Drop 0003-Problem-return-code-of-sodium_init-is-not-checked.patch since
it's in this release.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add upstream patch to fix build failure of zeromq with latest
libsodium, since sodium_init() has a retval and is now declared to warn
on unused result, with zeromq treating warnings as errors.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
In the upstream git://github.com/zeromq/libzmq.git:
commit 6fdafc458a776e063511bb83dc7791aabea00b05 obviated the need for
0001-tests-disable-test_fork-if-fork-is-not-available.patch .
commit c8ee16940fff19ae3c12b4596c4bd131b2c71996 obviated the need for
0004-allow-without-libsodium.patch .
Fixed AUTORECONF comment in zeromq.mk to refer to the correct patch,
0001-acinclude.m4-make-kernel-specific-flags-cacheable.patch
Signed-off-by: Jonathan Ben Avraham <yba@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Fixes:
CVE-2014-7202 - stream_engine.cpp in libzmq (aka ZeroMQ/C++)) 4.0.5
before 4.0.5 allows man-in-the-middle attackers to conduct downgrade
attacks via a crafted connection request.
CVE-2014-7203 - libzmq (aka ZeroMQ/C++) 4.0.x before 4.0.5 does not
ensure that nonces are unique, which allows man-in-the-middle attackers
to conduct replay attacks via unspecified vectors.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>