Fixes the following security issues:
CVE-2017-9410: fill_buffer_resample function in libmp3lame/util.c heap-based
buffer over-read and ap
CVE-2017-9411: fill_buffer_resample function in libmp3lame/util.c invalid
memory read and application crash
CVE-2017-9412: unpack_read_samples function in frontend/get_audio.c invalid
memory read and application crash
Drop patches now upstream or no longer needed:
0001-configure.patch: Upstream as mentioned in patch description
0002-gtk1-ac-directives.patch: Upstream as mentioned in patch
description/release notes:
Resurrect Owen Taylor's code dated from 97-11-3 to properly deal with GTK1.
This was transplanted back from aclocal.m4 with a patch provided by Andres
Mejia. This change makes it easy to regenerate autotools' files with a simple
invocation of autoconf -vfi.
0003-msse.patch: Not needed as -march <x86-variant-with-msse-support>
nowadays implies -msse.
With these removed, autoreconf is no longer needed.
Also add a hash for the license file while we're at it.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
We want to use SPDX identifier for license string as much as possible.
SPDX short identifier for LGPLv2/LGPLv2+ is LGPL-2.0/LGPL-2.0+.
This change is done using following command.
find . -name "*.mk" | xargs sed -ri '/LICENSE( )?[\+:]?=/s/LGPLv2(\+)?/LGPL-2.0\1/g'
Signed-off-by: Rahul Bedarkar <rahulbedarkar89@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
This is not needed since BR2_ENABLE_DEBUG does not set this flag
anymore.
Signed-off-by: Johan Oudinet <johan.oudinet@gmail.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Not all arm (E.G. non-VFP) toolchains define the control word macros, so
disable debug handling for arm(eb) as well.
As the debug handling has limited value (it simply forces CFLAGS which we
don't want and enables exceptions on FP errors) don't try to be clever about
what toolchain variants to disable it for, but just disable it for all arm(eb).
Fixes http://autobuild.buildroot.net/results/672/672a31c0bd329dec566ba74e0e1be43abd0f16c2/
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Building lame with debug symbols needs the following macros to be
defined: _FPU_MASK_IM, _FPU_MASK_ZM, _FPU_MASK_OM.
So, if BR2_ENABLE_DEBUG is selected, then we have to force lame to be
built without debug symbols for Aarch64 and MIPS because these
architectures don't have those macros defined.
Fixes:
http://autobuild.buildroot.net/results/721/721dff299b204b1d3ccc0846009eb17faa2d29eb/
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
To be consistent with the recent change of FOO_MAKE_OPT into FOO_MAKE_OPTS,
make the same change for FOO_CONF_OPT.
Sed command used:
find * -type f | xargs sed -i 's#_CONF_OPT\>#&S#g'
Signed-off-by: Thomas De Schampheleire <thomas.de.schampheleire@gmail.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Since <PKG>_VARIABLE_MINOR variable in some packages is used only once,
so it is unusable. This patch removes it.
Signed-off-by: Jerzy Grzegorek <jerzy.grzegorek@trzebnica.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Unless it was a group of sub-packages, packages was never regrouped by
category. multimedia/ was an exception to this rule.
This patch move packages/multimedia/ sub-directories to packages/. It
keeps two subdirectories for gstream 0.10 and gstreamer 1.X.
Signed-off-by: Jérôme Pouiller <jezz@sysmic.org>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>