After (8aa5ee1721 package/git: bump to version 2.22.0) autoreconf
is not needed anymore because patch which modified the configure
script was removed.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Remove patch with NLS fix because it is was added into latest version.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
On some architectures, atomic binutils are provided by the libatomic
library from gcc. Linking with libatomic is therefore necessary,
otherwise the build fails with:
/home/test/autobuild/run/instance-2/output/host/sparc-buildroot-linux-uclibc/sysroot/usr/lib/libssl.a(ssl_cert.o): In function `CRYPTO_DOWN_REF':
/home/test/autobuild/run/instance-2/output/build/libopenssl-1.1.1a/include/internal/refcount.h:50: undefined reference to `__atomic_fetch_sub_4'
This is often for example the case on sparcv8 32 bit.
To fix this issue, use pkg-config to retrieve openssl dependencies
including atomic library, these dependencies must be passed to
LIB_4_CRYPTO IN GIT_MAKE_OPTS
Fixes:
- http://autobuild.buildroot.org/results/3093897d14a854a7252b25b2fa1f8fdcbb26c9b7
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fixes CVE-2018-17456: RCE issue in handling of git submodules
For more details, see the announcement:
https://marc.info/?l=git&m=153875888916397&w=2
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Forward port of security fixes from the 2.13.7 release. The 2.13.7
release notes say this:
* Submodule "names" come from the untrusted .gitmodules file, but we
blindly append them to $GIT_DIR/modules to create our on-disk repo
paths. This means you can do bad things by putting "../" into the
name. We now enforce some rules for submodule names which will cause
Git to ignore these malicious names (CVE-2018-11235).
Credit for finding this vulnerability and the proof of concept from
which the test script was adapted goes to Etienne Stalmans.
* It was possible to trick the code that sanity-checks paths on NTFS
into reading random piece of memory (CVE-2018-11233).
Cc: Matt Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Renamed --with-libpcre to --with-libpcre1. Currently --with-libpcre
activates pcre1 support but this can change in the future to pcre2:
df7fd961a9/configure.ac (L258)
Please note that we cannot use --with-/--without because it will lead
to an error reported by configure, for example
--with-libpcre1 --without-libpcre2
will produce
configure: error: Only supply one of --with-libpcre1 or --with-libpcre2!
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
To avoid the build error
grep.c:(.text+0xa02): undefined reference to `pcre_jit_exec'
we need to add NO_LIBPCRE1_JIT=1 according to
https://www.spinics.net/lists/git/msg314515.html
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This commit switches to use the new gettext logic, which involves
using TARGET_NLS_DEPENDENCIES instead of hand-encoded dependencies
on gettext/host-gettext.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Patches 0001 and 0002 already included in this release:
379642bcd82225e1ea20
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
The check-package script when ran gave warnings on only using
one space before backslashes on all of these makefiles.
This patch cleans up all warnings related to the one space before
backslashes rule in the make files in the package directory.
Signed-off-by: Adam Duskett <aduskett@codeblue.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
We want to use SPDX identifier for license string as much as possible.
SPDX short identifier for LGPLv2.1/LGPLv2.1+ is LGPL-2.1/LGPL-2.1+.
This change is done using following command.
find . -name "*.mk" | xargs sed -ri '/LICENSE( )?[\+:]?=/s/LGPLv2.1(\+)?/LGPL-2.1\1/g'
Signed-off-by: Rahul Bedarkar <rahulbedarkar89@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
We want to use SPDX identifier for license strings as much as possible.
SPDX short identifier for GPLv2/GPLv2+ is GPL-2.0/GPL-2.0+.
This change is done by using following command.
find . -name "*.mk" | xargs sed -ri '/LICENSE( )?[\+:]?=/s/\<GPLv2\>/GPL-2.0/g'
Signed-off-by: Rahul Bedarkar <rahulbedarkar89@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
The current code contains some obvious typos.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Make license type lists more uniform:
* put content license applies to in parenthesis; ex: "GPLv2+ (programs)"
* use commas to separate types listed without conjuction; ex: "GPLv2, LGPLv2"
No attempt was made to validate the claimed licenses. This is just a tweak
to increase uniformity of the _LICENSE variables.
Signed-off-by: Danomi Manchego <danomimanchego123@gmail.com>
Reviewed-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
[Thomas: replace semi-colons by commas in LIBURCU_LICENSE.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
- Bump version to 2.6.4
- Update the hash value
- Remove 0002-Makefile-make-curl-config-path-configurable.patch
- This patch is now part of upstream:
f89158760d
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Fix cross compilation by using curl-config script for target instead of the
one from host.
Signed-off-by: Remi Pommarel <repk@triplefau.lt>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
BR2_PACKAGE_CURL is currently used by the git package to find out if
libcurl is available. While indeed BR2_PACKAGE_CURL indicates that
libcurl is available, it is not the most appropriate option for this:
BR2_PACKAGE_LIBCURL is better. BR2_PACKAGE_LIBCURL indicates that
libcurl is available, while BR2_PACKAGE_CURL indicates that both
libcurl and the curl program are available. Only the former is needed
by Git.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
This commit doesn't touch infra packages.
Signed-off-by: Jerzy Grzegorek <jerzy.grzegorek@trzebnica.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>