openRuyi-tutorials/buildroot
6
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: openRuyi-tutorials:master
Branches Tags
openRuyi-tutorials:master openRuyi-tutorials:quiz-mooc
openRuyi-tutorials:2025.11.3 openRuyi-tutorials:2025.02.12 openRuyi-tutorials:2026.02 openRuyi-tutorials:2026.02-rc3 openRuyi-tutorials:2026.02-rc2 openRuyi-tutorials:2025.11.2 openRuyi-tutorials:2025.02.11 openRuyi-tutorials:2026.02-rc1 openRuyi-tutorials:2025.11.1 openRuyi-tutorials:2025.02.10 openRuyi-tutorials:2025.11 openRuyi-tutorials:2025.08.3 openRuyi-tutorials:2025.02.9 openRuyi-tutorials:2025.11-rc2 openRuyi-tutorials:2025.08.2 openRuyi-tutorials:2025.02.8 openRuyi-tutorials:2025.11-rc1 openRuyi-tutorials:2025.08.1 openRuyi-tutorials:2025.05.3 openRuyi-tutorials:2025.02.7 openRuyi-tutorials:2025.05.2 openRuyi-tutorials:2025.02.6 openRuyi-tutorials:2025.08 openRuyi-tutorials:2025.08-rc3 openRuyi-tutorials:2025.08-rc2 openRuyi-tutorials:2025.05.1 openRuyi-tutorials:2025.02.5 openRuyi-tutorials:2025.08-rc1 openRuyi-tutorials:2025.02.4 openRuyi-tutorials:2025.05 openRuyi-tutorials:2025.05-rc2 openRuyi-tutorials:2025.05-rc1 openRuyi-tutorials:2025.02.3 openRuyi-tutorials:2025.02.2 openRuyi-tutorials:2025.02.1 openRuyi-tutorials:2024.11.4 openRuyi-tutorials:2024.02.13 openRuyi-tutorials:2024.02.12 openRuyi-tutorials:2024.11.3 openRuyi-tutorials:2025.02 openRuyi-tutorials:2025.02-rc2 openRuyi-tutorials:2025.02-rc1 openRuyi-tutorials:2024.11.2 openRuyi-tutorials:2024.02.11 openRuyi-tutorials:2024.11.1 openRuyi-tutorials:2024.02.10 openRuyi-tutorials:2024.02.9 openRuyi-tutorials:2024.08.3 openRuyi-tutorials:2024.11 openRuyi-tutorials:2024.11-rc3 openRuyi-tutorials:2024.11-rc2 openRuyi-tutorials:2024.02.8 openRuyi-tutorials:2024.08.2 openRuyi-tutorials:2024.11-rc1 openRuyi-tutorials:2024.02.7 openRuyi-tutorials:2024.08.1 openRuyi-tutorials:2024.02.6 openRuyi-tutorials:2024.05.3 openRuyi-tutorials:2024.08 openRuyi-tutorials:2024.08-rc3 openRuyi-tutorials:2024.08-rc2 openRuyi-tutorials:2024.02.5 openRuyi-tutorials:2024.05.2 openRuyi-tutorials:2024.08-rc1 openRuyi-tutorials:2024.02.4 openRuyi-tutorials:2024.05.1 openRuyi-tutorials:2024.05 openRuyi-tutorials:2024.02.3 openRuyi-tutorials:2024.05-rc2 openRuyi-tutorials:2024.05-rc1 openRuyi-tutorials:2024.02.2 openRuyi-tutorials:2023.02.11 openRuyi-tutorials:2023.11.3 openRuyi-tutorials:2024.02.1 openRuyi-tutorials:2024.02 openRuyi-tutorials:2024.02-rc2 openRuyi-tutorials:2023.02.10 openRuyi-tutorials:2023.11.2 openRuyi-tutorials:2024.02-rc1 openRuyi-tutorials:2023.02.9 openRuyi-tutorials:2023.11.1 openRuyi-tutorials:2023.02.8 openRuyi-tutorials:2023.08.4 openRuyi-tutorials:2023.11 openRuyi-tutorials:2023.11-rc2 openRuyi-tutorials:2023.02.7 openRuyi-tutorials:2023.08.3 openRuyi-tutorials:2023.11-rc1 openRuyi-tutorials:2023.02.6 openRuyi-tutorials:2023.08.2 openRuyi-tutorials:2023.08.1 openRuyi-tutorials:2023.02.5 openRuyi-tutorials:2023.05.3 openRuyi-tutorials:2023.08 openRuyi-tutorials:2023.02.4 openRuyi-tutorials:2023.05.2 openRuyi-tutorials:2023.08-rc3 openRuyi-tutorials:2023.08-rc2 openRuyi-tutorials:2023.08-rc1 openRuyi-tutorials:2023.02.3 openRuyi-tutorials:2023.05.1 openRuyi-tutorials:2023.02.2 openRuyi-tutorials:2023.05 openRuyi-tutorials:2023.05-rc3 openRuyi-tutorials:2023.05-rc2 openRuyi-tutorials:2023.05-rc1 openRuyi-tutorials:2023.02.1 openRuyi-tutorials:2022.02.12 openRuyi-tutorials:2022.02.11 openRuyi-tutorials:2022.11.3 openRuyi-tutorials:2023.02 openRuyi-tutorials:2023.02-rc3 openRuyi-tutorials:2022.02.10 openRuyi-tutorials:2022.11.2 openRuyi-tutorials:2023.02-rc2 openRuyi-tutorials:2023.02-rc1 openRuyi-tutorials:2022.02.9 openRuyi-tutorials:2022.11.1 openRuyi-tutorials:settings-v1 openRuyi-tutorials:2022.02.8 openRuyi-tutorials:2022.08.3 openRuyi-tutorials:2022.11 openRuyi-tutorials:2022.11-rc3 openRuyi-tutorials:2022.02.7 openRuyi-tutorials:2022.08.2 openRuyi-tutorials:2022.11-rc2 openRuyi-tutorials:2022.11-rc1 openRuyi-tutorials:2022.08.1 openRuyi-tutorials:2022.02.6 openRuyi-tutorials:2022.05.3 openRuyi-tutorials:2022.08 openRuyi-tutorials:2022.08-rc2 openRuyi-tutorials:2022.02.5 openRuyi-tutorials:2022.05.2 openRuyi-tutorials:2022.08-rc1 openRuyi-tutorials:2022.02.4 openRuyi-tutorials:2022.05.1 openRuyi-tutorials:2022.02.3 openRuyi-tutorials:2022.05 openRuyi-tutorials:2022.05-rc2 openRuyi-tutorials:2022.02.2 openRuyi-tutorials:2022.05-rc1 openRuyi-tutorials:2022.02.1 openRuyi-tutorials:2021.02.12 openRuyi-tutorials:2021.02.11 openRuyi-tutorials:2021.11.3 openRuyi-tutorials:2022.02 openRuyi-tutorials:2022.02-rc3 openRuyi-tutorials:2021.02.10 openRuyi-tutorials:2021.11.2 openRuyi-tutorials:2022.02-rc2 openRuyi-tutorials:2022.02-rc1 openRuyi-tutorials:2021.11.1 openRuyi-tutorials:2021.02.9 openRuyi-tutorials:2021.02.8 openRuyi-tutorials:2021.08.3 openRuyi-tutorials:2021.11 openRuyi-tutorials:2021.11-rc3 openRuyi-tutorials:2021.11-rc2 openRuyi-tutorials:2021.02.7 openRuyi-tutorials:2021.08.2 openRuyi-tutorials:2021.11-rc1 openRuyi-tutorials:2021.02.6 openRuyi-tutorials:2021.05.3 openRuyi-tutorials:2021.08.1 openRuyi-tutorials:2021.02.5 openRuyi-tutorials:2021.05.2 openRuyi-tutorials:2021.08 openRuyi-tutorials:2021.08-rc3 openRuyi-tutorials:2021.08-rc2 openRuyi-tutorials:2021.02.4 openRuyi-tutorials:2021.05.1 openRuyi-tutorials:2021.08-rc1 openRuyi-tutorials:2021.02.3 openRuyi-tutorials:2021.05 openRuyi-tutorials:2021.05-rc3 openRuyi-tutorials:2021.05-rc2 openRuyi-tutorials:2021.02.2 openRuyi-tutorials:2021.05-rc1 openRuyi-tutorials:2021.02.1 openRuyi-tutorials:2020.02.12 openRuyi-tutorials:2020.11.4 openRuyi-tutorials:2021.02 openRuyi-tutorials:2021.02-rc3 openRuyi-tutorials:2020.02.11 openRuyi-tutorials:2020.11.3 openRuyi-tutorials:2021.02-rc2 openRuyi-tutorials:2021.02-rc1 openRuyi-tutorials:2020.02.10 openRuyi-tutorials:2020.11.2 openRuyi-tutorials:2020.02.9 openRuyi-tutorials:2020.08.3 openRuyi-tutorials:2020.11.1 openRuyi-tutorials:2020.11 openRuyi-tutorials:2020.11-rc3 openRuyi-tutorials:2020.02.8 openRuyi-tutorials:2020.08.2 openRuyi-tutorials:2020.11-rc2 openRuyi-tutorials:2020.11-rc1 openRuyi-tutorials:2020.02.7 openRuyi-tutorials:2020.05.3 openRuyi-tutorials:2020.08.1 openRuyi-tutorials:2020.02.6 openRuyi-tutorials:2020.08 openRuyi-tutorials:2020.02.5 openRuyi-tutorials:2020.05.2 openRuyi-tutorials:2020.08-rc3 openRuyi-tutorials:2020.08-rc2 openRuyi-tutorials:2020.08-rc1 openRuyi-tutorials:2020.02.4 openRuyi-tutorials:2020.05.1 openRuyi-tutorials:2020.02.3 openRuyi-tutorials:2020.05 openRuyi-tutorials:2020.05-rc3 openRuyi-tutorials:2020.05-rc2 openRuyi-tutorials:2020.02.2 openRuyi-tutorials:2020.05-rc1 openRuyi-tutorials:2020.02.1 openRuyi-tutorials:2019.11.3 openRuyi-tutorials:2019.02.11 openRuyi-tutorials:2019.02.10 openRuyi-tutorials:2019.11.2 openRuyi-tutorials:2020.02 openRuyi-tutorials:2020.02-rc3 openRuyi-tutorials:2020.02-rc2 openRuyi-tutorials:2020.02-rc1 openRuyi-tutorials:2019.02.9 openRuyi-tutorials:2019.11.1 openRuyi-tutorials:2019.02.8 openRuyi-tutorials:2019.08.3 openRuyi-tutorials:2019.11 openRuyi-tutorials:2019.11-rc3 openRuyi-tutorials:2019.11-rc2 openRuyi-tutorials:2019.02.7 openRuyi-tutorials:2019.08.2 openRuyi-tutorials:2019.11-rc1 openRuyi-tutorials:2019.02.6 openRuyi-tutorials:2019.05.3 openRuyi-tutorials:2019.08.1 openRuyi-tutorials:2019.05.2 openRuyi-tutorials:2019.02.5 openRuyi-tutorials:2019.08 openRuyi-tutorials:2019.08-rc3 openRuyi-tutorials:2019.08-rc2 openRuyi-tutorials:2019.08-rc1 openRuyi-tutorials:2019.02.4 openRuyi-tutorials:2019.05.1 openRuyi-tutorials:2019.02.3 openRuyi-tutorials:2019.05 openRuyi-tutorials:2019.05-rc3 openRuyi-tutorials:2019.05-rc2 openRuyi-tutorials:2019.05-rc1 openRuyi-tutorials:2019.02.2 openRuyi-tutorials:2019.02.1 openRuyi-tutorials:2018.02.12 openRuyi-tutorials:2018.11.4 openRuyi-tutorials:2019.02 openRuyi-tutorials:2019.02-rc3 openRuyi-tutorials:2018.11.3 openRuyi-tutorials:2018.02.11 openRuyi-tutorials:2019.02-rc2 openRuyi-tutorials:2019.02-rc1 openRuyi-tutorials:2018.02.10 openRuyi-tutorials:2018.11.2 openRuyi-tutorials:2018.02.9 openRuyi-tutorials:2018.08.4 openRuyi-tutorials:2018.11.1 openRuyi-tutorials:2018.11 openRuyi-tutorials:2018.11-rc3 openRuyi-tutorials:2018.02.8 openRuyi-tutorials:2018.08.3 openRuyi-tutorials:2018.11-rc2 openRuyi-tutorials:2018.11-rc1 openRuyi-tutorials:2018.02.7 openRuyi-tutorials:2018.08.2 openRuyi-tutorials:2018.08.1 openRuyi-tutorials:2018.02.6 openRuyi-tutorials:2018.05.3 openRuyi-tutorials:2018.08 openRuyi-tutorials:2018.08-rc3 openRuyi-tutorials:2018.02.5 openRuyi-tutorials:2018.05.2 openRuyi-tutorials:2018.08-rc2 openRuyi-tutorials:2018.08-rc1 openRuyi-tutorials:2018.02.4 openRuyi-tutorials:2018.05.1 openRuyi-tutorials:2018.02.3 openRuyi-tutorials:2018.05 openRuyi-tutorials:2018.05-rc3 openRuyi-tutorials:2018.05-rc2 openRuyi-tutorials:2018.05-rc1 openRuyi-tutorials:2018.02.2 openRuyi-tutorials:2017.02.11 openRuyi-tutorials:2018.02.1 openRuyi-tutorials:2018.02 openRuyi-tutorials:2018.02-rc3 openRuyi-tutorials:2018.02-rc2 openRuyi-tutorials:2018.02-rc1 openRuyi-tutorials:2017.02.10 openRuyi-tutorials:2017.11.2 openRuyi-tutorials:2017.02.9 openRuyi-tutorials:2017.11.1 openRuyi-tutorials:2017.11 openRuyi-tutorials:2017.08.2 openRuyi-tutorials:2017.02.8 openRuyi-tutorials:2017.11-rc2 openRuyi-tutorials:2017.11-rc1 openRuyi-tutorials:2017.02.7 openRuyi-tutorials:2017.08.1 openRuyi-tutorials:2017.02.6 openRuyi-tutorials:2017.08 openRuyi-tutorials:2017.08-rc3 openRuyi-tutorials:2017.08-rc2 openRuyi-tutorials:2017.08-rc1 openRuyi-tutorials:2017.05.2 openRuyi-tutorials:2017.02.5 openRuyi-tutorials:2017.05.1 openRuyi-tutorials:2017.02.4 openRuyi-tutorials:2017.02.3 openRuyi-tutorials:2017.05 openRuyi-tutorials:2017.05-rc3 openRuyi-tutorials:2017.05-rc2 openRuyi-tutorials:2017.05-rc1 openRuyi-tutorials:2017.02.2 openRuyi-tutorials:2017.02.1 openRuyi-tutorials:2016.11.3 openRuyi-tutorials:2017.02 openRuyi-tutorials:2017.02-rc3 openRuyi-tutorials:2017.02-rc2 openRuyi-tutorials:2017.02-rc1 openRuyi-tutorials:2016.11.2 openRuyi-tutorials:2016.11.1 openRuyi-tutorials:2016.11 openRuyi-tutorials:2016.11-rc3 openRuyi-tutorials:2016.11-rc2 openRuyi-tutorials:2016.11-rc1 openRuyi-tutorials:2016.08.1 openRuyi-tutorials:2016.08 openRuyi-tutorials:2016.08-rc3 openRuyi-tutorials:2016.08-rc2 openRuyi-tutorials:2016.08-rc1 openRuyi-tutorials:2016.05 openRuyi-tutorials:2016.05-rc3 openRuyi-tutorials:2016.05-rc2 openRuyi-tutorials:2016.05-rc1 openRuyi-tutorials:2016.02 openRuyi-tutorials:2016.02-rc3 openRuyi-tutorials:2016.02-rc2 openRuyi-tutorials:2016.02-rc1 openRuyi-tutorials:2015.11.1 openRuyi-tutorials:2015.11 openRuyi-tutorials:2015.11-rc3 openRuyi-tutorials:2015.11-rc2 openRuyi-tutorials:2015.11-rc1 openRuyi-tutorials:2015.08.1 openRuyi-tutorials:2015.08 openRuyi-tutorials:2015.08-rc2 openRuyi-tutorials:2015.08-rc1 openRuyi-tutorials:2015.05 openRuyi-tutorials:2015.05-rc3 openRuyi-tutorials:2015.05-rc2 openRuyi-tutorials:2015.05-rc1 openRuyi-tutorials:2015.02 openRuyi-tutorials:2015.02-rc3 openRuyi-tutorials:2015.02-rc2 openRuyi-tutorials:2015.02-rc1 openRuyi-tutorials:2014.11 openRuyi-tutorials:2014.11-rc3 openRuyi-tutorials:2014.11-rc2 openRuyi-tutorials:2014.11-rc1 openRuyi-tutorials:2014.08 openRuyi-tutorials:2014.08-rc3 openRuyi-tutorials:2014.08-rc2 openRuyi-tutorials:2014.08-rc1 openRuyi-tutorials:2014.05 openRuyi-tutorials:2014.05-rc3 openRuyi-tutorials:2014.05-rc2 openRuyi-tutorials:2014.05-rc1 openRuyi-tutorials:2014.02 openRuyi-tutorials:2014.02-rc3 openRuyi-tutorials:2014.02-rc2 openRuyi-tutorials:2014.02-rc1 openRuyi-tutorials:2013.11 openRuyi-tutorials:2013.11-rc3 openRuyi-tutorials:2013.11-rc2 openRuyi-tutorials:2013.11_rc1 openRuyi-tutorials:2013.08.1 openRuyi-tutorials:2013.08 openRuyi-tutorials:2013.08_rc3 openRuyi-tutorials:2013.08_rc2 openRuyi-tutorials:2013.08_rc1 openRuyi-tutorials:2013.05 openRuyi-tutorials:2013.05_rc3 openRuyi-tutorials:2013.05_rc2 openRuyi-tutorials:2013.05_rc1 openRuyi-tutorials:2013.02 openRuyi-tutorials:2013.02_rc3 openRuyi-tutorials:2013.02_rc2 openRuyi-tutorials:2013.02_rc1 openRuyi-tutorials:2012.11.1 openRuyi-tutorials:2012.11 openRuyi-tutorials:2012.11_rc2 openRuyi-tutorials:2012.11_rc1 openRuyi-tutorials:2012.08 openRuyi-tutorials:2012.08_rc3 openRuyi-tutorials:2012.08_rc2 openRuyi-tutorials:2012.08_rc1 openRuyi-tutorials:2012.05 openRuyi-tutorials:2012.05_rc3 openRuyi-tutorials:2012.05_rc2 openRuyi-tutorials:2012.05_rc1 openRuyi-tutorials:2012.02 openRuyi-tutorials:2012.02_rc3 openRuyi-tutorials:2012.02_rc2 openRuyi-tutorials:2012.02_rc1 openRuyi-tutorials:2011.11 openRuyi-tutorials:2011.11_rc3 openRuyi-tutorials:2011.11_rc2 openRuyi-tutorials:2011.11_rc1 openRuyi-tutorials:2011.08 openRuyi-tutorials:2011.08_rc2 openRuyi-tutorials:2011.08_rc1 openRuyi-tutorials:2011.05 openRuyi-tutorials:2011.05_rc2 openRuyi-tutorials:2011.05_rc1 openRuyi-tutorials:2011.02 openRuyi-tutorials:2011.02_rc2 openRuyi-tutorials:2011.02_rc1 openRuyi-tutorials:2010.11 openRuyi-tutorials:2010.11_rc2 openRuyi-tutorials:2010.11_rc1 openRuyi-tutorials:2010.08 openRuyi-tutorials:2010.08_rc2 openRuyi-tutorials:2010.08_rc1 openRuyi-tutorials:2010.05 openRuyi-tutorials:2010.05_rc3 openRuyi-tutorials:2010.05_rc2 openRuyi-tutorials:2010.05_rc1 openRuyi-tutorials:2010.02 openRuyi-tutorials:2010.02_rc2 openRuyi-tutorials:2010.02_rc1 openRuyi-tutorials:2009.11 openRuyi-tutorials:2009.11_rc2 openRuyi-tutorials:2009.11_rc1 openRuyi-tutorials:2009.08 openRuyi-tutorials:2009.08_rc3 openRuyi-tutorials:2009.08_rc2 openRuyi-tutorials:2009.08_rc1 openRuyi-tutorials:2009.05 openRuyi-tutorials:2009.05_rc3 openRuyi-tutorials:2009.05_rc2 openRuyi-tutorials:2009.05_rc1 openRuyi-tutorials:2009.02 openRuyi-tutorials:2009.02_rc4 openRuyi-tutorials:2009.02_rc3 openRuyi-tutorials:2009.02_rc2 openRuyi-tutorials:2009.02_rc1 openRuyi-tutorials:gcc3_legacy openRuyi-tutorials:0_0
..
compare: openRuyi-tutorials:2025.08.2
Branches Tags
openRuyi-tutorials:quiz-mooc openRuyi-tutorials:master
openRuyi-tutorials:2025.11.3 openRuyi-tutorials:2025.02.12 openRuyi-tutorials:2026.02 openRuyi-tutorials:2026.02-rc3 openRuyi-tutorials:2026.02-rc2 openRuyi-tutorials:2025.11.2 openRuyi-tutorials:2025.02.11 openRuyi-tutorials:2026.02-rc1 openRuyi-tutorials:2025.11.1 openRuyi-tutorials:2025.02.10 openRuyi-tutorials:2025.11 openRuyi-tutorials:2025.08.3 openRuyi-tutorials:2025.02.9 openRuyi-tutorials:2025.11-rc2 openRuyi-tutorials:2025.08.2 openRuyi-tutorials:2025.02.8 openRuyi-tutorials:2025.11-rc1 openRuyi-tutorials:2025.08.1 openRuyi-tutorials:2025.05.3 openRuyi-tutorials:2025.02.7 openRuyi-tutorials:2025.05.2 openRuyi-tutorials:2025.02.6 openRuyi-tutorials:2025.08 openRuyi-tutorials:2025.08-rc3 openRuyi-tutorials:2025.08-rc2 openRuyi-tutorials:2025.05.1 openRuyi-tutorials:2025.02.5 openRuyi-tutorials:2025.08-rc1 openRuyi-tutorials:2025.02.4 openRuyi-tutorials:2025.05 openRuyi-tutorials:2025.05-rc2 openRuyi-tutorials:2025.05-rc1 openRuyi-tutorials:2025.02.3 openRuyi-tutorials:2025.02.2 openRuyi-tutorials:2025.02.1 openRuyi-tutorials:2024.11.4 openRuyi-tutorials:2024.02.13 openRuyi-tutorials:2024.02.12 openRuyi-tutorials:2024.11.3 openRuyi-tutorials:2025.02 openRuyi-tutorials:2025.02-rc2 openRuyi-tutorials:2025.02-rc1 openRuyi-tutorials:2024.11.2 openRuyi-tutorials:2024.02.11 openRuyi-tutorials:2024.11.1 openRuyi-tutorials:2024.02.10 openRuyi-tutorials:2024.02.9 openRuyi-tutorials:2024.08.3 openRuyi-tutorials:2024.11 openRuyi-tutorials:2024.11-rc3 openRuyi-tutorials:2024.11-rc2 openRuyi-tutorials:2024.02.8 openRuyi-tutorials:2024.08.2 openRuyi-tutorials:2024.11-rc1 openRuyi-tutorials:2024.02.7 openRuyi-tutorials:2024.08.1 openRuyi-tutorials:2024.02.6 openRuyi-tutorials:2024.05.3 openRuyi-tutorials:2024.08 openRuyi-tutorials:2024.08-rc3 openRuyi-tutorials:2024.08-rc2 openRuyi-tutorials:2024.02.5 openRuyi-tutorials:2024.05.2 openRuyi-tutorials:2024.08-rc1 openRuyi-tutorials:2024.02.4 openRuyi-tutorials:2024.05.1 openRuyi-tutorials:2024.05 openRuyi-tutorials:2024.02.3 openRuyi-tutorials:2024.05-rc2 openRuyi-tutorials:2024.05-rc1 openRuyi-tutorials:2024.02.2 openRuyi-tutorials:2023.02.11 openRuyi-tutorials:2023.11.3 openRuyi-tutorials:2024.02.1 openRuyi-tutorials:2024.02 openRuyi-tutorials:2024.02-rc2 openRuyi-tutorials:2023.02.10 openRuyi-tutorials:2023.11.2 openRuyi-tutorials:2024.02-rc1 openRuyi-tutorials:2023.02.9 openRuyi-tutorials:2023.11.1 openRuyi-tutorials:2023.02.8 openRuyi-tutorials:2023.08.4 openRuyi-tutorials:2023.11 openRuyi-tutorials:2023.11-rc2 openRuyi-tutorials:2023.02.7 openRuyi-tutorials:2023.08.3 openRuyi-tutorials:2023.11-rc1 openRuyi-tutorials:2023.02.6 openRuyi-tutorials:2023.08.2 openRuyi-tutorials:2023.08.1 openRuyi-tutorials:2023.02.5 openRuyi-tutorials:2023.05.3 openRuyi-tutorials:2023.08 openRuyi-tutorials:2023.02.4 openRuyi-tutorials:2023.05.2 openRuyi-tutorials:2023.08-rc3 openRuyi-tutorials:2023.08-rc2 openRuyi-tutorials:2023.08-rc1 openRuyi-tutorials:2023.02.3 openRuyi-tutorials:2023.05.1 openRuyi-tutorials:2023.02.2 openRuyi-tutorials:2023.05 openRuyi-tutorials:2023.05-rc3 openRuyi-tutorials:2023.05-rc2 openRuyi-tutorials:2023.05-rc1 openRuyi-tutorials:2023.02.1 openRuyi-tutorials:2022.02.12 openRuyi-tutorials:2022.02.11 openRuyi-tutorials:2022.11.3 openRuyi-tutorials:2023.02 openRuyi-tutorials:2023.02-rc3 openRuyi-tutorials:2022.02.10 openRuyi-tutorials:2022.11.2 openRuyi-tutorials:2023.02-rc2 openRuyi-tutorials:2023.02-rc1 openRuyi-tutorials:2022.02.9 openRuyi-tutorials:2022.11.1 openRuyi-tutorials:settings-v1 openRuyi-tutorials:2022.02.8 openRuyi-tutorials:2022.08.3 openRuyi-tutorials:2022.11 openRuyi-tutorials:2022.11-rc3 openRuyi-tutorials:2022.02.7 openRuyi-tutorials:2022.08.2 openRuyi-tutorials:2022.11-rc2 openRuyi-tutorials:2022.11-rc1 openRuyi-tutorials:2022.08.1 openRuyi-tutorials:2022.02.6 openRuyi-tutorials:2022.05.3 openRuyi-tutorials:2022.08 openRuyi-tutorials:2022.08-rc2 openRuyi-tutorials:2022.02.5 openRuyi-tutorials:2022.05.2 openRuyi-tutorials:2022.08-rc1 openRuyi-tutorials:2022.02.4 openRuyi-tutorials:2022.05.1 openRuyi-tutorials:2022.02.3 openRuyi-tutorials:2022.05 openRuyi-tutorials:2022.05-rc2 openRuyi-tutorials:2022.02.2 openRuyi-tutorials:2022.05-rc1 openRuyi-tutorials:2022.02.1 openRuyi-tutorials:2021.02.12 openRuyi-tutorials:2021.02.11 openRuyi-tutorials:2021.11.3 openRuyi-tutorials:2022.02 openRuyi-tutorials:2022.02-rc3 openRuyi-tutorials:2021.02.10 openRuyi-tutorials:2021.11.2 openRuyi-tutorials:2022.02-rc2 openRuyi-tutorials:2022.02-rc1 openRuyi-tutorials:2021.11.1 openRuyi-tutorials:2021.02.9 openRuyi-tutorials:2021.02.8 openRuyi-tutorials:2021.08.3 openRuyi-tutorials:2021.11 openRuyi-tutorials:2021.11-rc3 openRuyi-tutorials:2021.11-rc2 openRuyi-tutorials:2021.02.7 openRuyi-tutorials:2021.08.2 openRuyi-tutorials:2021.11-rc1 openRuyi-tutorials:2021.02.6 openRuyi-tutorials:2021.05.3 openRuyi-tutorials:2021.08.1 openRuyi-tutorials:2021.02.5 openRuyi-tutorials:2021.05.2 openRuyi-tutorials:2021.08 openRuyi-tutorials:2021.08-rc3 openRuyi-tutorials:2021.08-rc2 openRuyi-tutorials:2021.02.4 openRuyi-tutorials:2021.05.1 openRuyi-tutorials:2021.08-rc1 openRuyi-tutorials:2021.02.3 openRuyi-tutorials:2021.05 openRuyi-tutorials:2021.05-rc3 openRuyi-tutorials:2021.05-rc2 openRuyi-tutorials:2021.02.2 openRuyi-tutorials:2021.05-rc1 openRuyi-tutorials:2021.02.1 openRuyi-tutorials:2020.02.12 openRuyi-tutorials:2020.11.4 openRuyi-tutorials:2021.02 openRuyi-tutorials:2021.02-rc3 openRuyi-tutorials:2020.02.11 openRuyi-tutorials:2020.11.3 openRuyi-tutorials:2021.02-rc2 openRuyi-tutorials:2021.02-rc1 openRuyi-tutorials:2020.02.10 openRuyi-tutorials:2020.11.2 openRuyi-tutorials:2020.02.9 openRuyi-tutorials:2020.08.3 openRuyi-tutorials:2020.11.1 openRuyi-tutorials:2020.11 openRuyi-tutorials:2020.11-rc3 openRuyi-tutorials:2020.02.8 openRuyi-tutorials:2020.08.2 openRuyi-tutorials:2020.11-rc2 openRuyi-tutorials:2020.11-rc1 openRuyi-tutorials:2020.02.7 openRuyi-tutorials:2020.05.3 openRuyi-tutorials:2020.08.1 openRuyi-tutorials:2020.02.6 openRuyi-tutorials:2020.08 openRuyi-tutorials:2020.02.5 openRuyi-tutorials:2020.05.2 openRuyi-tutorials:2020.08-rc3 openRuyi-tutorials:2020.08-rc2 openRuyi-tutorials:2020.08-rc1 openRuyi-tutorials:2020.02.4 openRuyi-tutorials:2020.05.1 openRuyi-tutorials:2020.02.3 openRuyi-tutorials:2020.05 openRuyi-tutorials:2020.05-rc3 openRuyi-tutorials:2020.05-rc2 openRuyi-tutorials:2020.02.2 openRuyi-tutorials:2020.05-rc1 openRuyi-tutorials:2020.02.1 openRuyi-tutorials:2019.11.3 openRuyi-tutorials:2019.02.11 openRuyi-tutorials:2019.02.10 openRuyi-tutorials:2019.11.2 openRuyi-tutorials:2020.02 openRuyi-tutorials:2020.02-rc3 openRuyi-tutorials:2020.02-rc2 openRuyi-tutorials:2020.02-rc1 openRuyi-tutorials:2019.02.9 openRuyi-tutorials:2019.11.1 openRuyi-tutorials:2019.02.8 openRuyi-tutorials:2019.08.3 openRuyi-tutorials:2019.11 openRuyi-tutorials:2019.11-rc3 openRuyi-tutorials:2019.11-rc2 openRuyi-tutorials:2019.02.7 openRuyi-tutorials:2019.08.2 openRuyi-tutorials:2019.11-rc1 openRuyi-tutorials:2019.02.6 openRuyi-tutorials:2019.05.3 openRuyi-tutorials:2019.08.1 openRuyi-tutorials:2019.05.2 openRuyi-tutorials:2019.02.5 openRuyi-tutorials:2019.08 openRuyi-tutorials:2019.08-rc3 openRuyi-tutorials:2019.08-rc2 openRuyi-tutorials:2019.08-rc1 openRuyi-tutorials:2019.02.4 openRuyi-tutorials:2019.05.1 openRuyi-tutorials:2019.02.3 openRuyi-tutorials:2019.05 openRuyi-tutorials:2019.05-rc3 openRuyi-tutorials:2019.05-rc2 openRuyi-tutorials:2019.05-rc1 openRuyi-tutorials:2019.02.2 openRuyi-tutorials:2019.02.1 openRuyi-tutorials:2018.02.12 openRuyi-tutorials:2018.11.4 openRuyi-tutorials:2019.02 openRuyi-tutorials:2019.02-rc3 openRuyi-tutorials:2018.11.3 openRuyi-tutorials:2018.02.11 openRuyi-tutorials:2019.02-rc2 openRuyi-tutorials:2019.02-rc1 openRuyi-tutorials:2018.02.10 openRuyi-tutorials:2018.11.2 openRuyi-tutorials:2018.02.9 openRuyi-tutorials:2018.08.4 openRuyi-tutorials:2018.11.1 openRuyi-tutorials:2018.11 openRuyi-tutorials:2018.11-rc3 openRuyi-tutorials:2018.02.8 openRuyi-tutorials:2018.08.3 openRuyi-tutorials:2018.11-rc2 openRuyi-tutorials:2018.11-rc1 openRuyi-tutorials:2018.02.7 openRuyi-tutorials:2018.08.2 openRuyi-tutorials:2018.08.1 openRuyi-tutorials:2018.02.6 openRuyi-tutorials:2018.05.3 openRuyi-tutorials:2018.08 openRuyi-tutorials:2018.08-rc3 openRuyi-tutorials:2018.02.5 openRuyi-tutorials:2018.05.2 openRuyi-tutorials:2018.08-rc2 openRuyi-tutorials:2018.08-rc1 openRuyi-tutorials:2018.02.4 openRuyi-tutorials:2018.05.1 openRuyi-tutorials:2018.02.3 openRuyi-tutorials:2018.05 openRuyi-tutorials:2018.05-rc3 openRuyi-tutorials:2018.05-rc2 openRuyi-tutorials:2018.05-rc1 openRuyi-tutorials:2018.02.2 openRuyi-tutorials:2017.02.11 openRuyi-tutorials:2018.02.1 openRuyi-tutorials:2018.02 openRuyi-tutorials:2018.02-rc3 openRuyi-tutorials:2018.02-rc2 openRuyi-tutorials:2018.02-rc1 openRuyi-tutorials:2017.02.10 openRuyi-tutorials:2017.11.2 openRuyi-tutorials:2017.02.9 openRuyi-tutorials:2017.11.1 openRuyi-tutorials:2017.11 openRuyi-tutorials:2017.08.2 openRuyi-tutorials:2017.02.8 openRuyi-tutorials:2017.11-rc2 openRuyi-tutorials:2017.11-rc1 openRuyi-tutorials:2017.02.7 openRuyi-tutorials:2017.08.1 openRuyi-tutorials:2017.02.6 openRuyi-tutorials:2017.08 openRuyi-tutorials:2017.08-rc3 openRuyi-tutorials:2017.08-rc2 openRuyi-tutorials:2017.08-rc1 openRuyi-tutorials:2017.05.2 openRuyi-tutorials:2017.02.5 openRuyi-tutorials:2017.05.1 openRuyi-tutorials:2017.02.4 openRuyi-tutorials:2017.02.3 openRuyi-tutorials:2017.05 openRuyi-tutorials:2017.05-rc3 openRuyi-tutorials:2017.05-rc2 openRuyi-tutorials:2017.05-rc1 openRuyi-tutorials:2017.02.2 openRuyi-tutorials:2017.02.1 openRuyi-tutorials:2016.11.3 openRuyi-tutorials:2017.02 openRuyi-tutorials:2017.02-rc3 openRuyi-tutorials:2017.02-rc2 openRuyi-tutorials:2017.02-rc1 openRuyi-tutorials:2016.11.2 openRuyi-tutorials:2016.11.1 openRuyi-tutorials:2016.11 openRuyi-tutorials:2016.11-rc3 openRuyi-tutorials:2016.11-rc2 openRuyi-tutorials:2016.11-rc1 openRuyi-tutorials:2016.08.1 openRuyi-tutorials:2016.08 openRuyi-tutorials:2016.08-rc3 openRuyi-tutorials:2016.08-rc2 openRuyi-tutorials:2016.08-rc1 openRuyi-tutorials:2016.05 openRuyi-tutorials:2016.05-rc3 openRuyi-tutorials:2016.05-rc2 openRuyi-tutorials:2016.05-rc1 openRuyi-tutorials:2016.02 openRuyi-tutorials:2016.02-rc3 openRuyi-tutorials:2016.02-rc2 openRuyi-tutorials:2016.02-rc1 openRuyi-tutorials:2015.11.1 openRuyi-tutorials:2015.11 openRuyi-tutorials:2015.11-rc3 openRuyi-tutorials:2015.11-rc2 openRuyi-tutorials:2015.11-rc1 openRuyi-tutorials:2015.08.1 openRuyi-tutorials:2015.08 openRuyi-tutorials:2015.08-rc2 openRuyi-tutorials:2015.08-rc1 openRuyi-tutorials:2015.05 openRuyi-tutorials:2015.05-rc3 openRuyi-tutorials:2015.05-rc2 openRuyi-tutorials:2015.05-rc1 openRuyi-tutorials:2015.02 openRuyi-tutorials:2015.02-rc3 openRuyi-tutorials:2015.02-rc2 openRuyi-tutorials:2015.02-rc1 openRuyi-tutorials:2014.11 openRuyi-tutorials:2014.11-rc3 openRuyi-tutorials:2014.11-rc2 openRuyi-tutorials:2014.11-rc1 openRuyi-tutorials:2014.08 openRuyi-tutorials:2014.08-rc3 openRuyi-tutorials:2014.08-rc2 openRuyi-tutorials:2014.08-rc1 openRuyi-tutorials:2014.05 openRuyi-tutorials:2014.05-rc3 openRuyi-tutorials:2014.05-rc2 openRuyi-tutorials:2014.05-rc1 openRuyi-tutorials:2014.02 openRuyi-tutorials:2014.02-rc3 openRuyi-tutorials:2014.02-rc2 openRuyi-tutorials:2014.02-rc1 openRuyi-tutorials:2013.11 openRuyi-tutorials:2013.11-rc3 openRuyi-tutorials:2013.11-rc2 openRuyi-tutorials:2013.11_rc1 openRuyi-tutorials:2013.08.1 openRuyi-tutorials:2013.08 openRuyi-tutorials:2013.08_rc3 openRuyi-tutorials:2013.08_rc2 openRuyi-tutorials:2013.08_rc1 openRuyi-tutorials:2013.05 openRuyi-tutorials:2013.05_rc3 openRuyi-tutorials:2013.05_rc2 openRuyi-tutorials:2013.05_rc1 openRuyi-tutorials:2013.02 openRuyi-tutorials:2013.02_rc3 openRuyi-tutorials:2013.02_rc2 openRuyi-tutorials:2013.02_rc1 openRuyi-tutorials:2012.11.1 openRuyi-tutorials:2012.11 openRuyi-tutorials:2012.11_rc2 openRuyi-tutorials:2012.11_rc1 openRuyi-tutorials:2012.08 openRuyi-tutorials:2012.08_rc3 openRuyi-tutorials:2012.08_rc2 openRuyi-tutorials:2012.08_rc1 openRuyi-tutorials:2012.05 openRuyi-tutorials:2012.05_rc3 openRuyi-tutorials:2012.05_rc2 openRuyi-tutorials:2012.05_rc1 openRuyi-tutorials:2012.02 openRuyi-tutorials:2012.02_rc3 openRuyi-tutorials:2012.02_rc2 openRuyi-tutorials:2012.02_rc1 openRuyi-tutorials:2011.11 openRuyi-tutorials:2011.11_rc3 openRuyi-tutorials:2011.11_rc2 openRuyi-tutorials:2011.11_rc1 openRuyi-tutorials:2011.08 openRuyi-tutorials:2011.08_rc2 openRuyi-tutorials:2011.08_rc1 openRuyi-tutorials:2011.05 openRuyi-tutorials:2011.05_rc2 openRuyi-tutorials:2011.05_rc1 openRuyi-tutorials:2011.02 openRuyi-tutorials:2011.02_rc2 openRuyi-tutorials:2011.02_rc1 openRuyi-tutorials:2010.11 openRuyi-tutorials:2010.11_rc2 openRuyi-tutorials:2010.11_rc1 openRuyi-tutorials:2010.08 openRuyi-tutorials:2010.08_rc2 openRuyi-tutorials:2010.08_rc1 openRuyi-tutorials:2010.05 openRuyi-tutorials:2010.05_rc3 openRuyi-tutorials:2010.05_rc2 openRuyi-tutorials:2010.05_rc1 openRuyi-tutorials:2010.02 openRuyi-tutorials:2010.02_rc2 openRuyi-tutorials:2010.02_rc1 openRuyi-tutorials:2009.11 openRuyi-tutorials:2009.11_rc2 openRuyi-tutorials:2009.11_rc1 openRuyi-tutorials:2009.08 openRuyi-tutorials:2009.08_rc3 openRuyi-tutorials:2009.08_rc2 openRuyi-tutorials:2009.08_rc1 openRuyi-tutorials:2009.05 openRuyi-tutorials:2009.05_rc3 openRuyi-tutorials:2009.05_rc2 openRuyi-tutorials:2009.05_rc1 openRuyi-tutorials:2009.02 openRuyi-tutorials:2009.02_rc4 openRuyi-tutorials:2009.02_rc3 openRuyi-tutorials:2009.02_rc2 openRuyi-tutorials:2009.02_rc1 openRuyi-tutorials:gcc3_legacy openRuyi-tutorials:0_0

239 Commits
master ... 2025.08.2

Author SHA1 Message Date
Arnout Vandecappelle
645f6f4824 Makefile: update for 2025.08.2 
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
 2025-11-20 22:32:20 +01:00
Arnout Vandecappelle
27914e1e43 CHANGES: update for 2025.08.2 
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
 2025-11-20 22:31:09 +01:00
Titouan Christophe
2e5d7c6666 {linux, linux-headers}: bump 6.12.x series 
Update the latest kernel releases to:
 - 6.12.57 -> 6.12.58

Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
 2025-11-17 13:34:24 +01:00
Peter Korsgaard
4a206a0d9b package/pkg-download.mk: fix 'dereferencing' typo 
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit ac4dc0b95a)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-11-15 17:43:36 +01:00
Bernd Kuhls
d515db39fd package/python-flask-cors: remove license file 
Upstream tarball does not contain a license file anymore since version
5.0.1 [1] which causes errors after buildroot commit
04cd135b26 which bumped the package
version from 5.0.0 to 6.0.1.

Fixes:
https://autobuild.buildroot.net/results/1eb/1eb9d68616793c9241bcb55bc2ea1929608c68bd/

[1] https://github.com/corydolphin/flask-cors/issues/382

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 9f3e222e99)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-11-15 17:43:27 +01:00
Dario Binacchi
e464e3fa53 configs/imx6ulz_bsh_smm_m2: bump Linux to 6.12.56 
The patch bumps the Linux kernel to version 6.12.56.

Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 96ffbbca8f)
[thomas: only linux]
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-11-15 17:42:54 +01:00
Thomas Perale
8597c940d4 package/tpm2-tss: security bump to v3.2.3 
For more information about the release, see:
 - https://github.com/tpm2-software/tpm2-tss/releases/tag/3.2.3

Fixes the following vulnerability:

- CVE-2024-29040

The JSON Quote Info returned by Fapi_Quote has to be deserialized by
Fapi_VerifyQuote to the TPM Structure `TPMS_ATTEST`. For the field
`TPM2_GENERATED magic` of this structure any number can be used in the
JSON structure. The verifier can receive a state which does not
represent the actual, possibly malicious state of the device under test.
The malicious device might get access to data it shouldn't, or can use
services it shouldn't be able to.

For more information, see:
  - https://nvd.nist.gov/vuln/detail/cve-2024-29040
  - https://github.com/tpm2-software/tpm2-tss/security/advisories/GHSA-837m-jw3m-h9p6

(cherry picked from commit 04533b70e6)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-11-15 17:40:25 +01:00
Thomas Perale
14929eed31 package/pkg-generic.mk: Set <pkg>_CPE_ID_UPDATE to NA by default 
The commit [1] set the default value of '<pkg>_CPE_ID_UPDATE' to not use
a wildcard by default. But instead of setting the value to '-' it set it
to an empty value instead.

According to document [2] section 6.1.2.1.1 the 'Not Attributed' value
bind to an hyphen ('-') and the blank statement bind to the 'Any' ('*').

Because the CPE matching function was incorrect using a blank statement
worked to remove the false positives but this is not correct according
to the CPE documentation.

[1] 53a8616460 package/pkg-generic.mk: use more sensible default value for <pkg>_CPE_ID_UPDATE
[2] https://nvlpubs.nist.gov/nistpubs/Legacy/IR/nistir7695.pdf

Fixes: 53a8616460.
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 8430ca7c28)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-11-15 17:39:05 +01:00
Thomas Perale
f44bc9776e support/scripts/cve.py: fix CPE matching 
Given the following criteria: `cpe:2.3:a:oneidentitty:syslog-ng:*:*:*:*:-:*:*:*`.
The former `cpe_matches` implementation would match with the following
CPE: `cpe:2.3:a:oneidentitty:syslog-ng:4.71:*:*:*:premium:*:*:*`.

The 'hyphen' ('-') meaning is "Not Attributed" (NA) a criteria with no
attributed software edition shouldn't match with a CPE with an attributed
software edition:

https://csrc.nist.gov/pubs/ir/7695/final

This patch also create a distinct 'CPE' object that aggregate the
function specifics to CPEs like it's done for 'CVE'.

Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 35f376d88e)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-11-15 17:38:03 +01:00
Thomas Perale
33c6d0ff40 support/scripts/cve.py: remove print from cve.py library 
The `support/script/cve.py` file is used as a library. Depending on how
you use this library you might not want to write content to stdout when
calling its function.

This patch move the 'updating' log to the 'pkg-stats' script and write
the alert when LooseVersion doesn't have a version to stderr.

Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 4b318dea17)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-11-15 17:37:56 +01:00
Bernd Kuhls
03b99918de package/libheif: needs threads since v1.20.1 
Buildroot commit accb006d9b bumped libheif
to version 1.20.1 which includes several commits unconditionally depen-
ding on std::mutex which requires a toolchain with threads:

14f956726c
6bb8cdaa8a

Add dependency to BR2_TOOLCHAIN_HAS_THREADS to Config.in, remove configure
options handling non-threaded toolchains and adjust a Config.in comment of
the only dependee kodi-imagedecoder-heif.

Fixes:
https://autobuild.buildroot.net/results/28b/28bf68147382dada33cbf9b299396dfdee3fbbe6/

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 02f5061eb0)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-11-15 17:36:54 +01:00
Thomas Devoogdt
13c7a9f2ff package/webkitgtk: disable internal ccache configuration 
WebKit's auto-configured ccache results in 100% cache misses.
Disable WebKit's internal ccache setup [1] since Buildroot
already manages the ccache in toolchain/toolchain-wrapper.c.

[1] https://github.com/WebKit/WebKit/blob/webkitgtk-2.50.1/Source/cmake/WebKitCCache.cmake

Signed-off-by: Thomas Devoogdt <thomas.devoogdt@barco.com>
Acked-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 37d2702625)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-11-05 17:07:55 +01:00
Thomas Devoogdt
25b2b2bfdb package/wpewebkit: disable internal ccache configuration 
WebKit's auto-configured ccache results in 100% cache misses.
Disable WebKit's internal ccache setup [1] since Buildroot
already manages the ccache in toolchain/toolchain-wrapper.c.

[1] https://github.com/WebKit/WebKit/blob/wpewebkit-2.48.3/Source/cmake/WebKitCCache.cmake

Signed-off-by: Thomas Devoogdt <thomas@devoogdt.com>
Acked-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit c6fb44c455)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-11-05 17:07:45 +01:00
Bernd Kuhls
f269ba9f7f package/ramspeed: remove package 
The download location is gone and even though the package is available
on a Github repository [0], it has not been updated for 7 years now.
Drop the package.

[0] https://github.com/cruvolo/ramspeed

See buildroot commit 0951e3fc24 for the
removal of the ramsmp package which is the SMP version of ramspeed.

Fixes:
https://autobuild.buildroot.net/results/d40/d404da1c3a7cd8628d2b2e9e519d629626d28593/

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 07ab60acd9)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-11-05 17:07:12 +01:00
Bernd Kuhls
ae9d0cb8b3 package/libiconv: fix build with gcc 15.x 
Fixes:
https://autobuild.buildroot.net/results/387/3875466a80e57dfd96911a2166e496cf7d41bb69/

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 8930ede00f)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-11-05 17:02:40 +01:00
Bernd Kuhls
be8da88137 package/live555: switch _SITE to videolan.org 
Upstream site http://www.live555.com/liveMedia/public/ removes older
versions, use videolan.org instead.

Fixes:
https://autobuild.buildroot.net/results/7af/7af41a2774ba3ed7049e06fe290d3233e772ab19/

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit da133c05c3)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-11-05 17:00:20 +01:00
Bernd Kuhls
04a9e0d8a9 package/crun: link with libatomic if needed 
Fixes:
https://autobuild.buildroot.net/results/f4f/f4fb970f8d4f2f7966fcbd542768a607ea7ababf/

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit c560bb3181)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-11-05 17:00:03 +01:00
Bernd Kuhls
8ced625be6 package/quota: Fix building on musl 
Add upstream commit to fix musl build.

Fixes:
https://autobuild.buildroot.net/results/7de/7de6acab2b10d1b6b7d5e95104f1f2686bcd126b/

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 3a0b914c51)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-11-05 16:59:32 +01:00
Peter Korsgaard
7eadb3502c package/gstd: bump to version 0.15.2 
Bugfix release:
https://github.com/RidgeRun/gstd-1.x/releases/tag/v0.15.2

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit e87154cf3e)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-11-05 16:59:17 +01:00
Leo Yu-Chi Liang
b1112dfcf1 configs/andes_ae350_45_defconfig: Fix post-build.sh Shellcheck error 
Add quotation mark to fix Shellcheck error.

Signed-off-by: Leo Yu-Chi Liang <ycliang@andestech.com>
Reviewed-by: Vincent Jardin <vjardin@free.fr>
[Julien: remove .checkpackageignore entry to fix check-package error]
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 7504f85c84)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-11-05 16:58:12 +01:00
Dario Binacchi
650a0a8afc configs/imx8mn_bsh_smm_s2[_pro]: bump Linux to 6.12.56 
The patch bumps the Linux kernel to version 6.12.56.

Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 821551a171)
[thomas: only linux]
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-11-05 16:56:47 +01:00
Bernd Kuhls
8794351644 package/bind: security bump version to 9.18.41 
Release notes:
https://ftp.isc.org/isc/bind9/9.18.41/doc/arm/html/notes.html

Changelog:
https://ftp.isc.org/isc/bind9/9.18.41/doc/arm/html/changelog.html

Fixes CVE-2025-8677, CVE-2025-40778 & CVE-2025-40780.

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit f27a99010f)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-11-05 16:52:17 +01:00
Bernd Kuhls
cc82809a43 package/bind: add optional dependency to jemalloc 
Added upstream in version 9.18.0:
7f1c525625

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 4a2202244b)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-11-05 16:52:08 +01:00
Bernd Kuhls
afa914efa6 package/bind: enable parallel builds 
Buildroot commit e4749b826c disabled
parallel builds back in 2016. Nearly 10 years and a "Complete rewrite
[of] the BIND 9 build system" later

978c7b2e89

we enable parallel builds again, make -j1000 finished without problems.

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 6a20a930fd)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-11-05 16:50:54 +01:00
Bernd Kuhls
e28f5f0f37 package/bind: drop unrecognized options 
Buildroot commit c9515c8b63 bumped bind to
9.18.28 which removed dnssec-keymgr:
https://gitlab.isc.org/isc-projects/bind9/-/blob/v9.18.28/doc/notes/notes-9.18.0.rst?ref_type=tags&plain=1#L187

but forgot to remove the configure option --with-python
98b3b93791
305ca032a0

Configure option --enable-epoll was also removed upstream in 9.18.16:
6b6076c882

Configure option --enable-backtrace was also removed upstream in 9.18.0:
e847591867

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 9c0f6d2379)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-11-05 16:49:53 +01:00
Bernd Kuhls
cff6724a9a package/bind: drop unrecognized option 
Buildroot commits 7b43e24818 and
8adeaec8af removed the possibility for
static builds but forgot to remove some related _CONF_OPTS.

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 636b2a8503)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-11-05 16:49:43 +01:00
Thomas Petazzoni
ab3680b89d support/testing/infra: improve run_cmd_on_host() to show stdout/stderr 
When run_cmd_on_host() runs a command that fails, we only get an
exception with no details to debug what happened. Let's improve that
by catching the exception, and printing the command output. This
requires redirecting stderr to stdout (instead of /dev/null) and
asking to get the output in text format.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 01dc13adfb)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-11-05 16:48:54 +01:00
Jarkko Sakkinen
3e0fe12cc3 package/libtpms: bump version to 0.10.1 
Release notes:
https://github.com/stefanberger/libtpms/releases/tag/v0.10.1

Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>
[Julien:
 - remove old hash entry
 - fix release note url in commit log
]
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit b4c9596dbf)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-11-05 16:48:30 +01:00
Thomas Perale
fcc7e9c92e package/imagemagick: security bump to v7.1.2-8 
For more details on the version bump, see:
  - https://github.com/ImageMagick/ImageMagick/compare/7.1.2-3...7.1.2-8

Fixes the following vulnerability:

- CVE-2025-62171

    ImageMagick is an open source software suite for displaying,
    converting, and editing raster image files. In ImageMagick versions
    prior to 7.1.2-7 and 6.9.13-32, an integer overflow vulnerability
    exists in the BMP decoder on 32-bit systems. The vulnerability
    occurs in coders/bmp.c when calculating the extent value by
    multiplying image columns by bits per pixel. On 32-bit systems with
    size_t of 4 bytes, a malicious BMP file with specific dimensions can
    cause this multiplication to overflow and wrap to zero. The overflow
    check added to address CVE-2025-57803 is placed after the overflow
    occurs, making it ineffective. A specially crafted 58-byte BMP file
    with width set to 536,870,912 and 32 bits per pixel can trigger this
    overflow, causing the bytes_per_line calculation to become zero.
    This vulnerability only affects 32-bit builds of ImageMagick where
    default resource limits for width, height, and area have been
    manually increased beyond their defaults. 64-bit systems with size_t
    of 8 bytes are not vulnerable, and systems using default ImageMagick
    resource limits are not vulnerable. The vulnerability is fixed in
    versions 7.1.2-7 and 6.9.13-32.

For more information, see:
  - https://nvd.nist.gov/vuln/detail/CVE-2025-62171
  - https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-9pp9-cfwx-54rm
  - cea1693e2d

Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 3b3b2d1b72)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-11-05 16:47:55 +01:00
Thomas Perale
8a4770581f package/mbedtls: security bump to v3.6.5 
For more details on the version bump, see:
 - https://github.com/Mbed-TLS/mbedtls/releases/tag/mbedtls-3.6.5

Fixes the following vulnerabilities:

- CVE-2025-54764

    Mbed TLS before 3.6.5 allows a local timing attack against certain
    RSA operations, and direct calls to mbedtls_mpi_mod_inv or
    mbedtls_mpi_gcd.

For more information, see:
  - https://nvd.nist.gov/vuln/detail/CVE-2025-54764
  - https://mbed-tls.readthedocs.io/en/latest/security-advisories/mbedtls-security-advisory-2025-10-ssbleed-mstep/

- CVE-2025-59438

    Mbed TLS through 3.6.4 has an Observable Timing Discrepancy.

For more information, see:
  - https://nvd.nist.gov/vuln/detail/CVE-2025-59438
  - https://mbed-tls.readthedocs.io/en/latest/security-advisories/mbedtls-security-advisory-2025-10-invalid-padding-error/

Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 1a25f0c372)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-11-05 16:47:29 +01:00
Scott Fan
875a2c9e8e configs/cubieboard2: bump Linux to 6.12.52 
Signed-off-by: Scott Fan <fancp2007@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 8448784798)
[thomas: only linux]
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-11-05 16:46:56 +01:00
Scott Fan
60b2e56205 configs/cubieboard1: bump Linux to 6.12.52 
Signed-off-by: Scott Fan <fancp2007@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 0515f1e783)
[thomas: only linux]
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-11-05 16:43:50 +01:00
Titouan Christophe
bae9c933bf package/hostapd: add patches for CVE-2025-24912 
See https://jvn.jp/en/jp/JVN19358384/

This fixes the following vulnerability:
- CVE-2025-24912:
    hostapd fails to process crafted RADIUS packets properly. When hostapd
    authenticates wi-fi devices with RADIUS authentication, an attacker in
    the position between the hostapd and the RADIUS server may inject
    crafted RADIUS packets and force RADIUS authentications to fail.
    https://www.cve.org/CVERecord?id=CVE-2025-24912

Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 8282aaf094)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-11-05 16:39:53 +01:00
Bernd Kuhls
5a2905f2d5 package/libxslt: security bump version to 1.1.43 
Release notes:
https://download.gnome.org/sources/libxslt/1.1/libxslt-1.1.43.news

Fixes CVE-2025-24855 & CVE-2024-55549.

Switched _LICENSE_FILES to Copyright due to upstream commit
29938a64f6
in version 1.1.36 and the removal of COPYING in the 1.1.43 tarball,
although COPYING did still exist in the 1.1.42 tarball.

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 50954cc5e0)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-11-05 16:38:55 +01:00
Titouan Christophe
2ec93026bd {linux, linux-headers}: bump 6.12.x, 6.6.x, 6.1.x, 5.15.x, 5.10.x, 5.4.x series 
Update the latest kernel releases to:
 - 6.12.55 -> 6.12.57
 - 6.6.114 -> 6.6.116
 - 6.1.157 -> 6.1.158
 - 5.15.195 -> 5.15.196
 - 5.10.245 -> 5.10.246
 - 5.4.300 -> 5.4.301

Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
 2025-11-03 12:29:56 +01:00
Gong Zhile
ec0d27f566 package/libsolv: add upstream patch to fix musl build 
After the introduction of qsort_r in musl, building libsolv with musl fails with
unmatched qsort_r function signature. The commit adds the recently upstreamed
patch to fix it.

Original PR: https://github.com/openSUSE/libsolv/pull/600

Fixes: http://autobuild.buildroot.org/results/ab06e97bef898b2c53b906afb2a4b8ee6841bacb

Signed-off-by: Gong Zhile <gongzl.oerv@isrc.iscas.ac.cn>
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 172846b226)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-10-30 09:18:25 +01:00
Bernd Kuhls
f3651f6177 package/libdbi-drivers: fix build with gcc >= 14.x 
Fixes:
https://autobuild.buildroot.net/results/d30/d3068de2f477d68823c4b7e537f120edf03338bb/

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 6ad92d4a5d)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-10-30 09:18:24 +01:00
Bernd Kuhls
c5335ec098 package/sqlite: bump version to 3.50.4 
This commit includes reverts of the last attempt to bump sqlite:
git revert --no-edit c4c282f8ec 014174f00d 835b5659ea db481210e9 296744b0f4 939244b828 f0a272ef14 274c36578f

and the following new changes:

The autoconf-based configure script until version 3.48.0 enabled rtree
support by default:
https://github.com/sqlite/sqlite/blob/version-3.48.0/autoconf/configure.ac#L180

while the autosetup-based needs -DSQLITE_ENABLE_RTREE
https://github.com/sqlite/sqlite/blob/version-3.50.4/autosetup/sqlite-config.tcl#L763

Added Config.in option for RTREE support and enabled it for gdal to
provide a needed dependency:
https://github.com/OSGeo/gdal/blob/v3.11.4/cmake/helpers/CheckDependentLibraries.cmake#L277

Added upstream patch to fix forced addition of rpath and added
configure option --disable-rpath to target build.

Added configure option --soname=legacy to fix wrong library name which
breaks linking of kodi:
7f2281bd7c

Added configure option --disable-shared for static builds.

Added build fixes for BR2_m68k_cf.

Removed SQLITE_CONF_OPTS and readline support from host build to avoid
dependencies.

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Tested-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 2cc346e763)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-10-30 09:18:23 +01:00
Bernd Kuhls
40bce3fba3 package/libshout: fix build with gcc >= 14.x 
Fixes:
https://autobuild.buildroot.net/results/c53/c53b7b613269acddd3467865c11784f59062a943/

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 5c5a28e461)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-10-30 09:18:22 +01:00
Dario Binacchi
b856032617 DEVELOPERS: add Dario Binacchi for libgphoto2 
Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 2726d965cd)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-10-30 09:18:20 +01:00
Dario Binacchi
3356a881d4 package/libgphoto2: fix build with gcc >= 14 
The commit adds a backported upstream patch to fix the following build
failure:

ptp2/ptp-pack.c:3168:31: note: earlier argument should specify number of elements, later size of each element
ptp2/chdk.c: In function 'yuv_live_to_jpeg':
ptp2/chdk.c:1203:41: error: passing argument 3 of 'jpeg_mem_dest' from incompatible pointer type [-Wincompatible-pointer-types]
 1203 |         jpeg_mem_dest (&cinfo, &outbuf, &outlen);
      |                                         ^~~~~~~
      |                                         |
      |                                         uint64_t * {aka long long unsigned int *}
In file included from ptp2/chdk.c:31:
/home/autobuild/autobuild/instance-0/output-1/per-package/libgphoto2/host/armeb-buildroot-linux-gnueabi/sysroot/usr/include/jpeglib.h:989:43: note: expected 'long unsigned int *' but argument is of type 'uint64_t *' {aka 'long long unsigned int *'}
  989 |                            unsigned long *outsize);

Fixes:
- https://autobuild.buildroot.org/results/db742e301a401c9f4bdf3c7e8cfde9f0ba1c4558

Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit ebd07998d0)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-10-30 09:18:19 +01:00
Trammell Hudson
c75b49ad5c package/shairport-sync: security bump version to 4.3.7 
Drop all the patches (already in version).  Works on Pi 4b and 0W.

https://github.com/mikebrady/shairport-sync/releases/tag/4.3.7

Since version 3.3.9, two versions were marked upstream as including
security fixes. No CVE are referenced in those release notes.
https://github.com/mikebrady/shairport-sync/releases/tag/4.3
https://github.com/mikebrady/shairport-sync/releases/tag/4.3.1

Signed-off-by: Trammell Hudson <hudson@trmm.net>
[Julien: mark the commit as "security" in commit log title]
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 879c9f0fc6)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-10-30 09:18:18 +01:00
Titouan Christophe
ae919e24f8 package/poppler: security bump to v25.10.0 
This contains many bug and security fixes since v22.12.0.
See the release notes: https://poppler.freedesktop.org/releases.html

In addition:
- Drop patch that has been applied upstream
- Update a few cmake configuration options that changed upstream

There is currently a build failure when enabling gpgme, so disable it
unconditionally for now.

Finally, this fixes the following vulnerabilities:
- CVE-2024-6239:
    A flaw was found in the Poppler's Pdfinfo utility. This issue occurs
    when using -dests parameter with pdfinfo utility. By using certain
    malformed input files, an attacker could cause the utility to crash,
    leading to a denial of service.
    https://www.cve.org/CVERecord?id=CVE-2024-6239

- CVE-2024-56378:
    libpoppler.so in Poppler through 24.12.0 has an out-of-bounds read
    vulnerability within the JBIG2Bitmap::combine function in
    JBIG2Stream.cc.
    https://www.cve.org/CVERecord?id=CVE-2024-56378

- CVE-2025-32364:
    A floating-point exception in the PSStack::roll function of Poppler
    before 25.04.0 can cause an application to crash when handling
    malformed inputs associated with INT_MIN.
    https://www.cve.org/CVERecord?id=CVE-2025-32364

- CVE-2025-32365:
    Poppler before 25.04.0 allows crafted input files to trigger out-of-
    bounds reads in the JBIG2Bitmap::combine function in JBIG2Stream.cc
    because of a misplaced isOk check.
    https://www.cve.org/CVERecord?id=CVE-2025-32365

- CVE-2025-43903:
    NSSCryptoSignBackend.cc in Poppler before 25.04.0 does not verify the
    adbe.pkcs7.sha1 signatures on documents, resulting in potential
    signature forgeries.
    https://www.cve.org/CVERecord?id=CVE-2025-43903

- CVE-2025-50420:
    An issue in the pdfseparate utility of freedesktop poppler v25.04.0
    allows attackers to cause an infinite recursion via supplying a
    crafted PDF file. This can lead to a Denial of Service (DoS).
    https://www.cve.org/CVERecord?id=CVE-2025-50420

- CVE-2025-52886:
    Poppler is a PDF rendering library. Versions prior to 25.06.0 use
    `std::atomic_int` for reference counting. Because `std::atomic_int` is
    only 32 bits, it is possible to overflow the reference count and
    trigger a use-after-free. Version 25.06.0 patches the issue.
    https://www.cve.org/CVERecord?id=CVE-2025-52886

Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
[Julien: mark commit as "security" in commit log title]
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit cdd1c5ca55)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-10-30 09:18:17 +01:00
Titouan Christophe
be8dcf0092 package/netdata: security bump to v1.37.1 
Do not bump to a more recent version, as the build system has
fundamentally changed.

See the release notes:
- https://github.com/netdata/netdata/releases/tag/1.34.0
- https://github.com/netdata/netdata/releases/tag/v1.34.1
- https://github.com/netdata/netdata/releases/tag/v1.35.0
- https://github.com/netdata/netdata/releases/tag/v1.35.1
- https://github.com/netdata/netdata/releases/tag/v1.36.0
- https://github.com/netdata/netdata/releases/tag/v1.36.1
- https://github.com/netdata/netdata/releases/tag/v1.37.0
- https://github.com/netdata/netdata/releases/tag/v1.37.1

In addition, add upstream patch to fix cross-compilation.

This fixes the following vulnerabilities:
- CVE-2023-22496:
    Netdata is an open source option for real-time infrastructure
    monitoring and troubleshooting. An attacker with the ability to
    establish a streaming connection can execute arbitrary commands on the
    targeted Netdata agent. When an alert is triggered, the function
    `health_alarm_execute` is called. This function performs different
    checks and then enqueues a command by calling `spawn_enq_cmd`. This
    command is populated with several arguments that are not sanitized.
    One of them is the `registry_hostname` of the node for which the alert
    is raised. By providing a specially crafted `registry_hostname` as
    part of the health data that is streamed to a Netdata (parent) agent,
    an attacker can execute arbitrary commands at the remote host as a
    side-effect of the raised alert. Note that the commands are executed
    as the user running the Netdata Agent. This user is usually named
    `netdata`. The ability to run arbitrary commands may allow an attacker
    to escalate privileges by escalating other vulnerabilities in the
    system, as that user. The problem has been fixed in: Netdata agent
    v1.37 (stable) and Netdata agent v1.36.0-409 (nightly). As a
    workaround, streaming is not enabled by default. If you have
    previously enabled this, it can be disabled. Limiting access to the
    port on the recipient Agent to trusted child connections may mitigate
    the impact of this vulnerability.
    https://www.cve.org/CVERecord?id=CVE-2023-22496

- CVE-2023-22497:
    Netdata is an open source option for real-time infrastructure
    monitoring and troubleshooting. Each Netdata Agent has an
    automatically generated MACHINE GUID. It is generated when the agent
    first starts and it is saved to disk, so that it will persist across
    restarts and reboots. Anyone who has access to a Netdata Agent has
    access to its MACHINE_GUID. Streaming is a feature that allows a
    Netdata Agent to act as parent for other Netdata Agents (children),
    offloading children from various functions (increased data retention,
    ML, health monitoring, etc) that can now be handled by the parent
    Agent. Configuration is done via `stream.conf`. On the parent side,
    users configure in `stream.conf` an API key (any random UUID can do)
    to provide common configuration for all children using this API key
    and per MACHINE GUID configuration to customize the configuration for
    each child. The way this was implemented, allowed an attacker to use a
    valid MACHINE_GUID as an API key. This affects all users who expose
    their Netdata Agents (children) to non-trusted users and they also
    expose to the same users Netdata Agent parents that aggregate data
    from all these children. The problem has been fixed in: Netdata agent
    v1.37 (stable) and Netdata agent v1.36.0-409 (nightly). As a
    workaround, do not enable streaming by default. If you have previously
    enabled this, it can be disabled. Limiting access to the port on the
    recipient Agent to trusted child connections may mitigate the impact
    of this vulnerability.
    https://www.cve.org/CVERecord?id=CVE-2023-22497

Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
[Julien: add comment before _AUTORECONF with patch name]
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 9cfcd906cf)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-10-30 09:18:16 +01:00
Titouan Christophe
ca724489f5 package/tpm2-tss: ignore CVE-2023-22745 
Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 6144b0f4b7)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-10-30 09:18:14 +01:00
Titouan Christophe
db74d39759 package/openvmtools: ignore CVE-2021-31693 
Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 2cf55b4e49)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-10-30 09:18:13 +01:00
Titouan Christophe
155f30c5e6 package/libssh: ignore CVE-2025-5318 
Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 51b1e1daf5)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-10-30 09:18:12 +01:00
Titouan Christophe
43e3ef8088 package/freerdp: ignore CVE-2025-4478 
Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit f741e8f6e6)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-10-30 09:18:11 +01:00
Bernd Kuhls
920d4cde8a package/dante: security bump version to 1.4.4 
Changelog: http://www.inet.no/dante/announce-1.4.4

Fixes CVE-2024-54662: https://www.inet.no/dante/advisory-2024-12-16.txt

Needed for bump of libminiupnpc to version 2.3.3.

Updated license hash due to copyright year bump:
53727f08ee
(commit taken from unofficial mirror)

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 7d95c34d64)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-10-30 09:18:09 +01:00
Dario Binacchi
6d6f8da1b3 package/libglib2: security bump to version 2.84.4 
This bump includes the security fix for CVE-2025-7039.

Fixes:
https://www.cve.org/CVERecord?id=CVE-2025-7039

Release notes:
https://gitlab.gnome.org/GNOME/glib/-/releases/2.84.4

Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 3252f45279)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-10-30 09:18:08 +01:00
Francois Perrad
c809e8d882 package/libgtk3: bump to version 3.24.51 
For release notes since version 3.24.43, see:
https://gitlab.gnome.org/GNOME/gtk/-/blob/3.24.51/NEWS

Note: the "+" in the project name and source archive was removed
upstream. This commit updates _SOURCE and _SITE accordingly.

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
[Julien: add link to release notes]
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 54c6c0125a)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-10-30 09:18:07 +01:00
Titouan Christophe
5bec02afe4 package/xerces: security bump to v3.2.5 
See the release notes:
https://issues.apache.org/jira/secure/ReleaseNote.jspa?version=12352411&projectId=10510

Also update the download site to https

This fixes the following vulnerability:
- CVE-2024-23807:
    The Apache Xerces C++ XML parser on versions 3.0.0 before 3.2.5
    contains a use-after-free error triggered during the scanning of
    external DTDs.  Users are recommended to upgrade to version 3.2.5
    which fixes the issue, or mitigate the issue by disabling DTD
    processing. This can be accomplished via the DOM using a standard
    parser feature, or via SAX using the XERCES_DISABLE_DTD environment
    variable.  This issue has been disclosed before as CVE-2018-1311, but
    unfortunately that advisory incorrectly stated the issue would be
    fixed in version 3.2.3 or 3.2.4.
    https://www.cve.org/CVERecord?id=CVE-2024-23807

Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 246f2eca20)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-10-30 09:18:06 +01:00
Vincent Stehlé
c3ba44ebf3 utils/brmake: filter output for parallel build 
When building in parallel with per-package directories
(BR2_PER_PACKAGE_DIRECTORIES=y), brmake output is often garbled:

  2025-10-08T18:39:10 >>> host-dtc 1.7.2 Building
  2025-10-08T18:39:11 checking for stdint.h... >>> host-dtc 1.7.2 Installing to host directory
  2025-10-08T18:39:12 checking for limits.h... >>> host-gmp 6.3.0 Installing to host directory

Remove the spurious string between the timestamp and the ">>>" marker to
fix this.
We need some extra care to preserve the preceding "term bold" special
characters sequence.

We also prevent grep and sed to buffer their output too much. This leads to
more frequent output even when we might not be connected to a terminal; for
example: when brmake's output is piped to another program or when running
in CI.

Reviewed-by: Marcus Hoffmann <buildroot@bubu1.eu>
Signed-off-by: Vincent Stehlé <vincent.stehle@arm.com>
Cc: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit c9dca7f4c3)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-10-30 09:18:05 +01:00
Titouan Christophe
1cdbcad9f5 package/libvips: security bump to v8.17.2 
See the many release notes: https://github.com/libvips/libvips/releases

Along that version bump:
- Change source code archive compression from .gz to .xz as this the
  new upstream delivery format
- Switch from autotools to meson build system (see upstream commit
  538aa2a841)
- Update the LICENSE file (see upstream commit
  057703938e)

This fixes the following vulnerabilities:
- CVE-2025-29769:
    libvips is a demand-driven, horizontally threaded image processing
    library.  The heifsave operation could incorrectly determine the
    presence of an alpha channel in an input when it was not possible to
    determine the colour interpretation, known internally within libvips
    as "multiband". There aren't many ways to create a "multiband" input,
    but it is possible with a well-crafted TIFF image. If a "multiband"
    TIFF input image had 4 channels and HEIF-based output was requested,
    this led to libvips creating a 3 channel HEIF image without an alpha
    channel but then attempting to write 4 channels of data. This caused a
    heap buffer overflow, which could crash the process. This
    vulnerability is fixed in 8.16.1.
    https://www.cve.org/CVERecord?id=CVE-2025-29769

- CVE-2025-59933:
    libvips is a demand-driven, horizontally threaded image processing
    library. For versions 8.17.1 and below, when libvips is compiled with
    support for PDF input via poppler, the pdfload operation is affected
    by a buffer read overflow when parsing the header of a crafted PDF
    with a page that defines a width but not a height. Those using libvips
    compiled without support for PDF input are unaffected as well as
    thosewith support for PDF input via PDFium. This issue is fixed in
    version 8.17.2. A workaround for those affected is to block the
    VipsForeignLoadPdf operation via vips_operation_block_set, which is
    available in most language bindings, or to set VIPS_BLOCK_UNTRUSTED
    environment variable at runtime, which will block all untrusted
    loaders including PDF input via poppler.
    https://www.cve.org/CVERecord?id=CVE-2025-59933

Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
[Julien: update _LICENSE_FILES to fix check-package error]
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 72c7d99e22)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-10-30 09:18:04 +01:00
Titouan Christophe
3c1e6ee3da {linux, linux-headers}: bump 6.12.x, 6.6.x series 
Update the latest kernel releases to:
 - 6.12.54 -> 6.12.55
 - 6.6.113 -> 6.6.114

Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
 2025-10-30 09:18:03 +01:00
Dario Binacchi
ca7421d0b8 DEVELOPERS: add Dario Binacchi for less 
Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 3a0a221d57)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-10-30 09:18:01 +01:00
Dario Binacchi
c2b863bdb1 package/libarchive: security bump to version 3.8.2 
This bump includes the security fix for CVE-2025-25724.

Fixes:
https://www.cve.org/CVERecord?id=CVE-2025-25724.

Release notes:
https://github.com/libarchive/libarchive/releases/tag/v3.8.2

Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit a36b7cf77e)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-10-30 09:18:00 +01:00
Dario Binacchi
9a8ae824f8 configs/ti_am62x_sk: bump Linux versions 
This patch bumps:

- Linux kernel to version 6.12.53 (LTS)

Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 74eeed692c)
[thomas: Only kernel bump]
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-10-30 09:17:59 +01:00
Dario Binacchi
0acc865d15 configs/stm32mp1*_dk*: bump Linux to 6.12.53 
The patch bumps the Linux kernel to version 6.12.53

- stm32mp135f_dk_defconfig
- stm32mp157a_dk1_defconfig
- stm32mp157c_dk2_defconfig

Tested on STM32MP157C-DK2 Discovery Board.

Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 4552ed40bc)
[thomas: Only kernel bump]
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-10-30 09:17:58 +01:00
Dario Binacchi
861834fbc3 configs/stm32f769_disco_sd: bump Linux to 5.15.194 
The patch bumps the Linux kernel to version 5.15.194

Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 249a19973b)
[thomas: Only kernel bump]
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-10-30 09:17:57 +01:00
Dario Binacchi
e40898e7dc configs/stm32f746_disco_sd: bump Linux to 5.15.194 
The patch bumps the Linux kernel to version 5.15.194

Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 43be25a237)
[thomas: Only kernel bump]
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-10-30 09:17:56 +01:00
Dario Binacchi
bd01dadd2e configs/stm32f429_disco_xip: bump Linux to 6.1.155 
The patch bumps the Linux kernel to version 6.1.155. The size of
xipImage has increased by only 1126 bytes (1673444 bytes compared to
1672318 in version 6.1.143).

Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 675bb8337d)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-10-30 09:17:55 +01:00
Dario Binacchi
d92856dec9 configs/stm32f429_disco_xip: bump Linux to 6.1.143 
The patch bumps the Linux kernel to version 6.1.143. The size of xipImage
has increased by only 514 bytes (1672318 bytes compared to 1671804 in
version 6.1.133).

Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 0c9a4b7995)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-10-30 09:17:53 +01:00
Bernd Kuhls
24659ac27e package/python3: bump version to 3.13.9 
Release notes:
https://www.python.org/downloads/release/python-3139/

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit cccc8976a8)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-10-30 09:17:52 +01:00
Bernd Kuhls
496ea30a6f package/cmake: bump version to 3.31.9 
Fixes build error with libcurl 8.16.0 introduced by buildroot commit
fb5fb06ee5

Fixes:
https://autobuild.buildroot.net/results/92b/92b1ed36e750d9ad756793814f9d1133bda0e013/

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 33159bb6cc)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-10-30 09:17:51 +01:00
Bernd Kuhls
f2a0e39e68 package/mjpg-streamer: fix build with gcc >= 14 
When mjpg-streamer is built with gcc >= 14 using libjpeg (rather than
jpeg-turbo), and with SDL is enabled (to enable the output_viewer),
the compilation can fail with error:

    output_viewer.c:125:32: error: assignment to ‘boolean (*)(struct jpeg_decompress_struct *)’ from incompatible pointer type ‘int (*)(struct jpeg_decompress_struct *)’ [-Wincompatible-pointer-types]

The issue can be reproduced with the commands:

    cat >.config <<EOF
    BR2_aarch64=y
    BR2_TOOLCHAIN_EXTERNAL=y
    BR2_TOOLCHAIN_EXTERNAL_BOOTLIN=y
    BR2_PACKAGE_LIBJPEG=y
    BR2_PACKAGE_MJPG_STREAMER=y
    BR2_PACKAGE_SDL=y
    EOF
    make olddefconfig
    make mjpg-streamer

This commit adds a patch to fix this issue.

Fixes:
https://autobuild.buildroot.net/results/3a5/3a5674e4e7bb3f2894575191af24598e2a696912/

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
[Julien: add commands to reproduce the issue]
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit af4eef1e0f)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-10-30 09:17:50 +01:00
Bernd Kuhls
6827af4384 package/siproxd: Add upstream patch to fix build with gcc >= 14 
Fixes:
https://autobuild.buildroot.net/results/679/679fe86eea2001aed2baf066abf3ae43b38567b5/

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit bd5934cd7e)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-10-30 09:17:49 +01:00
Bernd Kuhls
9127f0dacb package/freeradius-server: requires RC4 support in openssl 
Fixes:
https://autobuild.buildroot.net/results/5a5/5a57a82800fb7a47731198effc15bd7044133c4d/

    src/modules/rlm_mschap/rlm_mschap.c:1016:54: error: implicit
    declaration of function 'EVP_rc4'; did you mean 'EVP_md4'?

The oldest build error found with a quick search appeared back in July
2024 with freeradius-server 3.2.3 so a backport should be considered:
https://autobuild.buildroot.net/results/e2d/e2d77a52f81b0fea1081417c5c80f7991e27810a/

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 99c5c21b14)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-10-30 09:17:48 +01:00
Bernd Kuhls
03587fbb44 package/qt6/qt6multimedia: add dependency to qt6svg for examples 
Buildroot commit 553c55e9bd added the
qt6multimedia package including an option to build examples which
contains a dependency to qt6svg without selecting the package in
Config.in.

Fixes:
https://autobuild.buildroot.org/results/c94670cf255a1a6975e99d7b22a159f7fdc6f850/

    Makefile:578: *** qt6svg is in the dependency chain of qt6multimedia
    that has added it to its _DEPENDENCIES variable without selecting it
    or depending on it from Config.in.  Stop.

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit f37c48faf6)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-10-30 09:17:47 +01:00
Raphael Pavlidis
6f06b87b78 package/podman: security bump to version 5.6.2 
Changelog:
https://github.com/containers/podman/releases/tag/v5.6.0
https://github.com/containers/podman/releases/tag/v5.6.1
https://github.com/containers/podman/releases/tag/v5.6.2

This commit fixes the CVE-2025-9566 security vulnerability. See:
https://www.cve.org/CVERecord?id=CVE-2025-9566
https://github.com/advisories/GHSA-wp3j-xq48-xpjw

Signed-off-by: Raphael Pavlidis <raphael.pavlidis@gmail.com>
[Julien: mark this commit as security related]
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 4cbb39d4d2)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-10-30 09:17:45 +01:00
Dario Binacchi
c1b3954122 package/ledmon: add upstream patch to fix build w/ gcc-14 
Add an upstream patch to fix a build issue related to uint64_t:

utils.c: In function ‘get_uint64’:
utils.c:118:18: error: passing argument 1 of ‘str_toul’ from incompatible pointer type [-Wincompatible-pointer-types]
  118 |         str_toul(&defval, p, NULL, 16);
      |                  ^~~~~~~
      |                  |
      |                  uint64_t * {aka long long unsigned int *}
In file included from utils.c:48:
utils.h:412:29: note: expected ‘long unsigned int *’ but argument is of type ‘uint64_t *’ {aka ‘long long unsigned int *’}

Fixes:

  https://autobuild.buildroot.org/results/51af1d7bf71061f22d49213951a5f6a9565710c3/

Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit c8923662cc)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-10-30 09:17:44 +01:00
Raphael Gallais-Pou
413db2dce3 package/waffle: fix website reference 
http://www.waffle-gl.org yields "403 Forbidden".
Switch to freedesktop.org subdomain.

Signed-off-by: Raphael Gallais-Pou <rgallaispou@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 9d188bd423)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-10-30 09:17:43 +01:00
Scott Fan
8a43e7c911 configs/beaglebone: bump Linux to 6.12.34-ti-arm32-r12 
The patch bumps the Linux kernel to version 6.12.34-ti-arm32-r12

Tested on beaglebone black.

Signed-off-by: Scott Fan <fancp2007@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
(cherry picked from commit 98a3491d1c)
[thomas: only linux bump]
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-10-30 09:17:42 +01:00
Bernd Kuhls
62037e4e9e package/python-webpy: bump version to 0.70 and add upstream commit to fix CVE-2025-3818 
Release notes: https://github.com/webpy/webpy/releases/tag/webpy-0.70

Switched _SITE to github because version 0.70 was not released to
pypi.org: https://pypi.org/project/web.py/#history

Added upstream commit to fix CVE-2025-3818.

This bump includes
f7540bef65
which removes the deprecated cgi module which was removed in Python 3.13
and causes build errors since buildroot bumped python3 to 3.13.2 with
commit d63e207eb8.

Fixes:
https://autobuild.buildroot.net/results/5a7/5a7382250d33ddfd49de2c7996fb54aaf20dd62c/

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
(cherry picked from commit d05e2f785d)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-10-30 09:17:41 +01:00
Bernd Kuhls
bf505dde95 package/samba4: security bump version to 4.22.5 
Release notes: https://www.samba.org/samba/history/samba-4.22.5.html

Fixes CVE-2025-9640 & CVE-2025-10230.

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
(cherry picked from commit f3eeb0c19a)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-10-30 09:17:40 +01:00
Bernd Kuhls
cf4a9f884b package/python3: security bump version to 3.13.8 
Release notes: https://www.python.org/downloads/release/python-3138/

Fixes the following security issues:

gh-139400: xml.parsers.expat: Make sure that parent Expat parsers are only
garbage-collected once they are no longer referenced by subparsers created
by ExternalEntityParserCreate().  Patch by Sebastian Pipping.

gh-139283: sqlite3: correctly handle maximum number of rows to fetch in
Cursor.fetchmany and reject negative values for Cursor.arraysize.  Patch by
Bénédikt Tran.

gh-135661: Fix CDATA section parsing in html.parser.HTMLParser according to
the HTML5 standard

https://docs.python.org/release/3.13.8/whatsnew/changelog.html#security

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
[Peter: Mark as security bump]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit d16c812b7e)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-10-30 09:17:39 +01:00
Dario Binacchi
c352644855 package/iptraf-ng: security bump to version 1.2.2 
This bump includes the security fix for CVE-2024-52949.

Fixes:
https://www.cve.org/CVERecord?id=CVE-2024-52949.

Release notes:
https://github.com/iptraf-ng/iptraf-ng/releases/tag/v1.2.2

Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 8111bdcab1)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-10-30 09:17:37 +01:00
Titouan Christophe
026d492b3e package/modsecurity2: security bump to v2.9.12 
See the release notes:
- https://github.com/owasp-modsecurity/ModSecurity/releases/tag/v2.9.11
- https://github.com/owasp-modsecurity/ModSecurity/releases/tag/v2.9.12

This fixes the following vulnerabilities:
- CVE-2025-52891:
    ModSecurity is an open source, cross platform web application firewall
    (WAF) engine for Apache, IIS and Nginx. In versions 2.9.8 to before
    2.9.11, an empty XML tag can cause a segmentation fault. If
    SecParseXmlIntoArgs is set to On or OnlyArgs, and the request type is
    application/xml, and at least one XML tag is empty (eg <foo></foo>),
    then a segmentation fault occurs. This issue has been patched in
    version 2.9.11. A workaround involves setting SecParseXmlIntoArgs to
    Off.
    https://www.cve.org/CVERecord?id=CVE-2025-52891

- CVE-2025-54571:
    ModSecurity is an open source, cross platform web application firewall
    (WAF) engine for Apache, IIS and Nginx. In versions 2.9.11 and below,
    an attacker can override the HTTP response’s Content-Type, which could
    lead to several issues depending on the HTTP scenario. For example, we
    have demonstrated the potential for XSS and arbitrary script source
    code disclosure in the latest version of mod_security2. This issue is
    fixed in version 2.9.12.
    https://www.cve.org/CVERecord?id=CVE-2025-54571

Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 684462bbe8)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-10-30 09:17:36 +01:00
Titouan Christophe
bfa3bc6fc4 package/redis: security bump to v8.0.4 
See the release notes:
https://github.com/redis/redis/blob/8.0.4/00-RELEASENOTES

This fixes the following vulnerabilities (in the Lua scripting engine):
- CVE-2025-46817:
    Redis is an open source, in-memory database that persists on disk.
    Versions 8.2.1 and below allow an authenticated user to use a
    specially crafted Lua script to cause an integer overflow and
    potentially lead to remote code execution The problem exists in all
    versions of Redis with Lua scripting. This issue is fixed in version
    8.2.2.
    https://www.cve.org/CVERecord?id=CVE-2025-46817

- CVE-2025-46818:
    Redis is an open source, in-memory database that persists on disk.
    Versions 8.2.1 and below allow an authenticated user to use a
    specially crafted Lua script to manipulate different LUA objects and
    potentially run their own code in the context of another user. The
    problem exists in all versions of Redis with LUA scripting. This issue
    is fixed in version 8.2.2. A workaround to mitigate the problem
    without patching the redis-server executable is to prevent users from
    executing LUA scripts. This can be done using ACL to block a script by
    restricting both the EVAL and FUNCTION command families.
    https://www.cve.org/CVERecord?id=CVE-2025-46818

- CVE-2025-46819:
    Redis is an open source, in-memory database that persists on disk.
    Versions 8.2.1 and below allow an authenticated user to use a
    specially crafted LUA script to read out-of-bound data or crash the
    server and subsequent denial of service. The problem exists in all
    versions of Redis with Lua scripting. This issue is fixed in version
    8.2.2. To workaround this issue without patching the redis-server
    executable is to prevent users from executing Lua scripts. This can be
    done using ACL to block a script by restricting both the EVAL and
    FUNCTION command families.
    https://www.cve.org/CVERecord?id=CVE-2025-46819

- CVE-2025-49844:
    Redis is an open source, in-memory database that persists on disk.
    Versions 8.2.1 and below allow an authenticated user to use a
    specially crafted Lua script to manipulate the garbage collector,
    trigger a use-after-free and potentially lead to remote code
    execution. The problem exists in all versions of Redis with Lua
    scripting. This issue is fixed in version 8.2.2. To workaround this
    issue without patching the redis-server executable is to prevent users
    from executing Lua scripts. This can be done using ACL to restrict
    EVAL and EVALSHA commands.
    https://www.cve.org/CVERecord?id=CVE-2025-49844

Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
 2025-10-22 18:49:53 +02:00
Titouan Christophe
88bf12270a {linux, linux-headers}: bump 6.12.x, 6.6.x, 6.1.x, 5.15.x series 
Update the latest kernel releases to:
 - 6.12.53 -> 6.12.54
 - 6.6.112 -> 6.6.113
 - 6.1.156 -> 6.1.157
 - 5.15.194 -> 5.15.195

Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
 2025-10-22 18:39:13 +02:00
Titouan Christophe
7541d46e15 {linux, linux-headers}: bump 6.16.x, 6.12.x, 6.6.x, 6.1.x series 
Update the latest kernel releases to:
 - 6.16.11 -> 6.16.12
 - 6.12.51 -> 6.12.53
 - 6.6.110 -> 6.6.112
 - 6.1.155 -> 6.1.156

Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
 2025-10-22 18:39:11 +02:00
Bernd Kuhls
bf6983219f package/libvpx: security bump version to 1.15.2 
Release notes:
https://chromium.googlesource.com/webm/libvpx/+/refs/tags/v1.15.2
https://chromium.googlesource.com/webm/libvpx/+/refs/tags/v1.15.1

Fixes CVE-2025-5283.

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit e0f10eed1f)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-10-22 18:39:10 +02:00
Bernd Kuhls
da15ea2766 package/wireless-regdb: bump version to 2025.10.07 
Release notes:
https://lists.infradead.org/pipermail/wireless-regdb/2025-October/001796.html
https://lists.infradead.org/pipermail/wireless-regdb/2025-July/001775.html

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 3322cfeffa)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-10-22 18:39:09 +02:00
Yann E. MORIN
01302c25c5 package/micropython: use append-assignment in conditional code 
Since its inception in 9646e80fca (micropython: new package), the
ppc-specific CFLAGS are simply assigned, and since 9fd9f4e675
(package/micropython: define MICROPY_NLR_SETJMP for xtensa), the same
goes for the xtensa CFLAGS.

Although they are mutually exclusive (different archs) and that there is
no prior assignment, the customs are to use append assignment in
conditional blocks, to avoid accidentally overwriting a valure set
previously.

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Chris Packham <judge.packham@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit be4fb117bc)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-10-22 18:39:07 +02:00
Yann E. MORIN
9efd1a9ea8 package/micropython: fix passing multiple CFLAGS 
Before commit 50bc5aa17b (package/micropython: fix segfault at exit()
with gcc >= 14), only architecture-specific CFLAGS were passed, and only
one per arch. But 50bc5aa17b introduced a non-arch CFLAGS, for gcc
versions, so when the build happens for an architecture for which there
is a CFLAGS, and when gcc is 14 or newer, there are two CFLAGS added,
causing build failures:

    [...] /usr/bin/make [...] CFLAGS_EXTRA=-DMICROPY_GCREGS_SETJMP=1 -DMICROPY_NLR_SETJMP=1 [...]
    /usr/bin/make: invalid option -- 'D'
    /usr/bin/make: invalid option -- 'M'
    Usage: make [options] [target] ...

The fix is simple enough: just quote the CFLAGS.

Fixes: https://autobuild.buildroot.org/results/b18/b18d6fa9938c1267a771fdbcd8b4c3df812cd6b9/
Fixes: 50bc5aa17b

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Chris Packham <judge.packham@gmail.com>
Cc: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit ab906018c9)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-10-22 18:39:06 +02:00
Fiona Klute
ac4b335544 package/refpolicy: bump version to 2.20250923 
The update makes some warnings about unknown classes and permissions
during boot with current kernels go away.

Upstream changelogs [1, 2] list as "notable changes":

* Updates to support screen 5.0.
* Add labeling for bcachefs.
* Various systemd updates and fixes.
* Several updates and fixes for systemd
* Add new permissions and policy capabilities
* Drop reiserfs support (it was removed in kernel 6.13)

Plus a number of new modules.

[1] https://github.com/SELinuxProject/refpolicy/releases/tag/RELEASE_2_20250618
[2] https://github.com/SELinuxProject/refpolicy/releases/tag/RELEASE_2_20250923

Signed-off-by: Fiona Klute <fiona.klute@gmx.de>
[Julien: keep a new line in hash file between sources and license]
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit a843be3451)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-10-22 18:39:04 +02:00
Baruch Siach
4c51aefc6b package/ebtables: disable sparc64 target 
Commit c5d6cde7b6 ("package/ebtables: remove KERNEL_64_USERSPACE_32
workaround") fixed build with GCC 14 for when Buildroot
BR2_KERNEL_64_USERLAND_32 is enabled. However, ebtables configure script
enables its own KERNEL_64_USERSPACE_32 macro unconditionally for sparc64
target, which triggers a similar build failure. See [1].

Disable sparc64 target for ebtables and its reverse dependency to avoid
build failure.

Fixes:
https://autobuild.buildroot.net/results/9a2510e0038cd13db8c3aac0122ea7a0f834fcd2/

[1] https://git.netfilter.org/ebtables/tree/configure.ac?h=ebtables-2.0.11#n20

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
[Julien: add link to upstream script enabling KERNEL_64_USERSPACE_32]
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 0549ed0ed1)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-10-22 18:39:03 +02:00
Thomas Perale
37ce0c6c4a package/zabbix: security bump to v7.2.13 
For more details on the version bump, see:
  - https://www.zabbix.com/rn/rn7.2.13
  - https://www.zabbix.com/rn/rn7.2.12
  - https://www.zabbix.com/rn/rn7.2.11
  - https://www.zabbix.com/rn/rn7.2.10
  - https://www.zabbix.com/rn/rn7.2.9
  - https://www.zabbix.com/rn/rn7.2.8
  - https://www.zabbix.com/rn/rn7.2.7
  - https://www.zabbix.com/rn/rn7.2.6

Fixes the following vulnerabilities:

- CVE-2025-27231

    The LDAP 'Bind password' value cannot be read after saving, but a
    Super Admin account can leak it by changing LDAP 'Host' to a rogue
    LDAP server. To mitigate this, the 'Bind password' value is now
    reset on 'Host' change.

For more information, see:
  - https://support.zabbix.com/browse/ZBX-27062
  - https://nvd.nist.gov/vuln/detail/CVE-2025-27231

- CVE-2025-27236

    A regular Zabbix user can search other users in their user group via
    Zabbix API by select fields the user does not have access to view.
    This allows data-mining some field values the user does not have
    access to.

For more information, see:
  - https://support.zabbix.com/browse/ZBX-27060
  - https://nvd.nist.gov/vuln/detail/CVE-2025-27236

- CVE-2025-27238

    Due to a bug in Zabbix API, the hostprototype.get method lists all
    host prototypes to users that do not have any user groups assigned
    to them.

For more information, see:
  - https://nvd.nist.gov/vuln/detail/CVE-2025-27238
  - https://support.zabbix.com/browse/ZBX-26988

- CVE-2025-49641

    A regular Zabbix user with no permission to the Monitoring ->
    Problems view is still able to call the problem.view.refresh action
    and therefore still retrieve a list of active problems.

For more information, see:
  - https://support.zabbix.com/browse/ZBX-27063
  - https://nvd.nist.gov/vuln/detail/CVE-2025-49641

Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 762ddee71c)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-10-22 18:39:01 +02:00
Francois Perrad
82eb4d50af configs/olimex_a20_olinuxino_lime*: bump Linux and U-Boot 
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 35e7717107)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-10-22 18:39:00 +02:00
Fiona Klute
ab3288ddf8 package/refpolicy: fix upstream URL in help text 
The previous URL [1] currently redirects to [2], which as of this
commit is about two months old and contains a readme that just says
"PoC by Callgh0st". When the package was added with commit [3]
the help text URL matched REFPOLICY_SITE, so presumably the help was
forgotten when the site URL was updated in [4], and there has been
some kind of hostile takeover of the former upstream repository since.

[1] https://github.com/TresysTechnology/refpolicy
[2] https://github.com/Exact-Realty/refpolicy
[3] bb442abdf1
[4] cfa018d9f3

Signed-off-by: Fiona Klute <fiona.klute@gmx.de>
[Julien: add commit ID which forgot to update the package homepage]
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit b9d3a0418b)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-10-22 18:38:58 +02:00
Fiona Klute
3fa1ccdea1 package/libsemanage: install modules to site-packages dir 
$(PREFIX)/lib/python$(PYTHON3_VERSION_MAJOR) is for the standard
library, additional modules like this should go to site-packages.
This patch changes only the host package because Python bindings are
disabled for the target package.

Signed-off-by: Fiona Klute <fiona.klute@gmx.de>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 8d79f712ce)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-10-22 18:38:57 +02:00
Fiona Klute
3eb36cfccb package/selinux-python: install modules to site-packages dir 
/usr/lib/python$(PYTHON3_VERSION_MAJOR) is for the standard library,
additional modules like this should go to site-packages.

Signed-off-by: Fiona Klute <fiona.klute@gmx.de>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 43b8f57afd)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-10-22 18:38:55 +02:00
Baruch Siach
c177e65fac package/sexpect: bump to version 2.3.15 
Drop upstream patch.

Main change in this release is cmake 4 build fix.

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 7176f6b287)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-10-22 18:38:54 +02:00
Bernd Kuhls
6c45afcaa2 package/libdisplay-info: include sys/types.h to fix build error 
Fixes: https://autobuild.buildroot.org/results/2d72feabdd0c9e1c9aa89e6d683d5f5ae0bb942d/

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
[Julien: update patch Upstream link with commit ID]
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit b5edd3d105)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-10-22 18:38:52 +02:00
Bernd Kuhls
33d0a71733 package/libcurl: fix configure options for GnuTLS 
Buildroot commit fb5fb06ee5 bumped libcurl
to 8.16.0 which includes commit
2f6524ce3c
to limit the use of the configure option --with-ca-fallback to OpenSSL
causing build errors with GnuTLS:

configure: error: --with-ca-fallback only works with OpenSSL

Fixes: https://autobuild.buildroot.net/results/64f/64fad87dddecda1e8ff6b0a9abc0b827b5136e4f/

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Reviewed-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 15df9ec173)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-10-22 18:38:51 +02:00
Thomas Perale
b3d1455583 package/squid: add patch for CVE-2025-59362 
Fixes the following vulnerability:

- CVE-2025-59362

    Squid through 7.1 mishandles ASN.1 encoding of long SNMP OIDs. This
    occurs in asn_build_objid in lib/snmplib/asn1.c.

For more information, see:

- https://nvd.nist.gov/vuln/detail/CVE-2025-59362
- 250a18e0a8

Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit fb13611e64)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-10-22 18:38:49 +02:00
Bernd Kuhls
55c380eca8 package/gpsd: remove -std=gnu++98 from CFLAGS 
In 2016 buildroot commit b4c050e9af added
-std=gnu++98 also to CFLAGS knowing that it will cause warnings:

https://lists.nongnu.org/archive/html/gpsd-dev/2016-09/msg00082.html
'Although this leads to lots of warnings on every compilation with gcc:
"cc1: warning: command line option '-std=gnu++98' is valid for C++/ObjC++ but not for C"'

These warnings are still present but cause a misdetection in configure

    Checking if strerror_r() returns int... no

because here warnings are treated as errors, quoting config.log:

cc1: error: command-line option ‘-std=gnu++98’ is valid for C++/ObjC++ but not for C [-Werror]
cc1: all warnings being treated as errors

In 2017 upstream committed
d287c76f4f
which added "std::" namespace prefixes and fixed the original problem.

-std=gnu++98 being removed from CFLAGS lets configure correctly detect
strerror_r():

    Checking if strerror_r() returns int... yes

and no new build errors occur:

                             arm-aarch64 [ 1/35]: OK
                   bootlin-aarch64-glibc [ 2/35]: OK
               bootlin-arcle-hs38-uclibc [ 3/35]: OK
                    bootlin-armv5-uclibc [ 4/35]: OK
                     bootlin-armv7-glibc [ 5/35]: OK
                   bootlin-armv7m-uclibc [ 6/35]: SKIPPED
                      bootlin-armv7-musl [ 7/35]: OK
                bootlin-m68k-5208-uclibc [ 8/35]: SKIPPED
               bootlin-m68k-68040-uclibc [ 9/35]: OK
             bootlin-microblazeel-uclibc [10/35]: OK
                bootlin-mipsel32r6-glibc [11/35]: OK
                   bootlin-mipsel-uclibc [12/35]: OK
                 bootlin-openrisc-uclibc [13/35]: OK
        bootlin-powerpc64le-power8-glibc [14/35]: OK
           bootlin-powerpc-e500mc-uclibc [15/35]: OK
                   bootlin-riscv32-glibc [16/35]: OK
                   bootlin-riscv64-glibc [17/35]: OK
                    bootlin-riscv64-musl [18/35]: OK
                 bootlin-s390x-z13-glibc [19/35]: OK
                      bootlin-sh4-uclibc [20/35]: OK
                   bootlin-sparc64-glibc [21/35]: OK
                    bootlin-sparc-uclibc [22/35]: OK
                    bootlin-x86-64-glibc [23/35]: OK
                     bootlin-x86-64-musl [24/35]: OK
                   bootlin-x86-64-uclibc [25/35]: OK
                   bootlin-x86-i686-musl [26/35]: OK
                   bootlin-xtensa-uclibc [27/35]: OK
                            br-arm-basic [28/35]: SKIPPED
                    br-arm-full-nothread [29/35]: SKIPPED
                      br-arm-full-static [30/35]: SKIPPED
                   br-i386-pentium4-full [31/35]: FAILED
                      br-mips64-n64-full [32/35]: OK
                 br-mips64r6-el-hf-glibc [33/35]: OK
               br-powerpc-603e-basic-cpp [34/35]: SKIPPED
               br-powerpc64-power7-glibc [35/35]: OK
35 builds, 6 skipped, 1 build failed, 0 legal-info failed, 0 show-info failed

The br-i386-pentium4-full error is not caused by gpsd:

package/python3/python3.mk:324: *** Python3 doesn't work with uClibc and
kernel headers < 5.1. Please use a different toolchain or unselect
Python3..

Fixes:
https://autobuild.buildroot.org/results/52d747d33d714ea10b9e7ee10adeadd9e4512c2d/

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Tested-by: Yann E. MORIN <yann.morin@orange.com>
Reviewed-by: Yann E. MORIN <yann.morin@orange.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit f0023ca18d)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-10-22 18:38:48 +02:00
Thomas Perale
9fbf9711b9 package/suricata: security bump to v6.0.20 
The v6.0.20 is the last patch level version bump of suricata version 6.
This version is now EOL since July 2024 and other new vulnerabilities
apply to this package.

For more details on the version bump, see:
  - https://suricata.io/2024/06/27/suricata-7-0-6-and-6-0-20-released/
  - https://github.com/OISF/suricata/releases/tag/suricata-6.0.20

Fixes the following vulnerabilities:

- CVE-2024-37151

    Mishandling of multiple fragmented packets using the same IP ID
    value can lead to packet reassembly failure, which can lead to
    policy bypass. When using af-packet, enable `defrag` to reduce the
    scope of the problem.

For more information, see:
  - https://nvd.nist.gov/vuln/detail/CVE-2024-37151

- CVE-2024-38535

    Suricata can run out of memory when parsing crafted HTTP/2 traffic.

For more information, see:
  - https://nvd.nist.gov/vuln/detail/CVE-2024-38535

Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit ab2fc8d88f)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-10-22 18:38:46 +02:00
Thomas Perale
5f4b229d21 package/zip: add patch for CVE-2018-13410 
Fixes the following vulnerability:

- CVE-2018-13410

    Info-ZIP Zip 3.0, when the -T and -TT command-line options are used,
    allows attackers to cause a denial of service (invalid free and
    application crash) or possibly have unspecified other impact because
    of an off-by-one error. NOTE: it is unclear whether there are
    realistic scenarios in which an untrusted party controls the -TT
    value, given that the entire purpose of -TT is execution of
    arbitrary commands

For more information, see:
  - https://nvd.nist.gov//vuln/detail/CVE-2018-13410

This patch also includes the patch 0009 which address a buffer overflow
when passing unicode characters that doesn't have a CVE assigned.

Tested with `./support/testing/run-tests -d dl -o output_folder -k tests.package.test_zip`

Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 7cb0419b92)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-10-22 18:38:45 +02:00
Fiona Klute
1ce872b634 package/audit: bump to version 3.1.5 
This is a bugfix release, the commit log mentions multiple fixed
memory leaks.

Signed-off-by: Fiona Klute <fiona.klute@gmx.de>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit e7e8bdd812)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-10-22 18:38:43 +02:00
Fiona Klute
6c9e7198da package/audit/S02auditd: fix path for default rules 
/etc/audit/audit.rules is the path used by augenrules,
/etc/audit/rules.d/ should be used for snippets to be combined into
that file using augenrules.

Signed-off-by: Fiona Klute <fiona.klute@gmx.de>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit baa05d88cf)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-10-22 18:38:42 +02:00
Fiona Klute
b80d90654a package/audit/S02auditd: fix SELinux label issues 
"mkdir -Z" tries to create the directory with the default type context
and does not accept any parameter, leading to mkdir creating a
directory by the name of "system_u:object_r:auditd_log_t" (or failing
to, with a read-only rootfs). Use "--context=" instead to specify the
context.

Letting start-stop-daemon create the auditd PID file leads to an
incorrect label, with type "initrc_runtime_t" instead of
"auditd_runtime_t", which would prevent auditd from writing or
deleting it. Auditd manages its own PID file and daemonizes by
default, so simply drop the --background and --make-pidfile options
from start-stop-daemon.

Signed-off-by: Fiona Klute <fiona.klute@gmx.de>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 3fdce24647)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-10-22 18:38:40 +02:00
Adrian Perez de Castro
10af6326d8 package/libwpe: bump to version 1.16.3 
The main fix is being able to compile with CMake 4.x.

Release notes:
https://wpewebkit.org/release/libwpe-1.16.3.html

Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit a91c709867)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-10-22 18:38:38 +02:00
Bernd Kuhls
d6495bce08 package/tor: bump version to 0.4.8.19 
Release notes:
https://gitlab.torproject.org/tpo/core/tor/-/raw/release-0.4.8/ReleaseNotes
https://forum.torproject.org/t/stable-release-0-4-8-19/20648

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 7ada67041a)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-10-22 18:38:37 +02:00
Francois Perrad
d16be5cbc2 package/4th: switch to https 
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 033fc7ca8f)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-10-16 09:57:38 +02:00
Peter Korsgaard
be6504cecb board/beagleboneai/post-build.sh: fix shellcheck issues 
BOARD_DIR is not used, so drop it and quote $BINARIES_DIR to make shellcheck
happy.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 5f620e144d)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-10-16 09:57:28 +02:00
Peter Korsgaard
f015c3882a configs/beagleboneai: switch to Bootlin glibc stable toolchain 
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 331d80f52e)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-10-16 09:57:15 +02:00
Titouan Christophe
3f471c3040 package/erlang: security bump to v26.2.5.15 
See the release notes on
https://github.com/erlang/otp/releases?q=OTP-26.&expanded=true

Also, remove patch that is now applied upstream

This fixes the following vulnerabilities:
- CVE-2024-53846:
    OTP is a set of Erlang libraries, which consists of the Erlang runtime
    system, a number of ready-to-use components mainly written in Erlang,
    and a set of design principles for Erlang programs. A regression was
    introduced into the ssl application of OTP starting at OTP-25.3.2.8,
    OTP-26.2, and OTP-27.0, resulting in a server or client verifying the
    peer when incorrect extended key usage is presented (i.e., a server
    will verify a client if they have server auth ext key usage and vice
    versa).
    https://www.cve.org/CVERecord?id=CVE-2024-53846

- CVE-2025-4748:
    Improper Limitation of a Pathname to a Restricted Directory ('Path
    Traversal') vulnerability in Erlang OTP (stdlib modules) allows
    Absolute Path Traversal, File Manipulation. This vulnerability is
    associated with program files lib/stdlib/src/zip.erl and program
    routines zip:unzip/1, zip:unzip/2, zip:extract/1, zip:extract/2 unless
    the memory option is passed.  This issue affects OTP from OTP 17.0
    until OTP 28.0.1, OTP 27.3.4.1 and OTP 26.2.5.13, corresponding to
    stdlib from 2.0 until 7.0.1, 6.2.2.1 and 5.2.3.4.
    https://www.cve.org/CVERecord?id=CVE-2025-4748

- CVE-2025-26618:
    Erlang is a programming language and runtime system for building
    massively scalable soft real-time systems with requirements on high
    availability. OTP is a set of Erlang libraries, which consists of the
    Erlang runtime system, a number of ready-to-use components mainly
    written in Erlang. Packet size is not verified properly for SFTP
    packets. As a result when multiple SSH packets (conforming to max SSH
    packet size) are received by ssh, they might be combined into an SFTP
    packet which will exceed the max allowed packet size and potentially
    cause large amount of memory to be allocated. Note that situation
    described above can only happen for successfully authenticated users
    after completing the SSH handshake. This issue has been patched in OTP
    versions 27.2.4, 26.2.5.9, and 25.3.2.18. There are no known
    workarounds for this vulnerability.
    https://www.cve.org/CVERecord?id=CVE-2025-26618

- CVE-2025-30211:
    Erlang/OTP is a set of libraries for the Erlang programming language.
    Prior to versions OTP-27.3.1, 26.2.5.10, and 25.3.2.19, a maliciously
    formed KEX init message can result with high memory usage.
    Implementation does not verify RFC specified limits on algorithm names
    (64 characters) provided in KEX init message. Big KEX init packet may
    lead to inefficient processing of the error data. As a result, large
    amount of memory will be allocated for processing malicious data.
    Versions OTP-27.3.1, OTP-26.2.5.10, and OTP-25.3.2.19 fix the issue.
    Some workarounds are available. One may set option `parallel_login` to
    `false` and/or reduce the `max_sessions` option.
    https://www.cve.org/CVERecord?id=CVE-2025-30211

- CVE-2025-32433:
    Erlang/OTP is a set of libraries for the Erlang programming language.
    Prior to versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20, a SSH
    server may allow an attacker to perform unauthenticated remote code
    execution (RCE). By exploiting a flaw in SSH protocol message
    handling, a malicious actor could gain unauthorized access to affected
    systems and execute arbitrary commands without valid credentials. This
    issue is patched in versions OTP-27.3.3, OTP-26.2.5.11, and
    OTP-25.3.2.20. A temporary workaround involves disabling the SSH
    server or to prevent access via firewall rules.
    https://www.cve.org/CVERecord?id=CVE-2025-32433

- CVE-2025-46712:
    Erlang/OTP is a set of libraries for the Erlang programming language.
    In versions prior to OTP-27.3.4 (for OTP-27), OTP-26.2.5.12 (for
    OTP-26), and OTP-25.3.2.21 (for OTP-25), Erlang/OTP SSH fails to
    enforce strict KEX handshake hardening measures by allowing optional
    messages to be exchanged. This allows a Man-in-the-Middle attacker to
    inject these messages in a connection during the handshake. This issue
    has been patched in versions OTP-27.3.4 (for OTP-27), OTP-26.2.5.12
    (for OTP-26), and OTP-25.3.2.21 (for OTP-25).
    https://www.cve.org/CVERecord?id=CVE-2025-46712

- CVE-2025-48038:
    Allocation of Resources Without Limits or Throttling vulnerability in
    Erlang OTP ssh (ssh_sftp modules) allows Excessive Allocation,
    Resource Leak Exposure. This vulnerability is associated with program
    files lib/ssh/src/ssh_sftpd.erl.  This issue affects OTP form OTP 17.0
    until OTP 28.0.3, OTP 27.3.4.3 and 26.2.5.15 corresponding to ssh from
    3.0.1 until 5.3.3, 5.2.11.3 and 5.1.4.12.
    https://www.cve.org/CVERecord?id=CVE-2025-48038

- CVE-2025-48039:
    Allocation of Resources Without Limits or Throttling vulnerability in
    Erlang OTP ssh (ssh_sftp modules) allows Excessive Allocation,
    Resource Leak Exposure. This vulnerability is associated with program
    files lib/ssh/src/ssh_sftpd.erl.  This issue affects OTP form OTP 17.0
    until OTP 28.0.3, OTP 27.3.4.3 and 26.2.5.15 corresponding to ssh from
    3.0.1 until 5.3.3, 5.2.11.3 and 5.1.4.12.
    https://www.cve.org/CVERecord?id=CVE-2025-48039

- CVE-2025-48040:
    Uncontrolled Resource Consumption vulnerability in Erlang OTP ssh
    (ssh_sftp modules) allows Excessive Allocation, Flooding. This
    vulnerability is associated with program files
    lib/ssh/src/ssh_sftpd.erl.  This issue affects OTP form OTP 17.0 until
    OTP 28.0.3, OTP 27.3.4.3 and 26.2.5.15 corresponding to ssh from 3.0.1
    until 5.3.3, 5.2.11.3 and 5.1.4.12.
    https://www.cve.org/CVERecord?id=CVE-2025-48040

- CVE-2025-48041:
    Allocation of Resources Without Limits or Throttling vulnerability in
    Erlang OTP ssh (ssh_sftp modules) allows Excessive Allocation,
    Flooding. This vulnerability is associated with program files
    lib/ssh/src/ssh_sftpd.erl.  This issue affects OTP form OTP 17.0 until
    OTP 28.0.3, OTP 27.3.4.3 and 26.2.5.15 corresponding to ssh from 3.0.1
    until 5.3.3, 5.2.11.3 and 5.1.4.12.
    https://www.cve.org/CVERecord?id=CVE-2025-48041

NB: Since Erlang is quite a "large" package, containing the language itself,
some libraries, and some "applications", it's difficult to tell which CVEs
are exactly affecting Buildroot, but it's a good idea to update anyway

Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 88f7fed5f2)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-10-16 09:54:44 +02:00
Arnout Vandecappelle
8143b32cb5 Makefile: update for 2025.08.1 
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
 2025-10-11 23:31:22 +02:00
Titouan Christophe
8d941a2f55 CHANGES: update for 2025.08.1 
Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
 2025-10-11 23:30:33 +02:00
Titouan Christophe
60305befad {linux, linux-headers}: bump 6.16.x, 6.12.x, 6.6.x, 6.1.x, 5.15.x, 5.10.x, 5.4.x series 
Update the latest kernel releases to:
 - 6.16.9 -> 6.16.11
 - 6.12.49 -> 6.12.51
 - 6.6.108 -> 6.6.110
 - 6.1.154 -> 6.1.155
 - 5.15.193 -> 5.15.194
 - 5.10.244 -> 5.10.245
 - 5.4.299 -> 5.4.300

Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
 2025-10-09 10:06:38 +02:00
Peter Korsgaard
39abeb5c13 configs/beagleboneai: move to Linux 6.12.50 
And adjust the dtb path to the new subdir after commit 724ba6751532 ("ARM:
dts: Move .dts files to vendor sub-directories") in v6.5.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit e993272b32)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-10-09 08:47:44 +02:00
Peter Korsgaard
c158bcd4f8 configs/beagleboneai: move to u-boot 2025.04 to unbreak build with gcc 14 
With the change to default to gcc 14.x with commit 1e1fafa1f0
("package/gcc: switch to GCC 14.x as the default"), the old u-boot version
no longer builds:

board/ti/am57xx/board.c:948:17: error: implicit declaration of function 'do_cape_detect'; did you mean 'do_board_detect'? [-Wimplicit-function-declaration]

https://gitlab.com/buildroot.org/buildroot/-/jobs/11570241744

So move to u-boot 2025.04 to fix that.  We still need a small patch as
(early) beagleboneai boards do not have the EEPROM (or eMMC partition)
populated, so include the bb.org patch from

0b161f8e89

The new u-boot version needs both openssl and gnutls on the host, so enable
them.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
[Julien: remove patch entry in .checkpackageignore to
  fix check-package error
]
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 7ec419fb9c)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-10-09 08:45:15 +02:00
Julien Olivain
e8394621f7 package/vulkan-headers: needs C++ 
Since Buildroot commit [1] "package/vulkan-{headers,loader,tools}:
bump to 1.4.317 release", the vulkan-headers package is failing at
configuration time with toolchains without C++ support, with error:

    The C++ compiler
      "/bin/false"
    is not able to compile a simple test program.

This is due to upstream commit [2], which added CXX to the CMake
project file.

This commit fixes the issue by adding the C++ dependency.

Fixes:
https://autobuild.buildroot.org/results/10f63398940d52be9a8ee306daf4203ceca25eb8

[1] 52664093de
[2] 85256c712c

Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 2f6a82b633)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-10-09 08:45:05 +02:00
Waldemar Brodkorb
84f762ef07 package/ruby: update to 3.4.6 
See here for changes:
https://github.com/ruby/ruby/releases/tag/v3_4_4
https://github.com/ruby/ruby/releases/tag/v3_4_5
https://github.com/ruby/ruby/releases/tag/v3_4_6

Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 38d49568da)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-10-09 08:44:50 +02:00
Peter Korsgaard
10b7de36b2 configs/roseapplepi: remove defconfig, broken 
The roseapplepi defconfig fails to build u-boot since the move to GCC 15.x:

https://gitlab.com/buildroot.org/buildroot/-/jobs/11501385206

The issues are mainly related to missing includes, but given that the build
has been broken for a while, there is no mainline u-boot support for the
platform and the minimal kernel support has not seen any updates since it
was added for v5.15, just drop the defconfig.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 56091a5818)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-10-09 08:44:35 +02:00
Dario Binacchi
26c2304ff4 package/fastd: security bump to version 23 
This bump includes the security fix for CVE-2025-24356.

Fixes:
https://www.cve.org/CVERecord?id=CVE-2025-24356.

The COPYRIGHT file was renamed to LICENSE [1]. The hash file was updated
because a date was removed [2] and the libmnl version was updated [3].

Release notes:
https://fastd.readthedocs.io/en/stable/releases/v23.html

[1] fa88c739b9
[2] 318c944f40
[3] c08a3d59de
Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
[Peter: update FASTD_LICENSE_FILES]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 2b5bcfd626)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-10-09 08:44:18 +02:00
Bernd Kuhls
757d118cda package/gnupg2: bump to version 2.4.8 
Release notes:
https://lists.gnupg.org/pipermail/gnupg-announce/2025q3/000496.html

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit d73458b3a5)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-10-09 08:44:00 +02:00
Titouan Christophe
a8624259ac package/python-django: security bump to v5.2.7 
For release note, see:
https://docs.djangoproject.com/en/5.2/releases/5.2.7/

This fixes the following vulnerabilities:
- CVE-2025-59681:
    An issue was discovered in Django 4.2 before 4.2.25, 5.1 before
    5.1.13, and 5.2 before 5.2.7. QuerySet.annotate(), QuerySet.alias(),
    QuerySet.aggregate(), and QuerySet.extra() are subject to SQL
    injection in column aliases, when using a suitably crafted dictionary,
    with dictionary expansion, as the **kwargs passed to these methods (on
    MySQL and MariaDB).
    https://www.cve.org/CVERecord?id=CVE-2025-59681

- CVE-2025-59682:
    An issue was discovered in Django 4.2 before 4.2.25, 5.1 before
    5.1.13, and 5.2 before 5.2.7. The django.utils.archive.extract()
    function, used by the "startapp --template" and "startproject
    --template" commands, allows partial directory traversal via an
    archive with file paths sharing a common prefix with the target
    directory.
    https://www.cve.org/CVERecord?id=CVE-2025-59682

Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
[Julien: add link to release note]
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 7bbc66a39e)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-10-09 08:41:37 +02:00
Bernd Kuhls
7c75c6fb94 package/intel-microcode: security bump version to 20250812 
Release notes:
https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20250812

CVE-2025-20109:
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01249.html

CVE-2025-22840:
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01308.html

CVE-2025-22839:
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01310.html

CVE-2025-22889:
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01311.html

CVE-2025-20053:
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01313.html

CVE-2025-26403:
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01367.html

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 0a748cddf6)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-10-09 08:41:16 +02:00
Neal Frager
e4ec6da23e board/versal/post-image: remove unnecessary mkdir 
The board/versal/post-image.sh script has an unnecessary mkdir command:
mkdir -p "${BINARIES_DIR}"

This directory is created before calling the post image scripts,
in [1].

Just above the command, the script is making a symlink for the Linux DTB in
the ${BINARIES_DIR}, so if the ${BINARIES_DIR} did not already exist with
images inside, the script would fail regardless of whether this mkdir is
executed or not.

For this reason, remove the mkdir call from the script because it is not
necessary.

[1] https://gitlab.com/buildroot.org/buildroot/-/blob/2025.08/Makefile#L829

Signed-off-by: Neal Frager <neal.frager@amd.com>
[Julien: add a link showing where the directory is created]
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 018cf24c80)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-10-09 08:40:46 +02:00
Bernd Kuhls
4a32494015 package/fetchmail: security bump version to 6.5.6 
Release notes:
https://sourceforge.net/p/fetchmail/mailman/message/59241831/

CVE pending assignment by MITRE:
https://fetchmail.sourceforge.io/fetchmail-SA-2025-01.txt

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 7cb507b31c)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-10-09 08:35:06 +02:00
Bernd Kuhls
20c44f9b22 package/fetchmail: bump version to 6.5.5 
Release notes:
https://sourceforge.net/p/fetchmail/mailman/message/59238340/

The COPYING license file was updated in:
e6597cee1e/
a408d51154/
This commit updates its hash accordingly.

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
[Julien: fix COPYING license file hash]
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 8082b26a2b)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-10-09 08:34:55 +02:00
Titouan Christophe
f43b433360 package/raptor: add patches for CVE-2024-57822, CVE-2024-57823 
This fixes the following vulnerabilities:
- CVE-2024-57822:
    In Raptor RDF Syntax Library through 2.0.16, there is a heap-based
    buffer over-read when parsing triples with the nquads parser in
    raptor_ntriples_parse_term_internal().
    https://www.cve.org/CVERecord?id=CVE-2024-57822

- CVE-2024-57823:
    In Raptor RDF Syntax Library through 2.0.16, there is an integer
    underflow when normalizing a URI with the turtle parser in
    raptor_uri_normalize_path().
    https://www.cve.org/CVERecord?id=CVE-2024-57823

Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit e94cd21e7b)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-10-09 08:32:33 +02:00
Titouan Christophe
1e6729bfbc package/ghostscript: security bump to v10.06.0 
For release note, see:
https://ghostscript.readthedocs.io/en/gs10.06.0/News.html

This fixes the following vulnerabilities:
- CVE-2025-59798:
    Artifex Ghostscript through 10.05.1 has a stack-based buffer overflow
    in pdf_write_cmap in devices/vector/gdevpdtw.c.
    https://www.cve.org/CVERecord?id=CVE-2025-59798

- CVE-2025-59799:
    Artifex Ghostscript through 10.05.1 has a stack-based buffer overflow
    in pdfmark_coerce_dest in devices/vector/gdevpdfm.c via a large size
    value.
    https://www.cve.org/CVERecord?id=CVE-2025-59799

- CVE-2025-59800:
    In Artifex Ghostscript through 10.05.1, ocr_begin_page in
    devices/gdevpdfocr.c has an integer overflow that leads to a heap-
    based buffer overflow in ocr_line8.
    https://www.cve.org/CVERecord?id=CVE-2025-59800

- CVE-2025-59801:
    In Artifex GhostXPS before 10.06.0, there is a stack-based buffer
    overflow in xps_unpredict_tiff in xpstiff.c because the
    samplesperpixel value is not checked.
    https://www.cve.org/CVERecord?id=CVE-2025-59801

Also remove patch that is now applied upstream, and add new patch from
upstream to fix a compilation issue on 32bits platforms

Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
[Julien:
 - add link to release note in commit log
 - fix URL in hash file comment
]
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 6f984089c0)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-10-09 08:32:22 +02:00
Bernd Kuhls
3755e9b680 package/tor: bump version to 0.4.8.18 
Release notes:
https://gitlab.torproject.org/tpo/core/tor/-/raw/release-0.4.8/ReleaseNotes
https://forum.torproject.org/t/alpha-and-stable-release-0-4-8-18-and-0-4-9-3-alpha/20578

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 66ef333884)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-10-09 08:32:04 +02:00
Dario Binacchi
25a2040a04 package/expat: security bump to version 2.7.2 
This bump includes the security fix for CVE-2025-59375.

Release notes:
https://github.com/libexpat/libexpat/blob/R_2_7_2/expat/Changes

Fixes:
https://www.cve.org/CVERecord?id=CVE-2025-59375

Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 130b35ddcf)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-10-09 08:31:20 +02:00
Francois Perrad
94ac670d5a package/libopenssl: security bump to version 3.5.4 
fixes CVE-2025-9230, CVE-2025-9231, CVE-2025-9232
see https://github.com/openssl/openssl/releases/tag/openssl-3.5.4

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit c983f967bd)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-10-09 08:30:31 +02:00
Titouan Christophe
3218502509 package/python-pip: security bump to v25.2 
This fixes the following vulnerability:
- CVE-2025-8869:
    When extracting a tar archive pip may not check symbolic links point
    into the extraction directory if the tarfile module doesn't implement
    PEP 706. Note that upgrading pip to a "fixed" version for this
    vulnerability doesn't fix all known vulnerabilities that are
    remediated by using a Python version that implements PEP 706.  Note
    that this is a vulnerability in pip's fallback implementation of tar
    extraction for Python versions that don't implement PEP 706 and
    therefore are not secure to all vulnerabilities in the Python
    'tarfile' module. If you're using a Python version that implements PEP
    706 then pip doesn't use the "vulnerable" fallback code.  Mitigations
    include upgrading to a version of pip that includes the fix, upgrading
    to a Python version that implements PEP 706 (Python >=3.9.17,
    >=3.10.12, >=3.11.4, or >=3.12), applying the linked patch, or
    inspecting source distributions (sdists) before installation as is
    already a best-practice.
    https://www.cve.org/CVERecord?id=CVE-2025-8869

Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 78d687d2d2)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-10-09 08:30:22 +02:00
Robert Marko
cf211a0ba1 package/mdio-tools: enable CONFIG_MDIO_BUS 
CONFIG_MDIO_BUS was previously a hidden symbol that was selected by
CONFIG_MDIO_DEVICE, however since kernel 6.16 this changed.

CONFIG_MDIO_DEVICE was dropped and now CONFIG_MDIO_BUS is visible and must
be directly selected[1].

So, enable CONFIG_MDIO_BUS directly as otherwise building mdio-tools can
fail with:
ERROR: modpost: "mdio_find_bus" [mdio-netlink.ko] undefined!
ERROR: modpost: "__mdiobus_write" [mdio-netlink.ko] undefined!
ERROR: modpost: "__mdiobus_read" [mdio-netlink.ko] undefined!
ERROR: modpost: "__mdiobus_c45_read" [mdio-netlink.ko] undefined!
ERROR: modpost: "__mdiobus_c45_write" [mdio-netlink.ko] undefined!

[1] https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v6.16.9&id=31be641d74267d98317ef5a2b90e6200511cabb3
Fixes: https://autobuild.buildroot.org/results/8595997794a2f603fcef95b559f60f83abfe4d83/

Signed-off-by: Robert Marko <robimarko@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit d03d19338b)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-10-09 08:29:54 +02:00
Francois Perrad
d519942192 package/luaossl: bump to version 20250929 
diff LICENSE:
-    2015-2019  Daurnimator <quae@daurnimator.com>
+    2015-2025  Daurnimator <quae@daurnimator.com>

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit cdb1407c0c)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-10-09 08:29:31 +02:00
Nicolas Cavallari
bc6d119ba2 package/linux-firmware: fix license file for ath10k firmware 
The WHENCE file [1] indicates ath10k's license file is
LICENSE.QualcommAtheros_ath10k license and not LICENCE.atheros_firmware.

[1] https://gitlab.com/kernel-firmware/linux-firmware/-/blob/20250627/WHENCE#L3700

Signed-off-by: Nicolas Cavallari <nicolas.cavallari@green-communications.fr>
[Julien: add link to WHENCE file]
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 752fc349a0)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-10-09 08:28:25 +02:00
Alex McLain
2aa666522c package/linux-firmware: add support for Intel 6E Ty architecture 
Note:
The first file matching the pattern "iwlwifi-ty-a0-gf-a0*" was
introduced in commit [1], first included in version 20201022.

[1] 4f41e9d643

Signed-off-by: Alex McLain <alex@alexmclain.com>
[Julien: add the note in commit log when the first
  firmware was introduced
]
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 4a51495d69)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-10-09 08:27:44 +02:00
Dario Binacchi
20b7fe88f7 DEVELOPERS: add Dario Binacchi for empty 
Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 4997495190)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-10-09 08:27:32 +02:00
Neal Frager
14c0238fac board/zynq: correct zed board links 
The web link www.zedboard.org is no longer valid as it routes to a generic
avnet.com boards link. Fix this issue by providing direct links to the Avnet
ZedBoard and Tria MicroZed boards.

Signed-off-by: Neal Frager <neal.frager@amd.com>
Reviewed-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 4e7f03314d)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-10-09 08:26:56 +02:00
Titouan Christophe
6fa717f7f1 {linux, linux-headers}: bump 6.16.x, 6.12.x, 6.6.x, 6.1.x series 
Update the latest kernel releases to:
 - 6.16.8 -> 6.16.9
 - 6.12.48 -> 6.12.49
 - 6.6.107 -> 6.6.108
 - 6.1.153 -> 6.1.154

Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
 2025-09-30 11:34:02 +02:00
Neal Frager
50e9fd4abf board/xilinx: migrate board web links to amd.com 
As the xilinx.com website will soon be going away, migrate all xilinx board
web links from xilinx.com to amd.com.

Signed-off-by: Neal Frager <neal.frager@amd.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 74dcda2544)
Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
 2025-09-30 11:33:43 +02:00
Florian Larysch
132417880e package/linuxptp: update default config 
Since upstream commit [1] ("Deprecate the slaveOnly option in favor
of clientOnly."), included in v4.0, ptp4l complains about the
"slaveOnly" option being deprecated on startup.

Update the default config to silence this warning.

[1] fe01cc7c96

Signed-off-by: Florian Larysch <fl@n621.de>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit f70b83914f)
Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
 2025-09-30 11:33:36 +02:00
Thomas Petazzoni
da33bc0e7b configs/atmel_sama5d3xek: remove defconfig, broken 
This defconfig no longer builds:

  https://gitlab.com/buildroot.org/buildroot/-/jobs/11161167647

It is still based on the 4.9 kernel, which was LTS but is no longer
maintained.

There is no DEVELOPERS entry attached to this configuration as well,
and this defconfig has been broken for at least 2 months, probably
more (our Gitlab CI history is only kept for ~2 months). So let's drop
it, unles someone volunteers to resurrect it.

Cc: Alexandre Belloni <alexandre.belloni@bootlin.com>
Cc: Ludovic Desroches <ludovic.desroches@microchip.com>
Cc: Nicolas Ferre <nicolas.ferre@microchip.com>
Cc: Patrice Vilchez <Patrice.Vilchez@microchip.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 8e9e4feae1)
Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
 2025-09-30 11:33:22 +02:00
Thomas Petazzoni
0e7927c8fd configs/at91sam9260eknf: remove defconfig, broken 
This defconfig no longer builds:

  https://gitlab.com/buildroot.org/buildroot/-/jobs/11161167596

It is still based on the 4.8.6 kernel, which is not even an LTS
kernel, so we cannot easily update to fix the issues which are most
likely due to the newer gcc/binutils versions we're using now.

There is no DEVELOPERS entry attached to this configuration as well,
and this defconfig has been broken for at least 2 months, probably
more (our Gitlab CI history is only kept for ~2 months). So let's drop
it, unles someone volunteers to resurrect it.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 0590ef1a81)
Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
 2025-09-30 11:33:16 +02:00
Raphael Pavlidis
0317555103 package/wlroots: add missing dependency to libgbm 
If the render gles2 is enabled then libgbm is required (see [1]).
Therefore, add the dependency to wlroots.

[1]: https://gitlab.freedesktop.org/wlroots/wlroots/-/blob/0.19/render/meson.build?ref_type=heads#L44

Signed-off-by: Raphael Pavlidis <raphael.pavlidis@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 00fb3a57cb)
Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
 2025-09-30 11:32:55 +02:00
Adam Duskett
fde194f179 package/libxkbcommon: bump to version 1.9.2 
Changes:
  - No longer hosted at https://xkbcommon.org/download. The website points to
    the github repository. As such, change the URL accordingly.

  - The sha256sum is not provided in the mailing list archive, so the sha256sum
    is locally calculated.

  - The license file was reworded as of commit e120807b:
    """Update license notices to SDPX short identifiers + update LICENSE"""

See release notes, since version 1.7.0:
- 1.8.0: https://lists.freedesktop.org/archives/wayland-devel/2025-February/043969.html
- 1.8.1: https://lists.freedesktop.org/archives/wayland-devel/2025-March/044021.html
- 1.9.0: https://lists.freedesktop.org/archives/wayland-devel/2025-April/044160.html
- 1.9.1: https://lists.freedesktop.org/archives/wayland-devel/2025-May/044209.html
- 1.9.2: https://lists.freedesktop.org/archives/wayland-devel/2025-May/044211.html

Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
[Julien: add links to release notes]
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 8abbc307a5)
Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
 2025-09-30 11:32:46 +02:00
Thomas Perale
84c6fa2c69 package/libssh: security bump to v0.11.3 
For more details on the version bump, see:
 - https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.11&id=301d0e16dfa8a5cac1cff956b6880ca90eb82864

Fixes the following vulnerabilities:

- CVE-2025-8114

    A flaw was found in libssh, a library that implements the SSH
    protocol. When calculating the session ID during the key exchange
    (KEX) process, an allocation failure in cryptographic functions may
    lead to a NULL pointer dereference. This issue can cause the client
    or server to crash.

For more information, see:
 - https://nvd.nist.gov//vuln/detail/CVE-2025-8114
 - https://www.libssh.org/security/advisories/CVE-2025-8114.txt
 - https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.11&id=65f363c9e3a22b90af7f74b5c439a133b1047379

- CVE-2025-8277

    A flaw was found in libssh's handling of key exchange (KEX)
    processes when a client repeatedly sends incorrect KEX guesses. The
    library fails to free memory during these rekey operations, which
    can gradually exhaust system memory. This issue can lead to crashes
    on the client side, particularly when using libgcrypt, which impacts
    application stability and availability.

For more infromation, see:
 - https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.11&id=87db2659ec608a977a63eea529f17b9168388d73
 - https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.11&id=266174a6d36687b65cf90174f06af90b8b27c65f
 - https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.11&id=8e4d67aa9eda455bfad9ac610e54b7a548d0aa08
 - https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.11&id=1c763e29d138db87665e98983f468d2dd0f286c1

The v0.11.2 already had a fixed for CVE-2025-5318 but the NVD reference
mentionned wrongly the version 0.11.2.

Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 800dcabe65)
Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
 2025-09-30 11:32:24 +02:00
Thomas Perale
21da53b833 package/tiff: security bump to v4.7.1 
For more details on the version bump, see:
  - https://gitlab.com/libtiff/libtiff/-/releases/v4.7.1

This bump includes the security fix for CVE-2025-8176, CVE-2025-8177
that were addressed in commit [1][2].

Also fixes the following vulnerabilities:

- CVE-2024-13978

    A vulnerability was found in LibTIFF up to 4.7.0. It has been
    declared as problematic. Affected by this vulnerability is the
    function t2p_read_tiff_init of the file tools/tiff2pdf.c of the
    component fax2ps. The manipulation leads to null pointer
    dereference. The attack needs to be approached locally. The
    complexity of an attack is rather high. The exploitation appears to
    be difficult. The patch is named
    2ebfffb0e8836bfb1cd7d85c059cd285c59761a4. It is recommended to apply
    a patch to fix this issue.

For more information, see:
  - https://nvd.nist.gov//vuln/detail/CVE-2024-13978
  - 2ebfffb0e8

- CVE-2025-8961

    A weakness has been identified in LibTIFF 4.7.0. This affects the
    function main of the file tiffcrop.c of the component tiffcrop.
    Executing manipulation can lead to memory corruption. The attack can
    only be executed locally. The exploit has been made available to the
    public and could be exploited.

For more information, see:
  - https://nvd.nist.gov//vuln/detail/CVE-2025-8961
  - 0ac97aa7a5

- CVE-2025-9165

    A flaw has been found in LibTIFF 4.7.0. This affects the function
    _TIFFmallocExt/_TIFFCheckRealloc/TIFFHashSetNew/InitCCITTFax3 of the
    file tools/tiffcmp.c of the component tiffcmp. Executing
    manipulation can lead to memory leak. The attack is restricted to
    local execution. The exploit has been published and may be used.
    This patch is called ed141286a37f6e5ddafb5069347ff5d587e7a4e0. It is
    best practice to apply a patch to resolve this issue.

For more information, see:
  - https://nvd.nist.gov//vuln/detail/CVE-2025-9165
  - ed141286a3

This commit also updates the LICENSE.md hash file, which was updated
upstream to include a historical license. See:
a0b623c780

[1] b3974df966 package/tiff: add patches to fix CVE-2025-8176
[2] 3db725d71d package/tiff: add patch to fix CVE-2025-8177

Signed-off-by: Thomas Perale <thomas.perale@mind.be>
[Julien: fix license hash]
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 9e67ae519f)
Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
 2025-09-30 11:32:16 +02:00
Thomas Perale
11f0a5f5e2 package/tiff: ignore CVE-2025-8851 
The CVE-2025-8851 [1] has been fixed in upstream commit [2] that is part
of the v4.7.0 release.

Because the NVD reference includes the version '<2024-08-11' most of CVE
checker will fail to compare it against 4.7.0 and report it as a
positive.

[1] https://nvd.nist.gov//vuln/detail/CVE-2025-8851
[2] 8a7a48d7a6

Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 740412aefc)
Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
 2025-09-30 11:32:08 +02:00
Neal Frager
d747b7aae1 boot/xilinx-prebuilt: add support for plmfw.elf filename 
AMD / Xilinx has made the decision to change the name of plm.elf to plmfw.elf
in the prebuilt binaries repo starting with the next update.

This patch updates the xilinx-prebuilt package to support either the old
plm.elf filename or the new plmfw.elf filename.

Signed-off-by: Neal Frager <neal.frager@amd.com>
Reviewed-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 6f435187c6)
Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
 2025-09-30 11:31:58 +02:00
Neal Frager
713f7c47f8 boot/uboot: use BR2_TARGET_XILINX_FIRMWARE_ARCH_SUPPORTS 
Migrate the BR2_TARGET_UBOOT_ZYNQMP dependency to the new
BR2_TARGET_XILINX_FIRMWARE_ARCH_SUPPORTS symbol. Also, add a cpu dependency
on BR2_cortex_a53 since the zynqmp platform is based on the ARM Cortex-A53
and the BR2_TARGET_UBOOT_ZYNQMP should not be available for other CPUs with
aarch64 architecture.

Signed-off-by: Neal Frager <neal.frager@amd.com>
Reviewed-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 5986c51219)
Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
 2025-09-30 11:31:52 +02:00
Neal Frager
4f73d98026 boot/xilinx-prebuilt: only allow binaries for device family 
Add an architecture cpu dependency to each family to make sure that users can
only install prebuilt firmware which is applicable to their target device
family.

The versal family is based on BR2_cortex_a72.

The kria and zynqmp families are based on BR2_cortex_a53.

Signed-off-by: Neal Frager <neal.frager@amd.com>
Reviewed-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 92f76f6c35)
Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
 2025-09-30 11:31:44 +02:00
Neal Frager
6f5a9d7e36 boot/xilinx-embeddedsw: only allow apps for device family 
Add an architecture cpu dependency to each application to make sure that users
can only build applications which are applicable to their target device
family.

The versal_plm and versal_psmfw applications are specific to versal devices
which are based on BR2_cortex_a72.

The zynqmp_pmufw application is specific to zynqmp devices which are based on
BR2_cortex_a53.

Signed-off-by: Neal Frager <neal.frager@amd.com>
Reviewed-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 9e25bcfdab)
Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
 2025-09-30 11:31:38 +02:00
Neal Frager
a29eff0860 boot: add BR2_TARGET_XILINX_FIRMWARE_ARCH_SUPPORTS 
Currently, the xilinx-embeddedsw and xilinx-prebuilt packages are appearing
for any aarch64 processor. As all Xilinx processors that need these packages
are ARM Cortex-A53 or ARM Cortex-A72, this means that these packages are
often appearing as options for non-Xilinx platforms.

To reduce this occurrence, this patch creates a new symbol
BR2_TARGET_XILINX_FIRMWARE_ARCH_SUPPORTS to limit the appearance of the
xilinx-embeddedsw and xilinx-prebuilt boot packages to only platforms based
on the BR2_cortex_a53 or BR2_cortex_a72 CPU and aarch64 architecture.

Signed-off-by: Neal Frager <neal.frager@amd.com>
Reviewed-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 5b1a52aea0)
Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
 2025-09-30 11:31:30 +02:00
Scott Fan
fe6a87cb86 package/libopenssl: bump version to 3.5.3 
This release incorporates the following bug fixes and mitigations:
- Added FIPS 140-3 PCT on DH key generation.
- Fixed the synthesised OPENSSL_VERSION_NUMBER.

https://github.com/openssl/openssl/releases/tag/openssl-3.5.3

Signed-off-by: Scott Fan <fancp2007@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 92a6b6c108)
Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
 2025-09-30 11:31:13 +02:00
Titouan Christophe
d2214afdf2 package/cutekeyboard: fix CUTEKEYBOARD_VERSION 
Make CUTEKEYBOARD_VERSION compliant with release-monitoring.org

Fixes: b28ec6f431

(alternative to commit 1488546429)
Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
(cherry picked from commit 6e2b0dd923)
Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
 2025-09-30 11:30:57 +02:00
Adam Duskett
de786cdc70 DEVELOPERS: Remove adam.duskett@amarulasolutions from sway packages 
Patches submitted to update these packages have gone ignored for
months without comment, and I no longer wish to recieve daily
emails about them being out of date.

Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 20f99312c9)
Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
 2025-09-30 11:30:42 +02:00
Scott Fan
1316225788 board/qemu/{x86, x86_64}: fix shellcheck warning in post-build.sh 
This removes a warning reported by shellcheck: "Double quote to prevent
globbing and word splitting". As a result, the file can be removed from
.checkpackageignore.

Signed-off-by: Scott Fan <fancp2007@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit e7937c52b6)
Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
 2025-09-30 11:30:30 +02:00
Dario Binacchi
dcd616e497 DEVELOPERS: add Dario Binacchi for bc 
Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit d2bd465525)
Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
 2025-09-30 11:30:24 +02:00
Adrian Perez de Castro
d2c6b391e7 package/sysprof: unconditionally select elfutils 
The elfutils package provides libdw, which is required by sysprof.
It is not an optional dependency.

Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 194a6e0391)
Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
 2025-09-30 11:30:12 +02:00
Adrian Perez de Castro
13cafab9d1 package/sysprof: disable debuginfod support 
This fixes building sysprof when elfutils is also selected (which is
a common setup). The debuginfod client support relies in elfutils
being built with the libdebuginfod option enabled; but Buildroot
unconditionally disables it in the elfutils package. See commit [1].

[1] 52c5c6050c

Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
[Julien: add link to commit disabling debuginfod]
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 8d01dfebd3)
Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
 2025-09-30 11:29:25 +02:00
Alexis Lothoré
8143149376 docs/manual: update old git links to proper gitlab location 
Some links are still pointing to git.buildroot.org, which is the old URL
for the official Buildroot git repository. The repository is now hosted
at gitlab.com. Update those old links accordingly.

Signed-off-by: Alexis Lothoré <alexis.lothore@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 3ae80441ed)
Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
 2025-09-30 11:29:18 +02:00
Alexis Lothoré
ccfd3e3fa5 docs/manual: update links to buildroot.org from http to https 
Many links pointing to buildroot.org are still prefixed with HTTP.
Update those to HTTPS.

Signed-off-by: Alexis Lothoré <alexis.lothore@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 6f29c81703)
Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
 2025-09-30 11:29:12 +02:00
Titouan Christophe
c50711ddf5 package/syslog-ng: security bump to v4.8.3 
See the release notes:
- https://github.com/syslog-ng/syslog-ng/releases/tag/syslog-ng-4.8.2
- https://github.com/syslog-ng/syslog-ng/releases/tag/syslog-ng-4.8.3

This fixes the following vulnerability:
- CVE-2024-47619:
    syslog-ng is an enhanced log daemo. Prior to version 4.8.2,
    `tls_wildcard_match()` matches on certificates such as `foo.*.bar`
    although that is not allowed. It is also possible to pass partial
    wildcards such as `foo.a*c.bar` which glib matches but should be
    avoided / invalidated. This issue could have an impact on TLS
    connections, such as in man-in-the-middle situations. Version 4.8.2
    contains a fix for the issue.
    https://www.cve.org/CVERecord?id=CVE-2024-47619

Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 7660818b4b)
Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
 2025-09-30 11:29:05 +02:00
Titouan Christophe
0e9a2ddd00 package/cups: security bump to v2.4.14 
See the release notes:

- https://github.com/OpenPrinting/cups/releases/tag/v2.4.13
- https://github.com/OpenPrinting/cups/releases/tag/v2.4.14

This fixes the following vulnerabilities:
- CVE-2025-58060:
    OpenPrinting CUPS is an open source printing system for Linux and
    other Unix-like operating systems. In versions 2.4.12 and earlier,
    when the `AuthType` is set to anything but `Basic`, if the request
    contains an `Authorization: Basic ...` header, the password is not
    checked. This results in authentication bypass. Any configuration that
    allows an `AuthType` that is not `Basic` is affected. Version 2.4.13
    fixes the issue.
    https://www.cve.org/CVERecord?id=CVE-2025-58060

- CVE-2025-58364:
    OpenPrinting CUPS is an open source printing system for Linux and
    other Unix-like operating systems. In versions 2.4.12 and earlier, an
    unsafe deserialization and validation of printer attributes causes
    null dereference in the libcups library. This is a remote DoS
    vulnerability available in local subnet in default configurations. It
    can cause the cups & cups-browsed to crash, on all the machines in
    local network who are listening for printers (so by default for all
    regular linux machines). On systems where the vulnerability
    CVE-2024-47176 (cups-filters 1.x/cups-browsed 2.x vulnerability) was
    not fixed, and the firewall on the machine does not reject incoming
    communication to IPP port, and the machine is set to be available to
    public internet, attack vector "Network" is possible. The current
    versions of CUPS and cups-browsed projects have the attack vector
    "Adjacent" in their default configurations. Version 2.4.13 contains a
    patch for CVE-2025-58364.
    https://www.cve.org/CVERecord?id=CVE-2025-58364

Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 89fd61a127)
Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
 2025-09-30 11:28:57 +02:00
Angelo Compagnucci
808f9b7f9b package/cups: bump to version 2.4.12 
Changelog:
https://github.com/OpenPrinting/cups/releases/tag/v2.4.12
https://github.com/OpenPrinting/cups/blob/v2.4.12/CHANGES.md

This commit also updates the NOTICE license file hash, after a year
update in upstream commit:
9bf6404b52

Signed-off-by: Angelo Compagnucci <angelo.compagnucci@gmail.com>
[Julien:
 - add link to CHANGES.md
 - add comment about license hash change in commit log
]
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit f6be007591)
Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
 2025-09-30 11:28:51 +02:00
Dario Binacchi
7524d3c228 DEVELOPERS: add Dario Binacchi for connman 
Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 5f63c441f8)
Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
 2025-09-30 11:28:42 +02:00
Dario Binacchi
6afb50fe42 package/connman: security bump to version 1.45 
This bump includes the security fixes for CVE-2025-32366 and
CVE-2025-32743.

Release notes:
- Fix issue with setting MFP optional for PSK.
- Fix issue with comparison in timezone checking.
- Fix issue with dnsproxy and empty lookup.

See also:
https://git.kernel.org/pub/scm/network/connman/connman.git/tree/ChangeLog?h=1.45
https://git.kernel.org/pub/scm/network/connman/connman.git/log/?h=1.45

Fixes:
https://www.cve.org/CVERecord?id=CVE-2025-32366
https://www.cve.org/CVERecord?id=CVE-2025-32743

Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
[Julien: add links to change logs]
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit f0b011e0aa)
Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
 2025-09-30 11:28:36 +02:00
Scott Fan
bed14dbc3e board/loongarch64-efi: fix typo in grub config 
Signed-off-by: Scott Fan <fancp2007@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 7f620c7a05)
Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
 2025-09-30 11:28:27 +02:00
Peter Korsgaard
205eee9a6a package/openjpeg: bump version to 2.5.4 
And drop now included security patch. For details, see:

https://github.com/uclouvain/openjpeg/releases/tag/v2.5.4

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 4655cfd8f3)
Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
 2025-09-30 11:28:19 +02:00
Alexis Lothoré
3af6b2fe9b docs/manual/getting: fix dead link 
When searching for the official git repository in the documentation,
readers are forwarded to the buildroot website Download page with a link
pointing to buildroot.org/download, which returns a 404.

Fix the dead link by adding the missing .html suffix.

Signed-off-by: Alexis Lothoré <alexis.lothore@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 8845586fc6)
Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
 2025-09-30 11:28:12 +02:00
Peter Korsgaard
c10902b986 package/rtl_433: do not leak Buildroot git info 
The CMake build system has logic to detect the git repo info and include it
in the version output.  This unfortunately gets confused and adds the git
info of the Buildroot repository when building inside the repo:

-- Found Git version: refs/heads/rtl_433-25.02 commit a367362af0                                 from 2025-09-21T20:07:58+0200
-- Using Git version tag: 2025.08-283-ga367362af0 on rtl_433-25.02 at 202509212007

rtl_433 -V
rtl_433 version 2025.08-283-ga367362af0 branch rtl_433-25.02 at 202509212007 inputs file rtl_tcp RTL-SDR

Pass GIT_DIR=.  to the configure step similar to how it is already done for
the build step to disable this.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 817611686a)
Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
 2025-09-30 11:28:04 +02:00
Yegor Yefremov
164c1f06f2 package/libxmlrpc: add BR2_USE_MMU dependency 
Build fails with:
server.c: In function 'ServerDaemonize':
server.c:1590:13: error: implicit declaration of function 'fork'
[-Wimplicit-function-declaration]
 1590 |     switch (fork()) {
      |             ^~~~

Hence, add BR2_USE_MMU to avoid building with toolchains without MMU
support.

Fixes:
https://autobuild.buildroot.org/results/10464159f2a9ff41ea0921a45ce12ecd0fa50ae7/

Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
[Julien: move BR2_USE_MMU up to fix check-package error]
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 059138326e)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-09-25 16:44:55 +02:00
Romain Naour
20ec76e60d support/testing: GitTestBase: remove git daemon due to Gitlab-CI security settings 
TestGitHash and TestGitRefs are failing on Gitlab-CI since 2025-08-18
(first runtime-test failures report for master) [1] due a new Gitlab-CI
security settings that prevents the any use of localhost (127.0.0.1) on
the Gitlab-CI runner [2]:

"To prevent exploitation of insecure internal web services, all webhook
 and integration requests to the following local network addresses are
 not allowed:

 Private network addresses, including 127.0.0.1, ::1, 0.0.0.0,
 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16, and IPv6 site-local
 (ffc0::/10) addresses."

Gitlab suggest using a second container as a Services [3] since each
containers have access to one another and can communicate when running
the job. But this is really not practical to run git daemon since the
service is started before the Buildroot git tree is fetched and git
daemon needs git-remote directory content.

See [4]:
"If you have your service that tries to write to CI_PROJECT_DIR
 immediately after it's started - it will not work and fail with an
 error like '/builds/nknapp/gitlab-ci-test/': No such file or directory
 error. Because that directory is most probably not there yet, as the
 job step that creates it is yet to be executed!"

Also, using Gitlab-CI services requires to handle GitTestBase setUp
differently on Gitlab-CI than local use of run-tests.
So Gitlab-CI services is not an option.

We could move support/testing/tests/download/git-remote to our Gitlab
group (https://gitlab.com/buildroot.org) but since it's only intended
for testing the git download backend, we don't really want to do that.

So the only remaining choice to clone the repository from the Buildroot
git tree (local machine).

To do so, we have to do the following changes:

- Replace all "git://localhost:$(GITREMOTE_PORT_NUMBER)" by
  "$(GITREMOTE_DIR)". GITREMOTE_DIR will contain the absolute path to
  tests/download/git-remote directory.

- Force to use git download backend using "SITE_METHOD = git" otherwise
  the download infra will fall back using wget download backend.

- Cloning a git repository with submodules using the "file://" protocol
  needs to be allowed from git config. It's disabled by default:
  "fatal: transport 'file' not allowed"
  Use a local gitconfig file generated by GitTestBase before starting
  TestGitHash and TestGitRefs with:

  [protocol "file"]
    allow = always

  This is considered safe since we are using a git repository from the
  Buildroot git tree.

- Running TestGitHash and TestGitRefs on Gitlab-CI requires additional
  git config settings to disable ownership check of the git tree [5].

Thanks to Arnout for advices about GIT_CONFIG_GLOBAL.

Runtime tested:
https://gitlab.com/kubu93/buildroot/-/jobs/11428504450 (TestGitHash)
https://gitlab.com/kubu93/buildroot/-/jobs/11428490035 (TestGitRefs)

[1] https://lore.kernel.org/buildroot/68a3ee65.500a0220.397724.30db@mx.google.com/
[2] https://docs.gitlab.com/security/webhooks/#allow-requests-to-the-local-network-from-webhooks-and-integrations
[3] https://docs.gitlab.com/ci/services/
[4] https://gitlab.com/gitlab-org/gitlab-runner/-/issues/25982#note_2139685797
[5] a016b693f7

Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/11271124174 (TestGitHash)
https://gitlab.com/buildroot.org/buildroot/-/jobs/11271124173 (TestGitRefs)

Cc: Arnout Vandecappelle <arnout@rnout.be>
Signed-off-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit a367362af0)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-09-25 16:44:40 +02:00
Romain Naour
5ceb38f692 support/testing: TestZfsUclibc: use internal backend for uClibc-ng toolchain 
As reported on the mailing list [1] while investigating the
TestZfsUclibc Gitlab-CI failure, the python 3.13 interpreter itsef
segfault at runtime:

  Fatal Python error: _PyThreadState_Attach: non-NULL old thread state
  Python runtime state: preinitialized
  Thread 0xSegmentation fault

This issue is related to the python 3.13 version bump [2] were several
internal changes were added [3] to support PEP 703 [4].
PEP 793 is about CPython’s global interpreter lock (“GIL”) removal
for multi-threads support that requires a working C11 "thread_local"
for thread-local storage [5].

The new uclibc-ng 1.0.55 release contains a fix for this issue [6].
This version is included in Buildroot commit [7].

Since the prebuilt Bootling aarch64 uclibc stable 2025.08-1 is based
on previous uClibc-ng release (1.0.54) we have to use the internal
toolchain backend to build a new uClibc-ng toolchain using uclibc-ng
1.0.55. Note: the toolchain config defined in this commit reflects
the options enabled in the Bootling aarch64 uclibc external
toolchains.

Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/11271124859 (TestZfsUclibc)

[1] https://lore.kernel.org/buildroot/7a4d245d-1556-43c9-8997-6b1f791afbfe@gmail.com/ (TestZfsUclibc)
[2] d63e207eb8
[3] 6e97a9647a
[4] https://peps.python.org/pep-0703/
[5] https://gcc.gnu.org/onlinedocs/gcc-15.1.0/gcc/Thread-Local.html
[6] 94c1297d52
[7] 5250bba8e5

Cc: José Luis Salvador Rufo <salvador.joseluis@gmail.com>
Tested-by: José Luis Salvador Rufo <salvador.joseluis@gmail.com>
Cc: Waldemar Brodkorb <wbx@openadk.org>
Signed-off-by: Romain Naour <romain.naour@smile.fr>
[Julien:
 - add link to buildroot commit updating uclibc-ng to 1.0.55
 - add a note in the commit log about the toolchain config
]
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 5208b7a1bd)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-09-25 16:44:29 +02:00
Dario Binacchi
b25b1e2a05 package/atop: security bump to version 2.11.1 
This bump includes the security fix for CVE-2025-31160.

Release notes:
https://www.atoptool.nl/downloadatop.php

Fixes:
https://www.cve.org/CVERecord?id=CVE-2025-31160

Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
[Julien:
 - add "security" in commit log title
 - add link to CVE
]
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 45e7fe2811)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-09-25 16:44:17 +02:00
Waldemar Brodkorb
a663637bea package/uclibc: bump to 1.0.55 
Finally the aarch64 tls bug is fixed. (python 3.13 segfault)
Unfortunately it is not covered by any testcase of uClibc-ng-test.

Here is the git shortlog for the release:

Marius Melzer (1):
      malloc-standard: Fix truncation problem in malloc

Waldemar Brodkorb (5):
      Fix Sysvipc for ARM, AARCH64, RISCV64, KVX and m68k
      remove uClibc specific gettext_printf
      aarch64: do not force tls-model in CPU_CFLAGS, this isn't required
      aarch64: respect r_addend for TLSDESC relocations
      bump version for 1.0.55 release

yliu (5):
      mips32: Preventing FORCE_FRAME_POINTER from being optimized away
      mips32: Define __IPC_64 according to kernel version
      time64: fixed msgctl/semctl/shmctl result errors for for MIPS32/RISCV32
      time64: fix *ctl functions in mips32eb/mips64
      time64: fix *ctl functions in mips32eb

Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
Tested-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 5250bba8e5)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-09-25 16:44:06 +02:00
Dario Binacchi
341f786325 DEVELOPERS: add Dario Binacchi for cmocka 
Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 190c482335)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-09-25 16:43:56 +02:00
Dario Binacchi
15a92cb7b4 DEVELOPERS: add Dario Binacchi for atf 
Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 713fbb1f39)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-09-25 16:43:43 +02:00
Thomas Perale
1fefe3eed0 package/poco: add patch for CVE-2025-6375 
This fixes the following vulnerability:

- CVE-2025-6375:

A vulnerability was found in poco up to 1.14.1. It has been rated as
problematic. Affected by this issue is the function MultipartInputStream
of the file Net/src/MultipartReader.cpp. The manipulation leads to null
pointer dereference. The attack needs to be approached locally. The
exploit has been disclosed to the public and may be used. Upgrading to
version 1.14.2 is able to address this issue. The patch is identified as
6f2f85913c191ab9ddfb8fae781f5d66afccf3bf. It is recommended to upgrade
the affected component.

For more information see:
  - https://nvd.nist.gov//vuln/detail/CVE-2025-6375
  - 6f2f85913c

Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 36357247d5)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-09-25 16:43:28 +02:00
Maxim Kochetkov
0205d06c6a package/postgresql: security bump to version 17.6 
Fixes the following security issue:

CVE-2025-8713: PostgreSQL optimizer statistics can expose sampled data
within a view, partition, or child table

PostgreSQL optimizer statistics allow a user to read sampled data within
a view that the user cannot access. Separately, statistics allow a user
to read sampled data that a row security policy intended to hide.
PostgreSQL maintains statistics for tables by sampling data available in
columns; this data is consulted during the query planning process. Prior
to this release, a user could craft a leaky operator that bypassed view
access control lists (ACLs) and bypassed row security policies in
partitioning or table inheritance hierarchies. Reachable statistics data
notably included histograms and most- common-values lists. CVE-2017-7484
and CVE-2019-10130 intended to close this class of vulnerability, but
this gap remained. Versions before PostgreSQL 17.6, 16.10, 15.14, 14.19,
and 13.22 are affected.

CVE-2025-8714: PostgreSQL pg_dump lets superuser of origin server execute
arbitrary code in psql client

Untrusted data inclusion in pg_dump in PostgreSQL allows a malicious
superuser of the origin server to inject arbitrary code for restore-time
execution as the client operating system account running psql to restore
the dump, via psql meta-commands. pg_dumpall is also affected. pg_restore
is affected when used to generate a plain-format dump. This is similar to
MySQL CVE-2024-21096. Versions before PostgreSQL 17.6, 16.10, 15.14,
14.19, and 13.22 are affected.

CVE-2025-8715: PostgreSQL pg_dump newline in object name executes
arbitrary code in psql client and in restore target server

Improper neutralization of newlines in pg_dump in PostgreSQL allows a user
of the origin server to inject arbitrary code for restore-time execution
as the client operating system account running psql to restore the dump,
via psql meta-commands inside a purpose-crafted object name. The same
attacks can achieve SQL injection as a superuser of the restore target
server. pg_dumpall, pg_restore, and pg_upgrade are also affected.
Versions before PostgreSQL 17.6, 16.10, 15.14, 14.19, and 13.22 are affected.
Versions before 11.20 are unaffected. CVE-2012-0868 had fixed this class
of problem, but version 11.20 reintroduced it.

https://www.postgresql.org/about/news/postgresql-176-1610-1514-1419-1322-and-18-beta-3-released-3118/

Signed-off-by: Maxim Kochetkov <fido_max@inbox.ru>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 4f0a9596e3)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-09-25 16:43:16 +02:00
Scott Fan
b787fbf039 configs/qemu: update defconfigs to Linux 6.12.47 
Update all qemu defconfigs to the latest Kernel LTS version.

Signed-off-by: Scott Fan <fancp2007@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit f83cb153a5)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-09-25 16:43:00 +02:00
Waldemar Brodkorb
87ef302232 package/x11r7/xapp_xdm: bump to 1.1.17 
See here for Changes:
https://lists.x.org/archives/xorg/2025-March/061902.html

Fixes a compile error with gcc 14.x.

COPYRIGHT was updated:
-Copyright (c) 2002, 2006, 2009, 2010, Oracle and/or its affiliates.
-All rights reserved.
+Copyright (c) 2002, 2006, 2009, 2010, 2025, Oracle and/or its affiliates.

Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
[Julien: fix COPYING license hash]
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit c878e08839)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-09-25 16:42:28 +02:00
Waldemar Brodkorb
efe65b09b4 package/x11r7/xapp_xdm: needs libxcrypt 
While doing a per-package build the package is failing to
compile with this error (gcc 13.x glibc toochain):
make[3]: Entering directory
'/home/wbx/buildroot-2025.02.3/output/build/xapp_xdm-1.1.14/xdm'   CC
session.o session.c:146:11: fatal error: crypt.h: No such file or
directory   146 | # include <crypt.h>       |           ^~~~~~~~~
compilation terminated.

Fix this error by providing the needed glibc dependencies.

Fixes:
 https://autobuild.buildroot.org/results/b75/b75ad8f1159613656dce482992c800545d60ae69/

Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 2d076a1b76)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-09-25 16:42:18 +02:00
Thomas Perale
bcdd49dceb package/civetweb: add patch for CVE-2025-55763 
This fixes the following vulnerability:

- CVE-2025-55763

Buffer Overflow in the URI parser of CivetWeb 1.14 through 1.16 (latest)
allows a remote attacker to achieve remote code execution via a crafted
HTTP request. This vulnerability is triggered during request processing
and may allow an attacker to corrupt heap memory, potentially leading to
denial of service or arbitrary code execution.

For more information, see:
  - https://nvd.nist.gov//vuln/detail/CVE-2025-55763
  - 76e222bcb7

Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 426d7635c7)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-09-25 16:42:02 +02:00
Thomas Petazzoni
f5d88700ec package/c-icap-modules: fix build with GCC 15.x 
Add a patch fixing prototype issues with GCC 15.x. The patch cannot be
submitted upstream because the problematic code has completely changed
in newer releases.

No autobuilder failures because they were hidden by 'c-icap' not
building with GCC 15.x.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 2febca71f7)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-09-25 16:41:47 +02:00
Thomas Petazzoni
9cd0b8a4f8 package/c-icap: add patches to fix GCC 15.x build issues 
Patches 0003 and 0004 are upstream backport. Patch 0005 isn't because
the code has completely changed upstream in newer releases.

Fixes:

  https://autobuild.buildroot.net/results/e9b4d9033f0283b133b58049a03b5f0b595e30db/

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit b832fce891)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-09-25 16:41:37 +02:00
Thomas Petazzoni
3dc5ad8ced package/libfreeimage: fix build with GCC 14.x 
Take two patches from the Debian jxrlib package, and integrate them to
fix the build of the bundled jxrlib library found in the libfreeimage
package.

libfreeimage isn't exactly well maintained: its last version 3.18.0 is
quite old (July 2018), there's a fairly large number of tickets in the
bug tracker claiming to be CVE
reports (https://sourceforge.net/p/freeimage/bugs/), it is still using
SVN as the version control system.

However, it is used as an optional dependency for CEGUI, and a
mandatory dependency for Ogre. However, it no longer seems to be a
dependency for more recent versions of Ogre. But in any case it cannot
simply be dropped.

Fixes:

  https://autobuild.buildroot.net/results/452462285bf93b13f092fb41696952f415e75b2f/

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 21ea33c764)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-09-25 16:41:27 +02:00
Thomas Petazzoni
232718e303 package/chocolate-doom: bump to 3.1.1 to fix GCC 15.x issues 
Changes in 3.1.0:

  https://github.com/chocolate-doom/chocolate-doom/releases/tag/chocolate-doom-3.1.0

Changes in 3.1.1:

  https://github.com/chocolate-doom/chocolate-doom/releases/tag/chocolate-doom-3.1.1

The SDL2_mixer and SDL2_net dependencies are now optional since 3.1.0,
so adjust the packaging accordingly.

Also, the license file was renamed upstream in commit:
91a66a7ecb
So _LICENSE_FILES and the .hash file are also updated to reflect
that change.

Fixes:

  https://autobuild.buildroot.net/results/90a01c5925e7f5f50b3ea06d6ea7b0da66814a15/

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
[Julien: fix license file and hash]
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit be466c265b)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-09-25 16:41:12 +02:00
Thomas Perale
2a81f91839 package/jasper: add patch for CVE-2025-8835 
This fixes the following vulnerability:

- CVE-2025-8835:

A vulnerability was found in JasPer up to 4.2.5. Affected by this
vulnerability is the function jas_image_chclrspc of the file
src/libjasper/base/jas_image.c of the component Image Color Space
Conversion Handler. The manipulation leads to null pointer dereference.
It is possible to launch the attack on the local host. The exploit has
been disclosed to the public and may be used. The identifier of the
patch is bb7d62bd0a2a8e0e1fdb4d603f3305f955158c52. It is recommended to
apply a patch to fix this issue.

For more information see:
  - https://nvd.nist.gov//vuln/detail/CVE-2025-8835
  - bb7d62bd0a

Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 6e81b51f68)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-09-25 16:41:02 +02:00
Thomas Perale
8b0e1b7a98 package/jasper: add patch for CVE-2023-51257 
This fixes the following vulnerability:

- CVE-2023-51257:

An invalid memory write issue in Jasper-Software Jasper v.4.1.1 and
before allows a local attacker to execute arbitrary code.

For more information see:
  - https://nvd.nist.gov//vuln/detail/CVE-2023-51257
  - aeef5293c9

Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 860c35d1ac)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-09-25 16:40:51 +02:00
Thomas Perale
6726e03471 package/lua/5.1.5: add patch for CVE-2014-5461 
This CVE is specific for the version 5.1.5 still present in Buildroot.
It has been fixed in 5.2.3 and thereby doesn't affects the other
versions available in Buildroot.

- CVE-2014-5461

Buffer overflow in the vararg functions in ldo.c in Lua 5.1 through
5.2.x before 5.2.3 allows context-dependent attackers to cause a denial
of service (crash) via a small number of arguments to a function with a
large number of fixed arguments.

For more information see:
  - https://security-tracker.debian.org/tracker/CVE-2014-5461
  - https://udd.debian.org/patches.cgi?src=lua5.1&version=5.1.5-11

A patch present in Debian is used to address this vulnerability.

Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit a2c906ee3b)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-09-25 16:40:36 +02:00
Titouan Christophe
ede4af8c58 package/opencv4 (-contrib): security bump to v4.12.0 
This fixes the following vulnerability:
- CVE-2025-53644:
    OpenCV is an Open Source Computer Vision Library. Versions prior to
    4.12.0 have an uninitialized pointer variable on stack that may lead
    to arbitrary heap buffer write when reading crafted JPEG images.
    Version 4.12.0 fixes the vulnerability.
    https://www.cve.org/CVERecord?id=CVE-2025-53644

Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 9c365fee97)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-09-25 16:39:55 +02:00
Thomas Perale
93f886ae79 package/zziplib: fix deprecated CPE 
The CPE 'zziplib_project:zziplib' is deprecated in favour of
'gdraheim:zziplib'.

See https://nvd.nist.gov/products/cpe/detail/FB4124F9-087E-454D-B5D4-642FF08B23A8

Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit c9d185e182)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-09-25 16:37:34 +02:00
Thomas Perale
2dc5d2cc70 package/x11r7/xserver_xorg-server: fix deprecated CPE 
The CPE 'x.org:xorg-server' is deprecated in favour of
'x.org:x_server'.

See the following:
  - https://nvd.nist.gov/products/cpe/detail/F6729083-29EE-4772-9DFF-80B43980D6BE
  - https://nvd.nist.gov/vuln/detail/CVE-2025-26601

Signed-off-by: Thomas Perale <thomas.perale@mind.be>
[Julien: fix "xorg-server:x_server" to "x.org:x_server" in commit log]
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 85c71fee3f)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-09-25 16:37:24 +02:00
Thomas Perale
a21dde67e9 package/python-aiohttp-session: fix deprecated CPE 
The CPE 'aiohttp-session_project:aiohttp-session' has been deprecated in
favour of 'aiohttp-session:aiohttp-session'.

See https://nvd.nist.gov/products/cpe/detail/667389BF-3561-49F9-A61A-6C86C7B82922

Signed-off-by: Thomas Perale <thomas.perale@mind.be>
[Julien: add https:// prefix to url in commit log]
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit fdb540a00e)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-09-25 16:37:15 +02:00
Thomas Perale
76aae2522e package/modsecurity2: fix deprecated CPE 
The CPE 'trustwave:modsecurity' has been deprecated in favour of
'owasp:modsecurity'.

See the following:
  - https://nvd.nist.gov/products/cpe/detail/B305D665-44EC-44A6-8C46-C68BFDAD7C38
  - https://nvd.nist.gov/vuln/detail/CVE-2025-48866

Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 843707ba1e)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-09-25 16:37:05 +02:00
Thomas Perale
533b690c9a package/iputils: fix deprecated CPE 
The CPE 'iputils_project:iputils' has been deprecated in favour of
'iputils:iputils'.

Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 4ac3c1de56)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-09-25 16:36:54 +02:00
Thomas Perale
6eddb6ec8b package/upx: fix deprecated CPE 
The CPE 'upx_project:upx' has been deprecated in favour of 'upx:upx'.

See the following:
  - https://nvd.nist.gov/products/cpe/detail/36CA8E94-4A35-4373-8D69-22313060322B
  - https://nvd.nist.gov/vuln/detail/CVE-2020-24119

Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit ff492a2c87)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-09-25 16:36:38 +02:00
Thomas Perale
f82e6b2aa0 package/python-cryptography: fix deprecated CPE 
The CPE 'cryptography_project:cryptography' has been deprecated in
favour of 'cryptography.io:cryptography'.

See the following:
 - https://nvd.nist.gov/products/cpe/detail/2EBA50FC-F3F9-40D5-82BD-EFB67F761153
 - https://nvd.nist.gov/vuln/detail/cve-2023-49083

Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 2f993d55e8)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-09-25 16:36:28 +02:00
Thomas Perale
e336b24533 package/pango: fix deprecated CPE 
The CPE 'pango:pango' has been deprecated in favour of 'gnome:pango'.

See https://nvd.nist.gov/products/cpe/detail/19B77822-6C34-41C8-8160-367D56AD1569

Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 6c5f1b6414)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-09-25 16:36:17 +02:00
Thomas Perale
b20a5a4469 package/gnuplot: fix deprecated CPE 
The CPE 'gnuplot_project:gnuplot' has been deprecated in favour of
'gnuplot:gnuplot'.

See the following:
  - https://nvd.nist.gov/products/cpe/detail/DB68C9F5-3330-4749-A6F5-61FF041037CC
  - https://nvd.nist.gov/vuln/detail/cve-2025-31178

Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 0bbefd60f7)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-09-25 16:36:08 +02:00
Thomas Perale
5a38071dc4 package/cpp-httplib: fix deprecated CPE 
The CPE 'cpp_httplib_project:cpp-httplib' has been deprecated in favour
of 'yhirose:cpp-httplib'.

See https://nvd.nist.gov/products/cpe/detail/5D557BEA-8246-464C-AB90-EA9495A0732A

Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit cf480bda61)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-09-25 16:35:57 +02:00
Thomas Perale
b7c93d1b5d package/boinc: fix deprecated CPE 
The CPE 'rom_walton:boinc' has been deprecated in favour of
'universityofcalifornia:boinc_client'.

See https://nvd.nist.gov/products/cpe/detail/DAC161C5-2154-44BF-916A-EACB524E8B8F

Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 143bb15d6e)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-09-25 16:35:46 +02:00
Thomas Perale
34377d3ca5 package/asterisk: fix deprecated CPE ID 
The CPE 'asterisk:open_source' has been deprecated in favour of
'sangoma:asterisk'.

See the following for more information:
 - https://nvd.nist.gov/products/cpe/detail/7FC01D7D-5AE9-42A8-B31E-A99E745E5BE5
 - https://github.com/asterisk/asterisk/security
 - https://nvd.nist.gov/vuln/detail/CVE-2024-42491

Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 505cd0d367)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-09-25 16:35:35 +02:00
James Hilliard
4b9bfdf08e utils/scanpypi: remove python six module 
We dropped support for python2 a while back in [1], as such we
can remove the python six module which was only needed for
backwards comaptibility with python2.

[1] 2743ce00ca

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
[Julien: add commit ref removing python2 support]
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 53eb75ef53)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-09-25 16:35:18 +02:00
James Hilliard
c53e310b23 package/python-typing-extensions: bump to version 4.15.0 
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 6ea8e60e49)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-09-25 16:34:00 +02:00
James Hilliard
ee056ed2ea package/python-pytz: bump to version 2025.2 
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 9a54553b85)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-09-25 16:31:01 +02:00
Fiona Klute (WIWA)
c8055b92f0 package/python-trove-classifiers: bump to version 2025.9.11.17 
package/python-cffi 2.0.0 (bumped in commit
07903d2b27) fails to build due to an
unknown trove-classifier:

* Getting build dependencies for wheel...
configuration error: `project.classifiers[8]` must be trove-classifier
DESCRIPTION:
    `PyPI classifier <https://pypi.org/classifiers/>`_.

GIVEN VALUE:
    "Programming Language :: Python :: Free Threading :: 2 - Beta"

OFFENDING RULE: 'format'

DEFINITION:
    {
        "type": "string",
        "format": "trove-classifier"
    }

For more details about `format` see
https://validate-pyproject.readthedocs.io/en/latest/api/validate_pyproject.formats.html

The list of trove classifiers Setuptools checks against is provided by
package/python-trove-classifiers. Upstream has added the classifier as
of version 2025.5.8.15 [1], as well as a bunch of others [2], so
update to fix the problem.

[1] 331838aaea
[2] https://github.com/pypa/trove-classifiers/compare/2025.1.15.22...2025.9.11.17

Fixes:
- 07903d2b27
- https://autobuild.buildroot.org/results/45b57a919182ae3f9ea0db9b0fa430a72e1e3cdf/

Signed-off-by: Fiona Klute (WIWA) <fiona.klute@gmx.de>
[Julien: add link to autobuilder failure]
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 44e0ba2bd2)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-09-25 16:30:35 +02:00
James Hilliard
61ec739c2a package/python-certifi: bump to version 2025.8.3 
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit b3809dfaf3)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-09-25 16:30:13 +02:00
Julien Olivain
79e39a7ced boot/boot-wrapper-aarch64: add hash file 
Since boot-wrapper-aarch64 introduction in commit [1]
"boot-wrapper-aarch64: new package", the package never received a hash
file. This commit adds it, including the source archive and license
hashes.

[1] 7689b72e00

Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 4b14018a38)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-09-25 16:29:41 +02:00
Julien Olivain
afda443c99 boot/boot-wrapper-aarch64/Config.in: switch homepage URL to https 
Buildroot commit [1] ("package: replace git:// URLs with https://
URLs where possible") switched _SITE URL from git to https, but did
not updated the package homepage in Config.in.

This commit updates it to match the package _SITE URL.

[1] 6626bf7c5f

Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit afff65c340)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-09-25 16:29:21 +02:00
Thomas Devoogdt
a801534ff5 package/webkitgtk: security bump to version 2.48.6 
Fixes a number of crashes. Release notes:

 - https://webkitgtk.org/2025/07/30/webkitgtk2.48.4-released.html
 - https://webkitgtk.org/2025/08/01/webkitgtk2.48.5-released.html
 - https://webkitgtk.org/2025/09/03/webkitgtk2.48.6-released.html

And brings some security fixes. Security advisory:

 - https://webkitgtk.org/security/WSA-2025-0005.html

Signed-off-by: Thomas Devoogdt <thomas@devoogdt.com>
Acked-By: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit dd68f4edd2)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-09-25 16:29:11 +02:00
Peter Korsgaard
87514cc0ae package/cjson: security bump to version 1.7.19 
Fixes the following security issue:

CVE-2025-57052: cJSON 1.5.0 through 1.7.18 allows out-of-bounds access via
the decode_array_index_from_pointer function in cJSON_Utils.c, allowing
remote attackers to bypass array bounds checking and access restricted data
via malformed JSON pointer strings containing alphanumeric characters

https://nvd.nist.gov/vuln/detail/CVE-2025-57052
https://x-0r.com/posts/cJSON-Array-Index-Parsing-Vulnerability
74e1ff4994
https://github.com/DaveGamble/cJSON/releases/tag/v1.7.19

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit a93602c00b)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-09-25 16:28:45 +02:00
Thomas Perale
38eb67b787 package/cjson: update deprecated CPE 
The CPE 'cpe:2.3:a:cjson_project:cjson:0.0.0:*:*:*:*:*:*:*' has been
deprecated in favour of 'cpe:2.3:a:davegamble:cjson:0.0.0:*:*:*:*:*:*:*''

See https://nvd.nist.gov/products/cpe/detail/70BC45DA-D915-4A1D-96AF-84A6CECEE148

Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit d6c05d06d0)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-09-25 16:26:23 +02:00
Titouan Christophe
1f1c903183 package/python-flask-cors: fix PKG_SITE 
python-flask-cors was security bumped in commit 04cd135b26 [1], however this
commit did not update the _SITE url; which changes with each new release on
pypi. Therefore, downloading python-flask-cors would always fail.

Fixes:
https://autobuild.buildroot.org/results/eeadcb2e416cddaa5d059b31ea5dcc9f766a3cff

[1] 04cd135b26

Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
[Julien: add "Fixes" in commit log, from Yegor Yefremov comment]
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit cbc3cb2c8d)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-09-25 16:26:05 +02:00
Titouan Christophe
758e9121a0 {linux, linux-headers}: bump 6.16.x, 6.12.x, 6.6.x, 6.1.x series 
Update the latest kernel releases to:
 - 6.16.7 -> 6.16.8
 - 6.12.47 -> 6.12.48
 - 6.6.106 -> 6.6.107
 - 6.1.152 -> 6.1.153

Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
 2025-09-23 14:56:14 +02:00
Thomas Petazzoni
efdc54b834 package/policycoreutils: fix build with musl due to getpass() 
policycoreutils uses getpass(), which with musl is only defined with
some feature macro defined, such as _GNU_SOURCE. So let's pick-up an
upstream fix to address this issue.

There are no autobuilder failures, the issue was most likely hidden by
other failures with musl affecting the SELinux stack.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit fc472cc8c7)
[thomas: fix patch]
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-09-18 11:41:09 +02:00
Thomas Petazzoni
71b95f9be6 package/libsemanage: fix build issue due to basename() 
The build of libsemanage on musl configurations fails with:

direct_api.c: In function 'semanage_direct_install_file':
direct_api.c:1746:20: error: implicit declaration of function 'basename' [-Wimplicit-function-declaration]
 1746 |         filename = basename(path);
      |                    ^~~~~~~~

This fails to build even with a GCC 14.x toolchain, even with
libsemanage 3.7, which is the version we have in our LTS branch.

Let's backport an upstream patch fixing this issue.

Fixes:

  https://autobuild.buildroot.net/results/913852e35c925888ced37e15be3731b9d3963019/

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 79031b79c2)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-09-18 10:49:11 +02:00
Thomas Petazzoni
349fe10e5b package/libselinux: fix build issues caused by 3.8.1 bump 
Since the bump to version 3.8.1 in commit
1ae3ad4e87, libselinux fails to build
with at least

- Musl configurations
- RISC-V 32-bit configurations
- OpenRISC configurations

These build failures are due to additional checks on the size of some
data structures:

matchpathcon.c:270:47: error: '__ino_t' undeclared here (not in a function); did you mean 'ino_t'?
  270 | static_assert(sizeof(unsigned long) == sizeof(__ino_t), "inode size mismatch");
      |                                               ^~~~~~~
      |                                               ino_t
matchpathcon.c:270:15: error: expression in static assertion is not an integer
  270 | static_assert(sizeof(unsigned long) == sizeof(__ino_t), "inode size mismatch");
      |               ^~~~~~

These issues have been fixed in follow-up upstream commits, which we
backport.

Fixes:

  https://autobuild.buildroot.net/results/00a1ab30cc6b7af503aa96384ba4c4444c217401/ (musl)
  https://autobuild.buildroot.net/results/c8321be687201937bd5eb48b31dfabac12f4e9ea/ (glibc or1k)
  https://autobuild.buildroot.net/results/7b94f44282582d5994f40a741cc0c38bd68b53bd/ (risc-v 32-bit)

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit d5aab5289c)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-09-18 10:48:52 +02:00
Romain Naour
f74ebcf5c4 package/luvi: bump to version 2.15.0 
Luvi 2.14.0 fails to build with GCC 14.x for several reasons due to
too old lua-openssl 0.8.2-0 submodule:

TestLuvi/build/luvi-2.14.0/deps/lua-openssl/src/ocsp.c: In function 'openssl_ocsp_request_read':
TestLuvi/build/luvi-2.14.0/deps/lua-openssl/src/ocsp.c:124:29: error: passing argument 1 of 'PEM_ASN1_read_bio' from incompatible pointer type [-Wincompatible-pointer-types]
  124 |   OCSP_REQUEST *req = pem ? PEM_read_bio_OCSP_REQUEST(bio, NULL, NULL)
      |                             ^~~~~~~~~~~~~~~~~~~~~~~~~
      |                             |
      |                             char * (*)()

Fixed in lua-openssl by [1].

TestLuvi/build/luvi-2.14.0/deps/lua-openssl/src/x509.c: In function 'openssl_push_general_name':
TestLuvi/build/luvi-2.14.0/deps/lua-openssl/src/x509.c:377:45: error: passing argument 2 of 'openssl_push_asn1type' from incompatible pointer type [-Wincompatible-pointer-types]
  377 |     openssl_push_asn1type(L, general_name->d.x400Address);
      |                              ~~~~~~~~~~~~~~~^~~~~~~~~~~~
      |                                             |
      |                                             ASN1_STRING * {aka struct asn1_string_st *}

Fixed in lua-openssl by [2].

TestLuvi/build/luvi-2.14.0/deps/lua-openssl/src/openssl.c: In function 'luaclose_openssl':
TestLuvi/build/luvi-2.14.0/deps/lua-openssl/src/stdatomic.h:387:9: error: implicit declaration of function '__c11_atomic_fetch_sub'; did you mean '__atomic_fetch_sub'? [-Wimplicit-function-declaration]
  387 |         __c11_atomic_fetch_sub(object, operand, order)

Fixed in lua-openssl by [3].

Instead of fixing one by one each issues, update to the latest release
that include lua-openssl 0.9.0-0. Luvi v2.15.0 still have some GCC 14.x
issues, backport two additional patches.

Download luvi sources using git method since the release archive
no longer include the release version in its name [4].

Luvi switched to PCRE2 [5], update the optional dependency.

Update TestLuvi to select PCR2 package.

Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/11271124430 (TestLuvi)

[1] bfeedbe8c0
[2] e5b5420cc5
[3] cfcaa16d1a
[4] https://github.com/luvit/luvi/releases/download/v2.15.0/luvi-source.tar.gz
[5] https://github.com/luvit/luvi/releases/tag/v2.15.0

Signed-off-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 00317f0aff)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-09-18 10:48:22 +02:00
Peter Korsgaard
de58e2ebee package/pcre2: security bump to version 10.46 
Fixes the following security issue:

- CVE-2025-58050: PCRE2: heap-buffer-overflow read in match_ref due to
  missing boundary restoration in SCS

Compared to 10.45, this release has only a minimal code change to prevent a
read-past-the-end memory error, of arbitrary length.  An attacker-controlled
regex pattern is required, and it cannot be triggered by providing crafted
subject (match) text.  The (*ACCEPT) and (*scs:) pattern features must be
used together.

Release 10.44 and earlier are not affected.

https://github.com/PCRE2Project/pcre2/security/advisories/GHSA-c2gv-xgf5-5cc2
https://www.cve.org/CVERecord?id=CVE-2025-58050

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
[Julien: add link to CVE in commit log]
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 9fd06f212a)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-09-18 10:43:35 +02:00
Bernd Kuhls
dd46a24e70 package/samba4: bump version to 4.22.4 
Release notes:
https://www.samba.org/samba/history/samba-4.22.4.html

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 96601a650d)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-09-18 10:42:49 +02:00
Romain Naour
112da41bed package/mariadb: workaround cmake < 3.30 check TRY_RUN issue 
The last mariadb version bump [1] added -DHAVE_SYSTEM_LIBFMT_EXITCODE=0
to workaround cross-compiling issue during libfmt cmake check.
But it actually requies at least cmake >= 3.30 to work.
Indeed, our docker image used by Gitlab-CI uses cmake 3.25.1 and
segfault while testing for libfmt.

  -- Performing Test HAVE_SYSTEM_LIBFMT
  /bin/bash: line 1: 163369 Segmentation fault

  $ cmake --version
  cmake version 3.25.1

Using the same TestPerlDBDmysql configuration locally with
cmake 3.30.8 installed build fine.

Looking at cmake cmTryRunCommand.cxx history from 3.30.x show that
several fixes about cross-compiling isses were applied to cmake 3.26.x
[2] probably solving the issue. Requires BR2_HOST_CMAKE_AT_LEAST_3_30
for now, since only cmake 3.30.8 installed locally was tested.

Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/11271124486 (TestPerlDBDmysql)
https://gitlab.com/buildroot.org/buildroot/-/jobs/11271124439 (TestMariaDB)

[1] 6cd8f95346 ("package/mariadb: bump version to 10.11.11")
[2] https://gitlab.kitware.com/cmake/cmake/-/commits/v3.30.9/Source/cmTryRunCommand.cxx?ref_type=tags

Signed-off-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit de9c0f971c)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-09-18 10:42:30 +02:00
Waldemar Brodkorb
376785362f package/xlib_xtrans: bump to 1.6.0 
xlib_xtrans clients (for example xserver_xorg-server) are failing to
compile with gcc 15.1.0.

The issue can be reproduced with the commands:

    cat >.config <<EOF
    BR2_aarch64=y
    BR2_TOOLCHAIN_EXTERNAL=y
    BR2_TOOLCHAIN_EXTERNAL_BOOTLIN=y
    BR2_PACKAGE_XORG7=y
    BR2_PACKAGE_XSERVER_XORG_SERVER=y
    EOF
    make olddefconfig
    make xserver_xorg-server

which outputs the compilation error:

auth.c: In function 'GenerateRandomData': auth.c:320:5: warning:
ignoring return value of 'read' declared with attribute
'warn_unused_result' [-Wunused-result]   320 |     read(fd, buf, len);
|     ^~~~~~~~~~~~~~~~~~ In file included from
/home/wbx/buildroot/output/host/x86_64-buildroot-linux-gnu/sysroot/usr/include/string.h:548,
from
/home/wbx/buildroot/output/host/x86_64-buildroot-linux-gnu/sysroot/usr/include/X11/Xos.h:62,
from
/home/wbx/buildroot/output/host/x86_64-buildroot-linux-gnu/sysroot/usr/include/X11/Xtrans/Xtrans.h:54,
from
/home/wbx/buildroot/output/host/x86_64-buildroot-linux-gnu/sysroot/usr/include/X11/Xtrans/Xtransint.h:79,
from
/home/wbx/buildroot/output/host/x86_64-buildroot-linux-gnu/sysroot/usr/include/X11/Xtrans/transport.c:55,
from xstrans.c:17: In function 'strncpy',     inlined from
'_XSERVTransGetHostname' at
/home/wbx/buildroot/output/host/x86_64-buildroot-linux-gnu/sysroot/usr/include/X11/Xtrans/Xtrans.c:1351:5,
inlined from '_XSERVTransConvertAddress' at
/home/wbx/buildroot/output/host/x86_64-buildroot-linux-gnu/sysroot/usr/include/X11/Xtrans/Xtransutil.c:188:12:
/home/wbx/buildroot/output/host/x86_64-buildroot-linux-gnu/sysroot/usr/include/bits/string_fortified.h:100:10:
error: '__builtin_strncpy' offset [130, 319] from the object at 'name'
is out of the bounds of referenced subobject 'nodename' with type
'char[65]' at offset 65 [-Werror=array-bounds=]   100 |   return
__builtin___strncpy_chk (__dest, __src, __len,       |
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~   101 |
__glibc_objsize (__dest));       |
~~~~~~~~~~~~~~~~~~~~~~~~~ In file included from
/home/wbx/buildroot/output/host/x86_64-buildroot-linux-gnu/sysroot/usr/include/X11/Xtrans/Xtransint.h:105:
/home/wbx/buildroot/output/host/x86_64-buildroot-linux-gnu/sysroot/usr/include/sys/utsname.h:
In function '_XSERVTransConvertAddress':
/home/wbx/buildroot/output/host/x86_64-buildroot-linux-gnu/sysroot/usr/include/sys/utsname.h:54:10:
note: subobject 'nodename' declared here    54 |     char
nodename[_UTSNAME_NODENAME_LENGTH];       |          ^~~~~~~~ cc1: some
warnings being treated as errors make[2]: *** [Makefile:696: xstrans.lo]
Error 1 make[2]: *** Waiting for unfinished jobs.... make[2]: Leaving
directory
'/home/wbx/buildroot/output/build/xserver_xorg-server-21.1.18/os'
make[1]: *** [Makefile:796: all-recursive] Error 1 make[1]: Leaving
directory '/home/wbx/buildroot/output/build/xserver_xorg-server-21.1.18'
make: *** [package/pkg-generic.mk:273:
/home/wbx/buildroot/output/build/xserver_xorg-server-21.1.18/.stamp_built]
Error 2

The update fixes the compile error.

See here for changes:
https://lists.x.org/archives/xorg/2025-March/061900.html

The COPYRIGHT was updated from 2005 to 2025.

Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
[Julien: add commands to reproduce the issue]
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 8c539854dd)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-09-18 10:42:12 +02:00
Angelo Compagnucci
02ba72ee84 package/htpdate: fix shellcheck SC1090 
Using /dev/null as file source because the package doesn't provide a default
systemv service configuration file.

Signed-off-by: Angelo Compagnucci <angelo.compagnucci@gmail.com>
[Julien: remove S43htpdate .checkpackageignore entry
  to fix check-package error
]
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 1f2b459b56)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-09-18 10:41:38 +02:00
Thomas Devoogdt
adaed18a7c package/fluent-bit: bump to 4.0.9 
News:
 - https://fluentbit.io/announcements/v4.0.4/
 - https://fluentbit.io/announcements/v4.0.5/
 - https://fluentbit.io/announcements/v4.0.6/
 - https://fluentbit.io/announcements/v4.0.7/
 - https://fluentbit.io/announcements/v4.0.8/
 - https://fluentbit.io/announcements/v4.0.9/

Fixes:
 - https://autobuild.buildroot.org/results/770/770e9106a0c92f02e0f699505e69b35ac0e6cd41/build-end.log

   /home/buildroot/instance-0/output-1/build/fluent-bit-4.0.3/plugins/out_cloudwatch_logs/cloudwatch_api.c:1540:66: error: implicit declaration of function 'strcasestr'; did you mean 'strcasecmp'? [-Wimplicit-function-declaration]

   Fix commit: https://github.com/fluent/fluent-bit/pull/10452

Signed-off-by: Thomas Devoogdt <thomas@devoogdt.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 39afca752d)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-09-18 10:41:04 +02:00
Viacheslav Bocharov
b2e212c91c package/rtl8822cs bump driver version to latest with support kernel 6.16 
- Update driver for kernel 6.16+
- Update repository link

Signed-off-by: Viacheslav Bocharov <adeep@lexina.in>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 718b6ff826)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-09-18 10:40:54 +02:00
Giulio Benetti
ded88f2810 package/xr819-xradio: bump to version 2025-08-08 
With this patch package builds with Linux up to version 6.16

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit c28daa7422)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-09-18 10:40:47 +02:00
Giulio Benetti
6890826a10 package/wilc-driver: fix build failure with Linux 6.16 
Add a local patch pending upstream to fix build failure with Linux 6.16

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit df7d287c81)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-09-18 10:40:39 +02:00
Giulio Benetti
49fd9c44bf package/rtl8821cu: fix build failure with Linux 6.16 
Add local patch pending upstream to fix build failure with Linux 6.16

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 7c5f7bf89f)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-09-18 10:40:30 +02:00
Giulio Benetti
3fde9b525b package/rtl8723ds: bump to 2025-09-08 version 
This version allows to build with Linux 6.16

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 09bc236707)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-09-18 10:40:21 +02:00
Giulio Benetti
a788bace25 package/rtl8723bu: bump to 2025-09-08 version 
This version allows to build with Linux 6.16

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit a89c248f79)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-09-18 10:40:14 +02:00
Bernd Kuhls
2672939650 package/libcurl: security bump version to 8.16.0 
Changelog: https://curl.se/ch/8.16.0.html

Fixed CVEs:
CVE-2025-9086: https://curl.se/docs/CVE-2025-9086.html
CVE-2025-10148: https://curl.se/docs/CVE-2025-10148.html

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit fb5fb06ee5)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-09-18 10:39:54 +02:00
Bernd Kuhls
5e23b2a785 package/kodi: Fix build with curl 8.16.0 
curl 8.16.0 bumped the enums to long, see
https://github.com/curl/curl/pull/18054

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 3ed6c8e727)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-09-18 10:36:16 +02:00
Peter Korsgaard
5491014782 package/fatcat: add upstream patch to fix CMake 4 compatibility 
Add upstream patch fixing cmake 4 compatibility:

CMake Error at CMakeLists.txt:1 (cmake_minimum_required):
  Compatibility with CMake < 3.5 has been removed from CMake.

Fixes:

 https://autobuild.buildroot.org/results/548e662429e7cf91bd48e447345374c6734f1de7/

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 013565ecfc)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-09-18 10:35:28 +02:00
Titouan Christophe
ee07983cc2 package/python-django: security bump to v5.2.6 
See the release notes:
- https://docs.djangoproject.com/en/5.2/releases/5.2.6/
- https://docs.djangoproject.com/en/5.2/releases/5.2.5/

This fixes the following vulnerability:
- CVE-2025-57833:
    An issue was discovered in Django 4.2 before 4.2.24, 5.1 before
    5.1.12, and 5.2 before 5.2.6. FilteredRelation is subject to SQL
    injection in column aliases, using a suitably crafted dictionary, with
    dictionary expansion, as the **kwargs passed QuerySet.annotate() or
    QuerySet.alias().
    https://www.cve.org/CVERecord?id=CVE-2025-57833

Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit a0797adf40)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-09-18 10:34:45 +02:00
Victor Krawiec
5ebf95bfa3 package/llvm-project/lld: fix broken symlink in SDK 
The symlink bin/lld -> $(GNU_TARGET_NAME)/bin/lld is broken inside a
SDK containing host-lld package. The symlink still points to the
location of lld inside the build's host folder instead of the location
of lld inside the SDK. In consequence GCC is not able to find lld
linker. Changing the symlink to be relative during host-lld
installation fixes the problem.

Signed-off-by: Victor Krawiec <victor.krawiec@arturia.com>
Signed-off-by: Romain Naour <romain.naour@smile.fr>
(cherry picked from commit 289dd6bd76)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-09-18 10:31:30 +02:00
Fiona Klute (WIWA)
d142844ce3 package/docker-engine: depend on cgroup v2 and kernel >=5.2 without systemd 
Without systemd package/docker-engine requires another way to mount
/sys/fs/cgroup, so far provided by BR2_PACKAGE_CGROUPFS_MOUNT for
cgroup v1. Replace this with BR2_PACKAGE_CGROUPFS_V2_MOUNT for cgroup
v2 support. 5.2 is the minimum recommended version for cgroup v2
support according to the Docker documentation: "v4.15 or later (v5.2
or later is recommended)" [1].

Depending on the selected container runtime users may need to adjust
kernel configurations to enable options required by that runtime with
cgroup v2 (e.g. CONFIG_CGROUP_BPF for runc).

Propagate dependencies accordingly: The Docker btrfs filesystem driver
does not need a separate and lower minimum headers version,
package/mender-update-modules needs to apply the new "depends on".

[1] https://docs.docker.com/engine/containers/runmetrics/#running-docker-on-cgroup-v2

Signed-off-by: Fiona Klute (WIWA) <fiona.klute@gmx.de>
Signed-off-by: Romain Naour <romain.naour@smile.fr>
(cherry picked from commit b07b0bb456)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-09-18 10:30:57 +02:00
Fiona Klute (WIWA)
eb399a6825 support/testing/tests/package/test_docker_compose.py: update kernel & VM CPU 
Since commit 947dbc92a2 the Bootlin
stable toolchain uses headers 5.4, which can lead to build outputs
incompatible with older kernels. Update to the latest 5.4 kernel to
avoid this. The kernel config is updated according to the requirements
of current Docker, runc, and crun.

Additionally switch the CPU of the test VM to Haswell, to avoid
dockerd failing to start with a "This program can only be run on AMD64
processors with v3 microarchitecture support" error.

Signed-off-by: Fiona Klute (WIWA) <fiona.klute@gmx.de>
Signed-off-by: Romain Naour <romain.naour@smile.fr>
(cherry picked from commit efe00fb3fb)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-09-18 10:25:11 +02:00
Alexis Lothoré
e11497dacb package/php-lua: fix build with lua < 5.2 
php-lua fails to build in buildroot 2025.08-rc3 on the following error:

in file included from [...]/usr/include/php/Zend/zend.h:32,
                 from [...]/usr/include/php/main/php.h:31,
                 from [...]/build/php-lua-2.0.7/lua.c:24:
[...]/build/php-lua-2.0.7/lua.c: In function ‘php_lua_write_property’:
[...]/build/php-lua-2.0.7/lua.c:247:37:
error: ‘val’ undeclared (first use in this function); did you mean
‘zval’?
  247 |         lua_pushlstring(L, ZSTR_VAL(val), ZSTR_LEN(val));
      |                                     ^~~
[...]/usr/include/php/Zend/zend_string.h:66:26:
note: in definition of macro ‘ZSTR_VAL’
   66 | #define ZSTR_VAL(zstr)  (zstr)->val
      |                          ^~~~
[...]/build/php-lua-2.0.7/lua.c:247:37:
note: each undeclared identifier is reported only once for each function
it appears in
  247 |         lua_pushlstring(L, ZSTR_VAL(val), ZSTR_LEN(val));
      |                                     ^~~
[...]/usr/include/php/Zend/zend_string.h:66:26:
note: in definition of macro ‘ZSTR_VAL’
   66 | #define ZSTR_VAL(zstr)  (zstr)->val
      |                          ^~~~
make[2]: *** [Makefile:214: lua.lo] Error 1

The issue triggers only if lua interpreter version is lower than 5.2. In
this case,  php_lua_write_property calls ZSTR_VAL on the wrong variable.

Fix php-lua build by calling ZSTR_VAL on the correct variable.

Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/11271124501 (TestPhpLuaLuajit)

Suggested-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Alexis Lothoré <alexis.lothore@bootlin.com>
[Romain: add link to failing TestPhpLuaLuajit]
Signed-off-by: Romain Naour <romain.naour@smile.fr>
(cherry picked from commit a1daf153bf)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-09-18 10:22:13 +02:00
Bryan Brattlof
7129e735be boot/ti-k3-boot-firmware: switch to github mirror 
The git.ti.com cgit server continues to be plagued with reliability
issues which are reportedly from heavy bot traffic. To combat this the
system administrators have removed the archived downloads feature from
this server.

Switch to TI's Github mirror so new downloads continue to be possible.

Signed-off-by: Bryan Brattlof <bb@ti.com>
Signed-off-by: Romain Naour <romain.naour@smile.fr>
(cherry picked from commit ebf0131e3e)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
 2025-09-18 10:19:03 +02:00
Titouan Christophe
88c3dac5dd {linux, linux-headers}: bump 6.16.x, 6.12.x, 6.6.x, 6.1.x, 5.15.x, 5.10.x, 5.4.x series 
Update the latest kernel releases to:
 - 6.16.5 -> 6.16.7
 - 6.12.45 -> 6.12.47
 - 6.6.104 -> 6.6.106
 - 6.1.150 -> 6.1.152
 - 5.15.191 -> 5.15.193
 - 5.10.242 -> 5.10.244
 - 5.4.298 -> 5.4.299

Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
 2025-09-17 16:26:12 +02:00
4270 changed files with 39734 additions and 35857 deletions
Expand all files Collapse all files

177
.checkpackageignore
View File

@@ -1,10 +1,13 @@
board/amarula/vyasa/post-build.sh Shellcheck
board/andes/ae350/patches/uboot/0001-mmc-ftsdc010_mci-Support-DTS-of-ftsdc010-driver-for-.patch lib_patch.Upstream
board/andes/ae350/patches/uboot/0002-spl-Align-device-tree-blob-address-at-8-byte-boundar.patch lib_patch.Upstream
board/arcturus/aarch64-ucls1012a/post-build.sh Shellcheck
board/arcturus/aarch64-ucls1012a/post-image.sh Shellcheck
board/aspeed/common/post-image.sh Shellcheck
board/asus/tinker/post-build.sh Shellcheck
board/atmel/flasher.sh Shellcheck
board/beagleboard/beaglebone-qt5/patches/linux/0001-keep-jtag-clock-alive-for-debugger.patch lib_patch.Upstream
board/beagleboard/beaglebone/post-build.sh Shellcheck
board/boundarydevices/common/post-build.sh Shellcheck
board/boundarydevices/common/post-image.sh Shellcheck
board/broadcom/northstar/post-image.sh Shellcheck
@@ -32,6 +35,9 @@ board/octavo/osd32mp1-brk/patches/uboot/0001-Add-OSD32MP1-BRK-device-tree-suppor
board/octavo/osd32mp1-brk/patches/uboot/0002-Add-OSD32MP1-BRK-build-config.patch lib_patch.NumberedSubject lib_patch.Upstream
board/octavo/osd32mp1-red/patches/uboot/0001-Add-OSD32MP1-RED-Device-Tree-support.patch lib_patch.NumberedSubject lib_patch.Upstream
board/octavo/osd32mp1-red/patches/uboot/0002-configs-stm32mp15_trusted_defconfig-disable-environm.patch lib_patch.NumberedSubject lib_patch.Upstream
board/olimex/a13_olinuxino/post-build.sh Shellcheck
board/olimex/a20_olinuxino/post-build.sh Shellcheck
board/olimex/a33_olinuxino/post-build.sh Shellcheck
board/olpc/post-build.sh Shellcheck
board/orangepi/common/post-build.sh Shellcheck
board/orangepi/orangepi-zero/patches/linux/0001-ARM-dts-orange-pi-zero-interrupt-triggering-xr819.patch lib_patch.Upstream
@@ -71,9 +77,13 @@ boot/syslinux/0014-Fix-build-with-binutils-note-gnu-property-section.patch lib_p
boot/syslinux/0016-Workaround-multiple-definition-of-symbol-errors.patch lib_patch.Upstream
boot/syslinux/0017-Replace-builtin-strlen-that-appears-to-get-optimized.patch lib_patch.Upstream
configs/am574x_idk_defconfig lib_defconfig.ForceCheckHash
configs/andes_ae350_45_defconfig lib_defconfig.ForceCheckHash
configs/arcturus_ucls1012a_defconfig lib_defconfig.ForceCheckHash
configs/arcturus_ucp1020_defconfig lib_defconfig.ForceCheckHash
configs/aspeed_ast2500evb_defconfig lib_defconfig.ForceCheckHash
configs/aspeed_ast2600evb_defconfig lib_defconfig.ForceCheckHash
configs/asus_tinker-s_rk3288_defconfig lib_defconfig.ForceCheckHash
configs/asus_tinker_rk3288_defconfig lib_defconfig.ForceCheckHash
configs/atmel_sama5d27_som1_ek_mmc_dev_defconfig lib_defconfig.ForceCheckHash
configs/atmel_sama5d2_xplained_mmc_defconfig lib_defconfig.ForceCheckHash
configs/atmel_sama5d2_xplained_mmc_dev_defconfig lib_defconfig.ForceCheckHash
@@ -87,6 +97,8 @@ configs/atmel_sama5d4_xplained_mmc_defconfig lib_defconfig.ForceCheckHash
configs/atmel_sama5d4_xplained_mmc_dev_defconfig lib_defconfig.ForceCheckHash
configs/avenger96_defconfig lib_defconfig.ForceCheckHash
configs/avnet_rzboard_v2l_defconfig lib_defconfig.ForceCheckHash
configs/bananapi_m2_berry_defconfig lib_defconfig.ForceCheckHash
configs/bananapi_m2_ultra_defconfig lib_defconfig.ForceCheckHash
configs/bananapi_m2_zero_defconfig lib_defconfig.ForceCheckHash
configs/broadcom_northstar_defconfig lib_defconfig.ForceCheckHash
configs/canaan_kd233_defconfig lib_defconfig.ForceCheckHash
@@ -94,6 +106,7 @@ configs/ci20_defconfig lib_defconfig.ForceCheckHash
configs/freescale_p1025twr_defconfig lib_defconfig.ForceCheckHash
configs/freescale_t1040d4rdb_defconfig lib_defconfig.ForceCheckHash
configs/freescale_t2080_qds_rdb_defconfig lib_defconfig.ForceCheckHash
configs/friendlyarm_nanopi_r2s_defconfig lib_defconfig.ForceCheckHash
configs/globalscale_espressobin_defconfig lib_defconfig.ForceCheckHash
configs/imx23evk_defconfig lib_defconfig.ForceCheckHash
configs/imx6-sabreauto_defconfig lib_defconfig.ForceCheckHash
@@ -102,11 +115,15 @@ configs/imx6-sabresd_qt5_defconfig lib_defconfig.ForceCheckHash
configs/imx6slevk_defconfig lib_defconfig.ForceCheckHash
configs/imx6sx-sdb_defconfig lib_defconfig.ForceCheckHash
configs/imx6ulevk_defconfig lib_defconfig.ForceCheckHash
configs/imx6ullevk_defconfig lib_defconfig.ForceCheckHash
configs/imx6ulpico_defconfig lib_defconfig.ForceCheckHash
configs/imx7dpico_defconfig lib_defconfig.ForceCheckHash
configs/imx8mqevk_defconfig lib_defconfig.ForceCheckHash
configs/imxrt1050-evk_defconfig lib_defconfig.ForceCheckHash
configs/khadas_vim3_defconfig lib_defconfig.ForceCheckHash
configs/kontron_bl_imx8mm_defconfig lib_defconfig.ForceCheckHash
configs/kontron_smarc_sal28_defconfig lib_defconfig.ForceCheckHash
configs/mangopi_mq1rdw2_defconfig lib_defconfig.ForceCheckHash
configs/mender_x86_64_efi_defconfig lib_defconfig.ForceCheckHash
configs/microchip_sam9x60ek_mmc_defconfig lib_defconfig.ForceCheckHash
configs/microchip_sam9x60ek_mmc_dev_defconfig lib_defconfig.ForceCheckHash
@@ -128,12 +145,20 @@ configs/nitrogen8mm_defconfig lib_defconfig.ForceCheckHash
configs/nitrogen8mn_defconfig lib_defconfig.ForceCheckHash
configs/nitrogen8mp_defconfig lib_defconfig.ForceCheckHash
configs/odroidc2_defconfig lib_defconfig.ForceCheckHash
configs/olimex_a10_olinuxino_lime_defconfig lib_defconfig.ForceCheckHash
configs/olimex_a13_olinuxino_defconfig lib_defconfig.ForceCheckHash
configs/olimex_a20_olinuxino_micro_defconfig lib_defconfig.ForceCheckHash
configs/olimex_a33_olinuxino_defconfig lib_defconfig.ForceCheckHash
configs/olimex_a64_olinuxino_defconfig lib_defconfig.ForceCheckHash
configs/olpc_xo175_defconfig lib_defconfig.ForceCheckHash
configs/olpc_xo1_defconfig lib_defconfig.ForceCheckHash
configs/orangepi_pc2_defconfig lib_defconfig.ForceCheckHash
configs/orangepi_zero_plus_defconfig lib_defconfig.ForceCheckHash
configs/pc_x86_64_bios_defconfig lib_defconfig.ForceCheckHash
configs/pc_x86_64_efi_defconfig lib_defconfig.ForceCheckHash
configs/pine64_defconfig lib_defconfig.ForceCheckHash
configs/pine64_pinecube_defconfig lib_defconfig.ForceCheckHash
configs/pine64_star64_defconfig lib_defconfig.ForceCheckHash
configs/s6lx9_microboard_defconfig lib_defconfig.ForceCheckHash
configs/sipeed_lichee_rv_defconfig lib_defconfig.ForceCheckHash
configs/sipeed_lichee_rv_dock_defconfig lib_defconfig.ForceCheckHash
@@ -161,6 +186,7 @@ configs/uevm5432_defconfig lib_defconfig.ForceCheckHash
configs/visionfive_defconfig lib_defconfig.ForceCheckHash
configs/wandboard_defconfig lib_defconfig.ForceCheckHash
configs/warp7_defconfig lib_defconfig.ForceCheckHash
linux/5.10.162-cip24-rt10/0001-arch-microblaze-mm-init.c-fix-build.patch lib_patch.Upstream
package/18xx-ti-utils/0001-plt.h-fix-build-with-gcc-10.patch lib_patch.Upstream
package/4th/0001-avoid-regen-during-install.patch lib_patch.Upstream
package/acl/0001-Build-with-old-GCC-versions.patch lib_patch.Upstream
@@ -169,6 +195,11 @@ package/alchemy/0001-toolchains-remove-hash-style-management.patch lib_patch.Ups
package/alsamixergui/0001-misc-fixes.patch lib_patch.Sob lib_patch.Upstream
package/alsamixergui/0002-configure-fix-detection-of-fltk-libs.patch lib_patch.Upstream
package/am335x-pru-package/0001-install-does-not-build.patch lib_patch.Upstream
package/am33x-cm3/0001-fix-makefile.patch lib_patch.Upstream
package/am33x-cm3/0002-Makefile-unconditionally-disable-SSP.patch lib_patch.Upstream
package/am33x-cm3/0003-Makefile-unconditionally-disable-PIE.patch lib_patch.Upstream
package/am33x-cm3/0004-Makefile-add-fno-builtin.patch lib_patch.Upstream
package/am33x-cm3/S93-am335x-pm-firmware-load lib_sysv.Variables
package/android-tools/0001-Fix-makefiles-for-out-of-tree-build.patch lib_patch.Upstream
package/android-tools/0002-Fix-adbd-for-non-Ubuntu-systems.patch lib_patch.Upstream
package/android-tools/0004-Fix-build-issue-with-musl.patch lib_patch.Upstream
@@ -180,6 +211,9 @@ package/android-tools/0009-Fix-makefiles-for-out-of-tree-ext4_utils-build.patch
package/android-tools/0010-adb-added-patch-for-openssl-1.1.0-compatibility.patch lib_patch.Upstream
package/aoetools/0001-Change-shell-script-interpreter-from-bin-bash-to-bin.patch lib_patch.Upstream
package/apache/0001-cross-compile.patch lib_patch.Upstream
package/apache/S50apache Shellcheck lib_sysv.Indent lib_sysv.Variables
package/apitrace/0001-thirdparty-libbacktrace-backtrace-h-include-config.h.patch lib_patch.Upstream
package/apitrace/0002-gltrace-Avoid-__libc_dlsym-and-__libc_dlopen_mode-on-GLIBC-2-34.patch lib_patch.Upstream
package/apr-util/0001-remove-checkapr.patch lib_patch.Upstream
package/apr/0001-sys-param-h.patch lib_patch.Upstream
package/apr/0002-Revert-Backport-r1872164.-Fix-the-name-of-libtool-wh.patch lib_patch.Upstream
@@ -193,17 +227,25 @@ package/asterisk/0004-install-samples-need-the-data-files.patch lib_patch.Upstre
package/at/0001-Makefile.in-fix-make-install-for-non-root-don-t-stri.patch lib_patch.Upstream
package/at/S99at lib_sysv.Indent lib_sysv.Variables
package/attr/0001-build-with-older-GCCs.patch lib_patch.Upstream
package/aufs-util/0001-remove-user-settings.patch lib_patch.Upstream
package/aufs-util/0002-no-check-ver.patch lib_patch.Upstream
package/aufs-util/0003-no-strip-lib.patch lib_patch.Upstream
package/aumix/0001-fix-incorrect-makefile-am.patch lib_patch.Upstream
package/autoconf/0001-dont-add-dirty-to-version.patch lib_patch.Upstream
package/automake/0001-noman.patch lib_patch.Upstream
package/avahi/0001-Fix-NULL-pointer-crashes-from-175.patch lib_patch.Upstream
package/avahi/S05avahi-setup.sh lib_sysv.Indent lib_sysv.Variables
package/avahi/S50avahi-daemon lib_sysv.Indent lib_sysv.Variables
package/babeld/S50babeld Shellcheck lib_sysv.Indent lib_sysv.Variables
package/babeltrace2/0001-configure-simplify-warning-flags-detection.patch lib_patch.Upstream
package/bash/0001-input.h-add-missing-include-on-stdio.h.patch lib_patch.Upstream
package/bash/0002-parse.y-fix-compilation-for-non-multibyte-builds.patch lib_patch.Upstream
package/bc/0001-bc-use-MAKEINFO-variable-for-docs.patch lib_patch.Upstream
package/bc/0002-notice-read-and-write-errors-on-input-and-output.patch lib_patch.Upstream
package/bc/0003-dc-fix-exit-code-of-q-command.patch lib_patch.Upstream
package/bc/0004-no-gen-libmath.patch lib_patch.Upstream
package/bcache-tools/0001-Don-t-inline-crc64-for-gcc-5-compatability.patch lib_patch.Upstream
package/bctoolbox/0001-Fix-Libs.private-flags-for-mbedtls.patch lib_patch.Upstream
package/bcusdk/0002-eibd-fix-endless-recursion-when-using-USB-backends.patch lib_patch.Upstream
package/bearssl/0001-Fix-missing-objdir-dependency.patch lib_patch.Upstream
package/benejson/0001-c-std.patch lib_patch.Upstream
@@ -245,10 +287,12 @@ package/cgroupfs-mount/S30cgroupfs Shellcheck lib_sysv.Indent lib_sysv.Variables
package/chipmunk/0001-Fix-build-failure-on-musl.patch lib_patch.Upstream
package/chrony/S49chronyd lib_sysv.Variables
package/cmake/0001-rename-cmake-rootfile.patch lib_patch.Upstream
package/cmocka/0001-Don-t-redefine-uintptr_t.patch lib_patch.Upstream
package/collectd/0001-src-netlink.c-remove-REG_NOERROR.patch lib_patch.Upstream
package/connman/S45connman lib_sysv.Variables
package/copas/0001-Do-not-load-coxpcall-for-LuaJIT.patch lib_patch.Upstream
package/coremark-pro/coremark-pro.sh.in Shellcheck
package/cppdb/0001-mysql-library-suffix.patch lib_patch.Upstream
package/cpulimit/0001-Fix-crash-and-compiler-warnings.patch lib_patch.Upstream
package/cpulimit/0002-Remove-sys-sysctl.h-and-add-missing-libgen.h-include.patch lib_patch.Upstream
package/cpulimit/0003-Fix-an-infrequent-crash.patch lib_patch.Upstream
@@ -265,6 +309,7 @@ package/curlftpfs/0001-fix-CURLOPT_INFILESIZE.patch lib_patch.Sob lib_patch.Upst
package/curlftpfs/0002-free_ftpfs_file-memleak-fix.patch lib_patch.Sob lib_patch.Upstream
package/curlftpfs/0003-nocache-memleak-fix.patch lib_patch.Sob lib_patch.Upstream
package/curlftpfs/0004-fix-musl-build-off-t.patch lib_patch.Upstream
package/cutelyst/0001-server-CMakeLists.txt-don-t-override-CMAKE_EXE_LINKE.patch lib_patch.Upstream
package/cwiid/0001-wmdemo-fix-linking-by-adding-the-missing-lbluetooth-.patch lib_patch.Upstream
package/cwiid/0002-configure-make-wmgui-build-optional.patch lib_patch.Upstream
package/dahdi-tools/0001-no-build-docs.patch lib_patch.Upstream
@@ -279,6 +324,7 @@ package/davfs2/0001-src-Makefile.am-do-not-hardcode-fstack-protector-str.patch l
package/dbus-cpp/0001-gcc4.7.patch lib_patch.Upstream
package/dbus-cpp/0002-cross-compile-tools.patch lib_patch.Upstream
package/dbus-cpp/0003-src-pipe.c-fix-build-error-with-gcc-7.x.patch lib_patch.Upstream
package/dbus/S30dbus Shellcheck lib_sysv.Indent lib_sysv.TrailingSpace lib_sysv.Variables
package/dc3dd/0001-no_man.patch lib_patch.Upstream
package/dc3dd/0002-fix-autoreconf.patch lib_patch.Upstream
package/dc3dd/0003-fix-for-glibc-2.28.patch lib_patch.Upstream
@@ -288,10 +334,15 @@ package/dhcp/S80dhcp-relay Shellcheck lib_sysv.Variables
package/dhcp/S80dhcp-server Shellcheck lib_sysv.Variables
package/dhcp/dhclient-script Shellcheck lib_shellscript.TrailingSpace
package/dhcpcd/S41dhcpcd lib_sysv.Indent lib_sysv.Variables
package/dillo/0001-usr-local-include.patch lib_patch.Upstream
package/dillo/0002-Fix-openssl-detection.patch lib_patch.Upstream
package/dillo/0004-fix-build-with-gcc-10.patch lib_patch.Upstream
package/dmalloc/0001-configure-fix-build-on-mips.patch lib_patch.Upstream
package/dmalloc/0003-configure-allow-overriding-some-tests.patch lib_patch.Upstream
package/dmalloc/0004-Makefile-use-the-configure-detected-or-user-supplied.patch lib_patch.Upstream
package/dmalloc/0005-configure-use-LD-instead-of-hard-coding-ld.patch lib_patch.Upstream
package/dmraid/0001-fix-compilation-under-musl.patch lib_patch.Upstream
package/dmraid/S20dmraid lib_sysv.Variables
package/docopt-cpp/0001-only-build-one-target-use-BUILD_SHARED_LIBS-where-appropriate.patch lib_patch.Upstream
package/domoticz/S99domoticz Shellcheck
package/dovecot/0001-auth-Fix-handling-passdbs-with-identical-driver-args.patch lib_patch.Upstream
@@ -303,12 +354,18 @@ package/dt/0002-dt-default-source-define.patch lib_patch.Upstream
package/dtc/0001-Fix-include-guards-for-older-kernel-u-boot-sources.patch lib_patch.Upstream
package/dvblast/0001-missing-lm.patch lib_patch.Upstream
package/dvblast/0002-fix-int-types.patch lib_patch.Upstream
package/dvbsnoop/0001-musl-types-h.patch lib_patch.Upstream
package/dvdrw-tools/0001-limits.h.patch lib_patch.Upstream
package/dvdrw-tools/0002-Include-sysmacros.h-to-compile-with-newer-gcc.patch lib_patch.Upstream
package/earlyoom/0001-main.c-fix-build-with-kernel-4.3.patch lib_patch.Upstream
package/earlyoom/S02earlyoom Shellcheck lib_sysv.Indent
package/ebtables/0001-replace-ebtables-save-perl-script-with-bash.patch lib_patch.Upstream
package/ecryptfs-utils/0001-musl.patch lib_patch.Upstream
package/ecryptfs-utils/0002-openssl110.patch lib_patch.Upstream
package/ecryptfs-utils/0003-fix-parallel-build-issue.patch lib_patch.Upstream
package/efl/0001-ecore_evas-engines-drm-meson.build-use-gl_deps-as-en.patch lib_patch.Upstream
package/efl/0002-ecore_evas-engines-drm-meson.build-fix-gl_drm-includ.patch lib_patch.Upstream
package/efl/0003-ecore_fb-fix-build-with-tslib.patch lib_patch.Upstream
package/eigen/0001-Adds-new-CMake-Options-for-controlling-build-compone.patch lib_patch.Upstream
package/elftosb/0001-fixes-includes.patch lib_patch.Upstream
package/elftosb/0002-force-cxx-compiler.patch lib_patch.Upstream
@@ -325,6 +382,8 @@ package/exim/0001-Build-buildconfig-for-the-host.patch lib_patch.Upstream
package/exim/0002-Don-t-make-backup-copies-of-installed-files.patch lib_patch.Upstream
package/exim/0003-Skip-version-check-and-symlink-installation.patch lib_patch.Upstream
package/exim/S86exim lib_sysv.Indent lib_sysv.Variables
package/expect/0001-enable-cross-compilation.patch lib_patch.Upstream
package/expect/0002-allow-tcl-build-directory.patch lib_patch.Upstream
package/fail2ban/S60fail2ban Shellcheck lib_sysv.Variables
package/fakedate/fakedate Shellcheck
package/falcosecurity-libs/0001-cmake-Permit-setting-GRPC_CPP_PLUGIN.patch lib_patch.Upstream
@@ -369,6 +428,7 @@ package/gcc/8.4.0/0001-xtensa-fix-PR-target-91880.patch lib_patch.Upstream
package/gcc/8.4.0/0002-Revert-re-PR-target-92095-internal-error-with-O1-mcp.patch lib_patch.Upstream
package/gcc/8.4.0/0003-libsanitizer-Remove-cyclades-from-libsanitizer.patch lib_patch.Upstream
package/gcc/8.4.0/0004-disable-split-stack-for-non-thread-builds.patch lib_patch.Upstream
package/gcr/0001-meson-Fix-unknown-kw-argument-in-gnome.generate_gir.patch lib_patch.Upstream
package/gdb/14.2/0001-ppc-ptrace-Define-pt_regs-uapi_pt_regs-on-GLIBC-syst.patch lib_patch.Upstream
package/gdb/14.2/0002-sh-ptrace-Define-pt_-dsp-regs-uapi_pt_-dsp-regs-on-G.patch lib_patch.Upstream
package/gdb/14.2/0003-use-asm-sgidefs.h.patch lib_patch.Upstream
@@ -410,9 +470,12 @@ package/gob2/0001-dont-include-from-prefix.patch lib_patch.Upstream
package/gobject-introspection/0001-Add-rpath-links-to-ccompiler.patch lib_patch.Upstream
package/gpsd/S50gpsd Shellcheck lib_sysv.Indent lib_sysv.Variables
package/gptfdisk/0001-gptcurses-partially-revert-Tweaks-for-building-on-th.patch lib_patch.Upstream
package/graphite2/0001-don-t-install-a-libtool-file-with-static-library.patch lib_patch.Upstream
package/grpc/0003-disable-unconditionally-downloading-api-repos.patch lib_patch.Upstream
package/gstreamer1/gstd/0001-Don-t-require-gstd-check-user-xenv.sh-for-systemd-se.patch lib_patch.Upstream
package/guile/0001-calculate-csqrt_manually.patch lib_patch.Upstream
package/guile/0002-Makefile.am-fix-build-without-makeinfo.patch lib_patch.Upstream
package/gumbo-parser/0001-configure.ac-fix-build-without-C.patch lib_patch.Upstream
package/gutenprint/0001-use-pregen-xmli18n-header.patch lib_patch.Upstream
package/gutenprint/0002-cups-support-replaces-static-with-static-libtool-lib.patch lib_patch.Upstream
package/harfbuzz/0001-meson.build-check-for-pthread.h.patch lib_patch.Upstream
@@ -428,8 +491,9 @@ package/ibrcommon/0001-ibrcommon-data-File.cpp-support-POSIX-basename-call.patch
package/ibrcommon/0002-ibrcommon-added-openssl-1.1-compatibility-264.patch lib_patch.Upstream
package/ibrcommon/0003-ibrcommon-ssl-gcm-fix-static-build-with-openssl.patch lib_patch.Upstream
package/icu/0001-dont-build-static-dynamic-twice.patch lib_patch.Upstream
package/icu/0002-link-icudata-as-data-only.patch lib_patch.Upstream
package/icu/0003-fix-static-linking-with-icu-uc.patch lib_patch.Upstream
package/icu/0002-workaround-toolchain-bugs.patch lib_patch.Upstream
package/icu/0003-link-icudata-as-data-only.patch lib_patch.Upstream
package/icu/0004-fix-static-linking-with-icu-uc.patch lib_patch.Upstream
package/ifmetric/0001-Fix-issue-NETLINK-Packet-too-small-or-truncated-92-1.patch lib_patch.Upstream
package/ifplugd/0001-cross.patch lib_patch.Sob lib_patch.Upstream
package/ifplugd/0002-fix-headers.patch lib_patch.Sob lib_patch.Upstream
@@ -467,6 +531,7 @@ package/irqbalance/S13irqbalance Shellcheck lib_sysv.Indent lib_sysv.Variables
package/irrlicht/0001-override-CPPFLAGS-CXXFLAGS-and-CFLAGS-in-Makefile.patch lib_patch.Upstream
package/irrlicht/0002-makefile-override-LDFLAGS-and-remove-obsolete-X11R6-.patch lib_patch.Upstream
package/iucode-tool/S00iucode-tool lib_sysv.Variables
package/iwd/S40iwd Shellcheck
package/janus-gateway/0001-disable-ssp.patch lib_patch.Upstream
package/kexec-lite/0001-clean-restart.patch lib_patch.Upstream
package/keyutils/0001-fix-install-rule.patch lib_patch.Upstream
@@ -478,6 +543,7 @@ package/lcdproc/0001-LCDd.conf.patch lib_patch.Upstream
package/lcdproc/0002-Add-missing-ioctl-header.patch lib_patch.Upstream
package/lcdproc/0003-Fixcompilation-with-GCC-10-x.patch lib_patch.Upstream
package/leafnode2/0001-cross_makefile.patch lib_patch.Upstream
package/let-me-create/0001-fix-build-with-musl-C-library.patch lib_patch.Upstream
package/leveldb/0001-Fix-compilation-with-g-4.8.2.patch lib_patch.Upstream
package/leveldb/0002-CMake-install-libmemenv.a.patch lib_patch.Upstream
package/leveldb/0003-CMakeLists.txt-check-for-atomic-library.patch lib_patch.Upstream
@@ -491,7 +557,11 @@ package/libavl/0001-fix-makefile.patch lib_patch.Upstream
package/libb64/0001-Integer-overflows.patch lib_patch.Upstream
package/libb64/0002-Initialize-C++-objects.patch lib_patch.Upstream
package/libcdaudio/0001-libcdaudio-enable-autoreconf.patch lib_patch.Upstream
package/libcgi/0001-CMakeLists.txt-honour-BUILD_TESTING.patch lib_patch.Upstream
package/libcgicc/0001-disable-documentation-option.patch lib_patch.Sob lib_patch.Upstream
package/libconfuse/0001-Fix-163-unterminated-username-used-with-getpwnam.patch lib_patch.Upstream
package/libcorrect/0002-CMakeLists.txt-conditionally-use-fsanitize-address.patch lib_patch.Upstream
package/libcuefile/0001-fix-static-link.patch lib_patch.Upstream
package/libdaemon/0001-testd-use-unistd-h-instead-of-sys-unistd-h.patch lib_patch.Upstream
package/libdnet/0001-python-makefile.patch lib_patch.Upstream
package/libdrm/0001-tests-meson.build-disable-nouveau-tests-for-static-b.patch lib_patch.Upstream
@@ -501,6 +571,10 @@ package/libedit/0001-check-bsd-functions-in-libbsd.patch lib_patch.Upstream
package/libevent/0001-Don-t-define-BIO_get_init-for-LibreSSL-3-5.patch lib_patch.Upstream
package/libffi/0001-Fix-use-of-compact-eh-frames-on-MIPS.patch lib_patch.Upstream
package/libfm/0001-modules-fix-cross-compilation.patch lib_patch.Upstream
package/libfreeimage/0001-no-root-install.patch lib_patch.Upstream
package/libfreeimage/0002-fix-cpuid-x86.patch lib_patch.Upstream
package/libfreeimage/0003-fix-big-endian-os.patch lib_patch.Upstream
package/libfreeimage/0004-fixed-C-11-warnings.patch lib_patch.Upstream
package/libftdi/0001-pkgconfig_libusb.patch lib_patch.Sob lib_patch.Upstream
package/libftdi/0002-libftdi.pc-requires-libusb-fix-static-build.patch lib_patch.Sob lib_patch.Upstream
package/libfuse/0001-fix-aarch64-build.patch lib_patch.Upstream
@@ -508,8 +582,12 @@ package/libfuse/0002-util-ulockmgr_server-c-conditionally-define-closefrom-fix-g
package/libgcrypt/0001-configure.ac-add-an-option-to-disable-tests.patch lib_patch.Upstream
package/libgpiod/0001-build-add-a-configure-switch-for-building-examples.patch lib_patch.Upstream
package/libgsm/0001-Misc-fixes-from-Archlinux.patch lib_patch.Upstream
package/libgtk2/0001-reduce-dependencies.patch lib_patch.Upstream
package/libgtk3/0001-Remove-Gdk-dependency-from-gtk-encode-symbolic-svg.patch lib_patch.Upstream
package/libhdhomerun/0001-dont-strip.patch lib_patch.Upstream
package/libiio/S99iiod Shellcheck lib_sysv.Variables
package/libiqrf/0001-cmake-handle-static-library-and-find-required-thread.patch lib_patch.Upstream
package/libiqrf/0002-use-only-c-language.patch lib_patch.Upstream
package/libjson/0001-fix-broken-makefile.patch lib_patch.Upstream
package/libks/0001-CMakeLists.txt-honour-BUILD_TESTING.patch lib_patch.Upstream
package/liblinear/0001-build-static-lib.patch lib_patch.Upstream
@@ -531,6 +609,7 @@ package/libmpeg2/0003-fix-arm-detection.patch lib_patch.Upstream
package/libmpeg2/0004-fix-sparc.patch lib_patch.Upstream
package/libnetfilter_conntrack/0001-conntrack-fix-build-with-kernel-5-15-and-musl.patch lib_patch.Upstream
package/libnfc/0001-autotools-make-example-build-optional.patch lib_patch.Upstream
package/libnids/0001-libpcap-use-pkg-config.patch lib_patch.Upstream
package/libnss/0001-Bug-1801182-Allow-overriding-OS_ARCH-OS_TEST-and-OS_.patch lib_patch.Upstream
package/libodb-mysql/0001-fix-syntax-issue-while-checking-ldflags.patch lib_patch.Upstream
package/libodb-mysql/0002-mariadb-FTBFS-fix.patch lib_patch.Upstream
@@ -544,9 +623,11 @@ package/liboping/0005-src-oping.c-always-use-s-style-format-for-printf-sty.patch
package/libp11/0001-src-p11_attr.c-fix-build-with-gcc-4.8.patch lib_patch.Upstream
package/libpthsem/0001-fix-build-on-linux-3.x-host.patch lib_patch.Upstream
package/libressl/0001-always-expose-SSL_OP_NO_TLSv1_3.patch lib_patch.Upstream
package/libroxml/0001-src-roxml_mem.h-add-missing-extern.patch lib_patch.Upstream
package/librsvg/0001-gdk-pixbuf-loader-Makefile.am-set-GDK_PIXBUF_MODULED.patch lib_patch.Upstream
package/librtlsdr/0001-Makefile.am-respect-DESTDIR-with-install-udev-rules.patch lib_patch.Upstream
package/libselinux/0001-Do-not-use-PYCEXT-and-rely-on-the-installed-file-nam.patch lib_patch.Upstream
package/libsepol/0001-support-static-only.patch lib_patch.Upstream
package/libserial/0001-SerialPort.cpp-fix-build-when-size_t-is-an-unsigned-.patch lib_patch.Upstream
package/libserial/0002-SerialPort.cpp-don-t-use-high-baudrates-when-not-ava.patch lib_patch.Upstream
package/libshdata/0001-backend-Add-missing-include-files.patch lib_patch.Upstream
@@ -561,10 +642,14 @@ package/libsigrokdecode/0003-configure-ac-Use-python3-embed-pc-as-a-fallback.pat
package/libspatialindex/0001-allow-building-static-libs.patch lib_patch.Upstream
package/libspatialindex/0002-CMakeLists.txt-fix-CMAKE_BUILD_TYPE.patch lib_patch.Upstream
package/libsquish/0001-Makefile-add-f-option-for-ln-to-remove-existing-dest.patch lib_patch.Upstream
package/libsvg/0001-fix-expat-static-declaration.patch lib_patch.Upstream
package/libsvg/0002-Fix-undefined-symbol-png_set_gray_1_2_4_to_8.patch lib_patch.Upstream
package/libtalloc/0001-buildtools-wafsamba-add-disable-stack-protector-opti.patch lib_patch.Upstream
package/libtelnet/0001-fix-compilation-without-zlib.patch lib_patch.Upstream
package/libtheora/0001-link-libtheoradec.patch lib_patch.Upstream
package/libtomcrypt/0001-fix-CVE-2019-17362.patch lib_patch.Upstream
package/libtommath/0001-Build-test-bn_mp_set_double-c-on-more-platforms.patch lib_patch.Upstream
package/libtorrent/0001-libtorrent.pc.in-add-Libs.Private.patch lib_patch.Upstream
package/libubootenv/0001-src-CMakeLists.txt-do-not-force-the-build-of-a-share.patch lib_patch.Upstream
package/libuio/0001-configure.ac-set-automake-strictness-to-foreign.patch lib_patch.Upstream
package/liburcu/0001-Only-blacklist-ARM-gcc-4.8.0-and-4.8.1.patch lib_patch.Upstream
@@ -572,6 +657,9 @@ package/libvpx/0001-vpx_mem-vpx_mem.h-Fix-compilation-with-uClibc.patch lib_patc
package/libyuv/0001-i386-sse2.patch lib_patch.Upstream
package/lighttpd/0001-Modify-the-default-lighttpd-configuration-file-to-ha.patch lib_patch.Upstream
package/lighttpd/S50lighttpd Shellcheck lib_sysv.EmptyLastLine lib_sysv.Indent lib_sysv.Variables
package/linknx/0001-configure-ac-tweak-CPPUNIT-conditional.patch lib_patch.Upstream
package/linknx/0002-src-Makefile.am-fix-linking-with-log4cpp.patch lib_patch.Upstream
package/linphone/0001-src-core-paths-paths.cpp-fix-powerpc-build.patch lib_patch.Upstream
package/linux-zigbee/0001-test-serial-Remove-test-serial.patch lib_patch.Upstream
package/linux-zigbee/0002-addrdb-coord-config-parse.y-add-missing-time.h-inclu.patch lib_patch.Upstream
package/linuxptp/S65ptp4l Shellcheck lib_sysv.Indent
@@ -586,11 +674,14 @@ package/lm-sensors/0002-no-host-ldconfig.patch lib_patch.Upstream
package/lmbench/0001-scripts-build-use-bin-bash-as-shell.patch lib_patch.Upstream
package/lmbench/0002-src-Makefile-add-lmbench-to-list-of-executables.patch lib_patch.Upstream
package/lmbench/0003-TOO_LONG-100-usec-to-prevent-memsize-from-timingout-.patch lib_patch.Upstream
package/lmbench/0004-Fix-garbage-pointer-for-lat_rpc-S-localhost.patch lib_patch.Upstream
package/localedef/0002-relax-dependency-on-GCC-to-4.8-and-binutils-to-2.24.patch lib_patch.Upstream
package/lockdev/0001-Makefile-install-static-library-and-headers-separate.patch lib_patch.Upstream
package/lockfile-progs/0001-sus3v-legacy.patch lib_patch.Sob lib_patch.Upstream
package/lshw/0001-solve-Compile-error-when-g-version-is-less-than-5.patch lib_patch.Upstream
package/ltrace/0001-arm-plt.patch lib_patch.Upstream
package/ltrace/0002-sparc-add-missing-library.h-include.patch lib_patch.Upstream
package/ltrace/0003-configure.ac-fix-autoreconf-with-autoconf-2.70.patch lib_patch.Upstream
package/lttng-babeltrace/0001-tests-lib-Makefile.am-remove-unneeded-static-flag.patch lib_patch.Upstream
package/lttng-babeltrace/0002-configure.ac-fix-popt-static-build.patch lib_patch.Upstream
package/lttng-libust/0001-configure.ac-add-disable-tests.patch lib_patch.Upstream
@@ -625,6 +716,8 @@ package/matchbox-panel/0003-mb-applet-battery.patch lib_patch.Upstream
package/matchbox-startup-monitor/0001-true-false.patch lib_patch.Upstream
package/matchbox/0001-defaulttheme.patch lib_patch.Upstream
package/matchbox/0002-src-Fix-build-with-gcc-10.patch lib_patch.Upstream
package/mediastreamer/0001-src-videofilters-nowebcam.c-fix-build-without-ffmpeg.patch lib_patch.Upstream
package/mediastreamer/0002-Use-AV_INPUT_BUFFER_PADDING_SIZE-to-determine-paddin.patch lib_patch.Upstream
package/memstat/0001-PATH_MAX.patch lib_patch.Upstream
package/mender-connect/S43mender-connect Shellcheck
package/menu-cache/0001-Support-gcc10-compilation.patch lib_patch.Upstream
@@ -632,12 +725,17 @@ package/mesa3d-demos/0001-demos-makes-opengl-an-optional-component.patch lib_pat
package/meson-tools/0001-amlbootenc-gxl-remove-non-std-C-convention-in-for.patch lib_patch.Upstream
package/meson/0001-Prefer-ext-static-libs-when-default-library-static.patch lib_patch.Upstream
package/meson/0002-mesonbuild-dependencies-base.py-add-pkg_config_stati.patch lib_patch.Upstream
package/metacity/0001-add-libm-reference.patch lib_patch.Upstream
package/metacity/0002-gconf.patch lib_patch.Upstream
package/metacity/0003-mag-add-libm-reference.patch lib_patch.Upstream
package/mfgtools/0001-lnx_def.h-fix-conflicting-declaration-of-__time64_t.patch lib_patch.Upstream
package/mii-diag/0001-strchr.patch lib_patch.Sob lib_patch.Upstream
package/mini-snmpd/0001-linux.c-fix-musl-build.patch lib_patch.Upstream
package/minidlna/S60minidlnad Shellcheck lib_sysv.Indent lib_sysv.Variables
package/minissdpd/S50minissdpd Shellcheck lib_sysv.Indent lib_sysv.Variables
package/modem-manager/S44modem-manager Shellcheck lib_sysv.Variables
package/mongrel2/0001-Do-not-run-tests.patch lib_patch.Upstream
package/mongrel2/0002-Fix-Makefiles-for-cross-compilation.patch lib_patch.Upstream
package/monit/0001-Do-not-force-building-a-statically-linked-binary.patch lib_patch.Upstream
package/mono-gtksharp3/0001-Fixes-MONO_PROFILE_ENTER_LEAVE-undeclared.patch lib_patch.Upstream
package/mono-gtksharp3/0002-Mono-compilation-error-branch.patch lib_patch.Upstream
@@ -648,7 +746,13 @@ package/mpir/0001-mpn-arm-udiv.asm-workaround-binutils-bug-14887.patch lib_patch
package/mraa/0001-include-Declare-gVERSION-global-as-extern.patch lib_patch.Upstream
package/mrouted/S41mrouted NotExecutable
package/mrp/S65mrp lib_sysv.Indent lib_sysv.Variables
package/mstpd/0001-bridge-stp.in-support-different-versions-of-pidof-13.patch lib_patch.Upstream
package/multipath-tools/S60multipathd Shellcheck
package/musepack/0001-shared.patch lib_patch.Upstream
package/musepack/0002-cmake-use-the-standard-CMake-flag-to-drive-the-share.patch lib_patch.Upstream
package/musepack/0003-include-fpu-control-with-glibc-only.patch lib_patch.Upstream
package/musepack/0004-missing-sys-select.patch lib_patch.Upstream
package/musepack/0005-fix-build-with-gcc-10.patch lib_patch.Upstream
package/musl/0001-avoid-kernel-if_ether.h.patch lib_patch.Upstream
package/musl/0002-package-musl-Make-scheduler-functions-Linux-compatib.patch lib_patch.Upstream
package/nano/0001-lib-getrandom.c-fix-build-with-uclibc-1.0.35.patch lib_patch.Upstream
@@ -699,6 +803,7 @@ package/nuttcp/0001-susv3-legacy.patch lib_patch.Upstream
package/nvidia-driver/0001-use-LDFLAGS.patch lib_patch.Upstream
package/octave/0001-Fix-BLAS-library-integer-size-detection.patch lib_patch.Upstream
package/ofono/S46ofono lib_sysv.Variables
package/ola/0001-ola-fix-compilation-with-musl-1-2-3.patch lib_patch.Upstream
package/olsr/0001-olsrd-migrate-to-using-bison-3.7.1.patch lib_patch.Upstream
package/olsr/0002-lib-pud-Makefile-fix-parallel-build.patch lib_patch.Upstream
package/olsr/0003-pud-adapt-to-API-changes-in-gpsd-3-20.patch lib_patch.Upstream
@@ -707,8 +812,8 @@ package/olsr/0006-build-patch-for-gpsd-3-25.patch lib_patch.Upstream
package/olsr/S50olsr Shellcheck lib_sysv.Indent lib_sysv.Variables
package/open-plc-utils/0001-Remove-OWNER-and-GROUPS-parameters-to-install.patch lib_patch.Upstream
package/open2300/0001-fix-makefile.patch lib_patch.Upstream
package/openjdk/17.0.12+7/0001-Add-ARCv2-ISA-processors-support-to-Zero.patch lib_patch.Upstream
package/openjdk/21.0.4+7/0001-Add-ARCv2-ISA-processors-support-to-Zero.patch lib_patch.Upstream
package/openjdk/17.0.9+9/0001-Add-ARCv2-ISA-processors-support-to-Zero.patch lib_patch.Upstream
package/openjdk/21.0.1+12/0001-Add-ARCv2-ISA-processors-support-to-Zero.patch lib_patch.Upstream
package/openldap/0001-fix-bignum.patch lib_patch.Upstream
package/openldap/0002-disable-docs.patch lib_patch.Upstream
package/openntpd/S49ntp Shellcheck lib_sysv.Variables
@@ -716,6 +821,9 @@ package/openocd/0001-configure-enable-build-on-uclinux.patch lib_patch.Upstream
package/openpgm/0001-Rename-openpgm-5.2.pc.in.patch lib_patch.Upstream
package/openpgm/0002-openpgm-pgm-checksum.c-fix-build-with-32-bits-MMX.patch lib_patch.Upstream
package/openpgm/0003-fix-build-on-macOS-ARM.patch lib_patch.Upstream
package/openpowerlink/0001-install-the-stack-libraries-to-lib-subdirectory.patch lib_patch.Upstream
package/openpowerlink/0002-cmake-install-oplk-headers-files.patch lib_patch.Upstream
package/openpowerlink/0003-Add-top-level-CMakeLists.txt.patch lib_patch.Upstream
package/openrc/0001-init.d-sysctl.in-add-support-for-busybox-sysctl.patch lib_patch.Upstream
package/openrc/0002-sh-init.sh.Linux.in-change-run-lock-from-root-uucp-t.patch lib_patch.Upstream
package/openrc/0003-init.d-agetty-replace-sbin-agetty-by-sbin-getty.patch lib_patch.Upstream
@@ -741,7 +849,11 @@ package/opusfile/0001-Propagate-allocation-failure-from-ogg_sync_buffer.patch li
package/owfs/S55owserver Shellcheck lib_sysv.Variables
package/owfs/S60owfs Shellcheck lib_sysv.Variables
package/owl-linux/0001-fix-for-linux-3.3.x.patch lib_patch.Upstream
package/patch/0001-Fix-segfault-with-mangled-rename-patch.patch lib_patch.Upstream
package/patch/0002-Allow-input-files-to-be-missing-for-ed-style-patches.patch lib_patch.Upstream
package/patch/0003-Fix-arbitrary-command-execution-in-ed-style-patches-.patch lib_patch.Upstream
package/patch/0004-Invoke-ed-directly-instead-of-using-the-shell.patch lib_patch.Upstream
package/patch/0005-Don-t-follow-symlinks-unless--follow-symlinks-is-given.patch lib_patch.Upstream
package/patchelf/0001-Add-option-to-make-the-rpath-relative-under-a-specif.patch lib_patch.Upstream
package/paxtest/0001-genpaxtest-move-log-location.patch lib_patch.Upstream
package/paxtest/0002-paxtest-page-alignment-ARM-and-NIOS2-arch.patch lib_patch.Upstream
@@ -757,14 +869,20 @@ package/perl-xml-libxml/0001-Makefile-PL.patch lib_patch.Upstream
package/php-geoip/0001-add-build-support-for-php8.patch lib_patch.Upstream
package/php-lua/0001-ZEND_ACC_ALLOW_STATIC-ZEND_ACC_STATIC-for-static-met.patch lib_patch.Upstream
package/php-lua/0002-php8-explicitly-declare-arginfo.patch lib_patch.Upstream
package/php-zmq/0001-updates-for-php7.4-and-php8.0.patch lib_patch.Upstream
package/php-zmq/0002-fix-for-php-7.3.patch lib_patch.Upstream
package/php-zmq/0003-fix-for-php-8.0.0beta2.patch lib_patch.Upstream
package/php/0001-acinclude.m4-don-t-unset-variables.patch lib_patch.Upstream
package/php/0002-iconv-tweak-iconv-detection.patch lib_patch.Upstream
package/php/0003-configure-disable-the-phar-tool.patch lib_patch.Upstream
package/php/0004-Call-apxs-with-correct-prefix.patch lib_patch.Upstream
package/php/0005-allow-opcache-cross-compiling.patch lib_patch.Upstream
package/pifmrds/0001-Makefile-cross-compile-friendly.patch lib_patch.Upstream
package/pifmrds/0002-Makefile-use-LDFLAGS.patch lib_patch.Upstream
package/pifmrds/0003-Makefile-fix-static-link.patch lib_patch.Upstream
package/pigpio/S50pigpio Shellcheck lib_sysv.Variables
package/pistache/0001-src-common-transport.cc-fallback-value-for-RUSAGE_TH.patch lib_patch.Upstream
package/pistache/0002-src-server-listener.cc-fix-libressl-build.patch lib_patch.Upstream
package/pkgconf/0001-Only-prefix-with-the-sysroot-a-subset-of-variables.patch lib_patch.Upstream
package/pkgconf/pkg-config.in Shellcheck
package/poke/0001-configure.ac-HELP2MAN-replace-by-true-when-cross-com.patch lib_patch.Upstream
@@ -827,6 +945,7 @@ package/qt5/qt5webkit/0004-Remove-invalid-g_object-declarations-to-fix-build-wi.
package/qt5/qt5webkit/0005-Add-support-for-ARC-processors.patch lib_patch.Upstream
package/qt5/qt5webkit/0006-Warnings-due-to-AppSinkCallbacks-struct-growth-https.patch lib_patch.Upstream
package/qt5cinex/0001-Fix-execution-problem-with-Qt5.3.patch lib_patch.Upstream
package/racehound/0001-Fix-module-install-path-lib-instead-of-usr-lib-prefi.patch lib_patch.Upstream
package/rapidxml/0001-ensure-internal-print-operations-are-declared-before.patch lib_patch.Upstream
package/read-edid/0001-Fix-install-file-list.patch lib_patch.Upstream
package/read-edid/0002-Fix-compiler-check.patch lib_patch.Upstream
@@ -842,11 +961,20 @@ package/rng-tools/S21rngd Shellcheck lib_sysv.Variables
package/rocksdb/0001-build_tools-build_detect_platform-fix-C-tests.patch lib_patch.Upstream
package/rpcbind/0001-Remove-yellow-pages-support.patch lib_patch.Upstream
package/rpcbind/S30rpcbind lib_sysv.EmptyLastLine lib_sysv.Indent lib_sysv.Variables
package/rpi-userland/0001-Add-.pc-files-for-the-OpenGLESv2-EGL-and-bcm_host-li.patch lib_patch.Upstream
package/rpi-userland/0002-interface-remove-faulty-assert-to-make-weston-happy-.patch lib_patch.Upstream
package/rpi-userland/0003-Disable-Werror-everywhere.patch lib_patch.Upstream
package/rpi-userland/0004-host-applications-disable-missing-applications.patch lib_patch.Upstream
package/rpi-userland/0005-dtmerge-add-missing-include-for-va_list.patch lib_patch.Upstream
package/rpi-userland/0006-interface-vcos-pthreads-CMakeLists.txt-fix-build-wit.patch lib_patch.Upstream
package/rpi-userland/0007-GLES2-gl2ext.h-add-GLint64-GLuint64-and-GLsync-typed.patch lib_patch.Upstream
package/rt-tests/0001-Fix-a-build-issue-with-uClibc-ng.patch lib_patch.Upstream
package/rtorrent/0001-Added--disable-execinfo-option-to-configure.patch lib_patch.Upstream
package/rubix/0001-dont-use-legacy-functions.patch lib_patch.Upstream
package/rubix/0002-misc-fixes.patch lib_patch.Sob lib_patch.Upstream
package/rygel/S99rygel Shellcheck lib_sysv.Indent lib_sysv.Variables
package/s6-linux-init/0001-configure-add-D_GNU_SOURCE.patch lib_patch.Upstream
package/safeclib/0001-fix-armv7-asm-inline-error-GH-115.patch lib_patch.Upstream
package/samba4/0001-build-find-pre-built-heimdal-build-tools-in-case-of-.patch lib_patch.Upstream
package/samba4/0002-ldap_message_test.c-include-stdint.h-before-cmoka.h.patch lib_patch.Upstream
package/samba4/S91smb Shellcheck lib_sysv.Indent lib_sysv.Variables
@@ -874,6 +1002,7 @@ package/shadowsocks-libev/0003-lib-Makefile.am-remove-static-from-LDFLAGS.patch
package/shairport-sync/S99shairport-sync Shellcheck lib_sysv.Indent lib_sysv.Variables
package/shared-mime-info/0001-Remove-incorrect-dependency-from-install-data-hook.patch lib_patch.Upstream
package/shellinabox/0001-Makefile-disable-always-building-statically.patch lib_patch.Upstream
package/shellinabox/0002-CVE-2018-16789-fix-for-broken-multipart-form-data.patch lib_patch.Upstream
package/skeleton-init-systemd/fakeroot_tmpfiles.sh Shellcheck
package/slang/0001-slsh-libs.patch lib_patch.Upstream
package/smcroute/S41smcroute NotExecutable lib_sysv.Indent lib_sysv.Variables
@@ -888,6 +1017,15 @@ package/snort/0005-fix-sparc.patch lib_patch.Upstream
package/snort/0006-Fix-compile-error-when-building-against-uclibc-or-mu.patch lib_patch.Upstream
package/snort/0007-Fix-error-when-building-on-a-Fedora-host-machine.patch lib_patch.Upstream
package/snort/0008-Fix-NO-OPTIMIZE.patch lib_patch.Upstream
package/softether/0001-Create-autotools-plumbing-for-SoftEther.patch lib_patch.Upstream
package/softether/0002-Create-libsoftether.so-and-dynamically-link.patch lib_patch.Upstream
package/softether/0003-use-fhs-install-directories.patch lib_patch.Upstream
package/softether/0004-create-non-forking-softetherd-for-upstart-and-systemd.patch lib_patch.Upstream
package/softether/0005-change-GetExeDir-to-GetStateDir-in-Cedar-and-Mayaqua.patch lib_patch.Upstream
package/softether/0006-cross-compile.patch lib_patch.Upstream
package/softether/0007-iconv.patch lib_patch.Upstream
package/softether/0008-librt.patch lib_patch.Upstream
package/softether/0009-uclibc-ai-addrconfig.patch lib_patch.Upstream
package/solarus/0001-cmake-remove-Werror.patch lib_patch.Upstream
package/solarus/0002-Add-a-basic-FindOpenGLES2.cmake.patch lib_patch.Sob lib_patch.Upstream
package/sox/0001-Make-SoX-support-uclibc-based-toolchains.patch lib_patch.Upstream
@@ -912,9 +1050,13 @@ package/supervisor/S99supervisord lib_sysv.Variables
package/suricata/0001-configure.ac-allow-the-user-to-override-RUST_TARGET.patch lib_patch.Upstream
package/suricata/S99suricata Shellcheck
package/swupdate/swupdate.sh Shellcheck
package/sylpheed/0001-harden-link-checker-before-accepting-click.patch lib_patch.Upstream
package/sysvinit/0001-Makefile-disable-stack-protector-strong.patch lib_patch.Upstream
package/tar/0001-lib-getrandom.c-fix-build-with-uclibc-1.0.35.patch lib_patch.Upstream
package/targetcli-fb/S50target Shellcheck lib_sysv.Variables
package/taskd/0001-Fix-missing-cmakedefine-HAVE_GET_CURRENT_DIR_NAME.patch lib_patch.Upstream
package/taskd/0002-Use-correct-variables-for-GnuTLS-detection.patch lib_patch.Upstream
package/taskd/0003-CMakeLists-use-pkg-config-uuid-detection.patch lib_patch.Upstream
package/tcf-agent/S55tcf-agent Shellcheck lib_sysv.Variables
package/tftpd/S80tftpd-hpa Shellcheck lib_sysv.Indent lib_sysv.Variables
package/ti-gfx/0001-newclkapi.patch lib_patch.Upstream
@@ -926,10 +1068,17 @@ package/ti-sgx-um/0001-Makefile-do-not-install-init-script.patch lib_patch.Upstr
package/ti-sgx-um/S80ti-sgx lib_sysv.Variables
package/ti-utils/0001-plt.h-fix-build-with-gcc-10.patch lib_patch.Upstream
package/tinyalsa/0001-include-time.h-before-asound.h.patch lib_patch.Upstream
package/tinycbor/0001-Makefile-add-DISABLE_WERROR.patch lib_patch.Upstream
package/tinycompress/0001-wave-add-time.h-missing-header-inclusion.patch lib_patch.Upstream
package/tinydtls/0001-sha2-sha2.c-fix-build-on-big-endian.patch lib_patch.Upstream
package/tinyxml/0001-In-stamp-always-advance-the-pointer-if-p-0xef.patch lib_patch.Upstream
package/tpm2-tss/0001-Temporary-fix-for-build-without-C.patch lib_patch.Upstream
package/transmission/S92transmission Shellcheck lib_sysv.ConsecutiveEmptyLines lib_sysv.Indent lib_sysv.Variables
package/triggerhappy/S10triggerhappy Shellcheck lib_sysv.Indent lib_sysv.Variables
package/trinity/0001-Fix-build-with-GCC-10.patch lib_patch.Upstream
package/trinity/0002-net-proto-ip-raw.c-fix-build-with-kernel-5.13.patch lib_patch.Upstream
package/trinity/0003-Use-fcntl-h-for-dev_t-mode_t.patch lib_patch.Upstream
package/trinity/0004-drop-decnet.patch lib_patch.Upstream
package/trousers/0001-Check-if-the-compiler-understands-pie-and-relro-options.patch lib_patch.Upstream
package/trousers/0002-Check-that-getpwent_r-is-available-before-using-it.patch lib_patch.Upstream
package/trousers/0003-Fix-build-with-LibreSSL-2-7.patch lib_patch.Upstream
@@ -937,7 +1086,8 @@ package/tstools/0001-build-get-along-with-buildroot.patch lib_patch.Upstream
package/tvheadend/0001-no-check_config.patch lib_patch.Upstream
package/tvheadend/S99tvheadend Shellcheck lib_sysv.Indent lib_sysv.Variables
package/uboot-tools/0001-drop-configh-from-tools.patch lib_patch.Upstream
package/uboot-tools/0002-tools-Makefile-fix-C-LD-FLAGS-with-CROSS_BUILD_TOOLS.patch lib_patch.Upstream
package/uboot-tools/0002-tools-only-in-no-dot-config-targets.patch lib_patch.Upstream
package/uboot-tools/0003-tools-Makefile-fix-C-LD-FLAGS-with-CROSS_BUILD_TOOLS.patch lib_patch.Upstream
package/ubus/0001-Install-server-and-client-examples.patch lib_patch.Upstream
package/uemacs/01-clear-ixon-termios-flag.patch lib_patch.Upstream
package/uhd/0001-host-CMakeLists-add-boost-unit_test_framework-requir.patch lib_patch.Upstream
@@ -948,6 +1098,7 @@ package/unifdef/0001-Makefile-fix-error-on-install.patch lib_patch.Upstream
package/unscd/S46unscd Shellcheck lib_sysv.Indent lib_sysv.Variables
package/unzip/0001-Add-a-CMakeFile.txt-to-ease-cross-compilation.patch lib_patch.Upstream
package/upmpdcli/S99upmpdcli Shellcheck lib_sysv.Indent lib_sysv.Variables
package/uqmi/0001-uqmi-avoid-gcc-12.x-false-error-reporting-storing-th.patch lib_patch.Upstream
package/urg/0001-select-h.patch lib_patch.Upstream
package/urg/0002-urg-gcc6-fix-narrowing-conversion.patch lib_patch.Upstream
package/usb_modeswitch/0001-fix-systemd-detection.patch lib_patch.Upstream
@@ -992,10 +1143,18 @@ package/vte/0002-build-Fix-check-for-fstack-protector-compiler-support.patch lib
package/vtun/0001-fix-installation.patch lib_patch.Upstream
package/vtun/0002-fix-ssl-headers-checks.patch lib_patch.Upstream
package/vtun/0003-openssl11.patch lib_patch.Upstream
package/waffle/0001-cmake-forward-cflags-from-.pc-files-to-waffle-cflags.patch lib_patch.Upstream
package/waffle/0002-wayland-fix-build-against-version-1-20.patch lib_patch.Upstream
package/waffle/0003-drop-C-dependency.patch lib_patch.Upstream
package/wampcc/0001-Add-RISC-V-endian-detection.patch lib_patch.Upstream
package/wampcc/0002-include-wampcc-platform.h-fix-build-with-musl-1.2.0.patch lib_patch.Upstream
package/wampcc/0003-Broken-build-on-Windows.patch lib_patch.Upstream
package/wget/0001-lib-getrandom.c-fix-build-with-uclibc-1.0.35.patch lib_patch.Upstream
package/wilc-driver/0001-cfg80211.c-fix-missing-prandom_u32-with-Linux-6.1.0.patch lib_patch.Upstream
package/wilc-driver/0002-spi.c-fix-build-failure-on-remove-callback.patch lib_patch.Upstream
package/wilc-driver/0003-cfg80211.c-fix-build-failure-with-Linux-5.19-and-6.1.patch lib_patch.Upstream
package/wilc-driver/0004-Fix-struct-station_parameters-Linux-6.1-build-failur.patch lib_patch.Upstream
package/wilc-driver/0005-Fix-cast-warnings.patch lib_patch.Upstream
package/wipe/0001-musl.patch lib_patch.Upstream
package/wireless_tools/0001-remove-bzero.patch lib_patch.Upstream
package/woff2/0001-CMake-Handle-multiple-libraries-being-returned-for-B.patch lib_patch.Upstream
@@ -1006,6 +1165,7 @@ package/x11r7/xcursor-transparent-theme/0001-fix-symlink.patch lib_patch.Upstrea
package/x11r7/xdriver_xf86-input-evdev/0001-build-get-rid-of-sdkdir.patch lib_patch.Upstream
package/x11r7/xdriver_xf86-input-joystick/0001-build-get-rid-of-sdkdir.patch lib_patch.Upstream
package/x11r7/xdriver_xf86-input-libinput/0001-build-get-rid-of-sdkdir.patch lib_patch.Upstream
package/x11r7/xdriver_xf86-input-mouse/0001-build-get-rid-of-sdkdir.patch lib_patch.Upstream
package/x11r7/xdriver_xf86-input-synaptics/0001-build-get-rid-of-sdkdir.patch lib_patch.Upstream
package/x11r7/xdriver_xf86-video-fbturbo/0001-sunxi_x_g2d-drop-unused-dri2-include.patch lib_patch.Upstream
package/x11r7/xdriver_xf86-video-fbturbo/0002-Use-own-thunk-functions-instead-of-fbdevHW-Weak.patch lib_patch.Upstream
@@ -1019,6 +1179,7 @@ package/x11r7/xdriver_xf86-video-imx/0004-Make-video-API-forward-and-backward-co
package/x11r7/xdriver_xf86-video-imx/0005-xf86-video-imxfb-fix-m4-hardcodded-paths.patch lib_patch.Upstream
package/x11r7/xdriver_xf86-video-imx/0006-xserver-1.14-compat.patch lib_patch.Upstream
package/x11r7/xdriver_xf86-video-mach64/0001-cross-compile.patch lib_patch.Upstream
package/x11r7/xdriver_xf86-video-nouveau/0001-nouveau-fixup-driver-for-new-X-server-ABI.patch lib_patch.Upstream
package/x11r7/xdriver_xf86-video-tdfx/0001-cross.patch lib_patch.Upstream
package/x11r7/xserver_xorg-server/0001-include-misc.h-fix-uClibc-build.patch lib_patch.Upstream
package/x11r7/xserver_xorg-server/S40xorg Shellcheck lib_sysv.Variables
@@ -1026,6 +1187,11 @@ package/xen/0001-9pfs-include-linux-limits.h-for-XATTR_SIZE_MAX.patch lib_patch.
package/xen/0002-Fix-build-with-64-bits-time_t.patch lib_patch.Upstream
package/xen/0003-libs-light-fix-tv_sec-printf-format.patch lib_patch.Upstream
package/xen/0004-libs-light-fix-tv_sec-fprintf-format.patch lib_patch.Upstream
package/xinetd/0001-ar.patch lib_patch.Upstream
package/xinetd/0002-destdir.patch lib_patch.Upstream
package/xinetd/0003-rpc-fix.patch lib_patch.Upstream
package/xinetd/0004-configure-rlim_t.patch lib_patch.Upstream
package/xinetd/0005-CVE-2013-4342-xinetd-ignores-user-and-group-directiv.patch lib_patch.Upstream
package/xl2tp/xl2tpd lib_shellscript.TrailingSpace
package/xml-security-c/0001-fix-build-with-libressl-3.5.0.patch lib_patch.Upstream
package/yajl/0001-Let-the-shared-and-the-static-library-have-the-same-.patch lib_patch.Upstream
@@ -1067,6 +1233,7 @@ support/libtool/buildroot-libtool-v2.4.4.patch lib_patch.ApplyOrder lib_patch.Up
support/libtool/buildroot-libtool-v2.4.patch lib_patch.ApplyOrder lib_patch.Sob lib_patch.Upstream
support/misc/relocate-sdk.sh Shellcheck
support/scripts/apply-patches.sh Shellcheck
support/scripts/br2-external Shellcheck
support/scripts/check-bin-arch Shellcheck
support/scripts/check-host-rpath Shellcheck
support/scripts/expunge-gconv-modules Shellcheck

1
.gitignore vendored
View File

@@ -13,4 +13,3 @@
*.rej
*~
*.pyc
/br.log

1010
CHANGES
View File

File diff suppressed because it is too large Load Diff

844
Config.in.legacy
View File

@@ -144,636 +144,7 @@ endif
###############################################################################
comment "Legacy options removed in 2026.05"
config BR2_PACKAGE_LLAMA_CPP_SERVER
bool "llama-cpp option removed"
select BR2_PACKAGE_LLAMA_CPP_TOOLS
select BR2_LEGACY
help
Several tools (server, cli) now require building both
tools and server, so enable both with the same config
BR2_PACKAGE_LLAMA_CPP_TOOLS
config BR2_PACKAGE_PYTHON3_OSSAUDIODEV
bool "python3 ossaudiodev module removed"
select BR2_LEGACY
help
The ossaudiodev module was removed in Python 3.13.
config BR2_TARGET_EDK2_PLATFORM_OVMF_I386
bool "EDK2 OVMF IA32 removed"
select BR2_LEGACY
help
EDK2 OVMF IA32 support was removed in upstream version
202511, so it has been dropped.
config BR2_BINUTILS_VERSION_2_43_X
bool "binutils 2.43 has been removed"
select BR2_LEGACY
help
binutils 2.43 has been removed, select a newer version
instead.
comment "Legacy options removed in 2026.02"
config BR2_PACKAGE_QEMU_TARGET_CRIS
bool "qemu cris support has been removed"
select BR2_LEGACY
help
CRIS support has been removed since Qemu 9.2.0.
config BR2_PACKAGE_DVDRW_TOOLS
bool "dvdrw-tools removed"
select BR2_LEGACY
help
dvdrw-tools was no longer maintained upstream, so it has
been dropped.
config BR2_PACKAGE_PHP_ZMQ
bool "php-zmq removed"
select BR2_LEGACY
help
php-zmq was no longer maintained upstream, broken with php
8.5, so it has been dropped.
config BR2_PACKAGE_LOCKDEV
bool "lockdev removed"
select BR2_LEGACY
help
lockdev was no longer maintained upstream, so it has been
dropped.
config BR2_PACKAGE_DBUS_TRIGGERD
bool "dbus-triggerd removed"
select BR2_LEGACY
help
dbus-triggerd was no longer maintained upstream, so it has
been dropped.
config BR2_PACKAGE_CVS
bool "cvs has been removed"
select BR2_LEGACY
help
The cvs project was no longer maintained upstream, broken
with GCC 14.x, so it was removed.
config BR2_PACKAGE_CRIU
bool "criu has been removed"
select BR2_LEGACY
help
criu was removed from Buildroot as it was insufficiently
maintained. It can be re-added if someone volunteers to
maintain it.
config BR2_PACKAGE_GCONF
bool "gconf package removed"
select BR2_LEGACY
help
gconf was no longer maintained upstream, so it has been
dropped.
config BR2_PACKAGE_LIBSVG
bool "libsvg package removed"
select BR2_LEGACY
help
The libsvg package has been removed. Its latest upstream
release was from 2005, it was incompatible with recent
libxml2 versions, and it wasn't used by any other Buildroot
package except libsvg-cairo, also removed.
config BR2_PACKAGE_LIBSVG_CAIRO
bool "libsvg-cairo package removed"
select BR2_LEGACY
help
The libsvg-cairo package has been removed. Its latest
upstream release was from 2005, and it wasn't used by any
other Buildroot package.
config BR2_PACKAGE_XDRIVER_XF86_INPUT_MOUSE
bool "xf86-input-mouse removed"
select BR2_LEGACY
help
Linux support was removed upstream in version
2.0.0. Upstream recommends to switch to xf86-input-evdev or
xf86-input-libinput.
config BR2_PACKAGE_HOST_JSMIN
bool "host-jsmin has been removed"
select BR2_LEGACY
help
JSMin is no longer maintained and better alternative
exists since then.
config BR2_PACKAGE_JSMIN
bool "jsmin has been removed"
select BR2_LEGACY
help
JSMin is no longer maintained and better alternative
exists since then.
config BR2_PACKAGE_VUEJS_ROUTER
bool "vuejs-router has been removed"
select BR2_LEGACY
help
JS libraries are no longer part of Buildroot packages.
config BR2_PACKAGE_VUEJS
bool "vuejs has been removed"
select BR2_LEGACY
help
JS libraries are no longer part of Buildroot packages.
config BR2_PACKAGE_VIS_NETWORK
bool "vis-network has been removed"
select BR2_LEGACY
help
JS libraries are no longer part of Buildroot packages.
config BR2_PACKAGE_OPENLAYERS
bool "openlayers has been removed"
select BR2_LEGACY
help
JS libraries are no longer part of Buildroot packages.
config BR2_PACKAGE_JSZIP
bool "jszip has been removed"
select BR2_LEGACY
help
JS libraries are no longer part of Buildroot packages.
config BR2_PACKAGE_JSON_JAVASCRIPT
bool "json-javascript has been removed"
select BR2_LEGACY
help
JS libraries are no longer part of Buildroot packages.
config BR2_PACKAGE_JQUERY_VALIDATION
bool "jquery-validation has been removed"
select BR2_LEGACY
help
JS libraries are no longer part of Buildroot packages.
config BR2_PACKAGE_JQUERY_UI_THEMES
bool "jquery-ui-themes has been removed"
select BR2_LEGACY
help
JS libraries are no longer part of Buildroot packages.
config BR2_PACKAGE_JQUERY_UI
bool "jquery-ui has been removed"
select BR2_LEGACY
help
JS libraries are no longer part of Buildroot packages.
config BR2_PACKAGE_JQUERY_SPARK
bool "jquery-spark has been removed"
select BR2_LEGACY
help
JS libraries are no longer part of Buildroot packages.
config BR2_PACKAGE_JQUERY_SIDEBAR
bool "jquery-sidebar has been removed"
select BR2_LEGACY
help
JS libraries are no longer part of Buildroot packages.
config BR2_PACKAGE_JQUERY_MOBILE
bool "jquery-mobile has been removed"
select BR2_LEGACY
help
JS libraries are no longer part of Buildroot packages.
config BR2_PACKAGE_JQUERY_KEYBOARD
bool "jquery-keyboard has been removed"
select BR2_LEGACY
help
JS libraries are no longer part of Buildroot packages.
config BR2_PACKAGE_JQUERY_DATETIMEPICKER
bool "jquery-datetimepicker has been removed"
select BR2_LEGACY
help
JS libraries are no longer part of Buildroot packages.
config BR2_PACKAGE_JQUERY
bool "jquery has been removed"
select BR2_LEGACY
help
JS libraries are no longer part of Buildroot packages.
config BR2_PACKAGE_FORGE
bool "forge has been removed"
select BR2_LEGACY
help
JS libraries are no longer part of Buildroot packages.
config BR2_PACKAGE_FLOT
bool "flot has been removed"
select BR2_LEGACY
help
JS libraries are no longer part of Buildroot packages.
config BR2_PACKAGE_EXPLORERCANVAS
bool "explorercanvas has been removed"
select BR2_LEGACY
help
JS libraries are no longer part of Buildroot packages.
config BR2_PACKAGE_DATATABLES_RESPONSIVE
bool "datatables-responsive has been removed"
select BR2_LEGACY
help
JS libraries are no longer part of Buildroot packages.
config BR2_PACKAGE_DATATABLES_FIXEDCOLUMNS
bool "datatables-fixedcolumns has been removed"
select BR2_LEGACY
help
JS libraries are no longer part of Buildroot packages.
config BR2_PACKAGE_DATATABLES_BUTTONS
bool "datatables-buttons has been removed"
select BR2_LEGACY
help
JS libraries are no longer part of Buildroot packages.
config BR2_PACKAGE_DATATABLES
bool "datatables has been removed"
select BR2_LEGACY
help
JS libraries are no longer part of Buildroot packages.
config BR2_PACKAGE_CHARTJS
bool "chartjs has been removed"
select BR2_LEGACY
help
JS libraries are no longer part of Buildroot packages.
config BR2_PACKAGE_BOOTSTRAP
bool "bootstrap has been removed"
select BR2_LEGACY
help
JS libraries are no longer part of Buildroot packages.
config BR2_PACKAGE_SOFTETHER
bool "softether has been removed"
select BR2_LEGACY
help
The version packaged in Buildroot version was outdated
compared to upstream and no longer maintained by anyone
listed in the DEVELOPERS file.
config BR2_PACKAGE_RPI_USERLAND
bool "rpi-userland has been removed"
select BR2_LEGACY
help
According to https://github.com/raspberrypi/userland, "This
repo is ancient and deprecated. [...] If you are using code
from here you should rethink your solution.".
config BR2_PACKAGE_GST1_PLUGINS_BASE_LIB_OPENGL_DISPMANX
bool "gst1-plugins-base dispmanx option removed"
select BR2_LEGACY
help
Due to the removal of the rpi-userland package, the dispmanx
OpenGL plug-in from GStreamer plugin base has been removed.
config BR2_PACKAGE_RPI_FIRMWARE_INSTALL_VCDBG
bool "rpi-firmware vcdbg option removed"
select BR2_LEGACY
help
rpi-firmware upstream has dropped the vcdbg tool
config BR2_PACKAGE_LIBDNET_PYTHON
bool "libdnet python module removed"
select BR2_LEGACY
help
The libdnet Python module is no longer compatible with
Python >= 3.13, so it had to be removed.
config BR2_PACKAGE_LIBFREEIMAGE
bool "libfreeimage"
select BR2_LEGACY
help
libfreeimage is unmaintained and has been removed
config BR2_PACKAGE_OPENCV3
bool "opencv3"
select BR2_LEGACY
help
opencv3 is unmaintained and has been removed
config BR2_PACKAGE_VLC_OPENCV3_BACKEND
bool "opencv3 support in vlc has been removed"
select BR2_LEGACY
help
OpenCV3 support in VLC has been reported, as OpenCV has been
removed.
config BR2_PACKAGE_CPPDB
bool "cppdb has been removed"
select BR2_LEGACY
help
cppdb was no longer maintained upstream, and therefore was
removed.
config BR2_PACKAGE_PYTHON_AIOREDIS
bool "python-aioredis has been removed"
select BR2_LEGACY
select BR2_PACKAGE_PYTHON_REDIS
help
python-aioredis was abandoned upstream and replaced by
python-redis
config BR2_PACKAGE_LIBCUEFILE
bool "libcuefile has been removed"
select BR2_LEGACY
help
libcuefile is unmaintained and has been removed
config BR2_PACKAGE_MPD_MUSEPACK
bool "musepack support in mpd has been removed"
select BR2_LEGACY
help
musepack package is unmaintained and has been removed
config BR2_PACKAGE_GST1_PLUGINS_BAD_PLUGIN_MUSEPACK
bool "musepack support in gst1-plugins-bad has been removed"
select BR2_LEGACY
help
musepack package is unmaintained and has been removed
config BR2_PACKAGE_MUSEPACK
bool "musepack has been removed"
select BR2_LEGACY
help
musepack is unmaintained and has been removed
config BR2_PACKAGE_RACEHOUND
bool "racehound has been removed"
select BR2_LEGACY
help
racehound is unmaintained and has been removed
config BR2_PACKAGE_TASKD
bool "taskd has been removed"
select BR2_LEGACY
help
taskd was deprecated upstream and has been removed
config BR2_PACKAGE_SCONESERVER
bool "sconeserver has been removed"
select BR2_LEGACY
help
sconeserver is unmaintained and has been removed
config BR2_PACKAGE_QJSON
bool "qjson has been removed"
select BR2_LEGACY
help
qjson was deprecated upstream and has been removed
config BR2_PACKAGE_OPENTRACING_CPP
bool "opentracing-cpp has been removed"
select BR2_LEGACY
help
opentracing-cpp was deprecated upstream and has been removed
config BR2_PACKAGE_OPENPOWERLINK
bool "openpowerlink has been removed"
select BR2_LEGACY
help
openpowerlink is unmaintained and has been removed
config BR2_PACKAGE_ALURE
bool "alure has been removed"
select BR2_LEGACY
help
alure is unmaintained and has been removed
config BR2_PACKAGE_LIBUWSC
bool "libuwsc has been removed"
select BR2_LEGACY
help
libuwsc is unmaintained and has been removed
config BR2_PACKAGE_LIBIQRF
bool "libiqrf has been removed"
select BR2_LEGACY
help
libiqrf is unmaintained and has been removed
config BR2_PACKAGE_LIBCGI
bool "libcgi has been removed"
select BR2_LEGACY
help
libcgi is unmaintained and has been removed
config BR2_PACKAGE_LET_ME_CREATE
bool "let-me-create has been removed"
select BR2_LEGACY
help
let-me-create is unmaintained and has been removed
config BR2_PACKAGE_HAWKTRACER
bool "hawktracer has been removed"
select BR2_LEGACY
help
hawktracer is unmaintained and has been removed
config BR2_PACKAGE_CONNMAN_GTK
bool "connman-gtk has been removed"
select BR2_LEGACY
help
connman-gtk is unmaintained and has been removed
config BR2_PACKAGE_LIBMHASH
bool "libmhash has been removed"
select BR2_LEGACY
help
libmhash is unmaintained and has been removed
config BR2_PACKAGE_DMRAID
bool "dmraid has been removed"
select BR2_LEGACY
help
dmraid is unmaintained and has been removed
config BR2_PACKAGE_LIBNIDS
bool "libnids has been removed"
select BR2_LEGACY
help
libnids is unmaintained and has been removed
config BR2_TARGET_S500_BOOTLOADER
bool "s500-bootloader"
select BR2_LEGACY
help
s500-bootloader package has been removed
config BR2_PACKAGE_OPENCV3_WITH_FFMPEG
bool "opencv3 ffmpeg support removed"
select BR2_LEGACY
help
Support for OpenCV 3 ffmpeg support has been removed as it
was no longer compatible with recent versions of ffmpeg.
config BR2_PACKAGE_OPENCV3_WITH_PROTOBUF
bool "opencv3 protobuf support removed"
select BR2_LEGACY
help
Support for OpenCV 3 protobuf support has been removed as it
was no longer compatible with recent versions of protobuf.
config BR2_PACKAGE_RESIPROCATE_APPS
bool "resiprocate apps support option removed"
select BR2_LEGACY
help
The build system does not contain an apps-specific option
anymore.
config BR2_PACKAGE_WATCHDOGD_TEST_SUITE
bool "The watchdogd test mode option has been removed."
select BR2_LEGACY
help
watchdogd v4.1 removes the test mode and test suite.
config BR2_KERNEL_HEADERS_6_17
bool "kernel headers version 6.17.x are no longer supported"
select BR2_LEGACY
help
Version 6.17.x of the Linux kernel headers are no longer
maintained upstream and are now removed.
config BR2_PACKAGE_MESA3D_VDPAU
bool "mesa3d Gallium VDPAU state tracker support removed"
select BR2_LEGACY
help
Mesa3d removed the Gallium VDPAU state tracker.
config BR2_BINUTILS_VERSION_2_42_X
bool "binutils 2.42 has been removed"
select BR2_LEGACY
help
binutils 2.42 has been removed, select a newer version
instead.
config BR2_arceb
bool "ARC big endian support removed"
select BR2_LEGACY
help
Synopsys' DesignWare ARC Processor Cores are a family of
32-bit CPUs that can be used from deeply embedded to high
performance host applications. The big endian support was
not used nor maintained, so it was removed.
comment "Legacy options removed in 2025.11"
config BR2_KERNEL_HEADERS_5_4
bool "kernel headers version 5.4.x are no longer supported"
select BR2_LEGACY
help
Version 5.4.x of the Linux kernel headers are no longer
maintained upstream and are now removed.
config BR2_PACKAGE_LIBARGTABLE2
bool "libargtable2 has been removed"
select BR2_LEGACY
help
libargtable2 is unmaintained and has been removed
config BR2_PACKAGE_OLA
bool "ola has been removed"
select BR2_LEGACY
help
ola is incompatible with current versions of protobuf
config BR2_PACKAGE_BATMAN_ADV_NC
bool "batman-adv removed network coding"
select BR2_LEGACY
help
batman-adv removed B.A.T.M.A.N. network coding
config BR2_PACKAGE_DVBSNOOP
bool "dvbsnoop has been removed"
select BR2_LEGACY
help
dvbsnoop is unmaintained and has been removed
config BR2_PACKAGE_PROCRANK_LINUX
bool "procrank_linux has been removed"
select BR2_LEGACY
help
procrank_linux is unmaintained and has been removed
config BR2_PACKAGE_MONGREL2
bool "mongrel2 has been removed"
select BR2_LEGACY
help
mongrel2 is incompatible with MbedTLS 3.6 and has been removed
config BR2_PACKAGE_EXPECT
bool "expect has been removed"
select BR2_LEGACY
help
expect is unmaintained and has been removed
config BR2_PACKAGE_BCTOOLBOX
bool "bctoolbox has been removed"
select BR2_LEGACY
help
This package has been removed as part of the linphone
removal. In addition, newer version of linphone directly
bundle bctoolbox making a separate package unnecessary.
config BR2_PACKAGE_ORTP
bool "ortp has been removed"
select BR2_LEGACY
help
This package has been removed as part of the linphone
removal. In addition, newer version of linphone directly
bundle ortp making a separate package unnecessary.
config BR2_PACKAGE_MEDIASTREAMER
bool "mediastreamer has been removed"
select BR2_LEGACY
help
This package has been removed as part of the linphone
removal. In addition, newer version of linphone directly
bundle mediastreamer making a separate package unnecessary.
config BR2_PACKAGE_BELR
bool "belr has been removed"
select BR2_LEGACY
help
This package has been removed as part of the linphone
removal. In addition, newer version of linphone directly
bundle belr making a separate package unnecessary.
config BR2_PACKAGE_BELLE_SIP
bool "belle-sip has been removed"
select BR2_LEGACY
help
This package has been removed as part of the linphone
removal. In addition, newer version of linphone directly
bundle belle-sip making a separate package unnecessary.
config BR2_PACKAGE_LINPHONE
bool "linphone has been removed"
select BR2_LEGACY
help
This package was no longer maintained in Buildroot and was
no longer building. It can be re-added if someone volunteers
to fix the issues, update the package and maintain it.
config BR2_PACKAGE_LIBJWT
bool "libjwt has been removed"
select BR2_LEGACY
help
The only dependee of libjwt, asterisk, is incompatible with
version 3 so the version bundled with asterisk is used and
this package has been removed.
comment "Legacy options removed in 2025.08.2"
config BR2_PACKAGE_RAMSPEED
bool "ramspeed has been removed"
@@ -782,215 +153,6 @@ config BR2_PACKAGE_RAMSPEED
The ramspeed package was removed as it is not maintained
anymore and the upstream repo is gone.
config BR2_PACKAGE_LESSTIF
bool "lesstif has been removed"
select BR2_LEGACY
help
lesstif is unmaintained and has been removed
config BR2_KERNEL_HEADERS_6_16
bool "kernel headers version 6.16.x are no longer supported"
select BR2_LEGACY
help
Version 6.16.x of the Linux kernel headers are no longer
maintained upstream and are now removed.
config BR2_PACKAGE_MURATA_CYW_FW_CYW4339_1CK
bool "This firmware has been removed"
select BR2_LEGACY
help
This firmware has been removed from Murata package
config BR2_PACKAGE_MURATA_CYW_FW_CYW4339_ZP
bool "BR2_PACKAGE_MURATA_CYW_FW_CYW4339_ZP has been renamed"
select BR2_LEGACY
select BR2_PACKAGE_MURATA_CYW_FW_CYW4339
help
The option has been renamed to
BR2_PACKAGE_MURATA_CYW_FW_CYW4339
config BR2_PACKAGE_LIBBSON
bool "libbson has been removed"
select BR2_LEGACY
help
libbson is officially deprecated upstream and has been removed
config BR2_TARGET_ROOTFS_AXFS
bool "AXFS root filesystem has been removed"
select BR2_LEGACY
help
AXFS root filesystem support has been removed.
config BR2_PACKAGE_LOGSURFER
bool "logsurfer has been removed"
select BR2_LEGACY
help
Logsurfer last updates was on 2011 and fails to build with
GCC14.
config BR2_LINUX_KERNEL_EXT_FBTFT
bool "FB TFT drivers are deprecated"
select BR2_LEGACY
help
FB TFT drivers were only needed for linux kernels until v3.19,
since v4.0 the drivers are included in the staging area.
config BR2_PACKAGE_DMENU_WAYLAND
bool "dmenu-wayland has been removed"
select BR2_LEGACY
help
The package has been abandoned for several years.
The only package that previously relied on dmenu-wayland
was sway, and that now relies on wmenu. Please select
wmenu instead.
config BR2_PACKAGE_SYLPHEED
bool "sylpheed has been removed"
select BR2_LEGACY
help
Due to the removal of libgtk2, the sylpheed package has been
removed.
config BR2_PACKAGE_PINENTRY_GTK2
bool "gtk2 backend of pinentry has been removed"
select BR2_LEGACY
help
Due to the removal of libgtk2, the gtk2 backend of pinentry
has been removed.
config BR2_PACKAGE_OPENCV4_WITH_GTK
bool "opencv4 gtk support has been removed"
select BR2_LEGACY
help
Due to the removal of libgtk2, the gtk support of opencv4
has been removed. gtk3 support is still available.
config BR2_PACKAGE_OPENCV3_WITH_GTK
bool "opencv3 gtk support has been removed"
select BR2_LEGACY
help
Due to the removal of libgtk2, the gtk support of opencv3
has been removed. gtk3 support is still available.
config BR2_PACKAGE_NETSURF_GTK
bool "gtk frontend of netsurf has been removed"
select BR2_LEGACY
help
Due to the removal of libgtk2, the gtk frontend of netsurf
has been removed. The gtk3 frontend can be used instead for
example.
config BR2_PACKAGE_METACITY
bool "metacity has been removed"
select BR2_LEGACY
help
The metacity package has been removed, as libgtk2 has been
removed as well.
config BR2_PACKAGE_LIBSEXY
bool "libsexy has been removed"
select BR2_LEGACY
help
The libsexy package has been removed, as libgtk2 has been
removed as well.
config BR2_PACKAGE_LIBGLADE
bool "libglade has been removed"
select BR2_LEGACY
help
The libglade package has been removed, as libgtk2 has been
removed as well.
config BR2_PACKAGE_LEAFPAD
bool "leafpad has been removed"
select BR2_LEGACY
help
The leafpad package has been removed, as libgtk2 has been
removed as well.
config BR2_PACKAGE_GTKPERF
bool "gtkperf has been removed"
select BR2_LEGACY
help
The gtkperf package has been removed, as libgtk2 has been
removed as well.
config BR2_PACKAGE_GTK2_ENGINES
bool "gtk2-engines has been removed"
select BR2_LEGACY
help
The gtk2-engines package has been removed, as libgtk2 has
been removed as well.
config BR2_PACKAGE_GKRELLM_CLIENT
bool "gkrellm client has been removed"
select BR2_LEGACY
help
The gkrellm client option has been removed, as it required
libgtk2, which was removed from Buildroot.
config BR2_PACKAGE_CWIID_WMGUI
bool "cwiid wmgui has been removed"
select BR2_LEGACY
help
The wmgui part of cwiid required libgtk2, which has been
removed from Buildroot.
config BR2_LINUX_KERNEL_EXT_AUFS
bool "Aufs Filesystem Module patch has been removed"
select BR2_LEGACY
help
aufs kernel module patch is unmaintained and has been
removed.
config BR2_PACKAGE_AUFS_UTIL
bool "aufs-util has been removed"
select BR2_LEGACY
help
aufs-util package is unmaintained and has been removed.
config BR2_TOOLCHAIN_EXTERNAL_LINARO_ARMEB
bool "Linaro armeb 2018.05 external toolchain is deprecated"
select BR2_LEGACY
help
Linaro armeb 2018.05 is no longer maintained and has been
removed from Buildroot.
config BR2_TOOLCHAIN_EXTERNAL_LINARO_ARM
bool "Linaro ARM 2018.05 external toolchain is deprecated"
select BR2_LEGACY
help
Linaro ARM 2018.05 is no longer maintained and has been
removed from Buildroot.
config BR2_TOOLCHAIN_EXTERNAL_LINARO_AARCH64_BE
bool "Linaro AArch64 BE 2018.05 external toolchain is deprecated"
select BR2_LEGACY
help
Linaro AArch64 2018.05 BE is no longer maintained and has been
removed from Buildroot.
config BR2_TOOLCHAIN_EXTERNAL_LINARO_AARCH64
bool "Linaro AArch64 2018.05 external toolchain is deprecated"
select BR2_LEGACY
help
Linaro AArch64 2018.05 is no longer maintained and has been
removed from Buildroot.
config BR2_TOOLCHAIN_EXTERNAL_CODESOURCERY_MIPS
bool "Sourcery CodeBench MIPS external toolchain is deprecated"
select BR2_LEGACY
help
Sourcery CodeBench MIPS 2016.05 is no longer maintained
and has been removed from Buildroot.
config BR2_LINUX_KERNEL_EXT_EV3DEV_LINUX_DRIVERS
bool "ev3dev Linux drivers have been removed"
select BR2_LEGACY
help
Linux drivers for LEGO MINDSTORMS EV3 from the ev3dev project
are targeting an outdated kernel which is no longer supported.
comment "Legacy options removed in 2025.08"
config BR2_PACKAGE_NETSTAT_NAT
@@ -6416,6 +5578,8 @@ config BR2_PACKAGE_OPENPOWERLINK_KERNEL_MODULE
help
openpowerlink kernel modules are built if the
kernel stack library is selected.
# Note: BR2_PACKAGE_OPENPOWERLINK_KERNEL_MODULE is still referenced from
# package/openpowerlink/Config.in
config BR2_PACKAGE_OPENPOWERLINK_LIBPCAP
bool "openpowerlink package has been updated"
@@ -6424,6 +5588,8 @@ config BR2_PACKAGE_OPENPOWERLINK_LIBPCAP
The user space support has been split in two part:
- a monolithic user space library
- a user space daemon driver
# Note: BR2_PACKAGE_OPENPOWERLINK_LIBPCAP is still referenced from
# package/openpowerlink/Config.in
config BR2_LINUX_KERNEL_SAME_AS_HEADERS
bool "using the linux headers version for the kernel has been removed"

248
DEVELOPERS
View File

@@ -86,12 +86,6 @@ F: package/modem-manager/
N: Aleksandr Makarov <aleksandr.o.makarov@gmail.com>
F: package/cpp-httplib/
N: Alexander Shirokov <shirokovalexs@gmail.com>
F: package/broot/
F: package/kibi/
F: package/nnn/
F: package/zellij/
N: Alessandro Partesotti <a.partesotti@gmail.com>
F: package/oatpp/
@@ -131,9 +125,6 @@ F: package/openpgm/
N: Aleksandr Makarov <aleksandr.o.makarov@gmail.com>
F: package/libest/
N: Alexander Shirokov <shirokovalexs@gmail.com>
F: package/aichat/
N: Alexander Sverdlin <alexander.sverdlin@gmail.com>
F: package/mini-snmpd/
@@ -154,11 +145,6 @@ F: configs/cubieboard2_defconfig
N: Alexey Lukyanchuk <skif@skif-web.ru>
F: package/zabbix/
N: Alexis Lothoré <alexis.lothore@bootlin.com>
F: package/libxmlsec1/
F: package/openscap/
F: package/python-scp/
N: Alistair Francis <alistair@alistair23.me>
F: board/sifive/
F: boot/opensbi/
@@ -184,9 +170,6 @@ F: package/libkrb5/
F: package/p7zip/
F: package/wine/
N: Andrea Ricchi <andrea.ricchi@amarulasolutions.com>
F: package/cutekeyboard/
N: Andreas Klinger <ak@it-klinger.de>
F: package/ply/
@@ -348,13 +331,12 @@ F: package/tcpdump/
F: package/ti-uim/
F: package/uhubctl/
N: Bastien Curutchet <bastien.curutchet@bootlin.com>
F: package/rasdaemon/
F: support/testing/tests/package/test_rasdaemon.py
N: Baxiche Su <baxiche@gmail.com>
F: package/qt6/qt6multimedia/
N: Ben Boeckel <mathstuf@gmail.com>
F: package/taskd/
N: Benjamin Kamath <kamath.ben@gmail.com>
F: package/lapack/
@@ -415,6 +397,7 @@ F: package/libcec/
F: package/libcodec2/
F: package/libcrossguid/
F: package/libde265/
F: package/libdecor/
F: package/libdeflate/
F: package/libdisplay-info/
F: package/libdrm/
@@ -422,14 +405,15 @@ F: package/libdvbcsa/
F: package/libdvdcss/
F: package/libdvdnav/
F: package/libdvdread/
F: package/libfreeglut/
F: package/libfribidi/
F: package/libg7221/
F: package/libglew/
F: package/libglu/
F: package/libhdhomerun/
F: package/libheif/
F: package/libid3tag/
F: package/libilbc/
F: package/libldns/
F: package/libmicrohttpd/
F: package/libminiupnpc/
F: package/libmspack/
@@ -438,7 +422,6 @@ F: package/libnpth/
F: package/libogg/
F: package/libopenh264/
F: package/libpciaccess/
F: package/libplacebo/
F: package/libplatform/
F: package/libpng/
F: package/libsidplay2/
@@ -495,7 +478,6 @@ F: package/perl-uri/
F: package/perl-www-robotrules/
F: package/php/
F: package/pngquant/
F: package/postgresql/
F: package/pppd/
F: package/privoxy/
F: package/pure-ftpd/
@@ -591,7 +573,10 @@ F: package/jailhouse/
F: package/sunxi-boards/
N: Carsten Schoenert <c.schoenert@gmail.com>
F: package/dvbsnoop/
F: package/libdvbsi/
F: package/libsvg/
F: package/libsvg-cairo/
N: Cédric Chépied <cedric.chepied@gmail.com>
F: package/znc/
@@ -610,10 +595,6 @@ F: package/alsa-plugins/
N: Changming Huang <jerry.huang@nxp.com>
F: package/qoriq-cadence-dp-firmware/
N: Chen Pei <cp0613@linux.alibaba.com>
F: package/iniparser/
F: package/ndctl/
N: Chris Packham <judge.packham@gmail.com>
F: package/coremark/
F: package/coremark-pro/
@@ -805,14 +786,12 @@ N: Dario Binacchi <dario.binacchi@amarulasolutions.com>
F: board/bsh/
F: board/stmicroelectronics/stm32f746-disco/
F: board/stmicroelectronics/stm32f769-disco/
F: board/stmicroelectronics/stm32h747-disco/
F: boot/ti-k3-boot-firmware/
F: configs/imx6ulz_bsh_smm_m2_defconfig
F: configs/imx8mn_bsh_smm_s2_defconfig
F: configs/imx8mn_bsh_smm_s2_pro_defconfig
F: configs/stm32f746_disco_sd_defconfig
F: configs/stm32f769_disco_sd_defconfig
F: configs/stm32h747_disco_sd_defconfig
F: package/aespipe/
F: package/armadillo/
F: package/atf/
@@ -851,7 +830,9 @@ F: package/libtalloc/
N: David Lechner <david@lechnology.com>
F: board/lego/ev3/
F: configs/lego_ev3_defconfig
F: linux/linux-ext-ev3dev-linux-drivers.mk
F: package/brickd/
F: package/ev3dev-linux-drivers/
N: David Pierret <david.pierret@smile.fr>
F: package/bat/
@@ -891,7 +872,6 @@ N: Dimitar Tomov <dimi@tpm.dev>
F: package/wolftpm/
N: Dimitrios Siganos <dimitris@siganos.org>
F: package/bvi/
F: package/wireless-regdb/
N: Dmitry Chestnykh <dm.chestnykh@gmail.com>
@@ -899,6 +879,9 @@ F: board/qemu/sparc-ss10/
F: configs/qemu_sparc_ss10_defconfig
F: package/uclibc-ng-test/
N: Dominik Faessler <faessler@was.ch>
F: package/logsurfer/
N: Dominik Michael Rauh <dmrauh@posteo.de>
F: package/gdal/
@@ -1031,6 +1014,8 @@ F: package/openzwave/
N: Fabrice Fontaine <fontaine.fabrice@gmail.com>
F: package/bearssl/
F: package/belle-sip/
F: package/belr/
F: package/boinc/
F: package/cairo/
F: package/daq3/
@@ -1061,6 +1046,7 @@ F: package/libcue/
F: package/libebml/
F: package/libgee/
F: package/libglib2/
F: package/libgtk2/
F: package/libgtk3/
F: package/libhtp/
F: package/libidn/
@@ -1125,18 +1111,11 @@ N: Fiona Klute <fiona.klute@gmx.de>
F: package/*/S*
F: package/panel-mipi-dbi-firmware/
F: package/python-aiomqtt/
F: package/python-markdown-it-py/
F: package/python-mdurl/
F: package/python-platformdirs/
F: package/python-pyasynchat/
F: package/python-pyasyncore/
F: package/python-rich/
F: package/python-textual/
F: support/testing/tests/package/sample_python_networkmanager_goi.py
F: support/testing/tests/package/sample_python_pyroute2.py
F: support/testing/tests/package/test_nftables.py
F: support/testing/tests/package/test_python_networkmanager_goi.py
F: support/testing/tests/package/test_python_pyroute2.py
N: Flávio Tapajós <flavio.tapajos@newtesc.com.br>
F: configs/asus_tinker-s_rk3288_defconfig
@@ -1150,7 +1129,6 @@ F: package/cpulimit/
N: Florian Larysch <fl@n621.de>
F: package/casync-nano/
F: package/sigsum-go/
N: Floris Bos <bos@je-eigen-domein.nl>
F: package/ipmitool/
@@ -1172,25 +1150,33 @@ F: configs/sipeed_licheepi_nano_defconfig
F: configs/visionfive2_defconfig
N: Francois Perrad <francois.perrad@gadz.org>
F: board/freescale/ls1028ardb/
F: board/olimex/a20_olinuxino
F: board/olimex/imx233_olinuxino/
F: board/olimex/stmp1_olinuxino/
F: configs/ls1028ardb_defconfig
F: configs/olimex_a20_olinuxino_*
F: configs/olimex_imx233_olinuxino_defconfig
F: configs/olimex_stmp157_olinuxino_lime_defconfig
F: package/4th/
F: package/cgilua/
F: package/chipmunk/
F: package/cog/
F: package/collectl/
F: package/copas/
F: package/coxpcall/
F: package/dado/
F: package/ficl/
F: package/graphene/
F: package/janet/
F: package/libgtk4/
F: package/libtomcrypt/
F: package/libtommath/
F: package/libwpe/
F: package/linenoise/
F: package/ljlinenoise/
F: package/lua-inotify/
F: package/lmdb/
F: package/lpeg/
F: package/lpty/
F: package/lrandom/
@@ -1199,11 +1185,16 @@ F: package/lua*
F: package/lynis/
F: package/lzlib/
F: package/moarvm/
F: package/mstpd/
F: package/netsurf/
F: package/perl*
F: package/pkg-perl.mk
F: package/pkg-luarocks.mk
F: package/quickjs/
F: package/rings/
F: package/tekui/
F: package/wpebackend-fdo/
F: package/wpewebkit/
F: package/wsapi/
F: package/wsapi-fcgi/
F: package/wsapi-xavante/
@@ -1223,7 +1214,7 @@ F: package/sane-backends/
F: package/upx/
F: package/zxing-cpp/
N: Frank Vanbever <fvb@funkworks.be>
N: Frank Vanbever <frank.vanbever@mind.be>
F: package/libmodsecurity/
F: package/nginx-modsecurity/
@@ -1263,7 +1254,7 @@ F: package/cctz/
F: package/clpeak/
F: package/faad2/
F: package/fdk-aac/
F: package/ftxui/
F: package/hawktracer/
F: package/httping/
F: package/iozone/
F: package/leptonica/
@@ -1295,10 +1286,8 @@ F: configs/mangopi_mq1rdw2_defconfig
F: configs/olimex_a*
F: configs/rockpro64_defconfig
F: package/at/
F: package/bind/
F: package/binutils/
F: package/cryptsetup/
F: package/dash/
F: package/erlang-jiffy/
F: package/esp-hosted/
F: package/gcc/
@@ -1309,7 +1298,6 @@ F: package/liblo/
F: package/libnspr/
F: package/libnss/
F: package/libnvme/
F: package/libtirpc/
F: package/libtraceevent/
F: package/libtracefs
F: package/linux-tools/linux-tool-rtla.mk.in
@@ -1318,12 +1306,10 @@ F: package/minicom/
F: package/mongoose/
F: package/mmc-utils/
F: package/nfs-utils/
F: package/putty/
F: package/python-libconf/
F: package/python-uvloop/
F: package/qt5/
F: package/rockchip-mali/
F: package/rpcbind/
F: package/rtl8188eu/
F: package/rtl8189es/
F: package/rtl8192eu/
@@ -1337,13 +1323,9 @@ F: package/sunxi-mali-utgard-driver/
F: package/sunxi-tools/
F: package/swugenerator/
F: package/swupdate/
F: package/tmux/
F: package/trace-cmd/
F: package/udisks/
F: package/util-linux/
F: package/vim/
F: package/wilc-driver/
F: package/zlib-ng/
F: toolchain/
N: Graeme Smecher <gsmecher@threespeedlogic.com>
@@ -1381,6 +1363,7 @@ N: Guillaume Chaye <guillaume.chaye@zeetim.com>
F: package/sane-airscan/
N: Guillaume William Brs <guillaume.bressaix@gmail.com>
F: package/libnids/
F: package/libxcrypt/
F: package/liquid-dsp/
F: package/mbw/
@@ -1568,6 +1551,9 @@ N: Jan Havran <havran.jan@email.cz>
F: board/pine64/pinecube/
F: configs/pine64_pinecube_defconfig
N: Jan Heylen <jan.heylen@nokia.com>
F: package/opentracing-cpp/
N: Jan Kraval <jan.kraval@gmail.com>
F: board/orangepi/orangepi-lite
F: configs/orangepi_lite_defconfig
@@ -1634,6 +1620,7 @@ F: package/qt6/
N: Jianhui Zhao <zhaojh329@gmail.com>
F: package/libuhttpd/
F: package/libuwsc/
F: package/rtty/
N: Jiaxun Yang <jiaxun.yang@flygoat.com>
@@ -1712,7 +1699,10 @@ F: package/erlang-p1-yconf/
F: package/erlang-p1-zlib/
F: package/erlang-stun/
F: package/erlang-xmpp/
F: package/forge/
F: package/nginx-dav-ext/
F: package/vis-network/
F: package/vuejs/
N: John Stile <johns@msli.com>
F: package/dhcpcd/
@@ -1755,8 +1745,8 @@ F: support/testing/tests/package/test_zfs.py
N: Joseph Kogut <joseph.kogut@gmail.com>
F: package/at-spi2-core/
F: package/earlyoom/
F: package/gconf/
F: package/libnss/
F: package/llama-cpp/
F: package/llvm-project/clang/
F: package/llvm-project/lld/
F: package/llvm-project/llvm/
@@ -1795,6 +1785,9 @@ F: package/libmodbus/
F: package/ltris/
F: package/opentyrian/
N: Julien Corjon <corjon.j@ecagroup.com>
F: package/qt5/
N: Julien Grossholtz <julien.grossholtz@openest.io>
F: board/raspberrypi/
F: configs/raspberrypizero2w_defconfig
@@ -1821,6 +1814,7 @@ F: package/libopenmpt/
F: package/mokutil/
F: package/oath-toolkit/
F: package/octave/
F: package/ola/
F: package/openblas/
F: package/opencsd/
F: package/openmpi/
@@ -1850,8 +1844,6 @@ F: support/testing/tests/fs/test_btrfs.py
F: support/testing/tests/fs/test_btrfs/
F: support/testing/tests/fs/test_erofs.py
F: support/testing/tests/fs/test_erofs/
F: support/testing/tests/fs/test_xfs.py
F: support/testing/tests/fs/test_xfs/
F: support/testing/tests/package/sample_python_distro.py
F: support/testing/tests/package/sample_python_gnupg.py
F: support/testing/tests/package/sample_python_hwdata.py
@@ -1865,8 +1857,6 @@ F: support/testing/tests/package/test_4th.py
F: support/testing/tests/package/test_acl.py
F: support/testing/tests/package/test_acpica.py
F: support/testing/tests/package/test_acpica/
F: support/testing/tests/package/test_aichat.py
F: support/testing/tests/package/test_aichat/
F: support/testing/tests/package/test_apache.py
F: support/testing/tests/package/test_attr.py
F: support/testing/tests/package/test_audio_codec_base.py
@@ -1880,10 +1870,11 @@ F: support/testing/tests/package/test_btrfs_progs.py
F: support/testing/tests/package/test_btrfs_progs/
F: support/testing/tests/package/test_bzip2.py
F: support/testing/tests/package/test_compressor_base.py
F: support/testing/tests/package/test_connman.py
F: support/testing/tests/package/test_coremark.py
F: support/testing/tests/package/test_cryptsetup.py
F: support/testing/tests/package/test_cryptsetup/
F: support/testing/tests/package/test_ddrescue.py
F: support/testing/tests/package/test_ddrescue/
F: support/testing/tests/package/test_dieharder.py
F: support/testing/tests/package/test_dmidecode.py
F: support/testing/tests/package/test_dos2unix.py
@@ -1897,7 +1888,6 @@ F: support/testing/tests/package/test_exfatprogs.py
F: support/testing/tests/package/test_exfatprogs/
F: support/testing/tests/package/test_file.py
F: support/testing/tests/package/test_file/
F: support/testing/tests/package/test_flac.py
F: support/testing/tests/package/test_fluidsynth.py
F: support/testing/tests/package/test_fluidsynth/
F: support/testing/tests/package/test_fping.py
@@ -1935,8 +1925,6 @@ F: support/testing/tests/package/test_kmod.py
F: support/testing/tests/package/test_kmod/
F: support/testing/tests/package/test_kmscube.py
F: support/testing/tests/package/test_kmscube/
F: support/testing/tests/package/test_kvmtool.py
F: support/testing/tests/package/test_kvmtool/
F: support/testing/tests/package/test_lame.py
F: support/testing/tests/package/test_less.py
F: support/testing/tests/package/test_libcamera.py
@@ -1947,7 +1935,6 @@ F: support/testing/tests/package/test_libjxl.py
F: support/testing/tests/package/test_lighttpd.py
F: support/testing/tests/package/test_links.py
F: support/testing/tests/package/test_links/
F: support/testing/tests/package/test_llama_cpp.py
F: support/testing/tests/package/test_lrzip.py
F: support/testing/tests/package/test_lrzsz.py
F: support/testing/tests/package/test_ltp_testsuite.py
@@ -1982,9 +1969,10 @@ F: support/testing/tests/package/test_numactl.py
F: support/testing/tests/package/test_numactl/
F: support/testing/tests/package/test_oath_toolkit.py
F: support/testing/tests/package/test_octave.py
F: support/testing/tests/package/test_ola.py
F: support/testing/tests/package/test_ola/
F: support/testing/tests/package/test_openblas.py
F: support/testing/tests/package/test_openocd.py
F: support/testing/tests/package/test_opus_tools.py
F: support/testing/tests/package/test_parted.py
F: support/testing/tests/package/test_patch.py
F: support/testing/tests/package/test_patch/
@@ -2026,7 +2014,6 @@ F: support/testing/tests/package/test_tcl.py
F: support/testing/tests/package/test_tcl/
F: support/testing/tests/package/test_tcpdump.py
F: support/testing/tests/package/test_tesseract_ocr.py
F: support/testing/tests/package/test_tio.py
F: support/testing/tests/package/test_trace_cmd.py
F: support/testing/tests/package/test_trace_cmd/
F: support/testing/tests/package/test_tree.py
@@ -2104,7 +2091,6 @@ F: board/octavo/osd32mp1-brk/
F: board/octavo/osd32mp1-red/
F: configs/octavo_osd32mp1_brk_defconfig
F: configs/octavo_osd32mp1_red_defconfig
F: package/drm-info/
N: Kris Bahnsen <kris@embeddedTS.com>
F: package/wilc-firmware/
@@ -2143,6 +2129,9 @@ F: package/python-gunicorn/
F: support/testing/tests/package/sample_python_flask.py
F: support/testing/tests/package/test_python_flask.py
N: Lionel Orry <lionel.orry@gmail.com>
F: package/mongrel2/
N: Lothar Felten <lothar.felten@gmail.com>
F: board/bananapi/bananapi-m2-ultra/
F: board/beagleboard/beaglebone/
@@ -2211,29 +2200,7 @@ N: Mahyar Koshkouei <mahyar.koshkouei@gmail.com>
F: package/ffmpeg/
F: package/mpv/
F: package/rpi-firmware/
N: Manuel Diener <manuel.diener@oss.othermo.de>
F: package/pico-sdk/
F: package/picotool/
F: package/python-annotated-doc/
F: package/python-apscheduler/
F: package/python-crc/
F: package/python-diskcache/
F: package/python-django/
F: package/python-gpiod/
F: package/python-immutabledict/
F: package/python-jc/
F: package/python-log-rate-limit/
F: package/python-pydantic/
F: package/python-pydantic-core/
F: package/python-pydantic-settings/
F: package/python-typing-inspection/
F: package/python-tzlocal/
F: package/python-sdbus-modemmanager/
F: package/python-sdbus-systemd/
F: package/python-varlink/
F: package/python-waitress/
F: package/python-whitenoise/
F: package/rpi-userland/
N: Marcin Bis <marcin@bis.org.pl>
F: package/bluez5_utils/
@@ -2280,6 +2247,7 @@ F: support/testing/tests/package/test_python_pytest.py
F: support/testing/tests/package/test_python_pytest_asyncio.py
N: Marcus Folkesson <marcus.folkesson@gmail.com>
F: package/criu/
F: package/libcamera/
F: package/libcamera-apps/
F: package/libostree/
@@ -2294,20 +2262,40 @@ F: utils/diffconfig
N: Marcus Hoffmann <bubu@bubu1.eu>
F: package/nethogs/
F: package/pico-sdk/
F: package/picotool/
F: package/python-apscheduler/
F: package/python-crc/
F: package/python-django/
F: package/python-gpiod/
F: package/python-immutabledict/
F: package/python-jc/
F: package/python-varlink/
F: package/python-log-rate-limit/
F: package/python-pydantic/
F: package/python-pydantic-core/
F: package/python-pydantic-settings/
F: package/python-ruamel-yaml-clib/
F: package/python-typing-inspection/
F: package/python-tzlocal/
F: package/python-sdbus-modemmanager/
F: package/python-waitress/
F: package/python-whitenoise/
F: support/testing/tests/package/test_python_apscheduler.py
F: support/testing/tests/package/test_python_crc.py
F: support/testing/tests/package/test_python_django.py
F: support/testing/tests/package/test_python_requests.py
F: support/testing/tests/package/test_python_varlink.py
F: support/testing/tests/package/test_python_varlink/
F: support/testing/tests/package/test_python_fastapi.py
F: support/testing/tests/package/test_python_pydantic.py
F: support/testing/tests/package/test_python_pydantic_settings.py
F: support/testing/tests/package/test_python_ruamel_yaml.py
F: support/testing/tests/package/test_python_sdbus_modemmanager.py
F: support/testing/tests/package/test_python_tzlocal.py
F: support/testing/tests/package/test_python_waitress.py
F: support/testing/tests/package/test_python_whitenoise.py
F: support/testing/tests/package/sample_python_apscheduler.py
F: support/testing/tests/package/sample_python_crc.py
F: support/testing/tests/package/sample_python_django.py
F: support/testing/tests/package/sample_python_requests.py
F: support/testing/tests/package/sample_python_fastapi.py
F: support/testing/tests/package/sample_python_pydantic.py
F: support/testing/tests/package/sample_python_pydantic_settings.py
F: support/testing/tests/package/sample_python_ruamel_yaml.py
F: support/testing/tests/package/sample_python_sdbus_modemmanager.py
N: Marek Belisko <marek.belisko@open-nandra.com>
F: package/libatasmart/
@@ -2434,13 +2422,13 @@ N: Michael Nosthoff <buildroot@heine.tech>
F: package/boost/
F: package/catch2/
F: package/fmt/
F: package/grpc/
F: package/gtest/
F: package/json-for-modern-cpp/
F: package/libabseil-cpp/
F: package/libgpiod2/
F: package/networkd-dispatcher/
F: package/protobuf/
F: package/sdbus-cpp/
F: package/re2/
F: package/spdlog/
F: package/sqlitecpp/
@@ -2482,9 +2470,6 @@ F: package/libfribidi/
N: Mircea Gliga <gliga.mircea@gmail.com>
F: package/mbuffer/
N: Mohammed Sadik Shaik <s-sadik@ti.com>
F: package/k3conf/
N: Murat Demirten <mdemirten@yh.com.tr>
F: package/jpeg-turbo/
F: package/libgeotiff/
@@ -2498,7 +2483,6 @@ F: package/libgudev/
N: Neal Frager <neal.frager@amd.com>
F: board/versal/
F: board/versal2/
F: board/xilinx/
F: board/zynq/
F: board/zynqmp/
@@ -2506,9 +2490,7 @@ F: boot/xilinx-embeddedsw/
F: boot/xilinx-prebuilt/
F: configs/versal_vck190_defconfig
F: configs/versal_vek280_defconfig
F: configs/versal_vpk120_defconfig
F: configs/versal_vpk180_defconfig
F: configs/versal2_vek385_defconfig
F: configs/zynq_zc702_defconfig
F: configs/zynq_zc706_defconfig
F: configs/zynqmp_kria_kd240_defconfig
@@ -2741,9 +2723,6 @@ F: package/psplash/
F: package/sispmctl/
F: package/zsh/
N: Philip Molloy <philip@philipmolloy.com>
F: package/adsp-ldr/
N: Philipp Richter <richterphilipp.pops@gmail.com>
F: package/libtorrent-rasterbar/
@@ -2792,6 +2771,9 @@ F: package/libdvbpsi/
F: package/mraa/
F: package/synergy/
N: Prabhu Sannachi <prabhu.sannachi@collins.com>
F: package/redis-plus-plus/
N: Qais Yousef <qais.yousef@arm.com>
F: package/bpftrace/
@@ -2811,6 +2793,7 @@ F: package/glog/
F: package/gssdp/
F: package/gupnp/
F: package/gupnp-av/
F: package/let-me-create/
F: package/nanomsg/
N: Ralf Dragon <hypnotoad@lindra.de>
@@ -2859,6 +2842,9 @@ N: Refik Tuzakli <tuzakli.refik@gmail.com>
F: package/freescale-imx/
F: package/paho-mqtt-cpp/
N: Rémi Rérolle <remi.rerolle@gmail.com>
F: package/libfreeimage/
N: Renaud Aubin <root@renaud.io>
F: package/libhttpparser/
@@ -2909,6 +2895,7 @@ F: configs/qemu_*
F: configs/am574x_idk_defconfig
F: configs/beagleboneai64_defconfig
F: configs/beagley_ai_defconfig
F: package/alure/
F: package/aubio/
F: package/bcc/
F: package/binutils/
@@ -2940,6 +2927,7 @@ F: package/mesa3d/
F: package/minetest/
F: package/minetest-game/
F: package/ogre/
F: package/openpowerlink/
F: package/physfs/
F: package/piglit/
F: package/python-libevdev/
@@ -3002,6 +2990,7 @@ F: package/wlr-randr/
N: Semyon Kolganov <semenak94@mail.ru>
F: package/fmt/
F: package/libbson/
F: package/lua-resty-http/
F: package/mpir/
@@ -3059,6 +3048,9 @@ F: package/czmq/
F: package/filemq/
F: package/googlefontdirectory/
F: package/jansson/
F: package/jquery-ui/
F: package/jquery-ui-themes/
F: package/json-javascript/
F: package/lcdapi/
F: package/libfreefare/
F: package/libjson/
@@ -3074,6 +3066,7 @@ F: package/neard/
F: package/neardal/
F: package/owl-linux/
F: package/rapidjson/
F: package/sconeserver/
F: package/sound-theme-borealis/
F: package/sound-theme-freedesktop/
F: package/vlc/
@@ -3139,6 +3132,7 @@ F: package/libcli/
N: Steve Kenton <skenton@ou.edu>
F: package/dvdauthor/
F: package/dvdrw-tools/
F: package/memtest86/
F: package/mjpegtools/
F: package/udftools/
@@ -3181,14 +3175,17 @@ F: package/x265/
N: Thomas Bonnefille <thomas.bonnefille@bootlin.com>
F: board/pine64/star64
F: configs/pine64_star64_defconfig
F: package/starfive-spltool/
N: Thomas Claveirole <thomas.claveirole@green-communications.fr>
F: package/fcgiwrap/
F: package/openlayers/
F: package/vuejs/
F: package/vuejs-router/
N: Thomas Devoogdt <thomas@devoogdt.com>
F: package/fluent-bit/
F: package/libsoup3/
F: package/yq/
N: Thomas Huth <th.huth+br@posteo.eu>
F: package/ascii-invaders/
@@ -3198,8 +3195,6 @@ F: package/xorcurses/
N: Thomas Perale <thomas.perale@mind.be>
F: package/go/
F: utils/generate-cyclonedx
F: support/scripts/cve-check
F: support/scripts/cve.py
N: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
F: arch/Config.in.arm
@@ -3250,11 +3245,8 @@ F: package/pkg-autotools.mk
F: package/pkg-generic.mk
F: package/python3/
F: package/python-augeas/
F: package/python-crccheck/
F: package/python-flask-expects-json/
F: package/python-fs/
F: package/python-git/
F: package/python-pyfatfs/
F: package/python-qrcode/
F: package/python-serial/
F: package/python-unittest-xml-reporting/
@@ -3266,7 +3258,6 @@ F: package/rt-tests/
F: package/rtc-tools/
F: package/sam-ba/
F: package/scons/
F: package/snagboot/
F: package/squashfs/
F: package/tinifier/
F: package/wayland/
@@ -3283,17 +3274,10 @@ F: support/testing/tests/package/sample_python_git.py
F: support/testing/tests/package/sample_python_unittest_xml_reporting.py
F: support/testing/tests/package/test_nodejs.py
F: support/testing/tests/package/test_python_augeas.py
F: support/testing/tests/package/test_python_crccheck.py
F: support/testing/tests/package/test_python_flask.py
F: support/testing/tests/package/test_python_flask_expects_json.py
F: support/testing/tests/package/test_python_fs.py
F: support/testing/tests/package/test_python_git.py
F: support/testing/tests/package/test_python_pyfatfs.py
F: support/testing/tests/package/test_python_pyusb.py
F: support/testing/tests/package/test_python_serial.py
F: support/testing/tests/package/test_snagboot.py
F: support/testing/tests/package/test_python_unittest_xml_reporting.py
F: support/testing/tests/package/test_python_xmodem.py
F: support/testing/tests/toolchain/test_external_arm.py
F: toolchain/
@@ -3315,9 +3299,6 @@ F: package/kmemd/
N: Torben Voltmer <mail@t-voltmer.net>
F: package/espflash/
N: Trammell Hudson <hudson@trmm.net>
F: package/nqptp/
N: Tudor Holton <buildroot@tudorholton.com>
F: package/openjdk/
@@ -3355,8 +3336,6 @@ F: configs/nvidia_bf3_defconfig
F: package/bfscripts/
F: package/dpdk/
F: package/libecoli/
F: package/libyang-cpp/
F: package/sysrepo-cpp/
N: Vincent Prince <vincent.prince.fr@gmail.com>
F: package/nss-myhostname/
@@ -3364,12 +3343,10 @@ F: package/utp_com/
N: Vincent Stehlé <vincent.stehle@arm.com>
F: board/arm/fvp-ebbr/
F: board/compulab/iot-gate-imx8-ebbr/
F: board/pine64/rockpro64-ebbr/
F: board/qemu/aarch64-ebbr/
F: board/qemu/arm-ebbr/
F: configs/arm_fvp_ebbr_defconfig
F: configs/iot-gate-imx8_ebbr_defconfig
F: configs/qemu_aarch64_ebbr_defconfig
F: configs/qemu_arm_ebbr_defconfig
F: configs/rockpro64_ebbr_defconfig
@@ -3377,17 +3354,10 @@ F: package/edk2-non-osi/
F: support/testing/tests/boot/test_edk2.py
N: Vincent Stehlé <vincent.stehle@laposte.net>
F: arch/Config.in.hppa
F: arch/arch.mk.hppa
F: board/arm/foundation-v8/
F: board/bananapi/bananapi-m2-zero/
F: board/hp/9000/
F: board/qemu/hppa-b160l/
F: boot/palo/
F: configs/arm_foundationv8_defconfig
F: configs/bananapi_m2_zero_defconfig
F: configs/hp_9000_defconfig
F: configs/qemu_hppa_b160l_defconfig
F: configs/uevm5432_defconfig
F: package/i7z/
F: package/msr-tools/
@@ -3411,7 +3381,6 @@ F: package/qoriq-ddr-phy-binary/
F: package/qoriq-firmware-inphi/
F: package/qoriq-mc-binary/
F: package/qoriq-mc-utils/
F: package/qoriq-restool/
N: Volkov Viacheslav <sv99@inbox.ru>
F: package/v4l2grab/
@@ -3428,7 +3397,7 @@ F: configs/stm32f746_disco_sd_defconfig
F: package/asterisk/
F: package/evilwm/
F: package/fbv/
F: package/libpam-pkcs11/
F: package/libjwt/
F: package/mksh/
F: package/ruby/
F: package/uclibc/
@@ -3480,8 +3449,6 @@ F: package/tpm2-pkcs11/
N: Yann E. MORIN <yann.morin@orange.com>
F: .editorconfig
F: package/gpsd/
F: package/mosquitto/
F: package/python-humanfriendly/
F: package/skopeo/
N: Yegor Yefremov <yegorslists@googlemail.com>
@@ -3491,6 +3458,7 @@ F: package/acl/
F: package/attr/
F: package/avrdude/
F: package/boost/
F: package/bootstrap/
F: package/cannelloni/
F: package/can-utils/
F: package/circus/
@@ -3498,6 +3466,8 @@ F: package/dhcpcd/
F: package/feh/
F: package/hostapd/
F: package/imlib2/
F: package/jquery-datetimepicker/
F: package/jquery-sidebar/
F: package/kmod/
F: package/libftdi1/
F: package/libical/
@@ -3548,16 +3518,16 @@ F: utils/scanpypi
N: Yunhao Tian <t123yh.xyz@gmail.com>
F: package/libopenaptx/
N: Zoltan Gyarmati <mr.zoltan.gyarmati@gmail.com>
N: Zoltan Gyarmati <zgyarmati@zgyarmati.de>
F: package/crudini/
F: package/grantlee/
F: package/libusb/
F: package/libusb-compat/
F: package/proj/
F: package/python-iniparse/
F: package/qjson/
F: package/qt6/qt6core5compat/
F: package/quazip/
F: package/shapelib/
F: package/simple-mail/
F: package/tinc/
F: support/testing/tests/package/test_quazip.py

55
Makefile
View File

@@ -92,9 +92,9 @@ all:
.PHONY: all
# Set and export the version string
export BR2_VERSION := 2026.05-git
export BR2_VERSION := 2025.08.2
# Actual time the release is cut (for reproducible builds)
BR2_VERSION_EPOCH = 1772611600
BR2_VERSION_EPOCH = 1763674300
# Save running make version since it's clobbered by the make package
RUNNING_MAKE_VERSION := $(MAKE_VERSION)
@@ -125,8 +125,7 @@ endif
noconfig_targets := menuconfig nconfig gconfig xconfig config oldconfig randconfig \
defconfig %_defconfig allyesconfig allnoconfig alldefconfig syncconfig release \
randpackageconfig allyespackageconfig allnopackageconfig \
print-version olddefconfig distclean manual manual-% check-package \
check-package-external
print-version olddefconfig distclean manual manual-% check-package
# Some global targets do not trigger a build, but are used to collect
# metadata, or do various checks. When such targets are triggered,
@@ -602,16 +601,6 @@ prepare-sdk: world
@$(call MESSAGE,"Preparing the SDK")
$(INSTALL) -m 755 $(TOPDIR)/support/misc/relocate-sdk.sh $(HOST_DIR)/relocate-sdk.sh
mkdir -p $(HOST_DIR)/share/buildroot
(\
export LC_ALL=C; \
grep -lr '$(HOST_DIR)' '$(HOST_DIR)' | while read -r FILE; do \
if file -b --mime-type "$$FILE" | grep -q '^text/' && \
[ "$$FILE" != '$(HOST_DIR)/share/buildroot/sdk-location' ] && \
[ "$$FILE" != '$(HOST_DIR)/share/buildroot/sdk-relocs' ]; then \
echo "$$FILE"; \
fi; \
done \
) | sed -e 's|^$(HOST_DIR)|.|g' > $(HOST_DIR)/share/buildroot/sdk-relocs
echo $(HOST_DIR) > $(HOST_DIR)/share/buildroot/sdk-location
BR2_SDK_PREFIX ?= $(GNU_TARGET_NAME)_sdk-buildroot
@@ -792,12 +781,19 @@ endif
# For a merged /usr, ensure that /lib, /bin and /sbin and their /usr
# counterparts are appropriately setup as symlinks ones to the others.
@$(call MESSAGE,"Sanity check in overlays $(call qstrip,$(BR2_ROOTFS_OVERLAY))")
support/scripts/check-merged \
-t overlay \
$(if $(BR2_ROOTFS_MERGED_USR),-u) \
$(if $(BR2_ROOTFS_MERGED_BIN),-b) \
$(call qstrip,$(BR2_ROOTFS_OVERLAY))
ifeq ($(BR2_ROOTFS_MERGED_USR),y)
$(foreach d, $(call qstrip,$(BR2_ROOTFS_OVERLAY)), \
@$(call MESSAGE,"Sanity check in overlay $(d)")$(sep) \
$(Q)not_merged_dirs="$$(support/scripts/check-merged-usr.sh $(d))"; \
test -n "$$not_merged_dirs" && { \
echo "ERROR: The overlay in $(d) is not" \
"using a merged /usr for the following directories:" \
$$not_merged_dirs; \
exit 1; \
} || true$(sep))
endif # merged /usr
$(foreach d, $(call qstrip,$(BR2_ROOTFS_OVERLAY)), \
@$(call MESSAGE,"Copying overlay $(d)")$(sep) \
@@ -1266,29 +1262,10 @@ release:
print-version:
@echo $(BR2_VERSION_FULL)
# $(1): br2-external path
# $(2): br2-external description
define check-package-external
@$(call MESSAGE,"Checking packages in $(2)")
$(Q)if [ -r "$(1)/.checkpackageignore" ]; then \
ignore="--ignore-list=$(1)/.checkpackageignore" ; \
else \
ignore=""; \
fi ; \
$(TOPDIR)/utils/check-package \
--br2-external $${ignore} \
`git -C $(1) ls-tree -r --format='$(1)/%(path)' HEAD`
endef
check-package:
$(Q)./utils/check-package `git ls-tree -r --name-only HEAD` \
--ignore-list=$(TOPDIR)/.checkpackageignore
check-package-external:
$(foreach name,$(BR2_EXTERNAL_NAMES),\
$(call check-package-external,$(BR2_EXTERNAL_$(name)_PATH),\
$(BR2_EXTERNAL_$(name)_DESC))$(sep))
.PHONY: .checkpackageignore
.checkpackageignore:
$(Q)./utils/check-package --failed-only `git ls-tree -r --name-only HEAD` \

2
README
View File

@@ -3,7 +3,7 @@ Linux systems through cross-compilation.
The documentation can be found in docs/manual. You can generate a text
document with 'make manual-text' and read output/docs/manual/manual.text.
Online documentation can be found at https://buildroot.org/docs.html
Online documentation can be found at http://buildroot.org/docs.html
To build and use the buildroot stuff, do the following:

22
arch/Config.in
View File

@@ -29,6 +29,14 @@ config BR2_arcle
32-bit CPUs that can be used from deeply embedded to high
performance host applications. Little endian.
config BR2_arceb
bool "ARC (big endian)"
select BR2_USE_MMU
help
Synopsys' DesignWare ARC Processor Cores are a family of
32-bit CPUs that can be used from deeply embedded to high
performance host applications. Big endian.
config BR2_arm
bool "ARM (little endian)"
# MMU support is set by the subarchitecture file, arch/Config.in.arm
@@ -65,14 +73,6 @@ config BR2_aarch64_be
http://www.arm.com/products/processors/instruction-set-architectures/armv8-architecture.php
http://en.wikipedia.org/wiki/ARM
config BR2_hppa
bool "HPPA"
select BR2_USE_MMU
help
Precision Architecture (a.k.a. PA-RISC) is a 32-bit
(big endian) architecture developed by Hewlett Packard.
https://en.wikipedia.org/wiki/PA-RISC
config BR2_i386
bool "i386"
select BR2_USE_MMU
@@ -385,7 +385,7 @@ config BR2_BINFMT_SUPPORTS_SHARED
config BR2_READELF_ARCH_NAME
string
if BR2_arcle
if BR2_arcle || BR2_arceb
source "arch/Config.in.arc"
endif
@@ -393,10 +393,6 @@ if BR2_arm || BR2_armeb || BR2_aarch64 || BR2_aarch64_be
source "arch/Config.in.arm"
endif
if BR2_hppa
source "arch/Config.in.hppa"
endif
if BR2_loongarch64
source "arch/Config.in.loongarch"
endif

10
arch/Config.in.arc
View File

@@ -31,7 +31,7 @@ config BR2_archs38_full
bool "ARC HS38 with Quad MAC & FPU"
help
Fully featured ARC HS with additional support for
- Dual- and quad multiply and MC operations
- Dual- and quad multiply and MC oprations
- Double-precision FPU
It corresponds to "hs38_slc_full" ARC HS template in
@@ -59,17 +59,19 @@ config BR2_ARC_ATOMIC_EXT
default y if BR2_archs4x_rel31 || BR2_archs4x
config BR2_ARCH
default "arc"
default "arc" if BR2_arcle
default "arceb" if BR2_arceb
config BR2_NORMALIZED_ARCH
default "arc"
config BR2_arc
bool
default y
default y if BR2_arcle || BR2_arceb
config BR2_ENDIAN
default "LITTLE"
default "LITTLE" if BR2_arcle
default "BIG" if BR2_arceb
config BR2_GCC_TARGET_CPU
default "arc700" if BR2_arc750d

28
arch/Config.in.arm
View File

@@ -498,12 +498,6 @@ config BR2_tsv110
select BR2_ARCH_NEEDS_GCC_AT_LEAST_9
comment "armv8.4a cores"
config BR2_neoverse_v1
bool "neoverse-V1 (aka zeus)"
depends on BR2_ARCH_IS_64
select BR2_ARM_CPU_HAS_FP_ARMV8
select BR2_ARM_CPU_ARMV8A
select BR2_ARCH_NEEDS_GCC_AT_LEAST_11
config BR2_saphira
bool "saphira"
depends on BR2_ARCH_IS_64
@@ -524,12 +518,6 @@ config BR2_neoverse_n2
select BR2_ARM_CPU_HAS_FP_ARMV8
select BR2_ARM_CPU_ARMV9A
select BR2_ARCH_NEEDS_GCC_AT_LEAST_11
config BR2_neoverse_v2
bool "neoverse-V2 (aka demeter)"
depends on BR2_ARCH_IS_64
select BR2_ARM_CPU_HAS_FP_ARMV8
select BR2_ARM_CPU_ARMV9A
select BR2_ARCH_NEEDS_GCC_AT_LEAST_13
comment "armv9.2a cores"
config BR2_cortex_a720
@@ -538,18 +526,6 @@ config BR2_cortex_a720
select BR2_ARM_CPU_HAS_FP_ARMV8
select BR2_ARM_CPU_ARMV9A
select BR2_ARCH_NEEDS_GCC_AT_LEAST_14
config BR2_neoverse_v3
bool "neoverse-V3 (aka poseidon)"
depends on BR2_ARCH_IS_64
select BR2_ARM_CPU_HAS_FP_ARMV8
select BR2_ARM_CPU_ARMV9A
select BR2_ARCH_NEEDS_GCC_AT_LEAST_15
config BR2_neoverse_v3ae
bool "neoverse-V3AE (aka poseidon)"
depends on BR2_ARCH_IS_64
select BR2_ARM_CPU_HAS_FP_ARMV8
select BR2_ARM_CPU_ARMV9A
select BR2_ARCH_NEEDS_GCC_AT_LEAST_15
endchoice
config BR2_ARM_ENABLE_NEON
@@ -942,16 +918,12 @@ config BR2_GCC_TARGET_CPU
default "neoverse-n1" if BR2_neoverse_n1
default "tsv110" if BR2_tsv110
# armv8.4a
default "neoverse-v1" if BR2_neoverse_v1
default "saphira" if BR2_saphira
# armv9.0a
default "cortex-a710" if BR2_cortex_a710
default "neoverse-n2" if BR2_neoverse_n2
default "neoverse-v2" if BR2_neoverse_v2
# armv9.2a
default "cortex-a720" if BR2_cortex_a720
default "neoverse-v3" if BR2_neoverse_v3
default "neoverse-v3ae" if BR2_neoverse_v3ae
config BR2_GCC_TARGET_ABI
default "aapcs-linux" if BR2_arm || BR2_armeb

22
arch/Config.in.hppa
View File

@@ -1,22 +0,0 @@
choice
prompt "Target Architecture Type"
help
Architecture type (or version) to use.
config BR2_parisc10
bool "PA-RISC 1.0"
config BR2_parisc11
bool "PA-RISC 1.1"
endchoice
config BR2_ARCH
default "hppa"
config BR2_NORMALIZED_ARCH
default "parisc"
config BR2_ENDIAN
default "BIG"
config BR2_READELF_ARCH_NAME
default "HPPA"

7
arch/Config.in.riscv
View File

@@ -45,13 +45,6 @@ config BR2_RISCV_ISA_RVV
bool "Vector Instructions (V)"
select BR2_ARCH_NEEDS_GCC_AT_LEAST_12
config BR2_RISCV_ISA_EXTRA
string "Append extra RISC-V ISA extensions"
help
Extra ISA extensions to append to the ISA extensions string.
They are underscore-separated. For example,
"zba_zbb_zvl256b".
choice
prompt "Target Architecture Size"
default BR2_RISCV_64

13
arch/arch.mk.hppa
View File

@@ -1,13 +0,0 @@
#
# Configure the GCC_TARGET_ARCH variable.
#
ifeq ($(BR2_hppa),y)
ifeq ($(BR2_parisc10),y)
GCC_TARGET_ARCH := 1.0
else ifeq ($(BR2_parisc11),y)
GCC_TARGET_ARCH := 1.1
endif
endif

5
arch/arch.mk.riscv
View File

@@ -39,9 +39,4 @@ ifeq ($(BR2_TOOLCHAIN_GCC_AT_LEAST_12),y)
GCC_TARGET_ARCH := $(GCC_TARGET_ARCH)_zicsr_zifencei
endif
ARCH_RISV_ISA_EXTRA = $(call qstrip, $(BR2_RISCV_ISA_EXTRA))
ifneq ($(ARCH_RISV_ISA_EXTRA),)
GCC_TARGET_ARCH := $(GCC_TARGET_ARCH)_$(ARCH_RISV_ISA_EXTRA)
endif
endif

2
board/aarch64-efi/genimage-efi.cfg
View File

@@ -24,7 +24,7 @@ image disk.img {
}
partition root {
partition-type-uuid = root-arm64
partition-type-uuid = b921b045-1df0-41c3-af44-4c6f280d3fae
image = "rootfs.ext2"
}
}

0
board/andes/ae350/patches/linux-headers/linux-headers.hash → board/aarch64-efi/patches/linux-headers/linux-headers.hash
View File

2
board/aarch64-efi/patches/linux/linux.hash
View File

@@ -1,2 +1,2 @@
# From https://www.kernel.org/pub/linux/kernel/v6.x/sha256sums.asc
sha256 8d1934a72a185f1be6b56e3ad8ea31fd9a381ffec0346c69f06c90d776da7cb8 linux-6.18.14.tar.xz
sha256 62148e7e17f54c4a5ab5e75ad4882682c54bee818948be61a5963234fc0849fc linux-6.11.11.tar.xz

4
board/acmesystems/acqua-a5/dts/microchip/at91-sama5d3_acqua.dts
View File

@@ -281,11 +281,11 @@
status = "disabled";
};
usb1: usb@600000 {
usb1: ohci@600000 {
status = "okay";
};
usb2: usb@700000 {
usb2: ehci@700000 {
status = "okay";
};

4
board/acmesystems/acqua-a5/patches/linux/linux.hash
View File

@@ -1,2 +1,2 @@
# From https://www.kernel.org/pub/linux/kernel/v6.x/sha256sums.asc
sha256 37f0c5d5c242c1d604e87d48f08795e861a5a85f725b4ca11d0a538f12ff8cff linux-6.18.8.tar.xz
# Locally calculated
sha256 6b19a3ae99423de2416964d67251d745910277af258b4c4c63e88fd87dbf0e27 linux-6.12.41.tar.xz

4
board/amarula/vyasa/patches/linux/linux.hash
View File

@@ -1,2 +1,2 @@
# From https://www.kernel.org/pub/linux/kernel/v6.x/sha256sums.asc
sha256 37f0c5d5c242c1d604e87d48f08795e861a5a85f725b4ca11d0a538f12ff8cff linux-6.18.8.tar.xz
# Locally calculated
sha256 880ace63ca2291b8b639e9bd862cc828649d3e1e00ccfee5861473debd2e4dec linux-6.1.91.tar.xz

2
board/amarula/vyasa/patches/uboot/uboot.hash
View File

@@ -1,2 +1,2 @@
# Locally calculated
sha256 b60d5865cefdbc75da8da4156c56c458e00de75a49b80c1a2e58a96e30ad0d54 u-boot-2026.01.tar.bz2
sha256 50b4482a505bc281ba8470c399a3c26e145e29b23500bc35c50debd7fa46bdf8 u-boot-2022.10.tar.bz2

2
board/andes/ae350/patches/linux/linux.hash
View File

@@ -1,2 +0,0 @@
# Locally calculated
sha256 c71af3d2c86c0a0deca4f54b51d1c35217082b030052cc3513dc42e852652733 linux-v6.0.y-andes.tar.gz

2
board/andes/ae350/patches/opensbi/opensbi.hash
View File

@@ -1,2 +0,0 @@
# Locally calculated
sha256 d11702103f177a2914e94eec57ce5ed820296d874f6b6525c4482e55d71a3667 opensbi-1.6.tar.gz

38
board/andes/ae350/patches/uboot/0001-mmc-ftsdc010_mci-Support-DTS-of-ftsdc010-driver-for-.patch Normal file
View File

@@ -0,0 +1,38 @@
From 16aad5594e08550295ea3c12c1c9ed6f64774748 Mon Sep 17 00:00:00 2001
From: Rick Chen <rick@andestech.com>
Date: Tue, 29 Mar 2022 13:41:10 +0800
Subject: [PATCH] mmc: ftsdc010_mci: Support DTS of ftsdc010 driver for
generic dma
The ftsdc010 driver has been implemented for generic dma in Linux
kernel. And its compatible is andestech,atfsdc010g to distinguish
the legacy andestech,atfsdc010 which is not for generic dma.
Althought the ftsdc010_mci driver in U-Boot does not use dma, but
it still can work well with the mmc node for generic dma. So add
the compatible string to support it.
Signed-off-by: Rick Chen <rick@andestech.com>
Upstream-Status: Pending
Signed-off-by: Yu Chien Peter Lin <peterlin@andestech.com>
---
drivers/mmc/ftsdc010_mci.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/drivers/mmc/ftsdc010_mci.c b/drivers/mmc/ftsdc010_mci.c
index 570d54cf9d..65b1d447a8 100644
--- a/drivers/mmc/ftsdc010_mci.c
+++ b/drivers/mmc/ftsdc010_mci.c
@@ -460,6 +460,7 @@ int ftsdc010_mmc_bind(struct udevice *dev)
static const struct udevice_id ftsdc010_mmc_ids[] = {
{ .compatible = "andestech,atfsdc010" },
+ { .compatible = "andestech,atfsdc010g" },
{ }
};
--
2.34.1

42
board/andes/ae350/patches/uboot/0002-spl-Align-device-tree-blob-address-at-8-byte-boundar.patch Normal file
View File

@@ -0,0 +1,42 @@
From 933ad8a59f7fd9b2088badc3e97167d750a40b5a Mon Sep 17 00:00:00 2001
From: Bin Meng <bmeng.cn@gmail.com>
Date: Mon, 12 Jul 2021 11:52:31 +0800
Subject: [PATCH] spl: Align device tree blob address at 8-byte boundary
Since libfdt v1.6.1, a new requirement on the device tree address via:
commit 5e735860c478 ("libfdt: Check for 8-byte address alignment in fdt_ro_probe_()")
must be met that the device tree must be loaded in to memory at an
8-byte aligned address.
Signed-off-by: Bin Meng <bmeng.cn@gmail.com>
This patch was imported from U-boot patchwork:
https://patchwork.ozlabs.org/project/uboot/patch/20210712035231.26475-1-bmeng.cn@gmail.com/
Signed-off-by: Yu Chien Peter Lin <peterlin@andestech.com>
---
common/spl/spl_fit.c | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/common/spl/spl_fit.c b/common/spl/spl_fit.c
index a35be529..a76ad14a 100644
--- a/common/spl/spl_fit.c
+++ b/common/spl/spl_fit.c
@@ -382,6 +382,12 @@ static int spl_fit_append_fdt(struct spl_image_info *spl_image,
*/
image_info.load_addr = spl_image->load_addr + spl_image->size;
+ /*
+ * Since libfdt v1.6.1, the device tree must be loaded in to memory
+ * at an 8-byte aligned address.
+ */
+ image_info.load_addr = roundup(image_info.load_addr, 8);
+
/* Figure out which device tree the board wants to use */
node = spl_fit_get_image_node(ctx, FIT_FDT_PROP, index++);
if (node < 0) {
--
2.34.1

2
board/andes/ae350/patches/uboot/uboot.hash
View File

@@ -1,2 +0,0 @@
# Locally calculated
sha256 0f933f6c5a426895bf306e93e6ac53c60870e4b54cda56d95211bec99e63bec7 u-boot-2025.07.tar.bz2

4
board/arm/fvp-ebbr/fvp-config.txt
View File

@@ -1,10 +1,6 @@
# Arm A-Profile Base RevC AEM FVP config
bp.secure_memory=1
bp.terminal_1.start_telnet=0
bp.ve_sysregs.exit_on_shutdown=1
bp.virtio_net.enabled=1
bp.virtio_net.hostbridge.userNetworking=1
bp.vis.rate_limit-enable=1
cache_state_modelled=0
cluster0.NUM_CORES=4
cluster0.cpu0.enable_crc32=1

2
board/arm/fvp-ebbr/patches/arm-trusted-firmware/arm-trusted-firmware.hash
View File

@@ -1,2 +1,2 @@
# Locally calculated
sha256 a899100d9d92ceb1290fd4d61f5dd3b8af6b0e937cebc3c711cb514ac5acfaed arm-trusted-firmware-v2.14.0-git4.tar.gz
sha256 c0f23ccc71c49989e9ad238acf334473c17b7c88f79a20c829c3d443e3794a22 arm-trusted-firmware-v2.11-git4.tar.gz

4
board/arm/fvp-ebbr/patches/linux/linux.hash
View File

@@ -1,2 +1,2 @@
# From https://cdn.kernel.org/pub/linux/kernel/v6.x/sha256sums.asc
sha256 9106a4605da9e31ff17659d958782b815f9591ab308d03b0ee21aad6c7dced4b linux-6.18.tar.xz
# From https://www.kernel.org/pub/linux/kernel/v6.x/sha256sums.asc
sha256 524858852f5869a9ef17de8b1e6e7faf05bcb2c462bc96b3c24dbf82ede373cf linux-6.10.12.tar.xz

2
board/arm/fvp-ebbr/patches/optee-client/optee-client.hash
View File

@@ -1,2 +0,0 @@
# Locally calculated
sha256 464b3bf5bc4a61830357dbf81a0e5b89414d3bca1c2a752570cb0e40d2f1e637 optee-client-4.8.0.tar.gz

34
board/arm/fvp-ebbr/patches/optee-os/0001-plat-vexpress-redirect-console-to-uart0.patch
View File

@@ -1,34 +0,0 @@
From 1debd0c8bd46255f8c22b128ec16586ef9154869 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Vincent=20Stehl=C3=A9?= <vincent.stehle@arm.com>
Date: Tue, 2 Dec 2025 15:53:23 +0100
Subject: [PATCH] plat-vexpress: redirect console to uart0
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
For consistency with TF-A, U-Boot and Linux.
Upstream: Not applicable. Buildroot specific.
Signed-off-by: Vincent Stehlé <vincent.stehle@arm.com>
---
core/arch/arm/plat-vexpress/platform_config.h | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/core/arch/arm/plat-vexpress/platform_config.h b/core/arch/arm/plat-vexpress/platform_config.h
index 9231f3048..76c7fdb36 100644
--- a/core/arch/arm/plat-vexpress/platform_config.h
+++ b/core/arch/arm/plat-vexpress/platform_config.h
@@ -23,8 +23,8 @@
#define IT_UART1 38
-#define CONSOLE_UART_BASE UART1_BASE
-#define IT_CONSOLE_UART IT_UART1
+#define CONSOLE_UART_BASE UART0_BASE
+#undef IT_CONSOLE_UART
#elif defined(PLATFORM_FLAVOR_juno)
--
2.51.0

2
board/arm/fvp-ebbr/patches/optee-os/optee-os.hash
View File

@@ -1,2 +0,0 @@
# Locally calculated
sha256 5222cd553f5edb69ae4ec7cb99b2bfec2c47a47c0be1865b49744701918e8b4d optee-os-4.8.0.tar.gz

2
board/arm/fvp-ebbr/patches/uboot/uboot.hash
View File

@@ -1,2 +1,2 @@
# Locally calculated
sha256 b4f032848e56cc8f213ad59f9132c084dbbb632bc29176d024e58220e0efdf4a u-boot-2025.10.tar.bz2
sha256 f591da9ab90ef3d6b3d173766d0ddff90c4ed7330680897486117df390d83c8f u-boot-2024.07.tar.bz2

65
board/arm/fvp-ebbr/readme.txt
View File

@@ -2,7 +2,7 @@ Introduction
============
The arm_fvp_ebbr_defconfig is meant to illustrate some aspects of the Arm EBBR
specification[1] and the Arm SystemReady Devicetree band[2].
specification[1] and the Arm SystemReady IR[2] compliance program.
It allows building an AArch64 U-Boot based firmware implementing the subset of
UEFI defined by EBBR, as well as a Linux OS disk image booting with UEFI, to run
on the Arm A-Profile Base RevC AEM FVP.
@@ -26,8 +26,8 @@ Running on the FVP
Download the FVP from one of the following sources, corresponding to your host
computer:
- https://developer.arm.com/-/cdn-downloads/permalink/FVPs-Architecture/FM-11.30/FVP_Base_RevC-2xAEMvA_11.30_27_Linux64.tgz
- https://developer.arm.com/-/cdn-downloads/permalink/FVPs-Architecture/FM-11.30/FVP_Base_RevC-2xAEMvA_11.30_27_Linux64_armv8l.tgz
- https://developer.arm.com/-/cdn-downloads/permalink/Fixed-Virtual-Platforms/FM-11.27/FVP_Base_RevC-2xAEMvA_11.27_19_Linux64.tgz
- https://developer.arm.com/-/cdn-downloads/permalink/Fixed-Virtual-Platforms/FM-11.27/FVP_Base_RevC-2xAEMvA_11.27_19_Linux64_armv8l.tgz
The FVP will be located under one of the corresponding folders:
@@ -53,58 +53,21 @@ supporting the EBBR specification.
To run another OS on simulation using a live or pre-installed image, use the
same FVP command line as for the generated OS but adapt the OS image path in the
virtioblockdevice stanza.
The image generated by the aarch64_efi_defconfig or the Arm ACS Devicetree
images[3] are examples of pre-installed OS images.
Linux distributions such as Debian, Fedora, openSUSE or Ubuntu, or FreeBSD
provide live or pre-installed OS image.
Firmware details
================
Noteworthy firmware features:
- TF-A, OP-TEE & U-Boot
- UEFI, with EFI variables stored on disk in the ESP
- Support for ethernet, RTC and LCD
Architecture diagram:
Non-Secure : Secure
:
+---------------------------+ :
EL0 | Busybox | :
+---------------------------+ : +--------+
EL1 | Linux | : | OP-TEE | S-EL1
+---------------------------+ : +--------+
EL2 | U-Boot, GRUB, Linux (kvm) | :
+---------------------------+ :
...................................:
+----------------------------------------+
| TF-A | EL3
+----------------------------------------+
Boot flow:
TF-A -+-> OP-TEE
`-> U-Boot -> GRUB -> Linux -> Busybox
TF-A BL1 loads the fit image with the remaining pieces of TF-A, OP-TEE and
U-Boot.
OP-TEE boots, calls back TF-A to go to normal world.
U-Boot loads GRUB with UEFI, boots Linux at EL2.
In this configuration, the Devicetree is static and fully contained in TF-A.
The image generated by the aarch64_efi_defconfig or the Arm ACS-IR images[3] are
examples of pre-installed OS images.
Linux distributions such as Debian, Fedora, openSUSE or Ubuntu provide a
pre-installed OS image.
Miscellaneous
=============
This configuration is inspired by the arm_foundationv8_defconfig, the
qemu_aarch64_virt_defconfig and the Arm SystemReady Devicetree Band Integration
and Testing Guide[4].
qemu_aarch64_virt_defconfig and the Arm SystemReady IR IoT Integration, Test,
and Certification Guide[4].
Firmware update, GOP, MMC and RNG are currently not supported.
Firmware update, MMC and network are currently not supported.
[1] https://github.com/ARM-software/ebbr
[2] https://www.arm.com/architecture/system-architectures/systemready-compliance-program/systemready-devicetree-band
[3] https://github.com/ARM-software/arm-systemready/tree/main/SystemReady-devicetree-band/prebuilt_images
[4] https://developer.arm.com/documentation/DUI1101/latest/
[1]: https://github.com/ARM-software/ebbr
[2]: https://developer.arm.com/Architectures/Arm%20SystemReady%20IR
[3]: https://github.com/ARM-software/arm-systemready/tree/main/IR/prebuilt_images
[4]: https://developer.arm.com/documentation/DUI1101/latest/

5
board/arm/fvp-ebbr/u-boot.fragment
View File

@@ -1,4 +1,4 @@
CONFIG_ARM_SMCCC_FEATURES=y
# CONFIG_USE_BOOTCOMMAND is not set
CONFIG_BOOTCOMMAND="bootflow scan -lb"
CONFIG_BOOTMETH_DISTRO=y
CONFIG_BOOTM_EFI=y
@@ -17,10 +17,8 @@ CONFIG_CMD_EFI_VARIABLE_FILE_STORE=y
CONFIG_CMD_GETTIME=y
CONFIG_CMD_GPT=y
CONFIG_CMD_NVEDIT_EFI=y
CONFIG_CMD_POWEROFF=y
CONFIG_CMD_RNG=y
CONFIG_CMD_RTC=y
CONFIG_CMD_SMC=y
CONFIG_CMD_TIME=y
CONFIG_DM_RNG=y
CONFIG_DM_RTC=y
@@ -31,7 +29,6 @@ CONFIG_EFI_LOADER=y
CONFIG_EFI_LOADER_HII=y
CONFIG_EFI_MM_COMM_TEE=y
CONFIG_EFI_PARTITION=y
CONFIG_EFI_RUNTIME_UPDATE_CAPSULE=y
CONFIG_EFI_SECURE_BOOT=y
CONFIG_EFI_SET_TIME=y
CONFIG_EFI_UNICODE_CAPITALIZATION=y

6
board/aspeed/ast2500-evb/genimage.cfg
View File

@@ -30,11 +30,11 @@ image flash.img {
partition fitimage {
image = "image.itb"
offset = 512K
size = 7000K
size = 4352K
}
partition spare {
offset = 7512K
size = 25256K
offset = 4864K
size = 27904K
}
}

2
board/aspeed/ast2500-evb/patches/linux/linux.hash
View File

@@ -1,2 +0,0 @@
# From https://www.kernel.org/pub/linux/kernel/v6.x/sha256sums.asc
sha256 5be3daa1f9427b1bdb34c4894d9c1adfac38cff674376fe0611a3065729a1a81 linux-6.16.7.tar.xz

2
board/aspeed/ast2500-evb/patches/uboot/uboot.hash
View File

@@ -1,2 +0,0 @@
# Locally calculated
sha256 0f933f6c5a426895bf306e93e6ac53c60870e4b54cda56d95211bec99e63bec7 u-boot-2025.07.tar.bz2

2
board/aspeed/ast2600-evb/patches/linux/linux.hash
View File

@@ -1,2 +0,0 @@
# From https://www.kernel.org/pub/linux/kernel/v6.x/sha256sums.asc
sha256 5be3daa1f9427b1bdb34c4894d9c1adfac38cff674376fe0611a3065729a1a81 linux-6.16.7.tar.xz

2
board/aspeed/ast2600-evb/patches/uboot/uboot.hash
View File

@@ -1,2 +0,0 @@
# Locally calculated
sha256 16da36d1832f058cf1a6673b6a2eedeef1260576c15e76c4998e30d0fb13d339 uboot-66672e5af36fe294df56f8e7942069e3909f3790-git4.tar.gz

4
board/aspeed/common/post-image.sh
View File

@@ -3,8 +3,8 @@
BOARD_DIR="$(dirname $0)"
mkimage=$HOST_DIR/bin/mkimage
BOARD_DT=$(sed -nr \
-e 's|^BR2_LINUX_KERNEL_INTREE_DTS_NAME="(aspeed/)?([a-z0-9\-]*).*"$|\2|p' \
BOARD_DT=$(sed -n \
's/^BR2_LINUX_KERNEL_INTREE_DTS_NAME="\([a-z0-9\-]*\).*"$/\1/p' \
${BR2_CONFIG})
sed -e "s/%BOARD_DTB%/${BOARD_DT}.dtb/" \

2
board/asus/tinker/patches/linux/linux.hash
View File

@@ -1,2 +0,0 @@
# From https://www.kernel.org/pub/linux/kernel/v6.x/sha256sums.asc
sha256 37f0c5d5c242c1d604e87d48f08795e861a5a85f725b4ca11d0a538f12ff8cff linux-6.18.8.tar.xz

2
board/asus/tinker/patches/uboot/uboot.hash
View File

@@ -1,2 +0,0 @@
# Locally computed
sha256 b60d5865cefdbc75da8da4156c56c458e00de75a49b80c1a2e58a96e30ad0d54 u-boot-2026.01.tar.bz2

2
board/bananapi/bananapi-m2-berry/patches/linux/linux.hash
View File

@@ -1,2 +0,0 @@
# From https://www.kernel.org/pub/linux/kernel/v6.x/sha256sums.asc
sha256 37f0c5d5c242c1d604e87d48f08795e861a5a85f725b4ca11d0a538f12ff8cff linux-6.18.8.tar.xz

2
board/bananapi/bananapi-m2-berry/patches/uboot/uboot.hash
View File

@@ -1,2 +0,0 @@
# Locally calculated
sha256 b60d5865cefdbc75da8da4156c56c458e00de75a49b80c1a2e58a96e30ad0d54 u-boot-2026.01.tar.bz2

2
board/bananapi/bananapi-m2-ultra/patches/linux/linux.hash
View File

@@ -1,2 +0,0 @@
# From https://www.kernel.org/pub/linux/kernel/v6.x/sha256sums.asc
sha256 37f0c5d5c242c1d604e87d48f08795e861a5a85f725b4ca11d0a538f12ff8cff linux-6.18.8.tar.xz

2
board/bananapi/bananapi-m2-ultra/patches/uboot/uboot.hash
View File

@@ -1,2 +0,0 @@
# Locally calculated
sha256 b60d5865cefdbc75da8da4156c56c458e00de75a49b80c1a2e58a96e30ad0d54 u-boot-2026.01.tar.bz2

1
board/beagleboard/beaglebone/genimage.cfg
View File

@@ -12,7 +12,6 @@ image boot.vfat {
"am335x-bonegreen.dtb",
"am335x-boneblack-wireless.dtb",
"am335x-bonegreen-wireless.dtb",
"am335x-bonegreen-eco.dtb",
"extlinux"
}
}

4
board/beagleboard/beaglebone/patches/linux/linux.hash
View File

@@ -1,2 +1,2 @@
# From https://cdn.kernel.org/pub/linux/kernel/v6.x/sha256sums.asc
sha256 d0a78bf3f0d12aaa10af3b5adcaed5bc767b5b78705e5ef885d5e930b72e25d5 linux-6.18.1.tar.xz
# Locally calculated
sha256 1db327d0743e97ec725fefe05065a6fb779abe3063845fc3b551a4a716247c0a linux-6.12.34-ti-arm32-r12.tar.gz

2
board/beagleboard/beaglebone/patches/uboot/uboot.hash
View File

@@ -1,2 +1,2 @@
# Locally calculated
sha256 b60d5865cefdbc75da8da4156c56c458e00de75a49b80c1a2e58a96e30ad0d54 u-boot-2026.01.tar.bz2
sha256 0f933f6c5a426895bf306e93e6ac53c60870e4b54cda56d95211bec99e63bec7 u-boot-2025.07.tar.bz2

8
board/beagleboard/beaglebone/post-build.sh
View File

@@ -1,8 +1,6 @@
#!/bin/sh
set -eu
BOARD_DIR="$(dirname $0)"
BOARD_DIR="$(dirname "$0")"
cp $BOARD_DIR/uEnv.txt $BINARIES_DIR/uEnv.txt
cp "${BOARD_DIR}/uEnv.txt" "${BINARIES_DIR}/uEnv.txt"
install -m 0644 -D "${BOARD_DIR}/extlinux.conf" "${BINARIES_DIR}/extlinux/extlinux.conf"
install -m 0644 -D $BOARD_DIR/extlinux.conf $BINARIES_DIR/extlinux/extlinux.conf

1
board/beagleboard/beaglebone/readme.txt
View File

@@ -31,7 +31,6 @@ output/images/
+-- am335x-boneblack-wireless.dtb
+-- am335x-boneblue.dtb
+-- am335x-bonegreen.dtb
+-- am335x-bonegreen-eco.dtb
+-- am335x-bonegreen-wireless.dtb
+-- am335x-bone.dtb
+-- am335x-evm.dtb

2
board/beagleboard/beagleboneai/genimage.cfg
View File

@@ -19,7 +19,7 @@ image sdcard.img {
partition u-boot {
partition-type = 0xC
bootable = "true"
image = "boot.vfat"
image = "boot.vfat"
}
partition rootfs {

2
board/beagleboard/beagleboneai64/patches/arm-trusted-firmware/arm-trusted-firmware.hash Normal file
View File

@@ -0,0 +1,2 @@
# Locally calculated
sha256 7efa89e1b4e4106ee05d68e876c8efbb146364d89cfd5d26bf4647b09c08f32b arm-trusted-firmware-v2.10-git4.tar.gz

0
board/asus/tinker/patches/linux-headers/linux-headers.hash → board/beagleboard/beagleboneai64/patches/linux-headers/linux-headers.hash
View File

4
board/beagleboard/beagleboneai64/patches/linux/linux.hash
View File

@@ -1,2 +1,2 @@
# From https://www.kernel.org/pub/linux/kernel/v6.x/sha256sums.asc
sha256 4f21c01f4d04c1d1b3ed794153f8900802c92497be620b07c4869530f2d28ee3 linux-6.18.16.tar.xz
# Locally calculated
sha256 b66a5b863b0f8669448b74ca83bd641a856f164b29956e539bbcb5fdeeab9cc6 linux-6.6.30.tar.xz

2
board/beagleboard/beagleboneai64/patches/ti-k3-r5-loader/ti-k3-r5-loader.hash
View File

@@ -1,2 +1,2 @@
# Locally calculated
sha256 b60d5865cefdbc75da8da4156c56c458e00de75a49b80c1a2e58a96e30ad0d54 u-boot-2026.01.tar.bz2
sha256 18a853fe39fad7ad03a90cc2d4275aeaed6da69735defac3492b80508843dd4a u-boot-2024.04.tar.bz2

2
board/beagleboard/beagleboneai64/patches/uboot/uboot.hash
View File

@@ -1,2 +1,2 @@
# Locally calculated
sha256 b60d5865cefdbc75da8da4156c56c458e00de75a49b80c1a2e58a96e30ad0d54 u-boot-2026.01.tar.bz2
sha256 18a853fe39fad7ad03a90cc2d4275aeaed6da69735defac3492b80508843dd4a u-boot-2024.04.tar.bz2

2
board/beagleboard/beagleplay/patches/arm-trusted-firmware/arm-trusted-firmware.hash Normal file
View File

@@ -0,0 +1,2 @@
# Locally calculated
sha256 c0f23ccc71c49989e9ad238acf334473c17b7c88f79a20c829c3d443e3794a22 arm-trusted-firmware-v2.11-git4.tar.gz

0
board/bananapi/bananapi-m2-berry/patches/linux-headers/linux-headers.hash → board/beagleboard/beagleplay/patches/linux-headers/linux-headers.hash
View File

4
board/beagleboard/beagleplay/patches/linux/linux.hash
View File

@@ -1,2 +1,2 @@
# From https://www.kernel.org/pub/linux/kernel/v6.x/sha256sums.asc
sha256 4f21c01f4d04c1d1b3ed794153f8900802c92497be620b07c4869530f2d28ee3 linux-6.18.16.tar.xz
# Locally calculated
sha256 774698422ee54c5f1e704456f37c65c06b51b4e9a8b0866f34580d86fef8e226 linux-6.10.tar.xz

2
board/beagleboard/beagleplay/patches/uboot/uboot.hash
View File

@@ -1,2 +1,2 @@
# Locally calculated
sha256 b60d5865cefdbc75da8da4156c56c458e00de75a49b80c1a2e58a96e30ad0d54 u-boot-2026.01.tar.bz2
sha256 f591da9ab90ef3d6b3d173766d0ddff90c4ed7330680897486117df390d83c8f u-boot-2024.07.tar.bz2

1
board/beagleboard/beaglev_fire/boot.cmd
View File

@@ -11,5 +11,6 @@ bootm loados ${scriptaddr};
# Try to load a ramdisk if available inside fitImage
bootm ramdisk;
bootm prep;
fdt set /soc/ethernet@20110000 mac-address ${beaglevfire_mac_addr0};
run design_overlays;
bootm go;

2
board/beagleboard/beaglev_fire/patches/linux/linux.hash
View File

@@ -1,2 +1,2 @@
# Locally calculated
sha256 37191994758d521dc7223cb5010a67ef83bd061bf70194ea522abc9ef2b17391 linux-linux4microchip+fpga-2025.10.tar.gz
sha256 7bd234a93bc6351d6a830f9ef18e9e780d70c478d280a6513a30bc2f945fb050 linux-linux4microchip+fpga-2024.09.1.tar.gz

2
board/beagleboard/beaglev_fire/patches/uboot/uboot.hash
View File

@@ -1,2 +1,2 @@
# Locally calculated
sha256 591c80f7e16d6f43192deb7ab7587ae81b31ba7c7de1a668c14b9997b6c976c8 uboot-linux4microchip+fpga-2025.10.tar.gz
sha256 a2fad7fe7f933fa4679b070e952e1e7a21dbd8b586d7a9a11bfcb99e75ae7ad6 uboot-linux4microchip+fpga-2024.09.tar.gz

0
board/bananapi/bananapi-m2-ultra/patches/linux-headers/linux-headers.hash → board/beagleboard/beagley-ai/patches/linux-headers/linux-headers.hash
View File

4
board/beagleboard/beagley-ai/patches/linux/linux.hash
View File

@@ -1,2 +1,2 @@
# From https://www.kernel.org/pub/linux/kernel/v6.x/sha256sums.asc
sha256 4f21c01f4d04c1d1b3ed794153f8900802c92497be620b07c4869530f2d28ee3 linux-6.18.16.tar.xz
# Locally calculated
sha256 2bb586c954277d070c8fdf6d7275faa93b4807d9bf3353b491d8149cca02b4fc linux-6.15.6.tar.xz

2
board/beagleboard/beagley-ai/patches/ti-k3-r5-loader/ti-k3-r5-loader.hash
View File

@@ -1,2 +1,2 @@
# Locally calculated
sha256 b60d5865cefdbc75da8da4156c56c458e00de75a49b80c1a2e58a96e30ad0d54 u-boot-2026.01.tar.bz2
sha256 0f933f6c5a426895bf306e93e6ac53c60870e4b54cda56d95211bec99e63bec7 u-boot-2025.07.tar.bz2

2
board/beagleboard/beagley-ai/patches/uboot/uboot.hash
View File

@@ -1,2 +1,2 @@
# Locally calculated
sha256 b60d5865cefdbc75da8da4156c56c458e00de75a49b80c1a2e58a96e30ad0d54 u-boot-2026.01.tar.bz2
sha256 0f933f6c5a426895bf306e93e6ac53c60870e4b54cda56d95211bec99e63bec7 u-boot-2025.07.tar.bz2

2
board/bsh/common/imx8mn-bsh-smm-s2/patches/linux/linux.hash
View File

@@ -1,2 +1,2 @@
# From https://cdn.kernel.org/pub/linux/kernel/v6.x/sha256sums.asc
sha256 d1ad94a33681148efe884f4028970d69e332f2b003f0e8be53a1d25de38e49a2 linux-6.12.64.tar.xz
sha256 55432b2af352f7bf3053c348d8549df2f2deeaa4a361c65d638c2f3b2ca7ec96 linux-6.12.56.tar.xz

2
board/bsh/common/imx8mn-bsh-smm-s2/patches/uboot/uboot.hash
View File

@@ -1,2 +1,2 @@
# Locally calculated
sha256 b60d5865cefdbc75da8da4156c56c458e00de75a49b80c1a2e58a96e30ad0d54 u-boot-2026.01.tar.bz2
sha256 0f933f6c5a426895bf306e93e6ac53c60870e4b54cda56d95211bec99e63bec7 u-boot-2025.07.tar.bz2

2
board/bsh/imx6ulz-bsh-smm-m2/patches/linux/linux.hash
View File

@@ -1,2 +1,2 @@
# From https://www.kernel.org/pub/linux/kernel/v6.x/sha256sums.asc
sha256 d1ad94a33681148efe884f4028970d69e332f2b003f0e8be53a1d25de38e49a2 linux-6.12.64.tar.xz
sha256 55432b2af352f7bf3053c348d8549df2f2deeaa4a361c65d638c2f3b2ca7ec96 linux-6.12.56.tar.xz

2
board/bsh/imx6ulz-bsh-smm-m2/patches/uboot/uboot.hash
View File

@@ -1,2 +1,2 @@
# Locally calculated
sha256 b60d5865cefdbc75da8da4156c56c458e00de75a49b80c1a2e58a96e30ad0d54 u-boot-2026.01.tar.bz2
sha256 0f933f6c5a426895bf306e93e6ac53c60870e4b54cda56d95211bec99e63bec7 u-boot-2025.07.tar.bz2

2
board/bsh/imx6ulz-bsh-smm-m2/post-build.sh
View File

@@ -1,6 +1,4 @@
#!/bin/sh
set -eu
BOARD_DIR="$(dirname "$0")"
cp "${BOARD_DIR}/nand-full.lst" "${BINARIES_DIR}"

2
board/bsh/imx8mn-bsh-smm-s2-pro/post-build.sh
View File

@@ -1,6 +1,4 @@
#!/bin/sh
set -eu
BOARD_DIR="$(dirname $0)"
PARTUUID="$($HOST_DIR/bin/uuidgen)"

2
board/bsh/imx8mn-bsh-smm-s2/post-build.sh
View File

@@ -1,6 +1,4 @@
#!/bin/sh
set -eu
BOARD_DIR="$(dirname $0)"
cp ${BOARD_DIR}/nand-full.lst ${BINARIES_DIR}

45
board/compulab/iot-gate-imx8-ebbr/genimage.cfg
View File

@@ -1,45 +0,0 @@
image efi-part.vfat {
vfat {
file EFI {
image = "efi-part/EFI"
}
file Image {
image = "Image"
}
}
size = 64M
}
image disk.img {
hdimage {
partition-table-type = "gpt"
}
# When in eMMC user data, this protects U-Boot environment
partition env {
partition-type-uuid = u-boot-env
offset = 17K
size = 16K
}
# This allows to boot from recovery SD card
partition firmware {
image = "flash.bin"
# Linux reserved
partition-type-uuid = 8DA63339-0007-60C0-C436-083AC8230908
offset = 33K
}
partition boot {
image = "efi-part.vfat"
partition-type-uuid = esp
bootable = true
}
partition root {
partition-type-uuid = root-arm64
image = "rootfs.ext2"
}
}

6
board/compulab/iot-gate-imx8-ebbr/grub.cfg
View File

@@ -1,6 +0,0 @@
set default="0"
set timeout="5"
menuentry "Buildroot" {
linux /Image root=PARTLABEL=root rootwait
}

2
board/compulab/iot-gate-imx8-ebbr/patches/arm-trusted-firmware/arm-trusted-firmware.hash
View File

@@ -1,2 +0,0 @@
# Locally calculated
sha256 e11880bf39dabfcb5945b58e848ddba661a1cd92425a997c626dec62b2dac6a9 arm-trusted-firmware-v2.13-git4.tar.gz

2
board/compulab/iot-gate-imx8-ebbr/patches/linux/linux.hash
View File

@@ -1,2 +0,0 @@
# From https://cdn.kernel.org/pub/linux/kernel/v6.x/sha256sums.asc
sha256 231311bd7084dc3129944d26bb43be6ff837da82fb2104a67704aebca8bfa69f linux-6.16.8.tar.xz

2
board/compulab/iot-gate-imx8-ebbr/patches/optee-client/optee-client.hash
View File

@@ -1,2 +0,0 @@
# Locally calculated
sha256 e6c6b93e2be417df57ceb05a2eb6505744e3fbdd3b2ae5e5bf79bf6028b6f84d optee-client-4.7.0.tar.gz

2
board/compulab/iot-gate-imx8-ebbr/patches/optee-os/optee-os.hash
View File

@@ -1,2 +0,0 @@
# Locally calculated
sha256 976b9c184678516038d4e79766608e81d10bf136f76fd0db2dc48f90f994fbd9 optee-os-4.7.0.tar.gz

2
board/compulab/iot-gate-imx8-ebbr/patches/uboot/uboot.hash
View File

@@ -1,2 +0,0 @@
# Locally calculated
sha256 b60d5865cefdbc75da8da4156c56c458e00de75a49b80c1a2e58a96e30ad0d54 u-boot-2026.01.tar.bz2

69
board/compulab/iot-gate-imx8-ebbr/post-image.sh
View File

@@ -1,69 +0,0 @@
#!/bin/sh
set -eux
BOARD_DIR=$(dirname "$0")
# Override the default GRUB configuration file with our own.
cp -vf "${BOARD_DIR}/grub.cfg" "${BINARIES_DIR}/efi-part/EFI/BOOT/grub.cfg"
BINMAN_DIR="$BINARIES_DIR/binman"
BINMAN_DTB="$BINMAN_DIR/u-boot.dtb"
UBOOT_DIR=$(find "$BUILD_DIR" -maxdepth 1 -type d -name 'uboot-*')
# Adjust binman dtb.
rm -fr "$BINMAN_DIR"
mkdir -v "$BINMAN_DIR"
cp -v "$UBOOT_DIR/u-boot.dtb" "$BINMAN_DTB"
# Add the fip image to the list of loadables.
fdtput -t s "$BINMAN_DTB" /binman/section/fit/configurations/@config-SEQ loadables atf fip
# Remove the tee node to avoid duplicate, as it is in the FIP image.
fdtput --remove "$BINMAN_DTB" /binman/section/fit/images/tee
# Generate flash image with binman.
# We do this here to break the build dependency loop involving tf-a, op-tee, and
# u-boot.
# We use BL2 instead of BL31 in this configuration.
(cd "${UBOOT_DIR}" && \
./tools/binman/binman \
--toolpath ./tools \
-v5 \
build \
-u \
-d "$BINMAN_DTB" \
-O . \
-m \
--allow-missing \
--fake-ext-blobs \
-I "$BINMAN_DIR" \
-I . \
-I ./board/compulab/imx8mm-cl-iot-gate \
-I arch/arm/dts \
-a of-list="imx8mm-cl-iot-gate-optee" \
-I "$BINARIES_DIR" \
-a atf-bl31-path=bl2.bin \
-a tee-os-path= \
-a ti-dm-path= \
-a opensbi-path= \
-a default-dt="imx8mm-cl-iot-gate-optee" \
-a scp-path= \
-a rockchip-tpl-path= \
-a spl-bss-pad= \
-a tpl-bss-pad=1 \
-a vpl-bss-pad=1 \
-a spl-dtb=y \
-a tpl-dtb= \
-a vpl-dtb= \
-a pre-load-key-path= \
-a of-spl-remove-props="interrupt-parent interrupts" \
)
# Copy the flash image.
cp -v "$UBOOT_DIR/flash.bin" "$BINARIES_DIR/"
# Verify that it will fit in the eMMC boot partition.
size=$(du -b "$BINARIES_DIR/flash.bin" |cut -f 1)
if [ "$size" -gt 4160512 ]; then
echo "Flash image is too big! (${size} bytes)" >&2
exit 1
fi

131
board/compulab/iot-gate-imx8-ebbr/readme.txt
View File

@@ -1,131 +0,0 @@
Introduction
============
The iot-gate-imx8_ebbr_defconfig is meant to illustrate some aspects of the Arm
EBBR specification[1] and the Arm SystemReady Devicetree band[2].
It allows building an AArch64 disk image with a U-Boot based firmware
implementing the subset of UEFI defined by EBBR, as well as a Linux OS booting
with UEFI, to run on the Compulab IOT-GATE-iMX8. [3]
This configuration is not related with the official BSP from Compulab. [4]
Building
========
$ make iot-gate-imx8_ebbr_defconfig
$ make
Generated files under output/images/:
* disk.img: An eMMC or USB key disk image comprising TF-A, OP-TEE, the U-Boot
bootloader, the GRUB bootloader, the Linux kernel and the root filesystem.
* flash.bin: A firmware image suitable for flashing in eMMC boot partition
comprising TF-A, OP-TEE and the U-Boot bootloader.
Running
=======
Before flashing the firmware to eMMC, make sure that you have the IOTG-ACC-M2SD
M.2 to SD adapter for recovery and prepare a recovery SD card. [5]
Insert the SD card and the M.2 adapter.
Prepare a USB key on a PC:
# dd if=output/images/disk.img of=<USB key device> ; sync
Insert the USB key, close jumper E1 on the board to select recovery boot,
connect to the UART console on the micro USB connector (a Silicon Labs CP2104
UART bridge) with baudrate 115200, power on the board and break to U-Boot
prompt.
Flash the firmware from the USB key to the eMMC boot partition:
u-boot=> usb start
u-boot=> usb dev 0
u-boot=> usb read ${loadaddr} 0x42 0x1fbe
u-boot=> mmc dev 2 1
u-boot=> mmc write ${loadaddr} 0x42 0x1fbe
u-boot=> mmc partconf 2 0 1 0
Power off the board, remove jumper E1 and the M.2 SD card adapter, then restart
the board; it should boot to Linux, with the root filesystem on the USB key.
Other setups are also possible, with the firmware and/or the root filesystem in
the eMMC user data. The firmware binary is also available as flash.bin for
convenience, to allow network download for example.
With the firmware in the eMMC boot partition, it is possible to install or run
another OS supporting the EBBR specification.
The image generated by the aarch64_efi_defconfig, the images from Linux
distributions such as Debian, Fedora, openSUSE, Ubuntu, OpenWrt and Yocto, and
the Arm ACS Devicetree images[6] are examples of compatible OS images.
When installing other OSes to eMMC, it is recommended to protect the first 32KB
of the user data with a partition, as this is where the U-Boot environment can
be saved.
Firmware details
================
Noteworthy firmware features:
- TF-A, OP-TEE & U-Boot
- UEFI, with EFI variables stored on disk in the ESP
- Support for ethernet, USB and RTC
- U-Boot environment in eMMC user data (starting from byte 0x4400)
Architecture diagram:
Non-Secure : Secure
:
+---------------------------+ :
EL0 | Busybox | :
+---------------------------+ : +--------+
EL1 | Linux | : | OP-TEE | S-EL1
+---------------------------+ : +--------+
EL2 | U-Boot, GRUB, Linux (kvm) | :
+---------------------------+ :
...................................:
+----------------------------------------+
| ROM, U-Boot SPL, TF-A | EL3
+----------------------------------------+
Boot flow:
ROM -+-> SPL -> TF-A -+-> OP-TEE
`-> U-Boot -> GRUB -> Linux -> Busybox
The ROM loads U-Boot SPL.
U-Boot SPL does the DRAM setup, loads the fit image with TF-A, OP-TEE, U-Boot
and the Devicetree.
In this configuration TF-A is booting with BL2 and BL31.
OP-TEE amends the Devicetree, calls back TF-A to go to normal world.
U-Boot loads GRUB with UEFI, boots Linux at EL2.
Miscellaneous
=============
This configuration is based on the work of Paul Liu[7] and is inspired by the
other configurations related with EBBR, and the Arm SystemReady Devicetree Band
Integration and Testing Guide[8].
To avoid a circular build dependency, we skip the binman step during U-Boot
build:
BR2_TARGET_UBOOT_CUSTOM_MAKEOPTS="cmd_binman=:"
Then we run binman manually in the post-image script.
Firmware update and UEFI Secure Boot are currently not supported.
The disk image cannot be used for SD card recovery at this point.
[1] https://github.com/ARM-software/ebbr
[2] https://www.arm.com/architecture/system-architectures/systemready-compliance-program/systemready-devicetree-band
[3] https://www.compulab.com/products/iot-gateways/iot-gate-imx8-industrial-arm-iot-gateway/
[4] https://mediawiki.compulab.com/w/index.php?title=Building_IOT-GATE-iMX8_and_SBC-IOT-iMX8_Yocto_Linux_images
[5] https://mediawiki.compulab.com/w/index.php?title=IOT-GATE-iMX8_and_SBC-IOT-iMX8:_U-Boot:_Recovery
[6] https://github.com/ARM-software/arm-systemready/tree/main/SystemReady-devicetree-band/prebuilt_images
[7] https://git.linaro.org/plugins/gitiles/people/paul.liu/systemready/build-scripts
[8] https://developer.arm.com/documentation/DUI1101/latest/

6
board/compulab/iot-gate-imx8-ebbr/u-boot.fragment
View File

@@ -1,6 +0,0 @@
CONFIG_ARCH_MISC_INIT=y
CONFIG_CMD_RNG=y
CONFIG_DM_REGULATOR_ANATOP=y
CONFIG_DM_RNG=y
CONFIG_FSL_CAAM=y
CONFIG_PHY_ANEG_TIMEOUT=5000

0
board/compulab/iot-gate-imx8-ebbr/patches/linux-headers/linux-headers.hash → board/cubietech/cubieboard1/patches/linux-headers/linux-headers.hash
View File

4
board/cubietech/cubieboard1/patches/linux/linux.hash
View File

@@ -1,2 +1,2 @@
# From https://www.kernel.org/pub/linux/kernel/v6.x/sha256sums.asc
sha256 4d9f3ff73214f68c0194ef02db9ca4b7ba713253ac1045441d4e9f352bc22e14 linux-6.19.6.tar.xz
# Locally calculated
sha256 b4850cf670a032c70f38b713a27d62046c5f747caf028c5f50b18f98606a9eb1 linux-6.12.52.tar.xz

2
board/cubietech/cubieboard1/patches/uboot/uboot.hash
View File

@@ -1,2 +1,2 @@
# Locally calculated
sha256 b60d5865cefdbc75da8da4156c56c458e00de75a49b80c1a2e58a96e30ad0d54 u-boot-2026.01.tar.bz2
sha256 439d3bef296effd54130be6a731c5b118be7fddd7fcc663ccbc5fb18294d8718 u-boot-2025.04.tar.bz2

0
board/freescale/imx6ull-evk/patches/linux-headers/linux-headers.hash → board/cubietech/cubieboard2/patches/linux-headers/linux-headers.hash
View File

4
board/cubietech/cubieboard2/patches/linux/linux.hash
View File

@@ -1,2 +1,2 @@
# From https://www.kernel.org/pub/linux/kernel/v6.x/sha256sums.asc
sha256 4d9f3ff73214f68c0194ef02db9ca4b7ba713253ac1045441d4e9f352bc22e14 linux-6.19.6.tar.xz
# Locally calculated
sha256 b4850cf670a032c70f38b713a27d62046c5f747caf028c5f50b18f98606a9eb1 linux-6.12.52.tar.xz

2
board/cubietech/cubieboard2/patches/uboot/uboot.hash
View File

@@ -1,2 +1,2 @@
# Locally calculated
sha256 b60d5865cefdbc75da8da4156c56c458e00de75a49b80c1a2e58a96e30ad0d54 u-boot-2026.01.tar.bz2
sha256 439d3bef296effd54130be6a731c5b118be7fddd7fcc663ccbc5fb18294d8718 u-boot-2025.04.tar.bz2

2
board/firefly/roc-rk3399-pc/patches/arm-trusted-firmware/arm-trusted-firmware.hash
View File

@@ -1,2 +1,2 @@
# Locally calculated
sha256 6fd749e53c455aec3418288630544e7552bbffab4442ddc48b20ebef9aee87ff arm-trusted-firmware-v2.14-git4.tar.gz
sha256 c0f23ccc71c49989e9ad238acf334473c17b7c88f79a20c829c3d443e3794a22 arm-trusted-firmware-v2.11-git4.tar.gz

2
board/firefly/roc-rk3399-pc/patches/linux/linux.hash
View File

@@ -1,2 +1,2 @@
# Locally calculated
sha256 f4855f382c1b735c84072bdef36db5bcd5dc7b0c37e42f5104317149a0a486ef linux-6.18.18.tar.xz
sha256 f74812f78e88992c416434cb107639e13a551dbaff36bb90d6346ab16ab71a95 linux-6.6.56.tar.xz

2
board/firefly/roc-rk3399-pc/patches/uboot/uboot.hash
View File

@@ -1,2 +1,2 @@
# Locally calculated
sha256 b60d5865cefdbc75da8da4156c56c458e00de75a49b80c1a2e58a96e30ad0d54 u-boot-2026.01.tar.bz2
sha256 f591da9ab90ef3d6b3d173766d0ddff90c4ed7330680897486117df390d83c8f u-boot-2024.07.tar.bz2

2
board/freescale/common/imx/imx9-bootloader-prepare.sh
View File

@@ -20,7 +20,7 @@ main ()
"${HOST_DIR}/bin/mkimage_imx8" -soc IMX9 -c \
-ap "${BINARIES_DIR}/bl31.bin" a55 ${ATF_LOAD_ADDR} \
-ap "${BINARIES_DIR}/u-boot-hash.bin" a55 0x80200000 \
-ap "${BINARIES_DIR}/tee-raw.bin" a55 0x96000000 \
-ap "${BINARIES_DIR}/tee.bin" a55 0x96000000 \
-out "${BINARIES_DIR}/u-boot-atf-container.img"
else
"${HOST_DIR}/bin/mkimage_imx8" -soc IMX9 -c \

1
board/freescale/imx6ull-evk/linux_sdma.fragment
View File

@@ -1 +0,0 @@
CONFIG_IMX_SDMA=m

2
board/freescale/imx6ull-evk/patches/linux/linux.hash
View File

@@ -1,2 +0,0 @@
# Locally calculated
sha256 37f0c5d5c242c1d604e87d48f08795e861a5a85f725b4ca11d0a538f12ff8cff linux-6.18.8.tar.xz

2
board/freescale/imx6ull-evk/patches/uboot/uboot.hash
View File

@@ -1,2 +0,0 @@
# Locally calculated
sha256 b60d5865cefdbc75da8da4156c56c458e00de75a49b80c1a2e58a96e30ad0d54 u-boot-2026.01.tar.bz2

64
board/freescale/imx6ull-evk/readme.txt
View File

@@ -1,64 +0,0 @@
****************************
Freescale i.MX6ULL EVK board
****************************
This file documents the Buildroot support for the Freescale i.MX6ULL EVK board
using Upstream U-Boot and Linux.
Build
=====
First, configure Buildroot for your i.MX6ULL EVK board:
In order to do so issue:
make imx6ullevk_defconfig
Build all components:
make
You will find in output/images/ the following files:
- boot.vfat
- imx6ull-14x14-evk.dtb
- rootfs.ext2
- rootfs.ext4
- rootfs.tar
- sdcard.img
- u-boot.bin
- u-boot-dtb.imx
- zImage
Create a bootable SD card
=========================
To determine the device associated to the SD card have a look in the
/proc/partitions file:
cat /proc/partitions
Buildroot prepares a bootable "sdcard.img" image in the output/images/
directory, ready to be dumped on a SD card. Launch the following
command as root:
dd if=./output/images/sdcard.img of=/dev/<your-sd-device>
*** WARNING! This will destroy all the card content. Use with care! ***
For details about the medium image layout, see the definition in
board/freescale/common/imx/genimage.cfg.template.
Boot the i.MX6ULL EVK board
===========================
To boot your newly created system (refer to the i.MX 6ULL EVK Quick Start Guide [1] for guidance):
- insert the SD card in the micro SD slot of the board;
- put a micro USB cable into the Debug USB Port and connect using a terminal
emulator at 115200 bps, 8n1;
- power on the board.
Enjoy!
References
==========
[1] https://www.nxp.com/webapp/Download?colCode=IMX6ULLQSG

Some files were not shown because too many files have changed in this diff Show More