Commit Graph

10 Commits

Author SHA1 Message Date
Fabrice Fontaine
5e779197e2 package/faad2: bump to version 2.9.1
- Switch site to github to get latest release
- Remove all patches (already in version)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-01-13 08:29:10 +01:00
Baruch Siach
7f4dde3318 package/faad2: add upstream security fixes
CVE-2018-20194: Stack buffer overflow on invalid input

CVE-2018-20362: Null pointer dereference when processing crafted AAC
input

Add two more crash fixes from upstream.

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2019-07-04 00:02:46 +02:00
Baruch Siach
6dcb16f69e faad2: bump to version 2.8.8
Drop patch; issue fixed upstream.

Add license file hash.

Revert back to .tar.gz since that is what upstream provides.

Remove autoreconf; tarball has configure script.

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-12-26 17:33:52 +01:00
Baruch Siach
6f6795d77d faad2: fix build with musl libc
The getopt.c code declares the strncmp() routine in a non confirming way
under non GNU libc. Patch the code to make the declaration standard
conforming.

Fixes:
http://autobuild.buildroot.net/results/447/4471be349d7ad2e998a4d55afd33aa046a5d1fd2/
http://autobuild.buildroot.net/results/2a9/2a90f4f518884fb50f7ad6ab505dee7565ed869e/
http://autobuild.buildroot.net/results/6b1/6b159b766d791492bab4d897c33ce07845fb7119/

Cc: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-08-16 23:18:56 +02:00
Baruch Siach
1e2c245bf4 faad2: security bump to version 2.8.1
Fixes: CVE-2017-9218, CVE-2017-9219, CVE-2017-9220, CVE-2017-9221,
CVE-2017-9222, CVE-2017-9223, CVE-2017-9253, CVE-2017-9254,
CVE-2017-9255, CVE-2017-9256, CVE-2017-9257

http://seclists.org/fulldisclosure/2017/Jun/32

Switch to .tar.bz2 to save some bandwidth.

Add autoreconf since unfortunately upstream tarball does not ship the
configure script.

Cc: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2017-08-09 23:01:47 +02:00
Rahul Bedarkar
af31c309e7 boot, linux, package: use SPDX short identifier for GPLv2/GPLv2+
We want to use SPDX identifier for license strings as much as possible.
SPDX short identifier for GPLv2/GPLv2+ is GPL-2.0/GPL-2.0+.

This change is done by using following command.
find . -name "*.mk" | xargs sed -ri '/LICENSE( )?[\+:]?=/s/\<GPLv2\>/GPL-2.0/g'

Signed-off-by: Rahul Bedarkar <rahulbedarkar89@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-04-01 15:16:38 +02:00
Yann E. MORIN
8314e3e6ad package/faad2: add hash
Upstream do not host the files, they are hosted on SourceForge; SF has
both sha1 and md5, so use the sha1.

Also add a strong, locally computed hash.

Should fix build failures for which sourceforge sends garbage:
    http://autobuild.buildroot.org/results/f0a/f0a36c78fd910bc0aea54df4b76ab8a0f82f7ae4/
    http://autobuild.buildroot.org/results/3d6/3d6134c71e57238d4d865040eac9f34e2d17844c/
    http://autobuild.buildroot.org/results/232/2323f72f9b08ef8e20ec67a5aebfadd5b469a298/
    ...

[Peter: use correct sha1, add link to upstream page listing it]
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2014-12-14 19:45:39 +01:00
Gustavo Zacarias
88f4a56080 Revert "packages: autoreconf non-vanilla libtool packages"
Now that we've got a cleaner/fuzzier libtool 1.5 static patch we can
discard the temporary workaround.

This reverts commit e573f5d326.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2014-07-31 16:36:04 +02:00
Gustavo Zacarias
e573f5d326 packages: autoreconf non-vanilla libtool packages
Some packages no longer apply the libtool patch since commit
97703978ac because they use a non-vanilla
version of libtool 1.5.x

Fixes many failures like:
http://autobuild.buildroot.net/results/34e/34e4898e2bdc08e5d34e16e556384b3086b76467/
http://autobuild.buildroot.net/results/ecf/ecf4e7d6812f972d05c95203fb665235856c0817/
http://autobuild.buildroot.net/results/5d9/5d9a05fb70e8a65f2399c4f38375aeafb9686ea4/

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2014-07-31 08:26:33 +02:00
Jérôme Pouiller
adf6511013 Remove multimedia subdirectory
Unless it was a group of sub-packages, packages was never regrouped by
category. multimedia/ was an exception to this rule.

This patch move packages/multimedia/ sub-directories to packages/. It
keeps two subdirectories for gstream 0.10 and gstreamer 1.X.

Signed-off-by: Jérôme Pouiller <jezz@sysmic.org>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2013-09-08 21:41:39 +02:00