OpenPOWER buildroot sources https://git.raptorcs.com/git/buildroot/atom?h=2016.08 2016-08-18T07:18:24+00:00 2016-08-18T07:18:24+00:00 Baruch Siach baruch@tkos.co.il 2016-08-18T05:43:03+00:00 urn:sha1:55c74d6b974cc7508e9855e8579ddd2115c80b2b Fixes CVE-2016-6316: Bug in the mixing functions of Libgcrypt's random number generator. An attacker who obtains 4640 bits from the RNG can trivially predict the next 160 bits of output. Signed-off-by: Baruch Siach <baruch@tkos.co.il> Signed-off-by: Peter Korsgaard <peter@korsgaard.com> 2016-08-05T07:16:45+00:00 Waldemar Brodkorb wbx@openadk.org 2016-07-31T08:28:03+00:00 urn:sha1:e60f2d7735040a1dd83a9477f328d763ac987625 Fixes: http://autobuild.buildroot.org/results/374/374158bb0a0e6a16af5d0b909cd05ec52812aaa3/ Signed-off-by: Waldemar Brodkorb <wbx@openadk.org> Signed-off-by: Peter Korsgaard <peter@korsgaard.com> 2016-07-15T12:29:35+00:00 Vicente Olivert Riera Vincent.Riera@imgtec.com 2016-07-15T10:08:42+00:00 urn:sha1:a7663007378c87b17bc22738222879499febda6b Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> 2016-07-04T20:22:27+00:00 Jörg Krause joerg.krause@embedded.rocks 2016-07-03T23:48:34+00:00 urn:sha1:2f89476ad98b82ea9f914337b0050c4808082c82 This patch is based on a patch sent by Vicente Olivert Riera and commented by Arnout Vandecappelle [1]. - Bump version to 1.23 - Add a hook to fix cross-compilation - Fix license and license files - Remove patch applied upstream - Add a BR2_PACKAGE_LIBGPG_ERROR_ARCH_SUPPORTS variable - Propagate the dependencies using that variable: * package/cppcms * package/crda * package/gnupg2 - package/gcr - package/midori * package/kodi * package/libaacs * package/libassuan * package/libgcrypt * package/libgpgme * package/libksba * package/libmicrohttpd - package/janus-gateway - package/kodi - package/ola - package/systemd * package/libssh * package/libssh2 - package/php-ssh2 * package/netatalk * package/network-manager * package/ntfs-3g * package/opkg * package/php-gnupg * package/rng-tools * package/strongswan * package/vpnc [1] http://patchwork.ozlabs.org/patch/416427/ Cc: Arnout Vandecappelle <arnout@mind.be> Cc: Vicente Olivert Riera <Vincent.Riera@imgtec.com> Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks> [Thomas: - rebase on master - changing systemd no longer needed, as it no longer selects libgcrypt.] Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> [Maxime: - rebase on master - bump to new version - propagate dependencies to missing packages] Signed-off-by: Maxime Hadjinlian <maxime.hadjinlian@gmail.com> Reviewed-by: Romain Naour <romain.naour@gmail.com> [Thomas: - fix hash file. - change the way to handle the various arch so that it works properly for uClibc. - add nios2 arch support. - Maxime Hadjinlian learned some basic Emacs-fu to do the final fixups of this commit.] Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> 2016-02-11T22:09:12+00:00 Gustavo Zacarias gustavo@zacarias.com.ar 2016-02-10T11:06:25+00:00 urn:sha1:f05056b03ed19905870a7a5b15d7e57d2163bba9 Fixes: CVE-2015-7511 - Mitigate side-channel attack on ECDH with Weierstrass curves. Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Peter Korsgaard <peter@korsgaard.com> 2015-09-11T17:49:04+00:00 Vicente Olivert Riera Vincent.Riera@imgtec.com 2015-09-11T12:45:31+00:00 urn:sha1:7e5ddfbf85494de81254b02f566c0335f9070a3e Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> 2015-05-31T08:22:28+00:00 Danomi Manchego danomimanchego123@gmail.com 2015-05-31T01:44:14+00:00 urn:sha1:32e4bceaebdd40f5ab482243cc17930a2aa673a9 Drop the --disable-optimization option, which makes the libgcrypt configure remove buildroot's optimization setting passed in from CFLAGS. Signed-off-by: Danomi Manchego <danomimanchego123@gmail.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> 2015-03-31T11:57:41+00:00 Jerzy Grzegorek jerzy.grzegorek@trzebnica.net 2015-03-31T07:21:57+00:00 urn:sha1:bd8c733fb4a0ca6ca1aa72f8b549d53dcd37f4ee This commit doesn't touch infra packages. Signed-off-by: Jerzy Grzegorek <jerzy.grzegorek@trzebnica.net> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> 2015-02-28T12:03:54+00:00 Gustavo Zacarias gustavo@zacarias.com.ar 2015-02-28T11:09:12+00:00 urn:sha1:b3db3aba6e442da91e5b55ee97ac3c789849051c Fixes: CVE-2014-3591 - Use ciphertext blinding for Elgamal decryption CVE-2015-0837 - Fixed data-dependent timing variations in modular exponentiation. Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Peter Korsgaard <peter@korsgaard.com> 2015-02-03T13:52:56+00:00 Peter Korsgaard peter@korsgaard.com 2015-02-03T13:52:07+00:00 urn:sha1:298cd8eaa21a21eee85f9551a26ad294347b1d5a Autogenerated from rename-patch.py (http://patchwork.ozlabs.org/patch/403345) Signed-off-by: Samuel Martin <s.martin49@gmail.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>