Buildroot Archive on lore.kernel.org
 help / color / mirror / Atom feed
* [Buildroot] [PATCH 1/1] package/pcsc-lite: bump version to 1.8.20
From: Peter Korsgaard @ 2017-04-26 13:03 UTC (permalink / raw)
  To: buildroot
In-Reply-To: <20170426122600.ngu6qdfhsneanbje@sapphire.tkos.co.il>

>>>>> "Baruch" == Baruch Siach <baruch@tkos.co.il> writes:

 > Hi Peter,
 > On Wed, Apr 26, 2017 at 09:06:53AM +0200, Peter Korsgaard wrote:
 >> >>>>> "Bernd" == Bernd Kuhls <bernd.kuhls@t-online.de> writes:
 >> 
 >> > Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
 >> 
 >> Committed, thanks.

 > Not in master as of 0a0524876b2872.

Hmm, indeed - Fixed now. Thanks!

-- 
Bye, Peter Korsgaard

^ permalink raw reply

* [Buildroot] [git commit] package/pcsc-lite: bump version to 1.8.20
From: Peter Korsgaard @ 2017-04-26 13:03 UTC (permalink / raw)
  To: buildroot

commit: https://git.buildroot.net/buildroot/commit/?id=6538125e1fd66816933b549420decff6e8573efb
branch: https://git.buildroot.net/buildroot/commit/?id=refs/heads/master

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
---
 package/pcsc-lite/pcsc-lite.hash | 2 +-
 package/pcsc-lite/pcsc-lite.mk   | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/package/pcsc-lite/pcsc-lite.hash b/package/pcsc-lite/pcsc-lite.hash
index 3adb865..8df43a1 100644
--- a/package/pcsc-lite/pcsc-lite.hash
+++ b/package/pcsc-lite/pcsc-lite.hash
@@ -1,2 +1,2 @@
 # Locally calculated
-sha256 607c4bd730526d282a63edb2ba4ee043f497877be642c5c647e37995e21f2612 pcsc-lite-1.8.10.tar.bz2
+sha256 ec7d0114016c788c1c09859c84860f6cec6c4595436d23245105154b9c046bb2 pcsc-lite-1.8.20.tar.bz2
diff --git a/package/pcsc-lite/pcsc-lite.mk b/package/pcsc-lite/pcsc-lite.mk
index f868b85..c6c4962 100644
--- a/package/pcsc-lite/pcsc-lite.mk
+++ b/package/pcsc-lite/pcsc-lite.mk
@@ -4,9 +4,9 @@
 #
 ################################################################################
 
-PCSC_LITE_VERSION = 1.8.10
+PCSC_LITE_VERSION = 1.8.20
 PCSC_LITE_SOURCE = pcsc-lite-$(PCSC_LITE_VERSION).tar.bz2
-PCSC_LITE_SITE = http://alioth.debian.org/frs/download.php/file/3963
+PCSC_LITE_SITE = http://alioth.debian.org/frs/download.php/file/4203
 PCSC_LITE_INSTALL_STAGING = YES
 PCSC_LITE_DEPENDENCIES = host-pkgconf
 PCSC_LITE_LICENSE = BSD-3-Clause

^ permalink raw reply related

* [Buildroot] [PATCH] icu: add upstream security fix for utf-8 handling
From: Peter Korsgaard @ 2017-04-26 12:57 UTC (permalink / raw)
  To: buildroot

Fixes:

CVE-2017-7867 - International Components for Unicode (ICU) for C/C++ before
2017-02-13 has an out-of-bounds write caused by a heap-based buffer overflow
related to the utf8TextAccess function in common/utext.cpp and the
utext_setNativeIndex* function.

CVE-2017-7868 - International Components for Unicode (ICU) for C/C++ before
2017-02-13 has an out-of-bounds write caused by a heap-based buffer overflow
related to the utf8TextAccess function in common/utext.cpp and the
utext_moveIndex32* function.

Upstream: http://bugs.icu-project.org/trac/changeset/39671

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
---
 ...-utext-problems-with-handling-of-bad-utf8.patch | 173 +++++++++++++++++++++
 1 file changed, 173 insertions(+)
 create mode 100644 package/icu/0006-utext-problems-with-handling-of-bad-utf8.patch

diff --git a/package/icu/0006-utext-problems-with-handling-of-bad-utf8.patch b/package/icu/0006-utext-problems-with-handling-of-bad-utf8.patch
new file mode 100644
index 000000000..a4e51aef0
--- /dev/null
+++ b/package/icu/0006-utext-problems-with-handling-of-bad-utf8.patch
@@ -0,0 +1,173 @@
+ticket:12888 UText, problems with handling of bad UTF-8
+
+Fixes:
+
+CVE-2017-7867 - International Components for Unicode (ICU) for C/C++ before
+2017-02-13 has an out-of-bounds write caused by a heap-based buffer overflow
+related to the utf8TextAccess function in common/utext.cpp and the
+utext_setNativeIndex* function.
+
+CVE-2017-7868 - International Components for Unicode (ICU) for C/C++ before
+2017-02-13 has an out-of-bounds write caused by a heap-based buffer overflow
+related to the utf8TextAccess function in common/utext.cpp and the
+utext_moveIndex32* function.
+
+Upstream: http://bugs.icu-project.org/trac/changeset/39671
+
+Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
+
+Index: /trunk/icu4c/source/common/utext.cpp
+===================================================================
+--- icu4c/source/common/utext.cpp	(revision 39670)
++++ icu4c/source/common/utext.cpp	(revision 39671)
+@@ -848,7 +848,13 @@
+ 
+ // Chunk size.
+-//     Must be less than 85, because of byte mapping from UChar indexes to native indexes.
+-//     Worst case is three native bytes to one UChar.  (Supplemenaries are 4 native bytes
+-//     to two UChars.)
++//     Must be less than 42  (256/6), because of byte mapping from UChar indexes to native indexes.
++//     Worst case there are six UTF-8 bytes per UChar.
++//         obsolete 6 byte form fd + 5 trails maps to fffd
++//         obsolete 5 byte form fc + 4 trails maps to fffd
++//         non-shortest 4 byte forms maps to fffd
++//         normal supplementaries map to a pair of utf-16, two utf8 bytes per utf-16 unit
++//     mapToUChars array size must allow for the worst case, 6.
++//     This could be brought down to 4, by treating fd and fc as pure illegal,
++//     rather than obsolete lead bytes. But that is not compatible with the utf-8 access macros.
+ //
+ enum { UTF8_TEXT_CHUNK_SIZE=32 };
+@@ -890,5 +896,5 @@
+                                                      //    one for a supplementary starting in the last normal position,
+                                                      //    and one for an entry for the buffer limit position.
+-    uint8_t   mapToUChars[UTF8_TEXT_CHUNK_SIZE*3+6]; // Map native offset from bufNativeStart to
++    uint8_t   mapToUChars[UTF8_TEXT_CHUNK_SIZE*6+6]; // Map native offset from bufNativeStart to
+                                                      //   correspoding offset in filled part of buf.
+     int32_t   align;
+@@ -1033,4 +1039,5 @@
+             u8b = (UTF8Buf *)ut->p;   // the current buffer
+             mapIndex = ix - u8b->toUCharsMapStart;
++            U_ASSERT(mapIndex < (int32_t)sizeof(UTF8Buf::mapToUChars));
+             ut->chunkOffset = u8b->mapToUChars[mapIndex] - u8b->bufStartIdx;
+             return TRUE;
+@@ -1299,4 +1306,8 @@
+         //   If index is at the end, there is no character there to look at.
+         if (ix != ut->b) {
++            // Note: this function will only move the index back if it is on a trail byte
++            //       and there is a preceding lead byte and the sequence from the lead 
++            //       through this trail could be part of a valid UTF-8 sequence
++            //       Otherwise the index remains unchanged.
+             U8_SET_CP_START(s8, 0, ix);
+         }
+@@ -1312,5 +1323,8 @@
+         uint8_t *mapToNative = u8b->mapToNative;
+         uint8_t *mapToUChars = u8b->mapToUChars;
+-        int32_t  toUCharsMapStart = ix - (UTF8_TEXT_CHUNK_SIZE*3 + 1);
++        int32_t  toUCharsMapStart = ix - sizeof(UTF8Buf::mapToUChars) + 1;
++        // Note that toUCharsMapStart can be negative. Happens when the remaining
++        // text from current position to the beginning is less than the buffer size.
++        // + 1 because mapToUChars must have a slot at the end for the bufNativeLimit entry.
+         int32_t  destIx = UTF8_TEXT_CHUNK_SIZE+2;   // Start in the overflow region
+                                                     //   at end of buffer to leave room
+@@ -1339,4 +1353,5 @@
+                 // Special case ASCII range for speed.
+                 buf[destIx] = (UChar)c;
++                U_ASSERT(toUCharsMapStart <= srcIx);
+                 mapToUChars[srcIx - toUCharsMapStart] = (uint8_t)destIx;
+                 mapToNative[destIx] = (uint8_t)(srcIx - toUCharsMapStart);
+@@ -1368,4 +1383,5 @@
+                     mapToUChars[sIx-- - toUCharsMapStart] = (uint8_t)destIx;
+                 } while (sIx >= srcIx);
++                U_ASSERT(toUCharsMapStart <= (srcIx+1));
+ 
+                 // Set native indexing limit to be the current position.
+@@ -1542,4 +1558,5 @@
+     U_ASSERT(index<=ut->chunkNativeLimit);
+     int32_t mapIndex = index - u8b->toUCharsMapStart;
++    U_ASSERT(mapIndex < (int32_t)sizeof(UTF8Buf::mapToUChars));
+     int32_t offset = u8b->mapToUChars[mapIndex] - u8b->bufStartIdx;
+     U_ASSERT(offset>=0 && offset<=ut->chunkLength);
+Index: /trunk/icu4c/source/test/intltest/utxttest.cpp
+===================================================================
+--- icu4c/source/test/intltest/utxttest.cpp	(revision 39670)
++++ icu4c/source/test/intltest/utxttest.cpp	(revision 39671)
+@@ -68,4 +68,6 @@
+         case 7: name = "Ticket12130";
+             if (exec) Ticket12130(); break;
++        case 8: name = "Ticket12888";
++            if (exec) Ticket12888(); break;
+         default: name = "";          break;
+     }
+@@ -1584,2 +1586,62 @@
+     utext_close(&ut);
+ }
++
++// Ticket 12888: bad handling of illegal utf-8 containing many instances of the archaic, now illegal,
++//               six byte utf-8 forms. Original implementation had an assumption that
++//               there would be at most three utf-8 bytes per UTF-16 code unit.
++//               The five and six byte sequences map to a single replacement character.
++
++void UTextTest::Ticket12888() {
++    const char *badString = 
++            "\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80"
++            "\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80"
++            "\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80"
++            "\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80"
++            "\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80"
++            "\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80"
++            "\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80"
++            "\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80"
++            "\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80"
++            "\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80"
++            "\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80"
++            "\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80"
++            "\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80"
++            "\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80"
++            "\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80"
++            "\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80"
++            "\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80"
++            "\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80"
++            "\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80"
++            "\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80";
++
++    UErrorCode status = U_ZERO_ERROR;
++    LocalUTextPointer ut(utext_openUTF8(NULL, badString, -1, &status));
++    TEST_SUCCESS(status);
++    for (;;) {
++        UChar32 c = utext_next32(ut.getAlias());
++        if (c == U_SENTINEL) {
++            break;
++        }
++    }
++    int32_t endIdx = utext_getNativeIndex(ut.getAlias());
++    if (endIdx != (int32_t)strlen(badString)) {
++        errln("%s:%d expected=%d, actual=%d", __FILE__, __LINE__, strlen(badString), endIdx);
++        return;
++    }
++
++    for (int32_t prevIndex = endIdx; prevIndex>0;) {
++        UChar32 c = utext_previous32(ut.getAlias());
++        int32_t currentIndex = utext_getNativeIndex(ut.getAlias());
++        if (c != 0xfffd) {
++            errln("%s:%d (expected, actual, index) = (%d, %d, %d)\n",
++                    __FILE__, __LINE__, 0xfffd, c, currentIndex);
++            break;
++        }
++        if (currentIndex != prevIndex - 6) {
++            errln("%s:%d: wrong index. Expected, actual = %d, %d",
++                    __FILE__, __LINE__, prevIndex - 6, currentIndex);
++            break;
++        }
++        prevIndex = currentIndex;
++    }
++}
+Index: /trunk/icu4c/source/test/intltest/utxttest.h
+===================================================================
+--- icu4c/source/test/intltest/utxttest.h	(revision 39670)
++++ icu4c/source/test/intltest/utxttest.h	(revision 39671)
+@@ -39,4 +39,5 @@
+     void Ticket10983();
+     void Ticket12130();
++    void Ticket12888();
+ 
+ private:
-- 
2.11.0

^ permalink raw reply related

* [Buildroot] [PATCH 1/1] setlocalversion: fix detection of hg revision for untagged versions
From: Thomas De Schampheleire @ 2017-04-26 12:43 UTC (permalink / raw)
  To: buildroot

From: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>

By default, cut prints the entire line if the specified delimiter is not
present at all:

    $ printf "foo bar" | cut -d' ' -f2
    bar
    $ printf "foobar" | cut -d' ' -f2
    foobar

In setlocalversion, cut is presented with the output of 'hg id' which has
the format:

    "<revision> <tags-if-any>"

If the current revision is not tagged, the output of 'hg id' does not
contain the delimiter (space), cut prints the entire string, and
setlocalversion thinks the version is the tag.
As setlocalversion does not print anything for tagged versions, there is no
output overall, and no correct indication of the mercurial revision.

Fix by passing the extra cut option '--only-delimited', which suppresses
output if no delimiter is found.

This problem likely went unnoticed for so long, because the tag 'tip' (i.e.
most recent revision of the branch) is treated specially: in this case the
mercurial revision _is_ printed, i.e. the situation is treated as
'untagged'.
The problem is only seen when you are _not_ at the most recent revision in
your branch.

Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
---
 support/scripts/setlocalversion | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/support/scripts/setlocalversion b/support/scripts/setlocalversion
index adeeb78..33cd605 100755
--- a/support/scripts/setlocalversion
+++ b/support/scripts/setlocalversion
@@ -54,7 +54,7 @@ fi
 
 # Check for mercurial and a mercurial repo.
 if hgid=`hg id 2>/dev/null`; then
-	tag=`printf '%s' "$hgid" | cut -d' ' -f2`
+	tag=`printf '%s' "$hgid" | cut -d' ' -f2 --only-delimited`
 
 	# Do we have an untagged version?
 	if [ -z "$tag" -o "$tag" = tip ]; then
-- 
2.10.2

^ permalink raw reply related

* [Buildroot] [PATCH v2] x11vnc: update to 0.9.14
From: Martin Kepplinger @ 2017-04-26 12:37 UTC (permalink / raw)
  To: buildroot
In-Reply-To: <20170426100320.00702ce9@free-electrons.com>

This uses x11vnc's new upstream location at github. Autoreconf is
added because it's really only a code snapshot release.

Signed-off-by: Martin Kepplinger <martin.kepplinger@ginzinger.com>
---

In the end you're right and there's nothing special here. Without any reason,
buildroot doesn't hold on an old version. People do releases. People break
stuff. People fix stuff. Since I happen to need a fix in the upcoming 0.9.15
this is probably more reason to randomly update than other updates have.

... I tested it. For me, using Xfbdev, this 0.9.14 works just fine :)


revision history
----------------
v2: use the github helper instead of a URL
v1: initial proposal to update 0.9.13 to 0.9.14


 package/x11vnc/x11vnc.hash | 2 +-
 package/x11vnc/x11vnc.mk   | 6 ++++--
 2 files changed, 5 insertions(+), 3 deletions(-)

diff --git a/package/x11vnc/x11vnc.hash b/package/x11vnc/x11vnc.hash
index 5828b12..3cdbfa1 100644
--- a/package/x11vnc/x11vnc.hash
+++ b/package/x11vnc/x11vnc.hash
@@ -1,2 +1,2 @@
 # Locally computed:
-sha256  f6829f2e629667a5284de62b080b13126a0736499fe47cdb447aedb07a59f13b  x11vnc-0.9.13.tar.gz
+sha256  45f87c5e4382988c73e8c7891ac2bfb45d8f9ce1196ae06651c84636684ea143  x11vnc-0.9.14.tar.gz
diff --git a/package/x11vnc/x11vnc.mk b/package/x11vnc/x11vnc.mk
index 9f4af12..6c862dd 100644
--- a/package/x11vnc/x11vnc.mk
+++ b/package/x11vnc/x11vnc.mk
@@ -4,8 +4,8 @@
 #
 ################################################################################
 
-X11VNC_VERSION = 0.9.13
-X11VNC_SITE = http://downloads.sourceforge.net/project/libvncserver/x11vnc/$(X11VNC_VERSION)
+X11VNC_VERSION = 0.9.14
+X11VNC_SITE = $(call github,LibVNC,x11vnc,$(X11VNC_VERSION))
 # sdl support is not used in x11vnc, but host include / library search paths
 # leak in if host has sdl-config
 X11VNC_CONF_OPTS = --without-sdl
@@ -13,6 +13,8 @@ X11VNC_DEPENDENCIES = xlib_libXt xlib_libXext xlib_libXtst
 X11VNC_LICENSE = GPL-2.0+
 X11VNC_LICENSE_FILES = COPYING
 
+X11VNC_AUTORECONF = YES
+
 ifeq ($(BR2_PACKAGE_AVAHI_DAEMON)$(BR2_PACKAGE_DBUS),yy)
 X11VNC_DEPENDENCIES += avahi dbus
 else
-- 
2.1.4

^ permalink raw reply related

* [Buildroot] [autobuild.buildroot.net] Build results for 2017-04-25
From: Vlad Zakharov @ 2017-04-26 12:31 UTC (permalink / raw)
  To: buildroot
In-Reply-To: <20170426142020.41d27312@free-electrons.com>

Hi Thomas, Carlos,

On Wed, 2017-04-26 at 14:20 +0200, Thomas Petazzoni wrote:
> Hello,
> 
> On Wed, 26 Apr 2017 08:07:51 -0300 (BRT), Carlos Santos wrote:
> > 
> > > 
> > > From: "Thomas Petazzoni" <thomas.petazzoni@free-electrons.com>
> > > To: buildroot at buildroot.org
> > > Sent: Wednesday, April 26, 2017 3:28:39 AM
> > > Subject: [Buildroot] [autobuild.buildroot.net] Build results for 2017-04-25??
> > ---8<---
> > > 
> > > Build statistics for 2017-04-25
> > > ================================
> > > ????????arc |??????????????util-linux-2.29.2 | NOK |
> > > ????????https://urldefense.proofpoint.com/v2/url?u=http-3A__autobuild.buildroot.net_results_9bf1c9e84cab64bccc3c86
> > > a8a2899cd71b8f91d4&d=DwICAg&c=DPL6_X_6JkXFx7AXWqB0tg&r=TGSQU5OmhW2MMpwoOAMzisELo4MA911p_P_3e_q7vKU&m=N9a4hmvdGH1D2
> > > rs8RbKNEdMRhDWW1f37sVYgRbeq7o8&s=wrrO_-jpofxrQQkZ0cdGnk6cOtLqTTZcE2y7F6NWyOQ&e=???
> > ---8<---
> > 
> > Regression caused by commit 5f8ef7e25c5cc5c2e4ae4c8b6e8caa029ddf9a94.
> > 
> > Should we revert it?
> 
> Let's wait a bit for Vlad's input on this, Synopsys is usually quite
> reactive in providing fixes for toolchain issues on ARC.
> 
> Vlad?

Yes, we are already looking at the issue and I hope we will provide a fix pretty soon.

So please don't revert it - we will either update our toolchain version or provide of-the-tree patches to "cure" this
problem ASAP.

Thanks.

> 
> Thomas
-- 
Best regards,
Vlad Zakharov <vzakhar@synopsys.com>

^ permalink raw reply

* [Buildroot] [PATCH] DEVELOPERS: remove bouncing email address
From: Baruch Siach @ 2017-04-26 12:31 UTC (permalink / raw)
  To: buildroot

The DEVELOPERS email address of Waldemar Rymarkiewicz is bouncing. Remove his
entry.

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
---
 DEVELOPERS | 4 ----
 1 file changed, 4 deletions(-)

diff --git a/DEVELOPERS b/DEVELOPERS
index 123a8f92808c..985fa73dc287 100644
--- a/DEVELOPERS
+++ b/DEVELOPERS
@@ -1654,10 +1654,6 @@ F:	package/uclibc/
 F:	package/uclibc-ng-test/
 F:	package/mksh/
 
-N:	Waldemar Rymarkiewicz <waldemar.rymarkiewicz@tieto.com>
-F:	package/ccid/
-F:	package/pcsc-lite/
-
 N:	Will Newton <will.newton@gmail.com>
 F:	package/enchant/
 F:	package/erlang/
-- 
2.11.0

^ permalink raw reply related

* [Buildroot] [PATCH 1/1] package/pcsc-lite: bump version to 1.8.20
From: Baruch Siach @ 2017-04-26 12:26 UTC (permalink / raw)
  To: buildroot
In-Reply-To: <87bmrjprzm.fsf@dell.be.48ers.dk>

Hi Peter,

On Wed, Apr 26, 2017 at 09:06:53AM +0200, Peter Korsgaard wrote:
> >>>>> "Bernd" == Bernd Kuhls <bernd.kuhls@t-online.de> writes:
> 
>  > Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
> 
> Committed, thanks.

Not in master as of 0a0524876b2872.

baruch

-- 
     http://baruch.siach.name/blog/                  ~. .~   Tk Open Systems
=}------------------------------------------------ooO--U--Ooo------------{=
   - baruch at tkos.co.il - tel: +972.2.679.5364, http://www.tkos.co.il -

^ permalink raw reply

* [Buildroot] [autobuild.buildroot.net] Build results for 2017-04-25
From: Thomas Petazzoni @ 2017-04-26 12:20 UTC (permalink / raw)
  To: buildroot
In-Reply-To: <1101594360.20478325.1493204871665.JavaMail.zimbra@datacom.ind.br>

Hello,

On Wed, 26 Apr 2017 08:07:51 -0300 (BRT), Carlos Santos wrote:
> > From: "Thomas Petazzoni" <thomas.petazzoni@free-electrons.com>
> > To: buildroot at buildroot.org
> > Sent: Wednesday, April 26, 2017 3:28:39 AM
> > Subject: [Buildroot] [autobuild.buildroot.net] Build results for 2017-04-25  
> ---8<---
> > Build statistics for 2017-04-25
> > ================================
> >         arc |              util-linux-2.29.2 | NOK |
> >         http://autobuild.buildroot.net/results/9bf1c9e84cab64bccc3c86a8a2899cd71b8f91d4  
> ---8<---
> 
> Regression caused by commit 5f8ef7e25c5cc5c2e4ae4c8b6e8caa029ddf9a94.
> 
> Should we revert it?

Let's wait a bit for Vlad's input on this, Synopsys is usually quite
reactive in providing fixes for toolchain issues on ARC.

Vlad?

Thomas
-- 
Thomas Petazzoni, CTO, Free Electrons
Embedded Linux and Kernel engineering
http://free-electrons.com

^ permalink raw reply

* [Buildroot] [PATCH] libsndfile: security bump to version 1.0.28
From: Peter Korsgaard @ 2017-04-26 11:52 UTC (permalink / raw)
  To: buildroot

Fixes:

CVE-2017-7585 - In libsndfile before 1.0.28, an error in the
"flac_buffer_copy()" function (flac.c) can be exploited to cause a
stack-based buffer overflow via a specially crafted FLAC file.

CVE-2017-7586 - In libsndfile before 1.0.28, an error in the "header_read()"
function (common.c) when handling ID3 tags can be exploited to cause a
stack-based buffer overflow via a specially crafted FLAC file.

CVE-2017-7741 - In libsndfile before 1.0.28, an error in the
"flac_buffer_copy()" function (flac.c) can be exploited to cause a
segmentation violation (with write memory access) via a specially crafted
FLAC file during a resample attempt, a similar issue to CVE-2017-7585.

CVE-2017-7742 - In libsndfile before 1.0.28, an error in the
"flac_buffer_copy()" function (flac.c) can be exploited to cause a
segmentation violation (with read memory access) via a specially crafted
FLAC file during a resample attempt, a similar issue to CVE-2017-7585.

Dop undocumented patch adjusting SUBDIRS in Makefile.in as it no longer
applies.  Instead pass --disable-full-suite to disable man pages,
documentation and programs, as that was presumably the reason for the patch.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
---
 package/libsndfile/0001-srconly.patch | 17 -----------------
 package/libsndfile/libsndfile.hash    |  2 +-
 package/libsndfile/libsndfile.mk      |  5 +++--
 3 files changed, 4 insertions(+), 20 deletions(-)
 delete mode 100644 package/libsndfile/0001-srconly.patch

diff --git a/package/libsndfile/0001-srconly.patch b/package/libsndfile/0001-srconly.patch
deleted file mode 100644
index 417e34072..000000000
--- a/package/libsndfile/0001-srconly.patch
+++ /dev/null
@@ -1,17 +0,0 @@
----
- Makefile.in |    2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-Index: libsndfile-1.0.18/Makefile.in
-===================================================================
---- libsndfile-1.0.18.orig/Makefile.in
-+++ libsndfile-1.0.18/Makefile.in
-@@ -260,7 +260,7 @@
- top_srcdir = @top_srcdir@
- DISTCHECK_CONFIGURE_FLAGS = --enable-gcc-werror
- @BUILD_OCTAVE_MOD_TRUE at octave_dir = Octave
--SUBDIRS = M4 man doc Win32 src $(octave_dir) examples regtest tests programs
-+SUBDIRS = src
- DIST_SUBDIRS = M4 man doc Win32 src Octave examples regtest tests programs
- EXTRA_DIST = libsndfile.spec.in sndfile.pc.in Mingw-make-dist.sh
- pkgconfigdir = $(libdir)/pkgconfig
diff --git a/package/libsndfile/libsndfile.hash b/package/libsndfile/libsndfile.hash
index a87b7c308..31500cd97 100644
--- a/package/libsndfile/libsndfile.hash
+++ b/package/libsndfile/libsndfile.hash
@@ -1,2 +1,2 @@
 # Locally calculated after checking pgp signature
-sha256	a391952f27f4a92ceb2b4c06493ac107896ed6c76be9a613a4731f076d30fac0	libsndfile-1.0.27.tar.gz
+sha256	1ff33929f042fa333aed1e8923aa628c3ee9e1eb85512686c55092d1e5a9dfa9	libsndfile-1.0.28.tar.gz
diff --git a/package/libsndfile/libsndfile.mk b/package/libsndfile/libsndfile.mk
index 936f4be21..22909ffb6 100644
--- a/package/libsndfile/libsndfile.mk
+++ b/package/libsndfile/libsndfile.mk
@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-LIBSNDFILE_VERSION = 1.0.27
+LIBSNDFILE_VERSION = 1.0.28
 LIBSNDFILE_SITE = http://www.mega-nerd.com/libsndfile/files
 LIBSNDFILE_INSTALL_STAGING = YES
 LIBSNDFILE_LICENSE = LGPL-2.1+
@@ -13,6 +13,7 @@ LIBSNDFILE_LICENSE_FILES = COPYING
 LIBSNDFILE_CONF_OPTS = \
 	--disable-sqlite \
 	--disable-alsa \
-	--disable-external-libs
+	--disable-external-libs \
+	--disable-full-suite
 
 $(eval $(autotools-package))
-- 
2.11.0

^ permalink raw reply related

* [Buildroot] [autobuild.buildroot.net] Build results for 2017-04-25
From: Carlos Santos @ 2017-04-26 11:07 UTC (permalink / raw)
  To: buildroot
In-Reply-To: <20170426062839.7446620CA4@mail.free-electrons.com>

> From: "Thomas Petazzoni" <thomas.petazzoni@free-electrons.com>
> To: buildroot at buildroot.org
> Sent: Wednesday, April 26, 2017 3:28:39 AM
> Subject: [Buildroot] [autobuild.buildroot.net] Build results for 2017-04-25
---8<---
> Build statistics for 2017-04-25
> ================================
>         arc |              util-linux-2.29.2 | NOK |
>         http://autobuild.buildroot.net/results/9bf1c9e84cab64bccc3c86a8a2899cd71b8f91d4
---8<---

Regression caused by commit 5f8ef7e25c5cc5c2e4ae4c8b6e8caa029ddf9a94.

Should we revert it?

-- 
Carlos Santos (Casantos) - DATACOM, P&D
?The greatest triumph that modern PR can offer is the transcendent 
success of having your words and actions judged by your reputation, 
rather than the other way about.? ? Christopher Hitchens

^ permalink raw reply

* [Buildroot] [PATCH] buildroot: adding perftest and necessary libraries
From: Joao Pinto @ 2017-04-26 11:00 UTC (permalink / raw)
  To: buildroot

This patch adds the tool perftest, which a collection of tests
written using Infiniband verbs intended for use as a performance
micro-benchmark. The tests can measure the latency and bandwidth
of Infiniband fabrics. It also adds 3 necessary libraries:

a) libibverbs (library that allows userspace processes to use RDMA "verbs")
b) librdmacm (library that allows applications to set up reliable connected
and unreliable datagram transfers when using RDMA adapters)
c) libibumad (library that provides userspace Infiniband Management Datagram
(uMAD) functions which sit on top of the uMAD modules in the kernel)

Signed-off-by: Joao Pinto <jpinto@synopsys.com>
---
 package/Config.in                                  |  4 +++
 .../0001-fix-cross-compilation-error.patch         | 29 ++++++++++++++++++++++
 package/libibumad/Config.in                        |  9 +++++++
 package/libibumad/libibumad.hash                   |  2 ++
 package/libibumad/libibumad.mk                     | 12 +++++++++
 package/libibverbs/Config.in                       |  8 ++++++
 package/libibverbs/libibverbs.hash                 |  2 ++
 package/libibverbs/libibverbs.mk                   | 19 ++++++++++++++
 package/librdmacm/Config.in                        |  8 ++++++
 package/librdmacm/librdmacm.hash                   |  2 ++
 package/librdmacm/librdmacm.mk                     | 12 +++++++++
 package/perftest/Config.in                         | 10 ++++++++
 package/perftest/perftest.hash                     |  2 ++
 package/perftest/perftest.mk                       | 19 ++++++++++++++
 14 files changed, 138 insertions(+)
 create mode 100644 package/libibumad/0001-fix-cross-compilation-error.patch
 create mode 100644 package/libibumad/Config.in
 create mode 100644 package/libibumad/libibumad.hash
 create mode 100644 package/libibumad/libibumad.mk
 create mode 100644 package/libibverbs/Config.in
 create mode 100644 package/libibverbs/libibverbs.hash
 create mode 100644 package/libibverbs/libibverbs.mk
 create mode 100644 package/librdmacm/Config.in
 create mode 100644 package/librdmacm/librdmacm.hash
 create mode 100644 package/librdmacm/librdmacm.mk
 create mode 100644 package/perftest/Config.in
 create mode 100644 package/perftest/perftest.hash
 create mode 100644 package/perftest/perftest.mk

diff --git a/package/Config.in b/package/Config.in
index 4eaa95b..031f0dc 100644
--- a/package/Config.in
+++ b/package/Config.in
@@ -1261,6 +1261,8 @@ menu "Networking"
 	source "package/libfcgi/Config.in"
 	source "package/libgsasl/Config.in"
 	source "package/libhttpparser/Config.in"
+	source "package/libibumad/Config.in"
+	source "package/libibverbs/Config.in"
 	source "package/libidn/Config.in"
 	source "package/libiscsi/Config.in"
 	source "package/libldns/Config.in"
@@ -1289,6 +1291,7 @@ menu "Networking"
 	source "package/libosip2/Config.in"
 	source "package/libpcap/Config.in"
 	source "package/libpjsip/Config.in"
+	source "package/librdmacm/Config.in"
 	source "package/librsync/Config.in"
 	source "package/libshairplay/Config.in"
 	source "package/libshout/Config.in"
@@ -1643,6 +1646,7 @@ endif
 	source "package/openswan/Config.in"
 	source "package/openvpn/Config.in"
 	source "package/p910nd/Config.in"
+	source "package/perftest/Config.in"
 	source "package/phidgetwebservice/Config.in"
 	source "package/phytool/Config.in"
 	source "package/pound/Config.in"
diff --git a/package/libibumad/0001-fix-cross-compilation-error.patch b/package/libibumad/0001-fix-cross-compilation-error.patch
new file mode 100644
index 0000000..e137d01
--- /dev/null
+++ b/package/libibumad/0001-fix-cross-compilation-error.patch
@@ -0,0 +1,29 @@
+From bb999ab4e2529accfbde97165964074a1ace2389 Mon Sep 17 00:00:00 20010001-buildroot-adding-perftest-and-libraries.patch
+Message-Id: <bb999ab4e2529accfbde97165964074a1ace2389.1492783647.git.jpinto@synopsys.com>
+From: Joao Pinto <jpinto@synopsys.com>
+Date: Fri, 21 Apr 2017 15:07:12 +0100
+Subject: [PATCH] fix cross compilation error
+
+This patch fixes the cross-compilation error "ERROR: unsafe header/library path
+used in cross-compilation: '-I/usr/include'".
+
+Signed-off-by: Joao Pinto <jpinto@synopsys.com>
+---
+ Makefile.in | 1 -
+ 1 file changed, 1 deletion(-)
+
+diff --git a/Makefile.in b/Makefile.in
+index 2b50610..eb38dec 100644
+--- a/Makefile.in
++++ b/Makefile.in
+@@ -296,7 +296,6 @@ ACLOCAL_AMFLAGS = -I config
+ SUBDIRS = .
+ INCLUDES = -I$(srcdir)/include/infiniband \
+ 	   -I$(srcdir)/include \
+-	   -I$(includedir)
+ 
+ man_MANS = man/umad_debug.3 man/umad_get_ca.3 \
+ 	   man/umad_get_ca_portguids.3 man/umad_get_cas_names.3 \
+-- 
+2.9.3
+
diff --git a/package/libibumad/Config.in b/package/libibumad/Config.in
new file mode 100644
index 0000000..bd981a2
--- /dev/null
+++ b/package/libibumad/Config.in
@@ -0,0 +1,9 @@
+config BR2_PACKAGE_LIBIBUMAD
+	bool "libibumad"
+	select BR2_PACKAGE_LIBIBVERBS
+	help
+	  It is a library that provides userspace Infiniband Management
+	  Datagram (uMAD) functions which sit on top of the uMAD modules in the
+	  kernel. These are used by InfiniBand diagnostic and management tools.
+
+	  https://www.openfabrics.org
diff --git a/package/libibumad/libibumad.hash b/package/libibumad/libibumad.hash
new file mode 100644
index 0000000..c01d477
--- /dev/null
+++ b/package/libibumad/libibumad.hash
@@ -0,0 +1,2 @@
+# Locally calculated
+sha256 500f74e31bd9f3d6c32dea912de3a2d1b299f3f23d7abd893652dd45c77a7e2e libibumad-1.3.10.2.tar.gz
diff --git a/package/libibumad/libibumad.mk b/package/libibumad/libibumad.mk
new file mode 100644
index 0000000..6379948
--- /dev/null
+++ b/package/libibumad/libibumad.mk
@@ -0,0 +1,12 @@
+################################################################################
+#
+# LIBIBUMAD
+#
+################################################################################
+
+LIBIBUMAD_VERSION = 1.3.10.2
+LIBIBUMAD_SOURCE = libibumad-$(LIBIBUMAD_VERSION).tar.gz
+LIBIBUMAD_SITE = https://www.openfabrics.org/downloads/management
+LIBIBUMAD_INSTALL_STAGING = YES
+
+$(eval $(autotools-package))
diff --git a/package/libibverbs/Config.in b/package/libibverbs/Config.in
new file mode 100644
index 0000000..dd47022
--- /dev/null
+++ b/package/libibverbs/Config.in
@@ -0,0 +1,8 @@
+config BR2_PACKAGE_LIBIBVERBS
+	bool "libibverbs"
+	help
+	  It is a library that allows userspace processes to use RDMA "verbs"
+	  as described in the InfiniBand Architecture Specification and the
+	  RDMA Protocol Verbs Specification.
+
+	  https://www.openfabrics.org
diff --git a/package/libibverbs/libibverbs.hash b/package/libibverbs/libibverbs.hash
new file mode 100644
index 0000000..08773a9
--- /dev/null
+++ b/package/libibverbs/libibverbs.hash
@@ -0,0 +1,2 @@
+# Locally calculated
+sha256 844b4d50d476ebbaaf601929641b0e3c51d58daf56c7269914c1edc32c8beeec libibverbs-1.1.7.tar.gz
diff --git a/package/libibverbs/libibverbs.mk b/package/libibverbs/libibverbs.mk
new file mode 100644
index 0000000..859e1f3
--- /dev/null
+++ b/package/libibverbs/libibverbs.mk
@@ -0,0 +1,19 @@
+################################################################################
+#
+# LIBIBVERBS
+#
+################################################################################
+
+LIBIBVERBS_VERSION = 1.1.7
+LIBIBVERBS_SOURCE = libibverbs-$(LIBIBVERBS_VERSION).tar.gz
+LIBIBVERBS_SITE = https://git.kernel.org/pub/scm/libs/infiniband/libibverbs.git/snapshot
+LIBIBVERBS_INSTALL_STAGING = YES
+
+# autogen.sh is because autotools stuff lives in other directories and
+# even AUTORECONF with _OPTS doesn't do it properly.
+define LIBIBVERBS_RUN_AUTOGEN
+	cd $(@D) && PATH=$(BR_PATH) ./autogen.sh
+endef
+LIBIBVERBS_POST_PATCH_HOOKS += LIBIBVERBS_RUN_AUTOGEN
+
+$(eval $(autotools-package))
diff --git a/package/librdmacm/Config.in b/package/librdmacm/Config.in
new file mode 100644
index 0000000..4c8a1dc
--- /dev/null
+++ b/package/librdmacm/Config.in
@@ -0,0 +1,8 @@
+config BR2_PACKAGE_LIBRDMACM
+	bool "librdmacm"
+	select BR2_PACKAGE_LIBIBVERBS
+	help
+	  It is a library that allows applications to set up reliable connected
+	  and unreliable datagram transfers when using RDMA adapters
+
+	  https://www.openfabrics.org
diff --git a/package/librdmacm/librdmacm.hash b/package/librdmacm/librdmacm.hash
new file mode 100644
index 0000000..3351bc5
--- /dev/null
+++ b/package/librdmacm/librdmacm.hash
@@ -0,0 +1,2 @@
+# Locally calculated
+sha256 b4a2a0a4f70c22611ca35aa8b9699420872803cba5af28ae3ca57dd90b60c6c6 librdmacm-1.0.15.tar.gz
diff --git a/package/librdmacm/librdmacm.mk b/package/librdmacm/librdmacm.mk
new file mode 100644
index 0000000..ac37c1f
--- /dev/null
+++ b/package/librdmacm/librdmacm.mk
@@ -0,0 +1,12 @@
+################################################################################
+#
+# LIBRDMACM
+#
+################################################################################
+
+LIBRDMACM_VERSION = 1.0.15
+LIBRDMACM_SOURCE = librdmacm-$(LIBRDMACM_VERSION).tar.gz
+LIBRDMACM_SITE = https://www.openfabrics.org/downloads/rdmacm
+LIBRDMACM_INSTALL_STAGING = YES
+
+$(eval $(autotools-package))
diff --git a/package/perftest/Config.in b/package/perftest/Config.in
new file mode 100644
index 0000000..6273cf3
--- /dev/null
+++ b/package/perftest/Config.in
@@ -0,0 +1,10 @@
+config BR2_PACKAGE_PERFTEST
+	bool "perftest"
+	select BR2_PACKAGE_LIBIBUMAD
+	select BR2_PACKAGE_LIBRDMACM
+	help
+	  It is a collection of tests written using Infiniband verbs intended
+	  for use as a performance micro-benchmark. The tests can measure the
+	  latency and bandwidth of Infiniband fabrics.
+
+	  https://www.openfabrics.org
diff --git a/package/perftest/perftest.hash b/package/perftest/perftest.hash
new file mode 100644
index 0000000..123330e
--- /dev/null
+++ b/package/perftest/perftest.hash
@@ -0,0 +1,2 @@
+# Locally calculated
+sha256 6078dd4fc66d85ff1439ad8fe26cc0689ad18f24459fe3e7d20feda58c6d4609 perftest-3.4-0.9.g98a9a17.tar.gz
diff --git a/package/perftest/perftest.mk b/package/perftest/perftest.mk
new file mode 100644
index 0000000..dc16e4b
--- /dev/null
+++ b/package/perftest/perftest.mk
@@ -0,0 +1,19 @@
+################################################################################
+#
+# PERFTEST
+#
+################################################################################
+
+PERFTEST_VERSION = 3.4-0.9.g98a9a17
+PERFTEST_SOURCE = perftest-$(PERFTEST_VERSION).tar.gz
+PERFTEST_SITE = https://www.openfabrics.org/downloads/perftest
+PERFTEST_INSTALL_STAGING = YES
+
+# autogen.sh is because autotools stuff lives in other directories and
+# even AUTORECONF with _OPTS doesn't do it properly.
+define PERFTEST_RUN_AUTOGEN
+	cd $(@D) && PATH=$(BR_PATH) ./autogen.sh
+endef
+PERFTEST_POST_PATCH_HOOKS += PERFTEST_RUN_AUTOGEN
+
+$(eval $(autotools-package))
-- 
2.9.3

^ permalink raw reply related

* [Buildroot] [Bug 9836] triggerhappy: systemd unit broken
From: bugzilla at busybox.net @ 2017-04-26  9:20 UTC (permalink / raw)
  To: buildroot
In-Reply-To: <bug-9836-163@https.bugs.busybox.net/>

https://bugs.busybox.net/show_bug.cgi?id=9836

--- Comment #1 from Thomas Petazzoni <thomas.petazzoni@free-electrons.com> ---
(In reply to Michael Heinemann from comment #0)

Thanks for your detailed report! I'd say bump the version and use the new unit
is most likely the right option here.

-- 
You are receiving this mail because:
You are on the CC list for the bug.

^ permalink raw reply

* [Buildroot] [Bug 9836] New: triggerhappy: systemd unit broken
From: bugzilla at busybox.net @ 2017-04-26  9:01 UTC (permalink / raw)
  To: buildroot

https://bugs.busybox.net/show_bug.cgi?id=9836

            Bug ID: 9836
           Summary: triggerhappy: systemd unit broken
           Product: buildroot
           Version: 2017.02.1
          Hardware: All
                OS: Linux
            Status: NEW
          Severity: normal
          Priority: P5
         Component: Other
          Assignee: unassigned at buildroot.uclibc.org
          Reporter: posted at heine.so
                CC: buildroot at uclibc.org
  Target Milestone: ---

I'm using triggerhappy in combination with systemd and a bash based system (no
busybox).


The systemd unit fails with this error message:

"Error opening '/dev/input/event*': No such file or directory"


The systemd unit has the start command defined as follows:

ExecStart=/usr/sbin/thd --triggers /etc/triggerhappy/triggers.d --socket
/var/run/thd.socket --user nobody /dev/input/event*


If you run the command directly from bash it is working, I guess because bash
is already expanding the wildcard.


thd started supporting Wildcards in Version 0.5.0. with the option
"--deviceglob" [1]

before it proposed a wrapper script for the systemd unit added in this commit:
[2]

I don't know if the unit currently supplied with buildroot ever worked, but not
with the thd version currently used.

Since 0.5.0 the systemd unit should be like this: [3]


So I could supply a patch but I'm not sure what is preferable. Fix the systemd
unit supplied with the current version included in buildroot 2017.02.1. Or bump
the version and provide the new style unit?

Regards,
Michael

[1]https://github.com/wertarbyte/triggerhappy/commit/c9b6556bd45529eebfabcad3b843beb185aca5fc
[2]https://github.com/wertarbyte/triggerhappy/commit/47a9e4e842676c48d056aefe623af1d29a9b0e5e
[3]https://github.com/wertarbyte/triggerhappy/commit/06720d2305bedc7fcef8b18919f5c73a73164f85

-- 
You are receiving this mail because:
You are on the CC list for the bug.

^ permalink raw reply

* [Buildroot] [PATCH] x11vnc: update to 0.9.14
From: Thomas Petazzoni @ 2017-04-26  8:03 UTC (permalink / raw)
  To: buildroot
In-Reply-To: <e8750710-f475-fe87-79a4-edd6f655d5a0@mind.be>

Hello,

On Mon, 24 Apr 2017 21:47:58 +0200, Arnout Vandecappelle wrote:

>  Is there a reason why you need this bump?

Well, do we need a reason to bump a package, other than "upstream has a
new release, possibly with new features/bug fixes" ? Tons of version
bumps we merged are not motivated by a specific reason, other than
making sure Buildroot uses recent versions of the different components.

Best regards,

Thomas
-- 
Thomas Petazzoni, CTO, Free Electrons
Embedded Linux and Kernel engineering
http://free-electrons.com

^ permalink raw reply

* [Buildroot] [PATCH] xorriso: disable libcdio
From: Thomas Petazzoni @ 2017-04-26  8:02 UTC (permalink / raw)
  To: buildroot
In-Reply-To: <0a5dac7516bd86eca86510a190385617af60d738.1492891844.git.baruch@tkos.co.il>

Hello,

On Sat, 22 Apr 2017 23:10:44 +0300, Baruch Siach wrote:
> xorriso and libcdio define identically named symbols. This breaks static
> linking.
> 
> Besides, upstream suggested that on Linux the built-in libburn adapter is much
> better tested than libcdio.
> 
> Disable libcdio.
> 
> Fixes:
> http://autobuild.buildroot.net/results/430/430a6b548fcc311f20ea71cecaa11fafac1d5a19/
> http://autobuild.buildroot.net/results/a5d/a5d0f8bec0d39e48f6dfe4ecc07fe0ca3c6bd70a/
> 
> Cc: Steve Kenton <skenton@ou.edu>
> Suggested-by: Thomas Schmitt <scdbackup@gmx.net>
> Signed-off-by: Baruch Siach <baruch@tkos.co.il>
> ---
>  package/xorriso/xorriso.mk | 13 ++++---------
>  1 file changed, 4 insertions(+), 9 deletions(-)

Applied to master, thanks.

Thomas
-- 
Thomas Petazzoni, CTO, Free Electrons
Embedded Linux, Kernel and Android engineering
http://free-electrons.com

^ permalink raw reply

* [Buildroot] [git commit] xorriso: disable libcdio
From: Thomas Petazzoni @ 2017-04-26  7:58 UTC (permalink / raw)
  To: buildroot

commit: https://git.buildroot.net/buildroot/commit/?id=0a0524876b2872d345a9517c169f29ddb72851e6
branch: https://git.buildroot.net/buildroot/commit/?id=refs/heads/master

xorriso and libcdio define identically named symbols. This breaks static
linking.

Besides, upstream suggested that on Linux the built-in libburn adapter is much
better tested than libcdio.

Disable libcdio.

Fixes:
http://autobuild.buildroot.net/results/430/430a6b548fcc311f20ea71cecaa11fafac1d5a19/
http://autobuild.buildroot.net/results/a5d/a5d0f8bec0d39e48f6dfe4ecc07fe0ca3c6bd70a/

Cc: Steve Kenton <skenton@ou.edu>
Suggested-by: Thomas Schmitt <scdbackup@gmx.net>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Acked-by: Steve Kenton <skenton@ou.edu>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
---
 package/xorriso/xorriso.mk | 13 ++++---------
 1 file changed, 4 insertions(+), 9 deletions(-)

diff --git a/package/xorriso/xorriso.mk b/package/xorriso/xorriso.mk
index b205580..1f09591 100644
--- a/package/xorriso/xorriso.mk
+++ b/package/xorriso/xorriso.mk
@@ -18,19 +18,14 @@ HOST_XORRISO_CONF_OPTS = \
 	--disable-libedit \
 	--disable-libacl
 
+# libcdio doesn't make sense for Linux
+# http://lists.gnu.org/archive/html/bug-xorriso/2017-04/msg00004.html
+XORRISO_CONF_OPTS = --disable-libcdio
+
 ifeq ($(BR2_PACKAGE_LIBICONV),y)
 XORRISO_DEPENDENCIES += libiconv
 endif
 
-ifeq ($(BR2_PACKAGE_LIBCDIO),y)
-XORRISO_DEPENDENCIES += host-pkgconf libcdio
-XORRISO_CONF_OPTS += \
-	--enable-pkg-check-modules \
-	--enable-libcdio
-else
-XORRISO_CONF_OPTS += --disable-libcdio
-endif
-
 ifeq ($(BR2_PACKAGE_READLINE),y)
 XORRISO_DEPENDENCIES += readline
 XORRISO_CONF_OPTS += --enable-libreadline

^ permalink raw reply related

* [Buildroot] [PATCH] Revert "lvm2: disable build with uClibc-ng"
From: Waldemar Brodkorb @ 2017-04-26  7:26 UTC (permalink / raw)
  To: buildroot

This reverts commit 66f136a9f64b880eefa769c1261916773d8f28c0.

Issue fixed with uClibc-ng update to 1.0.24.

Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
---
 package/cryptsetup/Config.in    | 5 ++---
 package/dmraid/Config.in        | 5 ++---
 package/docker-engine/Config.in | 1 -
 package/lvm2/Config.in          | 6 ++----
 package/udisks/Config.in        | 6 ++----
 5 files changed, 8 insertions(+), 15 deletions(-)

diff --git a/package/cryptsetup/Config.in b/package/cryptsetup/Config.in
index 42cf3ab..3ca23ba 100644
--- a/package/cryptsetup/Config.in
+++ b/package/cryptsetup/Config.in
@@ -4,7 +4,6 @@ config BR2_PACKAGE_CRYPTSETUP
 	depends on BR2_USE_MMU # lvm2
 	depends on !BR2_STATIC_LIBS # lvm2
 	depends on !BR2_TOOLCHAIN_USES_MUSL # lvm2
-	depends on !BR2_TOOLCHAIN_USES_UCLIBC # lvm2
 	select BR2_PACKAGE_POPT
 	select BR2_PACKAGE_LVM2
 	select BR2_PACKAGE_UTIL_LINUX
@@ -16,7 +15,7 @@ config BR2_PACKAGE_CRYPTSETUP
 
 	  https://gitlab.com/cryptsetup/cryptsetup
 
-comment "cryptsetup needs a glibc toolchain w/ threads, dynamic library"
+comment "cryptsetup needs a glibc or uClibc toolchain w/ threads, dynamic library"
 	depends on BR2_USE_MMU
 	depends on BR2_STATIC_LIBS || !BR2_TOOLCHAIN_HAS_THREADS \
-		|| BR2_TOOLCHAIN_USES_MUSL || BR2_TOOLCHAIN_USES_UCLIBC
+		|| BR2_TOOLCHAIN_USES_MUSL
diff --git a/package/dmraid/Config.in b/package/dmraid/Config.in
index 61976bb..583f3f2 100644
--- a/package/dmraid/Config.in
+++ b/package/dmraid/Config.in
@@ -4,7 +4,6 @@ config BR2_PACKAGE_DMRAID
 	depends on BR2_USE_MMU # lvm2
 	depends on !BR2_STATIC_LIBS # lvm2
 	depends on !BR2_TOOLCHAIN_USES_MUSL # lvm2
-	depends on !BR2_TOOLCHAIN_USES_UCLIBC # lvm2
 	select BR2_PACKAGE_LVM2
 	help
 	  dmraid discovers, activates, deactivates and displays properties
@@ -13,7 +12,7 @@ config BR2_PACKAGE_DMRAID
 	  dmraid uses the Linux device-mapper to create devices with
 	  respective mappings for the ATARAID sets discovered.
 
-comment "dmraid needs a glibc toolchain w/ threads, dynamic library"
+comment "dmraid needs a glibc or uClibc toolchain w/ threads, dynamic library"
 	depends on BR2_USE_MMU
 	depends on BR2_STATIC_LIBS || !BR2_TOOLCHAIN_HAS_THREADS \
-		|| BR2_TOOLCHAIN_USES_MUSL || BR2_TOOLCHAIN_USES_UCLIBC
+		|| BR2_TOOLCHAIN_USES_MUSL
diff --git a/package/docker-engine/Config.in b/package/docker-engine/Config.in
index 8cde4a4..7cf0d9e 100644
--- a/package/docker-engine/Config.in
+++ b/package/docker-engine/Config.in
@@ -47,7 +47,6 @@ config BR2_PACKAGE_DOCKER_ENGINE_DRIVER_DEVICEMAPPER
 	depends on BR2_USE_MMU # lvm2
 	depends on !BR2_STATIC_LIBS # lvm2
 	depends on !BR2_TOOLCHAIN_USES_MUSL # lvm2
-	depends on !BR2_TOOLCHAIN_USES_UCLIBC # lvm2
 	select BR2_PACKAGE_LVM2
 	select BR2_PACKAGE_LVM2_APP_LIBRARY
 	help
diff --git a/package/lvm2/Config.in b/package/lvm2/Config.in
index b28b197..0f60649 100644
--- a/package/lvm2/Config.in
+++ b/package/lvm2/Config.in
@@ -5,7 +5,6 @@ config BR2_PACKAGE_LVM2
 	depends on !BR2_STATIC_LIBS # It fails to build statically
 	# http://lists.busybox.net/pipermail/buildroot/2016-August/170592.html
 	depends on !BR2_TOOLCHAIN_USES_MUSL
-	depends on !BR2_TOOLCHAIN_USES_UCLIBC # missing floorl(), nearbyintl()
 	help
 	  This is LVM2, the rewrite of The Linux Logical Volume Manager.
 	  LVM supports enterprise level volume management of disk and disk
@@ -39,7 +38,6 @@ config BR2_PACKAGE_LVM2_APP_LIBRARY
 
 endif
 
-comment "lvm2 needs a glibc toolchain w/ threads, dynamic library"
+comment "lvm2 needs a glibc or uClibc toolchain w/ threads, dynamic library"
 	depends on BR2_USE_MMU
-	depends on BR2_STATIC_LIBS || !BR2_TOOLCHAIN_HAS_THREADS \
-		|| BR2_TOOLCHAIN_USES_MUSL || BR2_TOOLCHAIN_USES_UCLIBC
+	depends on BR2_STATIC_LIBS || !BR2_TOOLCHAIN_HAS_THREADS || BR2_TOOLCHAIN_USES_MUSL
diff --git a/package/udisks/Config.in b/package/udisks/Config.in
index 475f498..029860f 100644
--- a/package/udisks/Config.in
+++ b/package/udisks/Config.in
@@ -5,7 +5,6 @@ config BR2_PACKAGE_UDISKS
 	depends on BR2_USE_MMU # lvm2
 	depends on !BR2_STATIC_LIBS # lvm2
 	depends on !BR2_TOOLCHAIN_USES_MUSL # lvm2
-	depends on !BR2_TOOLCHAIN_USES_UCLIBC # lvm2
 	select BR2_PACKAGE_DBUS
 	select BR2_PACKAGE_DBUS_GLIB
 	depends on BR2_USE_WCHAR # dbus-glib -> glib2
@@ -41,8 +40,7 @@ comment "udisks needs udev /dev management"
 	depends on BR2_USE_MMU
 	depends on !BR2_PACKAGE_HAS_UDEV
 
-comment "udisks needs a glibc toolchain w/ wchar, threads, dynamic library"
+comment "udisks needs a glibc or uClibc toolchain w/ wchar, threads, dynamic library"
 	depends on BR2_USE_MMU
 	depends on !BR2_USE_WCHAR || !BR2_TOOLCHAIN_HAS_THREADS || \
-		BR2_STATIC_LIBS || BR2_TOOLCHAIN_USES_MUSL \
-		|| BR2_TOOLCHAIN_USES_UCLIBC
+		BR2_STATIC_LIBS || BR2_TOOLCHAIN_USES_MUSL
-- 
2.1.4

^ permalink raw reply related

* [Buildroot] [PATCH 2/9] package/python-traitlets: New package
From: Thomas Petazzoni @ 2017-04-26  7:26 UTC (permalink / raw)
  To: buildroot
In-Reply-To: <20170425191423.13294-3-andrew.smirnov@gmail.com>

Hello,

On Tue, 25 Apr 2017 12:14:16 -0700, Andrey Smirnov wrote:
> diff --git a/package/python-traitlets/Config.in b/package/python-traitlets/Config.in
> new file mode 100644
> index 0000000..ba79218
> --- /dev/null
> +++ b/package/python-traitlets/Config.in
> @@ -0,0 +1,8 @@
> +config BR2_PACKAGE_PYTHON_TRAITLETS
> +	select BR2_PACKAGE_PYTHON_DECORATOR
> +	select BR2_PACKAGE_PYTHON_ENUM if BR2_PACKAGE_PYTHON
> +	bool "python-traitlets"

The "bool" should be before the selects. Have you run your packages
through support/scripts/check-package ?

> +PYTHON_TRAITLETS_DEPENDENCIES = python-decorator
> +
> +ifeq ($(BR2_PACKAGE_PYTHON),y)
> +PYTHON_TRAITLETS_DEPENDENCIES += python-enum
> +endif

Are these really build time dependencies, or just runtime dependencies?

Best regards,

Thomas
-- 
Thomas Petazzoni, CTO, Free Electrons
Embedded Linux and Kernel engineering
http://free-electrons.com

^ permalink raw reply

* [Buildroot] [PATCH 1/9] package/python-decorator: New package
From: Thomas Petazzoni @ 2017-04-26  7:25 UTC (permalink / raw)
  To: buildroot
In-Reply-To: <20170425191423.13294-2-andrew.smirnov@gmail.com>

Hello,

On Tue, 25 Apr 2017 12:14:15 -0700, Andrey Smirnov wrote:

> +PYTHON_DECORATOR_VERSION = 4.0.11
> +PYTHON_DECORATOR_SITE = https://github.com/micheles/decorator.git
> +PYTHON_DECORATOR_SITE_METHOD = git
> +PYTHON_DECORATOR_LICENSE = BSD-2c

This is not the correct SPDX license code: we have recently switched to
use SPDX license codes everywhere in Buildroot, so this should be
BSD-2-Clause (see https://spdx.org/licenses/).

This should be fixed globally in your patch series.

Thanks!

Thomas
-- 
Thomas Petazzoni, CTO, Free Electrons
Embedded Linux and Kernel engineering
http://free-electrons.com

^ permalink raw reply

* [Buildroot] [git commit] uclibc: update to 1.0.24
From: Peter Korsgaard @ 2017-04-26  7:20 UTC (permalink / raw)
  To: buildroot

commit: https://git.buildroot.net/buildroot/commit/?id=002d9ed3541caf4dd7087f97166d79d4e6988b49
branch: https://git.buildroot.net/buildroot/commit/?id=refs/heads/master

Fixes aarch64 C++ issue. Removes old implementations for fnmatch/regex.
Allow long double wrappers for all architectures.

Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
---
 ...l.h-fix-a-missing-struct-timespec-definit.patch | 34 ----------------------
 package/uclibc/uClibc-ng.config                    |  2 --
 package/uclibc/uclibc.hash                         |  4 +--
 package/uclibc/uclibc.mk                           |  2 +-
 4 files changed, 3 insertions(+), 39 deletions(-)

diff --git a/package/uclibc/0001-Revert-fcntl.h-fix-a-missing-struct-timespec-definit.patch b/package/uclibc/0001-Revert-fcntl.h-fix-a-missing-struct-timespec-definit.patch
deleted file mode 100644
index f481b8f..0000000
--- a/package/uclibc/0001-Revert-fcntl.h-fix-a-missing-struct-timespec-definit.patch
+++ /dev/null
@@ -1,34 +0,0 @@
-From 6d7cc87cb64dc8df20b0d1c7b3e3566f9ec5a3dc Mon Sep 17 00:00:00 2001
-From: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
-Date: Tue, 4 Apr 2017 21:26:41 +0200
-Subject: [PATCH] Revert "fcntl.h: fix a missing `struct timespec` definition"
-
-This reverts commit 657c4a9d6c2e649d86307f46ce9d5e44192f6e7a, it breaks
-many packages in Buildroot:
-
-  http://autobuild.buildroot.net/results/fcd024f6658890861fd7165e15edc65f77a9d8e7/
-  http://autobuild.buildroot.net/results/431135d9f985f3b3f935cc29fe16728b2412dd3a/
-  etc.
-
-Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
----
- include/fcntl.h | 3 ---
- 1 file changed, 3 deletions(-)
-
-diff --git a/include/fcntl.h b/include/fcntl.h
-index 5a73a98..adcd7ef 100644
---- a/include/fcntl.h
-+++ b/include/fcntl.h
-@@ -34,9 +34,6 @@ __BEGIN_DECLS
- 
- /* For XPG all symbols from <sys/stat.h> should also be available.  */
- #ifdef __USE_XOPEN
--# ifdef __USE_XOPEN2K8
--#  define __need_timespec
--# endif
- # include <sys/stat.h>
- #endif
- 
--- 
-2.7.4
-
diff --git a/package/uclibc/uClibc-ng.config b/package/uclibc/uClibc-ng.config
index 528bce9..6780ad6 100644
--- a/package/uclibc/uClibc-ng.config
+++ b/package/uclibc/uClibc-ng.config
@@ -30,8 +30,6 @@ UCLIBC_HAS_STDIO_PUTC_MACRO=y
 UCLIBC_HAS_FOPEN_EXCLUSIVE_MODE=y
 UCLIBC_HAS_GLIBC_CUSTOM_STREAMS=y
 UCLIBC_HAS_PRINTF_M_SPEC=y
-# UCLIBC_HAS_REGEX_OLD is not set
-# UCLIBC_HAS_FNMATCH_OLD is not set
 UCLIBC_HAS_NFTW=y
 UCLIBC_HAS_FTW=y
 UCLIBC_HAS_GNU_GLOB=y
diff --git a/package/uclibc/uclibc.hash b/package/uclibc/uclibc.hash
index f5c49de..050a8eb 100644
--- a/package/uclibc/uclibc.hash
+++ b/package/uclibc/uclibc.hash
@@ -1,2 +1,2 @@
-# From http://www.uclibc-ng.org/
-sha256  a76ee9a69bce031d14cae22ce34527a856f724f888a6641bf53e6f07c6345c70        uClibc-ng-1.0.23.tar.xz
+# From https://uclibc-ng.org/
+sha256  b5bf5bea5d836b0a0724d94f2211b279df3f5bda18a95e02c728cbf4bd33e939        uClibc-ng-1.0.24.tar.xz
diff --git a/package/uclibc/uclibc.mk b/package/uclibc/uclibc.mk
index 45bb6de..f47b3ec 100644
--- a/package/uclibc/uclibc.mk
+++ b/package/uclibc/uclibc.mk
@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-UCLIBC_VERSION = 1.0.23
+UCLIBC_VERSION = 1.0.24
 UCLIBC_SOURCE = uClibc-ng-$(UCLIBC_VERSION).tar.xz
 UCLIBC_SITE = http://downloads.uclibc-ng.org/releases/$(UCLIBC_VERSION)
 UCLIBC_LICENSE = LGPL-2.1+

^ permalink raw reply related

* [Buildroot] [git commit] libcroco: bump to version 0.6.12
From: Peter Korsgaard @ 2017-04-26  7:20 UTC (permalink / raw)
  To: buildroot

commit: https://git.buildroot.net/buildroot/commit/?id=7daae8362be2060527fe1429fa640c325b477d27
branch: https://git.buildroot.net/buildroot/commit/?id=refs/heads/master

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
---
 package/libcroco/libcroco.hash | 4 ++--
 package/libcroco/libcroco.mk   | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/package/libcroco/libcroco.hash b/package/libcroco/libcroco.hash
index edf0b1f..83d2ffe 100644
--- a/package/libcroco/libcroco.hash
+++ b/package/libcroco/libcroco.hash
@@ -1,2 +1,2 @@
-# From http://ftp.acc.umu.se/pub/gnome/sources/libcroco/0.6/libcroco-0.6.11.sha256sum
-sha256	132b528a948586b0dfa05d7e9e059901bca5a3be675b6071a90a90b81ae5a056	libcroco-0.6.11.tar.xz
+# From http://ftp.acc.umu.se/pub/gnome/sources/libcroco/0.6/libcroco-0.6.12.sha256sum
+sha256	ddc4b5546c9fb4280a5017e2707fbd4839034ed1aba5b7d4372212f34f84f860	libcroco-0.6.12.tar.xz
diff --git a/package/libcroco/libcroco.mk b/package/libcroco/libcroco.mk
index 5ea0b77..612fd1f 100644
--- a/package/libcroco/libcroco.mk
+++ b/package/libcroco/libcroco.mk
@@ -5,7 +5,7 @@
 ################################################################################
 
 LIBCROCO_VERSION_MAJOR = 0.6
-LIBCROCO_VERSION = $(LIBCROCO_VERSION_MAJOR).11
+LIBCROCO_VERSION = $(LIBCROCO_VERSION_MAJOR).12
 LIBCROCO_SITE = http://ftp.gnome.org/pub/gnome/sources/libcroco/$(LIBCROCO_VERSION_MAJOR)
 LIBCROCO_SOURCE = libcroco-$(LIBCROCO_VERSION).tar.xz
 LIBCROCO_INSTALL_STAGING = YES

^ permalink raw reply related

* [Buildroot] [git commit] package/xenomai: fallback to http
From: Peter Korsgaard @ 2017-04-26  7:20 UTC (permalink / raw)
  To: buildroot

commit: https://git.buildroot.net/buildroot/commit/?id=2af19b0143ab0b4412304b27e488fd084dd3de25
branch: https://git.buildroot.net/buildroot/commit/?id=refs/heads/master

The https protocol return:
"ERROR 503: Service Temporarily Unavailable"

Fixes:
http://autobuild.buildroot.net/results/120/12034603c46c8bd69590c88bbfe85261460b699c

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
---
 package/xenomai/xenomai.mk | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/package/xenomai/xenomai.mk b/package/xenomai/xenomai.mk
index 4844fff..c1477d9 100644
--- a/package/xenomai/xenomai.mk
+++ b/package/xenomai/xenomai.mk
@@ -11,7 +11,7 @@ else
 BR_NO_CHECK_HASH_FOR += $(XENOMAI_SOURCE)
 endif
 
-XENOMAI_SITE = https://xenomai.org/downloads/xenomai/stable
+XENOMAI_SITE = http://xenomai.org/downloads/xenomai/stable
 XENOMAI_SOURCE = xenomai-$(XENOMAI_VERSION).tar.bz2
 XENOMAI_LICENSE = GPL-2.0+ with exception (headers), LGPL-2.1+ (libraries), GPL-2.0+ (kernel), GFDL-1.2+ (docs), GPL-2.0 (ipipe patch, can driver)
 # GFDL is not included but refers to gnu.org

^ permalink raw reply related

* [Buildroot] [git commit] imagemagick: add upstream security fix for CVE-2017-7606
From: Peter Korsgaard @ 2017-04-26  7:20 UTC (permalink / raw)
  To: buildroot

commit: https://git.buildroot.net/buildroot/commit/?id=665560856edfcdd18b2053e26bc8a44754dffca2
branch: https://git.buildroot.net/buildroot/commit/?id=refs/heads/master

This is not yet part of any release.

coders/rle.c in ImageMagick 7.0.5-4 has an "outside the range of
representable values of type unsigned char" undefined behavior issue, which
might allow remote attackers to cause a denial of service (application
crash) or possibly have unspecified other impact via a crafted image.

For more details, see:
https://blogs.gentoo.org/ago/2017/04/02/imagemagick-undefined-behavior-in-codersrle-c/

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
---
 ...ub.com-ImageMagick-ImageMagick-issues-415.patch | 52 ++++++++++++++++++++++
 1 file changed, 52 insertions(+)

diff --git a/package/imagemagick/0001-https-github.com-ImageMagick-ImageMagick-issues-415.patch b/package/imagemagick/0001-https-github.com-ImageMagick-ImageMagick-issues-415.patch
new file mode 100644
index 0000000..943679e
--- /dev/null
+++ b/package/imagemagick/0001-https-github.com-ImageMagick-ImageMagick-issues-415.patch
@@ -0,0 +1,52 @@
+From b218117cad34d39b9ffb587b45c71c5a49b12bde Mon Sep 17 00:00:00 2001
+From: Cristy <urban-warrior@imagemagick.org>
+Date: Fri, 31 Mar 2017 15:24:33 -0400
+Subject: [PATCH] https://github.com/ImageMagick/ImageMagick/issues/415
+
+Fixes CVE-2017-7606
+
+Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
+---
+ coders/pnm.c | 2 +-
+ coders/rle.c | 5 +++--
+ 2 files changed, 4 insertions(+), 3 deletions(-)
+
+diff --git a/coders/pnm.c b/coders/pnm.c
+index 9a1221d79..c525ebb8f 100644
+--- a/coders/pnm.c
++++ b/coders/pnm.c
+@@ -1979,7 +1979,7 @@ static MagickBooleanType WritePNMImage(const ImageInfo *image_info,Image *image,
+                           pixel=ScaleQuantumToChar(GetPixelRed(image,p));
+                         else
+                           pixel=ScaleQuantumToAny(GetPixelRed(image,p),
+-                          max_value);
++                            max_value);
+                       }
+                     q=PopCharPixel((unsigned char) pixel,q);
+                     p+=GetPixelChannels(image);
+diff --git a/coders/rle.c b/coders/rle.c
+index 2318901ec..ec071dc7b 100644
+--- a/coders/rle.c
++++ b/coders/rle.c
+@@ -271,7 +271,8 @@ static Image *ReadRLEImage(const ImageInfo *image_info,ExceptionInfo *exception)
+         p=colormap;
+         for (i=0; i < (ssize_t) number_colormaps; i++)
+           for (x=0; x < (ssize_t) map_length; x++)
+-            *p++=(unsigned char) ScaleShortToQuantum(ReadBlobLSBShort(image));
++            *p++=(unsigned char) ScaleQuantumToChar(ScaleShortToQuantum(
++              ReadBlobLSBShort(image)));
+       }
+     if ((flags & 0x08) != 0)
+       {
+@@ -476,7 +477,7 @@ static Image *ReadRLEImage(const ImageInfo *image_info,ExceptionInfo *exception)
+               for (x=0; x < (ssize_t) number_planes; x++)
+               {
+                 ValidateColormapValue(image,(size_t) (x*map_length+
+-                    (*p & mask)),&index,exception);
++                  (*p & mask)),&index,exception);
+                 *p=colormap[(ssize_t) index];
+                 p++;
+               }
+-- 
+2.11.0
+

^ permalink raw reply related

* [Buildroot] [git commit] package/bullet: bump to version 2.86.1
From: Peter Korsgaard @ 2017-04-26  7:20 UTC (permalink / raw)
  To: buildroot

commit: https://git.buildroot.net/buildroot/commit/?id=a086213b397c59bd4282ce4f002abb6c656bb40b
branch: https://git.buildroot.net/buildroot/commit/?id=refs/heads/master

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
---
 package/bullet/bullet.hash | 2 +-
 package/bullet/bullet.mk   | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/package/bullet/bullet.hash b/package/bullet/bullet.hash
index cccc425..c6a45c2 100644
--- a/package/bullet/bullet.hash
+++ b/package/bullet/bullet.hash
@@ -1,2 +1,2 @@
 # Locally calculated
-sha256 6e157c0b50373bc0e860de27f06397827bb28a4205bc568ae79d76a0f919ed62  bullet-2.85.1.tar.gz
+sha256 c058b2e4321ba6adaa656976c1a138c07b18fc03b29f5b82880d5d8228fbf059  bullet-2.86.1.tar.gz
diff --git a/package/bullet/bullet.mk b/package/bullet/bullet.mk
index 920ea87..3e8fae3 100644
--- a/package/bullet/bullet.mk
+++ b/package/bullet/bullet.mk
@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-BULLET_VERSION = 2.85.1
+BULLET_VERSION = 2.86.1
 BULLET_SITE = $(call github,bulletphysics,bullet3,$(BULLET_VERSION))
 BULLET_INSTALL_STAGING = YES
 BULLET_LICENSE = Zlib

^ permalink raw reply related


This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox