Fixes:
CVE-2013-6497 - the jwplayer.js file causes ClamAV to seg fault when
scanned with the -a (list archived files).
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
canfestival doesn't really support static build. The configure script accepts
the --disable-dll parameter that should in theory allow a static build. In
practice this options is not well tested, as it causes the build to fails in
various places.
Fixes:
http://autobuild.buildroot.net/results/29f/29fd3e550937f48e2270149a3d44cfb8bcf5c16a/
Cc: Samuel Martin <s.martin49@gmail.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
shairport-sync uses libdaemon for running as daemon and creating the pidfile
which conflicts with start-stop-daemons `-b -m` options. For that reason
shairport-sync does not start using /etc/init.d/S99shairport-sync start.
The issue is fixed by removing the background and pidfile task from
start-stop-daemon and add a daemon option `-d` to shairport-sync.
Signed-off-by: Jörg Krause <jkrause@posteo.de>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Use LIBS instead of LDFLAGS for "-lintl", otherwise LDFLAGS gets
evaluated to the left of object files and fails to link statically
because of incorrect symbol resolution order. Fixes:
http://autobuild.buildroot.net/results/21b/21bf88c9dbaecc204598e60dd9c7392a85068dd6/
Also rename patch to new naming convention.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This reverts commit e712638b4a.
The config options --without-ssl2 and --without-ssl3 are intended to be used if
nodejs is built with the bundled OpenSSL library for excluding the SSL2 and
SSL3 features.
Both options are actual only evaluated if --without-ssl is not set:
$ cat configure | grep configure_openssl -n -A 13
619:def configure_openssl(o):
620- o['variables']['node_use_openssl'] = b(not options.without_ssl)
621- o['variables']['node_shared_openssl'] = b(options.shared_openssl)
622- o['variables']['openssl_no_asm'] = (
623- 1 if options.openssl_no_asm else 0)
624-
625- if options.without_ssl:
626- return
627-
628- if options.ssl2:
629- o['defines'] += ['OPENSSL_NO_SSL2=1']
630-
631- if options.ssl3:
632- o['defines'] += ['OPENSSL_NO_SSL3=1']
[Peter: adjusted commit text to make it clear that it is a revert]
Signed-off-by: Jörg Krause <jkrause@posteo.de>
Tested-by: Fabio Porcedda <fabio.porcedda@gmail.com>
Acked-by: Fabio Porcedda <fabio.porcedda@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
If the destination directory already exists (e.g. because of a re-run or
a custom skeleton), then the zoneinfo files will be installed in a
sub-directory of where we are trying to install them.
Fix that by creating the destination directory and copying the content
of the source directory.
Also fix the host install commands to match what we do in the target
install commands.
Reported-by: Martin Dorwig <dorwig@tetronik.com>
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Reviewed-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The mode bits of coreutils installed binaries are 555. As a result, on
rebuild mv prompts the user to confirm overwrite of non writable binaries.
Force overwrite to skip this prompt.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Patch from upstream git (git://git.linux-ipv6.org/gitroot/iputils.git). We
should probably bump the version to a newer snapshot in the 2015.02 cycle,
but this is a safer option for 2014.11.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Since we build-depend on zlib, forcibly select it from kconfig.
This went unnoticed so far, because we did select openssl which
in turn selects zlib. But rpm needs zlib for itself, too.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Peter Korsgaard <jacmet@uclibc.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
We forcibly enable use of an extrernal openssl in rpm, so we must depend
on it.
openssl is correctly selected from kconfig, but there is no build-time
dependency to it.
It was not an issue so far, because openssl always sorts before rpm, so
gets built before. Unless one wants to just build rpm to debug an
autobuilder failure, that is.
Add that build-time dependency to openssl.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
clamav wants to use backtrace, and decides whether it can use it if it
detects a glibc >= 2.1.
But uClibc does impersonate a glibc >= 2.1, so clamav concludes it is
possible to use backtrace. So it includes execinfo.h, which is missing
in our default uClibc config file.
So, just extend the test so that backtrace support is disable on uClibc,
unless it has been configured with backtrace support.
A far better solution would be to add a ./configure check for backtrace,
but this patch is sufficient enough.
Fixes:
http://autobuild.buildroot.net/results/cff/cffa32fcedda735983d4805d6d4fa77844539b10/http://autobuild.buildroot.net/results/e0a/e0a765a94a538b0b936ea512f7aba0264fac6309/
...
Bugtracker: https://bugzilla.clamav.net/show_bug.cgi?id=11170
[Peter: add bugtracker URL as suggested by Bernd]
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Acked-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit 3ab9774 (package/duma: do not let Makefile guess OS) added a
define to not let duma's build system guess the OS, mostly to avoid a
warning, but forgot to add that same define to the install commands.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Two fixes in one:
- openssl's libcrypto needs -lz, but because aircrack-ng does not use
pkg-config, it misses this dependency. The proper fix would be to
use pkg-config, like is done for pcre with patch
0001-Makefile-use-pkg-config-to-find-libpcre-it-s-more-cros.patch
but adding -lz is much easier.
- sqlite needs -lpthread, so -lpthread must be added _after_ -lsqlite,
but we currently add it before. So, force -lpthread after -lsqlite
when we are doing a static build.
Fixes:
http://autobuild.buildroot.net/results/1ea/1ea877851e9d2aeeaf9d320bef12321ec2925b5b/http://autobuild.buildroot.net/results/cdf/cdf0203fc99d5f7e41e508f6d9edb78a0f0ea732/
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
at configure time, PREFIX is already set with $(HOST_DIR)/usr
so, don't use DESTDIR
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
We don't do it for busybox init so do the same for consistency here.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Acked-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes:
CVE-2014-7824 - Denial of service via incomplete fix for CVE-2014-3636
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The patchwork website needs the trailing slash, otherwise it returns a 404.
Reported-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
As investigated in bug #7646, wcsftime() doesn't work properly with
uClibc. Until it gets fixed in uClibc, let's tell Python 3 to not use
it. Python 3 will fall back to strftime(), which works properly.
[Peter: fix typo in comment]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Cc: Beyonlo <beyonlo@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>