[pull] master from buildroot:master#910
Merged
pull[bot] merged 12 commits intomir-one:masterfrom Mar 12, 2026
Merged
Conversation
For change log since v0.3.30, see: https://github.com/OpenMathLib/OpenBLAS/releases/tag/v0.3.31 Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Julien Olivain <ju.o@free.fr>
This commit switches the aarch64_efi_defconfig to an external glibc stable Bootlin toolchain, to follow recommendation from [1]. Since an external toolchain is used, the linux-headers.hash custom hash file is no longer needed and is removed. [1] https://elinux.org/Buildroot:DeveloperDaysELCE2024#Rules_for_defconfigs Signed-off-by: Julien Olivain <ju.o@free.fr>
Tested-by: Vincent Stehlé <vincent.stehle@arm.com>
[Vincent: tested on: IOT-GATE-iMX8 (eMMC), ROCKPro64 (SD card),
Qemu virt, Qemu SBSA and FVP Base RevC]
Signed-off-by: Julien Olivain <ju.o@free.fr>
genimage has an alias for the root-arm64 uuid [1]. [1] https://github.com/pengutronix/genimage/blob/v19/image-hd.c#L284 Signed-off-by: Julien Olivain <ju.o@free.fr>
Building Go 1.26 and later requires Go 1.24.6 or later for bootstrap. To support this we use Go version 1.25.8 as the version for go-bootstrap-stage5 and have the build for Go 1.26.1 depend on go-bootstrap-stage5. Go version 1.25.8 is the latest Go version we can build using go-bootstrap-stage4. The package build for go-bootstrap-stage5 is effectively identical to go-bootstrap-stage4 with only the Go version and stage number changed. Go 1.28 is expected to require a minor release of Go 1.26 for bootstrap. Fixes the following security vulnerabilities: - CVE-2026-25679: net/url: reject IPv6 literal not at start of host - CVE-2026-27142: html/template: URLs in meta attribute actions not escaped - CVE-2026-27137: crypto/x509: incorrect enforcement of email constraints - CVE-2026-27138: crypto/x509: panic in name constraint checking: certificates - CVE-2026-27139: os: FileInfo can escape from a Root For full release notes, see: https://go.dev/doc/devel/release#go1.26.0 Signed-off-by: Christian Stewart <christian@aperture.us> Signed-off-by: Julien Olivain <ju.o@free.fr>
https://www.musicpd.org/news/2026/03/mpd-0-24-9-released/ https://raw.githubusercontent.com/MusicPlayerDaemon/MPD/v0.24.9/NEWS " - curl: fix build failure after CURL 8.19 API change" Signed-off-by: Bernd Kuhls <bernd@kuhls.net> Signed-off-by: Julien Olivain <ju.o@free.fr>
https://curl.se/ch/8.19.0.html https://curl.se/docs/security.html Fixes the following CVEs: CVE-2026-3805: use after free in SMB connection reuse CVE-2026-3784: wrong proxy connection reuse with credentials CVE-2026-3783: token leak with redirect and netrc CVE-2026-1965: bad reuse of HTTP Negotiate connection Switch to sha256 tarball hash provided by upstream. Updated license hash due to copyright year bump: curl/curl@e83c82f Signed-off-by: Bernd Kuhls <bernd@kuhls.net> [Julien: add back pgp signature info in hash file] Signed-off-by: Julien Olivain <ju.o@free.fr>
https://github.com/libarchive/libarchive/releases/tag/v3.8.6 "Libarchive 3.8.6 is a security and bugfix release." Signed-off-by: Bernd Kuhls <bernd@kuhls.net> Signed-off-by: Julien Olivain <ju.o@free.fr>
Updating the hash of the WHENCE file, due to firmware additions and firmware changes, but no changes to the redistribution/licensing conditions. Signed-off-by: Bernd Kuhls <bernd@kuhls.net> Signed-off-by: Julien Olivain <ju.o@free.fr>
https://lists.freedesktop.org/archives/mesa-announce/2026-March/000841.html Signed-off-by: Bernd Kuhls <bernd@kuhls.net> Signed-off-by: Julien Olivain <ju.o@free.fr>
https://discourse.llvm.org/t/llvm-22-1-1-released/90150 Signed-off-by: Bernd Kuhls <bernd@kuhls.net> Signed-off-by: Julien Olivain <ju.o@free.fr>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
See Commits and Changes for more details.
Created by
pull[bot] (v2.0.0-alpha.4)
Can you help keep this open source service alive? 💖 Please sponsor : )