Fixes:
CVE-2015-5289: json or jsonb input values constructed from arbitrary
user input can crash the PostgreSQL server and cause a denial of
service.
CVE-2015-5288: The crypt() function included with the optional pgCrypto
extension could be exploited to read a few additional bytes of memory.
No working exploit for this issue has been developed.
sparc build fix patch upstream so drop it.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Reviewed-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Tested-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
In order to enable JIT support on ARM, webkitgtk24 currently looks at
BR2_ARM_ENABLE_NEON, which is not correct: BR2_ARM_CPU_HAS_NEON should
be used instead.
The BR2_ARM_ENABLE_NEON is only visible for cores that select
BR2_ARM_CPU_MAYBE_HAS_NEON, in order to allow to specify if his
particular SoC has chosen to integrate NEON or not. And if so,
BR2_ARM_CPU_HAS_NEON gets selected.
BR2_ARM_CPU_HAS_NEON is in fact selected in two different ways:
- Either directly by the CPU core selection, if NEON is mandatory in
this CPU core.
- Or by BR2_ARM_ENABLE_NEON, for CPU cores where NEON support is
optional.
So really, BR2_ARM_CPU_HAS_NEON is what should be used by packages.
Cc: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Acked-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Most code is GPLv2+ or compatible except for one file that is
GPLv2-only, hence as a whole is GPLv2 (see Copyright).
Also kill some whitespace and make the only hard dependency
(host-pkgconf) a hard dependency, not an addition, since it's not
conditional.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
- Bump version to 1.0.25
- Update hash file. The hash value provided by the alioth.debian.org URL
is wrong, so use the one provided by www.sane-project.org. I have
reported this upstream.
- Remove unnecessary patches:
0002-remove-unsafe-headers-path.patch
0003-remove-cups-and-systemd-support.patch
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
- Bump to version 2.6.1.
- Update hash file.
- Remove includes hooks since they are no longed needed.
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Since the upgrade to pkgconf 0.9.12 all directories and variables with
directories are sysroot-prefixed, whereas with the old patch only some
variables were (includedir, mapdir, sdkdir, libdir).
libglib2 uses a giomoduledir=${libdir}/gio/modules variable in
gio-2.0.pc, which when expanded via sysroot by pkgconf at configure time
points to the staging directory (via libdir expansion).
When target install gets called the gio module gets installed to staging
rather than target, with the obvious consequences this has.
Work-around this pkgconfig abuse by overriding GIO_MODULE_DIR at target
install time.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
CVE-2015-4491 already fixed in the release so drop patch.
Fixes a heap overflow with a gif file and a heap overflow and DoS with a
tga file. CVEs not assigned yet.
Tests disabled since they fail to build properly on uClibc toolchains.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
It turns out that uClibc only enables the long double math functions
for some architectures (god know why, so what if long double is the
same as double, these functions should still be defined). Since
python-numpy links with those functions, the module will fail to load
on ARM, MIPS and SH.
However, python-numpy actually checks for each function if it is really
available. Only, it overrides that check for ldexpl and frexpl when
long double is the same as double (i.e. in exactly the case the uClibc
doesn't have these functions).
So add another exception for this.
Upstream-status: not applicable (code has changed too much)
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Acked-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Tested-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Drop patches, they aren't required any more.
It fixes a bug where inline comments cause issues, like:
Libs: -lblah # -lbleh
...it would make pkgconf search for the '#' package
This is required for the nettle 3.1.1 upgrade since howgeed.pc adjusts
Libs according to static/dynamic builds using the comment feature.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
API is now compatible with nettle 2.7.x
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
zlib isn't optional even though it seems like it, fixes build failure
such as:
log.cc:51:18: fatal error: zlib.h: No such file or directory
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
libsigc isn't used/needed any longer so drop it.
And switch to the proper homepage rather than the tarball repository.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
libsigc isn't used/needed any longer so drop it.
And switch to the proper homepage rather than the tarball repository.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
- Bump to version 0.9.6
- Add a hash file.
- Change the website URL to the new official one.
- Tweak the 0001-cross_compile.patch for the new version.
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
- Bump to version 0.13.6.
- Add a hash file.
- Change the website URL to the new official one.
- Help the build system to find the zlib headers, otherwise the
configure script will fail like this:
checking if zlib is wanted... yes
checking for inflateEnd in -lz... no
checking zlib.h usability... no
checking zlib.h presence... no
checking for zlib.h... no
configure: error: either specify a valid zlib installation with
--with-zlib=DIR or disable zlib usage with --without-zlib
- Disable instrumentation support by default since it avoids runtime
failures on rtorrent for some architectures like MIPS, PowerPC or ARM:
https://github.com/rakshasa/rtorrent/issues/156
- Tweak the 0001-cross_compile.patch for this new version.
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
$(wildcard ...) in make doesn't sort the files, so the order of the
hashed files is not predictable. Therefore, the ccache hash could
change from one build to another. We don't want that, so sort the
files explicitly.
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Having a host variant of dtc is needed for example for U-Boot, which
uses the Device Tree for a number of platforms.
In addition, now that we have a proper host-dtc package, it is no
longer needed for the linux package to install the host dtc compiler:
users interested in having the host dtc compiler can simply enable
this package.
A Config.in.host option is added to build host-dtc, because the
initial reason why the host DTC built by the kernel was installed in
$(HOST_DIR)/usr/bin (commit 707d44d0a2
from Thomas DS) was:
Having dtc as a host tool can be useful for users that have a
custom boot scenario where the device tree is not embedded in the
kernel.
[Thomas:
- rework the commit log.]
[Peter: keep the (renamed) linux version]
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
BR2_PACKAGE_PORTAUDIO_ALSA is misspelled in one place, resulting in
alsa-lib not being listed in the dependencies.
Signed-off-by: Luca Ceresoli <luca@lucaceresoli.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
In commit b0f025386f a patch was added
to make sure that python-numpy does work in uClibc. This patch was
needed for the x86 architecture, because uClibc in fact does support
fenv for x86. However, we don't turn on this support in our uClibc
config. Because the Config.in depends still allowed uClibc for x86,
this lead to a built failure, which lead to the fix in commit b0f02538.
But since this fix also fixes it for all other (supported)
architectures, we can just remove the !uClibc dependency completely.
This is also propagated to the reverse dependency in opencv3.
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Cc: Gwenhael Goavec-Merou <gwenhael.goavec-merou@trabucayre.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
nfs-utils has been patched to install only the needed systemd unit files
supported.
Also tmpfiles was needed because the folder /run/nfs is a tmpfs
and nfs-utils need some files to be there to work correctly.
Signed-off-by: Aurélien Chabot <aurelien@chabot.fr>
[Maxime: Remove patches included originally in the patch as they have
have been merged upstream in v1.3.3]
Signed-off-by Maxime Hadjinlian <maxime.hadjinlian@gmail.com>
[Thomas:
- add comment in nfs-utils_env.sh to explain why an empty script is
needed.
- remove incorrect indentation.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
We're disabling fenv.h usage on i386 because it is not available in
musl/uclibc (and not musl/glibc as was written).
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The official upstream site is available again, so let's switch to
using it.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Reviewed-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Tested-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Now that xtensa toolchain is able to compile huge functions this
workaround is no longer needed.
This reverts commit d21932508e.
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
With support from assembler this option allows compiling huge functions,
where single literal pool at the beginning of a function may not be
reachable by L32R instructions at its end.
Currently assembler --auto-litpools option cannot deal with literals
used from multiple locations separated by more than 256 KBytes of code.
Don't turn constants into literals, instead use MOVI instruction to load
them into registers and let the assembler turn them into literals as
necessary.
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Auto-litpools is the automated version of text-section-literals: literal
pool candidate frags are planted every N frags and during relaxation
they are turned into actual literal pools where literals are moved to
become reachable for their first reference by L32R instruction.
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
