kumquat-buildroot/package/libexif/libexif.mk

################################################################################
#
# libexif
#
################################################################################

LIBEXIF_VERSION = 0.6.21
LIBEXIF_SOURCE = libexif-$(LIBEXIF_VERSION).tar.bz2
LIBEXIF_SITE = http://downloads.sourceforge.net/project/libexif/libexif/$(LIBEXIF_VERSION)
LIBEXIF_INSTALL_STAGING = YES
LIBEXIF_DEPENDENCIES = host-pkgconf
LIBEXIF_LICENSE = LGPL-2.1+
LIBEXIF_LICENSE_FILES = COPYING

# 0001-fixes-some-not-all-buffer-overreads-during-decoding-.patch
LIBEXIF_IGNORE_CVES += CVE-2016-6328
# 0002-On-saving-makernotes-make-sure-the-makernote-contain.patch
LIBEXIF_IGNORE_CVES += CVE-2017-7544
# 0004-Improve-deep-recursion-detection-in-exif_data_load_d.patch
LIBEXIF_IGNORE_CVES += CVE-2018-20030
# 0005-fix-CVE-2019-9278.patch
LIBEXIF_IGNORE_CVES += CVE-2019-9278

$(eval $(autotools-package))
Normalize separator size to 80 Signed-off-by: Alexandre Belloni <alexandre.belloni@free-electrons.com> Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk> 2013-06-06 01:53:30 +02:00			`################################################################################`
package: add libexif [Peter: fix Config.in indentation, source URL] Signed-off-by: Guillaume Gardet <guillaume.gardet@free.fr> Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk> 2011-04-26 10:00:15 +02:00			`#`
			`# libexif`
			`#`
Normalize separator size to 80 Signed-off-by: Alexandre Belloni <alexandre.belloni@free-electrons.com> Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk> 2013-06-06 01:53:30 +02:00			`################################################################################`
package: add libexif [Peter: fix Config.in indentation, source URL] Signed-off-by: Guillaume Gardet <guillaume.gardet@free.fr> Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk> 2011-04-26 10:00:15 +02:00
libexif: security bump to version 0.6.21 Fixes CVE-2012-2812, CVE-2012-2813, CVE-2012-2814, CVE-2012-2836, CVE-2012-2837, CVE-2012-2840, CVE-2012-2841 and CVE-2012-2845. Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> 2012-07-17 14:54:27 +02:00			`LIBEXIF_VERSION = 0.6.21`
package: add libexif [Peter: fix Config.in indentation, source URL] Signed-off-by: Guillaume Gardet <guillaume.gardet@free.fr> Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk> 2011-04-26 10:00:15 +02:00			`LIBEXIF_SOURCE = libexif-$(LIBEXIF_VERSION).tar.bz2`
remove rest of the BR2_SOURCEFORGE_MIRROR references Signed-off-by: Stefan Fröberg <stefan.froberg@petroprogram.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> 2012-08-26 01:52:48 +02:00			`LIBEXIF_SITE = http://downloads.sourceforge.net/project/libexif/libexif/$(LIBEXIF_VERSION)`
package: add libexif [Peter: fix Config.in indentation, source URL] Signed-off-by: Guillaume Gardet <guillaume.gardet@free.fr> Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk> 2011-04-26 10:00:15 +02:00			`LIBEXIF_INSTALL_STAGING = YES`
packages: switch to host-pkgconf Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Acked-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk> 2012-10-22 17:47:52 +02:00			`LIBEXIF_DEPENDENCIES = host-pkgconf`
boot, package: use SPDX short identifier for LGPLv2.1/LGPLv2.1+ We want to use SPDX identifier for license string as much as possible. SPDX short identifier for LGPLv2.1/LGPLv2.1+ is LGPL-2.1/LGPL-2.1+. This change is done using following command. find . -name "*.mk" \| xargs sed -ri '/LICENSE( )?[\+:]?=/s/LGPLv2.1(\+)?/LGPL-2.1\1/g' Signed-off-by: Rahul Bedarkar <rahulbedarkar89@gmail.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> 2017-03-30 15:43:34 +02:00			`LIBEXIF_LICENSE = LGPL-2.1+`
libexif: add licensing info Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Peter Korsgaard <peter@korsgaard.com> 2013-12-11 14:23:39 +01:00			`LIBEXIF_LICENSE_FILES = COPYING`
package: add libexif [Peter: fix Config.in indentation, source URL] Signed-off-by: Guillaume Gardet <guillaume.gardet@free.fr> Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk> 2011-04-26 10:00:15 +02:00
package/libexif: annotate CVEs Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com> 2020-04-01 23:46:09 +02:00			`# 0001-fixes-some-not-all-buffer-overreads-during-decoding-.patch`
			`LIBEXIF_IGNORE_CVES += CVE-2016-6328`
			`# 0002-On-saving-makernotes-make-sure-the-makernote-contain.patch`
			`LIBEXIF_IGNORE_CVES += CVE-2017-7544`
			`# 0004-Improve-deep-recursion-detection-in-exif_data_load_d.patch`
			`LIBEXIF_IGNORE_CVES += CVE-2018-20030`
			`# 0005-fix-CVE-2019-9278.patch`
			`LIBEXIF_IGNORE_CVES += CVE-2019-9278`

all packages: rename XXXTARGETS to xxx-package Also remove the redundant $(call ...). This is a purely mechanical change, performed with find package linux toolchain boot -name \*.mk \| \ xargs sed -i -e 's/$(eval $(call GENTARGETS))/$(eval $(generic-package))/' \ -e 's/$(eval $(call AUTOTARGETS))/$(eval $(autotools-package))/' \ -e 's/$(eval $(call CMAKETARGETS))/$(eval $(cmake-package))/' Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> 2012-07-03 00:07:32 +02:00			`$(eval $(autotools-package))`