Fixes:
CVE-2016-2037 - The cpio_safer_name_suffix function in util.c in cpio
2.11 allows remote attackers to cause a denial of service (out-of-bounds
write) via a crafted cpio file.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The recent version bump forgot to remove the patch.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The recent version bump forgot to remove the patch.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Also change SOURCE since the tarball got renamed with the bump.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This patch bumps all audio-en- and decoder addons.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Fixes:
http://autobuild.buildroot.net/results/a28/a280f23cc29f77ab440edbda05b4e58d6f4856e7/
The .mk file was checking for gst1-plugins-base but then adding
gst1-plugins-good to dependencies.
According to Source/autotools/FindDependencies.m4, the video and web audio
options need the .pc files provided by gst1-plugins-base, so use that.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
As directed in the buildroot manual, "Optional hooks: keep hook
definition and assignment together in one if block". And also
to be consistent with the rest of avahi.mk.
Signed-off-by: Danomi Manchego <danomimanchego123@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Now that openssl has dropped SSLv2 support from the latest security bump
we need to patch it out here as well. Fixes:
http://autobuild.buildroot.net/results/dab/dab1629cfcb5cb33706d0c762dba57baa43299a5/
Patch status: debian upstream.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes:
http://autobuild.buildroot.net/results/83e/83e29482cad6adef18a0e97bc8e75df302467dbb/
The recent openssl security bump disabled SSLv2 support, but tn5250 was
still referencing SSLv2 functions breaking the build.
Include a patch from OpenBSD to only reference the SSLv2 / SSLv3 symbols if
openssl is built with support for them.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes:
http://autobuild.buildroot.net/results/018/0183ba8c9fccc87f9e72279c49c2fdc1a9fcb556/
The recent openssl security bump disabled SSLv2 support, but python-m2crypto
was still referencing SSLv2 functions causing undefined symbols when the
module was imported. Backport an upstream patch to only reference these
symbols if openssl is built with SSLv2 support.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Packages like QT5 Base with OpenGL and X support link against libGAL.so
at build time. This results in an error because some X functions used
in libGAL.so aren't referenced as the libXdamage, libXext and libXfixes
packages aren't built and installed into sysroot at the time. Fix this
by adding these three packages as build dependencies of imx-gpu-viv.
Signed-off-by: Antoine Tenart <antoine.tenart@free-electrons.com>
Acked-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
musl build patch is upstream so it's no longer necessary.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Use the same text that is used in COPYING.
Signed-off-by: Luca Ceresoli <luca@lucaceresoli.net>
Cc: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Cc: Peter Korsgaard <peter@korsgaard.com>
Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Cc: Steve Calfee <stevecalfee@gmail.com>
Acked-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
MIPS Codescape toolchains don't support stack-smashing protection
despite of using glibc, therefore we see failures like this one:
mips-img-linux-gnu/bin/ld: cannot find -lssp
Fixes:
http://autobuild.buildroot.net/results/957/95721f7b88c46a20202fb02e408817097df965c3/
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix-CVE-2012-6687 - remote attackers cause a denial of service (crash)
via a large number of connections (http://www.cvedetails.com/cve/CVE-2012-6687/).
use poll in os_unix.c instead of select to avoid problem with > 1024 connections.
The patch libfcgi_2.4.0-8.3.debian.tar.xz is taken from the below link:
(https://launchpad.net/ubuntu/+source/libfcgi/2.4.0-8.3)
The next release of libfcgi is 2.4.1 which may have this fix is yet to be released
officially.
Signed-off-by: Niranjan Reddy <niranjan.reddy@rockwellcollins.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The linux-headers -> linux dependency causes a circular dependency, breaking
the source/legal-info/graph-depends/.. targets:
make graph-depends
Getting targets
Getting dependencies for ['toolchain-buildroot', 'toolchain', 'busybox',
'glibc', 'initscripts', 'linux-headers', 'skeleton', 'linux',
'host-fakeroot', 'host-makedevs', 'rootfs-cpio', 'rootfs-initramfs']
Getting dependencies for ['host-kmod', 'host-gcc-final',
'host-gcc-initial', 'host-gawk']
Getting dependencies for ['host-gmp', 'host-binutils', 'host-pkgconf',
'host-mpfr', 'host-mpc']
Getting dependencies for ['host-m4']
Recursion detected for : toolchain
which is a dependency of: linux
which is a dependency of: linux-headers
which is a dependency of: glibc
which is a dependency of: host-gcc-final
which is a dependency of: toolchain-buildroot
which is a dependency of: toolchain
Makefile:721: recipe for target 'graph-depends' failed
make: *** [graph-depends] Error 1
Fix it by instead duplicating in linux-headers the 10-20 lines of linux.mk
logic that infer the _SOURCE/_SITE/_VERSION from the BR2_LINUX_KERNEL_*
variables.
This does mean that we extract the kernel sources twice though.
[Peter: use same git/hg tarball as linux kernel to not clone twice, minor fixes]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Kodi itself already depends on BR2_TOOLCHAIN_GCC_AT_LEAST_4_7, there is
no need to duplicate this as reverse dependencies in sub options which
depend on Kodi.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Kodi itself already depends on !BR2_STATIC_LIBS, there is no need to
duplicate this as reverse dependencies in sub options which depend on
Kodi.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
The build stops with
configure: error: unsupported host (i586-buildroot-linux-musl)
due to musl not being supported in
https://github.com/xbmc/xbmc/blob/Isengard/m4/xbmc_arch.m4
Removing this obstacle will show that musl is really not being
supported, the build will fail:
In file included from emu_msvcrt.cpp:64:0:
emu_msvcrt.h:93:3: error: ‘__off64_t’ does not name a type
__off64_t dll_lseeki64(int fd, __off64_t lPos, int iWhence);
^
emu_msvcrt.h:94:3: error: ‘__off_t’ does not name a type
__off_t dll_lseek(int fd, __off_t lPos, int iWhence);
^
I know these problems are fixable and the voidlinux projects seems to
have done it already for 15.2-Isengard:
99f74705bc/srcpkgs/kodi/patches
For Jarvis-16.0 these patches have to be rebased at a later stage.
For now block the Kodi package with musl-based toolchains to avoid
build errors.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Add two new hard dependencies:
- libdcadec
0997117a65
- libcrossguid
6f8171f539
Kodi moved to C++11 so we need gcc >= 4.7:
https://github.com/xbmc/xbmc/pull/6412
wavpack support was removed in favour of ffmpeg:
7916902c9e
Enabled giflib support by default.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>