From patchwork Tue Jan 15 16:37:26 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Baruch Siach X-Patchwork-Id: 1025313 Return-Path: X-Original-To: incoming-buildroot@patchwork.ozlabs.org Delivered-To: patchwork-incoming-buildroot@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (mailfrom) smtp.mailfrom=busybox.net (client-ip=140.211.166.137; helo=fraxinus.osuosl.org; envelope-from=buildroot-bounces@busybox.net; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=tkos.co.il Received: from fraxinus.osuosl.org (smtp4.osuosl.org [140.211.166.137]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 43fGGd46JMz9sDB for ; Wed, 16 Jan 2019 03:37:45 +1100 (AEDT) Received: from localhost (localhost [127.0.0.1]) by fraxinus.osuosl.org (Postfix) with ESMTP id B4D2985725; Tue, 15 Jan 2019 16:37:41 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from fraxinus.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DqpclA2Hk1GC; Tue, 15 Jan 2019 16:37:39 +0000 (UTC) Received: from ash.osuosl.org (ash.osuosl.org [140.211.166.34]) by fraxinus.osuosl.org (Postfix) with ESMTP id 773CA84DE6; Tue, 15 Jan 2019 16:37:39 +0000 (UTC) X-Original-To: buildroot@lists.busybox.net Delivered-To: buildroot@osuosl.org Received: from whitealder.osuosl.org (smtp1.osuosl.org [140.211.166.138]) by ash.osuosl.org (Postfix) with ESMTP id 888DD1BF4E6 for ; Tue, 15 Jan 2019 16:37:38 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by whitealder.osuosl.org (Postfix) with ESMTP id 83091860F9 for ; Tue, 15 Jan 2019 16:37:38 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from whitealder.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tIsv+hV0E1tb for ; Tue, 15 Jan 2019 16:37:36 +0000 (UTC) X-Greylist: domain auto-whitelisted by SQLgrey-1.7.6 Received: from mx.tkos.co.il (guitar.tcltek.co.il [192.115.133.116]) by whitealder.osuosl.org (Postfix) with ESMTPS id 7FAB7860D6 for ; Tue, 15 Jan 2019 16:37:36 +0000 (UTC) Received: from tarshish.tkos.co.il (unknown [10.0.8.6]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mx.tkos.co.il (Postfix) with ESMTPS id 169E74400E1; Tue, 15 Jan 2019 18:37:33 +0200 (IST) From: Baruch Siach To: buildroot@busybox.net Date: Tue, 15 Jan 2019 18:37:26 +0200 Message-Id: X-Mailer: git-send-email 2.20.1 MIME-Version: 1.0 Subject: [Buildroot] [PATCH 1/3] package/libgpg-error: bump to version 1.33 X-BeenThere: buildroot@busybox.net X-Mailman-Version: 2.1.29 Precedence: list List-Id: Discussion and development of buildroot List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: buildroot-bounces@busybox.net Sender: "buildroot" The syscfg header name is now based on the target triplet, with the vendor part set to "unknown". The symlink approach no longer works since we use "buildroot" for the vendor part. Override the target host configure parameter to match the build system expectation. The x86 header vendor part has been renamed to "unknown" as well. Account for that in BR2_PACKAGE_LIBGPG_ERROR_SYSCFG. Signed-off-by: Baruch Siach --- package/libgpg-error/Config.in | 2 +- package/libgpg-error/libgpg-error.hash | 4 ++-- package/libgpg-error/libgpg-error.mk | 13 +++---------- 3 files changed, 6 insertions(+), 13 deletions(-) diff --git a/package/libgpg-error/Config.in b/package/libgpg-error/Config.in index 0659a834bf2f..dbb554989e6b 100644 --- a/package/libgpg-error/Config.in +++ b/package/libgpg-error/Config.in @@ -48,5 +48,5 @@ config BR2_PACKAGE_LIBGPG_ERROR_SYSCFG if BR2_sparc default "sparc64-unknown-linux-gnu" \ if BR2_sparc64 - default "x86_64-pc-linux-gnu" \ + default "x86_64-unknown-linux-gnu" \ if BR2_x86_64 diff --git a/package/libgpg-error/libgpg-error.hash b/package/libgpg-error/libgpg-error.hash index 93593b14116e..b18ab7e6b6e8 100644 --- a/package/libgpg-error/libgpg-error.hash +++ b/package/libgpg-error/libgpg-error.hash @@ -1,7 +1,7 @@ # Locally calculated after checking pgp signature -# https://gnupg.org/ftp/gcrypt/libgpg-error/libgpg-error-1.32.tar.bz2.sig +# https://gnupg.org/ftp/gcrypt/libgpg-error/libgpg-error-1.33.tar.bz2.sig # using key D8692123C4065DEA5E0F3AB5249B39D24F25E3B6 -sha256 c345c5e73cc2332f8d50db84a2280abfb1d8f6d4f1858b9daa30404db44540ca libgpg-error-1.32.tar.bz2 +sha256 5d38826656e746c936e7742d9cde072b50baa3c4c49daa168a56813612bf03ff libgpg-error-1.33.tar.bz2 # Locally calculated sha256 231f7edcc7352d7734a96eef0b8030f77982678c516876fcb81e25b32d68564c COPYING sha256 a9bdde5616ecdd1e980b44f360600ee8783b1f99b8cc83a2beb163a0a390e861 COPYING.LIB diff --git a/package/libgpg-error/libgpg-error.mk b/package/libgpg-error/libgpg-error.mk index ef817c7cc689..d26d92fb0555 100644 --- a/package/libgpg-error/libgpg-error.mk +++ b/package/libgpg-error/libgpg-error.mk @@ -4,7 +4,7 @@ # ################################################################################ -LIBGPG_ERROR_VERSION = 1.32 +LIBGPG_ERROR_VERSION = 1.33 LIBGPG_ERROR_SITE = https://www.gnupg.org/ftp/gcrypt/libgpg-error LIBGPG_ERROR_SOURCE = libgpg-error-$(LIBGPG_ERROR_VERSION).tar.bz2 LIBGPG_ERROR_LICENSE = GPL-2.0+, LGPL-2.1+ @@ -12,14 +12,7 @@ LIBGPG_ERROR_LICENSE_FILES = COPYING COPYING.LIB LIBGPG_ERROR_INSTALL_STAGING = YES LIBGPG_ERROR_CONFIG_SCRIPTS = gpg-error-config LIBGPG_ERROR_DEPENDENCIES = $(TARGET_NLS_DEPENDENCIES) - -define LIBGPG_ERROR_FIX_CROSS_COMPILATION - cd $(@D)/src/syscfg && \ - ln -s lock-obj-pub.$(call qstrip, $(BR2_PACKAGE_LIBGPG_ERROR_SYSCFG)).h \ - lock-obj-pub.$(GNU_TARGET_NAME).h -endef -LIBGPG_ERROR_PRE_CONFIGURE_HOOKS += LIBGPG_ERROR_FIX_CROSS_COMPILATION - -LIBGPG_ERROR_CONF_OPTS = --disable-tests +LIBGPG_ERROR_CONF_OPTS = --disable-tests \ + --host=$(BR2_PACKAGE_LIBGPG_ERROR_SYSCFG) $(eval $(autotools-package)) From patchwork Tue Jan 15 16:37:27 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Baruch Siach X-Patchwork-Id: 1025314 Return-Path: X-Original-To: incoming-buildroot@patchwork.ozlabs.org Delivered-To: patchwork-incoming-buildroot@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (mailfrom) smtp.mailfrom=busybox.net (client-ip=140.211.166.138; helo=whitealder.osuosl.org; envelope-from=buildroot-bounces@busybox.net; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=tkos.co.il Received: from whitealder.osuosl.org (smtp1.osuosl.org [140.211.166.138]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 43fGGh28CLz9sN6 for ; Wed, 16 Jan 2019 03:37:47 +1100 (AEDT) Received: from localhost (localhost [127.0.0.1]) by whitealder.osuosl.org (Postfix) with ESMTP id D4C9F860F9; Tue, 15 Jan 2019 16:37:44 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from whitealder.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MKyIadU5znQf; Tue, 15 Jan 2019 16:37:44 +0000 (UTC) Received: from ash.osuosl.org (ash.osuosl.org [140.211.166.34]) by whitealder.osuosl.org (Postfix) with ESMTP id 239A686100; Tue, 15 Jan 2019 16:37:44 +0000 (UTC) X-Original-To: buildroot@lists.busybox.net Delivered-To: buildroot@osuosl.org Received: from whitealder.osuosl.org (smtp1.osuosl.org [140.211.166.138]) by ash.osuosl.org (Postfix) with ESMTP id 1B4C91BF4E6 for ; Tue, 15 Jan 2019 16:37:39 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by whitealder.osuosl.org (Postfix) with ESMTP id 13A2C860D6 for ; Tue, 15 Jan 2019 16:37:39 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from whitealder.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id eyKoEMRsKBsA for ; Tue, 15 Jan 2019 16:37:37 +0000 (UTC) X-Greylist: domain auto-whitelisted by SQLgrey-1.7.6 Received: from mx.tkos.co.il (guitar.tcltek.co.il [192.115.133.116]) by whitealder.osuosl.org (Postfix) with ESMTPS id D569A860E1 for ; Tue, 15 Jan 2019 16:37:36 +0000 (UTC) Received: from tarshish.tkos.co.il (unknown [10.0.8.6]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mx.tkos.co.il (Postfix) with ESMTPS id 027C24408FC; Tue, 15 Jan 2019 18:37:34 +0200 (IST) From: Baruch Siach To: buildroot@busybox.net Date: Tue, 15 Jan 2019 18:37:27 +0200 Message-Id: X-Mailer: git-send-email 2.20.1 In-Reply-To: References: MIME-Version: 1.0 Subject: [Buildroot] [PATCH 2/3] package/libassuan: bump to version 2.5.2 X-BeenThere: buildroot@busybox.net X-Mailman-Version: 2.1.29 Precedence: list List-Id: Discussion and development of buildroot List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: buildroot-bounces@busybox.net Sender: "buildroot" Signed-off-by: Baruch Siach --- package/libassuan/libassuan.hash | 7 ++++--- package/libassuan/libassuan.mk | 2 +- 2 files changed, 5 insertions(+), 4 deletions(-) diff --git a/package/libassuan/libassuan.hash b/package/libassuan/libassuan.hash index 2e80cfa4e11d..4878a692cf64 100644 --- a/package/libassuan/libassuan.hash +++ b/package/libassuan/libassuan.hash @@ -1,7 +1,8 @@ # From https://www.gnupg.org/download/integrity_check.html -sha1 c8432695bf1daa914a92f51e911881ed93d50604 libassuan-2.5.1.tar.bz2 +sha1 fb66bc1e8971d48ac9dbacd1cdaf6487a3e77375 libassuan-2.5.2.tar.bz2 # Locally calculated after checking signature -# https://www.gnupg.org/ftp/gcrypt/libassuan/libassuan-2.5.1.tar.bz2.sig -sha256 47f96c37b4f2aac289f0bc1bacfa8bd8b4b209a488d3d15e2229cb6cc9b26449 libassuan-2.5.1.tar.bz2 +# https://www.gnupg.org/ftp/gcrypt/libassuan/libassuan-2.5.2.tar.bz2.sig +# using key D8692123C4065DEA5E0F3AB5249B39D24F25E3B6 +sha256 986b1bf277e375f7a960450fbb8ffbd45294d06598916ad4ebf79aee0cb788e7 libassuan-2.5.2.tar.bz2 sha256 a9bdde5616ecdd1e980b44f360600ee8783b1f99b8cc83a2beb163a0a390e861 COPYING.LIB sha256 fc82ca8b6fdb18d4e3e85cfd8ab58d1bcd3f1b29abe782895abd91d64763f8e7 COPYING diff --git a/package/libassuan/libassuan.mk b/package/libassuan/libassuan.mk index 4dc8f70d1f04..1e4467b36dbd 100644 --- a/package/libassuan/libassuan.mk +++ b/package/libassuan/libassuan.mk @@ -4,7 +4,7 @@ # ################################################################################ -LIBASSUAN_VERSION = 2.5.1 +LIBASSUAN_VERSION = 2.5.2 LIBASSUAN_SITE = ftp://ftp.gnupg.org/gcrypt/libassuan LIBASSUAN_SOURCE = libassuan-$(LIBASSUAN_VERSION).tar.bz2 LIBASSUAN_LICENSE = LGPL-2.1+ (library), GPL-3.0 (tests, doc) From patchwork Tue Jan 15 16:37:28 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Baruch Siach X-Patchwork-Id: 1025315 Return-Path: X-Original-To: incoming-buildroot@patchwork.ozlabs.org Delivered-To: patchwork-incoming-buildroot@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (mailfrom) smtp.mailfrom=busybox.net (client-ip=140.211.166.136; helo=silver.osuosl.org; envelope-from=buildroot-bounces@busybox.net; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=tkos.co.il Received: from silver.osuosl.org (smtp3.osuosl.org [140.211.166.136]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 43fGGm1SWfz9sCs for ; Wed, 16 Jan 2019 03:37:51 +1100 (AEDT) Received: from localhost (localhost [127.0.0.1]) by silver.osuosl.org (Postfix) with ESMTP id 150AF23455; Tue, 15 Jan 2019 16:37:47 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from silver.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id aUDyao8DUo5t; Tue, 15 Jan 2019 16:37:45 +0000 (UTC) Received: from ash.osuosl.org (ash.osuosl.org [140.211.166.34]) by silver.osuosl.org (Postfix) with ESMTP id 028D822B6D; Tue, 15 Jan 2019 16:37:45 +0000 (UTC) X-Original-To: buildroot@lists.busybox.net Delivered-To: buildroot@osuosl.org Received: from whitealder.osuosl.org (smtp1.osuosl.org [140.211.166.138]) by ash.osuosl.org (Postfix) with ESMTP id 887FA1BF4E6 for ; Tue, 15 Jan 2019 16:37:41 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by whitealder.osuosl.org (Postfix) with ESMTP id 8392F860E1 for ; Tue, 15 Jan 2019 16:37:41 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from whitealder.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Ve+hCZ3UZm66 for ; Tue, 15 Jan 2019 16:37:37 +0000 (UTC) X-Greylist: domain auto-whitelisted by SQLgrey-1.7.6 Received: from mx.tkos.co.il (guitar.tcltek.co.il [192.115.133.116]) by whitealder.osuosl.org (Postfix) with ESMTPS id 0D9AA860F1 for ; Tue, 15 Jan 2019 16:37:37 +0000 (UTC) Received: from tarshish.tkos.co.il (unknown [10.0.8.6]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mx.tkos.co.il (Postfix) with ESMTPS id 35F634409AD; Tue, 15 Jan 2019 18:37:35 +0200 (IST) From: Baruch Siach To: buildroot@busybox.net Date: Tue, 15 Jan 2019 18:37:28 +0200 Message-Id: <5a09750bb57f85248ecbdddb0d477c529e0c3b7d.1547570248.git.baruch@tkos.co.il> X-Mailer: git-send-email 2.20.1 In-Reply-To: References: MIME-Version: 1.0 Subject: [Buildroot] [PATCH 3/3] gnupg2: security bump to version 2.2.12 X-BeenThere: buildroot@busybox.net X-Mailman-Version: 2.1.29 Precedence: list List-Id: Discussion and development of buildroot List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: buildroot-bounces@busybox.net Sender: "buildroot" Fixes CVE-2018-1000858: Cross Site Request Forgery with arbitrary HTTPS GET requests via HTTP redirect. https://sektioneins.de/en/advisories/advisory-012018-gnupg-wkd.html Signed-off-by: Baruch Siach --- package/gnupg2/gnupg2.hash | 8 ++++---- package/gnupg2/gnupg2.mk | 2 +- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/package/gnupg2/gnupg2.hash b/package/gnupg2/gnupg2.hash index a367effcab72..f985e11ad3c3 100644 --- a/package/gnupg2/gnupg2.hash +++ b/package/gnupg2/gnupg2.hash @@ -1,7 +1,7 @@ -# From https://lists.gnupg.org/pipermail/gnupg-announce/2018q3/000428.html -sha1 3e87504e2ca317718aa9b6299947ebf7e906b54e gnupg-2.2.10.tar.bz2 +# From https://lists.gnupg.org/pipermail/gnupg-announce/2018q4/000433.html +sha1 2aeccc35ea8034306ff7a1072b84abbaa79619c3 gnupg-2.2.12.tar.bz2 # Calculated based on the hash above and signature -# https://gnupg.org/ftp/gcrypt/gnupg/gnupg-2.2.10.tar.bz2.sig +# https://gnupg.org/ftp/gcrypt/gnupg/gnupg-2.2.12.tar.bz2.sig # using key D8692123C4065DEA5E0F3AB5249B39D24F25E3B6 -sha256 799dd37a86a1448732e339bd20440f4f5ee6e69755f6fd7a73ee8af30840c915 gnupg-2.2.10.tar.bz2 +sha256 db030f8b4c98640e91300d36d516f1f4f8fe09514a94ea9fc7411ee1a34082cb gnupg-2.2.12.tar.bz2 sha256 bc2d6664f6276fa0a72d57633b3ae68dc7dcb677b71018bf08c8e93e509f1357 COPYING diff --git a/package/gnupg2/gnupg2.mk b/package/gnupg2/gnupg2.mk index 64329522d513..9365e960f258 100644 --- a/package/gnupg2/gnupg2.mk +++ b/package/gnupg2/gnupg2.mk @@ -4,7 +4,7 @@ # ################################################################################ -GNUPG2_VERSION = 2.2.10 +GNUPG2_VERSION = 2.2.12 GNUPG2_SOURCE = gnupg-$(GNUPG2_VERSION).tar.bz2 GNUPG2_SITE = https://gnupg.org/ftp/gcrypt/gnupg GNUPG2_LICENSE = GPL-3.0+