This is a security release.
Security:
* CVE-2025-31498. A use-after-free bug has been uncovered in read_answers() that was introduced in v1.32.3. Please see GHSA-6hxc-62jh-p29v
* CVE-2025-62408. A use-after-free bug has been uncovered in read_answers() that was introduced in v1.32.3. Please see GHSA-jq53-42q6-pqr5
Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
Fixes pgsql-server: the setup fails for any folder
Fixes#27228
Sets postgresql-specific configure flags that configure cannot run-test
to determine their value. This fixes improperly linked files that
prevent database initialization (at least) from working on the device.
Signed-off-by: Daniel F. Dickinson <dfdpublic@wildtechgarden.ca>
Add missing dependency +USE_GLIBC:libcrypt-compat to express dependency
on libcrypto.so.1 when building with GNU glibc.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Update to 1.4.14 for compatibility with the current packages infra
(python etc.)
* Refresh patches. Remove old upstream patch
* Remove absent maintainer
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
Adjust include path and cmake file path so that tesseract, the only user
of the library, finds the items in place. Should unbreak the tesseract
build.
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
Add pending patch to disable PAM support to limit need to add extra
dependency.
This is needed if libpam is selected as the package will detect the
library and enable support for it by default.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
It seems commit libndpi: update to version 5.0 wasn't really tested.
The hash from github codeload 5.0 version was wrong and also the PCRE2
patch didn't apply (as the changes are already present in 5.0)
Fix the hash and drop the upstream patch to restore correct compilation.
Fixes: 3a204f5158 ("libndpi: update to version 5.0")
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Upstream stopped libyubikey developments.
https://github.com/Yubico/yubico-c
ykpers and yubico-pam depends on this,
but both packages has been removed from repo.
Signed-off-by: Yanase Yuki <dev@zpc.st>
Don't install the ABI-less library to support potential multiple ABIs
side by side.
Add a matching tests to check the soname and ensure the ABI-less library
is not installed.
Fixes: aebfd49 ("sqlite3: bump to 3.49.1")
Signed-off-by: George Sapkin <george@sapk.in>
Replace boilerplate license header with a SPDX license identifier.
Set correct package license to blessing.
Fixes: 9236e4f ("sqlite3: import 3.7.12.1 (2012-05-22) from packages")
Link: https://spdx.org/licenses/blessing.html
Signed-off-by: George Sapkin <george@sapk.in>
Package spandsp3 in telephony feed require this package as an host tool
for the tiffio.h header.
Add all the bits and define to compile this as an Host tool to permit
correct compilation of spandsp3 package.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
libftdi was used only by telldus-core and the old libftdi 0.x version
hasn't been updated from 10 years.
telldus-core works correctly with libftdi1 with a trivial patch.
Drop the package for good instead of fixing it for CMake >= 4.0
compatibility.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Fix the following error:
tmp/.config-package.in:54327:error: recursive dependency detected!
tmp/.config-package.in:54327: symbol PACKAGE_libopenssl is selected by PACKAGE_liboqs
tmp/.config-package.in:60997: symbol PACKAGE_liboqs is selected by PACKAGE_libopenssl-oqsprovider
tmp/.config-package.in:54447: symbol PACKAGE_libopenssl-oqsprovider depends on PACKAGE_libopenssl
by reorganizing the dependency list for oqs-provider.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
This runs a couple of openssl commands to verify that the provider is
loading and generate a private key, without any output checks.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
[ use APK and improve commit title ]
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Add libopenssl provider of quantum-safe cryptography (QSC) library.
Tested-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
liboqs is an open source C library for quantum-safe cryptographic
algorithms.
liboqs provides:
- a collection of open source implementations of quantum-safe key
encapsulation mechanisms (KEMs) and digital signature algorithms
- a common API for these algorithms
- a test harness and benchmarking routines
liboqs is part of the Open Quantum Safe (OQS) project, which aims to
develop and integrate into applications quantum-safe cryptography to
facilitate deployment and testing in real world contexts. In particular,
OQS provides prototype integrations of liboqs into protocols like TLS,
X.509, and S/MIME, through our OpenSSL 3 Provider and we provide a
variety of other post-quantum-enabled demos.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Tested-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
The test script was still using opkg to install openssl-util. Use apk
instead, and move it to pre-test.sh so that openssl installation will
not depend on the order that the packages are tested.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
Backport upstream CMake patch to fix compilation error to support
CMake version >= 4.0.
Fixes: #27835
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Add 2 pending patch to handle CMake 4.0 support. One comes from an open
PR in the project [1]. The other is a downstream fix for trivial CMake
warning.
[1] https://github.com/lloyd/yajl/pull/256
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Update to 78.1
ICU 78 updates to Unicode 17 (blog), including new characters and scripts, emoji, collation & IDNA changes, and corresponding APIs and implementations.
It also updates to CLDR 48 (blog) locale data with new locales, and various additions and corrections.
In C++, there is a new set of APIs for Unicode string (UTF-8/16/32) code point iteration that works seamlessly with modern C++ iterators and ranges.
The C++ implementation of MessageFormat 2.0 is at CLDR 47 level and remains in technology preview.
ICU 78 and CLDR 48 are major releases, including a new version of Unicode and major locale data improvements.
Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
This patch adds the necessary host build infrastructure for yajl.
While OpenWrt doesn't strictly need this right now, merging this change
prevents downstream projects (like prplOS) from having to fork the package
just to build their host tools, thus keeping the code bases closer.
Signed-off-by: Cedric CHEDALEUX <cedric.chedaleux@orange.com>
