The 3.5.x has been promoted to stable, hence 3.4.x is deprecated and
3.3.x kept as old-stable.
libdane now specifies LGPLv2.1+ so drop the README kludge (which is also
gone regarding licensing).
libunistring is a new dependency, even though gnutls ships a builtin version
we prefer to use unbundled to avoid duplication with other users and target
size growth.
Fixes:
GNUTLS-SA-2017-01 - It was found using the OSS-FUZZ fuzzer
infrastructure that decoding a specially crafted X.509 certificate with
Proxy Certificate Information extension present could lead to a double
free.
GNUTLS-SA-2017-02 - It was found using the OSS-FUZZ fuzzer
infrastructure that decoding a specially crafted OpenPGP certificate
could lead to heap and stack overflows.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes CVE-2016-8707 (Fix possible buffer overflow when writing
compressed TIFFS). This CVE fix is included since 7.0.3-9:
fde5f55af9
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Also remove the patch since it's already contained in this release.
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit 3d707d2b (mysql: rename package to oracle-mysql, make a virtual
package) introduced a user selectable virtual BR2_PACKAGE_MYSQL package, but
didn't propagate the (common) dependencies of the two variants to it, so the
virtual package can now be selected even though neither of the variants are
available.
As several packages enable mysql support when BR2_PACKAGE_MYSQL is selected,
this causes a number of autobuilder issues:
http://autobuild.buildroot.net/results/7fe/7fe0d0a3e7ed0430852dc42b718dd037557207e8/http://autobuild.buildroot.net/results/cc4/cc4c2d936f3e1ba6c0a9782b2218de54a4ff75d2/
Fix it by propagating the common dependencies of the two variants to the
virtual package to ensure it cannot be enabled unless at least one of them
are available.
Also move the toolchain comment outside the conditional so it is visible
when mysql isn't available.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add support for the KMS video sink element. From the Gstreamer 1.10
release notes:
"New element kmssink to render video using Direct Rendering Manager (DRM)
and Kernel Mode Setting (KMS) subsystems in the Linux kernel. It is oriented
to be used mostly in embedded systems."
Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit f09b33a0a (qextserialport: fix static build) adjusted the logic for
static builds, but the change contained a typo - It disabled
_INSTALL_STAGING for static builds, not _INSTALL_TARGET.
The autobuilders didn't detect this as nothing links against qextserialport
(so the missing staging install didn't cause issues) and the target install
command was only defined for !static.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Recent perls are built with the `default_inc_excludes_dot` option.
As many CPAN modules rely on '.' in @INC, the toolchain
must set `PERL_USE_UNSAFE_INC`.
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit 3fd9c062e (nodejs: bump to version 6.9.2) bumped the 6.x version but
forgot to rename the patch directory, so the patches were no longer used.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
- do not remove iconv.h when UCLIBC_HAS_LOCALE enabled
- select UCLIBC_HAS_LIBICONV when UCLIBC_HAS_LOCALE enabled
Fixes:
http://autobuild.buildroot.net/?reason=libglib2-2.50.2&step=250
Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Ecore will reach 'upower' using D-Bus system bus in order to detect if
the system state changes and let applications know about the power
state such as low battery or AC power in order to optimize their power
consumption.
For host this is not needed and would not work, since output/host DBus
declares its own output/host/var/run/dbus/system_bus_socket, which has
no dbus-daemon and thus no services in it.
For target it's optional and only installed if BR2_PACKAGE_UPOWER=y,
otherwise it prints error messages about missing upower service.
Signed-off-by: Gustavo Sverzut Barbieri <barbieri@profusion.mobi>
Reviewed-by: Romain Naour <romain.naour@gmail.com>
Acked-by: Romain Naour <romain.naour@gmail.com>
Tested-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
We unfortunately cannot easily download these because of the file names (not
ending in patch) and patch format (p0), so convert to p1 format and include
in package/bash.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Revert the decision to remove the wrappers, but remove the extra
Config symbol and add it by default. Required for kmod package.
Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Security related fixes:
- Heap-based buffer overflow in rfbproto.c in LibVNCClient in LibVNCServer
before 0.9.11 (CVE-2016-9941)
- Heap-based buffer overflow in ultra.c in LibVNCClient in LibVNCServer
before 0.9.11 (CVE-2016-9942)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Bugfixes:
- CVE-2017-5193: Correct a NULL pointer dereference in the nickcmp function
found by Joseph Bisch (GL#1)
- CVE-2017-5194: Correct an error when receiving invalid nick message (GL#4,
#466)
- CVE-2017-5195: Correct an out of bounds read in certain incomplete control
codes found by Joseph Bisch (GL#2)
- CVE-2017-5196: Correct an out of bounds read in certain incomplete
character sequences found by Hanno Böck and independently by J. Bisch
(GL#3)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
