Fixes CVE-2018-1000156: arbitrary command execution in ed-style patches.
Depend on MMU for now, because the patch adds a fork() call. Upstream
later switched to gnulib provided execute(), so this dependency can be
dropped on the next version bump.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit f4a4df2084)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit c3e1d9849a)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Having the BR2_PACKAGE_BUSYBOX_SHOW_OTHERS dependencies in
package/Config.in is not very practical: it makes this file not very
readable, and puts the dependency away from the package itself, which
can sometimes be confusing. Therefore, this commit moves the dependency
in each package Config.in file.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This patch lines up the comments in Config.in files that clarify which
toolchain options the package depends on.
Signed-off-by: Thomas De Schampheleire <thomas.de.schampheleire@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* Patch needs a toolchain with WCHAR support
* Use real upstream gnu mirror
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
