74ac045c80
Fixes CVE-2017-7555 - Augeas versions up to and including 1.8.0 are vulnerable to heap-based buffer overflow due to improper handling of escaped strings. Attacker could send crafted strings that would cause the application using augeas to copy past the end of a buffer, leading to a crash or possible code execution. [Peter: extend description] Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
23 lines
676 B
Makefile
23 lines
676 B
Makefile
################################################################################
|
|
#
|
|
# augeas
|
|
#
|
|
################################################################################
|
|
|
|
AUGEAS_VERSION = 1.8.1
|
|
AUGEAS_SITE = http://download.augeas.net
|
|
AUGEAS_INSTALL_STAGING = YES
|
|
AUGEAS_LICENSE = LGPL-2.1+
|
|
AUGEAS_LICENSE_FILES = COPYING
|
|
AUGEAS_DEPENDENCIES = host-pkgconf readline libxml2
|
|
|
|
AUGEAS_CONF_OPTS = --disable-gnulib-tests
|
|
|
|
# Remove the test lenses which occupy about 1.4 MB on the target
|
|
define AUGEAS_REMOVE_TEST_LENSES
|
|
rm -rf $(TARGET_DIR)/usr/share/augeas/lenses/dist/tests
|
|
endef
|
|
AUGEAS_POST_INSTALL_TARGET_HOOKS += AUGEAS_REMOVE_TEST_LENSES
|
|
|
|
$(eval $(autotools-package))
|