This switches to x11vnc's new upstream location at github. Autoreconf is
added because it's only a code snapshot release. Subsequent releases
will most probably look the same, see
https://github.com/LibVNC/x11vnc/issues/35#issuecomment-297474900
Reviewed-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Martin Kepplinger <martink@posteo.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Some configure options have been renamed. Support for the deprecated
FT2232 devices has been removed in this release, so remove this option.
Signed-off-by: Christophe Priouzeau <christophe.priouzeau@st.com>
[Thomas:
- Add Config.in.legacy handling, suggested by Arnout.
- Improve commit log with more details, suggested by Arnout.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Wordexp support is needed by more and more packages, recently
bluez5_utils. It adds only ~16 KB to uClibc, so let's add it by default
to keep things simple.
Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
Acked-by: Waldemar Brodkorb <wbx@openadk.org>
[Thomas: rework commit message.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
The patches are removed as they are part of this release. 0.0.7 is a
bugfix and compatibility release to keep this usable for on newer systems.
Signed-off-by: Martin Kepplinger <martink@posteo.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
This switches upstream to the Github project where xf86-input-tslib is
currently maintained - in cooperation with Pengutronix, who had hosted
the tarball release up until now.
Signed-off-by: Martin Kepplinger <martink@posteo.de>
[Thomas: fix XDRIVER_XF86_INPUT_TSLIB_SITE value.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
This bump fixes a compile error on powerpc.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Kodi 17 does not depend on libsquish anymore:
ed03f828be
We can therefore remove the patch which was needed for Kodi <= 16.x.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Support was added by https://github.com/xbmc/xbmc/pull/11846
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
After this commit
bad3902b4a
libxslt, together with libxml2, are an optional package.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
ac_cv_type__Bool=yes is needed to fix compilation with gcc >= 5.
Added patch to fix X.org includes.
Added dependency for libpng previously provided by Kodi.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
kodi-platform is not a dependency anymore:
b7ae86ad86
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Needed for upcoming kodi version bump to 17.1-Krypton which will also
switch the kodi build system to CMake.
"-std=c++0x" is needed to maintain compatability with host-gcc 4.6.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
[Thomas: move texturepacker patch from Kodi package, use SPDX license
code, minor tweaks.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Needed for upcoming kodi version bump to 17.1-Krypton which will also
switch the kodi build system to CMake.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
[Thomas: do not add texturepacker patch in this commit, use SPDX license
code.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Needed for the Kodi skin package to control the default skin setup.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Replaced patch 0001 with an alternate solution.
Updated license info after
a1e5905874
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
CVE-2017-8291 - Artifex Ghostscript through 2017-04-26 allows -dSAFER bypass
and remote command execution via a "/OutputFile (%pipe%" substring in a
crafted .eps document that is an input to the gs program, as exploited in
the wild in April 2017.
For more details, see https://bugzilla.suse.com/show_bug.cgi?id=1036453
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
When called from BR2_ROOTFS_POST_IMAGE_SCRIPT, this script
ends up with following error:
Error: Missing argument
This is because, an extra positional argument is also passed
along with BR2_ROOTFS_POST_SCRIPT_ARGS. genimage.sh didn't
have support to parse positional and optional arguments
together.
Signed-off-by: Abhimanyu Vishwakarma <Abhimanyu.V@gmail.com>
Reviewed-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Tested-by: Rahul Bedarkar <rahulbedarkar89@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The advantages of using a pre-existing coding style instead of creating
our own are:
- documenting on the manual takes a single sentence;
- there are automatic tools to help during development/review.
So document that PEP8 recommendation should be followed.
Cc: Arnout Vandecappelle <arnout@mind.be>
Cc: Maxime Hadjinlian <maxime.hadjinlian@gmail.com>
Cc: Samuel Martin <s.martin49@gmail.com>
Cc: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security issues:
Since 1.10.3:
CVE-2016-9013 - User with hardcoded password created when running tests on
Oracle
Marti Raudsepp reported that a user with a hardcoded password is created
when running tests with an Oracle database.
CVE-2016-9014 - DNS rebinding vulnerability when DEBUG=True
Aymeric Augustin discovered that Django does not properly validate the Host
header against settings.ALLOWED_HOSTS when the debug setting is enabled. A
remote attacker can take advantage of this flaw to perform DNS rebinding
attacks.
Since 1.10.7:
CVE-2017-7233 - Open redirect and possible XSS attack via user-supplied
numeric redirect URLs
It was discovered that is_safe_url() does not properly handle certain
numeric URLs as safe. A remote attacker can take advantage of this flaw to
perform XSS attacks or to use a Django server as an open redirect.
CVE-2017-7234 - Open redirect vulnerability in django.views.static.serve()
Phithon from Chaitin Tech discovered an open redirect vulnerability in the
django.views.static.serve() view. Note that this view is not intended for
production use.
Cc: Oli Vogt <oli.vogt.pub01@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
