OpenPOWER buildroot sources https://git.raptorcs.com/git/buildroot/atom?h=2016.02 2015-12-13T21:50:13+00:00 2015-12-13T21:50:13+00:00 Bernd Kuhls bernd.kuhls@t-online.de 2015-12-05T23:58:34+00:00 urn:sha1:a6f1b45e64b1507406ede1ed8728050202c8808c Autoreconf is not necessary since we do not patch this package anymore. LIBXML2_AUTORECONF was added back in 2012 https://git.busybox.net/buildroot/commit/package/libxml2?id=aa5d9ba3b86f21be934fdb436525a833bf120305 and apparently not removed along with the patches applied before https://git.busybox.net/buildroot/commit/package/libxml2?id=dc0e7cfc3e4050ce7c0404b11f747bf1500c50b7 Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> 2015-11-22T12:44:47+00:00 Danomi Manchego danomimanchego123@gmail.com 2015-11-22T01:38:28+00:00 urn:sha1:08e08586b579d8a339ed6f1e3da01676fa3a7010 - Fixes: - CVE-2015-5312 - Another entity expansion issue - CVE-2015-7497 - Avoid an heap buffer overflow in xmlDictComputeFastQKey - CVE-2015-7500 - Fix memory access error due to incorrect entities boundaries - CVE-2015-8242 - Buffer overead with HTML parser in push mode - Incorporates upstreamed patches as well, which also fixed: - CVE-2015-1819 - The xmlreader in libxml allows remote attackers to cause a denial of service (memory consumption) via crafted XML data, related to an XML Entity Expansion (XEE) attack. - CVE-2015-7941 - out-of-bounds memory access. - CVE-2015-7942 - heap-buffer-overflow in xmlParseConditionalSections. - CVE-2015-8035 - DoS via crafted xz file. Signed-off-by: Danomi Manchego <danomimanchego123@gmail.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> 2015-11-18T21:21:31+00:00 Gustavo Zacarias gustavo@zacarias.com.ar 2015-11-17T23:08:45+00:00 urn:sha1:97abbf210a9fbbddaec534faef7c6e86f0545bef Fixes: CVE-2015-1819 - The xmlreader in libxml allows remote attackers to cause a denial of service (memory consumption) via crafted XML data, related to an XML Entity Expansion (XEE) attack. CVE-2015-7941 - out-of-bounds memory access. CVE-2015-7942 - heap-buffer-overflow in xmlParseConditionalSections. CVE-2015-8035 - DoS via crafted xz file. All patches upstream. Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> 2015-04-11T13:34:11+00:00 Bernd Kuhls bernd.kuhls@t-online.de 2015-04-11T09:30:55+00:00 urn:sha1:946641e8028deb365845d7c4cda2c95c89b75ae6 Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> 2015-04-01T20:47:22+00:00 Gustavo Zacarias gustavo@zacarias.com.ar 2015-03-30T21:07:30+00:00 urn:sha1:f4716f79a0145fe3f2bf0d2cfe9ccbfede36fc01 Now that largefile is mandatory removes package dependencies and conditionals. Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> 2015-03-24T23:31:26+00:00 Yann E. MORIN yann.morin.1998@free.fr 2015-03-24T22:19:47+00:00 urn:sha1:26ee3d49cd244041cc7c86afa8cde38ed60d284c LZMA support is provided by xz, since liblzma is long dead. Contrary to zlib, liblzma uses pkg-config, so we do not need to add the full path to libzma. Reported-by: vdm on IRC Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> 2014-12-30T10:19:00+00:00 Samuel Martin s.martin49@gmail.com 2014-12-30T09:36:26+00:00 urn:sha1:dc9022e48107ef5d28cdcfbbfb234fc28255bccd This patch aligns the libxml2-config.cmake module to what the libxml-2.0.pc set. This patch has already been sent upstream: https://mail.gnome.org/archives/xml/2014-December/msg00015.html Signed-off-by: Samuel Martin <s.martin49@gmail.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com> 2014-10-18T17:26:00+00:00 Gustavo Zacarias gustavo@zacarias.com.ar 2014-10-18T12:30:53+00:00 urn:sha1:91709de4175a27bc5cdecd4bb65b505c726e3aa1 Pass the zlib directory prefix to --with-zlib otherwise it expands into absolute (distribution) directories leading to bad test results in configure. Fixes: http://autobuild.buildroot.net/results/303/303d6d165c5423944122bf430575c018479733f8/build-end.log Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> 2014-10-17T12:17:48+00:00 Gustavo Zacarias gustavo@zacarias.com.ar 2014-10-16T19:02:40+00:00 urn:sha1:841c63ce669d67481450b57f0f99b44c736d97dc Fixes: CVE-2014-3660 - billion laugh variant CVE-2014-0191 - Do not fetch external parameter entities Also add hash file. Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Peter Korsgaard <peter@korsgaard.com> 2014-10-04T16:54:16+00:00 Thomas De Schampheleire patrickdepinguin@gmail.com 2014-09-27T19:32:44+00:00 urn:sha1:aaffd209fae91a733fe0becb72268f87bf4ea369 To be consistent with the recent change of FOO_MAKE_OPT into FOO_MAKE_OPTS, make the same change for FOO_CONF_OPT. Sed command used: find * -type f | xargs sed -i 's#_CONF_OPT\>#&S#g' Signed-off-by: Thomas De Schampheleire <thomas.de.schampheleire@gmail.com> Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>