unconditionally in WESTON_DEPENDENCIES since commit
f67a6e9b7a, but BR2_PACKAGE_WESTON is
still selecting in.

A build without libjpeg works just fine, so let's drop this select.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-08-24 16:08:23 +02:00
Thomas Petazzoni ddbad663e0 package/binutils: add patches to fix gprofng build with GCC 15.x
When BR2_BINUTILS_GPROFNG=y, the build currently fails with GCC 15.x,
of course on architectures for which gprofng is actually
available. This issue only exists in binutils 2.42 and 2.43.1, as
binutils 2.44 has the necessary fixes.

Therefore, this commit backports the relevant commits from binutils
2.44 to 2.43.1 and 2.42.

Fixes:

  https://autobuild.buildroot.net/results/7cf52019f87625c73ef3c4ca0b6270e20a4ab768/ (binutils 2.42)
  https://autobuild.buildroot.net/results/478e24af1a03dea5ec64b77ca611b4f7225c9d39/ (binutils 2.43.1)

The following defconfig, built under a Fedora 42 Docker container
allows to reproduce the issue:

 BR2_x86_nehalem=y
 BR2_BINUTILS_VERSION_2_42_X=y
 BR2_BINUTILS_GPROFNG=y
 BR2_INIT_NONE=y
 BR2_SYSTEM_BIN_SH_NONE=y
 # BR2_PACKAGE_BUSYBOX is not set
 # BR2_TARGET_ROOTFS_TAR is not set

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Romain Naour <romain.naour@smile.fr>
2025-08-24 15:50:59 +02:00
Thomas Petazzoni bfd75a5bd2 package/binutils: never build readline to fix GCC 15.x build issue
The binutils-gdb code base in Git does have a copy of readline that is
used by gdb.

The release tarballs of binutils do NOT contain readline as it's not
needed for binutils itself (only gdb).

However, when we build the ARC binutils, taken from Git, the readline/
folder is present, and therefore readline is built even if it is not
actually needed.

This causes build failures as the copy of readline in ARC binutils
2024.12 (based on binutils 2.43) does not build with GCC 15.x.

To work around this problem, we use a suggestion from Waldemar
Brodkorb: pass --with-system-readline. Indeed, this disables the build
of readline... but it does not actually check that we have a system
readline, since we're not building gdb.

Fixes:

  https://autobuild.buildroot.net/results/976243181f7000fe2790b3450bdae51e8c12769e/

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Romain Naour <romain.naour@smile.fr>
2025-08-24 15:23:37 +02:00
Thomas Petazzoni b1b3aab60d package/wayland: tweak wayland-scanner.pc after installation to fix SDL2 build issue
Some packages such as SDL2 do this:

WAYLAND_SCANNER=`$PKG_CONFIG --variable=wayland_scanner wayland-scanner`

to find the path to the wayland-scanner tool.

Of course, since SDL2 is compiled for the target, it does that using
the pkg-config configured for cross-compilation, which looks at
$(STAGING_DIR)/usr/lib/pkgconfig/wayland-scanner.pc.

Since it looks at the variable wayland_scanner, which doesn't get
prefixed by PKG_CONFIG_SYSROOT_DIR, the SDL2 configure script is told
that wayland-scanner is in /usr/bin/wayland-scanner causing this kind
of build failure:

/bin/bash: line 1: /usr/bin/wayland-scanner: No such file or directory
/bin/bash: line 1: /usr/bin/wayland-scanner: No such file or directory

when building SDL2.

The target wayland package depends on host-wayland, which most notably
is responsible for installing wayland-scanner in $(HOST_DIR)/bin.

So in order to fix the SDL2 build issue but in a global way (possibly
helping other packages), what this patch does is tweak the
wayland-scanner.pc installed by the target wayland so that its
wayland_scanner variable points to the host wayland-scanner
executable. We find this a better solution than passing a
WAYLAND_SCANNER variable to each and every package that needs
wayland-scanner.

The issue is not visible in the autobuilders, but can be reproduced
using the following defconfig:

 BR2_arm=y
 BR2_cortex_a9=y
 BR2_ARM_ENABLE_VFP=y
 BR2_TOOLCHAIN_EXTERNAL=y
 BR2_TOOLCHAIN_EXTERNAL_BOOTLIN=y
 BR2_INIT_NONE=y
 BR2_SYSTEM_BIN_SH_NONE=y
 # BR2_PACKAGE_BUSYBOX is not set
 BR2_PACKAGE_SDL2=y
 BR2_PACKAGE_SDL2_WAYLAND=y
 BR2_PACKAGE_SDL2_OPENGLES=y
 BR2_PACKAGE_RPI_USERLAND=y
 BR2_PACKAGE_WAYLAND=y
 # BR2_TARGET_ROOTFS_TAR is not set

Note: Make sure that wayland-scanner is not be installed on the build
host to reproduce the issue.

The issue probably exists since WAYLAND_SCANNER was retrieved using
pkg-config in SDL2's configure.ac script, in upstream commit
19d3500ae19636f3f410e270f12e0bc5e83410d4, which got first introduced
in release-2.0.5 of SDL2.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
[Romain: add a comment about wayland-scanner to reproduce the issue]
Signed-off-by: Romain Naour <romain.naour@smile.fr>
2025-08-24 14:10:57 +02:00
Thomas Petazzoni 0f20d9a9b8 package/rpi-userland: fix build with GCC 15.x
The following defconfig:

 BR2_arm=y
 BR2_cortex_a9=y
 BR2_ARM_ENABLE_VFP=y
 BR2_TOOLCHAIN_EXTERNAL=y
 BR2_TOOLCHAIN_EXTERNAL_BOOTLIN=y
 BR2_INIT_NONE=y
 BR2_SYSTEM_BIN_SH_NONE=y
 # BR2_PACKAGE_BUSYBOX is not set
 BR2_PACKAGE_RPI_USERLAND=y
 # BR2_TARGET_ROOTFS_TAR is not set

will fail to build due to two issues in various part of rpi-userland
making GCC 15.x unhappy.

Patch 0008-Fix-conflicting-types-build-error.patch is taken from a
pull request already submitted by a contributor to the upstream
project.

Patch 0009-Fix-raspicommonsettings_parse_cmdline.patch is backported
from upstream, and can be dropped next time we bump rpi-userland.

Note that there are no autobuilder failures for this issue.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Romain Naour <romain.naour@smile.fr>
2025-08-24 13:01:48 +02:00
Thomas Petazzoni a68899d49e package/python3: work around GCC bug 121567
When Python 3 is built with -O2 or -O3 on SuperH, the build fails
with:

Objects/obmalloc.c:503:1: error: unable to find a register to spill in class ‘R0_REGS’
  503 | }
      | ^
Objects/obmalloc.c:503:1: error: this is the insn:
(insn 18 243 23 2 (parallel [
            (set (subreg:SI (reg:QI 176) 0)
                (unspec_volatile:SI [
                        (mem/v:QI (reg:SI 4 r4 [175]) [-1  S1 A32])
                        (reg:QI 7 r7 [178])
                        (reg:QI 6 r6 [180])
                    ] UNSPECV_CMPXCHG_1))
            (set (mem/v:QI (reg:SI 4 r4 [175]) [-1  S1 A32])
                (unspec_volatile:QI [
                        (const_int 0 [0])
                    ] UNSPECV_CMPXCHG_2))
            (set (reg:SI 147 t)
                (unspec_volatile:SI [
                        (const_int 0 [0])
                    ] UNSPECV_CMPXCHG_3))
            (clobber (scratch:SI))
            (clobber (reg:SI 0 r0))
            (clobber (reg:SI 1 r1))
        ]) "./Include/cpython/pyatomic_gcc.h":105:10 407 {atomic_compare_and_swapqi_soft_gusa}
     (expr_list:REG_DEAD (reg:QI 6 r6 [180])
        (expr_list:REG_DEAD (reg:QI 7 r7 [178])
            (expr_list:REG_UNUSED (reg:QI 176)
                (expr_list:REG_UNUSED (reg:SI 1 r1)
                    (expr_list:REG_UNUSED (reg:SI 0 r0)
                        (nil)))))))
Objects/obmalloc.c:503: confused by earlier errors, bailing out

THe bug has been reported upstream, but until it gets fixed, let's
work it around by using -O1 instead. Note that
BR2_TOOLCHAIN_HAS_GCC_BUG_121567 is only set when -O2 or -O3 is
configured, so there's no need to check again.

Fixes:

  https://autobuild.buildroot.net/results/cac123ee9f3a6df6263b69dce3ac0d535518ec3f/

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-08-24 12:29:30 +02:00
Thomas Petazzoni 1838d8e5ea toolchain/Config.in: add BR2_TOOLCHAIN_HAS_GCC_BUG_121567
This will be needed to work around a GCC bug affecting python3. The
bug is reported at
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=121567.

This bug affects GCC at least since 6.x, but we couldn't test earlier
versions, so we simply assume all GCC versions are affected. Even GCC
15.x is still affected, as reported to upstream GCC.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-08-24 12:29:27 +02:00
Thomas Petazzoni 6b410a5fd8 package/python3: bump to 3.13.7
This is a minor version bump.

Release notes of 3.13.6:

https://www.python.org/downloads/release/python-3136/

"3.13.6 is the sixth maintenance release of 3.13, containing around
200 bugfixes, build improvements and documentation changes since
3.13.5.

Release notes of 3.13.7:

https://www.python.org/downloads/release/python-3137/

"3.13.7 is an expedited release to fix a significant issue with the
3.13.6 release:

gh-137583: Regression in ssl module between 3.13.5 and 3.13.6: reading
from a TLS-encrypted connection blocks"

Patches are just refreshed, except patch
0009-3.13-gh-130577-tarfile-now-validates-archives-to-ens.patch which
is dropped as it is upstream as of commit
cdae923ffe187d6ef916c0f665a31249619193fe. The corresponding
_IGNORE_CVES entry is also removed.

Passes our basic Python 3 tests:

  https://gitlab.com/tpetazzoni/buildroot/-/pipelines/1990154299

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
[Julien: remove _IGNORE_CVES for removed patch #0009]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-08-24 12:24:50 +02:00
Thomas Petazzoni 164d6e65c7 linux: CIP 5.10 versions not available for Loongarch
Loongarch support was added upstream in Linux 5.19, so it is not
available in the CIP versions that are based on 5.10. Prevent from
selecting those kernel versions when Loongarch is used.

Fixes:

  https://autobuild.buildroot.net/results/eebcf605f8f868a668960152f30c08f700405a4d/

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Romain Naour <romain.naour@smile.fr>
2025-08-24 11:41:03 +02:00
Thomas Petazzoni d402ffe276 package/linux-headers: do not allow old kernel headers on Loongarch
Loongarch support was added to the upstream Linux kernel in version
5.19, so when versions 5.4, 5.10 or 5.15 are selected, the "build" of
the kernel headers fails:

Makefile:717: arch/loongarch/Makefile: No such file or directory
make[1]: *** No rule to make target 'arch/loongarch/Makefile'.  Stop.

Fixes:

  https://autobuild.buildroot.net/results/b27fc299d14b7bc59dab5dae6deb9cc8bd400a3d/ (5.15)
  https://autobuild.buildroot.net/results/1621e9de1170acc5229f99568b35155b6c668b05/ (5.10)
  https://autobuild.buildroot.net/results/2a28e37ee8500d165137c14945000770346e9541/ (5.4)

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Romain Naour <romain.naour@smile.fr>
2025-08-24 11:41:00 +02:00
Henri Roosen ad75a5d478 package/wpewebkit: needs host-cmake >= 3.20
Since commit-2882cf4ae649 ("package/wpewebkit: security bump to version
2.48.3") wpewebkit depends on cmake 3.20.
Fixes build on current Debian LTS (bullseye) which has only 3.18.4.

>>> wpewebkit 2.48.3 Configuring
...
CMake Error at CMakeLists.txt:9 (cmake_minimum_required):
  CMake 3.20 or higher is required.  You are running version 3.18.4
-- Configuring incomplete, errors occurred!
make: *** [package/pkg-generic.mk:263: /../buildroot/output/build/wpewebkit-2.48.3/.stamp_configured] Error 1

Fixes: 2882cf4ae6
Signed-off-by: Henri Roosen <henri.roosen@ginzinger.com>
Acked-By: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Romain Naour <romain.naour@smile.fr>
2025-08-24 00:09:33 +02:00
Thomas Petazzoni 25918f455c package/gdbm: add upstream patch to fix GCC 15.x issues
Fixes:

  https://autobuild.buildroot.net/results/3bffec1eba130b3ad7ec270d870c04c2659fce8d/

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit bbec805717)
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-08-23 23:27:59 +02:00
Bernd Kuhls 7c820d45cd package/{mesa3d, mesa3d-headers}: bump version to 25.1.8
Release notes of the bugfix-only release:
https://lists.freedesktop.org/archives/mesa-announce/2025-August/000817.html

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-08-23 22:03:56 +02:00
Thomas Petazzoni 7acaff2d9b package/sdl: fix build with GCC 15.x with X.org support enabled
When building:

 BR2_arm=y
 BR2_cortex_a9=y
 BR2_ARM_ENABLE_VFP=y
 BR2_TOOLCHAIN_EXTERNAL=y
 BR2_TOOLCHAIN_EXTERNAL_BOOTLIN=y
 BR2_INIT_NONE=y
 BR2_SYSTEM_BIN_SH_NONE=y
 # BR2_PACKAGE_BUSYBOX is not set
 BR2_PACKAGE_SDL=y
 BR2_PACKAGE_SDL_X11=y
 BR2_PACKAGE_XORG7=y
 # BR2_TARGET_ROOTFS_TAR is not set

the build fails with:

./src/video/Xext/Xv/Xv.c:78:5: error: initialization of ‘int (*)(Display *, XEvent *, xEvent *)’ {aka ‘int (*)(Display *, XEvent *, struct _xEvent *)’} from incompatible pointer type ‘int (*)(void)’ [-Wincompatible-pointer-types]

and a number of similar errors in the X.org code.

We fix this by backporting an upstream commit.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Romain Naour <romain.naour@smile.fr>
2025-08-23 20:19:37 +02:00
Thomas Petazzoni da3996a39d package/sdl: improve existing patches
- Replace patch 0001 by a properly Git-formatted patch, cherry-picked
  from the upstream Git repository at
  https://github.com/libsdl-org/SDL-1.2

- Add Upstream: tags on both patches, with the upstream Git
  commit. Updated .checkpackageignore accordingly.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Romain Naour <romain.naour@smile.fr>
2025-08-23 20:19:34 +02:00
Thomas Petazzoni cff52ab07c support/scripts/cve.py: handle CVEs with 'configurations' but no 'nodes' inside
The each_cpe() method is careful that some CVEs have no
"configurations", but some CVEs such as
https://nvd.nist.gov/vuln/detail/CVE-2025-32915 apparently have a
"configurations" node, but no "nodes" inside the "configurations",
causing an exception:

Traceback (most recent call last):
  File "/home/buildroot/buildroot-stats/./support/scripts/pkg-stats", line 1382, in <module>
    __main__()
  File "/home/buildroot/buildroot-stats/./support/scripts/pkg-stats", line 1371, in __main__
    check_package_cves(args.nvd_path, packages)
  File "/home/buildroot/buildroot-stats/./support/scripts/pkg-stats", line 679, in check_package_cves
    check_package_cve_affects(cve, cpe_product_pkgs)
  File "/home/buildroot/buildroot-stats/./support/scripts/pkg-stats", line 638, in check_package_cve_affects
    for product in cve.affected_products:
                   ^^^^^^^^^^^^^^^^^^^^^
  File "/home/buildroot/buildroot-stats/support/scripts/cve.py", line 185, in affected_products
    return set(cpe_product(p['id']) for p in self.each_cpe())
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/home/buildroot/buildroot-stats/support/scripts/cve.py", line 185, in <genexpr>
    return set(cpe_product(p['id']) for p in self.each_cpe())
              ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/home/buildroot/buildroot-stats/support/scripts/cve.py", line 173, in each_cpe
    for node in nodes['nodes']:
                ~~~~~^^^^^^^^^
KeyError: 'nodes'

Fixes:
  54f8d97c91 ("support/scripts/pkg-stats: adapt to NVD v2 json format")

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
[Romain:
  - add reference to buildroot commit introducing the issue
  - a similar patch was sent by Daniel Lang (thanks!)
  - needed on master to fix "Daily results" email]
(cherry picked from commit 67422b9d9c)
Signed-off-by: Romain Naour <romain.naour@smile.fr>
2025-08-23 20:12:44 +02:00
Thomas Petazzoni d1553b47e0 package/gpm: fix build with GCC 15.x
Import upstream-submitted patches that fix the build with GCC 15.x.

Fixes:

  https://autobuild.buildroot.net/results/a6b25e6795682a18dff3c88519833663da2134d9/

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-08-23 18:50:11 +02:00
Thomas Petazzoni 103f75bfab package/p11-kit: fix build with GCC 15.x
The AC_HEADER_STDBOOL macro used in configure.ac is expanded in the
shipped ./configure by a fairly old version, which misdetects our
<stdbool.h> as being not usable. Consequently, the code defines its
own bool type, with true/false, clashing with GCC 15.x.

Doing a pass of autoreconf addresses the problem.

The autoreconf needs pkg.m4, which comes from host-pkgconf, added as a
dependency.

Note that host-pkgconf was already a dependency for one of the
optional dependencies of p11-kit, and we're keeping it there even
though host-pkgconf is now also an unconditional dependency as we
expect this unconditional host-pkgconf dependency to be removed when
we drop autoreconf.

Fixes:

  https://autobuild.buildroot.net/results/760df1a8c21afa893ade5181ce797e14c1f6bdce/

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-08-23 18:40:46 +02:00
Thomas Petazzoni 41463deed4 package/liblog4c-localtime: fix build with GCC 15.x
Add simple patch, submitted upstream, to fix the build with GCC 15.x:

userloc_formatter.c: In function 'userloc_format':
userloc_formatter.c:30:5: error: implicit declaration of function 'sd_debug' [-Wimplicit-function-declaration]
   30 |     sd_debug("Formatter s13_userloc checking location info for userdata %X",a_event->evt_loc->loc_data);
      |     ^~~~~~~~
make[4]: *** [Makefile:519: userloc_formatter.lo] Error 1

Fixes:

  https://autobuild.buildroot.org/results/dab64025e6a1688d5fadc2b9bd3738a2c886aa9c/

Considering the level of upstream maintenance, we did hesitate with
dropping the package, but as the fix was quite simple, we did the fix
instead.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-08-23 18:34:35 +02:00
Peter Korsgaard c53f5e78fc package/proftpd: fix build w/ gcc-15
The source code contains a number of variables named 'bool', which conflicts
with the C23 keyword.  This is fixed upstream in 1.3.9 with
https://github.com/proftpd/proftpd/commit/61be7eb14f200b97804a3cfa85fed51661067c62
but that unfortunately does not cleanly backport to 1.3.8, so instead use
-std=gnu18 when building with GCC >= 15 to fix the following issues:

table.c:1280:31: error: ‘bool’ cannot be used here
 1280 | int table_handling_signal(int bool) {
      |                               ^~~~
table.c:1280:31: note: ‘bool’ is a keyword with ‘-std=c23’ onwards

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-08-22 22:14:10 +02:00
Peter Korsgaard 90be04d4d3 package/proftpd: bump to version 1.3.8d
Bugfix release, fixing the following issues:

1.3.8d - Released 14-Mar-2025
--------------------------------
- Issue 1855 - Use of HideNoAccess for SFTP sessions can lead to segfault
  and/or unexpected behavior.
- Issue 1876 - SFTP channel allocations can lead to high memory utilization
  over time.

1.3.8c - Released 11-Dec-2024
--------------------------------
- Issue 1770 - Using FTPS after upgrading from 1.3.8a to 1.3.8b leads to crash.
- Issue 1785 - Bad handling of lack of extended attributes leads to SFTP out of
  memory error.
- Issue 1529 - mod_sftp_sql logs "header value too long" due to unexpected key
  header text.
- Issue 1839 - SSH ECDSA host key algorithms not be used as expected despite
  configuring appropriate key.
- Issue 1840 - RADIUS Message-Authenticator verification failed with ProFTPD
  mod_radius.
- Issue 1830 - Supplemental group inheritance grants unintended access to
  GID 0 due to lack of supplemental groups from mod_sql.

https://github.com/proftpd/proftpd/blob/1.3.8/NEWS

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-08-22 22:13:57 +02:00
Peter Korsgaard b73853cf7f package/dump1090: fix build w/ gcc-15
Fixes https://autobuild.buildroot.org/results/dbf55d0fd8d779f408e7ccca4c2a9083e7a11f6a/

GCC-15 has gained a new warning about non-NUL terminated strings and
dump1090 is built with -Werror leading to build errors like:

interactive.c:143:23: error: initializer-string for array of 'char' truncates
 NUL terminator but destination lacks 'nonstring' attribute (5 chars into 4
 available) [-Werror=unterminated-string-initialization]
  143 |     char spinner[4] = "|/-\\";

Add a patch from an upstream pull request to fix this by zero terminating
the strings.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-08-22 22:07:39 +02:00
Frank Chung 13e778fcf1 package/lrzsz: fix build with gcc 15
Import upstream pull request https://github.com/UweOhse/lrzsz/pull/8
to fix GCC 15.x build issues. This pull request also replaces our
patch 0002, which is dropped by this commit.

Fixes:

  https://autobuild.buildroot.net/results/a1a5aad2ccc69aeff586d7a83620f10d51ccfdb6/

Signed-off-by: Frank Chung <uuidxx@163.com>
[Thomas:
- Added two more backports needed to fix the build
- Used the actual patch submitted in the pull request, rendering our
  0002 patch useless
- Defined ac_cv_type_signal as a workaround to a configure script issue]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-08-22 12:32:50 +02:00
Thomas Petazzoni 2c6a292b93 configs/ci20: U-Boot needs host-openssl
Very likely since the bump of U-Boot from 2020.07 to 2024.01 in commit
dedb7dc6d6, U-Boot needs host-openssl,
so let's add the necessary dependency.

With this change ci20_defconfig builds again:

  https://gitlab.com/tpetazzoni/buildroot/-/jobs/11054480107

Fixes:

  https://gitlab.com/buildroot.org/buildroot/-/jobs/11012273114

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-08-22 00:30:28 +02:00
Michael Trimarchi a9d487ae5d configs/imx6ulz_bsh_smm_m2_defconfig: Fix processor VFP
imx6ull is compatible with VFPV4. Update it from VFPV3

Signed-off-by: Michael Trimarchi <michael@amarulasolutions.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-08-21 23:39:53 +02:00
Florian Larysch a5da7ee5a8 package/libjwt: require openssl
Ever since upstream commit 01dd6da ("Rework the entire API"), first
introduced as part of release v3.0.0, openssl is a hard requirement for
building libjwt. As such, "-DWITH_OPENSSL=ON" also has become a no-op.

In Buildroot, this has been masked somewhat by the implicit select when
gnutls is disabled, but a failure can be reproduced using test-pkg with
a config like:

BR2_PACKAGE_GNUTLS=y
BR2_PACKAGE_LIBJWT=y

Fix this by requiring openssl. Furthermore, building against libressl
does not work because libjwt requires API surface that is not present
there[1], so we need to force libopenssl.

[1] https://autobuild.buildroot.org/results/463/4638a7d46c149ca0f46d3fe5f5f90dc5ee9d1e03

Signed-off-by: Florian Larysch <fl@n621.de>
[Peter: drop gnutls logic support for simplicity]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-08-21 23:20:44 +02:00
Thomas Petazzoni a80b13fc63 configs/kontron_pitx_imx8m: remove defconfig, broken
This defconfig no longer builds:

  https://gitlab.com/buildroot.org/buildroot/-/jobs/11012273666

It has been broken for over 2 months:

  https://gitlab.com/buildroot.org/buildroot/-/jobs?name=T%3Dkontron_pitx_imx8m&kind=BUILD

Unless a fix is provided, this defconfig will be removed.

Cc: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Acked-By: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-08-21 23:11:23 +02:00
Thomas Petazzoni 070d91ed04 configs/{canaan_kd233, sipeed*}: use BR2_LINUX_KENREL_IMAGE_TARGET_NAME
Since commit cb4f11a696 ("linux: handle
empty BR2_LINUX_KERNEL_IMAGE_TARGET_NAME situation"), we error out if
BR2_LINUX_KERNEL_IMAGE_TARGET_CUSTOM=y but
BR2_LINUX_KERNEL_IMAGE_TARGET_NAME is empty, which is exactly the case
of the RISC-V configurations being fixed by this commit.

They define the BR2_LINUX_KERNEL_IMAGE_NAME variable, but not
BR2_LINUX_KERNEL_IMAGE_TARGET_NAME, while BR2_LINUX_KERNEL_IMAGE_NAME
will automatically default to BR2_LINUX_KERNEL_IMAGE_TARGET_NAME if
BR2_LINUX_KERNEL_IMAGE_NAME is not provided.

It probably used to work because specifying an empty make target was
generating the right images, and they did have the name specified in
BR2_LINUX_KERNEL_IMAGE_TARGET_NAME. But with the additional check
added in cb4f11a696 this scenario is no
longer supported.

Fixes:

              canaan_kd233 | https://gitlab.com/buildroot.org/buildroot/-/jobs/11012273088
           sipeed_maix_bit | https://gitlab.com/buildroot.org/buildroot/-/jobs/11026771237
    sipeed_maix_bit_sdcard | https://gitlab.com/buildroot.org/buildroot/-/jobs/11026771342
          sipeed_maix_dock | https://gitlab.com/buildroot.org/buildroot/-/jobs/11026771387
   sipeed_maix_dock_sdcard | https://gitlab.com/buildroot.org/buildroot/-/jobs/11026771472
            sipeed_maix_go | https://gitlab.com/buildroot.org/buildroot/-/jobs/11026771505
     sipeed_maix_go_sdcard | https://gitlab.com/buildroot.org/buildroot/-/jobs/11026771581
          sipeed_maixduino | https://gitlab.com/buildroot.org/buildroot/-/jobs/11026771663
   sipeed_maixduino_sdcard | https://gitlab.com/buildroot.org/buildroot/-/jobs/11026771885

Cc: Damien Le Moal <dlemoal@kernel.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Reviewed-by: Damien Le Moal <dlemoal@kernel.org>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-08-21 19:03:23 +02:00
Peter Korsgaard 5d46144eb3 Update for 2025.08-rc2
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-08-21 09:08:59 +02:00
Angelo Compagnucci c9f4328ef4 package/jq: security bump to version 1.8.1
Changelog:
https://github.com/jqlang/jq/releases/tag/jq-1.8.1

COPYING:
Add LICENSE notice of NetBSD's strptime() to COPYING
https://github.com/jqlang/jq/commit/78045d8aa9d155ec0f82ab102aa752300c2349f1

Fixes the following security issues:

- CVE-2025-49014: Fix heap use after free in f_strftime, f_strflocaltime.

  https://www.cve.org/CVERecord?id=CVE-2025-49014

- GHSA-f946-j5j2-4w5m: Fix stack overflow in node_min_byte_len of oniguruma.

  https://github.com/jqlang/jq/security/advisories/GHSA-f946-j5j2-4w5m

Signed-off-by: Angelo Compagnucci <angelo.compagnucci@gmail.com>
[Peter: fix license info]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-08-21 08:44:05 +02:00
Thomas Petazzoni e002ec3773 linux: enable BR2_LINUX_KERNEL_NEEDS_HOST_OPENSSL on a few more architectures
This commit is an extension of
5dae966a30 ("linux: select
BR2_LINUX_KERNEL_NEEDS_HOST_OPENSSL when needed"), which solves
autobuilder issues by making sure that
BR2_LINUX_KERNEL_NEEDS_HOST_OPENSSL is automatically enabled on some
architecture if the default architecture defconfig is used and the
latest kernel is built (which is what happens in the autobuilders).

This new commit adds BR2_or1k and BR2_riscv to the list to fix
autobuilder issues.

Fixes:

  https://autobuild.buildroot.org/results/1a739eee39bdef8986279a9e21f8637fbe263353/ (or1k)
  https://autobuild.buildroot.org/results/acb62b7a486f3f8e99c6cc2b52b0c259bfa18a0e/ (riscv)

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-08-20 19:06:13 +02:00
Florian Larysch ce5d173571 package/vorbis-tools: security bump to version 1.4.3
This is a bugfix release that among other things includes the GCC 14
build fix and resolves CVE-2023-43361.

Changelog: https://github.com/xiph/vorbis-tools/blob/v1.4.3/CHANGES

Fixes:
https://www.cve.org/CVERecord?id=CVE-2023-43361

Signed-off-by: Florian Larysch <fl@n621.de>
[Julien:
 - reword commit log title to add "security"
 - add link to CVE in commit log
]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-08-20 18:41:36 +02:00
Peter Korsgaard ed03bdb360 package/gstreamer1-editing-services: bump to version 1.24.13
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-08-20 17:52:33 +02:00
Peter Korsgaard b60aa70d4c package/gst1-vaapi: bump to version 1.24.13
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-08-20 17:52:31 +02:00
Peter Korsgaard 3508cc5c59 package/gst1-rtsp-server: bump to version 1.24.13
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-08-20 17:52:28 +02:00
Peter Korsgaard fbc7d7b7ff package/gst1-python: bump to version 1.24.13
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-08-20 17:52:24 +02:00
Peter Korsgaard 74f4c954a3 package/gst1-libav: bump to version 1.24.13
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-08-20 17:52:21 +02:00
Peter Korsgaard d730e330ae package/gst1-devtools: bump to version 1.24.13
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-08-20 17:52:18 +02:00
Peter Korsgaard 5e64c381cc package/gst1-plugins-ugly: bump to version 1.24.13
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-08-20 17:52:08 +02:00
Peter Korsgaard 3b93ee15ac package/gst1-plugins-bad: bump to version 1.24.13
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-08-20 17:52:05 +02:00
Peter Korsgaard 4d9e973d72 package/gst1-plugins-good: security bump to version 1.24.13
Fixes the following vulnerabilities:

- CVE-2025-47219: An Out-of-bounds read in the MOV/MP4 demuxer that can
  cause crashes or potentially information leaks for certain input files.

  https://gstreamer.freedesktop.org/security/sa-2025-0004.html

- CVE-2025-47183: An Out-of-bounds read in the MOV/MP4 demuxer that can
  cause crashes or potentially information leaks for certain input files.

  https://gstreamer.freedesktop.org/security/sa-2025-0005.html

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-08-20 17:51:51 +02:00
Peter Korsgaard 7ae23dc70f package/gst1-plugins-base: security bump to version 1.24.13
Fixes the following vulnerabilities:

- CVE-2025-47806: A stack buffer overflow in the SubRip subtitle parser that
  can cause crashes for certain input files.

  https://gstreamer.freedesktop.org/security/sa-2025-0006.html

- CVE-2025-47807: NULL-pointer dereference in the SubRip subtitle parser
  that can cause crashes for certain input files.

  https://gstreamer.freedesktop.org/security/sa-2025-0002.html
  https://gstreamer.freedesktop.org/security/sa-2025-0003.html

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-08-20 17:51:48 +02:00
Peter Korsgaard f001f40c8b package/gstreamer1: bump to version 1.24.13
For various bugfixes. For details, see the release notes:
https://gstreamer.freedesktop.org/releases/1.24/

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-08-20 17:51:46 +02:00
Peter Korsgaard 84276c0449 package/go: security bump to version 1.23.12
go1.23.11 (released 2025-07-08) includes security fixes to the go command,
as well as bug fixes to the compiler, the linker, and the runtime.
See:
- https://go.dev/doc/devel/release#go1.23.11
- https://github.com/golang/go/issues?q=milestone%3AGo1.23.11+label%3ACherryPickApproved
The 1.23.11 version fixes:
- https://www.cve.org/CVERecord?id=CVE-2025-4674

go1.23.12 (released 2025-08-06) includes security fixes to the database/sql
and os/exec packages, as well as bug fixes to the runtime.
See:
- https://go.dev/doc/devel/release#go1.23.12
- https://github.com/golang/go/issues?q=milestone%3AGo1.23.12+label%3ACherryPickApproved
The 1.23.12 version fixes:
- https://www.cve.org/CVERecord?id=CVE-2025-47907

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
[Julien: add links to release notes, fixed issues and CVEs]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-08-20 17:08:27 +02:00
Thomas Perale c46fb3c8b3 package/openjpeg: add patch to fix CVE-2025-54874
Fixes the following vulnerability:

- CVE-2025-54874

    OpenJPEG is an open-source JPEG 2000 codec. In OpenJPEG 2.5.3 and
    earlier, a call to opj_jp2_read_header may lead to OOB heap memory
    write when the data stream p_stream is too short and p_image is not
    initialized.

For more information, see:
  - https://www.cve.org/CVERecord?id=CVE-2025-54874
  - https://github.com/uclouvain/openjpeg/commit/f809b80c67717c152a5ad30bf06774f00da4fd2d

Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-08-20 16:44:38 +02:00
Florian Larysch fe94b611fd package/ed: bump to version 1.22.1
In particular, the 1.21 release fixes C23 compilation issues caused by a
custom bool definition.

Release 1.21 also includes a change of the COPYRIGHT file, but it is
purely cosmetic.

Changelogs since 1.20.2:
1.21:   https://lists.gnu.org/archive/html/bug-ed/2025-01/msg00002.html
1.21.1: https://lists.gnu.org/archive/html/bug-ed/2025-03/msg00006.html
1.22:   https://lists.gnu.org/archive/html/bug-ed/2025-07/msg00008.html
1.22.1: https://lists.gnu.org/archive/html/bug-ed/2025-08/msg00010.html

Fixes: https://autobuild.buildroot.org/results/3d5/3d523440dc7bebe12fd95564e3c5b5e90bc39af9

Signed-off-by: Florian Larysch <fl@n621.de>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-08-19 17:19:14 +02:00
Thomas Petazzoni 022ff55a39 package/elfutils: fix build after 0.193 version bump
The 0.193 version bump done in commit
c7508a2324 broke the build on numerous
CPU architectures. Let's take a patch from upstream's main branch to
fix the issue.

Fixes:

  https://autobuild.buildroot.net/results/3b005f7afec386f6fa4237f427f73367d55bb211/ (sparc64)
  https://autobuild.buildroot.net/results/a6b1d5078abdd6c8def93aaffa2e67573250da3e/ (m68k)
  https://autobuild.buildroot.net/results/45305cc2be3b255740808ee1f3486d1a10abfbb4/ (microblaze)
  and a bunch more

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-08-19 16:47:19 +02:00
Thomas Petazzoni ded3e0045a boot/grub2: add patches to fix numerous CVEs
This patch brings the entire stack of Debian patches on grub2 titled
"cve-2025-jan" and available at:

  https://salsa.debian.org/grub-team/grub/-/tree/debian/2.12-9/debian/patches/cve-2025-jan?ref_type=tags

As of this exact Debian grub2 version 2.12-9. Some minor conflicts had
to be fixed. All patches are in upstream Grub master, but mixed with
hundreds of other changes, which is why Debian's effort to backport
them has been leveraged here.

In addition to those patches, 2 extra patches are added:

 0073-net-drivers-ieee1275-ofnet-Add-missing-grub_malloc.patch
 0074-Constant-time-grub_crypto_memcmp.patch

The first one fixes an issue in one of the earlier patches. The fix is
not in Debian, but is in upstream Grub.

The second one fixes another CVE, not fixed in Debian, but fixed in
OpenSUSE. This fix is not upstream as upstream has decided to move to
libgcrypt instead to avoid the problem, but that's a fairly large
change.

Overall, this patch fixes all CVEs currently reported by pkg-stats
against our grub2 package, namely:

CVE-2024-45777
CVE-2024-45778
CVE-2024-45779
CVE-2024-45780
CVE-2024-45782
CVE-2024-56737
CVE-2024-56738
CVE-2025-0678
CVE-2025-0684
CVE-2025-0685
CVE-2025-0686
CVE-2025-0689
CVE-2025-1125

With the previous fixes on runtime tests added (to use glibc
toolchains to build grub2 tests), this commit successfully passes all
tests:

- The ISO9660 tests that use grub2:
  https://gitlab.com/tpetazzoni/buildroot/-/pipelines/1985234563

- The grub2 tests:
  https://gitlab.com/tpetazzoni/buildroot/-/pipelines/1985234685

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
[Julien: also tested by building and booting
 - qemu_aarch64_sbsa_defconfig
 - qemu_arm_ebbr_defconfig
 - qemu_loongarch64_virt_efi_defconfig
 - qemu_riscv64_virt_efi_defconfig
 - pc_x86_64_bios_defconfig
 - pc_x86_64_efi_defconfig
]
Tested-by: Julien Olivain <ju.o@free.fr>
[Julien:
 - fix patch #72 upstream link to point to the initial patch
   sumbission rather than a reply
 - merge two _IGNORE_CVES blocks for patch #50 into a single one
 - order _IGNORE_CVES blocks by numerical patch order
 - order numerically the CVE list in commit log
 - add a "Fixes:" tag in patch #74 since its commit log does not
   mention the CVE.
]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-08-19 02:50:55 +02:00
Thomas Petazzoni f4d01d1c5e support/testing/tests/boot/test_grub.py: use glibc toolchain
Since the recent bump of Bootlin toolchains in
947dbc92a2 ("toolchain/toolchain-external/toolchain-external-bootlin:
update to Bootlin toolchains 2025.08-1"), our grub2 tests are failing
as the new uClibc toolchains based on gcc 14.x have an issue building
grub.

Until this issue gets fixed at the uClibc level and since anyway glibc
is now the default in Buildroot, let's switch to using glibc
toolchains.

Fixes:

  https://gitlab.com/buildroot.org/buildroot/-/jobs/10972858692
  https://gitlab.com/buildroot.org/buildroot/-/jobs/10972858686
  https://gitlab.com/buildroot.org/buildroot/-/jobs/10972858680

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-08-19 00:11:32 +02:00
Thomas Petazzoni 2e2bfd678b support/testing/tests/fs/test_iso9660.py: use a more recent toolchain
The ISO9660 tests are currently using an old 2017 toolchain. Let's
switch to a modern toolchain, which is regularly updated. Also, we use
a toolchain based on glibc since grub2 doesn't build with recent
uClibc toolchains.

It will work around build issues with syslinux.

Fixes:

  https://gitlab.com/buildroot.org/buildroot/-/jobs/10975828975
  https://gitlab.com/buildroot.org/buildroot/-/jobs/10975828871
  https://gitlab.com/buildroot.org/buildroot/-/jobs/10975828770

(Even though those should be fixed separately, as syslinux should
continue to build with old compilers not supporting std=gnu17)

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-08-19 00:11:29 +02:00
Thomas Petazzoni 3c93cf106c DEVELOPERS: remove Suniel Mahesh, boucing e-mail
Suniel's e-mail address at Amarula Solutions is bouncing, so let's
drop this stale entry:

<sunil@amarulasolutions.com>: host aspmx.l.google.com[142.250.27.26] said:
    550-5.1.1 The email account that you tried to reach does not exist. Please
    try 550-5.1.1 double-checking the recipient's email address for typos or
    550-5.1.1 unnecessary spaces. For more information, go to 550 5.1.1
    https://support.google.com/mail/?p=NoSuchUser
    a640c23a62f3a-afcdce6d5e1si493680166b.9 - gsmtp (in reply to RCPT TO
    command)

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-08-18 23:35:20 +02:00
Quentin Schulz c688a1a8a8 package/setserial: simplify patching
The original commit (aaa2b660a9 ("setserial: convert to autotargets
and fix manpages install") wasn't entirely clear why we went for a
removal of a patch from the tarball we get from Debian.

It is assumed the original patch mainly only wanted to remove the strip
and make sure the directories are created before files are installed in
there. But doing only that made my build fail because the linker doesn't
find @CXXFLAGS@. After undoing the addition of this variable (and its
use) from 01_makefile.patch it now compiles just fine.

Therefore, instead of removing the patch from the tarball we get from
Debian, simply update the patch we carry in the tree to remove what's
necessary and simplify the patching logic.

This could also help identify notable differences between the
01_makefile.patch from two different versions whenever we upgrade.

Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-08-18 22:58:27 +02:00
Quentin Schulz 871cdeab6a package/setserial: update to 2.17-57 for compatibility with newer toolchains
Debian has a newer setserial which compiles on newer toolchains, so
let's update to it.

Noteworthy is the change from a big diff to a tarball containing the
whole debian directory. The series file which contains all patches to
apply is named properly so no need to rename 00list anymore. The patches
file extension is now .patch instead of .dpatch.

This fixes the build with BR2_TOOLCHAIN_EXTERNAL_ARM_AARCH64 external
toolchain (14.2.rel1).

Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-08-18 22:57:59 +02:00
Quentin Schulz 26077c2d41 package/setserial: autoreconfigure for compatibility with newer toolchains
Newer toolchains silently fail during configure step. After some
investigation, it is because -Wimplicit-int is returned for one of the
simplest test from the in-package configure file and thus fail the
configure step early, when checking if the compiler can produce an
executable.

Let's fix this by simply regenerating the configure file, similarly to
what Debian is doing, c.f. debian/rules.

Fixes:

  https://autobuild.buildroot.net/results/ff7a9c3c42f11a2ab71fb04ff0f6d593ac9ee327/

(but there are more build failures later, fixed in a follow-up commit)

Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-08-18 22:56:39 +02:00
Quentin Schulz 534147af94 package/setserial: apply patches from setserial_2.17-45.3.diff.gz
Since 64ac719952 ("apply-patches.sh: add recursivity when scanning
patchdir"), patches with the .dpatch file extension are simply ignored.

Unfortunately, setserial package stopped applying the patches after that
commit.

Sadly, 0002-tiocghayesesp-build-fix.patch is breaking the patch context
for patch 18 in the debian diff because we are currently applying
patches from within Buildroot tree before applying the ones we download
from Debian. Instead of doing some hacks, let's apply Debian patches
before Buildroot's. However, this requires a few changes. First, we need
to migrate away from the SETSERIAL_PATCH mechanism because currently
_PRE_PATCH_HOOKS runs before this is applied and _POST_PATCH_HOOKS runs
after the Buildroot patches are applied.
Instead, let's use an _EXTRA_DOWNLOADS we manually extract à-la
package/android-tools/android-tools.mk. Then in the _PRE_PATCH_HOOKS, we
apply the big diff the _EXTRA_DOWNLOADS contains so that the patches
from within can be applied afterwards.

Because the big diff still contains only patches with the *.dpatch
extensions that are not supported anymore, we need to either rename all
patches or use the 00list file that lists all patches in the order they
need to be applied. Fortunately, Buildroot already supports applying
patches with `patch` regardless of their extension if they are within
such a file. Unfortunately, it needs to be called "series", hence the
renaming.

Because patch 18 from the big diff is now applied before
0002-tiocghayesesp-build-fix.patch from Buildroot tree, the latter will
fail if left unmodified, so this commit also rebases it.

Finally, we keep the removal of 01_makefile.dpatch for now even though
it only exists because it generates a conflict with
0001-build-system-fix.patch from Buildroot tree. It'll be rebased in a
later commit though.

Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-08-18 22:55:14 +02:00
Yann E. MORIN 00fa600303 package/bash: fix build with gcc 15
Commit 6d09b25d08 (package/bash: fix build with host GCC 15) did
apply a workaround for when the host gcc is gcc-15 (or later), but
missed the fact that the target compiler also exhibits build issues.

For the same reasons as explained in 6d09b25d08, don't try and fix
those issues, but just paper over the problem by using an older C
standard.

Fixes:

  https://autobuild.buildroot.net/results/1ee74d546182695d3411358f028fcce8ccbb74c3/

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Adam Duskett <adam.duskett@amarulasolutions.com>
Cc: Florian Larysch <fl@n621.de>
Cc: Julien Olivain <ju.o@free.fr>
Reviewed-by: Florian Larysch <fl@n621.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-08-16 23:05:24 +02:00
Yann E. MORIN 1c61d9c12b package/bash: don't use append-assignment where unneeded
For the first, unconditional assignment, there is no reason to use
append-assignment; it can even be misleading.

Fixes: b367ca32e5

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-08-16 22:57:08 +02:00
Titouan Christophe 0fc8112033 package/libcue: add CPE vendor
lipnitsk is a valid CPE vendor ID for libcue, see
https://nvd.nist.gov/products/cpe/detail/79A927B3-A7E5-476D-94C9-0FA0AB71D182

Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-08-16 22:55:10 +02:00
Titouan Christophe a46810838a package/openocd: add CPE vendor and product
openocd:open_on-chip_debugger is a valid CPE ID for openocd, see
https://nvd.nist.gov/products/cpe/detail/91C79641-7554-4DA6-939D-E9B0A6E54C99

Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-08-16 22:55:08 +02:00
Titouan Christophe e5ab632207 package/rrdtool: mark CPE as valid
rrdtool_project is a valid CPE vendor, see
https://nvd.nist.gov/products/cpe/detail/744D7444-F505-4F38-BB2C-B1540A3966E4

Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-08-16 22:55:04 +02:00
Titouan Christophe d2c975ad02 package/openconnect: add CPE vendor
infradead is a valid CPE vendor for openconnect, see
https://nvd.nist.gov/products/cpe/detail/2877E5FD-6361-465D-81D7-AE1EBB3E059F

Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-08-16 22:54:59 +02:00
Thomas Perale 2eb72e7666 package/prboom: fix build w/ gcc-15
This patch force the usage of `-std=gnu18` for GCC15 toolchains to fix
the following issues:

- The boolean issue with C23

```
In file included from ../../src/i_sound.h:38,
                 from i_sound.c:58:
../../src/doomtype.h:48:15: error: cannot use keyword ‘false’ as enumeration constant
   48 | typedef enum {false, true} boolean;
      |               ^~~~~
../../src/doomtype.h:48:15: note: ‘false’ is a keyword with ‘-std=c23’ onwards
```

- The usage of `usleep` & `struct timezone` require usage of GNU
  extensions.

```
i_system.c:58:3: error: implicit declaration of function ‘usleep’; did you mean ‘sleep’? [-Wimplicit-function-declaration]
   58 |   usleep(usecs);
      |   ^~~~~~
      |   sleep
i_system.c: In function ‘I_GetTime_RealTime’:
i_system.c:78:19: error: storage size of ‘tz’ isn’t known
   78 |   struct timezone tz;
      |                   ^~
i_system.c: In function ‘I_GetRandomTimeSeed’:
i_system.c:105:19: error: storage size of ‘tz’ isn’t known
  105 |   struct timezone tz;
      |                   ^~
```

Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-08-16 22:49:13 +02:00
Thomas Perale c0bf3da45b package/prboom: fix build w/ gcc-14
When building prboom with gcc-14 the following error appeared on the
autobuilder:

```
i_main.c: In function 'main':
i_main.c:359:10: error: assignment to 'const char * const*' from incompatible pointer type 'char **' [-Wincompatible-pointer-types]
  359 |   myargv = argv;
      |          ^
```

While this package did not receive any update for a while on the
sourceforge mirror, I backported the fix from a fork. For more
information see [1].

[1] https://github.com/coelckers/prboom-plus/commit/92d44b6383a3e053feac2c820b8114873fcd798e

Fixes: https://autobuild.buildroot.org/results/888/88846e3cb267b04da58bc17d92fd5dd385b65b5d
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-08-16 22:48:28 +02:00
Thomas Perale 14955941e2 package/bcusdk: fix build w/ gcc-14
When using gcc-14 the compilation fails with the following error
message:

```
close.c: In function 'EIBClose':
close.c:38:3: error: implicit declaration of function 'close'; did you mean 'pclose'? [-Wimplicit-function-declaration]
   38 |   close (con->fd);
      |   ^~~~~
      |   pclose
openlocal.c: In function 'EIBSocketLocal':
openlocal.c:57:7: error: implicit declaration of function 'close'; did you mean 'pclose'? [-Wimplicit-function-declaration]
   57 |       close (con->fd);
      |       ^~~~~
      |       pclose
make[6]: *** [Makefile:611: close.lo] Error 1
```

This patch include <unistd.h> to include the declaration of close.

Fixes: https://autobuild.buildroot.org/results/483/483fc4584815507c3798eb972e22e51f70f52c23/build-end.log
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-08-16 22:39:20 +02:00
Florian Larysch 562eb870fe package/start-stop-daemon: fix build issues with musl and GCC 14
Unlike glibc and uClibc, musl doesn't play tricks with transparent
unions for the second argument to bind() to accept the various sockaddr
variants, but rather just defines it as "struct sockaddr*". As GCC 14 no
longer allows arbitrary implicit pointer casts, this results in a build
error. Import the upstream patch that adds the cast.

Fixes: https://autobuild.buildroot.org/results/00b/00b42a35a80c2deb61f2cd40aedd231597bbb290
Signed-off-by: Florian Larysch <fl@n621.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-08-16 22:37:54 +02:00
Thomas Petazzoni 826f9e43a1 package/rpcbind: bump to version 1.2.8
List of commits between 1.2.7..1.2.8:

f979f1b8fa202cd0d6c352de0f2b64361ce5ea33 (HEAD -> master, tag: rpcbind-1_2_8, origin/master, origin/HEAD) Release: 1.2.8
a9ecbb81940b23a4bb9814e126c1c1ae1db93b69 (tag: rpcbind-1_2_8-rc3) rpcinfo: Removed a number of "old-style function definition" warnings
8cc10d038c361f296b0a8e068c173acc33568997 rpcbind: Add -v flag to print version and config
8ef2e504df6e5ec3321c0804a8c6684d781e7a84 man/rpcbind: Update list of options
74da58dde5b1a1a7e54df1fb16315845195a69c0 (tag: rpcbind-1_2_8-rc2) Comment out ListenStream=@/run/rpcbind.sock
b78689b8f1df42eb593dc3412698aa1b8aaa3532 [nfs/nfs-utils/rpcbind] rpcbind: avoid dereferencing NULL from realloc()
fd1d5387de8078530d51eccf876afe6e6182b975 (tag: rpcbind-1_2_8-rc1) Move rpbind's default configuration to /run verses /var/run
7a6b1c58eee2e5fa74e3e4045c4950fbb4f8af0a Move rpcbind.lock to /run
be63348bd3dd9e69e151ff83f08f09e1a9df82bf systemd/rpcbind.service.in: Want/After systemd-tmpfiles-setup
626fd801a13cecd8eb79ac6e979c248d7214aad4 systemd/rpcbind.service.in: Add various hardenings options
511fc4f4bc5ca7b7c8dac877d590d0634e570e6d man/rpcbind: Add Files section to manpage
31157ba6e60b0a8c4989010df8b1cf2aa673a86c systemd/rpcbind.service.in: Add few default EnvironmentFile

So really not much.

While we're at it, let's add a sha1 hash provided directly by
Sourceforge, in addition to the locally calculated sha256.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-08-16 22:11:23 +02:00
Florian Larysch cd0ce33b62 package/tinyssh: fix build issues with GCC 14
tinyssh 20240101 fails to build on GCC 14 because of a missing include
for a forward declaration. Import the upstream patch that fixes it.

Fixes: https://autobuild.buildroot.org/results/e45/e4563317371c90669f6417ee3d1c48a41cb59cb2/
Signed-off-by: Florian Larysch <fl@n621.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-08-16 22:08:00 +02:00
Giulio Benetti 64fa978c53 package/libtracefs: fix build failure due to missing NPTL
With commit:
https://git.kernel.org/pub/scm/libs/libtrace/libtracefs.git/commit/?id=31acfe1747b273e147f864b5a62a4e39197ca1a2
package libtracefs utest started to use pthread_barrier_() functions and
this lead to build failure when we build without NPTL. Since utest is
not needed on the target we can avoid to build it, so let's disable it.

Fixes: 117ece4835 ("package/libtracefs: bump to version 1.8.0")
Fixes:
https://autobuild.buildroot.net/results/69b/69b75908bebdf9382a4cd9b138fcaf1e34daba09//

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-08-16 21:57:26 +02:00
Giulio Benetti c73243468f package/rtl8812au-aircrack-ng: fix build with Linux 6.16
Add local patch pending upstream to fix build failure with Linux 6.16.

Fixes:
https://autobuild.buildroot.org/results/7a5b5f3e8d34e3e8ca155ffe168768275256c17e/
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-08-16 21:55:54 +02:00
Julien Olivain 93e37c58b0 support/testing: test_dmidecode: fix test after bootlin toolchains update
Since Buildroot commit [1] "update to Bootlin toolchains 2025.08-1",
the tests.package.test_dmidecode fails when building its Kernel 6.6.39
with gcc 15.1.0.

This commit fixes the issue by updating the test Kernel to the
latest 6.6.y version (6.6.102 at the time of this commit) which
includes the fix for gcc-15.

Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/10984686001

[1] https://gitlab.com/buildroot.org/buildroot/-/commit/947dbc92a20c5acea7882166cae7893e6ea661e1

Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-08-16 21:46:34 +02:00
Julien Olivain 37bc7f99fd support/testing: test_msr_tools: fix test after bootlin toolchains update
Since Buildroot commit [1] "update to Bootlin toolchains 2025.08-1",
the tests.package.test_msr_tools fails when building its Kernel 5.15.55
with gcc 15.1.0.

This commit fixes the issue by updating the test Kernel to the latest
LTS version (6.12.42 at the time of this commit) which includes the
fix for gcc-15. Note: the 5.15.y series does not include this fix for
the x86_64 architecture, which is why this commit switches to 6.12.y.

Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/10984686294

[1] https://gitlab.com/buildroot.org/buildroot/-/commit/947dbc92a20c5acea7882166cae7893e6ea661e1

Cc: Vincent Stehlé <vincent.stehle@laposte.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-08-16 21:46:05 +02:00
Julien Olivain 848ffba573 support/testing: test_dpdk: fix test after bootlin toolchains update
Since Buildroot commit [1] "update to Bootlin toolchains 2025.08-1",
the tests.package.test_dpdk fails to build its Kernel 6.6.58 with
gcc 15.1.0.

This commit fixes the issue by updating the test Kernel version to
the latest 6.6.y version (6.6.102 at the time of this commit) which
includes the fix for gcc-15.

Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/10984686010

[1] https://gitlab.com/buildroot.org/buildroot/-/commit/947dbc92a20c5acea7882166cae7893e6ea661e1

Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-08-16 21:45:46 +02:00
Julien Olivain cc0812b6eb support/testing: test_numactl: fix test after bootlin toolchains update
Since Buildroot commit [1] "update to Bootlin toolchains 2025.08-1",
the tests.package.test_numactl fails to build its Kernel 6.1.75 with
gcc 15.1.0.

This commit fixes the issue by updating the test Kernel version to
the latest 6.1.y version (6.1.148 at the time of this commit) which
includes the fix for gcc-15.

Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/10984686336

[1] https://gitlab.com/buildroot.org/buildroot/-/commit/947dbc92a20c5acea7882166cae7893e6ea661e1

Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-08-16 21:42:00 +02:00
Julien Olivain 20100403d3 support/testing: test_wine: fix test after bootlin toolchains update
Since Buildroot commit [1] "update to Bootlin toolchains 2025.08-1",
the tests.package.test_wine fails to build its Kernel 6.6.27 with
gcc 15.1.0.

This commit fixes the issue by updating the test Kernel version to
the latest 6.6.y version (6.6.102 at the time of this commit) which
includes the fix for gcc-15.

Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/10984686766

[1] https://gitlab.com/buildroot.org/buildroot/-/commit/947dbc92a20c5acea7882166cae7893e6ea661e1

Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-08-16 21:41:10 +02:00
Julien Olivain 71ae8e6ca9 package/gcc-bare-metal: bump to version 15.2.0 to fix build
Since Buildroot commit [1] "package/gcc: bump 15.x series to 15.2.0",
gcc-bare-metal fails to download its sources. For example using the
commands:

	make zynqmp_kria_kv260_defconfig
	make source

fails with error:

	ERROR: No hash found for gcc-15.1.0.tar.xz

This is because the gcc-bare-metal package reuses the hash file and
the 15.x package patch directory from the gcc package (which was
bumped to 15.2.0), but still defines its _VERSION to 15.1.0.

This commit fixes this issue by bumping gcc-bare-metal to 15.2.0.

Fixes:
https://autobuild.buildroot.org/results/eda879fb8e1ccd696f01927087713b88a4b1a2c5
https://gitlab.com/buildroot.org/buildroot/-/jobs/11026775160

[1] https://gitlab.com/buildroot.org/buildroot/-/commit/b1dd235ad0dd91e1919a167a17cc9cd20a3695b2

Cc: Ibai Erkiaga <ibai.erkiaga-elorza@amd.com>
Cc: Neal Frager <neal.frager@amd.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
Acked-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Acked-by: Neal Frager <neal.frager@amd.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-08-16 21:39:15 +02:00
Thomas Perale c7508a2324 package/elfutils: security bump to v0.193
For more details on the version bump, see:
  - https://sourceware.org/git/?p=elfutils.git;a=blob;f=NEWS;h=47bf2c6a3b1f49c7adc1d0389de375290461a44c

Fixes the following security issues:

- CVE-2025-1352

    A vulnerability has been found in GNU elfutils 0.192 and classified as
    critical. This vulnerability affects the function __libdw_thread_tail
    in the library libdw_alloc.c of the component eu-readelf. The
    manipulation of the argument w leads to memory corruption. The attack
    can be initiated remotely. The complexity of an attack is rather high.
    The exploitation appears to be difficult. The exploit has been
    disclosed to the public and may be used. The name of the patch is
    2636426a091bd6c6f7f02e49ab20d4cdc6bfc753. It is recommended to apply a
    patch to fix this issue.

For more information, see:
  - https://www.cve.org/CVERecord?id=CVE-2025-1352
  - https://sourceware.org/git/?p=elfutils.git;a=commitdiff;h=2636426a091bd6c6f7f02e49ab20d4cdc6bfc753

- CVE-2025-1365

    A vulnerability, which was classified as critical, was found in GNU
    elfutils 0.192. This affects the function process_symtab of the file
    readelf.c of the component eu-readelf. The manipulation of the
    argument D/a leads to buffer overflow. Local access is required to
    approach this attack. The exploit has been disclosed to the public and
    may be used. The identifier of the patch is
    5e5c0394d82c53e97750fe7b18023e6f84157b81. It is recommended to apply a
    patch to fix this issue.

For more information, see:
  - https://www.cve.org/CVERecord?id=CVE-2025-1365
  - https://sourceware.org/git/?p=elfutils.git;a=commitdiff;h=5e5c0394d82c53e97750fe7b18023e6f84157b81

- CVE-2025-1371

    A vulnerability has been found in GNU elfutils 0.192 and classified as
    problematic. This vulnerability affects the function
    handle_dynamic_symtab of the file readelf.c of the component eu-read.
    The manipulation leads to null pointer dereference. Attacking locally
    is a requirement. The exploit has been disclosed to the public and may
    be used. The patch is identified as
    b38e562a4c907e08171c76b8b2def8464d5a104a. It is recommended to apply a
    patch to fix this issue.

For more information, see:
  - https://www.cve.org/CVERecord?id=CVE-2025-1371
  - https://sourceware.org/git/?p=elfutils.git;a=commitdiff;h=b38e562a4c907e08171c76b8b2def8464d5a104a

- CVE-2025-1372

    A vulnerability was found in GNU elfutils 0.192. It has been declared
    as critical. Affected by this vulnerability is the function
    dump_data_section/print_string_section of the file readelf.c of the
    component eu-readelf. The manipulation of the argument z/x leads to
    buffer overflow. An attack has to be approached locally. The exploit
    has been disclosed to the public and may be used. The identifier of
    the patch is 73db9d2021cab9e23fd734b0a76a612d52a6f1db. It is
    recommended to apply a patch to fix this issue.

For more information, see:
  - https://www.cve.org/CVERecord?id=CVE-2025-1372
  - https://sourceware.org/git/?p=elfutils.git;a=commitdiff;h=73db9d2021cab9e23fd734b0a76a612d52a6f1db

- CVE-2025-1376

    A vulnerability classified as problematic was found in GNU elfutils
    0.192. This vulnerability affects the function elf_strptr in the
    library /libelf/elf_strptr.c of the component eu-strip. The
    manipulation leads to denial of service. It is possible to launch the
    attack on the local host. The complexity of an attack is rather high.
    The exploitation appears to be difficult. The exploit has been
    disclosed to the public and may be used. The name of the patch is
    b16f441cca0a4841050e3215a9f120a6d8aea918. It is recommended to apply a
    patch to fix this issue.

For more information, see:
  - https://www.cve.org/CVERecord?id=CVE-2025-1376
  - https://sourceware.org/git/?p=elfutils.git;a=commitdiff;h=b16f441cca0a4841050e3215a9f120a6d8aea918

- CVE-2025-1377

    A vulnerability, which was classified as problematic, has been found
    in GNU elfutils 0.192. This issue affects the function
    gelf_getsymshndx of the file strip.c of the component eu-strip. The
    manipulation leads to denial of service. The attack needs to be
    approached locally. The exploit has been disclosed to the public and
    may be used. The identifier of the patch is
    fbf1df9ca286de3323ae541973b08449f8d03aba. It is recommended to apply a
    patch to fix this issue.

For more information, see:
  - https://www.cve.org/CVERecord?id=CVE-2025-1377
  - https://sourceware.org/git/?p=elfutils.git;a=commitdiff;h=fbf1df9ca286de3323ae541973b08449f8d03aba

Patch 0003 is now part of this release.

Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-08-15 00:43:23 +02:00
Sébastien Szymanski cfabe800ad package/python-numpy: fix build with python-cython >= 3.1
Since commit b536caaec0 ("package/python-cython: bump to version
3.1.2"), python-numpy fails to build:

Error compiling Cython file:
------------------------------------------------------------
...
                np.issubdtype(cov.dtype, np.complexfloating)):
            raise TypeError("mean and cov must not be complex")
        if size is None:
            shape = []
        elif isinstance(size, (int, long, np.integer)):
                                    ^
------------------------------------------------------------
numpy/random/_generator.pyx:3760:36: undeclared name not builtin: long

Backport upstream patch to fix that build failure.

Signed-off-by: Sébastien Szymanski <sebastien.szymanski@armadeus.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-08-15 00:22:19 +02:00
Romain Naour e91d1068de package/rt-tests: update _SITE URL
The previous version bump 8f52d4183e ("package/rt-tests: bump to
version 2.8") was using the latest release, so the URL was updated to
remove the "older" subdirectory.

The URL was:

  https://www.kernel.org/pub/linux/utils/rt-tests/rt-tests-2.8.tar.xz

On the 01/07/2025 a new rt-tests release was published (2.9), so the
2.8 archive was moved to "older" subdirectory and once again breaking
existing packaging downloads.

The "new" URL is now:

  https://www.kernel.org/pub/linux/utils/rt-tests/older/rt-tests-2.8.tar.xz

This situation was discussed upstream in [1].

[1] https://lore.kernel.org/linux-rt-users/20241228114346.6020d6b0@windsurf/

Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/10984686708 (TestRtTests)

Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Romain Naour <romain.naour@smile.fr>
[Julien: add comment in commit log about link [1]]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-08-14 00:09:11 +02:00
Titouan Christophe 611a795cfc package/ofono: security bump to v2.18
This fixes the following vulnerabilities:

- CVE-2023-2794:
    A flaw was found in ofono, an Open Source Telephony on Linux. A stack
    overflow bug is triggered within the decode_deliver() function during
    the SMS decoding. It is assumed that the attack scenario is accessible
    from a compromised modem, a malicious base station, or just SMS. There
    is a bound check for this memcpy length in decode_submit(), but it was
    forgotten in decode_deliver().
    https://www.cve.org/CVERecord?id=CVE-2023-2794

- CVE-2024-7537:
    oFono QMI SMS Handling Out-Of-Bounds Read Information Disclosure
    Vulnerability. This vulnerability allows local attackers to disclose
    sensitive information on affected installations of oFono.
    Authentication is not required to exploit this vulnerability.  The
    specific flaw exists within the processing of SMS message lists. The
    issue results from the lack of proper validation of user-supplied
    data, which can result in a read past the end of an allocated buffer.
    An attacker can leverage this in conjunction with other
    vulnerabilities to execute arbitrary code in the context of root. Was
    ZDI-CAN-23157.
    https://www.cve.org/CVERecord?id=CVE-2024-7537

- CVE-2024-7539:
    oFono CUSD Stack-based Buffer Overflow Code Execution Vulnerability.
    This vulnerability allows local attackers to execute arbitrary code on
    affected installations of oFono. An attacker must first obtain the
    ability to execute code on the target modem in order to exploit this
    vulnerability.  The specific flaw exists within the parsing of
    responses from AT+CUSD commands. The issue results from the lack of
    proper validation of the length of user-supplied data prior to copying
    it to a stack-based buffer. An attacker can leverage this
    vulnerability to execute code in the context of root. Was ZDI-
    CAN-23195.
    https://www.cve.org/CVERecord?id=CVE-2024-7539

- CVE-2024-7540:
    oFono AT CMGL Command Uninitialized Variable Information Disclosure
    Vulnerability. This vulnerability allows local attackers to disclose
    sensitive information on affected installations of oFono. An attacker
    must first obtain the ability to execute code on the target modem in
    order to exploit this vulnerability.  The specific flaw exists within
    the parsing of responses from AT+CMGL commands. The issue results from
    the lack of proper initialization of memory prior to accessing it. An
    attacker can leverage this in conjunction with other vulnerabilities
    to execute arbitrary code in the context of root. Was ZDI-CAN-23307.
    https://www.cve.org/CVERecord?id=CVE-2024-7540

- CVE-2024-7541:
    oFono AT CMT Command Uninitialized Variable Information Disclosure
    Vulnerability. This vulnerability allows local attackers to disclose
    sensitive information on affected installations of oFono. An attacker
    must first obtain the ability to execute code on the target modem in
    order to exploit this vulnerability.  The specific flaw exists within
    the parsing of responses from AT+CMT commands. The issue results from
    the lack of proper initialization of memory prior to accessing it. An
    attacker can leverage this in conjunction with other vulnerabilities
    to execute arbitrary code in the context of root. Was ZDI-CAN-23308.
    https://www.cve.org/CVERecord?id=CVE-2024-7541

- CVE-2024-7542:
    oFono AT CMGR Command Uninitialized Variable Information Disclosure
    Vulnerability. This vulnerability allows local attackers to disclose
    sensitive information on affected installations of oFono. An attacker
    must first obtain the ability to execute code on the target modem in
    order to exploit this vulnerability.  The specific flaw exists within
    the parsing of responses from AT+CMGR commands. The issue results from
    the lack of proper initialization of memory prior to accessing it. An
    attacker can leverage this in conjunction with other vulnerabilities
    to execute arbitrary code in the context of root. Was ZDI-CAN-23309.
    https://www.cve.org/CVERecord?id=CVE-2024-7542

Also drop local patch that is no longer applicable, since upstream now
relies on HAS_BACKTRACE as well.

Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
Reviewed-by: Petr Vorel <petr.vorel@gmail.com>
[Julien: remove .checkpackageignore entry to fix check-package error]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-08-13 18:32:45 +02:00
Titouan Christophe 5927f9778f package/ofono: mark CPE as valid
The default ofono_project:ofono is a valid CPE, see
https://nvd.nist.gov/products/cpe/detail/734A0A32-DA21-49B8-86BD-1A60C7CDF864

Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-08-13 18:31:31 +02:00
Thomas Petazzoni b1dd235ad0 package/gcc: bump 15.x series to 15.2.0
Announcement:
https://gcc.gnu.org/pipermail/gcc-announce/2025/000189.html

GCC 15.2 is a bug-fix release from the GCC 15 branch
containing important fixes for regressions and serious bugs in
GCC 15.1 with more than 123 bugs fixed since the previous release.

For the list of bugs fixed in this version, see:
https://gcc.gnu.org/gcc-15/changes.html#15.2

One patch is renamed to match the filename generated by "git
format-patch" out of the box.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
[Julien: add link to the bug list in commit log]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-08-13 16:15:04 +02:00
Peter Korsgaard 802d093060 Makefile: release: make .tar.gz reproducible
Drop the timestamp from the .tar.gz to make it reproducible, similar to how
it is done in support/download/helpers.

Notice: .xz files do not contain a timestamp

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-08-12 23:43:30 +02:00
Peter Korsgaard fa855cbe6e Makefile: release: make tarball reproducible
The tarball created by git archive is reproducible, but when we append the
generated manual we leak current time and the username/uid of the person
running make release:

tar tvf buildroot-2025.08-rc1.tar.gz | tail
-rwxrwxr-x root/root      5512 2025-08-11 13:22 buildroot-2025.08-rc1/utils/update-rust
drwxr-xr-x peko/peko         0 2025-08-11 17:39 buildroot-2025.08-rc1/
drwxr-xr-x peko/peko         0 2025-08-11 17:38 buildroot-2025.08-rc1/docs/
drwxr-xr-x peko/peko         0 2025-08-11 17:39 buildroot-2025.08-rc1/docs/manual/
-rw-r--r-- peko/peko      5738 2025-08-11 17:38 buildroot-2025.08-rc1/docs/manual/docbook-xsl.css
-rw-r--r-- peko/peko     19029 2025-08-11 17:38 buildroot-2025.08-rc1/docs/manual/github_hash_mongrel2.png
-rw-r--r-- peko/peko    638866 2025-08-11 17:39 buildroot-2025.08-rc1/docs/manual/manual.pdf
-rw-r--r-- peko/peko    587892 2025-08-11 17:38 buildroot-2025.08-rc1/docs/manual/manual.html
-rw-r--r-- peko/peko    393514 2025-08-11 17:39 buildroot-2025.08-rc1/docs/manual/manual.text
-rw-r--r-- peko/peko    117499 2025-08-11 17:38 buildroot-2025.08-rc1/docs/manual/logo.png

Fix that by forcing uid as root and setting mtime to the latest commit,
similar to how we do it in support/download/{git,helpers}.

Notice that we do not use --numeric-owner to match the output of git
archive, so it does rely on uid 0=root, which is very likely but not
guaranteed.

Reported-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-08-12 23:43:22 +02:00
Peter Korsgaard 3fc5d821eb Makefile: release: make manual build reproducible
The manual contains build timestamps like:

Buildroot 2025.08-rc1 manual generated on 2025-08-12 06:43:37 UTC

Making it not reproducible.  Luckily asciidoc respects SOURCE_DATE_EPOCH, so
use that to use the timestamp of the latest git commit instead.

Notice: The release and manual targets are marked as noconfig targets (and
need to stay like that for make release), so we cannot use the
BR2_REPRODUCIBLE logic.  Instead manually set SOURCE_DATE_EPOCH.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-08-12 23:43:16 +02:00
Akhilesh Nema a62ed63dce package/hwdata: bump version to 0.398
Release notes:
https://github.com/vcrhonek/hwdata/releases/tag/v0.398

Signed-off-by: Akhilesh Nema <nemaakhilesh@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-08-12 17:54:34 +02:00
Akhilesh Nema f6194a6f4a package/modem-manager: bump to version 1.24.2
Changelog:
https://gitlab.freedesktop.org/mobile-broadband/ModemManager/-/blob/mm-1-24/NEWS

Signed-off-by: Akhilesh Nema <nemaakhilesh@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-08-12 17:18:15 +02:00
Giulio Benetti bae8ff7dd2 package/trace-cmd: bump to version 3.3.3
Release notes:
https://git.kernel.org/pub/scm/utils/trace-cmd/trace-cmd.git/tag/?h=trace-cmd-v3.3.3

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-08-12 17:07:47 +02:00
Akhilesh Nema 96febd9c16 package/iperf3: security bump to version 3.19.1
Release notes:
https://github.com/esnet/iperf/releases/tag/3.19.1

Fixes the following security issues:
- An off-by-one heap overflow has been fixed in authentication.
  CVE-2025-54349, ESNET-SECADV-2025-0003)
  https://github.com/advisories/GHSA-8xx8-qrh3-q8mq

- An assert in authentication has been removed. (CVE-2025-54350,
  ESNET-SECADV-2025-0002)
  https://github.com/advisories/GHSA-r6x8-74x9-5mc9

- A buffer overflow in the --skip-rx-copy option for zerocopy
  has been fixed. (CVE-2025-54351, ESNET-SECADV-2025-0001)
  https://github.com/advisories/GHSA-xjwm-4pfw-49g2

Signed-off-by: Akhilesh Nema <nemaakhilesh@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-08-12 16:44:52 +02:00
Arnout Vandecappelle 22681d2ef1 docs/website/{download,news}.html: update for 2025.05.1
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-08-11 17:08:34 +02:00
Titouan Christophe 54fe9d3f4d CHANGES: update for 2025.05.1
Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
(cherry picked from commit 6ae1f61894)
2025-08-11 17:08:06 +02:00
Arnout Vandecappelle ad52cbd93d docs/website/{download,news}.html: update for 2025.02.5
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-08-11 16:46:31 +02:00
Titouan Christophe b64f275042 CHANGES: update for 2025.02.5
Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
(cherry picked from commit 874b83cd01)
2025-08-11 16:43:15 +02:00
Peter Korsgaard 1349cd6031 Update for 2025.08-rc1
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-08-11 13:22:07 +02:00
Peter Korsgaard bbbe5d3343 CHANGES: correct 2025.02.3 formatting
Commit b55957fa65 ("CHANGES: Update for 2025.02.3" added an entry for
2025.02.3, but forgot to add an empty line after the title.  Fix that.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-08-11 13:21:59 +02:00
Peter Korsgaard eac5605b57 CHANGES: move 2025.02.4 where it belongs
Commit f30bf62f53 ("CHANGES: update for 2025.02.4") added the release to
the top of the file instead of below 2025.05-rc1.  Fix that and indent with
a tab like the other releases.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-08-11 12:40:55 +02:00
Francois Perrad a4694522c9 package/lynis: bump to version 3.1.5
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-08-11 12:03:04 +02:00
Thomas Perale 98f0d8ad01 package/luajit: ignore multiple CVEs
This patch ignores the following CVEs that are already fixed in the
current version.

- CVE-2020-15890

For more information, see:
- https://nvd.nist.gov/vuln/detail/CVE-2020-15890
- https://github.com/LuaJIT/LuaJIT/commit/53f82e6e2e858a0a62fd1a2ff47e9866693382e6

- CVE-2020-24372

For more information, see:
- https://nvd.nist.gov/vuln/detail/CVE-2020-24372
- https://github.com/LuaJIT/LuaJIT/commit/e296f56b825c688c3530a981dc6b495d972f3d01

- CVE-2024-25176

For more information, see:
- https://nvd.nist.gov/vuln/detail/CVE-2024-25176
- https://github.com/LuaJIT/LuaJIT/commit/343ce0edaf3906a62022936175b2f5410024cbfc

- CVE-2024-25177

For more information, see:
- https://nvd.nist.gov/vuln/detail/CVE-2024-25177
- https://github.com/LuaJIT/LuaJIT/commit/85b4fed0b0353dd78c8c875c2f562d522a2b310f

- CVE-2024-25178

For more information, see:
- https://nvd.nist.gov/vuln/detail/CVE-2024-25178
- https://github.com/LuaJIT/LuaJIT/commit/defe61a56751a0db5f00ff3ab7b8f45436ba74c8

Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-08-11 12:01:21 +02:00
Thomas Perale e388ef88f0 package/luajit: add CPE_VERSION & CPE_UPDATE
Since this package hasn't had a proper release in a while this patch set
the CPE_VERSION and CPE_UPDATE to the latest tags available.

The annotation available on NVD all refers to this last available
version `cpe:2.3:a:luajit:luajit:2.1.0:beta3:*:*:*:*:*:*`.

See https://nvd.nist.gov/vuln/detail/CVE-2020-15890 for instance.

Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-08-11 12:00:22 +02:00
Dario Binacchi 0d09bd49e8 package/ufs-utils: fix hash file
Fix the following error:

wget -nd -t 3 --connect-timeout=10 -O '/home/dario/projects/buildroot/output/build/.ufs-utils-7.14.12.tar.gz.68J1WJ/output' 'https://github.com/SanDisk-Open-Source/ufs-utils/archive/v7.14.12/ufs-utils-7.14.12.tar.gz'
--2025-08-07 11:07:32--  https://github.com/SanDisk-Open-Source/ufs-utils/archive/v7.14.12/ufs-utils-7.14.12.tar.gz
Resolving github.com (github.com)... 140.82.121.4
Connecting to github.com (github.com)|140.82.121.4|:443... connected.
HTTP request sent, awaiting response... 302 Found
Location: https://codeload.github.com/SanDisk-Open-Source/ufs-utils/tar.gz/refs/tags/v7.14.12 [following]
--2025-08-07 11:07:32--  https://codeload.github.com/SanDisk-Open-Source/ufs-utils/tar.gz/refs/tags/v7.14.12
Resolving codeload.github.com (codeload.github.com)... 140.82.121.10
Connecting to codeload.github.com (codeload.github.com)|140.82.121.10|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: unspecified [application/x-gzip]
Saving to: ‘/home/dario/projects/buildroot/output/build/.ufs-utils-7.14.12.tar.gz.68J1WJ/output’

/home/dario/projects/buildroot/output/b     [ <=>                                                                                ]  77.76K  --.-KB/s    in 0.06s

2025-08-07 11:07:32 (1.32 MB/s) - ‘/home/dario/projects/buildroot/output/build/.ufs-utils-7.14.12.tar.gz.68J1WJ/output’ saved [79623]

ERROR: while checking hashes from package/ufs-utils/ufs-utils.hash
ERROR: ufs-utils-7.14.12.tar.gz has wrong sha256 hash:
ERROR: expected: 96cd578722830bc7d8a418d528a3067c0b80ad437f66c3333ebc238fe52436a2
ERROR: got     : 96d15ce4b0990049d812d24afc2a62240c1a4aa534ea6aebb5aebd34dccb2dac
ERROR: Incomplete download, or man-in-the-middle (MITM) attack
wget -nd -t 3 --connect-timeout=10 -O '/home/dario/projects/buildroot/output/build/.ufs-utils-7.14.12.tar.gz.HYpqKm/output' 'https://sources.buildroot.net/ufs-utils/ufs-utils-7.14.12.tar.gz'
--2025-08-07 11:07:32--  https://sources.buildroot.net/ufs-utils/ufs-utils-7.14.12.tar.gz
Resolving sources.buildroot.net (sources.buildroot.net)... 2606:4700:20::681a:25, 2606:4700:20::ac43:4838, 2606:4700:20::681a:125, ...
Connecting to sources.buildroot.net (sources.buildroot.net)|2606:4700:20::681a:25|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 79619 (78K) [application/x-gtar-compressed]
Saving to: ‘/home/dario/projects/buildroot/output/build/.ufs-utils-7.14.12.tar.gz.HYpqKm/output’

/home/dario/projects/buildroot/output/b 100%[===================================================================================>]  77.75K  --.-KB/s    in 0.02s

2025-08-07 11:07:33 (4.96 MB/s) - ‘/home/dario/projects/buildroot/output/build/.ufs-utils-7.14.12.tar.gz.HYpqKm/output’ saved [79619/79619]

ufs-utils-7.14.12.tar.gz: OK (sha256: 96cd578722830bc7d8a418d528a3067c0b80ad437f66c3333ebc238fe52436a2)

Looking at:

https://sources.buildroot.net/ufs-utils/ufs-utils-7.14.12.tar.gz

with hash:

sha256  96cd578722830bc7d8a418d528a3067c0b80ad437f66c3333ebc238fe52436a2 ufs-utils-7.14.12.tar.gz

and:

https://github.com/SanDisk-Open-Source/ufs-utils/archive/v7.14.12/ufs-utils-7.14.12.tar.gz

with hash:

sha256  96d15ce4b0990049d812d24afc2a62240c1a4aa534ea6aebb5aebd34dccb2dac ufs-utils-7.14.12.tar.gz

and running diffoscope utility on those two archives, it points to the upstream commit:

https://github.com/SanDisk-Open-Source/ufs-utils/commit/989dcd297223d6896c5892532d14984326fa093d

The file dates are also different inside the tar file.

On Julien’s suggestion, I opened a ticket [1] to highlight the issue and
inform the ufs-utils maintainers about the problem.

[1] https://github.com/SanDisk-Open-Source/ufs-utils/issues/76

Fixes:
https://autobuild.buildroot.org/results/b69/b69472d2eaf27dfcc97c300b96868cab52068ce9
https://autobuild.buildroot.org/results/429/429a28669d98c6f424f33a211eb0ebb48c6f4553
https://autobuild.buildroot.org/results/01b/01b90bd7d78a34ae732191b750efc69f195c78ec
https://autobuild.buildroot.org/results/a09/a097e48314be2f522238880e9ab4529cebeff47b

Co-Developed-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-08-11 11:25:35 +02:00
Edgar Bonet f8a2cb8d41 configs/acmesystems_acqua_a5_*: bump to Linux 6.12.41
Signed-off-by: Edgar Bonet <bonet@grenoble.cnrs.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-08-11 11:23:21 +02:00
Romain Naour 4df243b470 package/gcc: add microblaze fix for GCC bug 121432
This is a temporary fix under discussion [1], but it resolves the
problem, by implementing the same behavior as GCC 14.x for register
allocation on Microblaze.

Tested with qemu_microblazeel_mmu_defconfig and used to generate
Microblaze toolchains for the Bootlin toolchains 2025.08-1 [2].

[1] https://gcc.gnu.org/bugzilla/show_bug.cgi?id=121432#c10
[2] https://github.com/bootlin/buildroot-toolchains/commit/83947c7bb6158072bc2f52b58e90891cd3dc04a2

Signed-off-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-08-11 11:22:25 +02:00
Neal Frager 88d58d8ef8 package/gcc: add microblaze atomic support
This patch adds atomic test and set support for the microblaze arch.  A patch
is required to use atomic test and set with gcc 14 and 15 which has been
submitted upstream.

To test this patch with gcc 14:
$ cat > .config<<EOF
BR2_microblazeel=y
BR2_GCC_VERSION_14_X=y
BR2_TOOLCHAIN_BUILDROOT_CXX=y
BR2_PACKAGE_ACPITOOL=y
EOF
$ make olddefconfig
$ make

To test this patch with gcc 15:
$ cat > .config<<EOF
BR2_microblazeel=y
BR2_GCC_VERSION_15_X=y
BR2_TOOLCHAIN_BUILDROOT_CXX=y
BR2_PACKAGE_ACPITOOL=y
EOF
$ make olddefconfig
$ make

Fixes: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=118280
Upstream: https://patchwork.ozlabs.org/project/gcc/list/?series=466193

Signed-off-by: Neal Frager <neal.frager@amd.com>
Tested-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-08-11 11:22:04 +02:00
Giulio Benetti c38ea1d496 Update Benetti Engineering URLs to new ones
The company name was changed from "benetti-engineering-sas" to "benetti-engineering"
to be agnostic to the company legal form. Update all GitHub and LinkedIn links
accordingly.

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-08-11 11:18:58 +02:00
Thomas Petazzoni 947dbc92a2 toolchain/toolchain-external/toolchain-external-bootlin: update to Bootlin toolchains 2025.08-1
The toolchains have been rebuilt with a recent Buildroot, and are
based on:

- Stable toolchains:
  GCC 14.3
  Binutils 2.43.1
  GDB 15.2
  Linux headers 5.4
  glibc 2.41
  musl 1.2.5
  uclibc-ng 1.0.45

- Bleeding edge toolchains
  GCC 15.1
  Binutils 2.44
  GDB 16.3
  Linux headers 5.15
  glibc 2.41
  musl 1.2.5
  uclibc-ng 1.0.45

The microblaze bleeding-edge toolchains are back, since we integrated
the "atomic issue" fix.

All tests are successful:

  https://gitlab.com/tpetazzoni/buildroot/-/pipelines/1976388296

(note: the test branch had one more commit doing tweaks on the wget
option and re-enabling the backup site for unit tests, which are
needed to avoid intermittent failures of Gitlab CI jobs)

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-08-10 21:58:33 +02:00
Thomas Petazzoni e58b052072 support/scripts/gen-bootlin-toolchains: drop tweak for Microblaze bleeding-edge toolchains
This issue has been fixed in the Bootlin toolchains thanks to the
Microblaze "atomic fix" in GCC.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-08-10 21:58:29 +02:00
Thomas Perale 50cac72f73 package/libapparmor: remove stale reference to patch 0001
The AUTORECONF variable was introduced in commit [1] with reference to
the patches that modified the m4 and Makefile.am files.

The commit [2] removed the last such patch but left the reference to the
patch and the AUTORECONF variable.

Later, commit [3] updated the mirror to the gitlab URL that no longer
bundle a pre-generated `configure` file, making the execution of
AUTORECONF necessary anyway.

This patch removes the obsolete reference to the patch 0001 removed in
[2] to avoid ambiguity with the new patch 0001 introduced in commit [4].

[1] 01a82c1401 package/libapparmor: enable python bindings
[2] 27cd0b5033 package/apparmor: bump to version 3.0.4
[3] 5649202ddc package/libapparmor: bump to version 3.1.7
[4] 2640f5dcd0 package/libapparmor: fix build w/ musl

Signed-off-by: Thomas Perale <thomas.perale@mind.be>
[Peter: add a comment explaining why]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-08-10 20:19:42 +02:00
Thomas Perale 9adc8a0570 package/ghostscript: fix xlib dependency
Since the package bump to v10.05.0 the xlib libraries detection has been
improved to error missing x libraries (see [2]).

The following error is happening on the autobuilder when building
ghostscript with xlib_libX11:

```
checking for XOpenDisplay in -lX11... yes
checking for XdbeQueryExtension in -lXext... yes
checking for XtAppCreateShell in -lXt... no
configure: error: X11 libraries (libX11, libXt, libXext) not available, either install them, or rerun configure with "--without-x"
make: *** [package/pkg-generic.mk:263: /home/buildroot/instance-0/output-1/build/ghostscript-10.05.1/.stamp_configured] Error 1
```

This error can be reproduced with the following config:

```
cat <<EOF >.config
BR2_arm=y
BR2_cortex_a7=y
BR2_TOOLCHAIN_EXTERNAL=y
BR2_TOOLCHAIN_EXTERNAL_BOOTLIN=y
BR2_PACKAGE_XORG7=y
BR2_PACKAGE_XLIB_LIBX11=y
BR2_PACKAGE_GHOSTSCRIPT=y
EOF
make olddefconfig
make
```

This patch fixes the xlib dependencies of the ghostscript package to
correctly build with X support:

- The 'XtAppCreateShell' function is provided by the package
  'xlib_libXt'.
- The 'XdbeQueryExtension' function is provided by the package
  'xlib_libXext'.

They both select the 'xlib_libX11' package.

[1] 9abf662cfd package/ghostscript: security bump to version 10.05.0
[2] https://github.com/ArtifexSoftware/ghostpdl/commit/37eede31e12814fae69744e7842a5640004e5a65

Fixes: https://autobuild.buildroot.org/results/45d/45d0414f341feb2354478b145396fe137f9cc6a6
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Signed-off-by: Romain Naour <romain.naour@smile.fr>
2025-08-10 19:33:05 +02:00
Giulio Benetti b10b7346c9 package/rtl8189es: fix build failure due to missing Linux CONFIG_NET
Since not every defconfig provides it let's enable CONFIG_NET that is
required to build rtl8189es successfully.

Fixes:
https://autobuild.buildroot.org/results/835973d5b71bb085f62c533867746fc3d6b3a8c7

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Romain Naour <romain.naour@smile.fr>
2025-08-10 19:16:24 +02:00
Baruch Siach 681b34ea4d package/daemon: fix build with gcc 15 and musl libc
daemon provides its own getopt() declaration for non-GNU libcs. This
declaration is compatible with musl provided one with C standards before
C23. GCC 15 defaults to C23 that makes the empty params declaration
equivalent to getopt(void), which is incompatible with musl declaration.

Set C standard to gnu99 to restore the previous behaviour.

Fixes:
https://autobuild.buildroot.org/results/cc3311c86e2b14bf9a9c1ea00056e0b290ec11a3

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Romain Naour <romain.naour@smile.fr>
2025-08-10 19:00:54 +02:00
Florian Larysch 0bf9eae25c package/nanocom: fix build with GCC 15
GCC 15 switched to C23 by default, which made "void foo()" equivalent to
"void foo(void)". This causes a build error because init_comm() doesn't
actually take any arguments.

Signed-off-by: Florian Larysch <fl@n621.de>
Signed-off-by: Romain Naour <romain.naour@smile.fr>
2025-08-10 18:52:41 +02:00
Florian Larysch 6db1aeaeef package/nanocom: fix build with GCC 14
GCC 14 made implicit function definitions an error and the forward declaration
for display_state() was using the wrong name, causing a compilation
failure at the call site.

Fixes: https://autobuild.buildroot.org/results/ebf/ebf500c48aaa357aaac3a88d87ef8f5c07cd78b6

Signed-off-by: Florian Larysch <fl@n621.de>
Signed-off-by: Romain Naour <romain.naour@smile.fr>
2025-08-10 18:49:45 +02:00
Benoît Monin 76099d285e package/flatcc: fix cmake 4 compatibility
Add a patch fixing cmake 4 compatibility, found in upstream pull
request #349. The patch has been modified to apply on version 0.6.1
instead of the current upstream HEAD.

Signed-off-by: Benoît Monin <benoit.monin@bootlin.com>
Signed-off-by: Romain Naour <romain.naour@smile.fr>
2025-08-10 18:43:24 +02:00
Benoît Monin 3d774b6c4d package/cjson: fix cmake 4 compatibility
Add a patch fixing cmake 4 compatibility, found in upstream pull
request #935.

Fixes:

  https://autobuild.buildroot.org/results/e7e/e7e427b90718a5fc4985e2718e8b629bba672390

Signed-off-by: Benoît Monin <benoit.monin@bootlin.com>
[Romain: add links to autobuilder failures in commit log]
Signed-off-by: Romain Naour <romain.naour@smile.fr>
2025-08-10 18:40:43 +02:00
Bernd Kuhls 34a3a1ee8b package/nfs-utils: Fix build with glibc-2.42
Add upstream patch to fix build with glibc-2.42.

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Reviewed-by: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Romain Naour <romain.naour@smile.fr>
2025-08-10 17:21:37 +02:00
Thomas Perale 92a244ba8b package/janet: fix build w/ musl
Since the commit [1] the janet package started failing on the
autobuilder when using musl libc:

```
[50/56] Compiling C object libjanet.so.1.35.2.p/meson-generated_.._janet.c.o
FAILED: libjanet.so.1.35.2.p/meson-generated_.._janet.c.o
/workdir/instance-0/output-1/host/bin/armeb-buildroot-linux-musleabi-gcc -Ilibjanet.so.1.35.2.p -I. -I.. -I../src/include -fdiagnostics-color=always -Wall -Winvalid-pch -std=c99 -O3 -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -O1 -g3 -fPIC -pthread -fvisibility=hidden -MD -MQ libjanet.so.1.35.2.p/meson-generated_.._janet.c.o -MF libjanet.so.1.35.2.p/meson-generated_.._janet.c.o.d -o libjanet.so.1.35.2.p/meson-generated_.._janet.c.o -c janet.c
src/core/util.c: In function 'janet_strerror':
src/core/util.c:977:12: error: returning 'int' from a function with return type 'const char *' makes pointer from integer without a cast [-Wint-conversion]
[51/56] Compiling C object janet-native.p/meson-generated_.._janet.c.o
```

The commit [2] introduced the issue in v1.35.0, the `strerror` function
has different definition on glibc compared to musl. This issue has been
addressed in commit [3]. This patch add the upstream commit [3].

[1] 31212c4c58 package/janet: bump to version 1.35.2
[2] https://github.com/janet-lang/janet/commit/8334504f4e5aa253502a45db3eeb4db265490b4e
[3] https://github.com/janet-lang/janet/commit/a5d6b2283834422a9fa9e79b5c7ad9b932b52568

Fixes: https://autobuild.buildroot.org/results/ff1/ff1d6063c1a79d17cfa9910cca824e704a4a0c67/build-end.log
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Signed-off-by: Romain Naour <romain.naour@smile.fr>
2025-08-10 17:17:05 +02:00
Peter Seiderer afe0075c6e package/iwd: add iwctl readline dependency hint in help text
Add iwctl readline dependency hint in help text.

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-08-10 16:25:20 +02:00
Peter Seiderer 7cfb33987a package/iwd: add optional iwmon support
- add option for iwmon support
- enable linux kernel CONFIG_NLMON option needed for iwmon

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-08-10 16:25:18 +02:00
Thomas Huth b7f7bd44f9 DEVELOPERS: Update email address of Thomas Huth
Since tuxfamily.org is slowly fading away, update my mail address
to something that is more future-proof.

Signed-off-by: Thomas Huth <huth@tuxfamily.org>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-08-10 16:06:57 +02:00
Thomas Petazzoni 99df6586c5 package/gcc: 2024.12 ARC gcc is in fact based on GCC 14.x
Contrary to what was done in
8ef2ba2ec3 ("package/{gcc, binutils,
gdb}: update ARC version to 2024.12"), the ARC gcc version 2024.12 is
in fact based on GCC 14.2. This can be verified at:

  https://github.com/foss-for-synopsys-dwc-arc-processors/toolchain/releases/tag/arc-2024.12-release

Which states "GCC 14.2 with ARC patches".

Fixes: 8ef2ba2ec3 ("package/{gcc, binutils, gdb}: update ARC version to 2024.12")
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Romain Naour <romain.naour@smile.fr>
2025-08-10 16:03:11 +02:00
Thomas Perale ec12da7384 package/libzenoh-pico: fix build w/ RUNTIME_DEBUG
On the autobuilder the following build error would appear for the
libzenoh-pico package when the option BR2_ENABLE_RUNTIME_DEBUG is
enabled:

```
[  1%] Building C object CMakeFiles/zenohpico_shared.dir/src/api/encoding.c.o
In function '_z_encoding_convert_into_string',
    inlined from 'z_encoding_to_string' at /workdir/instance-0/output-1/build/libzenoh-pico-1.2.1/src/api/encoding.c:261:5:
/workdir/instance-0/output-1/build/libzenoh-pico-1.2.1/src/api/encoding.c:203:15: error: 'strncat' output truncated before terminating nul copying 1 byte from a string of the same length [-Werror=stringop-truncation]
  203 |         (void)strncat(value, &sep, 1);
      |               ^~~~~~~~~~~~~~~~~~~~~~~
cc1: all warnings being treated as errors
```

This error can be reproduced with:

```
cat >.config <<EOF
BR2_aarch64=y
BR2_TOOLCHAIN_EXTERNAL=y
BR2_TOOLCHAIN_EXTERNAL_BOOTLIN=y
BR2_PACKAGE_LIBZENOH_PICO=y
BR2_ENABLE_RUNTIME_DEBUG=y
EOF
make olddefconfig
make libzenoh-pico
```

This patch include the upstream commit [1] that fixes this issue.

[1] https://github.com/eclipse-zenoh/zenoh-pico/commit/60e635cbb1dc6be8eda559a913d4689845f0d62e

Fixes: https://autobuild.buildroot.org/results/0c4/0c4644b17646d3ec482f0a4cf02d6fde19db2c99
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Signed-off-by: Romain Naour <romain.naour@smile.fr>
2025-08-10 00:10:14 +02:00
Thomas Perale 38107ec40c package/cpuinfo: add thread requirement comment
When the package was introduced in [1], it lacked a kconfig comment
indicating that it requires a toolchain with thread support.

[1] ea1cc1af55 package/cpuinfo: new package

Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Signed-off-by: Romain Naour <romain.naour@smile.fr>
2025-08-09 23:54:57 +02:00
Thomas Perale 627af87bda package/pthreadpool: fix thread dependency
On autobuilder config with BR2_TOOLCHAIN_HAS_THREADS not set the
following error happens when building the pthreadpool package:

```
-- Looking for pthread_create in pthreads
-- Looking for pthread_create in pthreads - not found
-- Looking for pthread_create in pthread
-- Looking for pthread_create in pthread - not found
-- Check if compiler accepts -pthread
-- Check if compiler accepts -pthread - no
CMake Error at /home/buildroot/instance-0/output-1/host/share/cmake-3.31/Modules/FindPackageHandleStandardArgs.cmake:233 (message):
  Could NOT find Threads (missing: Threads_FOUND)
Call Stack (most recent call first):
  /home/buildroot/instance-0/output-1/host/share/cmake-3.31/Modules/FindPackageHandleStandardArgs.cmake:603 (_FPHSA_FAILURE_MESSAGE)
  /home/buildroot/instance-0/output-1/host/share/cmake-3.31/Modules/FindThreads.cmake:226 (FIND_PACKAGE_HANDLE_STANDARD_ARGS)
  CMakeLists.txt:143 (FIND_PACKAGE)

-- Configuring incomplete, errors occurred!
```

This can be reproduced with:

```
cat >.config <<EOF
BR2_armeb=y
BR2_TOOLCHAIN_BUILDROOT_UCLIBC=y
BR2_PTHREADS_NONE=y
BR2_PACKAGE_PTHREADPOOL=y
EOF
make olddefconfig
make pthreadpool
```

Since the introduction of this package in [1], the dependency was not
included. Since this package was part of the tensorflow-lite
dependencies that required thread it was not an issue.

This patch adds BR2_TOOLCHAIN_HAS_THREADS in the dependency to avoid
errors when built as a standalone package.

[1] f2486a6cf9 package/pthreadpool: new package

Fixes: https://autobuild.buildroot.org/results/35a/35aa100d72c6875350ad10c57f028f04052cbf79
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Signed-off-by: Romain Naour <romain.naour@smile.fr>
2025-08-09 23:54:53 +02:00
Thomas Bonnefille 53d2ef7ec6 package/ngrep: fix implicit function declaration (GCC14)
Using toolchains based on GCC14 (and newer), now turns this warning
into a systematic error (see [1]).

The build failure can be reproduced with this minimal defconfig:

BR2_x86_64=y
BR2_x86_atom=y
BR2_TOOLCHAIN_EXTERNAL=y
BR2_TOOLCHAIN_EXTERNAL_BOOTLIN=y
BR2_PACKAGE_NGREP=y
BR2_PACKAGE_LIBNET=y

[1] https://gcc.gnu.org/gcc-14/porting_to.html

Fixes: https://autobuild.buildroot.org/results/20b/20b924c5c96b3f43e381d87e59fb160ba8d3dcd0//

Signed-off-by: Thomas Bonnefille <thomas.bonnefille@bootlin.com>
[Romain:
  - add a defconfig to reproduce the issue
  - add the minimal gcc version to reproduce the issue
]
Signed-off-by: Romain Naour <romain.naour@smile.fr>
2025-08-09 23:39:49 +02:00
Thomas Perale a00151af54 package/snooze: fix build w/ uclibc
The following error occur on the autobuilder for static build using
buildroot toolchain and uclibc:

```
/usr/bin/make -j17 -C /home/buildroot/instance-0/output-1/build/snooze-0.5/ PREFIX=/usr CC=/home/buildroot/instance-0/output-1/host/bin/arc-buildroot-linux-uclibc-gcc CFLAGS="-D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64  -Os -g0  -static  -static"
make[1]: Entering directory '/home/buildroot/instance-0/output-1/build/snooze-0.5'
/home/buildroot/instance-0/output-1/host/bin/arc-buildroot-linux-uclibc-gcc -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64  -Os -g0  -static  -static    snooze.c   -o snooze
snooze.c:22:10: fatal error: sys/auxv.h: No such file or directory
   22 | #include <sys/auxv.h>
      |          ^~~~~~~~~~~~
compilation terminated.
make[1]: *** [<builtin>: snooze] Error 1
```

This error can be reproduced with:

```
cat >.config <<EOF
BR2_arm=y
BR2_cortex_a7=y
BR2_TOOLCHAIN_BUILDROOT_UCLIBC=y
BR2_STATIC_LIBS=y
BR2_PACKAGE_SNOOZE=y
EOF
make olddefconfig
make snooze
```

The error doesn't occur on external toolchains.

The `#include <sys/auxv.h>` was orinally included in the initial commit
(see [1]) to use the `getauxval` function declaration. This function
usage has since been removed in commit [2].

This patch removes the include that is no longer needed.

[1] https://github.com/leahneukirchen/snooze/commit/56480881978a4cb5813746232de9950d46cb3369
[2] https://github.com/leahneukirchen/snooze/commit/610e6b35ec614764770d47b5974b30fd90dce6fe

Fixes: https://autobuild.buildroot.org/results/aec/aec463f87094a47ee059113f08e8ee3604dcea9b
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Reviewed-by: J. Neuschäfer <j.ne@posteo.net>
Signed-off-by: Romain Naour <romain.naour@smile.fr>
2025-08-09 23:06:32 +02:00
Thomas Perale 064f7592d3 package/tini: fix build w/ musl
When building tini with musl libc, the following error occurs dur to
missing declaration of 'basename':

```
/home/buildroot/instance-0/output-1/build/tini-0.19.0/src/tini.c: In function 'print_usage':
/home/buildroot/instance-0/output-1/build/tini-0.19.0/src/tini.c:227:36: error: implicit declaration of function 'basename' [-Wimplicit-function-declaration]
  227 |         fprintf(file, "%s (%s)\n", basename(name), TINI_VERSION_STRING);
      |                                    ^~~~~~~~
make: *** [package/pkg-generic.mk:273: /home/buildroot/instance-0/output-1/build/tini-0.19.0/.stamp_built] Error 1
make: Leaving directory '/home/buildroot/instance-0/buildroot'
```

This error can be reproduced with:

```
cat >.config <<EOF
BR2_aarch64=y
BR2_TOOLCHAIN_EXTERNAL=y
BR2_TOOLCHAIN_EXTERNAL_BOOTLIN=y
BR2_TOOLCHAIN_EXTERNAL_BOOTLIN_AARCH64_MUSL_BLEEDING_EDGE=y
BR2_PACKAGE_TINI=y
EOF
make olddefconfig
make tini
```

This patch adds the upstream commit [1], that fixes this issue by
including `libgen.h`.

[1] https://github.com/krallin/tini/commit/924c4bd6028457188942ecbfdc75e6a343fa9395

Fixes: https://autobuild.buildroot.org/results/f0d/f0d10cd25f3b0e2a4af7266f7417b339ea5d242a
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Signed-off-by: Romain Naour <romain.naour@smile.fr>
2025-08-09 22:51:29 +02:00
Alexis Lothoré 0ae37b712f package/php-pecl-dbus: fix build with PHP8
The php-pecl-dbus encouters two build issues in both buildroot 2025.02.x
and master branch, both related to PHP8 and GCC14:

/home/alexis/src/buildroot/php/build/php-pecl-dbus-b147624d480c3353e6c700e9a2d0c6f14d853941/dbus.c:465:56:
error: assignment to ‘zend_object_get_properties_t’ {aka ‘struct
_zend_array * (*)(struct _zend_object *)’} from incompatible pointer
type ‘HashTable * (*)(zval *)’ {aka ‘struct _zend_array * (*)(struct
_zval_str
uct *)’} [-Wincompatible-pointer-types]
  465 |         dbus_object_handlers_dbus_array.get_properties =
dbus_array_get_properties;
      |                                                        ^
[...]

The build failure can be reproduced with this minimal defconfig:

BR2_arm=y
BR2_cortex_a9=y
BR2_ARM_ENABLE_NEON=y
BR2_ARM_ENABLE_VFP=y
BR2_ARM_FPU_NEON=y
BR2_TOOLCHAIN_EXTERNAL=y
BR2_TOOLCHAIN_EXTERNAL_BOOTLIN=y
BR2_PACKAGE_PHP=y
BR2_PACKAGE_PHP_PECL_DBUS=y

This build failure is the result of two events/conditions:
- the update to PHP8 has changed the prototype for
  zend_object_read_property_t and zend_hash_get_current_key(see [1]).
  But at this time, php-dbus just generated a new warning
  (-Wincompatible-pointer-types)
- using bootlin bleeding-edge toolchain brings in GCC14, which now turns
  this warning into a systematic error (see [2])

Bring the relevant patches to fix this build.

The first patch comes from an already opened PR on the upstream source.
The second patch has been written during the build failure
investigation, and has been sent upstream as well.

Fixes: https://autobuild.buildroot.net/results/e9892bbefa781b403fd3d834b6c48527c8e078ba
Signed-off-by: Alexis Lothoré <alexis.lothore@bootlin.com>
Signed-off-by: Romain Naour <romain.naour@smile.fr>
2025-08-09 22:16:05 +02:00
Florian Larysch 432cf9be9f package/go: make pre-built compiler provide target support too
All Go packages must depend on BR2_PACKAGE_HOST_GO_TARGET_ARCH_SUPPORTS,
which ensures that we do have a Go compiler available for that target.

BR2_PACKAGE_HOST_GO_TARGET_ARCH_SUPPORTS is currently restricted to the
availability of a full host Go compiler bootstrap. However, there are
architectures like AArch64 for which a full bootstrap is not supported.

Thus, currently, on an AArch64 host, we can't build Go packages (for
target or host), because we can't bootstrap a Go compiler.

However, note that a single Go compiler can generate code for all the
architectures supported by Go and for some host architectures, there are
pre-built toolchains available. When host-go-bin was added in commit
7b2a164b74 ("package/go/go-bin: new host-go provider"), the host
dependency was properly accounted for: It is already possible to build
host-go packages with go-bin. However, the fact that a Go compiler, in
addition to its native target, can also generate code for all supported
architectures, was missed at the time.

Thus, we can fix this problem by relaxing the condition under which
BR2_PACKAGE_HOST_GO_TARGET_ARCH_SUPPORTS is set to allowing go-bin
along with go-bootstrap. This allows a situation where the host can't
bootstrap, but for which there is a pre-built toolchain to build Go
packages for a supported target.

Signed-off-by: Florian Larysch <fl@n621.de>
Cc: Yann E. MORIN <yann.morin@orange.com>
Cc: Romain Naour <romain.naour@smile.fr>
Reviewed-by: Yann E. MORIN <yann.morin@orange.com>
Signed-off-by: Romain Naour <romain.naour@smile.fr>
2025-08-09 19:22:43 +02:00
El Mehdi YOUNES cbe67e4b11 package/llvm-project: fix gcc-install-dir in clang
The previous method used to determine the --gcc-install-dir relied on
'ls' over the gcc installation path, which was fragile and failed in
cases where the external toolchain contained multiple gcc versions or
paths [1].

We replace it a more reliable approach using:
$(TARGET_CC) -print-search-dirs

This helps setup to register the desired GCC architecture if a
given toolchain packages includes multiple GCC architecture
installations. Which isn't possible using the actual method using 'ls'.

For example from James's report:

    └── /opt/container/my-toolchain-2025.01.01.12345/lib/gcc/
        ├── aarch64-example-linux-gnu/
        │   └── ...
        ├── i686-example-linux-gnu/
        │   └── ...
        └── x86_64-example-linux-gnu/
            └── ...

Thanks to Romain Naour for suggesting this improved method.

[1] https://lore.kernel.org/buildroot/d1c773dc-8346-4077-946a-0d3b4e30a6c8@smile.fr/T/#t

Reported by: James Knight <git@jdknight.me>
Signed-off-by: El Mehdi YOUNES <elmehdi.younes@smile.fr>
Tested-by: James Knight <jdknight@jdknight.me>
Tested-by: James Knight <git@jdknight.me>
Signed-off-by: Romain Naour <romain.naour@smile.fr>
2025-08-09 19:15:25 +02:00
Yann E. MORIN 117ccb6cc4 Makefile: silence list-defconfigs for br2-external with no defconfig
When a br2-external tree has no defconfig, list-defconfig currently
whines with an error from find:

    find: ‘[...]/my-external/configs’: No such file or directory

Fix that by only running find if the directory exists.

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-08-09 18:52:39 +02:00
Yann E. MORIN 161d7ded43 Makefile: fix list-defconfigs for br2-external with weird descriptions
When a br2-external tree description contains an odd number of single
quotes, list-defconfigs will fail with a shell error message:

    /bin/sh: -c: line 1: unexpected EOF while looking for matching `"'
    make[1]: *** [Makefile:1243: list-defconfigs] Error 2

Whoever wrote that code will have to write this sentence 100 times
on the blackboard:

     Never, ever pass user-provided data in a printf format.

(see commit 49117c1028 (core: support description for br2-external
trees); dang, I knew it... And I should have known better when I wrote
that code, damit...)

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-08-09 18:51:54 +02:00
Maxime Leroy faa97af62a package/grout: bump to 0.11.0 version
See the release note of the new version:
https://github.com/DPDK/grout/releases/tag/v0.11.0

Signed-off-by: Maxime Leroy <maxime@leroys.fr>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-08-09 18:38:08 +02:00
Maxime Leroy 37b35546eb package/grout: add kernel TUN dependency
Grout automatically creates a TUN interface at runtime, so the target
kernel must have CONFIG_TUN enabled.  Add a fix-up to ensure that option
is selected.

Signed-off-by: Maxime Leroy <maxime@leroys.fr>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-08-09 18:38:08 +02:00
Jiaxun Yang bc28c3df6f arch/loongarch: Mark lp64f and lp64s as broken
Toolchain failed to bootstrap with LP64F and LP64S ABIs.

As reported by Julien in [1]:

Testing the "lp64f" ABI with commands:

     cat >.config <<EOF
     BR2_loongarch64=y
     BR2_LOONGARCH_FPU_32=y
     BR2_LINUX_KERNEL=y
     BR2_LINUX_KERNEL_USE_ARCH_DEFAULT_CONFIG=y
     BR2_LINUX_KERNEL_NEEDS_HOST_OPENSSL=y
     BR2_LINUX_KERNEL_NEEDS_HOST_LIBELF=y
     BR2_TARGET_ROOTFS_EXT2=y
     # BR2_TARGET_ROOTFS_TAR is not set
     EOF
     make olddefconfig
     make

fails in host-gcc-initial with output:

     Assembler messages:
     /tmp/ccEkwSsD.s:28: Error: register save offset not a multiple of 8
     /tmp/ccEkwSsD.s:30: Error: register save offset not a multiple of 8
     /tmp/ccEkwSsD.s:50: Error: register save offset not a multiple of 8

See also autobuilder failures such as [2].

Testing the "lp46s" ABI with commands:

     cat >.config <<EOF
     BR2_loongarch64=y
     BR2_LOONGARCH_FPU_NONE=y
     BR2_LINUX_KERNEL=y
     BR2_LINUX_KERNEL_USE_ARCH_DEFAULT_CONFIG=y
     BR2_LINUX_KERNEL_NEEDS_HOST_OPENSSL=y
     BR2_LINUX_KERNEL_NEEDS_HOST_LIBELF=y
     BR2_TARGET_ROOTFS_EXT2=y
     # BR2_TARGET_ROOTFS_TAR is not set
     EOF
     make olddefconfig
     make

fails in host-gcc-final with output:

     /buildroot/output/host/loongarch64-buildroot-linux-gnusf/bin/ld: cannot find crti.o: No such file or directory
     /buildroot/output/host/loongarch64-buildroot-linux-gnusf/bin/ld: cannot find -lc: No such file or directory
     /buildroot/output/host/loongarch64-buildroot-linux-gnusf/bin/ld: cannot find crtn.o: No such file or directory

See also autobuilder failures with as [3].

This commit marks those ABIs as broken at the moment to allow time
for investigation. Also, since gcc defaults to the "lp64d" ABI which
requires a 64bit FPU is present, the BR2_LOONGARCH_FPU_32 and
BR2_LOONGARCH_FPU_NONE options also needs to be marked as broken
as well. See [4].

[1] https://lore.kernel.org/buildroot/e17da108d1fb4e6abda26445dc053b35@free.fr/
[2] https://autobuild.buildroot.org/results/f98570293823867e6c43a1672e1a4b43ca1e4be5
[3] https://autobuild.buildroot.org/results/cf56c37fabcae964dbf4f96eb43a7e4d964452b6
[4] https://lore.kernel.org/buildroot/7b0f1cb629fce8a57d9b644b8beb8b2a@free.fr/

Cc: Mingcong Bai <jeffbai@aosc.io>
Cc: Xi Ruoyao <xry111@xry111.site>
Signed-off-by: Jiaxun Yang <jiaxun.yang@flygoat.com>
[Julien:
 - add link to mailing list discussion
 - add configuration to reproduce issues to help future investigations
 - add links to autobuilder failures in commit log
 - mark BR2_LOONGARCH_FPU_{32,NONE} as broken
]
Reviewed-by: Jiaxun Yang <jiaxun.yang@flygoat.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-08-09 18:22:21 +02:00
Peter Seiderer 67c91e85b7 package/brcmfmac_sdio-firmware-rpi: bump version to 6596d33
Changelog:

  - 4eec7f2 Sync with RPiOS 1.2-9+rpt3 bluez/1:20230625-2+rpt3 brcm80211 versions
  - 4c1789e Merge pull request #25 from HiassofT/fw-2024-08
  - e59476f Sync with 1:20240709-2~bpo12+1+rpt3

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Tested-by: Fiona Klute (WIWA) <fiona.klute@gmx.de>
[Fiona: tested on CM4 (upstream kernel 6.16, as AP) and Zero 2W
        (upstream kernel 6.16 as client, RPi kernel 6.12.41 as AP)]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-08-09 17:47:28 +02:00
Peter Seiderer 53c0b8c2f2 package/rpi-firmware: bump version to 95be71b
Version 95be71b matches with kernel 6.12.41.

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Tested-by: Fiona Klute (WIWA) <fiona.klute@gmx.de>
[Fiona: tested on CM4 and Zero 2W, with the RPi bootloader
        booting into U-Boot]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-08-09 17:47:28 +02:00
Peter Seiderer 04c7bede2b configs/raspberrypi*: bump kernel version to ac69f09 (6.12.41)
Now based on 6.12.41 (from 6.12.20)

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-08-09 17:47:28 +02:00
Peter Korsgaard 7e5a3c9845 package/libopenssl: bump version to 3.5.2
Bugfix release:

- Miscellaneous minor bug fixes.

- The FIPS provider now performs a PCT on key import for RSA, EC and ECX.
  This is mandated by FIPS 140-3 IG 10.3.A additional comment 1.

https://github.com/openssl/openssl/releases/tag/openssl-3.5.2

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-08-09 17:02:48 +02:00
Andreas Ziegler 866d89dfeb package/mpd: update to version 0.24.5
Version 0.24.5 change log:

* database
  - fix disappearing playlist files
* decoder
  - ffmpeg: handle "*.aif" files
  - mpg123: add option "full_scan"
  - mpg123: support seeking on remote files
  - mpg123: work around libmpg123 ID3 corruption bug
  - sidplay: add support for PSID files
* output
  - pipewire: fix resuming playback after it was paused by "single" mode
* Windows
  - fix libfmt error "what(): invalid utf8"

Tested-by: Andreas Ziegler <br015@umbiko.net>
Signed-off-by: Andreas Ziegler <br015@umbiko.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-08-09 16:08:51 +02:00
Romain Naour ab470fbc8e linux: add missing hash for linux 6.1.147
When building a toolchain with kernel headers 6.1.x, the build fail
due to missing hash for linux-6.1.147.tar.xz

The hash was removed by mistake when bumping kernel 6.{6, 12, 15}.x
series.

Fixes: 51b27bad91

Cc: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-08-09 16:01:51 +02:00
Thomas Perale 2640f5dcd0 package/libapparmor: fix build w/ musl
When building the libapparmor package with musl the following error
would appear:

```
test_multi.c: In function 'main':
test_multi.c:27:30: error: implicit declaration of function 'basename' [-Wimplicit-function-declaration]
   27 |         printf("File: %s\n", basename(argv[1]));
      |                              ^~~~~~~~
test_multi.c:27:24: warning: format '%s' expects argument of type 'char *', but argument 2 has type 'int' [-Wformat=]
   27 |         printf("File: %s\n", basename(argv[1]));
      |                       ~^     ~~~~~~~~~~~~~~~~~
      |                        |     |
      |                        |     int
      |                        char *
      |                       %d
make[3]: *** [Makefile:466: test_multi_multi-test_multi.o] Error 1
```

This error can be reproduced with the following:

```
cat >.config <<EOF
BR2_aarch64=y
BR2_TOOLCHAIN_EXTERNAL=y
BR2_TOOLCHAIN_EXTERNAL_BOOTLIN=y
BR2_TOOLCHAIN_EXTERNAL_BOOTLIN_AARCH64_MUSL_BLEEDING_EDGE=y
BR2_PACKAGE_LIBAPPARMOR=y
EOF
make olddefconfig
make libapparmor
```

On musl libc the function `basename` is provided by included libgen.h.
This error has been addressed upstream in [1] by re-defining the
function `basename`.

[1] https://gitlab.com/apparmor/apparmor/-/commit/7fb040bde69ebdfce48cf1a01c1a62fd4f8eef0a

Signed-off-by: Thomas Perale <thomas.perale@mind.be>
[Peter: drop unrelated AUTORECONF change]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-08-08 16:42:52 +02:00
Thomas Perale 3db725d71d package/tiff: add patch to fix CVE-2025-8177
Fix the following vulnerability:

- CVE-2025-8177

    A vulnerability was found in LibTIFF up to 4.7.0. It has been rated as
    critical. This issue affects the function setrow of the file
    tools/thumbnail.c. The manipulation leads to buffer overflow. An
    attack has to be approached locally. The patch is named
    e8c9d6c616b19438695fd829e58ae4fde5bfbc22. It is recommended to apply a
    patch to fix this issue. This vulnerability only affects products that
    are no longer supported by the maintainer.

For more information, see:
  - https://www.cve.org/CVERecord?id=CVE-2025-8177
  - https://gitlab.com/libtiff/libtiff/-/merge_requests/737

Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-08-08 16:36:20 +02:00
Thomas Perale b3974df966 package/tiff: add patches to fix CVE-2025-8176
Fix the following vulnerability:

- CVE-2025-8176

    A vulnerability was found in LibTIFF up to 4.7.0. It has been declared
    as critical. This vulnerability affects the function get_histogram of
    the file tools/tiffmedian.c. The manipulation leads to use after free.
    The attack needs to be approached locally. The exploit has been
    disclosed to the public and may be used. The patch is identified as
    fe10872e53efba9cc36c66ac4ab3b41a839d5172. It is recommended to apply a
    patch to fix this issue.

For more information, see:
  - https://www.cve.org/CVERecord?id=CVE-2025-8176
  - https://gitlab.com/libtiff/libtiff/-/merge_requests/727

Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-08-08 16:36:04 +02:00
Peter Korsgaard c897f16a98 support/testing: test_gstreamer1: raise tesseract-ocr timeout to 15s
On my laptop (i5-8365U), running cross-tesseract-ocr in QEMU takes
longer than the default timeout (5s), causing the test to fail:

 # time tesseract frame10.png output
 Error in pixReadMemTiff: function not present
 Error in pixReadMem: tiff: no pix returned
 Error in pixaGenerateFontFromString: pix not made
 Error in bmfCreate: font pixa not made
 Estimating resolution as 157
 real    0m 8.17s
 user    0m 5.36s
 sys     0m 2.79s

So extend the assertRunOk() timeout with ~2x that similar to how it is done
for the gst-launch-1.0 pipeline.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-08-08 00:37:41 +02:00
Neal Frager bd5faa8a24 package/qemu: correct help menu spelling error
This patch corrects the spelling of 'Xilinx' in the help menu for the
qemu package.

Signed-off-by: Neal Frager <neal.frager@amd.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-08-08 00:34:32 +02:00
Thomas Petazzoni 5edce69188 configs/qemu_sh4*: switch back to disk emulation
Back in commit
44a6b7866c ("configs/qemu_sh4*: switch
to initramfs"), the Qemu SuperH defconfigs were switched to initramfs
due to a bug in the Qemu disk emulation.

However, the initramfs solution has an issue: if the initramfs is
slightly too large (like just 6 MB!), the system no longer boots.

Since the disk emulation problem has apparently been resolved in Qemu
10 (according to testing), let's switch back to this.

In addition to essentially reverting
44a6b7866c, we also need to adjust the
kernel configuration so that the kernel takes its command line for the
bootloader (in our case from the Qemu -append option). Otherwise an
hardcoded command line is used, which doesn't mount /dev/sda as the
root filesystem.

This update has been tested on Gitlab CI:

  https://gitlab.com/tpetazzoni/buildroot/-/pipelines/1968267919

Thanks to Romain Naour for pointing to the initramfs size as being the
issue.

Cc: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-08-08 00:32:15 +02:00
Thomas Perale 0e450a0b08 package/libhtp: security bump to v0.5.51
For more information on the release, see:
 - https://github.com/OISF/libhtp/releases/tag/0.5.51
 - https://github.com/OISF/libhtp/releases/tag/0.5.50
 - https://github.com/OISF/libhtp/compare/0.5.49...0.5.51

This fixes the following vulnerability:

- CVE-2025-53537

    LibHTP is a security-aware parser for the HTTP protocol and its
    related bits and pieces. In versions 0.5.50 and below, there is a
    traffic-induced memory leak that can starve the process of memory,
    leading to loss of visibility. To workaround this issue, set
    `suricata.yaml app-layer.protocols.http.libhtp.default-config.lzma-
    enabled` to false. This issue is fixed in version 0.5.51.

For more information, see:
  - https://www.cve.org/CVERecord?id=CVE-2025-53537
  - https://github.com/OISF/libhtp/security/advisories/GHSA-v3qq-h8mh-vph7

Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-08-08 00:26:50 +02:00
Peter Korsgaard 681575c73c package/python3: add upstream post-3.13.5 security fix for CVE-2025-8194
Fixes the following vulnerability:

CVE-2025-8194: There is a defect in the CPython “tarfile” module affecting
the “TarFile” extraction and entry enumeration APIs.  The tar implementation
would process tar archives with negative offsets without error, resulting in
an infinite loop and deadlock during the parsing of maliciously crafted tar
archives.

https://nvd.nist.gov/vuln/detail/CVE-2025-8194
https://www.openwall.com/lists/oss-security/2025/07/28/1

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-08-08 00:11:18 +02:00
Peter Korsgaard 16d4159d44 package/gnutls: security bump to version 3.8.10
Fixes the following security issues:

GNUTLS-SA-2025-07-08-1 CVE-2025-32989
Severity Medium; Heap read buffer overflow

When an X.509 certificate contains an SCT (signed certificate timestamp)
extension and its length field is malformed, the library could read the memory
buffer past the boundary. The issue was reported in the issue tracker as
<https://gitlab.com/gnutls/gnutls/-/issues/1695>.

------------------------------------------------------------------------------

GNUTLS-SA-2025-07-08-2 CVE-2025-32988
Severity Low; Memory corruption on error path

When any error occurs during exporting a certificate with an otherName in the
SAN (subject alternative name) extension, the library could potentially double
free the ASN.1 structure. The issue was reported in the issue tracker as
<https://gitlab.com/gnutls/gnutls/-/issues/1694>.

------------------------------------------------------------------------------

GNUTLS-SA-2025-07-08-3 CVE-2025-32990
Severity Low; Heap write buffer overflow

When the certtool program is invoked with a template file with a number of
string pairs for a single keyword, a NULL pointer could be written past the
memory boundary. The issue was reported in the issue tracker as
<https://gitlab.com/gnutls/gnutls/-/issues/1696>.

------------------------------------------------------------------------------

GNUTLS-SA-2025-07-08-4 CVE-2025-6395
Severity Medium; Denial of service

When a TLS 1.3 handshake involves a Hello Retry Request and the second
Client Hello omits the PSK which was present in the first Client Hello,
the GnuTLS server can dereference a NULL pointer. The issue was reported
in the issue tracker as <https://gitlab.com/gnutls/gnutls/-/issues/1718>.

https://lists.gnupg.org/pipermail/gnutls-help/2025-July/004883.html

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-08-08 00:03:52 +02:00
Peter Korsgaard feaf53585a package/glibc: security bump to version 2.41-70
Fixes the following security issues:

- CVE-2025-5702: power10: strcmp fails to save and restore nonvolatile
  vector registers
  https://sourceware.org/cgit/glibc/tree/advisories/GLIBC-SA-2025-0003

- CVE-2025-5745: power10: strncmp fails to save and restore nonvolatile
  vector registers
  https://sourceware.org/cgit/glibc/tree/advisories/GLIBC-SA-2025-0004

Note: CVE-2025-5702 and CVE-2025-5745 are specific to the Power 10
hardware architecture, which is not supported in Buildroot at the time
of this commit. The highest target CPU supported in Buildroot is
Power 9. See the file `arch/Config.in.powerpc`.

- CVE-2025-8058: posix: Fix double-free after allocation failure in regcomp
  https://sourceware.org/cgit/glibc/tree/advisories/GLIBC-SA-2025-0005

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
[Julien: add the note about power10 in commit log]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-08-07 23:42:23 +02:00
Thomas Petazzoni 8ef2ba2ec3 package/{gcc, binutils, gdb}: update ARC version to 2024.12
This commit updates the ARC toolchain components to the 2024.12
release, keeping the same patches.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-08-07 23:00:42 +02:00
Thomas Petazzoni bd05f6bd1f package/gdb: allow selecting upstream releases on ARC
package/binutils and package/gcc both allow to use upstream versions
on ARC, but package/gdb allows using only the ARC version. Adjust the
packaging to align package/gdb with package/binutils and package/gcc,
so that upstream versions of gdb can be built for ARC.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-08-07 23:00:41 +02:00
Peter Korsgaard 84a3a8f39a package/libgpiod2: bump version to 2.2.2
Bugfix release. From NEWS:

- don't implicitly unquote unnamed lines in gpioinfo
- remove useless variable in reconfigure example
- don't let struct line_config balloon out of control and trigger an OOM
- drop python3-config check from configure.ac

https://git.kernel.org/pub/scm/libs/libgpiod/libgpiod.git/commit/?id=759d831aa8846a5d007cac250f78d74a514e1ec9

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Acked-by: Boerge Struempfel <boerge.struempfel@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-08-07 16:02:54 +02:00
Fabien Lehoussel 4b15707056 utils/generate-cyclonedx: sort dependencies
The SBOM is easier to read if the dependencies are sorted alphabetically.

Signed-off-by: Fabien Lehoussel <fabien.lehoussel@smile.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-08-07 16:02:03 +02:00
Dario Binacchi 1c7948af33 package/uuu: bump to version 1.5.219
Release notes:
https://github.com/nxp-imx/mfgtools/releases/tag/uuu_1.5.218
https://github.com/nxp-imx/mfgtools/releases/tag/uuu_1.5.219

This commit also removes the package patch included in this
new release.

Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
[Julien: remove the package patch included in this new release]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-08-07 03:02:51 +02:00
Angelo Compagnucci 945f4acbff package/htpdate: bump to version 2.0.0
Changelog:
https://github.com/twekkel/htpdate/releases/tag/v2.0.0

LICENSE file hash changed because of the copyright year update.

Signed-off-by: Angelo Compagnucci <angelo.compagnucci@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-08-06 21:59:19 +02:00
Thomas Perale a008f3e7cb package/flatcc: add CPE identifier
The cpe:2.3:a:flatcc_project:flatcc:*:*:*:*:*:*:*:*
valid for this package.

See https://nvd.nist.gov/products/cpe/detail/AA7FC7B6-537C-4735-B615-689D3A91C994

Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-08-06 21:51:26 +02:00
Fabien Lehoussel 9cbbc47762 utils/generate-cyclonedx: add project name and version options
Add options to customize the project name and version in the generated SBOM
metadata and set buildroot generate-cyclonedx as a tool in the metadata
section.

Signed-off-by: Fabien Lehoussel <fabien.lehoussel@smile.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-08-06 16:56:12 +02:00
Fabien Lehoussel 6098cc45d6 utils/generate-cyclonedx: move metadata section to top level
This makes it more readable and easier to quickly identify basic information.

Signed-off-by: Fabien Lehoussel <fabien.lehoussel@smile.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-08-06 16:38:26 +02:00
Aaron Sierra 2982fac48e package/xinetd: fix build with musl
The ecvt(), fcvt(), and gcvt() functions from stdlib.h, used by the SIO
library packaged with the xinetd sources, are masked by _GNU_SOURCE in
musl libc.

Signed-off-by: Aaron Sierra <aaron@bubbl-tek.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-08-06 15:18:54 +02:00
Julien Olivain 1375aabf74 package/fwts: bump to version 25.07.00
See release announce:
https://lists.ubuntu.com/archives/fwts-devel/2025-July/014057.html

Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-08-06 14:58:11 +02:00
Thomas Perale 7407f797a6 package/apache: update mirror url
While the 2.4.65 release of this package is available on
https://dlcdn.apache.org/httpd older version are removed from this
location in favour of https://archive.apache.org/dist/httpd.

In 2025.02.x branch the apache package hasn't been bumped to the latest
version yet so the following error started appearing on the autobuilder:

```
>>> apache 2.4.64 Downloading
wget -nd -t 3 --no-check-certificate -O '/workdir/instance-0/output-1/build/.httpd-2.4.64.tar.bz2.hfXgDB/output' 'https://dlcdn.apache.org/httpd/httpd-2.4.64.tar.bz2'
WARNING: The certificate is NOT trusted. The certificate issuer is unknown.
[0] Downloading 'https://dlcdn.apache.org/httpd/httpd-2.4.64.tar.bz2' ...
HTTP ERROR response 404  [https://dlcdn.apache.org/httpd/httpd-2.4.64.tar.bz2]
make: *** [package/pkg-generic.mk:179: /workdir/instance-0/output-1/build/apache-2.4.64/.stamp_downloaded] Error 1
make: Leaving directory '/workdir/instance-0/buildroot'
```

To avoid running in the same error once the next package version is
released this patch update the site to the archive mirror with all the
releases.

Fixes: https://autobuild.buildroot.org/results/7a0/7a0982bcf9db4dcbcf4f6cf31b9f19571c061ee4/build-end.log
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-08-06 14:57:07 +02:00
Thomas Perale 8083972a90 package/libssh: security bump to v0.11.2
For more information on the release see:
  - https://git.libssh.org/projects/libssh.git/tag/?h=libssh-0.11.2

This fixes the following vulnerabilities:

- CVE-2025-4878

    A vulnerability was found in libssh, where an uninitialized variable
    exists under certain conditions in the privatekey_from_file()
    function. This flaw can be triggered if the file specified by the
    filename doesn't exist and may lead to possible signing failures or
    heap corruption.

For more information, see:
  - https://www.cve.org/CVERecord?id=CVE-2025-4878
  - https://git.libssh.org/projects/libssh.git/commit/?id=697650caa97eaf7623924c75f9fcfec6dd423cd1
  - https://git.libssh.org/projects/libssh.git/commit/?id=b35ee876adc92a208d47194772e99f9c71e0bedb

- CVE-2025-5318

    A flaw was found in the libssh library. An out-of-bounds read can be
    triggered in the sftp_handle function due to an incorrect comparison
    check that permits the function to access memory beyond the valid
    handle list and to return an invalid pointer, which is used in further
    processing. This vulnerability allows an authenticated remote attacker
    to potentially read unintended memory regions, exposing sensitive
    information or affect service behavior.

For more information, see:
  - https://www.cve.org/CVERecord?id=CVE-2025-5318
  - https://www.libssh.org/security/advisories/CVE-2025-5318.txt

- CVE-2025-5351

    A flaw was found in the key export functionality of libssh. The issue
    occurs in the internal function responsible for converting
    cryptographic keys into serialized formats. During error handling, a
    memory structure is freed but not cleared, leading to a potential
    double free issue if an additional failure occurs later in the
    function. This condition may result in heap corruption or application
    instability in low-memory scenarios, posing a risk to system
    reliability where key export operations are performed.

For more information, see:
  - https://www.cve.org/CVERecord?id=CVE-2025-5351

- CVE-2025-5372

    A flaw was found in libssh versions built with OpenSSL versions older
    than 3.0, specifically in the ssh_kdf() function responsible for key
    derivation. Due to inconsistent interpretation of return values where
    OpenSSL uses 0 to indicate failure and libssh uses 0 for success—the
    function may mistakenly return a success status even when key
    derivation fails. This results in uninitialized cryptographic key
    buffers being used in subsequent communication, potentially
    compromising SSH sessions' confidentiality, integrity, and
    availability.

For more information, see:
  - https://www.cve.org/CVERecord?id=CVE-2025-5372

- CVE-2025-5449

    A flaw was found in the SFTP server message decoding logic of libssh.
    The issue occurs due to an incorrect packet length check that allows
    an integer overflow when handling large payload sizes on 32-bit
    systems. This issue leads to failed memory allocation and causes the
    server process to crash, resulting in a denial of service.

For more information, see:
  - https://www.cve.org/CVERecord?id=CVE-2025-5449
  - https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.11&id=261612179f740bc62ba363d98b3bd5e5573a811f
  - https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.11&id=3443aec90188d6aab9282afc80a81df5ab72c4da
  - https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.11&id=5504ff40515439a5fecbb17da7483000c4d12eb7
  - https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.11&id=78485f446af9b30e37eb8f177b81940710d54496
  - https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.11&id=f79ec51b7fd519dbc5737a7ba826e3ed093f6ceb
  - https://www.libssh.org/security/advisories/CVE-2025-5449.txt

- CVE-2025-5987

    A flaw was found in libssh when using the ChaCha20 cipher with the
    OpenSSL library. If an attacker manages to exhaust the heap space,
    this error is not detected and may lead to libssh using a partially
    initialized cipher context. This occurs because the OpenSSL error code
    returned aliases with the SSH_OK code, resulting in libssh not
    properly detecting the error returned by the OpenSSL library. This
    issue can lead to undefined behavior, including compromised data
    confidentiality and integrity or crashes.

For more information, see:
  - https://www.cve.org/CVERecord?id=CVE-2025-5987

The patch 0001 is removed as it's now included upstream see [1].

[1] https://gitlab.com/libssh/libssh-mirror/-/commit/093431f929ec8c36d5941bfdc0b2d3b68404a2aa
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-08-06 14:54:36 +02:00
Bernd Kuhls 2fd520c8d5 package/glm: bump version to 1.0.1
Release notes: https://github.com/g-truc/glm/releases/tag/1.0.1

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-08-04 22:11:23 +02:00
Bernd Kuhls 2e4be3a5be package/libmspack: bump version to 0.11alpha
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-08-04 22:10:37 +02:00
Bernd Kuhls fd38935177 package/libdeflate: bump version to 1.24
Release notes:
https://github.com/ebiggers/libdeflate/blob/v1.24/NEWS.md

Switch _SITE to tarball provided by upstream.

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-08-04 22:08:40 +02:00
Bernd Kuhls 6b607a7744 package/libinput: bump version to 1.29.0
Release notes:
https://lists.freedesktop.org/archives/wayland-devel/2025-March/044026.html
https://lists.freedesktop.org/archives/wayland-devel/2025-April/044102.html
https://lore.freedesktop.org/wayland-devel/20250731092534.GA4100432@quokka/T/

Upstream changed mtdev into an optional dependency:
https://gitlab.freedesktop.org/libinput/libinput/-/commit/27f4b0ae744a2b2655755188f2224dd5f8c4bdeb

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-08-04 22:02:10 +02:00
Bernd Kuhls 178cc76deb package/meson: bump version to 1.8.3
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-08-04 22:01:54 +02:00
Bernd Kuhls a2f53620e6 package/intel-vpl-gpu-rt: bump version to 25.3.1
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-08-04 21:40:01 +02:00
Bernd Kuhls f3b09a3fa1 package/intel-mediadriver: bump version to 25.3.1
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-08-04 21:39:34 +02:00
Bernd Kuhls 41ed03172a package/mtdev: bump version to 1.1.7
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-08-04 21:39:24 +02:00
Angelo Compagnucci 2c9e2e06e2 package/sshguard: bump to version 2.5.1
Changelog:
https://bitbucket.org/sshguard/sshguard/src/master/CHANGELOG.rst

Signed-off-by: Angelo Compagnucci <angelo.compagnucci@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-08-04 21:37:59 +02:00
Angelo Compagnucci d149e60033 package/python-pillow: security bump to version 11.3.0
Changelog:
https://pillow.readthedocs.io/en/stable/releasenotes/11.3.0.html

Fixes the following security issues:
CVE 2025-48379

Signed-off-by: Angelo Compagnucci <angelo.compagnucci@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-08-04 21:33:28 +02:00
Florian Larysch e6e930be67 package/pipewire: bump version to 1.2.8
Bugfix release for the 1.2.x series.

Release notes:
https://gitlab.freedesktop.org/pipewire/pipewire/-/blob/91a1ce183fe8a77843ebe72d62aae51e5ce62737/NEWS

Signed-off-by: Florian Larysch <fl@n621.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-08-04 19:05:13 +02:00
Peter Seiderer 0343f03ce4 package/iwd: fix S40iwd check-package warnings
Fix fix S40iwd check-package warnings:

- package/iwd/S40iwd:3: Do not include path in DAEMON
  (https://nightly.buildroot.org/#adding-packages-start-script)

- package/iwd/S40iwd:4: Incorrect PIDFILE value
  (https://nightly.buildroot.org/#adding-packages-start-script)

Since this commit fixes lib_sysv.Variables check-package warnings
in S40iwd, this commit also removes the .checkpackageignore entry.

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
[Julien: remove lib_sysv.Variables in .checkpackageignore]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-08-03 17:44:00 +02:00
Peter Seiderer a3569f03fc package/iwd: bump version to 3.9
Changelog (see [1]):

  ver 3.9:
    Fix issue with Access Point mode and frequency unlocking.
    Fix issue with network configuration and BSS retry logic.
    Fix issue with handling busy notification from Access Point.
    Fix issue with handling P-192, P-224 and P-521 for SAE.

  ver 3.8:
    Fix issue with handling unit tests and missing kernel features.

  ver 3.7:
    Fix issue with handling length of EncryptedSecurity.
    Fix issue with handling empty affinities lists.
    Fix issue with handling survey scanning results.
    Fix issue with handling duplicate values in DPP URI.

  ver 3.6:
    Fix issue with handling blacklisting and roaming requests.
    Fix issue with handling CQM thresholds for FullMAC devices.
    Add support for PMKSA when using FullMAC devices.

  ver 3.5:
    Add support for option to disable blacklist handling.
    Add support for option to disable SAE for broken drivers.

  ver 3.4:
    Add support for the Test Anything Protocol.

  ver 3.3:
    Fix issue with handling External Authentication.

  ver 3.2:
    Fix issue with GCC 15 and -std=c23 build errors.
    Add support for using PMKSA over SAE if available.
    Add support for HighUtilization/StationCount thresholds.
    Add support for disabling Multicast RX option.

  ver 3.1:
    Fix issue with handling OWE transition BSS selection.
    Fix issue with handling oper class 136 starting frequency.

[1] https://git.kernel.org/pub/scm/network/wireless/iwd.git/tree/ChangeLog?h=3.9

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-08-03 17:40:04 +02:00
Peter Seiderer e834d23cd7 package/ell: bump version to 0.79
Changelog (see [1]):

  ver 0.79:
    Fix issue with D-Bus client and watch removal handling.
    Fix issue with D-Bus client and service name handling.
    Fix issue with D-Bus proxy and filter rule handling.

  ver 0.78:
    Fix issue with random ECC scalar generation.

  ver 0.77:
    Add support for precheck feature for unit tests.
    Add support for license variable for pkg-config.

  ver 0.76:
    Fix issue with random scalar generation.

  ver 0.75:
    Add support for converting OID octets to strings.
    Add support for NIST P-224 cuve usage with ECDH.
    Add support for NIST P-521 cuve usage with ECDH.
    Add support for SHA-3 series of hashing algorithms.

  ver 0.74:
    Add support for NIST P-192 curve usage with ECDH.
    Add support for SHA-224 based checksums and HMACs.

  ver 0.73:
    Fix issue with parsing hwdb.bin child structures.

  ver 0.72:
    Add support for the Test Anything Protocol.

  ver 0.71:
    Fix issue with GCC 15 and -std=c23 build errors.

  ver 0.70:
    Add support for helper function for safe memcpy.

[1] https://git.kernel.org/pub/scm/libs/ell/ell.git/tree/ChangeLog?h=0.79

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-08-03 17:40:00 +02:00
Thomas Perale 014174f00d package/sqlite: ignore CVE-2025-3277
The CVE-2025-3277 as been marked as a duplicate of CVE-2025-29087 by the
debian security tracker [1].

The CVE-2025-29087 has already been fixed in commit [2] so this patch
adds CVE-2025-3277 to the ignored CVEs.

[1] https://security-tracker.debian.org/tracker/CVE-2025-3277
[2] 835b5659ea package/sqlite: add patch to fix CVE-2025-29087

Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-08-03 17:35:01 +02:00
Bernd Kuhls d6d1beddbc package/libcec: bump version to 7.1.1
Changelog:
https://github.com/Pulse-Eight/libcec/blob/libcec-7.1.1/debian/changelog.in

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-08-03 17:29:18 +02:00
Bernd Kuhls 51b27bad91 {linux, linux-headers}: bump 6.{6, 12, 15}.x series
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-08-03 17:25:56 +02:00
Thomas Perale 4089677c2d package/php: bump to v8.3.24
This is a bug fix release.

For more information, see:

 - https://www.php.net/ChangeLog-8.php#PHP_8_3
 - https://news-web.php.net/php.announce/466

Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-08-03 17:06:10 +02:00
Thomas Bonnefille a01c07f572 package/libspdm: bump version to 3.8.0
For change log since 3.5.0, see:
https://github.com/DMTF/libspdm/releases

Following the upgrade of libopenssl to version 3.5.0 [1], the build
process for libspdm encountered issues due to the new openssl API.
It requires some modifications in the asn1.h file of libspdm.
This build error was addressed by a specific commit [2] in libspdm.

As Buildroot 2025.02 isn't impacted, this commit bumps libspdm to the
latest libspdm version to fix the build error.

This commit also updates the license hash, after a year update in:
https://github.com/DMTF/libspdm/commit/e8a35c8d0dfe5edb2bbafaa07ebf74b097824364

[1]: https://gitlab.com/buildroot.org/buildroot/-/commit/9868ca6ec98afa28a94aea50cc940db7df860396
[2]: https://github.com/DMTF/libspdm/commit/88797f83daf6654d6381e3539abe1670763f2ac1

Fixes:
https://autobuild.buildroot.org/results/87b8805975ef132a58c40e622e2e023199f6ee2a/

Signed-off-by: Thomas Bonnefille <thomas.bonnefille@bootlin.com>
[Julien:
 - add link to change log
 - fix LICENSE.md hash
]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-08-03 17:01:06 +02:00
Bernd Kuhls 64de9e5142 package/{mesa3d, mesa3d-headers}: bump version to 25.1.7
Release notes:
https://lists.freedesktop.org/archives/mesa-announce/2025-July/000814.html

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-08-03 16:51:42 +02:00
Thomas Perale c68a14d73a package/libxml2: add patch for CVE-2025-6170
This fixes the following vulnerability:

- CVE-2025-6170

    A flaw was found in the interactive shell of the xmllint command-line
    tool, used for parsing XML files. When a user inputs an overly long
    command, the program does not check the input size properly, which can
    cause it to crash. This issue might allow attackers to run harmful
    code in rare configurations without modern protections.

For more information, see:
  - https://www.cve.org/CVERecord?id=CVE-2025-6170
  - https://gitlab.gnome.org/GNOME/libxml2/-/commit/c340e419505cf4bf1d9ed7019a87cc00ec200434

Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-08-03 16:46:31 +02:00
Colin Foster a28756bdee package/rauc-hawkbit-updater: bump to version 1.4
For change log, see:
https://github.com/rauc/rauc-hawkbit-updater/releases/tag/v1.4

Signed-off-by: Colin Foster <colin.foster@in-advantage.com>
[Julien: add link to change log]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-08-03 16:29:49 +02:00
Bernd Kuhls f5101638b9 boot/syslinux: fix build with gcc-15.x
Fixes build error with gcc-15.x:

drivers/net/3c509-eisa.c:39:26: error:  initialization of 'void (*)(void)'
 from incompatible pointer type 'void (*)(struct nic *, struct eisa_device *)'
 [-Wincompatible-pointer-types]

For a similar fix see https://bugzilla.suse.com/show_bug.cgi?id=1243225

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-31 16:04:45 +02:00
Thomas Petazzoni 2fbf98da7c package/gcc: drop stale 13.3.0 patches
Commit 0b8b72d2fe bumped gcc 13.x from
13.3.0 to 13.4.0 but forgot to drop the gcc 13.3.0, so let's remove
those patches.

Cc: Kadambini Nema <kadambini.nema@gmail.com>
Fixes: 0b8b72d2fe
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-31 15:00:13 +02:00
Fabien Lehoussel b2801c7bce package/gcc/gcc-final: fix CPE identification
Fix the CPE (Common Platform Enumeration) identification in the
gcc-final package to ensure proper vulnerability tracking through the
NVD database:

https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:gnu:gcc

Signed-off-by: Fabien Lehoussel <fabien.lehoussel@smile.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-07-30 22:44:29 +02:00
Adrian Perez de Castro 2882cf4ae6 package/wpewebkit: security bump to version 2.48.3
This bumps WPE WebKit to the 2.48 stable series, skipping over 2.46.

WPE WebKit 2.48 and 2.46 highlights:

- https://wpewebkit.org/blog/2025-04-11-wpewebkit-2.48.html
- https://wpewebkit.org/blog/2024-wpewebkit-2.46.html

Release notes:

- https://wpewebkit.org/release/wpewebkit-2.48.3.html
- https://wpewebkit.org/release/wpewebkit-2.48.2.html
- https://wpewebkit.org/release/wpewebkit-2.48.1.html
- https://wpewebkit.org/release/wpewebkit-2.48.0.html
- https://wpewebkit.org/release/wpewebkit-2.46.7.html
- https://wpewebkit.org/release/wpewebkit-2.46.6.html
- https://wpewebkit.org/release/wpewebkit-2.46.5.html
- https://wpewebkit.org/release/wpewebkit-2.46.4.html
- https://wpewebkit.org/release/wpewebkit-2.46.3.html
- https://wpewebkit.org/release/wpewebkit-2.46.2.html
- https://wpewebkit.org/release/wpewebkit-2.46.1.html
- https://wpewebkit.org/release/wpewebkit-2.46.0.html

Fixes the following security issues:

- From https://wpewebkit.org/security/WSA-2025-0004.html
  CVE-2025-24223, CVE-2025-31204, CVE-2025-31205, CVE-2025-31206,
  CVE-2025-31215, CVE-2025-31257

- From https://wpewebkit.org/security/WSA-2025-0003.html
  CVE-2024-54551, CVE-2025-24208, CVE-2025-24209, CVE-2025-24213,
  CVE-2025-24216, CVE-2025-24264, CVE-2025-30427

- From https://wpewebkit.org/security/WSA-2025-0002.html
  CVE-2024-44192, CVE-2024-54467, CVE-2025-24201

- From https://wpewebkit.org/security/WSA-2025-0001.html
  CVE-2024-27856, CVE-2024-54543, CVE-2024-54658, CVE-2025-24143,
  CVE-2025-24150, CVE-2025-24158, CVE-2025-24162

- From https://wpewebkit.org/security/WSA-2024-0008.html
  CVE-2024-54479, CVE-2024-54502, CVE-2024-54505, CVE-2024-54508,
  CVE-2024-54534

- From https://wpewebkit.org/security/WSA-2024-0007.html
  CVE-2024-44308, CVE-2024-44309

- From https://wpewebkit.org/security/WSA-2024-0006.html
  CVE-2024-44185, CVE-2024-44244, CVE-2024-44296

- From https://wpewebkit.org/security/WSA-2024-0005.html
  CVE-2024-40866, CVE-2024-44187

As for build system changes, the minimum GCC requirement gets raised to
version 11 [1], the ENABLE_SPEECH_SYNTHESIS option is now enabled by
default [2] and needs handling, and Skia (bundled with the sources) is
now preferred on little-endian targets.

[1] https://github.com/WebKit/WebKit/commit/682ac4ba74c53d0cd488c7a595096224a9abb036
[2] https://github.com/WebKit/WebKit/commit/10381a8de938024f31935184af470ccbce0b22d9

Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-07-30 22:07:23 +02:00
El Mehdi YOUNES 56adc0dacd package/opencl-{clhpp,headers,icd-loader}: bump version to v2025.07.22
Synchronizes with OpenCL v3.0.19 specification release.

Releases:
https://github.com/KhronosGroup/OpenCL-Headers/releases/tag/v2025.07.22
https://github.com/KhronosGroup/OpenCL-ICD-Loader/releases/tag/v2025.07.22
https://github.com/KhronosGroup/OpenCL-CLHPP/releases/tag/v2025.07.22

Signed-off-by: El Mehdi YOUNES <elmehdi.younes@smile.fr>
[Julien: factorize package names in commit log title]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-30 14:48:58 +02:00
Nathaniel Roach 6044cc5f26 package/sudo: Enable libxcrypt with glibc, allowing hashed passwords without PAM
Per https://gitlab.com/buildroot.org/buildroot/-/issues/27 , on glibc
builds without PAM, sudo will "fail" all password prompts.

It was found that it's simply checking the entered string against the
raw hash, because 'libcryp' isn't available. On glibc, we need libxcrypt,
so enable it and ensure sudo is built with it.

musl and uclibc do have crypt() functions, so this is not needed.

Relevant code from sudo:
 https://github.com/sudo-project/sudo/blob/v1.9.17p1/plugins/sudoers/auth/passwd.c#L139

Signed-off-by: Nathaniel Roach <nroach44@nroach44.id.au>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-30 03:07:41 +02:00
Petr Vorel 97cc946e2f package/ltp-testsuite: Fix uclibc-ng build
Backport upstream fix.

Fixes:
https://autobuild.buildroot.org/results/f3e/f3e03b9a1a69988d6497f36c9d64a37a66e9ad20/
https://autobuild.buildroot.org/results/856/856365f467efc449faee1951250e63d8d4442bbc/
https://autobuild.buildroot.org/results/2ac/2ac08cecd6a505f1bac1a673efc280b3a8dcb23a/
https://autobuild.buildroot.org/results/59b/59b3ad33667b7e87c81e49dd434d5f494e189e0d/
https://autobuild.buildroot.org/results/b1a/b1a36f9971c97300670d8d772ace11e5fedceaaa/

Signed-off-by: Petr Vorel <petr.vorel@gmail.com>
Tested-By: Waldemar Brodkorb <wbx@openadk.org>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-30 02:55:25 +02:00
Titouan Christophe 0c2769b9c3 package/rust: add CPE_ID_VENDOR
This gives a proper cpe-id string to the Rust buildroot package,
as it can be found in the NVD database:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:rust-lang:rust

Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
Reviewed-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-30 01:39:45 +02:00
Stefan Nickl f103e3696f package/modem-manager: Add option to enable AT commands via D-Bus
Signed-off-by: Stefan Nickl <Stefan.Nickl@gmail.com>
Reviewed-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-30 01:33:53 +02:00
Dario Binacchi 9440bf5a62 package/armadillo: bump to version 14.6.1
Release notes:
https://arma.sourceforge.net/docs.html#changelog

Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-30 01:29:59 +02:00
Dario Binacchi b9a14eaff1 package/inih: bump to version 61
Release notes:
https://github.com/benhoyt/inih/releases/tag/r61

Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-30 01:24:18 +02:00
Bernd Kuhls 0461043a51 linux: bump latest version to 6.16
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-29 01:20:41 +02:00
Bernd Kuhls d9a1352e7d {toolchain, linux-headers}: add support for 6.16 headers
And add (and default to) 6.16 to linux-headers.

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-29 01:20:38 +02:00
Giulio Benetti d08c30697b package/libnvme: bump to version 1.15
For release note, see:
https://github.com/linux-nvme/libnvme/releases/tag/v1.15

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-29 01:17:55 +02:00
Giulio Benetti 034cd35fb4 package/harfbuzz: bump to version 11.3.3
Release Notes:
https://github.com/harfbuzz/harfbuzz/releases/tag/11.3.3

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-29 01:13:37 +02:00
Thomas Perale 1fc0e90450 package/micropython: add patch for CVE-2024-8947
This fixes the following vulnerability:

- CVE-2024-8947

 A vulnerability was found in MicroPython 1.22.2. It has been declared
 as critical. Affected by this vulnerability is an unknown functionality
 of the file py/objarray.c. The manipulation leads to use after free.
 The attack can be launched remotely. The complexity of an attack is
 rather high. The exploitation appears to be difficult. Upgrading to
 version 1.23.0 is able to address this issue. It is recommended to
 upgrade the affected component. In micropython objarray component, when
 a bytes object is resized and copied into itself, it may reference
 memory that has already been freed.

For more information, see:
  - https://www.cve.org/CVERecord?id=CVE-2024-8947
  - https://github.com/micropython/micropython/commit/4bed614e707c0644c06e117f848fa12605c711cd

Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-29 01:07:48 +02:00
Thomas Perale 74e38b3c4d package/orc: bump to version 0.4.41
This bump include fix for CVE-2024-40897 which has been addressed in
previous patch.

For more information on the release, see:
  - https://gitlab.freedesktop.org/gstreamer/orc/-/blob/main/RELEASE
  - https://gitlab.freedesktop.org/gstreamer/orc/-/compare/0.4.34..0.4.41

Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-29 00:54:41 +02:00
Thomas Perale 2f7afa54ce package/orc: add patch for CVE-2024-40897
This fixes the following vulnerabilities:

- CVE-2024-40897

 Stack-based buffer overflow vulnerability exists in orcparse.c of ORC
 versions prior to 0.4.39. If a developer is tricked to process a
 specially crafted file with the affected ORC compiler, an arbitrary
 code may be executed on the developer's build environment. This may
 lead to compromise of developer machines or CI build environments.
 https://www.cve.org/CVERecord?id=CVE-2024-40897

For more information, see:
 - https://www.cve.org/CVERecord?id=CVE-2024-40897
 - https://gitlab.freedesktop.org/gstreamer/orc/-/commit/fb7db9ae3e8ac271651d1884a3611d30bac04a98

Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-29 00:54:37 +02:00
Thomas Perale 279cb43814 package/orc: add CPE identifier
The cpe:2.3:a:gstreamer:orc:0.4.34:*:*:*:*:*:*:* is
valid for this package.

See https://nvd.nist.gov/products/cpe/detail/37DFA009-0707-4825-B28A-62451B1E2AFC

Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-29 00:54:34 +02:00
Thomas Perale 60fe9b3733 package/qpid-proton: update mirror url
The current mirror now only has the version 0.40.0 available.

Older version of apache packages moved to the "archive.apache.org"
location.

Fixes: https://autobuild.buildroot.org/results/853/853c354b9bde4408e122046496fd3f0e7ffb0b55
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Reviewed-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Tested-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-29 00:52:09 +02:00
Waldemar Brodkorb c261dd9122 package/uclibc: update to 1.0.54
See here for release notes:
https://mailman.openadk.org/mailman3/hyperkitty/list/devel@uclibc-ng.org/thread/FCUVZRWXEWHOREQPCR5OZGGS3R5WVK2Z/

Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
Reviewed-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-29 00:29:54 +02:00
Yegor Yefremov 5b5889ee5f package/libxmlrpc: fix boolean definitions
Don't define boolean macros for C23 standard as they are implemented
as keywords.

Fixes the following error:

make[2]: Entering directory
'/home/user/Documents/versioned/oss/xmlrpc-c/lib/util'
gcc -c -DNDEBUG -pthread -Wall -W -Wno-uninitialized -Wundef
-Wno-unknown-pragmas -Wmissing-declarations -Wstrict-prototypes
-Wmissing-prototypes -Wimplicit -fno-common -g -O3
-Isrcdir/lib/util/include
-I/home/user/Documents/versioned/oss/xmlrpc-c   casprintf.c
In file included from casprintf.c:9:
srcdir/lib/util/include/bool.h:13:5: error: cannot use keyword ‘false’
as enumeration constant
   13 |     false = 0,
      |     ^~~~~
srcdir/lib/util/include/bool.h:13:5: note: ‘false’ is a keyword with
‘-std=c23’ onwards
srcdir/lib/util/include/bool.h:15:3: error: expected ‘;’, identifier
or ‘(’ before ‘bool’
   15 | } bool;
      |   ^~~~
srcdir/lib/util/include/bool.h:15:3: warning: useless type name in
empty declaration

Upstream: https://sourceforge.net/p/xmlrpc-c/code/3318/

Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
Reviewed-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-29 00:24:19 +02:00
Yegor Yefremov 44801fa77d DEVELOPERS: add Yegor Yefremov for package/libxmlrpc
Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
Acked-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-29 00:24:16 +02:00
Julien Olivain d15ffdfda7 support/testing: test_xen: rename TestXen to TestXenAarch64
Commit [1] introduced an Armv7 test case for Xen named TestXenArmv7,
next to the original Aarch64 test case which was simply named TestXen.

The test list shows, for example with the command
"support/testing/run-tests -l":

    tests.package.test_xen.TestXen
    tests.package.test_xen.TestXenArmv7

In order to make this test list a bit more explicit, this commit
renames the TestXen to TestXenAarch64. With that change, the list
becomes:

    tests.package.test_xen.TestXenAarch64
    tests.package.test_xen.TestXenArmv7

[1] https://gitlab.com/buildroot.org/buildroot/-/commit/5346824a83488f840008eb24f84866435ac32a12

Cc: Vincent Stehlé <vincent.stehle@arm.com>
Reviewed-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-29 00:21:39 +02:00
Julien Olivain 0ffc3aa43e package/berkeleydb: fix build with host gcc-15.x
Commit [1] fixed berkeleydb target build with gcc-15.x.
The host variant package also fails when building with host gcc-15.x.

This commit fixes the issue by replicating the same fix for the package
host variant.

Fixes:
https://autobuild.buildroot.org/results/a8051600ab95a63c852960f8dace757b16c665f0/

[1] https://gitlab.com/buildroot.org/buildroot/-/commit/c1d422edde19d07d6406705b1a4b059125dba689

Reviewed-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-29 00:11:01 +02:00
Thomas Perale cec0acc84d package/kvmtool: fix build failure w/ musl
Starting GCC14 'implicit-function-declaration' are treated as errors by
default. When building kvmtool with musl libc, the following error
occurs due to missing declaration of 'basename':

```
vfio/core.c:537:22: error: implicit declaration of function ‘basename’ [-Wimplicit-function-declaration]
  537 |         group_name = basename(group_path);
      |                      ^~~~~~~~
vfio/core.c:537:22: warning: nested extern declaration of ‘basename’ [-Wnested-externs]
vfio/core.c:537:20: error: assignment to ‘char *’ from ‘int’ makes pointer from integer without a cast [-Wint-conversion]
  537 |         group_name = basename(group_path);
      |                    ^
```

This error can be reproduced with:

```
cat >.config <<EOF
BR2_aarch64=y
BR2_TOOLCHAIN_EXTERNAL=y
BR2_TOOLCHAIN_EXTERNAL_BOOTLIN=y
BR2_TOOLCHAIN_EXTERNAL_BOOTLIN_AARCH64_MUSL_BLEEDING_EDGE=y
BR2_PACKAGE_KVMTOOL=y
EOF
make olddefconfig
make kvmtool
```

This patch adds the upstream commit that fixes this issue by including
the appropriate header, ensuring compatibility with musl and GCC14.

Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-26 16:38:39 +02:00
Bernd Kuhls 7de76ae8d1 Revert "package/libva: fix build error"
This reverts commit c41f953ab9.

This commit broke gst1-vaapi:
https://lists.buildroot.org/pipermail/buildroot/2025-July/782786.html

Reported-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-26 13:54:36 +02:00
Bernd Kuhls 4cd8a7d748 package/libcurl: bump version to 8.15.0
Upstream removed optional BearSSL support:
https://github.com/curl/curl/commit/08a3e8e19a59d1530bfb208e187ac7c34c978dfd

Changelog: https://curl.se/ch/8.15.0.html

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-26 13:32:25 +02:00
Bernd Kuhls d48412b58e package/libcurl: remove configure option --with-random
Upstream removed this configure option in version 8.10.0:
https://github.com/curl/curl/commit/269fdd4c6ed5d837d57448ac977f6f300968df15
which was added to buildroot with commit
d68b999787.

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-26 13:32:22 +02:00
Bernd Kuhls 8ee654b28e package/libcurl: remove configure option --disable-ntlm-wb
Upstream removed this configure option in version 8.8.0:
https://github.com/curl/curl/commit/50def7c881ba560ab6e0235990e8f07fa69f4bc8
which was added to buildroot with commit
50bdb2a3b7.

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-26 13:32:18 +02:00
Scott Fan 2c20a2541c package/mosquitto: bump to version 2.0.22
Drop the patch that was fixed in the v2.0.22, see the closed issues and PRs:
https://github.com/eclipse-mosquitto/mosquitto/issues/3246
https://github.com/eclipse-mosquitto/mosquitto/pull/3256
https://github.com/eclipse-mosquitto/mosquitto/pull/3227
https://github.com/eclipse-mosquitto/mosquitto/pull/3252

However, a new issue was reported by GasparQ, when WITH_TLS option is off.
https://github.com/eclipse-mosquitto/mosquitto/issues/3318

Fortunately, besmarsh had pushed a PR that fixed this issue.
https://github.com/eclipse-mosquitto/mosquitto/pull/3321

The patch file was quoted in this commit.

For more details of v2.0.22, see the changelog:
https://github.com/eclipse-mosquitto/mosquitto/blob/v2.0.22/ChangeLog.txt

Signed-off-by: Scott Fan <fancp2007@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-26 13:22:19 +02:00
Scott Fan 2fd7933125 package/libmicrohttpd: bump version to 1.0.2
Fix double-close bugs on bind() errors reported by MC on the list.

Removed MHD2 draft code, now in libmicrohttpd2.git.

Changelog: https://git.gnunet.org/libmicrohttpd.git/tree/ChangeLog

Signed-off-by: Scott Fan <fancp2007@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-26 13:07:05 +02:00
Vincent Stehlé 5346824a83 support/testing: test_xen: test on 32-bit Arm v7
Add a TestXenArmv7 class with its related files in an arm/ subfolder
under test_xen/, to test Xen on 32-bit Arm v7.

We cannot boot with UEFI in this case; we use a custom U-Boot script,
which creates the Xen configuration Devicetree during boot.

Signed-off-by: Vincent Stehlé <vincent.stehle@arm.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-25 23:59:30 +02:00
Vincent Stehlé a6f0d33c87 support/testing: test_xen: add a base class
In preparation of adding a test for Xen on 32-bit Arm v7:
- Introduce an architecture-agnostic TestXenBase class where we move
  most of the Xen test scenario and bits of the configuration.
- Re-organise the test_xen/ folder with the architecture-agnostic files
  under common/ and the 64-bit Arm specific files under aarch64/.

Make the 64-bit Arm TestXen class inherit from the base class and leave
in there only the architecture-specific parts:
- The 64-bit Arm configuration bits.
- The test function, which passes the proper 64-bit Arm simulator
  options to the generic test function.

No functional change intended.

Signed-off-by: Vincent Stehlé <vincent.stehle@arm.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-25 23:59:30 +02:00
Florian Larysch 353745e095 package/chartjs: fix license path
Commit a954d39a58 ("package/chartjs: bump to version 3.9.1") updated the
package version and the license file hash, but also changed the path to
the license file in the hash file. However, the path to the license file
hasn't changed, causing an error during "make legal-info". Revert the
path change.

Signed-off-by: Florian Larysch <fl@n621.de>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-25 23:43:04 +02:00
Bernd Kuhls ebb6648046 package/apache: security bump version to 2.4.65
Changelog:
https://downloads.apache.org/httpd/CHANGES_2.4.65

Fixes:
https://www.cve.org/CVERecord?id=CVE-2025-54090

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-25 22:33:15 +02:00
Bernd Kuhls 1a229c54b8 package/rust-bindgen: security bump version to 0.72.0
Changelog, since version 0.65.1:
https://github.com/rust-lang/rust-bindgen/blob/v0.72.0/CHANGELOG.md#0720-2025-06-08

The package updated some of its dependencies to fix
security issues:

Version 0.70.0 updates "tempfile" and "rustix" to fix:
https://github.com/advisories/GHSA-c827-hfw6-qwvm
https://www.cve.org/CVERecord?id=CVE-2024-43806

Version 0.69.3 updates shlex to fix:
https://rustsec.org/advisories/RUSTSEC-2024-0006.html

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
[Julien:
 - use version tag for change log url
 - mark the update as security related
 - add link to fixed rustix CVE
]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-25 22:18:58 +02:00
El Mehdi YOUNES 307c802112 package/rust: Bump to version 1.88.0
Some fixes and stabilizations.
Changelog:
https://doc.rust-lang.org/beta/releases.html

Signed-off-by: El Mehdi YOUNES <elmehdi.younes@smile.fr>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-25 19:42:51 +02:00
El Mehdi YOUNES b97175b49a utils/update-rust: fix MIT hash
The LICENSE-MIT file has changed.
Commit 432aef05 fixed it for rust package but forgot
the update-rust script.

Signed-off-by: El Mehdi YOUNES <elmehdi.younes@smile.fr>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-25 19:42:46 +02:00
Bernd Kuhls 697cdb123a package/tvheadend: bump version
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-25 19:33:09 +02:00
Bernd Kuhls fb91f813d8 package/intel-gmmlib: bump version to 22.8.1
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-25 19:09:33 +02:00
Bernd Kuhls 5dea42b64f package/intel-mediadriver: bump version to 25.3.0
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-25 19:09:29 +02:00
Bernd Kuhls 3f11c7c2fe package/intel-vpl-gpu-rt: bump version to 25.3.0
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-25 19:09:26 +02:00
Bernd Kuhls 045eae6239 package/kodi-pvr-waipu: bump version to 21.12.3-Omega
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-25 19:06:00 +02:00
Bernd Kuhls 7bccebecc2 package/{mesa3d, mesa3d-headers}: bump version to 25.1.6
Release notes:
https://lists.freedesktop.org/archives/mesa-announce/2025-July/000811.html

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-25 18:44:08 +02:00
Nathaniel Roach 1575584f50 package/petitboot: add patches to fix build errors with "opaque" ncurses
ncurses from 6.4.20231021 enables "NCUSES_OPAQUE_MENU", which hides
some parts of the code away from the application. This causes
petitboot to fail building in a few spots where it tries to directly
access the name of the menu item.

Since the ncurses package was bumped to version 6.5.20250517 in
commit [0], petitboot is failing to build with error:

    ui/ncurses/nc-menu.h: In function ‘pmenu_dump_item’:
    ui/ncurses/nc-menu.h:129:47: error: invalid use of incomplete typedef ‘ITEM’ {aka ‘const struct tagITEM’}
      129 |         pb_debug("%p %s\n", item, (item ? item->name.str : "(null)"));

This commit fixes the issue by adding package patches.
These two patches were submitted to the petitboot mailing list by
Nicholas Piggin [1] resolve this issue using accessors, or by making a new item.

This has been raised upstream but not yet applied [2].

[0]: https://gitlab.com/buildroot.org/buildroot/-/commit/e7c091f11398bdb6498adaa344d0934d97b4ef39
[1]: https://lists.ozlabs.org/pipermail/petitboot/2024-February/thread.html#1545
[2]: https://github.com/open-power/petitboot/issues/106

Signed-off-by: Nathaniel Roach <nroach44@nroach44.id.au>
Fixes: https://autobuild.buildroot.org/results/bf1/bf173e1e0f8ad3f40534aaa358dc40993cd14ac4/build-end.log
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
[Julien:
 - add Signed-off-by in patches
 - add info in commit log
]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-25 18:39:03 +02:00
Bernd Kuhls 065c1b84b5 {linux, linux-headers}: bump 5.{4, 10, 15}.x / 6.{1, 6, 12, 15}.x series
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-24 22:16:42 +02:00
Vincent Stehlé 25e87d068c configs/arm_foundationv8: bump to Linux 6.15 and model 11.29
- Bump Linux kernel to v6.15.7 and update the hash file.
- Bump the model in the readme to version 11.29 build 27.

While at it, adjust the model's path in the readme to take the host
architecture into account.

Signed-off-by: Vincent Stehlé <vincent.stehle@arm.com>
Cc: Masahiro Yamada <yamada.masahiro@socionext.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-24 21:48:49 +02:00
Juan Pablo Montero Castro b6645d7407 configs/freescale_imx91frdm: new defconfig
This commit adds support for the i.MX 91 FRDM (Freedom) board.

The i.MX91 FRDM development board is a low-cost and compact
development board featuring the i.MX91 applications processor.

See: https://nxp.com/FRDM-IMX91

This defconfig is based on freescale_imx93frmd_defconfig, introduced in
commit https://gitlab.com/buildroot.org/buildroot/-/commit/2e05f22ff862192a7e512d0db0486351bba94ae8

Compared to the original freescale_imx93_frmd_defconfig, this defconfig
uses a Bootlin glibc stable external toolchain, to follow guidelines
from: https://elinux.org/Buildroot:DeveloperDaysELCE2024#Rules_for_defconfigs

Signed-off-by: Juan Pablo Montero Castro <juanpablo.monterocastro@nxp.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-24 21:31:23 +02:00
Julien Olivain 30ea8ea9ae package/z3: bump to version 4.15.2
For change log since 4.15.1, see:
https://github.com/Z3Prover/z3/blob/z3-4.15.2/RELEASE_NOTES.md#version-4152

Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-24 21:28:05 +02:00
Julien Olivain 802afc0b43 package/openmpi: bump to version 4.1.8
For change log since 4.1.5, see:
https://github.com/open-mpi/ompi/blob/v4.1.8/NEWS#L62

Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-24 21:28:01 +02:00
Julien Olivain f4a4b3a735 package/opencsd: bump to version 1.6.1
For change log since 1.5.6, see:
https://github.com/Linaro/OpenCSD/blob/v1.6.1/README.md?plain=1#L356

Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-24 21:27:57 +02:00
Julien Olivain fdf9173555 package/python-magic-wormhole: bump to version 0.19.2
For change log since version 0.17.0, see:
https://github.com/magic-wormhole/magic-wormhole/blob/0.19.2/NEWS.md

Note that, since v0.18.0, magic-wormhole is using python-qrcode. This
commit reflects that change by adding this new runtime dependency in
Config.in.

Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-24 21:27:53 +02:00
Julien Olivain fa043ddeab package/octave: bump to version 10.2.0
See release announce:
https://octave.org/news/release/2025/06/03/octave-10.2.0-released.html

Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-24 21:27:50 +02:00
Julien Olivain f5b50ae926 package/fluidsynth: bump to version 2.4.7
For change log since v2.4.6, see:
https://github.com/FluidSynth/fluidsynth/releases/tag/v2.4.7

Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-24 21:27:46 +02:00
Yegor Yefremov 51cf8e5663 package/avrdude: remove the obsolete hook
Since its introduction in commit [1], avrdude has a post install
target hook removing a backup configuration file.

Commit [2] updated avrdude to version 7.1 and switch to the
cmake infra.

CMake recipe doesn't create a backup of the avrdude.conf.

This commit removes this hook which is no longer needed.

[1] https://gitlab.com/buildroot.org/buildroot/-/commit/dc776f0d0546900b22d1552f3e522be2080016c6
[2] https://gitlab.com/buildroot.org/buildroot/-/commit/f89f3787a05d123a33f1a000c802fe42c96a487f

Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
[Julien: add extra info in commit log]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-24 21:16:35 +02:00
Jesse Taube 9809795c71 package/kvm-unit-tests: Add RISC-V, bump to version 2025-06-05
A new kvm-unit-tests version has recently been tagged, so let's
update to that version.
This version also add suport for RISC-V, add RISC-V to Config.in

Signed-off-by: Jesse Taube <jesse@rivosinc.com>
Reviewed-by: Thomas Huth <huth@tuxfamily.org>
[Julien: move riscv32 before riscv64 in .mk]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-24 00:24:30 +02:00
Giulio Benetti f7b64eeeaf package/libnss: bump version to 3.114
For release note, see:
https://hg-edge.mozilla.org/projects/nss/file/NSS_3_114_RTM/doc/rst/releases/nss_3_114.rst

NOTE: starting from version 3.114 NSS requires NSPR >= 4.37

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-23 23:50:32 +02:00
Giulio Benetti 8acdac04d9 package/libnspr: bump to version 4.37
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-23 23:50:28 +02:00
Giulio Benetti c877548b2e package/harfbuzz: bump to version 11.3.2
Release Notes:
https://github.com/harfbuzz/harfbuzz/releases/tag/11.3.2

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-23 23:36:54 +02:00
Giulio Benetti 9da4457345 package/libfuse3: bump to version 3.17.3
Release notes:
https://github.com/libfuse/libfuse/releases/tag/fuse-3.17.3

Drop local patches that are upstreamed now.

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-23 23:29:19 +02:00
Serosh Deljam 7be91747f8 package/cukinia: bump to version 0.8.0
For the release note, see [1].
For a full change log since v0.6.0, see [2].

Note that the package license changed from "Apache-2.0 or GPL-3.0"
to Apache-2.0 only. See upstream commit [3]. This commit updates
the hash file, _LICENSE and _LICENSE_FILES accordingly.

[1] https://github.com/savoirfairelinux/cukinia/releases/tag/v0.8.0
[2] https://github.com/savoirfairelinux/cukinia/compare/v0.6.0...v0.8.0
[3] https://github.com/savoirfairelinux/cukinia/commit/e514a2ecea251da9c3dffaabe4f70846672dc5eb

Signed-off-by: Serosh Deljam <serosh.deljam@savoirfairelinux.com>
[Julien: add info in commit log]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-23 23:14:34 +02:00
Jesse Taube 38c5b1e29e boot/opensbi: bump version to 1.7
Release notes at:
https://github.com/riscv-software-src/opensbi/releases/tag/v1.7

Signed-off-by: Jesse Taube <jesse@rivosinc.com>
[Julien: add missing BR2_TARGET_OPENSBI_VERSION default value]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-23 22:12:42 +02:00
Yegor Yefremov eedffe0681 package/memtester: bump version to 4.7.1
For change log, see:
https://pyropus.ca./software/memtester/CHANGELOG

Version 4.7.1 fixes compile error with stricter C23/gcc-15 due to
incompatible type declaration.

Fixes:
https://autobuild.buildroot.org/results/6d4d4e8ca4269a3d8f795c7c186ef70411f2dc79/build-end.log

Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-22 19:21:03 +02:00
Fiona Klute 54240460dc package/lrzsz: fix build with musl
lib/long-options.c failed to compile with musl for the same reason
0002-lib-long-options.c-include-stdlib.h.patch was added to fix,
exit() being undefined. The fix is the same as well: include stdlib.h.

Fixes: b6784a1f1f ("package/lrzsz: fix build with GCC >= 14.x")
Signed-off-by: Fiona Klute <fiona.klute@gmx.de>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-22 19:14:06 +02:00
Titouan Christophe 8945ea3e67 package/python-starlette: security bump to v0.47.2
For release note, see:
https://github.com/encode/starlette/releases/tag/0.47.2

This fixes the following vulnerability:

- CVE-2025-54121:
    Starlette is a lightweight ASGI (Asynchronous Server Gateway
    Interface) framework/toolkit, designed for building async web services
    in Python. In versions 0.47.1 and below, when parsing a multi-part
    form with large files (greater than the default max spool size)
    starlette will block the main thread to roll the file over to disk.
    This blocks the event thread which means the application can't accept
    new connections. The UploadFile code has a minor bug where instead of
    just checking for self._in_memory, the logic should also check if the
    additional bytes will cause a rollover. The vulnerability is fixed in
    version 0.47.2.
    https://www.cve.org/CVERecord?id=CVE-2025-54121

Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
Reviewed-by: Marcus Hoffmann <buildroot@bubu1.eu>
[Julien: add link to release note]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-22 19:12:41 +02:00
Lance Fredrickson 1471c9b421 package/ncurses: bump to version 6.5.20250720
Release notes:
https://github.com/ThomasDickey/ncurses-snapshots/blob/v6_5_20250720/NEWS

Fixes observed issues with htop on aarch64/musl after the last ncurses update.

Signed-off-by: Lance Fredrickson <lancethepants@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-22 19:10:40 +02:00
Markus Mayer 5e4cb7607b toolchain/toolchain-wrapper.c: fix indentation
A recent commit introduced a few lines that were indented with spaces
rather than a tab. Rectify this.

Fixes: 00b30f887a ("toolchain-wrapper.c: get rid of EXCLUSIVE_ARGS")
Signed-off-by: Markus Mayer <mmayer@broadcom.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-22 19:09:18 +02:00
Giulio Benetti 26e69feb77 package/xr819-xradio: bump to version 2025-07-02
With this patch package builds with Linux up to version 6.15

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-22 19:04:45 +02:00
Giulio Benetti 2dd7a4a374 package/rtl8821au: fix build failure with Linux 6.15
Benetti Engineering just took over Larry Finger(lwfinger)'s repository [0]
rtl8821au since Larry unfortunately passed away[1](RIP) and there are
pending PRs that will never be checked as stated here. So basically move
github user to benetti-engineering-sas and update version with latest that
fixes build failure with Linux version 6.15. And of course let's update
package's URL due to the moving.

[0]: https://github.com/lwfinger/rtl8812au/issues/32
[1]: https://lwn.net/Articles/979419/

Fixes:
still not occured.

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-21 22:54:21 +02:00
Giulio Benetti 54ee4a71c0 package/rtl8723ds: fix build failure with Linux 6.15
Benetti Engineering just took over Larry Finger(lwfinger)'s repository [0]
rtl8723ds since Larry unfortunately passed away[1](RIP) and there are
pending PRs that will never be checked as stated here. So basically move
github user to benetti-engineering-sas and update version with latest that
fixes build failure with Linux version 6.15. And let's drop local patches
that are now upstreamed as well. And of course let's update package's
URL due to the moving.

[0]: https://github.com/lwfinger/rtl8723ds/issues/53
[1]: https://lwn.net/Articles/979419/

Fixes:
still not occured.

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-21 22:54:21 +02:00
Giulio Benetti d1fc513da7 package/rtl8723bu: fix build failure with Linux 6.15
Benetti Engineering just took over Larry Finger(lwfinger)'s repository
rtl8723bu since Larry unfortunately passed away[0](RIP) and there are
pending PRs that will never be checked as stated here[1]. So basically move
github user to benetti-engineering-sas and update version with latest that
fixes build failure with Linux version 6.15. And of course let's update
package's URL due to the moving.

[0]: https://lwn.net/Articles/979419/
[1]: https://github.com/lwfinger/rtl8723bu/issues/206

Fixes:
still not occured.

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-21 22:54:21 +02:00
Giulio Benetti 165b12299b package/wilc-driver: fix build failure with Linux 6.15
Add 2 local patches pending upstream to fix build failure with Linux 6.15.

Fixes:
still not occured.

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-21 22:54:21 +02:00
Giulio Benetti 95896bbb2b package/rtl8812au-aircrack-ng: fix build with Linux 6.15
Add local patch pending upstream to fix build failure with Linux 6.15.

Fixes:
still not occured.

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-21 22:54:20 +02:00
Giulio Benetti fb67d224be package/rtl8192eu: bump to 2025-06-09 version
This version allows to build with Linux 6.16.

Fixes:
still not occured.

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-21 22:28:23 +02:00
Giulio Benetti 3d9333a562 package/rtl8189fs: bump to version 2025-06-21
With this version we can build with Linux 6.14.

Fixes:
still not occured.

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-21 22:28:23 +02:00
Giulio Benetti 958736773a package/rtl8189es: bump to version 2025-06-21
With this version we can build with Linux 6.15.

Fixes:
still not occured.

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
[Julien: remove empty line in hash file to fix check-package error]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-21 22:28:23 +02:00
Giulio Benetti a9c5dc024a package/rtl8188eu: move upstream to Benetti Engineering Github to fix Linux 6.15 build failure
Benetti Engineering just took over Larry Finger(lwfinger)'s repository
rtl8188eu since Larry unfortunately passed away[0](RIP) and there are
pending PRs that will never be checked as stated here[1]. So basically move
github user to benetti-engineering-sas and update version with latest that
fixes build failure with Linux version 6.15. And let's drop local patches
that are now upstreamed as well. Let's also drop obsolete Config.in
informations since as stated here[2]: "This driver is under development
and has a limited feature set. In particular it does not yet support 40MHz
channels and power management". At the same time drop other suggestions
like enabling CONFIG_WIRELESS_EXT or "this package needs a firmware loading
mechanism to load the binary blob for the chip to work" since they are now
part of the package. And of course let's update package's URL due to the
moving.

[0]: https://lwn.net/Articles/979419/
[1]: https://github.com/lwfinger/rtl8188eu/pull/464

Fixes:
https://autobuild.buildroot.org/results/d59537da8eb27d737718885dc81ec257a2791455/

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Reviewed-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-21 22:16:35 +02:00
James Hilliard 784f52b647 package/python-propcache: bump to version 0.3.2
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-21 00:20:24 +02:00
James Hilliard 58fe0bb360 package/python-alembic: bump to version 1.16.4
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-20 22:53:52 +02:00
James Hilliard 0b78b8f9e4 package/python-aiosignal: bump to version 1.4.0
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-20 22:53:48 +02:00
James Hilliard 723651ed0e package/python-aiojobs: bump to version 1.4.0
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-20 22:53:45 +02:00
James Hilliard f4f62f8727 package/python-aiohttp-cors: bump to verison 0.8.1
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-20 22:53:41 +02:00
James Hilliard 611fd9b8e7 package/python-aiodns: bump to version 3.5.0
License hash changed due to formatting:
https://github.com/aio-libs/aiodns/commit/924b981471b676e90a1f38b1e20223c18b899a0b

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-20 22:53:37 +02:00
James Hilliard f5b13a148f package/python-aiocoap: bump to version 0.4.14
License hash changed due to adding SPDX header:
https://github.com/chrysn/aiocoap/commit/e666dd6515479f44fda6b5610064025ada56e199

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-20 22:53:33 +02:00
Giulio Benetti ee2d58751e package/harfbuzz: bump to version 11.3.0
Release Notes:
https://github.com/harfbuzz/harfbuzz/releases/tag/11.3.0

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-20 22:23:02 +02:00
Peter Korsgaard 00b30f887a toolchain/toolchain-wrapper.c: get rid of EXCLUSIVE_ARGS
Rather than having a hard coded amount of exclusive args (with the risk of
overflow when new logic is added), simplify the argument buffer allocation
logic to always allocate room for DEFAULT_MAX_ARGS (1024) arguments and just
realloc to grow for the rare situation where that is not enough.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-20 18:32:25 +02:00
Peter Korsgaard 6b8ffbf97b toolchain/toolchain-wrapper.c: slightly simplify cmdline copying
C99 section 5.1.2.2.1p2 mandates that:

- argv[argc] shall be a null pointer.

https://www.open-std.org/jtc1/sc22/wg14/www/docs/n1256.pdf

So we might as well copy the null pointer along in the memcpy() rather than
copy everything up to the null pointer and then add one afterwards for
simplicity.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-20 18:32:21 +02:00
Dario Binacchi 91b9d8c32b configs/imx8mn_bsh_smm_s2[_pro]: bump Linux to 6.12.39 and U-Boot to 2025.07
The patch bumps the Linux kernel to version 6.12.39 and U-Boot to
version 2025.07. The patches applied to U-Boot by Buildroot have been
removed, as they are included in version 2025.07.

The patch has been tested on both boards.

Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-20 17:40:44 +02:00
Petr Vorel 0ccd9300cd package/ltp-testsuite: backport musl build fixes
When building LTP with a musl toolchain with kernel headers >= 6.14,
compilation fails with error:

    In file included from listmount02.c:22:
    listmount.h: In function ‘listmount’:
    listmount.h:18:16: error: variable ‘req’ has initializer but incomplete type
       18 |         struct mnt_id_req req = {
          |                ^~~~~~~~~~

The issue can be reproduced with commands:

    cat >.config <<EOF
    BR2_aarch64=y
    BR2_TOOLCHAIN_BUILDROOT_MUSL=y
    BR2_LINUX_KERNEL=y
    BR2_LINUX_KERNEL_LATEST_VERSION=y
    BR2_LINUX_KERNEL_USE_ARCH_DEFAULT_CONFIG=y
    BR2_PACKAGE_LTP_TESTSUITE=y
    EOF
    make olddefconfig
    make ltp-testsuite

Backport 2 commits from upstream which fixes LTP on musl on
kernel >= 6.14.

Signed-off-by: Petr Vorel <petr.vorel@gmail.com>
[Julien:
 - add commands to reproduce the issue in commit log
 - move _AUTORECONF up to be nearer _VERSION
]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-20 17:23:58 +02:00
Gwenhael Goavec-Merou c430f54f36 package/soapy-sdr: new package
Soapy SDR - vendor and platform neutral SDR support library.

Signed-off-by: Gwenhael Goavec-Merou <gwenhael.goavec-merou@trabucayre.com>
[Julien: remove commented _DEPENDENCIES]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-20 16:37:24 +02:00
Michael Nosthoff 947deda6ff package/gtest: bump to version 1.17.0
- bump gcc minimum to 7 as C++17 support is mandatory

Release Notes: https://github.com/google/googletest/releases

Signed-off-by: Michael Nosthoff <buildroot@heine.tech>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-20 15:17:56 +02:00
Marcus Hoffmann 6bcc6aba29 package/apscheduler: new runtime test
Signed-off-by: Marcus Hoffmann <buildroot@bubu1.eu>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-20 15:08:14 +02:00
Marcus Hoffmann 26900bc6c9 package/python-apscheduler: new package
Signed-off-by: Marcus Hoffmann <buildroot@bubu1.eu>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-20 15:08:14 +02:00
Marcus Hoffmann 205dfb943a package/python-crc: new runtime test
Signed-off-by: Marcus Hoffmann <buildroot@bubu1.eu>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-20 13:32:12 +02:00
Marcus Hoffmann a0f094b067 package/python-crc: new package
Signed-off-by: Marcus Hoffmann <buildroot@bubu1.eu>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-20 13:31:35 +02:00
Neal Frager c52d711923 board/zynqmp: update custom board documentation
Update the zynqmp readme.txt file to use BR2_TARGET_UBOOT_ZYNQMP_PSU_INIT_FILE
option for configuring custom zynqmp boards with Buildroot.  There is no need
for any custom / manual steps since the support is included with Buildroot.

Signed-off-by: Neal Frager <neal.frager@amd.com>
Reviewed-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-20 13:25:40 +02:00
Francois Perrad 90aa3e120d configs/olimex_a20_olinuxino_lime*: bump Linux
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-20 13:01:42 +02:00
Yegor Yefremov ea797e760b package/watchdog: do not guard shutdown __GLIBC__
These headers are provided by uclibc/musl/glibc and bionic so we can
assume they are not needed to be glibc specific includes. This also
ensures that we get proper declaration of reboot() API.

Upstream:
https://sourceforge.net/p/watchdog/code/ci/aa371bf201b1d59c595a1ad7b3464ae544ed142f/

Fixes:
https://autobuild.buildroot.org/results/3e67d5b3b89d794e3f6c510803368f8b100b07a7/

Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
[Julien: reformat Upstream: tag in patch to fix check-package error]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-20 12:43:46 +02:00
Bernd Kuhls c72557eaf8 package/ntp: add Upstream tag to patch 0001
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-20 11:54:09 +02:00
Bernd Kuhls 526ab2f6c0 package/ntp: fix build with gcc-14
Fixes:
https://autobuild.buildroot.org/results/114/114a81f216b44a00c5de830e21315df68a62987d/

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-20 11:54:06 +02:00
Bernd Kuhls 6a20660c5a package/ntp: fix OpenSSL detection
Fixes:
https://autobuild.buildroot.org/results/261e630f20dd20b7f606a7bcbd8fa7b50ce82fbe/

The build error occurs when libatomic is needed for linking.
In ntp_openssl.m4 the result of OpenSSL's pkgconf was omitted.

Enable configure option --enable-verbose-ssl to help future debugging:
configure: ntp_ssl_libs_l:   (-lssl -lcrypto -latomic)

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-20 11:54:02 +02:00
Marcus Hoffmann b84226a51f package/python-log-rate-limit: new package
Signed-off-by: Marcus Hoffmann <buildroot@bubu1.eu>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-19 21:15:07 +02:00
Gero Schwäricke 69b2777291 package/rauc-hawkbit-updater: fix missing user
Systemd support for the RAUC hawkbit updater was added in

  4aa7a4ad8a (package/rauc-hawkbit-updater: add systemd optional dependency, 2024-07-10)

This installs the RAUC hawkbit updater service, which executes as user
"rauc-hawkbit" [1], which doesn't exist by default.

[1] https://github.com/rauc/rauc-hawkbit-updater/blob/2711c0e02781eb9d97285c87197f1bafef75d0d1/script/rauc-hawkbit-updater.service

Signed-off-by: Gero Schwäricke <gero.schwaericke@sevenlab.de>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-19 21:07:50 +02:00
Fiona Klute (WIWA) 7c8cca9baa package/network-manager: set "nft" path if BR2_PACKAGE_NFTABLES=y
Nftables should be preferred over iptables if available, which
NetworkManager will do if both paths are set.

Signed-off-by: Fiona Klute (WIWA) <fiona.klute@gmx.de>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-19 16:45:51 +02:00
Fiona Klute (WIWA) 5e3114cd2f package/network-manager: bump version to 1.52.1
Upstream changelog:
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/blob/1.52.1/NEWS?ref_type=tags

Not mentioned in the changelog is a new build option to set the path
of ip6tables [1], add it next to the existing iptables path setting.

[1] https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/commit/57321f78c9aaad23099e80f7945ef996acbaa7cc

Signed-off-by: Fiona Klute (WIWA) <fiona.klute@gmx.de>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-19 16:45:48 +02:00
Federico Pellegrin 2c7d6b9dbe package/bpftool: bump to version 7.5.0
Changes: https://github.com/libbpf/bpftool/releases

This upgrade fixes as well linking problems to LLVM libraries in
the previous version on Buildroot 2025.05 and master.

Signed-off-by: Federico Pellegrin <fede@evolware.org>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-19 16:30:23 +02:00
Federico Pellegrin d9d99eae4d package/netsniff-ng: bump to 0.6.9
Changes: https://github.com/netsniff-ng/netsniff-ng/releases/tag/v0.6.9

Remove now upstreamed patch 0001-Detect-libpcap-dependencies-using-pkg-config.patch.
Fixes also: https://patchwork-proxy.ozlabs.org/project/buildroot/patch/20240829075015.39164-1-fede@evolware.org/

Signed-off-by: Federico Pellegrin <fede@evolware.org>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-19 16:19:10 +02:00
Titouan Christophe 3c312f149b package/assimp: security bump to v6.0.2
For release notes since version 5.4.3, see:
https://github.com/assimp/assimp/releases

This fixes the following vulnerabilities:

- CVE-2025-2750:
    A vulnerability, which was classified as critical, was found in Open
    Asset Import Library Assimp 5.4.3. This affects the function
    Assimp::CSMImporter::InternReadFile of the file
    code/AssetLib/CSM/CSMLoader.cpp of the component CSM File Handler. The
    manipulation leads to out-of-bounds write. It is possible to initiate
    the attack remotely. The exploit has been disclosed to the public and
    may be used.
    https://www.cve.org/CVERecord?id=CVE-2025-2750

- CVE-2025-2751:
    A vulnerability has been found in Open Asset Import Library Assimp
    5.4.3 and classified as problematic. This vulnerability affects the
    function Assimp::CSMImporter::InternReadFile of the file
    code/AssetLib/CSM/CSMLoader.cpp of the component CSM File Handler. The
    manipulation of the argument na leads to out-of-bounds read. The
    attack can be initiated remotely. The exploit has been disclosed to
    the public and may be used.
    https://www.cve.org/CVERecord?id=CVE-2025-2751

- CVE-2025-2757:
    A vulnerability classified as critical was found in Open Asset Import
    Library Assimp 5.4.3. This vulnerability affects the function
    AI_MD5_PARSE_STRING_IN_QUOTATION of the file
    code/AssetLib/MD5/MD5Parser.cpp of the component MD5 File Handler. The
    manipulation of the argument data leads to heap-based buffer overflow.
    The attack can be initiated remotely. The exploit has been disclosed
    to the public and may be used.
    https://www.cve.org/CVERecord?id=CVE-2025-2757

- CVE-2025-3158:
    A vulnerability, which was classified as critical, has been found in
    Open Asset Import Library Assimp 5.4.3. Affected by this issue is the
    function Assimp::LWO::AnimResolver::UpdateAnimRangeSetup of the file
    code/AssetLib/LWO/LWOAnimation.cpp of the component LWO File Handler.
    The manipulation leads to heap-based buffer overflow. It is possible
    to launch the attack on the local host. The exploit has been disclosed
    to the public and may be used.
    https://www.cve.org/CVERecord?id=CVE-2025-3158

Also, drop local security patches that have been applied upstream

Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
[Julien: add link to relase notes]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-19 15:46:10 +02:00
Titouan Christophe 24639e0f72 package/mbedtls: security bump to v3.6.4
This is a security release of the Long Term Support branch, see release notes:
https://github.com/Mbed-TLS/mbedtls/releases/tag/mbedtls-3.6.4

Also update the download location, because upstream changed the tag naming
scheme from v<...> to mbedtls-<...>

This fixes the following vulnerabilities:

- CVE-2025-47917
    Fix possible use-after-free or double-free in code calling
    mbedtls_x509_string_to_names(). This was caused by the function calling
    mbedtls_asn1_free_named_data_list() on its head argument, while the
    documentation did no suggest it did, making it likely for callers relying
    on the documented behaviour to still hold pointers to memory blocks after
    they were free()d, resulting in high risk of use-after-free or double-free,
    with consequences ranging up to arbitrary code execution.
    In particular, the two sample programs x509/cert_write and x509/cert_req
    were affected (use-after-free if the san string contains more than one DN).
    Code that does not call mbedtls_string_to_names() directly is not affected.

- CVE-2025-48965
    Fix a bug in mbedtls_asn1_store_named_data() where it would sometimes leave
    an item in the output list in an inconsistent state with val.p == NULL but
    val.len > 0. This impacts applications that call this function directly,
    or indirectly via mbedtls_x509_string_to_names() or one of the
    mbedtls_x509write_{crt,csr}set{subject,issuer}_name() functions. The
    inconsistent state of the output could then cause a NULL dereference either
    inside the same call to mbedtls_x509_string_to_names(), or in subsequent
    users of the output structure, such as mbedtls_x509_write_names(). This
    only affects applications that create (as opposed to consume) X.509
    certificates, CSRs or CRLs, or that call mbedtls_asn1_store_named_data()

- CVE-2025-49087
    Fix a timing side channel in the implementation of PKCS#7 padding
    which would allow an attacker who can request decryption of arbitrary
    ciphertexts to recover the plaintext through a timing oracle attack.

- CVE-2025-49600:
    In MbedTLS 3.3.0 before 3.6.4, mbedtls_lms_verify may accept invalid
    signatures if hash computation fails and internal errors go unchecked,
    enabling LMS (Leighton-Micali Signature) forgery in a fault scenario.
    Specifically, unchecked return values in mbedtls_lms_verify allow an
    attacker (who can induce a hardware hash accelerator fault) to bypass
    LMS signature verification by reusing stale stack data, resulting in
    acceptance of an invalid signature. In mbedtls_lms_verify, the return
    values of the internal Merkle tree functions create_merkle_leaf_value
    and create_merkle_internal_value are not checked. These functions
    return an integer that indicates whether the call succeeded or not. If
    a failure occurs, the output buffer (Tc_candidate_root_node) may
    remain uninitialized, and the result of the signature verification is
    unpredictable. When the software implementation of SHA-256 is used,
    these functions will not fail. However, with hardware-accelerated
    hashing, an attacker could use fault injection against the accelerator
    to bypass verification.
    https://www.cve.org/CVERecord?id=CVE-2025-49600

- CVE-2025-49601:
    In MbedTLS 3.3.0 before 3.6.4, mbedtls_lms_import_public_key does not
    check that the input buffer is at least 4 bytes before reading a
    32-bit field, allowing a possible out-of-bounds read on truncated
    input. Specifically, an out-of-bounds read in
    mbedtls_lms_import_public_key allows context-dependent attackers to
    trigger a crash or limited adjacent-memory disclosure by supplying a
    truncated LMS (Leighton-Micali Signature) public-key buffer under four
    bytes. An LMS public key starts with a 4-byte type indicator. The
    function mbedtls_lms_import_public_key reads this type indicator
    before validating the size of its input.
    https://www.cve.org/CVERecord?id=CVE-2025-49601

- CVE-2025-52496:
    Mbed TLS before 3.6.4 has a race condition in AESNI detection if
    certain compiler optimizations occur. An attacker may be able to
    extract an AES key from a multithreaded program, or perform a GCM
    forgery.
    https://www.cve.org/CVERecord?id=CVE-2025-52496

- CVE-2025-52497:
    Mbed TLS before 3.6.4 has a PEM parsing one-byte heap-based buffer
    underflow, in mbedtls_pem_read_buffer and two mbedtls_pk_parse
    functions, via untrusted PEM input.
    https://www.cve.org/CVERecord?id=CVE-2025-52497

Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
[Julien: fix upstream hash URL in hash file]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-19 14:51:12 +02:00
Giulio Benetti 2bc9a3bf7e package/sunxi-mali-utgard-driver: bump to version 2025-07-18
The sunxi-mali-utgard-driver at git version 9926236a is failing
to build with kernel 6.15.

The issue has not been seen in autobuilder, but can be reproduced
with commands:

    cat >.config <<EOF
    BR2_aarch64=y
    BR2_TOOLCHAIN_EXTERNAL=y
    BR2_TOOLCHAIN_EXTERNAL_BOOTLIN=y
    BR2_LINUX_KERNEL=y
    BR2_LINUX_KERNEL_LATEST_VERSION=y
    BR2_LINUX_KERNEL_USE_ARCH_DEFAULT_CONFIG=y
    BR2_PACKAGE_SUNXI_MALI_UTGARD=y
    EOF
    make olddefconfig
    make sunxi-mali-utgard-driver

This new version fixes the issue and builds up to Linux 6.15.

Also, _SITE URL has moved to github benetti-engineering-sas so
let's modify accordingly.

Fixes:

    linux/mali_osk_timers.c: In function ‘_mali_osk_timer_del’:
    linux/mali_osk_timers.c:59:9: error: implicit declaration of function ‘del_timer_sync’ [-Wimplicit-function-declaration]

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
[Julien: add commands to reproduce the issue in commit log]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-19 14:39:31 +02:00
James Hilliard f38d4e63d7 package/python-dbus-fast: fix cython 3.1.x compatibility
Since python-cython bump to 3.1.2 in commit [1], python-dbus-fast
is failing to build.

Set --skip-dependency-check as dbus-fast specifies an unnecessarily
strict maximum cython version.

Fixes:
ERROR Missing dependencies:
	Cython<3.1.0,>=3

[1] https://gitlab.com/buildroot.org/buildroot/-/commit/b536caaec0d800ccf7669a50fce5192bce2405a6

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
[Julien: add reference to buildroot commit introducing the issue]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-19 14:03:23 +02:00
Marcus Hoffmann 90fdb03f47 package/python-msgpack: fix project url
The previous url pointed to an unrelated but similarly named project.

Signed-off-by: Marcus Hoffmann <buildroot@bubu1.eu>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-19 13:38:56 +02:00
Marcus Hoffmann 555c155007 package/python-msgpack: bump to version 1.1.1
Changelog: https://github.com/msgpack/msgpack-python/blob/main/ChangeLog.rst#111

Signed-off-by: Marcus Hoffmann <buildroot@bubu1.eu>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-19 13:38:52 +02:00
Marcus Hoffmann bbfd0951fa package/python-asgiref: switch upstream URL to https
Signed-off-by: Marcus Hoffmann <buildroot@bubu1.eu>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-19 13:26:58 +02:00
Marcus Hoffmann 358e85b966 package/python-asgiref: bump to 0.9.1
Release Notes:

* Fixed deletion of Local values affecting other contexts. (#523)

* Skip CPython specific garbage collection test on pypy. (#521)

3.9.0 (2025-07-03)
------------------

* Adds support for Python 3.13.

* Drops support for (end-of-life) Python 3.8.

* Fixes an error with conflicting kwargs between AsyncToSync and the wrapped
  function. (#471)

* Fixes Local isolation between asyncio Tasks. (#478)

* Fixes a reference cycle in Local (#508)

* Fixes a deadlock in CurrentThreadExecutor with nested async_to_sync →
  sync_to_async → async_to_sync → create_task calls. (#494)

* The ApplicationCommunicator testing utility will now return the task result
  if it's already completed on send_input and receive_nothing. You may need to
  catch (e.g.) the asyncio.exceptions.CancelledError if sending messages to
  already finished consumers in your tests. (#505)

Source: https://github.com/django/asgiref/blob/main/CHANGELOG.txt

Signed-off-by: Marcus Hoffmann <buildroot@bubu1.eu>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-19 13:26:55 +02:00
Marcus Hoffmann 14d1d58e1f package/python-typing-inspection: bump to 0.4.1
Release notes:
https://github.com/pydantic/typing-inspection/releases/tag/v0.4.1

LICENSE hash changed due to copyright holder line change in:
https://github.com/pydantic/typing-inspection/commit/f3a49c37707cb0b9ddcbc16c19caa75413247319

Signed-off-by: Marcus Hoffmann <buildroot@bubu1.eu>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-19 13:17:50 +02:00
Heiko Thiery 5e818c16a3 package/mesa3d: add support for imagination vulkan driver
This adds the experimental vulkan support for the PowerVR rogue
architecture.

Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-19 12:52:20 +02:00
Heiko Thiery 1eaeb6fcb9 package/linux-firmware: add support for PowerVR rogue
This "powervr" directory has been present in linux-firmware since
version 20231211.

Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Reviewed-by: Bryan Brattlof <bb@ti.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-19 12:45:01 +02:00
Heiko Thiery 57b6f97959 package/linux-firmware: add option for Chips&Media Wave 521C
Add an option to install the firmware files for Chips&Media Wave 521C
video processor used in the TI K3 architecture.

This "cnm/wave521c_k3_codec_fw.bin" file has been present in linux-firmware
since version 20221109.

Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Reviewed-by: Bryan Brattlof <bb@ti.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-19 12:44:58 +02:00
Julien Olivain 32e71aab76 package/rdma-core: bump to version v58.0
For change log since v56.0, see:
https://github.com/linux-rdma/rdma-core/releases/tag/v57.0
https://github.com/linux-rdma/rdma-core/releases/tag/v58.0

Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-19 12:42:21 +02:00
Julien Olivain ae5647d822 package/fluidsynth: bump to version 2.4.6
For change log since v2.4.5, see:
https://github.com/FluidSynth/fluidsynth/releases/tag/v2.4.6

Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-19 12:42:18 +02:00
Florian Larysch c42b26bb47 package/wireplumber: bump to 0.5.10
Release notes:
https://gitlab.freedesktop.org/pipewire/wireplumber/-/blob/0.5.10/NEWS.rst

Signed-off-by: Florian Larysch <fl@n621.de>
[Julien: update release note url to use tag]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-19 12:27:33 +02:00
Bernd Kuhls f1b4657bc0 package/libcddb: Fix build with gcc-14
libcddb fail to build with gcc-14 with error:

    cddb_net.c: In function 'timeout_connect':
    cddb_net.c:328:63: error: passing argument 5 of 'getsockopt' from incompatible pointer type [-Wincompatible-pointer-types]
      328 |                 getsockopt(sockfd, SOL_SOCKET, SO_ERROR, &rv, &l);
          |                                                               ^~
          |                                                               |
          |                                                               size_t * {aka long unsigned int *}

This commit adds a patch to fix the issue.

Fixes:
https://autobuild.buildroot.net/results/723/7236cf5fd4f33aabd3178586f877dff04d754abe/

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
[Julien: add error message in commit log]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-19 12:21:28 +02:00
Titouan Christophe dcf9df16d8 package/python-aiohttp: fix missing build dependency
Since aiohttp was bumped in e4451602eb,
it now requires pkgconfig at setup time, see upstream commit
https://github.com/aio-libs/aiohttp/commit/40563751adf02b811d5acf95696c096a4dbd9ed4

Reported-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-19 12:15:54 +02:00
Francois Perrad 4149871af1 package/lua-lrexlib-pcre2: new package
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-07-17 22:43:32 +02:00
James Hilliard 1796c4e405 package/python-cppy: bump to version 1.3.1
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-07-17 22:36:27 +02:00
James Hilliard b536caaec0 package/python-cython: bump to version 3.1.2
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-07-17 22:35:15 +02:00
James Hilliard fff98fd6ed package/python-hatch-fancy-pypi-readme: bump to version 25.1.0
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-07-17 22:35:02 +02:00
James Hilliard 6e0eb02013 package/python-hatch-vcs: bump to version 0.5.0
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-07-17 22:34:38 +02:00
James Hilliard 25d9e3c3d6 package/python-maturin: bump to version 1.9.1
Drop no longer required host-python-tomli dependency.

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-07-17 22:34:17 +02:00
James Hilliard dccb15884a package/python-setuptools-scm: bump to version 8.3.1
Drop no longer required host-python-typing-extensions dependency.

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-07-17 22:33:59 +02:00
James Hilliard 0b171693a9 package/python-setuptools: bump to version 80.9.0
Rebase add executable patch.

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-07-17 22:33:05 +02:00
James Hilliard 9626618831 package/python-setuptools-rust: bump to version 1.11.1
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-07-17 22:32:46 +02:00
James Hilliard 1f1c46ef4e package/python-tortoise-orm: bump to version 0.25.1
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-07-17 22:32:30 +02:00
James Hilliard 4dae2ee4fe package/python-pypika-tortoise: bump to version 0.6.1
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-07-17 22:31:56 +02:00
James Hilliard 81cf89d350 package/python-aerich: bump to version 0.9.1
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-07-17 22:31:34 +02:00
James Hilliard 5716dc9891 package/libjcat: bump to version 0.2.3
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-07-17 22:31:12 +02:00
James Hilliard f5128711e3 package/vala: bump to version 0.56.18
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-07-17 22:30:16 +02:00
James Hilliard c05bf8c6c7 package/p11-kit: bump to version 0.25.5
Drop patch which is now upstream.

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-07-17 22:29:47 +02:00
Titouan Christophe e4451602eb package/python-aiohttp: security bump to v3.12.14
This fixes the following vulnerability:
- CVE-2025-53643:
    In aiohttp prior to version 3.12.14, the Python parser is vulnerable
    to a request smuggling vulnerability due to not parsing trailer
    sections of an HTTP request. If a pure Python version of aiohttp is
    installed (i.e. without the usual C extensions) or
    AIOHTTP_NO_EXTENSIONS is enabled, then an attacker may be able to
    execute a request smuggling attack to bypass certain firewalls or
    proxy protections. Version 3.12.14 contains a patch for this issue.
    https://www.cve.org/CVERecord?id=CVE-2025-53643

Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-07-17 22:28:50 +02:00
Francois Perrad c83d49486e configs/olimex_a20_olinuxino_lime*: bump Linux and U-Boot
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-17 22:01:40 +02:00
Dario Binacchi d3e89ca947 configs/imx6ulz_bsh_smm_m2: bump Linux to 6.12.36 and U-Boot to 2025.07
The patch bumps the Linux kernel to version 6.12.36 and U-Boot to
version 2025.07.

Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-17 21:22:37 +02:00
Dario Binacchi 87be5a1e70 package/ufs-utils: bump to version 7.14.12
Release notes:
https://github.com/SanDisk-Open-Source/ufs-utils/releases/tag/v7.14.12

Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-17 21:19:14 +02:00
Florian Larysch fecc337d21 Revert "package/ffmpeg: add support for pulseaudio"
This reverts commit e44aff6b1b which added
support for linking ffmpeg against libpulse if it is present to provide
libavdevice support for the PulseAudio protocol. However, it turns out
that this creates a dependency cycle when BR2_PACKAGE_LIBSOXR is
enabled, since the pulseaudio daemon can use libsoxr for resampling and
libsoxr can use the FFT implementation from ffmpeg.

Resolving this would probably mean breaking up the pulseaudio package
into the client libraries and the daemon proper (a standalone libpulse
without the daemon is still useful since it can talk to a remote daemon
via the network or more likely today talk to a local instance of
PipeWire, which also implements the PulseAudio protocol).

For now, break the dependency cycle by reverting to the original state
(no pulseaudio client support in ffmpeg).

Reported-by: Titouan Christophe <titouan.christophe@mind.be>
Signed-off-by: Florian Larysch <fl@n621.de>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-17 21:12:44 +02:00
Yann E. MORIN 413b9774a4 package/slirp4netns: bump to version 1.3.3
For release note, see:
https://github.com/rootless-containers/slirp4netns/releases/tag/v1.3.3

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
[Julien: add link to release note]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-15 23:50:31 +02:00
Yann E. MORIN ad46554dc0 package/runc: bump to version 1.3.0
For release notes since version 1.2.4, see:
https://github.com/opencontainers/runc/releases

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Christian Stewart <christian@aperture.us>
[Julien: add link to release notes]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-15 23:50:31 +02:00
Yann E. MORIN faff38912b package/podman: security bump to version 5.5.2
For release notes since 5.4.1, see:
https://github.com/containers/podman/releases

The release 5.5.2 includes a security fix for CVE-2025-6032.

Fixes:
https://github.com/advisories/GHSA-65gg-3w2w-hr4h
https://www.cve.org/CVERecord?id=CVE-2025-6032

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
[Julien:
 - mark as a security bump
 - add link to release notes
 - add link to CVE
]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-15 23:50:31 +02:00
Yann E. MORIN 6a192b0d28 package/passt: bump to version 2025.06.11
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-15 23:50:31 +02:00
Yann E. MORIN c5fe7e9639 package/docker-engine: bump to version 28.3.2
For release notes since version 27.5.1, see:
https://github.com/moby/moby/releases

Since version 28.0.0, docker-engine requires the RAW netfilter table, so
enable that as part of the kernel fixups.

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Christian Stewart <christian@aperture.us>
[Julien: add link to release notes]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-15 23:50:31 +02:00
Yann E. MORIN eca78cae6b package/docker-credential-gcr: bump to version 2.1.30
For release notes since version 2.1.26, see:
https://github.com/GoogleCloudPlatform/docker-credential-gcr/releases

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Yann E. MORIN <yann.morin@orange.com>
[Julien: add link to release notes]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-15 23:50:31 +02:00
Yann E. MORIN d3c2256eb0 package/docker-compose: bump to version 2.38.2
For release notes since version 2.32.4, see:
https://github.com/docker/compose/releases

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Christian Stewart <christian@aperture.us>
Cc: Peter Korsgaard <peter@korsgaard.com>
[Julien: add link to release notes]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-15 23:50:31 +02:00
Yann E. MORIN cb98524ca2 package/docker-cli-buildx: bump to version 0.25.0
For release notes since version 0.16.1, see:
https://github.com/docker/buildx/releases

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
[Julien: add link to release notes]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-15 23:50:31 +02:00
Yann E. MORIN 85ed3e271d package/docker-cli: bump to version 28.3.2
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Christian Stewart <christian@aperture.us>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-15 23:50:31 +02:00
Yann E. MORIN ec5305cb4c package/crun: bump to version 1.22
For release notes since 1.18.2, see:
https://github.com/containers/crun/releases

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Christian Stewart <christian@aperture.us>
[Julien: add link to release notes]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-15 23:50:31 +02:00
Yann E. MORIN a6a2d40684 package/amazon-ecr-credential-helper: bump to version 0.10.1
For release notes since 0.9.1, see:
https://github.com/awslabs/amazon-ecr-credential-helper/releases

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Yann E. MORIN <yann.morin@orange.com>
[Julien: add link to release notes]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-15 23:50:31 +02:00
Yann E. MORIN 0df8b84ecb package/{aardvark-dns, netavark}: bump to versions 1.15.x
Bump the versions of those two packages, that must be updated in
lock-step to minor-level compatible versions.

For release notes, see:
https://github.com/containers/aardvark-dns/releases
https://github.com/containers/netavark/releases

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
[Julien: add link to release notes]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-15 23:50:31 +02:00
Yann E. MORIN 34e4480950 support/testing: add a crun-based runtime test for docker-compose
Via the docker-compose runtime test, we can exercise the full suite of
the docker-related packages: docker-compose, of course, but also
docker-engine, which in turn allows exercising containerd. The latter
by defualt uses runc as the container runtime, but can alternatively use
crun.

Extend the docker-compose runtime test with a variant that enables crun.

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-15 23:50:31 +02:00
Yann E. MORIN ed99b77e5d package/passt: needs headers >= 5.0
Upstream passt only documents runtime dependencies; and they advertise
being able to run on kernel 3.8 or later. However, they do not document
the build dependencies.

As reported by Julien, since 2024_12_11.09478d5, upstream requires
kernel headers >= 5.0, as they make use of linux/vhost_types.h, only
introduced in 5.0.

Add a dependency to kernel headers, and propagate it to podman's passt
backend.

Reported-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Yann E. MORIN <yann.morin@orange.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-15 21:13:52 +02:00
Marcus Hoffmann b17a5979c3 package/python-starlette: bump to 0.47.1
Release notes:
* https://github.com/encode/starlette/releases/tag/0.47.0
* https://github.com/encode/starlette/releases/tag/0.47.1

Signed-off-by: Marcus Hoffmann <buildroot@bubu1.eu>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-14 19:32:02 +02:00
Marcus Hoffmann 25d8e7f1a0 package/python-fastapi: bump to 0.116.1
Release notes:
* https://github.com/fastapi/fastapi/releases/tag/0.116.0
* https://github.com/fastapi/fastapi/releases/tag/0.116.1

Signed-off-by: Marcus Hoffmann <buildroot@bubu1.eu>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-14 19:31:58 +02:00
Marcus Hoffmann 529bbd861a package/python-pyproject-metadata: bump to version 0.9.1
Release notes:
https://github.com/pypa/pyproject-metadata/releases/tag/0.9.1

Signed-off-by: Marcus Hoffmann <buildroot@bubu1.eu>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-14 19:25:13 +02:00
Marcus Hoffmann b67ca753c9 package/python-flit-core: bump to 3.12
Release notes:
https://flit.pypa.io/en/stable/history.html#version-3-12

Signed-off-by: Marcus Hoffmann <buildroot@bubu1.eu>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-14 15:29:28 +02:00
Scott Fan 6c80b71c8c package/chrony: bump to version 4.7
Release notes: https://chrony-project.org/news.html

Since this release, building without POSIX threads is no longer supported.
So add a depends on BR2_TOOLCHAIN_HAS_THREADS.

Signed-off-by: Scott Fan <fancp2007@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-14 15:18:08 +02:00
Thomas Perale 84077c7776 package/libesmtp: bump to version v1.1.0-14-g335ee8d to fix build with gcc-14
When building libesmtp on the autobuilder with gcc-14, the
following error occurs:

    /workdir/instance-0/output-1/per-package/libesmtp/host/bin/arc-linux-gcc -Ilibesmtp.so.6.2.0.p -I. -I.. -I/workdir/instance-0/output-1/per-package/libesmtp/host/arc-buildroot-linux-gnu/sysroot/usr/include -fdiagnostics-color=always -Wall -Winvalid-pch -std=c11 -O3 -D_POSIX_C_SOURCE=200809L -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -Os -g0 -D_FORTIFY_SOURCE=2 -fPIC -pthread -MD -MQ libesmtp.so.6.2.0.p/smtp-api.c.o -MF libesmtp.so.6.2.0.p/smtp-api.c.o.d -o libesmtp.so.6.2.0.p/smtp-api.c.o -c ../smtp-api.c
    ../smtp-api.c: In function 'smtp_version':
    ../smtp-api.c:1183:7: error: implicit declaration of function 'strlcpy'; did you mean 'strncpy'? [-Wimplicit-function-declaration]
     1183 |   if (strlcpy (buf, v, len) > len)
          |       ^~~~~~~
          |       strncpy

This error has been fixed upstream in commit [1], but no new release
has been made since.
This patch update the package version to fetch the latest upstream
commit v1.1.0-14-g335ee8d.

For the changes, see:

 - https://github.com/libesmtp/libESMTP/compare/v1.1.0...335ee8d2fa5cb7d30db7b818ec05563ad139ee2f

[1] https://github.com/libesmtp/libESMTP/commit/972eb547493357681b1b7012ef20618e6831cfde

Fixes: https://autobuild.buildroot.org/results/ced/ceda012506edccda1727904eb3327017b07e27d8
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
[Julien:
 - mention gcc-14 as the root cause of the build failure
 - use "git describe --tags --abbrev=40" format in _VERSION
]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-14 12:34:58 +02:00
Fiona Klute 41258a8194 package/eudev: refactor init script and rename it to S10udevd
This brings the script in line with current init script standards, and
fixes all make check-package warnings. Other notable changes:

* Use start-stop-daemon to create a PID file, so we can monitor shutdown.

* Use "udevadm control --exit" to implement stop, instead of "killall".

* Do not require /etc/udev/udev.conf to exist, the default contains
  only comments and udevd works without.

* Do not parse /etc/udev/udev.conf, the udev_root configuration option
  it was used for has been removed in version 1.5.1 [1].

* Implement reload using udevadm.

[1] https://github.com/eudev-project/eudev/commit/6ada823a9a0979ea145fd70add1007c21caa45c0

Signed-off-by: Fiona Klute <fiona.klute@gmx.de>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-14 11:48:31 +02:00
Fiona Klute abdc96eaf8 package/eudev: install hwdb.bin to libexecdir
The hwdb sources are always deleted from the rootfs image (see commit
07aa585aa6), so the resulting hwdb.bin
is installed package data, not user configuration. The name of the
"--usr" flag to "udevadm hwdb" may be confusing, but it chooses the
libexecdir location, whether that is in /usr or not.

Eudev checks both locations and prefers the one in /etc if it exists,
so overriding the configuration in an installed system is possible as
before, with the advantage that /etc/udev/hwdb.bin (if any) can be
deleted to restore defaults.

Signed-off-by: Fiona Klute <fiona.klute@gmx.de>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-14 11:48:27 +02:00
Fiona Klute 993c0ba460 package/eudev: remove obsolete --disable-introspection configure flag
It was removed from eudev with version 1.5.1, when introspection
became part of the gudev option [1]. This has in turn been removed and
replaced by package/libgudev, yet somehow the flag stayed. Remove it
to remove a warning during configure stage.

[1] https://github.com/eudev-project/eudev/commit/d5d6a7f3040992f853eb23eb1bafac3b77891c2d

Signed-off-by: Fiona Klute <fiona.klute@gmx.de>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-14 11:48:10 +02:00
Marcus Hoffmann 8d1d851d78 package/python-typing-extensions: update description
Minimum python version is now 3.9, but also it's not really relevant to
mention this in the package description.

Signed-off-by: Marcus Hoffmann <buildroot@bubu1.eu>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-14 11:18:22 +02:00
Marcus Hoffmann 9189e74ef8 package/python-typing-extensions: bump to 4.14.1
Changes: https://github.com/python/typing_extensions/releases/tag/4.14.1

Signed-off-by: Marcus Hoffmann <buildroot@bubu1.eu>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-14 11:18:18 +02:00
Marcin Niestroj 557692a05f package/python-typing-extensions: bump to 4.14.0
See [1] for changelog.

[1] https://github.com/python/typing_extensions/blob/main/CHANGELOG.md#release-4140-june-2-2025

Signed-off-by: Marcin Niestroj <m.niestroj@grinn-global.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-13 17:35:45 +02:00
Marcin Niestroj 3721a73a89 package/python-pytest-asyncio: bump to 1.0.0
See [1] for changelog.

[1] https://github.com/pytest-dev/pytest-asyncio/blob/main/docs/reference/changelog.rst#100---2025-05-26

Signed-off-by: Marcin Niestroj <m.niestroj@grinn-global.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-13 17:30:19 +02:00
Marcin Niestroj e5baa5ed13 package/python-pytest: bump to 8.4.0
See [1] for changelog.

[1] https://github.com/pytest-dev/pytest/blob/main/doc/en/changelog.rst#pytest-840-2025-06-02

Signed-off-by: Marcin Niestroj <m.niestroj@grinn-global.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-13 17:30:06 +02:00
Marcin Niestroj cccf9b9e5a package/python-pluggy: bump to 1.6.0
See [1] for changelog.

[1] https://github.com/pytest-dev/pluggy/blob/main/CHANGELOG.rst#pluggy-160-2025-05-15

Signed-off-by: Marcin Niestroj <m.niestroj@grinn-global.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-13 17:25:40 +02:00
Marcin Niestroj 655300a1be package/python-packaging: bump to 25.0
See [1] for changelog.

[1] https://github.com/pypa/packaging/blob/main/CHANGELOG.rst#250---2025-04-19

Signed-off-by: Marcin Niestroj <m.niestroj@grinn-global.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-13 17:18:07 +02:00
Bernd Kuhls 068ed20ba9 package/llvm-project: bump to version 20.1.8
Release notes:
https://discourse.llvm.org/t/llvm-20-1-8-released/87259

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-13 15:50:45 +02:00
Florian Larysch df7e428cf5 fs: erofs: reword "all-fragments" Kconfig text
Currently, both BR2_TARGET_ROOTFS_EROFS_ALL_FRAGMENTS and
BR2_TARGET_ROOTFS_EROFS_FRAGMENTS have the same Kconfig prompt, making
them hard to distinguish.

Reword the one for -Eall-fragments to be distinct.

Signed-off-by: Florian Larysch <fl@n621.de>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-13 15:46:23 +02:00
Francois Perrad d79bbd48eb package/luarocks: bump to version 3.12.2
For change log, see:
https://github.com/luarocks/luarocks/blob/v3.12.2/CHANGELOG.md

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
[Julien: add link to change log]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-13 15:32:13 +02:00
Andreas Ziegler ec477e7966 package/libmpdclient: update version to 2.23
Version 2.23 change log:

* support MPD protocol 0.24.0
  - allow window for listplaylist and listplaylistinfo
  - command "playlistlength", "protocol", "stickertypes",
            "stickernamestypes", "searchplaylist"
  - tag "ShowMovement"
  - new sticker find api
  - new subcommands for "tagtypes": "available", "reset"
* Support open end for mpd_search_add_window
* format floating-point numbers with the POSIX localew

Signed-off-by: Andreas Ziegler <br015@umbiko.net>
Tested-by: Andreas Ziegler <br015@umbiko.net>
[Julien: update signature link in hash file]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-13 13:36:28 +02:00
Bernd Kuhls c61d7d61b1 package/libcrossguid: bump version to v0.2.2-52-gca1bf4b
Needed for kodi 22.x.

Added build fix for >= gcc-13.

Switched build system to cmake following upstream:
https://github.com/graeme-hill/crossguid/commit/13683c56e559f93d75f8640488aa3335f43443ed

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
[Julien: use "git describe --tags --abbrev=40" format for _VERSION]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-13 13:25:15 +02:00
Bernd Kuhls 68751909a9 package/freeswitch: fix build with ffmpeg-7.x
This patch replaces the previous patch allowing to build with ffmpeg 6.x
with a patch which also allows to build with ffmpeg 7.x.

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-13 13:06:53 +02:00
Bernd Kuhls aa187f62d6 package/minidlna: Fix build with ffmpeg-7.0
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-13 13:00:51 +02:00
Bernd Kuhls 9135a8a5aa package/squeezelite: bump version
Update license hash due to various copyright year bumps:
https://github.com/ralph-irving/squeezelite/commits/master/LICENSE.txt

This version bump is needed for compatibility with the upcoming bump of
ffmpeg to version 7.1.x.

For change list, see:
https://github.com/ralph-irving/squeezelite/compare/71c012ad9ba102feb95823b7b9dc17e5305689c7...72e1fd8abfa9b2f8e9636f033247526920878718

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
[Julien: add link to change list]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-13 12:48:01 +02:00
Julien Olivain 565ee4a917 package/openblas: bump to version v0.3.30
For change log since v0.3.29, see:
https://github.com/OpenMathLib/OpenBLAS/releases/tag/v0.3.30

Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-13 12:39:47 +02:00
Tim Soubry bb1a568945 package/libxml2: add patch for CVE-2025-49795
This patch mitigates CVE-2025-49795 [1] by backporting the commit [2] to
libxml2 2.13.

[1] https://nvd.nist.gov/vuln/detail/cve-2025-49795
[2] https://gitlab.gnome.org/GNOME/libxml2/-/commit/499bcb78ab389f60c2fd634ce410d4bb85c18765
[3] https://security-tracker.debian.org/tracker/CVE-2025-49795

Signed-off-by: Tim Soubry <tim.soubry@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-12 23:48:02 +02:00
Tim Soubry 0df4585100 package/libxml2: add patch for CVE-2025-49794 & CVE-2025-49796
This patch fixes CVE-2025-49794 [1] and CVE-2025-49796 [2] by
backporting the commit from [3] to libxml2 2.13.

[1] https://nvd.nist.gov/vuln/detail/cve-2025-49794
[2] https://nvd.nist.gov/vuln/detail/cve-2025-49796
[3] https://gitlab.gnome.org/GNOME/libxml2/-/commit/71e1e8af5ee46dad1b57bb96cfbf1c3ad21fbd7b

Signed-off-by: Tim Soubry <tim.soubry@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-12 23:47:58 +02:00
Tim Soubry a1cf6bcc06 package/libxml2: add patch for CVE-2025-6021
This fixes an integer overflow vulnerability [1], in libxml2 version
2.13 by backporting the commit [2] from libxml2 2.14. This commit uses
the SIZE_MAX macro, for which stdint.h was included in tree.c, as done in [3].

[1] https://nvd.nist.gov/vuln/detail/CVE-2025-6021
[2] https://gitlab.gnome.org/GNOME/libxml2/-/commit/ad346c9a249c4b380bf73c460ad3e81135c5d781
[3] https://git.openembedded.org/openembedded-core/tree/meta/recipes-core/libxml/libxml2/CVE-2025-6021.patch

Signed-off-by: Tim Soubry <tim.soubry@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-12 23:47:53 +02:00
Thomas Perale cd6f2b465b package/libargtable2: fix build error with gcc-14
The following build error is happening on the autobuilder:

```
arg_int.c:60:12: error: implicit declaration of function 'isspace' [-Wimplicit-function-declaration]
   60 |     while (isspace(*ptr))
      |            ^~~~~~~
arg_int.c:33:1: note: include '<ctype.h>' or provide a declaration of 'isspace'
   32 | #include <limits.h>
  +++ |+#include <ctype.h>
   33 |
arg_int.c:89:8: error: implicit declaration of function 'toupper' [-Wimplicit-function-declaration]
   89 |    if (toupper(*ptr++)!=toupper(X))
      |        ^~~~~~~
arg_int.c:89:8: note: include '<ctype.h>' or provide a declaration of 'toupper'
```

Both `isspace` and `toupper` are declared in the `ctype.h` header.
This build error started to happen with gcc-14.
The `ctype.h` include was added in a later upstream commit.
This patch adds that upstream commit and strip everything else to only
patch that include.

Fixes: https://autobuild.buildroot.org/results/d38/d38e3e12f52c3fde08ab446ca14a1a7bd65c9469//
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
[Julien: add comment about gcc-14]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-12 23:31:48 +02:00
Yegor Yefremov d31694a8ef package/python-tornado: bump to version 6.5.1
For change log, see:

https://github.com/tornadoweb/tornado/releases/tag/v6.5.1

Drop an already upstreamed patch.

Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-12 22:21:58 +02:00
Bernd Kuhls 282e7add88 package/samba4: bump version to 4.22.3
Release notes:
https://www.samba.org/samba/history/samba-4.22.3.html

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-12 17:48:42 +02:00
Torben Voltmer 5716cb7c44 package/espflash: bump to version 4.0.1
Release notes:
https://github.com/esp-rs/espflash/releases/tag/v4.0.1

This commit updates license file hashes after year update
in upstream commit:
https://github.com/esp-rs/espflash/commit/3c56608a8a95a5148a28b68d4ca8332e58980e02

Signed-off-by: Torben Voltmer <mail@t-voltmer.net>
[Julien: update license file hashes]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-12 17:44:38 +02:00
Jesse Taube 051d145137 configs/imxrt1050-evk: bump U-Boot and switch to use extlinux.conf
Switch to extlinux instead of built in U-Boot script.
Drop custom U-Boot fragment and genimage config.
Update U-Boot from 2024.01 to 2025.07. This new U-Boot now
requires BR2_TARGET_UBOOT_NEEDS_PYLIBFDT=y in the defconfig.

Signed-off-by: Jesse Taube <Mr.Bossman075@gmail.com>
Reviewed-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
[Julien:
 - mention U-Boot bump in commit log
 - add BR2_TARGET_UBOOT_NEEDS_PYLIBFDT=y
]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-12 17:24:49 +02:00
Adrian Perez de Castro 8f427b78a9 package/libdex: bump to version 0.10.1
This is a bugfix release which includes a few improvements and fixes
leaks of Unix signal futures. Release notes:

  https://gitlab.gnome.org/GNOME/libdex/-/blob/0.10.1/NEWS

Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-12 13:36:57 +02:00
Adrian Perez de Castro 8b0bb89640 package/wpebackend-fdo: bump to version 1.16.0
This maintenance release solves build issues and memory leaks.
Release notes:

  https://wpewebkit.org/release/wpebackend-fdo-1.16.0.html
  https://wpewebkit.org/release/wpebackend-fdo-1.14.4.html

Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
[Julien: add link to 1.14.4 release note]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-12 13:25:31 +02:00
Adrian Perez de Castro b4ce212da1 package/libmanette: bump to version 0.2.12
Bugfix release, mainly adds dead zone for the Steam Deck analog sticks.
Release notes:

  https://gitlab.gnome.org/GNOME/libmanette/-/blob/0.2.12/NEWS

Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-12 13:15:00 +02:00
Tim Soubry 793c5ad89d package/ncmpc: bump version to 0.52
Applying version bump of ncmpc to version 0.52 as proposed in [1].
As from version 0.50 of ncmpc, fmt got added as a dependency [2]. This was
also added to package/ncmpc/Config.in and package/ncmpc/ncmpc.mk.

For release notes, see:
https://github.com/MusicPlayerDaemon/ncmpc/blob/v0.52/NEWS

Comparision between version 0.49 and 0.52:
https://github.com/MusicPlayerDaemon/ncmpc/compare/v0.49..v0.52

[1] https://lore.kernel.org/buildroot/20250707112536.1644236-1-tim.soubry@mind.be/T/#rb3b968fff23bac0298e33f473d63a1ad470d38e3
[2] https://github.com/MusicPlayerDaemon/ncmpc/commit/c3b0055d06f8e8efab7f388646beb7645b90d063

Signed-off-by: Tim Soubry <tim.soubry@mind.be>
Tested-by: Andreas Ziegler <br015@umbiko.net>
[Julien: change release note link to use tag]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-12 13:06:38 +02:00
Florian Larysch e44aff6b1b package/ffmpeg: add support for pulseaudio
Signed-off-by: Florian Larysch <fl@n621.de>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-12 12:47:26 +02:00
Jiaxun Yang 9431681402 arch/loongarch: Fix minimal GCC version for target arch options
As reported by Thomas in [1], autobuilders reported host-gcc-initial
failures at configure time, with message:

    Unknown arch in --with-arch=la64v1.0

Both la64v1.0 and la64v1.1 requires GCC 14 as minimum, introduced in
upstream commit [2].

[1] https://lore.kernel.org/buildroot/20250709225522.0a12e583@windsurf/
[2] https://gcc.gnu.org/git/?p=gcc.git;a=commit;h=b4ebdd153b2b068082b452772095260b03b78cc2

Fixes: https://autobuild.buildroot.org/results/04a904f08d6e0aacbd308692c99e77a334d72b95/
Signed-off-by: Jiaxun Yang <jiaxun.yang@flygoat.com>
[Julien:
 - add links to mailing list and upstream commit
 - remove unrelated comment change to previous commit
]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-12 12:40:13 +02:00
Jiaxun Yang 8b999bdf18 arch/loongarch: Fix toolchain triple ABI suffix
LoongArch GCC infers ABI from triple suffix, thus it's necesessary
to set up proper triple ABI suffixes for different ABI types.
See [1].

Adjust ABI suffix as per Table 10. List of possible <fabi-suffix>
in "LoongArch Toolchain Conventions Version 1.00" [2].

[1] https://gcc.gnu.org/git/?p=gcc.git;a=blob;f=gcc/config.gcc;h=a6f6efec4e103301225ef74c2d1159933d1c9cf8;hb=1757c320badc92c0628eafcd07d54585659692ed#l5102
[2] https://loongson.github.io/LoongArch-Documentation/LoongArch-toolchain-conventions-EN.html#_gnu_target_triplets_and_multiarch_specifiers

Link: https://lore.kernel.org/all/20250706105859.292908-1-ju.o@free.fr/
Suggested-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Jiaxun Yang <jiaxun.yang@flygoat.com>
[Julien:
 - add link to gcc sources infering ABI
 - update loongarch doc link to point to triplet section
]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-12 12:40:13 +02:00
Bernd Kuhls e7a175355b {linux, linux-headers}: bump 5.15.x / 6.{1, 6, 12, 15}.x series
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-11 21:51:04 +02:00
Scott Fan 271d083741 package/timescaledb: bump version to 2.21.0
Release notes: https://github.com/timescale/timescaledb/blob/2.21.0/CHANGELOG.md

Signed-off-by: Scott Fan <fancp2007@gmail.com>
Reviewed-by: Maxim Kochetkov <fido_max@inbox.ru>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-11 21:48:33 +02:00
Tim Soubry 3cf709e331 package/libhtp: security bump to version 0.5.49
Fixes a potential Denial of Service as described in [1].
Release notes:
https://github.com/OISF/libhtp/releases/tag/0.5.49

Fixes:
https://www.cve.org/CVERecord?id=CVE-2024-45797

[1] https://github.com/OISF/libhtp/security/advisories/GHSA-rqqp-24ch-248f

Signed-off-by: Tim Soubry <tim.soubry@mind.be>
[Julien: add link to fixed CVE]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-11 21:47:03 +02:00
Bernd Kuhls b4bd1edcd0 package/apache: security bump version to 2.4.64
Fixes CVE-2025-53020, CVE-2025-49812, CVE-2025-49630, CVE-2025-23048,
CVE-2024-47252, CVE-2024-43394, CVE-2024-43204 & CVE-2024-42516.

Changelog: https://downloads.apache.org/httpd/CHANGES_2.4.64

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-11 21:44:40 +02:00
Romain Naour 6c0a713c66 configs/beagley_ai_defconfig: new defconfig
Adds support for BeagleY-AI board by introducing the
beagley_ai_defconfig file and related support files.

The BeagleY-AI uses the TI J722S SoC, also known as AM67A, also
known as TDA4VEN or TDA4AEN.

Retrieve BSP settings from meta-ti (may be useful for other TI boards):

- Set BR2_TARGET_ARM_TRUSTED_FIRMWARE_TARGET_BOARD = "lite"
  meta-ti-bsp/conf/machine/include/j722s.inc:TFA_BOARD = "lite"

- Set BR2_TARGET_UBOOT_NEEDS_ATF_BL31 to provide BL31 variable pointing
  to ATF bl31.bin to the U-Boot build process [1].

- Set BR2_TARGET_ARM_TRUSTED_FIRMWARE_BL32_OPTEE to OP-TEE as BL32
  secure payload. meta-ti set "SPD=opteed" to build ATF [2].

- Set BR2_TARGET_OPTEE_OS_PLATFORM to "k3-am62x".
  meta-ti uses the OPTEEMACHINE to set optee-os platform [3].
  meta-ti]$ git grep OPTEEMACHINE
  meta-ti-bsp/conf/machine/include/j722s.inc:OPTEEMACHINE = "k3-am62x"

- Use am67a_beagley_ai_a53 and am67a_beagley_ai_r5 u-boot
  defconfigs introduced in u-boot v2025.07 [4]

- u-boot distroboot (bootflow) detect extlinux.conf file from the first
  SDcard partition, so we have to install the kernel and its dtb file.
  Use devicetreedir instead of devicetree in extlinux.conf file to
  avoid hardcoding the devicetree file name. TI boards are able to
  retrieve dtb file name from an EEPROM (see TI_I2C_BOARD_DETECT in
  uboot).

- Use 6.15.6 stable release instead of the latest 6.12 LTS since the
  k3-j722s support was only introduced in 6.11 kernels.

- Provide a hash file for all custom package version
  (arm-trusted-firmware, linux, ti-k3-r5-loader, uboot) to enable
  BR2_DOWNLOAD_FORCE_CHECK_HASHES.

[1] https://git.yoctoproject.org/meta-ti/commit/?id=e74b9a1746d4d04757c87c1920a0f743e55ff096
[2] https://git.yoctoproject.org/meta-ti/tree/meta-ti-bsp/recipes-bsp/trusted-firmware-a/trusted-firmware-a-ti.inc?h=09.02.00.004#n7
[3] https://git.yoctoproject.org/meta-arm/tree/meta-arm/recipes-security/optee/optee-os.inc?h=4.0.3#n23
[4] https://source.denx.de/u-boot/u-boot/-/commit/b27c94958b976213e3f21e53943a699ffa53f16e

More information about the board can be found at:
https://www.beagleboard.org/boards/beagley-ai

Signed-off-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-11 21:41:27 +02:00
Dario Binacchi d4c5cfe80d configs/beaglebone: bump Linux to 6.12.23-ti-arm32-r11 and U-Boot to 2025.07
The patch bumps the Linux kernel to version 6.12.23-ti-arm32-r11 and
U-Boot to version 2025.07.

Tested on beaglebone black.

Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-11 21:35:00 +02:00
Dario Binacchi 8fe9da71a3 configs/ti_am62x_sk: bump U-Boot and Linux versions
This patch bumps:

- U-Boot to version v2025.07
- Linux kernel to version 6.12.36 (LTS)

Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Reviewed-by: Bryan Brattlof <bb@ti.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-11 21:25:42 +02:00
Adrian Perez de Castro 676c4369d9 package/webkitgtk: bump to version 2.48.3
Fixes a number of crashes. Release notes:

  https://webkitgtk.org/2025/05/28/webkitgtk2.48.3-released.html

Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-09 21:54:56 +02:00
Yegor Yefremov ce839ea1b9 package/libconfig: bump to version 1.8.1
For change log, see:

https://github.com/hyperrealm/libconfig/releases/tag/v1.8.1

The download URL now points to
https://hyperrealm.github.io/libconfig/dist.

The COPYING.LIB file has been changed. See the following commit for
details:

https://github.com/hyperrealm/libconfig/commit/be4da0c2fd5d08cefb628af67b68d32907fc972a

Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-09 21:32:44 +02:00
Giulio Benetti 009559d42c package/liblo: bump to version 0.32
* Drop upstreamed local patch
* Add local patch pending upstream to fix build failure as static
  library
* Re-enable ipv6 support since it's been fixed upstream[1]

Release notes:
https://liblo.sourceforge.net/NEWS.html

[1]:
https://sourceforge.net/p/liblo/git/ci/968dff4d576ca102525c81beddb36a623890424b/

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-09 21:16:26 +02:00
Giulio Benetti 1db8472c39 DEVELOPERS: add Giulio Benetti to liblo
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-09 21:16:22 +02:00
Dario Binacchi e3a52cc941 package/ufs-utils: bump to version 7.14.11
Adding _GNU_SOURCE to CFLAGS was necessary to fix the following error
raised during the compilation of the new version:

ufs_emon.c: In function ‘do_emon’:
ufs_emon.c:455:51: error: ‘O_DIRECT’ undeclared (first use in this function); did you mean ‘O_DIRECTORY’?
  455 |         fill_data_fd = open("fill_file", O_RDWR | O_DIRECT | O_CREAT,
      |                                                   ^~~~~~~~
      |                                                   O_DIRECTORY
ufs_emon.c:455:51: note: each undeclared identifier is reported only once for each function it appears in

This _GNU_SOURCE define was added upstream in commit [1] in the Makefile
default CFLAGS, but since Buildroot redefines those it needs to be added
back.

Release notes:
https://github.com/SanDisk-Open-Source/ufs-utils/releases/tag/v7.14.11

[1] https://github.com/SanDisk-Open-Source/ufs-utils/commit/183e0deb28f13cfb3caf161fc6d0f3cd1edb05c2

Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
[Julien: add link to upstream commit to justify _GNU_SOURCE]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-09 21:07:39 +02:00
Fiona Klute (WIWA) de9d24bf2c package/tpm2-abrmd: rewrite init script
This brings the init script in line with current standards, including
PID file management.

The chown & chmod commands in the check_device function will run only
for systems without udev, and the permissions have been adjusted to
those udev would set.

Signed-off-by: Fiona Klute (WIWA) <fiona.klute@gmx.de>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-09 21:04:09 +02:00
Fiona Klute (WIWA) e0dcb7ba02 package/tpm2-abrmd: install D-Bus policy to /usr/share, not /etc
Default policies should go to /usr/share, /etc should be used to
override them locally if needed.

Signed-off-by: Fiona Klute (WIWA) <fiona.klute@gmx.de>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-09 21:04:09 +02:00
Fiona Klute (WIWA) 1d170a1c94 package/tpm2-abrmd: bump version to 3.0.0
With 3.0.0 users must be in the tss group to access tpm2-abrmd.

Upstream changelogs since 2.3.3:
https://github.com/tpm2-software/tpm2-abrmd/releases/tag/2.4.0
https://github.com/tpm2-software/tpm2-abrmd/releases/tag/2.4.1
https://github.com/tpm2-software/tpm2-abrmd/releases/tag/3.0.0

Tested with package/tpm2-pkcs11.

Signed-off-by: Fiona Klute (WIWA) <fiona.klute@gmx.de>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-09 21:04:09 +02:00
Titouan Christophe 62788e0e49 package/git: security bump to v2.50.1
Read the announcement: https://lwn.net/ml/all/xmqq5xg2wrd1.fsf@gitster.g/

This fixes the following vulnerabilities:

- CVE-2025-27613 (Gitk):
   When a user clones an untrusted repository and runs Gitk without
   additional command arguments, any writable file can be created and
   truncated. The option "Support per-file encoding" must have been
   enabled. The operation "Show origin of this line" is affected as
   well, regardless of the option being enabled or not.
   https://www.cve.org/CVERecord?id=CVE-2025-27613

- CVE-2025-27614 (Gitk):
   A Git repository can be crafted in such a way that a user who has
   cloned the repository can be tricked into running any script
   supplied by the attacker by invoking `gitk filename`, where
   `filename` has a particular structure.
   https://www.cve.org/CVERecord?id=CVE-2025-27614

- CVE-2025-46835 (Git GUI):
   When a user clones an untrusted repository and is tricked into
   editing a file located in a maliciously named directory in the
   repository, then Git GUI can create and overwrite any writable
   file.
   https://www.cve.org/CVERecord?id=CVE-2025-46835

- CVE-2025-48384:
   When reading a config value, Git strips any trailing carriage
   return and line feed (CRLF). When writing a config entry, values
   with a trailing CR are not quoted, causing the CR to be lost when
   the config is later read.  When initializing a submodule, if the
   submodule path contains a trailing CR, the altered path is read
   resulting in the submodule being checked out to an incorrect
   location. If a symlink exists that points the altered path to the
   submodule hooks directory, and the submodule contains an executable
   post-checkout hook, the script may be unintentionally executed
   after checkout.
   https://www.cve.org/CVERecord?id=CVE-2025-48384

- CVE-2025-48385:
   When cloning a repository Git knows to optionally fetch a bundle
   advertised by the remote server, which allows the server-side to
   offload parts of the clone to a CDN. The Git client does not
   perform sufficient validation of the advertised bundles, which
   allows the remote side to perform protocol injection.
   This protocol injection can cause the client to write the fetched
   bundle to a location controlled by the adversary. The fetched
   content is fully controlled by the server, which can in the worst
   case lead to arbitrary code execution.
   https://www.cve.org/CVERecord?id=CVE-2025-48385

- CVE-2025-48386:
   The wincred credential helper uses a static buffer (`target`) as a
   unique key for storing and comparing against internal storage. This
   credential helper does not properly bounds check the available
   space remaining in the buffer before appending to it with
   `wcsncat()`, leading to potential buffer overflows.
   https://www.cve.org/CVERecord?id=CVE-2025-48386

Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-09 20:53:15 +02:00
Titouan Christophe f52e17596d package/sngrep: security bump to v1.8.2
See the release notes:

- https://github.com/irontec/sngrep/releases/tag/v1.7.0
- https://github.com/irontec/sngrep/releases/tag/v1.8.0
- https://github.com/irontec/sngrep/releases/tag/v1.8.1
- https://github.com/irontec/sngrep/releases/tag/v1.8.2

This fixes the following vulnerabilities:

- CVE-2024-3119:
    A buffer overflow vulnerability exists in all versions of sngrep since
    v0.4.2, due to improper handling of 'Call-ID' and 'X-Call-ID' SIP
    headers. The functions sip_get_callid and sip_get_xcallid in sip.c use
    the strncpy function to copy header contents into fixed-size buffers
    without checking the data length. This flaw allows remote attackers to
    execute arbitrary code or cause a denial of service (DoS) through
    specially crafted SIP messages.
    https://www.cve.org/CVERecord?id=CVE-2024-3119

- CVE-2024-3120:
    A stack-buffer overflow vulnerability exists in all versions of sngrep
    since v1.4.1. The flaw is due to inadequate bounds checking when
    copying 'Content-Length' and 'Warning' headers into fixed-size buffers
    in the sip_validate_packet and sip_parse_extra_headers functions
    within src/sip.c. This vulnerability allows remote attackers to
    execute arbitrary code or cause a denial of service (DoS) via crafted
    SIP messages.
    https://www.cve.org/CVERecord?id=CVE-2024-3120

Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-09 20:48:43 +02:00
Bernd Kuhls 09880508cb {linux, linux-headers}: bump 6.{1, 6, 12, 15}.x series
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-08 23:13:46 +02:00
Dario Binacchi 0802f39a78 boot/uboot: bump to version 2025.07
Release announcement:
https://lists.denx.de/pipermail/u-boot/2025-July/593789.html

Changelog:
https://github.com/u-boot/u-boot/compare/v2025.04...v2025.07

Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-08 23:04:14 +02:00
Marcus Hoffmann 35708db024 package/sudo: fix SUDO_ENABLE_SUDO_GROUP_RULE following version bump
Since the version bump of sudo to 1.9.17p1 [1], the sed command in
SUDO_ENABLE_SUDO_GROUP_RULE no longer matches the the line in the
example sudoers file shipped with the sudo package. This is due to
upstream commit [2].

This commit fixes the regexp to match the new sudoers file.

[1] https://gitlab.com/buildroot.org/buildroot/-/commit/ee86844e632d5760355154ea4e928c9228f3dfd1
[2] https://github.com/sudo-project/sudo/commit/7c121ff8340c6fa551ba4997dde9d450cf74e40c

Signed-off-by: Marcus Hoffmann <buildroot@bubu1.eu>
[Julien: add link to upstream commit introducing the issue]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-08 22:58:29 +02:00
Thomas Perale 30fc97c2c5 package/libiec61850: fix build w/ mbedtls v3.6
Since the mbedtls bump to v3.6 [1] the libiec61850 package is failling
on the autobuilder with the following error:

```
[  2%] Building C object hal/CMakeFiles/hal.dir/tls/mbedtls/tls_mbedtls.c.o
/workdir/instance-0/output-1/build/libiec61850-1.6.0/hal/tls/mbedtls/tls_mbedtls.c: In function 'compareCertificates':
/workdir/instance-0/output-1/build/libiec61850-1.6.0/hal/tls/mbedtls/tls_mbedtls.c:122:17: error: 'mbedtls_x509_crt' has no member named 'sig'
  122 |         if (crt1->sig.len == crt2->sig.len)
      |                 ^~
/workdir/instance-0/output-1/build/libiec61850-1.6.0/hal/tls/mbedtls/tls_mbedtls.c:122:34: error: 'mbedtls_x509_crt' has no member named 'sig'
  122 |         if (crt1->sig.len == crt2->sig.len)
      |                                  ^~
...
```

The logic to support mbedtls v3 is already present on the version
present in buildroot.
This patch ensures that the CMake build uses the mbedtls headers and
libraries provided by buildroot rather than the bundled copy.

By setting the following variable the mbedtls v3.6 is correctly found
during the configuration of the package.

```
Found mbedtls 3.6 -> can compile HAL with TLS 1.3 support
```

[1] 3481a9643f package/mbedtls: bump to version 3.6.3.1

Fixes: https://autobuild.buildroot.org/results/5fc/5fca384510d2fb9dd1d01736dee34b53339d62ff/build-end.log
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-08 22:50:22 +02:00
Thomas Perale d53f8f2691 package/shairport-sync: fix build w/ mbedtls v3.6
Since [1] when trying to build this package with mbedtls v3.6 the
following error is happening:

```
player.h:12:10: fatal error: mbedtls/havege.h: No such file or directory
   12 | #include <mbedtls/havege.h>
      |          ^~~~~~~~~~~~~~~~~~
compilation terminated.
```

This error can be reproduced with the following config:

```
cat <<EOF >.config
BR2_arm=y
BR2_cortex_a7=y
BR2_TOOLCHAIN_EXTERNAL=y
BR2_TOOLCHAIN_EXTERNAL_BOOTLIN=y
BR2_PACKAGE_MBEDTLS=y
BR2_PACKAGE_SHAIRPORT_SYNC=y
EOF
make olddefconfig
make
```

This patch backport the upstream commit [2] that add support for
mbedtls v3.

[1] 3481a9643f package/mbedtls: bump to version 3.6.3.1
[2] https://github.com/mikebrady/shairport-sync/commit/d73b585c6f6d9136ae7a04243a54d734fa57d779

Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-08 22:45:08 +02:00
Thomas Perale d28ae8b00b package/ustream-ssl: fix build w/ mbedtls v3.6
Since the mbedtls bump to v3.6 [1] the ustream-ssl package is failling
on the autobuilder with the following error:

```
In file included from /home/buildroot/instance-0/output-1/build/ustream-ssl-68d09243b6fd4473004b27ff6483352e76e6af1a/ustream-internal.h:25,
                 from /home/buildroot/instance-0/output-1/build/ustream-ssl-68d09243b6fd4473004b27ff6483352e76e6af1a/ustream-ssl.c:25:
/home/buildroot/instance-0/output-1/build/ustream-ssl-68d09243b6fd4473004b27ff6483352e76e6af1a/ustream-mbedtls.h:24:10: fatal error: mbedtls/certs.h: No such file or directory
   24 | #include <mbedtls/certs.h>
      |          ^~~~~~~~~~~~~~~~~
compilation terminated.
```

This error can be reproduced with the following config:

```
cat <<EOF >.config
BR2_arm=y
BR2_cortex_a7=y
BR2_TOOLCHAIN_EXTERNAL=y
BR2_TOOLCHAIN_EXTERNAL_BOOTLIN=y
BR2_PACKAGE_MBEDTLS=y
BR2_PACKAGE_USTREAM_SSL=y
EOF
make olddefconfig
make
```

This patch backport upstream commit that address the compatibility with
mbedtls v3.6.

 - [2] rename the `_random` function used by the mbedtls functions
 - [3] update `mbedtls_pk_parse_keyfile` function to support new mbedtls
     definition and use `mbedtls_pk_get_type`.

[1] 3481a9643f package/mbedtls: bump to version 3.6.3.1
[2] 0001-ustream-mbedtls-use-getrandom-instead-of-dev-urandom.patch
[3] 0002-ustream-mbedtls-add-compatibility-with-mbed-tls-3-0-0.patch

Fixes: https://autobuild.buildroot.org/results/c20/c20dac7cbe5def2c6036d2e1d06de0bfea68b57c
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-08 22:23:04 +02:00
Vincent Stehlé 2c868ca44d package/xen: fix build for arm with binutils >= 2.41
Xen currently fails to build for 32-bit Arm v7 with binutils >= 2.41,
with the following error:

    proc-v7.S:33: Error: junk at end of line, first unrecognized character is `#'

The failure can be reproduced with the commands:

    cat >.config <<EOF
    BR2_arm=y
    BR2_cortex_a9=y
    BR2_ARM_ENABLE_VFP=y
    BR2_ARM_EABIHF=y
    BR2_TOOLCHAIN_EXTERNAL=y
    BR2_TOOLCHAIN_EXTERNAL_BOOTLIN=y
    BR2_PACKAGE_XEN=y
    BR2_PACKAGE_XEN_HYPERVISOR=y
    BR2_PACKAGE_XEN_TOOLS=y
    EOF
    make olddefconfig
    make xen

Backport a patch from Xen 4.18 plus one patch it depends on to fix the
build.

Signed-off-by: Vincent Stehlé <vincent.stehle@arm.com>
Cc: Alistair Francis <alistair@alistair23.me>
[Julien:
 - reword commit title
 - add commands to reproduce the issue in commit log
 - add missing SoB lines to patches
]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-08 21:56:21 +02:00
Dario Binacchi 250a115c32 package/armadillo: bump to version 14.6.0
Release notes:
https://arma.sourceforge.net/docs.html#changelog

Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-07 22:45:53 +02:00
Peter Korsgaard cf8ccddaa2 package/libconfuse: use current upstream URL
https://github.com/martinh/libconfuse/ now redirects to
/libconfuse/libconfuse/, so use that instead in .mk and help text.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-07 22:40:10 +02:00
Fiona Klute (WIWA) fd6e64ad54 package/genimage: bump version to 19
This adds support for btrfs partition images, among other things. The
COPYING file changed because FSF postal address has been replaced with
URL [1].

Upstream changelog: https://github.com/pengutronix/genimage/releases/tag/v19

[1] https://github.com/pengutronix/genimage/commit/0909434ea5e3e927b4dd512d7e03ea919da12f8d

Signed-off-by: Fiona Klute (WIWA) <fiona.klute@gmx.de>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-07 22:35:51 +02:00
Peter Korsgaard f66e4c2568 toolchain/toolchain-wrapper.c: correct CCACHE_BASEDIR comment
Commit 1e97b27873 ("ccache: support changing the output directory") added
the CCACHE_BASEDIR logic, but added a comment (presumably from cut'n'paste)
about compilercheck instead, fix that.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-07 22:31:42 +02:00
Michael Fischer d4819ab45f package/sdl2: bump version to 2.32.8
Bugfix release, fixing various minor issues:
https://github.com/libsdl-org/SDL/releases/tag/release-2.32.8

Signed-off-by: Michael Fischer <mf@go-sys.de>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-07 22:27:51 +02:00
Michael Fischer 7443e881f8 package/gnuplot: bump version to 6.0.3
For release note, see:
http://www.gnuplot.info/ReleaseNotes_6_0_3.html

SHA256 hash now from:
https://sourceforge.net/projects/gnuplot/files/gnuplot/6.0.3/gnuplot-6.0.3.tar.gz.sha256

Signed-off-by: Michael Fischer <mf@go-sys.de>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-07 22:21:48 +02:00
Yegor Yefremov 6d23852980 package/socketcand: bump to version 0.6.1-103-g6dd5d33
Switch to meson build system.

Remove an upstreamed patch.

The license files are now gathered in the LICENSES folder.

Add support for the libsocketcan library.

Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
[Julien:
 - use "git describe --tags" format in commit title
 - use "git describe --tags --abbrev=40" in _VERSION
]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-07 22:13:15 +02:00
Tim Soubry a52269e221 package/ncmpc: Fix build error with gcc-14
The error appears on autobuilder with the build using GCC14:
FAILED: ncmpc.p/src_Styles.cxx.o
In file included from ../src/Styles.cxx:7:
/home/buildroot/instance-0/output-1/host/microblazeel-buildroot-linux-gnu/sysroot/usr/include/libintl.h:39:14: error: expected unqualified-id before 'const'
   39 | extern char *gettext (const char *__msgid)
      |              ^~~~~~~
/home/buildroot/instance-0/output-1/host/microblazeel-buildroot-linux-gnu/sysroot/usr/include/libintl.h:39:14: error: expected ')' before 'const'
../src/i18n.h:22:20: note: to match this '('
   22 | #define gettext(x) (x)
      |                    ^
[80/102] Compiling C++ object ncmpc.p/src_xterm_title.cxx.o
[81/102] Compiling C++ object ncmpc.p/src_db_completion.cxx.o
[82/102] Compiling C++ object ncmpc.p/src_signals.cxx.o
ninja: build stopped: subcommand failed.
make: *** [package/pkg-generic.mk:273: /home/buildroot/instance-0/output-1/build/ncmpc-0.49/.stamp_built] Error 1
make: Leaving directory '/home/buildroot/instance-0/buildroot'

Starting GCC14 the C++ standard library includes libintl.h that contains
a definition of gettext which caused a clash with the definition present
in ncmpc. This patch resolved this build error seen in [1] by
backporting an upstream commit [2] that renamed the internal gettext
implementation.

Applying the commits of [2], fixes the build error [1].

[1] https://autobuild.buildroot.org/results/cb2/cb292f2c99cdca742a8f52dbfc25f193fe513c6e/build-end.log
[2] https://github.com/MusicPlayerDaemon/ncmpc/commit/249b62fc9f5e3a653ebdd22da0d75fbe87069457

Fixes: https://autobuild.buildroot.org/results/cb2/cb292f2c99cdca742a8f52dbfc25f193fe513c6e/build-end.log
Signed-off-by: Tim Soubry <tim.soubry@mind.be>
[Julien:
 - mention gcc-14 in commit title
 - remove patch numbering to fix check-package error
]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-07 22:00:01 +02:00
Yegor Yefremov 14b5a19486 package/parted: fix compilation with gcc-15
With gcc 15-20241117 compile fails with the below error, update the
do_version declaration to match the header in command.h

../../parted/parted.c: In function '_init_commands':
../../parted/parted.c:2469:9: error: passing argument 2 of 'command_create' from incompatible pointer type [-Wincompatible-pointer-types]
 2469 |         do_version,
      |         ^~~~~~~~~~
      |         |
      |         int (*)(void)
In file included from ../../parted/parted.c:28:
../../parted/command.h:35:39: note: expected 'int (*)(PedDevice **, PedDisk **)' {aka 'int (*)(struct _PedDevice **, struct _PedDisk **)'} but argument is of type 'int (*)(void)'
   35 |                                 int (*method) (PedDevice** dev, PedDisk** diskp),
      |                                 ~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Upstream: https://cgit.git.savannah.gnu.org/cgit/parted.git/commit/?id=16343bda6ce0d41edf43f8dac368db3bbb63d271

Fixes:
https://autobuild.buildroot.org/results/283f52d50ffef91d82a1bdc1f4dde1d54c5ffc23/build-end.log

Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
[Julien: reword commit title]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-07 21:44:42 +02:00
Titouan Christophe c87ddd6ee4 package/redis: security bump to v8.0.3
For release note, see:
https://github.com/redis/redis/releases/tag/8.0.3

This fixes the following vulnerabilities:

- CVE-2025-32023:
    An authenticated user may use a specially crafted string to trigger a
    stack/heap out of bounds write on hyperloglog operations, potentially
    leading to remote code execution.
    https://github.com/redis/redis/security/advisories/GHSA-rp2m-q4j6-gr43

- CVE-2025-48367:
    An unauthenticated connection can cause repeated IP protocol errors,
    leading to client starvation and, ultimately, a denial of service.
    https://github.com/redis/redis/security/advisories/GHSA-4q32-c38c-pwgq

Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
[Julien: add link to release note]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-07 19:48:13 +02:00
Vladimir Kondratiev 7981df0c82 package/libunwind: enable on riscv 64-bit glibc
Since upstream commit [1], first included in version 1.6.0,
libunwind supports 64-bit riscv, at least with glibc.

[1] https://github.com/libunwind/libunwind/commit/abd15da8afb35b92ed0cb2c47f6564775b976c24

Signed-off-by: Vladimir Kondratiev <vladimir.kondratiev@mobileye.com>
[Julien: add link to upstream commit and fix version in commit log]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-07 19:11:51 +02:00
Michael Trimarchi 3c46549f89 package/python-spidev: bump to version 3.7
This is just a minor upgrade for fixed deprecation warning

Signed-off-by: Michael Trimarchi <michael@amarulasolutions.com>
[Julien: fix hash file spacing to resolve check-package error]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-07 18:54:38 +02:00
Julien Olivain 279cd77865 arch/loongarch: add lsx/lasx SIMD dependency on fpu64
Since the LoongArch64 introduction in commit [1], the Kconfig menus
allows selecting lsx and lasx SIMD options independently of the FPU
configuration.

When lsx or lasx SIMD is selected and FPU is "none", host-gcc-initial
is failing at configuration time, with error:

    --with-simd=lasx conflicts with --with-fpu=none

According to the gcc configuration script [2], lsx and lasx values
are valid only if FPU is 64.

This commit adds the missing "depends on BR2_LOONGARCH_FPU_64" for
BR2_LOONGARCH_SIMD_LSX and BR2_LOONGARCH_SIMD_LASX options.

Fixes:
https://autobuild.buildroot.org/results/d159645dab9206dd46f45e79241fc8a950bd0326/

[1] https://gitlab.com/buildroot.org/buildroot/-/commit/54895db9c10a26283b25a393cb6c872d72c245d1
[2] https://gcc.gnu.org/git/?p=gcc.git;a=blob;f=gcc/config.gcc;h=a6f6efec4e103301225ef74c2d1159933d1c9cf8;hb=1757c320badc92c0628eafcd07d54585659692ed#l5163

Cc: Jiaxun Yang <jiaxun.yang@flygoat.com>
Reviewed-by: Jiaxun Yang <jiaxun.yang@flygoat.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-07 18:45:59 +02:00
Bernd Kuhls accb006d9b package/libheif: security bump version to 1.20.1
Release notes: https://github.com/strukturag/libheif/releases

Version 1.19.6 fixes CVE-2025-43966 & CVE-2025-43967:
https://github.com/strukturag/libheif/releases/tag/v1.19.6

Updated license hash due to upstream commit:
https://github.com/strukturag/libheif/commit/377a957bd84018f4d27588c989fa5c66935c16ed

Note:

The patch for CVE-2025-43966 fixes libheif/image-items/iden.cc which was
added in version 1.19.0.
https://github.com/advisories/GHSA-7g9v-7vc7-pmrw

The patch for CVE-2025-43967 does not apply cleanly to 1.18.2 even after
renaming "/image-items/" to "/codecs/". Therefore, this patch is not
backported.
https://github.com/advisories/GHSA-c48q-x6xw-g5h8

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
[Julien: add justification from Bernd why the security fix is not
  backported]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-06 22:29:45 +02:00
Thomas Perale 67343d59bf package/libuhttpd: bump to v3.14.2
For more information see the release note:
  - https://github.com/zhaojh329/libuhttpd/releases/tag/v3.14.2

Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-06 22:12:14 +02:00
Thomas Perale 1a8e868623 package/libuhttpd: fix build w/ mbedtls v3.6
Since the mbedtls bump to v3.6 [1] the libuhttpd fails to build with the
following error:

```
[  8%] Building C object src/ssl/CMakeFiles/xssl.dir/mbedtls.c.o
.../buildroot/output/build/libuhttpd-3.14.1/src/ssl/mbedtls.c:52:10: fatal error: mbedtls/certs.h: No such file or directory
   52 | #include <mbedtls/certs.h>
      |          ^~~~~~~~~~~~~~~~~
compilation terminated.
```

This error can be reproduced with the following config:

```
cat <<EOF >.config
BR2_arm=y
BR2_cortex_a7=y
BR2_TOOLCHAIN_EXTERNAL=y
BR2_TOOLCHAIN_EXTERNAL_BOOTLIN=y
BR2_PACKAGE_MBEDTLS=y
BR2_PACKAGE_LIBUHTTPD=y
EOF
make olddefconfig
make
```

The compatibility with mbedtls v3 has been addressed upstream in the
zhaojh329/ssl project included as a submodule of libuhttpd [2].

This patch backport this upstream commit to be applied on the submodule
directory. This required adaptation of the line numbers (see [3]) and
renaming a function reference passed as parameter of
'mbedtls_pk_parse_keyfile' caused by the commit [4].

[1] 3481a9643f package/mbedtls: bump to version 3.6.3.1
[2] https://github.com/zhaojh329/ssl/commit/28cc9b5d98179d161673d20e79333ae5a4864228
[3] https://github.com/zhaojh329/ssl/commit/8092b5a490eedeb042cc1036ebeab6442624cf4c#diff-fbc46fa2db83f8649ccf1f46c6a044473b7b228edc7d4c0f7cc04b5a879f6fb7
[4] https://github.com/zhaojh329/ssl/commit/0e7d2f73d769cc4ddb350381cebb5ef6f27ab653#diff-fbc46fa2db83f8649ccf1f46c6a044473b7b228edc7d4c0f7cc04b5a879f6fb7R92

Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-06 22:08:36 +02:00
Matt Silva 95985d3524 package/nilfs-utils: install to staging
nilfs-utils provides an "nilfs.h" header file and libnilfs.so that other
packages which depend upon it may require in order to build.

Signed-off-by: Matt Silva <dev@matt-silva.com>
[Romain: add libnilfs.so in commit log]
Signed-off-by: Romain Naour <romain.naour@smile.fr>
2025-07-06 19:21:40 +02:00
Edgar Bonet 500678593f boot/at91bootstrap3: fix build with host GCC 15
Building at91bootstrap3 with GCC 15 fails with:

    include/types.h:23:23: error: ‘bool’ cannot be defined via ‘typedef’
       23 | typedef unsigned char bool;
          |                       ^~~~
    include/types.h:23:23: note: ‘bool’ is a keyword with ‘-std=c23’ onwards

This is due to GCC 15 defaulting to the C23 language dialect.

Signed-off-by: Edgar Bonet <bonet@grenoble.cnrs.fr>
Signed-off-by: Romain Naour <romain.naour@smile.fr>
2025-07-06 18:55:00 +02:00
Bernd Kuhls f1e53e9dc3 package/stellarium: bump version to 25.2
Release notes:
https://stellarium.org/release/2025/06/22/stellarium-25.2.html

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-06 17:49:58 +02:00
Bernd Kuhls 85b891fdc5 package/znc: bump version to 1.10.1
Release notes: https://github.com/znc/znc/blob/znc-1.10.1/ChangeLog.md

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-06 17:46:48 +02:00
Dario Binacchi 669f28ac0b package/pocketpy: new package
It is a portable Python 3.x interpreter, written in C11. It has no
dependencies other than the C standard library, which can be easily
integrated into your C/C++ project

Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Signed-off-by: Romain Naour <romain.naour@smile.fr>
2025-07-06 17:25:20 +02:00
Bernd Kuhls c41f953ab9 package/libva: fix build error
Fixes:
https://autobuild.buildroot.net/results/18b/18b551ae20a2f2f40c1fb003bb701f53f5daec45/

/workdir/instance-0/output-1/host/lib/gcc/aarch64_be-buildroot-linux-gnu/14.3.0/../../../../aarch64_be-buildroot-linux-gnu/bin/ld:
 va/libva.so.2.2200.0: version node not found for symbol vaCreateSurfaces@VA_API_0.32.0

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-06 17:13:59 +02:00
Julien Olivain b2e42b0d50 package/linux-firmware: bump version to 20250627
Updating the hash of the WHENCE file, due to firmware additions and
firmware changes, but no changes to the redistribution/licensing
conditions.

Also, some licenses were extracted from WHENCE to separate files in
upstream commit [1]. This commit adds those new files for firmwares
supported in Buildroot.

[1] https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git/commit/?id=cb826c70e9128e6a4069ea84680a379ebe960262

Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Romain Naour <romain.naour@smile.fr>
2025-07-06 16:41:30 +02:00
Bernd Kuhls bab8ed7b0b package/igt-gpu-tools: bump version to 2.1
Release notes:
https://lists.x.org/archives/xorg-announce/2025-June/003614.html

Removed patch which is included in this release.

Switched _SITE to tarball and added sha512 hash, both provided by
upstream.

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-06 16:27:48 +02:00
Julien Olivain 14272869eb package/clpeak: bump version to 1.1.5
For release notes since 1.1.2, see:
https://github.com/krrishnarraj/clpeak/releases/tag/1.1.3
https://github.com/krrishnarraj/clpeak/releases/tag/1.1.4
https://github.com/krrishnarraj/clpeak/releases/tag/1.1.5

The package license changed from Unlicensed to Apache-2.0 in upstream
commit [1]. This commit updates _LICENSE and the license file hash
accordingly.

[1] https://github.com/krrishnarraj/clpeak/commit/65e572451330b4673712dfec352842f3123a9258

Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Romain Naour <romain.naour@smile.fr>
2025-07-06 16:18:11 +02:00
Julien Olivain ca86f0a206 package/clinfo: bump to version 3.0.25.02.14
For change list since 3.0.21.02.21, see:
https://github.com/Oblomov/clinfo/compare/3.0.21.02.21...3.0.25.02.14

Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Romain Naour <romain.naour@smile.fr>
2025-07-06 16:07:22 +02:00
Bernd Kuhls 4c34d7c8c1 package/kodi-pvr-waipu: bump version to 21.12.2-Omega
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-06 13:55:59 +02:00
Bernd Kuhls 17f419367f package/kodi-inputstream-adaptive: bump version to 21.5.15-Omega
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-06 13:55:56 +02:00
Bernd Kuhls 196989235e package/hddtemp: fix build without nls
Fixes:
https://autobuild.buildroot.org/results/06b44df261318ce1d07f6cb20b26e4ad64222940/

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-06 13:28:58 +02:00
Bernd Kuhls 1e8be117f0 package/tor: bump version to 0.4.8.17
Release notes:
https://gitlab.torproject.org/tpo/core/tor/-/raw/release-0.4.8/ReleaseNotes
https://forum.torproject.org/t/stable-release-0-4-8-17/19681

Removed patch which is included in this release.

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-06 13:16:56 +02:00
Julien Olivain 7c0da58313 boot/shim: bump to version 16.0
For release note, see:
https://github.com/rhboot/shim/releases/tag/16.0

Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-07-06 11:28:27 +02:00
Jiaxun Yang d4a3b9efdd support/config-fragments: Add LoongArch64 toolchain support
Add full/glibc variant of LoongArch64 internal toolchain.

Signed-off-by: Jiaxun Yang <jiaxun.yang@flygoat.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-05 19:45:38 +02:00
Jiaxun Yang ef55ca4075 configs/qemu_loongarch64_virt_efi: new defconfig
Add qemu_loongarch64_virt_efi_defconfig, which builds EDK2
and host QEMU to test LoongArch64 buildroot.

Signed-off-by: Jiaxun Yang <jiaxun.yang@flygoat.com>
Reviewed-by: Romain Naour <romain.naour@smile.fr>
Tested-by: Romain Naour <romain.naour@smile.fr>
Reviewed-by: Julien Olivain <ju.o@free.fr>
Tested-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-05 19:45:38 +02:00
Jiaxun Yang e20271ba37 package/qemu: enable loongarch64 as target package
LoongArch64 emulation system / user emulation is supported
by QEMU.

Signed-off-by: Jiaxun Yang <jiaxun.yang@flygoat.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-05 19:45:38 +02:00
Jiaxun Yang 269bb5d8bf boot/edk2: Add LoongArch64 OVMF support
LoongArch64 OVMF target is introduced to EDK2 in edk2-202408.

Enable architecture support here.

Signed-off-by: Jiaxun Yang <jiaxun.yang@flygoat.com>
Reviewed-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-05 19:45:38 +02:00
Jiaxun Yang 59f661b8fa configs/loongarch64_efi: new defconfig
Introduce bread new loongarch64-efi board, with skeleton
from aarch64-efi board.

It corverd most LoongArch64 systems.

Linux 6.12, as the most recent LTS kernel, was chosen
to ensure proper architecture support is included.

This board config is validated on my Lemote A2101
Loongson 3A5000 board.

A developer entry is created for myself for future contacts
as well.

Signed-off-by: Jiaxun Yang <jiaxun.yang@flygoat.com>
Reviewed-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-05 19:45:38 +02:00
Jiaxun Yang c4a4b8552f boot/grub2: Introduce loongarch64-efi target
loongarch64-efi target presents in GRUB can be utilised
by any EFI compatible LoongArch64 machine to boot kernel.

Signed-off-by: Jiaxun Yang <jiaxun.yang@flygoat.com>
Reviewed-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-05 19:45:38 +02:00
Jiaxun Yang 677047d200 linux: Introduce {vmlinux, vmlinuz}.efi kernel binary format
vmlinux.efi and vmlinuz.efi are standard file names for LoongArch
EFISTUB kernel.

Introduce them to build system.

Signed-off-by: Jiaxun Yang <jiaxun.yang@flygoat.com>
Reviewed-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-05 19:45:38 +02:00
Jiaxun Yang 7878ff515d package/musl: Enable LoongArch64 support
musl introduced LoongArch64 support in 1.2.5.

Signed-off-by: Jiaxun Yang <jiaxun.yang@flygoat.com>
Reviewed-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-05 19:45:38 +02:00
Jiaxun Yang 5495bdd430 package/glibc: Enable LoongArch64 support
Glibc introduced LoongArch64 support in 2.36, it requires kernel
5.19 to build.

Unselect BR2_ARCH_HAS_NO_TOOLCHAIN_BUILDROOT to reflect we can
build the toolchain.

Signed-off-by: Jiaxun Yang <jiaxun.yang@flygoat.com>
Reviewed-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-05 19:45:38 +02:00
Jiaxun Yang 54895db9c1 arch: Introduce LoongArch64
Introduce LoongArch64 at architecture level.

Config.in.loongarch is prepared for possible loongarch32
enablement in future, thus BR2_ARCH_IS_64 is being depended
by some 64bit only options.

Internal toolchain is supported, as our minimal binutils
version is already beyond LoongArch minimal version and
GCC option is limited by BR2_ARCH_NEEDS_GCC_AT_LEAST_12.

BR2_ARCH_HAS_NO_TOOLCHAIN_BUILDROOT is selected temporary
and it's going to be rmoved after we gain libc support.

Signed-off-by: Jiaxun Yang <jiaxun.yang@flygoat.com>
[Julien: fix typo in Kconfig BR2_LOONGARCH_ABI_LP64S prompt
  replace "lp64d" by "lp64s"]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-05 19:45:38 +02:00
Jiaxun Yang 286f5bacd7 package/gcc: Introduce BR2_GCC_TARGET_SIMD option
Introduce BR2_GCC_TARGET_SIMD for gcc to handle --with-simd/-msimd
present at loongarch's gcc options.

Signed-off-by: Jiaxun Yang <jiaxun.yang@flygoat.com>
Reviewed-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-05 19:45:38 +02:00
Thomas Devoogdt 31af509b4f package/util-linux: bump to 2.41.1
News:
- https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/v2.41/v2.41-ReleaseNotes
- https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/v2.41/v2.41.1-ReleaseNotes

Dropped patches which are all upstream.
- https://github.com/util-linux/util-linux/pull/3049
- https://github.com/util-linux/util-linux/pull/3383

Synced all license files.

Dropped the AUTORECONF call, since
0001-libmount-ifdef-statx-call.patch is upstream.

Signed-off-by: Thomas Devoogdt <thomas.devoogdt@barco.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-05 17:19:57 +02:00
Thomas Perale c32230fe35 package/bmx7: fix build w/ mbedtls v3.6
Since the mbedtls bump to v3.6 [1] the bmx7 package is failling on the
autobuilder:

```
/workdir/instance-0/output-1/host/bin/xtensa-buildroot-linux-uclibc-gcc -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -mlongcalls -mauto-litpools -Os -g3  -pedantic -W -Wall -Wstrict-prototypes -Wno-unused-parameter -Os -g3 -std=gnu99 -DGIT_REV=\"0\" -DAVL_5XLINKED -DDEBUG_MALLOC -DCORE_LIMIT=20000      -pedantic -W -Wall -Wstrict-prototypes -Wno-unused-parameter -Os -g3 -std=gnu99 -DGIT_REV=\"0\" -DAVL_5XLINKED -DDEBUG_MALLOC -DCORE_LIMIT=20000       -c crypt.c -o crypt.o
crypt.c:66:10: fatal error: mbedtls/compat-1.3.h: No such file or directory
   66 | #include "mbedtls/compat-1.3.h"
      |          ^~~~~~~~~~~~~~~~~~~~~~
compilation terminated.
```

This patch includes a set of upstream patches that address the
compatibility with the v3.6 of mbedtls.

[1] 3481a9643f package/mbedtls: bump to version 3.6.3.1

Fixes: https://autobuild.buildroot.org/results/b77/b776e34d1c5bc3904ea7138bd6c4ac17a1f0fd34/
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-05 15:45:21 +02:00
Thomas Perale 78198bc0f3 package/shadowsocks-libev: fix build w/ mbedtls v3.6
Since the mbedtls bump to v3.6 [1] the shadowsocks-libev package is
failling  on the autobuilder:

```
checking for mbedtls_cipher_setup in -lmbedcrypto... yes
checking whether mbedtls supports Cipher Feedback mode or not... configure: error: MBEDTLS_CIPHER_MODE_CFB required
make: *** [package/pkg-generic.mk:263: /workdir/instance-0/output-1/build/shadowsocks-libev-3.3.5/.stamp_configured] Error 1
make: Leaving directory '/workdir/instance-0/buildroot'
```

This is due to the breaking changes in the mbedtls API with the version
bump.

This patch adds the upstream patch [2] that address this issue by verifying
conditionally the version of mbedtls we are running on to make the API
calls and includes.

[1] 3481a9643f package/mbedtls: bump to version 3.6.3.1
[2] https://github.com/shadowsocks/shadowsocks-libev/commit/9afa3cacf947f910be46b69fc5a7a1fdd02fd5e6#

Fixes: https://autobuild.buildroot.org/results/070/070581d95f2739cee3b4cb8252639dd92b5a8421
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-05 15:41:50 +02:00
James Knight 8f09106e81 utils/test-pkg: stop on sigint
When SIGINT is issued for a package test run, it will abort the active
toolchain run then proceed to the next. If a user is running the entire
default toolchain set (`-a`), they can be required to invoke SIGINT
multiple times to stop a run.

This commit uses a SIGINT hook to flag a shutdown state and stop further
attempts to run anymore toolchain tests.

Signed-off-by: James Knight <git@jdknight.me>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-05 12:14:49 +02:00
James Knight c41a06bbd9 utils/check-package: handle missing files
When running check-package before completing commits for a change, if
any files are setup for removal, check-package will throw
FileNotFoundError exceptions instead of generating a warning state. For
example:

 $ utils/docker-run make check-package
 Traceback (most recent call last):
   ...
 FileNotFoundError: [Errno 2] No such file or directory: 'package/.../0001-some-removed-patch.patch'
 make: *** [Makefile:1264: check-package] Error 1

This commit will now catch FileNotFoundError and populate a warning
message:

 $ utils/docker-run make check-package
 package/.../0001-some-removed-patch.patch: missing; unstaged file removal?
 package/.../0002-another-removed-patch.patch: missing; unstaged file removal?
 427843 lines processed
 3 warnings generated
 make: *** [Makefile:1264: check-package] Error 1

Signed-off-by: James Knight <git@jdknight.me>
Reviewed-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-05 12:03:20 +02:00
Bernd Kuhls baa81362ef package/readline: Use configure options to link with ncurses
Use configure options to link with ncurses available since version 8.2:
https://cgit.git.savannah.gnu.org/cgit/readline.git/tree/NEWS?h=readline-8.3#n100

Removed a 14 year-old patch added with buildroot commit
b864790383.

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-05 11:15:10 +02:00
Bernd Kuhls 1072488bd8 package/readline: bump version to 8.3
Changelog:
https://cgit.git.savannah.gnu.org/cgit/readline.git/tree/NEWS?h=readline-8.3

Removed patch which is included in this release.

Added patch to fix build with non-wchar toolchains.

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-05 11:15:06 +02:00
James Knight f7d94f8f34 package/libpqxx: bump to version 7.10.1
Note the `COPYING` file has changed due to copyright year bumps.

See also: https://github.com/jtv/libpqxx/blob/7.10.1/NEWS

Signed-off-by: James Knight <git@jdknight.me>
[Julien: update change log url to use tag]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-05 00:15:37 +02:00
Bernd Kuhls c56e7ef954 package/xmrig: bump version to 6.24.0
Changelog: https://github.com/xmrig/xmrig/blob/v6.24.0/CHANGELOG.md

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-04 23:18:25 +02:00
Bernd Kuhls b5fc6e232f package/opus: bump version to 1.5.2
Release notes:
https://opus-codec.org/release/stable/2024/03/04/libopus-1_5.html
https://opus-codec.org/release/stable/2024/03/04/libopus-1_5_1.html
https://opus-codec.org/release/stable/2024/04/12/libopus-1_5_2.html

Updated license hash due to copyright year bump:
https://gitlab.xiph.org/xiph/opus/-/commit/254b5ee7b2e7c89aaddbf7a994fea0563842873f

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-04 23:14:08 +02:00
Bernd Kuhls c10f7dfdb9 package/libogg: bump version to 1.3.6
Changelog:
https://gitlab.xiph.org/xiph/ogg/-/blob/v1.3.6/CHANGES

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
[Julien: update change log url to use tag]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-04 23:06:55 +02:00
Bernd Kuhls 766b08647c package/pciutils: bump version to 3.14.0
Changelog:
https://git.kernel.org/pub/scm/utils/pciutils/pciutils.git/tree/ChangeLog?h=v3.14.0

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
[Julien: update change log url to use tag]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-04 22:58:16 +02:00
Bernd Kuhls 337642e732 package/ethtool: bump version to 6.15
Changelog:
https://git.kernel.org/pub/scm/network/ethtool/ethtool.git/tree/NEWS?h=v6.15

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
[Julien: update change log url to use tag]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-04 22:45:07 +02:00
Bernd Kuhls 9225bb4e37 package/nettle: bump version to 3.10.2
Release notes:
https://lists.gnu.org/archive/html/info-gnu/2025-06/msg00006.html

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-04 22:39:52 +02:00
Bernd Kuhls 53be9a7164 package/taglib: bump version to 2.1.1
Release notes:
https://taglib.org/#taglib-211-release---june-30-2025
https://taglib.org/older.html

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-04 22:31:41 +02:00
Bernd Kuhls 6baca88959 package/fontconfig: bump version to 2.17.1
Removed patch which is included in this release.

Switched _SITE to gitlab:
https://lists.freedesktop.org/archives/fontconfig/2025-March/007154.html

Release notes:
2.16.1: https://lists.freedesktop.org/archives/fontconfig/2025-March/007154.html
2.16.2: https://lists.freedesktop.org/archives/fontconfig/2025-April/007168.html
2.17.0: https://lists.freedesktop.org/archives/fontconfig/2025-June/007224.html
2.17.1: https://lists.freedesktop.org/archives/fontconfig/2025-July/007229.html

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-04 22:14:29 +02:00
Bernd Kuhls 0365490f7d package/hwdata: bump version to 0.397
Release notes: https://github.com/vcrhonek/hwdata/releases

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-04 21:59:38 +02:00
Bernd Kuhls ff184d4e04 package/libpng: bump version to 1.6.50
Release notes:
https://raw.githubusercontent.com/pnggroup/libpng/v1.6.50/ANNOUNCE

Switched _SITE to https.

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-04 19:41:58 +02:00
Bernd Kuhls 8a56382373 package/intel-vpl-gpu-rt: bump version to 25.2.6
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-04 19:32:05 +02:00
Bernd Kuhls d4774e42ec package/intel-mediadriver: bump version to 25.2.6
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-04 19:32:02 +02:00
Bernd Kuhls 3c27767d97 package/intel-gmmlib: bump version to 22.8.0
Removed patch 0002 which was applied upstream:
https://github.com/intel/gmmlib/commit/af5f033fbe71da454953e04db9804443e2cec746

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-04 19:31:58 +02:00
Bernd Kuhls e97ca416c6 package/libopenssl: security bump version to 3.5.1
Fixes CVE-2025-4575:
https://github.com/openssl/openssl/releases/tag/openssl-3.5.1

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-04 19:24:37 +02:00
Florian Fainelli e63181bc00 package/cpulimit: Backport fix for function signature
Backport the upstream pull request patch fixing the incorrect function
signature passed to pthread_create()

Fixes: https://autobuild.buildroot.org/results/5308cb8239f31ef39e5c67d65ff1d69cdec1cedc
Fixes: https://autobuild.buildroot.org/results/6722247e3c830558ac0377352d05f4bb1684978d
Fixes: https://autobuild.buildroot.org/results/adc385fe35432be28453b8ed9f40e8a6647a4b28
Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
[Julien: reformat patch "Upstream:" tag to fix check-package error]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-04 19:04:51 +02:00
Titouan Christophe eee0f6c078 package/libsoup: add many security patches
Import all security patches from OpenEmbedded for libsoup.
This fixes the following 18 known vulnerabilities:

- CVE-2024-52530:
    GNOME libsoup before 3.6.0 allows HTTP request smuggling in some
    configurations because '\0' characters at the end of header names are
    ignored, i.e., a "Transfer-Encoding\0: chunked" header is treated the
    same as a "Transfer-Encoding: chunked" header.
    https://www.cve.org/CVERecord?id=CVE-2024-52530

- CVE-2024-52531:
    GNOME libsoup before 3.6.1 allows a buffer overflow in applications that
    perform conversion to UTF-8 in soup_header_parse_param_list_strict.
    There is a plausible way to reach this remotely via
    soup_message_headers_get_content_type (e.g., an application may want to
    retrieve the content type of a request or response).
    https://www.cve.org/CVERecord?id=CVE-2024-52531

- CVE-2024-52532:
    GNOME libsoup before 3.6.1 has an infinite loop, and memory consumption.
    During the reading of certain patterns of WebSocket data from clients.
    https://www.cve.org/CVERecord?id=CVE-2024-52532

- CVE-2025-2784:
    Libsoup: heap buffer over-read in `skip_insignificant_space`
    when sniffing content
    https://www.cve.org/CVERecord?id=CVE-2025-2784

- CVE-2025-4476:
    Libsoup: null pointer dereference in libsoup may lead to denial of service
    https://www.cve.org/CVERecord?id=CVE-2025-4476

- CVE-2025-4948:
    Libsoup: integer underflow in soup_multipart_new_from_message() leading to
    denial of service in libsoup
    https://www.cve.org/CVERecord?id=CVE-2025-4948

- CVE-2025-4969:
    Libsoup: off-by-one out-of-bounds read in find_boundary() in soup-multipart.c
    https://www.cve.org/CVERecord?id=CVE-2025-4969

- CVE-2025-32050:
    Libsoup: integer overflow in append_param_quoted
    https://www.cve.org/CVERecord?id=CVE-2025-32050

- CVE-2025-32052:
    Libsoup: heap buffer overflow in sniff_unknown()
    https://www.cve.org/CVERecord?id=CVE-2025-32052

- CVE-2025-32053:
    Libsoup: heap buffer overflows in sniff_feed_or_html() and
    skip_insignificant_space()
    https://www.cve.org/CVERecord?id=CVE-2025-32053

- CVE-2025-32906:
    Libsoup: out of bounds reads in soup_headers_parse_request()
    https://www.cve.org/CVERecord?id=CVE-2025-32906

- CVE-2025-32910:
    Libsoup: null pointer deference on libsoup via /auth/soup-auth-digest.c
    through "soup_auth_digest_authenticate" on client when server omits the
    "realm" parameter in an unauthorized response with digest authentication
    https://www.cve.org/CVERecord?id=CVE-2025-32910

- CVE-2025-32911:
    Libsoup: double free on soup_message_headers_get_content_disposition()
    through "soup-message-headers.c" via "params" ghashtable value
    https://www.cve.org/CVERecord?id=CVE-2025-32911

- CVE-2025-32912:
    Libsoup: null pointer dereference in client when server omits the "nonce"
    parameter in an unauthorized response with digest authentication
    https://www.cve.org/CVERecord?id=CVE-2025-32912

- CVE-2025-32913:
    Libsoup: null pointer dereference in
    soup_message_headers_get_content_disposition when "filename" parameter is
    present, but has no value in content-disposition header
    https://www.cve.org/CVERecord?id=CVE-2025-32913

- CVE-2025-32914:
    Libsoup: oob read on libsoup through function
    "soup_multipart_new_from_message" in soup-multipart.c leads to crash or
    exit of process
    https://www.cve.org/CVERecord?id=CVE-2025-32914

- CVE-2025-46420:
    Libsoup: memory leak on soup_header_parse_quality_list() via soup-headers.c
    https://www.cve.org/CVERecord?id=CVE-2025-46420

- CVE-2025-46421:
    Libsoup: information disclosure may leads libsoup client sends authorization
    header to a different host when being redirected by a server
    https://www.cve.org/CVERecord?id=CVE-2025-46421

Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-04 18:51:51 +02:00
Titouan Christophe 9d6a4312c8 package/libsoup: fix missing upstream tag in patch 0001
Fix the patch message so that it includes the "Upstream:" tag expected by
check-package, and remove this file from the check-package ignore list.

Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-04 18:51:51 +02:00
Giulio Benetti d4cbf1403f package/libnss: bump version to 3.113.1
For release note, see:
https://hg-edge.mozilla.org/projects/nss/file/NSS_3_113_1_RTM/doc/rst/releases/nss_3_113_1.rst

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-04 18:50:20 +02:00
Bernd Kuhls 7e81062a70 package/kodi-pvr-iptvsimple: bump version to 21.11.0-Omega
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-04 18:47:47 +02:00
Bernd Kuhls 15d35cfb36 package/{mesa3d, mesa3d-headers}: bump version to 25.1.5
Release notes:
https://lists.freedesktop.org/archives/mesa-announce/2025-July/000809.html

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-03 23:19:48 +02:00
Bernd Kuhls a56ce5d46d package/php: security bump version to 8.3.23
Changelog: https://www.php.net/ChangeLog-8.php#PHP_8_3

Fixes CVE-2025-1735, CVE-2025-6491 & CVE-2025-1220:
https://news-web.php.net/php.announce/465

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-03 23:09:52 +02:00
Marcus Hoffmann 8fe02bc114 package/python-django: bump to 5.2.4
Release Notes:
  https://www.djangoproject.com/weblog/2025/jul/02/bugfix-releases/

Signed-off-by: Marcus Hoffmann <buildroot@bubu1.eu>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-03 22:58:19 +02:00
Thomas Perale 96899dd692 package/python-future: add CPE identifier
The cpe:2.3:a:pythoncharmers:python-future:*:*:*:*:*:*:*:* is
valid for this package.

See https://nvd.nist.gov/products/cpe/detail/6E3F033B-5565-461B-8450-D23E68419313

Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-03 22:53:23 +02:00
Thomas Perale de8cc1ae50 package/python-multipart: add CPE identifier
The cpe:2.3:a:fastapiexpert:python-multipart:0.0.20:*:*:*:*:*:*:* is
valid for this package.

See https://nvd.nist.gov/products/cpe/detail/8C38E43A-00AD-4851-9AC9-80408FF89F52

Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-03 22:51:48 +02:00
Thomas Perale 8965024022 package/fwupd: add CPE identifier
The cpe:2.3:a:fwupd:fwupd:*:*:*:*:*:*:*:* is valid for this package.

See https://nvd.nist.gov/products/cpe/detail/46E1E3C0-2F72-49BA-8374-1FBF203AE0F0

Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-03 22:49:44 +02:00
Tim Soubry e868b974a7 package/sox: ignore CVE-2023-34432
Commit [1] introduced a patch addressing CVE-2021-23159. Since then,
CVE-2023-34432 ([2]) remained the only unresolved CVE reported
against the sox package in pkg-stat.  This patch adds CVE-2023-34432
to the list of ignored CVEs for sox, based on the report from the
Debian Security Tracker ([3]) and the sox issue tracker ([4]), both
indicate that the patch introduced in [1] also resolves this CVE.

[1] 14aa0f5ec1 package/sox: add fix for CVE-2021-23159, CVE-2021-23172, CVE-2023-34318
[2] https://nvd.nist.gov/vuln/detail/CVE-2023-34432
[3] https://security-tracker.debian.org/tracker/CVE-2023-34432
[4] https://sourceforge.net/p/sox/bugs/367/

Signed-off-by: Tim Soubry <tim.soubry@mind.be>
[Julien: change commit ref [1] to use commit id from master branch]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-03 22:41:25 +02:00
Thomas Perale 6b8dd4ddf3 package/cpp-httplib: add CPE identifier
The cpe:2.3:a:cpp-httplib_project:cpp-httplib:*:*:*:*:*:*:*:* is valid
for this package.

See https://nvd.nist.gov/products/cpe/detail/955012E0-158A-4637-99DE-37520A12BB7D

Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-03 21:53:13 +02:00
Thomas Perale df60b105b4 package/libp11: fix build w/ host-gcc15
The following error appeared on the autobuilder for host using
host-gcc15:

```
p11_attr.c: In function 'pkcs11_addattr_bool':
p11_attr.c:126:25: error: expected identifier or '(' before 'true'
  126 |         static CK_BBOOL true = CK_TRUE;
      |                         ^~~~
p11_attr.c:127:25: error: expected identifier or '(' before 'false'
  127 |         static CK_BBOOL false = CK_FALSE;
      |                         ^~~~~
p11_attr.c:128:44: error: lvalue required as unary '&' operand
  128 |         pkcs11_addattr(tmpl, type, value ? &true : &false, sizeof(CK_BBOOL));
      |                                            ^
p11_attr.c:128:52: error: lvalue required as unary '&' operand
  128 |         pkcs11_addattr(tmpl, type, value ? &true : &false, sizeof(CK_BBOOL));
      |                                                    ^
make[3]: *** [Makefile:646: libp11_la-p11_attr.lo] Error 1
```

This is due to the change in the default C language version in GCC15.

This patch backport the upstream patch that fix that issue by not using
the keywords.

Fixes: https://autobuild.buildroot.org/results/da7/da71db9b04f181b9d2e72df73ac8541709f5a1d4

Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-03 21:49:20 +02:00
Titouan Christophe fd04cba20d package/tailscale: add CPE_ID_VENDOR
This gives a proper cpe-id string to the tailscale buildroot package

Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-03 20:02:22 +02:00
Titouan Christophe edf08553dd package/libolm: remove package
Upstream has explicitely stated that libolm is now deprecated.
Since no other package depend on libolm, we can easily remove it from
Buildroot. If any user is interested in this feature, we can add its
successor: vodozemac.

More information here:
https://gitlab.matrix.org/matrix-org/olm#important-libolm-is-now-deprecated

Also, there is CVE reported on this latest 3.2.16 version declared
as no longer maintained. See:
https://www.cve.org/CVERecord?id=CVE-2024-45191
https://www.cve.org/CVERecord?id=CVE-2024-45192
https://www.cve.org/CVERecord?id=CVE-2024-45193

Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
[Julien: add a note about CVE reported on this package]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-03 19:53:10 +02:00
Titouan Christophe 7c0e9d795a package/php: ignore CVE-2024-3566 that only affects Windows
For reference, see:
https://www.cve.org/CVERecord?id=CVE-2024-3566

Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
[Julien: add link to CVE in commit log]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-03 19:38:46 +02:00
Titouan Christophe 31619696b9 package/tcpreplay: security bump to v4.5.1
This fixes the following vulnerabilities:

- CVE-2023-4256:
    Within tcpreplay's tcprewrite, a double free vulnerability has been
    identified in the tcpedit_dlt_cleanup() function within
    plugins/dlt_plugins.c. This vulnerability can be exploited by
    supplying a specifically crafted file to the tcprewrite binary. This
    flaw enables a local attacker to initiate a Denial of Service (DoS)
    attack.
    https://www.cve.org/CVERecord?id=CVE-2023-4256

- CVE-2023-43279:
    Null Pointer Dereference in mask_cidr6 component at cidr.c in
    Tcpreplay 4.4.4 allows attackers to crash the application via crafted
    tcprewrite command.
    https://www.cve.org/CVERecord?id=CVE-2023-43279

- CVE-2024-22654:
    tcpreplay v4.4.4 was discovered to contain an infinite loop via the
    tcprewrite function at get.c.
    https://www.cve.org/CVERecord?id=CVE-2024-22654

See the release notes:
https://github.com/appneta/tcpreplay/releases/tag/v4.5.1

Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-03 19:34:26 +02:00
Titouan Christophe d8523b00e0 package/gvfs: update website URL
The website URL was outdated, resulting in an HTTP error 403 Forbidden

Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-03 19:06:04 +02:00
Titouan Christophe 3ea1225d4f package/gvfs: bump to v1.57.2
This bump includes 23 minor or patch-level releases, mostly containing
bugfixes, and improvements on many filesystem backends and translations.

Specifically for the Buildroot package:

- Switch from libsoup (v2) to libsoup3, since gvfs v1.49.90
- Drop patch applied upstream
- Explicitely disable goa (gnome-online-accounts) which is enabled by default
  in meson_options.txt

See the upstream changelog:
https://gitlab.gnome.org/GNOME/gvfs/-/blob/1.57.2/NEWS

Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
[Julien: remove .checkpackageignore entry to fix check-package error]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-03 19:05:51 +02:00
Alex Bennée 4db67464dd package/llvm-project: drop unused TERMINFO config flags
The build complains about these being unused so drop them.

LLVM_ENABLE_TERMINFO option is removed since llvm 19.1.0 [1]

[1] https://github.com/llvm/llvm-project/commit/852aaf54071ad072335dcac57f544d4da34c875a

Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
[Romain: add upstream commit link]
Signed-off-by: Romain Naour <romain.naour@smile.fr>
2025-07-02 23:41:21 +02:00
Adrian Perez de Castro 3138c577f4 package/cog: bump to version 0.18.5
This is a small bugfix release, mainly containing event handling fixes
for Wayland, and the possibility to explicitly configure the gamepad
support at build time.

Release notes:

  https://wpewebkit.org/release/cog-0.18.5.html

Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-02 21:27:35 +02:00
Yann E. MORIN 2478739557 package/cni-plugins: bump to version 1.7.1
Signed-off-by: Yann E. MORIN <yann.morin@orange.com>
Cc: Christian Stewart <christian@aperture.us>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-02 21:17:14 +02:00
Yann E. MORIN 7d8dd6883c package/cni-plugins: enable sbr
Signed-off-by: Yann E. MORIN <yann.morin@orange.com>
Cc: Christian Stewart <christian@aperture.us>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-02 21:17:11 +02:00
Peter Korsgaard 23e6d91c69 package/jose: add CPE identifier
cpe:2.3:a:latchset:jose:14:*:*:*:*:*:*:* is a valid CPE ID.

See:
https://nvd.nist.gov/products/cpe/detail/7E6A7E16-E8B0-47BA-B7C7-0D4102933031

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-02 21:03:32 +02:00
Peter Korsgaard ee86844e63 package/sudo: security bump to version 1.9.17p1
For release note, see:
https://www.sudo.ws/releases/stable/#1.9.17p1

Fixes the following security issues:

- CVE-2025-32462: Sudo before 1.9.17p1, when used with a sudoers file that
  specifies a host that is neither the current host nor ALL, allows listed
  users to execute commands on unintended machines (since sudo 1.8.8)

  https://www.sudo.ws/security/advisories/host_any/

- CVE-2025-32463: Sudo before 1.9.17p1 allows local users to obtain root
  access because /etc/nsswitch.conf from a user-controlled directory is used
  with the --chroot option (since sudo 1.9.4)

  https://www.sudo.ws/security/advisories/chroot_bug/

Update the LICENSE.md hash for a change in copyright years:
https://github.com/sudo-project/sudo/commit/30729312c2091f3891daa39b571efa40cb261785

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
[Julien: add link to release note in commit log]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-02 21:03:32 +02:00
Julien Olivain 8e48dd8f21 toolchain/toolchain-external/toolchain-external-custom: hide gcc versions for unsupported CPUs
The BR2_ARCH_NEEDS_GCC_AT_LEAST_X guards were added in commit [1]
for toolchain-external-custom gcc versions from 4.8 to 12. No guard
was added for gcc 13 because is was the latest version at that time
(and the symbol BR2_ARCH_NEEDS_GCC_AT_LEAST_14 was not available
at that time).

Then, commit [2] and [3] added gcc 14 and 15 without adding
guards.

In order to prevent a Buildroot user selecting an external custom
toolchain that does not support a selected CPU, this commit adds all
the missing guards.

[1] https://gitlab.com/buildroot.org/buildroot/-/commit/eed1670d8a6f0899f5fdfc26bd6d1609ebc19c7a
[2] https://gitlab.com/buildroot.org/buildroot/-/commit/7fa12e4f9ed736c7238dbdadf4dc5b9da03007b3
[3] https://gitlab.com/buildroot.org/buildroot/-/commit/5f1a38a41f0b6702444940b24bcd0d79a41a0059

Reported-by: Arnout Vandecappelle <arnout@rnout.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Romain Naour <romain.naour@smile.fr>
2025-07-02 15:14:49 +02:00
Julien Olivain 49dbfba22f package/gcc: add logic to hide gcc 15 for unsupported CPUs
This logic is to prepare for future gcc versions and their new
supported CPUs. As of today, gcc 15 is the latest gcc version
and all architectures and CPUs in Buildroot are supported by
this version.

Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Romain Naour <romain.naour@smile.fr>
2025-07-02 15:14:47 +02:00
Julien Olivain 7724268034 arch/Config.in: introduce BR2_ARCH_NEEDS_GCC_AT_LEAST_16
gcc 15 was introduced in Buildroot in commit [1].

In Buildroot, a user creates a build configuration in Kconfig
menus by selecting the CPU architecture and CPU first, then
a toolchain that support this CPU, then packages and system
configuration.

To make sure those Kconfig menus and choices behave correctly in that
order, we use a logic in which a CPU selects the Kconfig symbol
BR2_ARCH_NEEDS_GCC_AT_LEAST_N (with N being the needed gcc version).
Then, to make sure unsupported gcc version are hidden for a selected
CPU, a gcc version N has in fact a "depends on
!BR2_ARCH_NEEDS_GCC_AT_LEAST_(N+1)". For example, Cortex-A710 needs
at least gcc 12. See [2] and [3].

This means that when we introduce the latest gcc version with this
logic in place, we already need this BR2_ARCH_NEEDS_GCC_AT_LEAST_(N+1)
symbol defined. Doing so is desirable to avoid forgetting to add it
later. See for example commit [4], adding those missing dependencies
for gcc 13 and 14.

Since in Buildroot we currently keep 3 actively maintained gcc
versions, adding a new gcc version N in Buildroot should:
- add the BR2_ARCH_NEEDS_GCC_AT_LEAST_(N+1) symbol
- add package/gcc N
- switch the default gcc from N-2 to N-1
- drop package/gcc N-3

Then, once this new gcc N is added, new CPUs supported by that version
can be introduced, by selecting BR2_ARCH_NEEDS_GCC_AT_LEAST_N.

All this logic will be ready for future gcc versions. This was also
described in commit log [5].

This commit simply adds the BR2_ARCH_NEEDS_GCC_AT_LEAST_16 symbol.

It is worth mentioning that, at the time of this commit, gcc 16 is not
released yet. This release number 16 is already known, though. See [6].

For reference, this was discussed in [7].

[1] https://gitlab.com/buildroot.org/buildroot/-/commit/75891397abe60dbe3d82a1ec39654ff81d1b1406
[2] https://gitlab.com/buildroot.org/buildroot/-/blob/2025.05/arch/Config.in.arm#L514
[3] https://gitlab.com/buildroot.org/buildroot/-/blob/2025.05/package/gcc/Config.in.host#L27
[4] https://gitlab.com/buildroot.org/buildroot/-/commit/6f231d3003502282710a0da7ecd98344ec868095
[5] https://gitlab.com/buildroot.org/buildroot/-/commit/eab17d763c6ca1bf74749e3a793fd044b5e6d457
[6] https://gcc.gnu.org/gcc-16/changes.html
[7] https://lore.kernel.org/buildroot/877c0v1sn1.fsf@dell.be.48ers.dk/T/#m45688e25632401029e4c0d989072e1d3e1a59854

Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Romain Naour <romain.naour@smile.fr>
2025-07-02 15:14:45 +02:00
Thomas Perale 533c0aac28 package/daq: fix build with GCC14
The daq package fails to build with GCC14 toolchains:

```
daq_nfq.c: In function 'SetPktHdr':
daq_nfq.c:395:37: error: passing argument 2 of 'nfq_get_payload' from incompatible pointer type [-Wincompatible-pointer-types]
  395 |     int len = nfq_get_payload(nfad, (char**)pkt);
      |                                     ^~~~~~~~~~~
      |                                     |
      |                                     char **
```

The issue can be reproduced with the following config:

```
cat > daq.config <<EOF
BR2_arm=y
BR2_cortex_a7=y
BR2_TOOLCHAIN_EXTERNAL=y
BR2_TOOLCHAIN_EXTERNAL_BOOTLIN=y
BR2_PACKAGE_DAQ=y
BR2_PACKAGE_LIBDNET=y
BR2_PACKAGE_LIBNETFILTER_QUEUE=y
EOF
```

This patch port a patch taken from openembedded meta-networking [1] and
is tested with test-pkg:

```
$ ./utils/test-pkg -c daq.config -p daq
```

[1] https://layers.openembedded.org/layerindex/recipe/37594/

Fixes: https://autobuild.buildroot.org/results/c69/c69ab134463a18eec65ded836aecf89a5cb4a75c/build-end.log
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-01 23:39:58 +02:00
Thomas Perale 5d5a4950b5 package/x11r7/xwayland: security bump to version 24.1.8
Fixes the following security issues:

- CVE-2025-49175: A flaw was found in the X Rendering extension's
    handling of animated cursors. If a client provides no cursors, the
    server assumes at least one is present, leading to an out-of-bounds
    read and potential crash.

For more information, see:
    - https://nvd.nist.gov/vuln/detail/CVE-2025-49175
    - https://gitlab.freedesktop.org/xorg/xserver/-/commit/0885e0b2

- CVE-2025-49176: A flaw was found in the Big Requests extension. The
    request length is multiplied by 4 before checking against the maximum
    allowed size, potentially causing an integer overflow and bypassing
    the size check.

For more information, see:
    - https://nvd.nist.gov/vuln/detail/CVE-2025-49176
    - https://gitlab.freedesktop.org/xorg/xserver/-/commit/03731b32

- CVE-2025-49177: A flaw was found in the XFIXES extension. The
    XFixesSetClientDisconnectMode handler does not validate the request
    length, allowing a client to read unintended memory from previous
    requests.

For more information, see:
    - https://nvd.nist.gov/vuln/detail/CVE-2025-49177
    - https://gitlab.freedesktop.org/xorg/xserver/-/commit/ab02fb96

- CVE-2025-49178: A flaw was found in the X server's request handling.
    Non-zero 'bytes to ignore' in a client's request can cause the server
    to skip processing another client's request, potentially leading to a
    denial of service.

For more information, see:
    - https://nvd.nist.gov/vuln/detail/CVE-2025-49178
    - https://gitlab.freedesktop.org/xorg/xserver/-/commit/d55c54ce

- CVE-2025-49179: A flaw was found in the X Record extension. The
    RecordSanityCheckRegisterClients function does not check for an
    integer overflow when computing request length, which allows a client
    to bypass length checks.

For more information, see:
    - https://nvd.nist.gov/vuln/detail/CVE-2025-49179
    - https://gitlab.freedesktop.org/xorg/xserver/-/commit/2bde9ca4

- CVE-2025-49180: A flaw was found in the RandR extension, where the
    RRChangeProviderProperty function does not properly validate input.
    This issue leads to an integer overflow when computing the total size
    to allocate.

For more information, see:
    - https://nvd.nist.gov/vuln/detail/CVE-2025-49180
    - https://gitlab.freedesktop.org/xorg/xserver/-/commit/3c3a4b76
    - https://gitlab.freedesktop.org/xorg/xserver/-/commit/0235121c

For more details on the version bump, see:
    - Security Advisory https://lists.x.org/archives/xorg/2025-June/062055.html
    - 24.1.7 https://lists.x.org/archives/xorg/2025-June/062057.html
    - 24.1.8 https://lists.x.org/archives/xorg/2025-June/062066.html

Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-01 23:05:29 +02:00
Thomas Perale 8b94ff6c6b package/x11r7/xserver_xorg-server: security bump to version 21.1.18
Fixes the following security issues:

- CVE-2025-49175: A flaw was found in the X Rendering extension's
  handling of animated cursors. If a client provides no cursors, the
  server assumes at least one is present, leading to an out-of-bounds
  read and potential crash.

For more information, see:
  - https://nvd.nist.gov/vuln/detail/CVE-2025-49175
  - https://gitlab.freedesktop.org/xorg/xserver/-/commit/0885e0b2

- CVE-2025-49176: A flaw was found in the Big Requests extension. The
  request length is multiplied by 4 before checking against the maximum
  allowed size, potentially causing an integer overflow and bypassing
  the size check.

For more information, see:
  - https://nvd.nist.gov/vuln/detail/CVE-2025-49176
  - https://gitlab.freedesktop.org/xorg/xserver/-/commit/03731b32

- CVE-2025-49177: A flaw was found in the XFIXES extension. The
  XFixesSetClientDisconnectMode handler does not validate the request
  length, allowing a client to read unintended memory from previous
  requests.

For more information, see:
  - https://nvd.nist.gov/vuln/detail/CVE-2025-49177
  - https://gitlab.freedesktop.org/xorg/xserver/-/commit/ab02fb96

- CVE-2025-49178: A flaw was found in the X server's request handling.
  Non-zero 'bytes to ignore' in a client's request can cause the server
  to skip processing another client's request, potentially leading to a
  denial of service.

For more information, see:
  - https://nvd.nist.gov/vuln/detail/CVE-2025-49178
  - https://gitlab.freedesktop.org/xorg/xserver/-/commit/d55c54ce

- CVE-2025-49179: A flaw was found in the X Record extension. The
  RecordSanityCheckRegisterClients function does not check for an
  integer overflow when computing request length, which allows a client
  to bypass length checks.

For more information, see:
  - https://nvd.nist.gov/vuln/detail/CVE-2025-49179
  - https://gitlab.freedesktop.org/xorg/xserver/-/commit/2bde9ca4

- CVE-2025-49180: A flaw was found in the RandR extension, where the
  RRChangeProviderProperty function does not properly validate input.
  This issue leads to an integer overflow when computing the total size
  to allocate.

For more information, see:
  - https://nvd.nist.gov/vuln/detail/CVE-2025-49180
  - https://gitlab.freedesktop.org/xorg/xserver/-/commit/3c3a4b76
  - https://gitlab.freedesktop.org/xorg/xserver/-/commit/0235121c

For more details on the version bump, see:
  - Security Advisory https://lists.x.org/archives/xorg/2025-June/062055.html
  - 21.1.17 https://lists.x.org/archives/xorg/2025-June/062056.html
  - 21.1.18 https://lists.x.org/archives/xorg/2025-June/062066.html

Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-01 23:05:25 +02:00
Thomas Perale d3274210f9 package/net-tools: fix regression introduced by CVE fix
Commit [1] backported an upstream patch to address CVE-2025-46836 that
included a regression.
Upstream later fixed this regression in commit [2].

This patch add that fix to correct the issue introduced by the original
patch.

[1] 323aaa9f54 package/net-tools: add upstream security fix for CVE-2025-46836
[2] https://sourceforge.net/p/net-tools/code/ci/ddb0e375fb9ca95bb69335540b85bbdaa2714348/

Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-01 22:59:25 +02:00
Titouan Christophe 7006854ce1 package/python-urllib3: security bump to v2.5.0
For release note, see:
https://github.com/urllib3/urllib3/releases/tag/2.5.0

This fixes the following vulnerabilities:
- CVE-2025-50181:
    urllib3 redirects are not disabled when retries are disabled on
    PoolManager instantiation

- CVE-2025-50182:
    urllib3 does not control redirects in browsers and Node.js

Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
[Julien: add link to release note in commit log]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-01 22:49:44 +02:00
Titouan Christophe 184a1b94a5 package/tinyxml: add patch for CVE-2023-34194
This fixes the following vulnerability:
- CVE-2023-34194:
    StringEqual in TiXmlDeclaration::Parse in tinyxmlparser.cpp in TinyXML
    through 2.6.2 has a reachable assertion (and application exit) via a
    crafted XML document with a '\0' located after whitespace.

Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-01 22:42:58 +02:00
Peter Korsgaard 394a8fb406 package/jose: security bump to version 14
Jose-13 fixed the following security issue:

- CVE-2023-50967: latchset jose through version 11 allows attackers to cause
  a denial of service (CPU consumption) via a large p2c (aka PBES2 Count)
  value.
  https://github.com/latchset/jose/issues/151

In addition, jose-14 worked around another DoS issue related to
decompression:
https://github.com/latchset/jose/pull/157

Drop now upstreamed patches:

- 0001-lib-hsh.c-rename-hsh-local-variable.patch: Upstream as of
  https://github.com/latchset/jose/commit/3d5b287243f87ce0243b23abd690d86c41fc499c

- 0002-man-add-option-to-skip-building-man-pages.patch: Upstream after
  getting reworked to use -Ddocs=disabled as of
  https://github.com/latchset/jose/commit/786b426df018edf30a53e2d82155df20d13047c1

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
[Julien: remove .checkpackageignore entries to fix check-package errors]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-01 22:39:25 +02:00
Marcus Hoffmann 74d5d8845d package/python-uvicorn: bump to 0.35.0
Changelog: https://www.uvicorn.org/release-notes/#0350-june-28-2025

Signed-off-by: Marcus Hoffmann <buildroot@bubu1.eu>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-01 22:02:19 +02:00
Bernd Kuhls 9c4ab44e8c package/python-emailproxy: bump version to 2025.6.25
Release notes: https://github.com/simonrob/email-oauth2-proxy/releases

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-01 22:01:41 +02:00
Bernd Kuhls f6d9a93c51 {linux, linux-headers}: bump 5.{4, 10, 15}.x / 6.{1, 6, 12, 15}.x series
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-01 21:52:14 +02:00
Yann E. MORIN a6ddf2b91d support/testing: enable lpxelinux for syslinux runtime test
The syslinux runtime test (which is in fact a build-only test) ensures
that syslinux does get build at least once a week (via the gitlab-CI
weekly pipeline). Runtime testing would need much more work, though, but
nothing in syslinux is currently runtime tested anyway.

Reported-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Yann E. MORIN <yann.morin@orange.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-01 21:48:08 +02:00
Thomas Perale 901b9e19ed package/kvmtool: fix build failure w/ musl
The following error occurs on the autobuilder for builds with musl
libc.

```
  CC       util/bitmap.o
In file included from include/linux/bitmap.h:7,
                 from util/bitmap.c:9:
include/linux/bitops.h:4:10: fatal error: bits/wordsize.h: No such file or directory
    4 | #include <bits/wordsize.h>
      |          ^~~~~~~~~~~~~~~~~
```

The error occurs because bits/wordsize.h is specific to glibc.

This patch applies an upstream fix that replaces the use of __WORDSIZE
with an internal macro, making the code portable across different libc.

Fixes: https://autobuild.buildroot.org/results/30d/30d6e407e6a0fc7d85062c2d56008755c70ca733/build-end.log
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-30 22:20:31 +02:00
Thomas Perale 0c1fa0bce1 package/libavif: security bump to v1.3.0
Fixes the following security issues:

- CVE-2025-48174: makeRoom in stream.c has an integer overflow and
    resultant buffer overflow in stream->offset+size.

For more information, see:
  - https://nvd.nist.gov/vuln/detail/CVE-2025-48174
  - https://github.com/AOMediaCodec/libavif/pull/2768/commits

- CVE-2025-48175: avifImageRGBToYUV in reformat.c has integer overflows
    in multiplications involving rgbRowBytes, yRowBytes, uRowBytes, and
    vRowBytes.

For more information, see:
  - https://nvd.nist.gov/vuln/detail/CVE-2025-48175
  - https://github.com/AOMediaCodec/libavif/commit/64d956ed5a602f78cebf29da023280944ee92efd

For more details on the version bump, see:
  - https://github.com/AOMediaCodec/libavif/releases/tag/v1.3.0
  - https://github.com/AOMediaCodec/libavif/releases/tag/v1.2.1
  - https://github.com/AOMediaCodec/libavif/releases/tag/v1.2.0

Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-30 22:05:54 +02:00
Thomas Perale 3d593a8144 package/modsecurity2: security bump to v2.9.10
Fixes the following security issues:

- CVE 2025-47947: Versions up to and including 2.9.8 are vulnerable to
  denial of service in one special case (in stable released versions):
  when the payload's content type is application/json, and there is at
  least one rule which does a sanitiseMatchedBytes action. A patch is
  available at pull request 3389 and expected to be part of version
  2.9.9. No known workarounds are available.

For more information, see:
  - https://nvd.nist.gov/vuln/detail/CVE-2025-47947
  - https://github.com/owasp-modsecurity/ModSecurity/pull/3389

- CVE-2025-48866: Versions prior to 2.9.10 contain a denial of service
  vulnerability similar to GHSA-859r-vvv8-rm8r/CVE-2025-47947. The
  `sanitiseArg` (and `sanitizeArg` - this is the same action but an
  alias) is vulnerable to adding an excessive number of arguments,
  thereby leading to denial of service. Version 2.9.10 fixes the issue.
  As a workaround, avoid using rules that contain the `sanitiseArg` (or
  `sanitizeArg`) action.

For more information, see:
  - https://nvd.nist.gov/vuln/detail/CVE-2025-48866
  - https://github.com/owasp-modsecurity/ModSecurity/commit/3a54ccea62d3f7151bb08cb78d60c5e90b53ca2e

For more details on the version bump, see:
  - https://github.com/owasp-modsecurity/ModSecurity/releases/tag/v2.9.8
  - https://github.com/owasp-modsecurity/ModSecurity/releases/tag/v2.9.9
  - https://github.com/owasp-modsecurity/ModSecurity/releases/tag/v2.9.10

Also this patch change the _SOURCE variable that now include a 'v'
prefixing the version.

Signed-off-by: Thomas Perale <thomas.perale@mind.be>
[Julien: update hash source url in hash file comment]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-30 21:47:16 +02:00
Maxime Chevallier 268d7ad180 package/elfutils: elfutils programs now require a c++ toolchain
The 0.192 release of elfutils introduced the src/srcfiles.cxx program,
that lists all source files of a given ELF binary. As this is a C++
program, we need a toolchain that supports it.

Without it, the build system tries to use "no" as the CXX compiler,
resulting in the following errors :

  /bin/sh: line 1: no: command not found

as can be seen here for example :

https://autobuild.buildroot.net/results/849/849221c794a469a423857a290db775d150b84900

Add a dependency to a CPP toolchain for the elfutils programs.

Signed-off-by: Maxime Chevallier <maxime.chevallier@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-30 21:38:50 +02:00
Maxime Chevallier 52ba3ed657 package/elfutils: Show a comment explaining that elfutils progs need glibc
The elfutils programs require Glibc to be used as the C library. Show a
comment when this libc isn't used in the toolchain.

Suggested-by: Yann E. MORIN <yann.morin@orange.com>
Signed-off-by: Maxime Chevallier <maxime.chevallier@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-30 21:38:47 +02:00
Thomas Perale fc1387b4a5 package/gstreamer1/gstreamer1-editing-services: fix COPYING hash
With the version bump to v1.24.11 (see [1]) the license hash changed for
the gstreamer1-editing-services package (see [2]).

This patch update the hash accordingly.

Fixes: https://autobuild.buildroot.org/results/9e1/9e1807cf5ac7bb69ae9bbe7a6a71411eb500188c/build-end.log

[1] fd00502ee0 package/gstreamer1/gstreamer1-editing-services: bump version to 1.24.11
[2] https://salsa.debian.org/gstreamer-team/gstreamer-editing-services1.0/-/commit/2a56edb6af3409ebdca39a96f310b43e0d780be0

Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-30 21:32:59 +02:00
Yann E. MORIN 0365d4e45b package/distribution-registry: new package
This package provides a reference, functional implementation of a
registry for distributing container images. Formerly the Docker
registry, it now also handles OCI images, so can be used to distribute
all kinds of container related images: classic Docker images, OCI
images, but also helms [0] and the likes, which are also packages as OCI
images in fact.

The upstream name of the package is just "distribution" [1], but this is
a bit too generic and unsearchable; distributions like Debian and Ubuntu
traditionally provides it as the "docker-registry" package, but this is
now misleading as it is not just for Docker anymore. So we decided to
name it "distribution-registry": it contains the upstream name and will
be searchable with the 'registry' part as well.

The built executable is named "registry", which is also a bit too
generic. Again, for the same reasons as above, we name it
"distribution-registry"; this also incidentally makes our golang-package
infra "just work" and do the right thing when it installs the package.

The upstream package provides a wrapper Makefile to build the package,
but it does not do more than our infra already does; the only little nit
is that it allows updating the version file (with git infra et al.). We
can just ignore that and update the version ourselves.

We also provide a minimalist configuration file: it exposes the registry
to localhost only, as a security measure. This file will have to be
overridden (e.g. in a rootfs-overlay) with proper authentication, and
with further locally meaningful setup anyway.

Finally, we also implement a run-time test that validates that we can
push and pull images to/from the registry. Since the registry is a big
go package, it takes time to start, so wait for it a little bit (and yet
a little bit more after it starts logging), and increase the timeouts
for commands that deal with the registry.

For this simple test, the registry is directly exposed with plain HTTP,
not HTTPS, so we must declare it as insecure, so that container tools
can reach it without custom options (e.g. without using skopeo's
--{src,dest}-tls-verify=false options).

We re-use skopeo to talk to the registry. This allows us to grab an
image from the Docker hub registry, and push it to our local registry,
then retrieve it back. Since we want to diffferentiate failures to grab
the image from the Docker Hub [2], from failures to push to our
registry, we do it in two steps: copy from Docker Hub to a local OCI
image, then push that to our registry.

Since both distribution-registry and skopeo are big go-based, statically
linked binaries, running both in the standard virtual machine does not
work: the 256MiB emulated in vexpress are not enough and cause segfaults
when running both at once. The vexpress also only accepts at most
256MiB, so we must use another machine; we decided to use the same as is
used by the podman teest case, which allows at least 1Gib, which is now
enough.

[0] https://helm.sh/
[1] https://github.com/distribution/distribution
[2] in case we reach the 100-pulls-a-day limitation

Signed-off-by: Yann E. MORIN <yann.morin@orange.com>
Cc: Christian Stewart <christian@aperture.us>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-29 15:57:45 +02:00
Yann E. MORIN ed75eaa6ee package/skopeo: use containers-image-config files
... and extend the skopeo runtime test to make use of those.

Signed-off-by: Yann E. MORIN <yann.morin@orange.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-29 15:57:40 +02:00
Yann E. MORIN 4686ab975b package/containers-image-config: new package
The container/image repository is the standards regpository that drives
the image management in container tools, like podman or skopeo. Besides
a Go library, it also prodvides the template configuration files used
by those tools; those files can also serve as default ones.

Install those files instead of the canned ones we cary in podman, and
change podman to use this new package too.

The registry file needs a fixup, as it by default does not allow
searching unqualified images (i.e. those that do not contain a registry
name) in a default registry, for security reasons. However, the Docker
Hub is traditionally a registry that can be accessed without being
specified, so we make that possible.

As was noted in ebbaac08e3 (package/podman: new package), "[p]roviding
actual files is going to be use-case dependent, and interested parties
will have to provide their own config files, e.g. in a rootfs overlay."

Signed-off-by: Yann E. MORIN <yann.morin@orange.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-29 15:57:37 +02:00
Bram Oosterhuis 89ca1bd4f4 package/libgcrypt: bump to v1.11.1
For release note, see:
https://dev.gnupg.org/T7166

This version fixes a build error which can happen with 32-bit arm
configurations.

The issue can be reproduced with commands:

    cat >.config <<EOF
    BR2_arm=y
    BR2_cortex_a8=y
    BR2_ARM_INSTRUCTIONS_THUMB2=y
    BR2_TOOLCHAIN_EXTERNAL=y
    BR2_PACKAGE_LIBGCRYPT=y
    EOF
    make olddefconfig
    make libgcrypt

Build is failing with output:

    ec-nist.c: In function '_gcry_mpi_ec_nist256_mod':
    ec-inline.h:902:5: error: 'asm' operand has impossible constraints or there are not enough registers
      902 |     __asm__ ("subs %3, %7, %10\n" \
          |     ^~~~~~~

Details for this buggix: https://dev.gnupg.org/T7226

Signed-off-by: Bram Oosterhuis <dev@bybram.com>
[Julien: reword commit log]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-29 13:09:55 +02:00
Yann E. MORIN 48639f074c boot/syslinux: add option to install lpxelinux
lpxelinux is like pxelinux, except it allows retrieving the files for
the kernel (with the KERNEL directive) and initrd (the path to initrd=
in the APPEND directive) from FTP or HTTP, rather than just from TFTP.
Using HTTP or FTP is musch faster than TFTP, so the boot time for big
kernels or big initrds is much shorter than with TFTP.

Signed-off-by: Yann E. MORIN <yann.morin@orange.com>
[Julien: fix typo in commit title]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-29 11:52:43 +02:00
Yann E. MORIN 90e76818a1 boot/syslinux: fix install with top-level parallel build
syslinux is... special. It is a target package, but it is installed in
HOST_DIR *in the target install commands*: in addition to the boot files
that run on the target, syslinux installs a set of host tools that are
to be used at build time (e.g. extlinux, to prepare bootable media, like
an iso96660 image). Then, from HOST_DIR, the actual boot files are
copied into BINARIES_DIR (i.e. images/); we do it that way because the
boot files are scattered about everywhere in the build tree, while they
are all packed together in a single directory once installed.

However, there is no dependency between the target and image install
steps. So, when using top-level parallel builds, there is no guarantee
that the target install commands are finished before the image install
commands are started.

We fix that by first installing into a temporary location, as part of
the build step, and by then copying from there as part of the install
step. This ensures that the boot files are easily available, without
needing a dependency on the target install step, that we can't express.

Note that we do not change the actual installation into HOST_DIR: it can
be set up differently that our temporary location, and we do not want
to duplicate that setup here (it's going to diverge over time).

Signed-off-by: Yann E. MORIN <yann.morin@orange.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-29 11:45:42 +02:00
Titouan Christophe 3b14fd5112 package/waf: bump to v2.1.6
See the changelog: https://gitlab.com/ita1024/waf/-/blob/waf-2.1.6/ChangeLog

Tested with `./utils/test-pkg -p ntpsec` (ntpsec is waf package)

Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-28 23:10:12 +02:00
Titouan Christophe 585ee147dd package/libmpeg2: add CPE_ID_VENDOR
At the moment, package stats indicates that libmpeg2 is affected by
https://nvd.nist.gov/vuln/detail/CVE-2022-37416

However, this CVE applies to a completely different piece of software,
that has the same name "libmpeg2" [1].

To avoid the confusion, let's add a proper CPE vendor to Buildroot's libmpeg2.
The library itself does not clearly identify any vendor name, and there isn't
any existing CPE on the NVD website. Since this library is not updated for
many years (maybe even before the introduction of the CPE system), but the
code is somehow related to the Videolan project, let's add this as the
vendor, which sould solve the matched CVE issue.

[1] https://github.com/ittiam-systems/libmpeg2

Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
[Julien: fix typo in commit title]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-28 22:57:28 +02:00
Titouan Christophe 2f2a83fdc4 package/libmpeg2: switch to videolan Gitlab repository
The source code archives don't seem to be available anymore from the libmpeg2
website (Sourceforge) [1], and their SVN repository [2] doesn't seem
reachable either.

This fixes recent autobuilder failures, such as
https://autobuild.buildroot.net/results/ede/edeef6a480350880b12eebd94654644e43c2670e/

[1] https://libmpeg2.sourceforge.io/
[2] svn://svn.videolan.org/libmpeg2/trunk

Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-28 22:57:28 +02:00
Julien Olivain 6f231d3003 package/gcc/Config.in.host: hide gcc version for unsupported CPUs
When a new gcc version is introduced, for example gcc 15 in
commit [1], it should have also added a "depends on
!BR2_ARCH_NEEDS_GCC_AT_LEAST_15" to the previous gcc version.

This logic is described for external toolchains in commit [2],
for example. The internal Buildroot toolchains should have the
same logic. This logic existed for previous gcc version. See for
example the removal of gcc 12 in commit [3].

There is usually no problem, because all the three latest active gcc
versions supports all CPUs present in Buildroot.

However, the commit [4] recently added the support for the Arm
Cortex-A720 CPU, which needs at least gcc 14. Since there is no
logic preventing the selection of the gcc version, it is possible
to select an unsupported gcc version (i.e. gcc 13).

In such a case, the host-gcc-initial package configuration fails
with output:

    Unknown cpu used in --with-cpu=cortex-a720

This commit fixes the issue by adding those missing dependencies.

Fixes:
https://autobuild.buildroot.org/results/918b90aee0b65f01efc241622015cb847b4e23a8/

[1] https://gitlab.com/buildroot.org/buildroot/-/commit/75891397abe60dbe3d82a1ec39654ff81d1b1406
[2] https://gitlab.com/buildroot.org/buildroot/-/commit/f577d8218f3f18016aa084255e337a7f589eeed1
[3] https://gitlab.com/buildroot.org/buildroot/-/commit/58cf7c51da3ae4804332f68ee934e153d695d047#66f7e875db173e5538d3511c8297acc1ba30da33_27_25
[4] https://gitlab.com/buildroot.org/buildroot/-/commit/de374e06d856dd5079fc792c883b06563af950b0

Cc: Romain Naour <romain.naour@gmail.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-06-28 22:42:23 +02:00
Martin Elshuber d96ddedb4c package/strongswan: add option to specify paths to PID and UNIX socket files
Strongswan allows to specify a path for PID and UNIX socket files at
compile time via the --with-piddir argument.

This is especially useful when Strongswan is running inside a container
where we may not want to share/mount the default path of /var/run inside
the container.

Let's add an option to configure the piddir.

Considering this is a critical path, let's add a default value to the
string option (which is currently the same as strongswan's default when
the option is missing) so that it is stable across strongswan releases
in Buildroot.

Signed-off-by: Martin Elshuber <martin.elshuber@theobroma-systems.com>
[Quentin: rewriting of commit title and commit log]
Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-28 22:27:01 +02:00
Quentin Schulz 1d3ec1fc7f package/strongswan: allow non-root user/group to own IKE charon daemon
Strongswan allows[1] to run the IKE charon daemon as non-root (defaults
to running as root) user/group, so let's allow that.

[1] https://docs.strongswan.org/docs/latest/install/reducedPrivileges.html#_running_strongswan_as_non_root
Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-28 17:29:16 +02:00
Quentin Schulz e7ca2197c4 package/strongswan: allow to drop unneeded capabilities
strongSwan allows to drop unneeded capabilities[1] after the IKE daemon
has been started, based on libcap, so let's allow that via a config
option.

While the "native" (capset) way of dropping capabilities is supported,
it is deprecated so its support is not added in Buildroot.

While the documentation specifically mentions the IKE daemon (charon) as
being the one impacted by this change, the ifdefery with this autotools
option exists in various libraries in the source code, hence why this is
kept independent from the charon Kconfig option status.

[1] https://docs.strongswan.org/docs/latest/install/reducedPrivileges.html#_dropping_capabilities
Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-28 17:29:13 +02:00
Raphaël Mélotte 5c18eb1a55 package/gumbo-parser: bump to version 0.13.1
Changelog:
https://codeberg.org/gumbo-parser/gumbo-parser/releases

Release 0.11.0 onwards dropped the 'v' version prefix in the tarball
name, so drop it on our side as well.

The patch no longer applied cleanly and needed to be refreshed.
It was also submitted to the new upstream, the upstream link is
updated accordingly.
A local test build was done with the toolchain from the config that
originally triggered the build to fail due to lack of C++ support:
http://autobuild.buildroot.org/results/a32b5d3b959433fd5c3543661c37f80d27fbd010

It is worth noting that we still build using autotools which is
deprecated in this version of gumbo-parser (in favor of meson).

The license file location was moved in a "doc" subdirectory, in upstream
commit [1]. This commit reflect that change.

[1] https://codeberg.org/gumbo-parser/gumbo-parser/commit/814e2b43f776e25ffe2089396ced63e6ceb4db06

Signed-off-by: Raphaël Mélotte <raphael.melotte@mind.be>
[Julien: fix license file location which has moved to "doc/"]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-28 16:12:55 +02:00
Raphaël Mélotte da23be6338 support/testing: new runtime test for gumbo-parser
The new test requires a br2-external directory because we compile a
small test program on the host and install it on the target, but it's
not useful to have it in the main Buildroot package tree.

The test program loads and parses a sample HTML document. Taking
inspiration from 'examples/get_title.c' in gumbo-parser, it also
searches for the title of the document just to check that we can do
more than the parsing.

Signed-off-by: Raphaël Mélotte <raphael.melotte@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-28 15:34:20 +02:00
Raphaël Mélotte 1e106d8412 package/gumbo-parser: update upstream repository
Development on Google's GitHub repository has stopped a long time ago.
A fork exists on Codeberg, and multiple distributions (Fedora, Arch
Linux, ...) are already using it (see [1]).

Update the source URL to use the new upstream location.

The new upstream has a different hash for the 0.10.1 tarball, so
update it as well.

[1]: https://repology.org/project/gumbo-parser/versions

Signed-off-by: Raphaël Mélotte <raphael.melotte@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-28 15:34:16 +02:00
Raphaël Mélotte f1c0986834 package/nginx-modsecurity: bump to version 1.0.4
Changelog:
https://github.com/owasp-modsecurity/ModSecurity-nginx/blob/v1.0.4/CHANGES

Signed-off-by: Raphaël Mélotte <raphael.melotte@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-28 14:11:35 +02:00
Raphaël Mélotte 5cda85cb56 support/testing: add new test for nginx-modsecurity
This test verifies that we can run nginx with the modsecurity
directives.
It also checks a very simple rule that blocks requests containing the
keyword "blockme".

Signed-off-by: Raphaël Mélotte <raphael.melotte@mind.be>
[Julien:
 - add / at directory end in DEVELOPERS
 - sort DEVELOPERS entries alphabetically
 - remove unneeded test configs already present in
   BASIC_TOOLCHAIN_CONFIG
 - sort test config directives alphabetically
]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-28 14:11:35 +02:00
Raphaël Mélotte 430aa91c3d package/binutils: fix build with gcc 15
Backport the upstream patch that fixes the following build error when
compiling for mips with gcc 15:

In file included from mips-opc.c:29:
mips-opc.c: In function 'decode_mips_operand':
mips-formats.h:86:7: error: expected identifier or '(' before
'static_assert'
   86 |       static_assert[(1 << (SIZE)) == ARRAY_SIZE (MAP)]; \
         |       ^~~~~~~~~~~~~

The patch is already part of upstream binutils 2.44, so we only need
it for 2.42 and 2.43.1.

All 3 versions we have of host-binutils were build-tested using the
defconfig from the autobuilder failure (see the link below) and gcc 15
on the host.

Fixes:
- https://autobuild.buildroot.org/results/873/873ec25cf01d5f2b9ae7044e0b1d8d8791b781e6/

Signed-off-by: Raphaël Mélotte <raphael.melotte@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-28 12:57:42 +02:00
Titouan Christophe 95db5707df package/libarchive: security bump to v3.8.1
This fixes the following CVEs:

- CVE-2025-5914
    Libarchive: double free at archive_read_format_rar_seek_data()
    in archive_read_support_format_rar.c
    https://www.cve.org/CVERecord?id=CVE-2025-5914

- CVE-2025-5915
    Libarchive: heap buffer over read in copy_from_lzss_window()
    at archive_read_support_format_rar.c
    https://www.cve.org/CVERecord?id=CVE-2025-5915

- CVE-2025-5916
    Libarchive: integer overflow while reading warc files
    at archive_read_support_format_warc.c
    https://www.cve.org/CVERecord?id=CVE-2025-5916

- CVE-2025-5917
    Libarchive: off by one error in build_ustar_entry_name()
    at archive_write_set_format_pax.c
    https://www.cve.org/CVERecord?id=CVE-2025-5917

- CVE-2025-5918
    Libarchive: reading past eof may be triggered for piped file streams
    https://www.cve.org/CVERecord?id=CVE-2025-5918

See the release notes:
- https://github.com/libarchive/libarchive/releases/tag/v3.8.0
- https://github.com/libarchive/libarchive/releases/tag/v3.8.1

In addition to the version bump, the following changes are required:
- The COPYING file has been edited upstream because of filename change on a
  sub-licensed component; see
  https://github.com/libarchive/libarchive/commit/c26f0377457db392bd57a640e8fe25506120f810
- The upstream "sha256sums" is currently unavailable, so the archive checksum
  has been computed locally
- Drop patches for libiconv in configure.ac, which has been properly addressed
  upstream in https://github.com/libarchive/libarchive/pull/2611
- Following the above, AUTORECONF is not needed any longer
- Drop mbedtls patch that has been applied upstream

Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-28 12:28:12 +02:00
Titouan Christophe 9f2dbf1486 package/libwebsock: remove package
The upstream Github repository payden/libwebsock is no longer available,
and its URL now redirects to some completely unrelated software.
We don't know for sure what happened, but at least the package does not
build anymore, because its source code has vanished.

Since no other buildroot package depends on libwebsock, and it hasn't
received any update; let's simply remove it from here.

Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-28 12:22:57 +02:00
Titouan Christophe fba60c7732 package/libbpf: add patch for CVE-2025-29481
This fixes the following CVE:

- CVE-2025-29481:
    Buffer Overflow vulnerability in libbpf 1.5.0 allows a local attacker to
    execute arbitrary code via the bpf_object__init_prog` function of libbpf.

Fixes:
https://www.cve.org/CVERecord?id=CVE-2025-29481

Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
[Julien: add direct link to CVE in commit log]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-28 12:10:18 +02:00
Giulio Benetti 50297207a8 board/freescale/mxs: fix Linux booting
Actually DTB_LIST accepts only file and not files with relative path
preprended. This leads to have vfat without .dtb files and so Linux
doesn't start. Let's fix this by including slash in sed command as done
for mxc as well as basename in front of $dt.dtb to remove possible
useless folders present in the dts path. Let's also add set -e at the
top of the script to make it more verbose on error and modify this
section according to spellcheck as done for mxc.

This commit align this "mxs/post-image.sh" with its "imx/post-image.sh"
counterpart which was improved for arm64 in commit [1].

[1] https://gitlab.com/buildroot.org/buildroot/-/commit/4755bf2bd43a7b4c3bf4f88be790240a01b3116f

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
[Julien:
 - change space indentation to tabs for consistency
 - add note in commit log about imx/post-image.sh
]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-28 12:03:53 +02:00
Giulio Benetti b3b22564d6 board/freescale/common/imx/post-image.sh: make it verbose on error
Add set -e at the top of the script to make it verbose on error.

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-28 11:31:24 +02:00
Giulio Benetti a717d99803 package/cryptsetup: bump version to 2.8.0
For release note, see:
https://gitlab.com/cryptsetup/cryptsetup/-/blob/v2.8.0/docs/v2.8.0-ReleaseNotes

Rearrange license files according to upstream.

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
[Julien:
 - add link to release note in commit log
 - reindent _LICENSE_FILES
 - fix COPYING.* file path in .hash file
]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-27 18:13:34 +02:00
Marcus Hoffmann 5f281b3952 package/systemd: bump to 257.7
Changes:
https://github.com/systemd/systemd/compare/v257.5...v257.7

Signed-off-by: Marcus Hoffmann <buildroot@bubu1.eu>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-26 23:09:53 +02:00
Marcus Hoffmann f01f7e50e6 package/python-fastapi: bump to 0.115.14
Release notes:
https://github.com/fastapi/fastapi/releases/tag/0.115.14

Signed-off-by: Marcus Hoffmann <buildroot@bubu1.eu>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-26 23:00:17 +02:00
Michael Nosthoff cddb30959b package/re2: bump to version 2024-07-02
Changelog: https://github.com/google/re2/compare/2024-04-01...2024-07-02

Signed-off-by: Michael Nosthoff <buildroot@heine.tech>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-26 22:55:07 +02:00
Edgar Bonet 5f1a38a41f toolchain/toolchain-external/toolchain-external-custom: add gcc 15 version selection
This patch allows to use an external toolchain based on gcc 15.

Signed-off-by: Edgar Bonet <bonet@grenoble.cnrs.fr>
[Julien: change spaces to tabs to fix check-package errors]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-25 20:55:21 +02:00
Julien Olivain 5ddba9702a boot/edk2: bump to version edk2-stable202505
For release notes since edk2-stable202411, see:
https://github.com/tianocore/edk2/releases/tag/edk2-stable202502
https://github.com/tianocore/edk2/releases/tag/edk2-stable202505

Note: the edk2-stable202505 release note mention a security fix.
This fix was already backported in Buildroot in a previous commit.
For that reason, this bump is not marked as securiy, and also
removes the backported patch and its associated _IGNORE_CVES entry.

Those versions include fixes when using gcc 15 (host and target).

This commit also updates the edk2-platforms and edk2-non-osi packages
with the last commit merged at the edk2 release date (2025-05-23).
In the case of edk2-platforms, the commit id used in this update
is few days later, to include a fix for the Arm Sgi575 platform.
Exact commit should have been [1] (to be exactly aligned to the edk2
tag date), but commit [2] is used instead. The package edk2-non-osi is
updated to commit [3].

Also, the SocioNext SynQuacer platforms (including the DeveloperBox)
were removed upstream in edk2-platforms commit [4]. This commit
reflect that change by removing those platforms choices and associated
runtime tests.

This commit has been runtime tested with tests using EDK2 package,
with commands:

    support/testing/run-tests \
        -d dl -o output_folder \
            tests.boot.test_edk2 \
            tests.boot.test_grub.TestGrubAArch64EFI \
            tests.boot.test_grub.TestGrubi386EFI \
            tests.boot.test_grub.TestGrubRiscV64EFI \
            tests.boot.test_grub.TestGrubX8664EFI \
            tests.fs.test_iso9660.TestIso9660Grub2EFI \
            tests.fs.test_iso9660.TestIso9660Grub2Hybrid \
            tests.package.test_fwts

It has also been runtime tested (by booting in qemu) with defconfigs
using EDK2 package:
qemu_aarch64_sbsa_defconfig
qemu_riscv64_virt_efi_defconfig

[1] https://github.com/tianocore/edk2-platforms/commit/2bfe3fa99e21b00492f31aa8969db1f6c0ff1a80
[2] https://github.com/tianocore/edk2-platforms/commit/92f7d69e8aa31e0ae06d4dabbcee12f4ebdb78ed
[3] https://github.com/tianocore/edk2-non-osi/commit/ea2040c2d4e2200557e87b9f9fbd4f8fb7a2b6e8
[4] https://github.com/tianocore/edk2-platforms/commit/aaba5807f13b91029bcd32fc0f92dbb42c79dc1e

Cc: Dick Olsson <hi@senzilla.io>
Cc: Romain Naour <romain.naour@smile.fr>
Cc: Vincent Stehlé <vincent.stehle@arm.com>
Tested-by: Vincent Stehlé <vincent.stehle@arm.com>
Reviewed-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-25 19:30:18 +02:00
Julien Olivain 14d07d1914 boot/edk2: add security fix for CVE-2024-38805
This commit adds a security fix from the upstream commit:
https://github.com/tianocore/edk2/commit/b3a2f7ff24e156e8c4d694fffff01e95a048c536

It fixes CVE-2024-38805:
https://www.cve.org/CVERecord?id=CVE-2024-38805
Note: at the time of this commit, this CVE is "reserved" by a CNA.
Details will come later.

See also the associated pull request:
https://github.com/tianocore/edk2/pull/11042

This commit also adds the corresponding _IGNORE_CVES entry.

Reviewed-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-25 19:29:49 +02:00
Peter Korsgaard 2b5544ab7a Makefile: unexport TOPDIR to fix gnu-efi >= 3.0.18 build issue
gnu-efi fails to build if TOPDIR is exported in the environment since the
move to version 3.0.18 in commit 9efeb7e914 ("package/gnu-efi: bump to
version 3.0.18").

The reason is the change in TOPDIR logic introduced by upstream commit
31913f8489 ("Make: make TOPDIR actually work and get rid of unused CDIR"):

https://github.com/ncroxon/gnu-efi/commit/31913f8489f8e6eb624b6447d2e5cf1f6367bebf

export TOPDIR=foo; make gnu-efi
...
/path/to/buildroot/output-gnuefi/host/bin/aarch64-linux-ld: cannot find
 /path/to/buildroot/output-gnuefi/build/gnu-efi-4.0.0//apps/../aarch64/gnuefi/crt0-efi-aarch64.o:
 No such file or director
make[2]: *** [Makefile:89: apps] Error 2
make[1]: *** [package/pkg-generic.mk:273: /path/to/buildroot/output-gnuefi/build/gnu-efi-4.0.0/.stamp_built] Error 2
make: *** [Makefile:23: _all] Error 2

As a workaround, unexport TOPDIR like we do for other sensitive environment
variables.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-25 19:24:54 +02:00
Peter Korsgaard da04cfa26c Makefile: sort unexport lines
The list of environment variables to unexport has grown organically over the
years and is no longer sorted. Sort it alphabetically for clarity.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-25 19:24:54 +02:00
Marcus Hoffmann d834b1aad1 package/python-pydantic-settings: bump to 2.10.1
Release notes:
* https://github.com/pydantic/pydantic-settings/releases/tag/2.10.1
* https://github.com/pydantic/pydantic-settings/releases/tag/2.10.0

Signed-off-by: Marcus Hoffmann <buildroot@bubu1.eu>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-25 19:17:09 +02:00
Marcus Hoffmann 2286b6dd1b package/python-dotenv: bump to 1.1.1
Release notes:
https://github.com/theskumar/python-dotenv/releases/tag/v1.1.1

Signed-off-by: Marcus Hoffmann <buildroot@bubu1.eu>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-25 19:17:09 +02:00
Marcus Hoffmann 813efddd54 package/python-fastapi: bump to 0.115.13
Release Notes:
https://github.com/fastapi/fastapi/releases/tag/0.115.13

Signed-off-by: Marcus Hoffmann <buildroot@bubu1.eu>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-25 19:17:09 +02:00
Raphaël Mélotte c0fb057a08 package/python-s3transfer: bump to version 0.13.0
Changelog:
https://github.com/boto/s3transfer/blob/0.13.0/CHANGELOG.rst

Signed-off-by: Raphaël Mélotte <raphael.melotte@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-25 19:15:37 +02:00
Raphaël Mélotte 602fb43d34 package/modsecurity2: update upstream URLs
'https://github.com/SpiderLabs/ModSecurity' now redirects to
'https://github.com/owasp-modsecurity/ModSecurity', so update our
URLs accordingly.

Signed-off-by: Raphaël Mélotte <raphael.melotte@mind.be>
Reviewed-by: Herve Codina <herve.codina@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-25 19:11:40 +02:00
Raphaël Mélotte 5d9551d303 package/nginx-modsecurity: update upstream URLs
'https://github.com/SpiderLabs/ModSecurity-nginx' now redirects to
'https://github.com/owasp-modsecurity/ModSecurity-nginx', so update our
URLs accordingly.

Signed-off-by: Raphaël Mélotte <raphael.melotte@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-25 19:11:40 +02:00
Raphaël Mélotte d1ea9a64e6 package/mupdf: update homepage URL
The current homepage URL leads to an HTTP 404 error.

Fix it by using the homepage URL currently mentioned in mupdf's git
repository.

Signed-off-by: Raphaël Mélotte <raphael.melotte@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-25 19:11:40 +02:00
Bagas Sanjaya 72a47cd3a2 package/git: bump to version 2.50.0
Bump the package version to v2.50.0.

Release notes:
https://lore.kernel.org/git/xmqq1prj1umb.fsf@gitster.g/

Signed-off-by: Bagas Sanjaya <bagasdotme@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-25 19:10:00 +02:00
Maxime Chevallier 3953bd3e9c configs/globalscale_espressobin: Bump linux to v6.12.34
Bump from v5.15.1 to the latest LTS, v6.12.34.

Signed-off-by: Maxime Chevallier <maxime.chevallier@bootlin.com>
Reviewed-by: Joachim Wiberg <troglobit@gmail.com>
[Julien: reword commit title]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-25 19:02:14 +02:00
Thomas Petazzoni 79c964537d package/systemd: fix systemd-boot installation
Following the bump of systemd to 257.5 in commit
7d8d48cd2b, the installation of
systemd-boot fails with:

/usr/bin/install -D -m 0644 /home/thomas/projets/buildroot/outputs/3/build/systemd-257.5/buildroot-build/src/boot/efi/systemd-bootx64.efi /home/thomas/projets/buildroot/outputs/3/images/efi-part/EFI/BOOT/bootx64.efi
/usr/bin/install: cannot stat '/home/thomas/projets/buildroot/outputs/3/build/systemd-257.5/buildroot-build/src/boot/efi/systemd-bootx64.efi': No such file or directory

Indeed, the systemd-bootx64.efi binary is no longer produced in
buildroot-build/src/boot/efi/, but in buildroot-build/src/boot/.

No autobuilder failures have been found corresponding to this issue,
but it can be reproduced with:

 BR2_x86_64=y
 BR2_x86_corei7=y
 BR2_TOOLCHAIN_EXTERNAL=y
 BR2_TOOLCHAIN_EXTERNAL_BOOTLIN_X86_64_CORE_I7_GLIBC_BLEEDING_EDGE=y
 BR2_INIT_SYSTEMD=y
 BR2_SYSTEM_BIN_SH_NONE=y
 BR2_SYSTEM_DEFAULT_PATH="/bin:/sbin:/usr/bin:/usr/sbin"
 # BR2_PACKAGE_BUSYBOX is not set
 BR2_PACKAGE_SYSTEMD_BOOT=y
 # BR2_TARGET_ROOTFS_TAR is not set

Most likely this was caused by upstream commit
97318131fd06a5bc35454da81dcbbc84f16d9940, even though we didn't check
if this commit was really the culprit.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-25 18:56:03 +02:00
Peter Korsgaard 17399baa7c package/libcurl: unbreak threads + c-ares conditional
Commit 0fce7a9623 ("package/libcurl: fix build w/ threads + c-ares") added a
conditional for threads + c-ares, but ended up with a end-parenthesis too
many - so the condition is never true.  Fix that.

Reported-by: Tibault Damman <tibault.damman@basalte.be>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Reviewed-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-06-25 15:55:44 +02:00
Dario Binacchi e339bef04b package/mmc-utils: bump version to 1.0
This is the first tagged version of the package, so replace commit SHA
with version tag.

Change log since last version bump:

  d8a8358a7207 mmc-utils: Pass key_mac buffer to rpmb_get_key()
  a23ad7875b89 mmc-utils: Start to use the generic print_usage function
  e769d44ecb77 mmc-utils: Introduce a generic print_usage function
  6586fa5535dc mmc-utils: Simplify and streamline print_help function
  ec75d4b3b671 mmc-utils: Remove unused adv_help member from struct Command

Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Reviewed-by: Giulio Benetti <giulio.benetti@micronovasrl.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-06-25 15:54:46 +02:00
Maxime Chevallier f28f34e200 package/linux-tools: rtla: Pass TARGET_LD to the make arguments
In Linux v6.8,  the rtla Makefile was rewritten :

  01474dc706ca ("tools/rtla: Use tools/build makefiles to build rtla")

The new Makefile uses default linker values, so the host linker being used to
produce the final rtla binary.

This results in the following error :

ld: [...] trace.o: error adding symbols: file in wrong format

Add LD=$(TARGET_LD) to the RTLA_MAKE_OPTS to fix rtla cross-compilation.

Signed-off-by: Maxime Chevallier <maxime.chevallier@bootlin.com>
Reviewed-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-23 22:42:22 +02:00
Thomas Petazzoni 4abd7bb9df package/cifs-utils: bump to version 7.4
According to
https://lists.samba.org/archive/samba-technical/2025-June/139484.html:

A new update, version 7.4, of cifs-utils has been released today.
Users of cifs-utils version 7.3 on older kernels are encouraged to
update to 7.4 since it includes a fix for a mount problem with version
7.3 of cifs-utils on older kernels when using namespaces.

[...]

Detailed list of changes since version 7.3 was released
----------------------------------------------------------------
Enzo Matsumiya (1):
      mount.cifs: retry mount on -EINPROGRESS

Henrique Carvalho (1):
      cifs.upcall: correctly treat UPTARGET_UNSPECIFIED as UPTARGET_APP

Paulo Alcantara (1):
      cifs.upcall: fix memory leaks in check_service_ticket_exits()

Pavel Shilovsky (1):
      cifs-utils: bump version to 7.4

Z. Liu (2):
      getcifsacl, setcifsacl: use <libgen.h> for basename
      cifscreds: use <libgen.h> for basename

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-23 22:28:48 +02:00
Bernd Kuhls 7f45d183fe package/freeswitch: rework OpenCV4 dependencies
Fixes:
https://gitlab.com/buildroot.org/buildroot/-/commit/962081259d91fea1e9a59c1af85d9a85ba45d0dd

Fixes Kconfig warnings:

    WARNING: unmet direct dependencies detected for BR2_PACKAGE_OPENCV4_LIB_OBJDETECT
      Depends on [n]: BR2_PACKAGE_OPENCV4 [=y] && !BR2_TOOLCHAIN_USES_UCLIBC [=n] && BR2_PACKAGE_PROTOBUF_ARCH_SUPPORTS [=n] && BR2_TOOLCHAIN_GCC_AT_LEAST_8 [=y]
      Selected by [y]:
      - BR2_PACKAGE_FREESWITCH [=y] && BR2_INSTALL_LIBSTDCPP [=y] && !BR2_STATIC_LIBS [=n] && BR2_TOOLCHAIN_HAS_THREADS [=y] && BR2_USE_MMU [=y] && BR2_USE_WCHAR [=y] && BR2_PACKAGE_OPENCV4 [=y]

Reported-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-23 22:10:26 +02:00
Bernd Kuhls 942b88e693 package/mpv: remove stale patch
Buildroot commit 8f69974c20 switched the
buildsystem of mpv from waf to meson but forgot to remove a patch which
fixed a waf-related build error.

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-23 22:06:46 +02:00
Arnout Vandecappelle 333e527682 docs/website/news.html: fix date of 2025.02.4 release
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-06-23 19:02:54 +02:00
Arnout Vandecappelle 6b41e499cd docs/website/{download,news}.html: update for 2025.02.4
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-06-23 18:54:45 +02:00
Titouan Christophe f30bf62f53 CHANGES: update for 2025.02.4
Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
(cherry picked from commit a7eb8e598d)
2025-06-23 18:49:35 +02:00
Bernd Kuhls 1bb4a955fa package/python3: security bump to 3.13.5
3.13.4 fixes CVE 2024-12718, CVE 2025-4138, CVE 2025-4330, CVE 2025-4435
and CVE 2025-4517 but introduced some regressions fixed in 3.13.5.

Release notes:
https://www.python.org/downloads/release/python-3135/
https://www.python.org/downloads/release/python-3134/

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-22 15:30:57 +02:00
Alex Bennée 52664093de package/vulkan-{headers,loader,tools}: bump to 1.4.317 release
Update to the current release. We now need the recently added
vulkan-sdk to have access to the volk loader. Update the depends
comments appropriately.

Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
[Julien:
 - reword commit log title to use bash brace-expansion style
 - remove "vulkan-sdk" from Kconfig comment
 - remove newline before Kconfig help section
]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-22 12:43:00 +02:00
Alex Bennée 69cb3de4bf package/vulkan-sdk: new package
The principle component of this is the new volk meta-loader which is
required for more recent versions of vulkan-tools. There does seem to
be a little confusion with github Releases lagging behind tagged
versions of the sdk. I've gone for the latest SDK version to stay as
closely aligned to the rest of the system as I can.

Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
[Julien: remove _SOURCE to fix a check-package warning]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-22 12:43:00 +02:00
Bernd Kuhls c6252c2e50 package/libcamera-apps: bump version to v1.7.0-10-ge9645231
This version bump is needed for compatibility with the upcoming bump of
ffmpeg to version 7.1.x.

Use the new configure option disable_rpi_features to allow building for
non-rbpi defconfigs.

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
[Julien: use "git describe --tags --abbrev=40" format in _VERSION]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-22 12:08:34 +02:00
Bernd Kuhls 0e1d85930f package/libcamera: bump version to 0.5.1
Removed patches which are included in this release.

Release notes: https://git.linuxtv.org/libcamera.git/tag/?h=v0.5.1

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-22 11:47:03 +02:00
Bernd Kuhls 3142a7cf31 package/ffmpeg: add optional support for OpenCV4
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-22 10:31:18 +02:00
Bernd Kuhls 962081259d package/freeswitch: add optional support for OpenCV4
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-22 10:31:04 +02:00
Bernd Kuhls 9b9b21f589 package/{opencv4, opencv4-contrib}: bump version to 4.11.0
Changelog:
https://github.com/opencv/opencv/wiki/OpenCV-Change-Logs#version4110

Added comments to both packages to keep the version number in sync.

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-22 10:29:16 +02:00
Bernd Kuhls 91714f6052 package/opencv3: bump version to 3.4.20
Changelog:
https://github.com/opencv/opencv/wiki/OpenCV-Change-Logs-v2.2%E2%80%90v4.10#version3420

Updated license hash due to copyright year bump:
https://github.com/opencv/opencv/commit/7b7774476e92247c801309387df2ea64465976e3

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-22 10:27:37 +02:00
Joseph Kogut 53076f0eba package/python-glslang: bump to version 15.3.0
See changelog:
https://github.com/KhronosGroup/glslang/blob/15.3.0/CHANGES.md

Fixes build issue: error: ‘uint32_t’ has not been declared, encountered
on GCC v15, caused by cstdint not being implicitly included.

https://bugs.gentoo.org/937261

This commit also adds host-spriv-tools in _DEPENDENCIES to use the
version packaged in Buildroot. It also adds
ALLOW_EXTERNAL_SPIRV_TOOLS=ON in _CONF_OPTS, which was added in upstream
commit [1], introduced in version 13.0.0.

Also, when trying to build this python-glslang version 15.3.0 on a host
providing cmake < 3.26, the configuration fails with the error message:

    CMake Error at CMakeLists.txt:345 (add_test):
      Error evaluating generator expression:

        $<TARGET_RUNTIME_DLL_DIRS:spirv-remap>

      Expression did not evaluate to a known generator expression

This happens in the Buildroot docker reference image, which provides a
cmake version 3.25. To workaround this issue which happen in glslang
testing code, this commit disable those tests by adding
GLSLANG_TESTS=OFF in _CONF_OPTS.

[1] https://github.com/KhronosGroup/glslang/commit/3805888a57c07904b6bbdec639bfe5f078e26342

Signed-off-by: Joseph Kogut <joseph.kogut@gmail.com>
[Julien:
 - resolve merge conflict
 - update changelog link to use version tag
 - disable glslang tests
]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-21 23:31:29 +02:00
Bernd Kuhls b753f29494 package/meson: bump version to 1.8.2
Release notes:
https://mesonbuild.com/Release-notes-for-1-8-0.html

Updated patch 0001 due to upstream commit
https://github.com/mesonbuild/meson/commit/4fa52925459dac650bf053715987ee7beb3b23c1

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Tested-by: Julien Olivain <ju.o@free.fr>
[Julien: fix patch line offsets]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-20 21:21:49 +02:00
Bernd Kuhls c17ce03793 package/clamav: bump version to 1.4.3
Release notes:
https://blog.clamav.net/2024/08/clamav-140-feature-release-and-clamav.html
https://blog.clamav.net/2024/09/clamav-141-132-107-and-010312-security.html
https://blog.clamav.net/2025/01/clamav-142-and-108-security-patch.html
https://blog.clamav.net/2025/06/clamav-143-and-109-security-patch.html

Note: release notes of clamav version 1.4.1, 1.4.2 and 1.4.3 are
marked upstream as security maintenance releases. This Buildroot
commit is not marked as security fix because those security patches
were already applied in the v1.0.x series. See version bumps
to v1.0.7 [1], v1.0.8 [2] and v1.0.9 [3].

[1] https://gitlab.com/buildroot.org/buildroot/-/commit/6a506262e4d7bb1b0bc3b9ab3de9f14dfebd78dc
[2] https://gitlab.com/buildroot.org/buildroot/-/commit/caa2fac892e01929148eb169dfc83d59ad806a79
[3] https://gitlab.com/buildroot.org/buildroot/-/commit/09f6aa642d9a5255899581b4af6edef62e52deae

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
[Julien: add note about security in commit log]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-20 19:02:51 +02:00
Bernd Kuhls 5948b4dd7b package/{mesa3d, mesa3d-headers}: bump version to 25.1.4
Release notes:
https://lists.freedesktop.org/archives/mesa-announce/2025-June/000808.html

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-20 18:49:16 +02:00
Bernd Kuhls 7a1d7189a0 {linux, linux-headers}: bump 6.{6, 12, 15}.x series
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-20 18:47:39 +02:00
Bernd Kuhls 6874b21aa3 package/kodi-pvr-waipu: bump version to 21.12.1-Omega
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-20 18:43:58 +02:00
Bernd Kuhls 7871cbbfcf package/kodi-inputstream-ffmpegdirect: bump version to 21.3.8-Omega
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-20 18:43:58 +02:00
Bernd Kuhls 2083cbc6b8 package/libcec: bump version to 7.1.0
Changelog:
https://github.com/Pulse-Eight/libcec/blob/libcec-7.1.0/debian/changelog.in

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
[Julien: switch changelog link to use the tag]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-20 18:41:08 +02:00
Bernd Kuhls 91967008a5 package/fetchmail: bump version to 6.5.4
Release notes:
https://sourceforge.net/p/fetchmail/mailman/message/59196377/

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-20 18:38:15 +02:00
José Luis Salvador Rufo 255fa16028 package/zfs: bump version to 2.3.3
Removed backported patch:
- 0001-fix-S_IFMT-undeclared-at-statx_c.patch
Merged upstream in:
https://github.com/openzfs/zfs/commit/a2593c16101dc551454a641a5a42f195ef34f393

For release note, see:
https://github.com/openzfs/zfs/releases/tag/zfs-2.3.3

Signed-off-by: José Luis Salvador Rufo <salvador.joseluis@gmail.com>
[Julien: add link to upstream commit of the removed patch]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-20 18:36:02 +02:00
Giulio Benetti 477a0cad13 package/libnss: bump version to 3.113
For release note, see:
https://hg-edge.mozilla.org/projects/nss/file/tip/doc/rst/releases/nss_3_113.rst

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-20 18:32:11 +02:00
Giulio Benetti fdef1a10eb docs/website/support.html: add Benetti Engineering to the commercial support list
As Benetti Engineering I keep contributing since 8 years more or less on
many packages and I've learnt a lot by joining this community. Most of all
I've received precious reviews from maintainers of today and yesterday.
Also, finally I've found some time to create my company logo and so let's
add Benetti Engineering to commercial support using LinkedIn page as
placeholder until the final website will be ready.

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Acked-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-20 18:28:44 +02:00
Giulio Benetti 0233c854b1 package/libblockdev: security bump to version 3.3.1
This version fixes CVE-2025-6019, see:
https://github.com/storaged-project/libblockdev/blob/3.3.1/NEWS.rst

Fixes:
https://www.cve.org/CVERecord?id=CVE-2025-6019

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
[Julien: add link to CVE]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-20 01:22:53 +02:00
Romain Naour e374ae03b5 package/squashfs: update URL to source archive after Github changes
The squashfs 4.6.1 archive hash has been changed suddenly two weeks
ago by Github without any intended changes from the squashfs maintainer
[1].

The orginal squashfs 4.6.1 archive has been manually uploaded again.

Update the URL to download the archive that match the expected hash.

Since we don't use the github download helper anymore, the squashfs
archive name is changed from squashfs-4.6.1.tar.gz to
squashfs-tools-4.6.1.tar.gz.

Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/10355448207
(and many more...)

See:
[1] https://github.com/plougher/squashfs-tools/issues/313

Signed-off-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-19 20:50:59 +02:00
Gwenhael Goavec-Merou 6cf4f6cdb6 package/gqrx: bump version to 2.17.7
For v2.17.7 release note, see:
https://github.com/gqrx-sdr/gqrx/releases/tag/v2.17.7

For all other release notes since 2.15.9, see:
https://github.com/gqrx-sdr/gqrx/releases

This commit also updates the LICENSE-CTK hash after minor
reformatting in commit [1].

[1] https://github.com/gqrx-sdr/gqrx/commit/9857b1b89f38ed77e6b9bd0525e7dd978eda59fa

Signed-off-by: Gwenhael Goavec-Merou <gwenhael.goavec-merou@trabucayre.com>
[Julien:
 - add links to release notes in commit log
 - sort _CONF_OPTS alphabetically in gqrx.mk
 - fix LICENSE-CTK hash
]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-19 20:43:46 +02:00
Maxime Leroy cb5d3daf64 package/grout: bump to 0.10.3 version
See the release note of the new version:
https://github.com/DPDK/grout/releases/tag/v0.10.3

Locale is not needed anymore for this new version, thus comment on
BR2_GENERATE_LOCALE has been removed in consequence.

Signed-off-by: Maxime Leroy <maxime@leroys.fr>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-18 22:21:29 +02:00
Gwenhael Goavec-Merou 2bf66daeea package/gr-osmosdr: bump version to 0.2.6
Signed-off-by: Gwenhael Goavec-Merou <gwenhael.goavec-merou@trabucayre.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-18 22:18:43 +02:00
Gwenhael Goavec-Merou 8698ee39c6 package/gnuradio: bump version to 3.10.12.0
For release announce, see:
https://lists.gnu.org/archive/html/discuss-gnuradio/2025-02/msg00027.html

Signed-off-by: Gwenhael Goavec-Merou <gwenhael.goavec-merou@trabucayre.com>
[Julien: add link to release announce]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-18 22:18:43 +02:00
Bernd Kuhls 09f6aa642d package/clamav: security bump version to 1.0.9
Fixes CVE-2025-20260:
"The code flaw was present prior to version 1.0.0, but a change in
 version 1.0.0 that enables larger allocations based on untrusted data
 made it possible to trigger this bug."
https://blog.clamav.net/2025/06/clamav-143-and-109-security-patch.html

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-18 22:17:13 +02:00
Bernd Kuhls a65223d7b2 package/intel-vpl-gpu-rt: bump version to 25.2.5
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-18 22:15:41 +02:00
Bernd Kuhls a71692b7e0 package/intel-mediadriver: bump version to 25.2.5
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-18 22:15:41 +02:00
Bernd Kuhls db0c48f41a package/ccache: bump version to 4.11.3
Release notes: https://ccache.dev/releasenotes.html#_ccache_4_11_3

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-18 22:14:40 +02:00
Bernd Kuhls f1adb7952d package/mjpg-streamer: bump version to v1.0.0-1-g310b29f4
Add fix to build with cmake 4.x.

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
[Julien: use "git describe --tags --abbrev=40" format in _VERSION]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-18 22:11:05 +02:00
Bernd Kuhls 4da169b03e package/libplatform: bump version
Removed patch which is included in this release:
https://github.com/Pulse-Eight/platform/commit/e48db06c64613ac76c820511da95228bcd072f64

Use upstream-provided license file:
https://github.com/Pulse-Eight/platform/commit/92220248b11c43a80105567dbb074c5f30b04029

This bump includes compatibility with cmake 4.x:
https://github.com/Pulse-Eight/platform/commit/d7faed1c696b1a6a67f114a63a0f4c085f0f9195

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
[Julien: remove patch entry in .checkpackageignore]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-18 22:09:22 +02:00
Bernd Kuhls 6e2b109e96 package/rapidjson: bump version
This bump includes compatibility with cmake 4.x:
https://github.com/Tencent/rapidjson/commit/ebd87cb468fb4cb060b37e579718c4a4125416c1

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-18 22:07:48 +02:00
Bernd Kuhls 03be706382 package/lpac: needs libqmi for optional support of libqrtr-glib
Buildroot commit dad998a807 added this
package but forgot to select libqmi for optional support of libqrtr-glib.

Fixes:
https://autobuild.buildroot.net/results/95e/95e30d1031912efa200edb9c7b926a31f0abe32f/

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-18 22:05:00 +02:00
Bernd Kuhls ff23147650 package/stellarium: bump version to 25.1
Release notes:
https://stellarium.org/release/2025/03/23/stellarium-25.1.html
https://stellarium.org/release/2024/12/22/stellarium-24.4.html

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-17 22:13:19 +02:00
Marcin Niestroj 31fb707f33 package/python-iniconfig: bump to 2.1.0
See [1] for changelog.

This commit also updates the LICENSE hash, due to minor reformatting.
See [2].

[1] https://github.com/pytest-dev/iniconfig/blob/v2.1.0/CHANGELOG
[2] https://github.com/pytest-dev/iniconfig/commit/f81ae0314363f35e36e01926a3a87d67eea50c39

Signed-off-by: Marcin Niestroj <m.niestroj@grinn-global.com>
[Julien:
 - update changelog link to use tag
 - fix LICENCE hash
]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-17 22:05:30 +02:00
Marcin Niestroj d3463f4129 package/python-dbus-fast: bump to 2.44.1
See [1] for changelog.

[1] https://github.com/Bluetooth-Devices/dbus-fast/blob/v2.44.1/CHANGELOG.md

Signed-off-by: Marcin Niestroj <m.niestroj@grinn-global.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-17 21:51:33 +02:00
Fiona Klute (WIWA) 0c2aa35fbe package/libndp: fix build with GCC 14 and musl
Patch has been pending upstream for a while [1], Alpine has merged an
older version that includes some whitespace damage but is functionally
equivalent.

[1] https://github.com/jpirko/libndp/pull/29

Signed-off-by: Fiona Klute (WIWA) <fiona.klute@gmx.de>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-17 21:41:49 +02:00
Gwenhael Goavec-Merou 14ce0d2e6e package/python-remi: bump to master commit and fixes build failure
REMI hasn't received new release since July 2022 and is currently broken
with error:

Traceback (most recent call last):
  File "<string>", line 26, in <module>
  File "/workdir/instance-0/output-1/host/lib/python3.13/site-packages/setuptools/__init__.py", line 116, in setup
    _install_setup_requires(attrs)
    ~~~~~~~~~~~~~~~~~~~~~~~^^^^^^^
  File "/workdir/instance-0/output-1/host/lib/python3.13/site-packages/setuptools/__init__.py", line 89, in _install_setup_requires
    _fetch_build_eggs(dist)
    ~~~~~~~~~~~~~~~~~^^^^^^
  File "/workdir/instance-0/output-1/host/lib/python3.13/site-packages/setuptools/__init__.py", line 94, in _fetch_build_eggs
    dist.fetch_build_eggs(dist.setup_requires)
    ~~~~~~~~~~~~~~~~~~~~~^^^^^^^^^^^^^^^^^^^^^
  File "/workdir/instance-0/output-1/host/lib/python3.13/site-packages/setuptools/build_meta.py", line 80, in fetch_build_eggs
    raise SetupRequirementsError(specifier_list)
setuptools.build_meta.SetupRequirementsError: ['setuptools_scm']

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/workdir/instance-0/output-1/host/lib/python3.13/site-packages/pyproject_hooks/_in_process/_in_process.py", line 389, in <module>
    main()
    ~~~~^^
  File "/workdir/instance-0/output-1/host/lib/python3.13/site-packages/pyproject_hooks/_in_process/_in_process.py", line 373, in main
    json_out["return_val"] = hook(**hook_input["kwargs"])
                             ~~~~^^^^^^^^^^^^^^^^^^^^^^^^
  File "/workdir/instance-0/output-1/host/lib/python3.13/site-packages/pyproject_hooks/_in_process/_in_process.py", line 143, in get_requires_for_build_wheel
    return hook(config_settings)
  File "/workdir/instance-0/output-1/host/lib/python3.13/site-packages/setuptools/build_meta.py", line 331, in get_requires_for_build_wheel
    return self._get_build_requires(config_settings, requirements=[])
           ~~~~~~~~~~~~~~~~~~~~~~~~^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/workdir/instance-0/output-1/host/lib/python3.13/site-packages/setuptools/build_meta.py", line 301, in _get_build_requires
    self.run_setup()
    ~~~~~~~~~~~~~~^^
  File "/workdir/instance-0/output-1/host/lib/python3.13/site-packages/setuptools/build_meta.py", line 512, in run_setup
    super().run_setup(setup_script=setup_script)
    ~~~~~~~~~~~~~~~~~^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/workdir/instance-0/output-1/host/lib/python3.13/site-packages/setuptools/build_meta.py", line 317, in run_setup
    exec(code, locals())
    ~~~~^^^^^^^^^^^^^^^^
  File "<string>", line 31, in <module>
  File "/workdir/instance-0/output-1/host/lib/python3.13/site-packages/setuptools/__init__.py", line 117, in setup
    return distutils.core.setup(**attrs)
           ~~~~~~~~~~~~~~~~~~~~^^^^^^^^^
  File "/workdir/instance-0/output-1/host/lib/python3.13/site-packages/setuptools/_distutils/core.py", line 148, in setup
    _setup_distribution = dist = klass(attrs)
                                 ~~~~~^^^^^^^
  File "/workdir/instance-0/output-1/host/lib/python3.13/site-packages/setuptools/dist.py", line 323, in __init__
    _Distribution.__init__(self, dist_attrs)
    ~~~~~~~~~~~~~~~~~~~~~~^^^^^^^^^^^^^^^^^^
  File "/workdir/instance-0/output-1/host/lib/python3.13/site-packages/setuptools/_distutils/dist.py", line 309, in __init__
    self.finalize_options()
    ~~~~~~~~~~~~~~~~~~~~~^^
  File "/workdir/instance-0/output-1/host/lib/python3.13/site-packages/setuptools/dist.py", line 786, in finalize_options
    ep(self)
    ~~^^^^^^
  File "/workdir/instance-0/output-1/host/lib/python3.13/site-packages/setuptools/dist.py", line 806, in _finalize_setup_keywords
    ep.load()(self, ep.name, value)
    ~~~~~~~~~^^^^^^^^^^^^^^^^^^^^^^
  File "/workdir/instance-0/output-1/host/lib/python3.13/site-packages/setuptools_scm/_integration/setuptools.py", line 82, in version_keyword
    assert isinstance(value, dict), "version_keyword expects a dict or True"
           ~~~~~~~~~~^^^^^^^^^^^^^
AssertionError: version_keyword expects a dict or True

ERROR Backend subprocess exited when trying to invoke get_requires_for_build_wheel
make: *** [package/pkg-generic.mk:273: /workdir/instance-0/output-1/build/python-remi-2022.7.27/.stamp_built] Error 1
make: Leaving directory '/workdir/instance-0/buildroot'

Since last release code has been corrected and now build end
successfully.

Another issue with remi is related to python CGI library no more available with
python 3.13. This patch also updates Config.in to add a select BR2_PACKAGE_PYTHON_LEGACY_CGI

This commit also updates the LICENSE file hash, because line ending
changed from "CR-LF" (Windows) in old release archive to "LF" (Unix)
in the github download. Apart from that, the content is the same.

Fixes:
- https://autobuild.buildroot.org/results/f0409533ebdc31e522f2ee2ea8a5acc11dbc7430/
- https://autobuild.buildroot.org/results/a16cf5105d4b726b5d4136a2d8f82abcfdc0faba/
- https://autobuild.buildroot.org/results/e7ac28e20ad92863d337e96c225463346ee6c690/

Signed-off-by: Gwenhael Goavec-Merou <gwenhael.goavec-merou@trabucayre.com>
[Julien:
 - use "git describe --abbrev=40" format in _VERSION
 - fix LICENSE hash
]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-17 21:26:30 +02:00
Dario Binacchi c8ddc2a326 package/ufs-utils: bump to version 6.14.11
Release notes:
https://github.com/SanDisk-Open-Source/ufs-utils/releases/tag/v6.14.11

Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-17 21:10:48 +02:00
Neal Frager 4ad9c49ec8 board/zynqmp: add custom board documentation
The readme.txt file for zynqmp boards does not have documentation for working
with custom boards.  This patch adds documentation for custom board support.

Signed-off-by: Neal Frager <neal.frager@amd.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-17 21:06:27 +02:00
Neal Frager c6c559aaee board/zynq: update custom board documentation
The readme.txt file for zynq boards has some outdated information for the
custom board section.  The custom ps7_init_gpl.c is now defined by
CONFIG_XILINX_PS_INIT_FILE and Buildroot always puts the Xilinx u-boot builds
in the output/build/uboot-custom directory.

This patch updates the instructions in the readme.txt file accordingly.

Signed-off-by: Neal Frager <neal.frager@amd.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-17 21:06:21 +02:00
Neal Frager c1ed04aa0b board/versal: add custom board documentation
The readme.txt file for versal boards does not have documentation for working
with custom boards.  This patch adds documentation for custom board support.

Signed-off-by: Neal Frager <neal.frager@amd.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-17 21:06:14 +02:00
Bernd Kuhls 98cf601d0f package/flatbuffers: bump version to 25.2.10
Release notes:
https://github.com/google/flatbuffers/releases/tag/v25.2.10
https://github.com/google/flatbuffers/releases/tag/v25.1.24
https://github.com/google/flatbuffers/releases/tag/v25.1.21

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-17 20:58:31 +02:00
Bernd Kuhls 49acad9f17 package/lcms2: bump version to 2.17
Release notes: https://littlecms.com/blog/2025/02/08/lcms2-2.17/

Switched _SITE to https.

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-17 20:58:31 +02:00
Bernd Kuhls 7768469826 package/libass: bump version to 0.17.4
Release notes: https://github.com/libass/libass/releases/tag/0.17.4

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-17 20:58:31 +02:00
Bernd Kuhls 55a4c00d73 package/perl-net-dns: bump version to 1.50
Changelog: https://metacpan.org/release/NLNETLABS/Net-DNS-1.50/source/Changes

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
[Julien: update changelog link to use permalink]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-17 20:58:31 +02:00
Bernd Kuhls 0e117dd52c package/perl-uri: bump version to 5.32
Changelog: https://github.com/libwww-perl/URI/blob/v5.32/Changes

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
[Julien: update changelog link to use tag]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-17 20:58:31 +02:00
Fiona Klute (WIWA) 0b5ad8157a package/libglib2: security bump version to 2.84.3
Fixes CVE-2025-6052, see [1] (backport of "gstring: Fix overflow check
when expanding the string" [2] to the stable 2.84 series).

Release note:
https://gitlab.gnome.org/GNOME/glib/-/releases/2.84.3

Fixes:
https://www.cve.org/CVERecord?id=CVE-2025-6052

[1] https://gitlab.gnome.org/GNOME/glib/-/merge_requests/4656
[2] https://gitlab.gnome.org/GNOME/glib/-/merge_requests/4655

Signed-off-by: Fiona Klute (WIWA) <fiona.klute@gmx.de>
[Julien: add link to CVE and release note]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-17 20:51:50 +02:00
Francois Perrad 949122bdf0 package/luarocks: bump to version 3.12.0
For change log, see:
https://github.com/luarocks/luarocks/blob/v3.12.0/CHANGELOG.md

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
[Julien: add link to change log]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-16 23:56:06 +02:00
Giulio Benetti a97e463f33 package/esp-hosted: fix build with Linux 6.15
Add local patch committed upstream to fix building Linux 6.15.

Fixes:
https://autobuild.buildroot.org/results/8cb7f1654b2bc5aa5dbcc5fc1474a4eebcdae8b2/
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-16 23:53:02 +02:00
Flávio Tapajós 28d25e6087 package/rsyslog: bump version to 8.2506.0
Release announce:
https://www.adiscon.com/rsyslog/rsyslog-8-2506-0-released/

Changelog:
https://github.com/rsyslog/rsyslog/blob/v8.2506.0/ChangeLog

Signed-off-by: Flávio Tapajós <flavio.tapajos@newtesc.com.br>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-16 23:04:48 +02:00
Bernd Kuhls 93b40835db package/tvheadend: bump version
Updated license hash due to upstream commit:
https://github.com/tvheadend/tvheadend/commit/0eea8a59f0834e2a3babdd8028c02509428a097c

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-16 22:57:32 +02:00
Marcus Hoffmann 4a085462e4 package/ca-certificates: bump to 20250419
Changelog: https://metadata.ftp-master.debian.org/changelogs//main/c/ca-certificates/ca-certificates_20250419_changelog

Signed-off-by: Marcus Hoffmann <buildroot@bubu1.eu>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-16 22:40:30 +02:00
Marcus Hoffmann 3ca213eadb package/python-pydantic: bump to 2.11.7
Changelog: https://docs.pydantic.dev/latest/changelog/#v2117-2025-06-14

Signed-off-by: Marcus Hoffmann <buildroot@bubu1.eu>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-16 22:22:24 +02:00
Gwenhael Goavec-Merou 94ca658661 package/volk: bump to 3.2.0
Release announce:
https://www.libvolk.org/release-v320.html

Signed-off-by: Gwenhael Goavec-Merou <gwenhael.goavec-merou@trabucayre.com>
[Julien: add link to release announce]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-16 22:13:47 +02:00
Petr Vorel c967602d27 package/ltp-testsuite: bump version to 20250530
Changelog: https://github.com/linux-test-project/ltp/releases/tag/20250530

Signed-off-by: Petr Vorel <petr.vorel@gmail.com>
[Julien: add link to change log]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-15 23:40:09 +02:00
Petr Vorel c1a87ee62c package/ltp-testsuite: keep rt_tgsigqueueinfo01.c for musl
rt_tgsigqueueinfo01.c compilation has been fixed in 20250130, don't
needed to be removed any more.

Fixes: 2bbcda7c0e ("package/ltp-testsuite: bump version to 20250130")
Signed-off-by: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-15 23:36:41 +02:00
Heiko Thiery 917ed944ed package/python-yamllint: bump version to 1.37.1
Upstream changelog:
https://github.com/adrienverge/yamllint/blob/master/CHANGELOG.rst#1371-2025-05-04

Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-15 22:54:22 +02:00
Yegor Yefremov 68c8ff2c95 package/cannelloni: bump to version 2.0.0
For change log, see:

https://github.com/mguentner/cannelloni/releases/tag/v2.0.0

Bump GCC to at least GCC 8 due to the C++20 requirement.

Add TCP protocol to the package's description.

This release also raise cmake version requirement to 3.15, which fixes
build failures with host-cmake >= 4.x.

Fixes:
https://autobuild.buildroot.org/results/87d5ab39a84c51f340875ae365d4f39439e81645/

Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
[Julien: add a commit log comment about fixes with host-cmake 4]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-15 22:48:23 +02:00
Francois Perrad 393d7e4d21 package/lua: bump to version 5.4.8
For differences with 5.4.7, see:
https://www.lua.org/work/diffs-lua-5.4.7-lua-5.4.8.html

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
[Julien: add link to diff with previous version]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-15 22:44:17 +02:00
Julien Olivain 30e4f03e90 package/z3: bump to version 4.15.1
For change log since 4.13.3, see:
https://github.com/Z3Prover/z3/blob/z3-4.15.1/RELEASE_NOTES.md#version-4151

Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-15 22:32:23 +02:00
Thomas Claveirole e2c65b455a package/openlayers: bump to version 10.5.0
For change log since 10.2.1, see:
https://github.com/openlayers/openlayers/blob/v10.5.0/changelog/

Signed-off-by: Thomas Claveirole <thomas.claveirole@green-communications.fr>
[Julien: add link to change log]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-15 22:26:44 +02:00
Thomas Claveirole e2bd1593d0 package/vuejs-router: bump to version 4.5.1
For change log since 4.4.5, see:
https://github.com/vuejs/router/blob/v4.5.1/packages/router/CHANGELOG.md

Signed-off-by: Thomas Claveirole <thomas.claveirole@green-communications.fr>
[Julien: add link to change log]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-15 22:23:26 +02:00
Thomas Claveirole c675522f55 package/vuejs: bump to version 3.5.16
For change log since 3.5.12, see:
https://github.com/vuejs/core/blob/v3.5.16/CHANGELOG.md

Signed-off-by: Thomas Claveirole <thomas.claveirole@green-communications.fr>
[Julien: add link to change log]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-15 22:22:01 +02:00
Bernd Kuhls a86fd0f0a0 package/cmake: bump version to 3.31.8
Release notes:
https://www.kitware.com/cmake-3-31-6-available-for-download/
https://www.kitware.com/cmake-3-31-7-available-for-download/
https://www.kitware.com/cmake-3-31-8-available-for-download/

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-15 21:51:29 +02:00
Bernd Kuhls 286d85d7c4 package/samba4: bump version to 4.22.2
Release notes:
https://www.samba.org/samba/history/samba-4.22.2.html
https://www.samba.org/samba/history/samba-4.22.1.html
https://www.samba.org/samba/history/samba-4.22.0.html

Rebased patch 0001 due to upstream commit
https://github.com/samba-team/samba/commit/4dbbfcb00401d7a797154c812587bfe2dda0aea1

An import of the host-python ssl module was added to wscript with commit
https://github.com/samba-team/samba/commit/549f67a9e655149b1ede7e2858836cb7811cc78c
Select BR2_PACKAGE_HOST_PYTHON3_SSL to provide the new dependency.

Note: the 4.22.2 release note mention a security fix
for CVE-2025-0620. This commit is not marked as a security bump
because this CVE was addressed in a previous Buildroot commit
updating samba4 to version 4.21.6, which also contain this fix.

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
[Julien:
 - add a note explaining why this commit is not a security bump
 - add "select BR2_PACKAGE_HOST_PYTHON3" in Config.in
]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-15 19:19:54 +02:00
Bernd Kuhls cae9a45e55 package/samba4: security bump version to 4.21.6
Release notes:
https://www.samba.org/samba/history/samba-4.21.5.html
https://www.samba.org/samba/history/samba-4.21.6.html

Version 4.21.6 fixes CVE-2025-0620:
https://www.samba.org/samba/security/CVE-2025-0620.html

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-15 19:10:22 +02:00
Marcus Hoffmann 15996bc4ff package/python-requests: update project homepage
http://www.python-requests.org/ is dead, the project lives on
https://requests.readthedocs.io/ now.

Signed-off-by: Marcus Hoffmann <buildroot@bubu1.eu>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-15 17:40:16 +02:00
Marcus Hoffmann aefdca1e5c package/python-requests: security bump to 2.32.4
Fixes: CVE-2024-47081
  Fixed an issue where a maliciously crafted URL and
  trusted environment will retrieve credentials for
  the wrong hostname/machine from a netrc file.

Release notes: https://github.com/psf/requests/releases/tag/v2.32.4

Signed-off-by: Marcus Hoffmann <buildroot@bubu1.eu>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-15 17:39:29 +02:00
Marcus Hoffmann 301587f5ef package/python-django: security bump to 5.2.3
Followup release to 5.2.2 that completes the mitigations for
CVE-2025-48432[1].

Full changelog: https://docs.djangoproject.com/en/5.2/releases/5.2.3/

[1] https://www.djangoproject.com/weblog/2025/jun/10/bugfix-releases/

Signed-off-by: Marcus Hoffmann <buildroot@bubu1.eu>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-15 17:21:06 +02:00
Bernd Kuhls 15671d3476 package/intel-vpl-gpu-rt: bump version to 25.2.4
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-15 16:55:16 +02:00
Bernd Kuhls 0a79654536 package/intel-mediadriver: bump version to 25.2.4
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-15 16:54:35 +02:00
Bernd Kuhls 1b4b429e89 package/php: bump version to 8.3.22
Changelog: https://www.php.net/ChangeLog-8.php#8.3.22

Release notes:
https://news-web.php.net/php.announce/460

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-15 16:22:46 +02:00
Bernd Kuhls 52d06dadce package/libdrm: bump version to 2.4.125
Release notes:
https://lists.x.org/archives/xorg-announce/2025-June/003606.html

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-15 15:35:11 +02:00
Scott Fan 457a785f3f package/timescaledb: bump version to 2.20.3
Release notes: https://github.com/timescale/timescaledb/blob/2.20.3/CHANGELOG.md

Signed-off-by: Scott Fan <fancp2007@gmail.com>
Reviewed-by: Maxim Kochetkov <fido_max@inbox.ru>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-15 15:28:46 +02:00
Marcus Hoffmann ddf8f81e84 package/python-pydantic: bump to 2.11.6
Changelog: https://docs.pydantic.dev/latest/changelog/#v2116-2025-06-13

Signed-off-by: Marcus Hoffmann <buildroot@bubu1.eu>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-15 15:20:11 +02:00
Bernd Kuhls 1b5f8d04c8 package/dht: fix cmake4 compatibility
The only dependee of dht, transmission, forked dht due to upstream
rejection of cmake support:
https://github.com/jech/dht/pull/50
https://github.com/jech/dht/pull/19

A fix was added to this fork for building with cmake 4.x:
https://github.com/transmission/dht/commits/post-0.27-transmission/

Instead of adding yet another patch to buildroot we switch to the repo
maintained by transmission.

Fixes:
https://autobuild.buildroot.org/results/30339a4fdb9c0b608ca3c5ae0692596b21b2fc3f/

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
[Julien: use "git describe --abbrev=40" format in _VERSION]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-15 13:40:19 +02:00
Bernd Kuhls 124273addb package/kodi-pvr-waipu: bump version to 21.12.0-Omega
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-15 13:26:07 +02:00
Bernd Kuhls dbe45c7ff1 package/kodi-pvr-waipu: bump version to 21.11.2-Omega
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-15 13:20:03 +02:00
Bernd Kuhls dcaab1d07d package/xmrig: bump version to 6.22.3
Changelog: https://github.com/xmrig/xmrig/blob/v6.22.3/CHANGELOG.md

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
[Julien: modified change log URL to use release tag]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-15 13:15:18 +02:00
Bernd Kuhls 2aea00d782 package/fetchmail: bump version to 6.5.3
Release announce:
https://sourceforge.net/p/fetchmail/mailman/message/59193648/

Updated license hash due to copyright year bump:
https://sourceforge.net/p/fetchmail/git/ci/62a11ca4064e5b59e57ca7a8fce08c82af259731/

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
[Julien: add link to release announce]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-15 13:05:06 +02:00
Bernd Kuhls f2a4e7f7ad package/znc: bump version to 1.10.0
Release notes: https://github.com/znc/znc/blob/znc-1.10.0/ChangeLog.md

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
[Julien: modified change log URL to use release tag]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-15 13:00:29 +02:00
Bernd Kuhls 760412d4bf package/dtv-scan-tables: bump version
Changelog:
https://git.linuxtv.org/dtv-scan-tables.git/log/

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
[Julien: add link to git change log]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-15 12:54:58 +02:00
Bernd Kuhls 01ce4c9f01 package/libpng: bump version to 1.6.49
Release notes:
https://raw.githubusercontent.com/pnggroup/libpng/v1.6.49/ANNOUNCE

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-15 12:43:18 +02:00
Bernd Kuhls 95c086dc46 package/nano: bump to version 8.5
Changelog: https://www.nano-editor.org/dist/v8/ChangeLog

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-15 12:38:03 +02:00
Bernd Kuhls 27a38cbcad package/python-glslang: fix host-python3 dependency
python-glslang is a host-only package and the host-python3 dependency
was wrongly added as target dependency with buildroot commit
f9fe0cf8f6.

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-15 12:31:56 +02:00
Bernd Kuhls 6586a2b165 package/libebur128: remove package
libebur128 was added to buildroot in July 2016 with commit
a32d29cd84 to provide an external
dependency for ffmpeg.

ffmpeg removed this external dependency and switched to an internal
version in November 2016 with upstream commit
http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=005d058f4230f3207ebcf1131df7426d4f57392f
which was first included in ffmpeg version 3.3.

Buildroot bumped ffmpeg to version 3.3 in April 2017 with commit
21d93a1351 and forgot to remove the
dependency to libebur128.

This went unnoticed until libebur128 fails to build with cmake 4.x.
Upstream saw its last commit four years ago. Instead of fixing an
unused package we removed it from buildroot.

Fixes:
https://autobuild.buildroot.org/results/e629bd151cc539f01b909e44d07e17451a29ba27/

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-15 12:22:14 +02:00
Bernd Kuhls 7139ffaf06 package/bcg729: bump version to 1.1.1-3-g8bec1e5fc
This bump includes three patches which were added since version 1.1.1
to the cmake files:
https://github.com/BelledonneCommunications/bcg729/commits/master/

One of them fixes build errors with cmake 4.x:
https://github.com/BelledonneCommunications/bcg729/commit/e29952e7ceff64de6fc6f8db43e3b326481280be#diff-1e7de1ae2d059d21e1dd75d5812d5a34b0222cef273b7c3a2af62eb747f9d20aL23-L81

Fixes:
https://autobuild.buildroot.net/results/118/118349d20eae2dccdadab949065f6bc6471c825e/

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
[Julien: use "git describe --abbrev=40" format in _VERSION]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-15 12:14:10 +02:00
Neal Frager 8ebb1c3edc boot/xilinx-embeddedsw: add comment dependencies
Since the comment about the xilinx-embeddedsw package needing a bare-metal
toolchain was moved to the start of the Config.in file, it is now printing
in make menuconfig for virtually all defconfigs.

By adding the same dependencies as the xilinx-embeddedsw package, the
comment will appear only when the xilinx-embeddedsw package is actually
selectable.

Signed-off-by: Neal Frager <neal.frager@amd.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-15 11:55:50 +02:00
Neal Frager fb2b16f208 board/xilinx/linux_6.12: rename dir to linux_6.12.10
The following patch is specific to the Xilinx Linux 6.12.10 release, and will
not apply to all Linux 6.12 releases.  Starting with the next release based on
Linux 6.12.30, this patch will already be included.

For this reason, it is better to change the directory name to linux_6.12.10,
so that it is clear that it is only to be used with the Xilinx 2025.1 release
based on Linux 6.12.10 and not future Linux 6.12 releases.

So this patch moves:
board/xilinx/linux_6.12/patches/linux/0001-include-uapi-linux-xlnx-ai-engine.h-fix-CONFIG_XILIN.patch
to:
board/xilinx/linux_6.12.10/patches/linux/0001-include-uapi-linux-xlnx-ai-engine.h-fix-CONFIG_XILIN.patch

Signed-off-by: Neal Frager <neal.frager@amd.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-15 11:33:39 +02:00
Neal Frager 92f23ce83a package/bootgen: fix path to local FlexLexer.h
With bootgen xilinx_v2025.1, the local FlexLexer.h file is not in the same
directory as the cpp files including it, so the previous patch used to solve
the issue below needs to be updated to find the local FlexLexer.h which is in
the win_include directory of bootgen version xilinx_v2025.1.
See upstream commit [1].

So this patch corrects the path for including the local FlexLexer.h header for
fixing the below issue.

Bootgen embeds an old version of flex, but uses the system include syntax
(#include <>) to reference it, causing conflicts on systems with the
development headers for a modern flex version installed, leading to build
issues like:

../bisonflex/bif.yy.cpp: In member function 'virtual int BIF::FlexScanner::yylex()':
../bisonflex/bif.yy.cpp:1608:18: error: no match for 'operator=' (operand types are 'std::istream' {aka 'std::basic_istream'} and 'std::istream*' {aka 'std::basic_istream*'})

This build failure can also happen if the host-flex Buildroot package
is built before host-bootgen.

The failure can be reproduced, in the Buildroot docker reference image
with the commands:

    utils/docker-run
    make versal_vck190_defconfig
    make host-flex host-bootgen

Fix it by using normal local #include statements by:

sed -i 's/<FlexLexer.h>/"../win_include/FlexLexer.h"/g' *

Fixes: https://autobuild.buildroot.org/results/60220f94cca1bcca5667afcb2acffb5aacae048b

[1] https://github.com/Xilinx/bootgen/commit/86b862096bcbdb45d4ce1504ecfe90fb29f318a5#diff-0d754a86508dc8a894b72796966f332c0316942c5d5ab42ae6a0766dcfcb52dc

Signed-off-by: Neal Frager <neal.frager@amd.com>
[Julien: add extra info in commit log]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-15 11:29:03 +02:00
Bernd Kuhls a5c8736485 package/llvm-project: bump to version 20.1.7
For release announces since 20.1.5, see:
20.1.6: https://discourse.llvm.org/t/llvm-20-1-6-released/86598
20.1.7: https://discourse.llvm.org/t/llvm-20-1-7-released/86855

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
[Julien: add links to release announces]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-14 23:04:21 +02:00
Yann E. MORIN 9cfaccee78 package/docker-credential-gcr: add LICENSE hash
The hash has for the license file been missing since the package was
introduced in commit 992d43b373 (package/docker-credential-gcr: new
package).

Add it now.

Signed-off-by: Yann E. MORIN <yann.morin@orange.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-13 23:33:45 +02:00
Yann E. MORIN d1dff142a1 package/docker-credential-acr-env: add LICENSE hash
The hash has for the license file been missing since the package was
introduced in commit e679cd4974 (package/docker-credential-acr-env:
new package)

Add it now.

Signed-off-by: Yann E. MORIN <yann.morin@orange.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-13 23:33:41 +02:00
Yann E. MORIN 36b0bf1f29 package/amazon-ecr-credential-helper: add LICENSE hash
The hash has for the license file been missing since the package was
introduced in commit 9a95806225 (package/amazon-ecr-credential-helper:
new package).

Add it now.

Signed-off-by: Yann E. MORIN <yann.morin@orange.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-13 23:33:37 +02:00
Alex Bennée c7f3ea0e1a package/{mesa3d, mesa3d-headers}: bump version to 25.1.3
For the release announces since 25.1.1, see:
25.1.2: https://lists.freedesktop.org/archives/mesa-announce/2025-June/000806.html
25.1.3: https://lists.freedesktop.org/archives/mesa-announce/2025-June/000807.html

Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
[Julien: add links to release announces]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-13 23:13:00 +02:00
Peter Korsgaard 9aff5cb697 package/mesa3d: clarify MESA3D_OPENCL dependencies
Commit fc7c7d74aa ("package/mesa3d: add RustiCL support") extended the
BR2_PACKAGE_MESA3D_OPENCL dependencies to include
BR2_PACKAGE_HOST_RUSTC_TARGET_ARCH_SUPPORTS &&
BR2_PACKAGE_MESA3D_RUSTICL_SUPPORTED_DRIVER) as an alternative provider.

This is correct as in the kconfig language && has a higher priority than ||,
E.G. A || B || C && D is parsed as A || B || (C && D)

https://docs.kernel.org/kbuild/kconfig-language.html#menu-dependencies

But it is somehat unclear, so add a parenthesis for clarity.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-13 23:13:00 +02:00
Bernd Kuhls d02a1239a5 package/linux-headers: drop 6.14.x option
The 6.14.x series is now EOL upstream, so drop the linux-headers
option and add legacy handling for it.

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-12 22:54:20 +02:00
Bernd Kuhls eac26f1ac0 linux: bump latest version to 6.15
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-12 22:54:17 +02:00
Bernd Kuhls a4450546dd {toolchain, linux-headers}: add support for 6.15 headers
And add (and default to) 6.15 to linux-headers.

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-12 22:54:12 +02:00
Bernd Kuhls 3a00ac13d8 {linux, linux-headers}: bump 6.{12, 14}.x series
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-12 22:54:08 +02:00
Peter Korsgaard ac53ade192 Merge branch 'next'
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-06-12 09:59:11 +02:00
Yann E. MORIN f23c810176 package/gpsd: backport upstream fixes
Back port four upstream fixes for those issues:

  - gpsprof could not log or dump GNSS messages; gpsprof is useful
    to calbrate a GNSS receiver, especially when building a static
    RTK base;

  - the JSON blurb reported by gpsd was sometimes broken, causing
    decoding errors in clients;

  - the detection of 64-bit time on 32-bit systems was borked;

  - UDP mode was borked;

The runtime test is extended to test all known transports: TCP, UDP,
and PTY.

Signed-off-by: Yann E. MORIN <yann.morin@orange.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-11 00:02:54 +02:00
Neal Frager 47f4e3810c configs/versal_*: move to external Bootlin stable toolchain
This moves the versal defconfigs to the Bootlin glibc stable external toolchain
as per[1].

[1]: https://elinux.org/Buildroot:DeveloperDaysELCE2024#Rules_for_defconfigs

This patch has been run-tested on the vek280 evaluation board.

Signed-off-by: Neal Frager <neal.frager@amd.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-10 23:49:53 +02:00
Neal Frager dd3ef91486 configs/zynq_*: move to external Bootlin stable toolchain
This moves the zynq defconfigs to the Bootlin glibc stable external toolchain
as per[1].

[1]: https://elinux.org/Buildroot:DeveloperDaysELCE2024#Rules_for_defconfigs

This patch has been run-tested on the zc702 evaluation board.

Signed-off-by: Neal Frager <neal.frager@amd.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-10 23:49:48 +02:00
Neal Frager 4e0ce46594 configs/zynqmp_*: move to external Bootlin stable toolchain
This moves the zynqmp defconfigs to the Bootlin glibc stable external toolchain
as per[1].

[1]: https://elinux.org/Buildroot:DeveloperDaysELCE2024#Rules_for_defconfigs

This patch has been run-tested on the zcu106 evaluation board.
This patch has been run-tested on the kv260 starter kit.

Signed-off-by: Neal Frager <neal.frager@amd.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-10 23:49:43 +02:00
Neal Frager ac35596c5a boot/xilinx-embeddedsw: bump default to xilinx_v2025.1
Now that all zynqmp and versal defconfigs have bumped to version
xilinx_v2025.1, the xilinx-embeddedsw default version can also be bumped
to xilinx_v2025.1.

Signed-off-by: Neal Frager <neal.frager@amd.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-10 23:49:38 +02:00
Peter Korsgaard fa3549dca7 Kickoff 2025.08 cycle
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-06-09 22:45:29 +02:00
Peter Korsgaard c32f8a99bb docs/website/news.html: add 2025.05 announcement link
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-06-09 22:43:39 +02:00
Peter Korsgaard fcde5363aa pdate for 2025.05
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-06-09 22:21:47 +02:00
Neal Frager e136bb9fa0 boot/xilinx-prebuilt: bump default to xilinx_v2025.1
Now that all versal defconfigs have been bumped to xilinx_v2025.1, this patch
bumps the xilinx-prebuilt default version to xilinx_v2025.1.

Signed-off-by: Neal Frager <neal.frager@amd.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-09 21:41:50 +02:00
Neal Frager b6a1582b8e configs/versal_vpk180_defconfig: bump to xilinx-v2025.1
This patch bumps the versal_vpk180_defconfig to xilinx-v2025.1 which includes
the following updates:

- ATF v2.12
- Linux v6.12.10
- PLM xilinx_v2025.1
- PSMFW xilinx_v2025.1
- U-Boot v2025.01

The Xilinx specific Linux 6.12 patch has been added to this defconfig:
board/xilinx/linux_6.12/patches/linux/0001-include-uapi-linux-xlnx-ai-engine.h-fix-CONFIG_XILIN.patch

Signed-off-by: Neal Frager <neal.frager@amd.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-09 21:41:30 +02:00
Neal Frager d6683c6d1f configs/versal_vck190_defconfig: bump to xilinx-v2025.1
This patch bumps the versal_vck190_defconfig to xilinx-v2025.1 which includes
the following updates:

- ATF v2.12
- Linux v6.12.10
- PLM xilinx_v2025.1
- PSMFW xilinx_v2025.1
- U-Boot v2025.01

The Xilinx specific Linux 6.12 patch has been added to this defconfig:
board/xilinx/linux_6.12/patches/linux/0001-include-uapi-linux-xlnx-ai-engine.h-fix-CONFIG_XILIN.patch

Signed-off-by: Neal Frager <neal.frager@amd.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-09 21:39:20 +02:00
Neal Frager a63081b5f8 configs/versal_vek280_defconfig: bump to xilinx-v2025.1
This patch bumps the versal_vek280_defconfig to xilinx-v2025.1 which includes
the following updates:

- ATF v2.12
- Linux v6.12.10
- PLM xilinx_v2025.1
- PSMFW xilinx_v2025.1
- U-Boot v2025.01

The Xilinx specific Linux 6.12 patch has been added to this defconfig:
board/xilinx/linux_6.12/patches/linux/0001-include-uapi-linux-xlnx-ai-engine.h-fix-CONFIG_XILIN.patch

Signed-off-by: Neal Frager <neal.frager@amd.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-09 21:37:57 +02:00
Neal Frager c7cdc2c7d7 boot/xilinx-prebuilt: add support for xilinx_v2025.1
This patch adds support for version xilinx_v2025.1 without changing the
default version.  This way, the zynqmp and versal defconfigs can bump
individually from xilinx_v2024.2 to xilinx_v2025.1.

Signed-off-by: Neal Frager <neal.frager@amd.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-09 21:36:37 +02:00
Neal Frager ad327ba29e package/bootgen: Re-apply fix build on machines with modern flex
With bootgen 2025.1, the directory structure was re-done.  In the process of
doing this, the source files in the bisonflex directory lost the fix below
which had been applied on an earlier version of bootgen for the issue below.

Bootgen embeds an old version of flex, but uses the system include syntax
(#include <>) to reference it, causing conflicts on systems with the
development headers for a modern flex version installed, leading to build
issues like:

../bisonflex/bif.yy.cpp: In member function 'virtual int BIF::FlexScanner::yylex()':
../bisonflex/bif.yy.cpp:1608:18: error: no match for 'operator=' (operand types are 'std::istream' {aka 'std::basic_istream'} and 'std::istream*' {aka 'std::basic_istream*'})

Fix it by using normal local #include statements by:

sed -i 's/<FlexLexer.h>/"FlexLexer.h"/g' *

This patch re-adds the patch to fix this to buildroot.

Fixes: https://autobuild.buildroot.org/results/056384322246877253cd8d0781717ce495cbe769/
Upstream: patch submitted to AMD internal jira process

Signed-off-by: Neal Frager <neal.frager@amd.com>
Reviewed-By: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-09 21:33:14 +02:00
Neal Frager 0ef3504f49 board/zynqmp: remove zynqmp u-boot binman patches
Now that all zynqmp boards have bumped to xilinx_v2025.1, the zynqmp u-boot
binman patches can be removed.

Signed-off-by: Neal Frager <neal.frager@amd.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-09 21:31:22 +02:00
Neal Frager f2d23b3cf0 configs/zynqmp_zcu106_defconfig: bump to xilinx-v2025.1
This patch bumps the zynqmp_zcu106_defconfig to xilinx-v2025.1 which
includes the following updates:

- ATF v2.12
- Linux v6.12.10
- PMUFW xilinx_v2025.1
- U-Boot v2025.01

The Xilinx specific Linux 6.12 patch has been added to this defconfig:
board/xilinx/linux_6.12/patches/linux/0001-include-uapi-linux-xlnx-ai-engine.h-fix-CONFIG_XILIN.patch

The zynqmp specific u-boot binman patches are also included with the
xilinx-v2025.1 release tag, so these patches can also be removed.

The following patches have thus been removed from the defconfig:
board/zynqmp/patches/uboot/*

Signed-off-by: Neal Frager <neal.frager@amd.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-09 21:30:44 +02:00
Neal Frager 4b095dcf93 configs/zynqmp_zcu104_defconfig: bump to xilinx-v2025.1
This patch bumps the zynqmp_zcu104_defconfig to xilinx-v2025.1 which
includes the following updates:

- ATF v2.12
- Linux v6.12.10
- PMUFW xilinx_v2025.1
- U-Boot v2025.01

The Xilinx specific Linux 6.12 patch has been added to this defconfig:
board/xilinx/linux_6.12/patches/linux/0001-include-uapi-linux-xlnx-ai-engine.h-fix-CONFIG_XILIN.patch

The zynqmp specific u-boot binman patches are also included with the
xilinx-v2025.1 release tag, so these patches can also be removed.

The following patches have thus been removed from the defconfig:
board/zynqmp/patches/uboot/*

Signed-off-by: Neal Frager <neal.frager@amd.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-09 21:28:31 +02:00
Neal Frager 26528569d3 configs/zynqmp_zcu102_defconfig: bump to xilinx-v2025.1
This patch bumps the zynqmp_zcu102_defconfig to xilinx-v2025.1 which
includes the following updates:

- ATF v2.12
- Linux v6.12.10
- PMUFW xilinx_v2025.1
- U-Boot v2025.01

The Xilinx specific Linux 6.12 patch has been added to this defconfig:
board/xilinx/linux_6.12/patches/linux/0001-include-uapi-linux-xlnx-ai-engine.h-fix-CONFIG_XILIN.patch

The zynqmp specific u-boot binman patches are also included with the
xilinx-v2025.1 release tag, so these patches can also be removed.

The following patches have thus been removed from the defconfig:
board/zynqmp/patches/uboot/*

Signed-off-by: Neal Frager <neal.frager@amd.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-09 21:26:34 +02:00
Neal Frager 1106a1006b board/zynqmp/kria: remove kria specific u-boot patch
Now that all 3 zynqmp_kria defconfigs have bumped to xilinx_v2025.1, the kria
specific u-boot patch can be removed.

Signed-off-by: Neal Frager <neal.frager@amd.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-09 21:25:03 +02:00
Neal Frager 6c95df7404 configs/zynqmp_kria_kr260_defconfig: bump to xilinx-v2025.1
This patch bumps the zynqmp_kria_kr260_defconfig to xilinx-v2025.1 which
includes the following updates:

- ATF v2.12
- Linux v6.12.10
- PMUFW xilinx_v2025.1
- U-Boot v2025.01

The Xilinx specific Linux 6.12 patch has been added to this defconfig:
board/xilinx/linux_6.12/patches/linux/0001-include-uapi-linux-xlnx-ai-engine.h-fix-CONFIG_XILIN.patch

The kria specific u-boot patch is no longer necessary, as it is
included with the xilinx-v2025.1 release tag.

The following patch has thus been removed from the defconfig:
board/zynqmp/kria/patches/uboot/0001-video-zynqmp-add-support-for-reset.patch

The zynqmp specific u-boot binman patches are also included with the
xilinx-v2025.1 release tag, so these patches can also be removed.

The following patches have thus been removed from the defconfig:
board/zynqmp/patches/uboot/*

Signed-off-by: Neal Frager <neal.frager@amd.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-09 20:32:58 +02:00
Neal Frager 95d9900266 configs/zynqmp_kria_kd240_defconfig: bump to xilinx-v2025.1
This patch bumps the zynqmp_kria_kd240_defconfig to xilinx-v2025.1 which
includes the following updates:

- ATF v2.12
- Linux v6.12.10
- PMUFW xilinx_v2025.1
- U-Boot v2025.01

The Xilinx specific Linux 6.12 patch has been added to this defconfig:
board/xilinx/linux_6.12/patches/linux/0001-include-uapi-linux-xlnx-ai-engine.h-fix-CONFIG_XILIN.patch

The kria specific u-boot patch is no longer necessary, as it is
included with the xilinx-v2025.1 release tag.

The following patch has thus been removed from the defconfig:
board/zynqmp/kria/patches/uboot/0001-video-zynqmp-add-support-for-reset.patch

The zynqmp specific u-boot binman patches are also included with the
xilinx-v2025.1 release tag, so these patches can also be removed.

The following patches have thus been removed from the defconfig:
board/zynqmp/patches/uboot/*

Signed-off-by: Neal Frager <neal.frager@amd.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-09 20:31:00 +02:00
Neal Frager 7f0a8fc51e configs/zynqmp_kria_kv260_defconfig: bump to xilinx-v2025.1
This patch bumps the zynqmp_kria_kv260_defconfig to xilinx-v2025.1 which
includes the following updates:

- ATF v2.12
- Linux v6.12.10
- PMUFW xilinx_v2025.1
- U-Boot v2025.01

The Xilinx specific Linux 6.12 patch has been added to this defconfig:
board/xilinx/linux_6.12/patches/linux/0001-include-uapi-linux-xlnx-ai-engine.h-fix-CONFIG_XILIN.patch

The kria specific u-boot patch is no longer necessary, as it is
included with the xilinx-v2025.1 release tag.

The following patch has thus been removed from the defconfig:
board/zynqmp/kria/patches/uboot/0001-video-zynqmp-add-support-for-reset.patch

The zynqmp specific u-boot binman patches are also included with the
xilinx-v2025.1 release tag, so these patches can also be removed.

The following patches have thus been removed from the defconfig:
board/zynqmp/patches/uboot/*

Signed-off-by: Neal Frager <neal.frager@amd.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-09 20:26:55 +02:00
Neal Frager b52ff3766a boot/xilinx-embeddedsw: add support for xilinx_v2025.1
This patch adds support for version xilinx_v2025.1 without changing the
default version.  This way, the zynqmp and versal defconfigs can bump
individually from xilinx_v2024.2 to xilinx_v2025.1.

In addition, new software apps were added to the Xilinx/embedddedsw repo.
While they do not change the buildroot xilinx-embeddedsw boot package, the
version xilinx_v2025.1 has a new license.txt file.  For this reason, this
patch adds a hash file for the xilinx_v2025.1 version, so that both the
default xilinx_v2024.2 and xilinx_v2025.1 versions will have independent
hashes for their license.txt files.

Signed-off-by: Neal Frager <neal.frager@amd.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-09 20:23:29 +02:00
Neal Frager 8297f41ded configs/zynq_zed_defconfig: bump to xilinx-v2025.1
This patch bumps the zynq_microzed_defconfig to xilinx-v2025.1 which includes
the following updates:

- Linux v6.12.10
- U-Boot v2025.01

The xilinx-v2025.1 Linux 6.12.10 release tag requires a patch to fix a
leak of the Kconfig CONFIG_XILINX_AIE, so this patch is now included.

Signed-off-by: Neal Frager <neal.frager@amd.com>
Reviewed-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-09 20:21:07 +02:00
Neal Frager 6e85aeb0dd configs/zynq_microzed_defconfig: bump to xilinx-v2025.1
This patch bumps the zynq_microzed_defconfig to xilinx-v2025.1 which includes
the following updates:

- Linux v6.12.10
- U-Boot v2025.01

The xilinx-v2025.1 Linux 6.12.10 release tag requires a patch to fix a
leak of the Kconfig CONFIG_XILINX_AIE, so this patch is now included.

Signed-off-by: Neal Frager <neal.frager@amd.com>
Reviewed-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-09 20:21:07 +02:00
Neal Frager b2b10df23f configs/zynq_zc706_defconfig: bump to xilinx-v2025.1
This patch bumps the zynq_zc706_defconfig to xilinx-v2025.1 which includes
the following updates:

- Linux v6.12.10
- U-Boot v2025.01

The xilinx-v2025.1 Linux 6.12.10 release tag requires a patch to fix a
leak of the Kconfig CONFIG_XILINX_AIE, so this patch is now included.

Signed-off-by: Neal Frager <neal.frager@amd.com>
Reviewed-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-09 20:21:07 +02:00
Neal Frager 7794d36c06 configs/zynq_zc702_defconfig: bump to xilinx-v2025.1
This patch bumps the zynq_zc702_defconfig to xilinx-v2025.1 which includes
the following updates:

- Linux v6.12.10
- U-Boot v2025.01

The xilinx-v2025.1 Linux 6.12.10 release tag requires a patch to fix a
leak of the Kconfig CONFIG_XILINX_AIE, so this patch is now included.

Signed-off-by: Neal Frager <neal.frager@amd.com>
Reviewed-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-09 20:21:07 +02:00
Neal Frager 93c4e7bdbf board/xilinx: add xilinx_v2025.1 support
Add hashes for xilinx_v2025.1 release.

xilinx_v2025.1 release includes:
 - atf 2.12
 - linux 6.12.10
 - uboot 2025.01

In addition, the xilinx_v2025.1 linux kernel release tag has a Kconfig leak
of the CONFIG_XILINX_AIE option.  This patch adds a patch that is specific to
the Xilinx Linux 6.12.10 release which fixes the problem by moving the changes
implemented by the CONFIG_XILINX_AIE option from the exposed uapi header file
to the Linux internal header file.

The patch has been added to the board/xilinx/linux_6.12/patches directory, so
that it will only be applied when a user specifies they wish to build the
xilinx_v2025.1 release or they use a defconfig that has migrated to this
release.

Since the header file that causes the issue is not yet mainline, this patch
has been "upstreamed" to the Xilinx linux-xlnx repo via the AMD internal jira
process.

Upstream: internal AMD jira process

Signed-off-by: Neal Frager <neal.frager@amd.com>
Reviewed-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
[Julien: fix check-package errors:
 - remove numbering in patch subject
 - add "Upstream:" tag in patch
]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-09 20:21:07 +02:00
Neal Frager f91854dfaf package/xilinx-fpgautil: bump to xlnx-rel-v2025.1
This patch bumps the xilinx-fpgautil package to version xlnx-rel-v2025.1.

Signed-off-by: Neal Frager <neal.frager@amd.com>
[Luca: Build-tested for ARM32]
Tested-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Reviewed-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-09 19:46:59 +02:00
Neal Frager 053b0c9f66 boot/xilinx-embeddedsw: remove support for xilinx vendor name
This patch removes the support for the microblazeel-xilinx-elf arch tuple.
Users will now get an error message telling them to change their configuration
to the microblazeel-buildroot-elf arch tuple.

Signed-off-by: Neal Frager <neal.frager@amd.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-09 19:29:01 +02:00
Neal Frager b55e05f858 configs/{versal,zynqmp}_*: migrate to microblazeel-buildroot-elf tuple
This patch migrates all the versal and zynqmp defconfigs to use the
microblazeel-buildroot-elf arch tuple for the toolchain-bare-metal-buildroot
toolchain.

Signed-off-by: Neal Frager <neal.frager@amd.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-09 19:27:35 +02:00
Neal Frager 147ec434eb toolchain/toolchain-bare-metal-buildroot: rename example vendor to buildroot
Now that xilinx-embeddedsw is compatible with the toolchain vendor buildroot,
this patch modifies the toolchain-bare-metal-buildroot help example to use
the microblazeel-buildroot-elf tuple.

Signed-off-by: Neal Frager <neal.frager@amd.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-09 19:23:57 +02:00
Neal Frager 8ef4703687 boot/xilinx-embeddedsw: rename toolchain vendor to buildroot
This patch renames the bare-metal toolchain vendor used by the
xilinx-embeddedsw package from Xilinx to Buildroot to be consistent with all
other toolchains built by Buildroot.

To build the Microblaze applications available with the xilinx-embeddedsw
package, the following config is now needed:

BR2_TOOLCHAIN_BARE_METAL_BUILDROOT_ARCH="microblazeel-buildroot-elf"

This change keeps backwards compatibility for users already using the
following architecture tuple:

BR2_TOOLCHAIN_BARE_METAL_BUILDROOT_ARCH="microblazeel-xilinx-elf"

Either vendor name is now valid, but there is a warning message to use the
Buildroot vendor name, and the support for the "microblazeel-xilinx-elf"
tuple will be removed once all zynqmp and versal defconfigs have migrated.

Signed-off-by: Neal Frager <neal.frager@amd.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-09 19:23:53 +02:00
Neal Frager 526522a021 boot/xilinx-prebuilt: install pld.pdi to target
With the Versal Segmented Configuration, it is possible to load a PL bitstream
at run-time using the Linux fpgautil application.  Whenever Segmented
Configuration is used, both the boot.pdi and pld.pdi files will be available
to Buildroot.  For this reason, this patch improves the user experience by
installing the pld.pdi file to the target file system for run-time loading
whenever Versal Segemented Configuration is used.

If the fpgautil application is available in the target file system, it can
be used for loading the pld.pdi using the target command below.

fpgautil -b /lib/firmware/xilinx/*_pld.pdi

The source code for the fpgautil application can be found here:
https://github.com/Xilinx/meta-xilinx/blob/master/meta-xilinx-core/recipes-bsp/fpga-manager-script/files/fpgautil.c

Along with usage details:
https://xilinx-wiki.atlassian.net/wiki/spaces/A/pages/1188397412/Solution+Versal+PL+Programming

Signed-off-by: Neal Frager <neal.frager@amd.com>
Reviewed-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-09 19:02:48 +02:00
Neal Frager 3ee8569037 board/versal: change pdi filename to boot.pdi
With the Segmented Configuration, the Versal PDI files will have new names:
<design>_boot.pdi - Minimal DDR and PS config for booting
<design>_pld.pdi - Remainder of FPGA design to be loaded at run-time

Since this will be the new default, this patch aligns the Buildroot file
naming by replacing the obscure vpl_gen_fixed.pdi filename with a simpler
boot.pdi filename.

Signed-off-by: Neal Frager <neal.frager@amd.com>
Reviewed-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-09 19:02:43 +02:00
Neal Frager a0a92928db boot/xilinx-prebuilt: add segmented config support
AMD has created a new segmented configuration for Versal products.  It splits
the Vivado hardware design into two PDI files, one containing the minimal
required configuration for the DDR and booting the processors, and a second PDI
file which contains the rest of the FPGA design and can be loaded at run-time
via U-boot or Linux.

The file names generated when using the Vivado Segmented Configuration are as
follows:

<design>_boot.pdi - Minimal DDR and PS config for booting
<design>_pld.pdi - Remainder of FPGA design to be loaded at run-time

Since two PDI files will be included in the XSA file when using Segmented
Configuration, the xilinx-prebuilt package needs to be updated to support
this feature.

For Buildroot purposes, the <design>_boot.pdi is the file that needs to be
included in the boot.bin for booting the processors, so this patch checks
for a file named *boot*.pdi which will indicate that Segmented Configuration
is being used and will make sure to use the <design>_boot.pdi file and not
the <design>_pld.pdi file when generating the boot.bin image.

If no pdi files contain the word "boot" in the filename, it can be assumed
that Segmented Configuration is not being used, so the single file *.pdi
method is the appropriate one for this case, and this patch is thus
backwards compatible with prior designs not using Segmented Configuration.

Also, Segmented Configuration is going to become the default mode for Versal
products, so the xilinx-prebuilt github location will also soon have two PDI
files for each board.  For this reason, this patch is also handling Segmented
Configuration for files downloaded from the xilinx-prebuilt repo.

For further information about the AMD Segmented Configuration, please see the
github tutorial below.

https://github.com/Xilinx/Vivado-Design-Tutorials/tree/2024.2/Versal/Boot_and_Config/Segmented_Configuration

Signed-off-by: Neal Frager <neal.frager@amd.com>
Reviewed-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-09 19:02:38 +02:00
Neal Frager 6646d0b90f boot/xilinx-prebuilt: change versal pdi file permissions
The versal vpl_gen_fixed.pdi file is not a target executable, so the file
permissions should be 644 instead of 755.

Signed-off-by: Neal Frager <neal.frager@amd.com>
Reviewed-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-09 19:02:33 +02:00
Andy Yan 51fc2f3846 configs/coolpi_4b: new defconfig
CoolPi 4B is a rk3588s based SBC[0].
Specification:
- Rockchip RK3588S
- LPDDR4 2/4/8/16 GB
- TF scard slot
- eMMC 8/32/64/128 GB module
- Gigabit ethernet drived by PCIE with RTL8111HS
- HDMI Type D out
- Mini DP out
- USB 2.0 Host x 2
- USB 3.0 OTG x 1
- USB 3.0 Host x 1
- WIFI/BT module AIC8800
- 40 pin header

[0] https://www.cool-pi.com/product/cp4b/

Signed-off-by: Andy Yan <andyshrk@163.com>
[Julien:
 - add missing BR2_GLOBAL_PATCH_DIR and hash files
 - add missing BR2_TARGET_UBOOT_NEEDS_GNUTLS
]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-09 18:06:23 +02:00
Petr Vorel 34611327b8 package/iputils: bump version 20250605
Bugfix release:
https://github.com/iputils/iputils/releases/tag/20250605

Signed-off-by: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-09 16:53:21 +02:00
Julien Olivain e8cfd40ce7 package/spirv-llvm-translator: propagate llvm depends on wchar
The target package spirv-llvm-translator was introduced in Buildroot
commit [1] without propagating the llvm dependency on toolchains with
wchar support.

This commit fixes this issue.

Fixes:

    WARNING: unmet direct dependencies detected for BR2_PACKAGE_LLVM
      Depends on [n]: BR2_PACKAGE_LLVM_ARCH_SUPPORTS [=y] && BR2_TOOLCHAIN_GCC_AT_LEAST_7 [=y] && BR2_TOOLCHAIN_HAS_THREADS [=y] && BR2_INSTALL_LIBSTDCPP [=y] && !BR2_TOOLCHAIN_HAS_GCC_BUG_64735 [=n] && !BR2_STATIC_LIBS [=n] && BR2_USE_WCHAR [=n] && BR2_HOST_GCC_AT_LEAST_7 [=y]
      Selected by [y]:
      - BR2_PACKAGE_SPIRV_LLVM_TRANSLATOR [=y] && BR2_PACKAGE_LLVM_ARCH_SUPPORTS [=y] && BR2_TOOLCHAIN_GCC_AT_LEAST_7 [=y] && BR2_TOOLCHAIN_HAS_THREADS [=y] && BR2_INSTALL_LIBSTDCPP [=y] && !BR2_STATIC_LIBS [=n] && BR2_HOST_GCC_AT_LEAST_7 [=y]

[1] https://gitlab.com/buildroot.org/buildroot/-/commit/58f9c7b83c86b06e1a086dbe884e216799410118

Cc: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-06-09 16:24:08 +02:00
Julien Olivain 0720d398f1 package/mender-update-modules: ipk support depends on MMU, wchar
Since its inclusion in commit [1], the
BR2_PACKAGE_MENDER_UPDATE_MODULES_IPK config selects
BR2_PACKAGE_OPKG without propagating its dependencies on MMU and
wchar.

This commit fixes this issue.

Fixes:

    WARNING: unmet direct dependencies detected for BR2_PACKAGE_OPKG
      Depends on [n]: BR2_USE_MMU [=y] && BR2_USE_WCHAR [=n]
      Selected by [y]:
      - BR2_PACKAGE_MENDER_UPDATE_MODULES_IPK [=y] && BR2_PACKAGE_MENDER_UPDATE_MODULES [=y]

[1] https://gitlab.com/buildroot.org/buildroot/-/commit/a474642fdcd8c69e12126bbe8304479aa855d916

Cc: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-06-09 16:23:39 +02:00
Julien Olivain 6967ed93b6 package/dovecot: add missing mariadb dependencies for mysql support
Buildroot commit [1] removed mysql and replaced it by mariadb in all
packages, but did not propagated all dependencies.

This commit fixes the issue.

Fixes:

    WARNING: unmet direct dependencies detected for BR2_PACKAGE_MARIADB
      Depends on [n]: BR2_INSTALL_LIBSTDCPP [=y] && !BR2_STATIC_LIBS [=n] && BR2_USE_MMU [=y] && BR2_TOOLCHAIN_HAS_THREADS [=y] && (BR2_TOOLCHAIN_HAS_ATOMIC [=n] || BR2_TOOLCHAIN_HAS_SYNC_8 [=n]) && BR2_USE_WCHAR [=y]
      Selected by [y]:
      - BR2_PACKAGE_DOVECOT_MYSQL [=y] && BR2_PACKAGE_DOVECOT [=y] && BR2_INSTALL_LIBSTDCPP [=y] && BR2_TOOLCHAIN_HAS_THREADS [=y]

[1] https://gitlab.com/buildroot.org/buildroot/-/commit/8708f3a23a7e28fdb04fc57406e13e6b7ff4a337

Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-06-09 16:23:18 +02:00
Julien Olivain e34a113b32 package/gstreamer1/gst1-plugins-bad: webrtc needs sync_4
Commit [1] "package/gstreamer1/gst1-plugins-bad: bump version
to 1.24.11" added new requirements for webrtc which selects the
sctp plugin, but forgot to propagate its dependencies. The sctp
plugin depends on BR2_TOOLCHAIN_HAS_SYNC_4.

This commit fixes this issue.

Fixes:

    WARNING: unmet direct dependencies detected for BR2_PACKAGE_GST1_PLUGINS_BAD_PLUGIN_SCTP
      Depends on [n]: BR2_PACKAGE_GSTREAMER1 [=y] && BR2_PACKAGE_GST1_PLUGINS_BAD [=y] && BR2_TOOLCHAIN_HAS_SYNC_4 [=n]
      Selected by [y]:
      - BR2_PACKAGE_GST1_PLUGINS_BAD_PLUGIN_WEBRTC [=y] && BR2_PACKAGE_GSTREAMER1 [=y] && BR2_PACKAGE_GST1_PLUGINS_BAD [=y] && !BR2_STATIC_LIBS [=n]

[1] https://gitlab.com/buildroot.org/buildroot/-/commit/90b3cfedf44cc92289746aa30e439be409ca3747

Cc: Thomas Bonnefille <thomas.bonnefille@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-06-09 16:09:59 +02:00
Julien Olivain f933a165e2 package/podman: raise kernel header requirement to v4.14
Since its introduction in commit [1], the podman package has a
dependency on a toolchain with headers >= 3.17, which was propagated
from libseccomp and slirp4netns. The podman package also selects
BR2_PACKAGE_SHADOW which has a requirement on toolchain with
headers >= 4.14. See [2]. This requirement should have been
propagated.

This commit fixes this issue.

Fixes:

    WARNING: unmet direct dependencies detected for BR2_PACKAGE_SHADOW
      Depends on [n]: !BR2_STATIC_LIBS [=n] && BR2_TOOLCHAIN_HEADERS_AT_LEAST_4_14 [=n]
      Selected by [y]:
      - BR2_PACKAGE_PODMAN [=y] && BR2_USE_MMU [=y] && BR2_PACKAGE_HOST_GO_TARGET_ARCH_SUPPORTS [=y] && BR2_PACKAGE_HOST_RUSTC_TARGET_ARCH_SUPPORTS [=y] && BR2_PACKAGE_LIBGPG_ERROR_ARCH_SUPPORTS [=y] && BR2_PACKAGE_LIBSECCOMP_ARCH_SUPPORTS [=y] && BR2_TOOLCHAIN_HEADERS_AT_LEAST_3_17 [=y] && BR2_TOOLCHAIN_HAS_THREADS [=y] && BR2_USE_WCHAR [=y]

[1] https://gitlab.com/buildroot.org/buildroot/-/commit/ebbaac08e3f462bf023c12077f739ed1c0543eb2
[2] https://gitlab.com/buildroot.org/buildroot/-/commit/f78c5cb5cae93a9e63dad4361d78e1787759382f

Cc: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Julien Olivain <ju.o@free.fr>
Acked-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-06-09 16:09:04 +02:00
Julien Olivain 733fe053e1 system/Config.in: add missing MMU dependency for catatonit
BR2_INIT_CATATONIT config, introduced in Buildroot commit [1] selects
BR2_PACKAGE_CATATONIT but forgot to propagate the MMU dependency.

This commit fixes that.

Fixes:

    WARNING: unmet direct dependencies detected for BR2_PACKAGE_CATATONIT
      Depends on [n]: BR2_USE_MMU [=n]
      Selected by [y]:
      - BR2_INIT_CATATONIT [=y] && <choice>

[1] https://gitlab.com/buildroot.org/buildroot/-/commit/6dc177bee8b7fe1ae1607bd7c0819b0dc63397d7

Cc: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Julien Olivain <ju.o@free.fr>
Acked-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-06-09 16:07:43 +02:00
Peter Seiderer 8b736d1bde Revert "package/lm-sensors: update LM_SENSORS_VERSION"
Revert back to the hyphen version schema (as actual returned by
https://release-monitoring.org, see [1], [2]).

Fixes pkg-stats output.

This reverts commit 521afeab9b.

[1] https://release-monitoring.org/projects/search/?pattern=lm-sensors
[2] https://release-monitoring.org/project/1831/

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-06-09 16:06:28 +02:00
Kadambini Nema e9227311d9 package/gcc: update to 14.3.0
Release announcement:
https://gcc.gnu.org/pipermail/gcc-announce/2025/000186.html

List of bugs which were resolved in 14.3.0:
https://gcc.gnu.org/bugzilla/buglist.cgi?bug_status=RESOLVED&resolution=FIXED&target_milestone=14.3

Drop upstream patch 0003-libquadmath-Fix-up-libquadmath-math-sqrtq.c-compilat.patch
https://gcc.gnu.org/cgit/gcc/commit/?id=3fe5720430a9ba61ed7562aac4d758cc77d49a28

Signed-off-by: Kadambini Nema <kadambini.nema@gmail.com>
[Julien:
 - rebase on branch next
 - fix patch 0003 upstream merge URL
]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-08 16:21:21 +02:00
Kadambini Nema 0b8b72d2fe package/gcc: update to 13.4.0
Release announcement:
https://gcc.gnu.org/pipermail/gcc-announce/2025/000187.html

Changelog:
https://gcc.gnu.org/bugzilla/buglist.cgi?bug_status=RESOLVED&resolution=FIXED&target_milestone=13.4

Signed-off-by: Kadambini Nema <kadambini.nema@gmail.com>
[Julien: fix check-package error by fixing .checkpackageignore entry]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-08 16:14:38 +02:00
Kadambini Nema 26c4821638 package/diffutils: bump version to 3.12
Release notes:
Version 3.12 - https://lists.gnu.org/archive/html/info-gnu/2025-04/msg00005.html
Version 3.11 - https://lists.gnu.org/archive/html/info-gnu/2025-02/msg00003.html

Fix the following error seen during cross-compilation error by assuming that
strcasecmp function is always available.
- "configure: error: cannot run test program while cross compiling"

Signed-off-by: Kadambini Nema <kadambini.nema@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-08 15:43:17 +02:00
Kadambini Nema 992cea79eb package/valgrind: bump to version 3.25.1
Release notes:
https://sourceware.org/git/?p=valgrind.git;a=blob;f=NEWS;h=741329a681708fb01f6451e775471fbbe13904f7;hb=4441567fbec8c263e1624b49ba86572d4cccfccd

Signed-off-by: Kadambini Nema <kadambini.nema@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-08 15:38:31 +02:00
Kadambini Nema 66dc76de82 package/libusb: bump version to 1.0.29
Release notes:
https://github.com/libusb/libusb/releases/tag/v1.0.29

Changelog:
https://github.com/libusb/libusb/blob/v1.0.29/ChangeLog#L4

Signed-off-by: Kadambini Nema <kadambini.nema@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-08 15:36:04 +02:00
Kadambini Nema e0a7ddecbe package/vnstat: bump version to 2.13
Release notes:
https://github.com/vergoh/vnstat/releases/tag/v2.13
https://github.com/vergoh/vnstat/releases/tag/v2.12

Signed-off-by: Kadambini Nema <kadambini.nema@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-08 15:34:38 +02:00
Kadambini Nema c87d34badb package/libgit2: bump version to 1.9.1
Release notes:
https://github.com/libgit2/libgit2/releases/tag/v1.9.1

Signed-off-by: Kadambini Nema <kadambini.nema@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-08 15:29:31 +02:00
Kadambini Nema eb21ab5c71 package/whois: bump to version 5.6.2
Changelog:
https://github.com/rfc1036/whois/blob/v5.6.2/debian/changelog

Signed-off-by: Kadambini Nema <kadambini.nema@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-08 15:27:59 +02:00
Thomas Perale fa45c47fcb package/ghostscript: fix build with host GCC 15
Fix the following autobuild error on configs with host GCC15.

```
/workdir/instance-0/output-1/host/bin/ccache /usr/bin/gcc   -O2 -DNDEBUG -Wall -Wstrict-prototypes -Wundef -Wmissing-declarations -Wmissing-prototypes -Wwrite-strings -fno-strict-aliasing -Werror=declaration-after-statement -fno-builtin -fno-common -Werror=return-type -Wno-unused-local-typedefs -DHAVE_STDINT_H=1 -DHAVE_DIRENT_H=1 -DHAVE_SYS_DIR_H=1 -DHAVE_SYS_TIME_H=1 -DHAVE_SYS_TIMES_H=1 -DHAVE_INTTYPES_H=1 -DHAVE_LIBDL=1 -DGX_COLOR_INDEX_TYPE="unsigned long long" -D__USE_UNIX98=1 -DHAVE_SNPRINTF  -O2 -I/workdir/instance-0/output-1/host/include -L/workdir/instance-0/output-1/host/lib -Wl,-rpath,/workdir/instance-0/output-1/host/lib -DNOCONTRIB -DHAVE_RESTRICT=1 -DHAVE_LIMITS_H=1 -DHAVE_STRING_H=1 -fno-strict-aliasing -O2 -I/workdir/instance-0/output-1/host/include -L/workdir/instance-0/output-1/host/lib -Wl,-rpath,/workdir/instance-0/output-1/host/lib -DHAVE_POPEN_PROTO=1  -I./base -o ./obj/aux/genconf ./base/genconf.c   -lz
In file included from ./base/genconf.c:18:
./base/stdpre.h:348:13: error: 'bool' cannot be defined via 'typedef'
  348 | typedef int bool;
      |             ^~~~
./base/stdpre.h:348:13: note: 'bool' is a keyword with '-std=c23' onwards
./base/stdpre.h:348:1: warning: useless type name in empty declaration
  348 | typedef int bool;
      | ^~~~~~~
```

This is due to the change in the default C language version in GCC15.

The patch included is not exactly the same as the upstream one, it only
picks the part that fix the `bool` definition and dropped the declaration
type changes.

Fixes: https://autobuild.buildroot.org/results/9c6/9c6cbff256635c6ab4be4c5b7bf18f9d3c4b46681

Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-08 15:14:49 +02:00
Peter Korsgaard 0fce7a9623 package/libcurl: fix build w/ threads + c-ares
Fixes:
https://autobuild.buildroot.net/results/680b825b93989e6aef247593c198094a6ed916f7/

Since curl 8.14.0 with commit d364f1347f05 ("configure: catch asking for
double resolver without https-rr"), configure errors out when
--enabled-threaded-resolver is used together with --enable-ares (unless the
experimental HTTPS-RR support is enabled), so disable the threaded resolver
when c-ares is enabled.

https://github.com/curl/curl/commit/d364f1347f05c53eea5d25a15b4ad8a62ecc85b8

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Reviewed-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-08 13:10:43 +02:00
El Mehdi YOUNES 22798b5978 support/testing: add runtime test for Mesa3D Rusticl
This test verifies that clinfo correctly detects the rustiCL platform
and llvmpipe as device.

We check:
  - exit code,
  - Platform name matches rusticl,
  - Device name matches llvmpipe.

Signed-off-by: El Mehdi YOUNES <elmehdi.younes@smile.fr>
[Julien:
 - rename file to test_mesa3d.py
 - add Medhi in DEVELOPERS for this test file
]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-07 22:47:35 +02:00
El Mehdi YOUNES fc7c7d74aa package/mesa3d: add RustiCL support
RustiCL is an OpenCL implementation written entirely in
RUST and integrated into Mesa3D. It enables the use of OpenCL
programs on top of existing Gallium drivers. RustiCL is a
modern and maintainable replacement for the old C-implemention
Clover.

To build Rusticl in Mesa3D, the following components are required:

  - host-rustc (Rust compiler)
  - host-rust-bindgen (for generating bindings)
  - spirv-tools
  - spirv-llvm-translator (providing libLLVMSPIRVLib.so matching the LLVM version)
  - LLVM built with libclc and -DLLVM_ENABLE_DUMP=ON
  - Mesa headers via mesa-clc-bundle-headers=enabled
  - There is a known meson bug and in order to fix it we set -Drust_std=2021, see:
    https://docs.mesa3d.org/rusticl.html#known-issues
    https://github.com/mesonbuild/meson/issues/10664

More details in the Mesa documentation:
https://docs.mesa3d.org/rusticl.html

Rusticl is the provider of OpenCL in Buildroot.
However, Mesa does not provide the `libOpenCL.so` library itself.
We therefore depend on the `opencl-icd-loader` package to
install this loader in the toolchain sysroot, so that other
OpenCL-dependent packages can build and link against it.

Without the ICD loader, only `libRustiOpenCL.so` is available and
tools like `clinfo` or `clpeak` fail.

- 'Dmesa-clc-bundle-headers=enabled' ensures that the OpenCL header
   files are bundled and available in the target. Without this,
   runtime compilation of OpenCL kernels via clpeak or clinfo fails
   with:
	fatal error: 'opencl-c-base.h' file not found

see https://gitlab.freedesktop.org/mesa/mesa/-/commit/3619611b31bade726b3dd3d0583ff41a5794cad3

We add a Rust compiler override to Meson to use Buildroot’s
host Rust toolchain using MESA3D_MESON_EXTRA_BINARIES.
Rusticl requires Meson to invoke rustc with the correct target and linker:
    * 'rust=['$(HOST_DIR)/bin/rustc','--target=$(RUSTC_TARGET_NAME)']'
    * 'rust_ld='$(TARGET_CROSS)gcc''
Another solution was proposed to set rust and rust_ld globally in
cross-compilation.conf, we prefer to define them locally within mesa
for now to ensure precise control over the rust toolchain behavior
during the Mesa build.

see https://lore.kernel.org/buildroot/ZcOeEMfwX4XlRXO7@landeda/

Currently, we should always use RUSTICL_ENABLE= driver to use rusticl.
More information:
https://docs.mesa3d.org/envvars.html#envvar-RUSTICL_ENABLE

Signed-off-by: El Mehdi YOUNES <elmehdi.younes@smile.fr>
[Julien: add references to meson bug]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-07 22:47:25 +02:00
El Mehdi YOUNES d2a82364ac package/opencl-icd-loader: new package
This adds the OpenCL installable client driver (ICD) loader
which provides the 'libOpenCL.so' shared library needed to
run OpenCL programs.

Mesa3D can offer opencl implementations (such as rusticl),
but it does not provide 'libOpenCL.so'.

Without it, programs like 'clinfo' fail to build not
finding 'libOpenCL.so'.

see:
https://github.com/KhronosGroup/OpenCL-ICD-Loader

Signed-off-by: El Mehdi YOUNES <elmehdi.younes@smile.fr>
[Julien: add Medhi in DEVELOPERS for this package]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-07 21:44:36 +02:00
El Mehdi YOUNES dba2912be3 package/opencl-headers: new package
Add the "opencl-headers" package to install the OpenCL C API headers,
which are required at build time by consumers such as
opencl-icd-loader.

While Mesa provides these headers internally, they are not installed
by default since clover and opencl-gallium are deprecated and will
be removed starting from mesa 25.2

And since we should install them manually from mesa, it is better
use external headers. This ensures these headers are always
available and up-to-date independently from those provided by Mesa,
folowing the same logic used for "opencl-clhpp".

see:
https://github.com/KhronosGroup/OpenCL-ICD-Loader#dependencies
https://gitlab.freedesktop.org/mesa/mesa/-/tree/main/include/CL
https://github.com/KhronosGroup/OpenCL-Headers
https://gitlab.freedesktop.org/mesa/mesa/-/commit/5844dea31620f36c41ac738e17fefd57084b2dbb#feedf4d0444f717d7227468a9529c2cf9740b6fd

Signed-off-by: El Mehdi YOUNES <elmehdi.younes@smile.fr>
[Julien: add Medhi in DEVELOPERS for this package]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-07 21:39:20 +02:00
El Mehdi YOUNES 2f4a922376 package/opencl-clhpp: bump version to v2024.10.24
Bump opencl-clhpp to the latest version "v2024.10.24".

https://github.com/KhronosGroup/OpenCL-CLHPP/releases/tag/v2024.10.24

Signed-off-by: El Mehdi YOUNES <elmehdi.younes@smile.fr>
[Julien: reword commit title to include the version name]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-07 21:25:31 +02:00
Peter Korsgaard 00f0fca15a package/go: security bump to version 1.23.10
go1.23.9 (released 2025-05-06) includes fixes to the runtime and the linker.

go1.23.10 (released 2025-06-05) includes security fixes to the net/http and
os packages, as well as bug fixes to the linker.

Fixes the following security vulnerabilities:

- CVE-2025-4673: net/http: sensitive headers not cleared on cross-origin
  redirect

  Proxy-Authorization and Proxy-Authenticate headers persisted on
  cross-origin redirects potentially leaking sensitive information

- CVE-2025-0913: os: inconsistent handling of O_CREATE|O_EXCL on Unix and
  Windows

  os.OpenFile(path, os.O_CREATE|O_EXCL) behaved differently on Unix and
  Windows systems when the target path was a dangling symlink.  On Unix
  systems, OpenFile with O_CREATE and O_EXCL flags never follows symlinks.
  On Windows, when the target path was a symlink to a nonexistent location,
  OpenFile would create a file in that location.

- CVE-2025-22874: crypto/x509: usage of ExtKeyUsageAny disables policy validation

  Calling Verify with a VerifyOptions.KeyUsages that contains ExtKeyUsageAny
  unintentionally disabled policy validation.  This only affected
  certificate chains which contain policy graphs, which are rather uncommon.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-06-07 17:32:49 +02:00
Kadambini Nema be69e6fe2f package/jq: security bump to version 1.8.0
Release notes:
https://github.com/jqlang/jq/releases/tag/jq-1.8.0

Fixes the following security issues:
- CVE-2024-23337: Fix signed integer overflow in jvp_array_write and jvp_object_rehash.
- CVE-2024-53427: Reject NaN with payload while parsing JSON.
- CVE-2025-48060: Fix heap buffer overflow in jv_string_vfmt.
- Fix use of uninitialized value in check_literal.
- Fix segmentation fault on strftime/1, strflocaltime/1.
- Fix unhandled overflow in @base64d.

COPYING hash changed due to the following commit.
https://github.com/jqlang/jq/commit/9afc450930b19ca179e6ef4e744853a94a7b72cf

Signed-off-by: Kadambini Nema <kadambini.nema@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-06-07 17:30:00 +02:00
Thomas Perale aa9ee17701 package/yasm: fix build with host GCC 15
Fix the following autobuild error that started appearing with host GCC15
configs.

```
/usr/bin/gcc -DHAVE_CONFIG_H -I.   -I/workdir/instance-0/output-1/host/include  -O2 -I/workdir/instance-0/output-1/host/include  -c -o modules/arch/x86/x86arch.o modules/arch/x86/x86arch.c
In file included from modules/arch/x86/x86arch.h:30,
                 from modules/arch/x86/x86arch.c:31:
./libyasm/bitvect.h:86:32: error: cannot use keyword 'false' as enumeration constant
   86 |         typedef enum boolean { false = FALSE, true = TRUE } boolean;
      |                                ^~~~~
./libyasm/bitvect.h:86:32: note: 'false' is a keyword with '-std=c23' onwards
```

This is due to the change in the default C language version in GCC15.

Fixes: https://autobuild.buildroot.org/results/d1d/d1d9a6e73c2ec278941dd90c6b07cce01b372feb/

Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-06-07 15:40:08 +02:00
Matthias Schiffer 7966ac6058 package/qoriq-mc-utils: fix target install
- The check was referencing an incorrect variable name
- In the `$(QORIQ_MC_UTILS_DPC_FILES) $(QORIQ_MC_UTILS_DPL_FILES)` case,
  the target directory needs to be created first

Signed-off-by: Matthias Schiffer <matthias.schiffer@ew.tq-group.com>
Reviewed-by: Vladimir Oltean <olteanv@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-06 22:05:07 +02:00
Matthias Schiffer d48c27f1cd package/qoriq-mc-binary: fix target install
The check was referencing an incorrect variable name.

Signed-off-by: Matthias Schiffer <matthias.schiffer@ew.tq-group.com>
Reviewed-by: Vladimir Oltean <olteanv@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-06 22:05:03 +02:00
Brandon Maier c01b9e7641 package/bats-core: update to 1.12.0
Release notes: https://github.com/bats-core/bats-core/releases/tag/v1.12.0

Signed-off-by: Brandon Maier <brandon.maier@collins.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-06 21:58:34 +02:00
Thomas Devoogdt e0bd9bafb4 package/fluent-bit: bump to 4.0.3
News:
- https://fluentbit.io/announcements/v4.0.3/

Other remarks:
- Dropped 0003-lib-miniz-only-require-a-C-compiler.patch
  as it is upstream. [1]

- Added msgpack-c as a system dependency since this has been
  added to buildroot.

- Added sqlite as system dependency as it can't really be
  disabled otherwise due to an upstream compile bug. [2]

- Sorted the config entries while at it.

[1] https://github.com/fluent/fluent-bit/pull/10315
[2] https://github.com/fluent/fluent-bit/issues/9757

Signed-off-by: Thomas Devoogdt <thomas@devoogdt.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-06 21:52:33 +02:00
Thomas Devoogdt 110cd92932 package/msgpack-c: add new package
MessagePack ships both in a C++ and a C variant. Add the latter to
Buildroot. This will be used by fluent-bit.

Signed-off-by: Thomas Devoogdt <thomas@devoogdt.com>
[Julien:
 - switch homepage URL to use https
 - add a note in package/msgpack{,-c}/Config.in to clarify C/C++
   variants
]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-06 21:50:28 +02:00
Yann E. MORIN 9188bf42e4 package/gpsd: bump to 3.26.1
For change log, see:
https://gitlab.com/gpsd/gpsd/-/blob/release-3.26.1/NEWS

Support for RTCM104v2 and v3, as well as for ublox, are now
unconditionally built, so drop our corresponding options. No
needfor legacy options: users that had those enabled will
still get them.

Support for Oceanserver has been dropped upstream, so drop our
option and add legacy handling to infrom users they should
complain upstream if they needed it (very unlikely).

Also, a bug introduced in gpsd 3.26 makes the Buildroot gpsd runtime
test failing. See [1]. As a workaround, this commit also changes
this runtime test to emulate a gps over TCP, instead of UDP.

[1] https://gitlab.com/gpsd/gpsd/-/issues/337

Signed-off-by: Yann E. MORIN <yann.morin@orange.com>
[Julien:
 - rebased on branch next
 - add gpsd version removing OceanServer option in Config.in.legacy
 - add link to NEWS in commit log
 - switch test_gpsd to use tcp instead of udp
]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-06 19:54:40 +02:00
Kadambini Nema 18b5a86e1b package/frr: bump version to 10.3.1
Release notes:
https://github.com/FRRouting/frr/releases/tag/frr-10.3.1

Signed-off-by: Kadambini Nema <kadambini.nema@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-06 19:22:38 +02:00
Fred Lefranc a11529525c package/haproxy: bump version to 2.6.22
Changelog: http://www.haproxy.org/download/2.6/src/CHANGELOG
Signed-off-by: Fred Lefranc <fred.lefranc+evs@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-06 19:12:45 +02:00
Bernd Kuhls e893a70e12 package/mesa3d: vulkan intel needs llvm
Since mesa3d was bumped to 25.0.6 with buildroot commit 317260f336 the
Intel Vulkan driver also needs llvm.

Reported-by: Heiko Thiery <heiko.thiery@gmail.com>
https://lists.buildroot.org/pipermail/buildroot/2025-May/780130.html

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-05 21:55:19 +02:00
Bernd Kuhls 1539e932b6 package/mesa3d: fix comment for iris gallium driver
Buildroot commit 600e75b606 "remove depends on architecture for Iris/
Vulkan" forgot to remove the dependency for the comment of the iris
driver.

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-05 21:55:19 +02:00
Andreas Ziegler 5080f0af16 package/mpd: update to version 0.24.4
Version 0.24.4 change log:

* protocol
  - fix stuck "getfingerprint" with io_uring
* decoder
  - mpg123: support Icy stream tags
  - mpg123: use libid3tag to parse stream tags
* tags
  - id3: fix assertion failure with broken AIFF/RIFF ID3 chunks
* output
  - fix resuming playback after it was paused by "single" mode
  - alsa: fix compiler warning with alsa-lib 1.2.14

Signed-off-by: Andreas Ziegler <br015@umbiko.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-06-05 10:55:42 +02:00
Bernd Kuhls 34b847933e {linux, linux-headers}: bump 5.{4, 10, 15}.x / 6.{1, 6, 12, 14}.x series
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-06-05 10:52:34 +02:00
Luca Ceresoli b674736ae2 package/unzip: fix cmake 4 compatibility
unzip fails on hosts with CMake 4, such as Arch Linux:

  CMake Error at CMakeLists.txt:1 (cmake_minimum_required):
    Compatibility with CMake < 3.5 has been removed from CMake.

    Update the VERSION argument <min> value.  Or, use the <min>...<max> syntax
    to tell CMake that the project requires at least <min> but has been updated
    to work with policies introduced by <max> or earlier.

    Or, add -DCMAKE_POLICY_VERSION_MINIMUM=3.5 to try configuring anyway.

Fix by updating the cmake_minimum_required to 3.5.

Fixes:
  https://autobuild.buildroot.org/results/211379177fbc293bcae3a16d951d263035a1d8a3/
  https://autobuild.buildroot.org/results/5701aae037df6997724765cac53c3247c367508a/
  https://autobuild.buildroot.org/results/d1d48040e7db67a54dc5ce24d19d97084407a401/
  and other similar failures

Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-06-04 21:51:34 +02:00
Kadambini Nema 507160c281 package/msmtp: bump version to 1.8.30
Release notes:
https://marlam.de/msmtp/news/msmtp-1-8-30/

Signed-off-by: Kadambini Nema <kadambini.nema@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-06-04 21:45:32 +02:00
Konstantin Menyaev c874399d3c package/dhcpcd: make privsep configurable
Privilege separation mode is undesirable in some use cases.
Let's allow the user to disable it, at least.

Signed-off-by: Konstantin Menyaev <konstantin.menyaev@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-06-04 21:36:43 +02:00
Roy Kollen Svendsen ac7f65d83e package/qt6/qt6tools: build without clang support
Fixes:
If external clang is available on the host system, the buildsystem tries
to use it. The result will be unpredictable. We can't use the version of
clang that is shipped with buildroot either, because it is too old. See:
https://code.qt.io/cgit/qt/qttools.git/tree/.cmake.conf?h=6.8.1. So we
disable clang support in qt6tools for now.

Signed-off-by: Roy Kollen Svendsen <roykollensvendsen@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-06-04 20:42:45 +02:00
Roy Kollen Svendsen 1fad08d32f package/qt6/qt6base: remove unused hidden host option
The previous commit removed its only user. It was a blind option so no
legacy handling is needed.

Signed-off-by: Roy Kollen Svendsen <roykollensvendsen@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-06-04 20:42:04 +02:00
Roy Kollen Svendsen bd255e9e9c package/qt6/qt6tools: avoid build failures
Since we don't need assistant, designer or linguist on target, and we
don't need assistant or designer on host, we unconditionally disable
these tools, to avoid build failures without inreasing the complexity of
the package.

Fixes target linguist build:
-- Could NOT find Qt6LinguistTools (missing: Qt6LinguistTools_DIR)
CMake Error at <...>/output/build/qt6base-6.8.1/cmake/QtToolHelpers.cmake:768 (message):
  Failed to find the host tool "Qt6::lconvert".  It is part of the
  Qt6LinguistTools package, but the package could not be found.  Make sure
  you have built and installed the host Linguist module, which will ensure
  the creation of the Qt6LinguistTools package.
Call Stack (most recent call first):
  <...>/output/build/qt6base-6.8.1/cmake/QtToolHelpers.cmake:83 (qt_internal_find_tool)
  src/linguist/lconvert/CMakeLists.txt:9 (qt_internal_add_tool)

The following defconfig triggers a target linguist build without
building the necessary lconvert host tool. See:
https://code.qt.io/cgit/qt/qttools.git/tree/src/linguist/CMakeLists.txt?h=6.8.1#n17

BR2_arm=y
BR2_cortex_a9=y
BR2_ARM_ENABLE_VFP=y
BR2_TOOLCHAIN_EXTERNAL=y
BR2_TOOLCHAIN_EXTERNAL_BOOTLIN=y
BR2_TOOLCHAIN_EXTERNAL_BOOTLIN_ARMV7_EABIHF_MUSL_STABLE=y
BR2_PACKAGE_QT6=y
BR2_PACKAGE_QT6BASE_GUI=y
BR2_PACKAGE_QT6BASE_PNG=y
BR2_PACKAGE_QT6BASE_WIDGETS=y
BR2_PACKAGE_QT6TOOLS=y

Fixes target designer build:
CMake Error at <...>/output/build/qt6base-6.8.1/cmake/QtPublicWalkLibsHelpers.cmake:267 (message):
  The Xml target is mentioned as a dependency for Designer, but not declared.
Call Stack (most recent call first):
  <...>/output/build/qt6base-6.8.1/cmake/QtPrlHelpers.cmake:8 (__qt_internal_walk_libs)
  <...>/output/build/qt6base-6.8.1/cmake/QtPrlHelpers.cmake:47 (qt_collect_libs)
  <...>/buildroot/output/build/qt6base-6.8.1/cmake/QtModuleHelpers.cmake:1027 (qt_generate_prl_file)
  <...>/buildroot/output/build/qt6base-6.8.1/cmake/QtScopeFinalizerHelpers.cmake:24:EVAL:1 (qt_finalize_module)
  src/designer/src/lib/CMakeLists.txt:DEFERRED

The following defconfig triggers a target designer build, without
selecting the necessary xml qt6base option. See:
https://code.qt.io/cgit/qt/qttools.git/tree/configure.cmake?h=6.8.1#n64
https://code.qt.io/cgit/qt/qttools.git/tree/src/designer/src/lib/CMakeLists.txt?h=6.8.1#n182

BR2_arm=y
BR2_cortex_a9=y
BR2_ARM_ENABLE_VFP=y
BR2_TOOLCHAIN_EXTERNAL=y
BR2_TOOLCHAIN_EXTERNAL_BOOTLIN=y
BR2_TOOLCHAIN_EXTERNAL_BOOTLIN_ARMV7_EABIHF_MUSL_STABLE=y
BR2_PACKAGE_QT6=y
BR2_PACKAGE_QT6BASE_GUI=y
BR2_PACKAGE_QT6BASE_PNG=y
BR2_PACKAGE_QT6BASE_WIDGETS=y
BR2_PACKAGE_QT6TOOLS=y

Fixes target assistant build:
CMake Error at <...>/output/build/qt6base-6.8.1/cmake/QtToolHelpers.cmake:768 (message):
  Failed to find the host tool "Qt6::qhelpgenerator".  It is part of the
  Qt6ToolsTools package, but the package did not contain the tool.  Make sure
  that the host module Tools was built with all features enabled (no
  explicitly disabled tools).
Call Stack (most recent call first):
  <...>/buildroot/output/build/qt6base-6.8.1/cmake/QtToolHelpers.cmake:83 (qt_internal_find_tool)
  src/assistant/qhelpgenerator/CMakeLists.txt:9 (qt_internal_add_tool)

The following defconfig triggers a target assistant build, without
building the necessary qhelpgenerator host tool. See:
https://code.qt.io/cgit/qt/qttools.git/tree/configure.cmake?h=6.8.1#n45
https://code.qt.io/cgit/qt/qttools.git/tree/src/assistant/CMakeLists.txt?h=6.8.1#n4
https://code.qt.io/cgit/qt/qttools.git/tree/src/assistant/CMakeLists.txt?h=6.8.1#n21

BR2_arm=y
BR2_cortex_a9=y
BR2_ARM_ENABLE_VFP=y
BR2_TOOLCHAIN_EXTERNAL=y
BR2_TOOLCHAIN_EXTERNAL_BOOTLIN=y
BR2_TOOLCHAIN_EXTERNAL_BOOTLIN_ARMV7_EABIHF_MUSL_STABLE=y
BR2_PACKAGE_QT6=y
BR2_PACKAGE_QT6BASE_GUI=y
BR2_PACKAGE_QT6BASE_PNG=y
BR2_PACKAGE_QT6BASE_PRINTSUPPORT=y
BR2_PACKAGE_QT6BASE_SQL=y
BR2_PACKAGE_QT6BASE_SQLITE=y
BR2_PACKAGE_QT6BASE_WIDGETS=y
BR2_PACKAGE_QT6TOOLS=y

Signed-off-by: Roy Kollen Svendsen <roykollensvendsen@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-06-04 20:40:00 +02:00
Daniel Lang f1b759d34a package/ninja: ignore CVE-2021-4336
CVE is filed against a different project.

Signed-off-by: Daniel Lang <dalang@gmx.at>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-06-04 20:15:14 +02:00
Marcus Hoffmann bdcc1299cc package/python-django: security bump to 5.2.2
Django 5.2.2 fixes a security issue with severity “low” and several bugs in 5.2.1.

Fixes: CVE-2025-48432: Potential log injection via unescaped request path

Full Release notes:
https://docs.djangoproject.com/en/5.2/releases/5.2.2/

Signed-off-by: Marcus Hoffmann <buildroot@bubu1.eu>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-06-04 19:03:39 +02:00
Dario Binacchi 0f99f5def9 package/armadillo: bump to version 14.4.3
Release notes:
https://arma.sourceforge.net/docs.html#changelog

Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-06-04 15:33:04 +02:00
Peter Seiderer 77d6929804 package/mongoose: fix openssl/mbedtls support
Since version bump to 7.12 (upstream commit [1]) the openssl/mbedtls support
defines changed from MG_ENABLE_OPENSSL/MG_ENABLE_MBEDTLS to
MG_TLS=MG_TLS_OPENSSL and MG_TLS=MG_TLS_MBED.

[1] https://github.com/cesanta/mongoose/commit/0613cc62f4dbec6beb76e9ddece60d52171585c0

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-06-04 15:23:40 +02:00
Kadambini Nema fe73ae0905 package/hwdata: bump version to 0.396
Release notes:
https://github.com/vcrhonek/hwdata/releases/tag/v0.396

Changelog:
https://github.com/vcrhonek/hwdata/compare/v0.395...v0.396

Signed-off-by: Kadambini Nema <kadambini.nema@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-06-04 15:16:59 +02:00
Kadambini Nema e34b75aeeb package/dhcpcd: bump version to 10.2.4
Release notes:
https://github.com/NetworkConfiguration/dhcpcd/releases/tag/v10.2.4

Signed-off-by: Kadambini Nema <kadambini.nema@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-06-04 15:16:54 +02:00
Peter Korsgaard e6567881e4 package/libcurl: drop _GNU_SOURCE workaround
This was needed for 8.14.0, but got fixed in 8.14.1 with:

https://github.com/curl/curl/issues/17512

So drop it again.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-06-04 15:14:35 +02:00
Kadambini Nema 1dfe081a19 package/libcurl: security bump to version 8.14.1
Fixes the following security issues:
- CVE-2025-5025:
  No QUIC certificate pinning with wolfSSL.
  https://curl.se/docs/CVE-2025-5025.html

- CVE-2025-4947:
  QUIC certificate check skip with wolfSSL.
  https://curl.se/docs/CVE-2025-4947.html

- CVE-2025-5399:
  WebSocket endless loop
  https://curl.se/docs/CVE-2025-5399.html

Changelog:
https://curl.se/ch/8.14.0.html
https://curl.se/ch/8.14.1.html

Signed-off-by: Kadambini Nema <kadambini.nema@gmail.com>
[Peter: bump to 8.14.1 instead]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-06-04 14:56:21 +02:00
Daniel Lang e5865fec7e package/exim: drop stale CVE-2022-3559
The CVE database was updated and includes the additional "up to
(including) 4.97" version information.

Signed-off-by: Daniel Lang <dalang@gmx.at>
Reviewed-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-06-03 22:26:38 +02:00
Titouan Christophe 3c874e1a94 package/redis: security bump to v8.0.2
Among other things, this fixes the following CVE:

- CVE-2025-27151: redis-check-aof may lead to stack overflow and potential RCE
                  see https://www.cve.org/CVERecord?id=CVE-2025-27151

The license hash changed, because Redis 8.0.0 mistakenly included the text
of the GPLv3 instead of the AGPLv3, which has been fixed in 8.0.1

See the full changelog here:
https://github.com/redis/redis/blob/8.0.2/00-RELEASENOTES

Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-06-03 22:26:09 +02:00
Petr Vorel fe4533fd0d package/iputils: security bump version to 20250602
https://github.com/iputils/iputils/releases/tag/20250602

Security release, fixes CVE-2025-47268 and CVE-2025-48964.

https://www.cve.org/CVERecord?id=CVE-2025-47268
https://www.cve.org/CVERecord?id=CVE-2025-48964

Signed-off-by: Petr Vorel <petr.vorel@gmail.com>
[Julien:
 - add "security" mention in commit log title
 - add link to CVEs
]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-02 21:59:47 +02:00
Daniel Lang 64203d87ac package/llvm-project/clang: remove merge artifacts
Fixes:
    e29dae10 ("package/llvm-project: bump to version 20.1.5")

Signed-off-by: Daniel Lang <dalang@gmx.at>
Reviewed-by: El Mehdi YOUNES <elmehdi.younes@smile.fr>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-02 21:31:09 +02:00
Adam Duskett ccfa9f40b8 package/sysvinit: bump to version 3.14
The biggest change for 3.14 is the maximum inittab entry size has increased
from 127 charachters to 253 characters long AND it logs a warning when a line
longer than this is found AND it refuses to run a line longer than 253
characters. It doesn't truncate too-long lines anymore, it just drops them.

Changelog: https://github.com/slicer69/sysvinit/releases/tag/3.14
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-01 23:40:55 +02:00
Adam Duskett 7d8d48cd2b package/systemd: bump to version 257.5
Noteable changes:
  - Add -Dipe=false and -Dsysupdated=disabled as defaults to CONF_OPTS and
    HOST_CONF_OPTS. If another user has a use for either, they can submit a
    patch at a later date.

  - systemd-networkd now requires kernel >= 5.4 due to the inclusion of the
    sockios.h header, which uses the SIOCGSTAMP_OLD macro. This macro was first
    introduced in kernel 5.2, but the official README recommends 5.4 as a
    baseline, so stick with that. Due to this change:
      - systemd-networkd now depends on BR2_TOOLCHAIN_HEADERS_AT_LEAST_5_4
      - default y only if BR2_TOOLCHAIN_HEADERS_AT_LEAST_5_4
      - Add a section in migrating.adoc about the new requirement

  - The sha256sum of README.md changed due to the addition of some CentOS CI
    lines.

  - Add the new license file LICENSES/alg-sha1-public-domain.txt.

For change log, see:
https://github.com/systemd/systemd/blob/v257.5/NEWS

Tested with `./utils/test-pkg -p systemd -a`
40 builds, 28 skipped, 0 build failed, 0 legal-info failed, 0 show-info failed

Tested with `./support/testing/run-tests tests.init.test_systemd`
All tests passed

Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Reviewed-by: Marcus Hoffmann <buildroot@bubu1.eu>
[Julien: add link to change log in commit log]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-01 22:45:40 +02:00
Marcus Hoffmann 18a4a48255 package/python-sdbus-modemmanager: new runtime test
Signed-off-by: Marcus Hoffmann <buildroot@bubu1.eu>
[Julien: fix check-package errors]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-01 18:31:39 +02:00
Marcus Hoffmann c80d4ca76d package/python-sdbus-modemmanager: new package
Signed-off-by: Marcus Hoffmann <buildroot@bubu1.eu>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-01 18:07:08 +02:00
Florian Larysch 521920831c package/easyframes: fix CMake 4.0 compatibility
Import the cmake_minimum_required bump from the upstream master branch.

Fixes: https://autobuild.buildroot.org/results/3fe/3fe0973cad67641d880c460a1fef859443e8a10b

Signed-off-by: Florian Larysch <fl@n621.de>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-01 17:51:56 +02:00
Julien Olivain 9d3b9d2220 support/testing: add tree runtime test
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-01 17:50:42 +02:00
Stephan Henningsen 577c08ca25 package/lvm2: bump to version 2.03.31
This includes, amongst other things, the restoration of support
for LVM_SUPPRESS_FD_WARNINGS.

For change log, see:
https://gitlab.com/lvmteam/lvm2/-/blob/v2_03_31/WHATS_NEW

Signed-off-by: Stephan Henningsen <stephan@asklandd.dk>
[Julien: add link to change log]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-01 16:52:59 +02:00
Stephan Henningsen 4ee0195241 package/busybox: fix path for crond binary in S50crond during stop
Signed-off-by: Stephan Henningsen <stephan+buildroot@asklandd.dk>
Signed-off-by: Stephan Henningsen <stephan@asklandd.dk>
Reviewed-by: Fiona Klute <fiona.klute@gmx.de>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-06-01 16:47:51 +02:00
Alex Bennée b877b8379f testing: drop unneeded vga/vnc stanzas from QEMU invocation
The aarch64 virt platform doesn't have any default VGA devices so we
don't need to configure them here.

Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-31 23:52:11 +02:00
Fiona Klute (WIWA) 9357dc5694 package/python-{dunamai, poetry-dynamic-versioning}: remove packages
Both packages where added as host-only dependencies to build
package/python-aiomqtt, and are not used by any other package. With
aiomqtt switching to hatchling they are not needed any more.

Signed-off-by: Fiona Klute (WIWA) <fiona.klute@gmx.de>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-31 22:42:25 +02:00
Fiona Klute (WIWA) 71c8ca7578 package/python-aiomqtt: bump version to 2.4.0
Aiomqtt switched its build system to hatchling with 2.3.1, change
PYTHON_AIOMQTT_SETUP_TYPE and dependencies accordingly.

Signed-off-by: Fiona Klute (WIWA) <fiona.klute@gmx.de>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-31 22:41:50 +02:00
Kadambini Nema 7c2e499343 package/hidapi: bump to version 0.15.0
Release notes:
https://github.com/libusb/hidapi/releases/tag/hidapi-0.15.0

Signed-off-by: Kadambini Nema <kadambini.nema@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-31 12:40:55 +02:00
Kadambini Nema c64e397f47 package/msmtp: bump version to 1.8.29
Release notes:
https://marlam.de/msmtp/news/msmtp-1-8-29/

Signed-off-by: Kadambini Nema <kadambini.nema@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-31 12:40:25 +02:00
Kadambini Nema c12e81951d package/tree: bump to version 2.2.1
Changelog:
https://github.com/Old-Man-Programmer/tree/blob/2.2.1/CHANGES

Signed-off-by: Kadambini Nema <kadambini.nema@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-31 12:36:01 +02:00
Kanak Shilledar 52e1049491 package/sipeed-lpi4abin: upgrade to newer version
One single commit upstream:

    sbi: add debian prebuilt v1.6 & remove vendor 0.9 sbi & update mainline opensbi

      * mainline opensbi commit: 140844b3bd4a6f2919ccd2ff5e93c6222a4f71fb
      * mainline opensbi-h commit: 83f3e406cf48a0228c0e0738758d48ccfcbb6ae9

Signed-off-by: Kanak Shilledar <kanakshilledar111@protonmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-05-31 10:34:12 +02:00
Adam Duskett b9a9930de0 package/polkit: bump version to 126
Drop the -Djs_engine=duktape option as mozjs support has been removed entirely
and as such, the option no longer exists.

Tested with `./support/testing/run-tests tests.package.test_polkit`
Both tests pass.

Also tested with `./utils/test-pkg -p polkit -a`
40 builds, 8 skipped, 0 build failed, 0 legal-info failed, 0 show-info failed

Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-05-31 10:25:02 +02:00
Scott Fan 5cff68d42c package/timescaledb: bump version to 2.20.0
Release notes: https://github.com/timescale/timescaledb/blob/2.20.0/CHANGELOG.md

Add the PG_PATH variable to ensure that CMake can find the "pg_config" program.
Otherwise, the following error will be reported.
CMake Error at CMakeLists.txt:85 (message):
  Unable to find 'pg_config'

Signed-off-by: Scott Fan <fancp2007@gmail.com>
Reviewed-by: Maxim Kochetkov <fido_max@inbox.ru>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-05-30 21:52:43 +02:00
Titouan Christophe 2c87a81dec package/python-tornado: bump to version 6.5
Read the full changelog:
https://github.com/tornadoweb/tornado/releases/tag/v6.5.0

Drop patch that was backport of an upstream fix for a CVE.

Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-05-30 21:51:14 +02:00
Titouan Christophe dbc64cb4e5 package/python-tornado: apply security patch for CVE-2025-47287
This fixes the following CVE:
- CVE-2025-47287: When Tornado's ``multipart/form-data`` parser encounters
                  certain errors, it logs a warning but continues trying to
                  parse the remainder of the data. This allows remote
                  attackers to generate an extremely high volume of logs,
                  constituting a DoS attack.

Fixes:
https://www.cve.org/CVERecord?id=CVE-2025-47287

Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
[Julien: reword commit log]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-30 21:49:50 +02:00
Fiona Klute (WIWA) 5e7fc6a3e6 package/libglib2: bump version to 2.84.2
This is the current bug fix release on the 2.84 branch, upstream
changelog:
https://gitlab.gnome.org/GNOME/glib/-/blob/2.84.2/NEWS?ref_type=tags

Signed-off-by: Fiona Klute (WIWA) <fiona.klute@gmx.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-05-30 21:44:30 +02:00
Fiona Klute (WIWA) 5ef6f9496e package/gobject-introspection: bump version to 1.84.0
GOI now has a build option to disable tests [1], so use that and drop
the "disable tests" patch.

Meson now checks LD_LIBRARY_PATH during configure and sets the result
when calling g-ir-scanner [2]. This means overriding it in _NINJA_ENV
does not work any more, set LD_LIBRARY_PATH in _CONF_ENV instead.

The hash for giscanner/scannerlexer.l changed due to small code
additions.

Upstream changelog:
https://gitlab.gnome.org/GNOME/gobject-introspection/-/blob/1.84.0/NEWS?ref_type=tags

[1] https://gitlab.gnome.org/GNOME/gobject-introspection/-/commit/3e41addbd0f22024f63cc9c3fbef04ca16f05364
[2] https://gitlab.gnome.org/GNOME/gobject-introspection/-/commit/d3f684559facd0edc368e3ac6db95b16e28ed743

Signed-off-by: Fiona Klute (WIWA) <fiona.klute@gmx.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-05-30 21:43:36 +02:00
Fiona Klute (WIWA) 43fe686bd2 package/python-gobject: bump version to 3.52.3
Upstream changelog:
https://gitlab.gnome.org/GNOME/pygobject/-/blob/3.52.3/NEWS?ref_type=tags

Patch updated to the version that applies to 3.52.3.

Signed-off-by: Fiona Klute (WIWA) <fiona.klute@gmx.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-05-30 21:42:21 +02:00
Fiona Klute (WIWA) 3866fb3bed package/python-gobject: fix event source registration with Python 3.13
Since Python 3.13 BaseSelectorEventLoop.add_reader() and
BaseSelectorEventLoop.add_writer() use the mapping returned by
selector.get_map() to detect if a file object is already
registered. This fails with the implementation in gi.events._Selector
if some calls use a file object, and others the raw file descriptor.

Full upstream bug report:
https://gitlab.gnome.org/GNOME/pygobject/-/issues/689

This bug breaks package/python-aiomqtt, because its client object uses
file objects in some places for the connection socket, and the file
descriptor in others. The result is that the connection attempt times
out because source registration fails, and the Future that marks
successful connection never resolves.

This commit adds the fix as backported to PyGObject 3.50 [1] so it can
be cherry-picked to Buildroot stable versions using that version.

[1] https://gitlab.gnome.org/GNOME/pygobject/-/merge_requests/423

Signed-off-by: Fiona Klute (WIWA) <fiona.klute@gmx.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-05-30 21:41:12 +02:00
Fiona Klute (WIWA) c5f9f6da9d package/python-gobject: fix event source registration with Python 3.13
Since Python 3.13 BaseSelectorEventLoop.add_reader() and
BaseSelectorEventLoop.add_writer() use the mapping returned by
selector.get_map() to detect if a file object is already
registered. This fails with the implementation in gi.events._Selector
if some calls use a file object, and others the raw file descriptor.

Full upstream bug report:
https://gitlab.gnome.org/GNOME/pygobject/-/issues/689

This bug breaks package/python-aiomqtt, because its client object uses
file objects in some places for the connection socket, and the file
descriptor in others. The result is that the connection attempt times
out because source registration fails, and the Future that marks
successful connection never resolves.

This commit adds the fix as backported to PyGObject 3.50 [1] so it can
be cherry-picked to Buildroot stable versions using that version.

[1] https://gitlab.gnome.org/GNOME/pygobject/-/merge_requests/423

Signed-off-by: Fiona Klute (WIWA) <fiona.klute@gmx.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-05-30 21:40:33 +02:00
Julien Olivain 22e25b6d4c package/fwts: bump to version 25.05.00
See release announce:
https://lists.ubuntu.com/archives/fwts-devel/2025-May/014005.html

Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-05-30 21:36:58 +02:00
Neal Frager 4850405d8a package/bootgen: bump to xilinx_v2025.1
Bump bootgen to xilinx_v2025.1 release.

With version 2025.1, bootgen executable is now in the build/bin dir, so
the install step is changed accordingly.

The LICENSE file hash has changed as it was converted from DOS end of
lines to Unix end of lines.

Signed-off-by: Neal Frager <neal.frager@amd.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-05-30 21:35:44 +02:00
Julien Olivain de374e06d8 arch/arm: add the Cortex-A720 core
This commit adds the Cortex-A720 core, which is a armv9.2a ISA.
See: [1] [2].

This CPU support was added in GCC 14. See [3] [4].

Cortex-A720 processors are included in boards such as the
Radxa Orion O6. See [5].

This CPU supports Aarch64 only at all exception levels (EL0 to EL3).

[1] https://developer.arm.com/Processors/Cortex-A720
[2] https://developer.arm.com/documentation/102530/0002/The-Cortex-A720--core/Cortex-A720--core-features
[3] https://gcc.gnu.org/gcc-14/changes.html#aarch64
[4] https://gcc.gnu.org/git/?p=gcc.git;a=blob;f=gcc/config/aarch64/aarch64-cores.def;hb=releases/gcc-14.1.0#l180
[5] https://radxa.com/products/orion/o6/

Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-05-30 21:31:37 +02:00
James Hilliard 6f33d59ef7 package/python-tortoise-orm: bump to version 0.25.0
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-30 00:12:07 +02:00
James Hilliard 0c229c01be package/python-aerich: bump to version 0.9.0
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-30 00:11:45 +02:00
Yegor Yefremov d8173e084e package/libftdi1: bump to version v1.5-48-g22b4667a8
As the project doesn't have frequent releases, switch to git to avoid
the piling of patches.

The latest git version bumps the minimum CMake version (which fixes
builds with host-cmake >= 4.0) and adds SWIG 4.3 compatibility.

For change log, see:
http://developer.intra2net.com/git/?p=libftdi;a=shortlog;h=22b4667a8c3bc483494ba735ba4ae4d5cb8a0f03

Fixes:
https://autobuild.buildroot.org/results/188811e73dd52eed3c66d7efb590165e4340fc30/

Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
[Julien:
 - use "git describe --abbrev=40" format in _VERSION
 - add link to git shortlog in commit log
]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-29 23:43:08 +02:00
Giulio Benetti ec361e7d10 package/rtl8723ds: fix build failure with Linux 6.14
Add local patch pending upstream to fix build failure with Linux 6.14

Fixes:
https://autobuild.buildroot.org/results/f6421f9669934686e1ff881b9618198afc9e1259/

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-29 23:13:44 +02:00
Arnout Vandecappelle 2b2120dc4a package/qt5/qt5webengine: fix thumb detection logic
Add a patch that removes part of the logic that attempts to detect if
thumb is supported. This logic simply doesn't work at all in the
Buildroot context. In fact, thumb is supported on all 32-bit ARM on
which we can build qt5webengine.

Fixes:
WARNING: Thumb instruction set is required to build ffmpeg for QtWebEngine.
[...]
FAILED: obj/third_party/ffmpeg/ffmpeg_internal/vp8.o
[...] -c ../../3rdparty/chromium/third_party/ffmpeg/libavcodec/vp8.c -o obj/third_party/ffmpeg/ffmpeg_internal/vp8.o
{standard input}: Assembler messages:
{standard input}:1119: Error: bad instruction `ldrhcs r0,[ip],#2'
{standard input}:1156: Error: bad instruction `ldrhcs r9,[ip],#2'
{standard input}:1190: Error: bad instruction `ldrhcs lr,[ip],#2'
{standard input}:1253: Error: bad instruction `ldrhcs r9,[r7],#2'
[...]

Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
Cc: Gaël PORTAY <gael.portay@rtone.fr>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-29 21:20:58 +02:00
Arnout Vandecappelle c9ae932c94 package/qt5/qt5webengine-chromium: fix build with host GCC 15
Ideally we should update our version of qt5webengine-chromium first,
we're more than 600 commits behind on the stable branch from KDE.
However, this is a quick fix solution that allows us to build the
current state in Fedora 42.

Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-29 21:20:58 +02:00
Arnout Vandecappelle 1495863b98 package/qt5/qt5declarative: fix build with GCC 15
Add a patch that adds missing #include statements, which becomes an
error in GCC 15.

Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-29 21:20:58 +02:00
Giulio Benetti 2688f40ffb package/libnss: bump version to 3.112
For release note, see:
https://hg-edge.mozilla.org/projects/nss/file/tip/doc/rst/releases/nss_3_112.rst

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-28 22:31:49 +02:00
Julien Olivain 305c40613c package/bpftrace: bump version to 0.23.3
For change log since 0.19.1, see:
https://github.com/bpftrace/bpftrace/blob/v0.23.3/CHANGELOG.md

Note that since commit [1] updating llvm to 20.1.5, bpftrace is
failing to build at configuration time, with error message:

    CMake Error at CMakeLists.txt:184 (message):
      Unsupported LLVM version found via
      /buildroot/output/host/aarch64-buildroot-linux-gnu/sysroot/usr/include:
      20

    CMake Error at CMakeLists.txt:185 (message):
      Only versions between 6 and 17 are supported

This is because bpftrace version 0.19.1 does not support this
newer llvm version. This update to bpftrace to 0.23.3 resolve this
issue.

[1] https://gitlab.com/buildroot.org/buildroot/-/commit/e29dae109a217636381acd4f7be615a8744fe675

Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-28 22:30:26 +02:00
Kadambini Nema 760b9b73e0 package/whois: bump to version 5.6.1
Changelog:
https://github.com/rfc1036/whois/blob/v5.6.1/debian/changelog

Signed-off-by: Kadambini Nema <kadambini.nema@gmail.com>
[Julien: remove _SITE trailing slash]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-28 22:26:24 +02:00
Kadambini Nema b89c274f51 package/iproute2: bump to version 6.15.0
Release announcement:
https://lore.kernel.org/netdev/20250526140140.38ba5578@hermes.local/

Changelog:
https://github.com/iproute2/iproute2/compare/v6.14.0...v6.15.0

Drop 0001-nstat-NULL-Dereference-when-no-entries-specified.patch
Upstream commit - https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/commit/?id=866e1d107b7de68ca1fcd1d4d5ffecf9d96bff30

Signed-off-by: Kadambini Nema <kadambini.nema@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-28 22:24:12 +02:00
Kadambini Nema f6746c6334 package/ustreamer: bump version to 6.37
Changelog:
https://github.com/pikvm/ustreamer/compare/v6.36...v6.37

Signed-off-by: Kadambini Nema <kadambini.nema@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-28 22:21:55 +02:00
Peter Korsgaard 1bdb79ba78 Update for 2025.05-rc2
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-05-28 22:05:47 +02:00
Marcus Hoffmann 2fc34cea2e package/python-pydantic: bump to version 2.11.5
Bugfix release for 2.11:
https://docs.pydantic.dev/latest/changelog/#v2115-2025-05-22

Signed-off-by: Marcus Hoffmann <buildroot@bubu1.eu>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-28 21:57:35 +02:00
Marcus Hoffmann e05648d133 package/python-pydantic-core: downgrade to 2.33.2 to sync with pydantic
pydantic pins an exact version of pydantic-core in it's pyproject.toml
[1]. This was missed during the last pydantic bump where pydantic-core
was erroneously updated to the latest release instead, in commit [2]
and [3].

Modify the pydantic runtime test to catch this error in the future.

[1] https://github.com/pydantic/pydantic/blob/v2.11.4/pyproject.toml#L49
[2] https://gitlab.com/buildroot.org/buildroot/-/commit/e1c939e4269130fd0ef857c63a0f752f9e5c13ec
[3] https://gitlab.com/buildroot.org/buildroot/-/commit/e42de820cd598d6ed7045fd4f06aa1429a359e05

Signed-off-by: Marcus Hoffmann <buildroot@bubu1.eu>
[Julien: add reference to commits introducing the issue]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-28 21:57:35 +02:00
Julien Olivain 0839545a9b support/testing: test_timezone: fix test by setting a fixed time
Since Buildroot commit [1], the runtime test emulator infra is setting
the emulated system date to the host date.

While this is desired in general, this behaviour is introducing a
variability in the test execution. Depending if the test is executed
during winter or summer time, the output of the command "date +%Z"
will produce a different output.

This commit fixes the issue by setting a fixed date and time on the
emulated system. The date is fixed to Unix Epoch plus one hour. This
is because Linux cannot set the system date to a value less than the
system uptime. So we cannot set the time back to Unix Epoch with the
command "date -s @0" (this would result to a EINVAL Invalid argument).

Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/9922589073
https://gitlab.com/buildroot.org/buildroot/-/jobs/9922589081

[1] https://gitlab.com/buildroot.org/buildroot/-/commit/cf8641b73e7f1577637bfef0ece78dd519b25d19

Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-28 21:54:10 +02:00
Dario Binacchi 43dcaa19a0 board: bsh: imx8mn-bsh-smm-s2: fix U-Boot startup
Commit e3329a1e82 ("configs/imx8mn_bsh_smm_s2[_pro]: bump Linux to
6.12.23 and U-Boot to 2025.04") broke the U-Boot boot process on the
BSH SMM S2 board. I didn’t notice it because I mistakenly tested the
patch on the SMM S2PRO board, which boots from eMMC instead of NAND.
Next time, I won’t forget to test on both boards :).

Fixes: e3329a1e82 ("configs/imx8mn_bsh_smm_s2[_pro]: bump Linux to 6.12.23 and U-Boot to 2025.04")
Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-28 21:54:10 +02:00
Peter Korsgaard c9355a3869 package/libcamera: correct build directory for IPA stripping
Commit 4e95062f8 ("package/pkg-meson: use buildroot-build for build
directory") changed the build directory for meson packages to
'buildroot-build', so update the find invocation to match.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-05-28 21:52:30 +02:00
Heiko Thiery 55979f081d package/kmsxx: fix meson build directory for extra tools
Commit 4e95062f8 ("package/pkg-meson: use buildroot-build for build directory")
changed the build directory for meson packages to 'buildroot-build'.
Thus accessing the build directory for installing the extra utils needs
to be adopted to this directory. Otherwise the install will fail when
BR2_PACKAGE_KMSXX_INSTALL_TESTS is enabled.

Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-05-28 21:52:29 +02:00
James Hilliard b6b96b7bdc package/systemd: fix systemd-boot installation
When the meson build directory was changed to buildroot-build in
4e95062f82 we forgot to update the
install path for the systemd-boot efi binary.

Fixes:
/usr/bin/install: cannot stat '/home/buildroot/buildroot/output/build/systemd-256.7/build/src/boot/efi/systemd-bootx64.efi': No such file or directory

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-05-28 21:52:28 +02:00
Thomas Petazzoni a9bfc39660 package/{atkmm, atmm2_28, gtkmm3, libglade}: propagate at-spi2-core dependencies
Since commit d1757fdfb0, at-spi2-core
depends on !BR2_STATIC_LIBS, but this wasn't properly propagated to
reverse dependencies, so let's do this propagation now.

Fixes the following warning:

WARNING: unmet direct dependencies detected for BR2_PACKAGE_AT_SPI2_CORE
  Depends on [n]: BR2_TOOLCHAIN_HAS_THREADS [=y] && BR2_USE_MMU [=y] && BR2_USE_WCHAR [=y] && !BR2_STATIC_LIBS [=y]
  Selected by [y]:
  - BR2_PACKAGE_ATKMM [=y] && BR2_INSTALL_LIBSTDCPP [=y] && BR2_TOOLCHAIN_GCC_AT_LEAST_7 [=y] && BR2_TOOLCHAIN_HAS_THREADS [=y] && BR2_USE_MMU [=y] && BR2_USE_WCHAR [=y]

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-05-28 21:52:27 +02:00
Thomas Petazzoni 4e7ac190e2 package/sane-airscan: propagate dependencies of selects
When the sane-airscan package was introduced in
f78280bf26, the depends on of options
that is selects were not properly accounted for, so let's fix this.

Fixes:

WARNING: unmet direct dependencies detected for BR2_PACKAGE_GNUTLS
  Depends on [n]: !BR2_STATIC_LIBS [=n] && BR2_USE_WCHAR [=n]
  Selected by [y]:
  - BR2_PACKAGE_SANE_AIRSCAN [=y]

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-05-28 21:52:27 +02:00
Thomas Petazzoni f7d11b87d4 package/python-flask-restx: add missing depends on
Since the package was introduced in commit
02de349895, it selects
BR2_PACKAGE_PYTHON_JSONSCHEMA without taking care of its dependencies,
causing the following warning:

WARNING: unmet direct dependencies detected for BR2_PACKAGE_PYTHON_JSONSCHEMA
  Depends on [n]: BR2_PACKAGE_PYTHON3 [=y] && BR2_PACKAGE_HOST_RUSTC_TARGET_ARCH_SUPPORTS [=n]
  Selected by [y]:
  - BR2_PACKAGE_PYTHON_FLASK_RESTX [=y] && BR2_PACKAGE_PYTHON3 [=y]

Fix this by adding the missing depends on.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-05-28 21:52:26 +02:00
Thomas Bonnefille d93448fe25 package/gmrender-resurrect: bump to version 0.3
Version 0.3 (and 0.2) of gmrender-resurrect bring some bugfixes.
For release notes since v0.1, see:
https://github.com/hzeller/gmrender-resurrect/releases/tag/v0.3
https://github.com/hzeller/gmrender-resurrect/releases/tag/v0.2

Fixes:
    https://autobuild.buildroot.org/results/1e1/1e1e5a494bf1ca5ba920c4e06a1affff4ad61033//

Signed-off-by: Thomas Bonnefille <thomas.bonnefille@bootlin.com>
[Julien: add links to release notes]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-28 21:47:26 +02:00
Yann E. MORIN 2fb527fcf9 package/uacme: drop unneeded autoreconf
Commit 8c9c1222b7 (package/uacme: bump version to 1.7.6) bumperd the
version to 1.7.6 which includes the patch we carried, so the patch was
dropped, but the corresponding autoreconf was not.

Do so now.

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Nicola Di Lieto <nicola.dilieto@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-05-28 20:48:05 +02:00
Julien Olivain bd9a6c2b36 package/esp-hosted: fix legal-info
The esp-hosted package was introduced in [1] defining the variable
ESP_HOSTED_LICENSE_FILE (singular). The name should be
ESP_HOSTED_LICENSE_FILES (plural). This typo makes the license file
being ignored during a "make legal-info" which shows a warning at
the end:

    WARNING: esp-hosted-9a2312b0b: cannot save license (ESP_HOSTED_LICENSE_FILES not defined)

Fixing the variable name also reveals the license file path was
incorrect. The "esp_hosted_ng/host/" directory prefix is missing.
Finally, setting the correct path shows the hash was wrong (it was
the hash of the Apache-2.0 [2] file, which corresponds to another
unused code portion). So the license file hash is also changed to
correspond to the correct GPL-2.0 license file.

This commit fixes all the needed esp-hosted legal-info.

[1] https://gitlab.com/buildroot.org/buildroot/-/commit/7b2e5e6550aed4f79461919c6a59e00741eb4b11
[2] https://github.com/espressif/esp-hosted/blob/release/ng-v1.0.4.0.0/LICENSES/Apache-2.0

Cc: Giulio Benetti <giulio.benetti@benettiengineering.com>
Reviewed-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-27 21:48:58 +02:00
Kadambini Nema 119c72cf3a package/strace: bump version to 6.15
Release notes:
https://github.com/strace/strace/releases/tag/v6.15

Signed-off-by: Kadambini Nema <kadambini.nema@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-27 20:53:23 +02:00
Titouan Christophe 9d92c7e3ff package/assimp: apply security patches for CVE-2025-3015, 3016
Fixes the following CVEs:
- CVE-2025-3015: A vulnerability classified as critical has been found in
                 Open Asset Import Library Assimp 5.4.3. This affects the
                 function Assimp::ASEImporter::BuildUniqueRepresentation of
                 the file code/AssetLib/ASE/ASELoader.cpp of the component
                 ASE File Handler. The manipulation of the argument mIndices
                 leads to out-of-bounds read. It is possible to initiate the
                 attack remotely. The exploit has been disclosed to the
                 public and may be used.
    See: https://www.cve.org/CVERecord?id=CVE-2025-3015

- CVE-2025-3016: A vulnerability classified as problematic was found in
                 Open Asset Import Library Assimp 5.4.3. This vulnerability
                 affects the function Assimp::MDLImporter::ParseTextureColorData
                 of the file code/AssetLib/MDL/MDLMaterialLoader.cpp of the
                 component MDL File Handler. The manipulation of the argument
                 mWidth/mHeight leads to resource consumption.
                 The attack can be initiated remotely
    See: https://www.cve.org/CVERecord?id=CVE-2025-3016

Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-26 22:24:02 +02:00
Florian Larysch 223abaf98a package/lzo: fix CMake 4.0 compatibility
Add a patch to fix lzo builds with CMake 4.0.

Fixes:
 https://autobuild.buildroot.org/results/8d9/8d9cc53d68d93432e6a7bddad0ed3fdaed913da6 (target)
 https://autobuild.buildroot.org/results/aba/aba68e0889b66300f87706e15ff34899d3e1e97f (host)
 (and many more)

Signed-off-by: Florian Larysch <fl@n621.de>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-26 22:15:58 +02:00
Dario Binacchi 6788f3d26c package/uuu: fix gcc-15 compile errors
Fix the following compilation errors:

In file included from /workdir/instance-0/output-1/build/host-uuu-1.5.201/libuuu/sdps.cpp:32:
/workdir/instance-0/output-1/build/host-uuu-1.5.201/libuuu/sdps.h:52:9: error: 'uint32_t' does not name a type
   52 |         uint32_t m_offset = 0;
      |         ^~~~~~~~
/workdir/instance-0/output-1/build/host-uuu-1.5.201/libuuu/sdps.h:33:1: note: 'uint32_t' is defined in header '<cstdint>'; this is probably fixable by adding '#include <cstdint>'
   32 | #include "cmd.h"
  +++ |+#include <cstdint>
   33 |
/workdir/instance-0/output-1/build/host-uuu-1.5.201/libuuu/sdps.h:53:9: error: 'uint64_t' does not name a type
   53 |         uint64_t m_scan_limited = UINT64_MAX;
      |         ^~~~~~~~
/workdir/instance-0/output-1/build/host-uuu-1.5.201/libuuu/sdps.h:53:9: note: 'uint64_t' is defined in header '<cstdint>'; this is probably fixable by adding '#include <cstdint>'
/workdir/instance-0/output-1/build/host-uuu-1.5.201/libuuu/sdps.h: In constructor 'SDPSCmd::SDPSCmd(char*)':
/workdir/instance-0/output-1/build/host-uuu-1.5.201/libuuu/sdps.h:41:47: error: 'm_offset' was not declared in this scope
   41 |                 insert_param_info("-offset", &m_offset, Param::Type::e_uint32);

Fixes:
- https://autobuild.buildroot.org/results/b7b/b7bd052a0137a2e2d5606d66a0dc563789999364/
- https://autobuild.buildroot.org/results/350/3500f573427545e51bfc4fc708f769966d95bf1e/
- https://autobuild.buildroot.org/results/6dc/6dc2b0585e8e1900e5a977cd0b9e26b2ee1e90d4/
- https://autobuild.buildroot.org/results/d1f/d1f82cae003cddefae0c49f673768cd8601449f2/
- https://autobuild.buildroot.org/results/9ed/9edc245d0a03089812d631708a4294ff293a461d/

Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-26 22:11:30 +02:00
Florian Larysch 48c5ae7395 package/libusbgx: bump to version 0.3.0
After a long time, upstream has made an actual release, which also
contains a number of bugfixes/improvements. Switch to it instead of
using a random git commit.

Changelog: https://github.com/linux-usb-gadgets/libusbgx/releases/tag/libusbgx-v0.3.0

Signed-off-by: Florian Larysch <larysch@fixme.gmbh>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-26 21:44:04 +02:00
Michael Nosthoff ae61cc15d9 package/sqlitecpp: bump to version 3.3.3
- fixes a build issue with gcc-15
- license hash updated due to year change

Release Notes: https://github.com/SRombauts/SQLiteCpp/releases/tag/3.3.3

Signed-off-by: Michael Nosthoff <buildroot@heine.tech>
[Julien: add missing "Signed-off-by:"]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-26 21:40:09 +02:00
Florian Larysch 980b8c7e54 package/libssh2: bump to version 1.11.1
Release notes: https://libssh2.org/changes.html#1.11.1

Among other things, this release includes the patches previously carried
by Buildroot and also has fixes for build issues with mbedTLS 3.6.x. It
also includes a purely cosmetic copyright bump[1].

Builds with test-pkg against all three crypto providers.

Fixes: https://autobuild.buildroot.org/results/306/30699f986c6bcd1ab247d92c4ba0999f09aa226f

[1] https://github.com/libssh2/libssh2/commit/187d89bb0740400e8fa0b5f1441d089392797f53

Signed-off-by: Florian Larysch <fl@n621.de>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-26 21:35:54 +02:00
Giulio Benetti 093df42169 package/rtl8821cu: bump to version 2025-05-08
With this version we can build with Linux 6.15.

Fixes:
https://autobuild.buildroot.org/results/b6aed17d0ddbedafc3249850fc0dc92cc240b956/

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-26 21:34:13 +02:00
Giulio Benetti cf8cd11846 package/esp-hosted: bump to version 1.0.4.0.0
Esp-hosted project released a new tarball after almost 3 years where they
only committed patches to git repository. They also defined a template for
releases[1]

Release notes:
https://github.com/espressif/esp-hosted/releases/tag/release%2Fng-v1.0.4.0.0

[1]: https://github.com/espressif/esp-hosted/commit/ced8383c2b8d44b0d15e04dbb424d5a51e7f468c#diff-2e8cb17d6e84161bc5a232fbdf4c0b8893c4330f185c66c564e33ced6ffc864f

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-26 21:30:18 +02:00
Bernd Kuhls 079a66f107 {linux, linux-headers}: bump 5.15.x / 6.{1, 6, 12, 14}.x series
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-25 19:28:18 +02:00
Bernd Kuhls 2f7bcc7dfc package/mesa3d: bump version to 25.1.1
Release notes:
https://lists.freedesktop.org/archives/mesa-announce/2025-May/000804.html
https://lists.freedesktop.org/archives/mesa-announce/2025-May/000802.html

Note: Mesa3d depends on spirv-tools >= 2024.1
https://gitlab.freedesktop.org/mesa/mesa/-/commit/fe8a0d35485c77efdb3c4cb6f176f2b3cbe4c65d
which translates to spirv-tools version 1.3.280.0.

Note: AMD drivers depend on llvm >= 18:
https://gitlab.freedesktop.org/mesa/mesa/-/commit/82047fa82f1bbbbd4f1a9b05c034f79a00d85e31

Removed patch 0001, not needed anymore due to upstream commit
https://gitlab.freedesktop.org/mesa/mesa/-/commit/e4eb5e80c316c0af3fff310ca89e1175d81556c1
which removes the libclc headers include.

Renumbered remaining patches.

Rebased patch 0002 due to upstream commit
https://gitlab.freedesktop.org/mesa/mesa/-/commit/6652eb0ec37e3cc3751928cc8180bac0db95f00f
which renamed meson_options.txt to meson.options.

Panfrost driver depends on llvm:
https://gitlab.freedesktop.org/mesa/mesa/-/commit/20970bcd9652ea8727a307ced9b372fad4b89991
and needs the host tool panfrost_compile which is created by the same
method as mesa_clc needed by the Iris driver. Refactor the dependencies
by introducing a blind option BR2_PACKAGE_MESA3D_NEEDS_PRECOMP_COMPILER
which is selected by either the iris or the panfrost driver.

vtn_bindgen was replaced by vtn_bindgen2:
https://gitlab.freedesktop.org/mesa/mesa/-/commit/6d5375017a516f4281ec0b73748582c56a86057a

OSMesa was removed upstream:
https://gitlab.freedesktop.org/mesa/mesa/-/commit/027ccd963b1f8f288bef4224aedcddc1557e4f8a
Also remove optional osmesa support from mesa3d-demos and wine.
Regarding wine please see this discussion:
https://gitlab.freedesktop.org/mesa/mesa/-/merge_requests/33836#note_2805850

Configure option shared-glapi was removed upstream:
https://gitlab.freedesktop.org/mesa/mesa/-/commit/e5c76088e9e8834aa277777b41604b2463029a09
https://gitlab.freedesktop.org/mesa/mesa/-/commit/fefb1a6fb3cff1b227e835c2f67accd33fb96b2a

Removed deprecated and unused configure options gallium-opencl & power8:
https://gitlab.freedesktop.org/mesa/mesa/-/commit/a0b457aca6cbe94d555ae75864a47bb6a16318a0
https://gitlab.freedesktop.org/mesa/mesa/-/commit/c4b305079d70790ee9d34a25a2f70759ece96f0d

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
[Bernd v3: - bump to 25.1.1, rebase on -next branch, added note about
             impact of osmesa removal on wine]
Signed-off-by: El Mehdi YOUNES <elmehdi.younes@smile.fr>
[Mehdi v2: - removed 0001-meson-Set-proper-value-for-LIBCLC_INCLUDEDIR.patch
           from .checkpackageignore.
           - removed OSMesa from mesa-demos and wine packages.]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-25 19:27:23 +02:00
El Mehdi YOUNES e29dae109a package/llvm-project: bump to version 20.1.5
Release:
https://github.com/llvm/llvm-project/releases/tag/llvmorg-20.1.5

Major Changes and Fixes:

-- CMake 3.20 minimum required

-- Issue encountered during standalone LLVM build:
    CMake Error at CMakeLists.txt:8 (include):
      include could not find requested file:

  This error is due to the line:
    include(${LLVM_COMMON_CMAKE_UTILS}/Modules/CMakePolicy.cmake)

  Upstream commit [1] harmonized policy handling by introducing this shared include
  for all LLVM sub-projects. However, in the LLVM CMakeLists, LLVM_COMMON_CMAKE_UTILS
  is set unconditionally, preventing external override — which is required in
  Buildroot when building from separated archives.

  To solve this:
    We apply a patch to wrap the assignment of LLVM_COMMON_CMAKE_UTILS in an
    `if(NOT DEFINED ...)` block, allowing Buildroot to set the path externally.
    In the `llvm-cmake` package, we also **adjust the installation path** of the
    CMake modules: instead of installing directly into `lib/cmake/llvm`, we now
    install them under `lib/cmake/llvm/Modules` to match the expected layout.

  This ensures that:
    LLVM can include `${LLVM_COMMON_CMAKE_UTILS}/Modules/CMakePolicy.cmake`
    without errors.

-- Also the Clang build system has removed support for
   the GCC_INSTALL_PREFIX option, raising a fatal error when attempting to use it:

   CMake Error at CMakeLists.txt:211 (message):
      GCC_INSTALL_PREFIX is deprecated and will be removed.
      Use configuration files (https://clang.llvm.org/docs/UsersManual.html#configuration-files)
      to specify the default --gcc-install-dir= or --gcc-triple=.
      --gcc-toolchain= is discouraged.
      See https://github.com/llvm/llvm-project/pull/77537
      for details.

   Remove the use of GCC_INSTALL_PREFIX and replace it with a
   Clang configuration file as recommended by upstream.

   A configuration file is now automatically generated at:
   $(HOST_DIR)/lib/clang/$(CLANG_VERSION_MAJOR)/$(GNU_TARGET_NAME).cfg

   It contains:
   --gcc-install-dir=<path to external toolchain's lib/gcc/...>
   --target=<GNU target triplet>

   We dynamically detect the GCC install path by scanning
   $(TOOLCHAIN_EXTERNAL_INSTALL_DIR)/lib/gcc/<target>/<version>/

   The Clang toolchain wrapper was also updated to add --config=<file> when
   BR_CLANG_CONFIG_FILE is defined.

-- Fix LLVM_MAIN_SRC_DIR path:
   set(LLVM_MAIN_SRC_DIR "${CMAKE_CURRENT_SOURCE_DIR}/../llvm" CACHE PATH ...)
   This path isn't correct when using standalone archive builds. We explicitly pass
   LLVM_MAIN_SRC_DIR=$(BUILD_DIR)/llvm-$(LLVM_PROJECT_VERSION) to fix the path. [2]

-- Add LLVM_ENABLE_RUNTIMES:
   Upstream added LLVM_ENABLE_RUNTIMES for runtimes [3]

-- Removed LLVM_INCLUDE_GO_TESTS:
   Upstream dropped this option; we remove it too [4]

-- Disable TensorFlow Lite integration:
   LLVM_HAVE_TFLITE is added to the CMakelist
   We now explicitly disable it to avoid unexpected
   TensorFlow Lite dependency.

-- Clang introduced CLANG_ENABLE_LIBXML2 [5]
   We now explicitly disable it by setting CLANG_ENABLE_LIBXLM2=OFF
   since we set LLVM_ENABLE_LIBXML2 to OFF in LLVM

-- Host-python3, which is now always needed by Clang’s resource bundling
   script. [6]

-- Clang explicitly request to disable llvm tests when llvm_gtest is missing.[7]
   CMake Error at CMakeLists.txt:126 (message):
    llvm-gtest not found. Please install llvm-gtest or disable tests with
    -DLLVM_INCLUDE_TESTS=OFF

-- Also update the installation path in COMPILER_RT_SETUP_RUNTIME_LIBS
   to use CLANG_VERSION_MAJOR instead of HOST_CLANG_VERSION,
   ensuring that the runtime files are placed correctly
   in the /lib/clang/<major>/ folder. [8]

-- Add llvm-runtimes dependency
   libunwind needs runtimes [9]

-- Fix for libclc out of tree patch
   Due to upstream changes in libclc, the old patch no longer
   applies. Only the fix related to invoking './prepare_builtins'
   directly is still relevant and preserved, as it is required to avoid
   a build failure when the binary is not in PATH.

-- Upstream commit [10] removed the use of llvm-config in libclc and
   replaced it with proper use of LLVM_CMAKE_DIR. We now pass
   -DLLVM_CMAKE_DIR instead of DLLVM_CONFIG

-- Libclc expects to invoke some LLVM tools. We explicitly set
   LIBCLC_CUSTOM_LLVM_TOOLS_BINARY_DIR to ensure it finds these tools. [11]

-- Remove LLAsm_COMPILER and CLC_COMPILER [12]

-- LIBUNWIND_INSTALL_HEADERS is On by default [13]

-- Update spirv-llvm-translator to align with LLVM 20.1.5
   Release:
   https://github.com/KhronosGroup/SPIRV-LLVM-Translator/releases/tag/v20.1.2

[1]  https://github.com/llvm/llvm-project/commit/9dd01a5241dc5b46e92485e05bc345221df8938c
[2]  https://github.com/llvm/llvm-project/commit/d2b158e29eedf4a29bf8d2142f2ed21a52fc80a7
[3]  https://github.com/llvm/llvm-project/commit/176db3b3ab25ff8a9b2405f50ef5a8bd9304a6d5
[4]  https://github.com/llvm/llvm-project/commit/6ce87272487711c9f0ff408a037f5ca2e1ff5c5d
[5]  https://github.com/llvm/llvm-project/commit/df239a6c17fa51274e38f185e72ac02c2f8fb914
[6]  https://github.com/llvm/llvm-project/commit/96962d5512fbc6af0ada0f13e6be332c026529cb
[7]  https://github.com/llvm/llvm-project/commit/82169103958583d3320b3a9a1e6542e8d32ef8da
[8]  https://github.com/llvm/llvm-project/commit/e1b88c8a09be25b86b13f98755a9bd744b4dbf14
[9]  https://github.com/llvm/llvm-project/commit/0af67d167d6c811abf12ad6c27ee34ec1365e5fb
[10] https://github.com/llvm/llvm-project/commit/b264787453fd93e55154b98d18739ecb383d9b4c
[11] https://github.com/llvm/llvm-project/commit/0aeeff3059e79b86f55ed92a4488bdee8fa66e12
[12] https://github.com/llvm/llvm-project/commit/72f9881c3ffcf4be6361c3e4312d91c9c8d94a98
[13] https://github.com/llvm/llvm-project/commit/f8409af354c1398ebf4ece67a315c94ba19714b5

Signed-off-by: El Mehdi YOUNES <elmehdi.younes@smile.fr>
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
[Bernd: rebased, removed gcc-15 patches for llvm 15, bumped to 20.1.5]
        used 'git describe' to set the version number for spirv-llvm-translator]
[Mehdi: changed llvm-runtimes version to $(LLVM_PROJECT_VERSION)]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-25 16:15:41 +02:00
El Mehdi YOUNES 395568599c package/spirv-{headers, tools}: bump to version 1.4.313.0
Update SPIR-V headers and SPIR-V tools to version 1.4.313.0 from the
Vulkan SDK.

This versions are required for compatibility with updated
spirv-llvm-translator (v20.1.2).
The source archive now follows the vulkan-sdk- prefix convention.

release:
https://github.com/KhronosGroup/SPIRV-Headers/releases/tag/vulkan-sdk-1.4.313.0
https://github.com/KhronosGroup/SPIRV-Tools/releases/tag/vulkan-sdk-1.4.313.0

Signed-off-by: El Mehdi YOUNES <elmehdi.younes@smile.fr>
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
[Bernd:
 bumped to 1.4.313.0
 Updated license hash of spirv-headers due to upstream commits:
 https://github.com/KhronosGroup/SPIRV-Headers/commit/1c9115b562bab79ee2160fbd845f41b815b9f21f
 https://github.com/KhronosGroup/SPIRV-Headers/commit/23d4a398c2ccca05fc623cca8785ce7741c5345d]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-25 16:15:41 +02:00
El Mehdi YOUNES 737aa40a1c package/llvm-project: add llvm-runtimes package
Add a new host package to install the CMake modules provided by the
runtimes archive of LLVM. These modules are required to build components
like libunwind since upstream refactored the common flag-handling logic
into a shared file: `HandleFlags.cmake`.

This package extracts and installs the relevant files to
`$(HOST_DIR)/lib/cmake/llvm`, where other components like libunwind
will look for them.

see https://github.com/llvm/llvm-project/commit/0af67d167d6c811abf12ad6c27ee34ec1365e5fb

Signed-off-by: El Mehdi YOUNES <elmehdi.younes@smile.fr>
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
[Mehdi v3: explicitly set version to 20.1.3 for now, it will
	   be changed in llvm-project bump commit]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-25 16:15:41 +02:00
El Mehdi YOUNES df0805618b support/testing: TestClangCompilerRT: Add a kernel fragment for 48 bits virtual adress
Add a kernel fragment to enable
CONFIG_ARM64_VA_BITS_48 for the AARCH64 QEMU platform in the
clang compiler -rt runtime test.

Without this setting, this sanitize-based test fails with clang-20
due to insufficient virtual adress space.

"This might potentially affect ARM platforms with 39-bit address space." from [1]

[1] https://github.com/llvm/llvm-project/commit/a588cfe37ea36ec4fae35a233a13d3557fba86e9

Signed-off-by: El Mehdi YOUNES <elmehdi.younes@smile.fr>
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-25 16:15:41 +02:00
Amer Alshanawany 066f608872 package/uuu: add target support
Signed-off-by: Amer Alshanawany <amer.alshanawany@openpixelsystems.org>
[Julien:
 - sort Config.in dependencies alphabetically
 - fix "conditional override of variable UUU_CONF_OPTS"
   check-package error
]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-25 14:53:13 +02:00
Marcus Hoffmann 1e1fe402a3 DEVELOPERS: add Marcus Hoffmann for python-django
Signed-off-by: Marcus Hoffmann <buildroot@bubu1.eu>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-05-23 12:00:34 +02:00
Marcus Hoffmann 15fdc8b0ca package/python-django: clarify licensing
Django includes code from a couple of other projects, add their
respective license files and licenses to the django package.

./utils/scanpypi finds most of these. Additionally this was
cross-checked against debian's license list [1], not including some
things that no longer exist or no longer indicate separate licensing
upstream:
* django/contrib/admin/static/admin/fonts/
* django/utils/baseconv.py
* django/utils/ipv6.py
* django/utils/autoreload.py

Also not included are separate licensing for docs, which buildroot
doesn't package:
* docs/_theme/djangodocs/static/reset-fonts-grids.css
* docs/_theme/djangodocs/static/fontawesome/LICENSE.txt

[1] https://metadata.ftp-master.debian.org/changelogs//main/p/python-django/python-django_5.2-1_copyright

Signed-off-by: Marcus Hoffmann <buildroot@bubu1.eu>
[Peter: Indent with single tab]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-05-23 12:00:34 +02:00
Flávio Tapajós b492372436 package/python-sqlalchemy: bump to version 2.0.41
For change log, see:
https://docs.sqlalchemy.org/en/20/changelog/changelog_20.html#change-2.0.41

Signed-off-by: Flávio Tapajós <flavio.tapajos@newtesc.com.br>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-22 22:43:13 +02:00
Giulio Benetti 879a1340ba package/mongoose: bump to version 7.18
https://github.com/cesanta/mongoose/releases/tag/7.18

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-22 22:02:07 +02:00
Fiona Klute (WIWA) 46916c3536 package/python-referencing: remove runtime python-typing-extensions dependency
This reverts commit 0586ee6cba.

The dependency is not needed any more with package/python3 providing
3.13 (since commit d63e207eb8).

Signed-off-by: Fiona Klute (WIWA) <fiona.klute@gmx.de>
[Julien: reword commit log title]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-22 21:58:33 +02:00
Titouan Christophe 4c890bc46d package/python-tornado: apply security patch for CVE-2025-47287
This fixes the following CVE:
- CVE-2025-47287: When Tornado's ``multipart/form-data`` parser encounters
                  certain errors, it logs a warning but continues trying to
                  parse the remainder of the data. This allows remote
                  attackers to generate an extremely high volume of logs,
                  constituting a DoS attack.

Fixes:
https://www.cve.org/CVERecord?id=CVE-2025-47287

Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
[Julien: reword commit log]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-22 21:23:29 +02:00
Peter Korsgaard 40dfe63cce package/wireguard-tools: bump version to 1.0.20250521
For details, see the announcement:
https://lists.zx2c4.com/pipermail/wireguard/2025-May/008789.html

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-22 20:46:17 +02:00
Giulio Benetti c2fdcebc6e package/libnvme: bump to version 1.14
Add local patch to avoid build failure on examples folder that we don't
need. That build failure is due to missing bits/pthreadtypes.h on musl and
since we don't need examples at all let's disable its building by passing
-Dexamples=false.

For release note, see:
https://github.com/linux-nvme/libnvme/releases/tag/v1.14

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
[Julien: add the "Upstream:" link in patch]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-21 19:58:59 +02:00
Titouan Christophe 4dc951f3ee package/binutils: apply security patch for CVE-2025-3198
This fixes a memory leaks that affects both binutils 2.43 and 2.44,
see https://www.cve.org/CVERecord?id=CVE-2025-3198

Fixes the following CVE:
- CVE-2025-3198: A vulnerability has been found in GNU Binutils 2.43/2.44
                 and classified as problematic. Affected by this
                 vulnerability is the function display_info of the file
                 binutils/bucomm.c of the component objdump.
                 The manipulation leads to memory leak.

Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-21 19:50:45 +02:00
Marcus Hoffmann fb992eb5a3 package/python-click: bump to version 8.2.1
Bugfix release for click 8.2.0, changelog:
https://click.palletsprojects.com/en/stable/changes/#version-8-2-1

Signed-off-by: Marcus Hoffmann <buildroot@bubu1.eu>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-21 19:41:39 +02:00
Julien Olivain 04c9ecd788 support/testing: test_xen: fix runtime test
The test_xen.py runtime test, introduced in [1] and improved in [2],
is calling a "stty raw" command, just after the emulated machine
login, to avoid double-cooking the consoles. This double-cooking
prevents the test controller to correctly get the command error codes.

Buildroot commit [3] "support/testing: set date in emulated machine"
introduced an invocation of the date command to set time on the
emulated machine, just after the login. The returned error code is also
checked. Since this commit [3], the test_xen runtime test is failing
while attempting to set the date. This is because it is invoked before
the test script executes this "stty raw" command.

The need of executing a command just after the login, and just
before we set the emulated machine date is very limited. It is almost
specific to this test. So, rather than changing the test
infrastructure, this commit simply moves this "stty raw" invocation
from the runtime test script to a custom /etc/profile.d/stty-raw.sh
file on target rootfs overlay, to do this call just at the login.

Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/10000011350

[1] https://gitlab.com/buildroot.org/buildroot/-/commit/055f82ebbd07b582c992eed30ef5191f18873ba4
[2] https://gitlab.com/buildroot.org/buildroot/-/commit/cd0ffd598cf94b9d15c489f2429602825a18753c
[3] https://gitlab.com/buildroot.org/buildroot/-/commit/cf8641b73e7f1577637bfef0ece78dd519b25d19

Cc: Vincent Stehlé <vincent.stehle@laposte.net>
Tested-by: Vincent Stehlé <vincent.stehle@laposte.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-21 19:35:58 +02:00
Florian Larysch bd28e7a22c package/casync-nano: enable OpenSSL ChaCha20 support
When building against OpenSSL, ensure the ChaCha20 algorithm is enabled,
which is needed by this package.

Fixes: https://autobuild.buildroot.org/results/3cb/3cb58229dfb47e79c50b4b52ca57b3f56a945ed7

Signed-off-by: Florian Larysch <fl@n621.de>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-20 22:50:59 +02:00
Florian Larysch e5b4518319 package/casync-nano: bump to version 1.1.2
Fixes build issues when building against LibreSSL in particular:
https://github.com/florolf/casync-nano/releases/tag/v1.1.2

Signed-off-by: Florian Larysch <fl@n621.de>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-20 22:50:51 +02:00
Gaël PORTAY fd5628e5dc configs/raspberrypicm5io: new defconfig
This configuration builds an image for the Compute Module 5 IO Board.

Note: Unlike the Raspberry Pi 5 and its dedicated debug uart connector,
the kernel console on Compute Module 5 IO Board is back to UART0
(ttyAMA0) on PIN8 (GPIO14, TX, yellow) and PIN10 (GPIO15, RX, orange) on
the 40-pin header, as the former version of the Raspberry Pi.

Signed-off-by: Gaël PORTAY <gael.portay+rtone@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-20 19:42:00 +02:00
Flávio Tapajós db1b8130c7 package/rsyslog: bump version to 8.2504.0
Release announce:
https://www.adiscon.com/news/news-release/rsyslog-8-2504-0-released/

Changelog:
https://github.com/rsyslog/rsyslog/blob/v8.2504.0/ChangeLog

Signed-off-by: Flávio Tapajós <flavio.tapajos@newtesc.com.br>
[Julien: add links to release announce and change log]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-20 19:34:50 +02:00
Bernd Kuhls 969bdb9d2e package/sudo: bump version to 1.9.16p2
For change summary since version 1.9.15p5, see:
https://www.sudo.ws/releases/stable/#1.9.16p2

For detailed change log, see:
https://www.sudo.ws/releases/changelog/
https://github.com/sudo-project/sudo/commits/SUDO_1_9_16p2/

Removed patch which is included in this release.

Updated license hash due to copyright year bump and whitespace fixes:
https://github.com/sudo-project/sudo/commits/SUDO_1_9_16p2/LICENSE.md

Note: Sudo 1.9.16p2 includes fixes to compile with C23/gcc-15.

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
[Julien: add links to change logs in commit log]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-20 19:33:26 +02:00
Bernd Kuhls 3ff4826a53 package/libpng: bump version to 1.6.48
Release notes:
https://raw.githubusercontent.com/pnggroup/libpng/v1.6.47/ANNOUNCE
https://raw.githubusercontent.com/pnggroup/libpng/v1.6.48/ANNOUNCE

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-20 19:31:28 +02:00
Bernd Kuhls b20b13fd99 package/linux-firmware: bump version to 20250509
Updating the hash of the WHENCE file, due to firmware additions and
firmware changes, but no changes to the redistribution/licensing
conditions.

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-20 19:29:38 +02:00
Bernd Kuhls 4541e124f5 package/alsa-utils: bump version to 1.2.14
Changelog:
https://www.alsa-project.org/wiki/Changes_v1.2.13_v1.2.14#alsa-utils

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-20 19:27:48 +02:00
Bernd Kuhls 10cc2fc1c6 package/alsa-lib: bump version to 1.2.14
Changelog:
https://www.alsa-project.org/wiki/Changes_v1.2.13_v1.2.14#alsa-lib

Removed patch 0002 which is included in upstream release.

Remove Kconfig options for alisp which was removed upstream.

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
[Julien:
  - move the legacy option to a new 2025.08 section
  - add alsa-lib version in Congig.in.legacy comment
]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-20 19:27:48 +02:00
Bernd Kuhls 11818cd07d package/oniguruma: bump version to 6.9.10
Release notes:
https://github.com/kkos/oniguruma/releases/tag/v6.9.10

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-20 19:18:18 +02:00
Bernd Kuhls 7402bf2396 package/usb_modeswitch: bump version to 2.6.2
This releases fixes a compilation issue with gcc-15.

Changelog:
Version 2.6.2, 2025/02/19
    Bug in C code (with gcc 15) fixed

See:
https://www.draisberghof.de/usb_modeswitch/bb/viewtopic.php?t=3122

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
[Julien: add change info in commit log]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-20 19:18:18 +02:00
Bernd Kuhls 3f5a807810 package/privoxy: bump version to 4.0.0
Changelog:
https://www.privoxy.org/gitweb/?p=privoxy.git;a=blob;f=ChangeLog;h=a7bffc52b8996c327a23ee562627841550ed90e9;hb=6adadda85067fb7d4cc8663fbfbcacb4b0206615

Removed patches which are included in this release.

Added support for pcre2 which was added upstream in the release.

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-20 19:18:18 +02:00
Bernd Kuhls 9323d69afb package/libde265: bump version to 1.0.16
Release notes:
https://github.com/strukturag/libde265/releases/tag/v1.0.16

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-20 19:18:18 +02:00
Bernd Kuhls 9db5f85fd3 package/dav1d: bump version to 1.5.1
Release notes:
https://code.videolan.org/videolan/dav1d/-/blob/1.5.1/NEWS

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
[Julien: change release note url to use tag]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-20 19:18:18 +02:00
Bernd Kuhls e8c67b13d8 package/gkrellm: bump version to 2.4.0
Changelog:
https://git.srcbox.net/gkrellm/gkrellm/releases/tag/gkrellm-2.4.0

Updated license hash due to copyright year bump:
https://git.srcbox.net/gkrellm/gkrellm/commit/b6bc5b379564a5df72d3b047df655652976937fb

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-20 19:18:17 +02:00
Kadambini Nema 85e14a916a package/grep: bump version to 3.12
Release notes:
https://git.savannah.gnu.org/cgit/grep.git/tree/NEWS?h=v3.12
https://savannah.gnu.org/news/?id=10753
https://lists.gnu.org/archive/html/info-gnu/2025-04/msg00008.html

Signed-off-by: Kadambini Nema <kadambini.nema@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-20 19:12:40 +02:00
Kadambini Nema 6d0a4495b3 package/htop: bump to version 3.4.1
Release notes:
https://github.com/htop-dev/htop/blob/3.4.1/ChangeLog
https://github.com/htop-dev/htop/blob/3.4.0/ChangeLog

Signed-off-by: Kadambini Nema <kadambini.nema@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-20 19:12:40 +02:00
Kadambini Nema 8a26e9e040 package/lshw: bump version to B.02.20
Changelog:
https://github.com/lyonel/lshw/compare/d76afbaaf40e953243da921844cddff8185324f3...B.02.20

Signed-off-by: Kadambini Nema <kadambini.nema@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-20 19:12:40 +02:00
Kadambini Nema 5104814554 package/nmap: bump to version 7.97
Changelog:
https://nmap.org/changelog.html#7.97
https://nmap.org/changelog.html#7.96

Signed-off-by: Kadambini Nema <kadambini.nema@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-19 19:13:17 +02:00
Kadambini Nema 7f3329b7fd package/gperf: bump to version 3.3
Release notes:
https://lists.gnu.org/archive/html/info-gnu/2025-04/msg00013.html
https://lists.gnu.org/archive/html/info-gnu/2025-04/msg00004.html

Changelog:
https://git.savannah.gnu.org/gitweb/?p=gperf.git;a=blob;f=ChangeLog;h=7966fcd0384f833f8b7d8ebdf9c5c90c22b4e48c;hb=d2aeec9b9c1fd04dbf747afe4ada8e772d315ccd

Signed-off-by: Kadambini Nema <kadambini.nema@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-19 19:09:24 +02:00
Kadambini Nema 5ef0bfa759 package/dhcpcd: bump version to 10.2.3
License hash changed due to year update.
https://github.com/NetworkConfiguration/dhcpcd/commit/e143ee18f4e2312e0254002dd27bf1da8bd95f27

Release notes:
https://github.com/NetworkConfiguration/dhcpcd/releases/tag/v10.2.3
https://github.com/NetworkConfiguration/dhcpcd/releases/tag/v10.2.2
https://github.com/NetworkConfiguration/dhcpcd/releases/tag/v10.2.1
https://github.com/NetworkConfiguration/dhcpcd/releases/tag/v10.2.0

Signed-off-by: Kadambini Nema <kadambini.nema@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-19 19:02:53 +02:00
Francois Perrad bd0975b942 package/luaposix: bump to version 36.3
diff LICENSE:
    -Copyright (C) 2006-2023 luaposix authors
    +Copyright (C) 2006-2025 luaposix authors

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-19 18:54:05 +02:00
Neal Frager a4d774781f package/gcc-bare-metal: bump to gcc 15.1.0
This patch bumps gcc-bare-metal to gcc 15.1.0.

See here for changes:
https://gcc.gnu.org/gcc-15/changes.html

Signed-off-by: Neal Frager <neal.frager@amd.com>
2025-05-19 18:51:50 +02:00
Thomas Petazzoni b5f14d65cb package/gcc: drop useless condition on BR2_GCC_ENABLE_GRAPHITE
For a long while now, we only support building GCC >= 8.x, so the
dependency of BR2_GCC_ENABLE_GRAPHITE on GCC >= 5.x is useless, drop
it, together with the corresponding Config.in comment.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-19 18:46:13 +02:00
Thomas Petazzoni 62e784cb97 package/gcc: drop dead code related to BR2_GCC_SUPPORTS_LIBCILKRTS
The libcilkrts library was removed from gcc 8.x, and gcc 8.x is the
oldest version we allow building (to still support PowerPC SPE). So it
means the BR2_GCC_SUPPORTS_LIBCILKRTS is basically dead code because:

	default y if !BR2_TOOLCHAIN_GCC_AT_LEAST_8

Will never evaluate to 'y' in current Buildroot.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-19 18:46:13 +02:00
Thomas Petazzoni 5fd75bfb02 package/gcc: drop stale hash
The hash for the GCC 10.4.0 tarball should have been removed a long
time ago, when support for GCC 10.x has been removed.

Fixes: d37a8f3a2e ("package/gcc: remove gcc 10.x")
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-19 18:46:13 +02:00
Thomas Petazzoni 58cf7c51da package/gcc: drop support for GCC 12.x
Now that we have added support for GCC 15.x, made GCC 14.x the
default, let's drop support for GCC 12.x.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-19 18:46:13 +02:00
Thomas Petazzoni 1e1fafa1f0 package/gcc: switch to GCC 14.x as the default
Now that GCC 15.x support has been added, follow our usual strategy of
making GCC 14.x the default GCC version.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-19 18:46:13 +02:00
Thomas Petazzoni 75891397ab package/gcc: add support for GCC 15.x
Changelog:

  https://gcc.gnu.org/gcc-15/changes.html

NIOS II support has been removed, and we removed it from Buildroot
some time ago.

AArch64 ILP32 support has been deprecated, but we never supported it
in Buildroot.

In the stack of patches, just keep patch 0001.

Indeed, from 14.2.0:

- 0002-libsanitizer-also-undef-_TIME_BITS-in-sanitizer_proc.patch is
  upstream as of commit fa321004f3f6288d3ee2eefa6b02177131882dca

- 0003-libquadmath-Fix-up-libquadmath-math-sqrtq.c-compilat.patch is
  upstream as of commit 3ac02e67503ccffa3dfeeffc0a60fce6bdaca43b

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-19 18:46:13 +02:00
Thomas Petazzoni ccf1714502 toolchain/Config.in: add BR2_TOOLCHAIN_GCC_AT_LEAST_15 blind option
In order to add gcc 15 support in follow-up commits, introduce
BR2_TOOLCHAIN_GCC_AT_LEAST_15 symbol.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-19 18:46:13 +02:00
Bernd Kuhls 90c5270bac package/pppd: fix build with gcc-15.x
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-19 18:40:43 +02:00
Bernd Kuhls 5ba0f2cc8a package/ngrep: fix build with gcc-15.x
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-19 18:40:43 +02:00
Bernd Kuhls 76dbbe8f41 package/mrouted: fix build with gcc-15.x
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Reviewed-by: Joachim Wiberg <troglobit@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-19 18:40:43 +02:00
Bernd Kuhls 45cdb5decb package/mjpegtools: fix build with gcc-15.x
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-19 18:40:43 +02:00
Bernd Kuhls fcf8bdc62a package/iftop: fix build with gcc-15.x
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-19 18:40:43 +02:00
Peter Korsgaard 37a715969f Update for 2025.05-rc1
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-05-19 12:33:23 +02:00
Arnout Vandecappelle b55957fa65 CHANGES: Update for 2025.02.3
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
(cherry picked from commit eee9775d12)
2025-05-19 09:57:51 +02:00
Arnout Vandecappelle 43a74db621 docs/website/{download,news}.html: update for 2025.02.3
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-05-19 09:57:25 +02:00
Kadambini Nema 8a5bab9364 package/smartmontools: bump version to 7.5
Release notes:
https://www.smartmontools.org/browser/tags/RELEASE_7_5/smartmontools/NEWS

Signed-off-by: Kadambini Nema <kadambini.nema@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-05-18 23:06:44 +02:00
Kadambini Nema b5cd550cfd package/gzip: bump to version 1.14
Release notes:
https://git.savannah.gnu.org/cgit/gzip.git/tree/NEWS?id=fbc4883eb9c304a04623ac506dd5cf5450d055f1
https://lists.gnu.org/r/bug-gzip/2025-04/msg00022.html

Signed-off-by: Kadambini Nema <kadambini.nema@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-05-18 23:06:43 +02:00
Kadambini Nema 0e16ff09e9 package/avrdude: bump to version 8.0
Release notes:
https://github.com/avrdudes/avrdude/blob/v8.0/NEWS
https://github.com/avrdudes/avrdude/blob/v7.3/NEWS

Updated COPYING file hash due to the following upstream commit:
https://github.com/avrdudes/avrdude/commit/ececf3258e77eb147b0af75275de5ba7d071d7a4

Signed-off-by: Kadambini Nema <kadambini.nema@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-05-18 23:06:43 +02:00
Kadambini Nema 06bb701217 package/valgrind: bump to version 3.25.0
Release notes:
https://valgrind.org/docs/manual/dist.news.html

Rebased patches for the new version.

Signed-off-by: Kadambini Nema <kadambini.nema@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-05-18 23:06:42 +02:00
Michael Walle c09ee07b2c package/hwclock-initscript: new package
Add a new initscript to save the date and time to the hardware clock
on shutdown.

Signed-off-by: Michael Walle <michael@walle.cc>
[Arnout:
 - package as hwclock-initscript instead of buildroot-initscripts;
 - mention in help text that it isn't needed at boot;
 - rewrite initscript according to our usual pattern;
 - fix shellcheck errors.
]
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-05-18 22:42:54 +02:00
Lang Daniel faf2b8a627 package/freescale-imx/imx-gpu-viv: enable aarch64 framebuffer support
Back when the imx-gpu-viv package was enabled on AArch64 in commit
84afda9ca6, the fb output option was not
enabled.

However, according to meta-freescale [0] the framebuffer output can be
enabled on IMX8 by using the wayland libraries together with egl.pc.

[0] https://git.yoctoproject.org/meta-freescale/tree/recipes-graphics/imx-gpu-viv/imx-gpu-viv-6.inc

This commit does enable fb output on AArch64, which requires a few
precautions as the imx-gpu-viv logic is a bit convoluted:

- FB on ARM is supported using "pure" framebuffer libraries. However,
  a specific egl.pc is needed: egl_linuxfb.pc. The supporting
  libraries are found in the fb/ subdirectory in imx-gpu-viv "code".

- FB on AArch64 is supported using libraries that are linked with
  wayland and libdrm, even though wayland/libdrm is obviously not used
  for framebuffer output. pkg-config wise, this configuration can use
  the default egl.pc. The supporting libraries are found in the
  wayland/ subdirectory in imx-gpu-viv "code", as oddly as it seems.

- Wayland on ARM on AArch64 is supported using libraries that are
  obviously linked against wayland and libdrm. pkg-config wise, egl.pc
  needs to be symlinked to egl_wayland.pc.

This patch solves this situation by introducing a hidden boolean
option BR2_PACKAGE_IMX_GPU_VIV_USES_WAYLAND that indicates whether
wayland/libdrm is used by the currently selected output. This is of
course true when BR2_PACKAGE_IMX_GPU_VIV_OUTPUT_WL, but also when
BR2_PACKAGE_IMX_GPU_VIV_OUTPUT_FB on AArch64.

Signed-off-by: Daniel Lang <d.lang@abatec.at>
[Thomas: quite significant rework compared to the submission from
Daniel Lang, so we didn't keep the Reviewed-by from Gary Bisson]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-05-18 22:41:43 +02:00
Thomas Petazzoni c8adccf8df package/freescale-imx/imx-gpu-viv: rename IMX_GPU_VIV_LIB_TARGET to IMX_GPU_VIV_OUTPUT
In preparation for some rework of the package, let's rename the
IMX_GPU_VIV_LIB_TARGET variable to IMX_GPU_VIV_OUTPUT to make it match
the BR2_PACKAGE_IMX_GPU_VIV_OUTPUT config option it corresponds to.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-05-18 22:41:43 +02:00
Peter Korsgaard c84fcef123 package/nodejs: security bump to version 22.15.1
Fixes the following security issues:

- CVE-2025-23166: Improper error handling in async cryptographic operations
  crashes process

- CVE-2025-23165: Corrupted pointer in node::fs::ReadFileUtf8(const
  FunctionCallbackInfo<Value>& args) when args[0] is a string

https://nodejs.org/en/blog/vulnerability/may-2025-security-releases

Update the license hash for the addition of zstd 1.5.6 (BSD-3-Clause):
https://github.com/nodejs/node/commit/f9f611fb584ca2ace35df2669204e7de6a92ea26

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-18 21:49:45 +02:00
Peter Korsgaard 7a09fcf7c6 package/webkitgtk: security bump to version 2.48.2
Fixes the following security issues:

CVE-2025-24223
    Versions affected: WebKitGTK and WPE WebKit before 2.48.2.
    Credit to rheza (@ginggilBesel) and an anonymous researcher.
    Impact: Processing maliciously crafted web content may lead to
    memory corruption. Description: The issue was addressed with
    improved memory handling.
    WebKit Bugzilla: 287577

CVE-2025-31204
    Versions affected: WebKitGTK and WPE WebKit before 2.48.2.
    Credit to Nan Wang (@eternalsakura13).
    Impact: Processing maliciously crafted web content may lead to
    memory corruption. Description: The issue was addressed with
    improved memory handling.
    WebKit Bugzilla: 291506

CVE-2025-31205
    Versions affected: WebKitGTK and WPE WebKit before 2.48.2.
    Credit to Ivan Fratric of Google Project Zero.
    Impact: A malicious website may exfiltrate data cross-origin.
    Description: The issue was addressed with improved checks.
    WebKit Bugzilla: 290992

CVE-2025-31206
    Versions affected: WebKitGTK and WPE WebKit before 2.48.2.
    Credit to an anonymous researcher.
    Impact: Processing maliciously crafted web content may lead to an
    unexpected Safari crash. Description: A type confusion issue was
    addressed with improved state handling.
    WebKit Bugzilla: 290834

CVE-2025-31215
    Versions affected: WebKitGTK and WPE WebKit before 2.48.2.
    Credit to Jiming Wang and Jikai Ren.
    Impact: Processing maliciously crafted web content may lead to an
    unexpected process crash. Description: The issue was addressed with
    improved checks.
    WebKit Bugzilla: 288814

CVE-2025-31257
    Versions affected: WebKitGTK and WPE WebKit before 2.48.2.
    Credit to Juergen Schmied of Lynck GmbH.
    Impact: Processing maliciously crafted web content may lead to an
    unexpected Safari crash. Description: This issue was addressed with
    improved memory handling.
    WebKit Bugzilla: 290985

https://webkitgtk.org/security/WSA-2025-0004.html

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Acked-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-05-18 21:09:14 +02:00
Michael Nosthoff 93aa1c1ef6 package/spdlog: bump version to 1.15.3
Release Notes: https://github.com/gabime/spdlog/releases/tag/v1.15.3

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-05-18 19:33:06 +02:00
Guillaume Chaye 573ecbd44c package/heimdal: bump version to 8c3c97bdf6c06200418f1a85aa22beaa441c6b23
The current version was more than 3 years old and had known CVEs (see
CVE-2023-36328). Since this is a host only package, we don't consider
this as a security bump.

This upgrade allows the removal of the two patches currently applied:

- The commit 1b57b62, which fixes the build with autoconf 2.72, is
  already included upstream.

- We no longer need to use the JSON-PP module, as it is now
  optional (commit 13d3bcf).

Also, since the latest version of Heimdal no longer depends on
e2fsprogs, the host-e2fsprogs dependency has been removed.

Signed-off-by: Guillaume Chaye <guillaume.chaye@zeetim.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-05-18 18:45:06 +02:00
Thomas Petazzoni 6c3f01fde1 package/samba4: needs libxcrypt
Since the bump of Samba to version 4.21.4 in commit
716461af94, <crypt.h> is needed, due to
upstream comit 0dccda38f27b3bbda5d2a4de588a333ff554651a. Since
<crypt.h> is no longer provided by glibc, a dependency on libxcrypt is
needed, to avoid the following build failure:

../../lib/util/util_crypt.c:5:10: fatal error: crypt.h: No such file or directory
    5 | #include <crypt.h>
      |          ^~~~~~~~~
compilation terminated.

This has not been detected by the autobuilders, presumably because a
lot of glibc configurations end up having libxcrypt selected by other
packages, but the issue is reproducible by building:

BR2_arm=y
BR2_cortex_a9=y
BR2_ARM_ENABLE_VFP=y
BR2_TOOLCHAIN_EXTERNAL=y
BR2_TOOLCHAIN_EXTERNAL_BOOTLIN=y
BR2_PACKAGE_SAMBA4=y

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-05-18 18:45:05 +02:00
Thomas Petazzoni d2d5014a8e package/heimdal: drop INSTALL_STAGING = YES
HEIMDAL_INSTALL_STAGING = YES makes no sense since the package was
introduced in 56258f491b ("heimdal: new
package") since it's a host only package.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-05-18 18:45:04 +02:00
Francois Perrad 36f9436488 docs/manual/customize-directory-structure.adoc: suggest a custom top Makefile
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
[Arnout: give a bit more explanation, simplify the example]
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-05-18 18:20:28 +02:00
Thomas Perale 37167915db CHANGES: Update for 2025.02.2
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
(cherry picked from commit 183f44a3bd)
2025-05-18 17:29:04 +02:00
Arnout Vandecappelle 05d8a49c09 docs/website/{download,news}.html: update for 2025.02.2
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-05-18 17:20:20 +02:00
Florian Larysch 187f7b1469 package/casync-nano: new package
casync-nano is an implementation of a subset of the features of casync,
optimized for performing OTA updates on embedded systems.

Signed-off-by: Florian Larysch <fl@n621.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-05-18 17:07:04 +02:00
Akhilesh Nema e7c091f113 package/ncurses: bump to version 6.5.20250517
Release notes:
https://github.com/ThomasDickey/ncurses-snapshots/blob/v6_5_20250510/NEWS

- Drop upstream patch - 0001-fix-XOPEN_SOURCE-detection.patch
- COPYING hash changed due to Copyright year update.

Signed-off-by: Akhilesh Nema <nemaakhilesh@gmail.com>
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
[Bernd: bumped to version 6.5.20250517
 added configure option --disable-widec due to wchar support being
 enabled by default since version 6.5:
 https://github.com/ThomasDickey/ncurses-snapshots/blob/master/INSTALL#L840
 fixing non-wchar ncurses build on wchar-enabled toolchains (Peter)]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-05-18 16:54:25 +02:00
Thomas Petazzoni 7050c68b5f package/python-pyproj: propagate dependencies from proj
The python-pyproj package was introduced in
7c65b4484e, and it selects
BR2_PACKAGE_PROJ, but forgot to propagate its dependencies, so let's
do that.

Fixes:

WARNING: unmet direct dependencies detected for BR2_PACKAGE_PROJ
  Depends on [n]: BR2_INSTALL_LIBSTDCPP [=n] && BR2_TOOLCHAIN_GCC_AT_LEAST_4_7 [=y] && BR2_TOOLCHAIN_HAS_THREADS_NPTL [=y] && BR2_USE_WCHAR [=y]
  Selected by [y]:
  - BR2_PACKAGE_PYTHON_PYPROJ [=y] && BR2_PACKAGE_PYTHON3 [=y]

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-18 16:43:04 +02:00
Kadambini Nema 0575a3ab10 package/iperf3: bump to version 3.19
Release notes:
https://github.com/esnet/iperf/releases/tag/3.19

Updated license hash due to copyright year bump:
https://github.com/esnet/iperf/commit/9f6dc2164dea62221298818c54992c3f24a7e214

Added a patch to fix the build error with uClibc.

Signed-off-by: Kadambini Nema <kadambini.nema@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-18 16:26:36 +02:00
J. Neuschäfer 3a43be7df4 package/execline: remove -D_GNU_SOURCE
execline is written against POSIX C and automatically sets
-D_POSIX_C_SOURCE=200809L and -D_XOPEN_SOURCE=700. uclibc had a bug
consistent with the error reported in the commit that added
-D_GNU_SOURCE[1], but it has since been fixed[2].

[1]: see commit 106e43e303 ("package/execline: fix uclibc build")
[2]: https://cgit.uclibc-ng.org/cgi/cgit/uclibc-ng.git/commit/?id=354129807db12c792696b74d0cd38f2c5d2fd704

Signed-off-by: J. Neuschäfer <j.neuschaefer@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-05-18 16:00:33 +02:00
J. Neuschäfer a0a39842e6 package/{execline,mdevd,s6-*,skalibs,tipidee}: bump to October 2024 versions
Releases have been made to several skarnet.org packages[1]. The biggest
change is that static libraries are installed to /usr/lib by default.

https://skarnet.org/lists/skaware/2098.html

Some COPYRIGHT hashes changed because the copyright years were updated.

Signed-off-by: J. Neuschäfer <j.neuschaefer@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-05-18 16:00:32 +02:00
J. Neuschäfer 3dbbfdeb8e package/{execline,mdevd,s6-*,skalibs}: remove --prefix=/
The prefix already defaults to /, so --prefix=/ is unnecessary. An
alternative course of action would be to start setting --prefix=/usr.

Signed-off-by: J. Neuschäfer <j.neuschaefer@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-05-18 16:00:31 +02:00
Peter Korsgaard 5ba3e0d8a7 package/openvmtools: add upstream security patch for CVE-2025-22247
Fixes the following security issue:

CVE-2025-22247: open-vm-tools contains an insecure file handling
vulnerability.

https://github.com/vmware/open-vm-tools/tree/CVE-2025-22247.patch

The upstream patch needs to be applied with -p2, so drop the open-vm-tools
prefix (sed -i 's|open-vm-tools/||g') and include it here.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-18 15:54:25 +02:00
Peter Korsgaard 3615c26899 package/openvmtools: needs libxcrypt with glibc
Fixes:
http://autobuild.buildroot.net/results/b3b66d7dff38ca6fb0be9a98d98db721ee98ef1b

Fix the following build failure raised since bump of glibc to version
2.39 in commit b5680f53d6:

checking for crypt in -lcrypt... no
configure: error: libcrypt not found. Please install the libc/libcrypt devel package(s).

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-18 15:54:25 +02:00
Thomas Devoogdt 11dcd7bd53 package/webkitgtk: add libgtk4 support
WebKitGTK defaults on GTK4 since version 2.44 [1],
and the libgtk4 package was added in commit faf2a1d,
so start using it. Note that webkitgtk-6.0 is the new API
if compile with GTK4 [2].

[1] https://webkitgtk.org/2024/03/27/webkigit-2.44.html
[2] https://webkitgtk.org/reference/webkitgtk/stable/migrating-to-webkitgtk-6.0.html

Signed-off-by: Thomas Devoogdt <thomas@devoogdt.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-05-18 15:39:21 +02:00
Peter Korsgaard 323aaa9f54 package/net-tools: add upstream security fix for CVE-2025-46836
Fixes the following security issue:

CVE-2025-46836: Stack-based Buffer Overflow in net-tools (get_name)

https://github.com/ecki/net-tools/security/advisories/GHSA-pfwf-h6m3-63wf

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-05-18 15:34:18 +02:00
Bernd Kuhls 61343ed57a package/alsa-utils: remove autoreconf
Buildroot commit 96a7db5a4b removed
0011-configure.ac-fix-UMP-support-detection.patch but forgot to remove
ALSA_UTILS_AUTORECONF = YES as well.

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-05-18 15:31:25 +02:00
Brandon Lumbra 7acb67fc2b package/wpa_supplicant: add option to build deprecated WEP support
Signed-off-by: Brandon Lumbra <brandon.lumbra@sense.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-05-18 15:28:02 +02:00
Yann E. MORIN 53e1772682 toolchain/wrapper: check unsafe paths earlier
We currently check for unsafe paths right between adding our arguments,
and adding the one passed from the command line. This not very
consistent.

Unsafe paths can only come from the command line, as we are not adding
any of our own (hopefully, we know better!), so we can run the check as
early as possible.

Move the check very early, but not before we handle --help.

Signed-off-by: Yann E. MORIN <yann.morin@orange.com>
Cc: Romain Naour <romain.naour@gmail.com>
Cc: Giulio Benetti <giulio.benetti@benettiengineering.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-05-18 14:51:58 +02:00
Raphaël Mélotte 913bdcda44 package/freeradius-server: ignore CVE-2002-0318 and CVE-2011-4966
CVE-2002-0318 has been mitigated by adding a new config option in
freeradius-server commit f0f762d1439336fff9c8b90291364ddff583f698,
which is part of release_0_5_0 onwards.
See also the original report ([1]).
The NVD database's CPE configuration doesn't have an associated
version number, which is why our CVE check still reports it.

For CVE-2011-4966, the CVE description (see [2]) mentions the issue is
fixed in version 2.2.0 onwards, but the CPE again doesn't use a
version number.

To reduce the noise in the list of CVEs that pkg-stats reports, ignore
them.

FWIW, yocto/oe also ignores them (see [3]).

[1]: https://marc.info/?l=bugtraq&m=101440113410083&w=2#2
[2]: https://nvd.nist.gov/vuln/detail/CVE-2011-4966
[3] https://patchwork.yoctoproject.org/project/oe/patch/20220715133515.14298-1-davide.gardenal@huawei.com/

Signed-off-by: Raphaël Mélotte <raphael.melotte@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-05-18 14:17:09 +02:00
Thomas Petazzoni 677b24ebaf package/tinyxml: set TINYXML_CPE_ID_VERSION
With the recent addition in pkg-stats to detect stale ignore CVE
entries, the CVE-2021-42260 ignore CVE entry is reported as
stale. This is because TINYXML_VERSION is 2.6.2_2, and the CVE is
annotated as affecting versions up to and including 2.6.2.

But in fact, 2.6.2_2 is a special version from the Kodi community, but
it's close to the 2.6.2 release, and CVE-2021-42260 is not fixed in
it. To get meaningful results, let's tell our CVE checking logic that
the tinyxml version is 2.6.2 by setting TINYXML_CPE_ID_VERSION (we're
splitting on the _ and keeping the part before).

Because we're now setting TINYXML_CPE_ID_VERSION, we must drop
TINYXML_CPE_ID_VALID to avoid a check-package warning.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-18 14:15:50 +02:00
Thomas Petazzoni 0d7e72afb2 package/sox: add fix for CVE-2023-32627
Patch comes from Debian. The CVEs are not reported by pkg-stats
because the NVD database has associated it to the sox_project:sox
vendor/product CPE. This has been reported to NVD:

  https://lore.kernel.org/buildroot/20250517220322.4da9bdb3@windsurf/

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-18 14:15:50 +02:00
Thomas Petazzoni c678e334e0 package/sox: add fix for CVE-2022-31651
Patch comes from Debian. The CVEs are not reported by pkg-stats
because the NVD database has associated it to the sox_project:sox
vendor/product CPE. This has been reported to NVD:

  https://lore.kernel.org/buildroot/20250517220322.4da9bdb3@windsurf/

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-18 14:15:50 +02:00
Thomas Petazzoni 34cb164b7e package/sox: add fix for CVE-2022-31650, CVE-2023-26590
Patch comes from Debian. The CVEs are not reported by pkg-stats
because the NVD database has associated it to the sox_project:sox
vendor/product CPE. This has been reported to NVD:

  https://lore.kernel.org/buildroot/20250517220322.4da9bdb3@windsurf/

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-18 14:15:50 +02:00
Thomas Petazzoni 1c1ee69fa7 package/sox: add fix for CVE-2021-40426
The patch comes from Debian. The CVEs are not reported by pkg-stats
because the NVD database has associated it to the
libsox_project:libsox vendor/product CPE. This has been reported to
NVD:

  https://lore.kernel.org/buildroot/20250517220322.4da9bdb3@windsurf/

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-18 14:15:50 +02:00
Thomas Petazzoni 14aa0f5ec1 package/sox: add fix for CVE-2021-23159, CVE-2021-23172, CVE-2023-34318
This fix is integrated in Debian. The CVEs are not reported by pkg-stats
because the NVD database has associated it to the sox_project:sox
vendor/product CPE. This has been reported to NVD:

  https://lore.kernel.org/buildroot/20250517220322.4da9bdb3@windsurf/

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-18 14:15:50 +02:00
Thomas Petazzoni b93b80245d package/sox: add fix for CVE-2021-3643 CVE-2021-23210
This fix is included in Debian's sox package. The CVE is not reported
by pkg-stats because the NVD database has associated it to the
sox_project:sox vendor/product CPE. This has been reported to NVD:

  https://lore.kernel.org/buildroot/20250517220322.4da9bdb3@windsurf/

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-18 14:15:50 +02:00
Thomas Petazzoni aea1dd9b20 package/sox: rework the 0001 patch to make it Git-applicable
Due to the "From:" in the commit log itself, this patch was not
applicable using git am:

$ git am 0001-Make-SoX-support-uclibc-based-toolchains.patch
Applying: Make SoX support uclibc-based toolchains
fatal: empty ident name (for <>) not allowed

Thanks to Arnout who found the issue.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-18 14:15:50 +02:00
Thomas Petazzoni 913ca297dc package/sox: add ignore CVE entry for CVE-2019-1010004
This CVE is a duplicate of CVE-2017-18189, according to
https://security-tracker.debian.org/tracker/CVE-2019-1010004, and
https://security-tracker.debian.org/tracker/CVE-2019-1010004 also
points to the commit that also fixed CVE-2017-18189.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-18 14:15:50 +02:00
Thomas Petazzoni e3a15862fb package/sox: annotate ignore CVE entries
Commit b6871f9d93 ("package/sox:
security bump to latest git commit") forgot to annotate the ignore CVE
entries, so let's do this.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-18 14:15:50 +02:00
Thomas Petazzoni 9c482f525a package/sox: add SOX_CPE_ID_VERSION
All ignore CVE entries of the sox package are considered stale because
SOX_VERSION is a Git commit and therefore the version matching logic
doesn't do the right thing.

This commit sets SOX_CPE_ID_VERSION to 14.4.2, which is the closest
upstream version on which we are based: our Git commit is 14.4.2 plus
a number of commits that fix a large number of CVEs.

Thanks to this change, the ignore CVE entries are no longer stale.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-18 14:15:50 +02:00
Thomas Petazzoni 107e935e1c package/ripgrep: drop stale ignore CVE entry
The ignore CVE entry was added because the vulnerability only affects
Windows. But it also only affected ripgrep versions < 13, and we're
using ripgrep 14.x now, so the CVE is anyway no longer relevant, and
the ignore CVE entry can be dropped.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-18 14:15:50 +02:00
Thomas Petazzoni 381ff2bf69 package/qt5/qt5base: drop stale ignore CVE entries, add CPE version
The qt5base was reported to have 2 stale ignore CVE entries, one not
stale. Turns out that because the version is a Git commit hash, the
version comparaison did not make a lot of sense.

This commit adds QT5BASE_CPE_ID_VERSION, assigned to the closest
upstream version that we package (the Git repo we fetch is 5.15.14
plus a number of fixes). With this done, all 3 ignore CVE entries are
stale because the vulnerabilities have been fixed prior to 5.15.14.

In addition, setting QT5BASE_CPE_ID_VERSION allows to reduce the
number of CVEs affecting qt5base from 20 to 8.

Cc: Roy Kollen Svendsen <roykollensvendsen@gmail.com>
Cc: Quentin Schulz <quentin.schulz@theobroma-systems.com>
Cc: Christian Hitz <christian.hitz@bbv.ch>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-18 14:15:50 +02:00
Thomas Petazzoni 4a3eab8341 package/netsnmp: drop stale ignore CVE entries
The 0001-snmp_agent-disallow-SET-with-NULL-varbind.patch patch has
been dropped as part of the bump from 5.9.3 to 5.9.4 in commit
1799cfebfd, which means 5.9.4 has the
security fix, and therefore the ignore CVE entry is no longer needed.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-18 14:15:50 +02:00
Thomas Petazzoni ae116161ac package/libssh: drop stale ignore CVE entry
CVE-2023-3603 has never affected any release, but NVD decided to
document it as affecting all versions up to 0.8.9. While this is
incorrect, we don't really care much, as we're now using 0.11 which
according to NVD is not affected, making our ignore CVE entry stale.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-18 14:15:50 +02:00
Thomas Petazzoni 38abba3703 package/libopenh264: drop stale ignore CVE entry
The NVD entry for CVE-2025-27091 was not correct, but thanks to having
been reported by Raphaël Mélotte, the issue has been fixed on May 6,
2025:

  https://nvd.nist.gov/vuln/detail/CVE-2025-27091#VulnChangeHistorySection

The ignore CVE entry is therefore stale and can be dropped.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-18 14:15:50 +02:00
Thomas Petazzoni 114784cb7b package/exim: update comment on CVE-2022-3559
We no longer have the patch fixing CVE-2022-3559 because we've updated
to a version of exim that includes it. However, the ignore CVE entry
is not stale because the NVD database is incorrect on this CVE. We
reported the issue to upstream NVD at:

  https://lore.kernel.org/buildroot/20250517183423.07951665@windsurf/

Let's document this above the ignore CVE entry.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-18 14:15:50 +02:00
Thomas Petazzoni 463e21fdcb package/exim: drop stale ignore CVE entry
The CVE-2022-3620 entry is not reported as affecting our exim package
by pkg-stats. Currently it's because the NVD entry is
incorrect (incorrect exim version), but we sent a bug report [1] to
the NVD database so that it gets updated. Once updated, pkg-stats
still won't report the CVE as affecting us because the issue has been
fixed in exim 4.97, and we're using a newer version.

[1] https://lore.kernel.org/buildroot/20250517183000.40b28b4d@windsurf/

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-18 14:15:50 +02:00
Thomas Petazzoni 3e03873ff1 package/dovecot: document why the ignore CVE entry is not stale
The new pkg-stats feature of stale ignore CVE entry detection reports
CVE-2022-30550 as stale, but it's not correct: the NVD database is
incorrect, and this has been reported in
https://lore.kernel.org/buildroot/20250517181815.02ce0393@windsurf/.

Let's annotate this information in dovecot.mk so that we don't wonder
why it's reported stale.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-18 14:15:50 +02:00
Thomas Petazzoni 1799aa7eb4 package/dnsmasq: drop stale IGNORE_CVES entries
The 0001-set-default-maximum-dns-udp-package-size.patch is no longer
in Buildroot since the bump to 2.90 in commit
213cfb3435, which renders the
CVE-2023-28450 ignore CVE entry no longer needed.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-18 14:15:50 +02:00
Thomas Petazzoni f88537c46b package/busybox: drop stale IGNORE_CVES entries
All of CVE-2023-42363, CVE-2023-42364, CVE-2023-42365, CVE-2023-42366
were fixed by patches that we no longer have since we bumped
Busybox. Those IGNORE_CVES entries are therefore no longer needed.

The CVE-2022-28391 ignore CVE entry is also reported as stale, but we
believe the NVD database is incorrect in saying this vulnerability
only affects Busybox up to 1.35.0. Indeed, Busybox 1.37.0 still
doesn't have the fixes and is therefore still affected.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-18 14:15:50 +02:00
Thomas Petazzoni 06afaf5347 boot/grub2: drop stale IGNORE_CVES entries
CVE-2020-15705 is only applicable to grub versions up to 2.04, and
we're using a more recent version, so it is no longer needed to ignore
it.

CVE-2021-46705 is only applicable to grub versions up to 2.06, and
we're using a more recent version, so it is no longer needed to ignore
it.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-18 14:15:50 +02:00
Gaël PORTAY 3271ce10f2 package/qt5/qt5webengine: use bundled jpeg-turbo for chromium
The configure flag -feature-webengine-system-jpeg[1] checks if a jpeg
library is in the sysroot.

It compiles a test file linked against the symbols jpeg_crop_scanline()
and jpeg_skip_scanlines()[2] that are specific to jpep-turbo.

As a consequence, the configure scripts fails if the libjpeg is selected
as the jpeg variant as the symbols mentionend above are not part of the
jpeg library installed in the sysroots.

	ERROR: Feature 'webengine-system-jpeg' was enabled, but the pre-condition 'config.unix && features.system-jpeg && libs.webengine-jpeglib' failed.

Additionally, see the log below, extracted from config.log:

        > /home/gportay/src/buildroot/output/host/bin/arm-buildroot-linux-gnueabihf-g++ -c -pipe -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -O2 -g0 -D_FORTIFY_SOURCE=1 -mtune=arm1176jzf-s -march=armv6 --sysroot=/home/gportay/src/buildroot/output/host/arm-buildroot-linux-gnueabihf/sysroot -w -fPIC  -I. -I/home/gportay/src/buildroot/output/host/mkspecs/devices/linux-buildroot-g++ -o main.o main.cpp
        > main.cpp: In function ‘int main(int, char**)’:
        > main.cpp:12:5: error: ‘jpeg_crop_scanline’ was not declared in this scope; did you mean ‘jpeg_write_scanlines’?
        >    12 |     jpeg_crop_scanline(nullptr, &dummy, &dummy);
        >       |     ^~~~~~~~~~~~~~~~~~
        >       |     jpeg_write_scanlines
        > main.cpp:13:5: error: ‘jpeg_skip_scanlines’ was not declared in this scope; did you mean ‘jpeg_write_scanlines’?
        >    13 |     jpeg_skip_scanlines(nullptr, dummy);
        >       |     ^~~~~~~~~~~~~~~~~~~
        >       |     jpeg_write_scanlines
        > make[1]: *** [Makefile:334: main.o] Error 1
        > make[1]: Leaving directory '/home/gportay/src/buildroot/output/build/qt5webengine-5.15.14/config.tests/webengine-jpeglib'

We could build some complicated logic to make sure what qt5webengine is
only used with jpeg-turbo. However, Chromium bundles jpeg-turbo[3][4]
and uses it if not using the system jpeg library or qt-jpeg[5]. It is
simpler to just always use that version instead of the system jpeg
library.

This sets the configure option -nofeature-webengine-system-jpeg and
removes jpeg from the dependencies.

Note that host-libjpeg and qt-jpeg (and therefore, system libjpeg or
jpeg-turbo) are still needed for the Qt integration layer, even if
chromium uses the bundled jpeg-turbo.

[1]: https://github.com/qt/qtwebengine/blob/v5.15.14-lts/src/buildtools/configure.json#L609-L613
[2]: https://github.com/qt/qtwebengine/blob/v5.15.14-lts/src/buildtools/configure.json#L95-L116
[3]: https://github.com/qt/qtwebengine-chromium/tree/18c9261dc5b8aa57a0bdd5b62ce6f648cca1ef5e/chromium/third_party/libjpeg_turbo
[4]: https://github.com/qt/qtwebengine-chromium/blob/18c9261dc5b8aa57a0bdd5b62ce6f648cca1ef5e/chromium/third_party/libjpeg.gni
[5]: https://github.com/qt/qtwebengine/blob/v5.15.14-lts/src/buildtools/configure.json#L614-618

Fixes:

	looking for library webengine-jpeglib
	Trying source 0 (type pkgConfig) of library webengine-jpeglib ...
	+ PKG_CONFIG_SYSROOT_DIR=/home/gportay/src/buildroot/output/host/arm-buildroot-linux-gnueabihf/sysroot PKG_CONFIG_LIBDIR=/home/gportay/src/buildroot/output/host/arm-buildroot-linux-gnueabihf/sysroot/usr/lib/pkgconfig:/home/gportay/src/buildroot/output/host/arm-buildroot-linux-gnueabihf/sysroot/usr/share/pkgconfig:/home/gportay/src/buildroot/output/host/arm-buildroot-linux-gnueabihf/sysroot/usr/lib/arm-buildroot-linux-gnueabihf/pkgconfig /home/gportay/src/buildroot/output/host/bin/pkg-config --exists --silence-errors libjpeg
	+ PKG_CONFIG_SYSROOT_DIR=/home/gportay/src/buildroot/output/host/arm-buildroot-linux-gnueabihf/sysroot PKG_CONFIG_LIBDIR=/home/gportay/src/buildroot/output/host/arm-buildroot-linux-gnueabihf/sysroot/usr/lib/pkgconfig:/home/gportay/src/buildroot/output/host/arm-buildroot-linux-gnueabihf/sysroot/usr/share/pkgconfig:/home/gportay/src/buildroot/output/host/arm-buildroot-linux-gnueabihf/sysroot/usr/lib/arm-buildroot-linux-gnueabihf/pkgconfig /home/gportay/src/buildroot/output/host/bin/pkg-config --modversion libjpeg
	> 9.6.0
	+ PKG_CONFIG_SYSROOT_DIR=/home/gportay/src/buildroot/output/host/arm-buildroot-linux-gnueabihf/sysroot PKG_CONFIG_LIBDIR=/home/gportay/src/buildroot/output/host/arm-buildroot-linux-gnueabihf/sysroot/usr/lib/pkgconfig:/home/gportay/src/buildroot/output/host/arm-buildroot-linux-gnueabihf/sysroot/usr/share/pkgconfig:/home/gportay/src/buildroot/output/host/arm-buildroot-linux-gnueabihf/sysroot/usr/lib/arm-buildroot-linux-gnueabihf/pkgconfig /home/gportay/src/buildroot/output/host/bin/pkg-config --libs-only-L libjpeg
	> -L/home/gportay/src/buildroot/output/host/arm-buildroot-linux-gnueabihf/sysroot/usr/lib
	+ PKG_CONFIG_SYSROOT_DIR=/home/gportay/src/buildroot/output/host/arm-buildroot-linux-gnueabihf/sysroot PKG_CONFIG_LIBDIR=/home/gportay/src/buildroot/output/host/arm-buildroot-linux-gnueabihf/sysroot/usr/lib/pkgconfig:/home/gportay/src/buildroot/output/host/arm-buildroot-linux-gnueabihf/sysroot/usr/share/pkgconfig:/home/gportay/src/buildroot/output/host/arm-buildroot-linux-gnueabihf/sysroot/usr/lib/arm-buildroot-linux-gnueabihf/pkgconfig /home/gportay/src/buildroot/output/host/bin/pkg-config --libs-only-l libjpeg
	> -ljpeg
	+ PKG_CONFIG_SYSROOT_DIR=/home/gportay/src/buildroot/output/host/arm-buildroot-linux-gnueabihf/sysroot PKG_CONFIG_LIBDIR=/home/gportay/src/buildroot/output/host/arm-buildroot-linux-gnueabihf/sysroot/usr/lib/pkgconfig:/home/gportay/src/buildroot/output/host/arm-buildroot-linux-gnueabihf/sysroot/usr/share/pkgconfig:/home/gportay/src/buildroot/output/host/arm-buildroot-linux-gnueabihf/sysroot/usr/lib/arm-buildroot-linux-gnueabihf/pkgconfig /home/gportay/src/buildroot/output/host/bin/pkg-config --cflags libjpeg
	> -I/home/gportay/src/buildroot/output/host/arm-buildroot-linux-gnueabihf/sysroot/usr/include
	+ cd /home/gportay/src/buildroot/output/build/qt5webengine-5.15.14/config.tests/webengine-jpeglib && PKG_CONFIG_SYSROOT_DIR=/home/gportay/src/buildroot/output/host/arm-buildroot-linux-gnueabihf/sysroot PKG_CONFIG_LIBDIR=/home/gportay/src/buildroot/output/host/arm-buildroot-linux-gnueabihf/sysroot/usr/lib/pkgconfig:/home/gportay/src/buildroot/output/host/arm-buildroot-linux-gnueabihf/sysroot/usr/share/pkgconfig:/home/gportay/src/buildroot/output/host/arm-buildroot-linux-gnueabihf/sysroot/usr/lib/arm-buildroot-linux-gnueabihf/pkgconfig /home/gportay/src/buildroot/output/host/bin/qmake "CONFIG -= qt debug_and_release app_bundle lib_bundle" "CONFIG += shared warn_off console single_arch" -early "CONFIG += cross_compile" 'QMAKE_USE += webengine-jpeglib' 'QMAKE_LIBS_WEBENGINE_JPEGLIB = -L/home/gportay/src/buildroot/output/host/arm-buildroot-linux-gnueabihf/sysroot/usr/lib -ljpeg' /home/gportay/src/buildroot/output/build/qt5webengine-5.15.14/config.tests/webengine-jpeglib
	+ cd /home/gportay/src/buildroot/output/build/qt5webengine-5.15.14/config.tests/webengine-jpeglib && MAKEFLAGS= make
	> make[1]: Entering directory '/home/gportay/src/buildroot/output/build/qt5webengine-5.15.14/config.tests/webengine-jpeglib'
	> /home/gportay/src/buildroot/output/host/bin/arm-buildroot-linux-gnueabihf-g++ -c -pipe -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -O2 -g0 -D_FORTIFY_SOURCE=1 -mtune=arm1176jzf-s -march=armv6 --sysroot=/home/gportay/src/buildroot/output/host/arm-buildroot-linux-gnueabihf/sysroot -w -fPIC  -I. -I/home/gportay/src/buildroot/output/host/mkspecs/devices/linux-buildroot-g++ -o main.o main.cpp
	> main.cpp: In function ‘int main(int, char**)’:
	> main.cpp:12:5: error: ‘jpeg_crop_scanline’ was not declared in this scope; did you mean ‘jpeg_write_scanlines’?
	>    12 |     jpeg_crop_scanline(nullptr, &dummy, &dummy);
	>       |     ^~~~~~~~~~~~~~~~~~
	>       |     jpeg_write_scanlines
	> main.cpp:13:5: error: ‘jpeg_skip_scanlines’ was not declared in this scope; did you mean ‘jpeg_write_scanlines’?
	>    13 |     jpeg_skip_scanlines(nullptr, dummy);
	>       |     ^~~~~~~~~~~~~~~~~~~
	>       |     jpeg_write_scanlines
	> make[1]: *** [Makefile:334: main.o] Error 1
	> make[1]: Leaving directory '/home/gportay/src/buildroot/output/build/qt5webengine-5.15.14/config.tests/webengine-jpeglib'
	 => source failed verification.
	Trying source 1 (type inline) of library webengine-jpeglib ...
	+ cd /home/gportay/src/buildroot/output/build/qt5webengine-5.15.14/config.tests/webengine-jpeglib && PKG_CONFIG_SYSROOT_DIR=/home/gportay/src/buildroot/output/host/arm-buildroot-linux-gnueabihf/sysroot PKG_CONFIG_LIBDIR=/home/gportay/src/buildroot/output/host/arm-buildroot-linux-gnueabihf/sysroot/usr/lib/pkgconfig:/home/gportay/src/buildroot/output/host/arm-buildroot-linux-gnueabihf/sysroot/usr/share/pkgconfig:/home/gportay/src/buildroot/output/host/arm-buildroot-linux-gnueabihf/sysroot/usr/lib/arm-buildroot-linux-gnueabihf/pkgconfig /home/gportay/src/buildroot/output/host/bin/qmake "CONFIG -= qt debug_and_release app_bundle lib_bundle" "CONFIG += shared warn_off console single_arch" -early "CONFIG += cross_compile" 'QMAKE_USE += webengine-jpeglib' 'QMAKE_LIBS_WEBENGINE_JPEGLIB = -ljpeg' /home/gportay/src/buildroot/output/build/qt5webengine-5.15.14/config.tests/webengine-jpeglib
	+ cd /home/gportay/src/buildroot/output/build/qt5webengine-5.15.14/config.tests/webengine-jpeglib && MAKEFLAGS= make clean && MAKEFLAGS= make
	> make[1]: Entering directory '/home/gportay/src/buildroot/output/build/qt5webengine-5.15.14/config.tests/webengine-jpeglib'
	> rm -f main.o
	> rm -f *~ core *.core
	> make[1]: Leaving directory '/home/gportay/src/buildroot/output/build/qt5webengine-5.15.14/config.tests/webengine-jpeglib'
	> make[1]: Entering directory '/home/gportay/src/buildroot/output/build/qt5webengine-5.15.14/config.tests/webengine-jpeglib'
	> /home/gportay/src/buildroot/output/host/bin/arm-buildroot-linux-gnueabihf-g++ -c -pipe -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -O2 -g0 -D_FORTIFY_SOURCE=1 -mtune=arm1176jzf-s -march=armv6 --sysroot=/home/gportay/src/buildroot/output/host/arm-buildroot-linux-gnueabihf/sysroot -w -fPIC  -I. -I/home/gportay/src/buildroot/output/host/mkspecs/devices/linux-buildroot-g++ -o main.o main.cpp
	> main.cpp: In function ‘int main(int, char**)’:
	> main.cpp:12:5: error: ‘jpeg_crop_scanline’ was not declared in this scope; did you mean ‘jpeg_write_scanlines’?
	>    12 |     jpeg_crop_scanline(nullptr, &dummy, &dummy);
	>       |     ^~~~~~~~~~~~~~~~~~
	>       |     jpeg_write_scanlines
	> main.cpp:13:5: error: ‘jpeg_skip_scanlines’ was not declared in this scope; did you mean ‘jpeg_write_scanlines’?
	>    13 |     jpeg_skip_scanlines(nullptr, dummy);
	>       |     ^~~~~~~~~~~~~~~~~~~
	>       |     jpeg_write_scanlines
	> make[1]: *** [Makefile:334: main.o] Error 1
	> make[1]: Leaving directory '/home/gportay/src/buildroot/output/build/qt5webengine-5.15.14/config.tests/webengine-jpeglib'
	 => source failed verification.
	test config.qtwebengine_buildtools.libraries.webengine-jpeglib FAILED

Signed-off-by: Gaël PORTAY <gael.portay@rtone.fr>
[Arnout: always use the bundled jpeg-turbo]
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-05-18 13:59:27 +02:00
Jon Henrik Bjørnstad 20f2b14b19 package/qbee-agent: bump version to 2024.50
Signed-off-by: Jon Henrik Bjørnstad <jonhenrik@qbee.io>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-05-18 13:56:00 +02:00
Kunihiko Hayashi 0b02091235 package/uboot-tools: remove absolute path of link source for fw_setenv
For portability reason, it isn't preferable to include an absolute path
in the link to fw_printenv which is in the same directory as fw_setenv.

Fixes: 42646265d5 ("package/uboot-tools: add fw_printenv to host uboot tools")
Signed-off-by: Kunihiko Hayashi <hayashi.kunihiko@socionext.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-05-18 13:55:19 +02:00
James Hilliard 6cce6d79d3 package/llvm-project: fix build with gcc 15
Adapt gentoo gcc patches from https://bugs.gentoo.org/939498 to fix
build with gcc 15.

The llvm project no longer maintains the llvm 15 branch.

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-18 12:14:56 +02:00
Peter Korsgaard 7acb00cc1a package/dhrystone: fix builds with GCC 15
GCC 15 defaults to -std=gnu23, which handles function declarations without
parameters differently from earlier C standards leading to compilation
errors:

dhry_1.c: In function ‘main’:
dhry_1.c:176:19: error: too many arguments to function ‘Func_2’; expected 0, have 2
  176 |     Bool_Glob = ! Func_2 (Str_1_Loc, Str_2_Loc);

https://gcc.gnu.org/gcc-15/porting_to.html#c23-fn-decls-without-parameters

As a workaround, force the build to use -std=gnu99 mode.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-18 11:53:18 +02:00
Peter Korsgaard 7b98e2ce2c package/flex: fix GCC 15.x build issue
Fixes:
https://autobuild.buildroot.net/results/924b1015d4b81385409ef00f1a14be3ca1959c8e/

As part of building flex for the target a few files are built for the host,
including a rpl_malloc() implementation containing a malloc() forward
declaration without any function parameters.

GCC 15 defaults to -std=gnu23, which handles function declarations without
parameters differently from earlier C standards leading to compilation
errors:

../lib/malloc.c:6:12: warning: conflicting types for built-in function 'malloc'; expected 'void *(long unsigned int)' [-Wbuiltin-declaration-mismatch]
    6 |      void *malloc ();
      |            ^~~~~~
../lib/malloc.c:5:1: note: 'malloc' is declared in header '<stdlib.h>'
    4 |      #include <sys/types.h>
  +++ |+#include <stdlib.h>
    5 |
../lib/malloc.c: In function 'rpl_malloc':
../lib/malloc.c:16:15: error: too many arguments to function 'malloc'; expected 0, have 1

https://gcc.gnu.org/gcc-15/porting_to.html#c23-fn-decls-without-parameters

Add a patch submitted upstream to correct the prototype.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-18 11:47:22 +02:00
Guillaume Chaye e240b889f1 support/download/dl-wrapper: add basic support for smb file download using curl
It allows to download files from smb share in buildroot packages.
Usage is specified in manual.

Signed-off-by: Guillaume Chaye <guillaume.chaye@zeetim.com>
[Peter: reword documentation]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-05-18 11:27:59 +02:00
Raphaël Mélotte 56ea5a0226 support/scripts/pkg-stats: add support for reporting stale CVE entries
The NVD database contains some CPEs that are wrongly not associated
with any version number. They are for example sometimes associated
with very old CVEs.
Those CPEs are annoying, because they pollute our pkg-stat CVE results
with CVE entries which actually don't affect us.

The proper way to solve it is, and should remain, to fix the NVD
database by reporting these issues. Having to deal with a lot of
CVEs/CPEs, the NVD database is however slow to be updated.

To reduce the noise in our pkg-stats results in the meantime, one
possibility is to add <PKG_IGNORE_CVES> entries for those CVEs.  This
however comes with the downside that even once the NVD database gets
fixed, those ignored entries risk remaining in Buildroot forever
because they are undetected.

This commit tries to address this downside by checking for and
reporting CVEs that are ignored in Buildroot, but where the
NVD reports our package version as unaffected. Those CVEs will appear
in the 'CVEs Ignored' column as '(stale)', and the cell will be
colored the same way warnings are. This should allow us to detect and
remove those entries.

It can be tested for example by adding the following variable to the
apache package (for a CVE that was recently fixed in the NVD database):
APACHE_IGNORE_CVES = CVE-1999-0236

Signed-off-by: Raphaël Mélotte <raphael.melotte@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-05-18 10:53:10 +02:00
James Hilliard 0b0662f02a package/libarchive: fix mbedtls 3 compatibility
Backport a patch fixing mbedtls 3 compatibility.

This broke in buildroot when mbedtls was bumped to 3.6.3.1 in
3481a9643f.

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-05-18 08:42:53 +02:00
Thomas Perale 57eb26837b package/bluez5_utils: fix build w/ HoG and w/o HID
When building the bluez5_utils package with HoG plugin without enabling
the HID plugin the following linker error would occur:

```
/workdir/instance-0/output-1/per-package/bluez5_utils/host/bin/../lib/gcc/x86_64-buildroot-linux-uclibc/13.3.0/../../../../x86_64-buildroot-linux-uclibc/bin/ld: profiles/input/bluetoothd-hog.o: in function `hog_disconnect':
hog.c:(.text.hog_disconnect+0x12): undefined reference to `input_get_userspace_hid'
collect2: error: ld returned 1 exit status
```

This patch adds two upstream commits that decouple both the HID
and the HoG plugin.

As a consequence of this patch the HID plugin can be compiled without
the HoG one as well but to keep the compatibility the same in buildroot
the selection of the HoG plugin is kept when selecting the HID plugin.

The error can be reproduced with the following defconfig

```
BR2_arm=y
BR2_cortex_a7=y
BR2_TOOLCHAIN_EXTERNAL=y
BR2_TOOLCHAIN_EXTERNAL_BOOTLIN=y
BR2_PACKAGE_BLUEZ5_UTILS=y
BR2_PACKAGE_BLUEZ5_UTILS_PLUGINS_HOG=y
```

Fixes: https://autobuild.buildroot.org/results/78e/78ed7664f3a2dd5858fd71bd63836c822c106cc0

Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-05-17 23:28:00 +02:00
Gaël PORTAY 7319e4af19 package/qt5webengine: add missing opus dependency
The package opus is selected but it is not listed in the dependencies.

This adds opus to QT5WEBENGINE_DEPENDENCIES.

Fixes:

	$ make qt5webengine
	(...)
	ERROR: Feature 'webengine-system-opus' was enabled, but the pre-condition 'config.unix && libs.webengine-opus' failed.

Signed-off-by: Gaël PORTAY <gael.portay@rtone.fr>
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-05-17 22:58:01 +02:00
Gaël PORTAY aa017484ea package/qt5webengine: fix no executable stack link issue on arm
TL;DR; This turns the configure flag -no-feature-webengine-noexecstack
to -feature-webengine-noexecstack to workaround a link issue on ARM
32-bit if chromium requests for an executable stack.

And now, the long story...

The configure flag -no-feature-webengine-noexecstack was introduced with
commit 675cbaf9aa (package/qt5/qt5webengine: bump to version 5.15.8).

That configure flag controls the feature webengine-noexecstack[1][2];
the -no-feature-webengine-noexecstack causes qmake to **NOT** append the
linker flags -Wl,-z,noexecstack[3] to QMAKE_LFLAGS.

It results in the linkage issue below on ARM 32-bit at the creation of
its Qt module, i.e. after qmake has built the chromium third party via
gn:

	ulimit -n 4096 && /home/gportay/src/buildroot/output/host/bin/arm-buildroot-linux-gnueabihf-g++ --sysroot=/home/gportay/src/buildroot/output/host/arm-buildroot-linux-gnueabihf/sysroot @/home/gportay/src/buildroot/output/build/qt5webengine-5.15.14/src/core/release/QtWebEngineCore_o.rsp -Wl,--start-group @/home/gportay/src/buildroot/output/build/qt5webengine-5.15.14/src/core/release/QtWebEngineCore_a.rsp -Wl,--end-group -Wl,--fatal-warnings -Wl,--build-id=sha1 -fPIC -Wl,-z,relro -Wl,-z,now -Wl,-z,defs -Wl,-O2 -Wl,--gc-sections --sysroot=/home/gportay/src/buildroot/output/host/arm-buildroot-linux-gnueabihf/sysroot --sysroot=/home/gportay/src/buildroot/output/host/arm-buildroot-linux-gnueabihf/sysroot -Wl,-O1 -Wl,--enable-new-dtags -Wl,-whole-archive -lqtwebenginecoreapi -Wl,-no-whole-archive -Wl,--no-undefined -Wl,--version-script,QtWebEngineCore.version -Wl,-O1 -Wl,--enable-new-dtags -shared -Wl,-soname,libQt5WebEngineCore.so.5 -o libQt5WebEngineCore.so.5.15.14   -latomic /home/gportay/src/buildroot/output/host/arm-buildroot-linux-gnueabihf/sysroot/usr/lib/libQt5Quick.so /home/gportay/src/buildroot/output/host/arm-buildroot-linux-gnueabihf/sysroot/usr/lib/libQt5Gui.so /home/gportay/src/buildroot/output/host/arm-buildroot-linux-gnueabihf/sysroot/usr/lib/libQt5QmlModels.so /home/gportay/src/buildroot/output/host/arm-buildroot-linux-gnueabihf/sysroot/usr/lib/libQt5WebChannel.so /home/gportay/src/buildroot/output/host/arm-buildroot-linux-gnueabihf/sysroot/usr/lib/libQt5Qml.so /home/gportay/src/buildroot/output/host/arm-buildroot-linux-gnueabihf/sysroot/usr/lib/libQt5Network.so /home/gportay/src/buildroot/output/host/arm-buildroot-linux-gnueabihf/sysroot/usr/lib/libQt5Core.so -lpthread -L/home/gportay/src/buildroot/output/host/arm-buildroot-linux-gnueabihf/sysroot/usr/lib -latomic -lGLESv2 -lpthread -ldl -lrt -lnss3 -lnssutil3 -lsmime3 -lplds4 -lplc4 -lnspr4 -levent -lresolv -ljpeg -lopus -lm -lz -lvpx -lpng16 -lwebp -lwebpmux -lwebpdemux -lfreetype -lexpat -lfontconfig -lharfbuzz-subset -lharfbuzz -lsnappy -lxml2 -lxslt -ldbus-1 -L/home/gportay/src/buildroot/output/build/qt5webengine-5.15.14/src/core/api/release -lGLESv2 -lrt -lpthread -ldl
	/home/gportay/src/buildroot/output/host/lib/gcc/arm-buildroot-linux-gnueabihf/13.3.0/../../../../arm-buildroot-linux-gnueabihf/bin/ld: warning: /home/gportay/src/buildroot/output/build/qt5webengine-5.15.14/src/core/release/obj/third_party/blink/renderer/platform/heap/asm/asm/SaveRegisters_arm.o: missing .note.GNU-stack section implies executable stack
	/home/gportay/src/buildroot/output/host/lib/gcc/arm-buildroot-linux-gnueabihf/13.3.0/../../../../arm-buildroot-linux-gnueabihf/bin/ld: NOTE: This behaviour is deprecated and will be removed in a future version of the linker
	collect2: error: ld returned 1 exit status

The link succeeds if the missing linker flags are appended manually to
the command-line:

	ulimit -n 4096 && /home/gportay/src/buildroot/output/host/bin/arm-buildroot-linux-gnueabihf-g++ --sysroot=/home/gportay/src/buildroot/output/host/arm-buildroot-linux-gnueabihf/sysroot @/home/gportay/src/buildroot/output/build/qt5webengine-5.15.14/src/core/release/QtWebEngineCore_o.rsp -Wl,--start-group @/home/gportay/src/buildroot/output/build/qt5webengine-5.15.14/src/core/release/QtWebEngineCore_a.rsp -Wl,--end-group -Wl,--fatal-warnings -Wl,--build-id=sha1 -fPIC -Wl,-z,relro -Wl,-z,now -Wl,-z,defs -Wl,-O2 -Wl,--gc-sections --sysroot=/home/gportay/src/buildroot/output/host/arm-buildroot-linux-gnueabihf/sysroot --sysroot=/home/gportay/src/buildroot/output/host/arm-buildroot-linux-gnueabihf/sysroot -Wl,-O1 -Wl,--enable-new-dtags -Wl,-whole-archive -lqtwebenginecoreapi -Wl,-no-whole-archive -Wl,--no-undefined -Wl,--version-script,QtWebEngineCore.version -Wl,-O1 -Wl,--enable-new-dtags -shared -Wl,-soname,libQt5WebEngineCore.so.5 -o libQt5WebEngineCore.so.5.15.14   -latomic /home/gportay/src/buildroot/output/host/arm-buildroot-linux-gnueabihf/sysroot/usr/lib/libQt5Quick.so /home/gportay/src/buildroot/output/host/arm-buildroot-linux-gnueabihf/sysroot/usr/lib/libQt5Gui.so /home/gportay/src/buildroot/output/host/arm-buildroot-linux-gnueabihf/sysroot/usr/lib/libQt5QmlModels.so /home/gportay/src/buildroot/output/host/arm-buildroot-linux-gnueabihf/sysroot/usr/lib/libQt5WebChannel.so /home/gportay/src/buildroot/output/host/arm-buildroot-linux-gnueabihf/sysroot/usr/lib/libQt5Qml.so /home/gportay/src/buildroot/output/host/arm-buildroot-linux-gnueabihf/sysroot/usr/lib/libQt5Network.so /home/gportay/src/buildroot/output/host/arm-buildroot-linux-gnueabihf/sysroot/usr/lib/libQt5Core.so -lpthread -L/home/gportay/src/buildroot/output/host/arm-buildroot-linux-gnueabihf/sysroot/usr/lib -latomic -lGLESv2 -lpthread -ldl -lrt -lnss3 -lnssutil3 -lsmime3 -lplds4 -lplc4 -lnspr4 -levent -lresolv -ljpeg -lopus -lvpx -lm -lpng16 -lwebp -lwebpmux -lwebpdemux -lfreetype -lexpat -lfontconfig -lharfbuzz-subset -lharfbuzz -lsnappy -lxml2 -lxslt -ldbus-1 -L/home/gportay/src/buildroot/output/build/qt5webengine-5.15.14/src/core/api/release -lGLESv2 -lrt -lpthread -ldl -Wl,-z,noexecstack && echo completed
	completed

Note: The configure flag is not forwarded to chromium in any manner; its
scope is limited to the Qt WebEngine module. That configure flag appears
to be a workaround if the does not assemble, compile and link the Elf
object correctly[4][5].

The linker flag -z noexecstack is responsible for marking the object as
not requiring an executable stack by adding the section .note.GNU-stack
in the Elf object.

The file SaveRegisters_arm.S is assembled from the command-line below;
there is no noexecstack flag set:

	/home/gportay/src/buildroot/output/host/bin/arm-buildroot-linux-gnueabihf-gcc -MMD -MF obj/third_party/blink/renderer/platform/heap/asm/asm/SaveRegisters_arm.o.d -DARM=1 -DUSE_UDEV -DUSE_AURA=1 -DUSE_NSS_CERTS=1 -DUSE_OZONE=1 -DOFFICIAL_BUILD -DTOOLKIT_QT -D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -DNO_UNWIND_TABLES -D__STDC_CONSTANT_MACROS -D__STDC_FORMAT_MACROS -DCR_SYSROOT_HASH=c2e54f675b83a61301dcdb22e8e7a2b85c01d58c -DNDEBUG -DNVALGRIND -DDYNAMIC_ANNOTATIONS_ENABLED=0 -Igen -I../../3rdparty/chromium -fPIC -fno-strict-aliasing --param=ssp-buffer-size=4 -fstack-protector -fno-unwind-tables -fno-asynchronous-unwind-tables -fPIC -pipe -pthread -std=gnu11 -march=armv7-a -mfloat-abi=hard -mtune=generic-armv7-a -mfpu=vfpv3-d16 -marm -g0 --sysroot=/home/gportay/src/buildroot/output/host/arm-buildroot-linux-gnueabihf/sysroot -c ../../3rdparty/chromium/third_party/blink/renderer/platform/heap/asm/SaveRegisters_arm.S -o obj/third_party/blink/renderer/platform/heap/asm/asm/SaveRegisters_arm.o

The GNU assembler supports the assembler flag -Wa,--{,no}execstack to
require, or not, an executable stack for the object to assemble.

The BUILD.gn does **NOT** set it for the assembler files of the blink
third-party; but it does it for boringssl[6] (see also the project file
CMakeLists.txt[7]).

See below what readelf says if the file is assembled manually with the
flag --noexecstack:

	$ /home/gportay/src/buildroot/output/host/bin/arm-buildroot-linux-gnueabihf-gcc -MMD -MF obj/third_party/blink/renderer/platform/heap/asm/asm/SaveRegisters_arm.o.d -DARM=1 -DUSE_UDEV -DUSE_AURA=1 -DUSE_NSS_CERTS=1 -DUSE_OZONE=1 -DOFFICIAL_BUILD -DTOOLKIT_QT -D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -DNO_UNWIND_TABLES -D__STDC_CONSTANT_MACROS -D__STDC_FORMAT_MACROS -DCR_SYSROOT_HASH=c2e54f675b83a61301dcdb22e8e7a2b85c01d58c -DNDEBUG -DNVALGRIND -DDYNAMIC_ANNOTATIONS_ENABLED=0 -Igen -I../../3rdparty/chromium -fPIC -fno-strict-aliasing --param=ssp-buffer-size=4 -fstack-protector -fno-unwind-tables -fno-asynchronous-unwind-tables -fPIC -pipe -pthread -std=gnu11 -march=armv7-a -mfloat-abi=hard -mtune=generic-armv7-a -mfpu=vfpv3-d16 -marm -g0 --sysroot=/home/gportay/src/buildroot/output/host/arm-buildroot-linux-gnueabihf/sysroot -c ../../3rdparty/chromium/third_party/blink/renderer/platform/heap/asm/SaveRegisters_arm.S -o obj/third_party/blink/renderer/platform/heap/asm/asm/SaveRegisters_arm.o -Wa,--noexecstack

	$ readelf -a /home/gportay/src/buildroot/output/build/qt5webengine-5.15.14/src/core/release/obj/third_party/blink/renderer/platform/heap/asm/asm/SaveRegisters_arm.o
	(...)
	Section Headers:
	  [Nr] Name              Type            Addr     Off    Size   ES Flg Lk Inf Al
	  (...)
	  [ 4] .note.GNU-stack   PROGBITS        00000000 000058 000000 00      0   0  1

The section the linker claims for is now part of the Elf object; and
qmake is now able to link its Qt WebEngine module.

Note: Alternatively, the patching the file SaveRegisters_arm.S to set
explicitly the section in the source file works as well (this reduces
the impact to the very single file causing the link issue):

	#if defined(__linux__) && defined(__ELF__)
	.section .note.GNU-stack,"",%progbits
	#endif

Instead of fixing directly the origin of the issue and setting the
missing assembler flag -Wa,--noexecstack to blink; this works around the
link issue by turning on the feature noexecstack to qtwebengine to force
qmake to link its module using the linker flag -Wl,-z,noexecstack.

[1]: https://github.com/qt/qtwebengine/blob/5.15.14/src/buildtools/configure.json#L353-L357
[2]: https://github.com/qt/qtwebengine/blob/5.15.14/src/buildtools/configure.json#L720-L724
[3]: https://github.com/qt/qtwebengine/blob/5.15.14/src/buildtools/config/linking.pri#L61-L62
[4]: https://github.com/qt/qtwebengine/commit/597359a16a798df3955404200f1fc6833a7425ab
[5]: https://codereview.qt-project.org/c/qt/qtwebengine/+/263545
[6]: https://github.com/qt/qtwebengine-chromium/blob/87-based/chromium/third_party/boringssl/src/util/BUILD.toplevel#L64
[7]: https://github.com/qt/qtwebengine-chromium/blob/87-based/chromium/third_party/boringssl/src/crypto/CMakeLists.txt#L33

Signed-off-by: Gaël PORTAY <gael.portay@rtone.fr>
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-05-17 22:58:00 +02:00
Julien Olivain cf63f1dc10 package/libdmtx: bump to version 0.7.8
For change log, see:
https://github.com/dmtx/libdmtx/compare/v0.7.7...v0.7.8

Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-05-17 22:36:24 +02:00
Julien Olivain 7bc90fa3eb package/blake3: bump version to 1.8.2
For release notes since 1.5.4, see:
https://github.com/BLAKE3-team/BLAKE3/releases

Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-05-17 22:36:03 +02:00
Thomas Devoogdt b34e0d27ab package/pkg-cmake.mk: force check_language(CXX) to be false when building w/o C+++
See the code snippet below, which typically is used to check if
C++ support can be enabled.

If we manually set CMAKE_CXX_COMPILER to /bin/false, then cmake
will assume that it's fine, without having a real check. Otherwise,
it will do a test run but somehow it falls back to /bin/c++, even
when cross-compiling. Fix that by setting CXX to /bin/false.

```cmake
include(CheckLanguage)
check_language(CXX)

if(CMAKE_CXX_COMPILER)
    enable_language(CXX)
endif()
```

Signed-off-by: Thomas Devoogdt <thomas@devoogdt.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-05-17 22:28:02 +02:00
Roy Kollen Svendsen 5c8e6bbe03 package/dlib: update links in description
Signed-off-by: Roy Kollen Svendsen <roykollensvendsen@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-05-17 21:57:53 +02:00
Roy Kollen Svendsen 9f212f3897 package/dlib: bump version to 19.24.9
Signed-off-by: Roy Kollen Svendsen <roykollensvendsen@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-05-17 21:57:11 +02:00
Julien Olivain b74e19a039 configs/freescale_t2080_qds_rdb: bump linux kernel to 6.12.27
Since commit [1] "package/binutils: make 2.43 the default version",
the freescale_t2080_qds_rdb_defconfig fails to build the Linux
kernel, with the error:

    arch/powerpc/boot/util.S: Assembler messages:
    arch/powerpc/boot/util.S:49: Error: junk at end of line, first unrecognized character is `0'
    arch/powerpc/boot/util.S:54: Error: syntax error; found `b', expected `,'
    arch/powerpc/boot/util.S:54: Error: junk at end of line: `b'

This commit fixes the issue by updating the Linux kernel to the latest
LTS version.

Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/9967089770

[1] https://gitlab.com/buildroot.org/buildroot/-/commit/360fd01de20eb42aa0e6b5e9f7b37eaa104c6fc9

Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-05-17 21:56:26 +02:00
Peter Korsgaard a8f53a907b package/postgresql: security bump to version 17.5
Fixes the following security issue:

CVE-2025-4207: PostgreSQL GB18030 encoding validation can read one byte past
end of allocation for text that fails validation

A buffer over-read in PostgreSQL GB18030 encoding validation allows a
database input provider to achieve temporary denial of service on platforms
where a 1-byte over-read can elicit process termination.  This affects the
database server and also libpq.

https://www.postgresql.org/about/news/postgresql-175-169-1513-1418-and-1321-released-3072/

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-17 21:07:20 +02:00
Maxime Leroy 9869bae0f9 package/grout: bump to 0.10.0 version
See the release note of the new version:
https://github.com/DPDK/grout/releases/tag/v0.10.0

Libcap is not needed anymore for this new version, thus dependencies has
been updated in consequence.

Signed-off-by: Maxime Leroy <maxime@leroys.fr>
Reviewed-by: Vincent Jardin <vjardin@free.fr>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-17 17:53:52 +02:00
Francois Perrad 9401eb80e7 configs/olimex_stmp157: switch to Bootlin glibc stable toolchain
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-05-17 17:50:19 +02:00
Francois Perrad 5aa36e173e configs/olimex_stmp157: bump Linux and U-Boot
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-05-17 17:50:19 +02:00
Bernd Kuhls fe9817b215 package/kodi-inputstream-adaptive: fix build with gcc-15.x
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-17 17:47:05 +02:00
Bernd Kuhls 2361673475 package/kodi-pvr-hts: fix build with gcc-15.x
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-17 17:47:05 +02:00
Felicitas Pojtinger a2356a9e0a package/go-bootstrap-stage1: fix builds on GCC 15
GCC 15 defaults to -std=gnu23, which adds the bool keyword, causing
conflicts with stage1:

https://gcc.gnu.org/gcc-15/porting_to.html#c23-new-keywords

As a workaround, force the build to use -std=gnu99 mode.

Signed-off-by: Felicitas Pojtinger <felicitas@pojtinger.com>
[Peter: extend commit message]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-05-17 17:33:18 +02:00
Raphaël Mélotte d0a7a46813 support/scripts/cve.py: remove unused each_product()
The last usage of each_product() was removed in commit
52ae092046 ("support/scripts/cve.py: use
the JSON data in 1.1 schema").

Since it's now unused, remove it.

Signed-off-by: Raphaël Mélotte <raphael.melotte@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-05-17 17:28:38 +02:00
James Hilliard 0c7087f2ee package/libwebsockets: fix cmake 4 compatibility
Add a patch fixing cmake 4 compatibility.

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-17 17:08:02 +02:00
James Hilliard 2722a8ad73 package/libubootenv: fix cmake 4 compatibility
Add a patch fixing cmake 4 compatibility.

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-17 17:06:32 +02:00
Yegor Yefremov dad998a807 package/lpac: new package
Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-05-17 17:01:42 +02:00
James Hilliard 236363b125 package/intel-mediadriver: fix cmake 4 compatibility
Add a patch fixing cmake 4 compatibility.

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-17 16:57:13 +02:00
James Hilliard 76a4a63612 package/intel-gmmlib: fix cmake 4 compatibility
Add a patch fixing cmake 4 compatibility.

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-17 16:57:13 +02:00
Thomas Petazzoni 745aa4d060 package/rpm: fix build issue with musl
Since the bump of rpm from 4.17.0 to 4.18.0 in Buildroot commit
4b4046e919, tools/rpmuncompress.c uses
basename() without including <libgen.h> which causes a build failure
with the musl C library:

tools/rpmuncompress.c: In function ‘doUntar’:
tools/rpmuncompress.c:100:30: error: implicit declaration of function ‘basename’ [-Wimplicit-function-declaration]
  100 |             const char *bn = basename(fn);
      |                              ^~~~~~~~
tools/rpmuncompress.c:100:30: error: initialization of ‘const char *’ from ‘int’ makes pointer from integer without a cast [-Wint-conversion]
make[4]: *** [Makefile:1082: tools/rpmuncompress.o] Error 1

This issue was not found by the autobuilders, but it can be reproduced
with:

BR2_arm=y
BR2_cortex_a9=y
BR2_ARM_ENABLE_VFP=y
BR2_TOOLCHAIN_EXTERNAL=y
BR2_TOOLCHAIN_EXTERNAL_BOOTLIN=y
BR2_TOOLCHAIN_EXTERNAL_BOOTLIN_ARMV7_EABIHF_MUSL_BLEEDING_EDGE=y
BR2_PACKAGE_LUA=y
BR2_PACKAGE_RPM=y

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-05-17 16:34:11 +02:00
Thomas Petazzoni 67e10ac898 package/rpm: backport fix for GCC 14.x
GCC 14.x brought some more strict checks on pointer types, causing a
build issue in the rpm package when python support is enabled. These
issues have been fixed upstream, initially because Clang >= 16 also
added similar stricter checks.

The build issue goes like this:

header-py.c:744:9: error: initialization of 'Py_hash_t (*)(PyObject *)' {aka 'int (*)(struct _object *)'} from incompatible pointer type 'long int (*)(PyObject *)' {aka 'long int (*)(struct _object *)'} [-Wincompatible-pointer-types]
  744 |         hdr_hash,                       /* tp_hash */
      |         ^~~~~~~~
header-py.c:744:9: note: (near initialization for 'hdr_Type.tp_hash')
make[3]: *** [Makefile:664: header-py.lo] Error 1
make[3]: *** Waiting for unfinished jobs....

It never happened in the autobuilders, but it can be reproduced with
the following configuration:

BR2_arm=y
BR2_cortex_a9=y
BR2_ARM_ENABLE_VFP=y
BR2_TOOLCHAIN_EXTERNAL=y
BR2_TOOLCHAIN_EXTERNAL_BOOTLIN=y
BR2_PACKAGE_LUA=y
BR2_PACKAGE_PYTHON3=y
BR2_PACKAGE_RPM=y

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-05-17 16:34:10 +02:00
Adam Duskett 6debbd693b package/mender-update-modules: enable docker, rpm, and script modules
Starting with mender 5.x, the docker, rpm and script modules provided by
the mender package now reside in the mender-update-modules repository.

Even though the mender package provided by Buildroot is not updated yet to 5.x,
it is best to enable the modules here to help facilitate the future update of
the mender package to 5.x, and to ensure that any future modifications or bug
fixes to these modules are easy to apply by simply bumping the upstream package
version.

Script is enabled by default to preserve the existing behavior of the mender
package.

Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-05-17 16:34:09 +02:00
Adam Duskett a474642fdc package/mender-update-modules: new package
Contains community supported Update Modules. An Update Module is an extension
to the Mender client for supporting a new type of software update, such as a
package manager, container, bootloader or even updates of nearby
microcontrollers. An Update Module can be tailored to a specific device or
environment (e.g. update a proprietary bootloader), or be more
general-purpose (e.g. install a set of .rpm packages.).

Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-05-17 16:34:09 +02:00
Adam Duskett 8c4a96e52f package/mender_x86_64_efi_defconfig: bump kernel to 6.12.28
linux.conf does not change after manually checking the output of
`make savedefconfig` in the kernel source directory.

Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-05-17 16:34:08 +02:00
Thomas Petazzoni 0d4ca3c5fe package/cdrkit: add patch to fix CMake 4.0 build issue
CMake 4.0 requires to have a cmake_minimum_required() in
CMakeLists.txt, which cdrkit doesn't have, so ths commit adds a patch
adding the missing statement. We have chosen version 3.18 because that
the oldest version that we expect is 3.18. From
package/cmake/Config.in.host:

  # The minimum system cmake version we expect if 3.18 as provided by
  # Debian bullseye, that we use in our reference build docker image.

The patch cannot be upstreamed, as cdrkit basically no longer has any
upstream.

Fixes:

  https://autobuild.buildroot.org/results/3412e47836b54928a55c12b46549d6307ab623e7/

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-17 16:27:38 +02:00
Dario Binacchi 981e3686fc boot/ti-k3-boot-firmware: bump to version 11.00.11
Release-notes:
https://git.ti.com/cgit/processor-firmware/ti-linux-firmware/tag/?h=11.00.11

Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Reviewed-by: Bryan Brattlof <bb@ti.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-17 16:14:35 +02:00
Bernd Kuhls db3324bae3 package/kodi-inputstream-adaptive: bump version to 21.5.14-Omega
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-05-17 16:04:41 +02:00
Gaël PORTAY 15cfdf4915 package/mesa3d: update vc4/v3d drivers help messages
This updates the VC4/V3D driver messages with the addition of the
current supported hardwares (VideoCore and Raspberry Pi).

Signed-off-by: Gaël PORTAY <gael.portay+rtone@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-17 16:03:24 +02:00
Gaël PORTAY 3f1f404b5c Revert "package/mesa3d: Gallium VC4 driver depends on NEON"
The Gallium VC4 driver does not require NEON[1]; Gallium V3D does. Also,
the Gallium VC4 driver supports the Raspberry Pi from 0 to 3[2].

        Mesa’s VC4 graphics driver supports multiple implementations of
        Broadcom’s VideoCore IV GPU. It is notably used in the Raspberry
        Pi 0 through Raspberry Pi 3 hardware, and the driver is included
        as an option as of the 2016-02-09 Raspbian release using
        raspi-config. On most other distributions such as Debian or
	Fedora, you need no configuration to enable the driver.

This reverts commit a5cdb54ed7.

That commit is superseded by 85c95e3614
that patches the sources to disable NEON via an option[3]; the sources
using NEON (tiling) are disabled if the CPU does not have that feature.
Thus, the VC4 driver compiles with toolchain without the NEON support
enabled as the one targetting the Raspberry Pi (ARMv6).

This removes the depends on BR2_ARM_CPU_HAS_NEON config since a meson
option disables NEON if the CPU does not support for it. It allows
building Gallium VC4 on Raspberry Pi, Raspberry Pi Zero and Compute
Module.

Note: kmscube with OpenGLES and Gallium/VC4 runs on Raspberry Pi B+ Rev
1.2.

	# uname -a
	Linux buildroot 6.12.20 #1 Fri Apr 25 02:54:03 CEST 2025 armv6l GNU/Linux

	# cat /sys/firmware/devicetree/base/model
	Raspberry Pi Model B Plus Rev 1.2#

	# dmesg
	(...)
	[   39.817806] rpi-gpiomem 20200000.gpiomem: window base 0x20200000 size 0x00001000
	[   39.837139] rpi-gpiomem 20200000.gpiomem: initialised 1 regions as /dev/gpiomem
	[   40.693845] Console: switching to colour dummy device 80x30
	[   40.717223] vc4-drm soc:gpu: bound 20400000.hvs (ops vc4_hvs_ops [vc4])
	[   40.793911] vc4-drm soc:gpu: bound 20400000.hvs (ops vc4_hvs_ops [vc4])
	[   40.824330] Registered IR keymap rc-cec
	[   40.828596] rc rc0: vc4-hdmi as /devices/platform/soc/20902000.hdmi/rc/rc0
	[   40.844139] input: vc4-hdmi as /devices/platform/soc/20902000.hdmi/rc/rc0/input0
	[   40.873434] input: vc4-hdmi HDMI Jack as /devices/platform/soc/20902000.hdmi/sound/card0/input1
	[   40.895848] vc4-drm soc:gpu: bound 20902000.hdmi (ops vc4_hdmi_ops [vc4])
	[   40.914034] vc4-drm soc:gpu: bound 20004000.txp (ops vc4_txp_ops [vc4])
	[   40.921843] vc4-drm soc:gpu: bound 20206000.pixelvalve (ops vc4_crtc_ops [vc4])
	[   40.943543] vc4-drm soc:gpu: bound 20207000.pixelvalve (ops vc4_crtc_ops [vc4])
	[   40.951969] vc4-drm soc:gpu: bound 20807000.pixelvalve (ops vc4_crtc_ops [vc4])
	[   40.983322] vc4-drm soc:gpu: bound 20c00000.v3d (ops vc4_v3d_ops [vc4])
	[   41.010210] [drm] Initialized vc4 0.0.0 for soc:gpu on minor 0
	[   41.151906] Console: switching to colour frame buffer device 240x67
	[   41.223414] vc4-drm soc:gpu: [drm] fb0: vc4drmfb frame buffer device

	# kmscube
	Using display 0x1f12530 with EGL version 1.4
	===================================
	EGL information:
	  version: "1.4"
	  vendor: "Mesa Project"
	  client extensions: "EGL_EXT_client_extensions EGL_EXT_device_base EGL_EXT_device_enumeration EGL_EXT_device_query EGL_EXT_platform_base EGL_KHR_client_get_all_proc_addresses EGL_KHR_debug EGL_EXT_platform_device EGL_EXT_explicit_device EGL_MESA_platform_gbm EGL_KHR_platform_gbm EGL_MESA_platform_surfaceless"
	  display extensions: "EGL_ANDROID_blob_cache EGL_ANDROID_native_fence_sync EGL_EXT_buffer_age EGL_EXT_image_dma_buf_import EGL_EXT_image_dma_buf_import_modifiers EGL_KHR_cl_event2 EGL_KHR_config_attribs EGL_KHR_context_flush_control EGL_KHR_create_context EGL_KHR_create_context_no_error EGL_KHR_fence_sync EGL_KHR_get_all_proc_addresses EGL_KHR_gl_colorspace EGL_KHR_gl_renderbuffer_image EGL_KHR_gl_texture_2D_image EGL_KHR_gl_texture_cubemap_image EGL_KHR_image EGL_KHR_image_base EGL_KHR_image_pixmap EGL_KHR_no_config_context EGL_KHR_reusable_sync EGL_KHR_surfaceless_context EGL_EXT_pixel_format_float EGL_KHR_wait_sync EGL_MESA_configless_context EGL_MESA_drm_image EGL_MESA_gl_interop EGL_MESA_image_dma_buf_export EGL_MESA_query_driver "
	===================================
	OpenGL ES 2.x information:
	  version: "OpenGL ES 2.0 Mesa 24.0.9"
	  shading language version: "OpenGL ES GLSL ES 1.0.16"
	  vendor: "Broadcom"
	  renderer: "VC4 V3D 2.1"
	  extensions: "GL_EXT_blend_minmax GL_EXT_multi_draw_arrays GL_EXT_texture_compression_s3tc GL_EXT_texture_compression_dxt1 GL_EXT_texture_format_BGRA8888 GL_OES_compressed_ETC1_RGB8_texture GL_OES_depth24 GL_OES_element_index_uint GL_OES_fbo_render_mipmap GL_OES_mapbuffer GL_OES_rgb8_rgba8 GL_OES_stencil8 GL_OES_texture_npot GL_OES_vertex_half_float GL_OES_EGL_image GL_OES_depth_texture GL_AMD_performance_monitor GL_OES_packed_depth_stencil GL_OES_get_program_binary GL_APPLE_texture_max_level GL_EXT_discard_framebuffer GL_EXT_read_format_bgra GL_NV_pack_subimage GL_NV_texture_barrier GL_EXT_frag_depth GL_NV_fbo_color_attachments GL_OES_EGL_image_external GL_OES_EGL_sync GL_OES_vertex_array_object GL_ANGLE_pack_reverse_row_order GL_ANGLE_texture_compression_dxt3 GL_ANGLE_texture_compression_dxt5 GL_EXT_unpack_subimage GL_NV_draw_buffers GL_NV_read_buffer GL_NV_read_depth GL_NV_read_depth_stencil GL_NV_read_stencil GL_APPLE_sync GL_EXT_draw_buffers GL_EXT_map_buffer_range GL_KHR_debug GL_KHR_texture_compression_astc_ldr GL_NV_generate_mipmap_sRGB GL_NV_pixel_buffer_object GL_OES_required_internalformat GL_OES_surfaceless_context GL_EXT_debug_label GL_EXT_separate_shader_objects GL_EXT_compressed_ETC1_RGB8_sub_texture GL_EXT_draw_elements_base_vertex GL_EXT_texture_border_clamp GL_KHR_context_flush_control GL_OES_draw_elements_base_vertex GL_OES_texture_border_clamp GL_KHR_no_error GL_KHR_texture_compression_astc_sliced_3d GL_EXT_texture_compression_s3tc_srgb GL_KHR_parallel_shader_compile GL_MESA_tile_raster_order GL_MESA_sampler_objects GL_MESA_bgra "
	===================================
	Rendered 120 frames in 2.000020 sec (59.999400 fps)

[1]: https://gitlab.freedesktop.org/mesa/mesa/-/commit/932ed9c00b99e6ec92146ec9e820f546cf3e6551
[2]: https://docs.mesa3d.org/drivers/vc4.html
[3]: https://gitlab.freedesktop.org/mesa/mesa/-/merge_requests/4114

Signed-off-by: Gaël PORTAY <gael.portay+rtone@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-17 16:03:21 +02:00
Francois Dugast 600e75b606 package/mesa3d: remove depends on architecture for Iris/Vulkan
This dependency systematically applied with integrated GPUs but no longer
with discrete GPUs, so remove it.

Signed-off-by: Francois Dugast <francois.dugast.foss@gmail.com>
[Julien: fix conflicts after mesa3d bump in commit 317260f]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-17 15:48:50 +02:00
Peter Korsgaard 73ff421159 package/sdl2: bump version to 2.32.6
Bugfix release, fixing various minor issues:
https://github.com/libsdl-org/SDL/releases/tag/release-2.32.4
https://github.com/libsdl-org/SDL/releases/tag/release-2.32.6

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-17 15:37:41 +02:00
Julien Olivain 763971cfe3 package/libqrencode: fix the _SITE package download url
The qrencode release archive is no longer distributed at [1].
This url now shows a HTTP/404 not found error.

The qrencode homepage [2] states:
"You can download the source packages at Releases[3] page at GitHub."

This commit updates the package download url to use github. The github
archive is not the same as the old release archive: it does not
contain the autotools configure script. For this reason, the hash
archive is updated and "_AUTORECONF = YES" is also added.

This commit also fixes the zbar runtime test [4] which is using
libqrencode to generate a qrcode to test zbar.

Fixes: [4]

[1] http://fukuchi.org/works/qrencode/qrencode-4.1.1.tar.gz
[2] https://fukuchi.org/en/works/qrencode/
[3] https://github.com/fukuchi/libqrencode/releases
[4] https://gitlab.com/buildroot.org/buildroot/-/jobs/9774022888

Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-05-17 13:00:23 +02:00
Julien Olivain 564ae5e1ca package/libqrencode: update Config.in homepage url
The old home page url [1] redirects to https, and points to the
japanese version of the site.

The commit updates this url to the https english version of the
site [2].

[1] http://fukuchi.org/works/qrencode/index.html
[2] https://fukuchi.org/en/works/qrencode/

Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-05-17 13:00:09 +02:00
Julien Olivain 4672e18ca1 package/octave: bump to version 10.1.0
See release note:
https://octave.org/NEWS-10.html

GNU Octave now requires a C++17 compiler. This change is reflected in
the Config.in dependencies.

Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-05-17 12:48:53 +02:00
Michael Trimarchi 97ac89eb11 board/bsh/imx8mn-bsh-smm-s2: erase the entire NAND chip
If an attempt is made to create a UBI volume and it already exists, the
operation fails. Therefore, before requesting the creation of a UBI
volume, we erase the entire NAND to ensure that no errors occur.

Signed-off-by: Michael Trimarchi <michael@amarulasolutions.com>
Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-05-17 12:46:17 +02:00
Kadambini Nema 9024d3faa8 package/libuv: bump to version 1.51.0
Release notes:
https://github.com/libuv/libuv/releases/tag/v1.51.0

There's no newer release of uvw, and the current version of uvw
continues to build with libuv 1.51.0.

Signed-off-by: Kadambini Nema <kadambini.nema@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-05-17 12:45:23 +02:00
Andreas Ziegler 9d4b7116cf package/mpd: update CPE/CVE information
Since 01/2023, MPD has an entry in the NIST database [1].

Add vendor amd product IDs [2] to mpd.mk and remove the now
obsolete IGNORE_CVES entry.

[1] https://nvd.nist.gov/vuln/detail/CVE-2022-46449
[2] https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=musicpd

Signed-off-by: Andreas Ziegler <br015@umbiko.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-05-17 12:41:52 +02:00
Bernd Kuhls 317260f336 package/{mesa3d, mesa3d-headers}: bump version to 25.0.6
Release notes:
https://lists.freedesktop.org/archives/mesa-announce/2024-May/000762.html
https://lists.freedesktop.org/archives/mesa-announce/2024-June/000763.html
https://lists.freedesktop.org/archives/mesa-announce/2024-June/000765.html
https://lists.freedesktop.org/archives/mesa-announce/2024-July/000766.html
https://lists.freedesktop.org/archives/mesa-announce/2024-July/000767.html
https://lists.freedesktop.org/archives/mesa-announce/2024-July/000771.html
https://lists.freedesktop.org/archives/mesa-announce/2024-August/000773.html
https://lists.freedesktop.org/archives/mesa-announce/2024-August/000776.html
https://lists.freedesktop.org/archives/mesa-announce/2024-September/000778.html
https://lists.freedesktop.org/archives/mesa-announce/2024-September/000779.html
https://lists.freedesktop.org/archives/mesa-announce/2024-October/000780.html
https://lists.freedesktop.org/archives/mesa-announce/2024-October/000781.html
https://lists.freedesktop.org/archives/mesa-announce/2024-October/000782.html
https://lists.freedesktop.org/archives/mesa-announce/2024-November/000784.html
https://lists.freedesktop.org/archives/mesa-announce/2024-November/000786.html
https://lists.freedesktop.org/archives/mesa-announce/2024-December/000788.html
https://docs.mesa3d.org/relnotes/24.3.2.html
https://docs.mesa3d.org/relnotes/24.3.3.html
https://docs.mesa3d.org/relnotes/24.3.4.html
https://lists.freedesktop.org/archives/mesa-announce/2025-February/000793.html
https://lists.freedesktop.org/archives/mesa-announce/2025-March/000794.html
https://lists.freedesktop.org/archives/mesa-announce/2025-March/000795.html
https://lists.freedesktop.org/archives/mesa-announce/2025-April/000796.html
https://lists.freedesktop.org/archives/mesa-announce/2025-April/000798.html
https://lists.freedesktop.org/archives/mesa-announce/2025-April/000801.html
https://lists.freedesktop.org/archives/mesa-announce/2025-May/000803.html
------------------------------------------------------------------------
Changes needed for the bump to 24.1.x:

Added dependency to llvm & Co. for iris driver due to upstream commit:
https://cgit.freedesktop.org/mesa/mesa/commit/meson.build?h=24.1&id=a512c2a8b572c5da360873320dbbd343c6223cd6

Added host version of mesa tool intel_clc needed for target build of the
iris driver.

Added dependency to host-python-pycparser for etnaviv driver due to
upstream commit:
https://cgit.freedesktop.org/mesa/mesa/commit/src/etnaviv/hwdb/meson.build?h=24.1&id=2192e620bb0c68b75ff45165d0b117c7ecb77268

Added dependency to host-python-ply for intel vulkan driver due to
upstream commit:
https://cgit.freedesktop.org/mesa/mesa/commit/src/intel/vulkan/grl/meson.build?h=24.1&id=dc1aedef2bd054884685ad971a3ef5be07ecd101

Although this dependency exists since mesa3d 22.3 it is only needed when
intel-clc is enabled, this dependency is added with this patch so no need
to backport this dependency to older buildroot trees.

Update configure parameter of glvnd option due to upstream commit:
https://cgit.freedesktop.org/mesa/mesa/commit/meson.build?h=24.1&id=4f25b84b2460524d375424a81b42faa4d99c8e60
------------------------------------------------------------------------
Changes needed for the bump to 24.2.x:

Added dependency to host-python-pyyaml to host and target build, needed
due to upstream commit
https://gitlab.freedesktop.org/mesa/mesa/-/commit/a3813327575e8875c8c3ed24b5f45a0b7ba64446

Rebased patch 0002 due to upstream commit:
https://cgit.freedesktop.org/mesa/mesa/commit/src/gallium/drivers/vc4/meson.build?h=24.2&id=da70827656757cd070faac7aff5ca057f1e7fb8a

Renamed BR2_PACKAGE_MESA3D_GALLIUM_DRIVER_SWRAST to
BR2_PACKAGE_MESA3D_GALLIUM_DRIVER_SOFTPIPE (also updated tests) and
added new option BR2_PACKAGE_MESA3D_GALLIUM_DRIVER_LLVMPIPE due to
upstream commit
https://gitlab.freedesktop.org/mesa/mesa/-/commit/010b2f9497ab256d9e8041207902948331af5b4b
"gallium/meson: Deconflate swrast/softpipe/llvmpipe"

Also, the test_glxinfo.py now needs GBM to work. Since GBM depends
on EGL (which also selects GBM), this commit adds
BR2_PACKAGE_MESA3D_OPENGL_EGL=y to this glxinfo runtime test config.

Without this, glxinfo fails with an error such as:

    Error: couldn't find RGB GLX visual or fbconfig

This is related to upstream cleanups such as:
https://gitlab.freedesktop.org/mesa/mesa/-/commit/93511c1c5c5fb60166c806d417e4b4378bf1fb31

Thanks to El Mehdi YOUNES <elmehdi.younes@smile.fr> for pointing
that out.
------------------------------------------------------------------------
Changes needed for the bump to 24.3.x:

Rebased patch 0002 again due to upstream commit:
https://gitlab.freedesktop.org/mesa/mesa/-/commit/25ba90fd888cef431c2098c8afdb0a2bbd34b303

Removed dri3 configure option:
https://gitlab.freedesktop.org/mesa/mesa/-/commit/8f6fca89aa1812b03da6d9f7fac3966955abc41e

Removed gallium-omx configure option:
https://gitlab.freedesktop.org/mesa/mesa/-/commit/9b6c27a320ab4b0fcf1fb16220ae7c3d3f06f7df

Removed gallium kmsro configure option:
https://gitlab.freedesktop.org/mesa/mesa/-/commit/89863a050bea429d9574a307bc28953bb60accaf
https://gitlab.freedesktop.org/mesa/mesa/-/commit/70813c1c13b99cb029c8fa3537163650bdd17b6d
No legacy option needed due to automatic handling by the mesa build
system: "Automatically include it if we're building with a driver that
depends on it, and don't include it if we're not."
------------------------------------------------------------------------
Changes needed for the bump to 25.0.x:

Rebased patch 0001, added license files and updated license hash
due to upstream commits which restructured the license files:
https://gitlab.freedesktop.org/mesa/mesa/-/commit/69849bc4d1dd3cb9e9dd5d83b2ff63b8b4edce9b#e672208340b30f973cdab11421f1c91b39d5c02e
https://gitlab.freedesktop.org/mesa/mesa/-/commit/c22d640fe94f6390068f79475fb6b2c45bb2557b

Removed configure option opencl-spirv due to upstream commit:
https://gitlab.freedesktop.org/mesa/mesa/-/commit/80c4ffb61a91ed252d45e38a96e893cec0771940

Updated configure options for host-build clc which was also renamed from
intel_clc to mesa_clc, added host version of vtn_bindgen:
https://gitlab.freedesktop.org/mesa/mesa/-/merge_requests/32719
https://gitlab.freedesktop.org/mesa/mesa/-/commit/13fe5a597bb8ededaa7c1c83f3b64c4e90315618
https://gitlab.freedesktop.org/mesa/mesa/-/commit/5ddeea9a62f720e9fd3a6e5c76f74ef6e8b1fdf8

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
[Julien: add BR2_PACKAGE_MESA3D_OPENGL_EGL=y to test_glxinfo config to
  fix the runtime test]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-17 12:39:37 +02:00
Bernd Kuhls b08bc5b9e9 package/spirv-tools: add host variant
Needed for mesa3d bump to 24.1.0.

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-17 12:39:37 +02:00
Romain Naour 58f9c7b83c package/spirv-llvm-translator: add target variant to provide LLVMSPIRVLib
This target version is needed for Rusticl which is an LLVM based OpenCL
framework[1]. Rusticl allow programs to compile OpenCL C/C++ code
at runtime with Clang. Clang generates LLVM IR which is translated into
SPIR-V by spirv-llvm-translator. Finally, mesa can use its internal
tools to manage SPIR-V.

[1]: https://docs.mesa3d.org/rusticl.html

Signed-off-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Sebastian Weyer <sebastian.weyer@smile.fr>
Signed-off-by: Antoine Coutant <antoine.coutant@smile.fr>
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-17 12:39:37 +02:00
Bernd Kuhls 8b5dd49c5b package/llvm-project/libclc: add host variant
Needed for mesa3d bump to 24.1.0.

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-17 12:39:37 +02:00
Bernd Kuhls 4890415aa9 package/libdrm: add host variant
host-libdrm is needed by host-mesa3d (introduced by this patch series),
which is needed by (target) mesa3d, when enabling the Gallium Iris
driver since version 24.1.0.

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-17 12:39:37 +02:00
James Hilliard 9aa966863f package/llvm-project: bump to version 15.0.7
For release notes since 15.0.3, see:
https://discourse.llvm.org/t/llvm-15-0-4-released/66337
https://discourse.llvm.org/t/llvm-15-0-5-release/66616
https://discourse.llvm.org/t/llvm-15-0-6-released/66899
https://discourse.llvm.org/t/llvm-15-0-7-release/67638

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
[Julien: add links to release notes]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-17 12:39:37 +02:00
Giulio Benetti d0fe20e891 package/libfuse3: fix build failure with no NPTL
Since the bump of libfuse3 from 3.16.2 to 3.17.1 in Buildroot commit
a4430578ae, libfuse3 uses
pthread_setname_np() which is only available with NPTL.

Some initial fixes were made upstream, but are insufficient to fully
fix the problem, so this commit brings additional upstream patches
fixing the issue completely.

Fixes:

  https://autobuild.buildroot.net/results/f3cfaa8ed63483858ffa32b719ea4be68ba6c4f3/

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-05-17 12:37:16 +02:00
Thomas Petazzoni 0bae9b29cd package/nodejs: add BR2_PACKAGE_HAS_NODEJS
Commit ccf3536fcb ("package/nodejs: make
target nodejs package virtual") forgot to introduce the
BR2_PACKAGE_HAS_<foo> boolean option matching the newly introduced
virtual package, causing check package warnings.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-05-17 12:22:48 +02:00
Giulio Benetti 4333f4d921 package/wilc-driver: fix build with Linux 6.13
Add local patch pending upstream to fix build with Linux 6.13

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-05-17 11:54:13 +02:00
Thomas Perale ccf3536fcb package/nodejs: make target nodejs package virtual
Since commit [1], the host-nodejs package was turned into a virtual
package. However, the target nodejs package was intentionally not
turned into a virtual package and became an empty package.
The reason for this is:

  - No alternatives providers were introduced for the target nodejs
    package.
  - The Config.in remained unchaged for the target package.

As a result, running `make show-info` with a config that includes the
target nodejs package, outputs an entry for the empty package:

```
"nodejs": {
    "type": "target",
    "name": "nodejs",
    "virtual": false,
    "version": "",
    ...
    "cpe-id": "cpe:2.3:a:nodejs:node.js::*:*:*:*:*:*:*"
},
```

This can be an issue because the CPE ID of the empty nodejs package
is the following `cpe:2.3:a:nodejs:node.js::*:*:*:*:*:*:*`.
Reporting such a CPE ID can be an issue for certain software that consume
the SBOM and could be interpreted as CPE that matches with every versions
of the package.

This patch converts the target nodejs package into a virtual package to
prevents the empty package from being included in the SBOM.

[1] 4cbc2af604 package/nodejs: rename to nodejs-src and convert to virtual package

Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Tested-by: johan.derycke@barco.com
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-05-17 11:54:03 +02:00
James Hilliard 973a952750 package/jpeg-turbo: bump to version 3.1.0
Migrate from old sourceforge download location to github.

License hash changed due to year update:
https://github.com/libjpeg-turbo/libjpeg-turbo/commit/a927b489e22dffa309f3f617005c0cebaf8fc00c

Readme hash changed due to various minor tweaks:
https://github.com/libjpeg-turbo/libjpeg-turbo/commit/94c64ead85b4af254df089f16c10253598b0705e

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-05-17 11:46:14 +02:00
Thomas Petazzoni 32df543fa3 package/ffmpeg: bump to latest commit in 6.1.x branch
Version 6.1.2 of ffmpeg fails to build with GCC 14.x due to the V4L2
ioctl code:

libavdevice/v4l2.c:137:17: error: assignment to ‘int (*)(int,  long unsigned int, ...)’ from incompatible pointer type ‘int (*)(int,  int, ...)’ [-W
incompatible-pointer-types]
  137 |     s->ioctl_f  = prefix ## ioctl;      \
      |                 ^
libavdevice/v4l2.c:151:9: note: in expansion of macro ‘SET_WRAPPERS’
  151 |         SET_WRAPPERS();
      |         ^~~~~~~~~~~~

This has been fixed upstream in the release/6.1 branch, which has 27
fixes on top of 6.1.2. The commits necessary to fix our issue are:

f71076c009f84917e7a0f2f1ece86b718de2d8d3 configure: improve check for POSIX ioctl
60593d6c06c9b610359bd6af26a268feff1293eb configure: restore autodetection of v4l2 and fbdev

However, since all other commits are fixes, we believe bumping to the
latest commit in the release/6.1 branch is a better idea.

This allows to drop
0008-libavcodec-arm-mlpdsp_armv5te-fix-label-format-to-wo.patch, which
is upstream as of:

4c688845a50f7dce3af9afebe60f0f7a493c4f07 libavcodec/arm/mlpdsp_armv5te: fix label format to work with binutils 2.43

Note that we set FFMPEG_CPE_ID_VERSION to get proper CVE matching even
with FFMPEG_VERSION being set to n6.1.2-27-ge16ff06adb. One who have
ideally set FFMPEG_VERSION to n$(FFMPEG_CPE_ID_VERSION)-ge16ff06adb,
but that makes check-package unhappy with:

WARNING: package/ffmpeg/ffmpeg.mk:7: expecting package version to be set before CPE_ID_VERSION

Fixes:

  https://autobuild.buildroot.net/results/fe1574443acd50ca7e576bb4beb24467be1713e3/

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-05-17 11:38:19 +02:00
Thomas Petazzoni fe783b16b3 package/qt6/qt6multimedia: ffmpeg support needs headers >= 5.2
The V4L2 code in the ffmpeg plugin uses V4L2_PIX_FMT_BGRA32 which was
only introduced in kernel headers 5.2, in upstream kernel commit
e25ec9141114c7124eeba09385e272dd76fbe617.

Fixes:

/home/thomas/buildroot/buildroot/outputs/qt/build/qt6multimedia-6.8.1/src/plugins/multimedia/ffmpeg/qv4l2camera.cpp:36:43: error: ‘V4L2_PIX_FMT_BGRA
32’ was not declared in this scope; did you mean ‘V4L2_PIX_FMT_BGR32’?
   36 |     { QVideoFrameFormat::Format_BGRA8888, V4L2_PIX_FMT_BGRA32  },
      |                                           ^~~~~~~~~~~~~~~~~~~
      |                                           V4L2_PIX_FMT_BGR32

when building:

 BR2_arm=y
 BR2_cortex_a9=y
 BR2_ARM_ENABLE_VFP=y
 BR2_TOOLCHAIN_EXTERNAL=y
 BR2_TOOLCHAIN_EXTERNAL_BOOTLIN=y
 BR2_TOOLCHAIN_EXTERNAL_BOOTLIN_ARMV7_EABIHF_MUSL_STABLE=y
 BR2_PACKAGE_QT6=y
 BR2_PACKAGE_QT6BASE_XCB=y
 BR2_PACKAGE_QT6MULTIMEDIA=y
 BR2_PACKAGE_QT6MULTIMEDIA_FFMPEG=y
 BR2_PACKAGE_XORG7=y

at a time when the Bootlin stable toolchain was using Linux 4.19
headers.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-05-17 11:38:17 +02:00
Roy Kollen Svendsen 04d1ee0105 package/qt6/qt6multimedia: fix ffmpeg plugin build for x11
The following defconfig:

BR2_arm=y
BR2_cortex_a9=y
BR2_ARM_ENABLE_VFP=y
BR2_TOOLCHAIN_EXTERNAL=y
BR2_TOOLCHAIN_EXTERNAL_BOOTLIN=y
BR2_TOOLCHAIN_EXTERNAL_BOOTLIN_ARMV7_EABIHF_MUSL_STABLE=y
BR2_PACKAGE_QT6=y
BR2_PACKAGE_QT6BASE_XCB=y
BR2_PACKAGE_QT6MULTIMEDIA=y
BR2_PACKAGE_QT6MULTIMEDIA_FFMPEG=y
BR2_PACKAGE_XORG7=y

would fail to build, due to <X11/extensions/Xext.h> being not found,
and then <X11/extensions/Xrandr.h> being not found. Fix that up by
introducing the necessary dependencies.

There are no build failures reported for qt6multimedia in the
autobuilders, so there is no reference to a build failure.

Signed-off-by: Roy Kollen Svendsen <roykollensvendsen@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-05-17 11:38:16 +02:00
Roy Kollen Svendsen adff0d37ba package/qt6/qt6base: fix build when xcb support is enabled
Fixes:
ERROR: Feature "xcb": Forcing to "ON" breaks its condition:
QT_FEATURE_thread AND TARGET XCB::XCB AND TEST_xcb_syslibs AND QT_FEATURE_xkbcommon_x11
Condition values dump:
QT_FEATURE_thread = "ON"
TARGET XCB::XCB found
TEST_xcb_syslibs = "FALSE"
QT_FEATURE_xkbcommon_x11 not evaluated

The xcb feature is defined in [2].

According to [1] XCB::CURSOR is needed for xcb support.

[1] https://code.qt.io/cgit/qt/qtbase.git/tree/src/gui/configure.cmake?h=6.9.0#n522
[2] https://code.qt.io/cgit/qt/qtbase.git/tree/src/gui/configure.cmake?h=6.9.0#n1016

This bug was introduced in e634be8906,
and fixes the build with the following defconfig:

 BR2_arm=y
 BR2_cortex_a9=y
 BR2_ARM_ENABLE_VFP=y
 BR2_TOOLCHAIN_EXTERNAL=y
 BR2_TOOLCHAIN_EXTERNAL_BOOTLIN=y
 BR2_TOOLCHAIN_EXTERNAL_BOOTLIN_ARMV7_EABIHF_MUSL_STABLE=y
 BR2_PACKAGE_QT6=y
 BR2_PACKAGE_QT6BASE_GUI=y
 BR2_PACKAGE_QT6BASE_XCB=y
 BR2_PACKAGE_XORG7=y

Signed-off-by: Roy Kollen Svendsen <roykollensvendsen@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-05-17 11:38:14 +02:00
Peter Korsgaard 4cca0f30f2 package/pkg-autotools.mk: LIBTOOL_PATCH_HOOK: also handle libtool 2.5.x
Fixes:
https://autobuild.buildroot.org/results/ac60d29fbcd9fb8ddb21b76b3b185e45e580c006/

Libtool 2.5.x has been released and is starting to be used by upstreams when
generating release tarballs (E.G. openvpn-2.6.14).

https://lists.gnu.org/archive/html/autotools-announce/2024-09/msg00000.html

It needs to be patched similar to earlier versions, and the existing v2.4.4
patch luckily still applies, so extend LIBTOOL_PATCH_HOOK to also patch
2.5.x versions with that.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Tested-by: Bernd Kuhls <bernd@kuhls.net>
[fixes build of openvpn-2.6.14]
2025-05-17 11:33:28 +02:00
Arnout Vandecappelle 1026abbcf9 docs/manual/adding-packages-tips.adoc: add section about private repositories
Buildroot packaging pretty much assumes that the sources it downloads
are publicly available. In general, however, Buildroot is also used to
download sources from private repositories. Nowadays, that mostly means
from a github or gitlab instance.

Although git-over-ssh can be used for that, this poses a problem for CI,
because the CI runners integrated with github and gitlab only have
access to the repository itself, not to other private repositories. And
creating ssh key pairs for CI runners is tricky.

Therefore, document how standard tools can be used to make private
repositories available both to developers and to CI. There are quite a
few alternative approaches possible, but they're more complicated or
less generically applicable.

Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
[Peter: Fix insteadOf example, capitalize SSH/HTTPS]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-05-17 11:31:40 +02:00
Thomas Petazzoni 3502bfe7a5 package/netopeer2: bump to version 2.4.1
This is needed following the bump of libyang (3.12.2),
sysrepo (3.6.11) and libnetconf2 (3.7.1), as netopeer2 2.4.1 is the
version designed to work with those other components.

See https://github.com/CESNET/netopeer2/releases for the changes.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-05-17 11:30:16 +02:00
Mattias Walström eeb49a1f1f package/libnetconf2: bump to version 3.7.1
Changelog:
  error-path data node
  now using proper format so in rpc-reply uses XML XPath format instead of JSON
  several bugfixes and improvements

Depends on libyang v3.12.2:

  https://github.com/CESNET/libyang/releases/tag/v3.12.2

As part of this version bump, the ENABLE_SSH and ENABLE_TLS options
have been dropped by upstream in favor of a single ENABLE_SSH_TLS
option, which requires openssl or mbedtls, libcurl and libssh. Since
this is getting quite complicated to handle as an implicit optional
dependency, we make this explicit with a new sub-option
BR2_PACKAGE_LIBNETCONF2_SSH_TLS that ensures everything needed is
enabled.

In theory, libnetconf2 can use either mbedtls or openssl for crypto,
but netopeer2 will only work if OpenSSL is used, so we only allow
using OpenSSL until that gets fixed upstream.

The netopeer2 package, which needs SSH/TLS support in libnetconf2 is
updated accordingly (and actually becomes simpler).

Signed-off-by: Mattias Walström <lazzer@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-05-17 11:30:16 +02:00
Mattias Walström 2ad082971a package/libyang: bump to version 3.12.2
Changelog:
 optional xxhash faster hasing function
 support for metadata in diff
 lots of optimizations and fixes

License file changed due to copyright year change:

-Copyright (c) 2015-2021, CESNET
+Copyright (c) 2015-2024, CESNET

Signed-off-by: Mattias Walström <lazzer@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-05-17 11:30:15 +02:00
Mattias Walström a073431b3a package/sysrepo: bump to version 3.6.11
Changelog:
 several moderate optimizations (@irfanHaslanded)
 session push oper data cache
 lots of minor bugfixes and improvements

Depends on libyang v3.12.2 https://github.com/CESNET/libyang/releases/tag/v3.12.2

Signed-off-by: Mattias Walström <lazzer@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-05-17 11:30:14 +02:00
Adam Duskett 5cfe10ffb2 package/refpolicy: bump to version 2.20250213
Add a patch (found in an upstream PR) to avoid the following error when
the dbus module is not enabled:

   ```
   policy/modules/system/selinuxutil.te:102:ERROR 'attribute
   dbusd_system_bus_client is not within scope' at token ';'
   on line 155976:
   ```

Remove the patch 0001-policy-modules-services-smartmon.te-make-fstools-opt.patch
(upstream commit 65eed16b58015b08f43a096c202dae6cba2f0a37).

Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
[Arnout:
 - Add patch to fix dbus issue.
 - Remove dbus from default modules again.
 - Remove the existing patch which is applied upstream.
]
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-05-17 11:07:23 +02:00
Adam Duskett f93e0ec585 package/selinux-python: bump to verson 3.8.1
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-05-17 10:15:38 +02:00
Adam Duskett 0683e7d65b package/semodule-utils: bump to version 3.8.1
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-05-17 10:15:17 +02:00
Adam Duskett d0e1181b16 package/restorecond: bump to version 3.8.1
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-05-17 10:14:58 +02:00
Adam Duskett ebf1217a7b package/checkpolicy: bump to version 3.8.1
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-05-17 10:13:23 +02:00
Adam Duskett 9cd495b871 package/policycoreutils: bump to version 3.8.1
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-05-17 10:12:16 +02:00
Adam Duskett 1ae3ad4e87 package/libselinux: bump to version 3.8.1
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-05-17 10:11:32 +02:00
Adam Duskett 2a7823a7fe package/libsemanage: bump to version 3.8.1
License sha change is due to white space cleanup on commit 5969e99.

Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-05-17 10:08:49 +02:00
Adam Duskett 992b678393 package/libsepol: bump to version 3.8.1
Changes:
    - SELinux policy version 34 is available starting with kernel 6.14.
    - Updated 0001-support-static-only.patch to apply cleanly and changed
      the email address from aduskett@gmail.com to
      adam.duskett@amarulasolutions.com

Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-05-17 10:08:35 +02:00
Adam Duskett cbabeb5077 package/audit/S02auditd: fix shellcheck and check-package warnings
Fixup S20audit to pass shellcheck -oall and check-package. The file now
closely resembles package/busybox/S01syslogd.

Tested with qemu_x86_64_defconfig. start, stop, restart, reload, and rotate
all work with busybox ash shell.

Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
[Arnout: remove it from .checkpackageignore]
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-05-17 10:04:02 +02:00
Vincent Fazio d9aabc1af3 package/m4: bump to 1.4.20
The new version bundles an updated gnulib that includes support for
-std=c23 which is the default for gcc 15.

Signed-off-by: Vincent Fazio <vfazio@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-05-17 09:28:58 +02:00
Brandon Maier cc93da91ac package/mtd: revert update to 2.3.0
The mtd package fails to compile when BR2_PACKAGE_MTD_TESTS=y is enabled
with the following error.

> make[1]: *** No rule to make target
> 'tests/ubifs_tools-tests/images/good.gz', needed by 'all-am'.  Stop.

This issue was reported upstream and a patch submitted. However we can't
apply the patch to fix the problem. The issue is that a file is missing
from the released tarball, so only a new MTD release can fix it.

This reverts commit 0c230eef90.

Upstream: https://lore.kernel.org/linux-mtd/20250220112554.2150046-1-m.olbrich@pengutronix.de/
Reported-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Brandon Maier <brandon.maier@collins.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-05-17 09:07:31 +02:00
Peter Korsgaard 359908d33c package/ibm-sw-tpm2: add upstream patch to fix builds against libopenssl 3.5.x
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-05-17 09:07:10 +02:00
Roy Kollen Svendsen 6cd8f95346 package/mariadb: bump version to 10.11.11
Fixes:
Build with gcc-15 was fixed upstream in 10.11.11:

https://github.com/MariaDB/server/commit/1d6f857

Remove patch, since the problem was fixed upstream:

https://github.com/MariaDB/server/commit/4375245

After bumping the version to 10.11.11 the configuration step failed for target:

CMake Error: try_run() invoked in cross-compiling mode, please set the following cache variables appropriately:
   HAVE_SYSTEM_LIBFMT_EXITCODE (advanced)

To fx this problem we set HAVE_SYSTEM_LIBFMT_EXITCODE=0.

Fix legal-info after changes to README.md.

Signed-off-by: Roy Kollen Svendsen <roykollensvendsen@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-05-16 23:31:00 +02:00
Cherniaev Andrei a480ae9ffe boot/grub2/readme.txt: fix loopback mount notes
Commit 7dd56b6cd9 ("boot/grub2/readme.txt: don't specify /dev/loop0")
changed the description of the loopback mounting to use losetup -f <img>,
but forgot to add the --show option, causing losetup to not print the
loopback device name.

Fix that by adding the --show option.

Signed-off-by: Cherniaev Andrei <dungeonlords789@naver.com>
[Peter: Reword commit message]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-05-16 21:55:41 +02:00
Francois Perrad c5c7c44fa5 package/quickjs: bump to version 2025-04-26
diff LICENSE: removed trailing space

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-05-16 21:53:45 +02:00
Michael Nosthoff 4bf58850ea package/catch2: bump version to 3.8.1
- Fixed bug where catch_discover_tests fails when no TEST_CASEs are present

release notes: https://github.com/catchorg/Catch2/releases/tag/v3.8.1

Signed-off-by: Michael Nosthoff <buildroot@heine.tech>
[Peter: reword commit message]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-05-16 21:50:33 +02:00
Juan Pablo MONTERO CASTRO 4e954bf4bf configs/freescale_imx91evk: new defconfig
This commit adds support for the i.MX 91 EVK board
https://www.nxp.com/imx93evk

Tested on board revision SCH-91080 REV A1.

Signed-off-by: Juan Pablo MONTERO CASTRO <juanpablo.monterocastro@nxp.com>
[Julien:
 - split original commit 3/3
 - fix check-package errors
 - add link to board page in readme.txt
 - reflow readme.txt
]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-16 21:24:27 +02:00
Juan Pablo MONTERO CASTRO 1ce2484a8b package/freescale-imx/firmware-ele-imx: add support for i.MX 91 A0
Buildroot commit [1] introduced the firmware-ele-imx package and was
using the "mx93a1-ahab-container.img" firmware image for i.MX91.

For i.MX91, it is in fact the firmware file "mx91a0-ahab-container.img"
which needs to be used.

This commit adds this special case.

[1] https://gitlab.com/buildroot.org/buildroot/-/commit/69d127fe29dc8ca0321588ed19f14f644ff7e910

Signed-off-by: Juan Pablo MONTERO CASTRO <juanpablo.monterocastro@nxp.com>
[Julien: split original commit 2/3]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-16 21:24:27 +02:00
Juan Pablo MONTERO CASTRO 0645c83cd6 package/freescale-imx/Config.in: introduce i.MX91 silicon revision
This commit introduces the silicon revision number configuration.
This value will be used by packages for specific configurations
(such as security firmware).

Signed-off-by: Juan Pablo MONTERO CASTRO <juanpablo.monterocastro@nxp.com>
[Julien: split original commit 1/3]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-16 21:24:27 +02:00
Peter Korsgaard 585eeb4640 fs/erofs: unbreak custom compression handling
Fixes:
https://autobuild.buildroot.net/results/0f856def945b9a863f45f7a58553b62f6875720b/

Commit a02e437417 ("fs/erofs: add custom compression option with optional
compress-hints file") added logic for custom compression, but in fact it did
not work.

BR2_TARGET_ROOTFS_EROFS_COMPRESSION_{ALGORITHMS,HINTS} are kconfig string
variables, so we need to use qstrip rather than strip.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-05-16 20:01:25 +02:00
Thomas Petazzoni b0a62a9654 docs/migrating.adoc: document the tarball suffix update for Cargo-fetch packages
We changed the suffix of tarballs for Cargo-fetched packages, which
affects out-of-tree packages, so it makes sense to document that in
the migration guide.

Reported-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-05-16 20:00:38 +02:00
Thomas Petazzoni e0beecec56 package: update cargo suffix to -cargo4 and fix hashes
Following the "support/download: replace deprecated .cargo/config"
change, the hashes of all Cargo-fetched packages need to be
updated. This commit therefore changes the suffix of Cargo packages
from -cargo3 to -cargo4, and updates all hashes.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-05-16 20:00:37 +02:00
Fiona Klute (WIWA) 3776f7c11f support/download: replace deprecated .cargo/config
With the current vendoring process, any Cargo build emits the
following warning:

warning: `.../.cargo/config` is deprecated in favor of `config.toml`

.cargo/config.toml was introduced in 1.39 [1], so there shouldn't be
backwards compatibility issues in Buildroot. However, because the
generated config file becomes part of the vendored archive, this
changes the hashes of all Cargo-based packages.

[1] https://doc.rust-lang.org/cargo/reference/config.html#hierarchical-structure

Signed-off-by: Fiona Klute (WIWA) <fiona.klute@gmx.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-05-16 20:00:36 +02:00
Adrian Perez de Castro e743759a52 package/sysprof: bump to version 48.0
This new release includes a number of improvements. Release notes:

  https://gitlab.gnome.org/GNOME/sysprof/-/blob/48.0/NEWS

Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-05-16 19:57:59 +02:00
Adrian Perez de Castro 10720c036e package/libdex: bump to version 0.10.0
On top of a few small features, this release has a few build system
improvements, and in particular improves checking for libatomic and
libucontext.

https://gitlab.gnome.org/GNOME/libdex/-/blob/0.10.0/NEWS

Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-05-16 19:57:59 +02:00
Thomas Perale 6541717ef9 package/python-h11: security bump to version 0.16.0
Fixes the following security issue:

- CVE-2025-43859: A leniency in h11's parsing of line terminators in
    chunked-coding message bodies can lead to request smuggling
    vulnerabilities under certain conditions.

For more information, see:
  - https://nvd.nist.gov/vuln/detail/CVE-2025-43859
  - https://github.com/python-hyper/h11/commit/114803a29ce50116dc47951c690ad4892b1a36ed

For more details on the version bump, see:
  - https://github.com/python-hyper/h11/compare/v0.14.0...v0.16.0

Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-05-16 19:54:54 +02:00
Yann E. MORIN 5009fd2436 Makefile: include defconfigs in sub-directories in list-defconfigs
Currently, list-defconfigs only lists the defconfigs that live
 live in the top-level configs/ directory. For the in-tree defconfigs
this is indeed the case, but it is possible to manage the configs in a
br2-external tree with sub-directories.

A few examples:
  - for a given board, a first defconfig is the full system, and a
    second is the rescue system;
  - for a given board, two defconfigs implement an A/B feature set;
  - a set of configurations targetting various famillies of systems each
    running on different hardware, sorted per familly.

Extend list-defconfigs to look for and report defconfigs in
sub-directories of the top-level configs/.

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-05-16 19:45:35 +02:00
James Hilliard 3481a9643f package/mbedtls: bump to version 3.6.3.1
As specified in the 2.28.10 release notes:
https://github.com/Mbed-TLS/mbedtls/releases/tag/mbedtls-2.28.10

Mbed TLS 2.28.10 is the last release of the 2.28 LTS and won't receive bug
fixes or security fixes anymore.  Users are advised to upgrade to a
maintained version.

So move to 3.6.x, which is the new LTS version:

Mbed TLS 3.6 is a long-term support (LTS) branch.  It will be supported with
bug-fixes and security fixes until at least March 2027.

Drop BR2_PACKAGE_MBEDTLS_COMPRESSION and all related references
as native zlib support has been entirely removed from mbedtls.

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
[Peter: add note about 2.28.x / 3.6.x, add Config.in.legacy]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-05-16 18:49:54 +02:00
Thomas Petazzoni 432aef053e package/{rust,rust-bin}: fix license
The bump of rust and rust-bin from 1.82 to 1.86 in commit
072f3bc8c6 forgot to update the hash of
the license files. The LICENSE-MIT file has changed with the following
diff:

+Copyright (c) The Rust Project Contributors
+

So no change to the license terms.

Fixes:

  https://autobuild.buildroot.net/results/382489b3f5c931451bead7e232af07b70c3e29bb/

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-05-16 18:46:24 +02:00
Julien Olivain e9498b4faa support/testing: new dieharder runtime test
Note: this test was not working in Buildroot test infrastructure
before commit [1] was merged, because dieharder has the string "# "
in its output.

[1] https://gitlab.com/buildroot.org/buildroot/-/commit/0cad947b964be5612a182413da136fcf0dc5a1f2

Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-05-16 18:44:56 +02:00
Juan Pablo MONTERO CASTRO a0b51dd088 board/freescale: imx9-bootloader-prepare.sh: fix cpu name
This commit replaces "a35" occurrences with "a55" in imx9 bootloader
preparation script. i.MX9 families have Cortex-A55 processors. See [1].

This change is purely cosmetic and only for correctness, as the
mkimage_imx8 tool currently uses internally the "a55" identifier as
an alias for "a35". See [2].

[1] https://www.nxp.com/products/processors-and-microcontrollers/arm-processors/i-mx-applications-processors/i-mx-9-processors:IMX9-PROCESSORS
[2] https://github.com/nxp-imx/imx-mkimage/blob/lf-6.6.23-2.0.0/src/mkimage_imx8.c#L773

Signed-off-by: Juan Pablo MONTERO CASTRO <juanpablo.monterocastro@nxp.com>
[Julien: reword a bit and add info in commit log]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-16 18:40:22 +02:00
Nikita Kiryushin f777c79912 package/dbus: set session-socket-dir to /tmp
dbus has a session socket directory configuration setting,
that, if not set, will be autodeducted based on env vars
like TMPDIR during configuration time.

Becuse of that, the builder's environment variables will
lead to an image with a broken session bus while
leaking builder's details to the image.

Add an explicit setting of session-socket-dir to /tmp dir.

Fixes: https://gitlab.com/buildroot.org/buildroot/-/issues/67

Signed-off-by: Nikita Kiryushin <kiryushin@ancud.ru>
Reviewed-by: Fiona Klute <fiona.klute@gmx.de>
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-05-16 18:33:11 +02:00
Peter Korsgaard 82575b3e52 package/sdl2: allow wayland support to be enabled without X11
Commit 4662553088 ("package/sdl2: add wayland support") added an option to
enable wayland support but accidentally put the .mk logic inside the
BR2_PACKAGE_SDL2_X11, so it would only trigger if the X11 driver was
enabled.

Fix that by moving it outside the conditional.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-05-16 18:00:58 +02:00
Thomas Devoogdt 4662553088 package/sdl2: add wayland support
This adds a configuration option to enable the Wayland
video driver support in SDL2.

Signed-off-by: Thomas Devoogdt <thomas.devoogdt@barco.com>
[Peter: move after KMS/DRM]
Tested-by: Alexander Shiyan <eagle.alexander923@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-05-16 17:17:56 +02:00
Giulio Benetti b0a703a974 package/rtl8188eu: fix building with Linux 6.14
Add local patch pending upstream to fix build failure with Linux 6.14.

Fixes:
https://autobuild.buildroot.org/results/065b9afc1c6f9f5561547b12171269adc8c12275

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Reviewed-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-16 17:15:08 +02:00
James Hilliard d0841c007b package/python-charset-normalizer: bump to version 3.4.1
Add new host-python-mypy and host-python-setuptools-scm build
dependencies.

Set --skip-dependency-check due to unnecessarily strict mypy
version limit.

Set CHARSET_NORMALIZER_USE_MYPYC=1 in env so that mypyc optimizations
are enabled.

License hash changed due to year update:
https://github.com/jawah/charset_normalizer/commit/deed20577ba5358bb9624c17e6c8aa6ab26f6e08

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-05-16 16:56:37 +02:00
James Hilliard 218a17dbc4 package/python-mypy: new package
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-05-16 16:55:03 +02:00
James Hilliard c6924b2331 package/python-mypy-extensions: enable host package
This will be required for the upcoming python-mypy package.

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-05-16 16:54:43 +02:00
James Hilliard 253f53a155 package/python-types-setuptools: new host package
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-05-16 16:51:09 +02:00
James Hilliard 69ac2100c6 package/python-types-psutil: new host package
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-05-16 16:48:48 +02:00
Thomas Bonnefille fc827edb65 package/musepack: fix incompatible pointer types
As of GCC14, GCC no longer allows implicitly casting all pointer types
to all other pointer types.

We can fix this error, by adding the appropriate cast.
This patch is a port of a Gentoo patch.

Link: https://gitweb.gentoo.org/repo/gentoo.git/tree/media-sound/musepack-tools/files/musepack-tools-495-incompatible-pointers.patch

Fixes:

    https://autobuild.buildroot.org/results/6412fc37d533dff27f18b09c668870bebff2bec5/

Signed-off-by: Thomas Bonnefille <thomas.bonnefille@bootlin.com>
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-05-16 16:47:14 +02:00
Marcus Hoffmann b15cd1d8fe docs/manual/adding-packages-python.adoc: clarify how _BUILD_OPTS work
PYTHON_FOO_BUILD_OPTS are passed to the build module call of the package
build, this allows passing options to the python build *backend* by
using the --config-setting= option. setup.py is no longer involved since
even the setuptools backend now used the pep517 build method.

The note about the options being passed to
support/scripts/pyinstaller.py seems to be no longer accurate.

Signed-off-by: Marcus Hoffmann <buildroot@bubu1.eu>
[Arnout: also mention -C (suggested by James)]
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-05-16 16:46:57 +02:00
Mika Westerberg 70d5bac305 package/tbtools: bump to version 0.6.0
Update to the latest release of tbtools. For change log, see:
https://github.com/intel/tbtools/compare/v0.5.0...v0.6.0

Signed-off-by: Mika Westerberg <mika.westerberg@linux.intel.com>
[Julien: update .hash file to use -cargo3 format]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-16 16:43:13 +02:00
Waldemar Brodkorb f11b9db0b5 package/asterisk: bump to 22.3.0
For a changelog see here:
https://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-22.3.0.md

Changes made by the package maintainer:
- add systemd service file
- run asterisk as non-root user asterisk
- build pjsip as bundled source code, but download it like
  sound files
- remove unused configure options
- chan_alsa was removed upstream in commit
  de3ce178ab0282445cf25161b49f3737ac2d20ff

See here for the reason behind using the bundled pjsip:
https://github.com/asterisk/asterisk/issues/671

Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-05-16 16:42:22 +02:00
Thomas Petazzoni 8a25ff3f89 package/android-tools: add patch to fix GCC 15.x build issue
host-android-tools fails to build when the host gcc version is >=
15.x. A simple patch allows to fix the issue by adjusting how
allocate_inode() gets called.

Fixes:

  https://autobuild.buildroot.org/results/e8152490540ee1968182f4eb7813e5e940f3e9b3/

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-16 16:22:53 +02:00
Marcus Hoffmann 5eb46878bd support/testing: new python-pydantic-settings runtime test
Signed-off-by: Marcus Hoffmann <buildroot@bubu1.eu>
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-05-16 16:19:53 +02:00
Marcus Hoffmann 45321879e1 support/testing: new python-pydantic runtime test
While in theory, the fastapi tests finds problems with the pydantic
package, it's not obvious that this test should be run when the pydantic
package is updated.

Add a new test that just covers pydantic.

Signed-off-by: Marcus Hoffmann <buildroot@bubu1.eu>
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-05-16 16:19:52 +02:00
Marcus Hoffmann c100f6a2fe DEVELOPERS: add Marcus Hoffmann for python-pydantic packages
Signed-off-by: Marcus Hoffmann <buildroot@bubu1.eu>
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-05-16 16:19:51 +02:00
Marcus Hoffmann 3648cec128 package/python-typing-extensions: bump to 4.13.2
Release notes:
https://github.com/python/typing_extensions/blob/main/CHANGELOG.md#release-4132-april-10-2025

Signed-off-by: Marcus Hoffmann <buildroot@bubu1.eu>
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-05-16 16:19:50 +02:00
Marcus Hoffmann 1126be8fdf package/python-dotenv: bump to 1.1.0
Signed-off-by: Marcus Hoffmann <buildroot@bubu1.eu>
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-05-16 16:19:50 +02:00
Marcus Hoffmann cde5e50b73 package/python-pydantic-settings: bump to 2.9.1
Signed-off-by: Marcus Hoffmann <buildroot@bubu1.eu>
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-05-16 16:19:49 +02:00
Marcus Hoffmann e1c939e426 package/python-pydantic: bump 2.11.4
Signed-off-by: Marcus Hoffmann <buildroot@bubu1.eu>
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-05-16 16:19:48 +02:00
Marcus Hoffmann e42de820cd package/python-pydantic-core: bump to 2.34.1
Signed-off-by: Marcus Hoffmann <buildroot@bubu1.eu>
[Arnout: update hash for cargo3]
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-05-16 16:19:47 +02:00
Marcus Hoffmann 9b6e7bf7ee package/python-typing-inspection: new package
Add python-typing-inspection as a newly introduced dependency of
pydantic.

Signed-off-by: Marcus Hoffmann <buildroot@bubu1.eu>
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-05-16 16:19:46 +02:00
Marcus Hoffmann 0468aae90a package/python-anyio: bump to 4.9.0
Release notes: https://github.com/agronholm/anyio/releases/tag/4.9.0

Signed-off-by: Marcus Hoffmann <buildroot@bubu1.eu>
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-05-16 16:19:45 +02:00
Marcus Hoffmann c912dc1d27 package/python-starlette: bump to 0.46.2
Signed-off-by: Marcus Hoffmann <buildroot@bubu1.eu>
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-05-16 16:19:44 +02:00
Marcus Hoffmann 873e1d658a package/python-fastapi: bump to 0.115.12
Signed-off-by: Marcus Hoffmann <buildroot@bubu1.eu>
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-05-16 16:19:43 +02:00
Thomas Perale 0814b614c2 package/micropython: fix build with GCC 15
A set of `unterminated-string-initialization` errors appeared when
building the micropython package with GCC15 on the host.
The autobuilder failed to build the package micropython with the
following error:

```
CC ../py/emitinlinethumb.c
../py/emitinlinethumb.c:153:9: error: initializer-string for array of 'unsigned char' truncates NUL terminator but destination lacks 'nonstring' attribute (4 chars into 3 available) [-Werror=unterminated-string-initialization]
  153 |     {0, "r0\0"},
      |         ^~~~~~
../py/emitinlinethumb.c:154:9: error: initializer-string for array of 'unsigned char' truncates NUL terminator but destination lacks 'nonstring' attribute (4 chars into 3 available) [-Werror=unterminated-string-initialization]
  154 |     {1, "r1\0"},
      |         ^~~~~~
...
```

This patch adds the set of upstream commits to fix the compatbility with
GCC15 (see [1]).
The patches were backported to micropython v1.22.2. The main difference
with the upstream version is that since the v1.23, the project removed the
use of the `STATIC` macro (see [2]).

Also, in the codebase of v1.22.2 the 'unterminated-string-initialization'
error occured in another file that was reworked in the patch [3] and
included in v1.25. This patch is included as well to remove the error in
v1.22.2.

[1] package/micropython/0003-Fixes-for-GCC-15-1-unterminated-string-literal-warning.patch
[2] https://github.com/micropython/micropython/commit/decf8e6a8bb940d5829ca3296790631fcece7b21
[3] package/micropython/0002-py-emitinlinextensa-Simplify-register-name-lookup.patch

Fixes: https://autobuild.buildroot.org/results/fdf/fdf1d7c3e3a51e6fc7fa5abea57de6c9ce792015

Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-16 16:14:32 +02:00
Kadambini Nema 9868ca6ec9 package/libopenssl: bump version to 3.5.0
Release notes:
https://github.com/openssl/openssl/releases/tag/openssl-3.5.0

Changelog:
https://github.com/openssl/openssl/blob/master/CHANGES.md#openssl-35

Rebased patches for the new version.

Signed-off-by: Kadambini Nema <kadambini.nema@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-05-16 15:45:33 +02:00
James Hilliard 22cd2e0bc4 package/unifdef: fix build with gcc 15
Add a patch fixing compilation on hosts with gcc 15.

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-16 15:36:13 +02:00
Olivier Benjamin f5d4ed04ac package/psplash: bump to revision 53ae74a
This includes the following changes:

53ae74a configure.ac: fix autoconf code for img_fullscreen
ec1ed35 configure.ac: standardize default-enabled options
1f64c65 README: Update mailing list to point to yocto-patches ml
b1a75fd psplash: Only define bool if using C standard older than C23
5a32cf6 psplash.c: fix crash from length becoming negative
ecc1913 SECURITY.md: Add file

Signed-off-by: Olivier Benjamin <olivier.benjamin@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-16 15:31:48 +02:00
Julien Olivain 2e05f22ff8 configs/freescale_imx93frdm: new defconfig
This commit adds support for the i.MX 93 FRDM (Freedom) board.

The i.MX93 FRDM development board is a low-cost and compact
development board featuring the i.MX93 applications processor.

See: https://nxp.com/FRDM-IMX93

This defconfig is based on freescale_imx93evk_defconfig introduced
by Sébastien, in Cc.

Note: the Linux and U-Boot repositories are forks. This is because
the NXP software team did not included all the necessary i.MX93 FRDM
patches in the standard NXP i.MX BSP at the time of this commit.
Instead, patches were published in a dedicated Yocto Layer from [1].
The forks used in this defconfig are simply the repositories [2]
and [3] with patches from [1] applied on them. This is only to make this
defconfig simpler in the meantime the BSP patches are included in the
NXP BSP repositories.

Thanks to Martin Chabot for lending a board!

[1] https://github.com/nxp-imx-support/meta-imx-frdm
[2] https://github.com/nxp-imx/uboot-imx
[3] https://github.com/nxp-imx/linux-imx

Cc: Martin Chabot <martin.chabot@gmail.com>
Cc: Sébastien Szymanski <sebastien.szymanski@armadeus.com>
Tested-by: Julien Olivain <ju.o@free.fr>
[Julien: Tested on board 700-94611 Rev B1]
Signed-off-by: Julien Olivain <ju.o@free.fr>
Reviewed-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-05-16 15:26:06 +02:00
Thomas Petazzoni b473d99416 package/libcap: backport upstream patch to fix build on Xtensa
Following the bump of libcap to version 2.76 in commit
e2eb2ee58b, the build started failing on
Xtensa. The bug was reported upstream at
https://bugzilla.kernel.org/show_bug.cgi?id=219915 and was
subsequently fixed by upstream commit:

  https://git.kernel.org/pub/scm/libs/libcap/libcap.git/commit/?id=6cdd8cd72ebcedd6b1b6c989a7e5722d5d87f35c

Which we backport in this commit.

Fixes:

  https://autobuild.buildroot.org/results/b9ff9258f407898eeee80dd8cc4dd1d777f44c06

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-16 15:12:22 +02:00
Thomas Perale 45439ae262 package/python-flask: security bump to version 3.1.1
Fixes the following security issues:

- CVE-2025-47278: In Flask 3.1.0, the way fallback key configuration was
    handled resulted in the last fallback key being used for signing,
    rather than the current signing key.

For more information, see:
  - https://nvd.nist.gov/vuln/detail/CVE-2025-47278
  - https://github.com/pallets/flask/commit/73d6504063bfa00666a92b07a28aaf906c532f09

For more details on the version bump, see the release notes:
  - https://github.com/pallets/flask/releases/tag/3.1.1

Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-05-16 13:55:09 +02:00
Marcus Hoffmann fa5771d975 package/libiio: bump to 0.26
Drop patch that is now merged upstream.

Signed-off-by: Marcus Hoffmann <buildroot@bubu1.eu>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-05-16 13:54:02 +02:00
Brandon Maier 0c230eef90 package/mtd: update to 2.3.0
Changelog: https://git.infradead.org/?p=mtd-utils.git;a=blob;f=CHANGELOG.md

The TestMtd build fails with the following error

  checking pkg-config is at least version 0.9.0... ./configure: line
  5375: .../output/TestMtd/host/bin/pkg-config: No such file or
  directory

So we promote host-pkgconf to be a required dependency for the build.

Signed-off-by: Brandon Maier <brandon.maier@collins.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-05-16 13:53:18 +02:00
Peter Korsgaard 9a1aaec3f3 package/screen: security bump to version 5.0.1
Fixes the following security issues:

CVE-2025-46805: do NOT send signals with root privileges
CVE-2025-46804: avoid file existence test information leaks
CVE-2025-46803: apply safe PTY default mode of 0620
CVE-2025-46802: prevent temporary 0666 mode on PTYs in attacher
CVE-2025-23395: reintroduce lf_secreopen() for logfile

https://lists.gnu.org/archive/html/info-gnu/2025-05/msg00002.html

For more details, see:
https://security.opensuse.org/2025/05/12/screen-security-issues.html

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-16 13:40:17 +02:00
El Mehdi YOUNES 3615b2cd04 package: update all hashes after cargo3 switch
This updates all SHA256 hashes for Rust packages that previously used
cargo2.tar.gz archives, following the switch to cargo3 naming in my last
patch.

Signed-off-by: El Mehdi YOUNES <elmehdi.younes@smile.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-05-16 13:26:33 +02:00
El Mehdi YOUNES b80278613e package/pkg-download: switch from cargo2 to cargo3
Starting from rust 1.84.0 (cargo 1.84.0), published crates now always
include a Cargo.lock file. Originally it was only included for packages
that have executables or examples for use with cargo install. see [1]

This behaviour change alters the contents of the .tar.gz archives,
which causes SHA256 hash mistmatches when trying to build Rust packages.

Example build failure with bat-0.24.0:

ERROR: while checking hashes from package/bat/bat.hash
ERROR: bat-0.24.0-cargo2.tar.gz has wrong sha256 hash:
ERROR: expected: 45fcdd6076dc1b45698a7b6c0f4d1f5d9ae676f3ca3b155402ad24680d5b4df6
ERROR: got     : 28b302b1aa325221796d4ebb25bacab19a8927ef32f4d56a965b32a7b1c102fc

After using the ne hash to download the new archive tar.gz, we have the
difference between the old archive and the new one using diffoscope:
│ │ --rw-r--r--   0        0        0     1529 2023-10-11 17:14:12.000000 bat-0.24.0/VENDOR/bincode/.cargo-checksum.json
│ │ +-rw-r--r--   0        0        0     1609 2023-10-11 17:14:12.000000 bat-0.24.0/VENDOR/bincode/.cargo-checksum.json
│ │ +-rw-r--r--   0        0        0     1766 2023-10-11 17:14:12.000000 bat-0.24.0/VENDOR/bincode/Cargo.lock
│ │  -rw-r--r--   0        0        0     1388 2023-10-11 17:14:12.000000 bat-0.24.0/VENDOR/bincode/Cargo.toml

We can see that Cargo.lock has been added.

To avoid hash mismatch issues and to clearly mark archives generated
with the new Cargo behavior, we migrate the naming from 'cargo2.tar.gz'
to 'cargo3.tar.gz'.

We did not find any alternative to disable this new cargo-publish
behavior, so this change is necessary to allow updating the hashes of
Cargo-fetched packages.

[1] https://github.com/rust-lang/cargo/pull/14815
https://doc.rust-lang.org/nightly/cargo/CHANGELOG.html

Signed-off-by: El Mehdi YOUNES <elmehdi.younes@smile.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-05-16 13:26:32 +02:00
El Mehdi YOUNES 072f3bc8c6 package/rust: bump to version 1.86.0
bump rust from version 1.82.0 to 1.86.0
releases:
https://github.com/rust-lang/rust/releases

Signed-off-by: El Mehdi YOUNES <elmehdi.younes@smile.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-05-16 13:26:32 +02:00
El Mehdi YOUNES 740204bf9a package/rust: fix bootstrap with Rust≥1.83
Rust includes an option `download-ci-llvm` in config.toml that enables
downloading prebuilt LLVM binaries from Rust's CI infrastructure instead
of building LLVM from source. This option helps speed up the bootstrap
process and is enabled by default starting from Rust 1.83.

However, starting from commit [1] the bootstrap process performs
a strict check via the function
check_incompatible_options_for_ci_llvm().

This validation, implemented in the function
check_incompatible_options_for_ci_llvm(), checks for any incompatible
custom options such as `llvm.ldflags`, `llvm.cflags`, `targets`, etc.

If any of these are set locally and differ from the values used to build
the CI-provided LLVM, the build fails immediately with the error:

      ERROR: Setting `llvm.ldflags` is incompatible with
             `llvm.download-ci-llvm`.

Buildroot explicitly sets `llvm.ldflags` in rust.mk to ensure proper
host linking during the build of host-rust. Removing this setting may
introduce portability or reliability issues across toolchains.

To address the issue without compromising the build environment, this
patch disables the use of CI-provided LLVM by setting:

      [llvm]
      download-ci-llvm = false

This follows the recommendation from the Rust bootstrap script itself.

Note: this is a temporary workaround to restore compatibility with Rust
≥1.83. Other solutions will be investigated to avoid disabling the use
of prebuilt LLVM in the future, while preserving Buildroot’s reproducible
build setup.

[1] https://github.com/rust-lang/rust/commit/9df7680ecf698bf7087616b595774ee1023d3c7b

Signed-off-by: El Mehdi YOUNES <elmehdi.younes@smile.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-05-16 13:26:31 +02:00
Julien Olivain e9911873aa configs/freescale_imx*: bump BSP components to lf-6.12.3-1.0.0
This commit U-Boot, Linux kernel and ATF (when applicable) to the
NXP BSP lf-6.12.3-1.0.0 versions.

Custom hashes are also updated accordingly.

Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-16 12:49:35 +02:00
Sébastien Szymanski 2f13e813c0 package/freescale-imx/imx-sc-firmware: bump version to 1.18.0
This version is aligned with NXP Linux BSP version "lf-6.12.3-1.0.0".

License hashes changed because the LA_OPT_NXP_Software_License changed
from "v57 July 2024" to "v58 November 2024".

Signed-off-by: Sébastien Szymanski <sebastien.szymanski@armadeus.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-16 12:49:35 +02:00
Sébastien Szymanski 33778c8552 package/freescale-imx/imx-vpu-hantro-daemon: bump version to 1.5.0
This version is aligned with NXP Linux BSP version "lf-6.12.3-1.0.0".

Signed-off-by: Sébastien Szymanski <sebastien.szymanski@armadeus.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-16 12:49:35 +02:00
Sébastien Szymanski 4fe6235126 package/freescale-imx/imx-vpu-hantro: bump version to 1.36.0
This version is aligned with NXP Linux BSP version "lf-6.12.3-1.0.0".

License hashes changed because the LA_OPT_NXP_Software_License changed
from "v57 July 2024" to "v58 November 2024".

Signed-off-by: Sébastien Szymanski <sebastien.szymanski@armadeus.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-16 12:49:35 +02:00
Sébastien Szymanski 05b20d572c package/freescale-imx/imx-gpu-viv: bump version to 6.4.11.p3.0
This version is aligned with NXP Linux BSP version "lf-6.12.3-1.0.0".

License hashes changed because the LA_OPT_NXP_Software_License changed
from "v57 July 2024" to "v58 November 2024".
The Vivante.icd file is now in gpu-core/etc/OpenCL/vendors/ and there is
a new directory "vulkan" in gpu-core/etc/. Copy both OpenCL and vulkan
directories to /etc/.

Signed-off-by: Sébastien Szymanski <sebastien.szymanski@armadeus.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-16 12:49:35 +02:00
Sébastien Szymanski 9d0e9e07a8 package/freescale-imx/firmware-ele-imx: bump to version 2.0.1
This version is aligned with NXP Linux BSP version "lf-6.12.3-1.0.0".

License hashes changed because the LA_OPT_NXP_Software_License changed
from "v57 July 2024" to "v58 November 2024".

Signed-off-by: Sébastien Szymanski <sebastien.szymanski@armadeus.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-16 12:49:35 +02:00
Sébastien Szymanski 20246264e5 package/freescale-imx/imx-gpu-g2d: bump version to 6.4.11.p3.0
This version is aligned with NXP Linux BSP version "lf-6.12.3-1.0.0".

License hashes changed because the LA_OPT_NXP_Software_License changed
from "v57 July 2024" to "v58 November 2024".

Signed-off-by: Sébastien Szymanski <sebastien.szymanski@armadeus.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-16 12:49:35 +02:00
Sébastien Szymanski 15c91ed9b5 package/freescale-imx/firmware-imx: bump version to 8.27
This version is aligned with NXP Linux BSP version "lf-6.12.3-1.0.0".

License hashes changed because the LA_OPT_NXP_Software_License changed
from "v57 July 2024" to "v58 November 2024".

Signed-off-by: Sébastien Szymanski <sebastien.szymanski@armadeus.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-16 12:49:35 +02:00
Patrik Olsson 506c9b8e0d configs/friendlyarm_nanopi_r3s: bump TF-A, U-Boot and Linux versions
- TF-A to version v2.12 (LTS)
- U-Boot to version v2025.04
- Linux kernel to version 6.14.6

Signed-off-by: Patrik Olsson <johan.patrik.olsson@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-16 12:41:55 +02:00
Patrik Olsson 42357f0b13 configs/friendlyarm_nanopi_r3s: use Bootlin toolchain
This moves the defconfig to the Bootlin glibc stable external toolchain
as per[1].

[1]: https://elinux.org/Buildroot:DeveloperDaysELCE2024#Rules_for_defconfigs

Signed-off-by: Patrik Olsson <johan.patrik.olsson@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-16 12:41:55 +02:00
Fiona Klute (WIWA) a32a1e9a84 package/rauc: enable JSON output in host package
JSON output is useful for building integrations, e.g. reading bundle
information into other tools.

Host-json-glib is very small / fast to build compared to the other
dependencies, so enable it unconditionally.

Signed-off-by: Fiona Klute (WIWA) <fiona.klute@gmx.de>
[Peter: unconditionally enable JSON support]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-05-16 12:36:50 +02:00
Kadambini Nema a127b7e999 package/openssh: bump to version 10.0p1
Release notes:
https://www.openssh.com/txt/release-10.0

Install sshd-auth.
https://github.com/openssh/openssh-portable/commit/6072e4c9385713e9c166f32cfca6a7e603d4f0b8

Also, the release note of 10.0p1 states it is a security update for
CVE-2025-32728. This commit is not marked as security bump, because the
security fix is already present in Buildroot since commit [1]. For this
reason, this commit also removes the package patches and the
_IGNORE_CVES variable.

[1] https://gitlab.com/buildroot.org/buildroot/-/commit/211e822d433806893c1395b55c1d891343a07aa0

Signed-off-by: Kadambini Nema <kadambini.nema@gmail.com>
[Julien:
 - remove the "security" mention commit title
 - remove local patches and _IGNORE_CVES
 - add info in commit log
]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-16 12:08:05 +02:00
Julien Olivain 00b2d74dbb package/kexec: bump to version 2.0.31
For release announce, see:
https://lists.infradead.org/pipermail/kexec/2025-April/032608.html

Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-05-16 11:49:56 +02:00
Julien Olivain 634b2c5253 package/fluidsynth: bump to version 2.4.5
For change log since v2.4.3, see:
https://github.com/FluidSynth/fluidsynth/releases/tag/v2.4.4
https://github.com/FluidSynth/fluidsynth/releases/tag/v2.4.5

Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-05-16 11:48:02 +02:00
Cherniaev Andrei 4e95062f82 package/pkg-meson: use buildroot-build for build directory
Fixes https://gitlab.com/buildroot.org/buildroot/-/issues/64

Some source tarballs (E.G.  libopenh264) may already contain a build/
subdir, so switch to the more unique bildroot-build for the build directory,
similar to how it is done for cmake.

Signed-off-by: Cherniaev Andrei <dungeonlords789@naver.com>
Co-Authored-By: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
[Peter: reword commit text]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-05-16 11:42:56 +02:00
Titouan Christophe 211e822d43 package/openssh: apply security patch for CVE-2025-32728 (sshd)
Fixes:
https://www.cve.org/CVERecord?id=CVE-2025-32728

Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
[Julien: add link to CVE in commit log]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-16 11:19:36 +02:00
Kadambini Nema aaa50b0e61 package/xz: bump to version 5.8.1
Update hash of the COPYING file. (Notes about old releases was removed)

Release notes:
https://github.com/tukaani-project/xz/releases/tag/v5.8.1
https://github.com/tukaani-project/xz/releases/tag/v5.8.0

Also, the release note of v5.8.1 states it is a security update for
CVE-2025-31115. This commit is not marked as security bump, because the
security fix is already present in Buildroot since commit [1]. For this
reason, this commit also removes the package patches and the
XZ_IGNORE_CVES variable.

[1] https://gitlab.com/buildroot.org/buildroot/-/commit/38494a0a613d77169fb3178be287315ebc1b8ade

Signed-off-by: Kadambini Nema <kadambini.nema@gmail.com>
[Julien:
 - remove the "security" mention commit title
 - remove local patches and XZ_IGNORE_CVES
 - add info in commit log
]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-16 10:55:25 +02:00
Peter Korsgaard d9182a7556 docs/website/download.html: update for 2025.02.1
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-05-16 10:25:31 +02:00
Julien Olivain 6ad8090920 configs/freescale_t1040d4rdb: bump linux kernel to 6.12.27
Since commit [1] "package/binutils: make 2.43 the default version",
the freescale_t1040d4rdb_defconfig fails to build the Linux
kernel, with the error:

    arch/powerpc/boot/util.S: Assembler messages:
    arch/powerpc/boot/util.S:49: Error: junk at end of line, first unrecognized character is `0'
    arch/powerpc/boot/util.S:54: Error: syntax error; found `b', expected `,'
    arch/powerpc/boot/util.S:54: Error: junk at end of line: `b'

This commit fixes the issue by updating the Linux kernel to the latest
LTS version.

Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/9967089767

[1] https://gitlab.com/buildroot.org/buildroot/-/commit/360fd01de20eb42aa0e6b5e9f7b37eaa104c6fc9

Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-05-16 10:15:47 +02:00
Julien Olivain 889d47baef configs/freescale_p1025twr: bump linux kernel to 6.12.27
Since commit [1] "package/binutils: make 2.43 the default version",
the freescale_p1025twr_defconfig fails to build the Linux
kernel, with the error:

    arch/powerpc/boot/util.S: Assembler messages:
    arch/powerpc/boot/util.S:49: Error: junk at end of line, first unrecognized character is `0'
    arch/powerpc/boot/util.S:54: Error: syntax error; found `b', expected `,'
    arch/powerpc/boot/util.S:54: Error: junk at end of line: `b'

This commit fixes the issue by updating the Linux kernel to the latest
LTS version.

Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/9967089759

[1] https://gitlab.com/buildroot.org/buildroot/-/commit/360fd01de20eb42aa0e6b5e9f7b37eaa104c6fc9

Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-05-16 10:15:22 +02:00
Julien Olivain 8bfdd3305e package/libsndfile: update project home page url
The libsndfile package homepage url [1] points to an old site in which
the last update is for version 1.0.28 (April 2 2017). This site does
not seem to be maintained anymore.

This commit updates the libsndfile homepage url to [2].

[1] http://www.mega-nerd.com/libsndfile/
[2] https://libsndfile.github.io/libsndfile/

Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-05-16 10:14:35 +02:00
Thomas Devoogdt 84d9cf3abe package/fluent-bit: bump to 4.0.2
News:
- https://fluentbit.io/announcements/v4.0.1/
- https://fluentbit.io/announcements/v4.0.2/

Other remarks:
- Drop the FLB_UNICODE_ENCODER option, as it is no longer needed. [1]

- Added support for FLB_OUT_PGSQL.

- Compile against the buildroot provided zstd package. [2]

- Dropped some patches as they are obsolete. (We use the buildroot packages for them.)
   - 0003-lib-nghttp2-CMakeLists.txt-do-not-require-a-CXX-comp.patch
   - 0004-lib-luajit-cmake-CMakeLists.txt-do-not-require-a-CXX.patch
   - 0006-lib-zstd-only-enable-CXX-support-if-tests-are-requir.patch

- Synced the other patches with their upstream equivalent.

[1] https://github.com/fluent/fluent-bit/commit/92de130cead75f66bd565496947263168d2d5c37
[2] https://github.com/fluent/fluent-bit/commit/5f409f55ec667b525716be4afd54b5485c9d55c1

Signed-off-by: Thomas Devoogdt <thomas@devoogdt.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-05-16 09:46:01 +02:00
Thomas Perale a4249a2024 package/libraw: security bump to version 0.21.4
Fixes the following security issues:

- CVE-2025-43961: metadata/tiff.cpp has an out-of-bounds read in the
    Fujifilm 0xf00c tag parser.

For more information, see:
  - https://nvd.nist.gov/vuln/detail/CVE-2025-43961
  - https://github.com/LibRaw/LibRaw/commit/66fe663e02a4dd610b4e832f5d9af326709336c2

- CVE-2025-43962: phase_one_correct in decoders/load_mfbacks.cpp has
    out-of-bounds reads for tag 0x412 processing

For more information, see:
  - https://nvd.nist.gov/vuln/detail/CVE-2025-43962
  - https://github.com/LibRaw/LibRaw/commit/66fe663e02a4dd610b4e832f5d9af326709336c2

- CVE-2025-43963: phase_one_correct in decoders/load_mfbacks.cpp allows
    out-of-buffer access

For more information, see:
  - https://nvd.nist.gov/vuln/detail/CVE-2025-43963
  - https://github.com/LibRaw/LibRaw/commit/be26e7639ecf8beb55f124ce780e99842de2e964

- CVE-2025-43964: tag 0x412 processing in phase_one_correct in
    decoders/load_mfbacks.cpp does not enforce minimum w0 and w1 values.

For more information, see:
  - https://nvd.nist.gov/vuln/detail/CVE-2025-43964
  - https://github.com/LibRaw/LibRaw/commit/a50dc3f1127d2e37a9b39f57ad9bb2ebb60f18c0

For more details on the version bump, see the release notes:
  - https://github.com/LibRaw/LibRaw/releases/tag/0.21.4
  - https://github.com/LibRaw/LibRaw/releases/tag/0.21.3
  - https://github.com/LibRaw/LibRaw/compare/0.21.2...0.21.4

Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-05-15 07:51:32 +02:00
Marcus Hoffmann c722fa1cf2 package/python-django: bump to 5.2.1
Django 5.2 is a new LTS series. Release notes and announcement:

https://docs.djangoproject.com/en/5.2/releases/5.2/
https://www.djangoproject.com/weblog/2025/apr/02/django-52-released/

Signed-off-by: Marcus Hoffmann <buildroot@bubu1.eu>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-05-14 15:03:38 +02:00
Marcus Hoffmann 09299c5b0c package/python-django: security bump to 5.1.9
Fixes CVE-2025-32873 [1].
Django also updates setuptools[2], so we can remove the --skip-dependency-check
flag and need to update the package archive capitalization accordingly.

[1] https://www.djangoproject.com/weblog/2025/may/07/security-releases/
[2] https://github.com/django/django/commit/bbf376bbc8cdfca817b54e7df99539633d10b06e

Signed-off-by: Marcus Hoffmann <buildroot@bubu1.eu>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-05-14 14:57:57 +02:00
Julien Olivain 38494a0a61 package/xz: add security patches fixing CVE-2025-31115
This commit adds four upstream patches fixing the CVE-2025-31115
vulnerability. The reason there is four patches instead of one is to
exactly follow the advisory recommendation [1], which proposes the
patch [2]. This patch is in fact a concatenation of four commits. In
Buildroot, we track package patches as formatted by git, with extra
"Upstream:" headers. The patch [2] was split here in four for a
clearer traceability.

With the addition of those patches, the XZ_IGNORE_CVES is set
accordingly.

Fixes:
https://www.cve.org/CVERecord?id=CVE-2025-31115

[1] https://github.com/tukaani-project/xz/security/advisories/GHSA-6cc8-p5mm-29w2
[2] https://tukaani.org/xz/xz-cve-2025-31115.patch

Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-05-14 14:44:37 +02:00
Kadambini Nema 0a645c7592 package/protobuf-c: bump to version 1.5.2
Release notes:
https://github.com/protobuf-c/protobuf-c/releases/tag/v1.5.2

Signed-off-by: Kadambini Nema <kadambini.nema@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-05-14 07:19:46 +02:00
Marcus Hoffmann 8701d138ed package/python-uvicorn: bump to version 0.34.2
Signed-off-by: Marcus Hoffmann <buildroot@bubu1.eu>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-13 23:01:10 +02:00
Bernd Kuhls b3388c2556 package/intel-microcode: security bump version to 20250512
Release notes:
https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20250512

CVE-2025-24495:
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01322.html

CVE-2024-28956:
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01153.html

CVE-2024-43420:
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01247.html

CVE-2025-20103:
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01244.html

"Note: INTEL-SA-01244 and INTEL-SA-01247 will be published on May 13th 2025"

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-13 22:40:57 +02:00
Bernd Kuhls 140f8fc628 package/dhcp: fix build with gcc-15.x
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-13 22:37:30 +02:00
Bernd Kuhls 778da2b719 package/dbus-glib: bump version to 0.114
For change log, see [1].

A notable change is that this release fixes GCC 15 build issues
and some deprecation warnings.

Updated license files and hashes due to upstream commit [2].
There is not an actual license change.

[1] https://gitlab.freedesktop.org/dbus/dbus-glib/-/blob/dbus-glib-0.114/NEWS
[2] https://gitlab.freedesktop.org/dbus/dbus-glib/-/commit/ad08ba0c6ba2d69783d41254e0cf03b2ae1647db

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Florian Larysch <fl@n621.de>
Tested-by: Florian Larysch <fl@n621.de>
[Julien: add extra info in the commit log]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-13 22:31:05 +02:00
Bernd Kuhls 999fb19d4b package/unixodbc: fix build with gcc-15.x
Inspired by
https://gitweb.gentoo.org/repo/gentoo.git/commit/dev-db/unixODBC?id=b5629b3aefd8633d378beea7e955d66ce709bebe

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-13 22:09:52 +02:00
Bernd Kuhls 4dfe97dde4 package/libsndfile: Add upstream commits to fix build with gcc-15.x
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-13 22:01:50 +02:00
Bernd Kuhls 467aa8cd56 package/netcat-openbsd: bump version to 1.229
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-13 21:29:28 +02:00
Bernd Kuhls c1d422edde package/berkeleydb: fix build with gcc-15.x
Inspired by
https://src.fedoraproject.org/rpms/libdb/c/c250c61cc3d56c5cff7ba59308f46245a32bdc69

"GCC 15 defaults to C23.  The last release of this package was over a
 decade ago, and it is no longer maintained, therefore it should not be
 expected to compile to the latest standards."

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-13 21:19:00 +02:00
Giulio Benetti 5ae5c0ef41 package/harfbuzz: bump to version 11.2.1
Release Notes:
https://github.com/harfbuzz/harfbuzz/releases/tag/11.2.1

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-05-13 19:02:22 +02:00
Julien Olivain 7cb93a3804 package/connman: update homepage url
The old connman homepage url [1] now redirects to an Intel open source
software portal which no longer contains the connman project.

The project is now hosted at [2]. For reference, the upstream
commit [3] removed references to [1].

This commit updates the Config.in homepage url to [2].

[1] https://01.org/connman
[2] https://git.kernel.org/pub/scm/network/connman/connman.git
[3] https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=7d35eba0b93580c7dae5763b517ea5571dc4a273

Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-05-13 18:56:24 +02:00
Dario Binacchi a8cfe9986c package/connman: fix CVE-2025-32366
In ConnMan through 1.44, parse_rr in dnsproxy.c has a memcpy length
that depends on an RR RDLENGTH value (i.e., *rdlen=ntohs(rr->rdlen)
and memcpy(response+offset,*end,*rdlen)). Here, rdlen may be larger
than the amount of remaining packet data in the current state of
parsing. As a result, values of stack memory locations may be sent
over the network in a response.

Fixes:
https://www.cve.org/CVERecord?id=CVE-2025-32366

Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-05-13 18:49:31 +02:00
Kadambini Nema 915a351e2f package/dropbear: security bump to version 2025.88
Fixes CVE-2025-47203.
https://security-tracker.debian.org/tracker/CVE-2025-47203

Release notes:
https://github.com/mkj/dropbear/releases/tag/DROPBEAR_2025.88

Signed-off-by: Kadambini Nema <kadambini.nema@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-05-13 11:39:24 +02:00
Bernd Kuhls 05fb4526f9 package/dropbear: bump version to 2025.87
Changelog: https://matt.ucc.asn.au/dropbear/CHANGES

Upstream disabled sha1 by default:
https://github.com/mkj/dropbear/commit/f3465a34eb4007ca3e45044ebdf863842e0346d5

Add the options to DROPBEAR_ENABLE_LEGACY_CRYPTO hook.

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Reviewed-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-05-13 11:36:22 +02:00
Dario Binacchi a7ea1e658d board/bsh/imx6ulz-bsh-smm-m2: flash U-Boot
Fix the board flashing by adding the bootloader, which I had mistakenly
forgotten to include in the script.

Fixes: 322e8d8451 ("configs/imx6ulz_bsh_smm_m2_defconfig: new defconfig")
Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-12 23:00:50 +02:00
Dario Binacchi d64ae92968 configs/imx6ulz_bsh_smm_m2: bump Linux to 6.12.28
The patch bumps the Linux kernel to version 6.12.28

Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-12 23:00:47 +02:00
Dario Binacchi 6c4da559cc package/connman: fix CVE-2025-32743
In ConnMan through 1.44, the lookup string in ns_resolv in dnsproxy.c
can be NULL or an empty string when the TC (Truncated) bit is set in
a DNS response. This allows attackers to cause a denial of service
(application crash) or possibly execute arbitrary code, because those
lookup values lead to incorrect length calculations and incorrect
memcpy operations.

Fixes:
https://www.cve.org/CVERecord?id=CVE-2025-32743

Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
[Julien: add link to cve]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-12 22:36:26 +02:00
Dario Binacchi ce9a64b5d1 package/connman: bump to version 1.44
Release notes:

- ver 1.44:
  * Fix issue with handling oFono context integration.
  * Fix issue with handling web context for online detection.
  * Fix issue with handling flags used when deleting routes.
  * Fix issue with handling PAC proxy integration.

- ver 1.43:
  * Fix issue with device creation when using LTE.
  * Fix issue with regulatory domain when powering up.
  * Fix issue with resolving ISO3166 code from timezone data.
  * Fix issue with handling DNS proxy zero termination of buffers.
  * Fix issue with handling DHCP packet length in L3 mode.
  * Fix issue with handling DHCP upper length checks.
  * Fix issue with handling IPv6 and URL parsing.
  * Fix issue with handling online check updates.
  * Fix issue with handling proxy method and WISPr.
  * Fix issue with handling default gateway setup.
  * Add support for low-priority default routes.

Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-12 22:31:41 +02:00
Marcus Hoffmann 96ae6c41e7 package/python-click: bump to 8.2.0
Update package help text to reflect upstream project description.

Signed-off-by: Marcus Hoffmann <buildroot@bubu1.eu>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-12 22:10:43 +02:00
Marcus Hoffmann c38ee456cb package/python-jc: bump to 1.25.5
Signed-off-by: Marcus Hoffmann <buildroot@bubu1.eu>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-12 22:10:26 +02:00
Florian Larysch 598dfb7c1a package/f2fs-tools: fix GCC 15 build
f2fs-tools had its own "bool" typedef which now conflicts with the C23
keyword, causing build failures on GCC 15.

Import a patch from upstream that fixes this.

Fixes: https://autobuild.buildroot.org/results/d17641582d1beaec9dcca4dc48a68d713cecfdc8 (and others)
Signed-off-by: Florian Larysch <fl@n621.de>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-12 22:04:47 +02:00
Dario Binacchi 501018ad61 DEVELOPERS: add Dario Binacchi for inih
Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-12 22:01:19 +02:00
Dario Binacchi d2e2e58d43 package/inih: bump to version 60
Release notes:
https://github.com/benhoyt/inih/releases/tag/r59
https://github.com/benhoyt/inih/releases/tag/r60

Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-12 22:01:02 +02:00
Daniel Crowe 5d8d39fc4c package/python-aniso8601: bump version to 10.0.1
For change log, see:
https://codeberg.org/nielsenb-jf/aniso8601/src/tag/v10.0.1/CHANGELOG.rst#aniso8601-10.0.1

Signed-off-by: Daniel Crowe <daniel.crowe@maxmine.com.au>
[Julien: add link to change log]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-12 21:55:07 +02:00
Bernd Kuhls df685627a2 package/nut: bump version to 2.8.3
Release notes:
https://github.com/networkupstools/nut/releases/tag/v2.8.3

Remove all patches which are included in this release.

Updated license hash due to upstream commits:
https://github.com/networkupstools/nut/commit/1cd56ce019a0005d2c9083c3eba26af13a9b2581
https://github.com/networkupstools/nut/commit/91585bf708fd5128ca9e23c82800a0c50f39db14
https://github.com/networkupstools/nut/commit/f9a41e7225a472443c34c008fbf4c168bd94b904

Upstream commit https://github.com/networkupstools/nut/commit/4ddc5aedf322a6ff2803aa7cb7509057ac7edbbf
sets PKG_CONFIG_LIBDIR=/dev/null when cross-compiling and the pkg-config
binary lacks the host triplet, but:

"If pkg-config libdir is already defined, we suppose that callers know
 what they're doing and leave it alone ..."

Add PKG_CONFIG_LIBDIR to NUT_CONF_ENV to fix library detections.

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-12 21:51:18 +02:00
Bernd Kuhls 230ee77c74 package/intel-vpl-gpu-rt: bump version to 25.2.1
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-12 21:43:27 +02:00
Bernd Kuhls 8e713dcc88 package/libvpl: bump version to 2.15.0
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-12 21:43:26 +02:00
Bernd Kuhls 754286925e package/intel-mediadriver: bump version to 25.2.1
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-12 21:43:26 +02:00
Bernd Kuhls 0aad09a97c package/intel-gmmlib: bump version to 22.7.2
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-12 21:43:26 +02:00
Julien Olivain a2e074d023 package/flac: bump to version 1.5.0
For change log, see:
https://github.com/xiph/flac/releases/tag/1.5.0

The license file COPYING.Xiph hash is updated, after a year update in:
https://github.com/xiph/flac/commit/6974998fd499d65d23e8d42a9c12b6ca04d2e10b

Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-05-12 17:26:43 +02:00
Bernd Kuhls 7f5732a9a0 package/php: bump version to 8.3.21
Changelog: https://www.php.net/ChangeLog-8.php#8.3.21

Release notes:
https://news-web.php.net/php.announce/457
https://news-web.php.net/php.announce/458

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-05-12 17:22:51 +02:00
Bernd Kuhls a1c7168760 package/ghostscript: security bump to version 10.05.1
Release notes: https://ghostscript.readthedocs.io/en/gs10.05.1/News.html

"This release addresses CVEs: CVE-2025-27835, CVE-2025-27832,
 CVE-2025-27831, CVE-2025-27836, CVE-2025-27830, CVE-2025-27833,
 CVE-2025-27837, CVE-2025-27834, CVE-2025-46646"

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-11 19:31:16 +02:00
Bernd Kuhls ecf14d585c package/linux-headers: drop 6.13.x option
The 6.13.x series is now EOL upstream, so drop the linux-headers
option and add legacy handling for it.

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-11 13:48:34 +02:00
Bernd Kuhls 3792389057 package/kodi-pvr-waipu: bump version to 21.10.3-Omega
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-11 12:09:26 +02:00
Bernd Kuhls 8fbfa622ee package/kodi-inputstream-adaptive: bump version to 21.5.13-Omega
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-11 12:09:23 +02:00
Ismael Luceno beefa78b49 package/mawk: bump version to 1.3.4-20250131
For change log, see:
https://invisible-mirror.net/mawk/CHANGES.html#index-t20250131

Signed-off-by: Ismael Luceno <ismael@iodev.co.uk>
[Julien: add link to change log]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-11 11:33:02 +02:00
Patrik Olsson 595dd3ae88 configs: rock4se: bump TF-A, U-Boot and Linux versions
This patch bumps:
- TF-A to version v2.12 (LTS)
- U-Boot to version v2025.04
- Linux kernel to version 6.12.28 (LTS)

Signed-off-by: Patrik Olsson <johan.patrik.olsson@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-10 23:00:34 +02:00
Patrik Olsson b572255db3 configs: rock4se: use Bootlin toolchain
This moves the defconfig to the Bootlin glibc stable external toolchain
as per[1].

[1]: https://elinux.org/Buildroot:DeveloperDaysELCE2024#Rules_for_defconfigs

Signed-off-by: Patrik Olsson <johan.patrik.olsson@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-10 23:00:30 +02:00
Bernd Kuhls 74d33f6f81 linux: bump latest version to 6.14
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-10 21:56:30 +02:00
Bernd Kuhls 9aec878a0d {toolchain, linux-headers}: add support for 6.14 headers
And add (and default to) 6.14 to linux-headers.

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-10 21:56:26 +02:00
Bernd Kuhls 176c61266e {linux, linux-headers}: bump 5.{4, 10, 15}.x / 6.{1, 6, 12, 13}.x series
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-10 21:56:22 +02:00
Doug Kehn badda6da8e package/nss-pam-ldapd: bump version to 0.9.13
See the release announce:
https://arthurdejong.org/nss-pam-ldapd/release-0-9-13

Signed-off-by: Doug Kehn <rdkehn@gmail.com>
[Julien: add link to release announce]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-10 19:18:28 +02:00
Thomas Petazzoni 4745bad303 package/libtirpc: backport upstream fixes for GCC 15.x issues
This commit backports two upstream commits that address GCC 15.x build
issues.

Fixes:

  https://autobuild.buildroot.org/results/abca98bc69ac51af3652ab2d0d187d1461f83515/

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-10 19:14:28 +02:00
Thomas Petazzoni 07eb63935a package/tpm2-pkcs11: bump to version 1.9.1
1.9.0..1.9.1 changes described at:

  https://github.com/tpm2-software/tpm2-pkcs11/releases/tag/1.9.1

Update suggested by https://gitlab.com/magerkraut at
https://gitlab.com/buildroot.org/buildroot/-/issues/109 as "There is a
issue with the database LOCK file".

Fixes:

  https://gitlab.com/buildroot.org/buildroot/-/issues/109

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-10 19:09:19 +02:00
Thomas Petazzoni 1799cfebfd package/netsnmp: bump to version 5.9.4
Changes 5.9.3 to 5.9.4, from:
https://github.com/net-snmp/net-snmp/blob/v5.9.4/CHANGES

    IMPORTANT: SNMP over TLS and/or DTLS are not functioning properly
    in this release with various versions of OpenSSL and will be fixed
    in a future release.

    libsnmp:
      - Remove the SNMP_SWIPE_MEM() macro Remove this macro since it is not
        used in the Net-SNMP code base.
      - DISPLAY-HINT fixes
      - Miscellanious improvements to the transports
      - Handle multiple oldEngineID configuration lines
      - fixes for DNS names longer than 63 characters

    agent:
      - Added a ignoremount configuration option for the HOST-MIB
      - disallow SETs with a NULL varbind
      - fix the --enable-minimalist build

    apps:
      - snmpset: allow SET with NULL varbind for testing
      - snmptrapd: improved MySQL logging code

    general:
      - configure: Remove -Wno-deprecated as it is no longer needed
      - miscellanious ther bug fixes, build fixes and cleanups

We can drop patch 0001-snmp_agent-disallow-SET-with-NULL-varbind.patch
because it's upstream as of commit
4589352dac3ae111c7621298cf231742209efd9b, which is part of the 5.9.4
release.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
[Julien: add link to changelog]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-10 19:05:50 +02:00
Thomas Petazzoni af674f3ecf package/netsnmp: backport patch fixing runtime with Linux >= 6.7
This issue has been reported in
https://gitlab.com/buildroot.org/buildroot/-/issues/110, where netsnmp
would not work on Linux >= 6.7 systems due to an issue in parsing
/proc/net/snmp. We simply backport a fix that's upstream, but not yet
in any stable release.

Fixes:

  https://gitlab.com/buildroot.org/buildroot/-/issues/110

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-10 18:59:12 +02:00
Giulio Benetti c2598f90eb package/harfbuzz: bump to version 11.2.0
Release Notes:
https://github.com/harfbuzz/harfbuzz/releases/tag/11.2.0

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-09 22:27:32 +02:00
Yegor Yefremov 8cdeeb536c package/libical: bump to version 3.0.20
For change log, see:
https://github.com/libical/libical/blob/v3.0.20/ReleaseNotes.txt

Update license info: the source code is now licensed under MPL-2.0
instead of MPL-1.0.

Remove upstreamed patches.

Add a build-time dependency to host-perl.

Disable unneeded options.

Use ON/OFF instead of true/false for CMake options.

Fixes:
https://autobuild.buildroot.org/results/dc2a6d9e50759e948a5f9952eaa1a866d52400fe/

Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
[Julien:
 - reword commit title
 - update change log url to use tag
 - update .checkpackageignore to fix check-package errors
 - reorder LIBICAL_CONF_OPTS alphabetically
]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-09 21:48:15 +02:00
Daniel Crowe 7c65b4484e package/python-pyproj: new package
Provides cartographic projections in Python
https://pyproj4.github.io/pyproj/stable/

Signed-off-by: Daniel Crowe <daniel.crowe@maxmine.com.au>
[Julien:
 - reword commit title
 - add test files in DEVELOPERS entries
]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-09 19:01:27 +02:00
Daniel Crowe 02de349895 package/python-flask-restx: new package
Support REST APIs with Flask applications
https://flask-restx.readthedocs.io/en/latest/

Signed-off-by: Daniel Crowe <daniel.crowe@maxmine.com.au>
[Julien: reword commit title]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-09 18:38:35 +02:00
Kadambini Nema 380dc9332f package/libwebsockets: bump to version 4.3.5
Changelog:
https://github.com/warmcat/libwebsockets/compare/v4.3.3...v4.3.5

Signed-off-by: Kadambini Nema <kadambini.nema@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-09 16:39:17 +02:00
Kadambini Nema 89c7c6b6a8 package/pcre2: bump version to 10.45
Release notes:
https://github.com/PCRE2Project/pcre2/releases/tag/pcre2-10.45
https://github.com/PCRE2Project/pcre2/blob/pcre2-10.45/NEWS#L4

Changelog:
https://github.com/PCRE2Project/pcre2/blob/release/pcre2-10.45/ChangeLog#L10

LICENCE file renamed to ‎LICENCE.md.
Update hash of the ‎LICENCE.md. (Addition of details on new maintainership).

Signed-off-by: Kadambini Nema <kadambini.nema@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-09 15:46:00 +02:00
Giulio Benetti fff2ef63be package/rtl8812au-aircrack-ng: bump to version 2025-03-30 on branch v5.6.4.2
This version adds support up to Linux version 6.14.

Fixes:
https://autobuild.buildroot.org/results/4bbbd61aaca1172bb6be46c8f9cd577ee77a7ddc/

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-09 15:29:55 +02:00
Olivier Benjamin a028f0a51d package/psplash: add support for fullscreen config option
Add support for a psplash configure option:
  --enable-img-fullscreen, via BR2_PACKAGE_PSPLASH_FULL_SCREEN

The Buildroot option will default to 'n' to be compatible with
the previous behaviour, as it was disabled by default in psplash.

Note: the --enable-img-fullscreen configure option has been supported
in psplash since upstream commit:
https://git.yoctoproject.org/psplash/commit/?id=773a3977d255e8f59a741ad6ce37c4d40f1feaa1

Signed-off-by: Olivier Benjamin <olivier.benjamin@bootlin.com>
[Julien: add note in commit log about upstream support]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-09 15:20:22 +02:00
Giulio Benetti d5826736d5 package/swupdate: bump to version 2025.05
For release note, see:
https://github.com/sbabic/swupdate/releases/tag/2025.05

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-09 15:09:47 +02:00
Giulio Benetti b5b88330a7 package/libnss: bump version to 3.111
For release note, see:
https://hg-edge.mozilla.org/projects/nss/file/tip/doc/rst/releases/nss_3_111.rst

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-09 14:58:45 +02:00
Kadambini Nema 1df9852cc4 package/hwdata: bump version to 0.395
Release notes:
https://github.com/vcrhonek/hwdata/releases/tag/v0.395

Changelog:
https://github.com/vcrhonek/hwdata/compare/v0.394...v0.395

Signed-off-by: Kadambini Nema <kadambini.nema@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-09 14:20:37 +02:00
Thomas Petazzoni 448ceefa78 support/dependencies/dependencies.sh: awk is needed by Buildroot
A basic Fedora 42 container does not have 'awk' installed, but it is
needed by Buildroot. First by check-host-python3.sh:

support/dependencies/check-host-python3.sh: line 6: awk: command not found
support/dependencies/check-host-python3.sh: line 19: awk: command not found
support/dependencies/check-host-python3.sh: line 19: awk: command not found

but then even building host-expat assumes awk is available:

config.status: creating Makefile
./config.status: line 1404: awk: command not found
config.status: creating expat.pc
./config.status: line 1404: awk: command not found

Since it's a pretty basic tool, make it part of the tools checked by
dependencies.sh. One minor annoyance is that check-host-python3.sh is
executed *before* dependencies.sh does its thing, so when 'awk' is not
available, we end up seeing:

support/dependencies/check-host-python3.sh: line 6: awk: command not found
support/dependencies/check-host-python3.sh: line 19: awk: command not found
support/dependencies/check-host-python3.sh: line 19: awk: command not found
which: no awk in (/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin)
You must install 'awk' on your build machine
make: *** [support/dependencies/dependencies.mk:27: dependencies] Error 1

It would be nice to have the awk check *before* it gets used in
check-host-python3.sh, but that's a topic for another patch.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-08 21:35:27 +02:00
Thomas Petazzoni dc0691f038 package/gdb: add patch to fix GCC 15.x build issue with ARC-specific gdb
This commit adds the same patch that was already added to GDB 14.x,
15.x and 16.x to fix a GCC 15.x build issue.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-08 21:31:18 +02:00
Thomas Petazzoni 56c834400e package/gdb: add patches for GCC 15.x compatibility
This commit backports an upstream patch fixing the bundled readline
library so that it builds with GCC 15.x.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-08 19:13:41 +02:00
Thomas Petazzoni e40bf89e40 package/gdb: bump 15.x series to 15.2
Changes:

 Set GDB version number to 15.2.
 [gdb/python] Make sure python sys.exit makes gdb exit
 [gdb/symtab] Revert "Change handling of DW_TAG_enumeration_type in DWARF scanner"
 [gdb/testsuite] Add regression test for PR32158
 [gdb/testsuite] Add gdb.dwarf2/enum-type-c++.exp, regression test for PR31900.
 gdb-15-branch: Clear the X86_XSTATE_MPX bit in XCRO for x32
 Recognize -2 as a tombstone value in .debug_line
 [gdb] Handle ^C during disassembly
 Mark unavailable bytes of limited-length arrays when allocating contents
 gdb/solib-frv: move lm_info object to solib
 Fix loading a saved recording
 Bump GDB's version number to 15.1.90.DATE-git.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-08 19:13:37 +02:00
Thomas Petazzoni b793160964 package/gdb: bump 16.x series to 16.3
Changes:

 Set GDB version number to 16.3.
 gstack: [downstream regression] Output file names and line numbers
 Fix build failure for gdbserver's raw_compare self test
 Fix gdbserver crashes on SVE/SME-enabled systems
 gdb: allow selecting default fg/bg colors in tui mode
 gdb: Fix assertion failure when inline frame #0 is duplicated
 [gdb/tdep] Rewrite i386_canonicalize_syscall
 [gdb/record] Fix out-of-bounds write in aarch64_record_asimd_load_store
 gdb/dwarf: save DWARF version in dwarf2_loclist_baton, remove it from dwarf2_per_cu
 Fix segfault if target_fileio_read_alloc fails
 gdb/tui: use wrefresh if output is not surpressed
 [gdb/corefiles] Fix segfault in core_target_open
 Bump GDB's version number to 16.2.90.DATE-git.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-08 19:13:32 +02:00
Florian Larysch 6d09b25d08 package/bash: fix build with host GCC 15
bash uses K&R function declarations which have been removed in C23.

Since part of the build process (like the mkbuiltins helper) is written
in C, building bash now fails on hosts with GCC 15 (which defaults to
C23).

Since properly fixing this on the source code level is a larger
endeavor, just set the C standard to an old enough version for now.

Signed-off-by: Florian Larysch <fl@n621.de>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-08 17:42:31 +02:00
Romain Naour 30cf5a0754 configs/qemu_ppc*: backport a patch for GCC 15.x compatibility
powerpc kernel maintainer merged a patch [1] for GCC 15.x compatibility
that will likely be merged upstream soon.

[1] https://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux.git/commit/?id=5a821e2d69e26b51b7f3740b6b0c3462b8cacaff

Signed-off-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-08 17:25:27 +02:00
Romain Naour 97c7311c64 configs/qemu_mips*: backport a patch for GCC 15.x compatibility
Mips kernel maintainer merged a patch [1] for GCC 15.x compatibility
that will likely be merged upstream soon.

[1] https://git.kernel.org/pub/scm/linux/kernel/git/mips/linux.git/commit/?id=0f4ae7c6ecb89bfda026d210dcf8216fb67d2333

Signed-off-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-08 17:25:23 +02:00
Romain Naour 5dacd8e056 configs/qemu: update defconfigs to Linux 6.12.27
Update all qemu defconfigs to the latest Kernel LTS version
where first patches fixing gcc 15 builds were backported [1][2].

Fixing kernel builds with gcc 15 is a prerequisite to build
and test new Bootlin bleeding-edge toolchains [3].

[1] https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=247abefeb50d56c83ce7abda5a378e395ee8af72
[2] https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=593d852f7fe21a225df4866799b6b539de6b8255
[3] https://toolchains.bootlin.com

Signed-off-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-08 17:25:20 +02:00
Romain Naour dd2d62a36e package/qemu: bump to version 10.0.0
Changes log:
https://wiki.qemu.org/ChangeLog/10.0

Remove upstream patches:

- 0002-stubs-only-build-stubs-for-QAPI-events-when-needed.patch
  https://gitlab.com/qemu-project/qemu/-/commit/8113dbbcdaee05f319a7e48272416d918cb2b04a
- 0003-sched_attr-Do-not-define-for-glibc-2.41.patch
  https://gitlab.com/qemu-project/qemu/-/commit/27a8d899c7a100fd5aa040a8b993bb257687c393

Note:
  32-bit host support is now deprecated for all platforms and will be
  removed in a future QEMU release.
  https://gitlab.com/qemu-project/qemu/-/commit/6d701c9bac1d3571e9ad511e01b27df7237f0b13

Qemu defconfigs were runtime tested on Gitlab-CI:
https://gitlab.com/kubu93/buildroot/-/pipelines/1805672685

qemu_s390x_defconfig, qemu_arm_vexpress_tz_defconfig,
qemu_aarch64_ebbr_defconfig were tested locally.

Runtime tests using host-qemu were locally tested:
TestXvisor, TestFwts, TestEdk2, TestGrubAArch64EFI.

Signed-off-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-07 22:25:26 +02:00
Titouan Christophe 835b5659ea package/sqlite: add patch to fix CVE-2025-29087
This patch was commited upstream, and released as part of sqlite 3.49.1

However, the configuration system changed between sqlite 3.48 and 3.49
from autotools to autosetup, and this has proven challenging to support
in Buildroot (see `git log package/sqlite`), hence why we are still on
sqlite 3.48.

Therefore, until the package build infrastructure correctly supports
building sqlite 3.49, let's simply import the upstream patch to address
the CVE.

Note: the upstream patch is on the orignal sqlite sources. Buildroot is
using the sqlite "amalgamation" source archive, which basically
concatenate all the source files in a single "sqlite3.c" file. So the
patch was reformated to apply correctly on the sqlite release archive.

Fixes:
https://www.cve.org/CVERecord?id=CVE-2025-29087

Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
[Julien:
 - reformat patch to be applicable on amalgamated sqlite sources
 - add comment in commit log about patch format
 - add "Fixes:" in commit log
]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-07 22:03:18 +02:00
Florian Larysch e3cae9e1ca package/cpio: fix build with GCC 15
On systems running GCC 15, host-cpio will fail to build with errors like

  copyout.c:646:12: error: too many arguments to function 'xstat'; expected 0, have 2

and

  main.c:407:13: error: assignment to 'int (*)(void)' from incompatible pointer type 'int (*)(const char * restrict,  struct stat * restrict)' [-Wincompatible-pointer-types]

This was reported[1] and fixed upstream, but there is no new release
yet. Import the upstream patch for now.

Fixes:
https://autobuild.buildroot.org/results/a10c5f2b0f9cb05b2550fe97f1133deaaac97277/
(and many more)

[1] https://lists.gnu.org/archive/html/bug-cpio/2025-05/msg00000.html

Signed-off-by: Florian Larysch <fl@n621.de>
[Julien:
 - add missing "Signed-off-by:" in patch to fix check-package error
 - change "Upstream:" link to use the commitdiff in patch
 - add "Fixes:" in commit log
]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-07 19:25:58 +02:00
Julien Olivain 31569bcc1b package/gmp: add patch to fix build with gcc-15
When using host gcc 15, host-gmp fails at configure time with
error message:

    configure: error: could not find a working compiler, see config.log for details

The error is due to the macro GMP_PROG_CC_WORKS in the file
acinclude.m4 containing C-code declaring functions without declaring
its parameters. This construct is now an error in C23, which is the
new default in gcc 15. See:
https://gcc.gnu.org/gcc-15/porting_to.html#c23

This commit fixes the issue by adding a package patch from
upstream changesets, not yet published in a release.

Even if gcc 15 is not yet included in Buildroot, this commit also
sets _AUTORECONF = YES for the target package in order to have this
package already fixed.

Fixes:
https://autobuild.buildroot.org/results/623634fa7bbeceeb6d90b15ce0abb1b9b4b24045/

Tested-by: Brigham Campbell <me@brighamcampbell.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-07 19:18:06 +02:00
Julien Olivain 74c4dd4150 configs/friendlyarm_nanopi_r3s: fix host linux headers custom version
Since its introduction in commit [1], the
friendlyarm_nanopi_r3s_defconfig is failing to build with error:

    Incorrect selection of kernel headers: expected 6.12.x, got 6.13.x

The error happens because the defconfig has:
BR2_PACKAGE_HOST_LINUX_HEADERS_CUSTOM_6_12=y
and
BR2_LINUX_KERNEL_CUSTOM_VERSION_VALUE="6.13.4"

This commit fixes the issue by setting instead:
BR2_PACKAGE_HOST_LINUX_HEADERS_CUSTOM_6_13=y

Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/9887216429

[1] https://gitlab.com/buildroot.org/buildroot/-/commit/41734e00c0cc36f4df2f492e72b535a0716d4048

Cc: Sergey Kuzminov <kuzminov.sergey81@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-07 19:16:42 +02:00
Titouan Christophe da69e45341 package/redis: bump to v8.0.0
Since 8.0.0, Redis now uses the fastfloat library as a bundled
dependency, and this library is written in C++ (even though the
rest of Redis is in plain C).

Therefore, we now require a toolchain with C++ support.

From https://github.com/redis/redis/blob/8.0.0/00-RELEASENOTES:

=======================================================
8.0 GA (v8.0.0)    Released Fri 2 May 2025 12:00:00 IST
=======================================================

This is the General Availability release of Redis Open Source 8.0.

Redis 8.0 deprecates previous Redis and Redis Stack versions.

Stand alone RediSearch, RedisJSON, RedisTimeSeries, and RedisBloom are no longer needed as they are now part of Redis.

- Name change: Redis Community Edition is now Redis Open Source
- License change: licensed under your choice of
  - (a) the Redis Source Available License 2.0 (RSALv2); or
  - (b) the Server Side Public License v1 (SSPLv1); or
  - (c) the GNU Affero General Public License (AGPLv3)
- Redis Query engine and 8 new data structures are now an integral part of Redis 8
  - (1) Redis Query Engine, which now supports both horizontal and vertical scaling for search, query and vector workloads
  - (2) JSON - a queryable JSON document
  - (3) Time series
  - (4-8) Five probabilistic data structures: Bloom filter, Cuckoo filter, Count-min sketch, Top-k, and t-digest
  - (9) Vector set [beta] - a data structure designed for Vector Similarity Search, inspired by Sorted set
  - These nine components are included in all binary distributions

  - See instructions in the README.md file on how to build from source with all these components
  - New configuration file: redis-full.conf - loads Redis with all these components,
    and contains new configuration parameters for Redis Query engine and the new data structures
  - New ACL categories: @search, @json, @timeseries, @bloom, @cuckoo, @cms, @topk, @tdigest
  - Commands are also included in the existing ACL categories (@read, @write, etc.)

- More than 30 performance and resource utilization improvements
- A new I/O threading implementation which enables throughput increase on multi-core environments
  (set with `io-threads` configuration parameter)
- An improved replication mechanism which is more performant and robust
- New hash commands - `HGETDEL`, `HGETEX`, `HSETEX`

For more details, see the release notes of 8.0-M01, 8.0-M02, 8.0-M03,8.0-M04, and 8.0-RC1

Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-07 18:30:02 +02:00
Peter Korsgaard b8134a1195 package/jo: bump version to 1.9
Mainly bugfixes (1.8 was deleted):

https://github.com/jpmens/jo/releases/tag/1.9
https://github.com/jpmens/jo/releases/tag/1.7

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-07 18:23:43 +02:00
Kadambini Nema 4acbe7a35c package/tzdata: bump version to 2025b
Release notes:
https://lists.iana.org/hyperkitty/list/tz-announce@iana.org/thread/6JVHNHLB6I2WAYTQ75L6KEPEQHFXAJK3/

Signed-off-by: Kadambini Nema <kadambini.nema@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-07 10:36:57 +02:00
Kadambini Nema 36c969cc4c package/zic: bump version to 2025b
Release notes:
https://lists.iana.org/hyperkitty/list/tz-announce@iana.org/thread/6JVHNHLB6I2WAYTQ75L6KEPEQHFXAJK3/

Signed-off-by: Kadambini Nema <kadambini.nema@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-07 10:36:54 +02:00
Giulio Benetti f3a8ff1af9 package/rtl8192eu: bump to 2025-04-10 version
This version allows to build with Linux 6.15. Makefile hase been refactored
and variable USER_EXTRA_CFLAGS has been renamed to USER_ccflags-y so let's
rename it accordingly.

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-06 22:48:05 +02:00
Giulio Benetti a8b7e28c81 package/rtl8189fs: bump to version 2025-02-24
With this version we can build with Linux 6.14 and support for
cfg80211_rtw_get_txpower() has been added.

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-06 22:48:00 +02:00
Giulio Benetti 64e8683f14 package/rtl8189es: bump to version 2025-02-24
With this version we can build with Linux 6.14.

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-06 22:47:56 +02:00
Julien Olivain 683681261b configs/imx28evk: enable BR2_DOWNLOAD_FORCE_CHECK_HASHES
This commit adds BR2_DOWNLOAD_FORCE_CHECK_HASHES=y in the defconfig
and adds custom hash files. The exception entry in .checkpackageignore
is also removed.

Cc: Fabio Estevam <festevam@gmail.com>
Reviewed-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-06 22:40:32 +02:00
Kadambini Nema c8ba9da529 package/libcurl: bump version to 8.13.0
Changelog:
https://curl.se/ch/8.13.0.html

Signed-off-by: Kadambini Nema <kadambini.nema@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-06 22:27:40 +02:00
Kadambini Nema 84b8a08051 package/libusb: bump version to 1.0.28
Release notes:
https://github.com/libusb/libusb/releases/tag/v1.0.28

Changelog:
https://github.com/libusb/libusb/blob/v1.0.28/ChangeLog#L4

Signed-off-by: Kadambini Nema <kadambini.nema@gmail.com>
[Julien: update changelog link to use tag]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-06 22:15:31 +02:00
Dario Binacchi e19ac5ed7c package/ufs-utils: bump to version 6.13.11
Release notes:
https://github.com/SanDisk-Open-Source/ufs-utils/releases/tag/v6.13.11

Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-06 22:08:58 +02:00
Thomas Perale 80cfdcb86b package/bird: fix build failure with bfd
The 'bird' package with only the `BR2_PACKAGE_BIRD_BFD=y` protocol
enabled fails to build with the following error

```
bison  -Dparse.lac=full -Dparse.error=verbose -dv -pcf_ -b obj/conf/cf-parse obj/conf/cf-parse.y
proto/bfd/config.Y:204.27-33: error: symbol 'ADDRESS' is used, but is not defined as a token and has no rules
  204 |  | bfd_show_sessions_args ADDRESS net_or_ipa { net_copy(&($$->address...
      |                           ^~~~~~~
```

The `ADDRESS` token is defined only when certain protocols (e.g. OSPF,
RIP, RPKI, or BGP) are enabled. As a result, builds including any of
these protocols do not encounter the issue.

The issue can be reproduced with the commands:

    cat >.config <<EOF
    BR2_aarch64=y
    BR2_TOOLCHAIN_EXTERNAL=y
    BR2_PACKAGE_BIRD=y
    BR2_PACKAGE_BIRD_BFD=y
    # BR2_PACKAGE_BIRD_BGP is not set
    EOF
    make olddefconfig
    make bird

This patch backports upstream commits that define the `ADDRESS` token
for the BFD protocol.

Fixes:
https://autobuild.buildroot.org/results/68c5dd84585a7018ad57ea3e7134748c08858ef7/

Signed-off-by: Thomas Perale <thomas.perale@mind.be>
[Julien: add commands to reproduce the issue]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-06 22:03:28 +02:00
Florian Larysch b769d4dbb8 package/rockchip-rkbin: bump to latest git commit
This version incorporates stability fixes and support for newer chip
generations.

The license hash change is only cosmetic, see the corresponding
commit[1] in the upstream repo.

Fix up defconfigs as needed since older TPL blob versions have gotten
removed.

[1] https://github.com/rockchip-linux/rkbin/commit/385bf9f1700cc4b7ab8af1ec96da02f4837c525a

Signed-off-by: Florian Larysch <fl@n621.de>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-06 18:07:48 +02:00
Alexander Mukhin 9d3c4130d7 DEVELOPERS: remove Alexander Mukhin from tinyproxy and zfs
Signed-off-by: Alexander Mukhin <alexander.i.mukhin@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-06 18:01:10 +02:00
Fabio Estevam 108af02935 configs/imx28evk: Rename the defconfig
The i.MX defconfig files follow the following name pattern:

- freescale_<board_name>_defconfig when it uses software components,
such as kernel and U-Boot from NXP.
- <SoC_name><board_name>_defconfig when it uses software components,
such as kernel and U-Boot from upsream.

This imx28evk target uses U-Boot and kernel from upstream, so rename it to
imx28evk_defconfig for consistency.

Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-06 10:19:04 +02:00
Kadambini Nema a31dc4c21a package/traceroute: bump to version 2.1.6
For change log since 2.1.3, see:
https://sourceforge.net/projects/traceroute/files/traceroute/traceroute%202.1.4/
https://sourceforge.net/projects/traceroute/files/traceroute/traceroute%202.1.5/
https://sourceforge.net/projects/traceroute/files/traceroute/traceroute%202.1.6/

Signed-off-by: Kadambini Nema <kadambini.nema@gmail.com>
[Julien: add links to change logs]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-05 23:52:15 +02:00
Kadambini Nema b18f95c155 package/hwdata: bump version to 0.394
Release notes:
https://github.com/vcrhonek/hwdata/releases/tag/v0.394

Changelog:
https://github.com/vcrhonek/hwdata/compare/v0.392...v0.394

Signed-off-by: Kadambini Nema <kadambini.nema@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-05 23:44:27 +02:00
Kadambini Nema ee595c95ae package/mtools: bump version to 4.0.48
Release notes:
https://lists.gnu.org/archive/html/info-mtools/2025-02/msg00019.html

Changelog:
https://svn.savannah.gnu.org/viewvc/mtools/tags/4.0.48/NEWS?view=markup

Signed-off-by: Kadambini Nema <kadambini.nema@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-05 23:35:46 +02:00
Waldemar Brodkorb 93cd246dc7 package/ruby: update to 3.4.3
See here for a changelog:
https://github.com/ruby/ruby/releases/tag/v3_4_3

Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-05 23:18:24 +02:00
Neal Frager 299f803cad configs/xilinx: add xilinx-fpgautil to xilinx defconfigs
This adds the xilinx-fpgautil application to all Xilinx zynq, zynqmp and
versal defconfigs.

Signed-off-by: Neal Frager <neal.frager@amd.com>
[Luca: build-tested only]
Tested-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Reviewed-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-05 22:23:01 +02:00
Neal Frager a36d5fd2f8 package/xilinx-fpgautil: new package
Add a new package to Buildroot called xilinx-fpgautil which builds the
Xilinx fpgautil script which can be used for loading FPGA bitstreams
on zynq, zynqmp and versal products at run-time.  This is a handy
application for loading FPGA bitstreams and their corresponding device
tree overlays.

An explanation of how this script can be used for each type of product
can be found on the wiki pages below.

https://xilinx-wiki.atlassian.net/wiki/spaces/A/pages/18841645/Solution+Zynq+PL+Programming+With+FPGA+Manager
https://xilinx-wiki.atlassian.net/wiki/spaces/A/pages/18841847/Solution+ZynqMP+PL+Programming
https://xilinx-wiki.atlassian.net/wiki/spaces/A/pages/1188397412/Solution+Versal+PL+Programming

In addition, the source code for xilinx-fpgautil can be found here:
https://github.com/Xilinx/meta-xilinx/blob/master/meta-xilinx-core/recipes-bsp/fpga-manager-script/files/fpgautil.c

The Xilinx fpgautil script can be used hand in hand with the Versal
Segmented Configuration with the following example command for
programming the pld.pdi file to the Versal FPGA:

    fpgautil -b /lib/firmware/xilinx/<design-name>_pld.pdi -o /lib/firmware/xilinx/<dtbo-name>.dtbo

Signed-off-by: Neal Frager <neal.frager@amd.com>
[Luca: build-tested only]
Tested-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Reviewed-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
[Julien: reflow commit log]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-05 22:20:41 +02:00
Giulio Benetti 50c7542326 package/sunxi-mali-utgard-driver: bump to version 2025-05-02
It builds up to Linux 6.13

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-05 22:09:23 +02:00
José Luis Salvador Rufo 9a672635a1 package/zfs: add upstream patch to fix musl
This patch fixes the `S_IFMT` undeclared error in `statx.c` when musl
is used.

Signed-off-by: José Luis Salvador Rufo <salvador.joseluis@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-05 21:33:20 +02:00
José Luis Salvador Rufo 18ecf1c648 package/zfs: bump version to 2.3.2
For release note, see:
https://github.com/openzfs/zfs/releases/tag/zfs-2.3.2

Signed-off-by: José Luis Salvador Rufo <salvador.joseluis@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-05 21:33:16 +02:00
Viacheslav Bocharov 1ed23e2089 package/rtl8822cs bump driver version to latest with support kernel 6.13/6.14
- Update driver for kernel 6.13+
- Fix warning/errors on build

Fixes: https://autobuild.buildroot.org/results/464780b85739f323a21f9205634f6b51e3f2b916

Signed-off-by: Viacheslav Bocharov <adeep@lexina.in>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-05 21:23:48 +02:00
James Hilliard 11c7d00a59 package/hiredis: bump to version 1.3
For change log, see:
https://github.com/redis/hiredis/releases/tag/v1.3.0

Note this version raises the minimum cmake version from 3.0.0 to 3.7.0.
This change fixes build with a host-cmake 4.0.0 (which has removed
compatibility with cmake < 3.5). Such a failure happens on Arch Linux
which is now providing cmake 4.0.

Fixes:
https://autobuild.buildroot.org/results/662fc308807866f9e25655541f6a8ef9ff32e55a/

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
[Julien: add details in commit log]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-05 12:38:17 +02:00
Joseph Zikusooka (ZIK) 7a07a9d155 package/m4: fix build failure with host-gcc 15
When compiling host-m4 1.4.19 with a host gcc 15 (which is the version
included in Fedora 42, released on 2025-04-15), compilation fails with
error:

    In file included from gl_avltree_oset.h:21,
                     from gl_avltree_oset.c:21:
    gl_oset.h:275:1: warning: 'nodiscard' attribute ignored [-Wattributes]
      275 | GL_OSET_INLINE _GL_ATTRIBUTE_NODISCARD int
          | ^~~~~~~~~~~~~~
    gl_oset.h:275:40: error: expected identifier or '(' before 'int'
      275 | GL_OSET_INLINE _GL_ATTRIBUTE_NODISCARD int
          |                                        ^~~

This error is due to the gnulib copy included in m4 1.4.19, which does
not detect properly the default C language standard of gcc 15 which
has been changed from "gnu17" to "gnu23". See [1]. Note that m4 1.4.19
is the latest version available at the time of this commit, and was
released in May 2021. The issue is tracked upstream in [2].

Upcoming m4 release is expected to fix this issue, by updating its
gnulib copy. See [3], which states: "Update to comply with newer C
standards, and inherit portability improvements from gnulib".

Until this new m4 version is released, this commit fixes the issue by
forcing the C langage standard to "-std=gnu17" (the previous gcc
default) when host-gcc 15 is detected.

Note that the "-std=gnu17" option was introduced in gcc 8. See [4].
This is the reason why this patch adds this option only when the
problematic gcc 15 version is detected.

See also the discussions around this patch at [5].

Fixes:
https://autobuild.buildroot.org/results/1c33ef0a710cfae13e496485787b351c8f951217/
(and many, many others)

[1] https://gcc.gnu.org/gcc-15/changes.html#c
[2] https://savannah.gnu.org/support/?111150
[3] https://git.savannah.gnu.org/cgit/m4.git/commit/?h=branch-1.4&id=a22c9802dd7e724eaefb21dc21d84ac2d3a49c89
[4] https://gcc.gnu.org/gcc-8/changes.html#c
[5] https://lore.kernel.org/buildroot/CAPWx8vsoJUt8YMJG1aUqFRK1=yizNbgjVjGL1Q1+9ygjJGnZLA@mail.gmail.com/

Signed-off-by: Joseph Zikusooka (ZIK) <zik@jambula.net>
Tested-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
[Julien:
 - change mail url to lore.kernel.org for stable link
 - reword, reflow and add extra info in the commit log
 - force -std=gnu17 only when host gcc-15 is detected
 - add a comment in .mk to remove the workaround at next bump
]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-04 19:36:21 +02:00
Titouan Christophe 875f5670aa package/yasm: add patch for CVE-2021-33454
This fixes a potential NULL pointer dereference

As a side note, this package has many opened CVEs, but upstream doesn't seem
to really consider them as security issues, see their disclaimer here:
https://github.com/yasm/yasm/blob/master/SECURITY.md

We could speculate that this disclaimer has been written as a consequence of
the many small CVEs opened in a short time, that don't have a substantial
security impact (besides the command line tool crashing). All of these small
CVEs have been opened for bug reports issued by a third party who used a
fuzzy tester to manipulate the assembler input

Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-01 21:34:12 +02:00
Titouan Christophe b8e8cf6ea0 DEVELOPERS: update email for Titouan Christophe
Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-05-01 21:34:07 +02:00
Titouan Christophe 032b268890 package/wireshark: security bump to v4.2.11
This fixes the following CVE:

- CVE-2025-1492: The Bundle Protocol and CBOR dissectors could crash

    It may be possible to make Wireshark crash by injecting a malformed
    packet onto the wire or by convincing someone to read a malformed
    packet trace file.

See https://www.wireshark.org/security/wnpa-sec-2025-01

Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-30 23:19:59 +02:00
Christian Hitz 8e1ad23f2a package/libxml2: security bump to version 2.13.8
Fixes the following security vulnerabilities:

[CVE-2025-32414] Buffer overflow when parsing text streams with Python API
https://gitlab.gnome.org/GNOME/libxml2/-/issues/889

[CVE-2025-32415] Heap-based Buffer Overflow in xmlSchemaIDCFillNodeTables
https://gitlab.gnome.org/GNOME/libxml2/-/issues/890

https://www.openwall.com/lists/oss-security/2025/04/17/3

For release notes since 2.13.6, see:
https://download.gnome.org/sources/libxml2/2.13/libxml2-2.13.7.news
https://download.gnome.org/sources/libxml2/2.13/libxml2-2.13.8.news

Signed-off-by: Christian Hitz <christian.hitz@bbv.ch>
[Julien: add links to release notes]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-30 12:05:17 +02:00
Dario Binacchi 9c0eee07c7 package/mmc-utils: bump version to c515ea2e1ceb
Change log since last version bump:

  c515ea2e1ceb mmc-utils: Doc: new secure write protect commands
  3fc7643ac148 mmc-utils: Secure Write Protect Mode Read
  bd51a271de9d mmc-utils: Enable/Disable write protect
  5d3a04e70b05 mmc-utils: Add secure write-protect mode enable/disable
  05051e40351c mmc-utils: Refactor RPMB key handling into a separate function
  f4247f56085f mmc-utils: Add SECURE_WP_INFO field in ext_csd register
  50a30df1b74d mmc-utils: Add byte offset comments to rpmb_frame structure
  88e956459a79 mmc-utils: Pack rpmb_frame structure to avoid padding bytes
  d4d3eb24f560 mmc-utils: Reduce scope of nargs for RPMB commands
  437d369cd9d9 mmc-utils: Initialize RPMB frame_out structures to zero

Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-29 22:33:45 +02:00
Nayab Sayed 4e271e6dcc package/optee-client: bump to 4.6.0
Bump to the latest version of optee-client

Signed-off-by: Nayab Sayed <nayabbasha.sayed@microchip.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-29 21:50:39 +02:00
Nayab Sayed 972bbabdcb package/optee-examples: bump to 4.6.0
Update optee-examples to the latest tagged release

Signed-off-by: Nayab Sayed <nayabbasha.sayed@microchip.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-29 21:50:35 +02:00
Nayab Sayed d4e5b293d8 package/optee-test: bump to 4.6.0
Update optee-test to the latest tagged release

Signed-off-by: Nayab Sayed <nayabbasha.sayed@microchip.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-29 21:50:31 +02:00
Nayab Sayed d521d87ee5 boot/optee-os: bump to 4.6.0
Update OP-TEE to its latest tag

Signed-off-by: Nayab Sayed <nayabbasha.sayed@microchip.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-29 21:50:27 +02:00
Raphaël Mélotte 92e7ab78d6 support/scripts/pkg-stats: fix typo in --disable help text
Annoyingly, using "--disable warning" does not disable the warnings
checks.

It turns out that we look for "warnings" (i.e. with an 's') to know if
we should disable the warnings check, so update the help text
accordingly.

Signed-off-by: Raphaël Mélotte <raphael.melotte@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-29 21:45:08 +02:00
Kadambini Nema b6f33b248a package/modem-manager: bump to 1.24.0
Changelog:
https://gitlab.freedesktop.org/mobile-broadband/ModemManager/-/blob/mm-1-24/NEWS

Signed-off-by: Kadambini Nema <kadambini.nema@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-28 22:22:02 +02:00
Kadambini Nema 9bcbc6cc64 package/libmbim: bump to 1.32.0
Changelog:
https://gitlab.freedesktop.org/mobile-broadband/libmbim/-/blob/mbim-1-32/NEWS

Signed-off-by: Kadambini Nema <kadambini.nema@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-28 22:21:58 +02:00
Kadambini Nema 2f4fb6029e package/libqmi: bump to version 1.36.0
Changelog:
https://gitlab.freedesktop.org/mobile-broadband/libqmi/-/blob/qmi-1-36/NEWS

Signed-off-by: Kadambini Nema <kadambini.nema@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-28 22:21:55 +02:00
Kadambini Nema de3e07d6fd package/expat: bump to version 2.7.1
Changelog:
https://github.com/libexpat/libexpat/blob/R_2_7_1/expat/Changes

Update hash of the COPYING file (year updated):
https://github.com/libexpat/libexpat/commit/2b2a24691a9888e0f3c179b8f05cbacb19f460ef

Signed-off-by: Kadambini Nema <kadambini.nema@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-28 22:12:47 +02:00
Yegor Yefremov 78d3861173 package/ncftp: bump to version 3.3.0
For change log, see:
https://www.ncftp.com/ncftp/doc/changelog.html

Fixes:
https://autobuild.buildroot.org/results/103b86c5473077cd95a245a762059a23f78c1a44/build-end.log

Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
[Julien: add link to change log]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-28 22:06:42 +02:00
Dario Binacchi 609ea9789f package/armadillo: bump to version 14.4.2
Release notes:
https://arma.sourceforge.net/docs.html#changelog

Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-28 21:53:27 +02:00
Thomas Bonnefille 8f69974c20 package/mpv: switch to meson from waf
Since commit fd562315, which updated waf to v2.1.1, Buildroot has
encountered issues building mpv, likely due to an outdated version of
the waf build system.

Starting with mpv v0.35, meson was introduced as an alternative to waf,
and in mpv v0.37, waf was completely removed.

This commit updates the mpv makefile to use meson, resolving the build
issues and simplifying future updates to newer versions of mpv.

All options previously used for Waf have been translated to the new
build system by replacing `--disable-feature` with `-Dfeature=disabled`
(and similarly for enabling features). Some features have special
handling:

- The `/usr` prefix is automatically passed to meson packages by
  default.
- The Android feature "has been removed since meson can detect if a
  machine is Android"[1].
- The `libmpv` parameter has been enabled in the makefile as `libmpv`
  must be built by default with mpv.
- Meson packages automatically set whether the library should be built
  statically using the `default_library` meson parameter.
- Meson automatically detects the presence of `libatomic` and passes the
  correct argument to the linker. However, it is possible to set the
  `stdatomic` meson parameter to specify whether `libatomic` must or
  must not be used.

Fixes:
    https://autobuild.buildroot.org/results/68d42441fc0da34e1bf2a4247726f5f4ec3b8e77/

[1]: https://github.com/mpv-player/mpv/blob/140ec21c89d671d392877a7f3b91d67e7d7b9239/DOCS/build-system-differences.md?plain=1#L48

Signed-off-by: Thomas Bonnefille <thomas.bonnefille@bootlin.com>
Tested-by: J. Neuschäfer <j.ne@posteo.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-28 21:50:06 +02:00
Titouan Christophe 3d90ae79a8 package/waf: bump to v2.1.5
For change log, see:
https://gitlab.com/ita1024/waf/-/blob/waf-2.1.5/ChangeLog

Tested with `./utils/test-pkg -p ntpsec` (ntpsec is a waf-package)

Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
Signed-off-by: Titouan Christophe <titouanchristophe@gmail.com>
[Julien: add link to change log]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-28 21:46:20 +02:00
Raphael Pavlidis 94659ff7d4 package/shadow: bump to version 4.17.4
Changelog: [1].

[1]: https://github.com/shadow-maint/shadow/releases/tag/4.17.4

Signed-off-by: Raphael Pavlidis <raphael.pavlidis@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-25 21:18:19 +02:00
Thomas Perale 6c18375434 package/strongswan: fix build w/ wolfssl
The package strongswan relies on the `wc_RsaKeyToDer` & `wc_MakeRsaKey`
functions of WolfSSL. Building this package with the WolfSSL backend
by selecting the variable `BR2_PACKAGE_STRONGSWAN_WOLFSSL` would give
the following error:

```
libtool: compile:  /home/buildroot/instance-0/output-1/host/bin/sparc-linux-gcc -DHAVE_CONFIG_H -I. -I../../../.. -I../../../../src/libstrongswan -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -DWC_NO_RNG -rdynamic -Wno-format -Wno-format-security -Wno-implicit-fallthrough -Wno-missing-field-initializers -Wno-pointer-sign -Wno-sign-compare -Wno-type-limits -Wno-unused-parameter -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -Og -g0 -include /home/buildroot/instance-0/output-1/build/strongswan-5.9.14/config.h -c wolfssl_ed_public_key.c -o wolfssl_ed_public_key.o >/dev/null 2>&1
wolfssl_rsa_private_key.c: In function 'get_encoding':
wolfssl_rsa_private_key.c:366:31: error: implicit declaration of function 'wc_RsaKeyToDer'; did you mean 'wc_EccKeyToDer'? [-Wimplicit-function-declaration]
  366 |                         len = wc_RsaKeyToDer(&this->rsa, encoding->ptr, len);
      |                               ^~~~~~~~~~~~~~
      |                               wc_EccKeyToDer
libtool: compile:  /home/buildroot/instance-0/output-1/host/bin/sparc-linux-gcc -DHAVE_CONFIG_H -I. -I../../../.. -I../../../../src/libstrongswan -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -DWC_NO_RNG -rdynamic -Wno-format -Wno-format-security -Wno-implicit-fallthrough -Wno-missing-field-initializers -Wno-pointer-sign -Wno-sign-compare -Wno-type-limits -Wno-unused-parameter -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -Og -g0 -include /home/buildroot/instance-0/output-1/build/strongswan-5.9.14/config.h -c wolfssl_ec_private_key.c -o wolfssl_ec_private_key.o >/dev/null 2>&1
wolfssl_rsa_private_key.c: In function 'wolfssl_rsa_private_key_gen':
wolfssl_rsa_private_key.c:490:13: error: implicit declaration of function 'wc_MakeRsaKey'; did you mean 'wc_FreeRsaKey'? [-Wimplicit-function-declaration]
  490 |         if (wc_MakeRsaKey(&this->rsa, key_size, WC_RSA_EXPONENT, &this->rng) < 0)
      |             ^~~~~~~~~~~~~
      |             wc_FreeRsaKey
```

Those functions are only present when building the WolfSSL library with
the keygen supports (`--enable-keygen`).

This patch change the selected package to enable all the option of
WolfSSL, which include the keygen as well.

Fixes:
  - https://autobuild.buildroot.org/results/d0e/d0e94f501ad1afd25ae4112443f9af101dfa5dea

Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-25 21:15:42 +02:00
Thomas Perale 294e3a40bb package/micropython: bump to version 1.22.2
This version bump removes CVE-2023-7152, which was incorrectly associated
with the micropython package in pkg-stats.

Although the CVE fix was already present in 1.22.0 the CVE only applied
to the preview version of 1.22.0. The CPE ID of the 1.22.0 matched with the
CPE ID of the 1.22.0 preview version as well.

This patch bumps to the latest patch-level version available in the 1.22.x
series to include additional fixes, rather than just adding the CVE to the
'MICROPYTHON_IGNORE_CVES' list.

The LICENSE hash has been updated, as the licenses used for the ports and
libraries have also been updated in the LICENSE file.

For more details on the version bump, see the release notes:
  - https://github.com/micropython/micropython/releases/tag/v1.22.2
  - https://github.com/micropython/micropython/releases/tag/v1.22.1

Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-25 18:43:39 +02:00
Gaël PORTAY 460da6d4b4 configs/raspberrypi2_64: new defconfig
This configuration builds an image for the Raspberry Pi 2 Rev 1.2
(64-bit).

Note: Raspberry Pi 2 Model B Rev 1.2[1] switched from BCM2836[2] to
BCM2837[3] that is 64-bit.

	BCM2836[2]

	The Broadcom chip used in the Raspberry Pi 2 Model B. The
	underlying architecture in BCM2836 is identical to BCM2835. The
	only significant difference is the removal of the ARM1176JZF-S
	processor and replacement with a quad-core Cortex-A7 cluster.

	BCM2837[3]

	This is the Broadcom chip used in the Raspberry Pi 3 Model B,
	later models of the Raspberry Pi 2 Model B, and the Raspberry Pi
	Compute Module 3. The underlying architecture of the BCM2837 is
	identical to the BCM2836. The only significant difference is the
	replacement of the ARMv7 quad core cluster with a quad-core ARM
	Cortex A53 (ARMv8) cluster.

	The ARM cores run at 1.2GHz, making the device about 50% faster
	than the Raspberry Pi 2. The VideoCore IV runs at 400MHz.

[1]: https://www.raspberrypi.com/documentation/computers/raspberry-pi.html#flagship-series
[2]: https://www.raspberrypi.com/documentation/computers/processors.html#bcm2836
[3]: https://www.raspberrypi.com/documentation/computers/processors.html#bcm2837

Signed-off-by: Gaël PORTAY <gael.portay+rtone@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-25 18:24:08 +02:00
James Hilliard 72661cb424 package/libubootenv: bump to version 0.3.6
For release note, see:
https://github.com/sbabic/libubootenv/releases/tag/v0.3.6

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
[Julien: add link to release note]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-25 18:21:26 +02:00
Giulio Benetti 40d37d98b7 package/libfuse3: bump to version 3.17.2
Release notes:
https://github.com/libfuse/libfuse/releases/tag/fuse-3.17.2

Drop local patches that are upstreamed now.

Fixes:
https://autobuild.buildroot.net/results/f3c/f3cfaa8ed63483858ffa32b719ea4be68ba6c4f3//

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-25 18:18:18 +02:00
Raphaël Mélotte 446c09332a package/bcc: bump to version 0.34.0
Release notes: https://github.com/iovisor/bcc/releases/tag/v0.34.0

The 'tests.package.test_bcc' test(s) were run and passed.

Signed-off-by: Raphaël Mélotte <raphael.melotte@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-25 18:14:28 +02:00
Thomas Petazzoni 0e0b65781b package/dpdk: fixup Config.in comment about dependencies
The Config.in comment in the dpdk package was wrong for a number of
reasons:

- It didn't mention the glibc dependency

- It didn't mention the gcc >= 4.9 dependency

- It mentioned a wchar dependency that isn't listed in the dpdk
  dependencies

- It mentioned a dynamic library dependency that isn't listed in the
  dpdk dependencies

- It used "kernel headers >= 4.19", while for brievity we use "headers
  >= 4.19" everywhere in Buildroot

- Minor nit: DPDK was written allcaps, while we write package names
  lower-case in Buildroot

Fixes: d17d1b6bde ("package/dpdk: add 24.07")
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-25 18:12:04 +02:00
Thomas Petazzoni b20c8aa1f1 package/cryptopp: add upstream URL in help text
The upstream URL was missing in the help text, so add it.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-25 18:12:04 +02:00
El Mehdi YOUNES 5bca9d741d support/test: new dust runtime test
Add a runtime test for the 'dust' package to verify that the binary
executes correctly in a minimal buildroot rootfs. The test checks that:
- 'dust --version' runs without error
- 'dust' can analyze a directory structure with files
- The output includes the expected directory names

Signed-off-by: El Mehdi YOUNES <elmehdi.younes@smile.fr>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-25 18:09:37 +02:00
El Mehdi YOUNES dacf8e3c39 support/test: new bat runtime test
Add a runtime test for the 'bat' package to verify that the binary executes
correctly in a minimal Buildroot rootfs.The test cheks that:
- 'bat --version' runs without error
- 'bat' can read and display a text file
- the displayed content matches the expected string

Signed-off-by: El Mehdi YOUNES <elmehdi.younes@smile.fr>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-25 18:09:37 +02:00
Vincent Fazio 3672945a8d package/python-setuptools: bump to 79.0.1
This version of setuptools includes an update to distutils [0] which
fixes an issue with determining the linker command for C++ targets when
a wrapper, such as ccache, is in the command.

Fixes: https://autobuild.buildroot.org/results/5f017fca3d708388c9f66afea39b090f0976d496/

[0]: https://github.com/pypa/distutils/commit/b8c06fffe4b118f3c549fc23d196c2f3d41aa17c

Signed-off-by: Vincent Fazio <vfazio@xes-inc.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-25 18:06:10 +02:00
Dario Binacchi f4ab8cb590 configs/ti_am62x_sk: bump TF-A, U-Boot and Linux versions
This patch bumps:

- TF-A to version v2.12 (LTS)
- U-Boot to version v2025.04
- Linux kernel to version 6.12.24 (LTS)

Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Reviewed-by: Bryan Brattlof <bb@ti.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-25 18:03:39 +02:00
Peter Korsgaard f79d744d84 DEVELOPERS: fix Guillaume Chaye's entry
Commit f78280bf26 ("package/sane-airscan: new package") added a new entry
in DEVELOPERS, but forgot to add the email address.  Fix that.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-04-25 10:04:19 +02:00
Maxime Leroy 3e65c8005a package/grout: new package
Grout is a Graph router based on DPDK.

Signed-off-by: Maxime Leroy <maxime@leroys.fr>
Reviewed-by: Vincent Jardin <vjardin@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-04-24 23:30:23 +02:00
Maxime Leroy 585cf21fa9 package/libecoli: bump version to 0.5.0
This new version is required to compile grout v8.4.0.

Signed-off-by: Maxime Leroy <maxime@leroys.fr>
Reviewed-by: Vincent Jardin <vjardin@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-04-24 23:01:47 +02:00
Lars Wikman 1896f8c758 package/wpa_supplicant: add Smart card option
CONFIG_SMARTCARD was unconditionally disabled which has meant that
even if OpenSSL is compiled with engine support and the supplicant is
configured to use an engine it would warn that it was compiled without
engine support.

This mechanism is used to enable the more secure forms of 802.1x
networking authentication such as EAP-TLS with hardware-delegated
cryptography and private keys protected in hardware.

Enabling the option will allow delegating private key access to TPM2,
ARM TrustZone and other specialized secure hardware for establishing a
network connection.

Signed-off-by: Lars Wikman <lars@underjord.io>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-04-24 22:53:54 +02:00
Giulio Benetti 1fc51abc27 package/trace-cmd: bump to version 3.3.2
Release notes:
https://git.kernel.org/pub/scm/utils/trace-cmd/trace-cmd.git/tag/?h=trace-cmd-v3.3.2

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-24 00:09:00 +02:00
Quentin Schulz 0f2249a484 package/libcamera: update patch with merged commit
The v1 of the patch that is in Buildroot ended up being reworked and
merged from a v2, therefore let's update the patch by using the merged
commit instead.

Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-04-23 23:38:27 +02:00
Quentin Schulz d12d1a7f5e package/libcamera: fix crash on Rockchip with kernels before 6.4
libcamera migrated to use an ioctl for detecting frame sizes which is
only available in kernels 6.4 and later. If it doesn't exist, default
frame sizes are used. However the min and max resolutions supported by
the pipeline weren't initialized for kernels where that ioctl isn't
available and ended up creating invalid configuration that later
crashed.

The introducing commit was part of the v0.4.0 release.

Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-04-23 23:36:55 +02:00
Guillaume Chaye f78280bf26 package/sane-airscan: new package
Signed-off-by: Guillaume Chaye <guillaume.chaye@zeetim.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-04-23 22:30:42 +02:00
Francois Perrad e42da630d0 configs/olimex_a20_olinuxino_lime*: bump Linux and U-Boot
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-23 21:31:20 +02:00
Francois Perrad 3150b0abc4 configs/olimex_a20_olinuxino_lime*: switch to Bootlin glibc stable toolchain
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-23 21:31:16 +02:00
El Mehdi YOUNES 3abc3b97ba package/dust: bump to version 1.1.2
Release:
https://github.com/bootandy/dust/releases/tag/v1.1.2

Note: version 0.9.0 of dust fails to build when running
the runtime test on the armv7 architecture due to an
unconditional import of Atomicu64.

	error:

Compiling config-file v0.2.3
error[E0432]: unresolved import `std::sync::atomic::AtomicU64`
 --> src/progress.rs:6:18
  |
6 |         atomic::{AtomicU64, AtomicU8, AtomicUsize, Ordering},
  |                  ^^^^^^^^^
  |                  |
  |                  no `AtomicU64` in `sync::atomic`
  |                  help: a similar name exists in the module: `AtomicU32`

For more information about this error, try `rustc --explain E0432`.
error: could not compile `du-dust` (bin "dust") due to 1 previous error

This issue was discovered while writing a runtime test
for dust. upgrading to version 1.1.2 resolves the issue.

More details available in the following issue:
https://github.com/bootandy/dust/issues/423

For now, we bump to the latest compatible version
which builds and runs correctly. We can't bump to the latest
version 1.2.0 since it requires a cargo version newer than
1.82.0.

	error:
--  The package requires the Cargo feature called `edition2024`, but that feature is not stabilized in this version of Cargo (1.82.0 (8f40fc59f 2024-08-21)).
  Consider trying a newer version of Cargo (this may require the nightly release).

The upgrade to 1.2.0 will be considered once the patch for
Rust 1.86.0 is accepted.

Signed-off-by: El Mehdi YOUNES <elmehdi.younes@smile.fr>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-23 21:25:41 +02:00
Peter Korsgaard 1dc1a05d94 package/graphicsmagick: add post-1.3.45 security fixes
Fixes the following security issues:

- CVE-2025-27795: ReadJXLImage in JXL in GraphicsMagick before 1.3.46 lacks
  image dimension resource limits
  https://nvd.nist.gov/vuln/detail/CVE-2025-27795

- CVE-2025-32460: GraphicsMagick before 8e56520 has a heap-based buffer
  over-read in ReadJXLImage in coders/jxl.c, related to an
  ImportViewPixelArea call.
  https://nvd.nist.gov/vuln/detail/CVE-2025-32460

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-23 21:21:31 +02:00
Peter Korsgaard 055547ff12 package/graphicsmagick: security bump to version 1.3.45
1.3.44 added the following security fixes:

* TIFF: Fixed multiple heap and stack buffer overflows (directed by
  the source EXIF profile) while writing EXIF into the native TIFF
  IFD.

* FITS: Fix problem that the FITS reader could return invalid image
  frames with rows or columns set to zero. Other code in the library
  crashes, or even asserts, if invalid image frames with rows or
  columns set to zero are returned.

* Coverity fixes: Various fixes for Coverity issues raised after the
  update to version 2023.12.2.

* Clang Analyzer (scan-build) fixes: Various fixes for new issues
  discovered by Clang Analyzer.

https://foss.heptapod.net/graphicsmagick/graphicsmagick/-/commit/7046c344273c263a9b6e4901b910508aea3804b5

In addition 1.3.45 fixes a off-by-one issue introduced in 1.3.44:
https://foss.heptapod.net/graphicsmagick/graphicsmagick/-/commit/96f765a2e3cebf0b70094da34d03b73c50c3aa63

Update the Copyright.txt hash for a change in copyright years:
https://foss.heptapod.net/graphicsmagick/graphicsmagick/-/commit/f0bba104ee3859286ea8adfc2ff603fd64be5624
https://foss.heptapod.net/graphicsmagick/graphicsmagick/-/commit/26fce892769e4a26247dd2db5b8dc0719ce20953

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-23 21:21:25 +02:00
El Mehdi YOUNES e7a00fd93a package/bat:bump to version 0.25.0
Changelog:
https://github.com/sharkdp/bat/blob/v0.25.0/CHANGELOG.md

Signed-off-by: El Mehdi YOUNES <elmehdi.younes@smile.fr>
[Julien: change changelog url to use tag]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-23 21:12:46 +02:00
Thomas Perale 70ca62fb49 package/libcoap: fix build for toolchains w/o threads
The version bump in [1] introduced the upstream commit [2] which made
builds using toolchain without thread support fail to build libcoap.

This patch adds an option check in the libcoap.mk file to verify
the toolchain has thread support and passes the correct configuration
options introduced in [2] as well.

The build can be tested with the following config.

```
BR2_armeb=y
BR2_cortex_a76_a55=y
BR2_ARM_EABI=y
BR2_ARM_SOFT_FLOAT=y
BR2_TOOLCHAIN_BUILDROOT_UCLIBC=y
BR2_PTHREADS_NONE=y
BR2_PACKAGE_LIBCOAP=y
```

Fixes:
https://autobuild.buildroot.org/results/9c0/9c0b675a64fb2576bc34457043f118cffe5fe555//

[1] 4df4d1d312 package/libcoap: bump version to 4.3.5
[2] https://github.com/obgm/libcoap/commit/c69c5d5af0a30859e90756f535e2ca21cdeda0b2

Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-23 21:08:28 +02:00
Raphaël Mélotte cd6141ab15 DEVELOPERS: remove Jugurtha BELKALEM
Jugurtha's email address is bounding:

 550 5.1.1 The email account that you tried to reach does not exist. Please try double-checking the recipient's email address for typos or unnecessary spaces.

Remove it from the DEVELOPERS file so that utils/get-developers
doesn't send emails to non-existent addresses.

Signed-off-by: Raphaël Mélotte <raphael.melotte@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-23 20:45:22 +02:00
Giulio Benetti a41ebd6ca1 package/harfbuzz: bump to version 11.1.0
Release notes:
https://github.com/harfbuzz/harfbuzz/releases/tag/11.1.0

Since the major release changed all the packages that have direct
dependency to harfbuzz have been successfully built:
- efl
- libass
- mupdf
- pango
- qt5base
- qt5webengine
- qt6base
- sdl2_ttf
- supertuxkart
- vlc
- webkitgtk
- wpewebkit

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-23 20:36:51 +02:00
Peter Korsgaard b459253bbf docs/website/news.html: correct left/right for 2024.02.13 entry
The 2024.02.13 entry should use the timeline-inverted class to get rendered
at the right side of the screen.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-04-23 08:59:01 +02:00
Vladimir Oltean d2f5f519ec package/qoriq-firmware-inphi: new package
The NXP BSPs have custom support for a 25G Ethernet retimer
(drivers/net/phy/in112525.c in U-Boot) for the LX2160A-RDB board.
That driver requires a text file to be located at a given offset in the
same storage device as U-Boot itself. The text file contains a list of
register addresses and values which are programmed into the retimer.

All in all, a pretty convoluted mechanism, but the driver is
non-upstreamable, and to support the board we need this "firmware" file
deployed.

Signed-off-by: Vladimir Oltean <olteanv@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-04-22 23:52:13 +02:00
Vladimir Oltean 4440f8a245 package/qoriq-mc-utils: new package
The configuration files for the MC firmware binary are distributed
through a separate repository on GitHub, and need a different package.
They are licensed differently than the firmware itself, and unlike the
firmware, they are customizable.

There are two ways for a board to use this package - similar to
qoriq-rcw. If it is an NXP reference board or if the example files
otherwise work fine with it, it is recommended to set the _INTREE
variables to select a pre-existing DPL and DPC. Otherwise, if it is a
custom board, the best solution is to just provide the DPL and DPC dts
files in board/, and set the _CUSTOM_PATH variables to point to them.

There are also two ways to deploy to the target.

Traditionally in NXP BSPs, U-Boot loads the MC firmware, DPL and DPC
from given offsets in the storage medium (outside of the filesystem).
But this is not hardcoded and it doesn't have to be the case - the
mcinitcmd U-Boot environment variable is freely customizable. What can
also be done, and is done for the LX2160A-RDB, is to deploy multiple DPL
and DPC files (all the files available for a board) to a folder of the
rootfs, and just have two symlinks: dpl.dtb and dpc.dtb which point to
the currently active files. This makes easier the processes of
upgrading, downgrading and keeping multiple file versions.

Nonetheless, the "traditional" method of deploying to the target is also
possible. The selected DPL and DPC files are deployed to the "images"
folder and are freely usable with genimage or other post-image scripts.

Signed-off-by: Vladimir Oltean <olteanv@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-04-22 23:52:12 +02:00
Arnout Vandecappelle 3154fd8ee1 docs/website/news.html: Update for 2025.02.1
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-04-22 23:46:45 +02:00
Colin Evrard 17cdfb94a1 Update for 2025.02.1
Signed-off-by: Colin Evrard <colin.evrard@mind.be>
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
(cherry picked from commit 3815d578c5)
[Arnout: drop changes to Makefile]
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-04-22 23:42:37 +02:00
Arnout Vandecappelle 87d5d63983 docs/website/news.html: Update for 2024.02.13
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-04-22 23:38:41 +02:00
Colin Evrard af34a630d0 Update for 2024.02.13
Signed-off-by: Colin Evrard <colin.evrard@mind.be>
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
(cherry picked from commit e687e3815f)
[Arnout: drop Makefile changes]
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-04-22 23:33:41 +02:00
Arnout Vandecappelle 3ea8757fa5 docs/website/news.html: Update for 2024.11.4
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-04-22 23:24:50 +02:00
Colin Evrard d65ceed345 CHANGES: Add changes for 2024.11.4
Signed-off-by: Colin Evrard <colin.evrard@mind.be>
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
(cherry picked from commit c9e65c2cd7)
[Anrout: drop Makefile changes]
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-04-22 23:24:49 +02:00
Vladimir Oltean b59d64c50d package/qoriq-mc-binary: new package
Add a package which deploys the NXP MC (Management Complex) firmware
to the target. This is necessary for NXP DPAA2 SoCs (LS1088A, LS2080A,
LS2088A, LX2160A).

The MC firmware is deployed by default to the $O/images/ folder, where
it can be used by post-build scripts. Additionally, if
BR2_PACKAGE_QORIQ_MC_BINARY_TARGET_INSTALL_PATH is specified and if the
board mcinitcmd is written as such as to pick it up, it is optionally
deployed to the filesystem.

The API exposed by the MC firmware respects backwards compatibility
principles, which means that the latest firmware version can always be
(and should always be) used on a platform, irrespective of the Linux,
U-Boot, RCW and restool versions, even though the latest features might
not be used by older API consumers.

In terms of forwards compatibility, old MC firmware versions can be
used as long as the qoriq-restool package is built with a
MC_VERSION_COMPATIBLE variable (located in its Makefile, signifying
"minimum compatible version") older than, or equal to it.

If the use of qoriq-restool is not desired (networking objects are
statically created by the DPL), old MC firmware versions are supported
by U-Boot and the Linux kernel with a limited feature set. Thus, it
is still possible to an extent to use firmware versions older than
MC_VERSION_COMPATIBLE.

According to the upstream maintainer, the latest MC firmware version
is identified by the fact that it is always located at the HEAD of the
"master" branch:
https://lore.kernel.org/buildroot/482493f17e63d2b4cb285b50049ed8e6@free.fr/T/#m62c3ec04ba546ac9b0a194d13bc35fedeaa9deb0
Currently, the latest MC firmware version is 10.39.0. This version
should be in sync with the qoriq-mc-utils package.

At this stage, the latest lf-6.12.3-1.0.0 NXP BSP has qoriq-restool with
an MC_VERSION_COMPATIBLE='10.32.0', which means that it supports this MC
firmware version.
https://github.com/nxp-qoriq/restool/blob/lf-6.12.3-1.0.0/Makefile#L23

Note that the MC firmware also used to be distributed through
linux-firmware:
https://web.git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git/tree/dpaa2/mc?h=20250311
I don't know what was the reason for doing that, but it stopped being
updated and the versions there are quite old.

Signed-off-by: Vladimir Oltean <olteanv@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-04-22 23:15:11 +02:00
Adam Duskett 631ab85437 package/mender-artifact: bump to version 4.1.0
Changelog:
https://docs.mender.io/release-information/release-notes-changelog/mender-artifact

License changes:
New:
    Apache 2.0:
        LICENSE: 2024 -> 2025
        vendor/cloud.google.com/go/auth/LICENSE
        vendor/cloud.google.com/go/auth/oauth2adapt/LICENSE
        vendor/github.com/kylelemons/godebug/LICENSE
        vendor/go.opentelemetry.io/otel/trace/LICENSE
        vendor/go.opentelemetry.io/otel/LICENSE
        vendor/go.opentelemetry.io/otel/metric/LICENSE
        vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/LICENSE
        vendor/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc/LICENSE
        vendor/go.opentelemetry.io/auto/sdk/LICENSE
        vendor/github.com/go-logr/logr/LICENSE
        vendor/github.com/go-logr/stdr/LICENSE

    BSD 2 clause:
        vendor/github.com/pkg/browser/LICENSE

    BSD 3 clause:
        vendor/golang.org/x/sync/LICENSE
        vendor/github.com/google/uuid/LICENSE

    ISC:
        vendor/github.com/decred/dcrd/dcrec/secp256k1/v4/LICENSE

    MIT:
        vendor/github.com/Azure/azure-sdk-for-go/sdk/internal/LICENSE.txt
        vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/LICENSE.txt
        vendor/github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/internal/LICENSE.txt
        vendor/github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azkeys/LICENSE.txt
        vendor/github.com/Azure/azure-sdk-for-go/sdk/azcore/LICENSE.txt
        vendor/github.com/AzureAD/microsoft-authentication-library-for-go/LICENSE
        vendor/github.com/goccy/go-json/LICENSE
        vendor/github.com/golang-jwt/jwt/v5/LICENSE
        vendor/github.com/lestrrat-go/iter/LICENSE
        vendor/github.com/lestrrat-go/blackmagic/LICENSE
        vendor/github.com/lestrrat-go/backoff/v2/LICENSE
        vendor/github.com/lestrrat-go/httpcc/LICENSE
        vendor/github.com/lestrrat-go/option/LICENSE
        vendor/github.com/lestrrat-go/jwx/LICENSE

    MPL-2.0:
        vendor/github.com/felixge/httpsnoop/LICENSE.txt

Modified:
    Apache 2.0:
        vendor/github.com/mendersoftware/progressbar/LICENSE: 2021 -> 2025

    BSD 3:
        vendor/golang.org/x/net/LICENSE: Google INC -> Google LLC
        vendor/golang.org/x/oauth2/LICENSE: Google INC -> Google LLC
        vendor/golang.org/x/text/LICENSE: Google INC -> Google LLC
        vendor/golang.org/x/crypto/LICENSE: Google INC -> Google LLC
        vendor/golang.org/x/time/LICENSE: Google INC -> Google LLC

Removed:

    Apache 2.0:
        vendor/google.golang.org/appengine/LICENSE
        vendor/cloud.google.com/go/compute/LICENSE
        vendor/go.opencensus.io/LICENSE
        vendor/github.com/golang/groupcache/LICENSE

    BSD 3 Clause:
        vendor/github.com/golang/protobuf/LICENSE
        vendor/golang.org/x/crypto/LICENSE
        vendor/golang.org/x/time/LICENSE

Tested with ./support/testing/run-tests tests.package.test_mender
08:48:07 TestMenderSystemd                        Starting
08:48:35 TestMenderSystemd                        Cleaning up
08:48:35 TestMenderRW                             Starting
08:48:46 TestMenderRW                             Cleaning up
08:48:46 TestMenderRO                             Starting
08:48:46 TestMenderRO                             Building
08:55:02 TestMenderRO                             Building done
08:55:13 TestMenderRO                             Cleaning up
----------------------------------------------------------------------
Ran 3 tests in 425.930s
OK

Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-04-22 22:40:28 +02:00
El Mehdi YOUNES 259af5589c package/ripgrep: bump to version 14.1.1
Changelog:
https://github.com/BurntSushi/ripgrep/blob/14.1.1/CHANGELOG.md

The commit also rebase he package patch on this new version.

Signed-off-by: El Mehdi YOUNES <elmehdi.younes@smile.fr>
[Julien:
 - squash patch rebase and version bump in a single commit
 - update changelog link to use the tag
]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-22 21:53:39 +02:00
Charlie Jenkins b074f6b72b package/linux-tools: fix parallel compilation
linux-tools opportunistically set linux as only a patch dependency. This
unfortunately introduces a race condition in the shared linux scripts
when using PER_PACKAGE_DIRECTORIES and using top level parallelism. The
race manifests as the error "/bin/sh: 1: scripts/basic/fixdep:
Permission denied". This happens when the linux package and the
linux-tools package are being compiled in parallel.

The linux-tools currently using fixdep are perf and rtla. When the
timing is correct, perf, rtla, or the kernel Makefile will try to use
fixdep while one of the others is compiling fixed, resulting in fixdep
being briefly not available.

To fix this, set linux as a build dependency instead of a patch
dependency.

Signed-off-by: Charlie Jenkins <charlie@rivosinc.com>
Reviewed-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-04-22 21:42:00 +02:00
Charlie Jenkins ffc154197d package/pixman: fix pixman compilation on riscv
When the riscv vector extension is enabled for pixman, it assumes that
the kernel headers also support riscv vector. Apply a patch that
disables riscv vector in pixman if the Linux headers do not support
COMPAT_HWCAP_ISA_V which pixman requires for vector runtime detection.

This issue exists since pixman 0.44.0, which Buildroot started using
in commit ba2fb599cd.

Fixes:

  http://autobuild.buildroot.net/results/4ecdf5320716ec8b39f09fde3fcbbdcdb557f8ab/

Signed-off-by: Charlie Jenkins <charlie@rivosinc.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-04-22 21:39:44 +02:00
Charlie Jenkins 386e6bb479 package/pixman: only compile with riscv vector support when selected
Pixman defaults to building with the riscv vector extension. Instead,
only build with vector if the buildroot user has selected
BR2_RISCV_ISA_RVV.

This option exists since pixman 0.44.0, to which the Buildroot package
was updated as part of Buildroot commit
ba2fb599cd.

Signed-off-by: Charlie Jenkins <charlie@rivosinc.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-04-22 21:39:21 +02:00
Petr Vorel 6bcefa73b1 package/iproute2: backport NULL dereference fix
This will be part of 6.15.0 release.

Signed-off-by: Petr Vorel <petr.vorel@gmail.com>
[Julien: fix check-package error by adding "Upstream:" tag in patch]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-22 21:30:47 +02:00
Petr Vorel ad82e91149 package/iproute2: bump to version 6.14.0
For release announce, see:
https://lore.kernel.org/netdev/20250324092319.28d39f2f@hermes.local/

Signed-off-by: Petr Vorel <petr.vorel@gmail.com>
[Julien: add link to release announce]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-22 21:30:20 +02:00
Giulio Benetti a5f0551d28 package/libtracefs: bump to version 1.8.2
Release notes:
https://git.kernel.org/pub/scm/libs/libtrace/libtracefs.git/tag/?h=libtracefs-1.8.2

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-22 21:06:21 +02:00
Kadambini Nema a6b702a3f6 package/ustreamer: bump version to 6.36
Changelog - https://github.com/pikvm/ustreamer/compare/v6.29...v6.36

Add host-pkgconf to dependencies.
https://github.com/pikvm/ustreamer/commit/4e3f873f0d8795eadbc70ff59933103b17fffbfd

Signed-off-by: Kadambini Nema <kadambini.nema@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-22 21:01:53 +02:00
Kadambini Nema 12cd212b51 package/strace: bump version to 6.14
Release notes:
https://github.com/strace/strace/releases/tag/v6.14

Signed-off-by: Kadambini Nema <kadambini.nema@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-22 20:53:46 +02:00
Леонид Юрьев (Leonid Yuriev) 47232b4f62 package/libmdbx: bump version to 0.13.6
This release called "Бузина" (Elderberry) of the stable libmdbx branch.

Please visit https://libmdbx.dqdkfa.ru for more information, changelog,
credits and acknowledgments, documentation, C++ API description and
links to the original git repo with the source code. Questions, feedback
and suggestions are welcome to the Telegram' group https://t.me/libmdbx.

Since 0.13.x libmdbx is licensed under the Apache 2.0 License.
For notes about the license change, please refer to the COPYRIGHT file
within original libmdbx source code repository
https://gitflic.ru/project/erthink/libmdbx

Signed-off-by: Леонид Юрьев (Leonid Yuriev) <leo@yuriev.ru>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-22 20:46:42 +02:00
Fabio Estevam 6240b75d0c configs/warp7: Improve Wifi instructions
The "modprobe brcmfmac" command is not necessary because this driver
is automatically loaded.

Remove the "iwconfig" line as it is considered deprecated:

warning: `iwconfig' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211

Remove the "-Dwext" parameter as it is not supported by the default kernel
configuration:

wlan0: Unsupported driver 'wext'

Tested Wifi by following the updated commands.

Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-22 19:33:23 +02:00
Fabio Estevam 531adf23c4 configs/warp7: Bump U-Boot and kernel versions
Bump U-Boot to 2025.04 and kernel to version 6.12.24.

Signed-off-by: Fabio Estevam <festevam@gmail.com>
[Julien: add missing BR2_TARGET_UBOOT_NEEDS_GNUTLS=y]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-22 19:33:23 +02:00
Vincent Stehlé a5821cdaa1 support/testing: test_edk2: add macchiatobin build test
Add an EDK II build test for the MACCHIATObin platform.

Signed-off-by: Vincent Stehlé <vincent.stehle@arm.com>
Cc: Dick Olsson <hi@senzilla.io>
Cc: Julien Olivain <ju.o@free.fr>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-22 13:00:09 +02:00
Fiona Klute (WIWA) 3ffdcc5b9d package/busybox: save shell history only on exit
Both busybox.config and busybox-minimal.config set
CONFIG_FEATURE_EDITING_SAVEHISTORY=y. This causes the Busybox shell to
write the history file after every command, which can be a problem on
storage with limited write cycles (e.g. eMMC).

Set CONFIG_FEATURE_EDITING_SAVE_ON_EXIT=y to change behavior to write
the history file only on exit, which reduces writes without losing the
history feature.

Signed-off-by: Fiona Klute (WIWA) <fiona.klute@gmx.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-04-21 23:52:18 +02:00
Julien Olivain cca8d68461 Config.in: introduce BR2_HOST_GCC_AT_LEAST_{12..15}
Fedora 42 is planned to be released on 2025-04-22 [1].
It is also planned to include the upcoming gcc 15 release.
Gcc 15 is changing the default C language from -std=gnu17
to -std=gnu23 [2].

This change is expected to possibly introduce build failures [3].
In order to be prepared to fix those, this commit introduces the
BR2_HOST_GCC_AT_LEAST_{12..15} symbols.

[1] https://fedorapeople.org/groups/schedule/f-42/f-42-key-tasks.html
[2] https://gcc.gnu.org/gcc-15/changes.html#c
[3] https://savannah.gnu.org/support/?111150

Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-04-21 23:50:50 +02:00
Yegor Yefremov e954dd0a21 package/httping: bump to version a1c5fdcf289cf7d1d8245579150bcf670f90d248
Enable gettext support.

Make all options configurable.

Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-04-21 23:34:49 +02:00
Fiona Klute (WIWA) 340a4bd4f8 package/mosquitto: fix init script
Restart would regularly fail because it did not wait for the old
process to be gone before starting the new one. Rewrite the script
according to current style to fix that, and add reload support (see
mosquitto docs for limitations of reload).

Signed-off-by: Fiona Klute (WIWA) <fiona.klute@gmx.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-04-21 23:33:03 +02:00
Dario Binacchi dd9c6907c7 package/mmc-utils: bump to 2aef4cd9a84d
Among the various changes, it's worth noting the extension of the
register read functionality, allowing also to get its value as an
argument [1].
Moreover, commit [2] fixes the conditional invocation of sparse
properly handling the corresponding 'C' option. Hence, the related
change in the Buildroot compilation command (i.e. C=0).

[1] https://web.git.kernel.org/pub/scm/utils/mmc/mmc-utils.git/commit/?id=21e0fa6420736830a90e13b4a807ec3475df5e65
[2] https://web.git.kernel.org/pub/scm/utils/mmc/mmc-utils.git/commit/?id=a89cba2a0f8c6a19aa6b804877241170f5b6bdd2
Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Reviewed-by: Sébastien Szymanski <sebastien.szymanski@armadeus.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-04-21 23:27:36 +02:00
Adam Duskett 1956e4e434 package/flutter-engine: bump to version 3.29.2
As of Flutter 3.27.4, the flutter-engine github repository is archived, and the
flutter-engine source code now resides at https://github.com/flutter/flutter/.

Because of the above, the following changes must occure:

- Paths are now prefixed with engine/src.

- The "name" field in the dot-gclient file is now "./", and the gen-tarball
  script:
   - Makes the dl-tmp/src dir
   - Copies the dot-gclient file to the dl-tmp/src dir
   - Runs gclient.py inside of the dl-tmp/src dir

Without these changes, gclient creates two directores:
dl-tmp/src/flutter and dl-tmp/src/engine, and cloning fails with the following
error:

```
python3: can't open file 'dl-tmp/src/engine/src/flutter/tools/pub_get_offline.py':
[Errno 2] No such file or directory
```

because the file resides at src/flutter/engine/src/flutter/tools.
Changing the name from src/flutter to ./ and running gclient.py directly in
the src directory creates a proper directory structure suitable for compiling.

Of course, this also means there is a new pushd in the gen_tarball method to
move to ${SCRATCH_DIR} to ensure the tarball is generated outside of the
source directory.

Tested with run-tests tests.package.test_flutter.TestFlutter.test_run.

The license file has changed, but it's still BSD-3-Clause.

Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-04-21 23:19:59 +02:00
Adam Duskett d9e98d8553 package/flutter-sdk-bin: bump to version 3.29.2
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-04-21 19:08:14 +02:00
Adam Duskett 10370cd77b package/flutter-packages: bump to version 2df1c3a524131e35d6e385eb9465c47d530e341b
native_assets.yaml are now native_assets.json

Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-04-21 19:08:08 +02:00
Adam Duskett e75e166c4e package/depot-tools: bump to version 097e20723774957f21ac6d1808fcd0a91e8c7630
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-04-21 19:07:54 +02:00
Adam Duskett 58d616e687 package/ivi-homescreen: bump to version a038ce00031ed5a9a89b4d8dd7dbde5e3d7ade6e
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-04-21 19:07:50 +02:00
Adam Duskett 3d0fbaf113 package/mender-grubenv: bump version to e4cdd9db213de15e79576b40fd3f07736ac85709
- Update License hash due to year change.

Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-04-21 19:05:01 +02:00
Raphaël Mélotte 140d2f5ab9 package/python-s3transfer: bump to version 0.11.4
Signed-off-by: Raphaël Mélotte <raphael.melotte@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-21 17:38:24 +02:00
Raphaël Mélotte 27a9837b50 package/python-boto3: bump to version boto3-1.37.34
The test timeout is no longer sufficient, so double it.

Signed-off-by: Raphaël Mélotte <raphael.melotte@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-21 17:38:21 +02:00
Raphaël Mélotte e1500712e3 package/python-botocore: bump to version 1.37.33
Signed-off-by: Raphaël Mélotte <raphael.melotte@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-21 17:38:18 +02:00
Raphaël Mélotte dff7ead045 package/python-urllib3: bump to version 2.4.0
Release notes: https://github.com/urllib3/urllib3/releases/tag/2.4.0

Signed-off-by: Raphaël Mélotte <raphael.melotte@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-21 17:38:15 +02:00
Raphaël Mélotte 3e931caf84 support/testing: add new test for python-urllib3
Importing urllib3 already allows us to check that for example zlib can
be loaded at runtime.

For good measure, also create the PoolManager object mentioned in the
user guide ([1]), and check that we can normalize a URL like it is
done in urllib3's 'test/test_util.py'.

[1]: https://urllib3.readthedocs.io/en/stable/user-guide.html

Signed-off-by: Raphaël Mélotte <raphael.melotte@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-21 17:38:11 +02:00
Julien Olivain 9021b261c6 package/hyperfine: bump version to 1.19.0
Changelog:
https://github.com/sharkdp/hyperfine/blob/v1.19.0/CHANGELOG.md

Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-21 16:26:11 +02:00
Julien Olivain a9b0e551af support/testing: new hyperfine runtime test
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-21 16:26:05 +02:00
Julien Olivain b910646a86 package/fwts: bump to version 25.03.00
See release announce:
https://lists.ubuntu.com/archives/fwts-devel/2025-March/013974.html

Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-21 16:25:56 +02:00
Julien Olivain 7f104812bf package/tig: bump version to 2.5.12
For change log since 2.5.10, see:
https://github.com/jonas/tig/releases/tag/tig-2.5.11
https://github.com/jonas/tig/releases/tag/tig-2.5.12

The autoconf configure script of this new version (generated with
autoconf 2.72) now requires pkg-config. Therefore, this commit also
adds host-pkgconf in _DEPENDENCIES.

Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-21 16:25:41 +02:00
Julien Olivain 1065fe6602 package/octave: bump to version 9.4.0
See release announce:
https://octave.org/news/release/2025/02/07/octave-9.4.0-released.html

Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-21 16:25:35 +02:00
Julien Olivain bee46bf38d package/rdma-core: bump to version v56.0
For change log since v55.0, see:
https://github.com/linux-rdma/rdma-core/releases/tag/v56.0

Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-21 16:25:24 +02:00
Julien Olivain c6db02cff4 package/libopenmpt: bump to version 0.7.13
For release note since 0.7.11, see:
https://lib.openmpt.org/libopenmpt/2024/12/01/releases-0.7.12-0.6.21-0.5.35-0.4.47/
https://lib.openmpt.org/libopenmpt/2025/01/06/releases-0.7.13-0.6.22-0.5.36-0.4.48/

License file hash changed after year update:
https://github.com/OpenMPT/openmpt/commit/97f0c59cda82ff92d905fb1af8d55a89997a6a8b

Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-21 16:25:14 +02:00
Julien Olivain ae4bf5a4fe package/opencsd: bump to version 1.5.6
For change log, see:
https://github.com/Linaro/OpenCSD/blob/v1.5.6/README.md?plain=1#L348

Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-21 16:25:02 +02:00
Julien Olivain d51b4c7fd4 package/ncdu: bump to version 1.22
For change log since 1.21, see:
https://dev.yorhel.nl/ncdu/changes

Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-21 16:24:55 +02:00
Julien Olivain 104449d0cb package/file: bump version to 5.46
See release announce [1].

The src/mygetopt.h file license was updated from BSD-4-Clause to
BSD-2-Clause in upstream commit [2]. This change makes this file using
the same license as most other files. So this commit removes the
license entry for this file and update the _LICENSE accordingly.

This commit also replaces the mention "one file" on BSD-3-Clause, to
the actual file name using it, which is "vasprintf.c".

This commit also updates the Config.in package homepage URL,
to use https.

[1] https://mailman.astron.com/pipermail/file/2024-November/001435.html
[2] https://github.com/file/file/commit/d605bb40478c4ce94aef88316d3a928b3da746f5

Signed-off-by: Julien Olivain <ju.o@free.fr>
Reviewed-by: Vincent Jardin <vjardin@free.fr>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-21 16:24:44 +02:00
Julien Olivain aaf93ba27f support/testing: new openocd runtime test
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-21 16:23:55 +02:00
Scott Fan 1223b4b702 configs/cubieboard2: bump Linux to 6.12.24 and U-Boot to 2025.04
Signed-off-by: Scott Fan <fancp2007@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-21 14:03:21 +02:00
Scott Fan 377e7f289a configs/cubieboard1: bump Linux to 6.12.24 and U-Boot to 2025.04
Signed-off-by: Scott Fan <fancp2007@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-21 14:03:17 +02:00
Gaël PORTAY 310ab7d533 configs/raspberrypi*: move to external Bootlin stable toochain
This moves the defconfig to the Bootlin glibc stable external toolchain
as per[1].

[1]: https://elinux.org/Buildroot:DeveloperDaysELCE2024#Rules_for_defconfigs

Signed-off-by: Gaël PORTAY <gael.portay+rtone@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-21 14:01:13 +02:00
Gaël PORTAY 272e56d1ce package/qt5webengine: drop unused file
Commit 675cbaf9aa (package/qt5/qt5webengine: bump to version 5.15.8)
moved the chromium submodule in a separate qt5webengine-chromium
package. It removed the inclusion of
"package/qt5/qt5webengine/chromium-latest.inc" but forgot to remove
the file.

A similar file was introduced in commit 577d886886
(package/qt5/qt5webengine-chromium: new package), included in its
own qt5webengine-chromium.mk package recipe.

This commit drops the chromium-latest.inc file in qt5webengine
which is no longer used.

Signed-off-by: Gaël PORTAY <gael.portay+rtone@gmail.com>
[Julien: add extra explanation in commit log]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-21 12:32:57 +02:00
Daniel Lang 56b441825b package/gtkmm3: bump to version 3.24.10
https://gitlab.gnome.org/GNOME/gtkmm/-/blob/3.24.10/NEWS

Signed-off-by: Daniel Lang <dalang@gmx.at>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-21 10:44:44 +02:00
Daniel Lang 34fdd488bd package/glibmm2_66: bump to version 2.66.8
https://gitlab.gnome.org/GNOME/glibmm/-/blob/2.66.8/NEWS

Signed-off-by: Daniel Lang <dalang@gmx.at>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-21 10:44:40 +02:00
Daniel Lang 592a9d0774 package/cairomm1_14: bump to version 1.14.5
https://gitlab.freedesktop.org/cairo/cairomm/-/blob/1.14.5/NEWS

Signed-off-by: Daniel Lang <dalang@gmx.at>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-21 10:44:36 +02:00
Daniel Lang 24ef1c083e package/pangomm2_46: bump to version 2.46.4
https://gitlab.gnome.org/GNOME/pangomm/-/blob/2.46.4/NEWS

Signed-off-by: Daniel Lang <dalang@gmx.at>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-21 10:44:33 +02:00
Daniel Lang 898b6b9638 package/atkmm2_28: bump to version 2.28.4
https://gitlab.gnome.org/GNOME/atkmm/-/blob/2.28.4/NEWS

Signed-off-by: Daniel Lang <dalang@gmx.at>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-21 10:44:29 +02:00
Daniel Lang e984d89e19 package/dbus-cxx: bump to version 2.5.2
https://github.com/dbus-cxx/dbus-cxx/releases/tag/2.5.2

Signed-off-by: Daniel Lang <dalang@gmx.at>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-21 10:44:25 +02:00
Daniel Crowe d83cbb21cc package/python-aniso8601: new package
A library for parsing ISO 8601 strings
https://bitbucket.org/nielsenb/aniso8601/src/master/

Signed-off-by: Daniel Crowe <daniel.crowe@maxmine.com.au>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-04-20 23:06:17 +02:00
Raphaël Mélotte e3ba797873 package/python-sdbus: bump to version 0.14.0
For release note, see:
https://github.com/python-sdbus/python-sdbus/releases/tag/0.14.0

The upstream URL has changed so while at it also update it.

Signed-off-by: Raphaël Mélotte <raphael.melotte@mind.be>
[Julien: add link to release note in commit log]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-20 21:05:50 +02:00
Gaël PORTAY 5926b3b3ae package/rpi-firmware: add note to keep in sync with kernel
The bump of packages rpi-firmware and linux have to by synced, since the
linux package does not install yet its device-tree overlay blobs.

This adds a note to remind to keep in sync the versions of rpi-firmware
package and kernel (set in the defconfigs).

Signed-off-by: Gaël PORTAY <gael.portay+rtone@gmail.com>
[Julien: rebase patch to resolve context conflict with commit 80ccb3e667]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-20 19:52:05 +02:00
Thomas Devoogdt 8181727e23 package/fluent-bit: bump to 4.0.0
News:
- https://fluentbit.io/announcements/v4.0.0/

FLB_UNICODE_ENCODER was added, and enabled by default in commit [1],
which requires LIBSTDCPP, disable it if BR2_INSTALL_LIBSTDCPP is not set.

Also add two more patches to drop the LIBSTDCPP requirement.

[1] https://github.com/fluent/fluent-bit/commit/3b04755e99fa500e98dcd1318f9b12f6863d31e4

Signed-off-by: Thomas Devoogdt <thomas@devoogdt.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-20 19:35:54 +02:00
Thomas Devoogdt 18630db8e8 package/syslog-ng: bump to 4.8.1
Announcement:
 - https://github.com/syslog-ng/syslog-ng/releases/tag/syslog-ng-4.8.0
 - https://github.com/syslog-ng/syslog-ng/releases/tag/syslog-ng-4.8.1

Signed-off-by: Thomas Devoogdt <thomas@devoogdt.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-20 18:44:09 +02:00
Thomas Devoogdt a4f0d6ed0c package/lighttpd: bump to 1.4.79
News:
- https://www.lighttpd.net/2025/4/4/1.4.79/

Signed-off-by: Thomas Devoogdt <thomas@devoogdt.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-20 17:43:02 +02:00
Julien Olivain f438ae3422 support/testing: add lighttpd runtime test
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-20 17:37:28 +02:00
Scott Fan 4567c35d06 configs/visionfive2: bump OpenSBI to 1.6, Linux to 6.12.24 and U-Boot to 2025.04
The updated linux configuration is based on the defconfig from the
JH7110_VisionFive2_6.12.y_devel branch of the starfive kernel fork [1].

[1] https://github.com/starfive-tech/linux/blob/e0ef35bfe6683a541b57a0b73a5b95c97e3f93c3/arch/riscv/configs/starfive_visionfive2_defconfig

Signed-off-by: Scott Fan <fancp2007@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-20 16:16:33 +02:00
Thomas Devoogdt f2c15f00d4 package/fluent-bit: fix missing object runtime error
$ fluent-bit
fluent-bit: error while loading shared libraries: libminiz.so.3: cannot open shared object file: No such file or directory

Commit 527deef "package/fluent-bit: bump to 3.2.10",
dropped the BUILD_SHARED_LIBS=OFF off part, because miniz uses
static linking by default now, but runtime execution shows otherwise,
so revert to fix.

Signed-off-by: Thomas Devoogdt <thomas.devoogdt@barco.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-20 00:19:08 +02:00
Daniel Crowe da142cf503 package/python-flask-caching: new package
Provides caching for python Flask applications
https://flask-caching.readthedocs.io/en/latest/

Signed-off-by: Daniel Crowe <daniel.crowe@maxmine.com.au>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-04-19 23:52:03 +02:00
Daniel Crowe 09bf1365f1 package/python-cachelib: new package
Provides caching APIs.
https://cachelib.readthedocs.io/en/stable/

Signed-off-by: Daniel Crowe <daniel.crowe@maxmine.com.au>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-04-19 23:46:37 +02:00
Julien Olivain eb685196cd package/fakeroot: bump to version 1.37.1.1
For change log, see:
https://salsa.debian.org/clint/fakeroot/-/blob/debian/1.37.1.1-1/debian/changelog

This commit removes the package patch, included in upstream version.
HOST_FAKEROOT_AUTORECONF = YES is also removed, because it is no longer
needed.

Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-04-19 23:43:33 +02:00
Julien Olivain bedc44c073 support/testing: weston: fix the weston shutdown test
Commit [1] "support/testing: improve weston test reliability" moved
out the wait time from the emulator (to run on the test controller).

While doing so, the sleep time which was initially _after_ the
"killall weston" invocation to in stop_weston() was incorrectly
moved before the command invocation. In this state, the test can
succeed on fast host computer running the test. But it will most
likely fail on an average computer.

This commit fixes this issue by moving the sleep time after
the command invocation.

[1] https://gitlab.com/buildroot.org/buildroot/-/commit/6561a5d773d8e159556e2b911b315e3b5a0b89b1

Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-04-19 23:42:54 +02:00
Julien Olivain 19c43de34f package/tmux: bump to version 3.5a
For change log, see [1].

This commit adds the dependency to host-bison, which is needed since
upstream commit [2], included since version 3.4. The optional dependency
to jemalloc is also added, introduced since upstream commit [3],
included since version 3.5.

[1] https://github.com/tmux/tmux/blob/3.5a/CHANGES
[2] https://github.com/tmux/tmux/commit/00812c9053a0b1067f833925b726086a67d8528d
[3] https://github.com/tmux/tmux/commit/3c2621b41b9e1466d2b06718a0a8514f5d10ded9

Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-04-19 23:41:08 +02:00
Ian Merin 55718ca3cf package/apparmor don't reference libapparmor variables
Signed-off-by: Ian Merin <Ian.Merin@ncipher.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-04-19 23:27:45 +02:00
Dario Binacchi b4d371309f configs/stm32f469_disco_{sd, xip}: bump Linux to 5.15.179
The patch bumps the Linux kernel to version 5.15.179 and, for the SD
configuration, also updates U-Boot to version 2025.04.

Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-04-19 23:26:57 +02:00
Dario Binacchi 1ad7f7dc6b configs/stm32f746_disco_sd: bump Linux to 5.15.179 and U-Boot to 2025.04
The patch bumps the Linux kernel to version 5.15.179 and U-Boot to
version 2025.04.

Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Tested-by: Waldemar Brodkorb <wbx@openadk.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-04-19 23:26:11 +02:00
Dario Binacchi cb6729d214 configs/stm32f429_disco_xip: bump Linux to 6.1.133
The patch bumps the Linux kernel to version 6.1.133. The size of xipImage
has increased by only 22 bytes (1671804 bytes compared to 1671782 in
version 6.1.126).

Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-04-19 23:25:39 +02:00
Charlie Jenkins 6fd3e498af package/lmbench: prepare for GCC 15.x compatibility
GCC-15 requires function definitions to have proper arguments.

Signed-off-by: Charlie Jenkins <charlie@rivosinc.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-04-19 22:50:07 +02:00
Charlie Jenkins fd914e9e4c package/lmbench: fix build with recent gcc versions
lmbench dependency discovery relies on implicit return types for
main().  This causes compiler errors when -Wimplicit-int is enabled,
which has become the default with recent gcc versions. The failure of
the dependcy discovery causes lmbench to redifine typedefs the
compiler already has in an incompatible manner. Add a patch to fix the
discovery.

Fixes:
bench.h:81:13: error: conflicting types for ‘socklen_t’; have ‘int’
   81 | typedef int socklen_t;

bench.h:85:15: error: conflicting types for ‘off64_t’; have ‘int64’ {aka ‘long long int’}
   85 | typedef int64 off64_t;

Fixes:

  http://autobuild.buildroot.net/results/33cf97a79125c20f67f620eb6a7b5ad2206b2503/

Signed-off-by: Charlie Jenkins <charlie@rivosinc.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-04-19 22:48:38 +02:00
Quentin Schulz 45087a0188 package/libcamera: bump to 0.5.0
Release notes:
https://lists.libcamera.org/pipermail/libcamera-devel/2025-April/049672.html

There's now a pipeline for the Raspberry Pi 5 ISP (PiSP), that can be
added later on in a separate patch.

v4l2 compatibility layer is now a feature and not a boolean anymore. The
former takes "enabled", "disabled" or "auto"[1] while the latter takes
"true" or "false"[2] so we need to update how we configure the project to
match those expectations.

[1] https://mesonbuild.com/Build-options.html#features
[2] https://mesonbuild.com/Build-options.html#booleans

Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-04-19 22:21:47 +02:00
Quentin Schulz 3913cebc51 package/libcamera: add support for Arm Mali-C55 ISP pipeline
Support was added in v0.4.0 so let's add the knobs for building the
pipeline.

Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-04-19 22:21:24 +02:00
Quentin Schulz 028bdac7ed package/libcamera: improve reproducibility for optional dependencies
libcamera has some optional dependencies that automatically detected at
build time.

To improve reproducibility, we should add a dependency on those optional
dependencies if the symbols that build them are enabled so that the
order in which packages are built does not influence the libcamera
package.

Note that the optional libyuv dependency isn't added as:
1) it is only used for the virtual pipeline and the android feature,
   both of which are disabled/not supported right now,
2) libcamera has it in a submodule if missing (though if that works with
   Buildroot is to be determined),
3) adding the dependency isn't enough as meson somehow doesn't find the
   dependency,

Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-04-19 22:21:16 +02:00
Quentin Schulz ef3c3bc9b1 package/libcamera: improve future reproducibility by forcing auto features to disabled
meson allows to force all features set to "auto" to default to disabled
except if explicitly enabled via the auto_features argument, c.f.
https://mesonbuild.com/Build-options.html#features

"""
If the value of a feature option is set to auto, that value is
overridden by the global auto_features option (which defaults to auto).
This is intended to be used by packagers who want to have full control
on which dependencies are required and which are disabled, and not rely
on build-deps being installed (at the right version) to get a feature
enabled.
"""

The only auto feature that we hadn't disabled explicitly is the
gstreamer plugin. It is however expected that this wasn't a mistake as
the dependencies for the gstreamer pluging wouldn't have been met
thanks to the explicit LIBCAMERA_DEPENDENCIES we have based on the
presence of the gstreamer symbols in the global config.

This should make it less likely for future releases of libcamera to
regress in terms of reproducibility because of "auto" features (though
changes from "auto" to "enabled" wouldn't be caught and would be
susceptible to race conditions with their dependencies in case they
aren't properly specified and built after libcamera is).

Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-04-19 22:20:36 +02:00
Quentin Schulz 569272be91 package/libcamera: fix documentation being built even if disabled
We currently disable building the documentation via the "documentation"
feature, but it is enabled nonetheless by meson if sphinx-build-3 is
found on the host.

This makes sure it doesn't happen by making the sphinx-build-3 check
only happen when the "documentation" feature is "auto" or "enabled",
which isn't the case for Buildroot.

The bug seems to have been introduced in v0.0.1 release.

Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-04-19 22:18:23 +02:00
Quentin Schulz 65721c6e0a package/libcamera: remove dependency on boost for rpi/vc4 pipeline
Commit c1597f989654 ("ipa: raspberrypi: Use YamlParser to replace
dependency on boost"), part of the v0.0.1 release, removed the
dependency on boost, so let's remove it from the pipeline option and
dependency for Buildroot.

Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-04-19 22:17:07 +02:00
Thomas Devoogdt 6a47aa648a package/webkitgtk: bump to 2.48.1
This bumps webkit to the 2.48 stable series.

WebKitGTK+ 2.48 highlights:
https://webkitgtk.org/2025/04/08/webkitgtk-2.48.html

News:
- https://webkitgtk.org/2025/03/14/webkitgtk2.48.0-released.html
- https://webkitgtk.org/2025/04/02/webkitgtk2.48.1-released.html

And brings some security fixes:
- https://webkitgtk.org/security/WSA-2025-0002.html
- https://webkitgtk.org/security/WSA-2025-0003.html

Also,

- Raise the minimal GCC requirement [1],
which should have been raised by the 2.46.4 bump.

- Handle SPEECH_SYNTHESIS, which has been enabled
by default in commit [2].

[1] https://github.com/WebKit/WebKit/commit/682ac4ba74c53d0cd488c7a595096224a9abb036
[2] https://github.com/WebKit/WebKit/commit/10381a8de938024f31935184af470ccbce0b22d9

Signed-off-by: Thomas Devoogdt <thomas@devoogdt.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-04-19 22:14:59 +02:00
Gaël PORTAY 9e627c1628 package/qt5/qt5webengine-chromium: fix python 3.13 issue
Python was bumped from 3.12.x to 3.13.x since the commit
d63e207eb8.

The module pipes is no longer part of the Python standard library. It
was removed in Python 3.13 after being deprecated in Python 3.11. The
last version of Python that provided the pipes module was Python 3.12.

See[1].

The chromium project in qt5webengine-chromium is very old (87-based[2]).

This backports a change removing the use of pipes that was first
introduced in 114.0.5696.0[3] to fix the error below:

	[174/23445] ACTION //components/resources:about_credits(/builds/buildroot.org/buildroot/output/build/qt5webengine-5.15.14/src/toolchain:target)
	FAILED: gen/components/resources/about_credits.html
	/builds/buildroot.org/buildroot/output/build/qt5webengine-5.15.14/host-bin/python ../../3rdparty/chromium/tools/licenses.py --target-os=linux --depfile gen/components/resources/about_credits.d credits gen/components/resources/about_credits.html
	/builds/buildroot.org/buildroot/output/build/qt5webengine-5.15.14/src/3rdparty/chromium/build/android/gyp/util/build_utils.py:628: SyntaxWarning: invalid escape sequence '\('
	  r = re.compile('@FileArg\((.*?)\)')
	Traceback (most recent call last):
	  File "/builds/buildroot.org/buildroot/output/build/qt5webengine-5.15.14/src/core/release/../../3rdparty/chromium/tools/licenses.py", line 37, in <module>
	    from util import build_utils
	  File "/builds/buildroot.org/buildroot/output/build/qt5webengine-5.15.14/src/3rdparty/chromium/build/android/gyp/util/build_utils.py", line 15, in <module>
	    import pipes
	ModuleNotFoundError: No module named 'pipes'

[1]: https://docs.python.org/3/library/pipes.html
[2]: https://github.com/qt/qtwebengine/blob/v5.15.14-lts-lgpl/CHROMIUM_VERSION
[3]: https://github.com/chromium/chromium/commit/4c6fc1984970af4b2b1765014c9ddcd957ad7dda

Fixes: https://gitlab.com/buildroot.org/buildroot/-/jobs/9677167367

Signed-off-by: Gaël PORTAY <gael.portay+rtone@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-04-19 18:39:01 +02:00
Vincent Stehlé 4f7e3f0bdd support/testing: test_edk2: add a few build tests
Some EDK II configurations have complex dependencies on several packages
and additional build options; build tests help keeping track of those
more easily.

Factorize some code common to all the build tests into a new
TestEdk2BuildBase class, which defines a base configuration and a method
to assert that binaries do indeed exist after the build.

While at it, add myself in DEVELOPERS.

Signed-off-by: Vincent Stehlé <vincent.stehle@arm.com>
Cc: Dick Olsson <hi@senzilla.io>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-04-19 18:37:41 +02:00
Dario Binacchi 4e125357dd configs/stm32mp1*_dk*: bump TF-A to 2.10, Linux to 6.12.22 and U-Boot to 2025.04
The patch bumps Arm Trusted Firmware (TF-A) to version 2.10 LTS for

- stm32mp157a_dk1_defconfig
- stm32mp157c_dk2_defconfig

the Linux kernel to version 6.12.22 and U-Boot to version 2025.04 for

- stm32mp135f_dk_defconfig
- stm32mp157a_dk1_defconfig
- stm32mp157c_dk2_defconfig

The new version of U-Boot has added EFI Capsule support, which depends on
GnuTLS, thus requiring the activation of BR2_TARGET_UBOOT_NEEDS_GNUTLS
for stm32mp135f_dk_defconfig.

Tested on STM32MP157C-DK2 Discovery Board.

Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Reviewed-by: Raphaël Gallais-Pou <rgallaispou@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-04-19 18:36:02 +02:00
Dario Binacchi 038826aad6 configs/stm32mp135f_dk: fix optee hash
The build command:

make stm32mp135f_dk_defconfig

fails with the errors:

ERROR: No hash found for optee-client-4.3.0.tar.gz
ERROR: No hash found for optee-os-4.3.0.tar.gz

Fixes: https://gitlab.com/buildroot.org/buildroot/-/jobs/9690369624

Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Reviewed-by: Raphaël Gallais-Pou <rgallaispou@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-04-19 18:34:53 +02:00
Yann E. MORIN a1012b363a support/download/git: use FOO_DL_OPTS
The manual states that FOO_DL_OPTS are valid for all the different
download backends, but that is not the case: at least the git backend
does not use them (it does not fail, it just ignores them).

Accept FOO_DL_OPTS in the git backend, and pass them to 'git fetch'.
There is no way that we can pass such options to submodules or lfs,
though.

Update the manual accordingly.

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-04-19 17:10:07 +02:00
Yann E. MORIN a14ae70918 package/boost: move target library selection variables closer together
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Michael Nosthoff <buildroot@heine.tech>
Cc: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-04-19 17:05:53 +02:00
Yann E. MORIN 1e83f01b51 package/boost: move host variables closer together
Also, one item per line (chrono, container) in the list of libraries.

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Michael Nosthoff <buildroot@heine.tech>
Cc: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-04-19 17:05:29 +02:00
Yann E. MORIN 70bcb7655b package/pulseview: fix, update, and reorganise dependencies
The dependencies for pulseview are not entirely clean:
  - arch deps are not first;
  - second-level inherited deps are listed;
  - deps are not alphabetically ordered (for deps on packages);
  - the comment is hidden even when the arch deps are met, because of an
    incorrect dependency on Qt5;
  - qt5 is a depends-on when it could be a select.

Update the dependencies to fix all the points above.

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-04-19 17:04:57 +02:00
Yann E. MORIN 93ffe1a088 package/dejavu: update homepage
The currently referenced homepage is a cyber-squatter. Switch to the new
official homepage.

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-04-19 17:02:18 +02:00
Yann E. MORIN 9d6ab1244a package/libsigrokdecode: needs python3 w/ zlib support
Some protocol decoders in libsigrokdecode need the zlib module:

    srd: ModuleNotFoundError: Failed to load decoder usb_power_delivery: import by name failed: No module named 'zlib'
    srd: Traceback (most recent call last):
      File "/usr/share/libsigrokdecode/decoders/usb_power_delivery/__init__.py", line 24, in <module>
        from .pd import *
      File "/usr/share/libsigrokdecode/decoders/usb_power_delivery/pd.py", line 24, in <module>
        import zlib   # for crc32
        ^^^^^^^^^^^
    ModuleNotFoundError: No module named 'zlib'

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-04-19 17:01:49 +02:00
Dario Binacchi d0994fd66d configs/stm32f769_disco_sd: bump Linux to 5.15.179 and U-Boot to 2025.04
The patch bumps the Linux kernel to version 5.15.179 and U-Boot to
version 2025.04.

Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-04-19 16:44:26 +02:00
Lance Fredrickson 3e2e593409 package/libuci: bump version to f3fc0b7
Changelog:

 - f3fc0b7 libuci: fix false positive warning on older gcc versions
 - 16ff0ba CMakeLists: add support for including ABIVERSION in the library version number
 - 047b2ef CMakeLists.txt: bump minimum cmake version
 - fb3c234 add support for an override config directory
 - 10f7996 file: Ignore config file with '.' in name
 - 5781664 remove internal usage of redundant uci_ptr.last
 - 3cda251 file: Fix uci -m import command
 - 04d0c46 uci: macro uci_alloc_element not in uci.h
 - ae61e1c uci: optimize update section in uci_set
 - 16e8a3b uci: fix memory leak uci_set on update section
 - b2f3417 uci: maintain option position in uci_add_list
 - 74f2797 uci: fix atomicity of uci_add_list
 - 47697e6 uci: fix use-after-free uci_add_list
 - 7e01d66 uci: optimize update option in uci_set
 - b7ceda9 uci: maintain option position in uci_set
 - 9b6605e uci: fix use-after-free uci_set on update option
 - f49a2fd delta: simplify uci_load_delta() by using a helper
 - 5de3871 cli: drop redundant uci_add_delta_path() call for -P
 - f84f49f cmake: Allow override of install directories

Signed-off-by: Lance Fredrickson <lancethepants@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-04-19 16:38:43 +02:00
Lance Fredrickson 9af9b4b304 package/ubus: bump version to afa57cc
Changelog:

 - afa57cc libubus: add support for using channels
 - d996988 libubus: close file descriptor after sending it from a request
 - 252a9b0 libubus: Make UBUS_* macros work cleanly in C++
 - 65bb027 CMakeLists.txt: bump minimum cmake version
 - f84eb59 libubus: fix initial subscribe with autosubscribe
 - 2b39a27 libubus: fix reconnect with auto subscribe
 - b3e8c4e Add auto subscribe support

Signed-off-by: Lance Fredrickson <lancethepants@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-04-19 16:38:32 +02:00
Lance Fredrickson 44c11a6862 package/libubox: bump version to 3868f47
Changelog:

 - 3868f47 blob: constify attr argument to blob_memdup
 - eb9bcb6 ustream: prevent recursive calls to the read callback
 - 12bda4b CI: add CodeQL workflow tests
 - a2fce00 CI: add build test run
 - c1be505 udebug: fix crash in udebug_entry_vprintf with longer strings
 - 6339204 CMakeLists.txt: bump minimum cmake version
 - ca3f6d0 udebug: fix file descriptor initialization for __udebug_buf_map
 - df5b714 udebug: add mips specific quirk
 - d27acfe udebug: add more checks for uninitialized buffers
 - 40acbe3 udebug: wait for response after buffer add/remove
 - e84c000 udebug: add inline helper function to test if a buffer is allocated
 - 325fea5 udebug: add functions for manipulating entry length
 - e80dc00 link librt if needed for shm_open
 - 260ad5b udebug: add ulog support
 - b77f2a4 uloop: fix build using C++ compilers
 - d4c3066 udebug: add udebug library code
 - b3fa3d9 uloop: reset flags after __uloop_fd_delete call
 - 8a5a431 uloop: fix typo in signal handling rework
 - f7d1569 uloop: properly initialize signal handler mask
 - 13d9b04 uloop: add support for user defined signal handlers
 - 82fa648 uloop: add support for interval timers

Signed-off-by: Lance Fredrickson <lancethepants@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-04-19 16:38:28 +02:00
Giulio Benetti 7b9a021dfd package/rtl8723ds: fix build failure with Linux 6.13
Add local patch pending upstream to fix build failure with Linux 6.13

Fixes:
https://autobuild.buildroot.org/results/940e7f95fff017b8c7cffb778911ae0386980fa3

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-04-19 16:34:59 +02:00
Giulio Benetti 2ef9e7ff57 package/rtl8188eu: fix build failure with Linux 6.13
Add local patch pending upstream to fix build failure with Linux 6.13

Fixes:
https://autobuild.buildroot.org/results/4a0ebbcd62a2bfc59a7f6183f100f0e111cee750

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-04-19 16:34:54 +02:00
Giulio Benetti 3012fbdec7 package/wilc-driver: fix build failure with Linux 6.10
Add local patches pending upstream to fix 3 different API changes
throughout Linux 6.7, 6.8, 6.10.

Fixes:
https://autobuild.buildroot.org/results/e001f70dab4c9cebdbde0443f4f8bb6b42ae5561/

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-04-19 16:34:10 +02:00
TIAN Yuanhao f027e7c5b3 package/tailscale: install systemd service files
Signed-off-by: TIAN Yuanhao <tianyuanhao3@163.com>
Cc: James Hilliard <james.hilliard1@gmail.com>
Cc: Yann E. MORIN <yann.morin@orange.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-04-19 16:33:27 +02:00
Michael Nosthoff 0ba6de8a0c package/json-for-modern-cpp: bump to version 3.12.0
- Release Notes: https://github.com/nlohmann/json/releases/tag/v3.12.0
- updated LICENSE.MIT hash due to updated year

Signed-off-by: Michael Nosthoff <buildroot@heine.tech>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-04-19 16:12:09 +02:00
Marcus Hoffmann c298c0971b package/ca-certificates: bump to 20241223
Signed-off-by: Marcus Hoffmann <buildroot@bubu1.eu>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-04-19 16:11:49 +02:00
Jan Čermák f5e7cefe77 package/iptables: backport fix for interface comparisons in -C commands
Since iptables v1.8.11, `iptables -C` commands return unexpected zero status
even for cases when the rules don't exist. This breaks e.g. standard Docker
operation, where checking for existing rules is used extensively when creating
networks.

The patch fixing the behavior is available upstream - apply it to v1.8.11
before a newer version is available.

Signed-off-by: Jan Čermák <sairon@sairon.cz>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-04-19 16:08:07 +02:00
Gaël PORTAY 8fd537ae05 support/scripts/gen-bootlin-toolchains: allows armv8-a CPU to use armv7-a toolchains
The ARMV7-A toolchains are capable to compile binaries for ARMv8-A CPU
in AArch32 execution state.

This adds the BR2_ARM_CPU_ARMV8A option in the 'conditions' to allow
ARMV8-A CPU such as Cortex-A53 or Cortex-A72 to use ARMV7-A toolchains.

Signed-off-by: Gaël PORTAY <gael.portay+rtone@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2025-04-19 16:01:53 +02:00
J. Neuschäfer 5621fe94af package/ffmpeg: add support for libopenmpt
Configure ffmpeg to use libopenmpt if available.

Signed-off-by: J. Neuschäfer <j.neuschaefer@gmx.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-19 14:57:48 +02:00
J. Neuschäfer 24a41c8fb5 package/libopenmpt: install to staging to fix pkg-config
Without this, packages using libopenmpt are not able to find
the dependency.

Signed-off-by: J. Neuschäfer <j.neuschaefer@gmx.net>
[Julien: reword commit log]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-19 14:56:39 +02:00
Thomas Petazzoni 2bea32478d package/libcap: add patch to fix build on ARC, OpenRISC, Microblaze
Following the bump of libcap to version 2.76 in commit
e2eb2ee58b, the build started failing on
ARC, OpenRISC, Microblaze. The bug was reported upstream at
https://bugzilla.kernel.org/show_bug.cgi?id=219915 and was
subsequently fixed by upstream commit:

  https://git.kernel.org/pub/scm/libs/libcap/libcap.git/commit/?id=7a2eee56607218d017af8d26c2c41dba83629708

Which we backport in this commit.

Fixes:

  http://autobuild.buildroot.net/results/c99f461ac757d2934a353818a302a67ef3ad5cf5/ (ARC)
  http://autobuild.buildroot.net/results/8cae72f02d25a48287320d9c991f41761487e353/ (Microblaze)
  http://autobuild.buildroot.net/results/74e2c4d37c5b0ae2749c7d77ca7431bd0d510971/ (OpenRISC)

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-19 12:51:01 +02:00
Dario Binacchi e3329a1e82 configs/imx8mn_bsh_smm_s2[_pro]: bump Linux to 6.12.23 and U-Boot to 2025.04
The patch bumps the Linux kernel to version 6.12.23 and U-Boot to
version 2025.04.

Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-18 21:01:04 +02:00
Dario Binacchi ebdf7d5fe2 configs/beaglebone: bump Linux to 6.12.17-ti-arm32-r9 and U-Boot to 2025.04
The patch bumps the Linux kernel to version 6.12.17-ti-arm32-r9 and
U-Boot to version 2025.04.

Tested on beaglebone black.

Link: https://github.com/beagleboard/linux/releases/tag/6.12.17-ti-arm32-r9

Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-17 23:39:08 +02:00
Dario Binacchi 794cdd0ad3 configs/imx6ulz_bsh_smm_m2: bump Linux to 6.1.134 and U-Boot to 2025.04
The patch bumps the Linux kernel to version 6.1.134 and U-Boot to
version 2025.04.

Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-17 22:40:21 +02:00
Peter Korsgaard f85aea1b96 package/c-ares: security bump to version 1.34.5
Fixes the following security issue:

- CVE-2025-31498: Use after free in read_answers()
  https://github.com/c-ares/c-ares/security/advisories/GHSA-6hxc-62jh-p29v

For more details, see the announcement:
https://github.com/c-ares/c-ares/releases/tag/v1.34.5

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-17 22:40:21 +02:00
Heiko Thiery d350aa4bee package/rauc: bump to 1.14
Changelog: https://github.com/rauc/rauc/releases/tag/v1.14

Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-04-17 21:43:03 +02:00
Gaël PORTAY ace394e911 configs/raspberrypi5: install Raspberry Pi 500 device-tree blob
This installs the device-tree blob for the Raspberry Pi 500.

Signed-off-by: Gaël PORTAY <gael.portay+rtone@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-16 22:13:40 +02:00
Gaël PORTAY c3f41a4a79 configs/raspberrypi*: bump kernel version to cd231d4 (6.12.20)
Now based on 6.12.20 (from 6.6.30).

Signed-off-by: Gaël PORTAY <gael.portay+rtone@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-16 22:11:34 +02:00
Gaël PORTAY 80ccb3e667 package/rpi-firmware: bump version to 1.20250326
The version 1.20250326[1] match the kernel 6.12.20[2].

[1]: https://github.com/raspberrypi/firmware/commit/f49a3960223f20ea0b2e30646f65be67bafe30dc
[2]: https://github.com/raspberrypi/linux/commit/cd231d4775b14f228606c09f219b48308f6ab3aa

Signed-off-by: Gaël PORTAY <gael.portay+rtone@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-16 22:11:34 +02:00
Gaël PORTAY 9b467746ed configs/raspberrypi{zero2w, 3}_64: update defconfig
The ARM64 bcmrpi3_defconfig has been deleted since 6.12.20[1]. It was
introduced since 4.9.11[2]. It appears to be the 64-bit version of the
ARM bcm2709_defconfig used by Raspberry Pi 2 and Raspberry Pi 3.

The .github/workflows/kernel-build.yml was introduced in 5.15.81[3], and
it shows the ARM64 bcm2711_defconfig is used to build the kernel8.img of
the Raspberry Pi 4 (released in June 2019). The ARM64 bcmrpi3_defconfig
appears to be not used officially, even it was still maintained accross
the different bumps.

The raspberrypi-firmware[5] repository has introduced the kernel8.img
image with 4.19.69[6], and the Raspberry Pi 4 was released a little bit
earlier since 4.19.50 with the ARM64 kernel8.img[7] image (and the ARM
kernel7l.img[8]) (released in September 2019). That kernel8.img appears
to boot the Raspberry Pi 4 (using the ARM64 bcm2711_defconfig).

Raspberry Pi OS 64-bit boots the image kernel8.img on Raspberry 3. The
64-bit version was released in February 2022. It is not certain it takes
the kernel images from the raspberrypi-firmware repository. However, the
firmware boots the exact same image kernel8.img on a Raspberry Pi 3 and
on a Raspberry Pi 4.

Raspberry Pi OS 64-bit on Raspberry Pi 3:

	MESS:00:00:01.423488:0: brfs: File read: /mfs/sd/config.txt
	MESS:00:00:01.428389:0: brfs: File read: 1361 bytes
	MESS:00:00:01.493416:0: brfs: File read: /mfs/sd/config.txt
	MESS:00:00:01.498339:0: gpioman: gpioman_get_pin_num: pin LEDS_PWR_OK not defined
	MESS:00:00:02.009915:0: gpioman: gpioman_get_pin_num: pin DISPLAY_DSI_PORT not defined
	MESS:00:00:02.016952:0: gpioman: gpioman_get_pin_num: pin DISPLAY_DSI_PORT not defined
	MESS:00:00:02.024731:0: gpioman: gpioman_get_pin_num: pin LEDS_PWR_OK not defined
	MESS:00:00:02.031018:0: *** Restart logging
	MESS:00:00:02.034892:0: brfs: File read: 1361 bytes
	MESS:00:00:02.067531:0: gpioman: gpioman_get_pin_num: pin EMMC_ENABLE not defined
	MESS:00:00:02.083340:0: HDMI0: hdmi_pixel_encoding: 162000000
	MESS:00:00:03.164055:0: brfs: File read: /mfs/sd/initramfs8
	MESS:00:00:03.167936:0: Loaded 'initramfs8' to 0x0 size 0x110451e
	MESS:00:00:03.193834:0: initramfs loaded to 0x2defb000 (size 0x110451e)
	MESS:00:00:03.208482:0: dtb_file 'bcm2710-rpi-3-b.dtb'
	MESS:00:00:03.211926:0: brfs: File read: 17843486 bytes
	MESS:00:00:03.221150:0: brfs: File read: /mfs/sd/bcm2710-rpi-3-b.dtb
	MESS:00:00:03.225810:0: Loaded 'bcm2710-rpi-3-b.dtb' to 0x100 size 0x8783
	MESS:00:00:03.247884:0: brfs: File read: 34691 bytes
	MESS:00:00:03.264054:0: brfs: File read: /mfs/sd/overlays/overlay_map.dtb
	MESS:00:00:03.296063:0: brfs: File read: 5423 bytes
	MESS:00:00:03.302800:0: brfs: File read: /mfs/sd/config.txt
	MESS:00:00:03.306807:0: dtparam: audio=on
	MESS:00:00:03.317529:0: brfs: File read: 1361 bytes
	MESS:00:00:03.341294:0: brfs: File read: /mfs/sd/overlays/vc4-kms-v3d.dtbo
	MESS:00:00:03.392937:0: Loaded overlay 'vc4-kms-v3d'
	MESS:00:00:03.500706:0: brfs: File read: 2760 bytes
	MESS:00:00:03.504586:0: brfs: File read: /mfs/sd/cmdline.txt
	MESS:00:00:03.509305:0: Read command line from file 'cmdline.txt':
	MESS:00:00:03.515172:0: 'console=serial0,115200 console=tty1 root=PARTUUID=28fec58e-02 rootfstype=ext4 fsck.repair=yes rootwait cfg80211.ieee80211_regdom=GB'
	MESS:00:00:03.658110:0: brfs: File read: 132 bytes
	MESS:00:00:04.203939:0: brfs: File read: /mfs/sd/kernel8.img
	MESS:00:00:04.207882:0: Loaded 'kernel8.img' to 0x200000 size 0x8dab16
	MESS:00:00:05.880351:0: Device tree loaded to 0x2def2300 (size 0x8c7c)
	MESS:00:00:05.886331:0: uart: Set PL011 baud rate to 103448.300000 Hz
	MESS:00:00:05.892855:0: uart: Baud rate change done...
	MESS:00:00:05.896271:0: uart: Baud rate

Raspberry Pi OS 64-bit on Raspberry Pi 4:

	MESS:00:00:04.721959:0: brfs: File read: /mfs/sd/config.txt
	MESS:00:00:04.725196:0: brfs: File read: 1361 bytes
	MESS:00:00:04.750539:0: HDMI0:EDID error reading EDID block 0 attempt 0
	MESS:00:00:04.755048:0: HDMI0:EDID giving up on reading EDID block 0
	MESS:00:00:04.771935:0: HDMI1:EDID error reading EDID block 0 attempt 0
	MESS:00:00:04.776437:0: HDMI1:EDID giving up on reading EDID block 0
	MESS:00:00:04.783084:0: brfs: File read: /mfs/sd/config.txt
	MESS:00:00:05.589127:0: gpioman: gpioman_get_pin_num: pin DISPLAY_DSI_PORT not defined
	MESS:00:00:05.594675:0: gpioman: gpioman_get_pin_num: pin DISPLAY_DSI_PORT not defined
	MESS:00:00:05.603705:0: *** Restart logging
	MESS:00:00:05.605484:0: brfs: File read: 1361 bytes
	MESS:00:00:05.615585:0: hdmi: HDMI0:EDID error reading EDID block 0 attempt 0
	MESS:00:00:05.620610:0: hdmi: HDMI0:EDID giving up on reading EDID block 0
	MESS:00:00:05.631233:0: hdmi: HDMI0:EDID error reading EDID block 0 attempt 0
	MESS:00:00:05.636263:0: hdmi: HDMI0:EDID giving up on reading EDID block 0
	MESS:00:00:05.641861:0: hdmi: HDMI:hdmi_get_state is deprecated, use hdmi_get_display_state instead
	MESS:00:00:05.655652:0: hdmi: HDMI1:EDID error reading EDID block 0 attempt 0
	MESS:00:00:05.660683:0: hdmi: HDMI1:EDID giving up on reading EDID block 0
	MESS:00:00:05.671304:0: hdmi: HDMI1:EDID error reading EDID block 0 attempt 0
	MESS:00:00:05.676328:0: hdmi: HDMI1:EDID giving up on reading EDID block 0
	MESS:00:00:05.681926:0: hdmi: HDMI:hdmi_get_state is deprecated, use hdmi_get_display_state instead
	MESS:00:00:05.690690:0: HDMI0: hdmi_pixel_encoding: 300000000
	MESS:00:00:05.696162:0: HDMI1: hdmi_pixel_encoding: 300000000
	MESS:00:00:07.208184:0: brfs: File read: /mfs/sd/initramfs8
	MESS:00:00:07.210644:0: Loaded 'initramfs8' to 0x0 size 0x110451e
	MESS:00:00:07.230307:0: initramfs loaded to 0x2defb000 (size 0x110451e)
	MESS:00:00:07.243252:0: dtb_file 'bcm2711-rpi-4-b.dtb'
	MESS:00:00:07.245284:0: brfs: File read: 17843486 bytes
	MESS:00:00:07.256366:0: brfs: File read: /mfs/sd/bcm2711-rpi-4-b.dtb
	MESS:00:00:07.259609:0: Loaded 'bcm2711-rpi-4-b.dtb' to 0x100 size 0xdb30
	MESS:00:00:07.279767:0: brfs: File read: 56112 bytes
	MESS:00:00:07.296967:0: brfs: File read: /mfs/sd/overlays/overlay_map.dtb
	MESS:00:00:07.324428:0: brfs: File read: 5423 bytes
	MESS:00:00:07.328614:0: brfs: File read: /mfs/sd/config.txt
	MESS:00:00:07.331591:0: dtparam: audio=on
	MESS:00:00:07.340485:0: brfs: File read: 1361 bytes
	MESS:00:00:07.363861:0: brfs: File read: /mfs/sd/overlays/vc4-kms-v3d-pi4.dtbo
	MESS:00:00:07.431733:0: Loaded overlay 'vc4-kms-v3d-pi4'
	MESS:00:00:07.603996:0: brfs: File read: 3913 bytes
	MESS:00:00:07.606532:0: brfs: File read: /mfs/sd/cmdline.txt
	MESS:00:00:07.611170:0: Read command line from file 'cmdline.txt':
	MESS:00:00:07.617044:0: 'console=serial0,115200 console=tty1 root=PARTUUID=28fec58e-02 rootfstype=ext4 fsck.repair=yes rootwait cfg80211.ieee80211_regdom=GB'
	MESS:00:00:07.756492:0: brfs: File read: 132 bytes
	MESS:00:00:08.544420:0: brfs: File read: /mfs/sd/kernel8.img
	MESS:00:00:08.546973:0: Loaded 'kernel8.img' to 0x200000 size 0x8dab16
	MESS:00:00:09.864045:0: Device tree loaded to 0x2deed000 (size 0xdfb8)
	MESS:00:00:09.869518:0: uart: Set PL011 baud rate to 103448.300000 Hz
	MESS:00:00:09.876542:0: uart: Baud rate change done...

Considering all of this, the now disappeared ARM64 bcmrpi3_defconfig may
have never been used to release official 64-bit kernels, and the ARM64
bcm2711_defconfig is used by Raspberry Pi 3 and Raspberry Pi 4.

Thus, it is safe to reuse the ARM64 bcm2711_defconfig for the both
raspberrypi3_64_defconfig and raspberrypizero2w_64_defconfig.

This updates the defconfig for the two BCM2710/BCM2837 64-bit hardwares
(i.e. Raspberry Pi 3 and Raspberry Pi Zero 2 W) to reuse the downstream
ARM64 bcm2711_deconfig (i.e. the one used by Raspberry Pi 4).

Hardware                  ARM 32-bit        ARM 64-bit
-------------------------------------------------------------
Raspberry Pi 1/Zero/ZeroW bcmrpi_defconfig  N/A
Raspberry Pi 2            bcm2709_defconfig N/A
Raspberry Pi 3/3+/Zero2W  bcm2709_defconfig bcm2711_defconfig
Raspberry Pi 4/400/CM4-IO bcm2711_defconfig bcm2711_defconfig
Raspberry Pi 5            N/A               bcm2712_defconfig

[1]: https://github.com/raspberrypi/linux/commit/7713244d3baee3493108fb98edd82f5b2042ce48
[2]: https://github.com/raspberrypi/linux/commit/3682d6279419c30a72c7100ef68938e4f1a05bfb
[3]: https://github.com/raspberrypi/linux/commit/200e40ee35e0c22a34bdf5609d1a023f6a764986
[4]: https://www.raspberrypi.com/documentation/computers/config_txt.html#kernel
[5]: https://github.com/raspberrypi/firmware/commit/d21cd6bbab22bba1615df15354015bc50b085ddc
[6]: https://github.com/raspberrypi/linux/commit/935eb6f9a31971ef5537ac5d1b62148f8bcbad2f
[7]: https://github.com/raspberrypi/linux/commit/cdb78ce891f6c6367a69c0a46b5779a58164bd4b
[8]: https://github.com/raspberrypi/linux/commit/e879019c1947beceea2b37fd58656daa8ece9d4e

Signed-off-by: Gaël PORTAY <gael.portay+rtone@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-16 22:11:34 +02:00
Bernd Kuhls 716461af94 package/samba4: bump version to 4.21.4
Release notes: https://www.samba.org/samba/history/samba-4.21.4.html

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-04-16 21:40:48 +02:00
Thomas Devoogdt 527deef113 package/fluent-bit: bump to 3.2.10
News:
- https://fluentbit.io/announcements/v3.2.10/
- https://fluentbit.io/announcements/v3.2.9/
- https://fluentbit.io/announcements/v3.2.8/
- https://fluentbit.io/announcements/v3.2.7/
- https://fluentbit.io/announcements/v3.2.6/
- https://fluentbit.io/announcements/v3.2.5/
- https://fluentbit.io/announcements/v3.2.4/
- https://fluentbit.io/announcements/v3.2.3/

Drop the BUILD_SHARED_LIBS flag as it has been fixed by commit
https://github.com/fluent/fluent-bit/commit/47fd29ae7b9c393357e318831e0bf616c7856cde,
and more specific by commit
https://github.com/richgel999/miniz/commit/0ce345c44ad1852f29db12c1eb65a429038b2809.

Signed-off-by: Thomas Devoogdt <thomas@devoogdt.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-04-16 21:40:47 +02:00
Gaël PORTAY e248b2f339 board/raspberrypi/readme.txt: sort the device-tree
This sorts the device-tree blob files by SOC/CPU familly.

Signed-off-by: Gaël PORTAY <gael.portay+rtone@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-16 21:14:30 +02:00
Gaël PORTAY 649daadbec board/raspberrypi/readme.txt: add pi 400 and cm{, 3, 4, 4s} hints
This adds hints for the Raspberry Pi 400, Compute Module 1, 3, 4, and
4s.

Signed-off-by: Gaël PORTAY <gael.portay+rtone@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-16 21:14:27 +02:00
Gaël PORTAY dc00f366b8 board/raspberrypi/readme.txt: add missing Raspberry Pi Zero models
This adds the missing Raspberry Pi Zero models to the list.

Signed-off-by: Gaël PORTAY <gael.portay+rtone@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-16 21:14:24 +02:00
Gaël PORTAY 7ebcfe3cb9 board/raspberrypi/readme.txt: add videocore note
The VideoCore blobs for the Raspberry Pi 1, 2, 3, Zero, Zero W and Zero
2 W are differents from the ones for the Raspberry Pi 4 and the Compute
Module 4.

The VideoCore blobs for the Raspberry Pi 4 are named with a 4[1] (i.e.
start4.elf, start4x.elf, start4db.elf and start4cd.elf).

This precises which VideoCore firmware blob files are present on the
Raspberry Pi 1, 2, 3, Zero W, Zero 2 W and which files are present on
the the Rapsberry Pi 4 and the Compute Module 4.

Note: The VideoCore blobs for the Raspberry Pi 5 are self-contained in
its bootloader EEPROM[1][2]; there is no additional files for pi5.

[1]: https://www.raspberrypi.com/documentation/computers/configuration.html#start-elf
[2]: https://www.raspberrypi.com/documentation/computers/config_txt.html#start_file-fixup_file

Signed-off-by: Gaël PORTAY <gael.portay+rtone@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-16 21:14:21 +02:00
Gaël PORTAY a642bed09a board/raspberrypi/readme.txt: reword overlays note
Any Raspberry Pi may use device-tree overlays; it is not restricted to
Raspberry Pi 3 and 4.

The defconfigs for the Raspberry Pi 3, 4, 400, Zero W, Zero 2 W, Compute
Module 4 and 4s use the miniuart-bt dtoverlay to switch the Bluetooth to
the mini-UART (ttyS0) and restore UART0 (ttyAMA0) over GPIOs 14 and 15
to enable the serial console (like the Raspberry Pi 1 and 2 that have no
Bluetooth)[1][2].

As a consequence, the Raspberry Pi Zero W, Zero 2 W, 400, Compute Module
4 and 4s install the device-tree overlays as well.

This rewords the note by adding the three missing hardwares installing
the images/rpi-firmware/overlays directory. It rewords the miniuart note
at the same time.

[1]: https://www.raspberrypi.com/documentation/computers/configuration.html#uarts-and-device-tree
[2]: https://github.com/raspberrypi/linux/blob/rpi-6.6.y/arch/arm/boot/dts/overlays/miniuart-bt-overlay.dts#L4-L6

Signed-off-by: Gaël PORTAY <gael.portay+rtone@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-16 21:14:18 +02:00
Gaël PORTAY c7ea55f040 board/raspberrypi/readme.txt: add note for bootcode.bin
The second-stage bootloader is contained in the onboard EEPROM[1] since
the Raspberry Pi 4 (i.e. for pi4, pi400, cm4, cm4s and pi5).

Therefore, the file bootcode.bin[2] is needed for the former Raspberry
Pi only (i.e. pi1, pi2, pi3, pi0, pi0w and pizero2w).

This adds a note precising the file bootcode.bin is present for the
former versions of the Raspberry Pi.

[1]: https://www.raspberrypi.com/documentation/computers/raspberry-pi.html#raspberry-pi-boot-eeprom
[2]: https://www.raspberrypi.com/documentation/computers/configuration.html#bootcode-bin

Signed-off-by: Gaël PORTAY <gael.portay+rtone@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-16 21:14:15 +02:00
Francois Perrad 2885128947 package/lua-periphery: bump to version 2.4.3
diff LICENSE:
    - Copyright (c) 2014-2023 vsergeev / Ivan (Vanya) A. Sergeev
    + Copyright (c) 2014-2025 vsergeev / Ivan (Vanya) A. Sergeev

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-16 19:18:23 +02:00
Scott Fan 26c2dd8fdb package/timescaledb: bump version to 2.19.3
Release notes: https://github.com/timescale/timescaledb/blob/2.19.3/CHANGELOG.md

Signed-off-by: Scott Fan <fancp2007@gmail.com>
Reviewed-by: Maxim Kochetkov <fido_max@inbox.ru>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-16 19:18:23 +02:00
Baruch Siach 51c58d7c0d package/socat: bump to version 1.8.0.3
List of changes in this release:
http://www.dest-unreach.org/socat/CHANGES

Refresh patch.

Update README hash for changes that are unrelated to license.

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-16 19:18:23 +02:00
Thomas Petazzoni 2f1c46b6cb package/libffi: bump to version 3.4.8
Patches 0002-arc-Fix-warnings.patch and
0003-arc-Do-not-use-mov_s-and-movl_s-instructions.patch are upstream
as part of commit 30e887f84e70c16df5c421983f074d07a93b4e58 (yes they
have been squashed into a single commit upstream).

Patches 0004-src-or1k-ffi.c-fix-prototype-of-ffi_call_SYSV.patch and
0005-src-or1k-ffi.c-fix-incompatible-pointer-type.patch are upstream
as part of commit 8a0d029244d9b0393db19898e603f24febfb53ee (here as
well, they have been squashed into a single commit upstream).

Changes 3.4.6..3.4.7:

    Add static trampoline support for Linux on s390x.
    Fix BTI support for ARM64.
    Support pointer authentication for ARM64.
    Fix ASAN compatibility.
    Fix x86-64 calls with 6 GP registers and some SSE registers.
    Miscellaneous fixes for ARC and Darwin ARM64.
    Fix OpenRISC or1k and Solaris 10 builds.
    Remove nios2 port.

Changes 3.4.7..3.4.8:

    aarch64: add PAC to GNU Notes by @billatarm in #882
    MIPS: Dont import asm/sgidefs.h on linux by @fossdd in #885
    Update the Simple Example from the Docs to fix a compile error by @Nikitf777 in #886
    Fix bugs in the x86-64 and x32 target (#887) by @mikulas-patocka in #889
    Add the "ABI_ATTR" attribute to called functions (#891) by @mikulas-patocka in #892
    powerpc: Add static trampoline support (#894) by @peter-bergner in #895
    testsuite: add two tests to Makefile.am by @thesamesam in #893

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-16 19:18:23 +02:00
Thomas Petazzoni 83f865963a package/python-qrcode: bump to 8.1
Changes since 8.0:

- Added support for Python 3.13

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
[Julien: fix _SITE url]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-15 23:46:08 +02:00
Peter Korsgaard 86f173a744 Revert "package/libopenssl do not build in parallel"
This reverts commit 27ab880ebb.

With the (proposed) fix from the openssl developers added as
0004-Serialize-install-process-to-avoid-multiple-make-dep.patch, the
workaround can now be dropped so openssl can again be built and installed in
parallel, significantly speeding up builds.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Reviewed-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-15 22:37:56 +02:00
Peter Korsgaard 36b0a3ef9c package/libopenssl: add (proposed) upstream fix for parallel installation
The openssl developers have proposed a fix for the parallel installation
issue worked around by commit 27ab880ebb (package/libopenssl do not build
in parallel).

Add the fix here so the workaround can dropped again.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Reviewed-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-15 22:37:53 +02:00
Thomas Petazzoni e2eb2ee58b package/libcap: bump to version 2.76
Changelog 2.73 -> 2.74:

- ERRATA: Bug 219838  the psx go package fails to build standalone.
- This release addresses Bug 219687 reported by David Runge.
- Group syntax parsing bugfix for pam_cap from Tianjia Zhang.
- Doc typo fix for cap_get_proc.3 from Tianjia Zhang.
- Fix transitive include in capsh.c from Leo.
- Go package documentation updates, including more cap examples.

Changelog 2.74 -> 2.75:

- This release is devoted to a fix for Bug 219838 reported by Frank.

Changelog 2.75 -> 2.76:

- More libpsx and psx Go package mechanism fixes (many thanks to
Christial Kastner for helping dive into the off-piste
architectures. See Bug 219915.)

- To make the various .so files continue to be runnable as standalone
programs added another workaround for glibc. (Bug 219880 reported by
Christian Kastner.)

- Made a new man page cap_text_formats(7). This makes it possible to
separate the tool man pages from the developer man pages. I believe
this was the second time this was requested, by Carlos
Rodriguez-Fernandez this time (can't find the former request in my
email).

- Dropped Make.Rules definition of SYSTEM_HEADERS Thanks to Ross
Burton for reporting.

- Removed a spurious debugging printf() from setcap tool.

- Removed cap_ workarounds for go.dev cap package examples. The
website bugs have been resolved: go/issues/70611; go/issues/70630.

- Added a Makefile to the contrib/seccomp example.

See
https://sites.google.com/site/fullycapable/release-notes-for-libcap
for all release notes.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-15 22:27:47 +02:00
Lance Fredrickson 8fdbbefa08 package/ipset: bump to version 7.23
https://ipset.netfilter.org/changelog.html

Signed-off-by: Lance Fredrickson <lancethepants@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-15 22:22:02 +02:00
Thomas Petazzoni 638fe82e8b package/c-periphery: bump to version 2.4.3
Changelog:

* v2.4.3 - 02/28/2025
    * Fix memory safety with some older `strerror_r()` implementations in error
      formatters for all modules.
    * Build
        * Fix character device GPIO support tests in Makefile for alternate
          shells and older versions of make.
        * Fix cross-compilation in Makefile from Windows.
        * Fix CMake minimum required version.
        * Add CMake package generation.
    * Contributors
        * Ryan Barnett, @rjbarnet - ec31b39
        * javalikescript, @javalikescript - 024a25d
        * HopeCollector, @HopeCollector - aca6815, b5e53e6

The hash of the license file has changed due to a copyright year
change:

- Copyright (c) 2014-2023 vsergeev / Ivan (Vanya) A. Sergeev
+ Copyright (c) 2014-2025 vsergeev / Ivan (Vanya) A. Sergeev

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-15 22:07:06 +02:00
Thomas Petazzoni b612b90238 package/igh-ethercat: bump to version 1.6.3
Changes between 1.6.2 and 1.6.3:

805e407f6f1f723023f06d9a3e7e0b8a23b023f7 (HEAD, tag: 1.6.3) Merge branch 'version-1.6.3' into 'stable-1.6'
11504f3a0f24bcaec4191ef3fc4c8d4c8c942bd1 Version bump to 1.6.3.
e2129f7794a9bbc4d9c4385d84d33a3b1a6739a4 Merge branch 'genet-6.12' into 'stable-1.6'
5b3663e15bcea8050a2a45adb2c3c0ade4f17d96 Merge branch 'fake_without_domain' into 'stable-1.6'
d15936b8b5cf3096251b6118dfd0a069b6ba88b6 Merge branch 'fix_ccat_aarch64' into 'stable-1.6'
dab517b9cab6ec7328af166026359d32735914d8 Merge branch 'tty-module-fixes' into 'stable-1.6'
fa7c40b63e6025eb4d9261f5e10611e0e6fafe57 Merge branch 'fix_warnings' into 'stable-1.6'
d06a18f934aac931e4dff37703e0f646e3088bb8 Fix -Wold-style-declaration.
60dd4f94eca2b2a0007523e6955faf48ba81990e Fix -Wmissing-prototypes
c2cbfa5b93439cd7f742870d8f4fe234af8f7c98 [FEAT] add genet device driver for kernel 6.12
de9efb77700b2cd055f8f4dd49827d1ee34fc093 Fix ccat for aarch64 >= 6.11.0
2824232792364140569d522627b48a64e5d3a690 tty/module.c: fix ec_tty_send_xchar() prototype for Linux >= 6.8
27175946c4ea55a426cdcdc1278a7d7c433d2a57 tty/module.c: fix ec_tty_write() prototype for Linux >= 6.6
aed3ba0acb2c355be562cfbdb3a375682412c144 tty/module.c: mark internal functions as static
c117849d02cf53b7fe338c39798b6e3b81b3a812 Removed FAKE_EC_DOMAIN_PERMUTATION.
5ae76628930094caed35c58dc2099b241e7d82a6 Removed domain permutation from documentation; fixed some typos.
2e9101da99b18700e23587e04751050cf07de632 Remove domain information from  RtIPC path.
ca66cd6ae9b821bfbec6d68ee1b43da359c5894c Merge branch 'remove-inline-statement' into 'stable-1.6'
5802c72818df07d34469630a8943915cce738626 Remove unnecessary inline statement causing build -O0 problems

Patch 0001-tty-module.c-mark-internal-functions-as-static.patch merged
upstream as of aed3ba0acb2c355be562cfbdb3a375682412c144.

Patch 0002-tty-module.c-fix-ec_tty_write-prototype-for-Linux-6..patch
merged upstream as of 27175946c4ea55a426cdcdc1278a7d7c433d2a57.

Patch 0003-tty-module.c-fix-ec_tty_send_xchar-prototype-for-Lin.patch
merged upstream as of 2824232792364140569d522627b48a64e5d3a690.

Patch 0004-Remove-unnecessary-inline-statement-causing-build-O0.patch
merged upstream as of 5802c72818df07d34469630a8943915cce738626.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-15 22:00:48 +02:00
Thomas Petazzoni 7ffdf75311 package/double-conversion: bump to version 3.3.1
Upstream changelog from
https://github.com/google/double-conversion/releases/tag/v3.3.1:

    Hash pin Github workflows by @joycebrum in #198
    Create dependabot.yml by @joycebrum in #199
    Add _ITERATOR_DEBUG_LEVEL=2 and _DEBUG defines by @ffa-csturdy in #202
    Add bzlmod MODULE.bazel file by @jsharpe in #205
    Add CIFuzz Github Action by @DavidKorczynski in #203
    Update MODULE.bazel and README.md. by @BYVoid in #234
    Remove the explicit dependency on rules_cc. by @BYVoid in #235
    Add missing headers by @BhavikaSharma in #239

Tested with the following configuration, which includes the only two
reverse dependencies of double-conversion.

 BR2_arm=y
 BR2_cortex_a9=y
 BR2_ARM_ENABLE_VFP=y
 BR2_TOOLCHAIN_EXTERNAL=y
 BR2_TOOLCHAIN_EXTERNAL_BOOTLIN=y
 BR2_INIT_NONE=y
 BR2_SYSTEM_BIN_SH_NONE=y
 # BR2_PACKAGE_BUSYBOX is not set
 BR2_PACKAGE_QT6=y
 BR2_PACKAGE_PYTHON3=y
 BR2_PACKAGE_PYTHON_UJSON=y
 # BR2_TARGET_ROOTFS_TAR is not set

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-15 21:57:47 +02:00
Yann E. MORIN 06c5a024f1 package/vim: extend comment about vi symlink
The current comment is not very helpful; extend it to be more explicit.

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-15 21:53:56 +02:00
Vincent Stehlé 7361a155ef boot/edk2: drop dependency on tf-a for macchiatobin
When building a firmware for the MACCHIATObin with edk2 and
arm-trusted-firmware, the build can randomly fail with the
following make error:

    make[1]: Circular output/build/edk2-edk2-stable202411/.stamp_configured <- arm-trusted-firmware dependency dropped.

The message appears also when the build is not failing, depending on
the number of parallel jobs and the build order.

The issue can be observed with the following commands:

    cat >.config <<EOF
    BR2_aarch64=y
    BR2_TOOLCHAIN_EXTERNAL=y
    BR2_TARGET_ARM_TRUSTED_FIRMWARE=y
    BR2_TARGET_ARM_TRUSTED_FIRMWARE_PLATFORM="a80x0_mcbin"
    BR2_TARGET_ARM_TRUSTED_FIRMWARE_EDK2_AS_BL33=y
    BR2_TARGET_BINARIES_MARVELL=y
    BR2_TARGET_EDK2=y
    BR2_TARGET_EDK2_PLATFORM_SOLIDRUN_ARMADA80X0MCBIN=y
    BR2_TARGET_MV_DDR_MARVELL=y
    EOF
    make olddefconfig
    utils/brmake
    grep -FC5 'dependency dropped' br.log

The circular dependency happen due to [1] and [2].

In fact, only TF-A depends on EDK II (passed as BL33) for building and
not vice versa. See [3]. The EDK II "SolidRun MacchiatoBin" platform
build does not need any TF-A image, compared to some other platforms
such as "Socionext DeveloperBox" or "QEMU SBSA" which are referencing
TF-A images in a hook added in EDK2_PRE_BUILD_HOOKS.

Drop the false dependency on TF-A to fix the build.

This issue has been present since the EDK2 introduction in commit [4].

[1] https://gitlab.com/buildroot.org/buildroot/-/blob/2025.02/boot/arm-trusted-firmware/arm-trusted-firmware.mk#L121
[2] https://gitlab.com/buildroot.org/buildroot/-/blob/2025.02/boot/edk2/edk2.mk#L118
[3] https://github.com/Semihalf/edk2-platforms/wiki/Build_firmware
[4] https://gitlab.com/buildroot.org/buildroot/-/commit/1074a37e783b023bd0491ba4f4f7acab7f289e1d

Signed-off-by: Vincent Stehlé <vincent.stehle@arm.com>
Cc: Dick Olsson <hi@senzilla.io>
[Julien: add extra info in commit log]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-15 21:34:03 +02:00
Vincent Stehlé fd02add21b boot/arm-trusted-firmware: fix the build for macchiatobin
When Building arm-trusted-firmware for the Macchiatobin platform
(a80x0_mcbin), which depends on the mv-ddr-marvell package, the build fails
complaining that this package's folder "does not contain valid
mv-ddr-marvell git repository".
This is expected under Buildroot, where we use intermediate archives.

The issue can be reproduced with the commands:

    cat >.config <<EOF
    BR2_aarch64=y
    BR2_TOOLCHAIN_EXTERNAL=y
    BR2_TARGET_ARM_TRUSTED_FIRMWARE=y
    BR2_TARGET_ARM_TRUSTED_FIRMWARE_PLATFORM="a80x0_mcbin"
    BR2_TARGET_ARM_TRUSTED_FIRMWARE_EDK2_AS_BL33=y
    BR2_TARGET_BINARIES_MARVELL=y
    BR2_TARGET_EDK2=y
    BR2_TARGET_EDK2_PLATFORM_SOLIDRUN_ARMADA80X0MCBIN=y
    BR2_TARGET_MV_DDR_MARVELL=y
    EOF
    make olddefconfig
    make

The build is failing with the error message:

    plat/marvell/armada/a8k/common/ble/ble.mk:34: *** "'MV_DDR_PATH=/buildroot/output/build/mv-ddr-marvell-d5acc10c287e40cc2feeb28710b92e45c93c702c' was specified, but '/buildroot/output/build/mv-ddr-marvell-d5acc10c287e40cc2feeb28710b92e45c93c702c' does not contain valid mv-ddr-marvell git repository".  Stop.

Add patches to fix the build for this platform, for a few versions of TF-A
(v2.6, v2.7, v2.8, lts-v2.8.20, v2.9, v2.10, lts-v2.10.5, v2.11, v2.12 and
lts-v2.12.1).

Signed-off-by: Vincent Stehlé <vincent.stehle@arm.com>
Cc: Dick Olsson <hi@senzilla.io>
Cc: Sergey Matyukevich <geomatsi@gmail.com>
[Julien: add commands to reproduce the issue]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-15 21:29:34 +02:00
Marcus Hoffmann 1ae65b1fb5 package/python-tzlocal: bump to 5.3.1
Switch the test assert to use 'Europe/Berlin' instead of
'posix/Europe/Berlin'. The tz-name is an internal implementation detail
anyway and the lookup changed to prefer the stated name in /etc/timezone
again, if it matches the configured timezone via /usr/share/zoneinfo.

Ref: https://github.com/regebro/tzlocal/commit/4ffac9232bc854a0fa25df9f275a4267fb232850

Signed-off-by: Marcus Hoffmann <buildroot@bubu1.eu>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-15 19:16:25 +02:00
Thomas Petazzoni cebfadde9b package/libv4l: disable some options when BR2_STATIC_LIBS
Since libv4l was bumped to 1.28.1 and converted to use the meson build
system in Buildroot commit 41ce1cc690,
the build started failing on BR2_STATIC_LIBS=y configurations due to
compiling code that isn't compatible with static linking.

This commit fixes that by disabling the plugin code and the wrappers.

Fixes:

  https://autobuild.buildroot.org/results/89c6c7c0fd991d777ac7cd2b2322424099fa89cc/

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-15 19:16:25 +02:00
Thomas Petazzoni bdb5809adf package/libv4l: backport upstream patch to fix time_t issue
libv4l has some really special code that is built explicitly with
_FILE_OFFSET_BITS=32, which doesn't work with _TIME_BITS=64, causing
build failures when BR2_TIME_BITS_64=y. This build issue has been
fixed upstream. While how the upstream patch exactly works is unclear,
it's the patch that upstream has decided to implement to resolve the
build issue, so we simply backport it.

The issue exists since at least upstream commit
99f245f5e2826c7ae3ac8de530bc2fbd906eb62b, which was merged in
v4l-utils 1.26.0.

Fixes:

  https://autobuild.buildroot.org/results/616608ef2a44efff67fa21b3263b341da82744c4/

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
[Julien: add upstream commit url in patch]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-15 19:16:25 +02:00
Scott Fan 5c87c9aa0a package/mosquitto: security bump to version 2.0.21
Fixes the following security issues:

- Fix leak on malicious SUBSCRIBE by authenticated client.
  Closes eclipse #248.
- Further fix for CVE-2023-28366.

Also drop the patch that was fixed in the v2.0.21, see the closed issues:
https://github.com/eclipse-mosquitto/mosquitto/issues/3183
https://github.com/eclipse-mosquitto/mosquitto/issues/3193

However, the new version introduced a new issue, when WITH_TLS is off, the
compilation will fail. It is already reported upstream with the issue:
https://github.com/eclipse-mosquitto/mosquitto/issues/3246

However, the upstream received two identical PRs, we quote the patch file
of the earlier PR (#3227) here.
https://github.com/eclipse-mosquitto/mosquitto/pull/3227
https://github.com/eclipse-mosquitto/mosquitto/pull/3252

For more details of v2.0.21, see the changelog:
https://github.com/eclipse-mosquitto/mosquitto/blob/v2.0.21/ChangeLog.txt

Signed-off-by: Scott Fan <fancp2007@gmail.com>
[Julien: fix check-package error: add SoB lines in patch]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-15 19:16:25 +02:00
Francois Perrad 164c84ee9b package/perl: security bump to version 5.40.2
fix CVE-2024-56406: A heap buffer overflow vulnerability

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
[Julien: fix check-package error in hash file]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-15 19:16:25 +02:00
Lance Fredrickson 770c1525e6 package/wireless-regdb: bump version to 2025.02.20
See release announce:
https://lists.infradead.org/pipermail/wireless-regdb/2025-February/001686.html

Signed-off-by: Lance Fredrickson <lancethepants@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-15 19:16:25 +02:00
Lance Fredrickson 3db7e675d5 package/dnsmasq: bump version to 2.91
Changelog: https://thekelleys.org.uk/dnsmasq/CHANGELOG

Release notes:
https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2025q1/018079.html

Signed-off-by: Lance Fredrickson <lancethepants@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-15 19:16:25 +02:00
Alexis Lothoré 50c1331720 package/pahole: bump to version 1.28
On hosts with a recent version of cmake (eg: 4.0.0), builds involving
host-pahole fail with the following error:

CMake Deprecation Warning at CMakeLists.txt:1 (cmake_minimum_required):
  Compatibility with CMake < 3.5 will be removed from a future version of
  CMake.

  Update the VERSION argument <min> value or use a ...<max> suffix to tell
  CMake that the project does not need compatibility with older versions.

The issue can be reproduced on hosts with cmake >= 4.0.0 with commands:

    cat <<EOF >.config
    BR2_arm=y
    BR2_cortex_a7=y
    BR2_TOOLCHAIN_EXTERNAL=y
    BR2_TOOLCHAIN_EXTERNAL_BOOTLIN=y
    BR2_LINUX_KERNEL=y
    BR2_LINUX_KERNEL_DEFCONFIG="versatile"
    BR2_LINUX_KERNEL_NEEDS_HOST_PAHOLE=y
    EOF
    make olddefconfig
    make

The issue has already fixed in the upstream project with commit
12ca11281912 ("CMakeLists.txt: Require cmake 3.5 or higher"), which is
part of version 1.28.

Upgrade pahole to get rid of this error.

https://git.kernel.org/pub/scm/devel/pahole/pahole.git/tree/NEWS?h=v1.28

Signed-off-by: Alexis Lothoré <alexis.lothore@bootlin.com>
[Julien: add commands to reproduce the issue in commit log]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-15 19:16:25 +02:00
Thomas Devoogdt d759f8a4bd package/libfcgi: security bump to 2.4.5 to fix CVE-2025-23016
Announcement:
- https://github.com/FastCGI-Archives/fcgi2/releases/tag/2.4.5

See:
- https://nvd.nist.gov/vuln/detail/CVE-2025-23016
- https://github.com/advisories/GHSA-9825-56cx-cfg6
- https://github.com/FastCGI-Archives/fcgi2/issues/67

Signed-off-by: Thomas Devoogdt <thomas.devoogdt@barco.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-14 23:40:33 +02:00
Peter Korsgaard 9abf662cfd package/ghostscript: security bump to version 10.05.0
Fixes the following security issues:

- CVE-2025-27830: An issue was discovered in Artifex Ghostscript before
  10.05.0.  A buffer overflow occurs during serialization of DollarBlend in
  a font, for base/write_t1.c and psi/zfapi.c.

- CVE-2025-27831: An issue was discovered in Artifex Ghostscript before
  10.05.0.  The DOCXWRITE TXTWRITE device has a text buffer overflow via
  long characters to devices/vector/doc_common.c.

- CVE-2025-27832: An issue was discovered in Artifex Ghostscript before
  10.05.0.  The NPDL device has a Compression buffer overflow for
  contrib/japanese/gdevnpdl.c.

- CVE-2025-27833: An issue was discovered in Artifex Ghostscript before
  10.05.0.  A buffer overflow occurs for a long TTF font name to
  pdf/pdf_fmap.c.

- CVE-2025-27834: An issue was discovered in Artifex Ghostscript before
  10.05.0.  A buffer overflow occurs via an oversized Type 4 function in a
  PDF document to pdf/pdf_func.c.

- CVE-2025-27835: An issue was discovered in Artifex Ghostscript before
  10.05.0.  A buffer overflow occurs when converting glyphs to Unicode in
  psi/zbfont.c.

- CVE-2025-27836: An issue was discovered in Artifex Ghostscript before
  10.05.0.  The BJ10V device has a Print buffer overflow in
  contrib/japanese/gdev10v.c.

- CVE-2025-27837: An issue was discovered in Artifex Ghostscript before
  10.05.0.  Access to arbitrary files can occur through a truncated path
  with invalid UTF-8 characters, for base/gp_mswin.c and base/winrtsup.cpp.

https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/tag/gs10050

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-14 23:32:19 +02:00
Thomas Petazzoni efdf0cdbcb package/cifs-utils: bump to version 7.3
Changes 7.1..7.2:

- Security enhancements including support for password rotation,
  better credential management, and namespaces
- Various improvements to man pages

Changes 7.2..7.3:

- Three fixes, including a fix for "guest" mount problem introduced
  with version 7.2

Our patch is upstream as of 7.2, so we can drop it.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-04-14 21:43:19 +02:00
Thomas Petazzoni d39d9b53ec package/bmap-tools: bump to 3.9.0
Upstream changelog:

https://github.com/yoctoproject/bmaptool/releases/tag/v3.9.0

Two important changes from a packaging point of view:

- Switch to using hatch to build
- Remove six from production code

So we do adjust our packaging accordingly.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-04-14 21:42:34 +02:00
Raphaël Mélotte 2488d97719 package/libopenh264: ignore CVE-2025-27091
Both openh264 2.6.0 and 2.5.1 contain the fix for this CVE (see the
release notes at [1]).

In other words the version we have is no longer vulnerable since
a7aeb5a46e ("package/libopenh264:
security bump to version 2.5.1") but pkg-stats still reports it.

An email was sent to the NVD to fix the CPE version number, but in the
meantime let's ignore it to reduce the noise in our CVE checker.

[1]: https://github.com/cisco/openh264/releases/tag/2.5.1

Signed-off-by: Raphaël Mélotte <raphael.melotte@mind.be>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-04-14 21:42:00 +02:00
Thomas Petazzoni db481210e9 package/sqlite: revert upstream change causing build issue
Upstream did a change in sqlite3.pc.in that does work with their
default build system, but not with the autoconf-based amalgamation
that we use. This issue has been reported and fixed upstream, but the
fix is not yet in any new release.

For the time being, we just revert the upstream change. We don't do a
direct revert ("git revert") as multiple upstream commits touched this
very line, so we simply revert to what it was prior to the different
changes, and to what the upstream fix ends up doing.

This issue is causing build issue for all packages that use sqlite's
pkg-config file, in a static-linking configuration.

Fixes:

  https://autobuild.buildroot.org/results/1824a76eee4a877a2f19c1fd19a710ef9f059168/

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-14 21:29:19 +02:00
Andreas Ziegler b1ebc686d3 package/mpd: update to version 0.24.3
Since version 0.24.0, support for SoundCloud was removed and
yajl replaced with with json-for-modern-cpp.

Consolidated list of changes:

* decoder
  - ffmpeg: support WMA
  - mpg123: fix trailing space in tag values
  - flac: enable chained Ogg decoding
* input
  - qobuz: use nlohmann_json instead of yajl
  - io_uring: fix stuck seek after I/O error
  - curl: fix malformed "Range" header
* log: include year in time stamp
* output
  - oss: fix error "Resource temporarily unavailable"
  - shout: fix hang on activating shout output
  - snapcast: use nlohmann_json instead of yajl to generate JSON tags
  - sndio: fix rounding error in volume calculation
* player
  - fix stalled playback after queue modification
  - fix deadlock with "single" mode
* playlist
  - soundcloud: remove defunct plugin
* tags
  - libid3tag: fix Meson subproject configure error
  - libid3tag: add missing zlib dependency to Meson subproject
  - fix build failure in the "id3tag" Meson subproject
* Linux
  - allow using io_uring on Linux kernels older than 6.0
  - fix build failure with ancient kernel headers
  - add configure-time check for openat2()
  - fix use-after-free bug on io_uring shutdown
* DSD: support channel conversion

Change log:
  https://raw.githubusercontent.com/MusicPlayerDaemon/MPD/v0.24.3/NEWS

Signed-off-by: Andreas Ziegler <br015@umbiko.net>
[Julien:
 - remove test logs from commit log
 - add the removed config entry in Config.in.legacy
]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-14 20:59:02 +02:00
Thomas Devoogdt 76b4fd159b package/libfcgi: update to 2.4.4
Announcement:
- https://github.com/FastCGI-Archives/fcgi2/releases/tag/2.4.3
- https://github.com/FastCGI-Archives/fcgi2/releases/tag/2.4.4

Notes:
- drop 0001-link-against-math.patch as it is upstream [1] (by @ffontaine)
- drop 0002-disable-examples.patch as it is upstream [2] (by @ffontaine), add --disable-examples now
- update LICENSE as the name has been changed [3]

[1] https://github.com/FastCGI-Archives/fcgi2/commit/214a7bc4da57ccbb0e8840a2f595cd99701b19f6
[2] https://github.com/FastCGI-Archives/fcgi2/commit/aa74aa7dcec5905de3bdee7f8f5a0a6d62c86cad
[3] https://github.com/FastCGI-Archives/fcgi2/commit/65571daaa538e9193fab5935e3ae69ff123da19d

Signed-off-by: Thomas Devoogdt <thomas.devoogdt@barco.com>
[Julien: remove .checkpackageignore entries to fix check-package errors]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-14 20:15:46 +02:00
Joachim Wiberg 81b049f829 package/sysklogd: bump to v2.7.2
From https://github.com/troglobit/sysklogd/releases/tag/v2.7.2

 - logger: improved error handling for invalid arguments to -p and -o
 - Fix regression in v2.7.1,  allow '.' in tag names, eg. in.tftpd
 - Fix various typos in the documentation

Signed-off-by: Joachim Wiberg <troglobit@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-14 20:15:46 +02:00
Scott Fan 1d2f135ef1 package/timescaledb: bump version to 2.19.2
Release notes: https://github.com/timescale/timescaledb/blob/2.19.2/CHANGELOG.md

Signed-off-by: Scott Fan <fancp2007@gmail.com>
Reviewed-by: Maxim Kochetkov <fido_max@inbox.ru>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-14 20:15:46 +02:00
Christian Stewart 68468e5e7f package/linux-firmware: add support for amd-ucode
This "amd-ucode" directory has been present in linux-firmware since
version 20190312.

Signed-off-by: Christian Stewart <christian@aperture.us>
[Julien: add comment about version in commit log]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-14 20:15:46 +02:00
Giulio Benetti 3cfc8e7c6f package/libnvme: bump to version 1.13
For release note, see:
https://github.com/linux-nvme/libnvme/releases/tag/v1.13

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-14 20:15:46 +02:00
Thomas Petazzoni 203e9def71 support/scripts/pkg-stats: add -v/--verbose option
Running pkg-stats is currently quite verbose, as it shows one line per
package when checking for the upstream URL, and another one line per
package when checking for the latest version on
release-monitoring.org.

This noisy output is a bit annoying when pkg-stats is run in a
cronjob, like we do to update https://autobuild.buildroot.net/stats/
every day. This commit adds a -v/--verbose option, off by default, to
have a less noisy output.

Suggested-by: Peter Korsgaard <peter@korsgaard.com>
Cc: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-04-14 16:50:10 +02:00
Scott Fan 72657c6f57 package/openvpn: security bump version to 2.6.14
Fixes CVE-2025-2704.

Release notes:
https://sourceforge.net/p/openvpn/mailman/message/59169015/

Changelog:
https://github.com/OpenVPN/openvpn/blob/release/2.6/ChangeLog
https://github.com/OpenVPN/openvpn/blob/release/2.6/Changes.rst

Signed-off-by: Scott Fan <fancp2007@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-04-14 15:42:44 +02:00
Vladimir Oltean a9fe5ac03c package/qoriq-ddr-phy-binary: new package
The DDR PHY on the NXP LX2160A SoC needs firmware. This is distributed
as prebuilt binaries by NXP through GitHub.

There have been discussions and other opinions on previous revisions of
the patch on how it should be integrated:
https://lore.kernel.org/buildroot/20250318163228.9989-1-vjardin@free.fr/

But I haven't integrated any of that feedback. It is a simple package
which copies the pre-built FIP image containing DDR PHY firmware files
to the images/ folder, to be used by post-image scripts.

Signed-off-by: Vladimir Oltean <olteanv@gmail.com>
Reviewed-by: Romain Naour <romain.naour@smile.fr>
Reviewed-by: Vincent Jardin <vjardin@free.fr>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-13 15:11:53 +02:00
Bryan Brattlof 637eead755 configs/ti_am62px_sk_defconfig: switch to am62x op-tee platform flavor
Since optee_os bump to 4.5.0 in commit [1], the ti_am62px_sk_defconfig
fails to build with error:

    core/arch/arm/plat-k3/drivers/sa2ul.c:36:42: error: 'SA2UL_BASE' undeclared here (not in a function); did you mean 'SCU_BASE'?
       36 | register_phys_mem_pgdir(MEM_AREA_IO_SEC, SA2UL_BASE, SA2UL_REG_SIZE);
          |                                          ^~~~~~~~~~

This is due to a logic change in platform flavor selection in upstream.
See [2].

There is unfortunately no SA2UL_BASE defined for the am62px in op-tee
which is causing the op-tee builds to fail however the platform is
identical to the am62x platform. So for now let's switch to using the
am62x which has the proper configuration for this SoC even if it's
mislabeled.

Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/9690373039

[1] https://gitlab.com/buildroot.org/buildroot/-/commit/14ef1ed7d27ba2f6d99bbdd0d80f67df50fccce9
[2] https://github.com/OP-TEE/optee_os/commit/35c75f355c98242290e342c04648e91baf35a4f3

Signed-off-by: Bryan Brattlof <bb@ti.com>
[Julien: add extra info in commit log]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-13 13:34:13 +02:00
Bryan Brattlof b1fac04a6e configs/ti_am62ax_sk_defconfig: switch to am62x op-tee platform flavor
Since optee_os bump to 4.5.0 in commit [1], the ti_am62ax_sk_defconfig
fails to build with error:

    core/arch/arm/plat-k3/drivers/sa2ul.c:36:42: error: 'SA2UL_BASE' undeclared here (not in a function); did you mean 'SCU_BASE'?
       36 | register_phys_mem_pgdir(MEM_AREA_IO_SEC, SA2UL_BASE, SA2UL_REG_SIZE);
          |                                          ^~~~~~~~~~

This is due to a logic change in platform flavor selection in upstream.
See [2].

There is unfortunately no SA2UL_BASE defined for the am62ax in op-tee
which is causing the op-tee builds to fail however the platform is
identical to the am62x platform. So for now let's switch to using the
am62x which has the proper configuration for this SoC even if it's
mislabeled.

Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/9690372425

[1] https://gitlab.com/buildroot.org/buildroot/-/commit/14ef1ed7d27ba2f6d99bbdd0d80f67df50fccce9
[2] https://github.com/OP-TEE/optee_os/commit/35c75f355c98242290e342c04648e91baf35a4f3

Signed-off-by: Bryan Brattlof <bb@ti.com>
[Julien: add extra info in commit log]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-13 13:29:48 +02:00
Vladimir Oltean f81bb4a2ca configs/ls1043a-rdb: bump BSP tag to lf-6.12.3-1.0.0
The latest Linux Factory tag is lf-6.12.3-1.0.0 (Q1 2025), update to
that.

The LS1043A-RDB board is currently supported by NXP through a BSP
called LDLSDK. That isn't what we use, so update the documentation to
reflect that for awareness, and provide a link.

Signed-off-by: Vladimir Oltean <olteanv@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-13 11:33:49 +02:00
Vladimir Oltean 2f6f1035a1 configs/ls1046a-rdb: bump BSP tag to lf-6.12.3-1.0.0
The latest Linux Factory tag is lf-6.12.3-1.0.0 (Q1 2025), update to
that.

The LS1046A-RDB board is currently supported by NXP through a BSP
called LDLSDK. That isn't what we use, so update the documentation to
reflect that for awareness, and provide a link.

Signed-off-by: Vladimir Oltean <olteanv@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-13 11:33:49 +02:00
Vladimir Oltean e3c8525089 configs/ls1046a-frwy: bump BSP tag to lf-6.12.3-1.0.0
The latest Linux Factory tag is lf-6.12.3-1.0.0 (Q1 2025), update to
that.

The LS1046A-FRWY board is currently supported by NXP through a BSP
called LDLSDK. That isn't what we use, so update the documentation to
reflect that for awareness, and provide a link.

Signed-off-by: Vladimir Oltean <olteanv@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-13 11:33:49 +02:00
Vladimir Oltean c7c59e18ef configs/ls1028ardb: bump BSP tag to lf-6.12.3-1.0.0
Update the kernel, U-Boot, ATF tags, as well as documentation, used by
the LS1028A-RDB to the latest Linux Factory release.

Signed-off-by: Vladimir Oltean <olteanv@gmail.com>
[Julien: reword commit one liner title for consistency]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-13 11:33:49 +02:00
Vladimir Oltean c3b9add8a5 package/qoriq-fm-ucode: bump version to lf-6.12.3-1.0.0
Concretely, no change. But saves people the hassle of checking whether
any updates have been missed.

Signed-off-by: Vladimir Oltean <olteanv@gmail.com>
[Julien: reword commit one liner title for consistency]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-13 11:33:49 +02:00
Vladimir Oltean de366fc096 package/fmc: bump version to lf-6.12.3-1.0.0
Concretely, no change. But prevents people from going to Github and
checking whether the package is up to date.

Signed-off-by: Vladimir Oltean <olteanv@gmail.com>
[Julien: reword commit one liner title]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-13 11:33:49 +02:00
Vladimir Oltean 3358c3e8a8 package/fmlib: bump version to lf-6.12.3-1.0.0-3-g7a58eca
This is technically the master branch, a few commits post release tag.
Change log:

7a58ecaf0d90 fm_lib: explicit conversion to ioc_fm_pcd_exceptions in FM_PCD_SetException()
22a0d3f1867e fm_lib: make REPORT_ERROR() definition more function-like
08ac8b3112a8 fm_lib: fix conversion warnings between e_FmPcdEngine and enum ioc_fm_pcd_engine
168eae74fd8a fm_lib: fix integer-to-pointer conversion build warning in GetDeviceId()

The build fix patch from Buildroot is no longer necessary, remove it.

Signed-off-by: Vladimir Oltean <olteanv@gmail.com>
[Julien: switch _VERSION to use git describe syntax]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-13 11:33:49 +02:00
Vladimir Oltean 06f3d593f6 package/qoriq-rcw: bump version to lf-6.12.3-1.0.0-2-g45e6925
Technically, this is lf-6.12.3-1.0.0 plus a few patches on top (the
current master branch). Change log:

45e692536904 rcw: ls1028a: Add configuration for audio codec usage
3c51083d0cdf lx2160asi: e100g1_split.rcw: fix parse error

The second patch is necessary to fix a build error which was signalled
previously here on the lists:
https://lore.kernel.org/buildroot/20250318213839.17470-1-vjardin@free.fr/

Signed-off-by: Vladimir Oltean <olteanv@gmail.com>
[Julien: switch _VERSION to use git describe syntax]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-13 11:33:49 +02:00
Vladimir Oltean 88e4af822e package/qoriq-cadence-dp-firmware: bump version aligned to 6.12.3-1.0.0 BSP
This commit updates the qoriq-cadence-dp-firmware to the version
included in the 6.12.3-1.0.0 QorIQ BSP.

The firmware archive was refactored and its location has changed.
Those qoriq firmware files are now reused from the firmware-imx
archive, which is also included in Buildroot in the directory
"package/freescale-imx/firmware-imx". This commit keeps the Buildroot
package name qoriq-cadence-dp-firmware, first to keep compatibility
or Buildroot configs, and also because QorIQ BSP uses a different
version of the firmware-imx package, compared to the i.MX BSP (at a
same BSP version).

This commit updates the archive name, the archive version and the
download URL following the NXP Yocto BSP at [1]. More precisely,
the information was taken from the recipe at [2].

Note that regarding this qoriq-cadence-dp-firmware version:
- the QorIQ BSP version is: 6.12.3-1.0.0
- the Yocto dp-firmware-cadence package version is: 22.04
- the firmware-imx archive version is: 8.16

The important version we want to align with the rest of other QorIQ
components is indeed the BSP version "6.12.3-1.0.0".

This commit also updates license hashes. The license was updated from:
LA_OPT_NXP_Software_License v17 October 2020
to:
LA_OPT_NXP_Software_License v35 May 2022
Also, the license file EULA.txt was removed, so _LICENSE_FILES is
updated accordingly.

[1] https://github.com/nxp-qoriq/yocto-sdk
[2] https://github.com/Freescale/meta-freescale/blob/6fb8816cb32db4ba9391157036fa97914cc7d103/recipes-bsp/dp-firmware-cadence/dp-firmware-cadence_22.04.bb

Signed-off-by: Vladimir Oltean <olteanv@gmail.com>
[Julien:
 - reword commit log to add info on different version schemes
 - fix license hashes
]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-13 11:31:04 +02:00
Vladimir Oltean 11b93ef208 configs/ls1043a-rdb: enable the fmc package
Since LS1043A-RDB uses the Linux Factory-supplied lsdk.config, it
disables the upstream DPAA1 kernel networking drivers and enables their
SDK counterparts. These SDK kernel drivers are configured using the fmc
tool to do basic things such as apply a default PCD, so it seems a
reasonable idea to enable this package by default.

Since fmc uses C++, we need to add the standard library for that, which
also seems to increase the rootfs size.

Signed-off-by: Vladimir Oltean <olteanv@gmail.com>
[Julien: regenerate with "make savedefconfig"]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-12 14:14:05 +02:00
Vladimir Oltean a35529c0af configs/ls1046a-rdb: enable the fmc package
Since LS1046A-RDB uses the Linux Factory-supplied lsdk.config, it
disables the upstream DPAA1 kernel networking drivers and enables their
SDK counterparts. These SDK kernel drivers are configured using the fmc
tool to do basic things such as apply a default PCD, so it seems a
reasonable idea to enable this package by default.

Since fmc uses C++, we need to add the standard library for that, which
also seems to increase the rootfs size.

Signed-off-by: Vladimir Oltean <olteanv@gmail.com>
[Julien: regenerate with "make savedefconfig"]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-12 14:14:05 +02:00
Vladimir Oltean ac87a43576 configs/ls1046a-frwy: enable the fmc package
Since LS1046A-FRWY uses the Linux Factory-supplied lsdk.config, it
disables the upstream DPAA1 kernel networking drivers and enables their
SDK counterparts. These SDK kernel drivers are configured using the fmc
tool to do basic things such as apply a default PCD, so it seems a
reasonable idea to enable this package by default.

Since fmc uses C++, we need to add the standard library for that, which
also seems to increase the rootfs size.

Signed-off-by: Vladimir Oltean <olteanv@gmail.com>
[Julien: regenerate with "make savedefconfig"]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-12 14:14:05 +02:00
Julien Olivain 726150b0e6 package/optee-test: fix license hash
Commit [1] updated optee-test version but forgot to update
the license hash which was changed upstream in [2] to include
copies of the GPL-2.0 and BSD-2-Clause license files. While at
it, this commit also include those two new files in the license
hash file.

[1] https://gitlab.com/buildroot.org/buildroot/-/commit/8c2b2314df768a0add1fe45a9ad7dbcf2192d26f
[2] https://github.com/OP-TEE/optee_test/commit/a748f5fcd9ec8a574dc86a5aa56d05bc6ac174e7

Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-12 14:09:47 +02:00
Julien Olivain 11315d4787 configs/ls1043a-rdb: linux needs host-openssl
Since Buildroot commit [1] which introduced this defconfig using a
Kernel 6.6.x series, the build can fail with error:

    certs/extract-cert.c:21:10: fatal error: openssl/bio.h: No such file or directory

The issue is generally masked by the build order, as
arm-trusted-firmware selects BR2_TARGET_ARM_TRUSTED_FIRMWARE_FIP=y
which requires host-openssl.

The issue can be reproduced in the Buildroot Docker reference image,
using the commands:

    utils/docker-run
    make ls1043a-rdb_defconfig
    make linux

This commit fixes the issue by explicitly adding
BR2_LINUX_KERNEL_NEEDS_HOST_OPENSSL=y to the defconfig.

[1] https://gitlab.com/buildroot.org/buildroot/-/commit/34b047a442b1b3c64713972fc54d98c05a672c7c

Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-12 14:06:24 +02:00
Julien Olivain a83242f131 configs/ls1046a-rdb: linux needs host-openssl
Since Buildroot commit [1] which introduced this defconfig using a
Kernel 6.6.x series, the build can fail with error:

    certs/extract-cert.c:21:10: fatal error: openssl/bio.h: No such file or directory

The issue is generally masked by the build order, as
arm-trusted-firmware selects BR2_TARGET_ARM_TRUSTED_FIRMWARE_FIP=y
which requires host-openssl.

The issue can be reproduced in the Buildroot Docker reference image,
using the commands:

    utils/docker-run
    make ls1046a-rdb_defconfig
    make linux

This commit fixes the issue by explicitly adding
BR2_LINUX_KERNEL_NEEDS_HOST_OPENSSL=y to the defconfig.

[1] https://gitlab.com/buildroot.org/buildroot/-/commit/774035189fc211fccedb856b1718c8836be94387

Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-12 14:06:20 +02:00
Julien Olivain 094f7a5b86 configs/ls1046a-frwy: linux needs host-openssl
Since Buildroot commit [1] updating the defconfig to use Kernel 6.6.x
series, the build can fail with error:

    certs/extract-cert.c:21:10: fatal error: openssl/bio.h: No such file or directory

The issue is generally masked by the build order, as
arm-trusted-firmware selects BR2_TARGET_ARM_TRUSTED_FIRMWARE_FIP=y
which requires host-openssl.

The issue can be reproduced in the Buildroot Docker reference image,
using the commands:

    utils/docker-run
    make ls1046a-frwy_defconfig
    make linux

This commit fixes the issue by explicitly adding
BR2_LINUX_KERNEL_NEEDS_HOST_OPENSSL=y to the defconfig.

[1] https://gitlab.com/buildroot.org/buildroot/-/commit/0344e5dae647c5cc23eea11fcbeddd7fec776d75

Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-12 14:06:17 +02:00
Julien Olivain 5d0ec3b6a4 configs/ls1028ardb: linux needs host-openssl
Since Buildroot commit [1] updating the defconfig to use Kernel 6.6.x
series, the build can fail with error:

    certs/extract-cert.c:21:10: fatal error: openssl/bio.h: No such file or directory

The issue is generally masked by the build order, as
arm-trusted-firmware selects BR2_TARGET_ARM_TRUSTED_FIRMWARE_FIP=y
which requires host-openssl.

The issue can be reproduced in the Buildroot Docker reference image,
using the commands:

    utils/docker-run
    make ls1028ardb_defconfig
    make linux

This commit fixes the issue by explicitly adding
BR2_LINUX_KERNEL_NEEDS_HOST_OPENSSL=y to the defconfig.

[1] https://gitlab.com/buildroot.org/buildroot/-/commit/7cbc240ac2c3a5d7cbbec9826fb99854bdd156a7

Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-12 14:06:12 +02:00
Julien Olivain 7d890426bc configs/hifive_unmatched: add missing uboot custom hash file
Commit [1] introduced the hifive_unmatched_defconfig with
BR2_DOWNLOAD_FORCE_CHECK_HASH enabled and with custom hash files.
But it forgot to add the custom hash for uboot. It was not detected
at that time because the U-Boot version was the same as the default
"latest" version and was providing its hash.

This defconfig fails to build since the default "latest" was bumped
in commit [2].

This commit fixes the issue by adding the missing uboot hash.

Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/9677167053

[1] https://gitlab.com/buildroot.org/buildroot/-/commit/f9cc5dbd453c80790c1f2f7e9b19a85ded5979be
[2] https://gitlab.com/buildroot.org/buildroot/-/commit/c14ce5346d969e660cc788f2f4d8619b27c805a2

Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-12 13:59:53 +02:00
Julien Olivain cac028add6 configs/hifive_unleashed: add missing uboot custom hash file
Commit [1] enabled BR2_DOWNLOAD_FORCE_CHECK_HASHES for
hifive_unleashed_defconfig and added custom hash files. But it forgot
to add the custom hash for uboot. It was not detected at that time
because the U-Boot version was the same as the default "latest"
version and was providing its hash.

This defconfig fails to build since the default "latest" was bumped
in commit [2].

This commit fixes the issue by adding the missing uboot hash.

Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/9677167050

[1] https://gitlab.com/buildroot.org/buildroot/-/commit/1ba1055d3da2d98874aae1eedf1983a2ed933605
[2] https://gitlab.com/buildroot.org/buildroot/-/commit/c14ce5346d969e660cc788f2f4d8619b27c805a2

Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-12 13:59:49 +02:00
Dario Binacchi b74d876a9e package/azure-iot-sdk-c: bump to version LTS_03_2025
Release notes:
https://github.com/Azure/azure-iot-sdk-c/releases/tag/LTS_03_2025

Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-12 13:41:30 +02:00
Dario Binacchi a6a2cbae53 DEVELOPERS: add Dario Binacchi for ti-k3-boot-firmware
Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-12 13:35:12 +02:00
Heiko Thiery 03cd7d1a4c boot/ti-k3-boot-firmware: bump to version 11.00.10
Update to latest available version from TI.

Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Reviewed-by: Bryan Brattlof <bb@ti.com>
[Dario: Tested on SK-AM62B-P1]
Tested-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-12 12:59:16 +02:00
Adrian Perez de Castro 3a3ab70fc2 package/libmanette: bump to version 0.2.11
Bugfix release with a number of fixes, it also adds support for the
Steam Deck gamepad. Release notes:

  https://gitlab.gnome.org/GNOME/libmanette/-/blob/0.2.11/NEWS

This version introduces a dependency on the hidapi package.

Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
[Julien:
 - change release note link to use version tag
 - propagate hidapi dependencies in Config.in
]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-12 12:11:05 +02:00
Thomas Perale fde0b3fe1c package/libarchive: security bump to version 3.7.9
Fixes the following security issues:

- CVE-2024-57970: libarchive through 3.7.7 has a heap-based buffer
    over-read in header_gnu_longlink in archive_read_support_format_tar.c
    via a TAR archive because it mishandles truncation in the middle of a
    GNU long linkname.

For more information, see:
  - https://nvd.nist.gov/vuln/detail/CVE-2024-57970
  - https://github.com/libarchive/libarchive/commit/82912103214506316bd9990d73f33d743d55f570

- CVE-2025-1632: This affects the function list of the file bsdunzip.c.
    The manipulation leads to null pointer dereference. It is possible
    to launch the attack on the local host.

For more information, see:
  - https://nvd.nist.gov/vuln/detail/CVE-2025-1632
  - https://github.com/libarchive/libarchive/commit/c9bc934e7e91d302e0feca6e713ccc38d6d01532

- CVE-2025-25724: list_item_verbose in tar/util.c in libarchive through 3.7.7
    does not check an strftime return value, which can lead to a denial of
    service or unspecified other impact via a crafted TAR archive that is read
    with a verbose value of 2.
    For example, the 100-byte buffer may not be sufficient for a custom locale.

For more information, see:
  - https://nvd.nist.gov/vuln/detail/CVE-2025-25724
  - https://github.com/libarchive/libarchive/commit/c9bc934e7e91d302e0feca6e713ccc38d6d01532

The patch added in [1] are still needed for this version bump.

For more details on the version bump, see the release notes:
  - https://github.com/libarchive/libarchive/releases/tag/v3.7.8
  - https://github.com/libarchive/libarchive/releases/tag/v3.7.9

[1] 9ac63a3360 package/libarchive: fix uclibc build with libiconv (again)

Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-11 19:52:19 +02:00
Thomas Perale c497e5fcc7 package/augeas: add upstream security fix for CVE-2025-2588
Fixes the following security issue:

- CVE-2025-2588: This vulnerability affects the function
    re_case_expand of the file src/fa.c. The manipulation of the
    argument re leads to null pointer dereference

For more information, see:
  - https://nvd.nist.gov/vuln/detail/CVE-2025-2588
  - https://github.com/hercules-team/augeas/commit/af2aa88ab37fc48167d8c5e43b1770a4ba2ff403

Signed-off-by: Thomas Perale <thomas.perale@mind.be>
[Julien: add patch name in comment near _IGNORE_CVES]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-10 22:37:41 +02:00
Thomas Perale f2b14baf25 package/python-django: security bump to version 5.1.8
Fixes the following security issues:

- CVE-2025-26699: Potential denial-of-service vulnerability in
    django.utils.text.wrap()

For more information, see:
  - https://nvd.nist.gov/vuln/detail/CVE-2025-26699
  - https://github.com/django/django/commit/8dbb44d34271637099258391dfc79df33951b841

- CVE-2025-27556: Potential denial-of-service vulnerability in
    LoginView, LogoutView, and set_language() on Windows

This CVE isn't related to buildroot has it is only applicable on
Windows but this package version bump fix it.

For more information, see:
  - https://nvd.nist.gov/vuln/detail/CVE-2025-27556
  - https://github.com/django/django/commit/edc2716d01a6fdd84b173c02031695231bcee1f8

For more details on the version bump, see the release notes:
  - https://docs.djangoproject.com/en/5.1/releases/5.1.8/
  - https://docs.djangoproject.com/en/5.1/releases/5.1.7/
  - https://docs.djangoproject.com/en/5.1/releases/5.1.6/

Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-10 22:24:18 +02:00
Meena Murthy e863acaa1a configs/engicam_px30_core: bump Linux to 6.12.22 and U-Boot to 2025.04
The patch bumps the Linux kernel to version 6.12.22 and U-Boot to
version 2025.04.

Signed-off-by: Meena Murthy <meena.murthy@amarulasolutions.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-10 21:39:53 +02:00
Thomas Perale 4df4d1d312 package/libcoap: bump version to 4.3.5
The patch introduced in [1] that fixed the CVE-2024-0962 is now
available upstream in the 4.3.5 release [2].

This commit also updates the LICENSE file hash, after adding reference
to wolfSSL in [3].

For more details see the release note:
https://github.com/obgm/libcoap/blob/v4.3.5/ChangeLog

[1] 9002b818be package/libcoap: fix CVE-2024-0962
[2] https://github.com/obgm/libcoap/commit/2b28d8b0e9607e71a145345b4fe49517e052b7d9
[3] https://github.com/obgm/libcoap/commit/e3a662a934ae9e2854f50eb4cf420009a90fe1df

Signed-off-by: Thomas Perale <thomas.perale@mind.be>
[Julien: fix LICENSE file hash]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-10 21:35:31 +02:00
Thomas Perale 2d5903769f package/python-jinja2: security bump to version 3.1.6
Fixes the following security issue:

- CVE-2025-27516: Prior to 3.1.6, an oversight in how the Jinja
    sandboxed environment interacts with the |attr filter allows
    an attacker that controls the content of a template to execute
    arbitrary Python code.

For more information, see:
  - https://nvd.nist.gov/vuln/detail/CVE-2025-27516
  - https://github.com/pallets/jinja/commit/90457bbf33b8662926ae65cdde4c4c32e756e403

For more details on the version bump, see the release notes:

https://github.com/pallets/jinja/releases/tag/3.1.6

Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-10 21:25:31 +02:00
Vincent Fazio 5468334bb0 package/python3: bump to 3.13.3
For change log, see:
https://docs.python.org/release/3.13.3/whatsnew/changelog.html#python-3-13-3-final

Drop backported patches which have been included in the release.

Fixup the tk module patch to apply cleanly on 3.13.3

Signed-off-by: Vincent Fazio <vfazio@xes-inc.com>
[Julien: add link to change log]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-10 21:13:18 +02:00
Jan Čermák ed408d6fde package/linux-firmware: add RTL8125D firmware
Add firmware for RTL8125D added in [1]. The r8169 driver currently supports
this card since Linux 6.13. The firmware was added in [2] included in
linux-firmware since version 20241017.

[1] https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=f75d1fbe7809bc5ed134204b920fd9e2fc5db1df
[2] https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git/commit/?id=2af74771a7bab8265c6c8ad8fca1419f5fe53c6b

Signed-off-by: Jan Čermák <sairon@sairon.cz>
[Julien: add linux-firmware commit and version comment in commit log]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-10 21:04:42 +02:00
Giulio Benetti e40db2ac55 package/esp-hosted: bump to version 2025-04-08
This version add support for esp32c5 and local patch has been committed so
drop it.

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-09 21:54:29 +02:00
Marcus Hoffmann 2c18a7d235 package/liblinear: bump to 2.48
Rebase patch for new version.
Soname changed, so updating accordingly in the mk file.
COPYRIGHT year got updated[2]

[1] https://github.com/cjlin1/liblinear/commit/818442728081980e9786cd3e87034d4e2912f0c4
[2] https://github.com/cjlin1/liblinear/commit/6c0108dcf3f84262530b909c53e778007235bff5

Signed-off-by: Marcus Hoffmann <buildroot@bubu1.eu>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-09 21:42:12 +02:00
Marcus Hoffmann 49c73215d3 package/libndp: security bump to version 1.9
Fixes: CVE-2024-5564 [1][2]

[1] https://www.cve.org/CVERecord?id=CVE-2024-5564
[2] https://github.com/jpirko/libndp/commit/05e4ba7b0d126eea4c04387dcf40596059ee24af

Signed-off-by: Marcus Hoffmann <buildroot@bubu1.eu>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-09 21:33:52 +02:00
Giulio Benetti 7336c5fa93 package/libnss: bump version to 3.110
For release note, see:
https://hg.mozilla.org/projects/nss/diff/997c76f8a94c85b05ce85c9ae0ba3b3d600c26f3/doc/rst/releases/nss_3_110.rst

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-08 19:36:15 +02:00
Giulio Benetti bd6e781038 package/nfs-utils: bump version to 2.8.3
Release announce:
https://lore.kernel.org/linux-nfs/64a11de6-ca85-40ce-9235-954890b3a483@redhat.com/

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
[Julien: add link to release announce]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-08 19:33:12 +02:00
Dario Binacchi c14ce5346d boot/uboot: bump to version 2025.04
Release announcement:
https://lists.denx.de/pipermail/u-boot/2025-April/586033.html

Changelog:
https://github.com/u-boot/u-boot/compare/v2025.01...v2025.04

Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-08 19:25:51 +02:00
Mattias Walström ebd2a810a7 package/ethtool: bump version to 6.14
Changelog:
https://web.git.kernel.org/pub/scm/network/ethtool/ethtool.git/tree/NEWS?h=v6.14

Signed-off-by: Mattias Walström <lazzer@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-08 19:22:45 +02:00
Leo Liang 593771fafc package/kmon: bump to version 1.7.1
No functional change, but bump for consistency.

For details, see the release Notes:
https://github.com/orhun/kmon/releases/tag/v1.7.1

Signed-off-by: Leo Yu-Chi Liang <ycliang@andestech.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-08 19:21:29 +02:00
Maxime Leroy bdffdcfdac package/frr: security bump to version 10.3
Update FRR to the latest stable version (10.3, see [1]).

A new package option `BR2_PACKAGE_FRR_BFD` to enable or disable the
compilation of the BFD daemon. This one has now a dependencies with the
kernel headers 4.10 (i.e. IPV6_SRCRT_TYPE_4 from linux/ipv6.h [2]).

The configure options have been updated accordingly:
- Versions of FRR before 9.2 used `sysconfdir` and `localstatedir` as-is,
  without appending `/frr`. The `/frr` suffix had to be passed explicitly
  to `./configure`, which did not align with standard conventions.
  This behavior has since been fixed upstream [3]. As `sysconfdir` and
  `localstatedir` are already set by `pkg-autotools.mk`, they can now
  be removed from `frr.mk`.
- The `--enable-shell-access` option has been removed as of FRR 10 [4].

[1] https://frrouting.org/release/10.3/
[2] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=1ababeba4a21f
[3] https://github.com/FRRouting/frr/commit/ff62df2e4484
[4] https://github.com/FRRouting/frr/commit/afb034b0bb42
Fixes: https://www.cve.org/CVERecord?id=CVE-2024-55553
Signed-off-by: Maxime Leroy <maxime@leroys.fr>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-08 19:16:57 +02:00
Thomas Bonnefille af094ed137 package/gstreamer1/gst1-plugins-ugly: bump version to 1.24.11
AMR NB and WB have been moved from ugly to good.
For more details, see the release notes:

    https://gstreamer.freedesktop.org/releases/1.24/

Signed-off-by: Thomas Bonnefille <thomas.bonnefille@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-07 20:50:38 +02:00
Thomas Bonnefille 90b3cfedf4 package/gstreamer1/gst1-plugins-bad: bump version to 1.24.11
No functional change, but bump for consistency.
The patch that was applied by Buildroot has been applied to gstreamer.
The kate plugin has disappeared from gstreamer.
The webp plugin now requires webp_mux to compile.
The webrtc plugin now requires to be compile with plugins dtls, sctp and
srtp.

For more details, see the release notes:

    https://gstreamer.freedesktop.org/releases/1.24/

Signed-off-by: Thomas Bonnefille <thomas.bonnefille@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-07 20:50:38 +02:00
Thomas Bonnefille 82846474fe package/gstreamer1/gst1-plugins-good: bump version to 1.24.11
AMR NB and WB have been moved from ugly to good.
For more details, see the release notes:

    https://gstreamer.freedesktop.org/releases/1.24/

Signed-off-by: Thomas Bonnefille <thomas.bonnefille@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-07 20:14:22 +02:00
Thomas Bonnefille 906249f4a8 package/gstreamer1/gst1-plugins-base: bump version to 1.24.11
No functional change, but bump for consistency. For details, see the
release notes:

    https://gstreamer.freedesktop.org/releases/1.24/

Signed-off-by: Thomas Bonnefille <thomas.bonnefille@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-07 20:14:18 +02:00
Thomas Bonnefille fd00502ee0 package/gstreamer1/gstreamer1-editing-services: bump version to 1.24.11
No functional change, but bump for consistency. For details, see the
release notes:

    https://gstreamer.freedesktop.org/releases/1.24/

Signed-off-by: Thomas Bonnefille <thomas.bonnefille@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-07 20:14:14 +02:00
Thomas Bonnefille 939f524d77 package/gstreamer1/gst1-vaapi: bump version to 1.24.11
The va plugin (gst-plugins-bad) is now preffered over gst1-vaapi.
For details, see the release notes:

    https://gstreamer.freedesktop.org/releases/1.24/

Signed-off-by: Thomas Bonnefille <thomas.bonnefille@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-07 20:14:11 +02:00
Thomas Bonnefille 0b9123cd64 package/gstreamer1/gst1-rtsp-server: bump version to 1.24.11
No functional change, but bump for consistency. For details, see the
release notes:

    https://gstreamer.freedesktop.org/releases/1.24/

Signed-off-by: Thomas Bonnefille <thomas.bonnefille@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-07 20:14:08 +02:00
Thomas Bonnefille fb0e3ad9ef package/gstreamer1/gst1-libav: bump version to 1.24.11
No functional change, but bump for consistency. For details, see the
release notes:

    https://gstreamer.freedesktop.org/releases/1.24/

Signed-off-by: Thomas Bonnefille <thomas.bonnefille@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-07 20:14:04 +02:00
Thomas Bonnefille c188884d72 package/gstreamer1/gst-python: bump version to 1.24.11
No functional change, but bump for consistency. For details, see the
release notes:

    https://gstreamer.freedesktop.org/releases/1.24/

Signed-off-by: Thomas Bonnefille <thomas.bonnefille@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-07 20:14:00 +02:00
Thomas Bonnefille a4c1f3228d package/gstreamer1/gst1-devtools: bump version to 1.24.11
No functional change, but bump for consistency. For details, see the
release notes:

    https://gstreamer.freedesktop.org/releases/1.24/

Signed-off-by: Thomas Bonnefille <thomas.bonnefille@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-07 20:13:57 +02:00
Thomas Bonnefille f28d167869 package/gstreamer1/gstreamer1: bump version to 1.24.11
Signed-off-by: Thomas Bonnefille <thomas.bonnefille@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-07 20:13:53 +02:00
Giulio Benetti 9e7e255a09 package/mali-driver: bump to version 2025-04-06
This version builds up to Linux version 6.13.

Fixes:
https://autobuild.buildroot.org/results/e71/e71a5b46affe5948c16a0c83534d8f56f69b6e91/
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-07 19:57:19 +02:00
Dario Binacchi 051392a878 package/apr: bump to version 1.7.5
Release notes:
https://downloads.apache.org/apr/CHANGES-APR-1.7

Note: the upstream release note mention v1.7.5 is a security update.
The package patch 0004-Merge-r1920082-from-1.8.x.patch in Buildroot
was already fixing this security issue. This is why this commit is
not marked as a security bump.

Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-07 19:47:47 +02:00
Waldemar Brodkorb 7dda4b5751 package/uclibc: update to 1.0.52
See here for release notes:
https://mailman.openadk.org/mailman3/hyperkitty/list/devel@uclibc-ng.org/thread/AGJRU33MT2GMXFNOUDXHISFQIVRYRYXO/

Drop patches 0001/0002 which are upstream.

Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-07 19:42:30 +02:00
Jean-Michel Hautbois 53eae986a5 package/uclibc: fix NPTL alignment on m68k
Tested on QEMU using the qemu_m68k_q800_defconfig configuration, with a
switch of  the toolchain to uclibc-ng and enabling rsyslog.

This patch addresses an issue where rsyslog’s pthread_cond_wait was
busy-looping due to futex_time64 repeatedly returning EINVAL. The
correction in NPTL alignment resolves the 100% CPU usage problem.

This patch is fixed upstream [1] so apply it until it is tagged.

[1]: 278ac6b30 ("m68k: fix alignment in NPTL code")

Signed-off-by: Jean-Michel Hautbois <jeanmichel.hautbois@yoseli.org>
[Julien:
 - rename patch to 0002
 - add "Upstream:" tag in patch to fix check-package error
 - add "Signed-off-by:" in patch
]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-06 22:10:41 +02:00
Thomas Petazzoni 01895663d3 package/uclibc: add patch to fix reallocarray() definition
uClibc-ng unconditionally exposes a reallocarray() prototype, but only
provides the implementation when the malloc-standard implementation is
selected in the configuration.

As noMMU configurations can't use malloc-standard, they use malloc or
malloc-simple that don't provide reallocarray().

As a result of reallocarray() being missing, some packages such as
util-linux provide their own replacement implementation... but its
prototype clashes with the one provided by uClibc, causing build
failures such as:

In file included from lib/color-names.c:7:
./include/c.h:586:21: error: static declaration of ‘reallocarray’ follows non-static declaration
  586 | static inline void *reallocarray(void *ptr, size_t nmemb, size_t size)
      |                     ^~~~~~~~~~~~
In file included from ./include/c.h:16:
/home/thomas/projets/buildroot/output/host/arm-buildroot-uclinux-uclibcgnueabi/sysroot/usr/include/stdlib.h:898:14: note: previous declaration of ‘reallocarray’ with type ‘void *(void *, size_t,  size_t)’ {aka ‘void *(void *, unsigned int,  unsigned int)’}
  898 | extern void *reallocarray (void *__ptr, size_t __m, size_t __n);
      |              ^~~~~~~~~~~~
make[3]: *** [Makefile:12354: lib/libtcolors_la-color-names.lo] Error 1

This is addressed by a patch on uClibc, submitted upstream, which
makes sure the prototype is only exposed when the implementation is
provided.

The issue can be reproduced with commands:

    cat <<EOF >.config
    BR2_arm=y
    BR2_cortex_m4=y
    BR2_TOOLCHAIN_BUILDROOT_UCLIBC=y
    BR2_PACKAGE_UTIL_LINUX=y
    BR2_PACKAGE_UTIL_LINUX_KILL=y
    EOF
    make olddefconfig
    make util-linux

Fixes:

  https://autobuild.buildroot.net/results/157aa82aa4cd57eacc4defe6cace16e464261e9a/ (RISC-V noMMU)
  https://autobuild.buildroot.net/results/ce1a24c1465b82686ae375ac688a553fb65df5ea/ (ARM noMMU)

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
[Julien: add commands to reproduce the issue in commit log]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-06 21:59:54 +02:00
Vincent Fazio 34424432ba package/python3: backport upstream fix for mimalloc on armeb
Python3 uses mimalloc by default, however, mimalloc did not compile for
big-endian ARM and generated the wrong instructions for ARMv7+ targets.

These issues have been fixed upstream in both mimalloc and CPython.

The issue can be reproduced with commands:

    cat <<EOF >.config
    BR2_armeb=y
    BR2_cortex_a15=y
    BR2_TOOLCHAIN_EXTERNAL=y
    BR2_TOOLCHAIN_EXTERNAL_BOOTLIN=y
    BR2_PACKAGE_PYTHON3=y
    EOF
    make olddefconfig
    make python3

Fixes: https://autobuild.buildroot.org/results/26b752738022e8b46e810a08e28d687120e5c4e3/

Signed-off-by: Vincent Fazio <vfazio@xes-inc.com>
[Julien: add commands to reproduce the issue in commit log]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-06 21:35:21 +02:00
Nayab Sayed 8c2b2314df package/optee-test: bump to 4.5.0
Update optee-test to the latest tagged release

Signed-off-by: Nayab Sayed <nayabbasha.sayed@microchip.com>
[Julien: move package archive hash to the "Locally computed" section]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-06 11:23:02 +02:00
Nayab Sayed 70035cbb1e package/optee-examples: bump to 4.5.0
Update optee-examples to the latest tagged release

Signed-off-by: Nayab Sayed <nayabbasha.sayed@microchip.com>
[Julien: move package archive hash to the "Locally computed" section]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-06 11:23:00 +02:00
Nayab Sayed 280162a468 package/optee-client: bump to 4.5.0
Bump to the latest version of optee-client

Signed-off-by: Nayab Sayed <nayabbasha.sayed@microchip.com>
[Julien: move package archive hash to the "Locally computed" section]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-06 11:22:54 +02:00
Nayab Sayed 14ef1ed7d2 boot/optee-os: bump to 4.5.0
Update OP-TEE to its latest tag

Signed-off-by: Nayab Sayed <nayabbasha.sayed@microchip.com>
[Julien: move package archive hash to the "Locally computed" section]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-06 11:22:44 +02:00
Giulio Benetti e22b828db6 package/esp-hosted: fix build failure with Linux 6.13.0
Add local patch pending upstream to fix renaming of spi_alloc_master() into
spi_alloc_host() during Linux version 6.13.0.

Fixes:
https://autobuild.buildroot.org/results/68ce3721475d259a0db42b7ab84ef08ed7fba00c/
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-05 21:32:21 +02:00
Giulio Benetti a4430578ae package/libfuse3: bump to version 3.17.1
Release notes:
https://github.com/libfuse/libfuse/releases/tag/fuse-3.17.1

Add 2 local patches pending upstream, one to fix build with linux version
< 5.9 and one to fix presence checking of static_assert() on C++ version <
11. Let's also fix a linker failure due to missing -latomic if toolchain
has atomic.

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-05 16:40:18 +02:00
Thomas Perale a3b4ae2eac package/dillo: remove trailing slash in _SITE url
Commit f2a862fe60 (package/dillo: move to github) changed the source
site for the Dillo package. This change introduced a trailing slash at
the end of the URL.

This cause an error when running `make show-info` with `BR2_PACKAGE_DILLO=y`:

```
package/dillo/dillo.mk:46: *** DILLO_SITE (https://github.com/dillo-browser/dillo/releases/download/v3.0.5/) cannot have a trailing slash.  Stop.
```

This commit removes the trailing slash.

Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-04 19:04:20 +02:00
Vincent Fazio 43abcd4c7d package/python-smbus2: new package
Add python-smbus2 as an alternative for python-smbus-cffi as the latter
has not seen updates in 8 years and was archived on Jan 4 2024.

Signed-off-by: Vincent Fazio <vfazio@xes-inc.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-03 21:57:29 +02:00
Thomas Petazzoni 8292b8fb89 package/glibc: disable on RISC-V ilp32f and lp64f, not supported
glibc fails to build on RISC-V 32-bit with the ilp32f ABI and on
RISC-V 64-bit with the lp64f: both use single-point precision floating
point, which glibc doesn't support, failing during the configure step
with:

  configure: error: glibc does not yet support the single floating-point ABI

Fix that by disabling glibc support on those configurations.

Fixes:

  https://autobuild.buildroot.org/results/fe8d569cab507992978ef0da649278dd3a9e0b23/

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-03 21:52:02 +02:00
Romain Naour 8d3b1781f6 support/download/svn: use 'svn info' whith LC_ALL=C
Use the 'C' locale when retrieving the date of the last change using
'svn info' since the svn download helper script expect
"Last Changed Date" string.

If another locale is used, the 'date' is empty so the generated
archive (by mk_tar_gz) will not match the expected hash since
the file timestamp is not set properly.

If LANG=fr_FR.UTF-8 is defined in the host system, svn print some
"French encrypted" text:

  eval svn --non-interactive --config-option servers:global:http-timeout=10 info ''\''https://svn.code.sf.net/p/xmlrpc-c/code/advanced@r3176'\'''
  ...
  Date de la dernière modification: 2023-09-02 19:13:35 +0200 (sam. 02 sept. 2023)

diffoscope confirm that the file timestamp is not set correctly
in the generated archive:

$ diffoscope NOK/libxmlrpc-r3176-svn5.tar.gz OK/libxmlrpc-r3176-svn5.tar.gz

Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-03 21:48:27 +02:00
Thomas Petazzoni 06803b1eb6 package/python3: backport upstream patch to fix pyatomic.h headers
Since the bump of Python to 3.13.2, cracklib fails to build when
Python support is enabled, due to an issue in the Python headers. This
issue has been fixed upstream in the 3.13.x branch, and this commit
simply backports the upstream fix.

Fixes:

  https://autobuild.buildroot.org/results/26f6fe75f75c65bb9d58bbdbec733ebfe9b8565c/

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-03 21:14:42 +02:00
Gilles Bardoux 1747ebf29b package/python-twisted: fix cpe id vendor
twistedmatrix is deprecated, twisted is the current cpe id vendor
for python-twisted.

See:
https://nvd.nist.gov/products/cpe/detail/A38171CB-8F75-4CE2-8C00-229D4A8F1C0E

Signed-off-by: Gilles Bardoux <gilles.bardoux@sagemcom.com>
[Julien: reformat patch and add nvd link]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-02 22:13:20 +02:00
Gilles Bardoux 6a1eca91b9 package/python-fastapi: fix cpe id vendor
fastapi_project is deprecated, tiangolo is the current cpe id vendor
for python-fastapi.

See:
https://nvd.nist.gov/products/cpe/detail/4339522D-F85C-4C37-966F-A5CFF72D1D04

Signed-off-by: Gilles Bardoux <gilles.bardoux@sagemcom.com>
[Julien: reformat patch and add nvd link]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-02 22:13:20 +02:00
Dario Binacchi 68d0da4ba7 package/linux-firmware: add option for Intel NPU firmware
Add an option to install the firmware files for Intel Neural Processing
Unit (NPU) device.

Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-02 21:27:39 +02:00
Dario Binacchi a7b88938ea package/linux-firmware: bump version to 20250311
Updating the hash of the WHENCE file, due to firmware additions and
firmware changes, but no changes to the redistribution/licensing
conditions.
Additionally, the files intel/vpu/{vpu_37xx_v1.bin,vpu_40xx_v1.bin} have
been added along with the corresponding license LICENSE.intel_vpu.

Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-02 21:27:39 +02:00
Waldemar Brodkorb b5ef0a1d3c package/libpjsip: update to 2.15.1
For a changelog see here:
https://github.com/pjsip/pjproject/releases/tag/2.15.1

Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-04-02 21:17:38 +02:00
Waldemar Brodkorb 770f915497 package/libjwt: update to 3.2.0
For a complete changelog see here:
https://github.com/benmcollins/libjwt/compare/v1.17.2...v3.2.0

Convert to cmake infrastructure as autotools were removed
upstream.

Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
[Arnout: remove redundant empty line]
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-04-02 21:17:22 +02:00
Raphaël Mélotte 0f4fef076f package/libfreeglut: add upstream security fix for CVE-2024-2425{8, 9}
Fixes the following security issues:

- CVE-2024-24258: freeglut 3.4.0 was discovered to contain a memory leak
via the menuEntry variable in the glutAddSubMenu function.
- CVE-2024-24259: freeglut through 3.4.0 was discovered to contain a
memory leak via the menuEntry variable in the glutAddMenuEntry
function.

https://nvd.nist.gov/vuln/detail/CVE-2024-24258
https://nvd.nist.gov/vuln/detail/CVE-2024-24259

The CVEs are not technically reported for the libfreeglut package
itself (which doesn't have a CPE identifier) but for mupdf.

Note that mudpf provides its own (old) version of freeglut, but our
mupdf package uses the Buildroot-provided freeglut (which now contains
the fix).

It also has to be noted that a more recent release of libfreeglut
exists upstream, and it fixes the same CVEs.  Bumping our package
version however requires more work that can be done separately.
Including this patch first also has the advantage that it can easily
be backported wherever it's needed.

Signed-off-by: Raphaël Mélotte <raphael.melotte@mind.be>
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
2025-04-02 21:14:34 +02:00
Arnout Vandecappelle e6418ecad4 DEVELOPERS: change arnout's address
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-02 21:07:36 +02:00
Christian Stewart 5764773957 package/go: security bump to version 1.23.8
go1.23.8 (released 2025-04-01) includes security fixes to the net/http package,
as well as bug fixes to the runtime and the go command.

https://go.dev/doc/devel/release#go1.23.8
https://github.com/golang/go/issues?q=milestone%3AGo1.23.8+label%3ACherryPickApproved

Signed-off-by: Christian Stewart <christian@aperture.us>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-04-02 09:28:21 +02:00
Meena Murthy 6e6bd098c3 configs/engicam_px30_core_defconfig: new defconfig
Add initial support for Engicam PX30 SOM board
with below features:
- U-Boot 2024.01
- Linux 6.12.19
- Default packages from buildroot

px30 ctouch2 with 10 inches display

https://www.engicam.com/vis-prod/C-Touch-2-0-Carrier-Board/

Signed-off-by: Meena Murthy <meena.murthy@amarulasolutions.com>
Signed-off-by: Michael Trimarchi <michael@amarulasolutions.com>
[Julien:
 - fix linux-6.12.19 hash
 - add missing BR2_TARGET_UBOOT_NEEDS_GNUTLS=y
]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-01 23:34:05 +02:00
Dario Binacchi 5cab9ee224 package/ufs-utils: new package
It's a tool to access UFS (Universal Flash Storage) devices from user
space.

Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-01 21:33:44 +02:00
Michael Nosthoff 2b6b2333cf package/spdlog: bump to version 1.15.2
Release Notes: https://github.com/gabime/spdlog/releases/tag/v1.15.2

- fixes an issue with the %D format flag found by OSS-Fuzz

Signed-off-by: Michael Nosthoff <buildroot@heine.tech>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-01 21:18:27 +02:00
Dario Binacchi 02f42887c3 package/armadillo: bump to version 14.4.1
Release notes:
https://arma.sourceforge.net/docs.html#changelog

Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-01 21:11:11 +02:00
Matheus Tavares Bernardino 4ba51914e9 linux: fix broken mailing list link (404)
Signed-off-by: Matheus Tavares Bernardino <matheus.bernardino@oss.qualcomm.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-01 21:07:29 +02:00
Waldemar Brodkorb 696703dc5a package/zabbix: update to 7.2.5
See here for a changelog:
https://www.zabbix.com/rn/rn7.2.5
https://www.zabbix.com/rn/rn7.2.4

Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-31 21:48:05 +02:00
Thomas Devoogdt 90bbe4f469 package/cairo: bump to 1.18.4
News:
- https://www.cairographics.org/news/cairo-1.18.4/

Other changes:
- 0001-cairo-ft-private.h-fix-missing-FT_Color-error.patch
  has been dropped because it's upstream. [1]

- c_std=gnu11 override has been dropped because
  it's upstream. [2]

- Use the new 'lzo' option. [3]

[1] https://gitlab.freedesktop.org/cairo/cairo/-/commit/9607e19a9e4c1784e7b656772e1df82aea26f6e7
[2] https://gitlab.freedesktop.org/cairo/cairo/-/commit/b60f47dfd5bbe98aec43f6c356ba3be9a1b7989e
[3] https://gitlab.freedesktop.org/cairo/cairo/-/commit/c1748e79f0b18d44891bda2b6aa877175d802660

Signed-off-by: Thomas Devoogdt <thomas@devoogdt.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-31 21:38:25 +02:00
Thomas Devoogdt b896dca532 package/libsoup3: bump to 3.6.5
News:
- https://download.gnome.org/sources/libsoup/3.6/libsoup-3.6.3.news
- https://download.gnome.org/sources/libsoup/3.6/libsoup-3.6.4.news
- https://download.gnome.org/sources/libsoup/3.6/libsoup-3.6.5.news

Also drop the krb5_config, which was dropped in commit
https://gitlab.gnome.org/GNOME/libsoup/-/commit/123eb029bf3fa08f3c45678c0a43ae4b930e6631.

Signed-off-by: Thomas Devoogdt <thomas@devoogdt.com>
Reviewed-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-30 22:21:22 +02:00
Giulio Benetti 4204bfea5d package/libnvme: bump to version 1.12
For release note, see:
https://github.com/linux-nvme/libnvme/releases/tag/v1.12

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-30 11:13:36 +02:00
Thomas Devoogdt 0879359c0a package/libsrtp: bump to 2.7.0
https://github.com/cisco/libsrtp/releases/tag/v2.7.0

Signed-off-by: Thomas Devoogdt <thomas@devoogdt.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-30 11:09:55 +02:00
Bernd Kuhls 8c439db4a1 package/freeswitch: fix build with GCC 14.x
Fixes:
https://autobuild.buildroot.org/results/33c/33c41d8da8190933d863ed6f75e5d586d1c22a2f/

Build error is also present on the 2024.11.x branch:
https://autobuild.buildroot.org/results/7eef69e6587783307cd9231abdc4a2fee60c075f/

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-29 21:42:52 +01:00
Thomas Devoogdt 8a402952a7 package/lighttpd: bump to 1.4.78
News:
- https://www.lighttpd.net/2025/3/22/1.4.78/

Signed-off-by: Thomas Devoogdt <thomas@devoogdt.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-29 21:24:21 +01:00
Yann E. MORIN e679cd4974 package/docker-credential-acr-env: new package
Signed-off-by: Yann E. MORIN <yann.morin@orange.com>
Cc: Christian Stewart <christian@aperture.us>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-29 16:55:48 +01:00
Yann E. MORIN 992d43b373 package/docker-credential-gcr: new package
Signed-off-by: Yann E. MORIN <yann.morin@orange.com>
Cc: Christian Stewart <christian@aperture.us>
[Julien: reflow Config.in help to fix check-package error]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-29 16:55:48 +01:00
Yann E. MORIN 9a95806225 package/amazon-ecr-credential-helper: new package
Signed-off-by: Yann E. MORIN <yann.morin@orange.com>
Cc: Christian Stewart <christian@aperture.us>
[Julien: reflow Config.in help to fix check-package error]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-29 16:55:32 +01:00
Yann E. MORIN b974c91fe4 package/pkg-golang: support _SUBDIR
Some packages have their actual source tree in a sub-directory (even if
that is the only source in the repository); this is the case for example
with the Amazon ECR credential helper (to be packaged in a follow up
commit):
    https://github.com/awslabs/amazon-ecr-credential-helper

Do the build in _SUBDIR, and also do the vendoring in there.

We don't need the build to generate executables inside _SUBDIR, so we
just keep using $(@D)/bin as a place to generate them (and install them
from).

Signed-off-by: Yann E. MORIN <yann.morin@orange.com>
Cc: Christian Stewart <christian@aperture.us>
Reviewed-by: Christian Stewart <christian@aperture.us>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-29 16:55:32 +01:00
Francois Dugast 1ba1055d3d configs/hifive_unleashed: bump Linux to 6.12.20 and U-Boot to 2025.01
This commit bumps Linux to 6.12.20 and U-Boot to 2025.01, to
align versions to those used in the Hifive Unmatched defconfig
to make maintenance easier. The new U-Boot version needs gnutls.

This commit also enabled BR2_DOWNLOAD_FORCE_CHECK_HASHES in
defconfigs. The .checkpackageignore is updated to reflect that change.

Signed-off-by: Francois Dugast <francois.dugast.foss@gmail.com>
[Julien:
 - reword commit log
 - add missing BR2_TARGET_UBOOT_NEEDS_GNUTLS=y
 - change linux.hash comment to take hash from upstream
 - change linux-headers.hash file to a symlink
]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-29 12:44:56 +01:00
Francois Dugast f9cc5dbd45 configs/hifive_unmatched: new board
This patch adds support for the HiFive Unmatched board. This includes
building the firmware, kernel and rootFS for the HiFive Unmatched.

The configuration is similar to the one for the HiFive Unleashed, this
is why most of it is shared in board/sifive/common.

Signed-off-by: Francois Dugast <francois.dugast.foss@gmail.com>
[Julien:
 - add missing BR2_TARGET_UBOOT_NEEDS_GNUTLS=y
 - change linux.hash comment to take hash from upstream
 - change linux-headers.hash file to a symlink
]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-29 12:44:56 +01:00
Francois Dugast ec8120af81 configs/hifive_unleashed: extract common configuration
Move the generic part of the configuration into a new "common" directory
so that it is easier to add similar boards without duplicating the files.

Signed-off-by: Francois Dugast <francois.dugast.foss@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-29 12:44:56 +01:00
Francois Dugast 185c0ba4b9 board/sifive/hifive-unleashed: fix shellcheck warning in post-build.sh
This removes a warning reported by shellcheck: "Double quote to prevent
globbing and word splitting". As a result, the file can be removed from
.checkpackageignore.

Signed-off-by: Francois Dugast <francois.dugast.foss@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-29 12:44:56 +01:00
Yann E. MORIN 15f15cfe01 package/freerdp: bump to latest commit on legacy stable branch
FreeRDP fails to build on newer gcc:

    /freerdp-2.11.7/libfreerdp/core/info.c:88:39: error: initialization of 'const WCHAR *' {aka 'const short unsigned int *'} from incompatible pointer type 'BYTE *' {aka 'unsigned char *'} [-Wincompatible-pointer-types]
       88 |                 const WCHAR* domain = Stream_Pointer(s);
          |                                       ^~~~~~~~~~~~~~

There is a patch upstream [0] to fix that one, but then another similar
build failure triggers, which is also fixed upstream, but then a third
failre triggers, again fixed upstream [2], but then...

FreeRDP 2.x has been kinda discontinued, and the new stable is 3.x.
However, bumping to 3.x looks like a huge leap.

So, rather than backport, just bump to the latest commit on the
stable-2.0 branch, which carries 12 non-merge commits with build fixes:
    562ae3588 [winpr,pubsub] add NULL parameter checks
    68c7c21b9 X11 client: ignore grab related LeaveNotify events
    a9deecc99 fix [core]: 'invalid hHandle' errors
    052c525e0 [core] eliminate rdpRdp::instance
    be23ed4ba [server,proxy] deactivate capture module
    5b2b53b15 [warnings] fix -Wincompatible-pointer-types
    67818bddb [client,wayland] fix const correctness
    d2b6771c7 X11: fix pointer/integer type mismatch
[2] 7894a7dfc redirection: Fix incompatible pointer type
[1] f3ed1f1ac redirection: Fix incompatible pointer type
[0] 4f411197d info: Fix incompatible pointer type
    a383740a2 next-dev-2.11.8-dev

Fixes:
    http://autobuild.buildroot.org/results/e1b/e1b95b4fb0005d4e933b027b508cec9ad510bd73/
    http://autobuild.buildroot.org/results/ba0/ba0beae13e1be2573878ee50b1566f4427b269a3/
    ...

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-29 11:42:54 +01:00
Yann E. MORIN e172bb48d3 package/libcap: do not attempt to run ldconfig
The libcap Makefile is hand-coded (i.e. not autotools), and hard-codes
calls to /sbin/ldconfig, unless it is installed out-of-tree. For target
packages, this is done, but for host package this is not done, as we
do set PREFIX instead, which causes libcap's Makefile to call ldconfig
and emits a spurious warning (twice):

    install -m 0755 libcap.so.2.73 /home/ymorin/dev/buildroot/O/master/per-package/host-libcap/host/lib/libcap.so.2.73
    ln -sf libcap.so.2.73 /home/ymorin/dev/buildroot/O/master/per-package/host-libcap/host/lib/libcap.so.2
    ln -sf libcap.so.2 /home/ymorin/dev/buildroot/O/master/per-package/host-libcap/host/lib/libcap.so
    /sbin/ldconfig
    /sbin/ldconfig: Can't create temporary cache file /etc/ld.so.cache~: Permission denied
    make[4]: [Makefile:200: install-shared-cap] Error 1 (ignored)

This is just a warning, but it is incorrect still.

Fake an out-of-tree install with a non-empy DESTDIR that is just '/',
and thus does in fact not install out-of-tree. This is enough to
actually silence the warning. Add a little comment to explain that.

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Bernd Kuhls <bernd@kuhls.net>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-29 11:18:21 +01:00
Sébastien Szymanski f3ce9a56f9 package/freescale-imx/imx-gpu-g2d: re-install headers to staging
Commit 44355f7998 ("package/freescale-imx/imx-gpu-g2d: install the
specific library for i.MX8MM") accidentally remove the headers'
installation to the staging directory. Fix that.

Fixes: 44355f7998 ("package/freescale-imx/imx-gpu-g2d: install the specific library for i.MX8MM")
Signed-off-by: Sébastien Szymanski <sebastien.szymanski@armadeus.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-29 11:14:49 +01:00
Peter Seiderer 5d85d23e16 package/v4l2loopback: fix v4l2loopback-ctl compile/install
Since upstream commit [1] the original v4l2loopback-ctl bash script was
replaced by a C version, so add a proper compile step (and remove bash
runtime dependency) to fix '[help] v4l2loopback package build fails for
raspberrypi5' [2].

The issue can be reproduced with the commands:

    cat <<EOF >.config
    BR2_aarch64=y
    BR2_TOOLCHAIN_EXTERNAL=y
    BR2_LINUX_KERNEL=y
    BR2_LINUX_KERNEL_USE_ARCH_DEFAULT_CONFIG=y
    BR2_PACKAGE_V4L2LOOPBACK=y
    BR2_PACKAGE_V4L2LOOPBACK_UTILS=y
    EOF
    make olddefconfig
    make v4l2loopback

Note: upstream commit [1] was introduced in version v0.13.0.
Buildroot bumped v4l2loopback to v0.13.2 in [3].

Fixes:

  /usr/bin/install: cannot stat
  '.../build/v4l2loopback-0.13.2/utils/v4l2loopback-ctl':
  No such file or directory

[1] https://github.com/v4l2loopback/v4l2loopback/commit/33922fa4e9965d400edcc2761e55fedf84bbb22a
[2] https://lists.busybox.net/pipermail/buildroot/2025-March/775911.html
[3] https://gitlab.com/buildroot.org/buildroot/-/commit/02540771bccf7b10c7daecce5f0e1e41a73c1e07

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
[Julien:
 - add commands to reproduce the issue
 - add reference to buildroot commit introducing the issue
]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-29 11:08:35 +01:00
Thomas Petazzoni 0a5a0772c2 package/gdb: bump 16.x series to 16.2
This is a corrective release over GDB 16.1, fixing the following issues:

    PR build/32578 (cannot build GDB 16.1 out of tree when calling the configure script with a relative path)
    PR tui/32592 ([gdb/tui] internal error in tui-winsource.c:340:refresh_window)
    PR remote/32593 (Incompatibilities between GDB's and LLDB's 'x' packet implementation)
    PR build/32610 (Missing #include file in darwin_nat.c)

None of which is really super important for Buildroot, but at least
we're using the latest without wondering why we're not.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-28 19:39:45 +01:00
Michael Nosthoff 364afb899d package/gtest: bump to version 1.16.0
release notes: https://github.com/google/googletest/releases/tag/v1.16.0

Signed-off-by: Michael Nosthoff <buildroot@heine.tech>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-28 19:39:45 +01:00
Bernd Kuhls fed4ccb181 package/tor: bump version to 0.4.8.16
Release notes:
https://gitlab.torproject.org/tpo/core/tor/-/raw/release-0.4.8/ReleaseNotes
https://forum.torproject.org/t/stable-release-0-4-8-16/18062

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-28 19:39:45 +01:00
Bernd Kuhls ca3c0ec5d3 package/kodi-pvr-waipu: bump version to 21.10.1-Omega
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-28 19:39:45 +01:00
Peter Korsgaard a7aeb5a46e package/libopenh264: security bump to version 2.5.1
Fixes the following security issue:

CVE-2025-27091: OpenH264 Decoding Functions Heap Overflow Vulnerability

A vulnerability in the decoding functions of OpenH264 codec library could
allow a remote, unauthenticated attacker to trigger a heap overflow.

This vulnerability is due to a race condition between a Sequence Parameter
Set (SPS) memory allocation and a subsequent non Instantaneous Decoder
Refresh (non-IDR) Network Abstraction Layer (NAL) unit memory usage.  An
attacker could exploit this vulnerability by crafting a malicious bitstream
and tricking a victim user into processing an arbitrary video containing the
malicious bitstream.  An exploit could allow the attacker to cause an
unexpected crash in the victim's user decoding client and, possibly, perform
arbitrary commands on the victim's host by abusing the heap overflow.

https://github.com/cisco/openh264/security/advisories/GHSA-m99q-5j7x-7m9x
https://github.com/cisco/openh264/releases/tag/2.5.1

The upstream tag now has no 'v' prefix, so drop it from _SITE.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-28 19:39:45 +01:00
Peter Korsgaard 91bfce113e package/mbedtls: security bump to version 2.8.10
Fixes the following security issues:

- CVE-2025-27809: Note that TLS clients should generally call
  mbedtls_ssl_set_hostname() if they use certificate authentication (i.e.
  not pre-shared keys).  Otherwise, in many scenarios, the server could be
  impersonated.  The library will now prevent the handshake and return
  MBEDTLS_ERR_SSL_CERTIFICATE_VERIFICATION_WITHOUT_HOSTNAME if
  mbedtls_ssl_set_hostname() has not been called.

  https://mbed-tls.readthedocs.io/en/latest/security-advisories/mbedtls-security-advisory-2025-03-1/

- CVE-2025-27810: Zeroize temporary heap buffers used in PSA operations.
  Fix a vulnerability in the TLS 1.2 handshake.  If memory allocation
  failed or there was a cryptographic hardware failure when calculating the
  Finished message, it could be calculated incorrectly.  This would break
  the security guarantees of the TLS handshake.

  https://mbed-tls.readthedocs.io/en/latest/security-advisories/mbedtls-security-advisory-2025-03-2/

For more details, see the release notes:
https://github.com/Mbed-TLS/mbedtls/releases/tag/mbedtls-2.28.10

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-28 19:39:45 +01:00
Bernd Kuhls e242a5908c package/exim: security bump version to 4.98.2
Fixes CVE-2025-30232:
https://lists.exim.org/lurker/message/20250326.140105.6b97555b.en.html
https://exim.org/static/doc/security/CVE-2025-30232.txt

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Reviewed-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-28 19:39:45 +01:00
Peter Korsgaard 57d2bdb123 package/xwayland: security bump to version 24.1.6
23.2.5 fixes the following security issues:

1) CVE-2024-31080: Heap buffer overread/data leakage in ProcXIGetSelectedEvents

Introduced in: xorg-server-1.7.0 (2009)
Fixed in: xorg-server-21.1.12 and xwayland-23.2.5
Fix: https://gitlab.freedesktop.org/xorg/xserver/-/commit/96798fc1967491c80a4d0
Found by: Alan Coopersmith of Oracle Solaris, while investigating
       https://debbugs.gnu.org/cgi/bugreport.cgi?bug=69762

The ProcXIGetSelectedEvents() function uses the byte-swapped length of the
return data for the amount of data to return to the client, if the client
has a different endianness than the X server.

2) CVE-2024-31081: Heap buffer overread/data leakage in ProcXIPassiveGrabDevice

Introduced in: xorg-server-1.7.0 (2009)
Fixed in: xorg-server-21.1.12 and xwayland-23.2.5
Fix: https://gitlab.freedesktop.org/xorg/xserver/-/commit/3e77295f888c67fc7645d
Found by: Alan Coopersmith of Oracle Solaris

The ProcXIPassiveGrabDevice() function uses the byte-swapped length of the
return data for the amount of data to return to the client, if the client
has a different endianness than the X server.

3) CVE-2024-31083: User-after-free in ProcRenderAddGlyphs

Introduced in: prior to X11R6.7 (2004)
Fixed in: xorg-server-21.1.12 and xwayland-23.2.5
Fix: https://gitlab.freedesktop.org/xorg/xserver/-/commit/bdca6c3d1f5057eeb3160
Found by: Jan-Niklas Sohn working with Trend Micro Zero Day Initiative

The ProcRenderAddGlyphs() function calls the AllocateGlyph() function
to store new glyphs sent by the client to the X server.  AllocateGlyph()
would return a new glyph with refcount=0 and a re-used glyph would end up
not changing the refcount at all. The resulting glyph_new array would thus
have multiple entries pointing to the same non-refcounted glyphs.

ProcRenderAddGlyphs() may free a glyph, resulting in a use-after-free when
the same glyph pointer is then later used.

https://lists.x.org/archives/xorg-announce/2024-April/003497.html

24.1.4 fixes the following security issues:

1) CVE-2024-9632: Heap-based buffer overflow privilege escalation in
_XkbSetCompatMap

Introduced in: xorg-server-1.1.1 (2006)
Fixed in: xorg-server-21.1.14 and xwayland-24.1.4
Fix:
https://gitlab.freedesktop.org/xorg/xserver/-/commit/85b776571487f52e756f68a069c768757369bfe3
Found by: Jan-Niklas Sohn working with Trend Micro Zero Day Initiative

The _XkbSetCompatMap() function attempts to resize the `sym_interpret`
buffer.

However, It didn't update its size properly. It updated `num_si` only,
without updating `size_si`.

This may lead to local privilege escalation if the server is run as root
or remote code execution (e.g. x11 over ssh).

xorg-server-21.1.14 and xwayland-24.1.4 have been patched to fix this issue.

https://lists.x.org/archives/xorg-announce/2024-October/003545.html

24.1.6 fixes the following security issues:

1) CVE-2025-26594: Use-after-free of the root cursor

Introduced in: Unknown - Prior to X11R6.6 Xorg baseline
Fixed in: xorg-server-21.1.16 and xwayland-24.1.6
Fix: https://gitlab.freedesktop.org/xorg/xserver/-/commit/01642f26
      https://gitlab.freedesktop.org/xorg/xserver/-/commit/b0a09ba6
Found by: Jan-Niklas Sohn working with Trend Micro Zero Day Initiative

The root cursor is referenced in the xserver as a global variable. If
a client manages to free the root cursor, the internal reference points
to freed memory and causes a use-after-free.

xorg-server-21.1.16 and xwayland-24.1.6 have been patched to fix this issue.

2) CVE-2025-26595: Buffer overflow in XkbVModMaskText()

Introduced in: Prior to X11R6.1
Fixed in: xorg-server-21.1.16 and xwayland-24.1.6
Fix: https://gitlab.freedesktop.org/xorg/xserver/-/commit/11fcda87
Found by: Jan-Niklas Sohn working with Trend Micro Zero Day Initiative

The code in XkbVModMaskText() allocates a fixed sized buffer on the
stack and copies the names of the virtual modifiers to that buffer.

The code however fails to check the bounds of the buffer correctly and
would copy the data regardless of the size, which may lead to a buffer
overflow.

xorg-server-21.1.16 and xwayland-24.1.6 have been patched to fix this issue.

3) CVE-2025-26596: Heap overflow in XkbWriteKeySyms()

Introduced in: initial version of xc/programs/Xserver/xkb/xkb.c in X11R6
Fixed in: xorg-server-21.1.16 and xwayland-24.1.6
Fix: https://gitlab.freedesktop.org/xorg/xserver/-/commit/80d69f01
Found by: Jan-Niklas Sohn working with Trend Micro Zero Day Initiative

The computation of the length in XkbSizeKeySyms() differs from what is
actually written in XkbWriteKeySyms(), which may lead to a heap based
buffer overflow.

xorg-server-21.1.16 and xwayland-24.1.6 have been patched to fix this issue.

4) CVE-2025-26597: Buffer overflow in XkbChangeTypesOfKey()

Introduced in: X11R6.1
Fixed in: xorg-server-21.1.16 and xwayland-24.1.6
Fix: https://gitlab.freedesktop.org/xorg/xserver/-/commit/0e4ed949
Found by: Jan-Niklas Sohn working with Trend Micro Zero Day Initiative

If XkbChangeTypesOfKey() is called with 0 group, it will resize the key
symbols table to 0 but leave the key actions unchanged.

If later, the same function is called with a non-zero value of groups,
this will cause a buffer overflow because the key actions are of the wrong
size.

5) CVE-2025-26598: Out-of-bounds write in CreatePointerBarrierClient()

Introduced in: xorg-server-1.14.0
Fixed in: xorg-server-21.1.16 and xwayland-24.1.6
Fix: https://gitlab.freedesktop.org/xorg/xserver/-/commit/bba9df1a
Found by: Jan-Niklas Sohn working with Trend Micro Zero Day Initiative

The function GetBarrierDevice() searches for the pointer device based on
its device id and returns the matching value, or supposedly NULL if no
match was found.

However the code will return the last element of the list if no matching
device id was found which can lead to out of bounds memory access.

6) CVE-2025-26599: Use of uninitialized pointer in compRedirectWindow()

Introduced in: Xorg 6.8.0.
Fixed in: xorg-server-21.1.16 and xwayland-24.1.6
Fix: https://gitlab.freedesktop.org/xorg/xserver/-/commit/c1ff84be
      https://gitlab.freedesktop.org/xorg/xserver/-/commit/b07192a8
Found by: Jan-Niklas Sohn working with Trend Micro Zero Day Initiative

The function compCheckRedirect() may fail if it cannot allocate the backing
pixmap. In that case, compRedirectWindow() will return a BadAlloc error
without the validation of the window tree marked just before, which leaves
the validate data partly initialized, and the use of an uninitialized pointer
later.

7) CVE-2025-26600: Use-after-free in PlayReleasedEvents()

Introduced in: X11R5
Fixed in: xorg-server-21.1.16 and xwayland-24.1.6
Fix: https://gitlab.freedesktop.org/xorg/xserver/-/commit/6e0f332b
Found by: Jan-Niklas Sohn working with Trend Micro Zero Day Initiative

When a device is removed while still frozen, the events queued for that
device remain while the device itself is freed and replaying the events
will cause a use after free.

8) CVE-2025-26601: Use-after-free in SyncInitTrigger()

Introduced in: X11R6
Fixed in: xorg-server-21.1.16 and xwayland-24.1.6
Fix: https://gitlab.freedesktop.org/xorg/xserver/-/commit/16a1242d
      https://gitlab.freedesktop.org/xorg/xserver/-/commit/f52cea2f
      https://gitlab.freedesktop.org/xorg/xserver/-/commit/8cbc90c8
      https://gitlab.freedesktop.org/xorg/xserver/-/commit/c2857989
Found by: Jan-Niklas Sohn working with Trend Micro Zero Day Initiative

When changing an alarm, the values of the change mask are evaluated one
after the other, changing the trigger values as requested and eventually,
SyncInitTrigger() is called.
If one of the changes triggers an error, the function will return early,
not adding the new sync object.
This can be used to cause a use after free when the alarm eventually
triggers.

https://lists.x.org/archives/xorg-announce/2025-February/003584.html

Drop now removed xwayland_eglstream option:
https://gitlab.freedesktop.org/xorg/xserver/-/commit/701284f057b41bba0b0cc4b3f851958af95ac978

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-28 19:39:45 +01:00
Peter Korsgaard 65be2c6ac0 package/xserver_xorg-server: security bump to version 21.1.16
21.1.14 fixes the following security issues:

1) CVE-2024-9632: Heap-based buffer overflow privilege escalation in
_XkbSetCompatMap

Introduced in: xorg-server-1.1.1 (2006)
Fixed in: xorg-server-21.1.14 and xwayland-24.1.4
Fix:
https://gitlab.freedesktop.org/xorg/xserver/-/commit/85b776571487f52e756f68a069c768757369bfe3
Found by: Jan-Niklas Sohn working with Trend Micro Zero Day Initiative

The _XkbSetCompatMap() function attempts to resize the `sym_interpret`
buffer.

However, It didn't update its size properly. It updated `num_si` only,
without updating `size_si`.

This may lead to local privilege escalation if the server is run as root
or remote code execution (e.g. x11 over ssh).

xorg-server-21.1.14 and xwayland-24.1.4 have been patched to fix this issue.

https://lists.x.org/archives/xorg-announce/2024-October/003545.html
https://lists.x.org/archives/xorg-announce/2024-October/003546.html

21.1.16 fixes the following security issues:

1) CVE-2025-26594: Use-after-free of the root cursor

Introduced in: Unknown - Prior to X11R6.6 Xorg baseline
Fixed in: xorg-server-21.1.16 and xwayland-24.1.6
Fix: https://gitlab.freedesktop.org/xorg/xserver/-/commit/01642f26
      https://gitlab.freedesktop.org/xorg/xserver/-/commit/b0a09ba6
Found by: Jan-Niklas Sohn working with Trend Micro Zero Day Initiative

The root cursor is referenced in the xserver as a global variable. If
a client manages to free the root cursor, the internal reference points
to freed memory and causes a use-after-free.

xorg-server-21.1.16 and xwayland-24.1.6 have been patched to fix this issue.

2) CVE-2025-26595: Buffer overflow in XkbVModMaskText()

Introduced in: Prior to X11R6.1
Fixed in: xorg-server-21.1.16 and xwayland-24.1.6
Fix: https://gitlab.freedesktop.org/xorg/xserver/-/commit/11fcda87
Found by: Jan-Niklas Sohn working with Trend Micro Zero Day Initiative

The code in XkbVModMaskText() allocates a fixed sized buffer on the
stack and copies the names of the virtual modifiers to that buffer.

The code however fails to check the bounds of the buffer correctly and
would copy the data regardless of the size, which may lead to a buffer
overflow.

xorg-server-21.1.16 and xwayland-24.1.6 have been patched to fix this issue.

3) CVE-2025-26596: Heap overflow in XkbWriteKeySyms()

Introduced in: initial version of xc/programs/Xserver/xkb/xkb.c in X11R6
Fixed in: xorg-server-21.1.16 and xwayland-24.1.6
Fix: https://gitlab.freedesktop.org/xorg/xserver/-/commit/80d69f01
Found by: Jan-Niklas Sohn working with Trend Micro Zero Day Initiative

The computation of the length in XkbSizeKeySyms() differs from what is
actually written in XkbWriteKeySyms(), which may lead to a heap based
buffer overflow.

xorg-server-21.1.16 and xwayland-24.1.6 have been patched to fix this issue.

4) CVE-2025-26597: Buffer overflow in XkbChangeTypesOfKey()

Introduced in: X11R6.1
Fixed in: xorg-server-21.1.16 and xwayland-24.1.6
Fix: https://gitlab.freedesktop.org/xorg/xserver/-/commit/0e4ed949
Found by: Jan-Niklas Sohn working with Trend Micro Zero Day Initiative

If XkbChangeTypesOfKey() is called with 0 group, it will resize the key
symbols table to 0 but leave the key actions unchanged.

If later, the same function is called with a non-zero value of groups,
this will cause a buffer overflow because the key actions are of the wrong
size.

5) CVE-2025-26598: Out-of-bounds write in CreatePointerBarrierClient()

Introduced in: xorg-server-1.14.0
Fixed in: xorg-server-21.1.16 and xwayland-24.1.6
Fix: https://gitlab.freedesktop.org/xorg/xserver/-/commit/bba9df1a
Found by: Jan-Niklas Sohn working with Trend Micro Zero Day Initiative

The function GetBarrierDevice() searches for the pointer device based on
its device id and returns the matching value, or supposedly NULL if no
match was found.

However the code will return the last element of the list if no matching
device id was found which can lead to out of bounds memory access.

6) CVE-2025-26599: Use of uninitialized pointer in compRedirectWindow()

Introduced in: Xorg 6.8.0.
Fixed in: xorg-server-21.1.16 and xwayland-24.1.6
Fix: https://gitlab.freedesktop.org/xorg/xserver/-/commit/c1ff84be
      https://gitlab.freedesktop.org/xorg/xserver/-/commit/b07192a8
Found by: Jan-Niklas Sohn working with Trend Micro Zero Day Initiative

The function compCheckRedirect() may fail if it cannot allocate the backing
pixmap. In that case, compRedirectWindow() will return a BadAlloc error
without the validation of the window tree marked just before, which leaves
the validate data partly initialized, and the use of an uninitialized pointer
later.

7) CVE-2025-26600: Use-after-free in PlayReleasedEvents()

Introduced in: X11R5
Fixed in: xorg-server-21.1.16 and xwayland-24.1.6
Fix: https://gitlab.freedesktop.org/xorg/xserver/-/commit/6e0f332b
Found by: Jan-Niklas Sohn working with Trend Micro Zero Day Initiative

When a device is removed while still frozen, the events queued for that
device remain while the device itself is freed and replaying the events
will cause a use after free.

8) CVE-2025-26601: Use-after-free in SyncInitTrigger()

Introduced in: X11R6
Fixed in: xorg-server-21.1.16 and xwayland-24.1.6
Fix: https://gitlab.freedesktop.org/xorg/xserver/-/commit/16a1242d
      https://gitlab.freedesktop.org/xorg/xserver/-/commit/f52cea2f
      https://gitlab.freedesktop.org/xorg/xserver/-/commit/8cbc90c8
      https://gitlab.freedesktop.org/xorg/xserver/-/commit/c2857989
Found by: Jan-Niklas Sohn working with Trend Micro Zero Day Initiative

When changing an alarm, the values of the change mask are evaluated one
after the other, changing the trigger values as requested and eventually,
SyncInitTrigger() is called.
If one of the changes triggers an error, the function will return early,
not adding the new sync object.
This can be used to cause a use after free when the alarm eventually
triggers.

https://lists.x.org/archives/xorg-announce/2025-February/003584.html
https://lists.x.org/archives/xorg-announce/2025-February/003585.html

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-28 19:39:45 +01:00
Yegor Yefremov f8bc271115 package/ncftp: bump to version 3.2.9
Remove upstreamed patches.

Autoreconf is broken. Hence, use the configure script directly.

Fixes:
https://autobuild.buildroot.org/results/60c3dbe02af354ff9820258ffd00eec088114d69/

Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-26 20:58:31 +01:00
Bernd Kuhls 01ef4c4410 package/kodi-pvr-waipu: bump version to 21.10.0-Omega
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-25 23:14:09 +01:00
Bernd Kuhls 7d987b72c5 package/tvheadend: bump version
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-25 23:02:14 +01:00
Thomas Devoogdt 84ab3e3d6e package/wayland-protocols: bump to 1.42
Announce:
 - https://lists.freedesktop.org/archives/wayland-devel/2025-January/043966.html
 - https://lists.freedesktop.org/archives/wayland-devel/2025-February/043980.html
 - https://lists.freedesktop.org/archives/wayland-devel/2025-March/044027.html

Signed-off-by: Thomas Devoogdt <thomas@devoogdt.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-25 22:46:41 +01:00
Julien Olivain 356c70677c support/testing: test_gstreamer1: fix test by using bootlin toolchain
Since Buildroot commit [1], the test_gstreamer1 runtime test is
failing to build the tesseract-ocr package. The root cause is that
the test uses the default arm external toolchain, which is the Linaro
ARM 2018.05 based on gcc 7.3.1.

Since [1], tesseract-orc no longer compiles with gcc 7 (it requires at
least gcc 8).

This commit fixes the issue by switching the toolchain to the
bootlin versions (based on gcc 14 at the time of this commit).

Also, changing the compiler version slightly slowed down the video
encoding. This commit also increases the encoding command timeout.

Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/9407846232

[1] https://gitlab.com/buildroot.org/buildroot/-/commit/f32da8b9844ae5f1b9dc6b7a89d7d9bd9d194f55

Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
2025-03-25 21:39:51 +01:00
Julien Olivain 22ffdea9e6 package/tesseract-ocr: needs gcc >= 8
Since Buildroot commit [1] tesseract-ocr fails to build with gcc 7,
with error:

    src/api/baseapi.cpp:67:10: fatal error: filesystem: No such file or directory
     #include <filesystem> // for std::filesystem
              ^~~~~~~~~~~~

In Buildroot, tesseract-ocr has a C++17 requirement captured as
gcc >= 7. Gcc 7 has only a partial and experimental C++17 support,
which was sufficient, prior [1].

The tesseract-ocr upstream commit [2] introduced a usage of
std::filesystem. This commit is included in version 5.5.0,
bumped in [1].

The C++17 with std::filesystem support was introduced in gcc 8.1.
See [3].

This commit fixes the issue by raising the gcc version requirement to
8.x.

Fixes: f32da8b984

[1] https://gitlab.com/buildroot.org/buildroot/-/commit/f32da8b9844ae5f1b9dc6b7a89d7d9bd9d194f55
[2] https://github.com/tesseract-ocr/tesseract/commit/4e42f9de541f21acb010886925afe42094a15dfe
[3] https://gcc.gnu.org/gcc-8/changes.html#libstdcxx

Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
2025-03-25 21:34:57 +01:00
Bagas Sanjaya 440e99e579 package/git: bump to version 2.49.0
Bump the package version to v2.49.0.

Release notes:
https://lore.kernel.org/git/xmqqfrjfilc8.fsf@gitster.g/

Signed-off-by: Bagas Sanjaya <bagasdotme@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-25 19:35:17 +01:00
Julien Olivain 24efb23a10 support/testing: add git runtime test
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-25 19:34:58 +01:00
Scott Fan 6abdf5591f package/timescaledb: bump version to 2.19.0
Release notes: https://github.com/timescale/timescaledb/blob/2.19.0/CHANGELOG.md

Signed-off-by: Scott Fan <fancp2007@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-25 19:29:52 +01:00
Francois Dugast 2ac8b4f2f2 package/linux-firmware: add option for Intel Xe firmware
Add an option to install the firmware files used by the xe driver.

Signed-off-by: Francois Dugast <francois.dugast@intel.com>
[Julien: add LICENSE.xe license hash]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-25 19:27:00 +01:00
Waldemar Brodkorb 64b7774fc5 package/ruby: update to 3.4.2
See here for a changelog:
https://github.com/ruby/ruby/releases/tag/v3_4_2

This commit also update the LEGAL license hash:
https://github.com/ruby/ruby/commit/8a86e52fb5fc49367e79f8f49fb451ab74e089bb

Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
[Julien: fix LEGAL license hash]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-25 19:23:48 +01:00
Peter Korsgaard b4d259727e docs/website: Update for 2024.02.12
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-03-25 09:46:44 +01:00
Peter Korsgaard 38a3ddda93 Update for 2024.02.12
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit aeeeefb855)
[Peter: drop Makefile/Vagrantfile changes]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-03-25 09:43:41 +01:00
Peter Korsgaard d3df91fca0 docs/website: Update for 2024.11.3
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-03-25 09:42:09 +01:00
Peter Korsgaard b51b32ae4e Update for 2024.11.3
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 8fdf9ed8d2)
[Peter: drop Makefile/Vagrantfile changes]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-03-25 09:40:27 +01:00
Alex Bennée bfb490799e support/testing: make time setting portable
The busybox date applet accepts the following:

  date @1234567

but this confuses the coreutils version which doesn't implicitly set
time. As some tests might need coreutils binaries we should ensure the
emulator login will work with both. Fix this by passing the -s (set)
option to the command.

Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-24 22:35:13 +01:00
Bernd Kuhls 4576a8d096 package/intel-mediadriver: bump version to 25.1.4
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-24 22:23:56 +01:00
Bernd Kuhls ca417cea33 package/intel-vpl-gpu-rt: bump version to 25.1.4
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-24 22:17:28 +01:00
Bernd Kuhls 209204becf package/intel-gmmlib: bump version to 22.7.1
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-24 22:09:26 +01:00
Arnout Vandecappelle b111e07fd5 docs/website: add current LTS sponsors
Add the LTS sponsors who engaged already for 2025: EVS, Open Home
Foundation, and Sense Labs. There is one more sponsor but they prefer to
remain anonymous.

For Open Home Foundation, we can reuse the existing logo. For the other
two, add their logo.

Add a new class panel-lts-sponsor for sizing the panels. It is different
from panel-sponsor because there doesn't need to be space for an
explanation of what type of sponsorship is done, we just need to have
space for the company name. So the minimum height is 200px instead of
350px.

Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-24 21:39:17 +01:00
Arnout Vandecappelle e287bc7f44 docs/website/images/openhomefoundation-logo.png: crop for better layout
The Open Home Foundation logo is in a white area that is too large for
how we display it on the sponsors page. As a result, it ends up at the
bottom of the logo area and it looks very unbalanced.

Crop the logo to a tigher area. Since it is going to end up being
scaled, it's difficult to predict what the best size it is, but cropping
at a height of 300 pixels gives a visually pleasing layout at at least
some resolutions.

Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-24 21:39:06 +01:00
Maxim Kochetkov 76c588ed56 package/libgeos: bump version to 3.13.1
Changelog: https://github.com/libgeos/geos/releases/tag/3.13.1

Signed-off-by: Maxim Kochetkov <fido_max@inbox.ru>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-24 21:31:30 +01:00
Maxim Kochetkov 0ee207a21f package/libosmium: bump version to 2.22.0
Release-notes: https://github.com/osmcode/libosmium/releases/tag/v2.22.0

Signed-off-by: Maxim Kochetkov <fido_max@inbox.ru>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-24 21:25:04 +01:00
Bernd Kuhls 7491f5fabc {linux, linux-headers}: bump 6.{6, 12, 13}.x series
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-24 21:18:50 +01:00
Bernd Kuhls 3b4048c132 package/ccache: bump version to 4.11.2
For release note, see:
https://ccache.dev/releasenotes.html#_ccache_4_11_2

Updated license hash due to copyright year and version bumps:
https://github.com/ccache/ccache/commits/v4.11.2/LICENSE.adoc

Follow upstream rename of Config.cpp to config.cpp:
https://github.com/ccache/ccache/commit/d805b66b0f1ffdfc7035537fbca677d7463d2782

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
[Julien: add link to release note]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-24 21:08:34 +01:00
Bernd Kuhls 4087461203 package/tinyxml2: security bump version to 11.0.0
Release notes:
https://github.com/leethomason/tinyxml2/releases/tag/10.1.0
https://github.com/leethomason/tinyxml2/releases/tag/11.0.0

Fixes CVE-2024-50615: https://github.com/advisories/GHSA-884x-p7qm-gq3f

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-24 21:03:10 +01:00
Bernd Kuhls ee5ab880ec package/ytree: bump version to 2.10
Changelog: https://www.han.de/~werner/ytree.html

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-24 21:00:42 +01:00
Bernd Kuhls 9494da280d package/mc: bump version to 4.8.33
Changelog: https://github.com/MidnightCommander/mc/blob/master/doc/NEWS

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-24 20:52:58 +01:00
James Hilliard 96ed66f75c package/python-proto-plus: bump to version 1.26.0
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-23 11:15:09 +01:00
Marcus Hoffmann 6ca1ee306a package/python-tzlocal: new package
Signed-off-by: Marcus Hoffmann <buildroot@bubu1.eu>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-22 16:25:02 +01:00
Fiona Klute (WIWA) cf4f2f858d package/mesa3d-demos: fix build failure on musl
Patch has been on upstream main for close to 2 years.

The "uint" use was introduced with [1] and [2], released with
mesa3d-demos 9.0.0 from March 2023, and added to Buildroot with commit
80304d9911 "package/mesa3d-demos: bump version to 9.0.0". The affected
code is built only if Wayland and Vulkan support are enabled, that is:

BR2_PACKAGE_LIBDECOR=y
BR2_PACKAGE_VULKAN_LOADER=y
BR2_PACKAGE_WAYLAND=y

[1] https://gitlab.freedesktop.org/mesa/demos/-/commit/813ebef7671f0e54d1b55be9e15ae5586b2b9eb1
[2] https://gitlab.freedesktop.org/mesa/demos/-/commit/5aaa7faeb4de9497535738830e6ebb8f10071877

Signed-off-by: Fiona Klute (WIWA) <fiona.klute@gmx.de>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-22 13:51:40 +01:00
Fiona Klute (WIWA) 7a55e82cb8 package/mesa3d-demos: depend on vulkan-loader if enabled
Vulkan support in mesa3d-demos requires vulkan-loader. Without an
explicit config flag it is autodetected, and may or may not be enabled
depending on build order, leading to unpredictable results.

Fix this by explicitly enabling Vulkan support and depending on
vulkan-loader if BR2_PACKAGE_VULKAN_LOADER=y, and disabling Vulkan
support otherwise.

Signed-off-by: Fiona Klute (WIWA) <fiona.klute@gmx.de>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-22 13:51:35 +01:00
Joachim Wiberg e59cb9e956 package/lowdown: new package
Signed-off-by: Joachim Wiberg <troglobit@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-22 12:34:21 +01:00
Bernd Kuhls 486672da02 package/python-emailproxy: new package
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
[Julien: fix Config.in order found by "make check-package"]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-21 22:13:01 +01:00
Bernd Kuhls f9a02e7b80 package/tor: bump version to 0.4.8.15
Release notes:
https://gitlab.torproject.org/tpo/core/tor/-/raw/release-0.4.8/ReleaseNotes
https://forum.torproject.org/t/stable-release-0-4-8-15/17998

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-21 22:04:08 +01:00
Bernd Kuhls cd8a9eba01 package/kodi-pvr-waipu: bump version to 21.9.2-Omega
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-21 21:25:38 +01:00
Flávio Tapajós 12bdfa42e9 package/python-sqlalchemy: bump to version 2.0.39
For change log, see:
https://docs.sqlalchemy.org/en/20/changelog/changelog_20.html#change-2.0.39

Signed-off-by: Flávio Tapajós <flavio.tapajos@newtesc.com.br>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-21 21:14:27 +01:00
Flávio Tapajós 8bf3bd9fdc package/rsyslog: bump version to 8.2502.0
Signed-off-by: Flávio Tapajós <flavio.tapajos@newtesc.com.br>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-21 21:09:44 +01:00
Bernd Kuhls 3dc5f39ac9 package/nut: fix build with python 3.13
Buildroot bumped Python from 3.12.x to version 3.13.x with commit
d63e207eb8

This python bump removed telnetlib which is needed by nut.
Add upstream patches to fix a build error not yet caught by autobuilders.

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
[Julien: fix patch Upstream: tags generating check-package errors]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-21 20:58:53 +01:00
James Hilliard f0693546ab package/python-setuptools: bump to version 76.0.0
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-20 23:02:42 +01:00
James Hilliard 5c96fb3a12 package/python-setuptools-rust: bump to version 1.11.0
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-20 23:02:42 +01:00
James Hilliard 5c3df37dbd package/python-tortoise-orm: bump to version 0.24.2
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-20 23:02:42 +01:00
James Hilliard 76f9e5dede package/python-maturin: bump to version 1.8.3
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
[Julien: rebase patch after merge of next branch]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-20 23:02:42 +01:00
James Hilliard c5659cebb7 package/python-flit-core: bump to version 3.11.0
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-20 23:02:42 +01:00
James Hilliard 03cda9370f package/python-aiohttp: bump to version 3.11.14
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
[Julien: rebase patch after merge of next branch]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-20 23:01:55 +01:00
James Hilliard 4e08ab7acd package/python-aiohttp-cors: bump to version 0.8.0
License hash changed due to formatting changes:
https://github.com/aio-libs/aiohttp-cors/commit/c4a4ead0df64eaa266ba36660a8a841370bf07cd

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-20 22:58:24 +01:00
James Hilliard f64eeb8854 package/python-aiohappyeyeballs: bump to version 2.6.1
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-20 22:58:24 +01:00
James Hilliard 5d35180b8a package/python-aerich: bump to version 0.8.2
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-20 22:58:24 +01:00
James Hilliard 6f02f7b292 package/python-simple-pid: new package
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-20 22:58:23 +01:00
Niklas Cassel 3a03cb2ad6 package/linux-tools: selftests: Add path containing BPF binary to _BIN_ARCH_EXCLUDE
Enabling BR2_PACKAGE_LINUX_TOOLS_SELFTESTS (on rock5b_defconfig,
which uses kernel 6.12 at the time of writing), results in:

make[1]: Leaving directory '/br/output/build/linux-endpoint-test/tools/testing/selftests'
ERROR: architecture for "/usr/lib/kselftests/tc-testing/action-ebpf" is "Linux BPF", should be "AArch64"
make: *** [package/pkg-generic.mk:402: /br/output/build/linux-tools/.stamp_installed] Error 1

To solve this, add /usr/lib/kselftests/tc-testing/ to
LINUX_TOOLS_BIN_ARCH_EXCLUDE.

Signed-off-by: Niklas Cassel <cassel@kernel.org>
Acked-by: Florian Fainelli <f.fainelli@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-20 22:44:36 +01:00
Niklas Cassel 4d7292675a package/linux-tools: perf: Fix _BIN_ARCH_EXCLUDE
support/scripts/check-bin-arch has an option -i to exclude a path
(or many paths by using -i multiple times).

This was implemented in commit 01d90f0d09 ("spport/check-bin-arch:
accept arbitrary per-package ignore paths").

Looking at this feature (which hasn't changed since being added),
we can see that check-bin-arch automatically adds a trailing slash
to all entries specified using -i.

Thus, specifying a path to a file, e.g.
"/usr/libexec/perf-core/tests/pe-file.exe" will cause check-bin-arch
to add "/usr/libexec/perf-core/tests/pe-file.exe/" to the IGNORES array.

When running the main loop, the file
"/usr/libexec/perf-core/tests/pe-file.exe" will thus not be ignored,
since it will not trigger a match the pattern that was added to the
IGNORES array ("/usr/libexec/perf-core/tests/pe-file.exe/").

This means that the -i option in check-bin-arch only supports directories
and not files.

Fix the LINUX_TOOLS_BIN_ARCH_EXCLUDE in
package/linux-tools/linux-tool-perf.mk.in to specify a directory, as the
existing LINUX_TOOLS_BIN_ARCH_EXCLUDE can never have actually worked.

Fixes: a7ad781626 ("package/linux-tools: Exclude checking PE binaries from perf test")
Signed-off-by: Niklas Cassel <cassel@kernel.org>
Acked-by: Florian Fainelli <f.fainelli@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-20 22:44:32 +01:00
Vincent Stehlé 572197f6d9 configs/rockpro64_ebbr: new defconfig
Add a defconfig to build an AArch64 disk image with a U-Boot based
firmware implementing the subset of UEFI defined by EBBR[1], as well as
a Linux OS booting with UEFI, to run on the ROCKPro64 from Pine64.

The generated firmware binary can also be used to install or run another
OS supporting the EBBR specification.

[1] https://github.com/ARM-software/ebbr

Signed-off-by: Vincent Stehlé <vincent.stehle@arm.com>
Cc: Giulio Benetti <giulio.benetti@benettiengineering.com>
Cc: Jagan Teki <jagan@amarulasolutions.com>
Cc: Suniel Mahesh <sunil@amarulasolutions.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-19 23:45:45 +01:00
Julien Olivain c9958ed8fb package/mpd: fix Config.in symbol typo
Commit [1] introduced a typo in the Config.in symbol
BR2_HOST_GCC_AT_LEAST_10. This generates check-symbol failures
such as [2].

This commit fixes the issue by fixing the typo.

[1] https://gitlab.com/buildroot.org/buildroot/-/commit/25af5a3b3aa3480ee10158e55c280d675430442a
[2] https://gitlab.com/buildroot.org/buildroot/-/jobs/9464458162

Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-19 23:44:10 +01:00
Bernd Kuhls f786d9d3b8 package/intel-vpl-gpu-rt: bump version to 25.1.3
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-19 21:25:52 +01:00
Bernd Kuhls e9fc78d9fa package/intel-mediadriver: bump version to 25.1.3
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-19 21:25:49 +01:00
Bernd Kuhls 693d850fe8 package/intel-gmmlib: bump version to 22.7.0
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-19 21:25:45 +01:00
Luca Ceresoli 06dc0cc353 boot: move package options to a submenu
Change all Kconfig entries for packages in the "Bootloaders" menu to
submenus.

Currently many bootloaders and firmwares in this menu use a 'config'
keyword and thus menuconfig presents their sub-options as a flat list in
the same menu. This is not very convenient as some have a lot of
sub-options, and in (more and more common) configurations with multiple
such packages enabled the menuconfig screen becomes very crowded. Moreover
options of 'string' type don't have a visible indentation when their value
exceeds a few characters, thus making it visually hard to grasp which
package the various options belong to.

Non-bootloader packages having suboptions usually use a 'menuconfig'
keywork to have sub-options in a submenu. Do the same for packages in the
"Bootloaders" menu which have more than one sub-option.

Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Reviewed-by: Neal Frager <neal.frager@amd.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-19 21:16:00 +01:00
Luca Ceresoli 088808ccc7 boot/xilinx-embeddedsw: fix menuconfig visualization
Due to how menuconfig works, a 'comment' entry following a 'config' entry
prevents correct indentation of items depending on the 'config'
entry. xilinx-embeddedsw currently shows as:

  [*] xilinx-embeddedsw
      *** xilinx-embeddedsw needs a bare metal toolchain for tuple microblazeel-xilinx-elf ***
  (xilinx_v2024.2) xilinx-embeddedsw version (NEW)
  [ ] versal plm (NEW)
  [ ] versal psmfw (NEW)
  [ ] zynqmp pmufw (NEW)
  [ ] xilinx-prebuilt

So the 'versal *' and 'zynqmp pmufw' items are not indented even though
they should be.

Do like most other Config.in files which have the 'comment' before the
'config' entry, makeing it render as expected:

      *** xilinx-embeddedsw needs a bare metal toolchain for tuple microblazeel-xilinx-elf ***
  [*] xilinx-embeddedsw
  (xilinx_v2024.2) xilinx-embeddedsw version (NEW)
  [ ]   versal plm (NEW)
  [ ]   versal psmfw (NEW)
  [ ]   zynqmp pmufw (NEW)
  [ ] xilinx-prebuilt

Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Reviewed-by: Neal Frager <neal.frager@amd.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-19 21:15:56 +01:00
Andreas Ziegler 25af5a3b3a package/mpd: update version to 0.24
Require C++20, drop dependency on boost, require new minimum versions for
tools and libraries:

package        mpd-0.24 buildroot
  gcc          12       12.4.0
  meson         1.0      1.7.0
  alsa-lib      1.1      1.2.13
  ffmpeg        4.0      6.1.2
  libfmt        9       11.0.2
  libmpdclient  2.15     2.22
  libnfs        4.0      5.0.3
  libsoxr       0.1.2    0.1.3

The GenParseName tool compiled and run on the build machine now needs
host-gcc 10, because the parsed structure uses constexpr (P1143R2). [1][2]

Due to the introduction of openat2 system calls (available since Linux
kernel 5.6), MPD now has a minimum kernel header requirement. [3][4]

Release note: https://musicpd.org/news/2025/03/mpd-0-24-released/
Change log: https://raw.githubusercontent.com/MusicPlayerDaemon/MPD/v0.24/NEWS

$ utils/check-package package/mpd/*
919 lines processed
0 warnings generated

$ gcc --version
gcc (Ubuntu 10.5.0-4ubuntu2) 10.5.0

$ mkdir ~/output
$ echo "BR2_PACKAGE_MPD=y" > ~/output/mpd.config
$ utils/test-pkg -a -c ~/output/mpd.config -d ~/output -p mpd
                             arm-aarch64 [ 1/40]: SKIPPED
                   bootlin-aarch64-glibc [ 2/40]: SKIPPED
               bootlin-arcle-hs38-uclibc [ 3/40]: SKIPPED
                    bootlin-armv5-uclibc [ 4/40]: SKIPPED
                     bootlin-armv7-glibc [ 5/40]: OK
                   bootlin-armv7m-uclibc [ 6/40]: SKIPPED
                      bootlin-armv7-musl [ 7/40]: SKIPPED
                bootlin-m68k-5208-uclibc [ 8/40]: SKIPPED
               bootlin-m68k-68040-uclibc [ 9/40]: SKIPPED
             bootlin-microblazeel-uclibc [10/40]: SKIPPED
                bootlin-mipsel32r6-glibc [11/40]: SKIPPED
                   bootlin-mipsel-uclibc [12/40]: SKIPPED
                 bootlin-openrisc-uclibc [13/40]: SKIPPED
        bootlin-powerpc64le-power8-glibc [14/40]: SKIPPED
           bootlin-powerpc-e500mc-uclibc [15/40]: SKIPPED
                   bootlin-riscv32-glibc [16/40]: OK
                   bootlin-riscv64-glibc [17/40]: OK
                    bootlin-riscv64-musl [18/40]: SKIPPED
                 bootlin-s390x-z13-glibc [19/40]: OK
                      bootlin-sh4-uclibc [20/40]: SKIPPED
                   bootlin-sparc64-glibc [21/40]: SKIPPED
                    bootlin-sparc-uclibc [22/40]: SKIPPED
                    bootlin-x86-64-glibc [23/40]: OK
                     bootlin-x86-64-musl [24/40]: SKIPPED
                   bootlin-x86-64-uclibc [25/40]: SKIPPED
                   bootlin-x86-i686-musl [26/40]: SKIPPED
                   bootlin-xtensa-uclibc [27/40]: SKIPPED
                            br-arm-basic [28/40]: SKIPPED
                    br-arm-full-nothread [29/40]: SKIPPED
                      br-arm-full-static [30/40]: SKIPPED
                   br-i386-pentium4-full [31/40]: SKIPPED
                      br-mips64-n64-full [32/40]: SKIPPED
                 br-mips64r6-el-hf-glibc [33/40]: SKIPPED
               br-powerpc-603e-basic-cpp [34/40]: SKIPPED
               br-powerpc64-power7-glibc [35/40]: SKIPPED
                       linaro-aarch64-be [36/40]: SKIPPED
                          linaro-aarch64 [37/40]: SKIPPED
                              linaro-arm [38/40]: SKIPPED
                         sourcery-mips64 [39/40]: SKIPPED
                           sourcery-mips [40/40]: SKIPPED
40 builds, 35 skipped, 0 build failed, 0 legal-info failed, 0 show-info failed

[1] https://github.com/MusicPlayerDaemon/MPD/blob/master/src/tag/Names.cxx#L9
[2] https://gcc.gnu.org/projects/cxx-status.html#cxx20
[3] https://github.com/MusicPlayerDaemon/MPD/commit/dda85e0
[4] https://man7.org/linux/man-pages/man2/openat2.2.html

Signed-off-by: Andreas Ziegler <br015@umbiko.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-19 20:53:21 +01:00
Sébastien Szymanski d65c10c20a support/kconfig: handle backspace (^H) key
This is in the mainline kernel since v5.1-rc3:
9c38f1f04408 ("kconfig/[mn]conf: handle backspace (^H) key")

Quoting the commit's log:

"
Backspace is not working on some terminal emulators which do not send the
key code defined by terminfo. Terminals either send '^H' (8) or '^?' (127).
But currently only '^?' is handled. Let's also handle '^H' for those
terminals.
"

Signed-off-by: Sébastien Szymanski <sebastien.szymanski@armadeus.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-19 20:46:36 +01:00
Vincent Fazio d63e207eb8 package/python3: bump to 3.13.2
Update CPython to 3.13.2.

The package selection logic has changed to require time64 support for
uClibc by mirroring the logic from uclibc.mk (kernel headers >=5.1).

The following patches have been removed:
  - Quirking ac_cv_buggy_getaddrinfo on cross compile
  * This is resolved by always assuming it's not bugged via
    ac_cv_buggy_getaddrinfo=no

  - Disabling lib2to3 in builds
  * CPython 3.13 no longer ships lib2to3

  - Fix cross compiles when host and target are on the same SOABI
  * This was fixed upstream [0]

  - Fixing the MULTIARCH value for musl/uClibc
  * CPython 3.13 moved to new platform triplet detection logic [1] which
    supports musl. uClibc does not generate a platform triplet so will
    not fail the check against MULTIARCH. See also [2].

One patch has been added that fixes thread identifiers on 32bit musl.

This commit also updates the license hash, after year change. See [3].

[0]: https://github.com/python/cpython/commit/909d5ac2959ea88e1d3b38f35676a1c7e5dd44f6
[1]: https://github.com/python/cpython/commit/c163d7f0b67a568e9b64eeb9c1cbbaa127818596
[2]: https://github.com/python/cpython/issues/118942
[3]: https://github.com/python/cpython/commit/c86571e4c9765a88ba05a7d9b874b40af0e1d6ab

Signed-off-by: Vincent Fazio <vfazio@gmail.com>
[Julien: fix license hash]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-19 00:07:17 +01:00
Marcus Hoffmann ba8bce8a11 package/zlib-ng: bump to 2.2.4
Remove patch that is included upstream now.
License hash changed due to copyright year update [1].

Release Notes: https://github.com/zlib-ng/zlib-ng/releases

[1] https://github.com/zlib-ng/zlib-ng/commit/fc634263722f39bfcf52437b783db32ff53f2b36

Signed-off-by: Marcus Hoffmann <buildroot@bubu1.eu>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-18 21:55:39 +01:00
Andreas Klinger 2248c732c6 package/ply: bump version to 2.4.0
Bump to new available version.

For change log, see:
https://github.com/wkz/ply/releases/tag/2.4.0

Signed-off-by: Andreas Klinger <ak@it-klinger.de>
[Julien: replaced the change log url]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-18 21:53:24 +01:00
Bernd Kuhls b8dfcb4f04 {linux, linux-headers}: bump 6.13.x series
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-18 21:40:57 +01:00
Colin Evrard 29cf86b8d0 package/libmodsecurity: security bump to 3.0.14
The project has been updated, including
security fixes to issues present in version 3.0.13.

- Fixes:
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27110

- For a full changelog, visit:
  https://github.com/owasp-modsecurity/ModSecurity/blob/v3.0.14/CHANGES

Signed-off-by: Colin Evrard <colin.evrard@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-18 21:34:15 +01:00
Peter Korsgaard 781987d67e Merge branch 'next' 2025-03-18 15:41:43 +01:00
Peter Korsgaard 55cfcf52e1 Kickoff 2025.05 cycle
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-03-18 15:38:53 +01:00
Peter Korsgaard d55efe967e docs/website/news.html: add 2025.02 announcement link
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-03-18 15:38:17 +01:00
Yann E. MORIN 3a2baca4b7 system/skeleton: move target of /etc/resolv.conf symlink
In commit ba70f94e62 (subversion makes it so we do not need a separate
tarball to store empty directories and symlinks for the target_skeleton.)
/etc/resolv.conf was made a symlink to ../tmp/resolv.conf. There was no
rationale behind this change, but back at the time (2006!), the only
location that Buildroot guaranteed to be writable was /tmp, and we
needed a writable location to create resolv.conf from a DHCP reply for
example, so the change made sense.

Commits 2f67d9e2fe (preparation for BR2_PACKAGE_BUSYBOX_SKELETON), in
2007, then d9119c0bc5 (move default skeleton to fs/ and drop busybox
skeleton), in 2010, and finally 6c3e3ad419 (New top-level directory:
system), in 2012, propagated that /etc/resolv.conf without any change in
the target of the symlink.

However, since commit d380dde1d2 (skeleton: make /run a proper
directory/filesystem), in 2015, a tmpfs has been mounted on /run, so it
is now guaranteed to be writable as well for SYS-V-based systems. That
has also been the case for openrc since commit a840e485d1
(package/skeleton-init-openrc: new package), in 2019. This has also
always been the case for systemd as well.

resolv.conf is not a temporary file [0]; it is really more of a runtime
data; its location in /tmp is just a historical artefact of a long-wrong
assertion.

Nowadays, distributions either have an actual file as /etc/resolv.conf
(when /etc is writable), or it is a symlink to a location below /run.

Although resolv.conf is used by the C library resolver, a lot of
applications now will directly use it; this is the case for some
container management tools, such as podman (and its helpers, like
netavark), that expect /etc/resolv.conf to either be a file or a symlink
to somewhere in /run, and fail to provide DNS services if that is not
the case.

So, we move the target of /etc/resolv.conf to ../run/resolv.conf.

As a consequence, we can drop the workaround in podman's runtime test.

To be noted: there are tow custom fstab files in Buildroot that do not
explicitly mount a tmpfs on /run:
  - one for a systemd runtime test, so /run would also be a tmpfs there
    anyway, as systemd does mount one;
  - one for the mender_x86_64_efi_defconfig; that's a not a problem:
    / is an ext4 that is mounted r/w (and /tmp is not a tmpfs either, so
    the symlink to /tmp would not not have worked if / was not r/w
    anyway).

This leaves people with their own fstab, to adapt. Cater to them by
adding a little blurb in the documentation.

Note: the following 43 tests all built and ran successfully:
    tests.init
    tests.package.test_apache
    tests.package.test_docker_compose
    tests.package.test_dropbear
    tests.package.test_iputils
    tests.package.test_podman
    tests.package.test_skopeo
    tests.package.test_wget

(no other runtime test were attempted)

[0] temporary, as in relatively short-lived.

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-15 22:23:59 +01:00
Yann E. MORIN 54f79d804f package/podman: add option to use passt as network backend
passt/pasta is the officially supported network backend, with slirp4netns
only considered a legacy solution. However, some people have experienced
corner cases when using passt/pasta (as it still is a young stack), so we
do not want to do a blanket replace of slirp4netns just yet. Still, we
make passt/pasta the default option.

As a consequence, the existing runtime tests will now test passt/pasta,
so we introduce two new tests for slirp4netns as a network backend.

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-15 22:23:23 +01:00
Yann E. MORIN d038cc47cd package/passt: new package
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-15 22:22:10 +01:00
Yann E. MORIN b36475315b package/aardvark-dns: new package
aardvark-dns is needed by netavark to provide cross-container DNS
resolving with Podman.

It is to be noted that netavark and aardvark-dns have to be updated in
lock-step [0].

Update the podman runtime test to validate this is working.

[0] https://github.com/containers/podman/blob/main/DISTRO_PACKAGE.md#networking-tools-netavark-aardvark-dns-passt

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-15 22:21:58 +01:00
Yann E. MORIN ebbaac08e3 package/podman: new package
Podman is a container manager not unlike Docker, but is daemon-less.

Similarly to docker-engine, quite a few kernel config options are
required; as they are very similar in goals and features, the options
from docker-engine have been duplicated for podman. As that was not
enough, a few additional options have been added after trial-and-error
testing (they are not explicitly listed in the documentation).

The documentation [0] states that seccomp can be disabled (i.e. not
enabled). However, without seccomp support, starting containers requires
--security-opt=seccomp=unconfined to be specified; it does not look
trivial to make that the default, though [1]. Furthermore, containers
are about security, so disabling a security measure does not sound too
good. So we make seccomp support mandatory.

Podman needs netavark as a the network backend (it missing is a hard
error at runtime). It is supposed to also require aardvark-dns, an
authoritative DNS resolver, but it missing does not look to adversely
affect networking, so it is not used (as not even packaged in Buildroot
yet).

Podman can run either as the root user, or it can run rootless, i.e. by
a non-root user, which requires a bit of setup (see below, in the
runtime test) and a few other dependencies: slirp4netns [2] (to provide
network connectivity in userland), and support for subordinate UIDs and
GIDs with the shadow library. Rootless mode is one of the main selling
point for podman, so we decided that this would not be configurable in
Buildroot.

Similar to Docker, podman can inject a minimalist init as PID1 in
containers, and like Docker, this is optional; podman however by default
uses catatonit as such an init [3]. As for Docker-engine, we offer a
choice of which init package to use to provide podman-init.

Podman requires at least three config files; they can be either per-user
or system-wide:
  - containers.conf [4]: defines various settings for the container
    runtimes;
  - policy.json [5]: defines what signature to accept to validate
    images; without one such file, podman just refuses to pull images;
  - registries.conf [6]: defines where to pull images from; without it,
    podman does not know how to pull un-qualified images (i.e. images
    where the registry is not specified in the path, and which Docker
    would fetch from the Docker Hub, e.g. "busybox:latest").

For those three files, we provide a very minimal default that (in the
same order as above):
  - uses the slirp4netns network backend for rootless operation (the
    default in podman is to use pasta [1], so we need to explicitly
    configure it to use slirp4netns);
  - allows pulling images which signature can't be verified;
  - pulls unqualified images from the Docker Hub, as is traditional.

Providing actual files is going to be use-case dependent, and interested
parties will have to provide their own config files, e.g. in a rootfs
overlay.

Finally, we add a runtime test for podman. Podman is a huge binary, and
may call other huge binaries (netavark...); this can be quite slow in
the emulated machine (even when running on a very fast host machine), so
we use a huge timeout for all commands involving podman, even those that
exit the containers, as that may need to tear down podman setup.

The default kernel used in runtime tests is missing a lot of features,
so we need to build our own; we use the same version as the bundled
kernel. We can't use cpio either, because we need a filesystem that can
be used as a lower and upper of overlayfs, which is not possible with
the filesystem the cpio is extracted into; ext2 fits the bill, so we use
that. We need a bit of space to store images and stuff, so let's be
generous and allocate 256M.

To test rootless operation, we need a non-root user that has some
special setup [7]; it is easier to run the commands from the infra
rather than carry a user-definition table and a rootfs overlay. We need
that user to have the same prompts (main and continuation) so that the
REPLWrapper still detects those; it has the unfortunate side effect that
it is not immediately obvious whether a command was run as root or not,
and one has to look back up in the run-log to see whether there was a
transition to another user earlier.

Still for rootless containers, podman/netavark expect /etc/resolv.conf
to be either a plain file, or a symlink that points either deeper in
/etc or anywhere in /run; if resolv.conf resolves to any other location,
DNS in rootless containers does not work. This is reasonable, and is
what already happens on a systemd-based system (and thus all major
distributions nowadays. However, in Buildroot, we put the actual file in
/tmp; this is historical, and dates back to the days where Buildroot did
not have a guaranteed-writable /run. So, we work around this limitation
in the test (for now).

The official busybox image on the Docker Hub supports a lot of
architectures, of which armv7 which we use for this runtime test.
Finding a small image that also supports armv7 on other registries was
a bit of a challenge; we eventually found one busybox image on quay.io,
but it is not an official busybox image; still, it fits the bill, so we
use it.

There is no runtime test with systemd, as this requires quite some
additional setup that does not look very trivial to do; when it detects
it is running under systemd in rootless mode, podman expects that a full
user session exists, or it whines about it every time it is started,
reverting to non-systemd behaviour; getting a full user session does not
look to be that trivial (PAM?), so this would not exercise the actual
integration with systemd, so the test would not be meaningful, so it is
not provided. This is left as an exercise to an interested party to
extend the tests.

PS: Hat-tip to Raphael, who provided some pointers and hints on this
change, especially for rootless mode. Thanks! 👍

[0] https://podman.io/docs/installation#get-source-code
[1] it looks like we can provide a custom seccomp profile, by specifying
seccomp_profile="PATH" in containers.conf; that would still require
seccomp support to use that file, though, so that does not change the
outcome.
[2] it is possible to use another backend, but it is not packaged in
in Buildroot yet: https://passt.top/passt/about/#pasta-pack-a-subtle-tap-abstraction
[3] podman expects a 'catatonit' helper in /usr/libexec/podman, so even
if tini would be usable instead, it would not feel right to use it to
impersonate catatonit. So let's assume that only catatonit is supported.
[4] https://github.com/containers/common/blob/main/docs/containers.conf.5.md
[5] https://github.com/containers/image/blob/main/docs/containers-policy.json.5.md
[6] https://github.com/containers/image/blob/main/docs/containers-registries.conf.5.md
[7] https://github.com/containers/podman/blob/main/docs/tutorials/rootless_tutorial.md

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Raphael Pavlidis <raphael.pavlidis@gmail.com>
Cc: Christian Stewart <christian@aperture.us>
Cc: Julien Olivain <ju.o@free.fr>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-15 22:19:29 +01:00
Yann E. MORIN 7289731adf package/netavark: new package
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Julien Olivain <ju.o@free.fr>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-15 22:16:51 +01:00
Yann E. MORIN 2795fecc50 package/nftables: add an option to force JSON support
Currently, nftables JSON support is implicit: if jansson is enabled,
JSON support is enabled, otherwise it is not.

Some packages will require that nftables be built with JSON support;
that's the case of netavarks, for example (to come in a later patch).
So, in the current state, it would mean a package would have to select
jansson, although it does not itself use it, so that nftables has JSON
support. This does not feel right.

Instead, introduce an option to nftables, to explicitly enabled JSON
support. Packages such as netavark would then just have to require JSON
support in nftables.

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-15 22:16:22 +01:00
Yann E. MORIN 5ae4c36dfe package/cgroupfs-v2-mount: new package
Currently, the cgroupfs-mount package only mounts a cgroup v1 hierarchy,
but v1 is considered legacy and obsolete, while v2 has been around for a
while now, and is required by some packages (e.g. podman whines about
v1).

cgroupfs-mount has not had a release in almost 8 years now, and only the
occasional commit since then and until more than 3 years ago. It's not
going to evolve...

Add a new package with a simple-enough sysv startup script, that mounts
the cgroup v2 hierarchy filesystem. For systemd, there's nothing to do,
as systemd handles the mount by itself.

Since both cgroup v1 and v2 use the same mountpoint, we can't have both
enabled at the same time, and thus we restrict the v2 to be hidden when
v1 is enabled (quite a few packages select the v1; changing those would
require that they be validated against v2 first...)

Note that, due to limitations in Kconfig, cgroupfs-v2-mount will appear
indented below cgroupfs-mount, because it has a (negative) dependency on
it. This spurious indentation is unfortunate and annoying, but benign;
fixing that would require breaking the dependency with a random Kconfig
symbol, which we don't have, and which we decided not to introduce just
for this one use-case (well, there's host-gnupg and host-gnupg2 that
have the exact same issue, but meh...)

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Fiona Klute <fiona.klute@gmx.de>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-15 22:13:25 +01:00
Yann E. MORIN 2c7a817dc5 package/cgroupfs-mount: tweak the kernel config
When it was introduced in 2016 with commit 0e1547a87c (cgroupfs-mount:
new package), we did not yet have the infrastructure for package to set
kernel config options, which only came 4 years later with commit
0aed4c2dae (linux: allow packages to set kernel config options).

So at that time, the requirements for cgroupfs-mount were documented in
the help for the Kconfig symbol.

But now that we do have the infrastructure in place, actually use it to
set the required options, and drop the list from the Kconfig entry (that
would be duplication, prone to bit-rot with time, and other packages do
not document their requirements in Kconfig, they just use the infra to
set the options).

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-15 22:11:01 +01:00
Yann E. MORIN 5c77357c58 package/skopeo: add target variant
Skopeo can be used to manipulate container images, and so can be useful
on target devices that are going to be used as a host to run containers.

So, add a target variant for skopeo.

... with a runtime test while at it.

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Christian Stewart <christian@aperture.us>
Cc: Yann E. MORIN <yann.morin@orange.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-15 22:09:10 +01:00
Yann E. MORIN c1add22462 package/slirp4netns: needs TUN support in the kernel
slirp4netns needs a kernel with TUN support, so enable that and the few
options it depends on.

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Raphael Pavlidis <raphael.pavlidis@gmail.com>
Reviewed-by: Raphael Pavlidis <raphael.pavlidis@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-15 21:59:46 +01:00
Yann E. MORIN 8edab92178 package/conmon: depends on systemd when enabled
When it detects it runs under systemd, conmon will want to log to the
journal. However, it needs to be linked with libsystemd to do so and if
not, will error out:

    Feb 22 11:10:03 buildroot conmon[199]: conmon 3b462ce6f2cc64f75c42 <error>: Include journald in compilation path to log to systemd journal

This prevents starting any container.

Add a dependency to systemd when it is enabled.

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Christian Stewart <christian@aperture.us>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-15 21:59:06 +01:00
Yann E. MORIN 4554ab9815 package/shadow: install to staging for subids
When the subids feature is enabled, shadow will install a library and a
header:

    $ sort output/build/shadow-4.16.0/.files-list.txt
    [...]
    shadow,./lib/libsubid.la
    shadow,./lib/libsubid.so
    shadow,./lib/libsubid.so.5
    shadow,./lib/libsubid.so.5.0.0
    [...]
    shadow,./usr/include/shadow/subid.h
    [...]

Install to staging in that case.

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Raphael Pavlidis <raphael.pavlidis@gmail.com>
Reviewed-by: Raphael Pavlidis <raphael.pavlidis@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-15 21:58:27 +01:00
Yann E. MORIN cf8641b73e support/testing: set date in emulated machine
When time comes to check certificates, the date and time in the emulated
machine should be close enough to the actual values, so that certificate
validity can be checked.

Some Qemu machines have an RTC (e.g. arm vexpress-a9 has a pl031), and
the kernel needs a driver for those RTC. It is not guaranteed that the
machine used for a test meets those two conditions; in such a case, the
time in the machine starts way back in the past (1970-01-01T00:00:00Z on
sysv, or the release date of systemd). This is the case with the default
kernel, so such tests do not have the proper time.

Set the date to the date of the host system. This is going to be accurate
to the second, which is, by far, enough for our purpose.

To avoid having to consider what combination of emulated machine and kernel
configuration are being used, we always set the date, as this is a
generic step that should be done by the infra (like login in as root is).

The Emulator() class doesn't inherit from unittest.TestCase, so we can't
call any of the usual self.assertXXX() methods; instead, we just raise
a standard exception, like is done a few lines above to detect the login
prompt.

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Ricardo Martincoski <ricardo.martincoski@datacom.com.br>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-15 21:57:45 +01:00
Yann E. MORIN 6dc177bee8 system: add catatonit as init system
Like the existing tini, catatonit can be used as minimal init to be
used as PID-1.

Add it to the list of init systems, like was done for tini in
24cac9c4e6 (system: add tini as init system) and tinyinit in
c1daa35cd9 (package/tinyinit: new package).

Unlike the "main" init systems, there is no historical preference for
those minimalist init systems, so just keep them alphabetically
ordered.

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-15 21:45:36 +01:00
Yann E. MORIN 1b81b594a9 package/catatonit: update to version 0.2.1
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Christian Stewart <christian@aperture.us>
Tested-by: Fiona Klute (WIWA) <fiona.klute@gmx.de>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-15 21:45:36 +01:00
Yann E. MORIN 022f49618c package/docker-engine: add option to support catatonit as init
currently, docker-engine can only use tini as injected init. catatonit
as a package exists, but it does not create the symlink that would be
needed at runtime [0].

Add a choice at the docker-engine level, for which injected init to use,
bringing catatonit to the integration level of tini.

[0] that could be done in a post-build script, but that's not practical.

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Christian Stewart <christian@aperture.us>
Cc: Fiona Klute (WIWA) <fiona.klute@gmx.de>
Tested-by: Fiona Klute (WIWA) <fiona.klute@gmx.de>
[Julien: move the legacy option to a new 2025.05 section]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-15 21:45:31 +01:00
Yann E. MORIN cb97f6a9b3 package/docker-engine: carry the tini init symlink
tini can be used standalone, not just as an init injected by docker.
As such, creating the docker-engine's init symlink does not belong to
tini itself, but to docker-engine.

This will also help later, when we allow docker-engine to use another
init alternative, catatonit (already paclkaged in Buildroot, but not
integrated with docker).

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Christian Stewart <christian@aperture.us>
Cc: Fiona Klute (WIWA) <fiona.klute@gmx.de>
Tested-by: Fiona Klute (WIWA) <fiona.klute@gmx.de>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-15 20:45:57 +01:00
Akhilesh Nema ce3dae7a83 configs/ls1046a-frwy_defconfig: bump BSP components to lf-6.6.52-2.2.0
- Updated Linux, U-Boot, and TF-A to lf-6.6.52-2.2.0 tag.
- Updated readme.txt

Signed-off-by: Akhilesh Nema <nemaakhilesh@gmail.com>
[Julien: remove fmc and fmlib in readme.txt to reflect
  comment from Brandon Maier]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-15 16:36:33 +01:00
Akhilesh Nema ba8a8359e9 package/fmc: bump version to lf-6.6.52-2.2.0
- The license file was renamed from COPYING to LICENSE.

Signed-off-by: Akhilesh Nema <nemaakhilesh@gmail.com>
Reviewed-by: Brandon Maier <brandon.maier@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-15 15:07:23 +01:00
Akhilesh Nema a3412adb2a package/fmlib: bump version to lf-6.6.52-2.2.0
- The license file was renamed from COPYING to LICENSE.
- Added a patch to fix build errors with gcc-14.

Signed-off-by: Akhilesh Nema <nemaakhilesh@gmail.com>
Reviewed-by: Brandon Maier <brandon.maier@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-15 15:06:42 +01:00
Akhilesh Nema 2522130175 package/qoriq-fm-ucode: bump version to lf-6.6.52-2.2.0
The package is unchanged; a new tag was added to match other NXP QorIQ package versions.

Signed-off-by: Akhilesh Nema <nemaakhilesh@gmail.com>
Reviewed-by: Brandon Maier <brandon.maier@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-15 15:06:14 +01:00
Akhilesh Nema 13a8275c2a package/qoriq-rcw: bump version to lf-6.6.52-2.2.0
Changelog:
https://github.com/nxp-qoriq/rcw/compare/lf-6.6.23-2.0.0...lf-6.6.52-2.2.0

Signed-off-by: Akhilesh Nema <nemaakhilesh@gmail.com>
Reviewed-by: Brandon Maier <brandon.maier@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-15 15:05:34 +01:00
Fiona Klute (WIWA) e7cbf89798 package/libglib2: bump version to 2.84.0
Upstream changelog:
https://gitlab.gnome.org/GNOME/glib/-/blob/main/NEWS?ref_type=heads

Note that upstream is planning to require C11 starting with 2.85.x,
and encourages people who would have problems with that to file
issues: https://gitlab.gnome.org/GNOME/glib/-/merge_requests/4473

Signed-off-by: Fiona Klute (WIWA) <fiona.klute@gmx.de>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-14 22:41:55 +01:00
Marcus Hoffmann 291a3263e0 package/can-utils: bump to v2025.01
Remove patches that are now included in upstream release.
Package switched from autotools to cmake based build.
Backport two build fixes that are already merged upstream.

* 0001-Include-time.h-for-timespec-struct-definition.patch fixes a musl
  build issue
* 0002-CMakeLists.txt-add-an-option-to-control-shared-libra.patch fixes
  static only builds

Release Notes: https://github.com/linux-can/can-utils/releases/tag/v2025.01

Signed-off-by: Marcus Hoffmann <buildroot@bubu1.eu>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-14 22:25:35 +01:00
Marcus Hoffmann e1cbe13462 package/libedit: bump to 20250104-3.1
Changelog:

2025-01-04 Jess Thrysoee

   * all: sync with upstream source

2024-08-08 Jess Thrysoee

   * all: sync with upstream source

   * doc/Makefile.am: fix regression. Name all manpage links as el_*
	(e.g. el_history.3) to avoid conflicts.
	Reported by Zopolis4

2024-05-17 Jess Thrysoee

   * all: sync with upstream source

Upstream changes are theoretically viewable at [1] but not
in a very readable form.

[1] http://cvsweb.netbsd.org/bsdweb.cgi/src/lib/libedit

Signed-off-by: Marcus Hoffmann <buildroot@bubu1.eu>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-14 22:06:51 +01:00
Fiona Klute (WIWA) ff85110701 package/network-manager: bump version to 1.52.0
Upstream changelog with a mix of new features and bugfixes:
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/blob/1.52.0/NEWS?ref_type=tags

Support for the "dhcpcanon" DHCP client has been removed.

Systemd code imported into NetworkManager [1] now requires kernel
headers 5.4 [2], update "depends on" accordingly.

Also update the homepage, wiki.gnome.org has been retired.

[1] https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/2115
[2] https://github.com/systemd/systemd/commit/6e14c46bac760d01868b0bf48461f6ac44c86be3

Signed-off-by: Fiona Klute (WIWA) <fiona.klute@gmx.de>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-11 22:52:19 +01:00
Lubomir Rintel e444597f48 configs/olpc_xo175_defconfig: bump kernel version to 6.13.6
Update kernel to version 6.13.6. Tested.

Signed-off-by: Lubomir Rintel <lkundrak@v3.sk>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-11 22:32:06 +01:00
José Luis Salvador Rufo e74584288c package/zfs: bump version to 2.3.1
For release note, see:
https://github.com/openzfs/zfs/releases/tag/zfs-2.3.1

Signed-off-by: José Luis Salvador Rufo <salvador.joseluis@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-11 21:14:43 +01:00
Kanak Shilledar 1ab37899ae configs/sipeed_licheepi_4a: add new board
Add support for the LicheePi 4A with mainline component:
 - Linux Kernel 6.12

The following components are provided by vendor:
 - U-Boot 2020.01
 - OpenSBI v0.9

Board homepage and more usable wiki:
 - https://wiki.sipeed.com/hardware/en/lichee/th1520/lpi4a/1_intro.html

th1520-boot-firmware is selected from the package sipeed-lpi4abin.
This is inspired from lone0's fork of buildroot for th1520.[1]

[1] https://github.com/lone0/buildroot-th1520

Signed-off-by: Kanak Shilledar <kanakshilledar@gmail.com>
[Julien: Tested on cpu board version 51601
  on base board version 51602]
Tested-by: Julien Olivain <ju.o@free.fr>
[Julien:
  - add Signed-off-by line in commit log
  - reorder defconfig entries with "make savedefconfig"
  - fixed post-image.sh shellcheck warnings
    (found with "make check-package")
  - add extra info in readme.txt
  - change linux-headers.hash to a symlink
  - change linux.hash comment to take hash from upstream
]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-11 19:22:04 +01:00
Kanak Shilledar 29861832a3 package/sipeed-lpi4abin: add licheepi4a boot bins
Sipeed LicheePi 4A requires some proprietary binaries
for booting, these are provided in the th1520-boot-firmware
repo [1]. These binaries are also required for the onboard
sound and wifi.

[1] https://github.com/revyos/th1520-boot-firmware

Signed-off-by: Kanak Shilledar <kanakshilledar@gmail.com>
[Julien:
  - add Signed-off-by line in commit log
  - reindent SIPEED_LPI4ABIN_FILES with 1 tab
  - fix DEVELOPERS entry (remove extra 's')
  - add upstream url in Config.in
]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-11 19:22:04 +01:00
Giulio Benetti 086f8472d6 package/minicom: bump to version 2.10
Release Notes:
https://salsa.debian.org/minicom-team/minicom/-/releases/2.10

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-10 23:55:39 +01:00
Benjamin Kamath fb8300f4b7 package/lapack: bump to version 3.12.1
Released in January 2025

- Updated LICENSE sha for changed year

https://www.netlib.org/lapack/lapack-3.12.1.html

Signed-off-by: Benjamin Kamath <kamath.ben@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-10 23:32:22 +01:00
Fiona Klute (WIWA) bc933199e0 package/raspberrypi-usbboot: bump version to 20250227-132106
32-bit mass-storage-gadget has been replaced with
mass-storage-gadget64. Drop patch included upstream.

Upstream diff:
https://github.com/raspberrypi/usbboot/compare/20240926-102326...20250227-132106

Signed-off-by: Fiona Klute (WIWA) <fiona.klute@gmx.de>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-10 21:21:25 +01:00
Michael Fischer 99a73492f8 package/sdl2: bump version to 2.32.2
Release notes:
https://github.com/libsdl-org/SDL/releases/tag/release-2.32.2

Signed-off-by: Michael Fischer <mf@go-sys.de>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-10 21:15:14 +01:00
Daniel Lang 2af019a1bd package/libsigc2: bump to version 2.12.1
https://github.com/libsigcplusplus/libsigcplusplus/blob/2.12.1/NEWS

Signed-off-by: Daniel Lang <dalang@gmx.at>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-08 22:11:26 +01:00
Giulio Benetti 7b9a6f5373 package/harfbuzz: bump to version 10.4.0
Release Notes:
https://github.com/harfbuzz/harfbuzz/releases/tag/10.4.0

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-08 18:25:16 +01:00
Giulio Benetti 4f0c7b0dcb package/libnss: bump version to 3.109
For release note, see:
https://hg.mozilla.org/projects/nss/diff/82eb56300e9d8e1e65312acc8ed11b26de8de222/doc/rst/releases/nss_3_109.rst

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-08 14:48:37 +01:00
Dario Binacchi ad5445a347 boot/arm-trusted-firmware: add lts-v2.12.x selection
There is a new lts-v2.12.x branch. Add it to the selection

Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-06 22:13:29 +01:00
Bernd Kuhls b891981d50 linux: bump latest version to 6.13
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-06 22:01:09 +01:00
Bernd Kuhls 66adee919d {toolchain, linux-headers}: add support for 6.13 headers
And add (and default to) 6.13 to linux-headers.

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-06 22:01:04 +01:00
Marcin Niestroj 94a7f909e9 package/python-pytest: bump to version 8.3.5
See [1] for changelog.

[1] https://github.com/pytest-dev/pytest/releases/tag/8.3.5

Signed-off-by: Marcin Niestroj <m.niestroj@grinn-global.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-05 23:04:56 +01:00
Marcin Niestroj 2a33198c47 package/python-dbus-fast: bump to 2.34.0
See [1] for changelog.

[1] https://github.com/Bluetooth-Devices/dbus-fast/blob/v2.34.0/CHANGELOG.md

Signed-off-by: Marcin Niestroj <m.niestroj@grinn-global.com>
[Julien: update changelog link on 2.34.0 tag]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-05 22:56:17 +01:00
Joachim Wiberg 7a0725723b package/sysklogd: bump to v2.7.1
- Update syslogd -T documentation, it applies to messages originating
   both locally and from remote syslog servers
 - Fix hostname filtering support, introduced in v2.7.0, broken
 - Fix parsing of userspace messages in /dev/kmsg, inserted an
   extra space before the message payload

From https://github.com/troglobit/sysklogd/releases/tag/v2.7.1

Signed-off-by: Joachim Wiberg <troglobit@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-05 22:51:06 +01:00
Boerge Struempfel 1b1696b408 package/libgpiod2: bump to version 2.2.1
multiple bugfixes, see [0]

[0] https://web.git.kernel.org/pub/scm/libs/libgpiod/libgpiod.git/tree/NEWS?h=v2.2.1

Signed-off-by: Boerge Struempfel <boerge.struempfel@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-05 22:47:39 +01:00
Gilles Talis f907f2a0fe configs/freescale_imx6{dl, q, sx}*: bump BSP components to lf-6.6.52-2.2.0
Note: configs/freescale_imx6{dl,q,sx}* corresponds to the five:
freescale_imx6dlsabreauto_defconfig
freescale_imx6dlsabresd_defconfig
freescale_imx6qsabreauto_defconfig
freescale_imx6qsabresd_defconfig
freescale_imx6sxsabresd_defconfig

Those i.MX6 Sabre defconfigs have a lot in common. This is why they are
all updated at once in this single commit.

This commit bumps U-Boot and Linux kernel to the NXP BSP
lf-6.6.52-2.2.0 versions

Signed-off-by: Gilles Talis <gilles.talis@gmail.com>
Tested-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-01 17:28:12 +01:00
Gilles Talis 7319225276 configs/freescale_imx6ullevk: bump BSP components to lf-6.6.52-2.2.0
Bump U-Boot and Linux kernel to the NXP BSP lf-6.6.52-2.2.0 versions.

Signed-off-by: Gilles Talis <gilles.talis@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-01 17:28:12 +01:00
Gilles Talis 850e71c6af configs/freescale_imx7dsabresd: bump BSP components to lf-6.6.52-2.2.0
Bump U-Boot and Linux kernel to the NXP BSP lf-6.6.52-2.2.0 versions.

Signed-off-by: Gilles Talis <gilles.talis@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-01 17:28:12 +01:00
Gilles Talis ca24f2d6d8 configs/freescale_imx8dxlevk: bump BSP components to lf-6.6.52-2.2.0
Bump ATF, U-Boot and Linux kernel to the NXP BSP lf-6.6.52-2.2.0
versions.

Signed-off-by: Gilles Talis <gilles.talis@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-01 17:28:12 +01:00
Gilles Talis 9a7a729b45 configs/freescale_imx8mmevk: bump BSP components to lf-6.6.52-2.2.0
Bump ATF, U-Boot and Linux kernel to the NXP BSP lf-6.6.52-2.2.0
versions.

Signed-off-by: Gilles Talis <gilles.talis@gmail.com>
Tested-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-01 17:28:12 +01:00
Gilles Talis cd8dc24ac8 configs/freescale_imx8mnevk: bump BSP components to lf-6.6.52-2.2.0
Bump ATF, U-Boot and Linux kernel to the NXP BSP lf-6.6.52-2.2.0
versions.

Signed-off-by: Gilles Talis <gilles.talis@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-01 17:28:12 +01:00
Gilles Talis cb0e3a8520 configs/freescale_imx8mpevk: bump BSP components to lf-6.6.52-2.2.0
Bump ATF, U-Boot and Linux kernel to the NXP BSP lf-6.6.52-2.2.0
versions.

Signed-off-by: Gilles Talis <gilles.talis@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-01 17:28:12 +01:00
Gilles Talis 8de20f0873 configs/freescale_imx8mqevk: bump BSP components to lf-6.6.52-2.2.0
Bump ATF, U-Boot and Linux kernel to the NXP BSP lf-6.6.52-2.2.0
versions.

Signed-off-by: Gilles Talis <gilles.talis@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-01 17:28:12 +01:00
Gilles Talis ebc64d7193 configs/freescale_imx8qmmek: bump BSP components to lf-6.6.52-2.2.0
Bump ATF, U-Boot and Linux kernel to the NXP BSP lf-6.6.52-2.2.0
versions.

Signed-off-by: Gilles Talis <gilles.talis@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-01 17:28:12 +01:00
Gilles Talis b4b29434a3 configs/freescale_imx8qxpmek: bump BSP components to lf-6.6.52-2.2.0
Bump ATF, U-Boot and Linux kernel to the NXP BSP lf-6.6.52-2.2.0
versions.

Signed-off-by: Gilles Talis <gilles.talis@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-01 17:28:12 +01:00
Gilles Talis 69487c630b configs/freescale_imx93evk: bump BSP components to lf-6.6.52-2.2.0
Bump ATF, U-Boot and Linux kernel to the NXP BSP lf-6.6.52-2.2.0
versions.

Signed-off-by: Gilles Talis <gilles.talis@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-01 17:28:12 +01:00
Sébastien Szymanski ab1c1c7f49 package/freescale-imx/imx-gpu-viv: bump version to 6.4.11.p2.10
This version is aligned with NXP Linux BSP version "lf-6.6.52-2.2.0".

License hashes changed because the LA_OPT_NXP_Software_License changed
from "v56 April 2024" to "v57 July 2024".
Add SCR.txt to _LICENSE_FILES.

Note: in this release, the package source archive name changed to
include a revision. This commit adds a new _REVISION variable with the
value published in the corresponding NXP BSP.

Signed-off-by: Sébastien Szymanski <sebastien.szymanski@armadeus.com>
[Julien: fixed the bsp version name in commit log]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-01 11:33:02 +01:00
Sébastien Szymanski 816f239e37 package/freescale-imx/imx-gpu-g2d: bump version to 6.4.11.p2.10
This version is aligned with NXP Linux BSP version "lf-6.6.52-2.2.0".

License hashes changed because the LA_OPT_NXP_Software_License changed
from "v56 April 2024" to "v57 July 2024".
Add SCR.txt to _LICENSE_FILES.

Note: in this release, the package source archive name changed to
include a revision. This commit adds a new _REVISION variable with the
value published in the corresponding NXP BSP.

Signed-off-by: Sébastien Szymanski <sebastien.szymanski@armadeus.com>
[Julien: fixed the bsp version name in commit log]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-01 11:32:59 +01:00
Sébastien Szymanski 8f2a6c9c46 package/freescale-imx/imx-sc-firmware: bump version to 1.17.0
This version is aligned with NXP Linux BSP version "lf-6.6.52-2.2.0".

License hashes changed because the LA_OPT_NXP_Software_License changed
from "v56 April 2024" to "v57 July 2024".
Add SCR.txt to _LICENSE_FILES.

Note: in this release, the package source archive name changed to
include a revision. This commit adds a new _REVISION variable with the
value published in the corresponding NXP BSP.

Signed-off-by: Sébastien Szymanski <sebastien.szymanski@armadeus.com>
[Julien: fixed the bsp version name in commit log]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-01 11:32:56 +01:00
Sébastien Szymanski 0f0949cee0 package/freescale-imx/imx-seco: bump version to 5.9.4.1
This version is aligned with NXP Linux BSP version "lf-6.6.52-2.2.0".

License hashes changed because the LA_OPT_NXP_Software_License changed
from "v56 April 2024" to "v57 July 2024".
Add SCR.txt and SCR-imx-seco.txt to _LICENSE_FILES.

Note: in this release, the package source archive name changed to
include a revision. This commit adds a new _REVISION variable with the
value published in the corresponding NXP BSP.

Signed-off-by: Sébastien Szymanski <sebastien.szymanski@armadeus.com>
[Julien: fixed the bsp version name in commit log]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-01 11:32:53 +01:00
Sébastien Szymanski 793b45cea7 package/freescale-imx/imx-vpu-hantro-daemon: bump version to 1.4.0
This version is aligned with NXP Linux BSP version "lf-6.6.52-2.2.0".

Add SCR-imx-vpu-hantro-daemon.txt to _LICENSE_FILES.

Note: in this release, the package source archive name changed to
include a revision. This commit adds a new _REVISION variable with the
value published in the corresponding NXP BSP.

Signed-off-by: Sébastien Szymanski <sebastien.szymanski@armadeus.com>
[Julien: fixed the bsp version name in commit log]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-01 11:32:49 +01:00
Sébastien Szymanski fe08ec9efa package/freescale-imx/imx-vpu-hantro-vc: bump version to 1.10.1
This version is aligned with NXP Linux BSP version "lf-6.6.52-2.2.0".

License hashes changed because the LA_OPT_NXP_Software_License changed
from "v48 July 2023" to "v57 July 2024".
Add SCR-imx-vpu-hantro.txt to _LICENSE_FILES.

Note: in this release, the package source archive name changed to
include a revision. This commit adds a new _REVISION variable with the
value published in the corresponding NXP BSP.

Signed-off-by: Sébastien Szymanski <sebastien.szymanski@armadeus.com>
[Julien: fixed the bsp version name in commit log]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-01 11:32:45 +01:00
Sébastien Szymanski f3350d1af2 package/freescale-imx/imx-vpu-hantro: bump version to 1.35.0
This version is aligned with NXP Linux BSP version "lf-6.6.52-2.2.0".

License hashes changed because the LA_OPT_NXP_Software_License changed
from "v49 September 2023" to "v57 July 2024".
Add SCR-imx-vpu-hantro.txt to _LICENSE_FILES.

Note: in this release, the package source archive name changed to
include a revision. This commit adds a new _REVISION variable with the
value published in the corresponding NXP BSP.

Signed-off-by: Sébastien Szymanski <sebastien.szymanski@armadeus.com>
[Julien: fixed the bsp version name in commit log and SoB email]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-01 11:31:54 +01:00
Sébastien Szymanski 6295c5ef56 package/freescale-imx/firmware-imx: bump version to 8.26
This version is aligned with NXP Linux BSP version "lf-6.6.52-2.2.0".

License hashes changed because the LA_OPT_NXP_Software_License changed
from "v56 April 2024" to "v57 July 2024".

Signed-off-by: Sébastien Szymanski <sebastien.szymanski@armadeus.com>
[Julien: fixed the bsp version name in commit log]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-01 11:31:51 +01:00
Sébastien Szymanski 9d4dcf5b0c package/freescale-imx/imx-codec: bump to version 4.9.0
This version is aligned with NXP Linux BSP version "lf-6.6.52-2.2.0".

License hashes changed because the LA_OPT_NXP_Software_License changed
from "v49 September 2023" to "v56 April 2024".
Add SCR-imx-codec.txt to _LICENSE_FILES.

Signed-off-by: Sébastien Szymanski <sebastien.szymanski@armadeus.com>
[Julien: fixed the bsp version name in commit log]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-01 11:31:47 +01:00
Sébastien Szymanski f34a7a13af package/freescale-imx/firmware-ele-imx: bump to version 1.3.0
This version is aligned with NXP Linux BSP version "lf-6.6.52-2.2.0".

License hashes changed because the LA_OPT_NXP_Software_License changed
from "v49 September 2023" to "v57 July 2024".
Add SCR.txt file to _LICENSE_FILES.

Note: in this release, the package source archive name changed to
include a revision. This commit adds a new _REVISION variable with the
value published in the corresponding NXP BSP.

Signed-off-by: Sébastien Szymanski <sebastien.szymanski@armadeus.com>
[Julien: fixed the bsp version name in commit log]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-01 11:31:40 +01:00
Sébastien Szymanski 44355f7998 package/freescale-imx/imx-gpu-g2d: install the specific library for i.MX8MM
For the i.MX8MM, this package contains a specific library that is not
linked to OpenCL because there is no openCL support on i.MX8MM GPU.

Signed-off-by: Sébastien Szymanski <sebastien.szymanski@armadeus.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-01 11:31:38 +01:00
Giulio Benetti c5c772ef80 package/rtl8192eu: bump to 2025-02-03 version
This version allows to build with Linux 6.14.

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
[Julien: add back new line in hash file to fix check-package error]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-03-01 00:16:01 +01:00
James Hilliard dfd217cdf2 package/python-pymodbus: bump to version 3.8.6
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-02-28 23:11:44 +01:00
James Hilliard 7c9ac213d4 package/python-websockets: bump to version 15.0
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-02-28 23:11:44 +01:00
James Hilliard fe43cf9c95 package/python-weasyprint: bump to version 64.0
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-02-28 23:11:44 +01:00
James Hilliard 50aeed6b23 package/python-sentry-sdk: bump to version 2.21.0
License hash changed due to date range removal:
https://github.com/getsentry/sentry-python/commit/7473afb77d7f0ba534bf5fdcd22622b06a5f7e62

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-02-28 23:11:44 +01:00
James Hilliard 0df577df87 package/python-pydantic-core: bump to version 2.29.0
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-02-28 23:11:44 +01:00
James Hilliard 9c9a07668a package/python-maturin: bump to version 1.8.2
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-02-28 23:11:44 +01:00
James Hilliard 2c9d00e927 package/python-fastapi: bump to version 0.115.8
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-02-28 23:11:44 +01:00
James Hilliard e0af35c76a package/python-cryptography: bump to version 44.0.1
For change log, see:
https://cryptography.io/en/44.0.1/changelog/

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
[Julien: add link to change log]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-02-28 23:11:30 +01:00
James Hilliard e4469759c1 package/python-aiosqlite: bump to version 0.21.0
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-02-28 23:09:53 +01:00
James Hilliard 02e41b516c package/python-aiohttp: bump to version 3.11.12
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-02-28 23:09:49 +01:00
Raphael Pavlidis 1539003393 package/slirp4netns: bump to version 1.3.2
Changelog: [1].

[1]: https://github.com/rootless-containers/slirp4netns/releases/tag/v1.3.2

Signed-off-by: Raphael Pavlidis <raphael.pavlidis@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-02-28 22:59:34 +01:00
Bernd Kuhls dcae760d11 package/libcec: bump version to 7.0.0
Release notes:
https://github.com/Pulse-Eight/libcec/releases/tag/libcec-7.0.0

Removed patch which is included in this release.

License file was renamed upstream:
https://github.com/Pulse-Eight/libcec/commit/da640961528178e82a447038446db4afe31a899e

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
[Julien: update .checkpackageignore to fix check-package error]
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-02-28 22:54:18 +01:00
Maxim Kochetkov 35b50e9b03 package/osm2pgsql: bump version to 2.0.1
Release-notes: https://github.com/osm2pgsql-dev/osm2pgsql/releases/tag/2.0.1

Change URL to osm2pgsql-dev.

Signed-off-by: Maxim Kochetkov <fido_max@inbox.ru>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-02-28 22:34:01 +01:00
Fiona Klute (WIWA) ec2735686a support/testing: fix MyPy warnings about BRConfigTest
This removes warnings in editors/IDEs with MyPy typechecking
integration. Test classes override "config" with strings (different
type than None).

Signed-off-by: Fiona Klute (WIWA) <fiona.klute@gmx.de>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-02-28 21:11:01 +01:00
Fiona Klute (WIWA) 1b9bba8599 support/testing: include init script in iptables test
Check a save/start/stop cycle based on the rules created by direct
commands in the pre-existing test.

Signed-off-by: Fiona Klute (WIWA) <fiona.klute@gmx.de>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-02-28 21:10:58 +01:00
Fiona Klute (WIWA) 1af307504a support/testing: test for nftables init script
The new test checks that a pre-defined rules file can be loaded and
works as expected, and that after flushing the blocked IP responds to
ping again.

Signed-off-by: Fiona Klute (WIWA) <fiona.klute@gmx.de>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-02-28 21:10:54 +01:00
Fiona Klute (WIWA) 475722ea46 package/iptables: check for rules in init script
Instead of installing an empty rules file, the init script now checks
if the rules file exists and does nothing if it doesn't. The "save"
action is exempt from that limit because it may be used to create the
rules file.

Also fix the shellcheck warning about the unused IPTABLES_ARGS
variable, and use long form options for iptables commands.

Signed-off-by: Fiona Klute (WIWA) <fiona.klute@gmx.de>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-02-28 21:10:49 +01:00
Fiona Klute (WIWA) 2625440614 package/iptables: optionally default to nftables compat
For an nftables-based firewall setup it may be desirable to use
iptables-nft as the "iptables" binary, in particular to better
integrate legacy applications that do not support nftables directly
and call iptables. If the BR2_PACKAGE_IPTABLES_NFTABLES_DEFAULT option
introduced by this patch is enabled, iptables, iptables-restore, and
iptables-save are symlinked to the -nft version of iptables. The
-legacy options can still be called directly if desired.

Signed-off-by: Fiona Klute (WIWA) <fiona.klute@gmx.de>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-02-28 21:10:41 +01:00
Fiona Klute (WIWA) a639e31268 package/nftables: add init script
The init script handles an nftables ruleset file with support for
atomic reloading. By default the ruleset is expected in
/etc/nftables.conf, the location can be changed in
/etc/default/nftables. If the ruleset file does not exist, the script
does nothing and shows a warning about that fact.

Signed-off-by: Fiona Klute (WIWA) <fiona.klute@gmx.de>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-02-28 21:10:38 +01:00
Raphael Pavlidis 29af0f1b0c package/shadow: bump to version 4.17.3
Changelog: [1] [2] [3] [4].

[1]: https://github.com/shadow-maint/shadow/releases/tag/4.17.3
[2]: https://github.com/shadow-maint/shadow/releases/tag/4.17.2
[3]: https://github.com/shadow-maint/shadow/releases/tag/4.17.1
[4]: https://github.com/shadow-maint/shadow/releases/tag/4.17.0

Signed-off-by: Raphael Pavlidis <raphael.pavlidis@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-02-28 20:47:48 +01:00
2770 changed files with 46845 additions and 20251 deletions
+23 -121
View File
@@ -11,7 +11,6 @@ board/beagleboard/beaglebone-qt5/patches/linux/0001-keep-jtag-clock-alive-for-de
board/beagleboard/beaglebone/post-build.sh Shellcheck
board/beagleboard/beagleboneai/patches/uboot/0001-am57xx_evm-fixes.patch lib_patch.Upstream
board/beagleboard/beagleboneai/post-build.sh Shellcheck
board/beelink/gs1/post-build.sh Shellcheck
board/boundarydevices/common/post-build.sh Shellcheck
board/boundarydevices/common/post-image.sh Shellcheck
board/broadcom/northstar/post-image.sh Shellcheck
@@ -23,25 +22,15 @@ board/bsh/imx8mn-bsh-smm-s2/post-build.sh Shellcheck
board/canaan/k210-soc/post-build.sh Shellcheck
board/chromebook/elm/sign.sh Shellcheck
board/chromebook/mksd.sh Shellcheck
board/chromebook/snow/sign.sh Shellcheck
board/ci20/patches/uboot/0001-mips-Remove-default-endiannes.patch lib_patch.Upstream
board/freescale/common/imx/imx8-bootloader-prepare.sh Shellcheck
board/freescale/common/mxs/post-image.sh Shellcheck
board/friendlyarm/nanopi-r2s/post-build.sh Shellcheck
board/hardkernel/odroidc2/post-image.sh Shellcheck
board/hardkernel/odroidc2/rootfs_overlay/etc/init.d/S09modload Shellcheck lib_sysv.Variables
board/hardkernel/odroidxu4/post-image.sh Shellcheck lib_shellscript.EmptyLastLine
board/intel/galileo/patches/linux/0001-x86-relocs-Make-per_cpu_load_addr-static.patch lib_patch.Upstream
board/intel/galileo/post-build.sh Shellcheck
board/intel/galileo/rootfs_overlay/etc/init.d/S09modload Shellcheck lib_sysv.Variables
board/kontron/bl-imx8mm/post-build.sh Shellcheck
board/kontron/pitx-imx8m/patches/uboot/2022.04/0001-tools-mkeficapsule-use-pkg-config-to-get-luuid-and-l.patch lib_patch.NumberedSubject lib_patch.Upstream
board/kontron/pitx-imx8m/post-build.sh Shellcheck
board/kontron/smarc-sal28/post-build.sh Shellcheck
board/lego/ev3/post-image.sh Shellcheck
board/lemaker/bananapro/patches/linux/0001-arch-arm-boot-dts-sun7i-a20-bananapro.dts-disable-00.patch lib_patch.Upstream
board/lemaker/bananapro/post-build.sh Shellcheck
board/lemaker/bananapro/post-image.sh Shellcheck
board/minnowboard/post-build.sh Shellcheck
board/nexbox/a95x/post-build.sh Shellcheck
board/nexbox/a95x/post-image.sh Shellcheck
@@ -54,25 +43,19 @@ board/olimex/a20_olinuxino/post-build.sh Shellcheck
board/olimex/a33_olinuxino/post-build.sh Shellcheck
board/olpc/post-build.sh Shellcheck
board/orangepi/common/post-build.sh Shellcheck
board/orangepi/orangepi-lite2/post-build.sh Shellcheck
board/orangepi/orangepi-one-plus/post-build.sh Shellcheck
board/orangepi/orangepi-zero/patches/linux/0001-ARM-dts-orange-pi-zero-interrupt-triggering-xr819.patch lib_patch.Upstream
board/orangepi/orangepi-zero/patches/linux/0002-ARM-dts-orange-pi-zero-enable-spi-nor.patch lib_patch.Upstream
board/orangepi/orangepi-zero/patches/linux/0003-ARM-dts-orange-pi-zero-enable-spidev.patch lib_patch.Upstream
board/orangepi/orangepi-zero/patches/linux/0004-ARM-dts-orange-pi-zero-enable-uart.patch lib_patch.Upstream
board/pine64/rock64/patches/uboot/0001-Makefile-rk3328-needs-itb-image-to-boot-properly.patch lib_patch.Upstream
board/pine64/rock64/post-build.sh Shellcheck
board/qemu/aarch64-sbsa/assemble-flash-images Shellcheck
board/qemu/x86/post-build.sh Shellcheck
board/qemu/x86_64/post-build.sh Shellcheck
board/radxa/rockpi-n8/post-build.sh Shellcheck
board/raspberrypi/post-build.sh Shellcheck
board/raspberrypi/post-image.sh Shellcheck
board/roseapplepi/patches/uboot/0001-compiler-.h-sync-include-linux-compiler-.h-with-Linu.patch lib_patch.Upstream
board/roseapplepi/post-build.sh Shellcheck
board/seeed/stm32mp157c-odyssey/patches/linux/0001-ARM-dts-stm32-fix-stm32mp157c-odyssey-card-detect.patch lib_patch.Upstream
board/sheevaplug/patches/uboot/0001-Remove-redundant-YYLOC-global-declaration.patch lib_patch.Upstream
board/sifive/hifive-unleashed/post-build.sh Shellcheck
board/solidrun/clearfog/post-build.sh Shellcheck
board/solidrun/macchiatobin/post-build-mainline.sh Shellcheck
board/solidrun/macchiatobin/post-build.sh Shellcheck
@@ -83,7 +66,6 @@ board/stmicroelectronics/stm32f469-disco/flash_sd.sh Shellcheck
board/stmicroelectronics/stm32f469-disco/flash_xip.sh Shellcheck
board/synopsys/axs10x/post-build.sh Shellcheck
board/technologic/ts4900/post-image.sh Shellcheck
board/toradex/apalis-imx6/post-image.sh Shellcheck
board/udoo/common/post-build.sh Shellcheck
boot/afboot-stm32/0003-Makefile-disable-stack-protector.patch lib_patch.Upstream
boot/optee-os/3.13.0/0001-core-zlib-fix-build-warning-when-_LFS64_LARGEFILE-is.patch lib_patch.Upstream
@@ -110,9 +92,6 @@ configs/aspeed_ast2600evb_defconfig lib_defconfig.ForceCheckHash
configs/asus_tinker-s_rk3288_defconfig lib_defconfig.ForceCheckHash
configs/asus_tinker_rk3288_defconfig lib_defconfig.ForceCheckHash
configs/at91sam9260eknf_defconfig lib_defconfig.ForceCheckHash
configs/at91sam9g20dfc_defconfig lib_defconfig.ForceCheckHash
configs/at91sam9g45m10ek_defconfig lib_defconfig.ForceCheckHash
configs/at91sam9rlek_defconfig lib_defconfig.ForceCheckHash
configs/atmel_sama5d27_som1_ek_mmc_dev_defconfig lib_defconfig.ForceCheckHash
configs/atmel_sama5d2_xplained_mmc_defconfig lib_defconfig.ForceCheckHash
configs/atmel_sama5d2_xplained_mmc_dev_defconfig lib_defconfig.ForceCheckHash
@@ -130,24 +109,14 @@ configs/avnet_rzboard_v2l_defconfig lib_defconfig.ForceCheckHash
configs/bananapi_m2_berry_defconfig lib_defconfig.ForceCheckHash
configs/bananapi_m2_ultra_defconfig lib_defconfig.ForceCheckHash
configs/bananapi_m2_zero_defconfig lib_defconfig.ForceCheckHash
configs/bananapro_defconfig lib_defconfig.ForceCheckHash
configs/beelink_gs1_defconfig lib_defconfig.ForceCheckHash
configs/broadcom_northstar_defconfig lib_defconfig.ForceCheckHash
configs/canaan_kd233_defconfig lib_defconfig.ForceCheckHash
configs/ci20_defconfig lib_defconfig.ForceCheckHash
configs/engicam_imx6qdl_icore_defconfig lib_defconfig.ForceCheckHash
configs/engicam_imx6qdl_icore_qt5_defconfig lib_defconfig.ForceCheckHash
configs/engicam_imx6qdl_icore_rqs_defconfig lib_defconfig.ForceCheckHash
configs/engicam_imx6ul_geam_defconfig lib_defconfig.ForceCheckHash
configs/engicam_imx6ul_isiot_defconfig lib_defconfig.ForceCheckHash
configs/freescale_imx28evk_defconfig lib_defconfig.ForceCheckHash
configs/freescale_p1025twr_defconfig lib_defconfig.ForceCheckHash
configs/freescale_t1040d4rdb_defconfig lib_defconfig.ForceCheckHash
configs/freescale_t2080_qds_rdb_defconfig lib_defconfig.ForceCheckHash
configs/friendlyarm_nanopi_r2s_defconfig lib_defconfig.ForceCheckHash
configs/galileo_defconfig lib_defconfig.ForceCheckHash
configs/globalscale_espressobin_defconfig lib_defconfig.ForceCheckHash
configs/hifive_unleashed_defconfig lib_defconfig.ForceCheckHash
configs/imx23evk_defconfig lib_defconfig.ForceCheckHash
configs/imx6-sabreauto_defconfig lib_defconfig.ForceCheckHash
configs/imx6-sabresd_defconfig lib_defconfig.ForceCheckHash
@@ -162,7 +131,6 @@ configs/imx8mqevk_defconfig lib_defconfig.ForceCheckHash
configs/imxrt1050-evk_defconfig lib_defconfig.ForceCheckHash
configs/khadas_vim3_defconfig lib_defconfig.ForceCheckHash
configs/kontron_bl_imx8mm_defconfig lib_defconfig.ForceCheckHash
configs/kontron_pitx_imx8m_defconfig lib_defconfig.ForceCheckHash
configs/kontron_smarc_sal28_defconfig lib_defconfig.ForceCheckHash
configs/mangopi_mq1rdw2_defconfig lib_defconfig.ForceCheckHash
configs/mender_x86_64_efi_defconfig lib_defconfig.ForceCheckHash
@@ -186,7 +154,6 @@ configs/nitrogen8mm_defconfig lib_defconfig.ForceCheckHash
configs/nitrogen8mn_defconfig lib_defconfig.ForceCheckHash
configs/nitrogen8mp_defconfig lib_defconfig.ForceCheckHash
configs/odroidc2_defconfig lib_defconfig.ForceCheckHash
configs/odroidxu4_defconfig lib_defconfig.ForceCheckHash
configs/olimex_a10_olinuxino_lime_defconfig lib_defconfig.ForceCheckHash
configs/olimex_a13_olinuxino_defconfig lib_defconfig.ForceCheckHash
configs/olimex_a20_olinuxino_micro_defconfig lib_defconfig.ForceCheckHash
@@ -194,26 +161,18 @@ configs/olimex_a33_olinuxino_defconfig lib_defconfig.ForceCheckHash
configs/olimex_a64_olinuxino_defconfig lib_defconfig.ForceCheckHash
configs/olpc_xo175_defconfig lib_defconfig.ForceCheckHash
configs/olpc_xo1_defconfig lib_defconfig.ForceCheckHash
configs/orangepi_lite2_defconfig lib_defconfig.ForceCheckHash
configs/orangepi_one_plus_defconfig lib_defconfig.ForceCheckHash
configs/orangepi_pc2_defconfig lib_defconfig.ForceCheckHash
configs/orangepi_zero_plus_defconfig lib_defconfig.ForceCheckHash
configs/pc_x86_64_bios_defconfig lib_defconfig.ForceCheckHash
configs/pc_x86_64_efi_defconfig lib_defconfig.ForceCheckHash
configs/pcengines_apu2_defconfig lib_defconfig.ForceCheckHash
configs/pine64_defconfig lib_defconfig.ForceCheckHash
configs/pine64_pinecube_defconfig lib_defconfig.ForceCheckHash
configs/pine64_sopine_defconfig lib_defconfig.ForceCheckHash
configs/pine64_star64_defconfig lib_defconfig.ForceCheckHash
configs/riotboard_defconfig lib_defconfig.ForceCheckHash
configs/rock64_defconfig lib_defconfig.ForceCheckHash
configs/rock_pi_n8_defconfig lib_defconfig.ForceCheckHash
configs/roseapplepi_defconfig lib_defconfig.ForceCheckHash
configs/s6lx9_microboard_defconfig lib_defconfig.ForceCheckHash
configs/sipeed_lichee_rv_defconfig lib_defconfig.ForceCheckHash
configs/sipeed_lichee_rv_dock_defconfig lib_defconfig.ForceCheckHash
configs/sipeed_licheepi_nano_defconfig lib_defconfig.ForceCheckHash
configs/sipeed_licheepi_zero_defconfig lib_defconfig.ForceCheckHash
configs/sipeed_maix_bit_defconfig lib_defconfig.ForceCheckHash
configs/sipeed_maix_bit_sdcard_defconfig lib_defconfig.ForceCheckHash
configs/sipeed_maix_dock_defconfig lib_defconfig.ForceCheckHash
@@ -227,15 +186,12 @@ configs/snps_arc700_nsim_defconfig lib_defconfig.ForceCheckHash
configs/snps_archs38_axs103_defconfig lib_defconfig.ForceCheckHash
configs/snps_archs38_haps_defconfig lib_defconfig.ForceCheckHash
configs/snps_archs38_hsdk_defconfig lib_defconfig.ForceCheckHash
configs/socrates_cyclone5_defconfig lib_defconfig.ForceCheckHash
configs/solidrun_clearfog_gt_8k_defconfig lib_defconfig.ForceCheckHash
configs/solidrun_macchiatobin_defconfig lib_defconfig.ForceCheckHash
configs/stm32mp157c_odyssey_defconfig lib_defconfig.ForceCheckHash
configs/terasic_de10nano_cyclone5_defconfig lib_defconfig.ForceCheckHash
configs/toradex_apalis_imx6_defconfig lib_defconfig.ForceCheckHash
configs/ts4900_defconfig lib_defconfig.ForceCheckHash
configs/ts5500_defconfig lib_defconfig.ForceCheckHash
configs/ts7680_defconfig lib_defconfig.ForceCheckHash
configs/uevm5432_defconfig lib_defconfig.ForceCheckHash
configs/visionfive_defconfig lib_defconfig.ForceCheckHash
configs/wandboard_defconfig lib_defconfig.ForceCheckHash
@@ -281,7 +237,6 @@ package/asterisk/0004-install-samples-need-the-data-files.patch lib_patch.Upstre
package/at/0001-Makefile.in-fix-make-install-for-non-root-don-t-stri.patch lib_patch.Upstream
package/at/S99at lib_sysv.Indent lib_sysv.Variables
package/attr/0001-build-with-older-GCCs.patch lib_patch.Upstream
package/audit/S02auditd Shellcheck lib_sysv.Variables
package/aufs-util/0001-remove-user-settings.patch lib_patch.Upstream
package/aufs-util/0002-no-check-ver.patch lib_patch.Upstream
package/aufs-util/0003-no-strip-lib.patch lib_patch.Upstream
@@ -390,7 +345,6 @@ package/dhcp/S80dhcp-relay Shellcheck lib_sysv.Variables
package/dhcp/S80dhcp-server Shellcheck lib_sysv.Variables
package/dhcp/dhclient-script Shellcheck lib_shellscript.TrailingSpace
package/dhcpcd/S41dhcpcd lib_sysv.Indent lib_sysv.Variables
package/dht/0001-cmake.patch lib_patch.Upstream
package/dillo/0001-usr-local-include.patch lib_patch.Upstream
package/dillo/0002-Fix-openssl-detection.patch lib_patch.Upstream
package/dillo/0004-fix-build-with-gcc-10.patch lib_patch.Upstream
@@ -431,7 +385,6 @@ package/elfutils/0002-Really-make-Werror-conditional-to-BUILD_WERROR.patch lib_p
package/erlang-rebar/0001-src-rebar_port_compiler-add-fPIC-to-LDFLAGS-by-defau.patch lib_patch.Upstream
package/espeak/0001-Fix-build-of-shared-library-on-architectures-needing.patch lib_patch.Upstream
package/espeak/0002-tr_languages-cast-string_ordinal-init-values.patch lib_patch.Upstream
package/eudev/S10udev Shellcheck lib_sysv.ConsecutiveEmptyLines lib_sysv.Indent lib_sysv.Variables
package/evemu/0001-Include-limits.h-for-PATH_MAX.patch lib_patch.Upstream
package/evemu/0002-evemu-Update-struct-input_event.patch lib_patch.Upstream
package/evemu/0003-src-evemu.c-fix-build-with-kernels-4.16.patch lib_patch.Upstream
@@ -479,9 +432,9 @@ package/ftop/0001-overflow.patch lib_patch.Upstream
package/fwts/0001-build-do-not-use-Werror.patch lib_patch.Upstream
package/fxdiv/0001-CMake-don-t-enable-CXX-unless-building-tests-benchma.patch lib_patch.Upstream
package/fxload/0001-fix-static-build.patch lib_patch.Upstream
package/gcc/12.4.0/0001-disable-split-stack-for-non-thread-builds.patch lib_patch.Upstream
package/gcc/13.3.0/0001-disable-split-stack-for-non-thread-builds.patch lib_patch.Upstream
package/gcc/14.2.0/0001-disable-split-stack-for-non-thread-builds.patch lib_patch.Upstream
package/gcc/13.4.0/0001-disable-split-stack-for-non-thread-builds.patch lib_patch.Upstream
package/gcc/14.3.0/0001-disable-split-stack-for-non-thread-builds.patch lib_patch.Upstream
package/gcc/15.2.0/0001-disable-split-stack-for-non-thread-builds.patch lib_patch.Upstream
package/gcc/8.4.0/0001-xtensa-fix-PR-target-91880.patch lib_patch.Upstream
package/gcc/8.4.0/0002-Revert-re-PR-target-92095-internal-error-with-O1-mcp.patch lib_patch.Upstream
package/gcc/8.4.0/0003-libsanitizer-Remove-cyclades-from-libsanitizer.patch lib_patch.Upstream
@@ -496,24 +449,24 @@ package/gdb/14.2/0006-Fix-getrandom-compile-for-uclibc-v1.0.35.patch lib_patch.U
package/gdb/14.2/0007-fix-musl-build-on-riscv.patch lib_patch.Upstream
package/gdb/14.2/0008-gdbserver-Makefile.in-fix-NLS-build.patch lib_patch.Upstream
package/gdb/14.2/0009-gdb-Fix-native-build-on-xtensa.patch lib_patch.Upstream
package/gdb/15.1/0001-ppc-ptrace-Define-pt_regs-uapi_pt_regs-on-GLIBC-syst.patch lib_patch.Upstream
package/gdb/15.1/0002-sh-ptrace-Define-pt_-dsp-regs-uapi_pt_-dsp-regs-on-G.patch lib_patch.Upstream
package/gdb/15.1/0003-use-asm-sgidefs.h.patch lib_patch.Upstream
package/gdb/15.1/0004-gdbserver-fix-build-for-m68k.patch lib_patch.Upstream
package/gdb/15.1/0005-nat-fork-inferior-include-linux-ptrace.h.patch lib_patch.Upstream
package/gdb/15.1/0006-Fix-getrandom-compile-for-uclibc-v1.0.35.patch lib_patch.Upstream
package/gdb/15.1/0007-fix-musl-build-on-riscv.patch lib_patch.Upstream
package/gdb/15.1/0008-gdbserver-Makefile.in-fix-NLS-build.patch lib_patch.Upstream
package/gdb/15.1/0009-gdb-Fix-native-build-on-xtensa.patch lib_patch.Upstream
package/gdb/16.1/0001-ppc-ptrace-Define-pt_regs-uapi_pt_regs-on-GLIBC-syst.patch lib_patch.Upstream
package/gdb/16.1/0002-sh-ptrace-Define-pt_-dsp-regs-uapi_pt_-dsp-regs-on-G.patch lib_patch.Upstream
package/gdb/16.1/0003-use-asm-sgidefs.h.patch lib_patch.Upstream
package/gdb/16.1/0004-gdbserver-fix-build-for-m68k.patch lib_patch.Upstream
package/gdb/16.1/0005-nat-fork-inferior-include-linux-ptrace.h.patch lib_patch.Upstream
package/gdb/16.1/0006-Fix-getrandom-compile-for-uclibc-v1.0.35.patch lib_patch.Upstream
package/gdb/16.1/0007-fix-musl-build-on-riscv.patch lib_patch.Upstream
package/gdb/16.1/0008-gdbserver-Makefile.in-fix-NLS-build.patch lib_patch.Upstream
package/gdb/16.1/0009-gdb-Fix-native-build-on-xtensa.patch lib_patch.Upstream
package/gdb/15.2/0001-ppc-ptrace-Define-pt_regs-uapi_pt_regs-on-GLIBC-syst.patch lib_patch.Upstream
package/gdb/15.2/0002-sh-ptrace-Define-pt_-dsp-regs-uapi_pt_-dsp-regs-on-G.patch lib_patch.Upstream
package/gdb/15.2/0003-use-asm-sgidefs.h.patch lib_patch.Upstream
package/gdb/15.2/0004-gdbserver-fix-build-for-m68k.patch lib_patch.Upstream
package/gdb/15.2/0005-nat-fork-inferior-include-linux-ptrace.h.patch lib_patch.Upstream
package/gdb/15.2/0006-Fix-getrandom-compile-for-uclibc-v1.0.35.patch lib_patch.Upstream
package/gdb/15.2/0007-fix-musl-build-on-riscv.patch lib_patch.Upstream
package/gdb/15.2/0008-gdbserver-Makefile.in-fix-NLS-build.patch lib_patch.Upstream
package/gdb/15.2/0009-gdb-Fix-native-build-on-xtensa.patch lib_patch.Upstream
package/gdb/16.3/0001-ppc-ptrace-Define-pt_regs-uapi_pt_regs-on-GLIBC-syst.patch lib_patch.Upstream
package/gdb/16.3/0002-sh-ptrace-Define-pt_-dsp-regs-uapi_pt_-dsp-regs-on-G.patch lib_patch.Upstream
package/gdb/16.3/0003-use-asm-sgidefs.h.patch lib_patch.Upstream
package/gdb/16.3/0004-gdbserver-fix-build-for-m68k.patch lib_patch.Upstream
package/gdb/16.3/0005-nat-fork-inferior-include-linux-ptrace.h.patch lib_patch.Upstream
package/gdb/16.3/0006-Fix-getrandom-compile-for-uclibc-v1.0.35.patch lib_patch.Upstream
package/gdb/16.3/0007-fix-musl-build-on-riscv.patch lib_patch.Upstream
package/gdb/16.3/0008-gdbserver-Makefile.in-fix-NLS-build.patch lib_patch.Upstream
package/gdb/16.3/0009-gdb-Fix-native-build-on-xtensa.patch lib_patch.Upstream
package/genpart/0001-fix-return-code.patch lib_patch.Upstream
package/gensio/0001-Fix-missing-EVP_PKEY_ED25519-build-error-on-libressl.patch lib_patch.Upstream
package/gerbera/S99gerbera lib_sysv.Indent
@@ -525,8 +478,7 @@ package/gnupg/0001-build-Always-use-EXTERN_UNLESS_MAIN_MODULE-pattern.patch lib_
package/gnuplot/0001-configure-add-without-demo-option.patch lib_patch.Upstream
package/go/go-src/0001-build.go-explicit-option-for-crosscompilation.patch lib_patch.Upstream
package/gob2/0001-dont-include-from-prefix.patch lib_patch.Upstream
package/gobject-introspection/0001-disable-tests.patch lib_patch.Upstream
package/gobject-introspection/0002-Add-rpath-links-to-ccompiler.patch lib_patch.Upstream
package/gobject-introspection/0001-Add-rpath-links-to-ccompiler.patch lib_patch.Upstream
package/gpsd/S50gpsd Shellcheck lib_sysv.Indent lib_sysv.Variables
package/gptfdisk/0001-gptcurses-partially-revert-Tweaks-for-building-on-th.patch lib_patch.Upstream
package/graphite2/0001-don-t-install-a-libtool-file-with-static-library.patch lib_patch.Upstream
@@ -537,7 +489,6 @@ package/guile/0002-Makefile.am-fix-build-without-makeinfo.patch lib_patch.Upstre
package/gumbo-parser/0001-configure.ac-fix-build-without-C.patch lib_patch.Upstream
package/gutenprint/0001-use-pregen-xmli18n-header.patch lib_patch.Upstream
package/gutenprint/0002-cups-support-replaces-static-with-static-libtool-lib.patch lib_patch.Upstream
package/gvfs/0001-build-Remove-incorrect-i18n.merge_file-argument.patch lib_patch.Upstream
package/harfbuzz/0001-meson.build-check-for-pthread.h.patch lib_patch.Upstream
package/haserl/0001-add-haserl_lualib.inc.patch lib_patch.Upstream
package/haveged/S21haveged Shellcheck lib_sysv.Variables
@@ -584,7 +535,6 @@ package/ipmitool/0002-Fix-enterprise-numbers-URL.patch lib_patch.Upstream
package/ipmitool/0003-Do-not-require-the-IANA-PEN-registry-file.patch lib_patch.Upstream
package/ipmitool/0004-configure.ac-allow-disabling-registry-downloads.patch lib_patch.Upstream
package/iprutils/0001-configure.ac-add-AC_USE_SYSTEM_EXTENSIONS.patch lib_patch.Upstream
package/iptables/S35iptables Shellcheck
package/irda-utils/0001-daemon.patch lib_patch.Sob lib_patch.Upstream
package/irda-utils/0002-nommu.patch lib_patch.Sob lib_patch.Upstream
package/irda-utils/0003-subdir.patch lib_patch.Sob lib_patch.Upstream
@@ -593,10 +543,8 @@ package/irqbalance/S13irqbalance Shellcheck lib_sysv.Indent lib_sysv.Variables
package/irrlicht/0001-override-CPPFLAGS-CXXFLAGS-and-CFLAGS-in-Makefile.patch lib_patch.Upstream
package/irrlicht/0002-makefile-override-LDFLAGS-and-remove-obsolete-X11R6-.patch lib_patch.Upstream
package/iucode-tool/S00iucode-tool lib_sysv.Variables
package/iwd/S40iwd Shellcheck lib_sysv.Variables
package/iwd/S40iwd Shellcheck
package/janus-gateway/0001-disable-ssp.patch lib_patch.Upstream
package/jose/0001-lib-hsh.c-rename-hsh-local-variable.patch lib_patch.Upstream
package/jose/0002-man-add-option-to-skip-building-man-pages.patch lib_patch.Upstream
package/kexec-lite/0001-clean-restart.patch lib_patch.Upstream
package/keyutils/0001-fix-install-rule.patch lib_patch.Upstream
package/keyutils/0002-cifs.patch lib_patch.Sob lib_patch.Upstream
@@ -621,7 +569,6 @@ package/libavl/0001-fix-makefile.patch lib_patch.Upstream
package/libb64/0001-Integer-overflows.patch lib_patch.Upstream
package/libb64/0002-Initialize-C++-objects.patch lib_patch.Upstream
package/libcdaudio/0001-libcdaudio-enable-autoreconf.patch lib_patch.Upstream
package/libcec/0001-cecloader-h-fix-null-return.patch lib_patch.Upstream
package/libcgi/0001-CMakeLists.txt-honour-BUILD_TESTING.patch lib_patch.Upstream
package/libcgicc/0001-disable-documentation-option.patch lib_patch.Sob lib_patch.Upstream
package/libconfuse/0001-Fix-163-unterminated-username-used-with-getpwnam.patch lib_patch.Upstream
@@ -634,8 +581,6 @@ package/libdvbcsa/0001-altivec-powerpc64.patch lib_patch.Upstream
package/libeXosip2/0001-src-eXtl_dtls.c-fix-build-with-libressl-3.4.1.patch lib_patch.Upstream
package/libedit/0001-check-bsd-functions-in-libbsd.patch lib_patch.Upstream
package/libevent/0001-Don-t-define-BIO_get_init-for-LibreSSL-3-5.patch lib_patch.Upstream
package/libfcgi/0001-link-against-math.patch lib_patch.Upstream
package/libfcgi/0002-disable-examples.patch lib_patch.Upstream
package/libffi/0001-Fix-use-of-compact-eh-frames-on-MIPS.patch lib_patch.Upstream
package/libfm/0001-modules-fix-cross-compilation.patch lib_patch.Upstream
package/libfreeimage/0001-no-root-install.patch lib_patch.Upstream
@@ -644,9 +589,6 @@ package/libfreeimage/0003-fix-big-endian-os.patch lib_patch.Upstream
package/libfreeimage/0004-fixed-C-11-warnings.patch lib_patch.Upstream
package/libftdi/0001-pkgconfig_libusb.patch lib_patch.Sob lib_patch.Upstream
package/libftdi/0002-libftdi.pc-requires-libusb-fix-static-build.patch lib_patch.Sob lib_patch.Upstream
package/libftdi1/0001-cmake-use-the-standard-CMake-flag-to-drive-the-share.patch lib_patch.Upstream
package/libftdi1/0002-CMakeLists.txt-fix-paths-when-FTDIPP-is-set.patch lib_patch.Upstream
package/libftdi1/0003-CMakeLists.txt-fix-static-build-with-libusb-and-lato.patch lib_patch.Upstream
package/libfuse/0001-fix-aarch64-build.patch lib_patch.Upstream
package/libfuse/0002-util-ulockmgr_server-c-conditionally-define-closefrom-fix-glibc-2-34.patch lib_patch.Upstream
package/libgcrypt/0001-configure.ac-add-an-option-to-disable-tests.patch lib_patch.Upstream
@@ -655,8 +597,6 @@ package/libgsm/0001-Misc-fixes-from-Archlinux.patch lib_patch.Upstream
package/libgtk2/0001-reduce-dependencies.patch lib_patch.Upstream
package/libgtk3/0001-Remove-Gdk-dependency-from-gtk-encode-symbolic-svg.patch lib_patch.Upstream
package/libhdhomerun/0001-dont-strip.patch lib_patch.Upstream
package/libical/0001-no-tests.patch lib_patch.Upstream
package/libical/0002-icaltypes-c-icalreqstattype_from_string-copy-the-reqstattype.patch lib_patch.Upstream
package/libiio/S99iiod Shellcheck lib_sysv.Variables
package/libiqrf/0001-cmake-handle-static-library-and-find-required-thread.patch lib_patch.Upstream
package/libiqrf/0002-use-only-c-language.patch lib_patch.Upstream
@@ -683,7 +623,6 @@ package/libnetfilter_conntrack/0001-conntrack-fix-build-with-kernel-5-15-and-mus
package/libnfc/0001-autotools-make-example-build-optional.patch lib_patch.Upstream
package/libnids/0001-libpcap-use-pkg-config.patch lib_patch.Upstream
package/libnss/0001-Bug-1801182-Allow-overriding-OS_ARCH-OS_TEST-and-OS_.patch lib_patch.Upstream
package/liboauth/0001-Fixes-build-issue-with-OpenSSL-1.1.0.patch lib_patch.Upstream
package/libodb-mysql/0001-fix-syntax-issue-while-checking-ldflags.patch lib_patch.Upstream
package/libodb-mysql/0002-mariadb-FTBFS-fix.patch lib_patch.Upstream
package/libopenssl/0001-Reproducible-build-do-not-leak-compiler-path.patch lib_patch.Upstream
@@ -694,7 +633,6 @@ package/liboping/0003-Fix-compile-break-with-GCC-7-buffer-overflow-with-snprintf
package/liboping/0004-Fix-compile-error-on-GCC-7.patch lib_patch.Upstream
package/liboping/0005-src-oping.c-always-use-s-style-format-for-printf-sty.patch lib_patch.Upstream
package/libp11/0001-src-p11_attr.c-fix-build-with-gcc-4.8.patch lib_patch.Upstream
package/libplatform/0001-cmake-require-c-11-as-the-minimum-standard.patch lib_patch.Upstream
package/libpthsem/0001-fix-build-on-linux-3.x-host.patch lib_patch.Upstream
package/libressl/0001-always-expose-SSL_OP_NO_TLSv1_3.patch lib_patch.Upstream
package/libroxml/0001-src-roxml_mem.h-add-missing-extern.patch lib_patch.Upstream
@@ -713,17 +651,11 @@ package/libsigrok/0001-Support-glibmm-2.68.patch lib_patch.Upstream
package/libsigrokdecode/0001-configure-ac-Add-support-for-Python-3-9.patch lib_patch.Upstream
package/libsigrokdecode/0002-configure-Add-python-3-10-support.patch lib_patch.Upstream
package/libsigrokdecode/0003-configure-ac-Use-python3-embed-pc-as-a-fallback.patch lib_patch.Upstream
package/libsoup/0001-meson.build-set-c_std-to-gnu99.patch lib_patch.Upstream
package/libsoxr/0001-Add-Libs.private-for-static-linking.patch lib_patch.Upstream
package/libspatialindex/0001-allow-building-static-libs.patch lib_patch.Upstream
package/libspatialindex/0002-CMakeLists.txt-fix-CMAKE_BUILD_TYPE.patch lib_patch.Upstream
package/libsquish/0001-Makefile-add-f-option-for-ln-to-remove-existing-dest.patch lib_patch.Upstream
package/libsvg/0001-fix-expat-static-declaration.patch lib_patch.Upstream
package/libsvg/0002-Fix-undefined-symbol-png_set_gray_1_2_4_to_8.patch lib_patch.Upstream
package/libsvgtiny/0001-disable-debug-printfs.patch lib_patch.Upstream
package/libsvgtiny/0002-Remove-Werror.patch lib_patch.Upstream
package/libsvgtiny/0003-Hopefully-silence-warnings-about-inlines-and-non-inlines-calling-one.patch lib_patch.Upstream
package/libsvgtiny/0004-Build-Include-gperf-generated-code-directly.patch lib_patch.Upstream
package/libtalloc/0001-buildtools-wafsamba-add-disable-stack-protector-opti.patch lib_patch.Upstream
package/libtelnet/0001-fix-compilation-without-zlib.patch lib_patch.Upstream
package/libtheora/0001-link-libtheoradec.patch lib_patch.Upstream
@@ -731,13 +663,9 @@ package/libtomcrypt/0001-fix-CVE-2019-17362.patch lib_patch.Upstream
package/libtommath/0001-Build-test-bn_mp_set_double-c-on-more-platforms.patch lib_patch.Upstream
package/libtorrent/0001-libtorrent.pc.in-add-Libs.Private.patch lib_patch.Upstream
package/libubootenv/0001-src-CMakeLists.txt-do-not-force-the-build-of-a-share.patch lib_patch.Upstream
package/libuhttpd/0001-add-compatibility-for-wolfssl-5-0.patch lib_patch.Upstream
package/libuio/0001-configure.ac-set-automake-strictness-to-foreign.patch lib_patch.Upstream
package/liburcu/0001-Only-blacklist-ARM-gcc-4.8.0-and-4.8.1.patch lib_patch.Upstream
package/libvpx/0001-vpx_mem-vpx_mem.h-Fix-compilation-with-uClibc.patch lib_patch.Upstream
package/libwebsock/0001-Switch-to-use-pkg-config-to-detect-libevent-and-open.patch lib_patch.Upstream
package/libwebsock/0002-fix-ssl.patch lib_patch.Upstream
package/libwebsock/0003-fix-incorrect-inline.patch lib_patch.Upstream
package/libyuv/0001-i386-sse2.patch lib_patch.Upstream
package/lighttpd/0001-Modify-the-default-lighttpd-configuration-file-to-ha.patch lib_patch.Upstream
package/lighttpd/S50lighttpd Shellcheck lib_sysv.EmptyLastLine lib_sysv.Indent lib_sysv.Variables
@@ -753,8 +681,6 @@ package/lirc-tools/0002-configure-add-disable-doc-option.patch lib_patch.Upstrea
package/lirc-tools/S25lircd lib_sysv.Indent lib_sysv.Variables
package/live555/0001-Add-a-pkg-config-file-for-the-shared-libraries.patch lib_patch.Upstream
package/lldpd/S60lldpd Shellcheck lib_sysv.Indent lib_sysv.Variables
package/llvm-project/clang/0001-lib-Driver-ToolChains-Gnu-Use-GCC_INSTALL_PREFIX-in-.patch lib_patch.Upstream
package/llvm-project/libclc/0001-support-out-of-tree-build.patch lib_patch.Upstream
package/lm-sensors/0001-static-build.patch lib_patch.Upstream
package/lm-sensors/0002-no-host-ldconfig.patch lib_patch.Upstream
package/lmbench/0001-scripts-build-use-bin-bash-as-shell.patch lib_patch.Upstream
@@ -808,7 +734,6 @@ package/memstat/0001-PATH_MAX.patch lib_patch.Upstream
package/mender-connect/S43mender-connect Shellcheck
package/menu-cache/0001-Support-gcc10-compilation.patch lib_patch.Upstream
package/mesa3d-demos/0001-demos-makes-opengl-an-optional-component.patch lib_patch.Upstream
package/mesa3d/0001-meson-Set-proper-value-for-LIBCLC_INCLUDEDIR.patch lib_patch.Upstream
package/meson-tools/0001-amlbootenc-gxl-remove-non-std-C-convention-in-for.patch lib_patch.Upstream
package/meson/0001-Prefer-ext-static-libs-when-default-library-static.patch lib_patch.Upstream
package/meson/0002-mesonbuild-dependencies-base.py-add-pkg_config_stati.patch lib_patch.Upstream
@@ -828,10 +753,8 @@ package/mono-gtksharp3/0001-Fixes-MONO_PROFILE_ENTER_LEAVE-undeclared.patch lib_
package/mono-gtksharp3/0002-Mono-compilation-error-branch.patch lib_patch.Upstream
package/mono/0001-Fix-linkage-with-a-system-libatomic_ops-shared-library.patch lib_patch.Upstream
package/mono/0002-Ongoing-work-on-the-cmake-build.patch lib_patch.Upstream
package/mosquitto/S50mosquitto Shellcheck lib_sysv.Indent lib_sysv.Variables
package/motion/S99motion Shellcheck lib_sysv.Indent lib_sysv.Variables
package/mpir/0001-mpn-arm-udiv.asm-workaround-binutils-bug-14887.patch lib_patch.Upstream
package/mpv/0001-fix-powerpc64-altivec.patch lib_patch.Upstream
package/mraa/0001-include-Declare-gVERSION-global-as-extern.patch lib_patch.Upstream
package/mrouted/S41mrouted NotExecutable
package/mrp/S65mrp lib_sysv.Indent lib_sysv.Variables
@@ -858,7 +781,6 @@ package/netplug/0002-add-missing-time-include.patch lib_patch.Upstream
package/netplug/0003-remove-assert-fail.patch lib_patch.Upstream
package/netplug/S29netplug Shellcheck lib_sysv.Indent lib_sysv.Variables
package/netplug/netplug-script Shellcheck lib_shellscript.ConsecutiveEmptyLines
package/netsniff-ng/0001-Detect-libpcap-dependencies-using-pkg-config.patch lib_patch.Upstream
package/netsnmp/S59snmpd Shellcheck lib_sysv.Indent lib_sysv.Variables
package/netsurf/0001-avoid-system-perl-dependencies.patch lib_patch.Upstream
package/netsurf/0002-do-not-cross-compile-nsgenbind.patch lib_patch.Upstream
@@ -887,13 +809,11 @@ package/norm/0001-protolib-drop-linux-version-check.patch lib_patch.Upstream
package/norm/0002-Use-print-as-function-call-for-Python3-compatibility.patch lib_patch.Upstream
package/norm/0003-Fix-mixed-tabs-spaces-in-protolib-wscript.patch lib_patch.Upstream
package/nss-pam-ldapd/S45nslcd Shellcheck lib_sysv.EmptyLastLine lib_sysv.Indent lib_sysv.Variables
package/ntp/0001-ntp-syscalls-fallback.patch lib_patch.Upstream
package/ntp/S49ntp.in lib_sysv.Variables
package/ntpsec/0001-wscript-remove-checks-for-bsd-string.h-fixes-host-co.patch lib_patch.Upstream
package/nuttcp/0001-susv3-legacy.patch lib_patch.Upstream
package/nvidia-driver/0001-use-LDFLAGS.patch lib_patch.Upstream
package/octave/0001-Fix-BLAS-library-integer-size-detection.patch lib_patch.Upstream
package/ofono/0001-uclibc-backtrace.patch lib_patch.Upstream
package/ofono/S46ofono lib_sysv.Variables
package/ola/0001-ola-fix-compilation-with-musl-1-2-3.patch lib_patch.Upstream
package/olsr/0001-olsrd-migrate-to-using-bison-3.7.1.patch lib_patch.Upstream
@@ -1010,17 +930,6 @@ package/python-scipy/0001-build-sh4-FE.patch lib_patch.Upstream
package/python-setuptools/0001-add-executable.patch lib_patch.Upstream
package/python-sip/0001-remove-join-from-sip-h-files-string.patch lib_patch.Upstream
package/python-web2py/S51web2py Shellcheck lib_sysv.Variables
package/python3/0001-Make-the-build-of-pyc-files-conditional.patch lib_patch.Upstream
package/python3/0002-Disable-buggy_getaddrinfo-configure-test-when-cross-.patch lib_patch.Upstream
package/python3/0003-Add-an-option-to-disable-pydoc.patch lib_patch.Upstream
package/python3/0004-Add-an-option-to-disable-lib2to3.patch lib_patch.Upstream
package/python3/0005-Add-an-option-to-disable-IDLE.patch lib_patch.Upstream
package/python3/0006-configure.ac-move-PY_STDLIB_MOD_SET_NA-further-up.patch lib_patch.Upstream
package/python3/0007-Add-option-to-disable-the-sqlite3-module.patch lib_patch.Upstream
package/python3/0008-Add-an-option-to-disable-the-tk-module.patch lib_patch.Upstream
package/python3/0009-Add-an-option-to-disable-the-curses-module.patch lib_patch.Upstream
package/python3/0010-Add-an-option-to-disable-expat.patch lib_patch.Upstream
package/python3/0011-configure.ac-fixup-CC-print-multiarch-output-for-mus.patch lib_patch.Upstream
package/qextserialport/0001-Create-a-main-include-file-QExtSerialPort.patch lib_patch.Upstream
package/qextserialport/0002-Tell-qmake-to-add-a-pkgconfig-file-to-ease-usage-wit.patch lib_patch.Upstream
package/qt5/qt5base/0001-qtbase-Fix-build-error-when-using-EGL.patch lib_patch.Upstream
@@ -1050,11 +959,9 @@ package/qt5/qt5webkit/0006-Warnings-due-to-AppSinkCallbacks-struct-growth-https.
package/qt5cinex/0001-Fix-execution-problem-with-Qt5.3.patch lib_patch.Upstream
package/racehound/0001-Fix-module-install-path-lib-instead-of-usr-lib-prefi.patch lib_patch.Upstream
package/rapidxml/0001-ensure-internal-print-operations-are-declared-before.patch lib_patch.Upstream
package/raspberrypi-usbboot/0001-Makefile-allow-passing-CFLAGS-LDFLAGS.patch lib_patch.Upstream
package/read-edid/0001-Fix-install-file-list.patch lib_patch.Upstream
package/read-edid/0002-Fix-compiler-check.patch lib_patch.Upstream
package/read-edid/0003-fix-build-with-gcc-10.patch lib_patch.Upstream
package/readline/0001-curses-link.patch lib_patch.Upstream
package/redis/0001-uclibc.patch lib_patch.Upstream
package/redis/0002-largefile-conditional-define.patch lib_patch.Upstream
package/redis/0003-redis.conf-adjust-defauts-for-buildroot.patch lib_patch.Upstream
@@ -1089,8 +996,6 @@ package/screen/0002-Change-binary-permission-flags-even-if-chown-fails.patch lib
package/screen/0003-Support-overriding-SCREEN-to-get-a-non-versioned-bin.patch lib_patch.Upstream
package/screen/0004-Renamed-sched.h-to-eventqueue.h.patch lib_patch.Upstream
package/scrub/0001-configure-ac-make-sure-m4-macros-are-included-in-the-build.patch lib_patch.Upstream
package/sdl/0001-fix-compilation-with-libx11.patch lib_patch.Upstream
package/sdl/0002-SDL_x11yuv.c-fix-possible-use-after-free.patch lib_patch.Upstream
package/sdl_mixer/0001-Add-Libs.private-field-to-pkg-config-file.patch lib_patch.Upstream
package/sdl_mixer/0002-configure__set_macro_directory.patch lib_patch.Upstream
package/sdl_mixer/0003-configure.ac-fix-static-linking-with-tremor.patch lib_patch.Upstream
@@ -1103,7 +1008,6 @@ package/sentry-native/0001-sentry.h-include-ucontext.h.patch lib_patch.Upstream
package/ser2net/S50ser2net Shellcheck lib_sysv.Indent lib_sysv.Variables
package/setools/0001-Do-not-export-use-setools.InfoFlowAnalysis-and-setoo.patch lib_patch.Upstream
package/setserial/0001-build-system-fix.patch lib_patch.Upstream
package/setserial/0002-tiocghayesesp-build-fix.patch lib_patch.Upstream
package/shadowsocks-libev/0001-configure.ac-use-pkg-config-to-find-netfilter_conntr.patch lib_patch.Upstream
package/shadowsocks-libev/0002-fix-maybe-uninitialized-errors.patch lib_patch.Upstream
package/shadowsocks-libev/0003-lib-Makefile.am-remove-static-from-LDFLAGS.patch lib_patch.Upstream
@@ -1125,7 +1029,6 @@ package/snort/0005-fix-sparc.patch lib_patch.Upstream
package/snort/0006-Fix-compile-error-when-building-against-uclibc-or-mu.patch lib_patch.Upstream
package/snort/0007-Fix-error-when-building-on-a-Fedora-host-machine.patch lib_patch.Upstream
package/snort/0008-Fix-NO-OPTIMIZE.patch lib_patch.Upstream
package/socketcand/0001-Fix-GCC10-build-failure.patch lib_patch.Upstream
package/softether/0001-Create-autotools-plumbing-for-SoftEther.patch lib_patch.Upstream
package/softether/0002-Create-libsoftether.so-and-dynamically-link.patch lib_patch.Upstream
package/softether/0003-use-fhs-install-directories.patch lib_patch.Upstream
@@ -1181,7 +1084,6 @@ package/tinycbor/0001-Makefile-add-DISABLE_WERROR.patch lib_patch.Upstream
package/tinycompress/0001-wave-add-time.h-missing-header-inclusion.patch lib_patch.Upstream
package/tinydtls/0001-sha2-sha2.c-fix-build-on-big-endian.patch lib_patch.Upstream
package/tinyxml/0001-In-stamp-always-advance-the-pointer-if-p-0xef.patch lib_patch.Upstream
package/tpm2-abrmd/S80tpm2-abrmd Shellcheck lib_sysv.Indent lib_sysv.Variables
package/tpm2-tss/0001-Temporary-fix-for-build-without-C.patch lib_patch.Upstream
package/transmission/S92transmission Shellcheck lib_sysv.ConsecutiveEmptyLines lib_sysv.Indent lib_sysv.Variables
package/triggerhappy/S10triggerhappy Shellcheck lib_sysv.Indent lib_sysv.Variables
+764
View File
@@ -1,3 +1,654 @@
2025.08, released September 7th, 2025
Fixes all over the tree.
Infrastructure:
- 'make show-info' now also displays the package directory.
- utils/bump-stable-kernel-versions helper script to bump
Linux (headers) kernel versions.
Fixed defconfigs: QEMU ARM / Aarch64 EBBR / SBSA, Sipeed
licheepi zero, TI am62x sk
Removed defconfigs (build failures): Bananapro, Beelink gs1,
Chromebook snow, Engicam i.MX6 boards, Galileo, Microchip
at91sam9g20df / at91sam9g45m10ek / at91sam9rlek, Odroid XU-4,
Orangepi lite2 / one+, Pcengine apu2, Pine64 rock64 / sopine,
Raxda rockpin8, Riotboard, Socrates cyclone5, Technologic
TS-7680, Toradex Apalis i.MX6
Updated/fixed packages: apitrace, avrdude, b43-firmware, bat,
brcm-patchram-plus, busybox, ecryptfs-utils, exiv2, ffmpeg,
firewalld, gdb, go, imagemagick, input-event-daemon, iozone,
ipmitool, jose, libcap-ng, libfreeglut, libftdi1, libgsm,
libkrb5, libsoxr, lighttpd, lirc-tools, lua-utf8, mariadb,
mbpfan, micropython, mosquitto, netavark, openal, postgis,
python-flask-cors, python-h2, python-yarl, python3, rtl8188eu,
rtl8821au, sqlite, squid, sslh, tcpreplay, timescaledb,
tstools, uclibc, udisks, unbound, vde2,
webrtc-audio-processing, wipe, wireshark, xlib_libXt
Removed packages: libsvgtiny, netstat-nat,
netsurf-buildsystem, thttpd
2025.08-rc3, released August 28th, 2025
Fixes all over the tree, mainly GCC 15.x build fixes
support/misc/pkg-stats: Be more robust when parsing CVEs
Fixed defconfigs: canaan_kd233, sipeed_maix*: Correct Linux
image name configuration, ci20: Needs host-openssl,
imx6ulz_bsh_smm_m2: Use correct FPU configuration
Removed defconfigs: kontron_pitx_imx8m
Updated/fixed packages: binutils, cpp-httplib, dtach,
dump1090, ffmpeg, gdbm, gpm, libjwt, liblog4c-localtime,
libv4l, lrzsz, mesa3d, p11-kit, php-lua, proftpd,
python-aexpect, python-pyroute2, python3, rpi-userland, sdl,
vim, wayland, weston, wpewebkit, xvisor
Removed packages: liboauth
2025.08-rc2, released August 21th, 2025
Fixes all over the tree.
The release tarballs are now built reproducibly.
Updated/fixed packages: bash, bcusdk, ed, elfutils, gcc,
gcc-bare-metal, go, grub, gst1-devtools, gst1-libav,
gst1-plugins-bad, gst1-plugins-base, gst1-plugins-good,
gst1-plugins-ugly, gst1-python, gst1-rtsp-server, gst1-vaapi,
gstreamer1, gstreamer1-editing-services, hwdata, iperf3, jq,
libcue, libtracefs, modem-manager, ofono, openconnect,
openjpeg, openocd, prboom, python-numpy, rpcbind, rrdtool,
rt-tests, rtl8812au-aircrack-ng, setserial, start-stop-daemon,
tinyssh, trace-cmd, vorbis-tools
2025.08-rc1, released August 11th, 2025
Fixes all over the tree and new features.
Arch: Add LoongArch64 architecture support
Toolchains:
- ARC toolchain updated to 2024.12
- Bootlin external toolchains updated to 2025.08-1
- GCC 15.1.0 added, 12.x dropped, 14.x is now default
- GCC 13.x updated to 13.4.0, 14.x updated to 14.3.0
- Default to Linux 6.16.x kernel headers
Misc:
- Various tweaks to utils/generate-cyclonedx for better SBOM
compatibility and project name/version customization
New defconfigs: BeagleY-AI, CoolPI 4B, Freescale i.MX91
Freedom, LoongArch64 EFI, QEMU LoongArch64 Virt, Raspberrypi
Compute Module 5 IO
New packages: containers-image-config, distribution-registry,
llvm-runtimes, lua-lrexlib-pcre2, msgpack-c, opencl-headers,
opencl-icd-loader, pocketpy, python-apscheduler, python-crc,
python-log-rate-limit, python-sdbus-modemmanager, soapy-sdr,
vulkan-sdk
Removed packages: libebur128, libolm, libwebsock,
python-dunamai, python-poetry-dynamic-versioning
2025.05.1, released August 11th, 2025
Important / security related fixes:
- samba4: support Windows security hardening
- apache: CVE-2025-53020, CVE-2025-49812, CVE-2025-49630, CVE-2025-23048,
CVE-2024-47252, CVE-2024-43394, CVE-2024-43204, CVE-2024-42516,
CVE-2025-54090
- assimp: CVE-2025-2750, CVE-2025-2751, CVE-2025-2757, CVE-2025-3158
- clamav: CVE-2025-20260
- edk2: CVE-2024-38805
- git: CVE-2025-27613, CVE-2025-27614, CVE-2025-46835, CVE-2025-48384,
CVE-2025-48385, CVE-2025-48386
- jose: CVE-2023-50967
- libarchive: CVE-2025-5914, CVE-2025-5915, CVE-2025-5916, CVE-2025-5917,
CVE-2025-5918
- libavif: CVE-2025-48174, CVE-2025-48175
- libblockdev: CVE-2025-6019
- libbpf: CVE-2025-29481
- libglib2: CVE-2025-6052
- libheif: CVE-2025-43966, CVE-2025-43967
- libhtp: CVE-2024-45797
- libopenssl: CVE-2025-4575
- libsoup: CVE-2024-52530, CVE-2024-52531, CVE-2024-52532, CVE-2025-2784,
CVE-2025-4476, CVE-2025-4948, CVE-2025-4969, CVE-2025-32050,
CVE-2025-32052, CVE-2025-32053, CVE-2025-32906, CVE-2025-32910,
CVE-2025-32911, CVE-2025-32912, CVE-2025-32913, CVE-2025-32914,
CVE-2025-46420, CVE-2025-46421
- libxml2: CVE-2025-6021, CVE-2025-49794, CVE-2025-49796, CVE-2025-49795,
CVE-2025-6170
- mbedtls: CVE-2025-47917, CVE-2025-48965, CVE-2025-49087, CVE-2025-49600,
CVE-2025-49601, CVE-2025-52496, CVE-2025-52497
- micropython: CVE-2024-8947
- modsecurity2: 2025-47947, CVE-2025-48866
- orc: CVE-2024-40897
- php: CVE-2025-1735, CVE-2025-6491, CVE-2025-1220
- podman: CVE-2025-6032
- python-aiohttp: CVE-2025-53643
- python-django: CVE-2025-48432
- python-requests: CVE-2024-47081
- python-starlette: CVE-2025-54121
- python-urllib3: CVE-2025-50181, CVE-2025-50182
- python3: 2024-12718, CVE 2025-4138, CVE 2025-4330, CVE 2025-4435,
2025-4517
- redis: CVE-2025-32023, CVE-2025-48367
- rust-bindgen: CVE-2024-43806, RUSTSEC-2024-0006
- samba4: CVE-2025-0620
- shim: CVE-2024-2312
- sngrep: CVE-2024-3119, CVE-2024-3120
- sudo: CVE-2025-32462, CVE-2025-32463
- tcpreplay: CVE-2023-4256, CVE-2023-43279, CVE-2024-22654
- tinyxml: CVE-2023-34194
- wpewebkit: CVE-2024-27856, CVE-2024-40866, CVE-2024-44185,
CVE-2024-44187, CVE-2024-44192, CVE-2024-44244, CVE-2024-44296,
CVE-2024-44308, CVE-2024-44309, CVE-2024-54467, CVE-2024-54479,
CVE-2024-54502, CVE-2024-54505, CVE-2024-54508, CVE-2024-54534,
CVE-2024-54543, CVE-2024-54551, CVE-2024-54658, CVE-2025-24143,
CVE-2025-24150, CVE-2025-24158, CVE-2025-24162, CVE-2025-24201,
CVE-2025-24208, CVE-2025-24209, CVE-2025-24213, CVE-2025-24216,
CVE-2025-24223, CVE-2025-24264, CVE-2025-30427, CVE-2025-31204,
CVE-2025-31205, CVE-2025-31206, CVE-2025-31215, CVE-2025-31257
- xorg-server / xwayland: CVE-2025-49175, CVE-2025-49176, CVE-2025-49177,
CVE-2025-49178, CVE-2025-49179, CVE-2025-49180
Updated / fixed packages: amazon-ecr-credential-helper, at91bootstrap3,
avrdude, bcg729, berkeleydb, binutils, bmx7, boot/syslinux, ca-certificates,
chartjs, cifs-utils, cpp-httplib, cpulimit, daq, dht,
docker-credential-acr-env, docker-credential-gcr, elfutils, eudev, fwupd,
gcc, gnuplot, gstreamer1-editing-services, gumbo-parser, gvfs, hddtemp,
kvmtool, libargtable2, libcddb, libconfuse, libcrossguid, libcurl, libdex,
libesmtp, libgcrypt, libiec61850, libmanette, libmicrohttpd, libmpeg2,
libndp, libp11, libplatform, libspdm, libssh2, libuhttpd, libva, linux,
linux-tools (rtla), lpac, lrzsz, ltp-testsuite, lua, mjpg-streamer,
modem-manager, modsecurity2, mosquitto, mpv, mupdf, ncmpc, ncurses,
net-tools, network-manager, nginx-modsecurity, ntp, oniguruma, openblas,
parted, passt, php, python-asgiref, python-cython, python-dbus-fast,
python-dotenv, python-fastapi, python-future, python-glslang,
python-msgpack, python-multipart, python-remi, python-setuptools,
python-typing-extensions, qpid-proton, rapidjson, rauc-hawkbit-updater,
rtl8188eu, rtl8723bu, rtl8723ds, rtl8821au, rust, sdl2, shadowsocks-libev,
shairport-sync, sox, sqlite, squashfs, sudo, systemd, systemd, tailscale,
tor, uclibc, ustream-ssl, watchdog, webkitgtk, wpebackend-fdo, xen
Removed package: libebur128, libolm, libwebsock
Infrastructure updates / fixes:
- python-glslang is now a host package only
- Makefile unexports are now fixed and sorted
- hide gcc version for unsupported CPUs
- check-package: handle missing files
- test-pkg: stop on sigint
- toolchain/toolchain-wrapper.c:
- correct CCACHE_BASEDIR comment
- slightly simplify cmdline copying
- get rid of EXCLUSIVE_ARGS
- erofs: reword "all-fragments" Kconfig text
- utils/update-rust: fix MIT hash
Test improvements:
- add new test for nginx-modsecurity
- new runtime test for gumbo-parser
- add a crun-based runtime test for docker-compose
- test_xen: add a base class
- test_xen: test on 32-bit Arm v7
- test_xen: rename TestXen to TestXenAarch64
Boards updated / fixed:
- globalscale_espressobin: update linux
- freescale/mxs: fix Linux booting
- ti_am62x_sk: bump Linux version
- beaglebone: bump Linux to 6.12.23-ti-arm32-r11
2025.05, released June 9th, 2025
Various fixes.
Updated/fixed packages: armadillo, busybox, dhcpcd, dovecot,
easyframes, exim, ghostscript, go, gst1-plugins-bad, iputils,
jq, libcurl, libftdi1, libglib2, lm-sensors,
mender-update-modules, mesa3d, mongoose, mpd, ninja, podman,
python-django, python-gobject, qoriq-mc-utils, qt5declarative,
qt5webengine, qt5webengine-chromium, qt6base, qt6tools, redis,
rtl8723ds, spirv-llvm-translator, unzip, yasm
2025.05-rc2, released May 28th, 2025
Fixes all over the tree.
Defconfigs: imx8mn-bsh-smm-s2: Unbreak boot after move to
U-Boot 2025.04.
Updated/fixed packages: assimp, atkmm, atkmm2_28, binutils,
casync-nano, esp-hosted, gmrender-resurrect, gtkmm3, kmsxx,
libcamera, libglade, linux, lzo, python-click, python-django,
python-flask-restx, python-pydantic, python-pydantic-core,
python-referencing, python-tornado, sane-airscan, systemd,
uacme, uuu
2025.05-rc1, released May 19th, 2025
Fixes all over the tree and package updates.
Download:
- Rust updated to version 1.86.0, which has slightly changed
the cargo fetching behaviour, so the generated tarballs now
use a -cargo4 suffix to reflect that.
- Subversion download logic is now reproducible with non-US
locales
- Sources can now be fetched from a smb:// location (using
curl).
Dependencies:
- AWK is now required on the build host.
Toolchains:
- Bootlin ARMv7-A toolchains are now also available for
ARMv8-A CPUs in 32bit mode
Misc:
- /etc/resolv.conf symlink now points to /run rather than /tmp
- support/scripts/pkg-stats can now report stale CVE entries,
E.G. entries in <PKG>_IGNORE_CVES that are no longer needed
after a NVD update.
New defconfigs: Engicam PX30 SOM, Freescale i.IM 91 EVK and 93
Freedom, HiFive Unmatched, Pine64 ROCKPro64 EBBR boot,
Raspberrypi 2 in 64bit mode, Sipeed LicheePi 4A
New packages: aardvark-dns, amazon-ecr-credential-helper,
casync-nano, cgroupfs-v2-mount, docker-credential-acr-env,
docker-credential-gcr, grout, lowdown, lpac,
mender-update-modules, netavark, passt, podman,
python-aniso8601, python-cachelib, python-emailproxy,
python-flask-caching, python-flask-restx, python-mypy,
python-pyproj, python-simple-pid, python-smbus2,
python-types-psutil, python-types-setuptools,
python-typing-inspection, python-tzlocal,
qoriq-ddr-phy-binary, qoriq-firmware-inphi, qoriq-mc-binary,
qoriq-mc-utils, sane-airscan, sipeed-lpi4abin, ufs-utils,
xilinx-fpgautil
Issues resolved:
- openh264's build/ should not be removed
https://gitlab.com/buildroot.org/buildroot/-/issues/64
- package/dbus: incorrect session bus configuration file..
https://gitlab.com/buildroot.org/buildroot/-/issues/67
- Update pkcs11-tool to v1.9.1
https://gitlab.com/buildroot.org/buildroot/-/issues/109
- netsnmp: unexpected header length in /proc/net/snmp...
https://gitlab.com/buildroot.org/buildroot/-/issues/110
2025.02.5, released August 11, 2025
Important / security related fixes:
- Bump mbedtls to version 3.6.4, this affect many packages depending on it.
Also fixes CVE-2025-47917, CVE-2025-48965, CVE-2025-49087,
CVE-2025-49600, CVE-2025-49601, CVE-2025-52496, CVE-2025-52497
- samba4: support Windows security hardening
- apache: CVE-2025-53020, CVE-2025-49812, CVE-2025-49630, CVE-2025-23048,
CVE-2024-47252, CVE-2024-43394, CVE-2024-43204, CVE-2024-42516,
CVE-2025-54090
- assimp: CVE-2025-2750, CVE-2025-2751, CVE-2025-2757, CVE-2025-3158
- clamav: CVE-2025-20260
- edk2: CVE-2024-38805
- git: CVE-2025-27613, CVE-2025-27614, CVE-2025-46835, CVE-2025-48384,
CVE-2025-48385, CVE-2025-48386
- jose: CVE-2023-50967
- libarchive: CVE-2025-5914, CVE-2025-5915, CVE-2025-5916, CVE-2025-5917,
CVE-2025-5918
- libavif: CVE-2025-48174, CVE-2025-48175
- libblockdev: CVE-2025-6019
- libbpf: CVE-2025-29481
- libheif: CVE-2025-43966, CVE-2025-43967
- libhtp: CVE-2024-45797
- libsoup: CVE-2024-52530, CVE-2024-52531, CVE-2024-52532, CVE-2025-2784,
CVE-2025-4476, CVE-2025-4948, CVE-2025-4969, CVE-2025-32050,
CVE-2025-32052, CVE-2025-32053, CVE-2025-32906, CVE-2025-32910,
CVE-2025-32911, CVE-2025-32912, CVE-2025-32913, CVE-2025-32914,
CVE-2025-46420, CVE-2025-46421
- libxml2: CVE-2025-6021, CVE-2025-6170, CVE-2025-49794, CVE-2025-49796,
CVE-2025-49795
- micropython: CVE-2024-8947
- modsecurity2: CVE-2025-47947, CVE-2025-48866
- orc: CVE-2024-40897
- php: CVE-2025-1735, CVE-2025-6491, CVE-2025-1220
- python-aiohttp: CVE-2025-53643
- python-starlette: CVE-2025-54121
- python-urllib3: CVE-2025-50181, CVE-2025-50182
- python3: CVE-2024-12718, CVE-2025-4138, CVE-2025-4330, CVE-2025-4435,
CVE-2025-4517
- redis: CVE-2025-32023, CVE-2025-48367
- shim: CVE-2024-2312
- sngrep: CVE-2024-3119, CVE-2024-3120
- sudo: CVE-2025-32462, CVE-2025-32463
- tcpreplay: CVE-2023-4256, CVE-2023-43279, CVE-2024-22654
- tinyxml: CVE-2023-34194
- wpewebkit: CVE-2024-27856, CVE-2024-40866, CVE-2024-44185,
CVE-2024-44187, CVE-2024-44192, CVE-2024-44244, CVE-2024-44296,
CVE-2024-44308, CVE-2024-44309, CVE-2024-54467, CVE-2024-54479,
CVE-2024-54502, CVE-2024-54505, CVE-2024-54508, CVE-2024-54534,
CVE-2024-54543, CVE-2024-54551, CVE-2024-54658, CVE-2025-24143,
CVE-2025-24150, CVE-2025-24158, CVE-2025-24162, CVE-2025-24201,
CVE-2025-24208, CVE-2025-24209, CVE-2025-24213, CVE-2025-24216,
CVE-2025-24223, CVE-2025-24264, CVE-2025-30427, CVE-2025-31204,
CVE-2025-31205, CVE-2025-31206, CVE-2025-31215, CVE-2025-31257
- xorg-server / xwayland: CVE-2025-49175, CVE-2025-49176, CVE-2025-49177,
CVE-2025-49178, CVE-2025-49179, CVE-2025-49180
Updated / fixed packages: avrdude, berkeleydb, binutils, bmx7, boot/shim,
boot/syslinux, ca-certificates, chartjs, cifs-utils, cpp-httplib, cpulimit,
daq, elfutils, eudev, fwupd, gcc, gnuplot, gstreamer1-editing-services,
gumbo-parser, gvfs, haproxy, hddtemp, kvmtool, libargtable, libcddb,
libconfuse, libcrossguid, libcurl, libesmtp, libgcrypt, libiec61850,
libmanette, libmicrohttpd, libmpeg2, libndp, libopenssl, libp11, libssh2,
libuhttpd, libva, linux, linux-tools (rtla), lrzsz, ltp-testsuite, lua,
modem-manager, modsecurity2, mosquitto, mpv, mupdf, ncmpc, net-tools,
network-manager, nginx-modsecurity, ntp, oniguruma, openblas, orc, parted,
python-asgiref, python-cython, python-dbus-fast, python-fastapi,
python-future, python-msgpack, python-multipart, python-remi,
python-setuptools, qpid-proton, rauc-hawkbit-updater, rtl8188eu, rtl8723bu,
rtl8723ds, rtl8821au, rust, shadowsock-libev, shairport-sync, sox, sqlite,
squashfs, systemd, tailscale, tor, uclibc, ustream-ssl, watchdog,
webkitgtk, xen
Removed package: libolm, libwebsock
Infrastructure updates / fixes:
- python-glslang is now a host package only
- Makefile unexports are now fixed and sorted
- Hide GCC versions for unsupported CPUs
- check-package: handle missing files
- test-pkg: stop on sigint
- check-host-cmake.mk: set host-cmake max version
- toolchain/toolchain-wrapper.c:
- correct CCACHE_BASEDIR comment
- slightly simplify cmdline copying
- get rid of EXCLUSIVE_ARGS
Test improvements:
- nginx-modsecurity: new test
- gumbo-parser: new runtime test
- add a crun-based runtime test for docker-compose
- test_xen: add a base class
- test_xen: test on 32-bit Arm v7
- test_xen: rename TestXen to TestXenAarch64
Boards updated / fixed:
- globalscale_espressobin: update linux
- freescale/mxs: fix linux booting
- ti_am62x_sk: bump Linux version
- raspberrypi5: fix failing build because of missing in-kernel dts
2025.02.4, released June 23th, 2025
Important / security related fixes:
- assimp: CVE-2025-3015, CVE-2025-3016
- binutils: CVE-2025-3198
- connman: CVE-2025-32366, CVE-2025-32743
- go: CVE-2025-0913, CVE-2025-4673, CVE-2025-22874
- iputils: CVE-2025-47268, CVE-2025-48964
- jq: CVE-2024-23337, CVE-2025-48060, CVE-2024-53427
- libcurl: CVE-2025-4947, CVE-2025-5025, CVE-2025-5399
- net-tools: CVE-2025-46836
- nodejs: CVE-2025-23165, CVE-2025-23166
- openvmtools: CVE-2025-22247
- python-django: CVE-2025-48432
- python-requests: CVE-2024-47081
- python-tornado: CVE-2025-47287
- redis: CVE-2025-21605, CVE-2025-27151
- samba4: CVE-2025-0620
- sox: CVE-2021-23159, CVE-2021-23172, CVE-2021-23210, CVE-2021-3643,
CVE-2021-40426, CVE-2022-31650, CVE-2022-31651, CVE-2023-26590,
CVE-2023-32627, CVE-2023-34318
- webkitgtk: CVE-2025-24223, CVE-2025-31204, CVE-2025-31205,
CVE-2025-31206, CVE-2025-31215, CVE-2025-31257
Updated / fixed packages: alsa-utils, atkmm, atmm2_28, audit,
bluez5_utils, busybox, catch2, connman, dbus-glib, dlib, dovecot,
esp-hosted, execline, firmware-ele-imx, flex, fluent-bit, freescale-imx,
ghostscript, gmrender-resurrect, grub2, gst1-plugins-bad, gtkmm3, iputils,
kmsxx, libcamera, libcurl, libglade, libical, libuv, llvm-project,
lm-sensors, m4, mesa3d, mongoose, openvmtools, php, protobuf-c,
python-django, python-fastapi, python-flit-core, python-jc,
python-requests, python-uvicorn, qt5 (declarative, webengine,
webengine-chromium), qt6 (base, multimedia, tools), rpm, samba4, spdlog,
systemd, uacme, uboot-tools, yasm
Removed package: libebur128
Infrastructure updates / fixes:
- pkg-cmake now forces CMake>=3.5
- pkg-meson now uses a dedicated buildroot build directory
see https://gitlab.com/buildroot.org/buildroot/-/issues/64
- include defconfigs in sub-directories in make list-defconfigs
- new manual section about private repositories
- pkg-autotools: handle libtool 2.5.x
- pkg-cmake: force check_language(CXX) to be false when building w/o C++
- pkg-stats: add support for reporting stale CVE entries
- add basic support for package file download over smb
- toolchain/wrapper: check unsafe paths earlier
- test_flutter: drop unneeded vga/vnc stanzas from QEMU invocation
Test improvements
- new python-pydantic runtime tests
- new dieharder runtime test
- test_xen: fix runtime test
- test_timezone: fix test by setting a fixed time
- new tree runtime test
Boards fixes
- imx6ulz-bsh-smm-m2: fix missing U-Boot
- freescale: fix cpu name in i.MX9 boards
- imx8mn-bsh-smm-s2: erase the entire NAND chip
- freescale_t1040d4rdb: fix kernel build
In addition, thanks to the new stale CVE reporting, reported
vulnerabilities have been fixed for the following packages:
busybox, dnsmasq, dovecot, exim, exim, freeradius-server, grub2,
libopenh264, libssh, netsnmp, ninja, qt5base, ripgrep, sox, tinyxml
2025.02.3, released May 19th, 2025
Build issues and other problems solved for packages:
libcap
2025.02.2, released May 18th, 2025
Important / security related fixes:
- openvpn: CVE-2025-2704
- ghostscript: CVE-2025-27830, CVE-2025-27831, CVE-2025-27832,
CVE-2025-27833, CVE-2025-27834, CVE-2025-27835,
CVE-2025-27836, CVE-2025-27837,
- libfcgi: CVE-2025-23016
- perl: CVE-2024-56406
- mosquitto: CVE-2023-28366
- c-ares: CVE-2025-31498
- graphicsmagick: CVE-2025-32460, CVE-2025-27795
- libxml2: CVE-2025-32414, CVE-2025-32415
- wireshark: CVE-2025-1492
- yam: CVE-2021-33454
- sqlite: CVE-2025-29087
- xz: CVE-2025-31115
- python-django: CVE-2025-32873
- libraw: CVE-2025-43961, CVE-2025-43962, CVE-2025-43963,
CVE-2025-43964
- dropbear: CVE-2025-47203
- intel-microcode: CVE-2025-24495, CVE-2024-28956, CVE-2024-43420,
CVE-2025-20103
- openssh: CVE-2025-32728
- screen: CVE-2025-23395, CVE-2025-46802, CVE-2025-46803,
CVE-2025-46804, CVE-2025-46805
- python-flask: CVE-2025-47278
- python-h11: CVE-2025-43859
- postgresql: CVE-2025-4207
Updated / fixed packages: sysklogd, libfcgi, double-conversion,
igh-ethercat, c-periphery, socat, lua-periphery, fluent-bit,
samba4, ca-certificates, dbus-cxx, atkmm2_28, pangomm2_46,
cairomm1_14, glibmm2_66, gtkmm3, file, opencsd, libopenmpt,
fwts, libtracefs, iproute2, ripgrep, bat, dust, trace-cmd,
libubootenv, micropython, python-cryptography, dnsmasq,
wireless-regdb, python-setuptools, libuci, libubox, ubus, waf,
armadillo, ncftp, expat, libxml2, wireshark, hiredis, zfs,
sunxi-mali-utgard-driver, ruby, mtools, hwdata, traceroute,
zic, tzdata, jo, gdb, tpm2-pkcs11, nss-pam-ldapd, ghostscript,
dropbear, intel-microcode, screen, python-flask, python-h11,
mariadb, ffmpeg, postgresql
Test Improvements:
- test_edk2: add a few build tests
- weston: fix the weston shutdown test
- lighttpd: runtime test
- openocd: runtime test
- hyperfine: runtime test
- python-urllib3: runtime test
- test_edk2: add macchiatobin build test
- bat: runtime test
- dust: runtime test
Infrastructure updates / fixes:
- libopenh264: ignore CVE-2025-27091
- edk2: drop dependency on tf-a for macchiatobin
- vim: extend comment about vi symlink
- board/raspberrypi/readme.txt: various improvements
- raspberrypi5: install Raspberry Pi 500 device-tree blob
- gen-bootlin-toolchains: allows armv8-a CPU to use armv7-a toolchains
- libsigrokdecode: needs python3 w/ zlib support
- dejavu: update homepage
- pulseview: fix, update, and reorganise dependencies
- boost: move host variables closer together
- boost: move target library selection variables closer together
- support/download/git: use FOO_DL_OPTS
- stm32mp135f_dk: fix optee hash
- libcamera: various fixes
- apparmor don't reference libapparmor variables
- rpi-firmware: add note to keep in sync with kernel
- python-sdbus: fix upstream url
- qt5webengine: drop unused file
- warp7: Improve Wifi instructions
- cryptopp: add upstream URL in help text
- dpdk: fixup Config.in comment about dependencies
- ffmpeg: add support for libopenmpt
- pkg-stats: fix typo in --disable help text
- imx28evk: enable BR2_DOWNLOAD_FORCE_CHECK_HASHES
- friendlyarm_nanopi_r3s: fix host linux headers custom version
- support/dependencies/dependencies.sh: awk is needed by Buildroot
- Config.in: introduce BR2_HOST_GCC_AT_LEAST_{12..15}
- dbus: set session-socket-dir to /tmp
- fs/erofs: unbreak custom compression handling
- nodejs: make target nodejs package virtual
- mpd: update CPE/CVE information
- Various fix for GCC15 host
Build issues and other problems solved for packages:
sqlite, pahole, libv4l, arm-trusted-firmware, libopenmpt, iptables,
tailscale, wilc-driver, rtl8188eu, rtl8723ds, lmbench, fluent-bit,
mosquitto, iproutes2, pixman, linux-tools, libcoap, libcamera,
strongswan, mpv, hiredis, zfs, bird, netsnmp, libcap, musepack,
ffmpeg, libqrencode
2025.02.1, released April 22nd, 2025
Changes with potentially large impact:
- gstreamer1 and related packages: updated from 1.22.x to 1.24.x.
1.22.x was already EOL when Buildroot 2025.02 was released, so
GStreamer should really already have been udpated to 1.24.x.
This update was needed to fix a lot of vulnerabilities.
- frr: updated from 9.1.3 to 10.3. Version 9 is no longer
maintained upstream, and not in any distro either. This update
was needed to fix a vulernability.
Important / security related fixes:
- libmodsecurity: CVE-2025-27110.
- tinyxml2: CVE-2024-50615.
- xserver_xorg-server & xwayland: CVE-2024-9632, CVE-2025-26594,
CVE-2025-26595, CVE-2025-26596, CVE-2025-26597, CVE-2025-26598,
CVE-2025-26599, CVE-2025-26600, CVE-2025-26601.
- exim: CVE-2025-30232.
- mbedtls: CVE-2025-27809, CVE-2025-27810.
- libfreeglut: CVE-2024-24258, CVE-2024-24259.
- libopenh264: CVE-2025-27091.
- gstreamer1: CVE-2024-47834, CVE-2024-47835, CVE-2024-47778,
CVE-2024-47777 CVE-2024-47776, CVE-2024-47775, CVE-2024-47774,
CVE-2024-47615, CVE-2024-47613, CVE-2024-47607, CVE-2024-47606,
CVE-2024-47603, CVE-2024-47602, CVE-2024-47601, CVE-2024-47600,
CVE-2024-47599, CVE-2024-47598, CVE-2024-47597, CVE-2024-47596,
CVE-2024-47546, CVE-2024-47545, CVE-2024-47544, CVE-2024-47543,
CVE-2024-47542, CVE-2024-47541, CVE-2024-47540, CVE-2024-47539,
CVE-2024-47538, CVE-2024-47537.
- augeas: CVE-2025-2588.
- libndp: CVE-2024-5564.
- python-jinja2: CVE-2025-27516.
- python-django: CVE-2025-26699.
- libarchive: CVE-2024-57970, CVE-2025-1632.
- frr: CVE-2024-55553.
Updated / fixed packages: libmodsecurity, intel-mediadriver,
intel-vpl-gpu-rt, python-aerich, python-aiohttp, python-maturin,
python-tortoise-orm, python-sqlalchemy, kodi-pvr-waipu, tor, mc,
tinyxml2, libgeos, intel-vpl-gpu-rt, intel-mediadriver, ruby,
ncftp, xserver_xorg-server, exim, mbedtls, gdb, freerdp, uclibc,
libsoup3, cairo, zabbix, armadillo, spdlog, go, linux, linux-tools,
gstreamer, linux-header, ethtool, apr, mali-driver, libcoap, libcap
python-fastapi, python-twisted.
Test Improvements:
- linux-tools: selftests: Add path containing BPF binary.
- testing: make time setting portable.
- testing: set date in emulated machine.
- testing: add git runtime test.
- test_gstreamer1: fix test by using bootlin toolchain.
Infrastructure updates/fixes:
- kconfig: Handle backspace (^H) key.
- xilinx-embeddedsw: fix menuconfig visualization.
- DEVELOPERS: change arnout's address.
- support/download/svn: use 'svn info' whith LC_ALL=C
- glibc: disable on RISC-V ilp32f and lp64f, not supported.
- dillo: Fix an issue related to _SITE url for make show-info.
- pkg-stats: add -v/--verbose option
Build issues/problems solved for packages:
dillo, freerdp, freeswitch, gdb, glibc, linux-tools,
mesa3d-demos, ncftp, tesseract-ocr,
v4l2loopback, zabbix
2025.02, released March 17th, 2025
Various fixes.
@@ -77,6 +728,63 @@
- samba4 build failed in master
https://gitlab.com/buildroot.org/buildroot/-/issues/86
2024.11.4, released April 22nd, 2025
Important / security related fixes:
- xserver_xorg-server & xwayland: CVE-2024-9632, CVE-2025-26594,
CVE-2025-26595, CVE-2025-26596, CVE-2025-26597, CVE-2025-26598
CVE-2025-26599, CVE-2025-26600, CVE-2025-26601.
- exim: CVE-2025-30232.
- mbedtls: CVE-2025-27809, CVE-2025-27810.
- augeas: CVE-2025-2588.
- libarchive: CVE-2024-57970, CVE-2025-1632, CVE-2025-25724.
- xwayland: CVE-2024-31081, CVE-2024-31083, CVE-2024-9632,
CVE-2025-26594, CVE-2025-26595, CVE-2025-26596,
CVE-2025-26597, CVE-2025-26598, CVE-2025-26599,
CVE-2025-26600, CVE-2025-26601
- libopenh264: CVE-2025-27091.
- libmodsecurity: CVE-2025-27110.
- tinyxml2: CVE-2024-50615.
Updated/fixed packages:
libgeos, freerdp, libsoup3, cairo, linux, apr, mali-driver,
libcoap, python-fastapi, python-twisted, tor, mc, linux-header,
linux-tools.
Test Improvements:
- linux-tools: selftests: Add path containing BPF binary.
- testing: add git runtime test.
Infrastructure updates/fixes:
- DEVELOPERS: change arnout's address.
- DEVELOPERS: add Dario Binacchi for ti-k3-boot-firmware.
- support/download/svn: use 'svn info' whith LC_ALL=C**.
- dillo: Fix an issue related to _SITE url for make show-info.
- kconfig: Handle backspace (^H) key.
- pkg-stats: add -v/--verbose option
Build issues/problems solved for:
freeswitch, glibc, v4l2loopback, ls1028ardb, ls1028ardb,
mesa3d-demos.
2024.11.3, released March 24st, 2025
Important / security related fixes.
Defconfigs: Octavo osd23mp1: Fix TF-A/Linux compilation after
move to newer toolchain versions.
Updated/fixed packages: compiler-rt, exim, expat, fio, foot,
go, jbig2dec, libcamera, libjxl, libopenssl, libxml2, mokutil,
musl, optee-os, php, pkgconf, postgresql, prboom,
python-typing-extensions, rauc, systemd, util-linux,
watchdogd, webkitgtk
2024.11.2, released February 21st, 2025
Important / security related fixes.
@@ -623,6 +1331,62 @@
#16036: android-tools version is too old
#16075: Cannot use linux kernel extensions from external tree..
2024.02.13, released April 22nd, 2025
Important / security related fixes:
- xserver_xorg-server & xwayland: CVE-2024-9632, CVE-2025-26594,
CVE-2025-26595, CVE-2025-26596, CVE-2025-26597, CVE-2025-26598,
CVE-2025-26599, CVE-2025-26600, CVE-2025-26601.
- exim: CVE-2025-30232.
- mbedtls: CVE-2025-27809, CVE-2025-27810.
- augeas: CVE-2025-2588.
- libarchive: CVE-2024-57970, CVE-2025-1632, CVE-2025-25724.
- libopenh264: CVE-2025-27091.
- libmodsecurity: CVE-2025-27110.
- tinyxml2: CVE-2024-50615.
- libndp: CVE-2024-5564.
- xwayland: CVE-2024-31080, CVE-2024-31081, CVE-2024-31083,
CVE-2024-9632, CVE-2025-26594, CVE-2025-26595,
CVE-2025-26596, CVE-2025-26597, CVE-2025-26598,
CVE-2025-26599, CVE-2025-26600, CVE-2025-26601.
- libfreeglut: CVE-2024-24258, CVE-2024-24259.
Updated/fixed packages:
libsoup3, linux, apr, mali-driver,
libcoap, python-fastapi, python-twisted, tor, linux-header,
linux-tools, libmodsecurity
Test Improvements:
- linux-tools: selftests: Add path containing BPF binary.
- testing: add git runtime test.
Infrastructure updates/fixes:
- DEVELOPERS: change arnout's address.
- DEVELOPERS: add Dario Binacchi for ti-k3-boot-firmware.
- support/download/svn: use 'svn info' whith LC_ALL=C.
- dillo: Fix an issue related to _SITE url for make show-info.
- kconfig: Handle backspace (^H) key.
- pkg-stats: add -v/--verbose option
Build issues/problems solved for:
glibc, mesa3d-demos.
2024.02.12, released March 24st, 2025
Important / security related fixes.
Defconfigs: Octavo osd23mp1: Fix TF-A/Linux compilation after
move to newer toolchain versions.
Updated/fixed packages: compiler-rt, exim, expat, fio, foot,
jbig2dec, libjxl, libxml2, musl, optee-os, php, postgresql,
prboom, python-typing-extensions, systemd, util-linux,
watchdogd, webkitgtk
2024.02.11, released February 21st, 2025
Important / security related fixes.
+20
View File
@@ -74,6 +74,26 @@ config BR2_HOST_GCC_AT_LEAST_11
default y if BR2_HOST_GCC_VERSION = "11"
select BR2_HOST_GCC_AT_LEAST_10
config BR2_HOST_GCC_AT_LEAST_12
bool
default y if BR2_HOST_GCC_VERSION = "12"
select BR2_HOST_GCC_AT_LEAST_11
config BR2_HOST_GCC_AT_LEAST_13
bool
default y if BR2_HOST_GCC_VERSION = "13"
select BR2_HOST_GCC_AT_LEAST_12
config BR2_HOST_GCC_AT_LEAST_14
bool
default y if BR2_HOST_GCC_VERSION = "14"
select BR2_HOST_GCC_AT_LEAST_13
config BR2_HOST_GCC_AT_LEAST_15
bool
default y if BR2_HOST_GCC_VERSION = "15"
select BR2_HOST_GCC_AT_LEAST_14
# When adding new entries above, be sure to update
# the HOSTCC_MAX_VERSION variable in the Makefile.
+139
View File
@@ -144,6 +144,145 @@ endif
###############################################################################
comment "Legacy options removed in 2025.08"
config BR2_PACKAGE_NETSTAT_NAT
bool "netstat-nat has been removed"
select BR2_LEGACY
help
The upstream URL is gone and netstat-nat has been removed
from Buildroot.
config BR2_PACKAGE_LIGHTTPD_LIBEV
bool "lighttpd removed libev support"
select BR2_LEGACY
help
Lighttpd 1.4.80 removed optional libev support.
config BR2_PACKAGE_LIBSVGTINY
bool "libsvgtiny has been removed"
select BR2_LEGACY
help
Libsvgtiny has been removed from Buildroot.
config BR2_PACKAGE_THTTPD
bool "thttpd has been removed"
select BR2_LEGACY
help
thttpd is no longer maintained actively by upstream and has
been removed from Buildroot.
config BR2_KERNEL_HEADERS_6_15
bool "kernel headers version 6.15.x are no longer supported"
select BR2_LEGACY
help
Version 6.15.x of the Linux kernel headers are no longer
maintained upstream and are now removed.
config BR2_PACKAGE_LIBCURL_BEARSSL
bool "libcurl removed BearSSL support"
select BR2_LEGACY
help
Libcurl removed optional BearSSL support.
config BR2_PACKAGE_LIBOLM
bool "libolm has been removed"
select BR2_LEGACY
help
libolm is deprecated and has been removed from Buildroot.
https://gitlab.matrix.org/matrix-org/olm#important-libolm-is-now-deprecated
config BR2_PACKAGE_LIBWEBSOCK
bool "libwebsock has been removed"
select BR2_LEGACY
help
The upstream Github repository payden/libwebsock is no
longer available, and has been removed from Buildroot.
config BR2_TARGET_EDK2_PLATFORM_SOCIONEXT_DEVELOPERBOX
bool "EDK2 Socionext DeveloperBox support has been removed"
select BR2_LEGACY
help
The Socionext DeveloperBox support has been removed upstream
in EDK2 version edk2-stable202505.
config BR2_PACKAGE_LIBEBUR128
bool "libebur128 has been removed"
select BR2_LEGACY
help
The libebur128 package has been removed from Buildroot.
config BR2_KERNEL_HEADERS_6_14
bool "kernel headers version 6.14.x are no longer supported"
select BR2_LEGACY
help
Version 6.14.x of the Linux kernel headers are no longer
maintained upstream and are now removed.
config BR2_PACKAGE_GPSD_OCEANSERVER
bool "gpsd OceanServer removed upstream"
select BR2_LEGACY
help
Support for OceanServer has been removed upstream in gpsd
v3.26.
config BR2_PACKAGE_MESA3D_OSMESA_GALLIUM
bool "mesa3d OSMesa (Gallium) library support removed"
select BR2_LEGACY
help
Mesa3d removed the OSMesa (Off-Screen) interface library.
config BR2_PACKAGE_ALSA_LIB_ALISP
bool "alsa-lib alisp support removed"
select BR2_LEGACY
help
Support for alisp was removed from alsa-lib v1.12.14.
comment "Legacy options removed in 2025.05"
config BR2_GCC_VERSION_12_X
bool "gcc 12.x support removed"
select BR2_LEGACY
help
Support for building a toolchain based on GCC 12.x has been
removed, chose a newer GCC version instead.
config BR2_PACKAGE_MESA3D_GALLIUM_DRIVER_SWRAST
bool "mesa Gallium swrast driver was replaced by softpipe"
select BR2_LEGACY
select BR2_PACKAGE_MESA3D_GALLIUM_DRIVER_SOFTPIPE
help
The Gallium swrast driver was replaced by softpipe.
config BR2_PACKAGE_MBEDTLS_COMPRESSION
bool "mbedtls compression support removed"
select BR2_LEGACY
help
MbedTLS has dropped support for TLS record-level
compression.
config BR2_KERNEL_HEADERS_6_13
bool "kernel headers version 6.13.x are no longer supported"
select BR2_LEGACY
help
Version 6.13.x of the Linux kernel headers are no longer
maintained upstream and are now removed.
config BR2_PACKAGE_MPD_SOUNDCLOUD
bool "mpd soundcloud support has been removed"
select BR2_LEGACY
help
MPD SoundCloud support has been removed.
# BR2_PACKAGE_DOCKER_ENGINE_DOCKER_INIT is still referenced in docker-engine
config BR2_PACKAGE_DOCKER_ENGINE_DOCKER_INIT
bool "docker-engine init support is now a choice"
select BR2_LEGACY
help
docker-engine init support is now a choice. The original
setting has been adapted; be sure to review it in the
docker-engine package.
comment "Legacy options removed in 2025.02"
config BR2_PACKAGE_SQLITE_ENABLE_JSON1
+101 -73
View File
@@ -43,6 +43,7 @@ F: package/flutter-pi/
F: package/flutter-sdk-bin/
F: package/ivi-homescreen/
F: package/libutempter/
F: package/mender-update-modules/
F: package/tllist/
F: support/testing/tests/package/test_flutter.py
@@ -99,8 +100,6 @@ F: package/libzenoh-pico/
F: package/network-manager-openvpn/
N: Alex Suykov <alex.suykov@gmail.com>
F: board/chromebook/snow/
F: configs/chromebook_snow_defconfig
F: package/vboot-utils/
N: Alexander Clouter <alex+buildroot@digriz.org.uk>
@@ -131,10 +130,6 @@ F: package/openpgm/
N: Aleksandr Makarov <aleksandr.o.makarov@gmail.com>
F: package/libest/
N: Alexander Mukhin <alexander.i.mukhin@gmail.com>
F: package/tinyproxy/
F: package/zfs/
N: Alexander Sverdlin <alexander.sverdlin@gmail.com>
F: package/mini-snmpd/
@@ -190,7 +185,7 @@ F: package/pkg-qmake.mk
F: package/qt5/qt5opcua/
F: package/qt6/qt6opcua/
N: Andreas Ziegler <br015@umbiko.net>
N: Andreas Ziegler <br025@umbiko.net>
F: package/mpd/
N: Andrey Smirnov <andrew.smirnov@gmail.com>
@@ -278,7 +273,7 @@ F: package/espeak/
N: Arno Messiaen <arnomessiaen@gmail.com>
F: package/python-aiohttp-sse-client/
N: Arnout Vandecappelle <arnout@mind.be>
N: Arnout Vandecappelle <arnout@rnout.be>
F: package/arp-scan/
F: package/dehydrated/
F: package/dracut/
@@ -415,7 +410,6 @@ F: package/libdvbcsa/
F: package/libdvdcss/
F: package/libdvdnav/
F: package/libdvdread/
F: package/libebur128/
F: package/libfreeglut/
F: package/libfribidi/
F: package/libg7221/
@@ -494,6 +488,7 @@ F: package/privoxy/
F: package/pure-ftpd/
F: package/python-couchdb/
F: package/python-cssutils/
F: package/python-emailproxy/
F: package/python-glslang/
F: package/python-mako/
F: package/python-mwclient/
@@ -704,10 +699,6 @@ F: package/libsemanage/
F: package/libsepol/
F: package/policycoreutils/
N: Clément Péron <peron.clem@gmail.com>
F: board/beelink/gs1/
F: configs/beelink_gs1_defconfig
N: Colin Foster <colin.foster@in-advantage.com>
F: package/python-tftpy/
F: package/rauc-hawkbit-updater/
@@ -727,6 +718,15 @@ F: configs/odroidc2_defconfig
F: package/meson-tools/
F: package/odroidc2-firmware/
N: Daniel Crowe <daniel.crowe@maxmine.com.au>
F: package/python-aniso8601/
F: package/python-cachelib/
F: package/python-flask-caching/
F: package/python-flask-restx/
F: package/python-pyproj/
F: support/testing/tests/package/sample_python_pyproj.py
F: support/testing/tests/package/test_python_pyproj.py
N: Daniel J. Leach <dleach@belcan.com>
F: package/dacapo/
@@ -776,8 +776,6 @@ N: Daniel Sangue <daniel.sangue@sangue.ch>
F: package/libftdi1/
N: Danilo Bargen <mail@dbrgn.ch>
F: board/pcengines/apu2/
F: configs/pcengines_apu2_defconfig
F: package/tealdeer/
N: Danomi Manchego <danomimanchego123@gmail.com>
@@ -793,6 +791,7 @@ N: Dario Binacchi <dario.binacchi@amarulasolutions.com>
F: board/bsh/
F: board/stmicroelectronics/stm32f746-disco/
F: board/stmicroelectronics/stm32f769-disco/
F: boot/ti-k3-boot-firmware/
F: configs/imx6ulz_bsh_smm_m2_defconfig
F: configs/imx8mn_bsh_smm_s2_defconfig
F: configs/imx8mn_bsh_smm_s2_pro_defconfig
@@ -802,8 +801,11 @@ F: package/aespipe/
F: package/armadillo/
F: package/babeld/
F: package/iana-assignments/
F: package/inih/
F: package/pocketpy/
F: package/sscep/
F: package/tinyinit/
F: package/ufs-utils/
F: package/uuu/
N: Dario Binacchi <dariobin@libero.it>
@@ -901,6 +903,11 @@ F: configs/acmesystems_acqua_a5_512mb_defconfig
N: Eero Aaltonen <eero.aaltonen@vaisala.com>
F: package/docopt-cpp/
N: El Mehdi YOUNES <elmehdi.younes@smile.fr>
F: package/opencl-headers/
F: package/opencl-icd-loader/
F: support/testing/tests/package/test_mesa3d.py
N: Eloi Bail <eloi.bail@savoirfairelinux.com>
F: package/bayer2rgb-neon/
F: package/gstreamer1/gst1-plugins-bayer2rgb-neon/
@@ -994,9 +1001,6 @@ F: package/atest/
F: package/crucible/
F: package/kmscube/
N: Fabio Porcedda <fabio.porcedda@gmail.com>
F: package/netsurf-buildsystem/
N: Fabio Urquiza <fabiorush@gmail.com>
F: package/bitcoin/
@@ -1105,11 +1109,10 @@ N: Fiona Klute <fiona.klute@gmx.de>
F: package/*/S*
F: package/panel-mipi-dbi-firmware/
F: package/python-aiomqtt/
F: package/python-dunamai/
F: package/python-poetry-dynamic-versioning/
F: package/python-pyasynchat/
F: package/python-pyasyncore/
F: support/testing/tests/package/sample_python_networkmanager_goi.py
F: support/testing/tests/package/test_nftables.py
F: support/testing/tests/package/test_python_networkmanager_goi.py
N: Flávio Tapajós <flavio.tapajos@newtesc.com.br>
@@ -1122,6 +1125,9 @@ F: package/rsyslog/
N: Florian Fainelli <f.fainelli@gmail.com>
F: package/cpulimit/
N: Florian Larysch <fl@n621.de>
F: package/casync-nano/
N: Floris Bos <bos@je-eigen-domein.nl>
F: package/ipmitool/
F: package/odhcploc/
@@ -1251,7 +1257,6 @@ F: package/httping/
F: package/iozone/
F: package/leptonica/
F: package/libeXosip2/
F: package/libolm/
F: package/libosip2/
F: package/ocrad/
F: package/opencl-clhpp/
@@ -1287,6 +1292,7 @@ F: package/gcc/
F: package/harfbuzz/
F: package/libblockdev/
F: package/libfuse3/
F: package/liblo/
F: package/libnspr/
F: package/libnss/
F: package/libnvme/
@@ -1329,7 +1335,6 @@ F: package/gengetopt/
F: package/janus-gateway/
F: package/libnice/
F: package/libsrtp/
F: package/libwebsock/
F: package/sofia-sip/
N: Grzegorz Blach <grzegorz@blach.pl>
@@ -1352,6 +1357,9 @@ F: package/python-rpi-ws281x/
F: package/python-wtforms/
F: package/rpi-rgb-led-matrix/
N: Guillaume Chaye <guillaume.chaye@zeetim.com>
F: package/sane-airscan/
N: Guillaume William Brs <guillaume.bressaix@gmail.com>
F: package/libnids/
F: package/libxcrypt/
@@ -1389,10 +1397,8 @@ F: package/volk/
N: Heiko Thiery <heiko.thiery@gmail.com>
F: board/kontron/bl-imx8mm/
F: board/kontron/smarc-sal28/
F: board/kontron/pitx-imx8m/
F: configs/kontron_bl_imx8mm_defconfig
F: configs/kontron_smarc_sal28_defconfig
F: configs/kontron_pitx_imx8m_defconfig
F: package/altera-stapl/
F: package/blake3/
F: package/ipmitool/
@@ -1479,24 +1485,14 @@ F: board/bananapi/
F: board/engicam/
F: board/olimex/a33_olinuxino/
F: board/olimex/a64-olinuxino/
F: board/orangepi/orangepi-lite2/
F: board/orangepi/orangepi-one-plus
F: board/orangepi/orangepi-zero-plus2/
F: board/pine64/
F: configs/amarula_vyasa_rk3288_defconfig
F: configs/asus_tinker_rk3288_defconfig
F: configs/engicam_imx6qdl_icore_defconfig
F: configs/engicam_imx6qdl_icore_qt5_defconfig
F: configs/engicam_imx6qdl_icore_rqs_defconfig
F: configs/engicam_imx6ul_geam_defconfig
F: configs/engicam_imx6ul_isiot_defconfig
F: configs/olimex_a33_olinuxino_defconfig
F: configs/olimex_a64_olinuxino_defconfig
F: configs/orangepi_lite2_defconfig
F: configs/orangepi_one_plus_defconfig
F: configs/orangepi_zero_plus2_defconfig
F: configs/pine64_defconfig
F: configs/pine64_sopine_defconfig
F: package/python-scipy/
F: support/testing/tests/package/sample_python_scipy.py
F: support/testing/tests/package/test_python_scipy.py
@@ -1625,6 +1621,13 @@ F: package/libuhttpd/
F: package/libuwsc/
F: package/rtty/
N: Jiaxun Yang <jiaxun.yang@flygoat.com>
F: arch/Config.in.loongarch
F: board/loongarch64-efi
F: board/qemu/loongarch64-virt-efi
F: configs/loongarch64_efi_defconfig
F: configs/qemu_loongarch64_virt_efi_defconfig
N: Joachim Wiberg <troglobit@gmail.com>
F: configs/globalscale_espressobin_defconfig
F: board/globalscale/espressobin/
@@ -1634,6 +1637,7 @@ F: package/libite/
F: package/libnet/
F: package/libteam/
F: package/libuev/
F: package/lowdown/
F: package/mg/
F: package/mdnsd/
F: package/mini-snmpd/
@@ -1758,15 +1762,6 @@ F: package/unclutter-xfixes/
N: Joshua Henderson <joshua.henderson@microchip.com>
F: package/qt5/qt5wayland/
N: Jugurtha BELKALEM <jugurtha.belkalem@smile.fr>
F: package/bcc/
F: package/python-aiofiles/
F: package/python-crayons/
F: package/python-cycler/
F: package/python-matplotlib/
F: package/python-opcua-asyncio/
F: package/python-piexif/
N: Juha Rantanen <juha@codercoded.com>
F: package/acsccid/
@@ -1793,15 +1788,15 @@ F: package/qt5/
N: Julien Grossholtz <julien.grossholtz@openest.io>
F: board/raspberrypi/
F: board/technologic/ts7680/
F: configs/raspberrypizero2w_defconfig
F: configs/ts7680_defconfig
F: package/paho-mqtt-c
N: Julien Olivain <ju.o@free.fr>
F: board/freescale/imx93frdm/
F: board/qemu/riscv64-virt-efi/
F: board/spike/
F: board/technexion/imx8mmpico/
F: configs/freescale_imx93frdm_defconfig
F: configs/imx8mmpico_defconfig
F: configs/qemu_riscv64_virt_efi_defconfig
F: configs/spike_riscv32_defconfig
@@ -1878,6 +1873,7 @@ F: support/testing/tests/package/test_cryptsetup.py
F: support/testing/tests/package/test_cryptsetup/
F: support/testing/tests/package/test_ddrescue.py
F: support/testing/tests/package/test_ddrescue/
F: support/testing/tests/package/test_dieharder.py
F: support/testing/tests/package/test_dmidecode.py
F: support/testing/tests/package/test_dos2unix.py
F: support/testing/tests/package/test_dosfstools.py
@@ -1897,6 +1893,7 @@ F: support/testing/tests/package/test_fwts.py
F: support/testing/tests/package/test_gawk.py
F: support/testing/tests/package/test_ghostscript.py
F: support/testing/tests/package/test_ghostscript/
F: support/testing/tests/package/test_git.py
F: support/testing/tests/package/test_glslsandbox_player.py
F: support/testing/tests/package/test_glslsandbox_player/
F: support/testing/tests/package/test_gnupg2.py
@@ -1910,6 +1907,7 @@ F: support/testing/tests/package/test_gstreamer1.py
F: support/testing/tests/package/test_gzip.py
F: support/testing/tests/package/test_highway.py
F: support/testing/tests/package/test_hwloc.py
F: support/testing/tests/package/test_hyperfine.py
F: support/testing/tests/package/test_iozone.py
F: support/testing/tests/package/test_iperf.py
F: support/testing/tests/package/test_iperf3.py
@@ -1932,6 +1930,7 @@ F: support/testing/tests/package/test_libcamera/
F: support/testing/tests/package/test_libcurl.py
F: support/testing/tests/package/test_libgpgme.py
F: support/testing/tests/package/test_libjxl.py
F: support/testing/tests/package/test_lighttpd.py
F: support/testing/tests/package/test_links.py
F: support/testing/tests/package/test_links/
F: support/testing/tests/package/test_lrzip.py
@@ -1971,6 +1970,7 @@ F: support/testing/tests/package/test_octave.py
F: support/testing/tests/package/test_ola.py
F: support/testing/tests/package/test_ola/
F: support/testing/tests/package/test_openblas.py
F: support/testing/tests/package/test_openocd.py
F: support/testing/tests/package/test_parted.py
F: support/testing/tests/package/test_patch.py
F: support/testing/tests/package/test_patch/
@@ -2012,9 +2012,9 @@ F: support/testing/tests/package/test_tcl.py
F: support/testing/tests/package/test_tcl/
F: support/testing/tests/package/test_tcpdump.py
F: support/testing/tests/package/test_tesseract_ocr.py
F: support/testing/tests/package/test_thttpd.py
F: support/testing/tests/package/test_trace_cmd.py
F: support/testing/tests/package/test_trace_cmd/
F: support/testing/tests/package/test_tree.py
F: support/testing/tests/package/test_unbound.py
F: support/testing/tests/package/test_unbound/
F: support/testing/tests/package/test_usbip.py
@@ -2054,6 +2054,11 @@ F: package/libodb-mysql/
F: package/libqb/
F: package/usbguard/
N: Kanak Shilledar <kanakshilledar@gmail.com>
F: board/sipeed/licheepi_4a/
F: configs/sipeed_licheepi_4a_defconfig
F: package/sipeed-lpi4abin/
N: Karoly Kasza <kaszak@gmail.com>
F: package/irqbalance/
F: package/openvmtools/
@@ -2257,15 +2262,38 @@ N: Marcus Hoffmann <bubu@bubu1.eu>
F: package/nethogs/
F: package/pico-sdk/
F: package/picotool/
F: package/python-apscheduler/
F: package/python-crc/
F: package/python-django/
F: package/python-immutabledict/
F: package/python-jc/
F: package/python-log-rate-limit/
F: package/python-pydantic/
F: package/python-pydantic-core/
F: package/python-pydantic-settings/
F: package/python-ruamel-yaml-clib/
F: package/python-typing-inspection/
F: package/python-tzlocal/
F: package/python-sdbus-modemmanager/
F: package/python-waitress/
F: support/testing/tests/package/test_python_apscheduler.py
F: support/testing/tests/package/test_python_crc.py
F: support/testing/tests/package/test_python_django.py
F: support/testing/tests/package/test_python_fastapi.py
F: support/testing/tests/package/test_python_pydantic.py
F: support/testing/tests/package/test_python_pydantic_settings.py
F: support/testing/tests/package/test_python_ruamel_yaml.py
F: support/testing/tests/package/test_python_sdbus_modemmanager.py
F: support/testing/tests/package/test_python_tzlocal.py
F: support/testing/tests/package/test_python_waitress.py
F: support/testing/tests/package/sample_python_apscheduler.py
F: support/testing/tests/package/sample_python_crc.py
F: support/testing/tests/package/sample_python_django.py
F: support/testing/tests/package/sample_python_fastapi.py
F: support/testing/tests/package/sample_python_pydantic.py
F: support/testing/tests/package/sample_python_pydantic_settings.py
F: support/testing/tests/package/sample_python_ruamel_yaml.py
F: support/testing/tests/package/sample_python_sdbus_modemmanager.py
N: Marek Belisko <marek.belisko@open-nandra.com>
F: package/libatasmart/
@@ -2372,6 +2400,13 @@ F: package/libtraceevent/
F: package/libtracefs
F: package/linux-tools/linux-tool-rtla.mk.in
N: Maxime Leroy <maxime@leroys.fr>
F: package/grout/
N: Meena Murthy <meena.murthy@amarulasolutions.com>
F: board/engicam/px30core/
F: configs/engicam_px30_core_defconfig
N: Michael Durrant <mdurrant@arcturusnetworks.com>
F: board/arcturus/
F: configs/arcturus_ucp1020_defconfig
@@ -2413,10 +2448,6 @@ F: package/libavl/
F: package/rcw-smarc-sal28/
N: Michał Łyszczek <michal.lyszczek@bofc.pl>
F: board/altera/socrates_cyclone5/
F: board/pine64/rock64
F: configs/rock64_defconfig
F: configs/socrates_cyclone5_defconfig
F: package/netifrc/
F: package/openrc/
F: package/skeleton-init-openrc/
@@ -2470,15 +2501,12 @@ F: package/binutils-bare-metal/
F: package/bootgen/
F: package/gcc-bare-metal/
F: package/newlib-bare-metal/
F: package/xilinx-fpgautil/
F: toolchain/toolchain-bare-metal-buildroot/
N: Nicola Di Lieto <nicola.dilieto@gmail.com>
F: package/uacme/
N: Nicholas Sielicki <sielicki@yandex.com>
F: board/intel/galileo/
F: configs/galileo_defconfig
N: Nicolas Carrier <nicolas.carrier@orolia.com>
F: package/bmap-tools/
F: package/composer/
@@ -2522,10 +2550,6 @@ F: package/ofono/
N: Niklas Cassel <niklas.cassel@wdc.com>
F: configs/qemu_riscv64_nommu_virt_defconfig
N: Nikolay Dimitrov <nikolay.dimitrov@retrohub.org>
F: board/embest/riotboard/
F: configs/riotboard_defconfig
N: Nimai Mahajan <nimaim@gmail.com>
F: package/libucl/
@@ -2714,10 +2738,6 @@ F: package/liburcu/
N: Philippe Reynes <philippe.reynes@softathome.com>
F: package/ibm-sw-tpm2/
N: Pierre Crokaert <pct@crookies.net>
F: board/hardkernel/odroidxu4/
F: configs/odroidxu4_defconfig
N: Pierre Ducroquet <pinaraf@pinaraf.info>
F: package/kf5/
@@ -2800,12 +2820,16 @@ F: support/testing/tests/package/sample_python_rsa.py
F: support/testing/tests/package/sample_python_s3transfer.py
F: support/testing/tests/package/sample_python_sdbus.py
F: support/testing/tests/package/sample_python_sdbus_networkmanager.py
F: support/testing/tests/package/sample_python_urllib3.py
F: support/testing/tests/package/test_nginx_modsecurity/
F: support/testing/tests/package/test_nginx_modsecurity.py
F: support/testing/tests/package/test_python_jmespath.py
F: support/testing/tests/package/test_python_pymupdf.py
F: support/testing/tests/package/test_python_rsa.py
F: support/testing/tests/package/test_python_s3transfer.py
F: support/testing/tests/package/test_python_sdbus.py
F: support/testing/tests/package/test_python_sdbus_networkmanager.py
F: support/testing/tests/package/test_python_urllib3.py
N: Raphael Pavlidis <raphael.pavlidis@gmail.com>
F: package/nvidia-persistenced/
@@ -2864,11 +2888,13 @@ F: package/vnstat/
N: Romain Naour <romain.naour@gmail.com>
F: board/beagleboard/beagleboneai64/
F: board/beagleboard/beagley-ai/
F: board/qemu/
F: board/ti/am574x-idk/
F: configs/qemu_*
F: configs/am574x_idk_defconfig
F: configs/beagleboneai64_defconfig
F: configs/beagley_ai_defconfig
F: package/alure/
F: package/aubio/
F: package/bcc/
@@ -2999,8 +3025,6 @@ F: package/wpa_supplicant/
F: package/xr819-xradio/
N: Sergio Prado <sergio.prado@e-labworks.com>
F: board/toradex/apalis-imx6/
F: configs/toradex_apalis_imx6_defconfig
F: package/aoetools/
F: package/asn1c/
F: package/azure-iot-sdk-c/
@@ -3118,13 +3142,6 @@ N: Steven Noonan <steven@uplinklabs.net>
F: package/hwloc/
F: package/powertop/
N: Suniel Mahesh <sunil@amarulasolutions.com>
F: board/pine64/rockpro64
F: board/radxa/rockpi-n8
F: configs/rock_pi_n8_defconfig
F: configs/rockpro64_defconfig
F: package/arm-gnu-toolchain/
N: Sven Oliver Moll <svolli@svolli.de>
F: package/most/
@@ -3170,7 +3187,7 @@ N: Thomas Devoogdt <thomas@devoogdt.com>
F: package/fluent-bit/
F: package/libsoup3/
N: Thomas Huth <huth@tuxfamily.org>
N: Thomas Huth <th.huth+br@posteo.eu>
F: package/ascii-invaders/
F: package/kvm-unit-tests/
F: package/xorcurses/
@@ -3267,7 +3284,7 @@ F: toolchain/
N: Timo Ketola <timo.ketola@exertus.fi>
F: package/fbgrab/
N: Titouan Christophe <titouanchristophe@gmail.com>
N: Titouan Christophe <titouan.christophe@mind.be>
F: package/avro-c/
F: package/mosquitto/
F: package/python-avro/
@@ -3326,12 +3343,15 @@ F: package/utp_com/
N: Vincent Stehlé <vincent.stehle@arm.com>
F: board/arm/fvp-ebbr/
F: board/pine64/rockpro64-ebbr/
F: board/qemu/aarch64-ebbr/
F: board/qemu/arm-ebbr/
F: configs/arm_fvp_ebbr_defconfig
F: configs/qemu_aarch64_ebbr_defconfig
F: configs/qemu_arm_ebbr_defconfig
F: configs/rockpro64_ebbr_defconfig
F: package/edk2-non-osi/
F: support/testing/tests/boot/test_edk2.py
N: Vincent Stehlé <vincent.stehle@laposte.net>
F: board/arm/foundation-v8/
@@ -3356,6 +3376,12 @@ N: Vivien Didelot <vivien.didelot@gmail.com>
F: board/technologic/ts5500/
F: configs/ts5500_defconfig
N: Vladimir Oltean <olteanv@gmail.com>
F: package/qoriq-ddr-phy-binary/
F: package/qoriq-firmware-inphi/
F: package/qoriq-mc-binary/
F: package/qoriq-mc-utils/
N: Volkov Viacheslav <sv99@inbox.ru>
F: package/v4l2grab/
F: package/zbar/
@@ -3455,8 +3481,10 @@ F: package/libsocketcan/
F: package/libubox/
F: package/libuci/
F: package/libxmlb/
F: package/libxmlrpc/
F: package/linux-firmware/
F: package/linux-serial-test/
F: package/lpac/
F: package/modem-manager/
F: package/ncftp/
F: package/nftables/
+26 -23
View File
@@ -92,9 +92,9 @@ all:
.PHONY: all
# Set and export the version string
export BR2_VERSION := 2025.02
export BR2_VERSION := 2025.08
# Actual time the release is cut (for reproducible builds)
BR2_VERSION_EPOCH = 1742234000
BR2_VERSION_EPOCH = 1757278000
# Save running make version since it's clobbered by the make package
RUNNING_MAKE_VERSION := $(MAKE_VERSION)
@@ -353,7 +353,7 @@ export HOSTARCH := $(shell LC_ALL=C $(HOSTCC_NOCCACHE) -v 2>&1 | \
# When adding a new host gcc version in Config.in,
# update the HOSTCC_MAX_VERSION variable:
HOSTCC_MAX_VERSION := 11
HOSTCC_MAX_VERSION := 15
HOSTCC_VERSION := $(shell V=$$($(HOSTCC_NOCCACHE) --version | \
sed -n -r 's/^.* ([0-9]*)\.([0-9]*)\.([0-9]*)[ ]*.*/\1 \2/p'); \
@@ -407,27 +407,28 @@ ifeq ($(BR2_HAVE_DOT_CONFIG),y)
# Hide troublesome environment variables from sub processes
#
################################################################################
unexport CROSS_COMPILE
unexport AR
unexport ARCH
unexport CC
unexport LD
unexport AR
unexport CXX
unexport CPP
unexport RANLIB
unexport CFLAGS
unexport CXXFLAGS
unexport GREP_OPTIONS
unexport TAR_OPTIONS
unexport CONFIG_SITE
unexport QMAKESPEC
unexport TERMINFO
unexport CPP
unexport CROSS_COMPILE
unexport CXX
unexport CXXFLAGS
unexport DEVICE_TREE
unexport GCC_COLORS
unexport GREP_OPTIONS
unexport LD
unexport MACHINE
unexport O
unexport GCC_COLORS
unexport PLATFORM
unexport OS
unexport DEVICE_TREE
unexport PLATFORM
unexport QMAKESPEC
unexport RANLIB
unexport TAR_OPTIONS
unexport TERMINFO
unexport TOPDIR
GNU_HOST_NAME := $(shell support/gnuconfig/config.guess)
@@ -1218,17 +1219,17 @@ help:
# $(2): br2-external name, empty for bundled
define list-defconfigs
@first=true; \
for defconfig in $(1)/configs/*_defconfig; do \
for defconfig in $$([ -d $(1)/configs ] && find $(1)/configs -name '*_defconfig' |sort); do \
[ -f "$${defconfig}" ] || continue; \
if $${first}; then \
if [ "$(2)" ]; then \
printf 'External configs in "$(call qstrip,$(2))":\n'; \
printf 'External configs in "%s":\n' "$(call qstrip,$(2))"; \
else \
printf "Built-in configs:\n"; \
fi; \
first=false; \
fi; \
defconfig="$${defconfig##*/}"; \
defconfig="$${defconfig#$(1)/configs/}"; \
printf " %-35s - Build for %s\n" "$${defconfig}" "$${defconfig%_defconfig}"; \
done; \
$${first} || printf "\n"
@@ -1249,10 +1250,12 @@ release: OUT = buildroot-$(BR2_VERSION)
# documentation to the git output
release:
git archive --format=tar --prefix=$(OUT)/ HEAD > $(OUT).tar
$(MAKE) O=$(OUT) manual-html manual-text manual-pdf
SOURCE_DATE_EPOCH=$$(git log -1 --format=%at 2> /dev/null) \
$(MAKE) O=$(OUT) manual-html manual-text manual-pdf
$(MAKE) O=$(OUT) distclean
tar rf $(OUT).tar $(OUT)
gzip -9 -c < $(OUT).tar > $(OUT).tar.gz
tar rf $(OUT).tar --owner=0 --group=0 \
--mtime="$$(git log -1 --pretty=format:%ci)" $(OUT)
gzip -9 -n -c < $(OUT).tar > $(OUT).tar.gz
xz -9 -c < $(OUT).tar > $(OUT).tar.xz
rm -rf $(OUT) $(OUT).tar
+24
View File
@@ -80,6 +80,16 @@ config BR2_i386
Intel i386 architecture compatible microprocessor
http://en.wikipedia.org/wiki/I386
config BR2_loongarch64
bool "LoongArch64"
select BR2_USE_MMU
select BR2_ARCH_IS_64
select BR2_ARCH_NEEDS_GCC_AT_LEAST_12
help
LoongArch64 is 64-bit architecture developed by Loongson.
http://www.loongson.cn/
https://en.wikipedia.org/wiki/Loongson
config BR2_m68k
bool "m68k"
# MMU support is set by the subarchitecture file, arch/Config.in.m68k
@@ -311,6 +321,10 @@ config BR2_ARCH_NEEDS_GCC_AT_LEAST_15
bool
select BR2_ARCH_NEEDS_GCC_AT_LEAST_14
config BR2_ARCH_NEEDS_GCC_AT_LEAST_16
bool
select BR2_ARCH_NEEDS_GCC_AT_LEAST_15
# The following string values are defined by the individual
# Config.in.$ARCH files
config BR2_ARCH
@@ -349,6 +363,12 @@ config BR2_GCC_TARGET_FPU
config BR2_GCC_TARGET_FLOAT_ABI
string
# The value of this option will be passed as --with-simd=<value> when
# building gcc (internal backend) or -simd=<value> in the toolchain
# wrapper (external toolchain)
config BR2_GCC_TARGET_SIMD
string
# The value of this option will be passed as --with-mode=<value> when
# building gcc (internal backend) or -m<value> in the toolchain
# wrapper (external toolchain)
@@ -373,6 +393,10 @@ if BR2_arm || BR2_armeb || BR2_aarch64 || BR2_aarch64_be
source "arch/Config.in.arm"
endif
if BR2_loongarch64
source "arch/Config.in.loongarch"
endif
if BR2_m68k
source "arch/Config.in.m68k"
endif
+12 -2
View File
@@ -518,6 +518,14 @@ config BR2_neoverse_n2
select BR2_ARM_CPU_HAS_FP_ARMV8
select BR2_ARM_CPU_ARMV9A
select BR2_ARCH_NEEDS_GCC_AT_LEAST_11
comment "armv9.2a cores"
config BR2_cortex_a720
bool "Cortex-A720 (aka hunter)"
depends on BR2_ARCH_IS_64
select BR2_ARM_CPU_HAS_FP_ARMV8
select BR2_ARM_CPU_ARMV9A
select BR2_ARCH_NEEDS_GCC_AT_LEAST_14
endchoice
config BR2_ARM_ENABLE_NEON
@@ -777,7 +785,7 @@ config BR2_ARM_INSTRUCTIONS_THUMB
# Thumb-1 and VFP are not compatible
depends on BR2_ARM_SOFT_FLOAT
help
This option instructions the compiler to generate Thumb
This option instructs the compiler to generate Thumb
instructions, which allows to mix 16 bits instructions and
32 bits instructions. This generally provides a much smaller
compiled binary size.
@@ -790,7 +798,7 @@ config BR2_ARM_INSTRUCTIONS_THUMB2
bool "Thumb2"
depends on BR2_ARM_CPU_HAS_THUMB2
help
This option instructions the compiler to generate Thumb2
This option instructs the compiler to generate Thumb2
instructions, which allows to mix 16 bits instructions and
32 bits instructions. This generally provides a much smaller
compiled binary size.
@@ -914,6 +922,8 @@ config BR2_GCC_TARGET_CPU
# armv9.0a
default "cortex-a710" if BR2_cortex_a710
default "neoverse-n2" if BR2_neoverse_n2
# armv9.2a
default "cortex-a720" if BR2_cortex_a720
config BR2_GCC_TARGET_ABI
default "aapcs-linux" if BR2_arm || BR2_armeb
+138
View File
@@ -0,0 +1,138 @@
# LoongArch CPU
choice
prompt "Target Architecture Variant"
default BR2_loongarch64_generic if BR2_ARCH_IS_64
config BR2_loongarch64_generic
bool "Generic LoongArch 64-bit"
depends on BR2_ARCH_IS_64
help
Generic LoongArch 64-bit processor.
config BR2_loongarch64_v1_0
bool "LoongArch64 ISA version 1.0"
depends on BR2_ARCH_IS_64
select BR2_ARCH_NEEDS_GCC_AT_LEAST_14
help
LoongArch64 ISA version 1.0 processor.
config BR2_loongarch64_v1_1
bool "LoongArch64 ISA version 1.1"
depends on BR2_ARCH_IS_64
select BR2_ARCH_NEEDS_GCC_AT_LEAST_14
help
LoongArch64 ISA version 1.1 processor.
endchoice
choice
prompt "FPU Type"
default BR2_LOONGARCH_FPU_64
config BR2_LOONGARCH_FPU_64
bool "64"
help
Allow the use of hardware floating-point instructions for
32-bit and 64-bit operations.
config BR2_LOONGARCH_FPU_32
bool "32"
# Only supported by lp64s and lp64f ABIs which are marked as broken
depends on BR2_BROKEN
help
Allow the use of hardware floating-point instructions for
32-bit operations only.
config BR2_LOONGARCH_FPU_NONE
bool "none"
# Only supported by lp64s ABI which is marked as broken
depends on BR2_BROKEN
help
Prevent the use of hardware floating-point instructions.
endchoice
choice
prompt "SIMD Type"
default BR2_LOONGARCH_SIMD_NONE
config BR2_LOONGARCH_SIMD_NONE
bool "none"
help
Prevent the use of hardware SIMD instructions.
config BR2_LOONGARCH_SIMD_LSX
bool "LSX"
depends on BR2_LOONGARCH_FPU_64
help
Enable generating instructions from the 128-bit LoongArch SIMD
Extension (LSX).
config BR2_LOONGARCH_SIMD_LASX
bool "LASX"
depends on BR2_LOONGARCH_FPU_64
help
Enable generating instructions from the 256-bit LoongArch
Advanced SIMD Extension (LASX) and the 128-bit LoongArch
SIMD Extension (LSX).
endchoice
choice
prompt "Target ABI"
default BR2_LOONGARCH_ABI_LP64D if BR2_ARCH_IS_64 && BR2_LOONGARCH_FPU_64
default BR2_LOONGARCH_ABI_LP64F if BR2_ARCH_IS_64 && BR2_LOONGARCH_FPU_32
default BR2_LOONGARCH_ABI_LP64S if BR2_ARCH_IS_64 && BR2_LOONGARCH_SIMD_NONE
config BR2_LOONGARCH_ABI_LP64D
bool "lp64d"
depends on BR2_ARCH_IS_64
depends on BR2_LOONGARCH_FPU_64
config BR2_LOONGARCH_ABI_LP64F
bool "lp64f"
depends on BR2_ARCH_IS_64
# Failed to build host GCC initial, pending investigation
depends on BR2_BROKEN
depends on BR2_LOONGARCH_FPU_64 || BR2_LOONGARCH_FPU_32
config BR2_LOONGARCH_ABI_LP64S
bool "lp64s"
depends on BR2_ARCH_IS_64
# GCC can't find libraries, pending investigation
depends on BR2_BROKEN
endchoice
config BR2_ARCH
default "loongarch64" if BR2_ARCH_IS_64
config BR2_NORMALIZED_ARCH
default "loongarch"
config BR2_ENDIAN
default "LITTLE"
config BR2_GCC_TARGET_ARCH
default "loongarch64" if BR2_loongarch64_generic
default "la64v1.0" if BR2_loongarch64_v1_0
default "la64v1.1" if BR2_loongarch64_v1_1
config BR2_GCC_TARGET_FPU
default "64" if BR2_LOONGARCH_FPU_64
default "32" if BR2_LOONGARCH_FPU_32
default "none" if BR2_LOONGARCH_FPU_NONE
config BR2_GCC_TARGET_SIMD
default "lasx" if BR2_LOONGARCH_SIMD_LASX
default "lsx" if BR2_LOONGARCH_SIMD_LSX
default "none" if BR2_LOONGARCH_FPU_NONE
config BR2_GCC_TARGET_ABI
default "lp64d" if BR2_LOONGARCH_ABI_LP64D
default "lp64f" if BR2_LOONGARCH_ABI_LP64F
default "lp64s" if BR2_LOONGARCH_ABI_LP64S
config BR2_READELF_ARCH_NAME
default "LoongArch"
# vim: ft=kconfig
# -*- mode:kconfig; -*-
+1
View File
@@ -16,6 +16,7 @@ GCC_TARGET_FP32_MODE := $(call qstrip,$(BR2_GCC_TARGET_FP32_MODE))
GCC_TARGET_CPU := $(call qstrip,$(BR2_GCC_TARGET_CPU))
GCC_TARGET_FPU := $(call qstrip,$(BR2_GCC_TARGET_FPU))
GCC_TARGET_FLOAT_ABI := $(call qstrip,$(BR2_GCC_TARGET_FLOAT_ABI))
GCC_TARGET_SIMD := $(call qstrip,$(BR2_GCC_TARGET_SIMD))
GCC_TARGET_MODE := $(call qstrip,$(BR2_GCC_TARGET_MODE))
# Explicitly set LD's "max-page-size" instead of relying on some defaults
@@ -1,2 +1,2 @@
# Locally calculated
sha256 87be0360df0931b340d2bac35161a548070fbc3a8c352c49e21e96666c26aeb4 linux-6.12.9.tar.xz
sha256 6b19a3ae99423de2416964d67251d745910277af258b4c4c63e88fd87dbf0e27 linux-6.12.41.tar.xz
@@ -1,8 +0,0 @@
linux_load_address=0x100000
linux_dtb_load_address=0x100
linux_dtb=socfpga_cyclone5_socrates.dtb
linux_load=mmc rescan; fatload mmc 0:1 ${linux_load_address} zImage; fatload mmc 0:1 ${linux_dtb_load_address} ${linux_dtb}
bootargs=console=ttyS0,115200 root=/dev/mmcblk0p3 ro rootwait
source_env=fatload mmc 0:1 0x2000000 boot.scr; source 0x2000000
bootcmd=run linux_load; bootz ${linux_load_address} - ${linux_dtb_load_address}
bootdelay=1
@@ -1,59 +0,0 @@
image boot.vfat {
vfat {
files = {
"zImage",
"socfpga_cyclone5_socrates.dtb"
}
}
size = 8M
}
image uboot.img {
hdimage {
partition-table = "no"
}
partition spl {
in-partition-table = "no"
image = "u-boot-spl.bin.crc"
offset = 0
size = 64K
}
partition uboot-full {
in-partition-table = "no"
image = "u-boot.img"
offset = 256K
}
size = 1M
}
image sdcard.img {
hdimage {
}
partition uboot-env {
in-partition-table = "no"
image = "uboot-env.bin"
offset = 17K # 512 * 34 -> just after gpt
}
partition boot {
partition-type = 0xc
bootable = "true"
image = "boot.vfat"
}
partition uboot {
partition-type = 0xa2
image = "uboot.img"
}
partition rootfs {
partition-type = 0x83
image = "rootfs.ext2"
size = 500M
}
}
-52
View File
@@ -1,52 +0,0 @@
EBV SoCrates Evaluation Board
Intro
=====
More information about this board can be found here:
https://rocketboards.org/foswiki/Documentation/EBVSoCratesEvaluationBoard
Build
=====
First, load socrates config for buildroot
make socrates_cyclone5_defconfig
Build everything
make
Following files will be generated in output/images
.
├── boot.vfat
├── rootfs.ext2
├── rootfs.ext4 -> rootfs.ext2
├── rootfs.tar
├── sdcard.img
├── socfpga_cyclone5_socrates.dtb
├── u-boot-spl.bin
├── u-boot-spl.bin.crc
├── u-boot.bin
├── u-boot.img
├── uboot-env.bin
├── uboot.img
└── zImage
Creating bootable SD card
=========================
Simply invoke
dd if=output/images/sdcard.img of=/dev/sdX
Where X is your SD card device (not partition)
Booting
=======
Pins 6:8 on P18 selector is used to determine boot device. To boot socrates from
sdcard set these pins to value 0x5 (101b). Remaining pins are used to determine
how to configure FPGA and are not associated with booting into Linux kernel.
@@ -1,2 +1,2 @@
# From https://cdn.kernel.org/pub/linux/kernel/v6.x/sha256sums.asc
sha256 5ff5bd84ea0e22c53437302db5d394d0a92d8b8b1a88ce20d1098298e9f7630a linux-6.12.15.tar.xz
sha256 3507dd105b0a0e1101bd43d294472fccf853429a259a5fa7c67467bba318f8e9 linux-6.15.7.tar.xz
+8 -3
View File
@@ -22,12 +22,17 @@ Running on the simulator
Download the AArch64 software simulator from one of the following sources,
corresponding to your host computer:
- https://developer.arm.com/-/cdn-downloads/permalink/FVPs-Architecture/FM-11.27/Foundation_Platform_11.27_19_Linux64.tgz
- https://developer.arm.com/-/cdn-downloads/permalink/FVPs-Architecture/FM-11.27/Foundation_Platform_11.27_19_Linux64_armv8l.tgz
- https://developer.arm.com/-/cdn-downloads/permalink/FVPs-Architecture/FM-11.29/Foundation_Platform_11.29_27_Linux64.tgz
- https://developer.arm.com/-/cdn-downloads/permalink/FVPs-Architecture/FM-11.29/Foundation_Platform_11.29_27_Linux64_armv8l.tgz
The model will be located under one of the corresponding folders:
- Foundation_Platformpkg/models/Linux64_GCC-9.3
- Foundation_Platformpkg/models/Linux64_armv8l_GCC-9.3
Finally, boot your system with:
${LOCATION_OF_FOUNDATIONV8_SIMULATOR}/models/Linux64_GCC-9.3/Foundation_Platform \
Foundation_Platform \
--arm-v8.0 \
--image output/images/linux-system.axf \
--block-device output/images/rootfs.ext2 \
@@ -1,2 +1,2 @@
# Locally calculated
sha256 c6ee813cc48fe7e308c149798100d621514e832da507e34d1dfd8247ef9ae39f linux-6.6.58-ti-arm32-r10.tar.gz
sha256 3654ca31003d90d20b195b23f8d60b78fcffbf0fd7fed6116c22719e20ac933d linux-6.12.23-ti-arm32-r11.tar.gz
@@ -1,2 +1,2 @@
# Locally calculated
sha256 cdef7d507c93f1bbd9f015ea9bc21fa074268481405501945abc6f854d5b686f u-boot-2025.01.tar.bz2
sha256 0f933f6c5a426895bf306e93e6ac53c60870e4b54cda56d95211bec99e63bec7 u-boot-2025.07.tar.bz2
@@ -0,0 +1,5 @@
default buildroot
label buildroot
kernel /Image
devicetreedir /
append root=/dev/mmcblk1p2 rootwait rw console=ttyS2,115200n8
@@ -1,10 +1,15 @@
image boot.vfat {
vfat {
files = {
"tiboot3.bin",
"tispl.bin",
"u-boot.img",
"Image",
"sun50i-h6-beelink-gs1.dtb",
"extlinux"
"ti",
"extlinux",
}
label = "boot"
}
size = 64M
@@ -15,13 +20,6 @@ image sdcard.img {
}
partition u-boot {
in-partition-table = "no"
image = "u-boot-sunxi-with-spl.bin"
offset = 8K
size = 1016K # 1MB - 8KB
}
partition boot {
partition-type = 0xC
bootable = "true"
image = "boot.vfat"
@@ -0,0 +1,2 @@
# Locally calculated
sha256 2bb586c954277d070c8fdf6d7275faa93b4807d9bf3353b491d8149cca02b4fc linux-6.15.6.tar.xz
@@ -0,0 +1,2 @@
# Locally calculated
sha256 0f933f6c5a426895bf306e93e6ac53c60870e4b54cda56d95211bec99e63bec7 u-boot-2025.07.tar.bz2
@@ -0,0 +1,2 @@
# Locally calculated
sha256 0f933f6c5a426895bf306e93e6ac53c60870e4b54cda56d95211bec99e63bec7 u-boot-2025.07.tar.bz2
+5
View File
@@ -0,0 +1,5 @@
#!/bin/sh
BOARD_DIR="$(dirname "$0")"
install -m 0644 -D "$BOARD_DIR"/extlinux.conf "$BINARIES_DIR"/extlinux/extlinux.conf
+38
View File
@@ -0,0 +1,38 @@
BeagleBoard.org BeagleY-AI Development Board
Description
===========
This configuration will build a basic image for the BeagleBoard.org
BeagleY-AI. For more details about the board, visit:
https://www.beagleboard.org/boards/beagley-ai
How to Build
============
Select the default configuration for the target:
$ make beagley_ai_defconfig
Optional: modify the configuration:
$ make menuconfig
Build:
$ make
To copy the resulting output image file to an SD card use dd:
$ dd if=output/images/sdcard.img of=/dev/sdX bs=1M
How to Run
==========
Insert the SD card into the BeagleY-AI board, and power it up
through the USB Type-C connector. The system should come up.
You can use a USB to serial adapter to connect to the connector
labeled UART0 (J13) to communicate with the board.
https://docs.beagle.cc/boards/beagley/ai/02-quick-start.html
-4
View File
@@ -1,4 +0,0 @@
label linux
kernel /Image
devicetree /sun50i-h6-beelink-gs1.dtb
append console=ttyS0,115200 earlyprintk root=/dev/mmcblk0p2 rootwait
-4
View File
@@ -1,4 +0,0 @@
#!/bin/sh
BOARD_DIR="$(dirname $0)"
install -m 0644 -D $BOARD_DIR/extlinux.conf $BINARIES_DIR/extlinux/extlinux.conf
@@ -1,2 +1,2 @@
# Locally calculated
sha256 aee8a844fe152420bece70ffae8525b9b23089aa4da31fa32f30e1859bf93c3d linux-6.11.8.tar.xz
# From https://cdn.kernel.org/pub/linux/kernel/v6.x/sha256sums.asc
sha256 6e562502a8fd11639f558e43b74f0df0d85fa85e60f5332acb275a75a35f5345 linux-6.12.39.tar.xz
@@ -1,2 +1,2 @@
# Locally calculated
sha256 b28daf4ac17e43156363078bf510297584137f6df50fced9b12df34f61a92fb0 u-boot-2024.10.tar.bz2
sha256 0f933f6c5a426895bf306e93e6ac53c60870e4b54cda56d95211bec99e63bec7 u-boot-2025.07.tar.bz2
@@ -25,6 +25,8 @@ SDPV: jump
FB: ucmd setenv fastboot_buffer ${loadaddr}
FB[-t 60000]: ucmd nand erase.chip
FB: download -f _image
FB: ucmd nandbcb init ${fastboot_buffer} nandboot ${filesize}
FB[-t 60000]: ucmd ubi part rootfs
FB[-t 60000]: ucmd ubi create root -
FB: download -f _filesystem
@@ -1,2 +1,2 @@
# From https://www.kernel.org/pub/linux/kernel/v6.x/sha256sums.asc
sha256 61c997b8acbbb8ab184565e96f476ecbb7e773cb35b98a1a4c832d809b2bf719 linux-6.1.120.tar.xz
sha256 4a168aed2de5a81aadd90ba2b153860a98d99bfc34651936e17f18e54f01ba8c linux-6.12.36.tar.xz
@@ -1,2 +1,2 @@
# Locally calculated
sha256 b28daf4ac17e43156363078bf510297584137f6df50fced9b12df34f61a92fb0 u-boot-2024.10.tar.bz2
sha256 0f933f6c5a426895bf306e93e6ac53c60870e4b54cda56d95211bec99e63bec7 u-boot-2025.07.tar.bz2
@@ -10,6 +10,8 @@ SDPS: boot -f _flash.bin
FB: ucmd setenv fastboot_buffer ${loadaddr}
FB: download -f _image
FB[-t 10000]: ucmd nand erase.chip
# Burn image to nandfit partition if needed
FB: ucmd if env exists nandfit_part; then nand erase.part nandfit; nand write ${fastboot_buffer} nandfit ${filesize}; else true; fi;
FB: ucmd nandbcb init ${fastboot_buffer} nandboot ${filesize}
-1
View File
@@ -1 +0,0 @@
console=tty1 clk_ignore_unused root=/dev/mmcblk1p2 rootfstype=ext4 ro
-37
View File
@@ -1,37 +0,0 @@
/dts-v1/;
/ {
description = "Buildroot kernel for Chromebook Snow";
images {
kernel@1 {
description = "kernel";
data = /incbin/("zImage");
type = "kernel_noload";
arch = "arm";
os = "linux";
compression = "none";
load = <0>;
entry = <0>;
hash@1 {
algo = "sha1";
};
};
fdt@1{
description = "exynos5250-snow.dtb";
data = /incbin/("exynos5250-snow.dtb");
type = "flat_dt";
arch = "arm";
compression = "none";
hash@1 {
algo = "sha1";
};
};
};
configurations {
default = "conf@1";
conf@1{
kernel = "kernel@1";
fdt = "fdt@1";
};
};
};
@@ -1,2 +0,0 @@
CONFIG_MWIFIEX=m
CONFIG_MWIFIEX_SDIO=m
@@ -1,30 +0,0 @@
Some versions of u-boot for this Chromebook check for tpm node
in the device tree and fail badly (reboot) if it is not found.
While not exactly correct, it is much easier to patch the mainline
device tree to match u-boot expectations than to fix u-boot on
this device.
See https://code.google.com/p/chromium/issues/detail?id=220169
and https://lkml.org/lkml/2013/3/4/242
Signed-off-by: Alex Suykov <alex.suykov@gmail.com>
Upstream: Not Applicable
[yann.morin.1998@free.fr: add Upstream tag]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
--- a/arch/arm/boot/dts/exynos5250-snow-common.dtsi
+++ b/arch/arm/boot/dts/exynos5250-snow-common.dtsi
@@ -466,6 +466,11 @@
status = "okay";
samsung,i2c-sda-delay = <100>;
samsung,i2c-max-bus-freq = <66000>;
+
+ tpm {
+ compatible = "infineon,slb9635tt";
+ reg = <0x20>;
+ };
};
&i2c_5 {
@@ -1,2 +0,0 @@
# Localy computed
sha256 5a26478906d5005f4f809402e981518d2b8844949199f60c4b6e1f986ca2a769 linux-4.15.tar.xz
-137
View File
@@ -1,137 +0,0 @@
Samsung XE303C12 aka Chromebook Snow
====================================
This file describes booting the Chromebook from an SD card containing
Buildroot kernel and rootfs, using the original bootloader. This is
the least invasive way to get Buildroot onto the devices and a good
starting point.
The bootloader will only boot a kernel from a GPT partition marked
bootable with cgpt tool from vboot-utils package.
The kernel image must be signed using futility from the same package.
The signing part is done by sign.sh script in this directory.
It does not really matter where rootfs is as long as the kernel is able
to find it, but this particular configuration assumes the kernel is on
partition 1 and rootfs is on partition 2 of the SD card.
Make sure to check kernel.args if you change this.
Making the boot media
---------------------
Start by configuring and building the images.
make chromebook_snow_defconfig
make menuconfig # if necessary
make
The important files are:
uImage.kpart (kernel and device tree, signed)
rootfs.tar
bootsd.img (SD card image containing both kernel and rootfs)
Write the image directly to some SD card.
WARNING: make sure there is nothing important on that card,
and double-check the device name!
SD=/dev/mmcblk1 # may be /dev/sdX on some hosts
dd if=output/images/bootsd.img of=$SD
Switching to developer mode and booting from SD
-----------------------------------------------
Power Chromebook down, then power it up while holding Esc+F3.
BEWARE: switching to developer mode deletes all user data.
Create backups if you need them.
While in developer mode, Chromebook will boot into a white screen saying
"OS verification is off".
Press Ctrl-D at this screen to boot Chromium OS from eMMC.
Press Ctrl-U at this screen to boot from SD (or USB)
Press Power to power it off.
Do NOT press Space unless you mean it.
This will switch it back to normal mode.
The is no way to get rid of the white screen without re-flashing the bootloader.
Troubleshooting
---------------
Loud *BEEP* after pressing Ctrl-U means there's no valid partition to boot from.
Which in turn means either bad GPT or improperly signed kernel.
Return to the OS verification screen without any sounds means the code managed
to reboot the board. May indicate properly signed but invalid image.
Blank screen means the image is valid and properly signed but cannot boot
for some reason, like missing or incorrect DT.
In case the board becomes unresponsive:
* Press Esc+F3+Power. The board should reboot instantly.
Remove SD card to prevent it from attempting a system recovery.
* Hold Power button for around 10s. The board should shut down into
its soft-off mode. Press Power button again or open the lid to turn in on.
* If that does not work, disconnect the charger and push a hidden
button on the underside with a pin of some sort. The board should shut
down completely. Opening the lid and pressing Power button will not work.
To turn it back on, connect the charger.
Partitioning SD card manually
-----------------------------
Check mksd.sh for partitioning commands.
Use parted and cgpt on a real device, and calculate the partition
sizes properly. The kernel partition may be as small as 4MB, but
you will probably want the rootfs to occupy the whole remaining space.
cgpt may be used to check current layout:
output/host/bin/cgpt show $SD
All sizes and all offsets are in 512-byte blocks.
Writing kernel and rootfs to a partitioned SD card
--------------------------------------------------
Write .kpart directly to the bootable partition:
dd if=output/images/uImage.kpart of=${SD}1
Make a new filesystem on the rootfs partition, and unpack rootfs.tar there:
mkfs.ext4 ${SD}2
mount ${SD2} /mnt/<ROOTFS-PARTITION>
tar -xvf output/images/rootfs.tar -C /mnt/<ROOTFS-PARTITION>
umount /mnt/<ROOTFS-PARTITION>
This will require root permissions even if you can write to $SD.
Kernel command line
-------------------
The command line is taken from board/chromebook/snow/kernel.args and stored
in the vboot header (which also holds the signature).
The original bootloader prepends "cros_secure console= " to the supplied
command line. The only way to suppress this is to enable CMDLINE_FORCE
in the kernel config, disabling external command line completely.
That's not necessary however. The mainline kernel ignores cros_secure,
and supplying console=tty1 in kernel.args undoes the effect of console=
Booting with console= suppresses all kernel output.
As a side effect, it makes /dev/console unusable, which the init in use must
be able to handle.
WiFi card
---------
Run modprobe mwifiex_sdio to load the driver.
The name of the device should be mlan0.
Further reading
---------------
https://www.chromium.org/chromium-os/developer-information-for-chrome-os-devices/samsung-arm-chromebook
http://linux-exynos.org/wiki/Samsung_Chromebook_XE303C12/Installing_Linux
http://archlinuxarm.org/platforms/armv7/samsung/samsung-chromebook
http://www.de7ec7ed.com/2013/05/application-processor-ap-uart-samsung.html
http://www.de7ec7ed.com/2013/05/embedded-controller-ec-uart-samsung.html
-41
View File
@@ -1,41 +0,0 @@
#!/bin/sh
# This script creates u-boot FIT image containing the kernel and the DT,
# then signs it using futility from vboot-utils.
# The resulting file is called uImage.kpart.
BOARD_DIR=$(dirname $0)
mkimage=$HOST_DIR/bin/mkimage
futility=$HOST_DIR/bin/futility
devkeys=$HOST_DIR/share/vboot/devkeys
run() { echo "$@"; "$@"; }
die() { echo "$@" >&2; exit 1; }
test -f $BINARIES_DIR/zImage || \
die "No kernel image found"
test -x $mkimage || \
die "No mkimage found (host-uboot-tools has not been built?)"
test -x $futility || \
die "No futility found (host-vboot-utils has not been built?)"
# kernel.its references zImage and exynos5250-snow.dtb, and all three
# files must be in current directory for mkimage.
run cp $BOARD_DIR/kernel.its $BINARIES_DIR/kernel.its || exit 1
echo "# entering $BINARIES_DIR for the next command"
(cd $BINARIES_DIR && run $mkimage -f kernel.its uImage.itb) || exit 1
# futility requires non-empty file to be supplied with --bootloader
# even if it does not make sense for the target platform.
echo > $BINARIES_DIR/dummy.txt
run $futility vbutil_kernel \
--keyblock $devkeys/kernel.keyblock \
--signprivate $devkeys/kernel_data_key.vbprivk \
--arch arm \
--version 1 \
--config $BOARD_DIR/kernel.args \
--vmlinuz $BINARIES_DIR/uImage.itb \
--bootloader $BINARIES_DIR/dummy.txt \
--pack $BINARIES_DIR/uImage.kpart || exit 1
rm -f $BINARIES_DIR/kernel.its $BINARIES_DIR/dummy.txt
+4
View File
@@ -0,0 +1,4 @@
label coolpi-4b-buildroot
kernel /Image.gz
devicetree /rk3588s-coolpi-4b.dtb
append root=/dev/mmcblk1p2 rw rootfstype=ext4 earlycon earlyprintk console=ttyS2,1500000n8 rootwait
+35
View File
@@ -0,0 +1,35 @@
# SD card image for Cool PI 4b
image boot.vfat {
vfat {
files = {
"Image.gz",
"rk3588s-coolpi-4b.dtb",
"extlinux"
}
}
size = 32M
}
image sdcard.img {
hdimage {
partition-table-type = "hybrid"
}
partition uboot {
in-partition-table = "false"
image = "u-boot-rockchip.bin"
offset = 32K
}
partition boot {
partition-type = "0xC"
bootable = "true"
image = "boot.vfat"
}
partition rootfs {
partition-type = 0x83
image = "rootfs.ext2"
}
}
@@ -0,0 +1,2 @@
# From https://www.kernel.org/pub/linux/kernel/v6.x/sha256sums.asc
sha256 de8b97cfeae74c22f832ee4ca2333c157cc978d98baa122f0ee9c01796a2fe43 linux-6.14.10.tar.xz
@@ -0,0 +1,2 @@
# Locally calculated
sha256 439d3bef296effd54130be6a731c5b118be7fddd7fcc663ccbc5fb18294d8718 u-boot-2025.04.tar.bz2
+7
View File
@@ -0,0 +1,7 @@
#!/usr/bin/env bash
set -e
BOARD_DIR="$(dirname "$0")"
gzip -fk "${BINARIES_DIR}/Image"
install -m 0644 -D "$BOARD_DIR/extlinux.conf" "$BINARIES_DIR/extlinux/extlinux.conf"
support/scripts/genimage.sh -c board/coolpi/coolpi-4b/genimage.cfg
+57
View File
@@ -0,0 +1,57 @@
Cool Pi 4B
==============
https://www.cool-pi.com/product/cp4b/
Build:
======
$ make coolpi_4b_defconfig
$ make
Files created in output directory
=================================
output/images
.
output/images/
├── boot.vfat
├── extlinux
│   └── extlinux.conf
├── Image
├── Image.gz
├── rk3588_bl31_v1.40.elf
├── rk3588_ddr_lp4_2112MHz_lp5_2736MHz_v1.12.bin
├── rk3588s-coolpi-4b.dtb
├── rootfs.ext2
├── rootfs.ext4 -> rootfs.ext2
├── rootfs.tar
├── sdcard.img
├── u-boot.bin
└── u-boot-rockchip.bin
Creating bootable SD card:
==========================
Simply invoke (as root)
sudo dd if=output/images/sdcard.img of=/dev/sdX && sync
Where X is your SD card device.
Booting:
========
Serial console:
---------------
The Cool Pi 4B has a 40-pin GPIO header.
The Uart pins are as follows:
pin 6: gnd
pin 8: tx
pin 10: rx
Baudrate for this board is 1500000.
Login:
------
Enter 'root' as login user, and the prompt is ready.
@@ -1,2 +1,2 @@
# Locally calculated
sha256 9423f4bfb4d875417e39cb0b017b5499fea47da56119f0cd28a201735d898f14 linux-6.12.14.tar.xz
sha256 643142c1b5991560dd12f950825cc19e4497b95b82641918ecff1177f4130c1d linux-6.12.24.tar.xz
@@ -1,2 +1,2 @@
# Locally calculated
sha256 cdef7d507c93f1bbd9f015ea9bc21fa074268481405501945abc6f854d5b686f u-boot-2025.01.tar.bz2
sha256 439d3bef296effd54130be6a731c5b118be7fddd7fcc663ccbc5fb18294d8718 u-boot-2025.04.tar.bz2
@@ -1,2 +1,2 @@
# Locally calculated
sha256 9423f4bfb4d875417e39cb0b017b5499fea47da56119f0cd28a201735d898f14 linux-6.12.14.tar.xz
sha256 643142c1b5991560dd12f950825cc19e4497b95b82641918ecff1177f4130c1d linux-6.12.24.tar.xz
@@ -1,2 +1,2 @@
# Locally calculated
sha256 cdef7d507c93f1bbd9f015ea9bc21fa074268481405501945abc6f854d5b686f u-boot-2025.01.tar.bz2
sha256 439d3bef296effd54130be6a731c5b118be7fddd7fcc663ccbc5fb18294d8718 u-boot-2025.04.tar.bz2
-17
View File
@@ -1,17 +0,0 @@
image sdcard.img {
hdimage {
}
partition u-boot {
in-partition-table = "no"
image = "u-boot.imx"
offset = 1K
}
partition rootfs {
partition-type = 0x83
image = "rootfs.ext2"
offset = 1M
size = 60M
}
}
-38
View File
@@ -1,38 +0,0 @@
Buildroot for Embest RIoTboard
==============================
This is a small development board, based on Freescale IMX6 Solo SoC
(single core ARM Cortex-A9).
More details about the board can be found at:
http://www.embest-tech.com/riotboard
1. Compiling buildroot
----------------------
$ make riotboard_defconfig
$ make
2. Installing buildroot
-----------------------
Prepare an SD-card and plug it into your card reader. Always double
check the block device before writing to it, as writing to the wrong
block device can cause irrecoverable data loss. Now you can write the
image to your SD-card:
sudo dd if=output/images/sdcard.img of=/dev/<sdcard-block-device> bs=1M
3. Running buildroot
--------------------
Position the board so you can read the label "RIoTboard" on the right
side of SW1 DIP switches. Configure the SW1 swiches like this:
1 0 1 0 0 1 0 1
ON OFF ON OFF OFF ON OFF ON
Now plug your prepared SD-card in slot J6. Connect a serial console
(115200, 8, N, 1) to header J18. Connect a 5V/1A power supply to the
board and enjoy.
@@ -1,6 +0,0 @@
default buildroot
label buildroot
kernel /boot/zImage
devicetree /boot/imx6dl-riotboard.dtb
append console=ttymxc1,115200 root=/dev/mmcblk1p1 rw
-39
View File
@@ -1,39 +0,0 @@
image boot.vfat {
vfat {
files = {
"uImage",
"imx6ul-geam-kit.dtb"
}
}
size = 64M
}
image sdcard.img {
hdimage {
}
partition SPL {
in-partition-table = "no"
image = "SPL"
offset = 1K
}
partition u-boot-dtb {
in-partition-table = "no"
image = "u-boot-dtb.img"
offset = 69K
}
partition boot {
partition-type = 0xC
bootable = "true"
image = "boot.vfat"
offset = 8M
}
partition rootfs {
partition-type = 0x83
image = "rootfs.ext2"
}
}
-66
View File
@@ -1,66 +0,0 @@
********************************************
Buildroot for Engicam GEAM6UL SOM platforms:
********************************************
This file documents the Buildroot support for all Engicam GEAM6UL
SOM platform boards.
GEAM6UL SOM Starter kits:
https://www.engicam.com/vis-prod/101115
This configuration uses U-Boot mainline and kernel mainline.
Build
=====
First, configure Buildroot for the Engicam GEAM6UL SOM:
- for GEAM6UL SOM:
make engicam_imx6ul_geam_defconfig
Build all components:
make
You will find the following files in output/images/:
- imx6ul-geam-kit.dtb
- rootfs.ext4
- rootfs.tar
- sdcard.img
- SPL
- u-boot-dtb.img
- uImage
Create a bootable SD card
=========================
To determine the device associated to the SD card have a look in the
/proc/partitions file:
cat /proc/partitions
Buildroot prepares a bootable "sdcard.img" image in the output/images/
directory, ready to be dumped on a SD card. Launch the following
command as root:
dd if=output/images/sdcard.img of=/dev/<your-sd-device>
sync
*** WARNING! This will destroy all the card content. Use with care! ***
For details about the medium image layout, see the definition in
board/engicam/geam6ul/genimage.cfg
Boot the GEAM6UL boards with SD boot:
====================================
To boot your newly created system:
- insert the SD card in the SD slot of the board;
- connect 3-wire RS232 serial port J28 on board, and connect with other
serial end or USB cable(if serial-to-usb converter used) using
a terminal emulator at 115200 bps, 8n1;
- close JM3 for sd boot.
- power on the board.
Enjoy!
-42
View File
@@ -1,42 +0,0 @@
image boot.vfat {
vfat {
files = {
"uImage",
"imx6dl-icore.dtb",
"imx6q-icore.dtb",
"imx6q-icore-ofcap10.dtb",
"imx6q-icore-ofcap12.dtb"
}
}
size = 64M
}
image sdcard.img {
hdimage {
}
partition SPL {
in-partition-table = "no"
image = "SPL"
offset = 1K
}
partition u-boot-dtb {
in-partition-table = "no"
image = "u-boot-dtb.img"
offset = 69K
}
partition boot {
partition-type = 0xC
bootable = "true"
image = "boot.vfat"
offset = 8M
}
partition rootfs {
partition-type = 0x83
image = "rootfs.ext2"
}
}
-4
View File
@@ -1,4 +0,0 @@
# Currently kernel mainline exhibits issues when running cpufreq as ondemand
# governor on mx6.
# CONFIG_CPU_FREQ_DEFAULT_GOV_ONDEMAND is not set
CONFIG_CPU_FREQ_DEFAULT_GOV_PERFORMANCE=y
-93
View File
@@ -1,93 +0,0 @@
*********************************************
Buildroot for Engicam i.CoreM6 SOM platforms:
*********************************************
This file documents the Buildroot support for Engicam i.CoreM6
platform boards.
i.CoreM6 Quad/Dual/DualLite/Solo SOM Starter kits:
https://www.engicam.com/vis-prod/101120
i.CoreM6 Quad/Dual/DualLite/Solo Open Frame 10.1 C.TOUCH kits:
https://www.engicam.com/vis-prod/101133
This configuration uses U-Boot mainline and kernel mainline.
Build
=====
First, configure Buildroot for the Engicam i.CoreM6:
make engicam_imx6qdl_icore_defconfig
Build all components:
make
You will find the following files in output/images/:
- imx6q-icore.dtb (for i.CoreM6 Quad/Dual)
- imx6dl-icore.dtb (for i.CoreM6 DualLite/Solo)
- imx6q-icore-ofcap10.dtb (for i.CoreM6 Quad/Dual ofcap 10)
- imx6q-icore-ofcap12.dtb (for i.CoreM6 Quad/Dual ofcap 12)
- rootfs.ext4
- rootfs.tar
- sdcard.img
- SPL
- u-boot-dtb.img
- uImage
Create a bootable SD card
=========================
To determine the device associated to the SD card have a look in the
/proc/partitions file:
cat /proc/partitions
Buildroot prepares a bootable "sdcard.img" image in the output/images/
directory, ready to be dumped on a SD card. Launch the following
command as root:
dd if=output/images/sdcard.img of=/dev/<your-sd-device>
sync
*** WARNING! This will destroy all the card content. Use with care! ***
For details about the medium image layout, see the definition in
board/engicam/icorem6/genimage.cfg
Boot the i.CoreM6 boards with SD boot:
=====================================
To boot your newly created system:
- insert the SD card in the SD slot of the board;
- connect 3-wire RS232 serial port J28 on board, and connect with other
serial end or USB cable(if serial-to-usb converter used) using
a terminal emulator at 115200 bps, 8n1;
- close JM3 for sd boot.
- power on the board.
Testing graphics on i.CoreM6:
============================
Build with support for Etnaviv, Qt5 and demo applications:
make engicam_imx6qdl_icore_qt5_defconfig
make
Running kmscube
# kmscube -D /dev/dri/card1
Running glmark2-es2-drm
# glmark2-es2-drm
Running Qt5 Cinematic Demo:
- for i.CoreM6 Starter Kit
# export QT_QPA_EGLFS_KMS_CONFIG=/root/imx6qdl-icore.json
- for i.CoreM6 ofcap10
# export QT_QPA_EGLFS_KMS_CONFIG=/root/imx6qdl-icore-ofcap10.json
- for i.CoreM6 ofcap12
# export QT_QPA_EGLFS_KMS_CONFIG=/root/imx6qdl-icore-ofcap12.json
# CinematicExperience-demo
Enjoy!
@@ -1,11 +0,0 @@
{
"device": "/dev/dri/card1",
"hwcursor": false,
"pbuffers": true,
"outputs": [
{
"name": "LVDS1",
"mode": "1280x800"
}
]
}
@@ -1,11 +0,0 @@
{
"device": "/dev/dri/card1",
"hwcursor": false,
"pbuffers": true,
"outputs": [
{
"name": "LVDS1",
"mode": "1280x480"
}
]
}
@@ -1,11 +0,0 @@
{
"device": "/dev/dri/card1",
"hwcursor": false,
"pbuffers": true,
"outputs": [
{
"name": "LVDS1",
"mode": "800x480"
}
]
}
-40
View File
@@ -1,40 +0,0 @@
image boot.vfat {
vfat {
files = {
"uImage",
"imx6dl-icore-rqs.dtb",
"imx6q-icore-rqs.dtb"
}
}
size = 64M
}
image sdcard.img {
hdimage {
}
partition SPL {
in-partition-table = "no"
image = "SPL"
offset = 1K
}
partition u-boot-dtb {
in-partition-table = "no"
image = "u-boot-dtb.img"
offset = 69K
}
partition boot {
partition-type = 0xC
bootable = "true"
image = "boot.vfat"
offset = 8M
}
partition rootfs {
partition-type = 0x83
image = "rootfs.ext2"
}
}
-69
View File
@@ -1,69 +0,0 @@
*************************************************
Buildroot for Engicam i.CoreM6 RQS SOM platforms:
*************************************************
This file documents the Buildroot support for Engicam i.CoreM6 RQS
SOM platform boards.
i.CoreM6 Quad/Dual/DualLite/Solo RQS SOM Starter kits:
https://www.engicam.com/vis-prod/101124
This configuration uses U-Boot mainline and kernel mainline.
Build
=====
First, configure Buildroot for the Engicam i.CoreM6 RQS:
- for i.CoreM6 RQS Quad/Dual/DualLite/Solo:
make engicam_imx6qdl_icore_rqs_defconfig
Build all components:
make
You will find the following files in output/images/:
- for i.CoreM6 Quad/Dual RQS:
- imx6q-icore-rqs.dtb
- for i.CoreM6 DualLite/Solo RQS:
- imx6dl-icore-rqs.dtb
- rootfs.ext4
- rootfs.tar
- sdcard.img
- SPL
- u-boot-dtb.img
- uImage
Create a bootable SD card
=========================
To determine the device associated to the SD card have a look in the
/proc/partitions file:
cat /proc/partitions
Buildroot prepares a bootable "sdcard.img" image in the output/images/
directory, ready to be dumped on a SD card. Launch the following
command as root:
dd if=output/images/sdcard.img of=/dev/<your-sd-device>
sync
*** WARNING! This will destroy all the card content. Use with care! ***
For details about the medium image layout, see the definition in
board/engicam/icorem6_rqs/genimage.cfg
Boot the i.CoreM6 RQS boards with SD boot:
=========================================
To boot your newly created system:
- insert the SD card in the SD slot of the board;
- connect 3-wire RS232 serial port J7 on board, and connect with other
serial end or USB cable(if serial-to-usb converter used) using
a terminal emulator at 115200 bps, 8n1;
- close JM2 for sd boot.
- power on the board.
Enjoy!
-39
View File
@@ -1,39 +0,0 @@
image boot.vfat {
vfat {
files = {
"uImage",
"imx6ul-isiot-emmc.dtb"
}
}
size = 64M
}
image sdcard.img {
hdimage {
}
partition SPL {
in-partition-table = "no"
image = "SPL"
offset = 1K
}
partition u-boot-dtb {
in-partition-table = "no"
image = "u-boot-dtb.img"
offset = 69K
}
partition boot {
partition-type = 0xC
bootable = "true"
image = "boot.vfat"
offset = 8M
}
partition rootfs {
partition-type = 0x83
image = "rootfs.ext2"
}
}
-66
View File
@@ -1,66 +0,0 @@
********************************************
Buildroot for Engicam Is.IoT SOM platforms:
********************************************
This file documents the Buildroot support for all Engicam Is.IoT MX6UL
SOM platform boards.
Is.IoT MX6UL SOM Starter kits:
https://www.engicam.com/vis-prod/101122
This configuration uses U-Boot mainline and kernel mainline.
Build
=====
First, configure Buildroot for the Engicam Is.IoT MX6UL SOM:
- for Is.IoT MX6UL SOM:
make engicam_imx6ul_isiot_defconfig
Build all components:
make
You will find the following files in output/images/:
- imx6ul-isiot-emmc.dtb
- rootfs.ext4
- rootfs.tar
- sdcard.img
- SPL
- u-boot-dtb.img
- uImage
Create a bootable SD card
=========================
To determine the device associated to the SD card have a look in the
/proc/partitions file:
cat /proc/partitions
Buildroot prepares a bootable "sdcard.img" image in the output/images/
directory, ready to be dumped on a SD card. Launch the following
command as root:
dd if=output/images/sdcard.img of=/dev/<your-sd-device>
sync
*** WARNING! This will destroy all the card content. Use with care! ***
For details about the medium image layout, see the definition in
board/engicam/isiot/genimage.cfg
Boot the Is.IoT MX6UL boards with SD boot:
=========================================
To boot your newly created system:
- insert the SD card in the SD slot of the board;
- connect 3-wire RS232 serial port J28 on board, and connect with other
serial end or USB cable(if serial-to-usb converter used) using
a terminal emulator at 115200 bps, 8n1;
- close JM3 for sd boot.
- power on the board.
Enjoy!
+4
View File
@@ -0,0 +1,4 @@
label Engicam-EDIMM linux
kernel /boot/Image
devicetree /boot/px30-engicam-px30-core-ctouch2-of10.dtb
append earlycon=uart8250,mmio32,0xff160000 root=/dev/mmcblk1p1 rootwait
+22
View File
@@ -0,0 +1,22 @@
image sdcard.img {
hdimage {
}
partition u-boot-tpl-spl-dtb {
in-partition-table = "no"
image = "idbloader.img"
offset = 32K
}
partition u-boot-dtb {
in-partition-table = "no"
image = "u-boot.itb"
offset = 8M
size = 30M
}
partition rootfs {
partition-type = 0x83
image = "rootfs.ext4"
}
}
@@ -0,0 +1 @@
../linux/linux.hash
@@ -0,0 +1,2 @@
# From https://www.kernel.org/pub/linux/kernel/v6.x/sha256sums.asc
sha256 ab48800ab49985a78d2318ae8ac5f28fd3e123ea17357ef21498105a53337336 linux-6.12.22.tar.xz
@@ -0,0 +1,2 @@
# Locally calculated
sha256 439d3bef296effd54130be6a731c5b118be7fddd7fcc663ccbc5fb18294d8718 u-boot-2025.04.tar.bz2
+5
View File
@@ -0,0 +1,5 @@
#!/bin/sh
BOARD_DIR="$(dirname "$0")"
install -m 0644 -D "$BOARD_DIR"/extlinux.conf "$TARGET_DIR"/boot/extlinux/extlinux.conf
+60
View File
@@ -0,0 +1,60 @@
ENGICAM PX30-EDIMM2.2 carrier board
===================================
Build:
$ make engicam_px30_core_defconfig
$ make
Files created in output directory
---------------------------------
output/images
├── bl31.elf
├── idbloader.img
├── Image
├── px30-engicam-px30-core-ctouch2-of10.dtb
├── rootfs.ext2
├── rootfs.ext4 -> rootfs.ext2
├── rootfs.tar
├── sdcard.img
├── u-boot.bin
└── u-boot.itb
How to connect the board and get started:
-----------------------------------------
Ensure that the power supply is stable and provides enough current to handle
the board's needs, especially when peripherals are connected.
Insert micro SD card on the board micro SD slot J17
Creating bootable SD card:
--------------------------
sudo dd if=output/images/sdcard.img of=/dev/sdX && sync
/dev/sdX is the path in host via which SD card is detected
Where X is your SD card device
Connect UART port on the board J26
Serial console
--------------
Launch minicom at host with 1152008N1
Power on the kit using J4
Refer link on checking board booting
Program eMMC
------------
Connect USB otg cable A-type to host pc, Micro USB end to board.
Close Jumper JM5.
Boot the Kit with SD boot.
Program eMMC in U-Boot. (Refer link for the steps)
Wiki link:
https://wiki.amarulasolutions.com/bsp/rockchip/px30/engicam-px30-edimm2.2.html
@@ -18,19 +18,19 @@ main ()
if grep -Eq "^BR2_TARGET_OPTEE_OS=y$" "${BR2_CONFIG}"; then
"${HOST_DIR}/bin/mkimage_imx8" -soc IMX9 -c \
-ap "${BINARIES_DIR}/bl31.bin" a35 ${ATF_LOAD_ADDR} \
-ap "${BINARIES_DIR}/u-boot-hash.bin" a35 0x80200000 \
-ap "${BINARIES_DIR}/tee.bin" a35 0x96000000 \
-ap "${BINARIES_DIR}/bl31.bin" a55 ${ATF_LOAD_ADDR} \
-ap "${BINARIES_DIR}/u-boot-hash.bin" a55 0x80200000 \
-ap "${BINARIES_DIR}/tee.bin" a55 0x96000000 \
-out "${BINARIES_DIR}/u-boot-atf-container.img"
else
"${HOST_DIR}/bin/mkimage_imx8" -soc IMX9 -c \
-ap "${BINARIES_DIR}/bl31.bin" a35 ${ATF_LOAD_ADDR} \
-ap "${BINARIES_DIR}/u-boot-hash.bin" a35 0x80200000 \
-ap "${BINARIES_DIR}/bl31.bin" a55 ${ATF_LOAD_ADDR} \
-ap "${BINARIES_DIR}/u-boot-hash.bin" a55 0x80200000 \
-out "${BINARIES_DIR}/u-boot-atf-container.img"
fi
"${HOST_DIR}/bin/mkimage_imx8" -soc IMX9 -append "${BINARIES_DIR}/ahab-container.img" -c \
-ap "${BINARIES_DIR}/u-boot-spl-ddr.bin" a35 ${SPL_LOAD_ADDR} \
-ap "${BINARIES_DIR}/u-boot-spl-ddr.bin" a55 ${SPL_LOAD_ADDR} \
-out "${BINARIES_DIR}/imx9-boot-sd.bin"
flashbin_size="$(wc -c "${BINARIES_DIR}/imx9-boot-sd.bin" | awk '{print $1}')"
+2
View File
@@ -1,5 +1,7 @@
#!/usr/bin/env bash
set -e
#
# dtb_list extracts the list of DTB files from BR2_LINUX_KERNEL_INTREE_DTS_NAME
# in ${BR_CONFIG}, then prints the corresponding list of file names for the
+6 -2
View File
@@ -1,5 +1,7 @@
#!/usr/bin/env bash
set -e
#
# dtb_list extracts the list of DTB files from BR2_LINUX_KERNEL_INTREE_DTS_NAME
# in ${BR_CONFIG}, then prints the corresponding list of file names for the
@@ -7,10 +9,12 @@
#
dtb_list()
{
local DTB_LIST="$(sed -n 's/^BR2_LINUX_KERNEL_INTREE_DTS_NAME="\([a-z0-9 \-]*\)"$/\1/p' ${BR2_CONFIG})"
local DTB_LIST
DTB_LIST="$(sed -n 's/^BR2_LINUX_KERNEL_INTREE_DTS_NAME="\([\/a-z0-9 \-]*\)"$/\1/p' "${BR2_CONFIG}")"
for dt in $DTB_LIST; do
echo -n "\"$dt.dtb\", "
echo -n "\"$(basename "${dt}").dtb\", "
done
}
@@ -0,0 +1 @@
../linux/linux.hash
@@ -0,0 +1,2 @@
# From https://www.kernel.org/pub/linux/kernel/v6.x/sha256sums.asc
sha256 af54b449f4fb93b8e8daa346144a7309e8e95174bd962c4b5917cf56120456d9 linux-6.6.26.tar.xz
@@ -0,0 +1,2 @@
# Locally calculated
sha256 18a853fe39fad7ad03a90cc2d4275aeaed6da69735defac3492b80508843dd4a u-boot-2024.04.tar.bz2
+1 -1
View File
@@ -12,7 +12,7 @@ Build
First, configure Buildroot for your i.MX28 EVK board:
make freescale_imx28evk_defconfig
make imx28evk_defconfig
Build all components:
@@ -1,2 +1,2 @@
# Locally calculated
sha256 c70adedadce88f8685cb26d9703b930292c1349138e2c55ed9b4cd6e277de3bd linux-imx-lf-6.6.23-2.0.0.tar.gz
sha256 4c1147a9bbe4bf36fbcbd8b1e6b0d73ec0da3c454821c58a61d32d3879afc146 linux-imx-lf-6.12.3-1.0.0.tar.gz
@@ -1,2 +1,2 @@
# Locally calculated
sha256 179b6531ef1d4ce681d139741ac7b4144220c90b7223297df28b61e98e8d37fc uboot-imx-lf-6.6.23-2.0.0.tar.gz
sha256 18a32d6c79538e4f90746674873b196f9c48be24caef0ab5c1bec920a1816825 uboot-imx-lf-6.12.3-1.0.0.tar.gz
@@ -1,2 +1,2 @@
# Locally calculated
sha256 c70adedadce88f8685cb26d9703b930292c1349138e2c55ed9b4cd6e277de3bd linux-imx-lf-6.6.23-2.0.0.tar.gz
sha256 4c1147a9bbe4bf36fbcbd8b1e6b0d73ec0da3c454821c58a61d32d3879afc146 linux-imx-lf-6.12.3-1.0.0.tar.gz
@@ -1,2 +1,2 @@
# Locally calculated
sha256 179b6531ef1d4ce681d139741ac7b4144220c90b7223297df28b61e98e8d37fc uboot-imx-lf-6.6.23-2.0.0.tar.gz
sha256 18a32d6c79538e4f90746674873b196f9c48be24caef0ab5c1bec920a1816825 uboot-imx-lf-6.12.3-1.0.0.tar.gz
@@ -1,2 +1,2 @@
# Locally calculated
sha256 c70adedadce88f8685cb26d9703b930292c1349138e2c55ed9b4cd6e277de3bd linux-imx-lf-6.6.23-2.0.0.tar.gz
sha256 4c1147a9bbe4bf36fbcbd8b1e6b0d73ec0da3c454821c58a61d32d3879afc146 linux-imx-lf-6.12.3-1.0.0.tar.gz
@@ -1,2 +1,2 @@
# Locally calculated
sha256 179b6531ef1d4ce681d139741ac7b4144220c90b7223297df28b61e98e8d37fc uboot-imx-lf-6.6.23-2.0.0.tar.gz
sha256 18a32d6c79538e4f90746674873b196f9c48be24caef0ab5c1bec920a1816825 uboot-imx-lf-6.12.3-1.0.0.tar.gz
@@ -1,2 +1,2 @@
# Locally calculated
sha256 37f0dee8b3b52d6c7f8a46c3bdd4138b528f9cc607015400e7cad0c206df41d7 imx-atf-lf-6.6.23-2.0.0.tar.gz
sha256 a696ee1c75140cd5ddb9d4349c921952f80e2a8a21bc6bd92f905959a6b1798f imx-atf-lf-6.12.3-1.0.0.tar.gz
@@ -1,2 +1,2 @@
# Locally calculated
sha256 c70adedadce88f8685cb26d9703b930292c1349138e2c55ed9b4cd6e277de3bd linux-imx-lf-6.6.23-2.0.0.tar.gz
sha256 4c1147a9bbe4bf36fbcbd8b1e6b0d73ec0da3c454821c58a61d32d3879afc146 linux-imx-lf-6.12.3-1.0.0.tar.gz
@@ -1,2 +1,2 @@
# Locally calculated
sha256 179b6531ef1d4ce681d139741ac7b4144220c90b7223297df28b61e98e8d37fc uboot-imx-lf-6.6.23-2.0.0.tar.gz
sha256 18a32d6c79538e4f90746674873b196f9c48be24caef0ab5c1bec920a1816825 uboot-imx-lf-6.12.3-1.0.0.tar.gz
@@ -1,2 +1,2 @@
# Locally calculated
sha256 37f0dee8b3b52d6c7f8a46c3bdd4138b528f9cc607015400e7cad0c206df41d7 imx-atf-lf-6.6.23-2.0.0.tar.gz
sha256 a696ee1c75140cd5ddb9d4349c921952f80e2a8a21bc6bd92f905959a6b1798f imx-atf-lf-6.12.3-1.0.0.tar.gz
@@ -1,2 +1,2 @@
# Locally calculated
sha256 c70adedadce88f8685cb26d9703b930292c1349138e2c55ed9b4cd6e277de3bd linux-imx-lf-6.6.23-2.0.0.tar.gz
sha256 4c1147a9bbe4bf36fbcbd8b1e6b0d73ec0da3c454821c58a61d32d3879afc146 linux-imx-lf-6.12.3-1.0.0.tar.gz
@@ -1,2 +1,2 @@
# Locally calculated
sha256 179b6531ef1d4ce681d139741ac7b4144220c90b7223297df28b61e98e8d37fc uboot-imx-lf-6.6.23-2.0.0.tar.gz
sha256 18a32d6c79538e4f90746674873b196f9c48be24caef0ab5c1bec920a1816825 uboot-imx-lf-6.12.3-1.0.0.tar.gz
@@ -1,2 +1,2 @@
# Locally calculated
sha256 37f0dee8b3b52d6c7f8a46c3bdd4138b528f9cc607015400e7cad0c206df41d7 imx-atf-lf-6.6.23-2.0.0.tar.gz
sha256 a696ee1c75140cd5ddb9d4349c921952f80e2a8a21bc6bd92f905959a6b1798f imx-atf-lf-6.12.3-1.0.0.tar.gz
@@ -1,2 +1,2 @@
# Locally calculated
sha256 c70adedadce88f8685cb26d9703b930292c1349138e2c55ed9b4cd6e277de3bd linux-imx-lf-6.6.23-2.0.0.tar.gz
sha256 4c1147a9bbe4bf36fbcbd8b1e6b0d73ec0da3c454821c58a61d32d3879afc146 linux-imx-lf-6.12.3-1.0.0.tar.gz
@@ -1,2 +1,2 @@
# Locally calculated
sha256 179b6531ef1d4ce681d139741ac7b4144220c90b7223297df28b61e98e8d37fc uboot-imx-lf-6.6.23-2.0.0.tar.gz
sha256 18a32d6c79538e4f90746674873b196f9c48be24caef0ab5c1bec920a1816825 uboot-imx-lf-6.12.3-1.0.0.tar.gz
@@ -1,2 +1,2 @@
# Locally calculated
sha256 37f0dee8b3b52d6c7f8a46c3bdd4138b528f9cc607015400e7cad0c206df41d7 imx-atf-lf-6.6.23-2.0.0.tar.gz
sha256 a696ee1c75140cd5ddb9d4349c921952f80e2a8a21bc6bd92f905959a6b1798f imx-atf-lf-6.12.3-1.0.0.tar.gz
@@ -1,2 +1,2 @@
# Locally calculated
sha256 c70adedadce88f8685cb26d9703b930292c1349138e2c55ed9b4cd6e277de3bd linux-imx-lf-6.6.23-2.0.0.tar.gz
sha256 4c1147a9bbe4bf36fbcbd8b1e6b0d73ec0da3c454821c58a61d32d3879afc146 linux-imx-lf-6.12.3-1.0.0.tar.gz
@@ -1,2 +1,2 @@
# Locally calculated
sha256 179b6531ef1d4ce681d139741ac7b4144220c90b7223297df28b61e98e8d37fc uboot-imx-lf-6.6.23-2.0.0.tar.gz
sha256 18a32d6c79538e4f90746674873b196f9c48be24caef0ab5c1bec920a1816825 uboot-imx-lf-6.12.3-1.0.0.tar.gz
@@ -1,2 +1,2 @@
# Locally calculated
sha256 37f0dee8b3b52d6c7f8a46c3bdd4138b528f9cc607015400e7cad0c206df41d7 imx-atf-lf-6.6.23-2.0.0.tar.gz
sha256 a696ee1c75140cd5ddb9d4349c921952f80e2a8a21bc6bd92f905959a6b1798f imx-atf-lf-6.12.3-1.0.0.tar.gz

Some files were not shown because too many files have changed in this diff Show More