Fixes:
CVE-2014-8080 - Denial of service XML expansion
And change default ext/openssl settings WRT CVE-2014-3566.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Disable fiddle support because of compile failure (no ffi_closure support
for bfin).
Fixes:
http://autobuild.buildroot.net/results/0a8/0a854274b520d4daca3911a64777a447b5756a52/
[Thomas: slightly adjust the comment wording.]
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
To be consistent with the recent change of FOO_MAKE_OPT into FOO_MAKE_OPTS,
make the same change for FOO_CONF_OPT.
Sed command used:
find * -type f | xargs sed -i 's#_CONF_OPT\>#&S#g'
Signed-off-by: Thomas De Schampheleire <thomas.de.schampheleire@gmail.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
At least for ruby 2.x we need to --disable-rubygems besides removing the
gems files to avoid the requires.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Ruby can now use gmp optionally, so make sure that if the gmp package
for the target is enabled, it gets built before the ruby package, and
the appropriate configure options are passed to Ruby.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
When building host-ruby, if gmp seems to be available (for example
when host-gmp is built as a dependency of building the toolchain),
Ruby tries to use it. Unfortunately, it fails to use it because there
is no static version of host-gmp that is built and installed.
Since we anyway don't care much about gmp support in host-ruby, simply
disable it.
This issue was introduced since the bump to Ruby 2.1.0, and this
commit fixes:
http://autobuild.buildroot.org/results/e19/e197f20bd5ec4aae6d8692d67df4f539a9df33e2/
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This commit bumps Ruby to version 2.1.2. It was quickly runtime tested
on ARM EBIhf.
In addition to this it changes the site to an http:// location, which
is the official one advertised on the Ruby web site.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The dl_iterate_phdr() C library function on Blackfin returns a
non-conventional structure format compared to other architectures,
which makes Ruby unable to use it. Since it's just an optional feature
of Ruby apparently used to generate more fancy backtraces, this commit
simply disables the usage of dl_iterate_phdr() on this architecture.
Fixes:
http://autobuild.buildroot.org/results/1b0/1b0e2f5f95889eb26846927da45d128247d0ed89/
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
No matter what you do, the Ruby build system wants to use shared
libraries for the encoding modules. Therefore, this commit disallows
the selection of Ruby in BR2_PREFER_STATIC_LIB situations.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
It's currently in a non-working state since it requires a couple of
extensions that don't build at the moment (they try to execute tests in
configure) and also requires a target compiler.
So remove it to avoid false expectations and reclaim target space back
of about 1.5 MiB.
[Thomas: slightly reword comments.]
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
As reported by Fatih Aşıcı on the mailing list it sometimes fails with
the host openssl depending on versions when development files are
installed.
And as suggested by Thomas Petazzoni it's really not required for
anything so just disable it.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Jerzy Grzegorek <jerzy.grzegorek@trzebnica.net>
Reviewed-by: Thomas De Schampheleire <thomas.de.schampheleire@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This patch lines up the comments in Config.in files that clarify which
toolchain options the package depends on.
Signed-off-by: Thomas De Schampheleire <thomas.de.schampheleire@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The 'pcrel too far' problem detected in the autobuild on SuperH
architectures, seems to be caused by the -Os optimization flag. Using
standard optimization fixes the problem.
Fixes http://autobuild.buildroot.net/results/bc36e051e06f596c2fafdd3cc3745bb34b73ace3/
Investigated-by: Lionel Orry <lionel.orry@gmail.com>
Signed-off-by: Thomas De Schampheleire <thomas.de.schampheleire@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Based on the contents of LEGAL, without checking the code.
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes JSON DoS (CVE-2013-0269) and REXML DoS (no assigned CVE yet).
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
Security Fix for RubyGems: SSL server verification failure for remote
repository.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
Commit 150124b (ruby: fix host build breakage) tried to fix host-ruby
build failures by disabling ncurses/readline extensions, but the
ruby configure script doesn't understand --without-ncurses /
--without-readline arguments, so the commit didn't do anything.
Fix it by really disabling them using the --with-out-ext argument.
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
When building host-ruby with ncurses enabled on an x86_64 host we get a
"relocation R_X86_64_32 against `_nc_globals' can not be used when making
a shared object; recompile with -fPIC" error when building.
Just disable ncurses and readline support for the host version - we
don't need it.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
Fix build breakage regarding invalid file format of
/usr/lib/libpthread.so
This is because ruby has rpath enabled by default and was throwing in
the runtime paths and pulling in host libraries into the mix.
So disable rpath.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
Thanks to the pkgparentdir and pkgname functions, we can rewrite the
AUTOTARGETS macro in a way that avoids the need for each package to
repeat its name and the directory in which it is present.
[Peter: pkgdir->pkgparentdir]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
[Peter: autoreconf needed for host as well]
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
These are probaly out of date by now, and lack of special handling for
avr32 doesn't mean that a package won't work on avr32, so remove them.
Done by sed -i '/comment.*no inherent support for AVR32/{N;N;p}'
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
Now that <pkg>_INSTALL_TARGET_OPT always defaults to
'DESTDIR=$(TARGET_DIR) install', we can remove the
<pkg>_INSTALL_TARGET_OPT definition from a lot of packages.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
ruby is converted to the autotools infrastructure, and the dependency
on host-ruby is added since a ruby interpreter is needed to build a
ruby interpreter. Fortunately, this is taken into account in the ruby
build process, and it first start to build a mini-interpreter that is
used to build the rest. However, this doesn't take the
cross-compilation case into account, so we have to build ruby for the
host.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
We have been passing -q to ./configure when using 'make -s' for
packages using Makefile.autotools.in for some time. Do the same
for packages using autotools, but not using the
Makefile.autotools.in infrastructure, taking care to not do it
for packages with hand written configure scripts.
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
A C library will have been built by the toolchain makefiles, so there is no
need for packages to explicitly depend on uclibc.
Signed-off-by: Will Newton <will.newton@gmail.com>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
Ruby 1.9.1 handle cross compilation better, espescially extensions
(I'm working on ARM at91sam9263-ek).
This patch also disable ruby doc generation and ipv6.
[Peter: fixed ipv6 handling]
Signed-off-by: laurent laffont <laurent.laffont@gmail.com>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>