OpenPOWER buildroot sources https://git.raptorcs.com/git/buildroot/atom?h=2016.02 2016-01-31T19:33:39+00:00 2016-01-31T19:33:39+00:00 Bernd Kuhls bernd.kuhls@t-online.de 2016-01-31T18:23:50+00:00 urn:sha1:544949e4987c177ebcfa76244c5383a2267ac240 Release announcement: http://mail-archives.apache.org/mod_mbox/subversion-dev/201512.mbox/%3CCAP_GPNj_GCA869VQeJUrp5ngXsgN7pQQHSS=sqoXm8_6hHTTxg@mail.gmail.com%3E CVE-2015-5259: Remotely triggerable heap overflow and out-of-bounds read caused by integer overflow in the svn:// protocol parser. http://subversion.apache.org/security/CVE-2015-5259-advisory.txt CVE-2015-5343: Remotely triggerable heap overflow and out-of-bounds read in mod_dav_svn caused by integer overflow when parsing skel-encoded request bodies. http://subversion.apache.org/security/CVE-2015-5343-advisory.txt Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> 2015-09-28T20:15:45+00:00 Vicente Olivert Riera Vincent.Riera@imgtec.com 2015-09-28T10:07:50+00:00 urn:sha1:4965192f60a9d484a91787079122a7f9322a4f82 - Bump to version 1.9.2. - Update the hash file. - Use a tar.bz2 tarball to save space and bandwidth. - Fix a typo in the berkeley-db configure option. - Remove non-existent configure options: neon, gssapi and ssl. - Remove neon dependency: is not needed to build subversion. - Tweak the 0001-dont-mangle-cflags.patch for the 1.9.2 version and to patch configure.ac instead of configure. - Add a new 0002-disable-macos-specific-features.patch to remove a configure check for Mach-O (and two more) which breaks the build when cross-compiling. - Enable autoreconf since we are patching the configure.ac. Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> 2014-12-21T12:22:18+00:00 Gustavo Zacarias gustavo@zacarias.com.ar 2014-12-16T14:08:17+00:00 urn:sha1:d80f5c99fdaf2ffb20e3453236b987301b277b34 Fixes: CVE-2014-3580: mod_dav_svn DoS from invalid REPORT requests. CVE-2014-8108: mod_dav_svn DoS from use of invalid transaction names. Also add hash file. Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> 2014-10-27T16:41:42+00:00 Peter Korsgaard peter@korsgaard.com 2014-10-27T16:39:02+00:00 urn:sha1:97c5d445202b082d0bb390a8c395dacb09942416 Fixes: http://autobuild.buildroot.net/results/de2/de243c429c1e443efdbba82a860dbb7a03d5b746/ http://autobuild.buildroot.net/results/40c/40ce377893789883503deaa57912b87d2e0192e8/ http://autobuild.buildroot.net/results/134/13449cd77fbbd1c2b21d04b1fc866a086d915353/ http://autobuild.buildroot.net/results/e3f/e3fc33177eef955830a7be68e7b23503fd1d9ebe/ and others. Also add the missing 'select' statements for apr, expat and zlib to match the .mk file. Signed-off-by: Peter Korsgaard <peter@korsgaard.com> 2014-10-04T16:54:16+00:00 Thomas De Schampheleire patrickdepinguin@gmail.com 2014-09-27T19:32:44+00:00 urn:sha1:aaffd209fae91a733fe0becb72268f87bf4ea369 To be consistent with the recent change of FOO_MAKE_OPT into FOO_MAKE_OPTS, make the same change for FOO_CONF_OPT. Sed command used: find * -type f | xargs sed -i 's#_CONF_OPT\>#&S#g' Signed-off-by: Thomas De Schampheleire <thomas.de.schampheleire@gmail.com> Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> 2014-08-15T20:29:04+00:00 Gustavo Zacarias gustavo@zacarias.com.ar 2014-08-15T18:25:21+00:00 urn:sha1:f550bea09aec9c6f0483da4d785b988bf3cf1292 Fixes: CVE-2014-0032 - mod_dav_svn is vunerable to a remotely triggerable segfault DoS vulnerability when SVNListParentPath is on. CVE-2014-3522 - Serf RA layer does not correctly validate certificates with wildcards in them for HTTPS. CVE-2014-3528 - Credentials cached with Subversion may be sent to the wrong server. Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> 2014-01-02T14:12:02+00:00 Simon Dawson spdawson@gmail.com 2014-01-02T13:01:48+00:00 urn:sha1:ab836f14e62209ce506ff17c7f344e07458e9085 Apache licenses are referred to in a variety of ways; standardise these, choosing a form which does not contain whitespace. Signed-off-by: Simon Dawson <spdawson@gmail.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> 2013-12-22T09:59:41+00:00 Axel Lin axel.lin@ingics.com 2013-12-22T08:36:09+00:00 urn:sha1:3bbaee01d627f408ba69a8d3febf6db5261e6a57 Upgrade to latest security-related bugfixes release. Signed-off-by: Axel Lin <axel.lin@ingics.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com> 2013-08-27T22:25:59+00:00 Rico Bachmann bachmann@tofwerk.com 2013-08-27T17:08:05+00:00 urn:sha1:1eec0012200f4162722d5337b55b431e6acd8299 [Thomas: added license informations, fixed dependencies, and several cleanups.] Signed-off-by: Rico Bachmann <bachmann@tofwerk.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>