OpenPOWER buildroot sources https://git.raptorcs.com/git/buildroot/atom?h=2016.08 2016-08-10T22:02:03+00:00 2016-08-10T22:02:03+00:00 Waldemar Brodkorb wbx@openadk.org 2016-08-10T19:37:48+00:00 urn:sha1:9ed1eda5dbe2130cd938d7a3c1a8a30aa26fa9db The GCC manual suggest when getting: relocation truncated to fit: R_68K_GOT16O foobar to use -mxgot. Fixes: http://autobuild.buildroot.net/results/8a4e26bb1c0c64759e3914eced0a36baa0967f0b/ Signed-off-by: Waldemar Brodkorb <wbx@openadk.org> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> 2016-05-23T18:09:38+00:00 Baruch Siach baruch@tkos.co.il 2016-05-23T17:41:34+00:00 urn:sha1:925f0897fecbd3d47c432fa6c41bfd0027e5ceb5 Fixes a bunch of security issues including: CVE-2016-1762: Heap-based buffer overread in xmlNextChar CVE-2016-1834: heap-buffer-overflow in xmlStrncat CVE-2016-3705: Missing increments of recursion depth counter to XML parser A few more security fixes are listed in the release announcement at https://mail.gnome.org/archives/xml/2016-May/msg00023.html. Also fixes: http://autobuild.buildroot.net/results/6db/6db405a097b192876c0b1b8d59051d614563c617/ http://autobuild.buildroot.net/results/62a/62addf4abd2a0df8222a81a83c16b2b9a61c9481/ http://autobuild.buildroot.net/results/204/20402690ad05d10d456a219da5252a38badf1da0/ Signed-off-by: Baruch Siach <baruch@tkos.co.il> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> 2015-12-13T21:50:13+00:00 Bernd Kuhls bernd.kuhls@t-online.de 2015-12-05T23:58:34+00:00 urn:sha1:a6f1b45e64b1507406ede1ed8728050202c8808c Autoreconf is not necessary since we do not patch this package anymore. LIBXML2_AUTORECONF was added back in 2012 https://git.busybox.net/buildroot/commit/package/libxml2?id=aa5d9ba3b86f21be934fdb436525a833bf120305 and apparently not removed along with the patches applied before https://git.busybox.net/buildroot/commit/package/libxml2?id=dc0e7cfc3e4050ce7c0404b11f747bf1500c50b7 Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> 2015-11-22T12:44:47+00:00 Danomi Manchego danomimanchego123@gmail.com 2015-11-22T01:38:28+00:00 urn:sha1:08e08586b579d8a339ed6f1e3da01676fa3a7010 - Fixes: - CVE-2015-5312 - Another entity expansion issue - CVE-2015-7497 - Avoid an heap buffer overflow in xmlDictComputeFastQKey - CVE-2015-7500 - Fix memory access error due to incorrect entities boundaries - CVE-2015-8242 - Buffer overead with HTML parser in push mode - Incorporates upstreamed patches as well, which also fixed: - CVE-2015-1819 - The xmlreader in libxml allows remote attackers to cause a denial of service (memory consumption) via crafted XML data, related to an XML Entity Expansion (XEE) attack. - CVE-2015-7941 - out-of-bounds memory access. - CVE-2015-7942 - heap-buffer-overflow in xmlParseConditionalSections. - CVE-2015-8035 - DoS via crafted xz file. Signed-off-by: Danomi Manchego <danomimanchego123@gmail.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> 2015-04-01T20:47:22+00:00 Gustavo Zacarias gustavo@zacarias.com.ar 2015-03-30T21:07:30+00:00 urn:sha1:f4716f79a0145fe3f2bf0d2cfe9ccbfede36fc01 Now that largefile is mandatory removes package dependencies and conditionals. Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> 2015-03-24T23:31:26+00:00 Yann E. MORIN yann.morin.1998@free.fr 2015-03-24T22:19:47+00:00 urn:sha1:26ee3d49cd244041cc7c86afa8cde38ed60d284c LZMA support is provided by xz, since liblzma is long dead. Contrary to zlib, liblzma uses pkg-config, so we do not need to add the full path to libzma. Reported-by: vdm on IRC Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> 2014-10-18T17:26:00+00:00 Gustavo Zacarias gustavo@zacarias.com.ar 2014-10-18T12:30:53+00:00 urn:sha1:91709de4175a27bc5cdecd4bb65b505c726e3aa1 Pass the zlib directory prefix to --with-zlib otherwise it expands into absolute (distribution) directories leading to bad test results in configure. Fixes: http://autobuild.buildroot.net/results/303/303d6d165c5423944122bf430575c018479733f8/build-end.log Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> 2014-10-17T12:17:48+00:00 Gustavo Zacarias gustavo@zacarias.com.ar 2014-10-16T19:02:40+00:00 urn:sha1:841c63ce669d67481450b57f0f99b44c736d97dc Fixes: CVE-2014-3660 - billion laugh variant CVE-2014-0191 - Do not fetch external parameter entities Also add hash file. Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Peter Korsgaard <peter@korsgaard.com> 2014-10-04T16:54:16+00:00 Thomas De Schampheleire patrickdepinguin@gmail.com 2014-09-27T19:32:44+00:00 urn:sha1:aaffd209fae91a733fe0becb72268f87bf4ea369 To be consistent with the recent change of FOO_MAKE_OPT into FOO_MAKE_OPTS, make the same change for FOO_CONF_OPT. Sed command used: find * -type f | xargs sed -i 's#_CONF_OPT\>#&S#g' Signed-off-by: Thomas De Schampheleire <thomas.de.schampheleire@gmail.com> Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> 2014-07-17T08:04:33+00:00 Bernd Kuhls bernd.kuhls@t-online.de 2014-07-17T05:42:56+00:00 urn:sha1:7150edb8e2ff1074aeeab97cc32af3522f13f979 Remove the ugly BR2_PACKAGE_HOST_LIBXML2_PYTHON hack as well as mesa3d was the only package needing it, this is not the case anymore since: http://cgit.freedesktop.org/mesa/mesa/commit/configure.ac?id=2de70fe23f320ce4f559e37057fe07b7af99cf5a Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>