godotengine/buildroot
1
0
Fork 0
mirror of https://github.com/godotengine/buildroot.git synced 2026-01-06 18:09:44 +03:00
Code Issues Packages Projects Releases Wiki Activity
40,220 Commits 28 Branches 277 Tags
56f39e81ac0e00a0004cdbebe0ca0e2501bbdfd9
Commit Graph

5 Commits

Author SHA1 Message Date
Matt Weber
13f554f530 libzip: update legal hash for 1.4.0 
The copyright was updated in the LICENSES file

Fixes (one of many):
http://autobuild.buildroot.net/results/a64/a64ddf630aa44c7b0353f5a6818beffd20712615/

Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
 2018-01-06 09:25:05 +01:00
Baruch Siach
b7da7469de libzip: bump to version 1.4.0 
Upstream switched to cmake.

Add upstream patch that removes run of target binary on the host.

Cc: Bartosz Golaszewski <brgl@bgdev.pl>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
 2018-01-05 16:16:39 +01:00
Peter Korsgaard
f77fb7b585 libzip: security bump to version 1.3.0 
Fixes the following security issues:

CVE-2017-12858: Double free vulnerability in the _zip_dirent_read function
in zip_dirent.c in libzip allows attackers to have unspecified impact via
unknown vectors.

CVE-2017-14107: The _zip_read_eocd64 function in zip_open.c in libzip before
1.3.0 mishandles EOCD records, which allows remote attackers to cause a
denial of service (memory allocation failure in _zip_cdir_grow in
zip_dirent.c) via a crafted ZIP archive.

For more details, see
https://blogs.gentoo.org/ago/2017/09/01/libzip-use-after-free-in-_zip_buffer_free-zip_buffer-c/
https://blogs.gentoo.org/ago/2017/09/01/libzip-memory-allocation-failure-in-_zip_cdir_grow-zip_dirent-c/

libzip-1.3.0 also adds optional bzip2 support, so handle that.

While we're at it, add a hash for the license file.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
 2017-09-08 11:16:56 +02:00
Bartosz Golaszewski
7b846fc07f libzip: bump version to 1.2.0 
It's a major release, but the API seems to be mostly
backwards-compatible. The only package depending on this library in
buildroot is libsigrok and it builds fine.

Signed-off-by: Bartosz Golaszewski <brgl@bgdev.pl>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
 2017-07-02 00:43:31 +02:00
Gustavo Zacarias
7ccf520d1c libzip: add hash file 
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
 2015-07-28 22:32:57 +02:00