godotengine/buildroot
1
0
Fork 0
mirror of https://github.com/godotengine/buildroot.git synced 2026-01-01 13:49:03 +03:00
Code Issues Packages Projects Releases Wiki Activity
40,448 Commits 28 Branches 277 Tags
2018.02.x
Commit Graph

37 Commits

Author SHA1 Message Date
Peter Korsgaard
0709404fc3 git: security bump to version 2.16.5 
Fixes CVE-2018-17456: RCE issue in handling of git submodules

For more details, see the announcement:
https://marc.info/?l=git&m=153875888916397&w=2

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 063eff9bc6)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
 2018-10-20 00:01:28 +02:00
Baruch Siach
0732985141 git: security bump to version 2.16.4 
Forward port of security fixes from the 2.13.7 release. The 2.13.7
release notes say this:

 * Submodule "names" come from the untrusted .gitmodules file, but we
   blindly append them to $GIT_DIR/modules to create our on-disk repo
   paths. This means you can do bad things by putting "../" into the
   name. We now enforce some rules for submodule names which will cause
   Git to ignore these malicious names (CVE-2018-11235).

   Credit for finding this vulnerability and the proof of concept from
   which the test script was adapted goes to Etienne Stalmans.

 * It was possible to trick the code that sanity-checks paths on NTFS
   into reading random piece of memory (CVE-2018-11233).

Cc: Matt Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit ae1f047295)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
 2018-06-17 16:46:11 +02:00
Bernd Kuhls
22b1015fcc package/git: bump version to 2.16.3 
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 9447e86618)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
 2018-06-17 16:46:04 +02:00
Bernd Kuhls
5e7e27a3a7 package/git: bump version to 2.16.1 
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
 2018-01-28 11:54:20 +01:00
Bernd Kuhls
e8ba19ba60 package/git: bump version to 2.15.0 
To avoid the build error

grep.c:(.text+0xa02): undefined reference to `pcre_jit_exec'

we need to add NO_LIBPCRE1_JIT=1 according to
https://www.spinics.net/lists/git/msg314515.html

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
 2017-10-31 20:09:20 +01:00
Bernd Kuhls
8e0c7ce50b package/git: security bump to version 2.13.6 
Release notes:
https://public-inbox.org/git/xmqqy3p29ekj.fsf@gitster.mtv.corp.google.com/

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
 2017-09-27 22:03:50 +02:00
Bernd Kuhls
20cf789403 package/git: security bump to version 2.13.5 
Fixes CVE-2017-1000117:
http://www.mail-archive.com/linux-kernel@vger.kernel.org/msg1466490.html

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
 2017-08-12 22:56:21 +02:00
Baruch Siach
cd60692427 git: bump to version 2.13.3 
Add license files hashes.

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
 2017-07-18 23:57:18 +02:00
Vicente Olivert Riera
312d71c7a9 git: bump version to 2.13.0 
Patches 0001 and 0002 already included in this release:
  379642bcd8
  2225e1ea20

Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
 2017-05-10 23:44:27 +02:00
Vicente Olivert Riera
3967abfc89 git: bump version to 2.12.2 
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
 2017-03-28 21:44:21 +02:00
Vicente Olivert Riera
cbb23d5d05 git: bump version to 2.12.1 
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
 2017-03-21 17:30:29 +01:00
Vicente Olivert Riera
941dc2ac8c git: bump version to 2.12.0 
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
 2017-03-10 21:50:26 +01:00
Bernd Kuhls
738871e601 package/git: bump version to 2.11.1 
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
 2017-02-04 13:03:09 +01:00
Vicente Olivert Riera
a8ab83fada git: bump version to 2.11.0 
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
 2016-11-30 11:59:27 +01:00
Vicente Olivert Riera
dcf7a64b46 git: bump version to 2.10.2 
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
 2016-11-01 14:58:34 +01:00
Vicente Olivert Riera
917bf769db git: bump version to 2.10.1 
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
 2016-10-13 08:01:55 +02:00
Vicente Olivert Riera
d1cb59adac git: bump version to 2.10.0 
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
 2016-09-05 21:07:42 +02:00
Rodrigo Rebello
ca4237c766 git: bump version to 2.9.3 
Signed-off-by: Rodrigo Rebello <rprebello@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
 2016-08-17 15:04:23 +02:00
Vicente Olivert Riera
f96e951275 git: bump version to 2.9.1 
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
 2016-07-14 12:31:45 +02:00
Vicente Olivert Riera
ae61f4ecbb git: bump version to 2.8.3 
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
 2016-05-22 22:48:16 +02:00
Vicente Olivert Riera
f3698c600c git: bump version to 2.8.2 
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
 2016-05-04 22:45:26 +02:00
Vicente Olivert Riera
576e073a36 git: bump version to 2.8.1 
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
 2016-04-05 21:32:12 +02:00
Vicente Olivert Riera
62b1de3fb4 git: bump version to 2.8.0 
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
 2016-03-29 16:55:29 +02:00
Vicente Olivert Riera
8d73629bb2 git: bump version to 2.7.4 
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
 2016-03-18 21:52:47 +01:00
Vicente Olivert Riera
bdf2bfe8b4 git: bump version to 2.6.4 
- Bump version to 2.6.4
- Update the hash value
- Remove 0002-Makefile-make-curl-config-path-configurable.patch
  - This patch is now part of upstream:
    f89158760d

Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
 2015-12-09 23:12:01 +01:00
Vicente Olivert Riera
1c25c63a14 git: bump to version 2.6.1 
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
 2015-10-06 18:34:59 +02:00
Vicente Olivert Riera
3cda54971e git: bump to version 2.6.0 
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
 2015-09-30 13:52:44 +02:00
Vicente Olivert Riera
71a0b33a0d git: bump to version 2.5.3 
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
 2015-09-19 13:58:15 +02:00
Vicente Olivert Riera
d4d2bcfa1e git: bump version to 2.5.2 
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
 2015-09-11 19:48:43 +02:00
Vicente Olivert Riera
614c287a6c git: bump to version 2.4.5 
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
 2015-07-02 11:00:29 +02:00
Vicente Olivert Riera
c7fec23ecc git: bump to version 2.4.4 
- Bump to version 2.4.4
- Update hash file

Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
 2015-06-19 20:13:50 +02:00
Vicente Olivert Riera
9a426b6bcb git: bump version to 2.3.2 
- Bump version to 2.3.2
- Update the hash file

Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
 2015-03-07 17:41:40 +01:00
Vicente Olivert Riera
9085505c02 git: bump version to 2.3.1 
- Bump version to 2.3.1
- Update the hash file

Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
 2015-02-26 22:36:25 +01:00
Vicente Olivert Riera
58c1d5baed git: bump verstion to 2.3.0 
- Bump version to 2.3.0
- Update the hash file

Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
 2015-02-07 17:40:59 +01:00
Gustavo Zacarias
59b3b3edd6 git: security bump to version 2.2.1 
Fixes:
CVE-2014-9390 - arbitrary command execution vulnerability on
case-insensitive file systems.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
 2014-12-19 21:41:03 +01:00
Vicente Olivert Riera
46ede997d4 git: bump version to 2.2.0 
- Bump version to 2.2.0
- Update the hash value

Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
 2014-11-27 20:34:50 +01:00
Vicente Olivert Riera
ff9b9adb06 git: bump version to 2.1.3 
- Bump version to 2.1.3
- Add a hash file

Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
 2014-11-19 22:41:00 +01:00