Compare commits
65 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
| 799aed7a18 | |||
| abfcc5624b | |||
| b706f46e97 | |||
| 7ac7be5f87 | |||
| 296ffa6770 | |||
| 35db9f3ab9 | |||
| 0bc84f9612 | |||
| bc224445b2 | |||
| 84e3e5a9f0 | |||
| eac5d8c01d | |||
| 8879b99a50 | |||
| 60e7c1075f | |||
| 75c7c53e88 | |||
| e63c2c3566 | |||
| 89300b0097 | |||
| 6a404f8245 | |||
| bc633d98ad | |||
| a1b9e5cb32 | |||
| 1b8f4d29ed | |||
| 83e50860e7 | |||
| 33adae56f9 | |||
| 0cef3aad7b | |||
| 32e514709f | |||
| cf113c76df | |||
| 6b671fa3b6 | |||
| 35f735cd5a | |||
| 392b4a6670 | |||
| 039f7d0d2f | |||
| 48447b9efc | |||
| 24d80453af | |||
| 86a16f169d | |||
| bb64a4f87e | |||
| 6736d2f604 | |||
| bce9b77e04 | |||
| 892e908120 | |||
| de2534bb54 | |||
| 7e48857917 | |||
| bac22a6f55 | |||
| 2de0f39ed6 | |||
| 9d1e422788 | |||
| a29fa4bb77 | |||
| ae5cfc15f5 | |||
| 97e5325375 | |||
| 023919520f | |||
| 27ff183a9c | |||
| d482d1297e | |||
| be1ab94c9e | |||
| 4ff4b574a5 | |||
| 578d192c3c | |||
| 56938a2feb | |||
| 1d57b8ae51 | |||
| 97f7a8b337 | |||
| eda721ef82 | |||
| 5a339aac73 | |||
| b937e29052 | |||
| 761533084b | |||
| 18fc71357b | |||
| d16d3afdf3 | |||
| 57120d614e | |||
| 1e9e1f3561 | |||
| eda38d300b | |||
| ab8fb2d9f3 | |||
| bd00633729 | |||
| 9d302e43c9 | |||
| 6257bf6588 |
@@ -1,3 +1,22 @@
|
||||
2017.02.2, Released May 1st, 2017
|
||||
|
||||
Important / security related fixes.
|
||||
|
||||
Use HTTPS for the Codesourcery external toolchains as the HTTP
|
||||
URLs no longer work.
|
||||
|
||||
Updated/fixed packages: bind, busybox, dovecot, freetype,
|
||||
ghostscript, glibc, granite, hiredis, icu, imagemagick,
|
||||
gst-plugins-base, gst1-plugins-base, libcroco, libcurl, libnl,
|
||||
libnspr, libnss, libsamplerate, libsndfile, libunwind,
|
||||
minicom, mplayer, mpv, nodejs, python-django, python-pyyaml,
|
||||
python-web2py, samba4, syslinux, systemd, tiff, trinity,
|
||||
uboot, wireshark, xen
|
||||
|
||||
Issues resolved (http://bugs.buildroot.org):
|
||||
|
||||
#9791: Python searches for packages in the user site directory
|
||||
|
||||
2017.02.1, Released April 4th, 2017
|
||||
|
||||
Important / security related fixes.
|
||||
|
||||
@@ -86,9 +86,9 @@ else # umask / $(CURDIR) / $(O)
|
||||
all:
|
||||
|
||||
# Set and export the version string
|
||||
export BR2_VERSION := 2017.02.1
|
||||
export BR2_VERSION := 2017.02.2
|
||||
# Actual time the release is cut (for reproducible builds)
|
||||
BR2_VERSION_EPOCH = 1491392000
|
||||
BR2_VERSION_EPOCH = 1493676000
|
||||
|
||||
# Save running make version since it's clobbered by the make package
|
||||
RUNNING_MAKE_VERSION := $(MAKE_VERSION)
|
||||
|
||||
+18
-12
@@ -1,16 +1,19 @@
|
||||
commit e5f2b577ded109291c9632dacb6eaa621d8a59fe
|
||||
Author: Sylvain Gault <sylvain.gault@gmail.com>
|
||||
Date: Tue Sep 29 02:38:25 2015 +0200
|
||||
From da5cbd1a3b248f2d32281a1766a3d1414c0e8e03 Mon Sep 17 00:00:00 2001
|
||||
From: Sylvain Gault <sylvain.gault@gmail.com>
|
||||
Date: Tue, 29 Sep 2015 02:38:25 +0200
|
||||
Subject: [PATCH] bios: Fix alignment change with gcc 5
|
||||
|
||||
bios: Fix alignment change with gcc 5
|
||||
|
||||
The section aligment specified in the ld scripts have to be greater or
|
||||
equal to those in the .o files generated by gcc.
|
||||
|
||||
Signed-off-by: Sylvain Gault <sylvain.gault@gmail.com>
|
||||
Tested-by: poma <pomidorabelisima@gmail.com>
|
||||
Signed-off-by: Paulo Alcantara <pcacjr@zytor.com>
|
||||
Signed-off-by: Frank Hunleth <fhunleth@troodon-software.com>
|
||||
The section aligment specified in the ld scripts have to be greater or
|
||||
equal to those in the .o files generated by gcc.
|
||||
|
||||
Signed-off-by: Sylvain Gault <sylvain.gault@gmail.com>
|
||||
Tested-by: poma <pomidorabelisima@gmail.com>
|
||||
Signed-off-by: Paulo Alcantara <pcacjr@zytor.com>
|
||||
Signed-off-by: Frank Hunleth <fhunleth@troodon-software.com>
|
||||
---
|
||||
core/i386/syslinux.ld | 6 +++---
|
||||
core/x86_64/syslinux.ld | 6 +++---
|
||||
2 files changed, 6 insertions(+), 6 deletions(-)
|
||||
|
||||
diff --git a/core/i386/syslinux.ld b/core/i386/syslinux.ld
|
||||
index 7b4e012..7390451 100644
|
||||
@@ -74,3 +77,6 @@ index 1057112..bf815c4 100644
|
||||
__bss_vma = .;
|
||||
__bss_lma = .; /* Dummy */
|
||||
.bss (NOLOAD) : AT (__bss_lma) {
|
||||
--
|
||||
2.7.4
|
||||
|
||||
@@ -0,0 +1,30 @@
|
||||
From 250bf2c921713434627dc7bc8b0918fa0841f9b7 Mon Sep 17 00:00:00 2001
|
||||
From: Graham Inggs <ginggs@ubuntu.com>
|
||||
Date: Wed, 5 Apr 2017 22:03:12 +0200
|
||||
Subject: [PATCH] Disable PIE to avoid FTBFS on amd64
|
||||
|
||||
gcc 6.x has PIE support enabled by default, which causes a build issue
|
||||
with syslinux. This patch disables PIE support in the relevant
|
||||
syslinux Makefile.
|
||||
|
||||
Signed-off-by: Ryan Coe <bluemrp9@gmail.com>
|
||||
---
|
||||
gpxe/src/Makefile | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/gpxe/src/Makefile b/gpxe/src/Makefile
|
||||
index cc91d78..077af64 100644
|
||||
--- a/gpxe/src/Makefile
|
||||
+++ b/gpxe/src/Makefile
|
||||
@@ -4,7 +4,7 @@
|
||||
#
|
||||
|
||||
CLEANUP :=
|
||||
-CFLAGS :=
|
||||
+CFLAGS := -fno-PIE
|
||||
ASFLAGS :=
|
||||
LDFLAGS :=
|
||||
MAKEDEPS := Makefile
|
||||
--
|
||||
2.7.4
|
||||
|
||||
@@ -1,22 +0,0 @@
|
||||
Description: Disable PIE to avoid FTBFS on amd64
|
||||
Bug-Ubuntu: https://bugs.launchpad.net/bugs/1579023
|
||||
Author: Graham Inggs <ginggs@ubuntu.com>
|
||||
Last-Update: 2016-05-06
|
||||
|
||||
gcc 6.x has PIE support enabled by default, which causes a build issue
|
||||
with syslinux. This patch disables PIE support in the relevant
|
||||
syslinux Makefile.
|
||||
|
||||
Signed-off-by: Ryan Coe <bluemrp9@gmail.com>
|
||||
|
||||
--- a/gpxe/src/Makefile
|
||||
+++ b/gpxe/src/Makefile
|
||||
@@ -4,7 +4,7 @@
|
||||
#
|
||||
|
||||
CLEANUP :=
|
||||
-CFLAGS :=
|
||||
+CFLAGS := -fno-PIE
|
||||
ASFLAGS :=
|
||||
LDFLAGS :=
|
||||
MAKEDEPS := Makefile
|
||||
@@ -0,0 +1,35 @@
|
||||
From 61de7762389d460da7ffdd644f50c60175cce23b Mon Sep 17 00:00:00 2001
|
||||
From: Steve McIntyre <93sam@debian.org>
|
||||
Date: Wed, 5 Apr 2017 22:09:37 +0200
|
||||
Subject: [PATCH] Fix 'ldlinux.elf: Not enough room for program headers, try
|
||||
linking with -N'
|
||||
MIME-Version: 1.0
|
||||
Content-Type: text/plain; charset=UTF-8
|
||||
Content-Transfer-Encoding: 8bit
|
||||
|
||||
Fix for https://bugs.debian.org/846679: syslinux: FTBFS: ld:
|
||||
ldlinux.elf: Not enough room for program headers, try linking with -N
|
||||
|
||||
https://bugs.debian.org/cgi-bin/bugreport.cgi?att=1;bug=846679;filename=syslinux_6.03%2Bdfsg-14.1.debdiff;msg=10
|
||||
|
||||
Signed-off-by: Benoît Allard <benoit.allard@greenbone.net>
|
||||
---
|
||||
core/Makefile | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/core/Makefile b/core/Makefile
|
||||
index ad0acb5..58a3545 100644
|
||||
--- a/core/Makefile
|
||||
+++ b/core/Makefile
|
||||
@@ -165,7 +165,7 @@ LDSCRIPT = $(SRC)/$(ARCH)/syslinux.ld
|
||||
|
||||
%.elf: %.o $(LIBDEP) $(LDSCRIPT) $(AUXLIBS)
|
||||
$(LD) $(LDFLAGS) -Bsymbolic $(LD_PIE) -E --hash-style=gnu -T $(LDSCRIPT) -M -o $@ $< \
|
||||
- --start-group $(LIBS) $(subst $(*F).elf,lib$(*F).a,$@) --end-group \
|
||||
+ --start-group $(LIBS) $(subst $(*F).elf,lib$(*F).a,$@) --end-group --no-dynamic-linker \
|
||||
> $(@:.elf=.map)
|
||||
$(OBJDUMP) -h $@ > $(@:.elf=.sec)
|
||||
$(PERL) $(SRC)/lstadjust.pl $(@:.elf=.lsr) $(@:.elf=.sec) $(@:.elf=.lst)
|
||||
--
|
||||
2.7.4
|
||||
|
||||
@@ -0,0 +1,32 @@
|
||||
From c0287594239d5af2082cac20817f8e8b11a4b1b2 Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Beno=C3=AEt=20Allard?= <benoit.allard@greenbone.net>
|
||||
Date: Wed, 5 Apr 2017 14:18:09 +0200
|
||||
Subject: [PATCH] memdisk: Force ld output format to 32-bits
|
||||
MIME-Version: 1.0
|
||||
Content-Type: text/plain; charset=UTF-8
|
||||
Content-Transfer-Encoding: 8bit
|
||||
|
||||
On toolchains where the default output is x86_64, we need to be
|
||||
consistent with the other .o files
|
||||
|
||||
Signed-off-by: Benoît Allard <benoit.allard@greenbone.net>
|
||||
---
|
||||
memdisk/Makefile | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/memdisk/Makefile b/memdisk/Makefile
|
||||
index e6557d8..06613ff 100644
|
||||
--- a/memdisk/Makefile
|
||||
+++ b/memdisk/Makefile
|
||||
@@ -78,7 +78,7 @@ memdisk16.o: memdisk16.asm
|
||||
$(NASM) -f bin $(NASMOPT) $(NFLAGS) $(NINCLUDE) -o $@ -l $*.lst $<
|
||||
|
||||
memdisk_%.o: memdisk_%.bin
|
||||
- $(LD) -r -b binary -o $@ $<
|
||||
+ $(LD) --oformat elf32-i386 -r -b binary -o $@ $<
|
||||
|
||||
memdisk16.elf: $(OBJS16)
|
||||
$(LD) -Ttext 0 -o $@ $^
|
||||
--
|
||||
2.7.4
|
||||
|
||||
@@ -0,0 +1,60 @@
|
||||
From e000251144056c99e390a2a4449d06cbd2a19c0a Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Beno=C3=AEt=20Allard?= <benoit.allard@greenbone.net>
|
||||
Date: Wed, 5 Apr 2017 14:25:02 +0200
|
||||
Subject: [PATCH] utils: Use the host toolchain to build.
|
||||
MIME-Version: 1.0
|
||||
Content-Type: text/plain; charset=UTF-8
|
||||
Content-Transfer-Encoding: 8bit
|
||||
|
||||
The utilities are meant to run on the host machine, hence must be built using
|
||||
the host toolchain.
|
||||
|
||||
Signed-off-by: Benoît Allard <benoit.allard@greenbone.net>
|
||||
---
|
||||
utils/Makefile | 12 ++++++------
|
||||
1 file changed, 6 insertions(+), 6 deletions(-)
|
||||
|
||||
diff --git a/utils/Makefile b/utils/Makefile
|
||||
index dfe6259..ac91aaa 100644
|
||||
--- a/utils/Makefile
|
||||
+++ b/utils/Makefile
|
||||
@@ -17,8 +17,8 @@
|
||||
VPATH = $(SRC)
|
||||
include $(MAKEDIR)/syslinux.mk
|
||||
|
||||
-CFLAGS = $(GCCWARN) -Os -fomit-frame-pointer -D_FILE_OFFSET_BITS=64 -I$(SRC)
|
||||
-LDFLAGS = -O2
|
||||
+CFLAGS = $(CFLAGS_FOR_BUILD) $(GCCWARN) -Os -fomit-frame-pointer -D_FILE_OFFSET_BITS=64 -I$(SRC)
|
||||
+LDFLAGS = $(LDFLAGS_FOR_BUILD) -O2
|
||||
|
||||
C_TARGETS = isohybrid gethostip memdiskfind
|
||||
SCRIPT_TARGETS = mkdiskimage
|
||||
@@ -35,7 +35,7 @@ ISOHDPFX = $(addprefix $(OBJ)/,../mbr/isohdpfx.bin ../mbr/isohdpfx_f.bin \
|
||||
all: $(TARGETS)
|
||||
|
||||
%.o: %.c
|
||||
- $(CC) $(UMAKEDEPS) $(CFLAGS) -c -o $@ $<
|
||||
+ $(CC_FOR_BUILD) $(UMAKEDEPS) $(CFLAGS) -c -o $@ $<
|
||||
|
||||
mkdiskimage: mkdiskimage.in ../mbr/mbr.bin bin2hex.pl
|
||||
$(PERL) $(SRC)/bin2hex.pl < $(OBJ)/../mbr/mbr.bin | cat $(SRC)/mkdiskimage.in - > $@
|
||||
@@ -51,13 +51,13 @@ isohdpfx.c: $(ISOHDPFX) isohdpfxarray.pl
|
||||
$(PERL) $(SRC)/isohdpfxarray.pl $(ISOHDPFX) > $@
|
||||
|
||||
isohybrid: isohybrid.o isohdpfx.o
|
||||
- $(CC) $(LDFLAGS) -o $@ $^ -luuid
|
||||
+ $(CC_FOR_BUILD) $(LDFLAGS) -o $@ $^ -luuid
|
||||
|
||||
gethostip: gethostip.o
|
||||
- $(CC) $(LDFLAGS) -o $@ $^
|
||||
+ $(CC_FOR_BUILD) $(LDFLAGS) -o $@ $^
|
||||
|
||||
memdiskfind: memdiskfind.o
|
||||
- $(CC) $(LDFLAGS) -o $@ $^
|
||||
+ $(CC_FOR_BUILD) $(LDFLAGS) -o $@ $^
|
||||
|
||||
tidy dist:
|
||||
rm -f *.o .*.d isohdpfx.c
|
||||
--
|
||||
2.1.4
|
||||
|
||||
@@ -0,0 +1,44 @@
|
||||
From 83e1f00990c25554723609bb549e18b987034317 Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Beno=C3=AEt=20Allard?= <benoit.allard@greenbone.net>
|
||||
Date: Thu, 6 Apr 2017 09:43:46 +0200
|
||||
Subject: [PATCH] lzo: Use the host toolchain for prepcore
|
||||
MIME-Version: 1.0
|
||||
Content-Type: text/plain; charset=UTF-8
|
||||
Content-Transfer-Encoding: 8bit
|
||||
|
||||
Signed-off-by: Benoît Allard <benoit.allard@greenbone.net>
|
||||
---
|
||||
lzo/Makefile | 7 +++++--
|
||||
1 file changed, 5 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/lzo/Makefile b/lzo/Makefile
|
||||
index 29f1fa6..c016e5a 100644
|
||||
--- a/lzo/Makefile
|
||||
+++ b/lzo/Makefile
|
||||
@@ -11,10 +11,13 @@
|
||||
## -----------------------------------------------------------------------
|
||||
|
||||
VPATH = $(SRC)
|
||||
-include $(MAKEDIR)/build.mk
|
||||
+include $(MAKEDIR)/syslinux.mk
|
||||
|
||||
INCLUDES += -I$(SRC)/include
|
||||
|
||||
+%.o: %.c
|
||||
+ $(CC_FOR_BUILD) $(UMAKEDEPS) $(CFLAGS_FOR_BUILD) $(INCLUDES) -c -o $@ $<
|
||||
+
|
||||
LIBOBJS = $(patsubst %.c,%.o,$(subst $(SRC)/,,$(wildcard $(SRC)/src/*.c)))
|
||||
LIB = lzo.a
|
||||
BINS = prepcore
|
||||
@@ -30,7 +33,7 @@ $(LIB) : $(LIBOBJS)
|
||||
$(RANLIB) $@
|
||||
|
||||
prepcore : prepcore.o $(LIB)
|
||||
- $(CC) $(LDFLAGS) -o $@ $^ $(LIBS)
|
||||
+ $(CC_FOR_BUILD) $(LDFLAGS_FOR_BUILD) -o $@ $^ $(LIBS)
|
||||
|
||||
tidy dist clean spotless:
|
||||
rm -f $(BINS)
|
||||
--
|
||||
2.1.4
|
||||
|
||||
@@ -1,12 +1,13 @@
|
||||
config BR2_TARGET_SYSLINUX
|
||||
bool "syslinux"
|
||||
depends on BR2_i386 || BR2_x86_64
|
||||
select BR2_HOSTARCH_NEEDS_IA32_COMPILER
|
||||
# Make sure at least one of the flavors is installed
|
||||
select BR2_TARGET_SYSLINUX_ISOLINUX \
|
||||
if !BR2_TARGET_SYSLINUX_PXELINUX && \
|
||||
!BR2_TARGET_SYSLINUX_MBR && \
|
||||
!BR2_TARGET_SYSLINUX_EFI
|
||||
select BR2_PACKAGE_UTIL_LINUX
|
||||
select BR2_PACKAGE_UTIL_LINUX_LIBUUID
|
||||
help
|
||||
The syslinux bootloader for x86 systems.
|
||||
This includes: syslinux, pxelinux, extlinux.
|
||||
|
||||
@@ -13,7 +13,7 @@ SYSLINUX_LICENSE_FILES = COPYING
|
||||
|
||||
SYSLINUX_INSTALL_IMAGES = YES
|
||||
|
||||
SYSLINUX_DEPENDENCIES = host-nasm host-util-linux host-upx
|
||||
SYSLINUX_DEPENDENCIES = host-nasm host-upx util-linux
|
||||
|
||||
ifeq ($(BR2_TARGET_SYSLINUX_LEGACY_BIOS),y)
|
||||
SYSLINUX_TARGET += bios
|
||||
@@ -51,21 +51,36 @@ SYSLINUX_POST_PATCH_HOOKS += SYSLINUX_CLEANUP
|
||||
# and the internal zlib should take precedence so -I shouldn't
|
||||
# be used.
|
||||
define SYSLINUX_BUILD_CMDS
|
||||
$(TARGET_MAKE_ENV) $(MAKE1) CC="$(HOSTCC) -idirafter $(HOST_DIR)/usr/include $(HOST_LDFLAGS)" \
|
||||
AR="$(HOSTAR)" $(SYSLINUX_EFI_ARGS) -C $(@D) $(SYSLINUX_TARGET)
|
||||
$(TARGET_MAKE_ENV) $(MAKE1) \
|
||||
CC="$(TARGET_CC)" \
|
||||
LD="$(TARGET_LD)" \
|
||||
NASM="$(HOST_DIR)/usr/bin/nasm" \
|
||||
CC_FOR_BUILD="$(HOSTCC)" \
|
||||
CFLAGS_FOR_BUILD="$(HOST_CFLAGS)" \
|
||||
LDFLAGS_FOR_BUILD="$(HOST_LDFLAGS)" \
|
||||
$(SYSLINUX_EFI_ARGS) -C $(@D) $(SYSLINUX_TARGET)
|
||||
endef
|
||||
|
||||
# While the actual bootloader is compiled for the target, several
|
||||
# utilities for installing the bootloader are meant for the host.
|
||||
# Repeat the target, otherwise syslinux will try to build everything
|
||||
# Repeat CC and AR, since syslinux really wants to check them at
|
||||
# install time
|
||||
# Repeat LD (and CC) as it happens that some binaries are linked at
|
||||
# install-time.
|
||||
define SYSLINUX_INSTALL_TARGET_CMDS
|
||||
$(TARGET_MAKE_ENV) $(MAKE1) CC="$(HOSTCC) -idirafter $(HOST_DIR)/usr/include $(HOST_LDFLAGS)" \
|
||||
AR="$(HOSTAR)" $(SYSLINUX_EFI_ARGS) INSTALLROOT=$(HOST_DIR) \
|
||||
$(TARGET_MAKE_ENV) $(MAKE1) $(SYSLINUX_EFI_ARGS) INSTALLROOT=$(HOST_DIR) \
|
||||
CC="$(TARGET_CC)" \
|
||||
LD="$(TARGET_LD)" \
|
||||
-C $(@D) $(SYSLINUX_TARGET) install
|
||||
endef
|
||||
|
||||
# That 'syslinux' binary is an installer actually built for the target.
|
||||
# However, buildroot makes no usage of it, so better delete it than have it
|
||||
# installed at the wrong place
|
||||
define SYSLINUX_POST_INSTALL_CLEANUP
|
||||
rm -rf $(HOST_DIR)/usr/bin/syslinux
|
||||
endef
|
||||
SYSLINUX_POST_INSTALL_TARGET_HOOKS += SYSLINUX_POST_INSTALL_CLEANUP
|
||||
|
||||
SYSLINUX_IMAGES-$(BR2_TARGET_SYSLINUX_ISOLINUX) += bios/core/isolinux.bin
|
||||
SYSLINUX_IMAGES-$(BR2_TARGET_SYSLINUX_PXELINUX) += bios/core/pxelinux.bin
|
||||
SYSLINUX_IMAGES-$(BR2_TARGET_SYSLINUX_MBR) += bios/mbr/mbr.bin
|
||||
|
||||
+1
-1
@@ -293,7 +293,7 @@ endif # UBOOT_BOARD_NAME
|
||||
else ifeq ($(BR2_TARGET_UBOOT_BUILD_SYSTEM_KCONFIG),y)
|
||||
ifeq ($(BR2_TARGET_UBOOT_USE_DEFCONFIG),y)
|
||||
ifeq ($(call qstrip,$(BR2_TARGET_UBOOT_BOARD_DEFCONFIG)),)
|
||||
$(error No board defconfig name specified, check your BR2_TARGET_UBOOT_DEFCONFIG setting)
|
||||
$(error No board defconfig name specified, check your BR2_TARGET_UBOOT_BOARD_DEFCONFIG setting)
|
||||
endif # qstrip BR2_TARGET_UBOOT_BOARD_DEFCONFIG
|
||||
endif # BR2_TARGET_UBOOT_USE_DEFCONFIG
|
||||
ifeq ($(BR2_TARGET_UBOOT_USE_CUSTOM_CONFIG),y)
|
||||
|
||||
@@ -1,2 +1,2 @@
|
||||
# Verified from http://ftp.isc.org/isc/bind9/9.11.0-P3/bind-9.11.0-P3.tar.gz.sha256.asc
|
||||
sha256 0feee0374bcbdee73a9d4277f3c5007622279572d520d7c27a4b64015d8ca9e9 bind-9.11.0-P3.tar.gz
|
||||
# Verified from http://ftp.isc.org/isc/bind9/9.11.0-P5/bind-9.11.0-P5.tar.gz.sha256.asc
|
||||
sha256 1e283f0567b484687dfd7b936e26c9af4f64043daf73cbd8f3eb1122c9fb71f5 bind-9.11.0-P5.tar.gz
|
||||
|
||||
@@ -4,7 +4,7 @@
|
||||
#
|
||||
################################################################################
|
||||
|
||||
BIND_VERSION = 9.11.0-P3
|
||||
BIND_VERSION = 9.11.0-P5
|
||||
BIND_SITE = ftp://ftp.isc.org/isc/bind9/$(BIND_VERSION)
|
||||
# bind does not support parallel builds.
|
||||
BIND_MAKE = $(MAKE1)
|
||||
@@ -29,7 +29,6 @@ BIND_CONF_OPTS = \
|
||||
--enable-epoll \
|
||||
--with-libtool \
|
||||
--with-gssapi=no \
|
||||
--enable-rrl \
|
||||
--enable-filter-aaaa
|
||||
|
||||
ifeq ($(BR2_PACKAGE_ZLIB),y)
|
||||
|
||||
@@ -1,2 +1,2 @@
|
||||
# Locally computed after checking signature
|
||||
sha256 897f92a87cda4b27b243f8149ce0ba7b7e71a2be8fb7994eb0a025e54cde18e9 dovecot-2.2.27.tar.gz
|
||||
sha256 ccfa9ffb7eb91e9e87c21c108324b911250c9ffa838bffb64b1caafadcb0f388 dovecot-2.2.29.1.tar.gz
|
||||
|
||||
@@ -5,7 +5,7 @@
|
||||
################################################################################
|
||||
|
||||
DOVECOT_VERSION_MAJOR = 2.2
|
||||
DOVECOT_VERSION = $(DOVECOT_VERSION_MAJOR).27
|
||||
DOVECOT_VERSION = $(DOVECOT_VERSION_MAJOR).29.1
|
||||
DOVECOT_SITE = http://www.dovecot.org/releases/$(DOVECOT_VERSION_MAJOR)
|
||||
DOVECOT_INSTALL_STAGING = YES
|
||||
DOVECOT_LICENSE = LGPLv2.1
|
||||
|
||||
@@ -0,0 +1,47 @@
|
||||
From f958c48ee431bef8d4d466b40c9cb2d4dbcb7791 Mon Sep 17 00:00:00 2001
|
||||
From: Werner Lemberg <wl@gnu.org>
|
||||
Date: Fri, 24 Mar 2017 09:15:10 +0100
|
||||
Subject: [PATCH] [psaux] Better protect `flex' handling.
|
||||
|
||||
Reported as
|
||||
|
||||
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=935
|
||||
|
||||
* src/psaux/t1decode.c (t1_decoder_parse_charstrings)
|
||||
<callothersubr>: Since there is not a single flex operator but a
|
||||
series of subroutine calls, malformed fonts can call arbitrary other
|
||||
operators after the start of a flex, possibly adding points. For
|
||||
this reason we have to check the available number of points before
|
||||
inserting a point.
|
||||
|
||||
Fixes CVE-2017-8105
|
||||
|
||||
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
|
||||
---
|
||||
diff --git a/src/psaux/t1decode.c b/src/psaux/t1decode.c
|
||||
index af7b465e..7dd45135 100644
|
||||
--- a/src/psaux/t1decode.c
|
||||
+++ b/src/psaux/t1decode.c
|
||||
@@ -780,10 +780,19 @@
|
||||
/* point without adding any point to the outline */
|
||||
idx = decoder->num_flex_vectors++;
|
||||
if ( idx > 0 && idx < 7 )
|
||||
+ {
|
||||
+ /* in malformed fonts it is possible to have other */
|
||||
+ /* opcodes in the middle of a flex (which don't */
|
||||
+ /* increase `num_flex_vectors'); we thus have to */
|
||||
+ /* check whether we can add a point */
|
||||
+ if ( FT_SET_ERROR( t1_builder_check_points( builder, 1 ) ) )
|
||||
+ goto Syntax_Error;
|
||||
+
|
||||
t1_builder_add_point( builder,
|
||||
x,
|
||||
y,
|
||||
(FT_Byte)( idx == 3 || idx == 6 ) );
|
||||
+ }
|
||||
}
|
||||
break;
|
||||
|
||||
--
|
||||
2.11.0
|
||||
|
||||
@@ -0,0 +1,35 @@
|
||||
From 3774fc08b502c3e685afca098b6e8a195aded6a0 Mon Sep 17 00:00:00 2001
|
||||
From: Werner Lemberg <wl@gnu.org>
|
||||
Date: Sun, 26 Mar 2017 08:32:09 +0200
|
||||
Subject: [PATCH] * src/psaux/psobjs.c (t1_builder_close_contour): Add safety
|
||||
guard.
|
||||
|
||||
Reported as
|
||||
|
||||
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=941
|
||||
|
||||
Fixes CVE-2017-8287
|
||||
|
||||
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
|
||||
diff --git a/src/psaux/psobjs.c b/src/psaux/psobjs.c
|
||||
index d18e821a..0baf8368 100644
|
||||
--- a/src/psaux/psobjs.c
|
||||
+++ b/src/psaux/psobjs.c
|
||||
@@ -1718,6 +1718,14 @@
|
||||
first = outline->n_contours <= 1
|
||||
? 0 : outline->contours[outline->n_contours - 2] + 1;
|
||||
|
||||
+ /* in malformed fonts it can happen that a contour was started */
|
||||
+ /* but no points were added */
|
||||
+ if ( outline->n_contours && first == outline->n_points )
|
||||
+ {
|
||||
+ outline->n_contours--;
|
||||
+ return;
|
||||
+ }
|
||||
+
|
||||
/* We must not include the last point in the path if it */
|
||||
/* is located on the first point. */
|
||||
if ( outline->n_points > 1 )
|
||||
--
|
||||
2.11.0
|
||||
|
||||
@@ -10,7 +10,7 @@ FREETYPE_SITE = http://download.savannah.gnu.org/releases/freetype
|
||||
FREETYPE_INSTALL_STAGING = YES
|
||||
FREETYPE_MAKE_OPTS = CCexe="$(HOSTCC)"
|
||||
FREETYPE_LICENSE = Dual FTL/GPLv2+
|
||||
FREETYPE_LICENSE_FILES = docs/FTL.TXT docs/GPLv2.TXT
|
||||
FREETYPE_LICENSE_FILES = docs/LICENSE.TXT docs/FTL.TXT docs/GPLv2.TXT
|
||||
FREETYPE_DEPENDENCIES = host-pkgconf
|
||||
FREETYPE_CONFIG_SCRIPTS = freetype-config
|
||||
|
||||
|
||||
@@ -0,0 +1,33 @@
|
||||
From 4f83478c88c2e05d6e8d79ca4557eb039354d2f3 Mon Sep 17 00:00:00 2001
|
||||
From: Chris Liddell <chris.liddell@artifex.com>
|
||||
Date: Thu, 27 Apr 2017 13:03:33 +0100
|
||||
Subject: [PATCH] Bug 697799: have .eqproc check its parameters
|
||||
|
||||
The Ghostscript custom operator .eqproc was not check the number or type of
|
||||
the parameters it was given.
|
||||
|
||||
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
|
||||
---
|
||||
psi/zmisc3.c | 6 ++++++
|
||||
1 file changed, 6 insertions(+)
|
||||
|
||||
diff --git a/psi/zmisc3.c b/psi/zmisc3.c
|
||||
index 54b304246..37293ff4b 100644
|
||||
--- a/psi/zmisc3.c
|
||||
+++ b/psi/zmisc3.c
|
||||
@@ -56,6 +56,12 @@ zeqproc(i_ctx_t *i_ctx_p)
|
||||
ref2_t stack[MAX_DEPTH + 1];
|
||||
ref2_t *top = stack;
|
||||
|
||||
+ if (ref_stack_count(&o_stack) < 2)
|
||||
+ return_error(gs_error_stackunderflow);
|
||||
+ if (!r_is_array(op - 1) || !r_is_array(op)) {
|
||||
+ return_error(gs_error_typecheck);
|
||||
+ }
|
||||
+
|
||||
make_array(&stack[0].proc1, 0, 1, op - 1);
|
||||
make_array(&stack[0].proc2, 0, 1, op);
|
||||
for (;;) {
|
||||
--
|
||||
2.11.0
|
||||
|
||||
@@ -0,0 +1,62 @@
|
||||
From 04b37bbce174eed24edec7ad5b920eb93db4d47d Mon Sep 17 00:00:00 2001
|
||||
From: Chris Liddell <chris.liddell@artifex.com>
|
||||
Date: Thu, 27 Apr 2017 13:21:31 +0100
|
||||
Subject: [PATCH] Bug 697799: have .rsdparams check its parameters
|
||||
|
||||
The Ghostscript internal operator .rsdparams wasn't checking the number or
|
||||
type of the operands it was being passed. Do so.
|
||||
|
||||
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
|
||||
---
|
||||
psi/zfrsd.c | 22 +++++++++++++++-------
|
||||
1 file changed, 15 insertions(+), 7 deletions(-)
|
||||
|
||||
diff --git a/psi/zfrsd.c b/psi/zfrsd.c
|
||||
index 191107d8a..950588d69 100644
|
||||
--- a/psi/zfrsd.c
|
||||
+++ b/psi/zfrsd.c
|
||||
@@ -49,13 +49,20 @@ zrsdparams(i_ctx_t *i_ctx_p)
|
||||
ref *pFilter;
|
||||
ref *pDecodeParms;
|
||||
int Intent = 0;
|
||||
- bool AsyncRead;
|
||||
+ bool AsyncRead = false;
|
||||
ref empty_array, filter1_array, parms1_array;
|
||||
uint i;
|
||||
- int code;
|
||||
+ int code = 0;
|
||||
+
|
||||
+ if (ref_stack_count(&o_stack) < 1)
|
||||
+ return_error(gs_error_stackunderflow);
|
||||
+ if (!r_has_type(op, t_dictionary) && !r_has_type(op, t_null)) {
|
||||
+ return_error(gs_error_typecheck);
|
||||
+ }
|
||||
|
||||
make_empty_array(&empty_array, a_readonly);
|
||||
- if (dict_find_string(op, "Filter", &pFilter) > 0) {
|
||||
+ if (r_has_type(op, t_dictionary)
|
||||
+ && dict_find_string(op, "Filter", &pFilter) > 0) {
|
||||
if (!r_is_array(pFilter)) {
|
||||
if (!r_has_type(pFilter, t_name))
|
||||
return_error(gs_error_typecheck);
|
||||
@@ -94,12 +101,13 @@ zrsdparams(i_ctx_t *i_ctx_p)
|
||||
return_error(gs_error_typecheck);
|
||||
}
|
||||
}
|
||||
- code = dict_int_param(op, "Intent", 0, 3, 0, &Intent);
|
||||
+ if (r_has_type(op, t_dictionary))
|
||||
+ code = dict_int_param(op, "Intent", 0, 3, 0, &Intent);
|
||||
if (code < 0 && code != gs_error_rangecheck) /* out-of-range int is ok, use 0 */
|
||||
return code;
|
||||
- if ((code = dict_bool_param(op, "AsyncRead", false, &AsyncRead)) < 0
|
||||
- )
|
||||
- return code;
|
||||
+ if (r_has_type(op, t_dictionary))
|
||||
+ if ((code = dict_bool_param(op, "AsyncRead", false, &AsyncRead)) < 0)
|
||||
+ return code;
|
||||
push(1);
|
||||
op[-1] = *pFilter;
|
||||
if (pDecodeParms)
|
||||
--
|
||||
2.11.0
|
||||
|
||||
@@ -0,0 +1,56 @@
|
||||
From dbb9ecfaac8db022292791936733e0841a0aa447 Mon Sep 17 00:00:00 2001
|
||||
From: Alexey Neyman <stilor@att.net>
|
||||
Date: Wed, 8 Feb 2017 16:00:57 -0200
|
||||
Subject: [PATCH] sh: Fix building with gcc5/6
|
||||
|
||||
Build glibc for sh4-unknown-linux-gnu currently fails if one's
|
||||
using GCC5/6: in dl-conflict.c, the elf_machine_rela() function
|
||||
is called with NULL as its 3rd argument, sym. The implementation
|
||||
of that function in sysdeps/sh/dl-machine.h dereferences that pointer:
|
||||
|
||||
const Elf32_Sym *const refsym = sym;
|
||||
...
|
||||
if (map == &GL(dl_rtld_map))
|
||||
value -= map->l_addr + refsym->st_value + reloc->r_addend;
|
||||
|
||||
GCC discovers a null pointer dereference, and in accordance with
|
||||
-fdelete-null-pointer-checks (which is enabled in -O2) replaces this
|
||||
code with a trap - which, as SH does not implement a trap pattern in
|
||||
GCC, evaluates to an abort() call. This abort() call pulls many more
|
||||
objects from libc_nonshared.a, eventually resulting in link failure
|
||||
due to multiple definitions for a number of symbols.
|
||||
|
||||
As far as I see, the conditional before this code is always false in
|
||||
rtld: _dl_resolve_conflicts() is called with main_map as the first
|
||||
argument, not GL(_dl_rtld_map), but since that call is in yet another
|
||||
compilation unit, GCC does not know about it. Patch that wraps this
|
||||
conditional into !defined RESOLVE_CONFLICT_FIND_MAP attached.
|
||||
|
||||
* sysdeps/sh/dl-machine.h (elf_machine_rela): The condition
|
||||
in R_SH_DIR32 case is always false when inlined from
|
||||
dl-conflict.c. Ifdef out to prevent GCC from insertin an
|
||||
abort() call.
|
||||
|
||||
[Waldemar: backport of
|
||||
https://sourceware.org/git/?p=glibc.git;a=commit;h=d40dbe722f004f999b589de776f7e57e564dda01.]
|
||||
Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
|
||||
---
|
||||
sysdeps/sh/dl-machine.h | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/sysdeps/sh/dl-machine.h b/sysdeps/sh/dl-machine.h
|
||||
index 5bb37d0..6509055 100644
|
||||
--- a/sysdeps/sh/dl-machine.h
|
||||
+++ b/sysdeps/sh/dl-machine.h
|
||||
@@ -389,7 +389,7 @@ elf_machine_rela (struct link_map *map, const Elf32_Rela *reloc,
|
||||
break;
|
||||
case R_SH_DIR32:
|
||||
{
|
||||
-#ifndef RTLD_BOOTSTRAP
|
||||
+#if !defined RTLD_BOOTSTRAP && !defined RESOLVE_CONFLICT_FIND_MAP
|
||||
/* This is defined in rtld.c, but nowhere in the static
|
||||
libc.a; make the reference weak so static programs can
|
||||
still link. This declaration cannot be done when
|
||||
--
|
||||
2.7.4
|
||||
|
||||
@@ -0,0 +1,56 @@
|
||||
From 98cadd4b9fa8e32d1d0dea8e46b5ba829af4e8a2 Mon Sep 17 00:00:00 2001
|
||||
From: Alexey Neyman <stilor@att.net>
|
||||
Date: Wed, 8 Feb 2017 16:00:57 -0200
|
||||
Subject: [PATCH] sh: Fix building with gcc5/6
|
||||
|
||||
Build glibc for sh4-unknown-linux-gnu currently fails if one's
|
||||
using GCC5/6: in dl-conflict.c, the elf_machine_rela() function
|
||||
is called with NULL as its 3rd argument, sym. The implementation
|
||||
of that function in sysdeps/sh/dl-machine.h dereferences that pointer:
|
||||
|
||||
const Elf32_Sym *const refsym = sym;
|
||||
...
|
||||
if (map == &GL(dl_rtld_map))
|
||||
value -= map->l_addr + refsym->st_value + reloc->r_addend;
|
||||
|
||||
GCC discovers a null pointer dereference, and in accordance with
|
||||
-fdelete-null-pointer-checks (which is enabled in -O2) replaces this
|
||||
code with a trap - which, as SH does not implement a trap pattern in
|
||||
GCC, evaluates to an abort() call. This abort() call pulls many more
|
||||
objects from libc_nonshared.a, eventually resulting in link failure
|
||||
due to multiple definitions for a number of symbols.
|
||||
|
||||
As far as I see, the conditional before this code is always false in
|
||||
rtld: _dl_resolve_conflicts() is called with main_map as the first
|
||||
argument, not GL(_dl_rtld_map), but since that call is in yet another
|
||||
compilation unit, GCC does not know about it. Patch that wraps this
|
||||
conditional into !defined RESOLVE_CONFLICT_FIND_MAP attached.
|
||||
|
||||
* sysdeps/sh/dl-machine.h (elf_machine_rela): The condition
|
||||
in R_SH_DIR32 case is always false when inlined from
|
||||
dl-conflict.c. Ifdef out to prevent GCC from insertin an
|
||||
abort() call.
|
||||
|
||||
[Waldemar: backport of
|
||||
https://sourceware.org/git/?p=glibc.git;a=commit;h=d40dbe722f004f999b589de776f7e57e564dda01.]
|
||||
Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
|
||||
---
|
||||
sysdeps/sh/dl-machine.h | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/sysdeps/sh/dl-machine.h b/sysdeps/sh/dl-machine.h
|
||||
index 5bb37d0..6509055 100644
|
||||
--- a/sysdeps/sh/dl-machine.h
|
||||
+++ b/sysdeps/sh/dl-machine.h
|
||||
@@ -389,7 +389,7 @@ elf_machine_rela (struct link_map *map, const Elf32_Rela *reloc,
|
||||
break;
|
||||
case R_SH_DIR32:
|
||||
{
|
||||
-#ifndef RTLD_BOOTSTRAP
|
||||
+#if !defined RTLD_BOOTSTRAP && !defined RESOLVE_CONFLICT_FIND_MAP
|
||||
/* This is defined in rtld.c, but nowhere in the static
|
||||
libc.a; make the reference weak so static programs can
|
||||
still link. This declaration cannot be done when
|
||||
--
|
||||
2.7.4
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
# From https://launchpad.net/granite/0.4/0.4.0.1/+download/granite-0.4.0.1.tar.xz/+md5
|
||||
md5 db41150ca6e77162392362686e848086 granite-0.3.1.tar.xz
|
||||
md5 db41150ca6e77162392362686e848086 granite-0.4.0.1.tar.xz
|
||||
# Calculated based on the hash above
|
||||
sha256 95a142a8befeedc35a089d638e759b657905508dc3007036d6c1fa3efe94c4dd granite-0.4.0.1.tar.xz
|
||||
|
||||
@@ -14,9 +14,9 @@ GST_PLUGINS_BASE_LICENSE_FILES = COPYING COPYING.LIB
|
||||
# freetype is only used by examples, but if it is not found
|
||||
# and the host has a freetype-config script, then the host
|
||||
# include dirs are added to the search path causing trouble
|
||||
GST_PLUGINS_BASE_CONF_ENV =
|
||||
FT2_CONFIG=/bin/false \
|
||||
ac_cv_header_stdint_t="stdint.h"
|
||||
GST_PLUGINS_BASE_CONF_ENV = \
|
||||
FT2_CONFIG=/bin/false \
|
||||
ac_cv_header_stdint_t="stdint.h"
|
||||
|
||||
GST_PLUGINS_BASE_CONF_OPTS = \
|
||||
--disable-examples \
|
||||
|
||||
@@ -11,13 +11,6 @@ GST1_PLUGINS_BASE_INSTALL_STAGING = YES
|
||||
GST1_PLUGINS_BASE_LICENSE_FILES = COPYING.LIB
|
||||
GST1_PLUGINS_BASE_LICENSE = LGPLv2+, LGPLv2.1+
|
||||
|
||||
# freetype is only used by examples, but if it is not found
|
||||
# and the host has a freetype-config script, then the host
|
||||
# include dirs are added to the search path causing trouble
|
||||
GST1_PLUGINS_BASE_CONF_ENV =
|
||||
FT2_CONFIG=/bin/false \
|
||||
ac_cv_header_stdint_t="stdint.h"
|
||||
|
||||
# gio_unix_2_0 is only used for tests
|
||||
GST1_PLUGINS_BASE_CONF_OPTS = \
|
||||
--disable-examples \
|
||||
|
||||
@@ -4,7 +4,8 @@
|
||||
#
|
||||
################################################################################
|
||||
|
||||
HIREDIS_VERSION = v0.13.3
|
||||
HIREDIS_VERSION_MAJOR = 0.13
|
||||
HIREDIS_VERSION = v$(HIREDIS_VERSION_MAJOR).3
|
||||
HIREDIS_SITE = $(call github,redis,hiredis,$(HIREDIS_VERSION))
|
||||
HIREDIS_LICENSE = BSD-3c
|
||||
HIREDIS_LICENSE_FILES = COPYING
|
||||
@@ -30,6 +31,26 @@ endef
|
||||
|
||||
HIREDIS_INCLUDE_DIR = $(STAGING_DIR)/usr/include/hiredis
|
||||
|
||||
ifeq ($(BR2_SHARED_LIBS),)
|
||||
define HIREDIS_INSTALL_STAGING_STATIC_LIB
|
||||
$(INSTALL) -D -m 0755 $(@D)/libhiredis.a \
|
||||
$(STAGING_DIR)/usr/lib/libhiredis.a
|
||||
endef
|
||||
endif
|
||||
|
||||
ifeq ($(BR2_STATIC_LIBS),)
|
||||
define HIREDIS_INSTALL_STAGING_SHARED_LIB
|
||||
$(INSTALL) -D -m 0755 $(@D)/libhiredis.so \
|
||||
$(STAGING_DIR)/usr/lib/libhiredis.so.$(HIREDIS_VERSION_MAJOR)
|
||||
ln -sf libhiredis.so.$(HIREDIS_VERSION_MAJOR) $(STAGING_DIR)/usr/lib/libhiredis.so
|
||||
endef
|
||||
define HIREDIS_INSTALL_TARGET_SHARED_LIB
|
||||
$(INSTALL) -D -m 0755 $(@D)/libhiredis.so \
|
||||
$(TARGET_DIR)/usr/lib/libhiredis.so.$(HIREDIS_VERSION_MAJOR)
|
||||
ln -sf libhiredis.so.$(HIREDIS_VERSION_MAJOR) $(TARGET_DIR)/usr/lib/libhiredis.so
|
||||
endef
|
||||
endif
|
||||
|
||||
# Do not call make install as this target will build shared and static libraries
|
||||
define HIREDIS_INSTALL_STAGING_CMDS
|
||||
mkdir -p $(HIREDIS_INCLUDE_DIR)
|
||||
@@ -37,12 +58,12 @@ define HIREDIS_INSTALL_STAGING_CMDS
|
||||
$(@D)/adapters $(HIREDIS_INCLUDE_DIR)
|
||||
$(INSTALL) -D -m 0644 $(@D)/hiredis.pc \
|
||||
$(STAGING_DIR)/usr/lib/pkgconfig/hiredis.pc
|
||||
$(INSTALL) -m 0644 -t $(STAGING_DIR)/usr/lib $(@D)/libhiredis*
|
||||
$(HIREDIS_INSTALL_STAGING_STATIC_LIB)
|
||||
$(HIREDIS_INSTALL_STAGING_SHARED_LIB)
|
||||
endef
|
||||
|
||||
define HIREDIS_INSTALL_TARGET_CMDS
|
||||
mkdir -p $(TARGET_DIR)/usr/lib
|
||||
$(INSTALL) -m 0644 -t $(TARGET_DIR)/usr/lib $(@D)/libhiredis*
|
||||
$(HIREDIS_INSTALL_TARGET_SHARED_LIB)
|
||||
endef
|
||||
|
||||
$(eval $(generic-package))
|
||||
|
||||
@@ -0,0 +1,173 @@
|
||||
ticket:12888 UText, problems with handling of bad UTF-8
|
||||
|
||||
Fixes:
|
||||
|
||||
CVE-2017-7867 - International Components for Unicode (ICU) for C/C++ before
|
||||
2017-02-13 has an out-of-bounds write caused by a heap-based buffer overflow
|
||||
related to the utf8TextAccess function in common/utext.cpp and the
|
||||
utext_setNativeIndex* function.
|
||||
|
||||
CVE-2017-7868 - International Components for Unicode (ICU) for C/C++ before
|
||||
2017-02-13 has an out-of-bounds write caused by a heap-based buffer overflow
|
||||
related to the utf8TextAccess function in common/utext.cpp and the
|
||||
utext_moveIndex32* function.
|
||||
|
||||
Upstream: http://bugs.icu-project.org/trac/changeset/39671
|
||||
|
||||
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
|
||||
|
||||
Index: /trunk/icu4c/source/common/utext.cpp
|
||||
===================================================================
|
||||
--- icu4c/source/common/utext.cpp (revision 39670)
|
||||
+++ icu4c/source/common/utext.cpp (revision 39671)
|
||||
@@ -848,7 +848,13 @@
|
||||
|
||||
// Chunk size.
|
||||
-// Must be less than 85, because of byte mapping from UChar indexes to native indexes.
|
||||
-// Worst case is three native bytes to one UChar. (Supplemenaries are 4 native bytes
|
||||
-// to two UChars.)
|
||||
+// Must be less than 42 (256/6), because of byte mapping from UChar indexes to native indexes.
|
||||
+// Worst case there are six UTF-8 bytes per UChar.
|
||||
+// obsolete 6 byte form fd + 5 trails maps to fffd
|
||||
+// obsolete 5 byte form fc + 4 trails maps to fffd
|
||||
+// non-shortest 4 byte forms maps to fffd
|
||||
+// normal supplementaries map to a pair of utf-16, two utf8 bytes per utf-16 unit
|
||||
+// mapToUChars array size must allow for the worst case, 6.
|
||||
+// This could be brought down to 4, by treating fd and fc as pure illegal,
|
||||
+// rather than obsolete lead bytes. But that is not compatible with the utf-8 access macros.
|
||||
//
|
||||
enum { UTF8_TEXT_CHUNK_SIZE=32 };
|
||||
@@ -890,5 +896,5 @@
|
||||
// one for a supplementary starting in the last normal position,
|
||||
// and one for an entry for the buffer limit position.
|
||||
- uint8_t mapToUChars[UTF8_TEXT_CHUNK_SIZE*3+6]; // Map native offset from bufNativeStart to
|
||||
+ uint8_t mapToUChars[UTF8_TEXT_CHUNK_SIZE*6+6]; // Map native offset from bufNativeStart to
|
||||
// correspoding offset in filled part of buf.
|
||||
int32_t align;
|
||||
@@ -1033,4 +1039,5 @@
|
||||
u8b = (UTF8Buf *)ut->p; // the current buffer
|
||||
mapIndex = ix - u8b->toUCharsMapStart;
|
||||
+ U_ASSERT(mapIndex < (int32_t)sizeof(UTF8Buf::mapToUChars));
|
||||
ut->chunkOffset = u8b->mapToUChars[mapIndex] - u8b->bufStartIdx;
|
||||
return TRUE;
|
||||
@@ -1299,4 +1306,8 @@
|
||||
// If index is at the end, there is no character there to look at.
|
||||
if (ix != ut->b) {
|
||||
+ // Note: this function will only move the index back if it is on a trail byte
|
||||
+ // and there is a preceding lead byte and the sequence from the lead
|
||||
+ // through this trail could be part of a valid UTF-8 sequence
|
||||
+ // Otherwise the index remains unchanged.
|
||||
U8_SET_CP_START(s8, 0, ix);
|
||||
}
|
||||
@@ -1312,5 +1323,8 @@
|
||||
uint8_t *mapToNative = u8b->mapToNative;
|
||||
uint8_t *mapToUChars = u8b->mapToUChars;
|
||||
- int32_t toUCharsMapStart = ix - (UTF8_TEXT_CHUNK_SIZE*3 + 1);
|
||||
+ int32_t toUCharsMapStart = ix - sizeof(UTF8Buf::mapToUChars) + 1;
|
||||
+ // Note that toUCharsMapStart can be negative. Happens when the remaining
|
||||
+ // text from current position to the beginning is less than the buffer size.
|
||||
+ // + 1 because mapToUChars must have a slot at the end for the bufNativeLimit entry.
|
||||
int32_t destIx = UTF8_TEXT_CHUNK_SIZE+2; // Start in the overflow region
|
||||
// at end of buffer to leave room
|
||||
@@ -1339,4 +1353,5 @@
|
||||
// Special case ASCII range for speed.
|
||||
buf[destIx] = (UChar)c;
|
||||
+ U_ASSERT(toUCharsMapStart <= srcIx);
|
||||
mapToUChars[srcIx - toUCharsMapStart] = (uint8_t)destIx;
|
||||
mapToNative[destIx] = (uint8_t)(srcIx - toUCharsMapStart);
|
||||
@@ -1368,4 +1383,5 @@
|
||||
mapToUChars[sIx-- - toUCharsMapStart] = (uint8_t)destIx;
|
||||
} while (sIx >= srcIx);
|
||||
+ U_ASSERT(toUCharsMapStart <= (srcIx+1));
|
||||
|
||||
// Set native indexing limit to be the current position.
|
||||
@@ -1542,4 +1558,5 @@
|
||||
U_ASSERT(index<=ut->chunkNativeLimit);
|
||||
int32_t mapIndex = index - u8b->toUCharsMapStart;
|
||||
+ U_ASSERT(mapIndex < (int32_t)sizeof(UTF8Buf::mapToUChars));
|
||||
int32_t offset = u8b->mapToUChars[mapIndex] - u8b->bufStartIdx;
|
||||
U_ASSERT(offset>=0 && offset<=ut->chunkLength);
|
||||
Index: /trunk/icu4c/source/test/intltest/utxttest.cpp
|
||||
===================================================================
|
||||
--- icu4c/source/test/intltest/utxttest.cpp (revision 39670)
|
||||
+++ icu4c/source/test/intltest/utxttest.cpp (revision 39671)
|
||||
@@ -68,4 +68,6 @@
|
||||
case 7: name = "Ticket12130";
|
||||
if (exec) Ticket12130(); break;
|
||||
+ case 8: name = "Ticket12888";
|
||||
+ if (exec) Ticket12888(); break;
|
||||
default: name = ""; break;
|
||||
}
|
||||
@@ -1584,2 +1586,62 @@
|
||||
utext_close(&ut);
|
||||
}
|
||||
+
|
||||
+// Ticket 12888: bad handling of illegal utf-8 containing many instances of the archaic, now illegal,
|
||||
+// six byte utf-8 forms. Original implementation had an assumption that
|
||||
+// there would be at most three utf-8 bytes per UTF-16 code unit.
|
||||
+// The five and six byte sequences map to a single replacement character.
|
||||
+
|
||||
+void UTextTest::Ticket12888() {
|
||||
+ const char *badString =
|
||||
+ "\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80"
|
||||
+ "\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80"
|
||||
+ "\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80"
|
||||
+ "\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80"
|
||||
+ "\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80"
|
||||
+ "\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80"
|
||||
+ "\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80"
|
||||
+ "\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80"
|
||||
+ "\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80"
|
||||
+ "\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80"
|
||||
+ "\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80"
|
||||
+ "\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80"
|
||||
+ "\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80"
|
||||
+ "\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80"
|
||||
+ "\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80"
|
||||
+ "\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80"
|
||||
+ "\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80"
|
||||
+ "\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80"
|
||||
+ "\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80"
|
||||
+ "\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80";
|
||||
+
|
||||
+ UErrorCode status = U_ZERO_ERROR;
|
||||
+ LocalUTextPointer ut(utext_openUTF8(NULL, badString, -1, &status));
|
||||
+ TEST_SUCCESS(status);
|
||||
+ for (;;) {
|
||||
+ UChar32 c = utext_next32(ut.getAlias());
|
||||
+ if (c == U_SENTINEL) {
|
||||
+ break;
|
||||
+ }
|
||||
+ }
|
||||
+ int32_t endIdx = utext_getNativeIndex(ut.getAlias());
|
||||
+ if (endIdx != (int32_t)strlen(badString)) {
|
||||
+ errln("%s:%d expected=%d, actual=%d", __FILE__, __LINE__, strlen(badString), endIdx);
|
||||
+ return;
|
||||
+ }
|
||||
+
|
||||
+ for (int32_t prevIndex = endIdx; prevIndex>0;) {
|
||||
+ UChar32 c = utext_previous32(ut.getAlias());
|
||||
+ int32_t currentIndex = utext_getNativeIndex(ut.getAlias());
|
||||
+ if (c != 0xfffd) {
|
||||
+ errln("%s:%d (expected, actual, index) = (%d, %d, %d)\n",
|
||||
+ __FILE__, __LINE__, 0xfffd, c, currentIndex);
|
||||
+ break;
|
||||
+ }
|
||||
+ if (currentIndex != prevIndex - 6) {
|
||||
+ errln("%s:%d: wrong index. Expected, actual = %d, %d",
|
||||
+ __FILE__, __LINE__, prevIndex - 6, currentIndex);
|
||||
+ break;
|
||||
+ }
|
||||
+ prevIndex = currentIndex;
|
||||
+ }
|
||||
+}
|
||||
Index: /trunk/icu4c/source/test/intltest/utxttest.h
|
||||
===================================================================
|
||||
--- icu4c/source/test/intltest/utxttest.h (revision 39670)
|
||||
+++ icu4c/source/test/intltest/utxttest.h (revision 39671)
|
||||
@@ -39,4 +39,5 @@
|
||||
void Ticket10983();
|
||||
void Ticket12130();
|
||||
+ void Ticket12888();
|
||||
|
||||
private:
|
||||
+1
-1
@@ -8,7 +8,7 @@ ICU_VERSION = 58.2
|
||||
ICU_SOURCE = icu4c-$(subst .,_,$(ICU_VERSION))-src.tgz
|
||||
ICU_SITE = http://download.icu-project.org/files/icu4c/$(ICU_VERSION)
|
||||
ICU_LICENSE = ICU License
|
||||
ICU_LICENSE_FILES = license.html
|
||||
ICU_LICENSE_FILES = LICENSE
|
||||
|
||||
ICU_DEPENDENCIES = host-icu
|
||||
ICU_INSTALL_STAGING = YES
|
||||
|
||||
@@ -0,0 +1,52 @@
|
||||
From b218117cad34d39b9ffb587b45c71c5a49b12bde Mon Sep 17 00:00:00 2001
|
||||
From: Cristy <urban-warrior@imagemagick.org>
|
||||
Date: Fri, 31 Mar 2017 15:24:33 -0400
|
||||
Subject: [PATCH] https://github.com/ImageMagick/ImageMagick/issues/415
|
||||
|
||||
Fixes CVE-2017-7606
|
||||
|
||||
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
|
||||
---
|
||||
coders/pnm.c | 2 +-
|
||||
coders/rle.c | 5 +++--
|
||||
2 files changed, 4 insertions(+), 3 deletions(-)
|
||||
|
||||
diff --git a/coders/pnm.c b/coders/pnm.c
|
||||
index 9a1221d79..c525ebb8f 100644
|
||||
--- a/coders/pnm.c
|
||||
+++ b/coders/pnm.c
|
||||
@@ -1979,7 +1979,7 @@ static MagickBooleanType WritePNMImage(const ImageInfo *image_info,Image *image,
|
||||
pixel=ScaleQuantumToChar(GetPixelRed(image,p));
|
||||
else
|
||||
pixel=ScaleQuantumToAny(GetPixelRed(image,p),
|
||||
- max_value);
|
||||
+ max_value);
|
||||
}
|
||||
q=PopCharPixel((unsigned char) pixel,q);
|
||||
p+=GetPixelChannels(image);
|
||||
diff --git a/coders/rle.c b/coders/rle.c
|
||||
index 2318901ec..ec071dc7b 100644
|
||||
--- a/coders/rle.c
|
||||
+++ b/coders/rle.c
|
||||
@@ -271,7 +271,8 @@ static Image *ReadRLEImage(const ImageInfo *image_info,ExceptionInfo *exception)
|
||||
p=colormap;
|
||||
for (i=0; i < (ssize_t) number_colormaps; i++)
|
||||
for (x=0; x < (ssize_t) map_length; x++)
|
||||
- *p++=(unsigned char) ScaleShortToQuantum(ReadBlobLSBShort(image));
|
||||
+ *p++=(unsigned char) ScaleQuantumToChar(ScaleShortToQuantum(
|
||||
+ ReadBlobLSBShort(image)));
|
||||
}
|
||||
if ((flags & 0x08) != 0)
|
||||
{
|
||||
@@ -476,7 +477,7 @@ static Image *ReadRLEImage(const ImageInfo *image_info,ExceptionInfo *exception)
|
||||
for (x=0; x < (ssize_t) number_planes; x++)
|
||||
{
|
||||
ValidateColormapValue(image,(size_t) (x*map_length+
|
||||
- (*p & mask)),&index,exception);
|
||||
+ (*p & mask)),&index,exception);
|
||||
*p=colormap[(ssize_t) index];
|
||||
p++;
|
||||
}
|
||||
--
|
||||
2.11.0
|
||||
|
||||
@@ -1,2 +1,2 @@
|
||||
# From http://www.imagemagick.org/download/releases/digest.rdf
|
||||
sha256 7362805eaa9f9b90cdb67a1f8762782bef4a42ca44939629aecad3c40305bf4c ImageMagick-7.0.5-0.tar.xz
|
||||
sha256 4a1dde5bdfec0fc549955a051be25b7ff96dfb192060997699e43c7ce0f06ab2 ImageMagick-7.0.5-4.tar.xz
|
||||
|
||||
@@ -4,7 +4,7 @@
|
||||
#
|
||||
################################################################################
|
||||
|
||||
IMAGEMAGICK_VERSION = 7.0.5-0
|
||||
IMAGEMAGICK_VERSION = 7.0.5-4
|
||||
IMAGEMAGICK_SOURCE = ImageMagick-$(IMAGEMAGICK_VERSION).tar.xz
|
||||
IMAGEMAGICK_SITE = http://www.imagemagick.org/download/releases
|
||||
IMAGEMAGICK_LICENSE = Apache-2.0
|
||||
|
||||
@@ -0,0 +1,62 @@
|
||||
From 898e3a8c8c0314d2e6b106809a8e3e93cf9d4394 Mon Sep 17 00:00:00 2001
|
||||
From: Ignacio Casal Quinteiro <qignacio@amazon.com>
|
||||
Date: Sun, 16 Apr 2017 13:13:43 +0200
|
||||
Subject: [PATCH] input: check end of input before reading a byte
|
||||
|
||||
Fixes CVE-2017-7960
|
||||
|
||||
When reading bytes we weren't check that the index wasn't
|
||||
out of bound and this could produce an invalid read which
|
||||
could deal to a security bug.
|
||||
|
||||
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
|
||||
---
|
||||
src/cr-input.c | 11 +++++++++--
|
||||
1 file changed, 9 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/src/cr-input.c b/src/cr-input.c
|
||||
index 49000b1..3b63a88 100644
|
||||
--- a/src/cr-input.c
|
||||
+++ b/src/cr-input.c
|
||||
@@ -256,7 +256,7 @@ cr_input_new_from_uri (const gchar * a_file_uri, enum CREncoding a_enc)
|
||||
*we should free buf here because it's own by CRInput.
|
||||
*(see the last parameter of cr_input_new_from_buf().
|
||||
*/
|
||||
- buf = NULL ;
|
||||
+ buf = NULL;
|
||||
}
|
||||
|
||||
cleanup:
|
||||
@@ -404,6 +404,8 @@ cr_input_get_nb_bytes_left (CRInput const * a_this)
|
||||
enum CRStatus
|
||||
cr_input_read_byte (CRInput * a_this, guchar * a_byte)
|
||||
{
|
||||
+ gulong nb_bytes_left = 0;
|
||||
+
|
||||
g_return_val_if_fail (a_this && PRIVATE (a_this)
|
||||
&& a_byte, CR_BAD_PARAM_ERROR);
|
||||
|
||||
@@ -413,6 +415,12 @@ cr_input_read_byte (CRInput * a_this, guchar * a_byte)
|
||||
if (PRIVATE (a_this)->end_of_input == TRUE)
|
||||
return CR_END_OF_INPUT_ERROR;
|
||||
|
||||
+ nb_bytes_left = cr_input_get_nb_bytes_left (a_this);
|
||||
+
|
||||
+ if (nb_bytes_left < 1) {
|
||||
+ return CR_END_OF_INPUT_ERROR;
|
||||
+ }
|
||||
+
|
||||
*a_byte = PRIVATE (a_this)->in_buf[PRIVATE (a_this)->next_byte_index];
|
||||
|
||||
if (PRIVATE (a_this)->nb_bytes -
|
||||
@@ -477,7 +485,6 @@ cr_input_read_char (CRInput * a_this, guint32 * a_char)
|
||||
if (*a_char == '\n') {
|
||||
PRIVATE (a_this)->end_of_line = TRUE;
|
||||
}
|
||||
-
|
||||
}
|
||||
|
||||
return status;
|
||||
--
|
||||
2.11.0
|
||||
|
||||
@@ -0,0 +1,46 @@
|
||||
From 9ad72875e9f08e4c519ef63d44cdbd94aa9504f7 Mon Sep 17 00:00:00 2001
|
||||
From: Ignacio Casal Quinteiro <qignacio@amazon.com>
|
||||
Date: Sun, 16 Apr 2017 13:56:09 +0200
|
||||
Subject: [PATCH] tknzr: support only max long rgb values
|
||||
|
||||
Fixes CVE-2017-7961
|
||||
|
||||
This fixes a possible out of bound when reading rgbs which
|
||||
are longer than the support MAXLONG
|
||||
|
||||
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
|
||||
---
|
||||
src/cr-tknzr.c | 10 ++++++++++
|
||||
1 file changed, 10 insertions(+)
|
||||
|
||||
diff --git a/src/cr-tknzr.c b/src/cr-tknzr.c
|
||||
index 1a7cfeb..1548c35 100644
|
||||
--- a/src/cr-tknzr.c
|
||||
+++ b/src/cr-tknzr.c
|
||||
@@ -1279,6 +1279,11 @@ cr_tknzr_parse_rgb (CRTknzr * a_this, CRRgb ** a_rgb)
|
||||
status = cr_tknzr_parse_num (a_this, &num);
|
||||
ENSURE_PARSING_COND ((status == CR_OK) && (num != NULL));
|
||||
|
||||
+ if (num->val > G_MAXLONG) {
|
||||
+ status = CR_PARSING_ERROR;
|
||||
+ goto error;
|
||||
+ }
|
||||
+
|
||||
red = num->val;
|
||||
cr_num_destroy (num);
|
||||
num = NULL;
|
||||
@@ -1298,6 +1303,11 @@ cr_tknzr_parse_rgb (CRTknzr * a_this, CRRgb ** a_rgb)
|
||||
status = cr_tknzr_parse_num (a_this, &num);
|
||||
ENSURE_PARSING_COND ((status == CR_OK) && (num != NULL));
|
||||
|
||||
+ if (num->val > G_MAXLONG) {
|
||||
+ status = CR_PARSING_ERROR;
|
||||
+ goto error;
|
||||
+ }
|
||||
+
|
||||
PEEK_BYTE (a_this, 1, &next_bytes[0]);
|
||||
if (next_bytes[0] == '%') {
|
||||
SKIP_CHARS (a_this, 1);
|
||||
--
|
||||
2.11.0
|
||||
|
||||
@@ -1,2 +1,2 @@
|
||||
# Locally calculated after checking pgp signature
|
||||
sha256 b2345a8bef87b4c229dedf637cb203b5e21db05e20277c8e1094f0d4da180801 curl-7.53.0.tar.bz2
|
||||
sha256 f50ebaf43c507fa7cc32be4b8108fa8bbd0f5022e90794388f3c7694a302ff06 curl-7.54.0.tar.bz2
|
||||
|
||||
@@ -4,7 +4,7 @@
|
||||
#
|
||||
################################################################################
|
||||
|
||||
LIBCURL_VERSION = 7.53.0
|
||||
LIBCURL_VERSION = 7.54.0
|
||||
LIBCURL_SOURCE = curl-$(LIBCURL_VERSION).tar.bz2
|
||||
LIBCURL_SITE = https://curl.haxx.se/download
|
||||
LIBCURL_DEPENDENCIES = host-pkgconf \
|
||||
|
||||
@@ -1,2 +1,3 @@
|
||||
# From https://github.com/thom311/libnl/releases/download/libnl3_2_27/libnl-3.2.27.tar.gz.sha256sum
|
||||
sha256 4bbbf92b3c78a90f423cf96260bf419a28b75db8cced47051217a56795f58ec6 libnl-3.2.27.tar.gz
|
||||
sha256 b7bb929194eefc56c786a7e1ae5176b54713f9013ccec63760f232742ae80361 3e18948f17148e6a3c4255bdeaaf01ef6081ceeb.patch
|
||||
|
||||
@@ -11,6 +11,8 @@ LIBNL_LICENSE_FILES = COPYING
|
||||
LIBNL_INSTALL_STAGING = YES
|
||||
LIBNL_DEPENDENCIES = host-bison host-flex
|
||||
|
||||
LIBNL_PATCH = https://github.com/thom311/libnl/commit/3e18948f17148e6a3c4255bdeaaf01ef6081ceeb.patch
|
||||
|
||||
ifeq ($(BR2_PACKAGE_LIBNL_TOOLS),y)
|
||||
LIBNL_CONF_OPTS += --enable-cli
|
||||
else
|
||||
|
||||
@@ -3,14 +3,15 @@ Add Nios-II support
|
||||
[Gustavo: update for nspr 4.10.9]
|
||||
Signed-off-by: Ezequiel Garcia <ezequiel@vanguardiasur.com.ar>
|
||||
|
||||
diff -Nura nspr-4.10.9.orig/nspr/pr/include/md/_linux.cfg nspr-4.10.9/nspr/pr/include/md/_linux.cfg
|
||||
--- nspr-4.10.9.orig/nspr/pr/include/md/_linux.cfg 2015-10-03 08:11:43.229387215 -0300
|
||||
+++ nspr-4.10.9/nspr/pr/include/md/_linux.cfg 2015-10-03 08:11:55.277798841 -0300
|
||||
Index: b/nspr/pr/include/md/_linux.cfg
|
||||
===================================================================
|
||||
--- a/nspr/pr/include/md/_linux.cfg
|
||||
+++ b/nspr/pr/include/md/_linux.cfg
|
||||
@@ -1017,6 +1017,51 @@
|
||||
#define PR_BYTES_PER_WORD_LOG2 2
|
||||
#define PR_BYTES_PER_DWORD_LOG2 3
|
||||
|
||||
+#elif defined(nios2)
|
||||
+#elif defined(__nios2__)
|
||||
+
|
||||
+#define IS_LITTLE_ENDIAN 1
|
||||
+#undef IS_BIG_ENDIAN
|
||||
@@ -58,14 +59,15 @@ diff -Nura nspr-4.10.9.orig/nspr/pr/include/md/_linux.cfg nspr-4.10.9/nspr/pr/in
|
||||
#else
|
||||
|
||||
#error "Unknown CPU architecture"
|
||||
diff -Nura nspr-4.10.9.orig/nspr/pr/include/md/_linux.h nspr-4.10.9/nspr/pr/include/md/_linux.h
|
||||
--- nspr-4.10.9.orig/nspr/pr/include/md/_linux.h 2015-10-03 08:11:43.229387215 -0300
|
||||
+++ nspr-4.10.9/nspr/pr/include/md/_linux.h 2015-10-03 08:12:22.474728003 -0300
|
||||
Index: b/nspr/pr/include/md/_linux.h
|
||||
===================================================================
|
||||
--- a/nspr/pr/include/md/_linux.h
|
||||
+++ b/nspr/pr/include/md/_linux.h
|
||||
@@ -57,6 +57,8 @@
|
||||
#define _PR_SI_ARCHITECTURE "m32r"
|
||||
#elif defined(__or1k__)
|
||||
#define _PR_SI_ARCHITECTURE "or1k"
|
||||
+#elif defined(nios2)
|
||||
+#elif defined(__nios2__)
|
||||
+#define _PR_SI_ARCHITECTURE "nios2"
|
||||
#else
|
||||
#error "Unknown CPU architecture"
|
||||
|
||||
@@ -3,9 +3,10 @@ Add Microblaze support
|
||||
[Gustavo: update for nspr 4.10.9]
|
||||
Signed-off-by: Spenser Gilliland <spenser@gillilanding.com>
|
||||
|
||||
diff -Nura nspr-4.10.9.orig/nspr/pr/include/md/_linux.cfg nspr-4.10.9/nspr/pr/include/md/_linux.cfg
|
||||
--- nspr-4.10.9.orig/nspr/pr/include/md/_linux.cfg 2015-10-03 08:13:11.845414714 -0300
|
||||
+++ nspr-4.10.9/nspr/pr/include/md/_linux.cfg 2015-10-03 08:13:20.435708195 -0300
|
||||
Index: b/nspr/pr/include/md/_linux.cfg
|
||||
===================================================================
|
||||
--- a/nspr/pr/include/md/_linux.cfg
|
||||
+++ b/nspr/pr/include/md/_linux.cfg
|
||||
@@ -1062,6 +1062,56 @@
|
||||
#define PR_BYTES_PER_WORD_LOG2 2
|
||||
#define PR_BYTES_PER_DWORD_LOG2 3
|
||||
@@ -63,18 +64,16 @@ diff -Nura nspr-4.10.9.orig/nspr/pr/include/md/_linux.cfg nspr-4.10.9/nspr/pr/in
|
||||
#else
|
||||
|
||||
#error "Unknown CPU architecture"
|
||||
diff -Nura nspr-4.10.9.orig/nspr/pr/include/md/_linux.h nspr-4.10.9/nspr/pr/include/md/_linux.h
|
||||
--- nspr-4.10.9.orig/nspr/pr/include/md/_linux.h 2015-10-03 08:13:11.845414714 -0300
|
||||
+++ nspr-4.10.9/nspr/pr/include/md/_linux.h 2015-10-03 08:14:53.351882603 -0300
|
||||
@@ -57,8 +57,11 @@
|
||||
Index: b/nspr/pr/include/md/_linux.h
|
||||
===================================================================
|
||||
--- a/nspr/pr/include/md/_linux.h
|
||||
+++ b/nspr/pr/include/md/_linux.h
|
||||
@@ -57,6 +57,8 @@
|
||||
#define _PR_SI_ARCHITECTURE "m32r"
|
||||
#elif defined(__or1k__)
|
||||
#define _PR_SI_ARCHITECTURE "or1k"
|
||||
+#elif defined(__microblaze__)
|
||||
+#define _PR_SI_ARCHITECTURE "microblaze"
|
||||
#elif defined(nios2)
|
||||
#elif defined(__nios2__)
|
||||
#define _PR_SI_ARCHITECTURE "nios2"
|
||||
+#elif defined(nios2)
|
||||
#else
|
||||
#error "Unknown CPU architecture"
|
||||
#endif
|
||||
|
||||
@@ -1,2 +1,2 @@
|
||||
# From https://ftp.mozilla.org/pub/mozilla.org/nspr/releases/v4.13.1/src/SHA256SUMS
|
||||
sha256 5e4c1751339a76e7c772c0c04747488d7f8c98980b434dc846977e43117833ab nspr-4.13.1.tar.gz
|
||||
# From https://ftp.mozilla.org/pub/nspr/releases/v4.14/src/SHA256SUMS
|
||||
sha256 64fc18826257403a9132240aa3c45193d577a84b08e96f7e7770a97c074d17d5 nspr-4.14.tar.gz
|
||||
|
||||
@@ -4,7 +4,7 @@
|
||||
#
|
||||
################################################################################
|
||||
|
||||
LIBNSPR_VERSION = 4.13.1
|
||||
LIBNSPR_VERSION = 4.14
|
||||
LIBNSPR_SOURCE = nspr-$(LIBNSPR_VERSION).tar.gz
|
||||
LIBNSPR_SITE = https://ftp.mozilla.org/pub/mozilla.org/nspr/releases/v$(LIBNSPR_VERSION)/src
|
||||
LIBNSPR_SUBDIR = nspr
|
||||
|
||||
@@ -1,48 +0,0 @@
|
||||
This patch allows us to set a value for the cross compiler via TARGETCC without
|
||||
setting CC on the command line. CC is used for host tools as well as cross
|
||||
compiled code so we cannot define it on the command line without breaking
|
||||
the host tools build.
|
||||
|
||||
[Gustavo: update for nss 3.16.1]
|
||||
[baruch: add OPTIMIZER handling]
|
||||
Signed-off-by: Will Newton <will.newton@imgtec.com>
|
||||
|
||||
diff -Nuar nss-3.16.1-orig/nss/coreconf/Linux.mk nss-3.16.1/nss/coreconf/Linux.mk
|
||||
--- nss-3.16.1-orig/nss/coreconf/Linux.mk 2014-05-02 06:27:18.000000000 +0300
|
||||
+++ nss-3.16.1/nss/coreconf/Linux.mk 2014-07-01 02:38:18.701480512 +0300
|
||||
@@ -16,9 +16,13 @@
|
||||
IMPL_STRATEGY = _PTH
|
||||
endif
|
||||
|
||||
-CC = gcc
|
||||
-CCC = g++
|
||||
-RANLIB = ranlib
|
||||
+TARGETCC = gcc
|
||||
+TARGETCCC = g++
|
||||
+TARGETRANLIB = ranlib
|
||||
+
|
||||
+CC = $(TARGETCC)
|
||||
+CCC = $(TARGETCCC)
|
||||
+RANLIB = $(TARGETRANLIB)
|
||||
|
||||
DEFAULT_COMPILER = gcc
|
||||
|
||||
@@ -125,6 +129,7 @@
|
||||
endif
|
||||
endif
|
||||
|
||||
+OPTIMIZER = $(TARGET_OPTIMIZER)
|
||||
|
||||
ifeq ($(USE_PTHREADS),1)
|
||||
OS_PTHREAD = -lpthread
|
||||
diff -Nuar nss-3.16.1-orig/nss/coreconf/nsinstall/Makefile nss-3.16.1/nss/coreconf/nsinstall/Makefile
|
||||
--- nss-3.16.1-orig/nss/coreconf/nsinstall/Makefile 2014-05-02 06:27:18.000000000 +0300
|
||||
+++ nss-3.16.1/nss/coreconf/nsinstall/Makefile 2014-07-01 02:38:48.102185011 +0300
|
||||
@@ -31,6 +31,7 @@
|
||||
|
||||
ifdef NATIVE_FLAGS
|
||||
OS_CFLAGS=$(NATIVE_FLAGS)
|
||||
+OPTIMIZER=
|
||||
endif
|
||||
|
||||
include $(DEPTH)/coreconf/rules.mk
|
||||
@@ -1,24 +0,0 @@
|
||||
# HG changeset patch
|
||||
# User catdesk <catdesk@tuta.io>
|
||||
# Date 1477710600 -7200
|
||||
# Sat Oct 29 05:10:00 2016 +0200
|
||||
# Node ID b9ef971b94ab110302d49255339077bc1b4aed7f
|
||||
# Parent eb8c96563cd70aa69d48b01516085f7d2fb46178
|
||||
Bug 1313846 - Declare 'it = NULL' earlier. r=franziskus
|
||||
|
||||
[Thomas: patch taken from upstream mercurial repository, revision
|
||||
12791.]
|
||||
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
|
||||
|
||||
diff -r eb8c96563cd7 -r b9ef971b94ab lib/jar/jarfile.c
|
||||
--- a/nss/lib/jar/jarfile.c Mon Oct 31 17:31:20 2016 +0100
|
||||
+++ b/nss/lib/jar/jarfile.c Sat Oct 29 05:10:00 2016 +0200
|
||||
@@ -657,7 +657,7 @@
|
||||
jar_listzip(JAR *jar, JAR_FILE fp)
|
||||
{
|
||||
ZZLink *ent;
|
||||
- JAR_Item *it;
|
||||
+ JAR_Item *it = NULL;
|
||||
JAR_Physical *phy = NULL;
|
||||
struct ZipLocal *Local = PORT_ZNew(struct ZipLocal);
|
||||
struct ZipCentral *Central = PORT_ZNew(struct ZipCentral);
|
||||
@@ -1,2 +1,2 @@
|
||||
# From https://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_27_2_RTM/src/SHA256SUMS
|
||||
sha256 dc8ac8524469d0230274fd13a53fdcd74efe4aa67205dde1a4a92be87dc28524 nss-3.27.2.tar.gz
|
||||
# From https://ftp.mozilla.org/pub/security/nss/releases/NSS_3_30_2_RTM/src/SHA256SUMS
|
||||
sha256 0d4a77ff26bcee79fa8afe0125e0df6ae9e798b6b36782fa29e28febf7cfce24 nss-3.30.2.tar.gz
|
||||
|
||||
@@ -4,7 +4,7 @@
|
||||
#
|
||||
################################################################################
|
||||
|
||||
LIBNSS_VERSION = 3.27.2
|
||||
LIBNSS_VERSION = 3.30.2
|
||||
LIBNSS_SOURCE = nss-$(LIBNSS_VERSION).tar.gz
|
||||
LIBNSS_SITE = https://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_$(subst .,_,$(LIBNSS_VERSION))_RTM/src
|
||||
LIBNSS_DISTDIR = dist
|
||||
@@ -33,9 +33,6 @@ LIBNSS_BUILD_VARS = \
|
||||
NSS_USE_SYSTEM_SQLITE=1 \
|
||||
NSS_ENABLE_ECC=1 \
|
||||
NATIVE_CC="$(HOSTCC)" \
|
||||
TARGETCC="$(TARGET_CC)" \
|
||||
TARGETCCC="$(TARGET_CXX)" \
|
||||
TARGETRANLIB="$(TARGET_RANLIB)" \
|
||||
OS_ARCH="Linux" \
|
||||
OS_RELEASE="2.6" \
|
||||
OS_TEST="$(ARCH)"
|
||||
@@ -55,17 +52,16 @@ endif
|
||||
endif
|
||||
|
||||
define LIBNSS_BUILD_CMDS
|
||||
$(TARGET_MAKE_ENV) $(MAKE1) -C $(@D)/nss coreconf \
|
||||
$(TARGET_CONFIGURE_OPTS) $(MAKE1) -C $(@D)/nss coreconf \
|
||||
SOURCE_MD_DIR=$(@D)/$(LIBNSS_DISTDIR) \
|
||||
DIST=$(@D)/$(LIBNSS_DISTDIR) \
|
||||
CHECKLOC= \
|
||||
$(LIBNSS_BUILD_VARS)
|
||||
$(TARGET_MAKE_ENV) $(MAKE1) -C $(@D)/nss lib/dbm all \
|
||||
$(TARGET_CONFIGURE_OPTS) $(MAKE1) -C $(@D)/nss lib/dbm all \
|
||||
SOURCE_MD_DIR=$(@D)/$(LIBNSS_DISTDIR) \
|
||||
DIST=$(@D)/$(LIBNSS_DISTDIR) \
|
||||
CHECKLOC= \
|
||||
$(LIBNSS_BUILD_VARS) TARGET_OPTIMIZER="$(TARGET_CFLAGS)" \
|
||||
NATIVE_FLAGS="$(HOST_CFLAGS)"
|
||||
$(LIBNSS_BUILD_VARS) NATIVE_FLAGS="$(HOST_CFLAGS)"
|
||||
endef
|
||||
|
||||
define LIBNSS_INSTALL_STAGING_CMDS
|
||||
|
||||
@@ -1,2 +1,2 @@
|
||||
# Locally calculated after checking pgp signature
|
||||
sha256 93b54bdf46d5e6d2354b7034395fe329c222a966790de34520702bb9642f1c06 libsamplerate-0.1.8.tar.gz
|
||||
sha256 0a7eb168e2f21353fb6d84da152e4512126f7dc48ccb0be80578c565413444c1 libsamplerate-0.1.9.tar.gz
|
||||
|
||||
@@ -4,12 +4,12 @@
|
||||
#
|
||||
################################################################################
|
||||
|
||||
LIBSAMPLERATE_VERSION = 0.1.8
|
||||
LIBSAMPLERATE_VERSION = 0.1.9
|
||||
LIBSAMPLERATE_SITE = http://www.mega-nerd.com/SRC
|
||||
LIBSAMPLERATE_INSTALL_STAGING = YES
|
||||
LIBSAMPLERATE_DEPENDENCIES = host-pkgconf
|
||||
LIBSAMPLERATE_CONF_OPTS = --disable-fftw --program-transform-name=''
|
||||
LIBSAMPLERATE_LICENSE = Dual GPLv2+ / libsamplerate commercial use license
|
||||
LIBSAMPLERATE_LICENSE = BSD-2c
|
||||
LIBSAMPLERATE_LICENSE_FILES = COPYING
|
||||
|
||||
ifeq ($(BR2_PACKAGE_LIBSNDFILE),y)
|
||||
|
||||
@@ -1,17 +0,0 @@
|
||||
---
|
||||
Makefile.in | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
Index: libsndfile-1.0.18/Makefile.in
|
||||
===================================================================
|
||||
--- libsndfile-1.0.18.orig/Makefile.in
|
||||
+++ libsndfile-1.0.18/Makefile.in
|
||||
@@ -260,7 +260,7 @@
|
||||
top_srcdir = @top_srcdir@
|
||||
DISTCHECK_CONFIGURE_FLAGS = --enable-gcc-werror
|
||||
@BUILD_OCTAVE_MOD_TRUE@octave_dir = Octave
|
||||
-SUBDIRS = M4 man doc Win32 src $(octave_dir) examples regtest tests programs
|
||||
+SUBDIRS = src
|
||||
DIST_SUBDIRS = M4 man doc Win32 src Octave examples regtest tests programs
|
||||
EXTRA_DIST = libsndfile.spec.in sndfile.pc.in Mingw-make-dist.sh
|
||||
pkgconfigdir = $(libdir)/pkgconfig
|
||||
@@ -1,2 +1,2 @@
|
||||
# Locally calculated after checking pgp signature
|
||||
sha256 a391952f27f4a92ceb2b4c06493ac107896ed6c76be9a613a4731f076d30fac0 libsndfile-1.0.27.tar.gz
|
||||
sha256 1ff33929f042fa333aed1e8923aa628c3ee9e1eb85512686c55092d1e5a9dfa9 libsndfile-1.0.28.tar.gz
|
||||
|
||||
@@ -4,7 +4,7 @@
|
||||
#
|
||||
################################################################################
|
||||
|
||||
LIBSNDFILE_VERSION = 1.0.27
|
||||
LIBSNDFILE_VERSION = 1.0.28
|
||||
LIBSNDFILE_SITE = http://www.mega-nerd.com/libsndfile/files
|
||||
LIBSNDFILE_INSTALL_STAGING = YES
|
||||
LIBSNDFILE_LICENSE = LGPLv2.1+
|
||||
@@ -13,6 +13,7 @@ LIBSNDFILE_LICENSE_FILES = COPYING
|
||||
LIBSNDFILE_CONF_OPTS = \
|
||||
--disable-sqlite \
|
||||
--disable-alsa \
|
||||
--disable-external-libs
|
||||
--disable-external-libs \
|
||||
--disable-full-suite
|
||||
|
||||
$(eval $(autotools-package))
|
||||
|
||||
@@ -15,7 +15,7 @@ config BR2_PACKAGE_LIBUNWIND_ARCH_SUPPORTS
|
||||
BR2_mips64el || BR2_powerpc || BR2_sh || BR2_i386 || BR2_x86_64)
|
||||
default y if BR2_TOOLCHAIN_USES_UCLIBC && \
|
||||
(((BR2_arm || BR2_armeb) && BR2_ARM_CPU_HAS_ARM) || \
|
||||
BR2_i386 || BR2_mips || BR2_mipsel || \
|
||||
BR2_mips || BR2_mipsel || \
|
||||
BR2_mips64 || BR2_mips64el || BR2_x86_64)
|
||||
default y if BR2_TOOLCHAIN_USES_MUSL && \
|
||||
(((BR2_arm || BR2_armeb) && BR2_ARM_CPU_HAS_ARM) || \
|
||||
|
||||
@@ -214,15 +214,15 @@ endchoice
|
||||
|
||||
config BR2_DEFAULT_KERNEL_HEADERS
|
||||
string
|
||||
default "3.2.87" if BR2_KERNEL_HEADERS_3_2
|
||||
default "3.2.88" if BR2_KERNEL_HEADERS_3_2
|
||||
default "3.4.113" if BR2_KERNEL_HEADERS_3_4
|
||||
default "3.10.105" if BR2_KERNEL_HEADERS_3_10
|
||||
default "3.12.72" if BR2_KERNEL_HEADERS_3_12
|
||||
default "3.18.48" if BR2_KERNEL_HEADERS_3_18
|
||||
default "3.12.73" if BR2_KERNEL_HEADERS_3_12
|
||||
default "3.18.51" if BR2_KERNEL_HEADERS_3_18
|
||||
default "3.19.8" if BR2_KERNEL_HEADERS_3_19
|
||||
default "4.0.9" if BR2_KERNEL_HEADERS_4_0
|
||||
default "4.1.39" if BR2_KERNEL_HEADERS_4_1
|
||||
default "4.4.59" if BR2_KERNEL_HEADERS_4_4
|
||||
default "4.4.65" if BR2_KERNEL_HEADERS_4_4
|
||||
default "4.8.17" if BR2_KERNEL_HEADERS_4_8
|
||||
default "4.9.20" if BR2_KERNEL_HEADERS_4_9
|
||||
default "4.9.25" if BR2_KERNEL_HEADERS_4_9
|
||||
default BR2_DEFAULT_KERNEL_VERSION if BR2_KERNEL_HEADERS_VERSION
|
||||
|
||||
@@ -1,2 +1,2 @@
|
||||
# Locally calculated
|
||||
sha256 9ac3a663b82f4f5df64114b4792b9926b536c85f59de0f2d2b321c7626a904f4 minicom-2.7.tar.gz
|
||||
sha256 532f836b7a677eb0cb1dca8d70302b73729c3d30df26d58368d712e5cca041f1 minicom-2.7.1.tar.gz
|
||||
|
||||
@@ -4,8 +4,8 @@
|
||||
#
|
||||
################################################################################
|
||||
|
||||
MINICOM_VERSION = 2.7
|
||||
MINICOM_SITE = https://alioth.debian.org/frs/download.php/file/3977
|
||||
MINICOM_VERSION = 2.7.1
|
||||
MINICOM_SITE = https://alioth.debian.org/frs/download.php/file/4215
|
||||
MINICOM_LICENSE = GPLv2+
|
||||
MINICOM_LICENSE_FILES = COPYING
|
||||
|
||||
|
||||
@@ -0,0 +1,22 @@
|
||||
Fixes musl build error
|
||||
|
||||
loader/ldt_keeper.o: In function `Setup_LDT_Keeper':
|
||||
ldt_keeper.c:(.text+0xab): undefined reference to `modify_ldt'
|
||||
|
||||
Downloaded from
|
||||
https://github.com/dimkr/rlsd2/blob/master/rules/mplayer/musl.patch
|
||||
|
||||
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
|
||||
|
||||
diff -rup MPlayer-1.1.1-orig/loader/ldt_keeper.c MPlayer-1.1.1/loader/ldt_keeper.c
|
||||
--- MPlayer-1.1.1-orig/loader/ldt_keeper.c 2015-04-23 15:07:09.580805888 +0300
|
||||
+++ MPlayer-1.1.1/loader/ldt_keeper.c 2015-04-23 15:08:07.736807270 +0300
|
||||
@@ -47,7 +47,7 @@
|
||||
#if defined(__GLIBC__) && (__GLIBC__ < 2 || (__GLIBC__ == 2 && __GLIBC_MINOR__ == 0))
|
||||
_syscall3( int, modify_ldt, int, func, void *, ptr, unsigned long, bytecount );
|
||||
#else
|
||||
-int modify_ldt(int func, void *ptr, unsigned long bytecount);
|
||||
+#define modify_ldt(func, ptr, bytecount) syscall(__NR_modify_ldt, func, ptr, bytecount)
|
||||
#endif
|
||||
#else
|
||||
#if defined(__NetBSD__) || defined(__FreeBSD__) || defined(__OpenBSD__) || defined(__DragonFly__)
|
||||
@@ -0,0 +1,77 @@
|
||||
fix compilation failure with MMX
|
||||
|
||||
Fixes
|
||||
libmpcodecs/vf_fspp.c: In function 'column_fidct_c':
|
||||
libmpcodecs/vf_fspp.c:750:5: error: unknown type name 'int_simd16_t'
|
||||
libmpcodecs/vf_fspp.c:751:5: error: unknown type name 'int_simd16_t'
|
||||
libmpcodecs/vf_fspp.c:752:5: error: unknown type name 'int_simd16_t'
|
||||
libmpcodecs/vf_fspp.c:753:5: error: unknown type name 'int_simd16_t'
|
||||
libmpcodecs/vf_fspp.c:789:18: error: 'FIX_0_707106781' undeclared (first use in this function)
|
||||
libmpcodecs/vf_fspp.c:789:18: note: each undeclared identifier is reported only once for each function it appears in
|
||||
libmpcodecs/vf_fspp.c:804:21: error: 'FIX_1_414213562_A' undeclared (first use in this function)
|
||||
libmpcodecs/vf_fspp.c:817:18: error: 'FIX_0_382683433' undeclared (first use in this function)
|
||||
libmpcodecs/vf_fspp.c:818:18: error: 'FIX_0_541196100' undeclared (first use in this function)
|
||||
libmpcodecs/vf_fspp.c:819:18: error: 'FIX_1_306562965' undeclared (first use in this function)
|
||||
libmpcodecs/vf_fspp.c:844:21: error: 'FIX_1_414213562' undeclared (first use in this function)
|
||||
libmpcodecs/vf_fspp.c:845:21: error: 'FIX_1_847759065' undeclared (first use in this function)
|
||||
libmpcodecs/vf_fspp.c:846:21: error: 'FIX_1_082392200' undeclared (first use in this function)
|
||||
libmpcodecs/vf_fspp.c:847:21: error: 'FIX_2_613125930' undeclared (first use in this function)
|
||||
|
||||
found using this defconfig after fixing the original bug:
|
||||
http://autobuild.buildroot.net/results/642/6422adeef19ec547c7bc3f8ad3b0d51702015240/
|
||||
|
||||
Downloaded from upstream mailinglist:
|
||||
http://lists.mplayerhq.hu/pipermail/mplayer-dev-eng/2016-May/073488.html
|
||||
|
||||
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
|
||||
|
||||
diff -uNr MPlayer-1.3.0.org/libmpcodecs/vf_fspp.c MPlayer-1.3.0/libmpcodecs/vf_fspp.c
|
||||
--- MPlayer-1.3.0.org/libmpcodecs/vf_fspp.c 2015-10-17 21:44:31.000000000 +0200
|
||||
+++ MPlayer-1.3.0/libmpcodecs/vf_fspp.c 2017-04-10 21:26:57.771819064 +0200
|
||||
@@ -173,7 +173,6 @@
|
||||
#define store_slice_s store_slice_c
|
||||
#define store_slice2_s store_slice2_c
|
||||
#define mul_thrmat_s mul_thrmat_c
|
||||
-#define column_fidct_s column_fidct_c
|
||||
#define row_idct_s row_idct_c
|
||||
#define row_fdct_s row_fdct_c
|
||||
|
||||
@@ -393,7 +392,6 @@
|
||||
);
|
||||
}
|
||||
|
||||
-static void column_fidct_mmx(int16_t* thr_adr, int16_t *data, int16_t *output, int cnt);
|
||||
static void row_idct_mmx(int16_t* workspace,
|
||||
int16_t* output_adr, int output_stride, int cnt);
|
||||
static void row_fdct_mmx(int16_t *data, const uint8_t *pixels, int line_size, int cnt);
|
||||
@@ -401,11 +399,18 @@
|
||||
#define store_slice_s store_slice_mmx
|
||||
#define store_slice2_s store_slice2_mmx
|
||||
#define mul_thrmat_s mul_thrmat_mmx
|
||||
-#define column_fidct_s column_fidct_mmx
|
||||
#define row_idct_s row_idct_mmx
|
||||
#define row_fdct_s row_fdct_mmx
|
||||
#endif // HAVE_MMX_INLINE
|
||||
|
||||
+#if !HAVE_MMXEXT_INLINE
|
||||
+static void column_fidct_c(int16_t* thr_adr, int16_t *data, int16_t *output, int cnt);
|
||||
+#define column_fidct_s column_fidct_c
|
||||
+#else
|
||||
+static void column_fidct_mmx(int16_t* thr_adr, int16_t *data, int16_t *output, int cnt);
|
||||
+#define column_fidct_s column_fidct_mmx
|
||||
+#endif
|
||||
+
|
||||
static void filter(struct vf_priv_s *p, uint8_t *dst, uint8_t *src,
|
||||
int dst_stride, int src_stride,
|
||||
int width, int height,
|
||||
@@ -728,7 +733,9 @@
|
||||
DECLARE_ASM_CONST(8, uint64_t, MM_DESCALE_RND)=C64(4);
|
||||
DECLARE_ASM_CONST(8, uint64_t, MM_2)=C64(2);
|
||||
|
||||
-#else /* !HAVE_MMXEXT_INLINE */
|
||||
+#endif /* !HAVE_MMX_INLINE */
|
||||
+
|
||||
+#if !HAVE_MMX_INLINE || !HAVE_MMXEXT_INLINE
|
||||
|
||||
typedef int32_t int_simd16_t;
|
||||
static const int16_t FIX_0_382683433=FIX(0.382683433, 14);
|
||||
@@ -303,9 +303,9 @@ MPLAYER_CONF_OPTS += \
|
||||
endif
|
||||
|
||||
ifeq ($(BR2_X86_CPU_HAS_SSE),y)
|
||||
MPLAYER_CONF_OPTS += --enable-sse
|
||||
MPLAYER_CONF_OPTS += --enable-mmxext --enable-sse
|
||||
else
|
||||
MPLAYER_CONF_OPTS += --disable-sse
|
||||
MPLAYER_CONF_OPTS += --disable-mmxext --disable-sse
|
||||
endif
|
||||
|
||||
ifeq ($(BR2_X86_CPU_HAS_SSE2),y)
|
||||
|
||||
@@ -23,6 +23,7 @@ MPV_CONF_OPTS = \
|
||||
--disable-cdda \
|
||||
--disable-cocoa \
|
||||
--disable-coreaudio \
|
||||
--disable-cuda-hwaccel \
|
||||
--disable-libv4l2 \
|
||||
--disable-opensles \
|
||||
--disable-rpi \
|
||||
|
||||
@@ -28,11 +28,6 @@ NCURSES_CONF_OPTS = \
|
||||
$(if $(BR2_PACKAGE_NCURSES_TARGET_PROGS),,--without-progs) \
|
||||
--without-manpages
|
||||
|
||||
# Install after busybox for the full-blown versions
|
||||
ifeq ($(BR2_PACKAGE_BUSYBOX),y)
|
||||
NCURSES_DEPENDENCIES += busybox
|
||||
endif
|
||||
|
||||
ifeq ($(BR2_STATIC_LIBS),y)
|
||||
NCURSES_CONF_OPTS += --without-shared --with-normal
|
||||
else ifeq ($(BR2_SHARED_LIBS),y)
|
||||
|
||||
@@ -43,7 +43,7 @@ config BR2_PACKAGE_NODEJS_V8_ARCH_SUPPORTS
|
||||
|
||||
config BR2_PACKAGE_NODEJS_VERSION_STRING
|
||||
string
|
||||
default "6.9.4" if BR2_PACKAGE_NODEJS_V8_ARCH_SUPPORTS
|
||||
default "6.10.2" if BR2_PACKAGE_NODEJS_V8_ARCH_SUPPORTS
|
||||
default "0.10.48"
|
||||
|
||||
config BR2_PACKAGE_NODEJS_NPM
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
# From upstream URL: http://nodejs.org/dist/v0.10.48/SHASUMS256.txt
|
||||
sha256 365a93d9acc076a0d93f087d269f376abeebccad599a9dab72f2f6ed96c8ae6e node-v0.10.48.tar.xz
|
||||
|
||||
# From upstream URL: http://nodejs.org/dist/v6.9.4/SHASUMS256.txt
|
||||
sha256 c51d7c61db40455d57428abcadc7eb0f0a08a8878cb1d8ea3c1e211c54532c35 node-v6.9.4.tar.xz
|
||||
# From upstream URL: http://nodejs.org/dist/v6.10.2/SHASUMS256.txt
|
||||
sha256 80aa11333da99813973a99646e2113c6be5b63f665c0731ed14ecb94cbe846b6 node-v6.10.2.tar.xz
|
||||
|
||||
@@ -28,6 +28,7 @@ PKG_PYTHON_DISTUTILS_ENV = \
|
||||
LDFLAGS="$(TARGET_LDFLAGS)" \
|
||||
LDSHARED="$(TARGET_CROSS)gcc -shared" \
|
||||
PYTHONPATH="$(if $(BR2_PACKAGE_PYTHON3),$(PYTHON3_PATH),$(PYTHON_PATH))" \
|
||||
PYTHONNOUSERSITE=1 \
|
||||
_python_sysroot=$(STAGING_DIR) \
|
||||
_python_prefix=/usr \
|
||||
_python_exec_prefix=/usr
|
||||
@@ -43,7 +44,8 @@ PKG_PYTHON_DISTUTILS_INSTALL_STAGING_OPTS = \
|
||||
|
||||
# Host distutils-based packages
|
||||
HOST_PKG_PYTHON_DISTUTILS_ENV = \
|
||||
PATH=$(BR_PATH)
|
||||
PATH=$(BR_PATH) \
|
||||
PYTHONNOUSERSITE=1
|
||||
|
||||
HOST_PKG_PYTHON_DISTUTILS_INSTALL_OPTS = \
|
||||
--prefix=$(HOST_DIR)/usr
|
||||
@@ -52,6 +54,7 @@ HOST_PKG_PYTHON_DISTUTILS_INSTALL_OPTS = \
|
||||
PKG_PYTHON_SETUPTOOLS_ENV = \
|
||||
PATH=$(BR_PATH) \
|
||||
PYTHONPATH="$(if $(BR2_PACKAGE_PYTHON3),$(PYTHON3_PATH),$(PYTHON_PATH))" \
|
||||
PYTHONNOUSERSITE=1 \
|
||||
_python_sysroot=$(STAGING_DIR) \
|
||||
_python_prefix=/usr \
|
||||
_python_exec_prefix=/usr
|
||||
@@ -70,7 +73,8 @@ PKG_PYTHON_SETUPTOOLS_INSTALL_STAGING_OPTS = \
|
||||
|
||||
# Host setuptools-based packages
|
||||
HOST_PKG_PYTHON_SETUPTOOLS_ENV = \
|
||||
PATH=$(BR_PATH)
|
||||
PATH=$(BR_PATH) \
|
||||
PYTHONNOUSERSITE=1
|
||||
|
||||
HOST_PKG_PYTHON_SETUPTOOLS_INSTALL_OPTS = \
|
||||
--prefix=$(HOST_DIR)/usr
|
||||
|
||||
@@ -1,3 +1,3 @@
|
||||
# md5 from https://pypi.python.org/pypi/django/json, sha256 locally computed
|
||||
md5 5342e77374b2acd2eafa86d2bb68f8c9 Django-1.10.2.tar.gz
|
||||
sha256 e127f12a0bfb34843b6e8c82f91e26fff6445a7ca91d222c0794174cf97cbce1 Django-1.10.2.tar.gz
|
||||
md5 693dfeabad62c561cb205900d32c2a98 Django-1.10.7.tar.gz
|
||||
sha256 593d779dbc2350a245c4f76d26bdcad58a39895e87304fe6d725bbdf84b5b0b8 Django-1.10.7.tar.gz
|
||||
|
||||
@@ -4,10 +4,10 @@
|
||||
#
|
||||
################################################################################
|
||||
|
||||
PYTHON_DJANGO_VERSION = 1.10.2
|
||||
PYTHON_DJANGO_VERSION = 1.10.7
|
||||
PYTHON_DJANGO_SOURCE = Django-$(PYTHON_DJANGO_VERSION).tar.gz
|
||||
# The official Django site has an unpractical URL
|
||||
PYTHON_DJANGO_SITE = https://pypi.python.org/packages/57/9e/59444485f092b6ed4f1931e7d2e13b67fdab967c041d02f58a0d1dab8c23
|
||||
PYTHON_DJANGO_SITE = https://pypi.python.org/packages/15/b4/d4bb7313e02386bd23a60e1eb5670321313fb67289c6f36ec43bce747aff
|
||||
PYTHON_DJANGO_LICENSE = BSD-3c
|
||||
PYTHON_DJANGO_LICENSE_FILES = LICENSE
|
||||
PYTHON_DJANGO_SETUP_TYPE = setuptools
|
||||
|
||||
@@ -8,7 +8,7 @@ PYTHON_PYYAML_VERSION = 3.12
|
||||
PYTHON_PYYAML_SOURCE = PyYAML-$(PYTHON_PYYAML_VERSION).tar.gz
|
||||
PYTHON_PYYAML_SITE = https://pypi.python.org/packages/4a/85/db5a2df477072b2902b0eb892feb37d88ac635d36245a72a6a69b23b383a
|
||||
PYTHON_PYYAML_SETUP_TYPE = distutils
|
||||
PYTHON_PYYAML_LICENSE = Python software foundation license v2
|
||||
PYTHON_PYYAML_LICENSE = MIT
|
||||
PYTHON_PYYAML_LICENSE_FILES = LICENSE
|
||||
PYTHON_PYYAML_DEPENDENCIES = libyaml
|
||||
|
||||
|
||||
@@ -1,2 +1,2 @@
|
||||
# sha256 locally computed
|
||||
sha256 7e22a5624d8d2909e165110f0bec6b43ee36ff6834d689f4027e06dece662031 python-web2py-R-2.12.3.tar.gz
|
||||
sha256 6079aeaa352ec51e0da5e6abc71fa74cdb3a781e06a311b5826618624362a7b2 python-web2py-R-2.14.6.tar.gz
|
||||
|
||||
@@ -4,7 +4,7 @@
|
||||
#
|
||||
################################################################################
|
||||
|
||||
PYTHON_WEB2PY_VERSION = R-2.12.3
|
||||
PYTHON_WEB2PY_VERSION = R-2.14.6
|
||||
PYTHON_WEB2PY_SITE = $(call github,web2py,web2py,$(PYTHON_WEB2PY_VERSION))
|
||||
PYTHON_WEB2PY_LICENSE = LGPLv3
|
||||
PYTHON_WEB2PY_LICENSE_FILES = LICENSE
|
||||
|
||||
@@ -1,2 +1,2 @@
|
||||
# Locally calculated
|
||||
sha256 ac70f09af80639d8189e1b9bc0a554841ee44df2b1ef58e7e682ad5400fd9400 samba-4.5.7.tar.gz
|
||||
sha256 f63b656d8823a280c50c9dbd6b692816cd7a88adfe9b47997ce697fd75bf81f0 samba-4.5.8.tar.gz
|
||||
|
||||
@@ -4,7 +4,7 @@
|
||||
#
|
||||
################################################################################
|
||||
|
||||
SAMBA4_VERSION = 4.5.7
|
||||
SAMBA4_VERSION = 4.5.8
|
||||
SAMBA4_SITE = https://download.samba.org/pub/samba/stable
|
||||
SAMBA4_SOURCE = samba-$(SAMBA4_VERSION).tar.gz
|
||||
SAMBA4_INSTALL_STAGING = YES
|
||||
|
||||
@@ -22,6 +22,7 @@ menuconfig BR2_PACKAGE_SYSTEMD
|
||||
select BR2_PACKAGE_UTIL_LINUX_BINARIES
|
||||
select BR2_PACKAGE_UTIL_LINUX_MOUNT
|
||||
select BR2_PACKAGE_UTIL_LINUX_NOLOGIN
|
||||
select BR2_PACKAGE_UTIL_LINUX_FSCK
|
||||
select BR2_PACKAGE_KMOD
|
||||
select BR2_PACKAGE_BUSYBOX_SHOW_OTHERS # kmod-tools
|
||||
select BR2_PACKAGE_KMOD_TOOLS
|
||||
@@ -61,6 +62,11 @@ menuconfig BR2_PACKAGE_SYSTEMD
|
||||
- libgcrypt package will add support for journal sealing and
|
||||
DNSSEC verification in resolved.
|
||||
|
||||
Notice that systemd selects the fsck wrapper from util-linux
|
||||
but no particular fsck.<fstype> is selected. You must choose
|
||||
the apropriate ones (e.g. e2fsck, from the e2fsprogs package)
|
||||
according to the system configuration.
|
||||
|
||||
http://freedesktop.org/wiki/Software/systemd
|
||||
|
||||
if BR2_PACKAGE_SYSTEMD
|
||||
|
||||
@@ -0,0 +1,46 @@
|
||||
From 438274f938e046d33cb0e1230b41da32ffe223e1 Mon Sep 17 00:00:00 2001
|
||||
From: erouault <erouault>
|
||||
Date: Fri, 2 Dec 2016 21:56:56 +0000
|
||||
Subject: [PATCH] * libtiff/tif_read.c, libtiff/tiffiop.h: fix uint32 overflow
|
||||
in TIFFReadEncodedStrip() that caused an integer division by zero. Reported
|
||||
by Agostino Sarubbo. Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2596
|
||||
|
||||
Fixes CVE-2016-10266
|
||||
|
||||
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
|
||||
---
|
||||
libtiff/tif_read.c | 2 +-
|
||||
libtiff/tiffiop.h | 4 ++++
|
||||
2 files changed, 12 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/libtiff/tif_read.c b/libtiff/tif_read.c
|
||||
index c26c55f4..52bbf507 100644
|
||||
--- a/libtiff/tif_read.c
|
||||
+++ b/libtiff/tif_read.c
|
||||
@@ -346,7 +346,7 @@ TIFFReadEncodedStrip(TIFF* tif, uint32 strip, void* buf, tmsize_t size)
|
||||
rowsperstrip=td->td_rowsperstrip;
|
||||
if (rowsperstrip>td->td_imagelength)
|
||||
rowsperstrip=td->td_imagelength;
|
||||
- stripsperplane=((td->td_imagelength+rowsperstrip-1)/rowsperstrip);
|
||||
+ stripsperplane= TIFFhowmany_32_maxuint_compat(td->td_imagelength, rowsperstrip);
|
||||
stripinplane=(strip%stripsperplane);
|
||||
plane=(uint16)(strip/stripsperplane);
|
||||
rows=td->td_imagelength-stripinplane*rowsperstrip;
|
||||
diff --git a/libtiff/tiffiop.h b/libtiff/tiffiop.h
|
||||
index ffbb647b..cb59460a 100644
|
||||
--- a/libtiff/tiffiop.h
|
||||
+++ b/libtiff/tiffiop.h
|
||||
@@ -250,6 +250,10 @@ struct tiff {
|
||||
#define TIFFhowmany_32(x, y) (((uint32)x < (0xffffffff - (uint32)(y-1))) ? \
|
||||
((((uint32)(x))+(((uint32)(y))-1))/((uint32)(y))) : \
|
||||
0U)
|
||||
+/* Variant of TIFFhowmany_32() that doesn't return 0 if x close to MAXUINT. */
|
||||
+/* Caution: TIFFhowmany_32_maxuint_compat(x,y)*y might overflow */
|
||||
+#define TIFFhowmany_32_maxuint_compat(x, y) \
|
||||
+ (((uint32)(x) / (uint32)(y)) + ((((uint32)(x) % (uint32)(y)) != 0) ? 1 : 0))
|
||||
#define TIFFhowmany8_32(x) (((x)&0x07)?((uint32)(x)>>3)+1:(uint32)(x)>>3)
|
||||
#define TIFFroundup_32(x, y) (TIFFhowmany_32(x,y)*(y))
|
||||
#define TIFFhowmany_64(x, y) ((((uint64)(x))+(((uint64)(y))-1))/((uint64)(y)))
|
||||
--
|
||||
2.11.0
|
||||
|
||||
@@ -0,0 +1,53 @@
|
||||
From 43bc256d8ae44b92d2734a3c5bc73957a4d7c1ec Mon Sep 17 00:00:00 2001
|
||||
From: erouault <erouault>
|
||||
Date: Sat, 3 Dec 2016 11:15:18 +0000
|
||||
Subject: [PATCH] * libtiff/tif_ojpeg.c: make OJPEGDecode() early exit in case
|
||||
of failure in OJPEGPreDecode(). This will avoid a divide by zero, and
|
||||
potential other issues. Reported by Agostino Sarubbo. Fixes
|
||||
http://bugzilla.maptools.org/show_bug.cgi?id=2611
|
||||
|
||||
Fixes CVE-2016-10267
|
||||
|
||||
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
|
||||
---
|
||||
libtiff/tif_ojpeg.c | 8 ++++++++
|
||||
1 files changed, 15 insertions(+)
|
||||
|
||||
diff --git a/libtiff/tif_ojpeg.c b/libtiff/tif_ojpeg.c
|
||||
index 1ccc3f9b..f19e8fd0 100644
|
||||
--- a/libtiff/tif_ojpeg.c
|
||||
+++ b/libtiff/tif_ojpeg.c
|
||||
@@ -244,6 +244,7 @@ typedef enum {
|
||||
|
||||
typedef struct {
|
||||
TIFF* tif;
|
||||
+ int decoder_ok;
|
||||
#ifndef LIBJPEG_ENCAP_EXTERNAL
|
||||
JMP_BUF exit_jmpbuf;
|
||||
#endif
|
||||
@@ -722,6 +723,7 @@ OJPEGPreDecode(TIFF* tif, uint16 s)
|
||||
}
|
||||
sp->write_curstrile++;
|
||||
}
|
||||
+ sp->decoder_ok = 1;
|
||||
return(1);
|
||||
}
|
||||
|
||||
@@ -784,8 +786,14 @@ OJPEGPreDecodeSkipScanlines(TIFF* tif)
|
||||
static int
|
||||
OJPEGDecode(TIFF* tif, uint8* buf, tmsize_t cc, uint16 s)
|
||||
{
|
||||
+ static const char module[]="OJPEGDecode";
|
||||
OJPEGState* sp=(OJPEGState*)tif->tif_data;
|
||||
(void)s;
|
||||
+ if( !sp->decoder_ok )
|
||||
+ {
|
||||
+ TIFFErrorExt(tif->tif_clientdata,module,"Cannot decode: decoder not correctly initialized");
|
||||
+ return 0;
|
||||
+ }
|
||||
if (sp->libjpeg_jpeg_query_style==0)
|
||||
{
|
||||
if (OJPEGDecodeRaw(tif,buf,cc)==0)
|
||||
--
|
||||
2.11.0
|
||||
|
||||
@@ -0,0 +1,110 @@
|
||||
From 1044b43637fa7f70fb19b93593777b78bd20da86 Mon Sep 17 00:00:00 2001
|
||||
From: erouault <erouault>
|
||||
Date: Fri, 2 Dec 2016 23:05:51 +0000
|
||||
Subject: [PATCH] * libtiff/tif_pixarlog.c, libtiff/tif_luv.c: fix heap-based
|
||||
buffer overflow on generation of PixarLog / LUV compressed files, with
|
||||
ColorMap, TransferFunction attached and nasty plays with bitspersample. The
|
||||
fix for LUV has not been tested, but suffers from the same kind of issue of
|
||||
PixarLog. Reported by Agostino Sarubbo. Fixes
|
||||
http://bugzilla.maptools.org/show_bug.cgi?id=2604
|
||||
|
||||
Fixes CVE-2016-10269
|
||||
|
||||
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
|
||||
---
|
||||
libtiff/tif_luv.c | 18 ++++++++++++++----
|
||||
libtiff/tif_pixarlog.c | 17 +++++++++++++++--
|
||||
2 files changed, 39 insertions(+), 6 deletions(-)
|
||||
|
||||
diff --git a/libtiff/tif_luv.c b/libtiff/tif_luv.c
|
||||
index f68a9b13..e6783db5 100644
|
||||
--- a/libtiff/tif_luv.c
|
||||
+++ b/libtiff/tif_luv.c
|
||||
@@ -158,6 +158,7 @@
|
||||
typedef struct logLuvState LogLuvState;
|
||||
|
||||
struct logLuvState {
|
||||
+ int encoder_state; /* 1 if encoder correctly initialized */
|
||||
int user_datafmt; /* user data format */
|
||||
int encode_meth; /* encoding method */
|
||||
int pixel_size; /* bytes per pixel */
|
||||
@@ -1552,6 +1553,7 @@ LogLuvSetupEncode(TIFF* tif)
|
||||
td->td_photometric, "must be either LogLUV or LogL");
|
||||
break;
|
||||
}
|
||||
+ sp->encoder_state = 1;
|
||||
return (1);
|
||||
notsupported:
|
||||
TIFFErrorExt(tif->tif_clientdata, module,
|
||||
@@ -1563,19 +1565,27 @@ notsupported:
|
||||
static void
|
||||
LogLuvClose(TIFF* tif)
|
||||
{
|
||||
+ LogLuvState* sp = (LogLuvState*) tif->tif_data;
|
||||
TIFFDirectory *td = &tif->tif_dir;
|
||||
|
||||
+ assert(sp != 0);
|
||||
/*
|
||||
* For consistency, we always want to write out the same
|
||||
* bitspersample and sampleformat for our TIFF file,
|
||||
* regardless of the data format being used by the application.
|
||||
* Since this routine is called after tags have been set but
|
||||
* before they have been recorded in the file, we reset them here.
|
||||
+ * Note: this is really a nasty approach. See PixarLogClose
|
||||
*/
|
||||
- td->td_samplesperpixel =
|
||||
- (td->td_photometric == PHOTOMETRIC_LOGL) ? 1 : 3;
|
||||
- td->td_bitspersample = 16;
|
||||
- td->td_sampleformat = SAMPLEFORMAT_INT;
|
||||
+ if( sp->encoder_state )
|
||||
+ {
|
||||
+ /* See PixarLogClose. Might avoid issues with tags whose size depends
|
||||
+ * on those below, but not completely sure this is enough. */
|
||||
+ td->td_samplesperpixel =
|
||||
+ (td->td_photometric == PHOTOMETRIC_LOGL) ? 1 : 3;
|
||||
+ td->td_bitspersample = 16;
|
||||
+ td->td_sampleformat = SAMPLEFORMAT_INT;
|
||||
+ }
|
||||
}
|
||||
|
||||
static void
|
||||
diff --git a/libtiff/tif_pixarlog.c b/libtiff/tif_pixarlog.c
|
||||
index d1246c3d..aa99bc92 100644
|
||||
--- a/libtiff/tif_pixarlog.c
|
||||
+++ b/libtiff/tif_pixarlog.c
|
||||
@@ -1233,8 +1233,10 @@ PixarLogPostEncode(TIFF* tif)
|
||||
static void
|
||||
PixarLogClose(TIFF* tif)
|
||||
{
|
||||
+ PixarLogState* sp = (PixarLogState*) tif->tif_data;
|
||||
TIFFDirectory *td = &tif->tif_dir;
|
||||
|
||||
+ assert(sp != 0);
|
||||
/* In a really sneaky (and really incorrect, and untruthful, and
|
||||
* troublesome, and error-prone) maneuver that completely goes against
|
||||
* the spirit of TIFF, and breaks TIFF, on close, we covertly
|
||||
@@ -1243,8 +1245,19 @@ PixarLogClose(TIFF* tif)
|
||||
* readers that don't know about PixarLog, or how to set
|
||||
* the PIXARLOGDATFMT pseudo-tag.
|
||||
*/
|
||||
- td->td_bitspersample = 8;
|
||||
- td->td_sampleformat = SAMPLEFORMAT_UINT;
|
||||
+
|
||||
+ if (sp->state&PLSTATE_INIT) {
|
||||
+ /* We test the state to avoid an issue such as in
|
||||
+ * http://bugzilla.maptools.org/show_bug.cgi?id=2604
|
||||
+ * What appends in that case is that the bitspersample is 1 and
|
||||
+ * a TransferFunction is set. The size of the TransferFunction
|
||||
+ * depends on 1<<bitspersample. So if we increase it, an access
|
||||
+ * out of the buffer will happen at directory flushing.
|
||||
+ * Another option would be to clear those targs.
|
||||
+ */
|
||||
+ td->td_bitspersample = 8;
|
||||
+ td->td_sampleformat = SAMPLEFORMAT_UINT;
|
||||
+ }
|
||||
}
|
||||
|
||||
static void
|
||||
--
|
||||
2.11.0
|
||||
|
||||
@@ -0,0 +1,107 @@
|
||||
From 9a72a69e035ee70ff5c41541c8c61cd97990d018 Mon Sep 17 00:00:00 2001
|
||||
From: erouault <erouault>
|
||||
Date: Sat, 3 Dec 2016 11:02:15 +0000
|
||||
Subject: [PATCH] * libtiff/tif_dirread.c: modify
|
||||
ChopUpSingleUncompressedStrip() to instanciate compute ntrips as
|
||||
TIFFhowmany_32(td->td_imagelength, rowsperstrip), instead of a logic based on
|
||||
the total size of data. Which is faulty is the total size of data is not
|
||||
sufficient to fill the whole image, and thus results in reading outside of
|
||||
the StripByCounts/StripOffsets arrays when using TIFFReadScanline(). Reported
|
||||
by Agostino Sarubbo. Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2608.
|
||||
|
||||
* libtiff/tif_strip.c: revert the change in TIFFNumberOfStrips() done
|
||||
for http://bugzilla.maptools.org/show_bug.cgi?id=2587 / CVE-2016-9273 since
|
||||
the above change is a better fix that makes it unnecessary.
|
||||
|
||||
Fixes CVE-2016-10270
|
||||
|
||||
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
|
||||
---
|
||||
libtiff/tif_dirread.c | 22 ++++++++++------------
|
||||
libtiff/tif_strip.c | 9 ---------
|
||||
2 files changed, 25 insertions(+), 21 deletions(-)
|
||||
|
||||
diff --git a/libtiff/tif_dirread.c b/libtiff/tif_dirread.c
|
||||
index 3eec79c9..570d0c32 100644
|
||||
--- a/libtiff/tif_dirread.c
|
||||
+++ b/libtiff/tif_dirread.c
|
||||
@@ -5502,8 +5502,7 @@ ChopUpSingleUncompressedStrip(TIFF* tif)
|
||||
uint64 rowblockbytes;
|
||||
uint64 stripbytes;
|
||||
uint32 strip;
|
||||
- uint64 nstrips64;
|
||||
- uint32 nstrips32;
|
||||
+ uint32 nstrips;
|
||||
uint32 rowsperstrip;
|
||||
uint64* newcounts;
|
||||
uint64* newoffsets;
|
||||
@@ -5534,18 +5533,17 @@ ChopUpSingleUncompressedStrip(TIFF* tif)
|
||||
return;
|
||||
|
||||
/*
|
||||
- * never increase the number of strips in an image
|
||||
+ * never increase the number of rows per strip
|
||||
*/
|
||||
if (rowsperstrip >= td->td_rowsperstrip)
|
||||
return;
|
||||
- nstrips64 = TIFFhowmany_64(bytecount, stripbytes);
|
||||
- if ((nstrips64==0)||(nstrips64>0xFFFFFFFF)) /* something is wonky, do nothing. */
|
||||
- return;
|
||||
- nstrips32 = (uint32)nstrips64;
|
||||
+ nstrips = TIFFhowmany_32(td->td_imagelength, rowsperstrip);
|
||||
+ if( nstrips == 0 )
|
||||
+ return;
|
||||
|
||||
- newcounts = (uint64*) _TIFFCheckMalloc(tif, nstrips32, sizeof (uint64),
|
||||
+ newcounts = (uint64*) _TIFFCheckMalloc(tif, nstrips, sizeof (uint64),
|
||||
"for chopped \"StripByteCounts\" array");
|
||||
- newoffsets = (uint64*) _TIFFCheckMalloc(tif, nstrips32, sizeof (uint64),
|
||||
+ newoffsets = (uint64*) _TIFFCheckMalloc(tif, nstrips, sizeof (uint64),
|
||||
"for chopped \"StripOffsets\" array");
|
||||
if (newcounts == NULL || newoffsets == NULL) {
|
||||
/*
|
||||
@@ -5562,18 +5560,18 @@ ChopUpSingleUncompressedStrip(TIFF* tif)
|
||||
* Fill the strip information arrays with new bytecounts and offsets
|
||||
* that reflect the broken-up format.
|
||||
*/
|
||||
- for (strip = 0; strip < nstrips32; strip++) {
|
||||
+ for (strip = 0; strip < nstrips; strip++) {
|
||||
if (stripbytes > bytecount)
|
||||
stripbytes = bytecount;
|
||||
newcounts[strip] = stripbytes;
|
||||
- newoffsets[strip] = offset;
|
||||
+ newoffsets[strip] = stripbytes ? offset : 0;
|
||||
offset += stripbytes;
|
||||
bytecount -= stripbytes;
|
||||
}
|
||||
/*
|
||||
* Replace old single strip info with multi-strip info.
|
||||
*/
|
||||
- td->td_stripsperimage = td->td_nstrips = nstrips32;
|
||||
+ td->td_stripsperimage = td->td_nstrips = nstrips;
|
||||
TIFFSetField(tif, TIFFTAG_ROWSPERSTRIP, rowsperstrip);
|
||||
|
||||
_TIFFfree(td->td_stripbytecount);
|
||||
diff --git a/libtiff/tif_strip.c b/libtiff/tif_strip.c
|
||||
index 4c46ecf5..1676e47d 100644
|
||||
--- a/libtiff/tif_strip.c
|
||||
+++ b/libtiff/tif_strip.c
|
||||
@@ -63,15 +63,6 @@ TIFFNumberOfStrips(TIFF* tif)
|
||||
TIFFDirectory *td = &tif->tif_dir;
|
||||
uint32 nstrips;
|
||||
|
||||
- /* If the value was already computed and store in td_nstrips, then return it,
|
||||
- since ChopUpSingleUncompressedStrip might have altered and resized the
|
||||
- since the td_stripbytecount and td_stripoffset arrays to the new value
|
||||
- after the initial affectation of td_nstrips = TIFFNumberOfStrips() in
|
||||
- tif_dirread.c ~line 3612.
|
||||
- See http://bugzilla.maptools.org/show_bug.cgi?id=2587 */
|
||||
- if( td->td_nstrips )
|
||||
- return td->td_nstrips;
|
||||
-
|
||||
nstrips = (td->td_rowsperstrip == (uint32) -1 ? 1 :
|
||||
TIFFhowmany_32(td->td_imagelength, td->td_rowsperstrip));
|
||||
if (td->td_planarconfig == PLANARCONFIG_SEPARATE)
|
||||
--
|
||||
2.11.0
|
||||
|
||||
@@ -0,0 +1,74 @@
|
||||
From 5c080298d59efa53264d7248bbe3a04660db6ef7 Mon Sep 17 00:00:00 2001
|
||||
From: erouault <erouault>
|
||||
Date: Wed, 11 Jan 2017 19:25:44 +0000
|
||||
Subject: [PATCH] * tools/tiffcp.c: error out cleanly in cpContig2SeparateByRow
|
||||
and cpSeparate2ContigByRow if BitsPerSample != 8 to avoid heap based
|
||||
overflow. Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2656 and
|
||||
http://bugzilla.maptools.org/show_bug.cgi?id=2657
|
||||
|
||||
Fixes CVE-2017-5225
|
||||
|
||||
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
|
||||
---
|
||||
tools/tiffcp.c | 24 ++++++++++++++++++++++--
|
||||
1 file changed, 29 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/tools/tiffcp.c b/tools/tiffcp.c
|
||||
index bdf754c3..8bbcd52f 100644
|
||||
--- a/tools/tiffcp.c
|
||||
+++ b/tools/tiffcp.c
|
||||
@@ -591,7 +591,7 @@ static copyFunc pickCopyFunc(TIFF*, TIFF*, uint16, uint16);
|
||||
static int
|
||||
tiffcp(TIFF* in, TIFF* out)
|
||||
{
|
||||
- uint16 bitspersample, samplesperpixel = 1;
|
||||
+ uint16 bitspersample = 1, samplesperpixel = 1;
|
||||
uint16 input_compression, input_photometric = PHOTOMETRIC_MINISBLACK;
|
||||
copyFunc cf;
|
||||
uint32 width, length;
|
||||
@@ -1067,6 +1067,16 @@ DECLAREcpFunc(cpContig2SeparateByRow)
|
||||
register uint32 n;
|
||||
uint32 row;
|
||||
tsample_t s;
|
||||
+ uint16 bps = 0;
|
||||
+
|
||||
+ (void) TIFFGetField(in, TIFFTAG_BITSPERSAMPLE, &bps);
|
||||
+ if( bps != 8 )
|
||||
+ {
|
||||
+ TIFFError(TIFFFileName(in),
|
||||
+ "Error, can only handle BitsPerSample=8 in %s",
|
||||
+ "cpContig2SeparateByRow");
|
||||
+ return 0;
|
||||
+ }
|
||||
|
||||
inbuf = _TIFFmalloc(scanlinesizein);
|
||||
outbuf = _TIFFmalloc(scanlinesizeout);
|
||||
@@ -1120,6 +1130,16 @@ DECLAREcpFunc(cpSeparate2ContigByRow)
|
||||
register uint32 n;
|
||||
uint32 row;
|
||||
tsample_t s;
|
||||
+ uint16 bps = 0;
|
||||
+
|
||||
+ (void) TIFFGetField(in, TIFFTAG_BITSPERSAMPLE, &bps);
|
||||
+ if( bps != 8 )
|
||||
+ {
|
||||
+ TIFFError(TIFFFileName(in),
|
||||
+ "Error, can only handle BitsPerSample=8 in %s",
|
||||
+ "cpSeparate2ContigByRow");
|
||||
+ return 0;
|
||||
+ }
|
||||
|
||||
inbuf = _TIFFmalloc(scanlinesizein);
|
||||
outbuf = _TIFFmalloc(scanlinesizeout);
|
||||
@@ -1784,7 +1804,7 @@ pickCopyFunc(TIFF* in, TIFF* out, uint16 bitspersample, uint16 samplesperpixel)
|
||||
uint32 w, l, tw, tl;
|
||||
int bychunk;
|
||||
|
||||
- (void) TIFFGetField(in, TIFFTAG_PLANARCONFIG, &shortv);
|
||||
+ (void) TIFFGetFieldDefaulted(in, TIFFTAG_PLANARCONFIG, &shortv);
|
||||
if (shortv != config && bitspersample != 8 && samplesperpixel > 1) {
|
||||
fprintf(stderr,
|
||||
"%s: Cannot handle different planar configuration w/ bits/sample != 8\n",
|
||||
--
|
||||
2.11.0
|
||||
|
||||
@@ -0,0 +1,31 @@
|
||||
From 48780b4fcc425cddc4ef8ffdf536f96a0d1b313b Mon Sep 17 00:00:00 2001
|
||||
From: erouault <erouault>
|
||||
Date: Wed, 11 Jan 2017 16:38:26 +0000
|
||||
Subject: [PATCH] libtiff/tif_getimage.c: add explicit uint32 cast in putagreytile to
|
||||
avoid UndefinedBehaviorSanitizer warning.
|
||||
Patch by Nicolás Peña.
|
||||
Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2658
|
||||
|
||||
Fixes CVE-2017-7592
|
||||
|
||||
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
|
||||
---
|
||||
libtiff/tif_getimage.c | 2 +-
|
||||
1 file changed, 8 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/libtiff/tif_getimage.c b/libtiff/tif_getimage.c
|
||||
index fed31f1f..2fa1775c 100644
|
||||
--- a/libtiff/tif_getimage.c
|
||||
+++ b/libtiff/tif_getimage.c
|
||||
@@ -1302,7 +1302,7 @@ DECLAREContigPutFunc(putagreytile)
|
||||
while (h-- > 0) {
|
||||
for (x = w; x-- > 0;)
|
||||
{
|
||||
- *cp++ = BWmap[*pp][0] & (*(pp+1) << 24 | ~A1);
|
||||
+ *cp++ = BWmap[*pp][0] & ((uint32)*(pp+1) << 24 | ~A1);
|
||||
pp += samplesperpixel;
|
||||
}
|
||||
cp += toskew;
|
||||
--
|
||||
2.11.0
|
||||
|
||||
@@ -0,0 +1,88 @@
|
||||
From d60332057b9575ada4f264489582b13e30137be1 Mon Sep 17 00:00:00 2001
|
||||
From: erouault <erouault>
|
||||
Date: Wed, 11 Jan 2017 19:02:49 +0000
|
||||
Subject: [PATCH] * libtiff/tiffiop.h, tif_unix.c, tif_win32.c, tif_vms.c: add
|
||||
_TIFFcalloc()
|
||||
|
||||
* libtiff/tif_read.c: TIFFReadBufferSetup(): use _TIFFcalloc() to zero
|
||||
initialize tif_rawdata.
|
||||
Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2651
|
||||
|
||||
Fixes CVE-2017-7593
|
||||
|
||||
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
|
||||
---
|
||||
libtiff/tif_read.c | 4 +++-
|
||||
libtiff/tif_unix.c | 8 ++++++++
|
||||
libtiff/tif_win32.c | 8 ++++++++
|
||||
libtiff/tiffio.h | 1 +
|
||||
4 files changed, 36 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/libtiff/tif_read.c b/libtiff/tif_read.c
|
||||
index 277fdd69..4535ccb3 100644
|
||||
--- a/libtiff/tif_read.c
|
||||
+++ b/libtiff/tif_read.c
|
||||
@@ -985,7 +985,9 @@ TIFFReadBufferSetup(TIFF* tif, void* bp, tmsize_t size)
|
||||
"Invalid buffer size");
|
||||
return (0);
|
||||
}
|
||||
- tif->tif_rawdata = (uint8*) _TIFFmalloc(tif->tif_rawdatasize);
|
||||
+ /* Initialize to zero to avoid uninitialized buffers in case of */
|
||||
+ /* short reads (http://bugzilla.maptools.org/show_bug.cgi?id=2651) */
|
||||
+ tif->tif_rawdata = (uint8*) _TIFFcalloc(1, tif->tif_rawdatasize);
|
||||
tif->tif_flags |= TIFF_MYBUFFER;
|
||||
}
|
||||
if (tif->tif_rawdata == NULL) {
|
||||
diff --git a/libtiff/tif_unix.c b/libtiff/tif_unix.c
|
||||
index 7c7bc961..89dd32e8 100644
|
||||
--- a/libtiff/tif_unix.c
|
||||
+++ b/libtiff/tif_unix.c
|
||||
@@ -316,6 +316,14 @@ _TIFFmalloc(tmsize_t s)
|
||||
return (malloc((size_t) s));
|
||||
}
|
||||
|
||||
+void* _TIFFcalloc(tmsize_t nmemb, tmsize_t siz)
|
||||
+{
|
||||
+ if( nmemb == 0 || siz == 0 )
|
||||
+ return ((void *) NULL);
|
||||
+
|
||||
+ return calloc((size_t) nmemb, (size_t)siz);
|
||||
+}
|
||||
+
|
||||
void
|
||||
_TIFFfree(void* p)
|
||||
{
|
||||
diff --git a/libtiff/tif_win32.c b/libtiff/tif_win32.c
|
||||
index d730b3ab..3e9001b7 100644
|
||||
--- a/libtiff/tif_win32.c
|
||||
+++ b/libtiff/tif_win32.c
|
||||
@@ -360,6 +360,14 @@ _TIFFmalloc(tmsize_t s)
|
||||
return (malloc((size_t) s));
|
||||
}
|
||||
|
||||
+void* _TIFFcalloc(tmsize_t nmemb, tmsize_t siz)
|
||||
+{
|
||||
+ if( nmemb == 0 || siz == 0 )
|
||||
+ return ((void *) NULL);
|
||||
+
|
||||
+ return calloc((size_t) nmemb, (size_t)siz);
|
||||
+}
|
||||
+
|
||||
void
|
||||
_TIFFfree(void* p)
|
||||
{
|
||||
diff --git a/libtiff/tiffio.h b/libtiff/tiffio.h
|
||||
index 732da17f..fbd9171f 100644
|
||||
--- a/libtiff/tiffio.h
|
||||
+++ b/libtiff/tiffio.h
|
||||
@@ -293,6 +293,7 @@ extern TIFFCodec* TIFFGetConfiguredCODECs(void);
|
||||
*/
|
||||
|
||||
extern void* _TIFFmalloc(tmsize_t s);
|
||||
+extern void* _TIFFcalloc(tmsize_t nmemb, tmsize_t siz);
|
||||
extern void* _TIFFrealloc(void* p, tmsize_t s);
|
||||
extern void _TIFFmemset(void* p, int v, tmsize_t c);
|
||||
extern void _TIFFmemcpy(void* d, const void* s, tmsize_t c);
|
||||
--
|
||||
2.11.0
|
||||
|
||||
@@ -0,0 +1,43 @@
|
||||
From 2ea32f7372b65c24b2816f11c04bf59b5090d05b Mon Sep 17 00:00:00 2001
|
||||
From: erouault <erouault>
|
||||
Date: Thu, 12 Jan 2017 19:23:20 +0000
|
||||
Subject: [PATCH] * libtiff/tif_ojpeg.c: fix leak in
|
||||
OJPEGReadHeaderInfoSecTablesQTable, OJPEGReadHeaderInfoSecTablesDcTable and
|
||||
OJPEGReadHeaderInfoSecTablesAcTable
|
||||
|
||||
Fixes CVE-2017-7594
|
||||
|
||||
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
|
||||
---
|
||||
libtiff/tif_ojpeg.c | 6 ++++++
|
||||
1 file changed, 8 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/libtiff/tif_ojpeg.c b/libtiff/tif_ojpeg.c
|
||||
index b92f0ebd..5f6c684c 100644
|
||||
--- a/libtiff/tif_ojpeg.c
|
||||
+++ b/libtiff/tif_ojpeg.c
|
||||
@@ -1790,7 +1790,10 @@ OJPEGReadHeaderInfoSecTablesQTable(TIFF* tif)
|
||||
TIFFSeekFile(tif,sp->qtable_offset[m],SEEK_SET);
|
||||
p=(uint32)TIFFReadFile(tif,&ob[sizeof(uint32)+5],64);
|
||||
if (p!=64)
|
||||
+ {
|
||||
+ _TIFFfree(ob);
|
||||
return(0);
|
||||
+ }
|
||||
sp->qtable[m]=ob;
|
||||
sp->sof_tq[m]=m;
|
||||
}
|
||||
@@ -1854,7 +1857,10 @@ OJPEGReadHeaderInfoSecTablesDcTable(TIFF* tif)
|
||||
rb[sizeof(uint32)+5+n]=o[n];
|
||||
p=(uint32)TIFFReadFile(tif,&(rb[sizeof(uint32)+21]),q);
|
||||
if (p!=q)
|
||||
+ {
|
||||
+ _TIFFfree(rb);
|
||||
return(0);
|
||||
+ }
|
||||
sp->dctable[m]=rb;
|
||||
sp->sos_tda[m]=(m<<4);
|
||||
}
|
||||
--
|
||||
2.11.0
|
||||
|
||||
@@ -0,0 +1,36 @@
|
||||
From 8283e4d1b7e53340684d12932880cbcbaf23a8c1 Mon Sep 17 00:00:00 2001
|
||||
From: erouault <erouault>
|
||||
Date: Thu, 12 Jan 2017 17:43:25 +0000
|
||||
Subject: [PATCH] libtiff/tif_ojpeg.c: fix leak in
|
||||
OJPEGReadHeaderInfoSecTablesAcTable when read fails.
|
||||
Patch by Nicolás Peña.
|
||||
Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2659
|
||||
MIME-Version: 1.0
|
||||
Content-Type: text/plain; charset=UTF-8
|
||||
Content-Transfer-Encoding: 8bit
|
||||
|
||||
Fixes CVE-2017-7594
|
||||
|
||||
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
|
||||
---
|
||||
libtiff/tif_ojpeg.c | 3 +++
|
||||
1 file changed, 10 insertions(+)
|
||||
|
||||
diff --git a/libtiff/tif_ojpeg.c b/libtiff/tif_ojpeg.c
|
||||
index f19e8fd0..b92f0ebd 100644
|
||||
--- a/libtiff/tif_ojpeg.c
|
||||
+++ b/libtiff/tif_ojpeg.c
|
||||
@@ -1918,7 +1918,10 @@ OJPEGReadHeaderInfoSecTablesAcTable(TIFF* tif)
|
||||
rb[sizeof(uint32)+5+n]=o[n];
|
||||
p=(uint32)TIFFReadFile(tif,&(rb[sizeof(uint32)+21]),q);
|
||||
if (p!=q)
|
||||
+ {
|
||||
+ _TIFFfree(rb);
|
||||
return(0);
|
||||
+ }
|
||||
sp->actable[m]=rb;
|
||||
sp->sos_tda[m]=(sp->sos_tda[m]|m);
|
||||
}
|
||||
--
|
||||
2.11.0
|
||||
|
||||
@@ -0,0 +1,35 @@
|
||||
From 47f2fb61a3a64667bce1a8398a8fcb1b348ff122 Mon Sep 17 00:00:00 2001
|
||||
From: erouault <erouault>
|
||||
Date: Wed, 11 Jan 2017 12:15:01 +0000
|
||||
Subject: [PATCH] * libtiff/tif_jpeg.c: avoid integer division by zero in
|
||||
JPEGSetupEncode() when horizontal or vertical sampling is set to 0. Fixes
|
||||
http://bugzilla.maptools.org/show_bug.cgi?id=2653
|
||||
|
||||
Fixes CVE-2017-7595
|
||||
|
||||
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
|
||||
---
|
||||
libtiff/tif_jpeg.c | 7 +++++++
|
||||
1 file changed, 13 insertions(+)
|
||||
|
||||
diff --git a/libtiff/tif_jpeg.c b/libtiff/tif_jpeg.c
|
||||
index 38595f98..6c17c388 100644
|
||||
--- a/libtiff/tif_jpeg.c
|
||||
+++ b/libtiff/tif_jpeg.c
|
||||
@@ -1626,6 +1626,13 @@ JPEGSetupEncode(TIFF* tif)
|
||||
case PHOTOMETRIC_YCBCR:
|
||||
sp->h_sampling = td->td_ycbcrsubsampling[0];
|
||||
sp->v_sampling = td->td_ycbcrsubsampling[1];
|
||||
+ if( sp->h_sampling == 0 || sp->v_sampling == 0 )
|
||||
+ {
|
||||
+ TIFFErrorExt(tif->tif_clientdata, module,
|
||||
+ "Invalig horizontal/vertical sampling value");
|
||||
+ return (0);
|
||||
+ }
|
||||
+
|
||||
/*
|
||||
* A ReferenceBlackWhite field *must* be present since the
|
||||
* default value is inappropriate for YCbCr. Fill in the
|
||||
--
|
||||
2.11.0
|
||||
|
||||
@@ -0,0 +1,47 @@
|
||||
From 3cfd62d77c2a7e147a05bd678524c345fa9c2bb8 Mon Sep 17 00:00:00 2001
|
||||
From: erouault <erouault>
|
||||
Date: Wed, 11 Jan 2017 13:28:01 +0000
|
||||
Subject: [PATCH] * libtiff/tif_dirread.c: avoid division by floating point 0
|
||||
in TIFFReadDirEntryCheckedRational() and TIFFReadDirEntryCheckedSrational(),
|
||||
and return 0 in that case (instead of infinity as before presumably)
|
||||
Apparently some sanitizers do not like those divisions by zero. Fixes
|
||||
http://bugzilla.maptools.org/show_bug.cgi?id=2644
|
||||
|
||||
Fixes CVE-2017-7598
|
||||
|
||||
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
|
||||
---
|
||||
libtiff/tif_dirread.c | 10 ++++++++--
|
||||
1 file changed, 16 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/libtiff/tif_dirread.c b/libtiff/tif_dirread.c
|
||||
index 570d0c32..8a1e42aa 100644
|
||||
--- a/libtiff/tif_dirread.c
|
||||
+++ b/libtiff/tif_dirread.c
|
||||
@@ -2872,7 +2872,10 @@ static enum TIFFReadDirEntryErr TIFFReadDirEntryCheckedRational(TIFF* tif, TIFFD
|
||||
m.l = direntry->tdir_offset.toff_long8;
|
||||
if (tif->tif_flags&TIFF_SWAB)
|
||||
TIFFSwabArrayOfLong(m.i,2);
|
||||
- if (m.i[0]==0)
|
||||
+ /* Not completely sure what we should do when m.i[1]==0, but some */
|
||||
+ /* sanitizers do not like division by 0.0: */
|
||||
+ /* http://bugzilla.maptools.org/show_bug.cgi?id=2644 */
|
||||
+ if (m.i[0]==0 || m.i[1]==0)
|
||||
*value=0.0;
|
||||
else
|
||||
*value=(double)m.i[0]/(double)m.i[1];
|
||||
@@ -2900,7 +2903,10 @@ static enum TIFFReadDirEntryErr TIFFReadDirEntryCheckedSrational(TIFF* tif, TIFF
|
||||
m.l=direntry->tdir_offset.toff_long8;
|
||||
if (tif->tif_flags&TIFF_SWAB)
|
||||
TIFFSwabArrayOfLong(m.i,2);
|
||||
- if ((int32)m.i[0]==0)
|
||||
+ /* Not completely sure what we should do when m.i[1]==0, but some */
|
||||
+ /* sanitizers do not like division by 0.0: */
|
||||
+ /* http://bugzilla.maptools.org/show_bug.cgi?id=2644 */
|
||||
+ if ((int32)m.i[0]==0 || m.i[1]==0)
|
||||
*value=0.0;
|
||||
else
|
||||
*value=(double)((int32)m.i[0])/(double)m.i[1];
|
||||
--
|
||||
2.11.0
|
||||
|
||||
@@ -0,0 +1,35 @@
|
||||
From 0a76a8c765c7b8327c59646284fa78c3c27e5490 Mon Sep 17 00:00:00 2001
|
||||
From: erouault <erouault>
|
||||
Date: Wed, 11 Jan 2017 16:13:50 +0000
|
||||
Subject: [PATCH] * libtiff/tif_jpeg.c: validate BitsPerSample in
|
||||
JPEGSetupEncode() to avoid undefined behaviour caused by invalid shift
|
||||
exponent. Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2648
|
||||
|
||||
Fixes CVE-2017-7601
|
||||
|
||||
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
|
||||
---
|
||||
libtiff/tif_jpeg.c | 7 +++++++
|
||||
1 file changed, 13 insertions(+)
|
||||
|
||||
diff --git a/libtiff/tif_jpeg.c b/libtiff/tif_jpeg.c
|
||||
index 6c17c388..192989a9 100644
|
||||
--- a/libtiff/tif_jpeg.c
|
||||
+++ b/libtiff/tif_jpeg.c
|
||||
@@ -1632,6 +1632,13 @@ JPEGSetupEncode(TIFF* tif)
|
||||
"Invalig horizontal/vertical sampling value");
|
||||
return (0);
|
||||
}
|
||||
+ if( td->td_bitspersample > 16 )
|
||||
+ {
|
||||
+ TIFFErrorExt(tif->tif_clientdata, module,
|
||||
+ "BitsPerSample %d not allowed for JPEG",
|
||||
+ td->td_bitspersample);
|
||||
+ return (0);
|
||||
+ }
|
||||
|
||||
/*
|
||||
* A ReferenceBlackWhite field *must* be present since the
|
||||
--
|
||||
2.11.0
|
||||
|
||||
@@ -0,0 +1,56 @@
|
||||
From 66e7bd59520996740e4df5495a830b42fae48bc4 Mon Sep 17 00:00:00 2001
|
||||
From: erouault <erouault>
|
||||
Date: Wed, 11 Jan 2017 16:33:34 +0000
|
||||
Subject: [PATCH] * libtiff/tif_read.c: avoid potential undefined behaviour on
|
||||
signed integer addition in TIFFReadRawStrip1() in isMapped() case. Fixes
|
||||
http://bugzilla.maptools.org/show_bug.cgi?id=2650
|
||||
|
||||
Fixes CVE-2017-7602
|
||||
|
||||
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
|
||||
---
|
||||
libtiff/tif_read.c | 27 ++++++++++++++++++---------
|
||||
1 file changed, 24 insertions(+), 9 deletions(-)
|
||||
|
||||
diff --git a/libtiff/tif_read.c b/libtiff/tif_read.c
|
||||
index 52bbf507..b7aacbda 100644
|
||||
--- a/libtiff/tif_read.c
|
||||
+++ b/libtiff/tif_read.c
|
||||
@@ -420,16 +420,25 @@ TIFFReadRawStrip1(TIFF* tif, uint32 strip, void* buf, tmsize_t size,
|
||||
return ((tmsize_t)(-1));
|
||||
}
|
||||
} else {
|
||||
- tmsize_t ma,mb;
|
||||
+ tmsize_t ma;
|
||||
tmsize_t n;
|
||||
- ma=(tmsize_t)td->td_stripoffset[strip];
|
||||
- mb=ma+size;
|
||||
- if ((td->td_stripoffset[strip] > (uint64)TIFF_TMSIZE_T_MAX)||(ma>tif->tif_size))
|
||||
- n=0;
|
||||
- else if ((mb<ma)||(mb<size)||(mb>tif->tif_size))
|
||||
- n=tif->tif_size-ma;
|
||||
- else
|
||||
- n=size;
|
||||
+ if ((td->td_stripoffset[strip] > (uint64)TIFF_TMSIZE_T_MAX)||
|
||||
+ ((ma=(tmsize_t)td->td_stripoffset[strip])>tif->tif_size))
|
||||
+ {
|
||||
+ n=0;
|
||||
+ }
|
||||
+ else if( ma > TIFF_TMSIZE_T_MAX - size )
|
||||
+ {
|
||||
+ n=0;
|
||||
+ }
|
||||
+ else
|
||||
+ {
|
||||
+ tmsize_t mb=ma+size;
|
||||
+ if (mb>tif->tif_size)
|
||||
+ n=tif->tif_size-ma;
|
||||
+ else
|
||||
+ n=size;
|
||||
+ }
|
||||
if (n!=size) {
|
||||
#if defined(__WIN32__) && (defined(_MSC_VER) || defined(__MINGW32__))
|
||||
TIFFErrorExt(tif->tif_clientdata, module,
|
||||
--
|
||||
2.11.0
|
||||
|
||||
@@ -1,2 +1,3 @@
|
||||
# Locally calculated
|
||||
sha256 3ef7ae05dba14f8bb626121983a08bb09d1d51a19de38bd9a8e0f29b11d9e3c9 trinity-v1.6.tar.gz
|
||||
sha256 5601474b10973b99f6f4ecc67c8ac54000754d7110553cc81c7648bd7e73c810 b0e66a2d084ffc210bc1fc247efb4d177e9f7e3d.patch
|
||||
|
||||
@@ -9,6 +9,8 @@ TRINITY_SITE = $(call github,kernelslacker,trinity,$(TRINITY_VERSION))
|
||||
TRINITY_LICENSE = GPLv2
|
||||
TRINITY_LICENSE_FILES = COPYING
|
||||
|
||||
TRINITY_PATCH = https://github.com/kernelslacker/trinity/commit/b0e66a2d084ffc210bc1fc247efb4d177e9f7e3d.patch
|
||||
|
||||
define TRINITY_CONFIGURE_CMDS
|
||||
(cd $(@D); $(TARGET_CONFIGURE_OPTS) ./configure.sh)
|
||||
endef
|
||||
|
||||
@@ -4,4 +4,4 @@ config BR2_PACKAGE_WHICH
|
||||
help
|
||||
The standard 'which' utility.
|
||||
|
||||
http://www.xs4all.nl/~carlo17/which/
|
||||
http://carlowood.github.io/which/index.html
|
||||
|
||||
@@ -1,2 +1,2 @@
|
||||
# From: https://www.wireshark.org/download/src/all-versions/SIGNATURES-2.2.5.txt
|
||||
sha256 75dd88d3d6336559e5b0b72077d8a772a988197d571f00029986225fef609ac8 wireshark-2.2.5.tar.bz2
|
||||
# From: https://www.wireshark.org/download/src/all-versions/SIGNATURES-2.2.6.txt
|
||||
sha256 f627d51eda85f5ae5f5c8c9fc1f6539ffc2a270dd7500dc7f67490a8534ca849 wireshark-2.2.6.tar.bz2
|
||||
|
||||
@@ -4,7 +4,7 @@
|
||||
#
|
||||
################################################################################
|
||||
|
||||
WIRESHARK_VERSION = 2.2.5
|
||||
WIRESHARK_VERSION = 2.2.6
|
||||
WIRESHARK_SOURCE = wireshark-$(WIRESHARK_VERSION).tar.bz2
|
||||
WIRESHARK_SITE = https://www.wireshark.org/download/src/all-versions
|
||||
WIRESHARK_LICENSE = wireshark license
|
||||
|
||||
@@ -1,2 +1,2 @@
|
||||
# Locally computed
|
||||
sha256 e87f4b0575e78657ee23d31470a15ecf1ce8c3a92a771cda46bbcd4d0d671ffe xen-4.7.1.tar.gz
|
||||
sha256 61494a56d9251e2108080f95b0dc8e3d175f1ba4da34603fc07b91cfebf358d5 xen-4.7.2.tar.gz
|
||||
|
||||
+1
-1
@@ -4,7 +4,7 @@
|
||||
#
|
||||
################################################################################
|
||||
|
||||
XEN_VERSION = 4.7.1
|
||||
XEN_VERSION = 4.7.2
|
||||
XEN_SITE = http://bits.xensource.com/oss-xen/release/$(XEN_VERSION)
|
||||
XEN_LICENSE = GPLv2
|
||||
XEN_LICENSE_FILES = COPYING
|
||||
|
||||
+1
-1
@@ -4,7 +4,7 @@
|
||||
#
|
||||
################################################################################
|
||||
|
||||
TOOLCHAIN_EXTERNAL_CODESOURCERY_AARCH64_SITE = http://sourcery.mentor.com/public/gnu_toolchain/$(TOOLCHAIN_EXTERNAL_PREFIX)
|
||||
TOOLCHAIN_EXTERNAL_CODESOURCERY_AARCH64_SITE = https://sourcery.mentor.com/public/gnu_toolchain/$(TOOLCHAIN_EXTERNAL_PREFIX)
|
||||
TOOLCHAIN_EXTERNAL_CODESOURCERY_AARCH64_VERSION = 2014.11-95
|
||||
TOOLCHAIN_EXTERNAL_CODESOURCERY_AARCH64_SOURCE = aarch64-amd-$(TOOLCHAIN_EXTERNAL_CODESOURCERY_AARCH64_VERSION)-$(TOOLCHAIN_EXTERNAL_PREFIX)-i686-pc-linux-gnu.tar.bz2
|
||||
TOOLCHAIN_EXTERNAL_CODESOURCERY_AARCH64_ACTUAL_SOURCE_TARBALL = aarch64-amd-$(TOOLCHAIN_EXTERNAL_CODESOURCERY_AARCH64_VERSION)-$(TOOLCHAIN_EXTERNAL_PREFIX).src.tar.bz2
|
||||
|
||||
+1
-1
@@ -6,7 +6,7 @@
|
||||
|
||||
TOOLCHAIN_EXTERNAL_CODESOURCERY_ARM_VERSION = 2014.05-29
|
||||
|
||||
TOOLCHAIN_EXTERNAL_CODESOURCERY_ARM_SITE = http://sourcery.mentor.com/public/gnu_toolchain/$(TOOLCHAIN_EXTERNAL_PREFIX)
|
||||
TOOLCHAIN_EXTERNAL_CODESOURCERY_ARM_SITE = https://sourcery.mentor.com/public/gnu_toolchain/$(TOOLCHAIN_EXTERNAL_PREFIX)
|
||||
TOOLCHAIN_EXTERNAL_CODESOURCERY_ARM_SOURCE = arm-$(TOOLCHAIN_EXTERNAL_CODESOURCERY_ARM_VERSION)-$(TOOLCHAIN_EXTERNAL_PREFIX)-i686-pc-linux-gnu.tar.bz2
|
||||
TOOLCHAIN_EXTERNAL_CODESOURCERY_ARM_ACTUAL_SOURCE_TARBALL = arm-$(TOOLCHAIN_EXTERNAL_CODESOURCERY_ARM_VERSION)-$(TOOLCHAIN_EXTERNAL_PREFIX).src.tar.bz2
|
||||
|
||||
|
||||
+1
-1
@@ -6,7 +6,7 @@
|
||||
|
||||
TOOLCHAIN_EXTERNAL_CODESOURCERY_MIPS_VERSION = 2016.05-8
|
||||
|
||||
TOOLCHAIN_EXTERNAL_CODESOURCERY_MIPS_SITE = http://sourcery.mentor.com/public/gnu_toolchain/$(TOOLCHAIN_EXTERNAL_PREFIX)
|
||||
TOOLCHAIN_EXTERNAL_CODESOURCERY_MIPS_SITE = https://sourcery.mentor.com/public/gnu_toolchain/$(TOOLCHAIN_EXTERNAL_PREFIX)
|
||||
TOOLCHAIN_EXTERNAL_CODESOURCERY_MIPS_SOURCE = mips-$(TOOLCHAIN_EXTERNAL_CODESOURCERY_MIPS_VERSION)-$(TOOLCHAIN_EXTERNAL_PREFIX)-i686-pc-linux-gnu.tar.bz2
|
||||
TOOLCHAIN_EXTERNAL_CODESOURCERY_MIPS_ACTUAL_SOURCE_TARBALL = mips-$(TOOLCHAIN_EXTERNAL_CODESOURCERY_MIPS_VERSION)-$(TOOLCHAIN_EXTERNAL_PREFIX).src.tar.bz2
|
||||
|
||||
|
||||
+1
-1
@@ -6,7 +6,7 @@
|
||||
|
||||
TOOLCHAIN_EXTERNAL_CODESOURCERY_NIOSII_VERSION = 2016.11-32
|
||||
|
||||
TOOLCHAIN_EXTERNAL_CODESOURCERY_NIOSII_SITE = http://sourcery.mentor.com/public/gnu_toolchain/$(TOOLCHAIN_EXTERNAL_PREFIX)
|
||||
TOOLCHAIN_EXTERNAL_CODESOURCERY_NIOSII_SITE = https://sourcery.mentor.com/public/gnu_toolchain/$(TOOLCHAIN_EXTERNAL_PREFIX)
|
||||
TOOLCHAIN_EXTERNAL_CODESOURCERY_NIOSII_SOURCE = sourceryg++-$(TOOLCHAIN_EXTERNAL_CODESOURCERY_NIOSII_VERSION)-$(TOOLCHAIN_EXTERNAL_PREFIX)-i686-pc-linux-gnu.tar.bz2
|
||||
TOOLCHAIN_EXTERNAL_CODESOURCERY_NIOSII_ACTUAL_SOURCE_TARBALL = sourceryg++-$(TOOLCHAIN_EXTERNAL_CODESOURCERY_NIOSII_VERSION)-$(TOOLCHAIN_EXTERNAL_PREFIX).src.tar.bz2
|
||||
|
||||
|
||||
Reference in New Issue
Block a user