Fixes:
Make sure that all transferred files use only path names from inside the
transfer. This makes it impossible for a malicious sender to try to
make the receiver use an unsafe destination path for a transferred file,
such as a just-sent symlink.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
This commit doesn't touch infra packages.
Signed-off-by: Jerzy Grzegorek <jerzy.grzegorek@trzebnica.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
A lot of packages ignored BR2_ENABLE_DEBUG. This patch simplifies the handling of
this option by adding the corresponding configure option to the global Makefile
for target packages.
For host packages --disable-debug is added to the global Makefile.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
To be consistent with the recent change of FOO_MAKE_OPT into FOO_MAKE_OPTS,
make the same change for FOO_CONF_OPT.
Sed command used:
find * -type f | xargs sed -i 's#_CONF_OPT\>#&S#g'
Signed-off-by: Thomas De Schampheleire <thomas.de.schampheleire@gmail.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
If acl is selected then add it to dependencies so it can be used by
rsync in a predictable fashion.
Extended attributes are handled directly via linux, there's no need
for the xattr package/library.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
rsync by default compiles statically its own zlib and popt
libraries, it is better to use system wide libraries instead -
both for disk and memory consumption. Change rsync package
accordingly.
Also previously a debug configure option has been lost, as
overwritten by '--with-included-popt' option - fixed.
For example, on ARMv5 rsync binary size is reduced by about 25%.
Signed-off-by: Denis Mingulov <denis@mingulov.com>
Acked-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Jerzy Grzegorek <jerzy.grzegorek@trzebnica.net>
Acked-by: Thomas De Schampheleire <thomas.de.schampheleire@gmail.com)
Acked-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Thanks to the pkgparentdir and pkgname functions, we can rewrite the
AUTOTARGETS macro in a way that avoids the need for each package to
repeat its name and the directory in which it is present.
[Peter: pkgdir->pkgparentdir]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
Fixes CVE-2011-1097 and various other issues, see NEWS for details:
http://rsync.samba.org/ftp/rsync/src/rsync-3.0.8-NEWS
At the same time get rid of unneeded install / install-strip handling.
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
rsync source repository has moved (?).
Bump version while we are at it.
Signed-off-by: Julien Boibessot <julien.boibessot@armadeus.com>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
Bump version to 3.0.6.
autoreconf is off per default, so no need to specify it.
Use config.cache (fix the incorrect package instead).
Pass ENABLE_DEBUG setting to configure.
Signed-off-by: Bernhard Reutner-Fischer <rep.dot.nop@gmail.com>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
A C library will have been built by the toolchain makefiles, so there is no
need for packages to explicitly depend on uclibc.
Signed-off-by: Will Newton <will.newton@gmail.com>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
Signed-off-by: Olaf Rempel <razzor@kopf-tisch.de>
Acked-by: Thiago A. Correa <thiago.correa@gmail.com>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
they should be configured with --prefix=/usr and we then need to use
make DESTDIR=$(STAGING_DIR) install to get things installed into the
staging directory. The current situation for many packages, which use
--prefix=$(STAGING_DIR) results in the staging_dir paths getting compiled
into the binary itself.
This also adds in a pile of libtool fixups. Between broken pkgconfig,
broken libtool handling, and broken --prefix settings, its a wonder
things have worked as well as they have up till now.
-Erik