Drop workaround for cmake < 3.10 (not needed since commit
d4773b610a)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
EXIV2_ENABLE_LIBXMP has been dropped since version 0.27 and
2784b1f7f7
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
EXIV2_ENABLE_BUILD_SAMPLES has been renamed into EXIV2_BUILD_SAMPLES
since version 0.27 and
60d436c969
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
CVE-2019-13504 is misclassified (by our CVE tracker) as affecting
version 0.27.2, while in fact both commits that fixed this issue are
already in this version: bd0afe039043 and 54f0bebca032.
(From: https://security-tracker.debian.org/tracker/CVE-2019-13504)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
In Jp2Image::readMetadata() in jp2image.cpp in Exiv2 0.27.2, an input
file can result in an infinite loop and hang, with high CPU consumption.
Remote attackers could leverage this vulnerability to cause a denial of
service via a crafted file.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Exiv2 0.27.2 allows attackers to trigger a crash in Exiv2::getULong in
types.cpp when called from Exiv2::Internal::CiffDirectory::readDirectory
in crwimage_int.cpp, because there is no validation of the relationship
of the total size to the offset and size.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Release notes
https://www.exiv2.org/whatsnew.html
Signed-off-by: Nicolas Serafini <nicolas.serafini@sensefly.com>
[Thomas: encode the 'v' in EXIV2_SITE and not EXIV2_VERSION, so that
EXIV2_VERSION continues to match what is reported by
release-monitoring.org]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
exiv2 no longer requires a non commercial option for lens database
integration since version 0.27. See [1] and [2]
The BR2_PACKAGE_EXIV2_LENSDATA option is maintained because the
src/nikonmn_int.cpp file always specifies that the Nikon lens name
database is free to use in non-commercial, GPL or open source software
only.
Legacy handling for the removed option COMMERCIAL is not needed, since
now it's always enabled.
Add the dedicated BSD-3-Clause license file for CMakeLists.txt,
config/FindEXPAT.cmake and config/FindMSGFMT.cmake files.
[1] 07f63003b7
[2] 085d8a309a
Signed-off-by: Nicolas Serafini <nicolas.serafini@sensefly.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
This commit switches to use the new gettext logic, which involves:
- using TARGET_NLS_DEPENDENCIES instead of hand-encoded dependencies
on gettext/host-gettext
- using BR2_SYSTEM_ENABLE_NLS instead of BR2_ENABLE_LOCALE to decide
if NLS support should be enabled or not
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
It seems getting the gettext stuff right on all platforms is not that
easy, this patch bumps exiv2 to include all gettext (and pthreads)
patches applied upstream.
To reproduce the problem gettext has to be built before exiv2 so we
make gettext an optional dependency when NLS support is used.
Fixes
http://autobuild.buildroot.net/results/a56/a56c8a8a4c76b7c359ca7f5252be93fd70c6a4c1/
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Changed download URL according to http://www.exiv2.org/download.html
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
We want to use SPDX identifier for license strings as much as possible.
SPDX short identifier for GPLv2/GPLv2+ is GPL-2.0/GPL-2.0+.
This change is done by using following command.
find . -name "*.mk" | xargs sed -ri '/LICENSE( )?[\+:]?=/s/\<GPLv2\>/GPL-2.0/g'
Signed-off-by: Rahul Bedarkar <rahulbedarkar89@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Add support for Exiv2 library and utility to manage image metadata
Exiv2 can be built in GPLv2+ or commercial version. But in commercial
version the Nikon lens name database and the NLS support has to be
disabled for copyright reason.
[Thomas:
- switch to using the CMake build system, which works better than the
clunky autoconf + manual Makefile based build system.
- add missing toolchains dependencies: does not build in static
library configuration, needs C++, etc.]
Signed-off-by: Nicolas Serafini <nicolas.serafini@sensefly.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
