CVE-2015-3991 - denial-of-service and potential remote code execution
vulnerability triggered by IKEv1/IKEv2 messages that contain payloads
for the respective other IKE version.
other IKE version
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes:
CVE-2015-3808 CVE-2015-3809 - The LBMR dissector could go into an
infinite loop.
CVE-2015-3811 - The WCP dissector could crash while decompressing data.
CVE-2015-3812 - The X11 dissector could leak memory.
CVE-2015-3813 - The packet reassembly code could leak memory.
CVE-2015-3814 - The IEEE 802.11 dissector could go into an infinite
loop.
CVE-2015-3815 - The Android Logcat file parser could crash.
Patch upstream so drop and disable autoreconf.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Peter Korsgaard [Sun, 31 May 2015 21:12:32 +0000 (23:12 +0200)]
conntrack-tools: adjust comment to match conditional
Commit 3afbc4f3 (conntrack-tools: uses dlopen(), not available on static
builds) adjusted the dependencies for the comment, but forgot to update the
comment itself.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Doug Kehn [Wed, 27 May 2015 23:51:53 +0000 (18:51 -0500)]
package/ncurses: Fix GCC 5.x preprocessor failure
Building ncurses 5.9 with GCC 5.x fails with a syntax error, caused by
earlier preprocessing. This failure is more likely when building for
host (e.g. host-ncurses) that recently updated to GCC 5.x.
This patch is taken from the following link (more information is also
available here):
https://groups.google.com/forum/#!topic/sage-trac/U31shviuqzk
Thomas Petazzoni [Fri, 29 May 2015 20:52:24 +0000 (22:52 +0200)]
python3: add patch to fix logic to get gcc paths
The Python setup.py has a function called add_gcc_paths(), which
executes gcc -E -v to get the list of header paths searched by
gcc. However, the logic of setup.py is only valid with the normal
english output of gcc: it doesn't work if a non-english locale is
set. This causes setup.py to not find certain headers (such as zlib.h)
and therefore disabling the build of such extensions.
Reported-by: Bruno Coudoin <bruno.coudoin@gcompris.net> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Thomas Petazzoni [Fri, 29 May 2015 20:52:23 +0000 (22:52 +0200)]
python: add patch to fix logic to get gcc paths
The Python setup.py has a function called add_gcc_paths(), which
executes gcc -E -v to get the list of header paths searched by
gcc. However, the logic of setup.py is only valid with the normal
english output of gcc: it doesn't work if a non-english locale is
set. This causes setup.py to not find certain headers (such as zlib.h)
and therefore disabling the build of such extensions.
Reported-by: Bruno Coudoin <bruno.coudoin@gcompris.net> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
[Peter: unixodbc only needs -lpthread if toolchain has threads support] Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Baruch Siach [Thu, 28 May 2015 11:35:28 +0000 (14:35 +0300)]
support/download: relocate the git clone comment
Following commit 95a572282e87 (pkg-infra: move the git download helper to a
script, 2014-07-02), move the comment describing the shallow clone trickery as
well. Merge this comment with the existing helper comment that was added in 7e40a1103a91 (support/download: convert git to use the wrapper, 2014-08-03).
Rename $($(PKG)_DL_VERSION) to ${cset} to match the helper code context.
Cc: "Yann E. MORIN" <yann.morin.1998@free.fr> Signed-off-by: Baruch Siach <baruch@tkos.co.il> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Bernd Kuhls [Sat, 30 May 2015 22:55:32 +0000 (00:55 +0200)]
package/php: Disable jit in bundled pcre library
Quote from ext/pcre/pcrelib/doc/pcre.txt
"This support is available only for certain hardware architectures. If
this option is set for an unsupported architecture, a compile time
error occurs."
Disable jit support on unsupported archs by updating ext/pcre/pcrelib/config.h
Peter Korsgaard [Wed, 27 May 2015 10:35:52 +0000 (12:35 +0200)]
libstrophe: install into target
Since a7134ce6745 (libstrophe: bump version), the package does in fact build
and install a shared library, so ensure it also ends up in target so it can
be found at runtime.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Yann E. MORIN [Sat, 23 May 2015 12:57:56 +0000 (14:57 +0200)]
package/php: fix build without threads and pcre
The pcre library bundled in php is not configurable through the usual
--enable/disable options, but wants to be thread-safe by default, so it
wants to use pthreads (uncludes pthread.h and uses pthread_* functions).
So, just override the default configuration to explicitly require the
bundled pcre library be single-threaded when we have no thread and are
not using the external pcre library.
We're explicitly linking against libintl/libiconv if enabled when linking
statically, but weren't ensuring that those libraries had already been built
before gptfdisk leading to linker issues.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Due to weird constructs in the Makefiles, lanplus is always built, even
when explicitly disabled with --disable-lanplus .
So, add a patch to enforce disabling lanplus. We're doing an at-minima
patch just for the upcoming Buildroot release, and to avoid diverging
too far from upstream...
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr> Cc: Peter Korsgaard <jacmet@uclibc.org> Cc: Romain Naour <romain.naour@openwide.fr> Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Yann E. MORIN [Sat, 23 May 2015 15:40:33 +0000 (17:40 +0200)]
package/ipmiutil: disable parallel build
ipmiutil has a race when generating the object files and the executable,
because it uses very odd (to say the least) constructs in its
Makefile.am, leading to improper dependency-tracking.
Since impmiutil is pretty small, and because it is just mindbloggingly
complex to fix its Makefile.am, just disable parallel build.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr> Cc: Peter Korsgaard <jacmet@uclibc.org> Cc: Romain Naour <romain.naour@openwide.fr>
Cc Thomas Petazzoni <thomas.petazzoni@free-electrons.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Mkfs.jffs2 accepts a --pagesize parameter, which allows specifying the size
of the virtual memory page size of the target machine, where the image will
be used. (This is the value of the PAGE_SIZE macro in Linux.) In most cases
the parameter doesn't need to be set as the default value of 4 kB is usually
correct.
The parameter was used incorrectly in Buildroot -- it was set to the page
size of flash memory chip -- this commit fixes this problem. Now the
--pagesize parameter is not used at all (unless the user explicitly chooses
to use a custom value during configuration). All existing defconfigs were
corrected to match the new configuration variable names.
[Peter: reword, add Config.in.legacy handling] Signed-off-by: Michał Leśniewski <mlesniew@gmail.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Peter Korsgaard [Thu, 21 May 2015 22:04:32 +0000 (00:04 +0200)]
neardal: properly quote output of pkg-config
Commit 5504039c4e (neardal: fix readline/libedit detection with static
linking) added the output of pkg-config to the LIBS shell variable without
adding quotes around it, breaking the logic if the output would ever consist
of more than 1 word.
Now, pkg-config --libs ncurses currently only outputs '-lncurses', so
nothing is really broken (for now atleast), but lets add the quotes before
it does or the syntax gets copied somewhere else where it does.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
As opposed to the other audio backends, the configure script does NOT use
pkg-config to figure out how to link with portaudio, breaking static linking
as portaudio uses pthreads.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Adds functionality to the kconfig infrastructure to merge additional
configuration fragment files to the main configuration file of
kconfig packages, using support/kconfig/merge_config.sh
Typical use-case is when you want your configuration to be
kept in sync with an upstream (def)config file, but do require
some minor local modifications.
Disables -update-config and -update-defconfig targets when
fragment files are set.
[Thomas: take into account comments made by Arnout:
- Minor fixes in the documentation changes
- Add @ before the tests done in the $(1)-update-config and
$(1)-update-defconfig targets.]
Signed-off-by: Floris Bos <bos@je-eigen-domein.nl> Tested-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be> Tested-by: Gergely Imreh <imrehg@gmail.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Bernd Kuhls [Thu, 21 May 2015 10:57:54 +0000 (12:57 +0200)]
package/protobuf: Update site url
Package moved to github:
https://developers.google.com/protocol-buffers/docs/downloads
"Our old Google Code repositiory is: https://code.google.com/p/protobuf/.
We moved to github on Aug 26, 2014 [...]"
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
florent valette [Sun, 17 May 2015 08:16:24 +0000 (10:16 +0200)]
flashrom: Bump to version 0.9.8
This version adds support for new Intel SoC (e.g. BayTrail) and
spi over usb devices such as pickit2 and ftdi usb-spi.
[Thomas:
- add missing Config.in comment about the thread dependency
- remove 'Requires PCIUtils libraries' from the Config.in help text,
since flashrom now requires more than PCIUtils library, and we
typically don't document such dependencies in Config.in help
texts.]
Signed-off-by: Florent Valette <florent.valette@gmail.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Bernd Kuhls [Thu, 21 May 2015 17:19:08 +0000 (19:19 +0200)]
package/apr: Add libuuid as optional dependency
libuuid is picked up by apr when present:
Checking for OS UUID Support...
checking uuid/uuid.h usability... yes
checking uuid/uuid.h presence... yes
checking for uuid/uuid.h... yes
checking for library containing uuid_generate... -luuid
checking for uuid_generate... yes
checking for os uuid usability... yes