[Buildroot] [PATCH v2 1/4] package/tor: security bump to version 0.3.1.7

[Buildroot] [PATCH v2 1/4] package/tor: security bump to version 0.3.1.7

[Bernd Kuhls]

Quoted from release notes:
https://blog.torproject.org/tor-0317-now-released
"Tor 0.3.1.7 is the first stable release in the 0.3.1 series."

Fixes CVE-2017-0380:
https://trac.torproject.org/projects/tor/ticket/23490

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
---
v2: added note about CVE-2017-0380 and updated subject

 package/tor/0001-openssl-libz.patch | 124 +++++++++++++++++++-----------------
 package/tor/tor.hash                |   2 +-
 package/tor/tor.mk                  |   2 +-
 3 files changed, 68 insertions(+), 60 deletions(-)

diff --git a/package/tor/0001-openssl-libz.patch b/package/tor/0001-openssl-libz.patch
index 93fb942a40..c70894eba1 100644
--- a/package/tor/0001-openssl-libz.patch
+++ b/package/tor/0001-openssl-libz.patch
@@ -3,20 +3,15 @@ and remove host paths when looking for openssl.
 
 [Vincent:
  - Adapt the patch to make it apply on the new version.]
-[Bernd: rebased for tor-0.2.7.6, 0.2.8.10 & 0.2.9.9]
+[Bernd: rebased for tor-0.2.7.6, 0.2.8.10, 0.2.9.9 & 0.3.1.7]
 
 Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
 Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
 
-diff -uNr tor-0.2.7.6.org/configure.ac tor-0.2.7.6/configure.ac
---- tor-0.2.7.6.org/configure.ac	2015-12-10 16:15:25.000000000 +0100
-+++ tor-0.2.7.6/configure.ac	2016-01-31 20:21:34.850408145 +0100
-@@ -612,11 +612,11 @@
-       fi
-   ])
- 
--TOR_SEARCH_LIBRARY(openssl, $tryssldir, [-lssl -lcrypto $TOR_LIB_GDI],
-+TOR_SEARCH_LIBRARY(openssl, $tryssldir, [-lssl -lcrypto -lz $TOR_LIB_GDI],
+diff -uNr tor-0.3.1.7.org/configure.ac tor-0.3.1.7/configure.ac
+--- tor-0.3.1.7.org/configure.ac	2017-09-15 15:34:06.000000000 +0200
++++ tor-0.3.1.7/configure.ac	2017-09-19 19:40:17.090538467 +0200
+@@ -713,7 +713,7 @@
      [#include <openssl/rand.h>],
      [void RAND_add(const void *buf, int num, double entropy);],
      [RAND_add((void*)0,0,0);], [],
@@ -25,78 +20,100 @@ diff -uNr tor-0.2.7.6.org/configure.ac tor-0.2.7.6/configure.ac
  
  dnl XXXX check for OPENSSL_VERSION_NUMBER == SSLeay()
  
-diff -uNr tor-0.2.7.6.org/src/or/include.am tor-0.2.7.6/src/or/include.am
---- tor-0.2.7.6.org/src/or/include.am	2015-12-08 18:35:17.000000000 +0100
-+++ tor-0.2.7.6/src/or/include.am	2016-01-31 20:22:09.322777527 +0100
-@@ -108,7 +108,7 @@
- src_or_tor_LDADD = src/or/libtor.a src/common/libor.a src/common/libor-ctime.a \
+diff -uNr tor-0.3.1.7.org/src/or/include.am tor-0.3.1.7/src/or/include.am
+--- tor-0.3.1.7.org/src/or/include.am	2017-06-19 17:56:51.000000000 +0200
++++ tor-0.3.1.7/src/or/include.am	2017-09-19 19:41:02.015861546 +0200
+@@ -122,7 +122,7 @@
  	src/common/libor-crypto.a $(LIBKECCAK_TINY) $(LIBDONNA) \
  	src/common/libor-event.a src/trunnel/libor-trunnel.a \
+ 	src/trace/libor-trace.a \
 -	@TOR_ZLIB_LIBS@ @TOR_LIB_MATH@ @TOR_LIBEVENT_LIBS@ @TOR_OPENSSL_LIBS@ \
 +	@TOR_LIB_MATH@ @TOR_LIBEVENT_LIBS@ @TOR_OPENSSL_LIBS@ @TOR_ZLIB_LIBS@ \
- 	@TOR_LIB_WS32@ @TOR_LIB_GDI@ @CURVE25519_LIBS@ @TOR_SYSTEMD_LIBS@
- 
- if COVERAGE_ENABLED
-diff -uNr tor-0.2.7.6.org/src/test/include.am tor-0.2.7.6/src/test/include.am
---- tor-0.2.7.6.org/src/test/include.am	2015-12-08 18:35:17.000000000 +0100
-+++ tor-0.2.7.6/src/test/include.am	2016-01-31 20:25:59.673127854 +0100
-@@ -177,8 +177,8 @@
- 	src/common/libor-ctime-testing.a \
+ 	@TOR_LIB_WS32@ @TOR_LIB_GDI@ @CURVE25519_LIBS@ @TOR_SYSTEMD_LIBS@ \
+ 	@TOR_LZMA_LIBS@ @TOR_ZSTD_LIBS@ \
+ 	$(rust_ldadd)
+diff -uNr tor-0.3.1.7.org/src/test/include.am tor-0.3.1.7/src/test/include.am
+--- tor-0.3.1.7.org/src/test/include.am	2017-08-29 17:01:19.000000000 +0200
++++ tor-0.3.1.7/src/test/include.am	2017-09-19 19:42:39.103903406 +0200
+@@ -206,8 +206,8 @@
  	src/common/libor-event-testing.a \
  	src/trunnel/libor-trunnel-testing.a \
+ 	src/trace/libor-trace.a \
 -	@TOR_ZLIB_LIBS@ @TOR_LIB_MATH@ @TOR_LIBEVENT_LIBS@ \
 -	@TOR_OPENSSL_LIBS@ @TOR_LIB_WS32@ @TOR_LIB_GDI@ @CURVE25519_LIBS@ \
 +	@TOR_LIB_MATH@ @TOR_LIBEVENT_LIBS@ \
 +	@TOR_OPENSSL_LIBS@ @TOR_ZLIB_LIBS@ @TOR_LIB_WS32@ @TOR_LIB_GDI@ @CURVE25519_LIBS@ \
- 	@TOR_SYSTEMD_LIBS@
+ 	@TOR_SYSTEMD_LIBS@ @TOR_LZMA_LIBS@ @TOR_ZSTD_LIBS@ \
+ 	$(rust_ldadd)
  
- src_test_test_slow_CPPFLAGS = $(src_test_test_CPPFLAGS)
-@@ -200,8 +200,8 @@
- 	src/common/libor-ctime.a \
+@@ -231,8 +231,8 @@
  	src/common/libor-crypto.a $(LIBKECCAK_TINY) $(LIBDONNA) \
  	src/common/libor-event.a src/trunnel/libor-trunnel.a \
+ 	src/trace/libor-trace.a \
 -	@TOR_ZLIB_LIBS@ @TOR_LIB_MATH@ @TOR_LIBEVENT_LIBS@ \
 -	@TOR_OPENSSL_LIBS@ @TOR_LIB_WS32@ @TOR_LIB_GDI@ @CURVE25519_LIBS@ \
 +	@TOR_LIB_MATH@ @TOR_LIBEVENT_LIBS@ \
 +	@TOR_OPENSSL_LIBS@ @TOR_ZLIB_LIBS@ @TOR_LIB_WS32@ @TOR_LIB_GDI@ @CURVE25519_LIBS@ \
- 	@TOR_SYSTEMD_LIBS@
+ 	@TOR_SYSTEMD_LIBS@ @TOR_LZMA_LIBS@ @TOR_ZSTD_LIBS@ \
+ 	$(rust_ldadd)
  
- src_test_test_workqueue_LDFLAGS = @TOR_LDFLAGS_zlib@ @TOR_LDFLAGS_openssl@ \
-@@ -211,8 +211,8 @@
- 	src/common/libor-ctime-testing.a \
+@@ -244,8 +244,8 @@
  	src/common/libor-crypto-testing.a $(LIBKECCAK_TINY) $(LIBDONNA) \
  	src/common/libor-event-testing.a \
+ 	src/trace/libor-trace.a \
 -	@TOR_ZLIB_LIBS@ @TOR_LIB_MATH@ @TOR_LIBEVENT_LIBS@ \
--	@TOR_OPENSSL_LIBS@ @TOR_LIB_WS32@ @TOR_LIB_GDI@ @CURVE25519_LIBS@
+-	@TOR_OPENSSL_LIBS@ @TOR_LIB_WS32@ @TOR_LIB_GDI@ @CURVE25519_LIBS@ \
 +	@TOR_LIB_MATH@ @TOR_LIBEVENT_LIBS@ \
-+	@TOR_OPENSSL_LIBS@ @TOR_ZLIB_LIBS@ @TOR_LIB_WS32@ @TOR_LIB_GDI@ @CURVE25519_LIBS@
++	@TOR_OPENSSL_LIBS@ @TOR_ZLIB_LIBS@ @TOR_LIB_WS32@ @TOR_LIB_GDI@ @CURVE25519_LIBS@ \
+ 	@TOR_LZMA_LIBS@ @TOR_ZSTD_LIBS@ \
+ 	$(rust_ldadd)
  
- src_test_test_timers_CPPFLAGS = $(src_test_test_CPPFLAGS)
- src_test_test_timers_CFLAGS = $(src_test_test_CFLAGS)
-@@ -245,8 +245,8 @@
- src_test_test_ntor_cl_LDADD = src/or/libtor.a src/common/libor.a \
+@@ -256,8 +256,8 @@
+ 	src/common/libor-ctime-testing.a \
+ 	src/common/libor-event-testing.a \
+ 	src/common/libor-crypto-testing.a $(LIBKECCAK_TINY) $(LIBDONNA) \
+-	@TOR_ZLIB_LIBS@ @TOR_LIB_MATH@ @TOR_LIBEVENT_LIBS@ \
+-	@TOR_OPENSSL_LIBS@ @TOR_LIB_WS32@ @TOR_LIB_GDI@ @CURVE25519_LIBS@ \
++	@TOR_LIB_MATH@ @TOR_LIBEVENT_LIBS@ \
++	@TOR_OPENSSL_LIBS@ @TOR_ZLIB_LIBS@ @TOR_LIB_WS32@ @TOR_LIB_GDI@ @CURVE25519_LIBS@ \
+ 	@TOR_LZMA_LIBS@ \
+ 	$(rust_ldadd)
+ src_test_test_timers_LDFLAGS = $(src_test_test_LDFLAGS)
+@@ -286,8 +286,8 @@
+ 	src/common/libor-ctime.a \
+ 	src/common/libor-crypto.a $(LIBKECCAK_TINY) $(LIBDONNA) \
+ 	src/trace/libor-trace.a \
+-	@TOR_ZLIB_LIBS@ @TOR_LIB_MATH@ \
+-	@TOR_OPENSSL_LIBS@ @TOR_LIB_WS32@ @TOR_LIB_GDI@ @CURVE25519_LIBS@ \
++	@TOR_LIB_MATH@ \
++	@TOR_OPENSSL_LIBS@ @TOR_ZLIB_LIBS@ @TOR_LIB_WS32@ @TOR_LIB_GDI@ @CURVE25519_LIBS@ \
+ 	@TOR_LZMA_LIBS@ \
+ 	$(rust_ldadd)
+ src_test_test_ntor_cl_AM_CPPFLAGS =	       \
+@@ -298,8 +298,8 @@
+ src_test_test_hs_ntor_cl_LDADD = src/or/libtor.a src/common/libor.a \
  	src/common/libor-ctime.a \
  	src/common/libor-crypto.a $(LIBKECCAK_TINY) $(LIBDONNA) \
 -	@TOR_ZLIB_LIBS@ @TOR_LIB_MATH@ \
 -	@TOR_OPENSSL_LIBS@ @TOR_LIB_WS32@ @TOR_LIB_GDI@ @CURVE25519_LIBS@
 +	@TOR_LIB_MATH@ \
 +	@TOR_OPENSSL_LIBS@ @TOR_ZLIB_LIBS@ @TOR_LIB_WS32@ @TOR_LIB_GDI@ @CURVE25519_LIBS@
- src_test_test_ntor_cl_AM_CPPFLAGS =	       \
+ src_test_test_hs_ntor_cl_AM_CPPFLAGS =	       \
  	-I"$(top_srcdir)/src/or"
  
-diff -uNr tor-0.2.7.6.org/src/tools/include.am tor-0.2.7.6/src/tools/include.am
---- tor-0.2.7.6.org/src/tools/include.am	2015-11-13 14:33:26.000000000 +0100
-+++ tor-0.2.7.6/src/tools/include.am	2016-01-31 20:27:29.954004495 +0100
+diff -uNr tor-0.3.1.7.org/src/tools/include.am tor-0.3.1.7/src/tools/include.am
+--- tor-0.3.1.7.org/src/tools/include.am	2017-06-19 17:56:51.000000000 +0200
++++ tor-0.3.1.7/src/tools/include.am	2017-09-19 19:43:08.880223260 +0200
 @@ -26,7 +26,7 @@
-     src/common/libor-ctime.a \
-     $(LIBKECCAK_TINY) \
-     $(LIBDONNA) \
--    @TOR_LIB_MATH@ @TOR_ZLIB_LIBS@ @TOR_OPENSSL_LIBS@ \
-+    @TOR_LIB_MATH@ @TOR_OPENSSL_LIBS@ @TOR_ZLIB_LIBS@ \
-     @TOR_LIB_WS32@ @TOR_LIB_GDI@ @CURVE25519_LIBS@
+ 	src/common/libor-ctime.a \
+ 	$(LIBKECCAK_TINY) \
+ 	$(LIBDONNA) \
+-	@TOR_LIB_MATH@ @TOR_ZLIB_LIBS@ @TOR_OPENSSL_LIBS@ \
++	@TOR_LIB_MATH@ @TOR_OPENSSL_LIBS@ @TOR_ZLIB_LIBS@ \
+ 	@TOR_LIB_WS32@ @TOR_LIB_GDI@ @CURVE25519_LIBS@ \
+ 	$(rust_ldadd)
  
- if COVERAGE_ENABLED
-@@ -39,7 +39,7 @@
+@@ -40,7 +40,7 @@
      src/common/libor-ctime-testing.a \
      $(LIBKECCAK_TINY) \
      $(LIBDONNA) \
@@ -105,12 +122,3 @@ diff -uNr tor-0.2.7.6.org/src/tools/include.am tor-0.2.7.6/src/tools/include.am
      @TOR_LIB_WS32@ @TOR_LIB_GDI@ @CURVE25519_LIBS@
  endif
  
-@@ -50,7 +50,7 @@
-     src/common/libor-crypto.a \
-     $(LIBKECCAK_TINY) \
-     $(LIBDONNA) \
--    @TOR_LIB_MATH@ @TOR_ZLIB_LIBS@ @TOR_OPENSSL_LIBS@ \
-+    @TOR_LIB_MATH@ @TOR_OPENSSL_LIBS@ @TOR_ZLIB_LIBS@ \
-     @TOR_LIB_WS32@ @TOR_LIB_GDI@ @CURVE25519_LIBS@
- 
- EXTRA_DIST += src/tools/tor-fw-helper/README
diff --git a/package/tor/tor.hash b/package/tor/tor.hash
index 3252306c32..fb8ddd0c0a 100644
--- a/package/tor/tor.hash
+++ b/package/tor/tor.hash
@@ -1,2 +1,2 @@
 # Locally computed
-sha256 9a8e6e49a1688dae64dca10f84a414ec9a4f393fb2256ae28e0c2e3239185ab1  tor-0.3.0.10.tar.gz
+sha256 1df5dd4894bb2f5e0dc96c466955146353cf33ac50cd997cfc1b28ea3ed9c08f  tor-0.3.1.7.tar.gz
diff --git a/package/tor/tor.mk b/package/tor/tor.mk
index 3a4c52ecf5..a68f29cac6 100644
--- a/package/tor/tor.mk
+++ b/package/tor/tor.mk
@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-TOR_VERSION = 0.3.0.10
+TOR_VERSION = 0.3.1.7
 TOR_SITE = https://dist.torproject.org
 TOR_LICENSE = BSD-3-Clause
 TOR_LICENSE_FILES = LICENSE
-- 
2.11.0

[Buildroot] [PATCH v2 2/4] package/tor: add optional support for lzma

[Bernd Kuhls]

According to https://blog.torproject.org/tor-0317-now-released
we also need host-pkgconf for lzma support.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
---
v2: no changes

 package/tor/tor.mk | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/package/tor/tor.mk b/package/tor/tor.mk
index a68f29cac6..6052e09cf1 100644
--- a/package/tor/tor.mk
+++ b/package/tor/tor.mk
@@ -30,6 +30,13 @@ ifeq ($(BR2_PACKAGE_LIBCAP),y)
 TOR_DEPENDENCIES += libcap
 endif
 
+ifeq ($(BR2_PACKAGE_XZ),y)
+TOR_CONF_OPTS += --enable-lzma
+TOR_DEPENDENCIES += host-pkgconf xz
+else
+TOR_CONF_OPTS += --disable-lzma
+endif
+
 ifeq ($(BR2_arm)$(BR2_armeb)$(BR2_i386)$(BR2_x86_64)$(BR2_PACKAGE_LIBSECCOMP),yy)
 TOR_CONF_OPTS += --enable-seccomp
 TOR_DEPENDENCIES += libseccomp
-- 
2.11.0

[Buildroot] [PATCH v2 3/4] package/zstd: enable library build and staging install

[Bernd Kuhls]

Needed for upcoming tor 0.3.1.7 which adds libzstd as optional
dependency: https://blog.torproject.org/tor-0317-now-released

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
---
v2: rebased

 package/zstd/zstd.mk | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/package/zstd/zstd.mk b/package/zstd/zstd.mk
index e836a81d62..88646eb16e 100644
--- a/package/zstd/zstd.mk
+++ b/package/zstd/zstd.mk
@@ -8,6 +8,7 @@ ZSTD_VERSION = v1.3.1
 ZSTD_SITE = $(call github,facebook,zstd,$(ZSTD_VERSION))
 ZSTD_LICENSE = BSD-3-Clause, GPL-2.0
 ZSTD_LICENSE_FILES = LICENSE COPYING
+ZSTD_INSTALL_STAGING = YES
 
 ifeq ($(BR2_TOOLCHAIN_HAS_THREADS),y)
 ZSTD_OPTS += HAVE_THREAD=1
@@ -38,7 +39,12 @@ endif
 
 define ZSTD_BUILD_CMDS
 	$(TARGET_MAKE_ENV) $(TARGET_CONFIGURE_OPTS) $(MAKE) $(ZSTD_OPTS) \
-		-C $(@D) zstd
+		-C $(@D)
+endef
+
+define ZSTD_INSTALL_STAGING_CMDS
+	$(TARGET_MAKE_ENV) $(TARGET_CONFIGURE_OPTS) $(MAKE) $(ZSTD_OPTS) \
+		DESTDIR=$(STAGING_DIR) PREFIX=/usr -C $(@D) install
 endef
 
 define ZSTD_INSTALL_TARGET_CMDS
-- 
2.11.0

[Buildroot] [PATCH v2 4/4] package/tor: add optional support for zstd

[Bernd Kuhls]

According to https://blog.torproject.org/tor-0317-now-released
we also need host-pkgconf for zstd support.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
---
v2: no changes

 package/tor/tor.mk | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/package/tor/tor.mk b/package/tor/tor.mk
index 6052e09cf1..7bce9d1b40 100644
--- a/package/tor/tor.mk
+++ b/package/tor/tor.mk
@@ -37,6 +37,13 @@ else
 TOR_CONF_OPTS += --disable-lzma
 endif
 
+ifeq ($(BR2_PACKAGE_ZSTD),y)
+TOR_CONF_OPTS += --enable-zstd
+TOR_DEPENDENCIES += host-pkgconf zstd
+else
+TOR_CONF_OPTS += --disable-zstd
+endif
+
 ifeq ($(BR2_arm)$(BR2_armeb)$(BR2_i386)$(BR2_x86_64)$(BR2_PACKAGE_LIBSECCOMP),yy)
 TOR_CONF_OPTS += --enable-seccomp
 TOR_DEPENDENCIES += libseccomp
-- 
2.11.0

[Buildroot] [PATCH v2 1/4] package/tor: security bump to version 0.3.1.7

[Arnout Vandecappelle]

On 23-09-17 10:46, Bernd Kuhls wrote:
> Quoted from release notes:
> https://blog.torproject.org/tor-0317-now-released
> "Tor 0.3.1.7 is the first stable release in the 0.3.1 series."
> 
> Fixes CVE-2017-0380:
> https://trac.torproject.org/projects/tor/ticket/23490
> 
> Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>

 Applied to master, thanks.

 Regards,
 Arnout


-- 
Arnout Vandecappelle                          arnout at mind be
Senior Embedded Software Architect            +32-16-286500
Essensium/Mind                                http://www.mind.be
G.Geenslaan 9, 3001 Leuven, Belgium           BE 872 984 063 RPR Leuven
LinkedIn profile: http://www.linkedin.com/in/arnoutvandecappelle
GPG fingerprint:  7493 020B C7E3 8618 8DEC 222C 82EB F404 F9AC 0DDF

[Buildroot] [PATCH v2 2/4] package/tor: add optional support for lzma

[Arnout Vandecappelle]

On 23-09-17 10:46, Bernd Kuhls wrote:
> According to https://blog.torproject.org/tor-0317-now-released
> we also need host-pkgconf for lzma support.
> 
> Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>

 Applied to master, thanks.

 Regards,
 Arnout


-- 
Arnout Vandecappelle                          arnout at mind be
Senior Embedded Software Architect            +32-16-286500
Essensium/Mind                                http://www.mind.be
G.Geenslaan 9, 3001 Leuven, Belgium           BE 872 984 063 RPR Leuven
LinkedIn profile: http://www.linkedin.com/in/arnoutvandecappelle
GPG fingerprint:  7493 020B C7E3 8618 8DEC 222C 82EB F404 F9AC 0DDF

[Buildroot] [PATCH v2 3/4] package/zstd: enable library build and staging install

[Arnout Vandecappelle]

 This doesn't look right...

On 23-09-17 10:46, Bernd Kuhls wrote:
> Needed for upcoming tor 0.3.1.7 which adds libzstd as optional
> dependency: https://blog.torproject.org/tor-0317-now-released
> 
> Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
> ---
> v2: rebased
> 
>  package/zstd/zstd.mk | 8 +++++++-
>  1 file changed, 7 insertions(+), 1 deletion(-)
> 
> diff --git a/package/zstd/zstd.mk b/package/zstd/zstd.mk
> index e836a81d62..88646eb16e 100644
> --- a/package/zstd/zstd.mk
> +++ b/package/zstd/zstd.mk
> @@ -8,6 +8,7 @@ ZSTD_VERSION = v1.3.1
>  ZSTD_SITE = $(call github,facebook,zstd,$(ZSTD_VERSION))
>  ZSTD_LICENSE = BSD-3-Clause, GPL-2.0
>  ZSTD_LICENSE_FILES = LICENSE COPYING
> +ZSTD_INSTALL_STAGING = YES
>  
>  ifeq ($(BR2_TOOLCHAIN_HAS_THREADS),y)
>  ZSTD_OPTS += HAVE_THREAD=1
> @@ -38,7 +39,12 @@ endif
>  
>  define ZSTD_BUILD_CMDS
>  	$(TARGET_MAKE_ENV) $(TARGET_CONFIGURE_OPTS) $(MAKE) $(ZSTD_OPTS) \
> -		-C $(@D) zstd
> +		-C $(@D)
> +endef
> +
> +define ZSTD_INSTALL_STAGING_CMDS
> +	$(TARGET_MAKE_ENV) $(TARGET_CONFIGURE_OPTS) $(MAKE) $(ZSTD_OPTS) \
> +		DESTDIR=$(STAGING_DIR) PREFIX=/usr -C $(@D) install

 It seems to install both a static and a shared library. But the target install
only installs the programs, not the shared library (since it has -C
$(@D)/programs). So if anyone actually links with that shared library, it will
give a runtime error. I guess tor does static linking so doesn't have that problem.

 The size of the shared library is almost as much as that of the executable
(roughly 300K), so I'm not sure if we need to introduce an option for it or not...

 Note that the program is linked with the object files directly, it's not linked
with the dynamic library, which makes installing the shared library a bit stupid...

 Regards,
 Arnout

>  endef
>  
>  define ZSTD_INSTALL_TARGET_CMDS
> 

-- 
Arnout Vandecappelle                          arnout at mind be
Senior Embedded Software Architect            +32-16-286500
Essensium/Mind                                http://www.mind.be
G.Geenslaan 9, 3001 Leuven, Belgium           BE 872 984 063 RPR Leuven
LinkedIn profile: http://www.linkedin.com/in/arnoutvandecappelle
GPG fingerprint:  7493 020B C7E3 8618 8DEC 222C 82EB F404 F9AC 0DDF

[Buildroot] [PATCH v2 1/4] package/tor: security bump to version 0.3.1.7

[Peter Korsgaard]

>>>>> "Bernd" == Bernd Kuhls <bernd.kuhls@t-online.de> writes:

 > Quoted from release notes:
 > https://blog.torproject.org/tor-0317-now-released
 > "Tor 0.3.1.7 is the first stable release in the 0.3.1 series."

 > Fixes CVE-2017-0380:
 > https://trac.torproject.org/projects/tor/ticket/23490

 > Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
 > ---
 > v2: added note about CVE-2017-0380 and updated subject

Committed to 2017.08.x, thanks.

-- 
Bye, Peter Korsgaard