Commit Graph

9 Commits

Author SHA1 Message Date
Fabrice Fontaine
bc31029617 package/bootstrap: security bump to version 4.3.1
- Fix CVE-2018-14042: In Bootstrap before 4.1.2, XSS is possible in the
  data-container property of tooltip.
- Fix an XSS vulnerability (CVE-2019-8331) in our tooltip and popover
  plugins by implementing a new HTML sanitizer
- Update indentation of hash file (two spaces)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-02-13 22:03:36 +01:00
Yegor Yefremov
31b207a5db bootstrap: bump to version 4.1.0
Also install bootstrap.min.css.map as it is referenced from
bootstrap.min.css.

Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-04-20 16:35:59 +02:00
Maxime Hadjinlian
514291f39e packages: use new $($PKG)_DL_DIR) variable
Instead of DL_DIR, the package should now use $(PKG)_DL_DIR to ease the
transition into a new directory structure for DL_DIR.

This commit has been generated with the following scripts:

for i in $(find . -iname "*.mk"); do
	if ! grep -q "\$(DL_DIR)" ${i}; then
		continue
	fi
	pkg_name="$(basename $(dirname ${i}))"
	[ "${pkg_name}" = "package" ] && continue
	raw_pkg_name=$(echo ${pkg_name} | tr [a-z] [A-Z] | tr '-' '_')
	pkg_dl_dir="${raw_pkg_name}_DL_DIR"
	sed -i "s/\$(DL_DIR)/\$($pkg_dl_dir)/" ${i}
done

Signed-off-by: Maxime Hadjinlian <maxime.hadjinlian@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-04-02 15:53:53 +02:00
Romain Naour
9385bc0520 package/bootstrap: fix licence file path
The licence file is in css/ directory.

Fixes:
http://autobuild.buildroot.net/results/0d4/0d4b9488d1aa80e8d290e4dfe1937c3879eceea4

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-02-05 07:06:34 +01:00
Adam Duskett
39c181d5a9 bootstrap: bump version to 4.0.0
other changes:
  - Add a license file to bootstrap.mk
  - Add a hash for the license file to bootstrap.hash
  - Remove copying bootstrap-theme.min.css as it's no longer included.
  - Remove copying fonts folder as it's no longer included.

Signed-off-by: Adam Duskett <Adamduskett@outlook.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2018-01-30 23:02:39 +01:00
Bernd Kuhls
cc7e882872 package/bootstrap: bump version to 3.3.7
Extended _EXTRACT_CMDS and _INSTALL_TARGET_CMDS to handle updated
internal zip structure:

$ unzip -l ../dl/bootstrap-3.3.1-dist.zip
Archive:  ../dl/bootstrap-3.3.1-dist.zip
  Length      Date    Time    Name
---------  ---------- -----   ----
        0  2014-11-12 18:03   dist/
        0  2014-11-12 18:03   dist/css/
[...]

$ unzip -l ../dl/bootstrap-3.3.7-dist.zip
Archive:  ../dl/bootstrap-3.3.7-dist.zip
  Length      Date    Time    Name
---------  ---------- -----   ----
        0  2016-07-25 15:53   bootstrap-3.3.7-dist/css/
[...]

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
[Thomas: better fix for the EXTRACT_CMDS, which consists in removing the
dist/ sub-directory.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-05-25 15:34:03 +02:00
Fabio Porcedda
cb3eca8a72 bootstrap: use the UNZIP variable instead of calling it directly
Signed-off-by: Fabio Porcedda <fabio.porcedda@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2015-02-02 21:31:08 +01:00
Yegor Yefremov
efa0afe08a bootstrap: install production files only
Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2015-01-14 16:48:56 +01:00
Yegor Yefremov
62ffb640b6 bootstrap: new package
[Thomas: add 'cp -dpfr' instead of a convuluted use of 'tar c' + 'tar
x' do not a copy.]

Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2015-01-10 12:08:04 +01:00