<feed xmlns='http://www.w3.org/2005/Atom'>
<title>buildroot/package/gnutls, branch 2017.11</title>
<subtitle>OpenPOWER buildroot sources</subtitle>
<id>https://git.raptorcs.com/git/buildroot/atom?h=2017.11</id>
<link rel='self' href='https://git.raptorcs.com/git/buildroot/atom?h=2017.11'/>
<link rel='alternate' type='text/html' href='https://git.raptorcs.com/git/buildroot/'/>
<updated>2017-07-31T17:09:20+00:00</updated>
<entry>
<title>package/g*: fix wrapping of Config.in help text</title>
<updated>2017-07-31T17:09:20+00:00</updated>
<author>
<name>Adam Duskett</name>
<email>Aduskett@gmail.com</email>
</author>
<published>2017-07-31T13:53:43+00:00</published>
<link rel='alternate' type='text/html' href='https://git.raptorcs.com/git/buildroot/commit/?id=be9d731edf6d5fbd138c4fb4cc09d0fa6ae2d147'/>
<id>urn:sha1:be9d731edf6d5fbd138c4fb4cc09d0fa6ae2d147</id>
<content type='text'>
The check-package script when ran gives warnings on text wrapping
on all of these Config files.  This patch cleans up all warnings
related to the text wrapping for the Config files starting with
the letter g in the package directory.

The appropriate indentation is: &lt;tab&gt;&lt;2 spaces&gt;&lt;62 chars&gt;
See http://nightly.buildroot.org/#writing-rules-config-in for more
information.

Signed-off-by: Adam Duskett &lt;aduskett@gmail.com&gt;
Signed-off-by: Thomas Petazzoni &lt;thomas.petazzoni@free-electrons.com&gt;
</content>
</entry>
<entry>
<title>gnutls: bump to version 3.5.14</title>
<updated>2017-07-04T22:15:11+00:00</updated>
<author>
<name>Peter Korsgaard</name>
<email>peter@korsgaard.com</email>
</author>
<published>2017-07-04T21:46:19+00:00</published>
<link rel='alternate' type='text/html' href='https://git.raptorcs.com/git/buildroot/commit/?id=8197236a507e370e50af4d99002cb631b96b25e7'/>
<id>urn:sha1:8197236a507e370e50af4d99002cb631b96b25e7</id>
<content type='text'>
Bugfix release, see the release notes for the fixes:

https://lists.gnupg.org/pipermail/gnutls-devel/2017-July/008469.html

Signed-off-by: Peter Korsgaard &lt;peter@korsgaard.com&gt;
Signed-off-by: Thomas Petazzoni &lt;thomas.petazzoni@free-electrons.com&gt;
</content>
</entry>
<entry>
<title>gnutls: switch to https download location</title>
<updated>2017-06-14T19:25:57+00:00</updated>
<author>
<name>Baruch Siach</name>
<email>baruch@tkos.co.il</email>
</author>
<published>2017-06-14T18:18:35+00:00</published>
<link rel='alternate' type='text/html' href='https://git.raptorcs.com/git/buildroot/commit/?id=9289b2427585279d706a6a75219108d3cd0fdaba'/>
<id>urn:sha1:9289b2427585279d706a6a75219108d3cd0fdaba</id>
<content type='text'>
HTTPS works better behind certain corporate firewalls.

Signed-off-by: Baruch Siach &lt;baruch@tkos.co.il&gt;
Signed-off-by: Peter Korsgaard &lt;peter@korsgaard.com&gt;
</content>
</entry>
<entry>
<title>gnutls: security bump to version 3.5.13</title>
<updated>2017-06-14T19:24:08+00:00</updated>
<author>
<name>Baruch Siach</name>
<email>baruch@tkos.co.il</email>
</author>
<published>2017-06-14T18:18:34+00:00</published>
<link rel='alternate' type='text/html' href='https://git.raptorcs.com/git/buildroot/commit/?id=5cbf8baaa89b7ea9db855c9a9f96a4966e1e44a1'/>
<id>urn:sha1:5cbf8baaa89b7ea9db855c9a9f96a4966e1e44a1</id>
<content type='text'>
Fixes CVE-2017-7507: decoding a status request TLS extension that has a
non-empty responder IDs list could lead to a crash due to a null pointer
dereference.

https://lists.gnupg.org/pipermail/gnutls-devel/2017-June/008446.html

Signed-off-by: Baruch Siach &lt;baruch@tkos.co.il&gt;
Signed-off-by: Peter Korsgaard &lt;peter@korsgaard.com&gt;
</content>
</entry>
<entry>
<title>package/gnutls: disable for static build</title>
<updated>2017-05-29T20:52:34+00:00</updated>
<author>
<name>Bernd Kuhls</name>
<email>bernd.kuhls@t-online.de</email>
</author>
<published>2017-05-25T16:34:43+00:00</published>
<link rel='alternate' type='text/html' href='https://git.raptorcs.com/git/buildroot/commit/?id=30ed9de2fd8a572ffce26f7a9c8187335c567668'/>
<id>urn:sha1:30ed9de2fd8a572ffce26f7a9c8187335c567668</id>
<content type='text'>
The gnutils code uses __attribute__((constructor)) and
__attribute__((destructor)) to call constructor/desctructor when a
shared library is loaded.
Constructor/desctructor are not used when a static library is used
(except when if -Wl,--whole-archive -lgnutls -Wno-whole-archive is
used, not tested).

Even if gnutls initialization (_gnutls_global_init()) may be
called manually, the gnutls maintainer said it's not supported [1].

"Note that static linking applications with gnutls is not something
 supported. gnutls relies on library constructors and destructors
 which are not loaded when linking statically."

Now the gnutls script warns about static linking [2].

So disable gnutls statically by adding "depends on !BR2_STATIC_LIBS"
at Kconfig level and --disable-static in GNUTLS_CONF_OPTS.

Fixes:
[taskd] http://autobuild.buildroot.net/results/c2d/c2dd5c1c9dc87d2943c15e58ee56e67d7375368c
[ffmpeg] http://autobuild.buildroot.net/results/892/8926d319d6d1cd1ee72239ad7d9ca869d2355628
[sngrep] http://autobuild.buildroot.net/results/f7f/f7fb42d3742f6f01000a0d181e0c785640284405

[1] https://gitlab.com/gnutls/gnutls/issues/203
[2] https://gitlab.com/gnutls/gnutls/commit/6b748886799f88ddee9721dba4fc4d52854832ae

Signed-off-by: Bernd Kuhls &lt;bernd.kuhls@t-online.de&gt;
[Romain: merge our two patches together
    add some option comment
    disable static libgnutls.a
    add sngrep autobuilder reference]
Signed-off-by: Romain Naour &lt;romain.naour@gmail.com&gt;
Tested-by: Bernd Kuhls &lt;bernd.kuhls@t-online.de&gt;
[Thomas: do not disable libgnutls.a]
Signed-off-by: Thomas Petazzoni &lt;thomas.petazzoni@free-electrons.com&gt;
</content>
</entry>
<entry>
<title>gnutls: bump version to 3.5.12</title>
<updated>2017-05-17T19:55:04+00:00</updated>
<author>
<name>Peter Korsgaard</name>
<email>peter@korsgaard.com</email>
</author>
<published>2017-05-17T13:03:11+00:00</published>
<link rel='alternate' type='text/html' href='https://git.raptorcs.com/git/buildroot/commit/?id=f8e1fdbe972b5b82b35b118e2fd7fce5e31d0de9'/>
<id>urn:sha1:f8e1fdbe972b5b82b35b118e2fd7fce5e31d0de9</id>
<content type='text'>
For details, see the release notes:

https://lists.gnupg.org/pipermail/gnutls-devel/2017-May/008427.html
https://lists.gnupg.org/pipermail/gnutls-devel/2017-April/008393.html

Signed-off-by: Peter Korsgaard &lt;peter@korsgaard.com&gt;
Signed-off-by: Thomas Petazzoni &lt;thomas.petazzoni@free-electrons.com&gt;
</content>
</entry>
<entry>
<title>packages/g*/Config.in: fix ordering of statements</title>
<updated>2017-05-01T09:32:04+00:00</updated>
<author>
<name>Adam Duskett</name>
<email>Aduskett@gmail.com</email>
</author>
<published>2017-04-22T17:17:54+00:00</published>
<link rel='alternate' type='text/html' href='https://git.raptorcs.com/git/buildroot/commit/?id=791c5db7439ed21044db2106b0955e5a859a7b83'/>
<id>urn:sha1:791c5db7439ed21044db2106b0955e5a859a7b83</id>
<content type='text'>
The check-package script when ran gives warnings on ordering issues
on all of these Config files.  This patch cleans up all warnings
related to the ordering in the Config files for packages starting with
the letter g in the package directory.

The appropriate ordering is: type, default, depends on, select, help
See http://nightly.buildroot.org/#_config_files for more information.

Signed-off-by: Adam Duskett &lt;Adamduskett@outlook.com&gt;
Signed-off-by: Thomas Petazzoni &lt;thomas.petazzoni@free-electrons.com&gt;
</content>
</entry>
<entry>
<title>boot, package: use SPDX short identifier for LGPLv2.1/LGPLv2.1+</title>
<updated>2017-04-01T13:18:10+00:00</updated>
<author>
<name>Rahul Bedarkar</name>
<email>rahulbedarkar89@gmail.com</email>
</author>
<published>2017-03-30T13:43:34+00:00</published>
<link rel='alternate' type='text/html' href='https://git.raptorcs.com/git/buildroot/commit/?id=30a3e8d108d46bbd2622b8139c996d52e48a4e10'/>
<id>urn:sha1:30a3e8d108d46bbd2622b8139c996d52e48a4e10</id>
<content type='text'>
We want to use SPDX identifier for license string as much as possible.
SPDX short identifier for LGPLv2.1/LGPLv2.1+ is LGPL-2.1/LGPL-2.1+.

This change is done using following command.
find . -name "*.mk" | xargs sed -ri '/LICENSE( )?[\+:]?=/s/LGPLv2.1(\+)?/LGPL-2.1\1/g'

Signed-off-by: Rahul Bedarkar &lt;rahulbedarkar89@gmail.com&gt;
Signed-off-by: Thomas Petazzoni &lt;thomas.petazzoni@free-electrons.com&gt;
</content>
</entry>
<entry>
<title>boot, package: use SPDX short identifier for GPLv3/GPLv3+</title>
<updated>2017-04-01T13:17:59+00:00</updated>
<author>
<name>Rahul Bedarkar</name>
<email>rahulbedarkar89@gmail.com</email>
</author>
<published>2017-03-30T13:43:33+00:00</published>
<link rel='alternate' type='text/html' href='https://git.raptorcs.com/git/buildroot/commit/?id=337aa51f3fd531ac676d4fc64075781129c9414a'/>
<id>urn:sha1:337aa51f3fd531ac676d4fc64075781129c9414a</id>
<content type='text'>
We want to use SPDX identifier for license string as much as possible.
SPDX short identifier for GPLv3/GPLv3+ is GPL-3.0/GPL-3.0+.

This change is done using following command.
find . -name "*.mk" | xargs sed -ri '/LICENSE( )?[\+:]?=/s/\&lt;GPLv3\&gt;/GPL-3.0/g'

Signed-off-by: Rahul Bedarkar &lt;rahulbedarkar89@gmail.com&gt;
Acked-by: Arnout Vandecappelle (Essensium/Mind) &lt;arnout@mind.be&gt;
Signed-off-by: Thomas Petazzoni &lt;thomas.petazzoni@free-electrons.com&gt;
</content>
</entry>
<entry>
<title>gnutls: security bump to version 3.5.10</title>
<updated>2017-03-06T16:45:23+00:00</updated>
<author>
<name>Gustavo Zacarias</name>
<email>gustavo@zacarias.com.ar</email>
</author>
<published>2017-03-06T14:55:06+00:00</published>
<link rel='alternate' type='text/html' href='https://git.raptorcs.com/git/buildroot/commit/?id=6fdb2b109bdec24ea426e0a6786ced7dbb591732'/>
<id>urn:sha1:6fdb2b109bdec24ea426e0a6786ced7dbb591732</id>
<content type='text'>
Fixes:
GNUTLS-SA-2017-3A - Addressed integer overflow resulting to invalid
memory write in OpenPGP certificate parsing.
GNUTLS-SA-2017-3B - Addressed crashes in OpenPGP certificate parsing,
related to private key parser. No longer allow OpenPGP certificates
(public keys) to contain private key sub-packets.
GNUTLS-SA-2017-3C - Addressed large allocation in OpenPGP certificate
parsing, that could lead in out-of-memory condition.

Signed-off-by: Gustavo Zacarias &lt;gustavo@zacarias.com.ar&gt;
Signed-off-by: Thomas Petazzoni &lt;thomas.petazzoni@free-electrons.com&gt;
</content>
</entry>
</feed>
