buildroot/package/patch, branch 2019.02-op-build

package/patch: fix xattr option

2018-05-06T15:32:24+00:00

The name of the configure option is, and has always been, --enable-xattr, not --enable-attr. Otherwise, configure whines: configure: WARNING: unrecognized options: --enable-attr Signed-off-by: "Yann E. MORIN" Signed-off-by: Peter Korsgaard

patch: add upstream security fix

2018-04-09T18:59:02+00:00

Fixes CVE-2018-1000156: arbitrary command execution in ed-style patches. Depend on MMU for now, because the patch adds a fork() call. Upstream later switched to gnulib provided execute(), so this dependency can be dropped on the next version bump. Signed-off-by: Baruch Siach Signed-off-by: Thomas Petazzoni

patch: security bump to version 2.7.6

2018-02-23T08:08:48+00:00

Fixes CVE-2016-10713: Out-of-bounds access within pch_write_line() in pch.c can possibly lead to DoS via a crafted input file. Add upstream patch fixing CVE-2018-6951: There is a segmentation fault, associated with a NULL pointer dereference, leading to a denial of service in the intuit_diff_type function in pch.c, aka a "mangled rename" issue. This bump does NOT fix CVE-2018-6952. See upstream bug #53133 (https://savannah.gnu.org/bugs/index.php?53133). Add license file hash. Signed-off-by: Baruch Siach Signed-off-by: Peter Korsgaard

package/*/Config.in: fix help text check-package warnings

2017-12-18T08:22:54+00:00

This commit fixes the warnings reported by check-package on the help text of all package Config.in files, related to the formatting of the help text: should start with a tab, then 2 spaces, then at most 62 characters. The vast majority of warnings fixed were caused by too long lines. A few warnings were related to spaces being used instead of a tab to indent the help text. Signed-off-by: Thomas Petazzoni

boot, package: use SPDX short identifier for GPLv3/GPLv3+

2017-04-01T13:17:59+00:00

We want to use SPDX identifier for license string as much as possible. SPDX short identifier for GPLv3/GPLv3+ is GPL-3.0/GPL-3.0+. This change is done using following command. find . -name "*.mk" | xargs sed -ri '/LICENSE( )?[\+:]?=/s/\/GPL-3.0/g' Signed-off-by: Rahul Bedarkar Acked-by: Arnout Vandecappelle (Essensium/Mind) Signed-off-by: Thomas Petazzoni

package: move busybox show others dependency to per-package

2016-07-04T14:12:38+00:00

Having the BR2_PACKAGE_BUSYBOX_SHOW_OTHERS dependencies in package/Config.in is not very practical: it makes this file not very readable, and puts the dependency away from the package itself, which can sometimes be confusing. Therefore, this commit moves the dependency in each package Config.in file. Signed-off-by: Thomas Petazzoni Signed-off-by: Peter Korsgaard

package/patch: add optional support for attr

2016-02-21T11:29:49+00:00

When attr was compiled before, patch will use it as optional dependency: $ output/host/usr/bin/x86_64-linux-readelf -a output/target/usr/bin/patch | grep NEEDED 0x0000000000000001 (NEEDED) Shared library: [libattr.so.1] 0x0000000000000001 (NEEDED) Shared library: [libc.so.1] Signed-off-by: Bernd Kuhls Signed-off-by: Thomas Petazzoni

patch: bump to version 2.7.5

2015-03-09T13:05:29+00:00

Signed-off-by: Gustavo Zacarias Signed-off-by: Thomas Petazzoni

patch: security bump to version 2.7.3

2015-01-23T15:40:50+00:00

Fixes CVE-2015-1196 - allows remote attackers to write to arbitrary files via a symlink attack in a patch file. Signed-off-by: Gustavo Zacarias Signed-off-by: Peter Korsgaard

Config.in files: unify comments of toolchain option dependencies

2013-10-14T20:45:57+00:00

This patch lines up the comments in Config.in files that clarify which toolchain options the package depends on. Signed-off-by: Thomas De Schampheleire Signed-off-by: Peter Korsgaard