Build without SSP fails since bump to version 0.27.4 in commit
bcace42942
This is due to the fact that
bbe0b70840
removed the wrong GCC_ prefix from HAS_FSTACK_PROTECTOR_STRONG variable
Fixes:
- http://autobuild.buildroot.org/results/ae4635899124c602c70d2b342a76f95c34aa4a3d
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Drop workaround for cmake < 3.10 (not needed since commit
d4773b610a)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Add a patch, which has been submitted upstream, to properly detect the
availability of compiler flags before using them.
This will fix the build of exiv2 on CPU architectures for which gcc
doesn't implement -fcf-protection.
Fixes:
http://autobuild.buildroot.net/results/ef6a6fa2309e66a7a36fface626ae0da1a7ec633/
(and many similar build failures on other architectures)
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
[yann.morin.1998@free.fr:
- fix indentation s/TAB/spaces/
- fix CRLF dropped by patchwork
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
EXIV2_ENABLE_LIBXMP has been dropped since version 0.27 and
2784b1f7f7
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
EXIV2_ENABLE_BUILD_SAMPLES has been renamed into EXIV2_BUILD_SAMPLES
since version 0.27 and
60d436c969
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
CVE-2019-13504 is misclassified (by our CVE tracker) as affecting
version 0.27.2, while in fact both commits that fixed this issue are
already in this version: bd0afe039043 and 54f0bebca032.
(From: https://security-tracker.debian.org/tracker/CVE-2019-13504)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
In Jp2Image::readMetadata() in jp2image.cpp in Exiv2 0.27.2, an input
file can result in an infinite loop and hang, with high CPU consumption.
Remote attackers could leverage this vulnerability to cause a denial of
service via a crafted file.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Exiv2 0.27.2 allows attackers to trigger a crash in Exiv2::getULong in
types.cpp when called from Exiv2::Internal::CiffDirectory::readDirectory
in crwimage_int.cpp, because there is no validation of the relationship
of the total size to the offset and size.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Release notes
https://www.exiv2.org/whatsnew.html
Signed-off-by: Nicolas Serafini <nicolas.serafini@sensefly.com>
[Thomas: encode the 'v' in EXIV2_SITE and not EXIV2_VERSION, so that
EXIV2_VERSION continues to match what is reported by
release-monitoring.org]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
exiv2 no longer requires a non commercial option for lens database
integration since version 0.27. See [1] and [2]
The BR2_PACKAGE_EXIV2_LENSDATA option is maintained because the
src/nikonmn_int.cpp file always specifies that the Nikon lens name
database is free to use in non-commercial, GPL or open source software
only.
Legacy handling for the removed option COMMERCIAL is not needed, since
now it's always enabled.
Add the dedicated BSD-3-Clause license file for CMakeLists.txt,
config/FindEXPAT.cmake and config/FindMSGFMT.cmake files.
[1] 07f63003b7
[2] 085d8a309a
Signed-off-by: Nicolas Serafini <nicolas.serafini@sensefly.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
This commit switches to use the new gettext logic, which involves:
- using TARGET_NLS_DEPENDENCIES instead of hand-encoded dependencies
on gettext/host-gettext
- using BR2_SYSTEM_ENABLE_NLS instead of BR2_ENABLE_LOCALE to decide
if NLS support should be enabled or not
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Musl build is broken:
/home/buildroot/build/instance-0/output/build/exiv2-910f3507795e1930ae216c9febee0bf9a88e99c0/src/actions.cpp:2052:32:
error: 'PTHREAD_RECURSIVE_MUTEX_INITIALIZER_NP' was not declared in this scope
According to http://www.openwall.com/lists/musl/2017/02/20/3
the define is not available on musl.
Fixes
http://autobuild.buildroot.net/results/283/28334a8a0b23c7c8260023b9a3aa15e8dd7613d0/
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
It seems getting the gettext stuff right on all platforms is not that
easy, this patch bumps exiv2 to include all gettext (and pthreads)
patches applied upstream.
To reproduce the problem gettext has to be built before exiv2 so we
make gettext an optional dependency when NLS support is used.
Fixes
http://autobuild.buildroot.net/results/a56/a56c8a8a4c76b7c359ca7f5252be93fd70c6a4c1/
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Exiv2 itself depends on threads, not only with xmp support.
Follow-up patch for http://patchwork.ozlabs.org/patch/770813/
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Changed download URL according to http://www.exiv2.org/download.html
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
The check-package script when ran gives warnings on ordering issues
on all of these Config files. This patch cleans up all warnings
related to the ordering in the Config files for packages starting with
the letter e in the package directory.
The appropriate ordering is: type, default, depends on, select, help
See http://nightly.buildroot.org/#_config_files for more information.
Signed-off-by: Adam Duskett <Adamduskett@outlook.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
We want to use SPDX identifier for license strings as much as possible.
SPDX short identifier for GPLv2/GPLv2+ is GPL-2.0/GPL-2.0+.
This change is done by using following command.
find . -name "*.mk" | xargs sed -ri '/LICENSE( )?[\+:]?=/s/\<GPLv2\>/GPL-2.0/g'
Signed-off-by: Rahul Bedarkar <rahulbedarkar89@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Now that largefile is mandatory removes package dependencies and
conditionals.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Autogenerated from rename-patch.py (http://patchwork.ozlabs.org/patch/403345)
Signed-off-by: Samuel Martin <s.martin49@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Since a while, the semantic of BR2_PREFER_STATIC_LIB has been changed
from "prefer static libraries when possible" to "use only static
libraries". The former semantic didn't make much sense, since the user
had absolutely no control/idea of which package would use static
libraries, and which packages would not. Therefore, for quite some
time, we have been starting to enforce that BR2_PREFER_STATIC_LIB
should really build everything with static libraries.
As a consequence, this patch renames BR2_PREFER_STATIC_LIB to
BR2_STATIC_LIBS, and adjust the Config.in option accordingly.
This also helps preparing the addition of other options to select
shared, shared+static or just static.
Note that we have verified that this commit can be reproduced by
simply doing a global rename of BR2_PREFER_STATIC_LIB to
BR2_STATIC_LIBS plus adding BR2_PREFER_STATIC_LIB to Config.in.legacy.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
This patch remove a header inclusion that is not required an can create
build error with some toolchains.
The patch is pushed on the upstream for the next release.
http://dev.exiv2.org/issues/1007
Fixes:
http://autobuild.buildroot.net/results/09d/09d9b525eeee458247e10a7948070c00bbabb964/
Signed-off-by: Nicolas Serafini <nicolas.serafini@sensefly.com>
Tested-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Add support for Exiv2 library and utility to manage image metadata
Exiv2 can be built in GPLv2+ or commercial version. But in commercial
version the Nikon lens name database and the NLS support has to be
disabled for copyright reason.
[Thomas:
- switch to using the CMake build system, which works better than the
clunky autoconf + manual Makefile based build system.
- add missing toolchains dependencies: does not build in static
library configuration, needs C++, etc.]
Signed-off-by: Nicolas Serafini <nicolas.serafini@sensefly.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
