kumquat-buildroot/package/icu/icu.mk
Peter Korsgaard f4483f1aab package/icu: backport upstream security fix for CVE-2021-30535
Fixes CVE-2021-30535: Double free in ICU in Google Chrome prior to
91.0.4472.77 allowed a remote attacker to potentially exploit heap
corruption via a crafted HTML page.

https://nvd.nist.gov/vuln/detail/CVE-2021-30535

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-12-03 17:42:43 +01:00

71 lines
2.1 KiB
Makefile

################################################################################
#
# icu
#
################################################################################
# Git tags (and therefore versions on release-monitoring.org) use the
# XX-Y format, but the tarballs are named XX_Y and the containing
# directories XX.Y.
ICU_VERSION = 69-1
ICU_SOURCE = icu4c-$(subst -,_,$(ICU_VERSION))-src.tgz
ICU_SITE = \
https://github.com/unicode-org/icu/releases/download/release-$(ICU_VERSION)
ICU_LICENSE = ICU License
ICU_LICENSE_FILES = LICENSE
ICU_CPE_ID_VENDOR = icu-project
ICU_CPE_ID_PRODUCT = international_components_for_unicode
ICU_CPE_ID_VERSION = $(subst -,.,$(ICU_VERSION))
# 0005-ICU-21587-Fix-memory-bug-w-baseName.patch
ICU_IGNORE_CVES += CVE-2021-30535
ICU_DEPENDENCIES = host-icu
ICU_INSTALL_STAGING = YES
ICU_CONFIG_SCRIPTS = icu-config
ICU_CONF_OPTS = \
--with-cross-build=$(HOST_ICU_DIR)/source \
--disable-samples \
--disable-tests
# When available, icu prefers to use C++11 atomics, which rely on the
# __atomic builtins. On certain architectures, this requires linking
# with libatomic starting from gcc 4.8.
ifeq ($(BR2_TOOLCHAIN_HAS_LIBATOMIC),y)
ICU_CONF_ENV += LIBS="-latomic"
endif
# strtod_l() is not supported by musl; also xlocale.h is missing
ifeq ($(BR2_TOOLCHAIN_USES_MUSL),y)
ICU_CONF_ENV += ac_cv_func_strtod_l=no
endif
HOST_ICU_CONF_OPTS = \
--disable-samples \
--disable-tests \
--disable-extras \
--disable-icuio \
--disable-layout \
--disable-renaming
ICU_SUBDIR = source
HOST_ICU_SUBDIR = source
ICU_CUSTOM_DATA_PATH = $(call qstrip,$(BR2_PACKAGE_ICU_CUSTOM_DATA_PATH))
ifneq ($(ICU_CUSTOM_DATA_PATH),)
define ICU_COPY_CUSTOM_DATA
cp $(ICU_CUSTOM_DATA_PATH) $(@D)/source/data/in/
endef
ICU_POST_PATCH_HOOKS += ICU_COPY_CUSTOM_DATA
endif
define ICU_REMOVE_DEV_FILES
rm -f $(addprefix $(TARGET_DIR)/usr/bin/,derb genbrk gencfu gencnval gendict genrb icuinfo makeconv uconv)
rm -f $(addprefix $(TARGET_DIR)/usr/sbin/,genccode gencmn gennorm2 gensprep icupkg)
rm -rf $(TARGET_DIR)/usr/share/icu
endef
ICU_POST_INSTALL_TARGET_HOOKS += ICU_REMOVE_DEV_FILES
$(eval $(autotools-package))
$(eval $(host-autotools-package))