OpenPOWER buildroot sources https://git.raptorcs.com/git/buildroot/atom?h=2016.02 2015-12-13T21:50:13+00:00 2015-12-13T21:50:13+00:00 Bernd Kuhls bernd.kuhls@t-online.de 2015-12-05T23:58:34+00:00 urn:sha1:a6f1b45e64b1507406ede1ed8728050202c8808c Autoreconf is not necessary since we do not patch this package anymore. LIBXML2_AUTORECONF was added back in 2012 https://git.busybox.net/buildroot/commit/package/libxml2?id=aa5d9ba3b86f21be934fdb436525a833bf120305 and apparently not removed along with the patches applied before https://git.busybox.net/buildroot/commit/package/libxml2?id=dc0e7cfc3e4050ce7c0404b11f747bf1500c50b7 Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> 2015-11-22T12:44:47+00:00 Danomi Manchego danomimanchego123@gmail.com 2015-11-22T01:38:28+00:00 urn:sha1:08e08586b579d8a339ed6f1e3da01676fa3a7010 - Fixes: - CVE-2015-5312 - Another entity expansion issue - CVE-2015-7497 - Avoid an heap buffer overflow in xmlDictComputeFastQKey - CVE-2015-7500 - Fix memory access error due to incorrect entities boundaries - CVE-2015-8242 - Buffer overead with HTML parser in push mode - Incorporates upstreamed patches as well, which also fixed: - CVE-2015-1819 - The xmlreader in libxml allows remote attackers to cause a denial of service (memory consumption) via crafted XML data, related to an XML Entity Expansion (XEE) attack. - CVE-2015-7941 - out-of-bounds memory access. - CVE-2015-7942 - heap-buffer-overflow in xmlParseConditionalSections. - CVE-2015-8035 - DoS via crafted xz file. Signed-off-by: Danomi Manchego <danomimanchego123@gmail.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> 2015-04-01T20:47:22+00:00 Gustavo Zacarias gustavo@zacarias.com.ar 2015-03-30T21:07:30+00:00 urn:sha1:f4716f79a0145fe3f2bf0d2cfe9ccbfede36fc01 Now that largefile is mandatory removes package dependencies and conditionals. Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> 2015-03-24T23:31:26+00:00 Yann E. MORIN yann.morin.1998@free.fr 2015-03-24T22:19:47+00:00 urn:sha1:26ee3d49cd244041cc7c86afa8cde38ed60d284c LZMA support is provided by xz, since liblzma is long dead. Contrary to zlib, liblzma uses pkg-config, so we do not need to add the full path to libzma. Reported-by: vdm on IRC Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> 2014-10-18T17:26:00+00:00 Gustavo Zacarias gustavo@zacarias.com.ar 2014-10-18T12:30:53+00:00 urn:sha1:91709de4175a27bc5cdecd4bb65b505c726e3aa1 Pass the zlib directory prefix to --with-zlib otherwise it expands into absolute (distribution) directories leading to bad test results in configure. Fixes: http://autobuild.buildroot.net/results/303/303d6d165c5423944122bf430575c018479733f8/build-end.log Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> 2014-10-17T12:17:48+00:00 Gustavo Zacarias gustavo@zacarias.com.ar 2014-10-16T19:02:40+00:00 urn:sha1:841c63ce669d67481450b57f0f99b44c736d97dc Fixes: CVE-2014-3660 - billion laugh variant CVE-2014-0191 - Do not fetch external parameter entities Also add hash file. Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Peter Korsgaard <peter@korsgaard.com> 2014-10-04T16:54:16+00:00 Thomas De Schampheleire patrickdepinguin@gmail.com 2014-09-27T19:32:44+00:00 urn:sha1:aaffd209fae91a733fe0becb72268f87bf4ea369 To be consistent with the recent change of FOO_MAKE_OPT into FOO_MAKE_OPTS, make the same change for FOO_CONF_OPT. Sed command used: find * -type f | xargs sed -i 's#_CONF_OPT\>#&S#g' Signed-off-by: Thomas De Schampheleire <thomas.de.schampheleire@gmail.com> Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> 2014-07-17T08:04:33+00:00 Bernd Kuhls bernd.kuhls@t-online.de 2014-07-17T05:42:56+00:00 urn:sha1:7150edb8e2ff1074aeeab97cc32af3522f13f979 Remove the ugly BR2_PACKAGE_HOST_LIBXML2_PYTHON hack as well as mesa3d was the only package needing it, this is not the case anymore since: http://cgit.freedesktop.org/mesa/mesa/commit/configure.ac?id=2de70fe23f320ce4f559e37057fe07b7af99cf5a Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> 2014-02-26T22:48:33+00:00 Thomas Petazzoni thomas.petazzoni@free-electrons.com 2014-02-26T21:27:35+00:00 urn:sha1:de62a1ab616cf5ecc674ce5205d34e9f8c383cf8 The host-libxml2 package does not depend on zlib or lzma, but may detect versions available on the host. This can cause problems in the following situation: 1 host-libxml2 is built, finds an available lzma library in the system, enables lzma support by using it. 2 host-xz is built, which installs a different version of the lzma library into $(HOST_DIR) 3 host-libxslt is built, tries to link against libxml2, which fails because now the visible lzma library is the one from $(HOST_DIR)/usr/lib and no longer the one libxml2 was built agains. To fix this, this patch passes --without-zlib and --without-lzma to the host package. In addition, since the target variant of libxml2 does not have provisions to depend on the target lzma, we also pass --without-lzma for the target variant. The case of zlib for the target was already properly taken into account. Fixes: http://autobuild.buildroot.org/results/6dc/6dcef647eb0f0db7de3f34194eb15ceebc645b39/ Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com> 2013-06-28T19:04:14+00:00 Carsten Schoenert c.schoenert@gmail.com 2013-06-28T18:52:34+00:00 urn:sha1:e8df32e59a70928a036216d9722f66410f6f4c6a Signed-off-by: Carsten Schoenert <c.schoenert@gmail.com> Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>