Commit Graph

24 Commits

Author SHA1 Message Date
Gustavo Zacarias
69a30b2817 imlib2: security bump to version 1.4.9
It already includes the fixes for CVE-2016-3994 and CVE-2011-5326 so
drop the patches, and additionally fixes:
CVE-2016-4024 - integer overflow in imlib2, which result in insufficient
heap allocation.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-05-01 22:34:30 +02:00
Gustavo Zacarias
779676f62d imlib2: security bump to version 1.4.8
Fixes:
CVE-2016-3994 - out of bound read in GIF loader
CVE-2011-5326 - divide by zero on 2x1 ellipse

Switch to sourceforge hashes.
And drop all previous patches, they're upstream, yay.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-04-14 22:51:10 +02:00
Brendan Heading
f68270c92e package/imlib2: fix musl compilation issue
Fixes http://autobuild.buildroot.net/results/a6e/a6e61bfb376946b479085f243601d6e1634adc6d/

musl is strict about including time.h when using time_t.

Signed-off-by: Brendan Heading <brendanheading@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2015-08-06 08:57:46 +02:00
Jerzy Grzegorek
bd8c733fb4 packages: indentation cleanup
This commit doesn't touch infra packages.

Signed-off-by: Jerzy Grzegorek <jerzy.grzegorek@trzebnica.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2015-03-31 13:57:41 +02:00
Fabio Porcedda
76b55b9509 imlib2: imlib2-config: delete old reference to @my_libs@
The script "imlib2-config" returns "@my_libs@" that causes build failures
on the programs that use it.
This is a regression of version v1.4.6.

Add a upstream patch to fix it and reorder the patches to follow
upstream branch order.

Fixes:
http://autobuild.buildroot.net/results/e1a7691a6528d635c308d7bf47a8be8aa0594190
http://autobuild.buildroot.net/results/23fea2e4d668d69565d5f50493635fc834c54ce1

Signed-off-by: Fabio Porcedda <fabio.porcedda@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2015-03-08 18:32:13 +01:00
Fabio Porcedda
b637d6af9e imlib2: use giflib instead of soon to be deprecated libungif
Add three upstream patch to support giflib version 5.1

Also rename the previous patches to match the order of the commits in
the upstream master branch.

Signed-off-by: Fabio Porcedda <fabio.porcedda@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2015-03-07 17:41:59 +01:00
Fabio Porcedda
d8be6f7bbc imlib2: bump to version 1.4.6
Also add two upstream patch to fix a warning and a build failure of the
version 1.4.6.

Also add AUTORECONF because one patch change the file
"src/lib/Makefile.am".

Signed-off-by: Fabio Porcedda <fabio.porcedda@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2015-03-07 17:41:52 +01:00
Yann E. MORIN
2ced21f8f9 package: add hashes for SourceForge-hosted packages
Since SourceForge sometimes serves us faulty tarballs, we can tons of
autobuild failures:
    http://autobuild.buildroot.org/results/9fb/9fba5bf086a4e7a29e5f7156ec43847db7aacfc4/
    http://autobuild.buildroot.org/results/6c8/6c837b244c45ac3b3a887734a371cd6d226cf216/
    ...

Fix that by adding hash files for all SourceForge-hosted packages (thos
etht did not already have it).

We normally prefer to use hashes published by upstream, but hunting them
all one by one is a tedious task, so those hashes were all locally
computed with a script that searched for SF-hosted packages, downloades
the associated tarball, computed the hash, and stored it in the
corresponding .hash file.

Also, SF publishes sha1 hashes, while I used the stronger sha256, since
sha1 is now considered to be relatively weak.

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Peter Korsgaard <jacmet@uclibc.org>
Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Cc: Maxime Hadjinlian <maxime.hadjinlian@gmail.com>
Cc: Richard Braun <rbraun@sceen.net>
Cc: Nathaniel Roach <nroach44@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2014-12-28 22:21:16 +01:00
Thomas Petazzoni
665e13c85e Rename BR2_PREFER_STATIC_LIB to BR2_STATIC_LIBS
Since a while, the semantic of BR2_PREFER_STATIC_LIB has been changed
from "prefer static libraries when possible" to "use only static
libraries". The former semantic didn't make much sense, since the user
had absolutely no control/idea of which package would use static
libraries, and which packages would not. Therefore, for quite some
time, we have been starting to enforce that BR2_PREFER_STATIC_LIB
should really build everything with static libraries.

As a consequence, this patch renames BR2_PREFER_STATIC_LIB to
BR2_STATIC_LIBS, and adjust the Config.in option accordingly.

This also helps preparing the addition of other options to select
shared, shared+static or just static.

Note that we have verified that this commit can be reproduced by
simply doing a global rename of BR2_PREFER_STATIC_LIB to
BR2_STATIC_LIBS plus adding BR2_PREFER_STATIC_LIB to Config.in.legacy.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
2014-12-11 22:48:13 +01:00
Thomas De Schampheleire
aaffd209fa packages: rename FOO_CONF_OPT into FOO_CONF_OPTS
To be consistent with the recent change of FOO_MAKE_OPT into FOO_MAKE_OPTS,
make the same change for FOO_CONF_OPT.

Sed command used:
   find * -type f | xargs sed -i 's#_CONF_OPT\>#&S#g'

Signed-off-by: Thomas De Schampheleire <thomas.de.schampheleire@gmail.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2014-10-04 18:54:16 +02:00
Jerzy Grzegorek
c7f4b96471 package: remove the trailing slash sign from <PKG>_SITE variable
Since the trailing slash is stripped from $($(PKG)_SITE) by pkg-generic.mk:

$(call DOWNLOAD,$($(PKG)_SITE:/=)/$($(PKG)_SOURCE))

so it is redundant.
This patch removes it from $(PKG)_SITE variable for BR consistency.

Signed-off-by: Jerzy Grzegorek <jerzy.grzegorek@trzebnica.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2014-07-31 23:17:46 +02:00
Thomas Petazzoni
056d25098f imlib2: uses dlopen(), not available in static cases
According to the imlib2 people, if you don't support dlopen(), you
have a "crap box":

image.h:16:4: warning: #warning "your crap box doesn't define RTLD_LOCAL !?"

So, let's disable imlib2 when doing static linking.

Fixes:

  http://autobuild.buildroot.net/results/b5e/b5ee859409cd626b769e8a159026e60ec6f29180/

[Peter: fix imlib2 comment as pointed out by Thomas]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2014-04-29 23:09:00 +02:00
Alexandre Belloni
8dfd59d114 Normalize separator size to 80
Signed-off-by: Alexandre Belloni <alexandre.belloni@free-electrons.com>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2013-06-06 22:30:24 +02:00
Alexandre Belloni
966e005d52 Convert headers to lower case when relevant
Signed-off-by: Alexandre Belloni <alexandre.belloni@free-electrons.com>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2013-06-06 17:36:41 +02:00
Alexandre Belloni
660444e19b imlib2: fix header
Signed-off-by: Alexandre Belloni <alexandre.belloni@free-electrons.com>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2013-06-06 17:26:58 +02:00
Alexandre Belloni
702704014d Fix package headers to comply with coding style
Signed-off-by: Alexandre Belloni <alexandre.belloni@free-electrons.com>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2013-06-06 17:26:35 +02:00
Thomas Petazzoni
24b950f76f imlib2: handle imlib2-config script
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2013-05-11 22:39:41 +02:00
Stefan Fröberg
6ba5ac89f8 imlib2: fix imlib2-config
[Peter: use a single sed invocation]
Signed-off-by: Stefan Fröberg <stefan.froberg@petroprogram.com>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2013-01-04 22:31:48 +01:00
Samuel Martin
805529ed28 imlib2: add license info
Signed-off-by: Samuel Martin <s.martin49@gmail.com>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2012-11-30 14:29:34 -08:00
Gustavo Zacarias
019a581f89 packages: switch to host-pkgconf
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Acked-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2012-10-29 22:02:55 +01:00
Stefan Fröberg
23ef45ca1e remove rest of the BR2_SOURCEFORGE_MIRROR references
Signed-off-by: Stefan Fröberg <stefan.froberg@petroprogram.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2012-08-28 22:59:52 +02:00
Arnout Vandecappelle (Essensium/Mind)
e1502ebc0c all packages: rename XXXTARGETS to xxx-package
Also remove the redundant $(call ...).

This is a purely mechanical change, performed with
find package linux toolchain boot -name \*.mk | \
  xargs sed -i -e 's/$(eval $(call GENTARGETS))/$(eval $(generic-package))/' \
               -e 's/$(eval $(call AUTOTARGETS))/$(eval $(autotools-package))/' \
               -e 's/$(eval $(call CMAKETARGETS))/$(eval $(cmake-package))/'

Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2012-07-17 20:23:05 +02:00
Peter Korsgaard
8ad1885adb imlib2: fixup imlib2-config
Ensure it doesn't add library search paths (-L<dir>) to linker flags.

Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2011-12-10 22:13:15 +01:00
Yegor Yefremov
5ddcdb4ceb New package: ImLib2
[Peter: Config.in tweaks, fix build without X]
Signed-off-by: Frederic Bassaler <frederic.bassaler@gmail.com>
Signed-off-by: Matias Garcia <mgarcia@rossvideo.com>
Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
Tested-By: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2011-12-10 22:13:04 +01:00