OpenPOWER buildroot sources https://git.raptorcs.com/git/buildroot/atom?h=2019.02-op-build 2018-11-01T12:55:13+00:00 2018-11-01T12:55:13+00:00 Baruch Siach baruch@tkos.co.il 2018-10-30T11:40:23+00:00 urn:sha1:ba2705fa4a899680f1e037a01d7950ed2cd61221 Drop patch 0001. We patch the configure script directly in patch 0002, and we don't autoreconf. So this patch has no effect (never had). Rename patch 0002. The next version bump should drop this patch as well. Signed-off-by: Baruch Siach <baruch@tkos.co.il> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com> 2018-06-15T11:16:06+00:00 Baruch Siach baruch@tkos.co.il 2018-06-15T08:21:52+00:00 urn:sha1:b6543b5fdfb17adc81af33cad8133bb86e31748f Fixes CVE-2018-0495: ECDSA signing side-channel attack. Signed-off-by: Baruch Siach <baruch@tkos.co.il> Signed-off-by: Peter Korsgaard <peter@korsgaard.com> 2018-01-12T18:53:49+00:00 Baruch Siach baruch@tkos.co.il 2018-01-12T10:39:17+00:00 urn:sha1:bf0f8fae1457f154a7f8031d99b798d7fc1efcef Add license hash. Signed-off-by: Baruch Siach <baruch@tkos.co.il> Signed-off-by: Peter Korsgaard <peter@korsgaard.com> 2017-09-17T16:31:08+00:00 Bernd Kuhls bernd.kuhls@t-online.de 2017-09-17T09:56:25+00:00 urn:sha1:343db82cb2a4828e1f64e40fdba83d8e5f01fc05 Added sha1 hash provided by upstream. Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> 2017-08-30T20:08:21+00:00 Baruch Siach baruch@tkos.co.il 2017-08-30T16:07:03+00:00 urn:sha1:cd4514109a6bd248d6ca7713d97e3b257ae91c6f Fixes CVE-2017-0379: Mitigate a local side-channel attack on Curve25519 dubbed "May the Fourth be With You". As we are close to release, don't update to the latest 1.8.1 version, but to a maintenance release from the 1.7 branch. Signed-off-by: Baruch Siach <baruch@tkos.co.il> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> 2017-07-01T08:09:54+00:00 Baruch Siach baruch@tkos.co.il 2017-06-30T15:04:54+00:00 urn:sha1:10ce9c6f8d3567c2e423907d3c5b008a97c9cdfa >From the NEWS file: - Mitigate a flush+reload side-channel attack on RSA secret keys dubbed "Sliding right into disaster". For details see <https://eprint.iacr.org/2017/627>. [CVE-2017-7526] Signed-off-by: Baruch Siach <baruch@tkos.co.il> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> 2017-06-06T15:18:32+00:00 Baruch Siach baruch@tkos.co.il 2017-06-05T20:26:04+00:00 urn:sha1:869c8dfd7bd37bd11a903cadf065a1963fb8f887 Fix possible timing attack on EdDSA session key. https://lists.gnupg.org/pipermail/gnupg-announce/2017q2/000406.html Add upstream provided SHA1 hash. Switch to https download for better corporate firewall compatibility. Signed-off-by: Baruch Siach <baruch@tkos.co.il> Signed-off-by: Peter Korsgaard <peter@korsgaard.com> 2017-04-01T13:18:10+00:00 Rahul Bedarkar rahulbedarkar89@gmail.com 2017-03-30T13:43:34+00:00 urn:sha1:30a3e8d108d46bbd2622b8139c996d52e48a4e10 We want to use SPDX identifier for license string as much as possible. SPDX short identifier for LGPLv2.1/LGPLv2.1+ is LGPL-2.1/LGPL-2.1+. This change is done using following command. find . -name "*.mk" | xargs sed -ri '/LICENSE( )?[\+:]?=/s/LGPLv2.1(\+)?/LGPL-2.1\1/g' Signed-off-by: Rahul Bedarkar <rahulbedarkar89@gmail.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> 2017-01-27T12:10:06+00:00 Jörg Krause joerg.krause@embedded.rocks 2017-01-27T09:51:39+00:00 urn:sha1:75dd0d439c7254af209305574f9c9c8d25863fac No announcement was made for this version, so the hash was calculated locally. Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks> Signed-off-by: Peter Korsgaard <peter@korsgaard.com> 2016-12-30T20:12:36+00:00 Gustavo Zacarias gustavo@zacarias.com.ar 2016-12-30T13:28:20+00:00 urn:sha1:fd469943b9fc73d18c80efe8c5805aed93dc327e Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>