Add upstream post-2.7.1 commits (except for ChangeLog modifications) fixing
the following security issues:
CVE-2017-8105 - FreeType 2 before 2017-03-24 has an out-of-bounds write
caused by a heap-based buffer overflow related to the
t1_decoder_parse_charstrings function in psaux/t1decode.c.
CVE-2017-8287 - FreeType 2 before 2017-03-26 has an out-of-bounds write
caused by a heap-based buffer overflow related to the
t1_builder_close_contour function in psaux/psobjs.c.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
LICENSE.TXT gives an overview and explains in detail that freetype is dual
licensed under the FTL and GPLv2+, so also include it in the license files.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
We want to use SPDX identifier for license strings as much as possible.
SPDX short identifier for GPLv2/GPLv2+ is GPL-2.0/GPL-2.0+.
This change is done by using following command.
find . -name "*.mk" | xargs sed -ri '/LICENSE( )?[\+:]?=/s/\<GPLv2\>/GPL-2.0/g'
Signed-off-by: Rahul Bedarkar <rahulbedarkar89@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Switch to savannah download site since sourceforge is acting funny.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
- Bump to version 2.6.1.
- Update hash file.
- Remove includes hooks since they are no longed needed.
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The "make host-freetype-patch" fails because using the autogen.sh script
doesn't find the autoconf tool. The problem was already fixed for
"make freetype-patch" adding the "host-automake" as a prerequisite to
freetype-patch, so fix it by adding "host-automake" as a prerequisite to
"host-freetype-patch" too.
Fix build failure:
running `autoconf --force'
./autogen.sh: line 15: autoconf: command not found
error while running `autoconf --force'
package/pkg-generic.mk:146: recipe for target 'buildroot/output/build/host-freetype-2.5.5/.stamp_patched' failed
Signed-off-by: Fabio Porcedda <fabio.porcedda@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
To be consistent with the recent change of FOO_MAKE_OPT into FOO_MAKE_OPTS,
change remaining occurrences of _OPT into _OPTS.
Signed-off-by: Thomas De Schampheleire <thomas.de.schampheleire@gmail.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
To be consistent with the recent change of FOO_MAKE_OPT into FOO_MAKE_OPTS,
make the same change for FOO_CONF_OPT.
Sed command used:
find * -type f | xargs sed -i 's#_CONF_OPT\>#&S#g'
Signed-off-by: Thomas De Schampheleire <thomas.de.schampheleire@gmail.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
While the autotools infrastructure was using FOO_MAKE_OPT, generic packages
were typically using FOO_MAKE_OPTS. This inconsistency becomes a problem
when a new infrastructure is introduced that wants to make use of
FOO_MAKE_OPT(S), and can live alongside either generic-package or
autotools-package. The new infrastructure will have to choose between either
OPT or OPTS, and thus rule out transparent usage by respectively generic
packages or generic packages. An example of such an infrastructure is
kconfig-package, which provides kconfig-related make targets.
The OPTS variant is more logical, as there are typically multiple options.
This patch renames all occurrences of FOO_MAKE_OPT in FOO_MAKE_OPTS.
Sed command used:
find * -type f | xargs sed -i 's#_MAKE_OPT\>#&S#g'
Signed-off-by: Thomas De Schampheleire <thomas.de.schampheleire@gmail.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Eric_L on IRC reported that the following strange behavior: the first
installation of freetype works, and then each time you do "make
freetype-dirclean freetype", it fails and works alternatively, in a
fully reproducible manner.
After some investigation, it turns out that the problem is caused by
the creation of the symbolic link /usr/include/freetype2/freetype ->
/usr/include/freetype2 for backward compatibility reasons by
freetype.mk, in a post-staging installation hook. As the symbolic link
is created *after* the installation, the first installation works
fine. However, the second installation fails because the freetype
build system does:
./builds/unix/mkinstalldirs \
/home/thomas/projets/buildroot/output/target/usr/include/freetype2/config
[...]
rm -f /home/thomas/projets/buildroot/output/target/usr/include/freetype2/freetype/config/*
rmdir /home/thomas/projets/buildroot/output/target/usr/include/freetype2/freetype/config
[...]
/usr/bin/install -c -m 644 ./builds/unix/ftconfig.h \
/home/thomas/projets/buildroot/output/target/usr/include/freetype2/config/ftconfig.h
This last line fails, because due to the symbolic link mentioned above, the
command 'rmdir
/home/thomas/projets/buildroot/output/target/usr/include/freetype2/freetype/config'
has in fact the consequence of deleting the 'config' directory created
by the mkinstalldirs command.
The proposed solution to solve this problem is to remove the symbolic link
in a pre-install hook, run the installation, and restore the symbolic link.
[Peter: minor tweaks to commit message / comment]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The "make freetype-patch" fails because does not found autogen.sh,
because autogen.sh available only for the configure stage.
To fix this add host-automake as a prerequisite to freetype-patch.
This change also fix the support to top-level parallel make.
Signed-off-by: Fabio Porcedda <fabio.porcedda@gmail.com>
Cc: Samuel Martin <s.martin49@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add libpng libraries to freetype-config and freetype2.pc when they're
needed to avoid build breakage for other packages.
Patch in a different form is already upstream.
Fixing configure & friends is not so good since autoreconf busts things
up because of the odd way things are done (upstream fixed too it seems).
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
For the target, add --with/out to configure options as needed.
For the host, disable everything.
This was triggered by a failing build of the host package because it tried to
link the shared library with libbz.a, which isn't compiled with -fPIC.
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix freetype-config's includedir and libdir since they're expanded from
configure values since bumping to version 2.4.12
Fixes:
http://autobuild.buildroot.net/results/1c7/1c70ce0ff350623cc38baf4b8b61c8a7a8586aba/
...and many others.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
The packages changed by this commit were not only changing prefix= and
exec_prefix= during their <foo>-config fixups, they were also changing
includedir= and/or libdir=. So, they could not be directly converted
to the new <pkg>_CONFIG_SCRIPTS infrastructure.
However, a careful analysis of their default <foo>-config shows that
includedir= and libdir= is defined relatively to either ${prefix} and
${exec_prefix}. Therefore, the manual fixing of includedir= and
libdir= is useless, and fixing prefix= and exec_prefix=, as done by
the <pkg>_CONFIG_SCRIPTS mechanism is sufficient.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Acked-by: "Samuel Martin" <s.martin49@gmail.com>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
Fixes a security vulnerability in the BDF implementation.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
Bump freetype to version 2.4.8 to fix CVE-2011-3439.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
Thanks to the pkgparentdir and pkgname functions, we can rewrite the
AUTOTARGETS macro in a way that avoids the need for each package to
repeat its name and the directory in which it is present.
[Peter: pkgdir->pkgparentdir]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
Now that freetype.mk has been converted to autotools infrastructure, the patch
is no longer needed. Autotools will automatically apply the needed patch.
Signed-off-by: Martin Banky <Martin.Banky@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Now that <pkg>_INSTALL_TARGET_OPT always defaults to
'DESTDIR=$(TARGET_DIR) install', we can remove the
<pkg>_INSTALL_TARGET_OPT definition from a lot of packages.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
