Fixes:
CVE-2015-3991 - denial-of-service and potential remote code execution
vulnerability triggered by IKEv1/IKEv2 messages that contain payloads
for the respective other IKE version.
other IKE version
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes:
CVE-2015-3202 - fix exec environment for mount and umount.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes:
CVE-2015-3808 CVE-2015-3809 - The LBMR dissector could go into an
infinite loop.
CVE-2015-3811 - The WCP dissector could crash while decompressing data.
CVE-2015-3812 - The X11 dissector could leak memory.
CVE-2015-3813 - The packet reassembly code could leak memory.
CVE-2015-3814 - The IEEE 802.11 dissector could go into an infinite
loop.
CVE-2015-3815 - The Android Logcat file parser could crash.
Patch upstream so drop and disable autoreconf.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit 3afbc4f3 (conntrack-tools: uses dlopen(), not available on static
builds) adjusted the dependencies for the comment, but forgot to update the
comment itself.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Building ncurses 5.9 with GCC 5.x fails with a syntax error, caused by
earlier preprocessing. This failure is more likely when building for
host (e.g. host-ncurses) that recently updated to GCC 5.x.
This patch is taken from the following link (more information is also
available here):
https://groups.google.com/forum/#!topic/sage-trac/U31shviuqzk
Signed-off-by: Doug Kehn <rdkehn@yahoo.com>
Acked-by: Jaap Crezee <jaap@jcz.nl>
Tested-by: Jaap Crezee <jaap@jcz.nl>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The Python setup.py has a function called add_gcc_paths(), which
executes gcc -E -v to get the list of header paths searched by
gcc. However, the logic of setup.py is only valid with the normal
english output of gcc: it doesn't work if a non-english locale is
set. This causes setup.py to not find certain headers (such as zlib.h)
and therefore disabling the build of such extensions.
Reported-by: Bruno Coudoin <bruno.coudoin@gcompris.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The Python setup.py has a function called add_gcc_paths(), which
executes gcc -E -v to get the list of header paths searched by
gcc. However, the logic of setup.py is only valid with the normal
english output of gcc: it doesn't work if a non-english locale is
set. This causes setup.py to not find certain headers (such as zlib.h)
and therefore disabling the build of such extensions.
Reported-by: Bruno Coudoin <bruno.coudoin@gcompris.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes:
http://autobuild.buildroot.net/results/7ed/7ed85071bc06b4806e90b278a0736ea70c01b456/
Upmpdcli forgets to take the dependencies of libupnpp into consideration,
breaking static linking, so help it.
Libupnpp unfortunately doesn't provide a .pc file, so manually handle its
dependencies here.
The build system doesn't expand LIBS from the configure step, so manually
pass it to make.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Following commit 95a572282e (pkg-infra: move the git download helper to a
script, 2014-07-02), move the comment describing the shallow clone trickery as
well. Merge this comment with the existing helper comment that was added in
7e40a1103a (support/download: convert git to use the wrapper, 2014-08-03).
Rename $($(PKG)_DL_VERSION) to ${cset} to match the helper code context.
Cc: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
When linking statically, the order of libraries on the linker command
line is important, and sconeserver got it wrong.
Also, sconeserver does not use pkg-config, so it misses the private
libs of -lcrypto, which is linking with -lz.
Fix that:
- add a patch to configure.in to fix the order of libraries;
- forcibly pass -lz when linking statically with openssl.
Note: we were already reconfiguring sconeserver, because it comes from
the github repository.
Fixes:
http://autobuild.buildroot.org/results/403/403eac974ecdaacdb66b8241fbdcf19ec5e07480
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Drop the --disable-optimization option, which makes the libgcrypt configure
remove buildroot's optimization setting passed in from CFLAGS.
Signed-off-by: Danomi Manchego <danomimanchego123@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
gptfdisk cgdisk select nucurses wchar support which is disabled
on bfin with FLAT binary format.
Add the ncurses's reverse dependency to gptfdisk.
Fixes:
http://autobuild.buildroot.net/results/ce3/ce35c072f0b7c3a7a1918cb865a2eecbba8a1b23/
Signed-off-by: Romain Naour <romain.naour@openwide.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes:
CVE-2015-0847 nbd-server denial of service due to unsafe signal handlers
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Since a7134ce674 (libstrophe: bump version), the package does in fact build
and install a shared library, so ensure it also ends up in target so it can
be found at runtime.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
They are not needed, and other code blocks in the same file are not
indented either.
Remove those leading spaces, so all our code blocks look the same.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Samuel Martin <s.martin49@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
