kumquat-buildroot/package/upx/upx.mk
Fabrice Fontaine 92a6db4fc6 package/upx: fix CVE-2021-20285
A flaw was found in upx canPack in p_lx_elf.cpp in UPX 3.96. This flaw
allows attackers to cause a denial of service (SEGV or buffer overflow
and application crash) or possibly have unspecified other impacts via a
crafted ELF. The highest threat from this vulnerability is to system
availability.

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-04-04 12:27:31 +02:00

32 lines
981 B
Makefile

################################################################################
#
# upx
#
################################################################################
UPX_VERSION = 3.96
UPX_SITE = https://github.com/upx/upx/releases/download/v$(UPX_VERSION)
UPX_SOURCE = upx-$(UPX_VERSION)-src.tar.xz
UPX_LICENSE = GPL-2.0+
UPX_LICENSE_FILES = COPYING
UPX_CPE_ID_VENDOR = upx_project
# 0001-Check-DT_REL-DT_RELA-DT_RELSZ-DT_RELASZ.patch
UPX_IGNORE_CVES += CVE-2021-20285
HOST_UPX_DEPENDENCIES = host-ucl host-zlib
# We need to specify all, otherwise the default target only prints a message
# stating to "please choose a target for 'make'"... :-(
define HOST_UPX_BUILD_CMDS
$(HOST_MAKE_ENV) $(HOST_CONFIGURE_OPTS) $(MAKE) \
UPX_UCLDIR=$(HOST_DIR) CXXFLAGS_WERROR= -C $(@D) all
endef
# UPX has no install procedure, so install it manually.
define HOST_UPX_INSTALL_CMDS
$(INSTALL) -D -m 0755 $(@D)/src/upx.out $(HOST_DIR)/bin/upx
endef
$(eval $(host-generic-package))