Libtool sometimes requires help2man to build manpages, but since we
don't use/need them and want to avoid pulling in and/or building
dependencies for that we just disable it. Fixes:
http://autobuild.buildroot.net/results/bfb/bfb9e298196d877b623580f882b6fe74b30bec9b/
Also add host-m4 as dependency, it's not strictly required but silences
many build warnings.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
[Thomas:
- fix license from GPLv2 to 'GPLv2+ with OpenSSL exception'
- add -std=c99 to CFLAGS, otherwise it doesn't build with a minimal
toolchain configuration
- add BR2_USE_MMU dependency since fork() is used.]
Signed-off-by: Zoltan Gyarmati <mr.zoltan.gyarmati@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Fixes:
CVE-2014-3580: mod_dav_svn DoS from invalid REPORT requests.
CVE-2014-8108: mod_dav_svn DoS from use of invalid transaction names.
Also add hash file.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Patch is upstream so remove it.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Add patch to support newer (>2.4.2) versions.
Adjust patch logic to check for patchlevel greater than 2 (apply new patch) or
not (apply current patch).
Some people/distributions used unreleased versions, with the string being
2.4.2.x, this packages are AUTORECONFed and have to be kept like this since
the up-to-2.4.2 patch doesn't work, neither does the from-2.4.3 version patch.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
This is an alternative to python-enum34 with a somewhat different API.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Currently, we can build a static-only zlib, but not a shared-only one.
This is because zlib's build-system is a custom ./configure (not using
autotools), and does not allow building/installing only the shared
library.
Simply remove the .a as a post-staging install hook. We don't care
removing it from target, since it is not used at link time to build
other packages, and it is anyway removed later before assembling the
filesystem images anyway.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Remove opcontrol and oprofiled from the install list, they are no longer
present in the package.
Remove all patches, they have been integrated upstream.
Signed-off-by: Ilya Lipnitskiy <ilya.lipnitskiy@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Jerzy Grzegorek <jerzy.grzegorek@trzebnica.net>
Reviewed-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
rpi-userland is a provider for some virtual packages, so we can not
select it, as instructed in the manual:
http://nightly.buildroot.org/#_infrastructure_for_virtual_packages
---8<---
If your package really requires a specific provider, then you’ll
have to make your package depends on this provider; you can not select a
provider.
---8<---
Instead, just depend on it. Remove the comment as well.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Fixes:
ERROR: unsafe header/library path used in cross-compilation: '/usr/include/libnl3'
Add a dependancy on host-pkgconf when BR2_PACKAGE_LIBNL is enabled.
Signed-off-by: Romain Naour <romain.naour@openwide.fr>
Reported-by: Jörg Krause <jkrause@posteo.de>
Cc: Jörg Krause <jkrause@posteo.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
json-c website and download locations have changed, the project is now
hosted on Github.
Signed-off-by: Sagaert Johan <sagaert.johan@skynet.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
old SITE is now password-protected
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
old SITE is now password-protected
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
- old SITE is now password-protected
- add hash
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
If libatomic_ops was enabled, then the host-erlang dependency was lost.
Signed-off-by: Frank Hunleth <fhunleth@troodon-software.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Snappy doesn't configure without host pkg-config, causing this totally
unhelpful diagnostic from autoconf:
configure.ac:42: error: possibly undefined macro: AC_DEFINE
If this token and others are legitimate, please use m4_pattern_allow.
See the Autoconf documentation.
configure.ac:44: error: possibly undefined macro: AC_MSG_FAILURE
So add host-pkgconf to the package's DEPENDENCIES list.
Signed-off-by: Steve James <ste@junkomatic.net>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
To fix:
CVE-2013-7041 - use case sensitive comparison in pam_userdb
CVE-2014-2583 - potential path traversal issue in pam_timestamp
Also add hash file (computed, the hash files upstream cover up to 1.1.7)
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes:
CVE-2014-8142 - Use after free vulnerability in unserialize()
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes CVE-2014-1569 - The definite_length_decoder function in
lib/util/quickder.c in Mozilla Network Security Services (NSS) before
3.16.2.4 and 3.17.x before 3.17.3 does not ensure that the DER encoding
of an ASN.1 length is properly formed, which allows remote attackers to
conduct data-smuggling attacks by using a long byte sequence for an
encoding.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Jerzy Grzegorek <jerzy.grzegorek@trzebnica.net>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
