[Buildroot] Buildroot 2022.08.2 released
Peter Korsgaard
peter at korsgaard.com
Wed Nov 16 22:24:08 UTC 2022
Hi,
Buildroot is a simple tool for creating complete embedded Linux systems
(http://buildroot.org).
Buildroot 2022.08.2 is released - Go download it at:
http://buildroot.org/downloads/buildroot-2022.08.2.tar.gz
or
http://buildroot.org/downloads/buildroot-2022.08.2.tar.xz
Or get it from Git:
git://git.buildroot.org/buildroot
Buildroot 2022.08.2 is a bugfix release, fixing a number of important /
security related issues discovered since the 2022.08.1 release.
- Security fixes for bind, darkhttpd, dbus, dhcp, dnsmasq, expat,
freerdp, go, grub2, imagemagick, libcurl, libosip2, libtasn1,
libvncserver, libxml2, lldpd, lrzip, msmtp, multipath-tools, mupdf,
ntfs-3g, openssh, openvmtools, php, pixman, poppler, python-django,
python3, redis, samba4, shapelib, squashfs, squid, sudo, vim, wolfssl,
wpewebkit, zsh
- Fixes for download/compilation/runtime/license issues in
arm-trusted-firmware, botan, ca-certificates, collectd, dbus-broker,
docker-cli, docker-engine, exfatprogs, f2fs-tools, faad2, ffmpeg,
gitlab-runner, glibc, gnutls, gpsd, gptfdisk, gsl, gst-omx,
gst1-devtools, gst1-libav, gst1-plugins-bad, gst1-plugins-base,
gst1-plugins-good, gst1-plugins-ugly, gst1-python, gst1-rtsp-server,
gst1-vaapi, gstreamer1, gstreamer1-editing-services, hdparm, hostapd,
iwd, jack2, libbpf, libidn2, libmdbx, libopenssl, libpng,
libtorrent-rasterbar, libuhttpd, linux, linux-tools, lz4,
matchbox-startup-monitor, meson, musl, mv-ddr-marvell, mxml, nodejs,
numactl, paho-mqtt-c, perl-net-ssleay, procps-ng, rpi-userland, rsync,
rtl8189es, rtl8189fs, rtl8723bu, rtl8723ds, rtl8812au-aircrack-ng,
rtl8821au, socat, sqlite, swupdate, uclibc-ng-test, udisks, uftp,
umtprd, usbguard, vlc, volk, wavemon, wilc-driver,
wireguard-linux-compat, wpa_supplicant, zlib-ng
For more details, see the CHANGES file:
https://git.buildroot.net/buildroot/plain/CHANGES?id=2022.08.2
Users of the affected packages are strongly encouraged to upgrade.
Many thanks to all the people contributing to this release:
git shortlog -sn 2022.08.1..
Adrian Perez de Castro (1):
package/wpewebkit: security bump to version 2.36.8
Alexandru Ardelean (3):
package/nodejs: fix 'Duplicate v8 target errors when cross-compiling' error
package/nodejs: don't install nodejs host-tools
package/nodejs: build host-nodejs only if we're installing modules with NPM
Baruch Siach (8):
boot/arm-trusted-firmware: fix SSP support
boot/mv-ddr-marvell: disable SSP
boot/arm-trusted-firmware: don't enable SSP by default
libcurl: security bump to version 7.86.0
package/libcurl: fix crypto backend selection
package/socat: fix printf feature detection
package/socat: disable openssl for static build
boot/arm-trusted-firmware: fix SSP disable in v2.2
Bernd Kuhls (9):
package/hdparm: Fix sha256 tarball hash
package/ffmpeg: bump version to 4.4.3
package/php: security bump version to 8.1.11
package/samba4: security bump version to 4.15.11
package/php: security bump version to 8.1.12
DEVELOPERS: add Bernd Kuhls to package rsync
package/exim: fix typo in comment
package/pixman: security bump version to 0.42.2
package/vlc: fix opengl library check
Christian Stewart (2):
package/docker-cli: bump to version 20.10.19
package/docker-engine: bump to version 20.10.19
Cédric Le Goater (1):
configs/aspeed_ast2600evb: set BR2_ARM_FPU_VFPV4D16
Damien Le Moal (1):
configs/sipeed_*_sdcard: Add dependency on host-openssl
Fabrice Fontaine (65):
package/uhd: drop have_mfpu_neon
package/wolfssl: security bump to version 5.5.1
package/dnsmasq: security bump to version 2.87
package/darkhttpd: security bump to version 1.14
package/qdecoder: add QDECODER_CPE_ID_VENDOR
package/libinput: add LIBINPUT_CPE_ID_VENDOR
package/timescaledb: add TIMESCALEDB_CPE_ID_VENDOR
package/lrzip: add CPE variables
package/openssh: security bump to version 9.1p1
package/vim: security bump to version 9.0.0709
package/gnutls: bump to version 3.7.8
package/bind: security bump to version 9.16.33
package/freerdp: security bump to version 2.8.1
package/dbus: security bump to version 1.12.24
package/libxml2: security bump to version 2.10.3
package/lrzip: security bump to version 0.651
package/dhcp: security bump to version 4.4.3-P1
package/libosip2: security bump to version 5.3.1
package/rtl_433: add RTL_433_CPE_ID_VENDOR
package/squashfs: security bump to version 4.5.1
package/uftp: bump to version 5.0.1
package/libpng: bump to version 1.6.38
package/imagemagick: security bump to version 7.1.0-51
package/poppler: security bump to version 22.10.0
package/expat: bump to version 2.4.9
package/expat: security bump to version 2.5.0
package/libtasn1: security bump to version 4.19.0
package/usbguard: fix build without asciidoc
package/shapelib: add SHAPELIB_CPE_ID_VENDOR
package/shapelib: fix CVE-2022-0699
package/faad2: bump to version 2.10.1
package/lz4: fix LZ4_CPE_ID_VENDOR
package/lz4: bump to version 1.9.4
package/lz4: fix static build
package/wolfssl: security bump to version 5.5.2
package/zsh: security bump to version 5.9
package/f2fs-tools: add lz4 and lzo optional dependencies
package/f2fs-tools: fix build with lz4 1.9.4
package/lldpd: security bump to version 1.0.15
package/jack2: bump to version 1.9.21
package/numactl: use official license files
package/mxml: bump to version 3.3.1
package/exfatprogs: drop host-pkgconf dependency
package/msmtp: security bump to version 1.8.22
utils/genrandconfig: handle a10disp
package/oracle-mysql: add CPE variables
package/libtorrent-rasterbar: openssl is optional, not mandatory
package/procps-ng: fix build without __NR_pidfd_open
package/libidn2: fix build with libunistring
package/sudo: fix CVE-2022-43995
package/strongswan: security bump to version 5.9.8
package/botan: add host-python3 dependency
package/multipath-tools: add MULTIPATH_TOOLS_CPE_ID_VENDOR
package/wolfssl: bump to version 5.5.3
package/gsl: fix powerpc build
package/linux-tools: perf needs threads
package/libuhttpd: fix build with wolfssl >= 5.0
package/zlib-ng: fix build without neon
package/mupdf: fix CVE-2021-4216
package/gptfdisk: fix popt static build
package/linux-tools: fix static build
package/wavemon: fix kernel header collision
package/ntfs-3g: security bump to version 2022.10.3
package/perl-net-ssleay: bump to version 1.93_01
package/libvncserver: fix CVE-2020-29260
Francois Perrad (1):
package/sqlite: bump to version 3.39.4
Giulio Benetti (12):
package/collectd: work around gcc bug 68485
package/rtl8189es: fix build failure due to wrong endianness
package/gitlab-runner: fix forcing openssl
package/rtl8723bu: fix build failure on PowerPC
package/rtl8189es: disable package for s390x architecture
package/rtl8189fs: disable package for s390x architecture
package/rtl8723bu: disable package for s390x architecture
package/rtl8723ds: disable package for s390x architecture
package/rtl8812au-aircrack-ng: disable package for s390x architecture
package/rtl8821au: disable package for s390x architecture
package/wilc-driver: disable package for s390x architecture
DEVELOPERS: add Giulio Benetti to rtl8188eu package
Gwenhael Goavec-Merou (2):
package/volk: needs C++17, not boost
package/volk: fix licensing information
Heiko Thiery (2):
DEVELOPERS: add myself to configs/kontron_smarc_sal28_defconfig
configs/kontron_bl_imx8mm_defconfig: bump U-boot to 2022.10
James Hilliard (17):
package/volk: fix Config.in syntax error
package/meson: bump to version 0.63.3
package/gstreamer1: bump to version 1.20.4
package/gst1-plugins-base: bump version to 1.20.4
package/gst1-plugins-good: bump version to 1.20.4
package/gst1-plugins-bad: bump version to 1.20.4
package/gst1-plugins-ugly: bump version to 1.20.4
package/gst1-devtools: bump version to 1.20.4
package/gst1-libav: bump version to 1.20.4
package/gst1-vaapi: bump version to 1.20.4
package/gst1-rtsp-server: bump version to 1.20.4
package/gstreamer1-editing-services: bump version to 1.20.4
package/gst-omx: bump version to 1.20.4
package/gst1-python: bump version to 1.20.4
package/python3: security bump to version 3.10.8
package/nodejs: bypass configure shell wrapper
package/pkg-cmake.mk: MakeFiles -> Makefiles
Justin Wood (1):
package/ca-certificates: add support for cryptography >= 3.0
Lang Daniel (3):
package/iwd: no autoreconfigure
package/iwd: drop dbus check
package/paho-mqtt-c: bump to version 1.3.11
Markus Mayer (1):
package/rsync: force HAVE_C99_VSNPRINTF to "yes"
Michael Nosthoff (1):
configs/pine64: use mainline ATF
Neal Frager (6):
boot/uboot/uboot.mk: add pmufw.elf support
configs/zynqmp_zcu102_defconfig: fix pmufw sw reset
configs/zynqmp_zcu106_defconfig: fix pmufw sw reset
configs/zynqmp_kria_kv260_defconfig: fix pmufw sw reset
board/zynqmp/kria/kv260/uboot.fragment: remove unnecessary CONFIG_MULTI_DTB_FIT option
board/zynqmp/kria/kv260/kv260.sh: fix u-boot.itb without CONFIG_MULTI_DTB_FIT option
Nuno Gonçalves (4):
package/linux: don't leak host timezone into linux version string
package/libopenssl: don't build the afalg engine
packages/sudo: explicitly set with-tzdir
packages/sudo: explicitly set enable-tmpfiles.d
Paul Cercueil (1):
package/umtprd: add patch to fix output_dir make dependency
Peter Korsgaard (8):
toolchain/Config.in: correct BR2_TOOLCHAIN_HEADERS_AT_LEAST for 5.17
{linux, linux-headers}: bump 4.{9, 14, 19}.x / 5.{4, 10, 15}.x / 6.0.x series
package/python-django: security bump to version 4.0.8
package/wireguard-linux-compat: bump version to 1.0.20220627
package/squid: security bump to version 5.7
package/go: security bump to version 1.18.8
package/multipath-tools: security bump to version 0.9.3
Update for 2022.08.2
Sergey Matyukevich (2):
package/hostapd: fix static build issue with zlib-ng
package/wpa_supplicant: fix static build issue with zlib-ng
Stefan Agner (1):
package/openvmtools: fix CVE-2022-31676
Thomas Petazzoni (22):
package/nodejs: renumber patch 0001 to 0002
package/nodejs: improve 0001-add-qemu-wrapper-support.patch to fix build issue
package/nodejs: fixup qemu dependencies
package/nodejs: bump to v16.17.1
DEVELOPERS: remove Joerg Krause
DEVELOPERS: remove Nicolas Tran
package/openssh: fix hash of LICENSE file
boot/grub2: add patch to fix CVE-2021-3981
boot/grub2: ignore CVE-2021-46705
package/nodejs: drop support for the MIPS architecture
toolchain/toolchain-buildroot: introduce BR2_TOOLCHAIN_BUILDROOT_NONE
package/glibc: headers >= 5.4 needed on RISC-V 32-bit
package/musl: fixup the dynamic loader symlink
package/openvmtools: add CPE ID information
DEVELOPERS: remove Emile Cormier
support/testing/tests/package/test_python_flask*: increase time after server startup
support/testing/tests/package/test_python_crossbar: use ext2 instead of cpio
package/swupdate: add missing backslash
configs/kontron_bl_imx8mm: U-Boot needs util-linux
package/imagemagick: utilities now need C++ support
arch/arch.mk.xtensa: relax check on overlay file to apply only to internal toolchains
utils/genrandconfig: disallow configs with BR2_XTENSA_CUSTOM=y
Tim Gover (1):
package/rpi-userland: fix hello_ applications
Titouan Christophe (1):
package/redis: security bump to v7.0.5
Tobias Waldekranz (2):
package/libbpf: remove architecture restrictions
package/libbpf: install in the correct lib directory
Vincent Fazio (1):
package/swupdate: specify SWU_VER during build
Waldemar Brodkorb (1):
package/uclibc-ng-test: update to latest git
Wolfgang Grandegger (2):
package/udisks: install to staging
package/udisks: fix the tool name in the config help
Woody Douglass (1):
Force cmake packages to use makefiles
Yann E. MORIN (5):
package/volk: license list is comma-separated
package/gpsd: drop legacy cleanup
package/gpsd: actually wait for after chrony
package/matchbox-startup-monitor: fix build without C++
package/dbus-broker: audit support needs libcap-ng
yann.morin at orange.com (3):
Makefile: really generate glibc locales in parallel
support/scripts: don't require gawk to generate glibc gconv modules
toolchain: support gconv modules from glibc >= 2.34
Леонид Юрьев (Leonid Yuriev) (1):
package/libmdbx: bump version to 0.11.12
--
Bye, Peter Korsgaard
More information about the buildroot
mailing list