From patchwork Sat Jun 11 12:16:12 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bernd Kuhls X-Patchwork-Id: 1642370 Return-Path: X-Original-To: incoming-buildroot@patchwork.ozlabs.org Delivered-To: patchwork-incoming-buildroot@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=buildroot.org (client-ip=2605:bc80:3010::137; helo=smtp4.osuosl.org; envelope-from=buildroot-bounces@buildroot.org; receiver=) Received: from smtp4.osuosl.org (smtp4.osuosl.org [IPv6:2605:bc80:3010::137]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by bilbo.ozlabs.org (Postfix) with ESMTPS id 4LKxdQ5DGWz9sFr for ; Sat, 11 Jun 2022 22:16:26 +1000 (AEST) Received: from localhost (localhost [127.0.0.1]) by smtp4.osuosl.org (Postfix) with ESMTP id 4898141941; Sat, 11 Jun 2022 12:16:23 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from smtp4.osuosl.org ([127.0.0.1]) by localhost (smtp4.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id FTyrRk2iDlVN; Sat, 11 Jun 2022 12:16:22 +0000 (UTC) Received: from ash.osuosl.org (ash.osuosl.org [140.211.166.34]) by smtp4.osuosl.org (Postfix) with ESMTP id 3276C418DE; Sat, 11 Jun 2022 12:16:21 +0000 (UTC) X-Original-To: buildroot@lists.busybox.net Delivered-To: buildroot@osuosl.org Received: from smtp4.osuosl.org (smtp4.osuosl.org [140.211.166.137]) by ash.osuosl.org (Postfix) with ESMTP id 999291BF418 for ; Sat, 11 Jun 2022 12:16:19 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by smtp4.osuosl.org (Postfix) with ESMTP id 9203F418DE for ; Sat, 11 Jun 2022 12:16:19 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from smtp4.osuosl.org ([127.0.0.1]) by localhost (smtp4.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GuqEZb2WQgwn for ; Sat, 11 Jun 2022 12:16:18 +0000 (UTC) X-Greylist: domain auto-whitelisted by SQLgrey-1.8.0 Received: from mailout01.t-online.de (mailout01.t-online.de [194.25.134.80]) by smtp4.osuosl.org (Postfix) with ESMTPS id 21D60418D7 for ; Sat, 11 Jun 2022 12:16:17 +0000 (UTC) Received: from fwd78.dcpf.telekom.de (fwd78.aul.t-online.de [10.223.144.104]) by mailout01.t-online.de (Postfix) with SMTP id 0117E475F for ; Sat, 11 Jun 2022 14:16:14 +0200 (CEST) Received: from fli4l.lan.fli4l ([91.58.12.97]) by fwd78.t-online.de with (TLSv1:ECDHE-RSA-AES256-SHA encrypted) esmtp id 1o002I-13wR9d0; Sat, 11 Jun 2022 14:16:14 +0200 Received: from bruckner.lan.fli4l ([192.168.1.1]:49876) by fli4l.lan.fli4l with esmtp (Exim 4.95) (envelope-from ) id 1o002I-0003m7-Eq for buildroot@buildroot.org; Sat, 11 Jun 2022 14:16:14 +0200 From: Bernd Kuhls To: buildroot@buildroot.org Date: Sat, 11 Jun 2022 14:16:12 +0200 Message-Id: <20220611121614.1172869-1-bernd.kuhls@t-online.de> X-Mailer: git-send-email 2.30.2 MIME-Version: 1.0 X-TOI-EXPURGATEID: 150726::1654949774-0143C329-77A5577A/0/0 CLEAN NORMAL X-TOI-MSGID: 4ca2c396-bf04-4304-bbbf-61cdcc6c4098 Subject: [Buildroot] [PATCH 1/3] package/apache: add brotli as optional dependency X-BeenThere: buildroot@buildroot.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Discussion and development of buildroot List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: buildroot-bounces@buildroot.org Sender: "buildroot" Fixes: http://autobuild.buildroot.net/results/90e/90e3a2aaf0ce0451b80c71743209797abeb83d0a/ http://autobuild.buildroot.net/results/006/006f94bb216a77f073a5670fa2f393c43f15a977/ http://autobuild.buildroot.net/results/dd6/dd69e665e51ce6b30e303a4d4670e9edbb159aea/ Signed-off-by: Bernd Kuhls --- package/apache/apache.mk | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/package/apache/apache.mk b/package/apache/apache.mk index b2c855aa36..a6fb59d26b 100644 --- a/package/apache/apache.mk +++ b/package/apache/apache.mk @@ -45,6 +45,13 @@ APACHE_CONF_OPTS = \ --with-mpm=$(APACHE_MPM) \ --disable-luajit +ifeq ($(BR2_PACKAGE_BROTLI),y) +APACHE_CONF_OPTS += --enable-brotli +APACHE_DEPENDENCIES += brotli +else +APACHE_CONF_OPTS += --disable-brotli +endif + ifeq ($(BR2_PACKAGE_LIBXML2),y) APACHE_DEPENDENCIES += libxml2 # Apache wants the path to the header file, where it can find From patchwork Sat Jun 11 12:16:13 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bernd Kuhls X-Patchwork-Id: 1642371 Return-Path: X-Original-To: incoming-buildroot@patchwork.ozlabs.org Delivered-To: patchwork-incoming-buildroot@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=buildroot.org (client-ip=140.211.166.133; helo=smtp2.osuosl.org; envelope-from=buildroot-bounces@buildroot.org; receiver=) Received: from smtp2.osuosl.org (smtp2.osuosl.org [140.211.166.133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by bilbo.ozlabs.org (Postfix) with ESMTPS id 4LKxdf400fz9sFr for ; Sat, 11 Jun 2022 22:16:38 +1000 (AEST) Received: from localhost (localhost [127.0.0.1]) by smtp2.osuosl.org (Postfix) with ESMTP id 320C440CE2; Sat, 11 Jun 2022 12:16:36 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from smtp2.osuosl.org ([127.0.0.1]) by localhost (smtp2.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TBnp_PRF_8pR; Sat, 11 Jun 2022 12:16:35 +0000 (UTC) Received: from ash.osuosl.org (ash.osuosl.org [140.211.166.34]) by smtp2.osuosl.org (Postfix) with ESMTP id 543E140492; Sat, 11 Jun 2022 12:16:34 +0000 (UTC) X-Original-To: buildroot@lists.busybox.net Delivered-To: buildroot@osuosl.org Received: from smtp4.osuosl.org (smtp4.osuosl.org [140.211.166.137]) by ash.osuosl.org (Postfix) with ESMTP id D44E71BF418 for ; Sat, 11 Jun 2022 12:16:20 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by smtp4.osuosl.org (Postfix) with ESMTP id C3256418DE for ; Sat, 11 Jun 2022 12:16:20 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from smtp4.osuosl.org ([127.0.0.1]) by localhost (smtp4.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id K-XvnEoRKCad for ; Sat, 11 Jun 2022 12:16:19 +0000 (UTC) X-Greylist: domain auto-whitelisted by SQLgrey-1.8.0 Received: from mailout01.t-online.de (mailout01.t-online.de [194.25.134.80]) by smtp4.osuosl.org (Postfix) with ESMTPS id A103B418D7 for ; Sat, 11 Jun 2022 12:16:19 +0000 (UTC) Received: from fwd78.dcpf.telekom.de (fwd78.aul.t-online.de [10.223.144.104]) by mailout01.t-online.de (Postfix) with SMTP id 651B34763 for ; Sat, 11 Jun 2022 14:16:16 +0200 (CEST) Received: from fli4l.lan.fli4l ([91.58.12.97]) by fwd78.t-online.de with (TLSv1:ECDHE-RSA-AES256-SHA encrypted) esmtp id 1o002I-14AjhJ0; Sat, 11 Jun 2022 14:16:14 +0200 Received: from bruckner.lan.fli4l ([192.168.1.1]:49876) by fli4l.lan.fli4l with esmtp (Exim 4.95) (envelope-from ) id 1o002I-0003m7-GC for buildroot@buildroot.org; Sat, 11 Jun 2022 14:16:14 +0200 From: Bernd Kuhls To: buildroot@buildroot.org Date: Sat, 11 Jun 2022 14:16:13 +0200 Message-Id: <20220611121614.1172869-2-bernd.kuhls@t-online.de> X-Mailer: git-send-email 2.30.2 In-Reply-To: <20220611121614.1172869-1-bernd.kuhls@t-online.de> References: <20220611121614.1172869-1-bernd.kuhls@t-online.de> MIME-Version: 1.0 X-TOI-EXPURGATEID: 150726::1654949774-0143C329-1544C9D2/0/0 CLEAN NORMAL X-TOI-MSGID: 85b882bd-b499-4a0e-be95-3a1b41f8450c Subject: [Buildroot] [PATCH 2/3] package/apache: security bump version to 2.4.54 X-BeenThere: buildroot@buildroot.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Discussion and development of buildroot List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: buildroot-bounces@buildroot.org Sender: "buildroot" Changelog: https://downloads.apache.org/httpd/CHANGES_2.4.54 Fixes CVE-2022-26377, CVE-2022-28330, CVE-2022-28614, CVE-2022-28615, CVE-2022-29404, CVE-2022-30522, CVE-2022-30556 and CVE-2022-31813. Signed-off-by: Bernd Kuhls --- package/apache/apache.hash | 6 +++--- package/apache/apache.mk | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/package/apache/apache.hash b/package/apache/apache.hash index 11dcdefe46..2c21a5bab8 100644 --- a/package/apache/apache.hash +++ b/package/apache/apache.hash @@ -1,5 +1,5 @@ -# From https://downloads.apache.org/httpd/httpd-2.4.53.tar.bz2.{sha256,sha512} -sha256 d0bbd1121a57b5f2a6ff92d7b96f8050c5a45d3f14db118f64979d525858db63 httpd-2.4.53.tar.bz2 -sha512 07ef59594251a30a864cc9cc9a58ab788c2d006cef85b728f29533243927c63cb063e0867f2a306f37324c3adb9cf7dcb2402f3516b05c2c6f32469d475dd756 httpd-2.4.53.tar.bz2 +# From https://downloads.apache.org/httpd/httpd-2.4.54.tar.bz2.{sha256,sha512} +sha256 eb397feeefccaf254f8d45de3768d9d68e8e73851c49afd5b7176d1ecf80c340 httpd-2.4.54.tar.bz2 +sha512 228493b2ff32c4142c6e484d304f2ea12e467498605fe12adce2b61388d8efe7b2e96ae2fd0abd1dc88a5f12d625e007d8da0ae5628cff2a5272806754f41e18 httpd-2.4.54.tar.bz2 # Locally computed sha256 47b8c2b6c3309282a99d4a3001575c790fead690cc14734628c4667d2bbffc43 LICENSE diff --git a/package/apache/apache.mk b/package/apache/apache.mk index a6fb59d26b..315282baac 100644 --- a/package/apache/apache.mk +++ b/package/apache/apache.mk @@ -4,7 +4,7 @@ # ################################################################################ -APACHE_VERSION = 2.4.53 +APACHE_VERSION = 2.4.54 APACHE_SOURCE = httpd-$(APACHE_VERSION).tar.bz2 APACHE_SITE = https://downloads.apache.org/httpd APACHE_LICENSE = Apache-2.0 From patchwork Sat Jun 11 12:16:14 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bernd Kuhls X-Patchwork-Id: 1642372 Return-Path: X-Original-To: incoming-buildroot@patchwork.ozlabs.org Delivered-To: patchwork-incoming-buildroot@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=buildroot.org (client-ip=140.211.166.137; helo=smtp4.osuosl.org; envelope-from=buildroot-bounces@buildroot.org; receiver=) Received: from smtp4.osuosl.org (smtp4.osuosl.org [140.211.166.137]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by bilbo.ozlabs.org (Postfix) with ESMTPS id 4LKxdv0TxZz9sFr for ; Sat, 11 Jun 2022 22:16:50 +1000 (AEST) Received: from localhost (localhost [127.0.0.1]) by smtp4.osuosl.org (Postfix) with ESMTP id 19A5E41958; Sat, 11 Jun 2022 12:16:49 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from smtp4.osuosl.org ([127.0.0.1]) by localhost (smtp4.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id l9n0OIZiSM4d; Sat, 11 Jun 2022 12:16:48 +0000 (UTC) Received: from ash.osuosl.org (ash.osuosl.org [140.211.166.34]) by smtp4.osuosl.org (Postfix) with ESMTP id E4FEC418DE; Sat, 11 Jun 2022 12:16:46 +0000 (UTC) X-Original-To: buildroot@lists.busybox.net Delivered-To: buildroot@osuosl.org Received: from smtp2.osuosl.org (smtp2.osuosl.org [140.211.166.133]) by ash.osuosl.org (Postfix) with ESMTP id 8B98D1BF418 for ; Sat, 11 Jun 2022 12:16:22 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by smtp2.osuosl.org (Postfix) with ESMTP id 791C140492 for ; Sat, 11 Jun 2022 12:16:22 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from smtp2.osuosl.org ([127.0.0.1]) by localhost (smtp2.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id C7Uq7bImy2F4 for ; Sat, 11 Jun 2022 12:16:21 +0000 (UTC) X-Greylist: domain auto-whitelisted by SQLgrey-1.8.0 Received: from mailout12.t-online.de (mailout12.t-online.de [194.25.134.22]) by smtp2.osuosl.org (Postfix) with ESMTPS id 4D80F400EF for ; Sat, 11 Jun 2022 12:16:21 +0000 (UTC) Received: from fwd84.dcpf.telekom.de (fwd84.aul.t-online.de [10.223.144.110]) by mailout12.t-online.de (Postfix) with SMTP id 0F9CF709E for ; Sat, 11 Jun 2022 14:16:19 +0200 (CEST) Received: from fli4l.lan.fli4l ([91.58.12.97]) by fwd84.t-online.de with (TLSv1:ECDHE-RSA-AES256-SHA encrypted) esmtp id 1o002I-4L4M410; Sat, 11 Jun 2022 14:16:14 +0200 Received: from bruckner.lan.fli4l ([192.168.1.1]:49876) by fli4l.lan.fli4l with esmtp (Exim 4.95) (envelope-from ) id 1o002I-0003m7-I1 for buildroot@buildroot.org; Sat, 11 Jun 2022 14:16:14 +0200 From: Bernd Kuhls To: buildroot@buildroot.org Date: Sat, 11 Jun 2022 14:16:14 +0200 Message-Id: <20220611121614.1172869-3-bernd.kuhls@t-online.de> X-Mailer: git-send-email 2.30.2 In-Reply-To: <20220611121614.1172869-1-bernd.kuhls@t-online.de> References: <20220611121614.1172869-1-bernd.kuhls@t-online.de> MIME-Version: 1.0 X-TOI-EXPURGATEID: 150726::1654949775-0143F118-2592A648/0/0 CLEAN NORMAL X-TOI-MSGID: 2c1e94d6-3628-4499-b9af-a90493bc231f Subject: [Buildroot] [PATCH 3/3] package/php: security bump version to 8.0.20 X-BeenThere: buildroot@buildroot.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Discussion and development of buildroot List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: buildroot-bounces@buildroot.org Sender: "buildroot" Changelog: https://www.php.net/ChangeLog-8.php#8.0.20 Fixes CVE-2022-31625 and CVE-2022-31626. Signed-off-by: Bernd Kuhls --- package/php/php.hash | 2 +- package/php/php.mk | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/package/php/php.hash b/package/php/php.hash index e0aca101b4..2e9aa6880b 100644 --- a/package/php/php.hash +++ b/package/php/php.hash @@ -1,5 +1,5 @@ # From https://www.php.net/downloads.php -sha256 ba62219c4b0486cbb2a04f0796749a46b0ee1f5a142ed454212b4e2460cb0fab php-8.0.19.tar.xz +sha256 973fec765336ee01f47536a5db1c2eee98df9d34a41522b7b6c760159bf0a77b php-8.0.20.tar.xz # License file sha256 a188db807d711536f71e27b7d36879d63480f7994dc18adc08e624b3c5430fff LICENSE diff --git a/package/php/php.mk b/package/php/php.mk index 5053f34b85..f649a9bb8b 100644 --- a/package/php/php.mk +++ b/package/php/php.mk @@ -4,7 +4,7 @@ # ################################################################################ -PHP_VERSION = 8.0.19 +PHP_VERSION = 8.0.20 PHP_SITE = https://www.php.net/distributions PHP_SOURCE = php-$(PHP_VERSION).tar.xz PHP_INSTALL_STAGING = YES