OpenPOWER buildroot sources https://git.raptorcs.com/git/buildroot/atom?h=2017.02 2017-01-16T12:16:14+00:00 2017-01-16T12:16:14+00:00 Baruch Siach baruch@tkos.co.il 2017-01-14T19:15:48+00:00 urn:sha1:0852552c69c6fa320f38d9c3c77a6f7f6c099c6a Add a patch to disable the default cmake C++ compiler check. Fixes: http://autobuild.buildroot.net/results/970/97001530e59062c36f27721877cb8b5c3ba8906a/ Signed-off-by: Baruch Siach <baruch@tkos.co.il> Signed-off-by: Peter Korsgaard <peter@korsgaard.com> 2017-01-16T12:15:20+00:00 Baruch Siach baruch@tkos.co.il 2017-01-14T18:08:29+00:00 urn:sha1:7a0402d3a8ab9b25cdc4bed5ab50db127e502dfc We don't need the PDF document on target. This also avoids incompatible host Latex packages. Fixes: http://autobuild.buildroot.net/results/e60/e60c4a71a08aebadd0bc3fb95a57a4a223e4b6fa/ http://autobuild.buildroot.net/results/4ec/4ec8a1735590a3cad4b74630b4b6bdd2e3a7eec8/ [Peter: reformat as suggested by Yann] Signed-off-by: Baruch Siach <baruch@tkos.co.il> Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr> Signed-off-by: Peter Korsgaard <peter@korsgaard.com> 2017-01-13T15:13:20+00:00 Baruch Siach baruch@tkos.co.il 2017-01-12T20:47:44+00:00 urn:sha1:015457a852dd733ea555dc8c145235915546fcc6 Use upstream provided tarball. Upstream switched to cmake. libjpeg dependency is now optional. Signed-off-by: Baruch Siach <baruch@tkos.co.il> Signed-off-by: Peter Korsgaard <peter@korsgaard.com> 2016-12-02T07:53:56+00:00 Peter Korsgaard peter@korsgaard.com 2016-12-02T07:53:56+00:00 urn:sha1:44d2cc99a47fd2a3201785bc558716c162b081ab My local 'next' branch was not uptodate, so the previous merge was missing the most recent changes. Thanks to François Perrad for noticing. Signed-off-by: Peter Korsgaard <peter@korsgaard.com> 2016-11-30T21:57:30+00:00 Max Filippov jcmvbkbc@gmail.com 2016-11-28T21:54:30+00:00 urn:sha1:c43b09a99fca22cd2e03e9d8370a23aaf4066a19 This reverts commit 71d9b0c1f06896f113b09e941aa84d979bff5710. Now that -mauto-litpools is in TARGET_ABI when building for xtensa, -O0 builds succeed, so this workaround is no longer needed. Signed-off-by: Max Filippov <jcmvbkbc@gmail.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> 2016-11-29T21:36:00+00:00 Vicente Olivert Riera Vincent.Riera@imgtec.com 2016-11-29T11:23:03+00:00 urn:sha1:97f8aa4005be8456af52cacd5cfb4b077e55b5fa Fixed CVEs: - CVE-2016-9387 - CVE-2016-9388 - CVE-2016-9389 - CVE-2016-9390 - CVE-2016-9391 - CVE-2016-9392 - CVE-2016-9393 - CVE-2016-9394 - CVE-2016-9395 - CVE-2016-9396 - CVE-2016-9397 - CVE-2016-9398 - CVE-2016-9399 - CVE-2016-9557 - CVE-2016-9560 Changes to jasper.mk: - Switched site method to GitHub. 1.900.31 is not released as a tarball in the official website. - Autoreconf necessary since there isn't any configure script. We need to generate it. Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com> 2016-11-13T11:23:17+00:00 Baruch Siach baruch@tkos.co.il 2016-11-12T19:29:56+00:00 urn:sha1:4605967780e9ecd14fba8100618963247ba72442 The -pedantic-errors gcc option turns -pedantic warnings into errors. This mostly affects older gcc versions that default to the ISO90 C standard. Use the --disable-strict configure option to remove -pedantic-errors. Fixes: http://autobuild.buildroot.net/results/191/191f80779df1a9e6f832106e6c4bdf601e2a9893/ http://autobuild.buildroot.net/results/1fe/1febccc7215814490fa3c776b34bc367363afe39/ http://autobuild.buildroot.net/results/a6f/a6f9bfec3406fc21b130f1669e3534651b9c9596/ Signed-off-by: Baruch Siach <baruch@tkos.co.il> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> 2016-11-11T14:07:43+00:00 Baruch Siach baruch@tkos.co.il 2016-11-10T17:54:39+00:00 urn:sha1:7a21e6e9e3095197267d11c0844e94d648d5f379 Fixes: CVE-2016-8693: Double free vulnerability in mem_close CVE-2016-8692: Divide by zero in jpc_dec_process_siz CVE-2016-8691: Divide by zero in jpc_dec_process_siz CVE-2016-8690: Null pointer dereference in bmp_getdata triggered by crafted BMP image CVE-2016-2089: matrix rows_ NULL pointer dereference in jas_matrix_clip() CVE-2016-8886: memory allocation failure in jas_malloc CVE-2016-8887: Null pointer dereference in jp2_colr_destroy CVE-2016-8884, CVE-2016-8885: Null pointer dereference in bmp_getdata (incomplete fix for CVE-2016-8690) CVE-2016-8880: Heap buffer overflow in jpc_dec_cp_setfromcox() CVE-2016-8881: Heap buffer overflow in jpc_getuint16() CVE-2016-8882: Null pointer access in jpc_pi_destroy CVE-2016-8883: Assert in jpc_dec_tiledecode() Drop upstream patches. Change SITE to the official download location, since the current one does not have the updated version. Unfortunately, the official site only offers tar.gz. Fix license. It is "based on the MIT license", but not exactly the same (http://www.ece.uvic.ca/~frodo/jasper/; under "Legal Issues"). Drop autoreconf; the autotools version has been updated since commit 324ccec90d (jasper: autoreconf to fix rpath issue) that introduced it. Cc: Maxime Hadjinlian <maxime.hadjinlian@gmail.com> Signed-off-by: Baruch Siach <baruch@tkos.co.il> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> 2016-08-17T06:39:36+00:00 Gustavo Zacarias gustavo@zacarias.com.ar 2016-08-17T01:05:54+00:00 urn:sha1:61e069e164a3727b7c3a6e5ee88b3340bed0a57f Fixes: CVE-2016-2116 - Memory leak in jas_iccprof_createfrombuf causing memory consumption. CVE-2016-1577 - Double free vulnerability in jas_iccattrval_destroy. CVE-2016-1867 - out-of-bounds read in the jpc_pi_nextcprl() function. CVE-2015-5221 - Use-after-free and double-free flaws in Jasper JPEG-2000 library. CVE-2015-5203 - double free in jasper_image_stop_load() Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Peter Korsgaard <peter@korsgaard.com> 2015-07-16T20:36:36+00:00 Gustavo Zacarias gustavo@zacarias.com.ar 2015-07-15T18:28:23+00:00 urn:sha1:1a4bf69188360a76c6bc38183c3d0651a7297214 Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>