NetCube-Systems-Austria/kumquat-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
022b530661
kumquat-buildroot/package/irssi/irssi.mk
Peter Korsgaard 181ef8a1d0 irssi: security bump to version 1.0.7 
Fixes the following security issues:

Use after free when server is disconnected during netsplits.  Incomplete fix
of CVE-2017-7191.  Found by Joseph Bisch.  (CWE-416, CWE-825) -
CVE-2018-7054 [2] was assigned to this issue.

Use after free when SASL messages are received in unexpected order.  Found
by Joseph Bisch.  (CWE-416, CWE-691) - CVE-2018-7053 [3] was assigned to
this issue.

Null pointer dereference when an “empty” nick has been observed by Irssi.
Found by Joseph Bisch.  (CWE-476, CWE-475) - CVE-2018-7050 [4] was assigned
to this issue.

When the number of windows exceed the available space, Irssi would crash due
to Null pointer dereference.  Found by Joseph Bisch.  (CWE-690) -
CVE-2018-7052 [5] was assigned to this issue.

Certain nick names could result in out of bounds access when printing theme
strings.  Found by Oss-Fuzz.  (CWE-126) - CVE-2018-7051 [6] was assigned to
this issue.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-03-18 23:29:12 +01:00

46 lines
1.3 KiB
Makefile
Raw Blame History

################################################################################
#
# irssi
#
################################################################################
IRSSI_VERSION = 1.0.7
IRSSI_SOURCE = irssi-$(IRSSI_VERSION).tar.xz
# Do not use the github helper here. The generated tarball is *NOT* the
# same as the one uploaded by upstream for the release.
IRSSI_SITE = https://github.com/irssi/irssi/releases/download/$(IRSSI_VERSION)
IRSSI_LICENSE = GPL-2.0+
IRSSI_LICENSE_FILES = COPYING
IRSSI_DEPENDENCIES = host-pkgconf libglib2 ncurses openssl
IRSSI_CONF_OPTS = \
--disable-glibtest \
--without-perl
ifeq ($(BR2_PACKAGE_IRSSI_PROXY),y)
IRSSI_CONF_OPTS += --with-proxy
# If shared libs are disabled, 'proxy' has to go in the list of built-in
# modules.
ifeq ($(BR2_STATIC_LIBS),y)
IRSSI_CONF_OPTS += --with-modules=proxy
endif
else
IRSSI_CONF_OPTS += --without-proxy
endif # proxy
ifeq ($(BR2_PACKAGE_IRSSI_TRUE_COLOR),y)
IRSSI_CONF_OPTS += --enable-true-color
else
IRSSI_CONF_OPTS += --disable-true-color
endif
# Cross-compiling irssi with the perl interpreter enabled doesn't work
# yet. So, remove scripts as they are useless in that case.
define IRSSI_REMOVE_SCRIPTS
rm -rf $(TARGET_DIR)/usr/share/irssi/scripts/
endef
IRSSI_POST_INSTALL_TARGET_HOOKS += IRSSI_REMOVE_SCRIPTS
$(eval $(autotools-package))
Reference in New Issue View Git Blame Copy Permalink