Fixes:
CVE-2015-0255 - Information leak in the XkbSetGeometry request of X servers
http://www.x.org/wiki/Development/Security/Advisory-2015-02-10/
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
libsepol use the same build system than libselinux,
so it's affected by the same issue.
Signed-off-by: Romain Naour <romain.naour@openwide.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
mplayer fails to compile with the following error message:
libmpdemux/demux_gif.c: In function 'demux_open_gif':
libmpdemux/demux_gif.c:260:3: error: too few arguments to function
'DGifOpen'
gif = DGifOpen(demuxer->stream, my_read_gif);
Backport an upstream patch to support newer versions of libgif in
mplayer. Unfortunately this patch is incomplete and mplayer stills
failing to compile with a new error message:
libvo/vo_gif89a.c: In function 'uninit':
libvo/vo_gif89a.c:374:3: error: too few arguments to function
'EGifCloseFile'
EGifCloseFile(new_gif); // also frees gif storage space.
So I have written a new patch and submitted it upstream to finally fix
the problem.
Upstream commit:
a0ddaef545
New submitted patch:
https://lists.mplayerhq.hu/pipermail/mplayer-dev-eng/2015-February/072848.html
Fixes:
http://autobuild.buildroot.net/results/a51/a510a0ab2cb827bb91b4fdec43055f2bfda239b1/
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Like for lingcrypt and openssl, help the configure script to find
zlib installed in STAGING_DIR.
Otherwise, It might find the one installed on the host:
checking how to link with libz... /usr/lib/libz.so -Wl,-rpath -Wl,/usr/lib
Fixes:
http://autobuild.buildroot.net/results/93b/93b43e114f21a22f0f8b7d7dd6774c089c426cd1
Signed-off-by: Romain Naour <romain.naour@openwide.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
The sha1 used for the DT enabled kernel is no longer available
(presumably, the rpi-3.18.y branch was rebased recently.) This updates
it to the lastest sha1 in the rpi-3.18.y branch.
Signed-off-by: Frank Hunleth <fhunleth@troodon-software.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Backport a patch from Fedora
Signed-off-by: Romain Naour <romain.naour@openwide.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Backport a patch from Fedora
Signed-off-by: Romain Naour <romain.naour@openwide.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Updated text to say that the defconfig is written to the BR2_DEFCONFIG
location.
Signed-off-by: Frank Hunleth <fhunleth@troodon-software.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Add a patch to fix qt5connectivity for big endian platforms.
Building qtconnectivity fails for big endian platforms because the
bswap_16 function is not declared. This is the error message:
In file included from bluez/hcimanager_p.h:52:0,
from bluez/hcimanager.cpp:35:
./bluez/bluez_data_p.h: In function 'quint16 bt_get_le16(const void*)':
./bluez/bluez_data_p.h:172:60: error: 'bswap_16' was not declared in
this scope
return bswap_16(bt_get_unaligned((const quint16 *) ptr));
bswap_16 is defined in byteswap.h so we can include this file in order
to fix this problem.
This patch has been submitted upstream:
https://bugreports.qt.io/browse/QTBUG-44421
Fixes:
http://autobuild.buildroot.net/results/5b8/5b85c6819f94988abd8abfcdaad6226ceb2d790a/
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
This commit adds a patch to python3 that makes sure it does not use an
invalid header path (pointing to host headers) when including ncursesw
support.
Fixes:
http://autobuild.buildroot.org/results/9bd/9bdaa392e8dd00c6ebee156b758e3c0cac480237/
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Reviewed-by: Romain Naour <romain.naour@openwide.fr>
Tested-by: Romain Naour <romain.naour@openwide.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes:
CVE-2014-9297 - vallen is not validated in several places in ntp_crypto.c,
leading to a potential information leak or possibly a crash
CVE-2014-9298 - ::1 can be spoofed on some OSes (including "some versions" of
Linux), so ACLs based on IPv6 ::1 addresses can be bypassed
Drop a patch applied upstream, along with its accompanied AUTORECONF.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
If the pcre package is build before erlang, the erlang's build
system use pcre.h from pcre package instead of using pcre.h bundled
by Erlang.
Erlang use an old version of this file which is incompatible
with the upstream one.
http://autobuild.buildroot.net/results/cbd/cbd8b54eef535f19d7d400fd269af1b3571d6143/build-end.log
And many more.
Signed-off-by: Romain Naour <romain.naour@openwide.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Backport an upstream patch to make it compile with no-opengl. Otherwise
it will fail showing an error message like this one:
qpaintervideosurface.cpp:99:47: error: 'QOpenGLContext' has not been
declared
Upstream commit:
2b181d5469
Fixes:
http://autobuild.buildroot.net/results/b77/b77cdf9b1cf6cafd5afef7337553bb32489207e5/
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
In 349c9c7 (package/util-linux: add more tool select options), the
util-linux' wdctl option was renamed, but a entry in the legacy menu was
no added.
Add this now.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Maxim Mikityanskiy <maxtram95@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Also reformat the comment lines and fix the comment.
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Also add a comment for cwiid itself.
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Also removed the redundant indirect dependencies on wchar, threads, mmu
(gstreamer depends on libglib2 so this indirect dependency is obvious).
[Peter: drop wchar+threads from comment as suggested by Jerzy Grzegorek]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Also removed the redundant indirect dependencies on wchar, threads, mmu
(gstreamer depends on libglib2 so this indirect dependency is obvious).
[Peter: drop wchar+threads from comment as suggested by Jerzy Grzegorek]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Also removed the redundant indirect dependencies on wchar, threads
(gstreamer depends on libglib2 so this indirect dependency is obvious).
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Also removed the redundant indirect dependencies on wchar, threads
(gstreamer depends on libglib2 so this indirect dependency is obvious).
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Currently, BR2_EXTERNAL is not always exported to sub-processes that we
spawn, like post-build or post-image scripts. This all depends on how
the user passes BR2_EXTERNAL; consider the following:
- make BR2_EXTERNAL=/path/to/br2-ext
- BR2_EXTERNAL=/path/to/br2-ext make
In the first case, it is just a make variable, not an environment
variable, and thus not exported, while in the second case it is an
environment variable and gets exported to all sub-processes make may
spawn.
Explicitly export it using EXTRA_ENV.
Reported-by: Julian Scheel <julian@jusst.de>
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Julian Scheel <julian@jusst.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
