NetCube-Systems-Austria/kumquat-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
ac5ebc375a
kumquat-buildroot/package/irssi/irssi.mk
Peter Korsgaard 9bf7844688 irssi: security bump to version 1.0.4 
>From the advisory:
https://irssi.org/security/irssi_sa_2017_07.txt

Two vulnerabilities have been located in Irssi.

(a) When receiving messages with invalid time stamps, Irssi would try
    to dereference a NULL pointer. Found by Brian 'geeknik' Carpenter
    of Geeknik Labs. (CWE-690)

    CVE-2017-10965 [2] was assigned to this bug

(b) While updating the internal nick list, Irssi may incorrectly use
    the GHashTable interface and free the nick while updating it. This
    will then result in use-after-free conditions on each access of
    the hash table. Found by Brian 'geeknik' Carpenter of Geeknik
    Labs. (CWE-416 caused by CWE-227)

    CVE-2017-10966 [3] was assigned to this bug

Impact
------

(a) May result in denial of service (remote crash).

(b) Undefined behaviour.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-07-08 20:32:19 +02:00

46 lines
1.3 KiB
Makefile
Raw Blame History

################################################################################
#
# irssi
#
################################################################################
IRSSI_VERSION = 1.0.4
IRSSI_SOURCE = irssi-$(IRSSI_VERSION).tar.xz
# Do not use the github helper here. The generated tarball is *NOT* the
# same as the one uploaded by upstream for the release.
IRSSI_SITE = https://github.com/irssi/irssi/releases/download/$(IRSSI_VERSION)
IRSSI_LICENSE = GPL-2.0+
IRSSI_LICENSE_FILES = COPYING
IRSSI_DEPENDENCIES = host-pkgconf libglib2 ncurses openssl
IRSSI_CONF_OPTS = \
--disable-glibtest \
--without-perl
ifeq ($(BR2_PACKAGE_IRSSI_PROXY),y)
IRSSI_CONF_OPTS += --with-proxy
# If shared libs are disabled, 'proxy' has to go in the list of built-in
# modules.
ifeq ($(BR2_STATIC_LIBS),y)
IRSSI_CONF_OPTS += --with-modules=proxy
endif
else
IRSSI_CONF_OPTS += --without-proxy
endif # proxy
ifeq ($(BR2_PACKAGE_IRSSI_TRUE_COLOR),y)
IRSSI_CONF_OPTS += --enable-true-color
else
IRSSI_CONF_OPTS += --disable-true-color
endif
# Cross-compiling irssi with the perl interpreter enabled doesn't work
# yet. So, remove scripts as they are useless in that case.
define IRSSI_REMOVE_SCRIPTS
rm -rf $(TARGET_DIR)/usr/share/irssi/scripts/
endef
IRSSI_POST_INSTALL_TARGET_HOOKS += IRSSI_REMOVE_SCRIPTS
$(eval $(autotools-package))
Reference in New Issue View Git Blame Copy Permalink