mirror of
https://github.com/godotengine/buildroot.git
synced 2026-01-08 02:09:48 +03:00
Compare commits
30 Commits
godot-2020
...
2016.11.1
| Author | SHA1 | Date | |
|---|---|---|---|
|
a0690cc883 | ||
|
|
bf8fdcc2fa | ||
|
|
65d7b45bdd | ||
|
|
0f8f5a7711 | ||
|
|
03f286cd85 | ||
|
|
5f691d11d4 | ||
|
04cc75c622 | ||
|
|
d1bd3e4104 | ||
|
|
d12c6df2fc | ||
|
b1cd530b3c | ||
|
|
c5c78f258a | ||
|
3df927248e | ||
|
9bff460146 | ||
|
|
738a80e2eb | ||
|
|
e9da17dead | ||
|
|
f3820f83d4 | ||
|
|
3a8611ea04 | ||
|
|
f3d5197a46 | ||
|
34bd0869b6 | ||
|
|
7dbd36d931 | ||
|
|
59bd179c35 | ||
|
|
a9a6bfd6c1 | ||
|
|
c4954457b5 | ||
|
|
6531f267bf | ||
|
105727951a | ||
|
|
1ca7ab6022 | ||
|
|
0757d8db1c | ||
|
8d58e8af95 | ||
|
|
7567aff8fc | ||
|
722b2d11a0 |
13
CHANGES
13
CHANGES
@@ -1,3 +1,16 @@
|
||||
2016.11.1, Released December 29th, 2016
|
||||
|
||||
Important / security related fixes.
|
||||
|
||||
Updated/fixed packages: apache, cryptopp, docker-engine,
|
||||
dovecot, exim, gdk-pixbuf, libcurl, libupnp, links, monit,
|
||||
nodejs, openssh, php, python, python-bottle, samba4, squid,
|
||||
uboot, vim, wireshark, xorg-server uboot
|
||||
|
||||
Issues resolved (http://bugs.buildroot.org):
|
||||
|
||||
#9466: VIM_REMOVE_DOCS removes rgb.txt
|
||||
|
||||
2016.11, Released November 30th, 2016
|
||||
|
||||
Minor fixes.
|
||||
|
||||
@@ -499,12 +499,19 @@ config BR2_PACKAGE_QT5QUICK1
|
||||
from upstream starting from Qt 5.6.
|
||||
|
||||
config BR2_TARGET_UBOOT_CUSTOM_PATCH_DIR
|
||||
bool "uboot custom patch dir removed"
|
||||
select BR2_LEGACY
|
||||
string "uboot custom patch dir has been removed"
|
||||
help
|
||||
The uboot custom patch directory option has been removed. Use
|
||||
the improved BR2_TARGET_UBOOT_PATCH option instead.
|
||||
|
||||
config BR2_TARGET_UBOOT_CUSTOM_PATCH_DIR_WRAP
|
||||
bool
|
||||
default y if BR2_TARGET_UBOOT_CUSTOM_PATCH_DIR != ""
|
||||
select BR2_LEGACY
|
||||
|
||||
# Note: BR2_TARGET_UBOOT_CUSTOM_PATCH_DIR is still referenced from
|
||||
# boot/uboot/Config.in
|
||||
|
||||
config BR2_PACKAGE_XDRIVER_XF86_INPUT_VOID
|
||||
bool "xf86-input-void removed"
|
||||
select BR2_LEGACY
|
||||
|
||||
2
Makefile
2
Makefile
@@ -83,7 +83,7 @@ else # umask / $(CURDIR) / $(O)
|
||||
all:
|
||||
|
||||
# Set and export the version string
|
||||
export BR2_VERSION := 2016.11
|
||||
export BR2_VERSION := 2016.11.1
|
||||
|
||||
# Save running make version since it's clobbered by the make package
|
||||
RUNNING_MAKE_VERSION := $(MAKE_VERSION)
|
||||
|
||||
@@ -95,6 +95,7 @@ config BR2_TARGET_UBOOT_VERSION
|
||||
|
||||
config BR2_TARGET_UBOOT_PATCH
|
||||
string "Custom U-Boot patches"
|
||||
default BR2_TARGET_UBOOT_CUSTOM_PATCH_DIR if BR2_TARGET_UBOOT_CUSTOM_PATCH_DIR != "" # legacy
|
||||
help
|
||||
A space-separated list of patches to apply to U-Boot.
|
||||
Each patch can be described as an URL, a local file path,
|
||||
|
||||
@@ -1,2 +1,2 @@
|
||||
# From http://www.apache.org/dist/httpd/httpd-2.4.23.tar.bz2.sha1
|
||||
sha1 5101be34ac4a509b245adb70a56690a84fcc4e7f httpd-2.4.23.tar.bz2
|
||||
sha1 bd6d138c31c109297da2346c6e7b93b9283993d2 httpd-2.4.25.tar.bz2
|
||||
|
||||
@@ -4,7 +4,7 @@
|
||||
#
|
||||
################################################################################
|
||||
|
||||
APACHE_VERSION = 2.4.23
|
||||
APACHE_VERSION = 2.4.25
|
||||
APACHE_SOURCE = httpd-$(APACHE_VERSION).tar.bz2
|
||||
APACHE_SITE = http://archive.apache.org/dist/httpd
|
||||
APACHE_LICENSE = Apache-2.0
|
||||
|
||||
@@ -0,0 +1,69 @@
|
||||
From 3d9181d7bdd8e491f745dbc9e34bd20b6f6da069 Mon Sep 17 00:00:00 2001
|
||||
From: Gergely Nagy <ngg@tresorit.com>
|
||||
Date: Wed, 14 Dec 2016 13:19:01 +0100
|
||||
Subject: [PATCH] Fix possible DoS in ASN.1 decoders (CVE-2016-9939)
|
||||
|
||||
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
|
||||
---
|
||||
asn.cpp | 10 ++++++++++
|
||||
asn.h | 2 ++
|
||||
2 files changed, 12 insertions(+)
|
||||
|
||||
diff --git a/asn.cpp b/asn.cpp
|
||||
index 297ff01..2e923ef 100644
|
||||
--- a/asn.cpp
|
||||
+++ b/asn.cpp
|
||||
@@ -123,6 +123,8 @@ size_t BERDecodeOctetString(BufferedTransformation &bt, SecByteBlock &str)
|
||||
size_t bc;
|
||||
if (!BERLengthDecode(bt, bc))
|
||||
BERDecodeError();
|
||||
+ if (bc > bt.MaxRetrievable())
|
||||
+ BERDecodeError();
|
||||
|
||||
str.New(bc);
|
||||
if (bc != bt.Get(str, bc))
|
||||
@@ -139,6 +141,8 @@ size_t BERDecodeOctetString(BufferedTransformation &bt, BufferedTransformation &
|
||||
size_t bc;
|
||||
if (!BERLengthDecode(bt, bc))
|
||||
BERDecodeError();
|
||||
+ if (bc > bt.MaxRetrievable())
|
||||
+ BERDecodeError();
|
||||
|
||||
bt.TransferTo(str, bc);
|
||||
return bc;
|
||||
@@ -161,6 +165,8 @@ size_t BERDecodeTextString(BufferedTransformation &bt, std::string &str, byte as
|
||||
size_t bc;
|
||||
if (!BERLengthDecode(bt, bc))
|
||||
BERDecodeError();
|
||||
+ if (bc > bt.MaxRetrievable())
|
||||
+ BERDecodeError();
|
||||
|
||||
SecByteBlock temp(bc);
|
||||
if (bc != bt.Get(temp, bc))
|
||||
@@ -188,6 +194,10 @@ size_t BERDecodeBitString(BufferedTransformation &bt, SecByteBlock &str, unsigne
|
||||
size_t bc;
|
||||
if (!BERLengthDecode(bt, bc))
|
||||
BERDecodeError();
|
||||
+ if (bc == 0)
|
||||
+ BERDecodeError();
|
||||
+ if (bc > bt.MaxRetrievable())
|
||||
+ BERDecodeError();
|
||||
|
||||
byte unused;
|
||||
if (!bt.Get(unused))
|
||||
diff --git a/asn.h b/asn.h
|
||||
index ed9de52..33f0dd0 100644
|
||||
--- a/asn.h
|
||||
+++ b/asn.h
|
||||
@@ -498,6 +498,8 @@ void BERDecodeUnsigned(BufferedTransformation &in, T &w, byte asnTag = INTEGER,
|
||||
bool definite = BERLengthDecode(in, bc);
|
||||
if (!definite)
|
||||
BERDecodeError();
|
||||
+ if (bc > in.MaxRetrievable())
|
||||
+ BERDecodeError();
|
||||
|
||||
SecByteBlock buf(bc);
|
||||
|
||||
--
|
||||
2.10.2
|
||||
|
||||
@@ -1,2 +1,2 @@
|
||||
# Locally calculated
|
||||
sha256 29bc203e483c81c9a337b4a4186e6b0a23984c518b09478d8718c616b5923e88 docker-engine-v1.12.2.tar.gz
|
||||
sha256 cf4f876593abde06b4c19f971163a853a21b1992d75bd2fe5d8bea9015b09f87 docker-engine-v1.12.3.tar.gz
|
||||
|
||||
@@ -4,20 +4,22 @@
|
||||
#
|
||||
################################################################################
|
||||
|
||||
DOCKER_ENGINE_VERSION = v1.12.2
|
||||
DOCKER_ENGINE_VERSION = v1.12.3
|
||||
DOCKER_ENGINE_SITE = $(call github,docker,docker,$(DOCKER_ENGINE_VERSION))
|
||||
|
||||
DOCKER_ENGINE_LICENSE = Apache-2.0
|
||||
DOCKER_ENGINE_LICENSE_FILES = LICENSE
|
||||
|
||||
DOCKER_ENGINE_DEPENDENCIES = host-go
|
||||
DOCKER_ENGINE_DEPENDENCIES = host-go host-pkgconf
|
||||
|
||||
DOCKER_ENGINE_GOPATH = "$(@D)/vendor"
|
||||
DOCKER_ENGINE_MAKE_ENV = $(HOST_GO_TARGET_ENV) \
|
||||
CGO_ENABLED=1 \
|
||||
CGO_NO_EMULATION=1 \
|
||||
GOBIN="$(@D)/bin" \
|
||||
GOPATH="$(DOCKER_ENGINE_GOPATH)"
|
||||
GOPATH="$(DOCKER_ENGINE_GOPATH)" \
|
||||
PKG_CONFIG="$(PKG_CONFIG_HOST_BINARY)" \
|
||||
$(TARGET_MAKE_ENV)
|
||||
|
||||
DOCKER_ENGINE_GLDFLAGS = \
|
||||
-X main.GitCommit=$(DOCKER_ENGINE_VERSION) \
|
||||
@@ -66,6 +68,7 @@ define DOCKER_ENGINE_CONFIGURE_CMDS
|
||||
ln -fs $(@D) $(DOCKER_ENGINE_GOPATH)/src/github.com/docker/docker
|
||||
cd $(@D) && \
|
||||
GITCOMMIT="unknown" BUILDTIME="$$(date)" VERSION="$(DOCKER_ENGINE_VERSION)" \
|
||||
PKG_CONFIG="$(PKG_CONFIG_HOST_BINARY)" $(TARGET_MAKE_ENV) \
|
||||
bash ./hack/make/.go-autogen
|
||||
endef
|
||||
|
||||
|
||||
@@ -2,6 +2,8 @@ config BR2_PACKAGE_DOVECOT
|
||||
bool "dovecot"
|
||||
depends on !BR2_STATIC_LIBS
|
||||
depends on BR2_USE_MMU # fork()
|
||||
select BR2_PACKAGE_OPENSSL
|
||||
select BR2_PACKAGE_ZLIB
|
||||
help
|
||||
Dovecot is an open source IMAP and POP3 email server for Linux/UNIX-
|
||||
like systems, written with security primarily in mind. Dovecot is an
|
||||
@@ -24,13 +26,6 @@ config BR2_PACKAGE_DOVECOT_MYSQL
|
||||
comment "mysql support needs a toolchain w/ C++, threads"
|
||||
depends on !BR2_INSTALL_LIBSTDCPP || !BR2_TOOLCHAIN_HAS_THREADS
|
||||
|
||||
config BR2_PACKAGE_DOVECOT_OPENSSL
|
||||
bool "openssl support"
|
||||
select BR2_PACKAGE_OPENSSL
|
||||
select BR2_PACKAGE_ZLIB
|
||||
help
|
||||
Enable OpenSSL support.
|
||||
|
||||
config BR2_PACKAGE_DOVECOT_SQLITE
|
||||
bool "sqlite support"
|
||||
select BR2_PACKAGE_SQLITE
|
||||
|
||||
@@ -1,2 +1,2 @@
|
||||
# Locally computed
|
||||
sha256 d8d9f32c846397f7c22749a84c5cf6f59c55ff7ded3dc9f07749a255182f9667 dovecot-2.2.25.tar.gz
|
||||
# Locally computed after checking signature
|
||||
sha256 897f92a87cda4b27b243f8149ce0ba7b7e71a2be8fb7994eb0a025e54cde18e9 dovecot-2.2.27.tar.gz
|
||||
|
||||
@@ -5,12 +5,15 @@
|
||||
################################################################################
|
||||
|
||||
DOVECOT_VERSION_MAJOR = 2.2
|
||||
DOVECOT_VERSION = $(DOVECOT_VERSION_MAJOR).25
|
||||
DOVECOT_VERSION = $(DOVECOT_VERSION_MAJOR).27
|
||||
DOVECOT_SITE = http://www.dovecot.org/releases/$(DOVECOT_VERSION_MAJOR)
|
||||
DOVECOT_INSTALL_STAGING = YES
|
||||
DOVECOT_LICENSE = LGPLv2.1
|
||||
DOVECOT_LICENSE_FILES = COPYING COPYING.LGPL COPYING.MIT
|
||||
DOVECOT_DEPENDENCIES = host-pkgconf $(if $(BR2_PACKAGE_LIBICONV),libiconv)
|
||||
DOVECOT_DEPENDENCIES = \
|
||||
host-pkgconf \
|
||||
$(if $(BR2_PACKAGE_LIBICONV),libiconv) \
|
||||
openssl
|
||||
|
||||
DOVECOT_CONF_ENV = \
|
||||
RPCGEN=__disable_RPCGEN_rquota \
|
||||
@@ -27,7 +30,7 @@ DOVECOT_CONF_ENV = \
|
||||
lib_cv___va_copy=yes \
|
||||
lib_cv_va_val_copy=yes
|
||||
|
||||
DOVECOT_CONF_OPTS = --without-docs
|
||||
DOVECOT_CONF_OPTS = --without-docs --with-ssl=openssl
|
||||
|
||||
ifeq ($(BR2_PACKAGE_DOVECOT_MYSQL)$(BR2_PACKAGE_DOVECOT_SQLITE),)
|
||||
DOVECOT_CONF_OPTS += --without-sql
|
||||
@@ -62,13 +65,6 @@ else
|
||||
DOVECOT_CONF_OPTS += --without-mysql
|
||||
endif
|
||||
|
||||
ifeq ($(BR2_PACKAGE_DOVECOT_OPENSSL),y)
|
||||
DOVECOT_CONF_OPTS += --with-ssl=openssl
|
||||
DOVECOT_DEPENDENCIES += openssl
|
||||
else
|
||||
DOVECOT_CONF_OPTS += --with-ssl=no
|
||||
endif
|
||||
|
||||
ifeq ($(BR2_PACKAGE_DOVECOT_SQLITE),y)
|
||||
DOVECOT_CONF_OPTS += --with-sqlite
|
||||
DOVECOT_DEPENDENCIES += sqlite
|
||||
|
||||
@@ -1,2 +1,2 @@
|
||||
# Locally calculated
|
||||
sha256 74691e0dff4d1b5d387e9c33c86f96a8f6d2adbc781c0dec9d2061a847b07dc9 exim-4.87.tar.bz2
|
||||
sha256 d4b7994c89240d2f9a9fcd7a2dffa4b72f14379001a24266f4dbb0fbe5131514 exim-4.87.1.tar.bz2
|
||||
|
||||
@@ -4,9 +4,9 @@
|
||||
#
|
||||
################################################################################
|
||||
|
||||
EXIM_VERSION = 4.87
|
||||
EXIM_VERSION = 4.87.1
|
||||
EXIM_SOURCE = exim-$(EXIM_VERSION).tar.bz2
|
||||
EXIM_SITE = ftp://ftp.exim.org/pub/exim/exim4
|
||||
EXIM_SITE = ftp://ftp.exim.org/pub/exim/exim4/old
|
||||
EXIM_LICENSE = GPLv2+
|
||||
EXIM_LICENSE_FILES = LICENCE
|
||||
EXIM_DEPENDENCIES = pcre berkeleydb host-pkgconf
|
||||
|
||||
@@ -1,2 +1,2 @@
|
||||
# From http://ftp.gnome.org/pub/gnome/sources/gdk-pixbuf/2.36/gdk-pixbuf-2.36.0.sha256sum
|
||||
sha256 85ab52ce9f2c26327141b3dcf21cca3da6a3f8de84b95fa1e727d8871a23245c gdk-pixbuf-2.36.0.tar.xz
|
||||
# From http://ftp.gnome.org/pub/gnome/sources/gdk-pixbuf/2.36/gdk-pixbuf-2.36.2.sha256sum
|
||||
sha256 3a082ad67d68b55970aed0b2034a06618167be98a42d5c70de736756b45d325d gdk-pixbuf-2.36.2.tar.xz
|
||||
|
||||
@@ -5,7 +5,7 @@
|
||||
################################################################################
|
||||
|
||||
GDK_PIXBUF_VERSION_MAJOR = 2.36
|
||||
GDK_PIXBUF_VERSION = $(GDK_PIXBUF_VERSION_MAJOR).0
|
||||
GDK_PIXBUF_VERSION = $(GDK_PIXBUF_VERSION_MAJOR).2
|
||||
GDK_PIXBUF_SOURCE = gdk-pixbuf-$(GDK_PIXBUF_VERSION).tar.xz
|
||||
GDK_PIXBUF_SITE = http://ftp.gnome.org/pub/gnome/sources/gdk-pixbuf/$(GDK_PIXBUF_VERSION_MAJOR)
|
||||
GDK_PIXBUF_LICENSE = LGPLv2+
|
||||
|
||||
@@ -1,2 +1,2 @@
|
||||
# Locally calculated after checking pgp signature
|
||||
sha256 7f8240048907e5030f67be0a6129bc4b333783b9cca1391026d700835a788dde curl-7.51.0.tar.bz2
|
||||
sha256 d16185a767cb2c1ba3d5b9096ec54e5ec198b213f45864a38b3bda4bbf87389b curl-7.52.1.tar.bz2
|
||||
|
||||
@@ -4,7 +4,7 @@
|
||||
#
|
||||
################################################################################
|
||||
|
||||
LIBCURL_VERSION = 7.51.0
|
||||
LIBCURL_VERSION = 7.52.1
|
||||
LIBCURL_SOURCE = curl-$(LIBCURL_VERSION).tar.bz2
|
||||
LIBCURL_SITE = https://curl.haxx.se/download
|
||||
LIBCURL_DEPENDENCIES = host-pkgconf \
|
||||
|
||||
@@ -0,0 +1,73 @@
|
||||
From c91a8a3903367e1163765b73eb4d43be7d7927fa Mon Sep 17 00:00:00 2001
|
||||
From: Matthew Garrett <mjg59@srcf.ucam.org>
|
||||
Date: Tue, 23 Feb 2016 13:53:20 -0800
|
||||
Subject: [PATCH] Don't allow unhandled POSTs to write to the filesystem by
|
||||
default
|
||||
|
||||
Fixes CVE-2016-6255: write files via POST
|
||||
|
||||
If there's no registered handler for a POST request, the default behaviour
|
||||
is to write it to the filesystem. Several million deployed devices appear
|
||||
to have this behaviour, making it possible to (at least) store arbitrary
|
||||
data on them. Add a configure option that enables this behaviour, and change
|
||||
the default to just drop POSTs that aren't directly handled.
|
||||
|
||||
Signed-off-by: Marcelo Roberto Jimenez <mroberto@users.sourceforge.net>
|
||||
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
|
||||
---
|
||||
configure.ac | 4 ++++
|
||||
upnp/inc/upnpconfig.h.in | 5 +++++
|
||||
upnp/src/genlib/net/http/webserver.c | 4 ++++
|
||||
3 files changed, 13 insertions(+)
|
||||
|
||||
diff --git a/configure.ac b/configure.ac
|
||||
index dd88734..ea2bc09 100644
|
||||
--- a/configure.ac
|
||||
+++ b/configure.ac
|
||||
@@ -482,6 +482,10 @@ if test "x$enable_scriptsupport" = xyes ; then
|
||||
AC_DEFINE(IXML_HAVE_SCRIPTSUPPORT, 1, [see upnpconfig.h])
|
||||
fi
|
||||
|
||||
+RT_BOOL_ARG_ENABLE([postwrite], [no], [write to the filesystem on otherwise unhandled POST requests])
|
||||
+if test "x$enable_postwrite" = xyes ; then
|
||||
+ AC_DEFINE(UPNP_ENABLE_POST_WRITE, 1, [see upnpconfig.h])
|
||||
+fi
|
||||
|
||||
RT_BOOL_ARG_ENABLE([samples], [yes], [compilation of upnp/sample/ code])
|
||||
|
||||
diff --git a/upnp/inc/upnpconfig.h.in b/upnp/inc/upnpconfig.h.in
|
||||
index 46ddc6e..5df8c5a 100644
|
||||
--- a/upnp/inc/upnpconfig.h.in
|
||||
+++ b/upnp/inc/upnpconfig.h.in
|
||||
@@ -135,5 +135,10 @@
|
||||
* (i.e. configure --enable-open_ssl) */
|
||||
#undef UPNP_ENABLE_OPEN_SSL
|
||||
|
||||
+/** Defined to 1 if the library has been compiled to support filesystem writes on POST
|
||||
+ * (i.e. configure --enable-postwrite) */
|
||||
+#undef UPNP_ENABLE_POST_WRITE
|
||||
+
|
||||
+
|
||||
#endif /* UPNP_CONFIG_H */
|
||||
|
||||
diff --git a/upnp/src/genlib/net/http/webserver.c b/upnp/src/genlib/net/http/webserver.c
|
||||
index 8991c16..8b2ecf2 100644
|
||||
--- a/upnp/src/genlib/net/http/webserver.c
|
||||
+++ b/upnp/src/genlib/net/http/webserver.c
|
||||
@@ -1369,9 +1369,13 @@ static int http_RecvPostMessage(
|
||||
if (Fp == NULL)
|
||||
return HTTP_INTERNAL_SERVER_ERROR;
|
||||
} else {
|
||||
+#ifdef UPNP_ENABLE_POST_WRITE
|
||||
Fp = fopen(filename, "wb");
|
||||
if (Fp == NULL)
|
||||
return HTTP_UNAUTHORIZED;
|
||||
+#else
|
||||
+ return HTTP_NOT_FOUND;
|
||||
+#endif
|
||||
}
|
||||
parser->position = POS_ENTITY;
|
||||
do {
|
||||
--
|
||||
2.10.2
|
||||
|
||||
@@ -0,0 +1,64 @@
|
||||
From 9c099c2923ab4d98530ab5204af1738be5bddba7 Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Uwe=20Kleine-K=C3=B6nig?= <ukleinek@debian.org>
|
||||
Date: Thu, 8 Dec 2016 17:11:53 +0100
|
||||
Subject: [PATCH] Fix out-of-bound access in create_url_list() (CVE-2016-8863)
|
||||
|
||||
If there is an invalid URL in URLS->buf after a valid one, uri_parse is
|
||||
called with out pointing after the allocated memory. As uri_parse writes
|
||||
to *out before returning an error the loop in create_url_list must be
|
||||
stopped early to prevent an out-of-bound access
|
||||
|
||||
Bug: https://sourceforge.net/p/pupnp/bugs/133/
|
||||
Bug-CVE: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8863
|
||||
Bug-Debian: https://bugs.debian.org/842093
|
||||
Bug-Redhat: https://bugzilla.redhat.com/show_bug.cgi?id=1388771
|
||||
(cherry picked from commit a0f6e719bc03c4d2fe6a4a42ef6b8761446f520b)
|
||||
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
|
||||
---
|
||||
upnp/src/gena/gena_device.c | 17 ++++++++++++-----
|
||||
1 file changed, 12 insertions(+), 5 deletions(-)
|
||||
|
||||
diff --git a/upnp/src/gena/gena_device.c b/upnp/src/gena/gena_device.c
|
||||
index fb04a29..245c56b 100644
|
||||
--- a/upnp/src/gena/gena_device.c
|
||||
+++ b/upnp/src/gena/gena_device.c
|
||||
@@ -1113,7 +1113,7 @@ static int create_url_list(
|
||||
/*! [out] . */
|
||||
URL_list *out)
|
||||
{
|
||||
- size_t URLcount = 0;
|
||||
+ size_t URLcount = 0, URLcount2 = 0;
|
||||
size_t i;
|
||||
int return_code = 0;
|
||||
uri_type temp;
|
||||
@@ -1155,16 +1155,23 @@ static int create_url_list(
|
||||
}
|
||||
memcpy( out->URLs, URLS->buff, URLS->size );
|
||||
out->URLs[URLS->size] = 0;
|
||||
- URLcount = 0;
|
||||
for( i = 0; i < URLS->size; i++ ) {
|
||||
if( ( URLS->buff[i] == '<' ) && ( i + 1 < URLS->size ) ) {
|
||||
if( ( ( return_code =
|
||||
parse_uri( &out->URLs[i + 1], URLS->size - i + 1,
|
||||
- &out->parsedURLs[URLcount] ) ) ==
|
||||
+ &out->parsedURLs[URLcount2] ) ) ==
|
||||
HTTP_SUCCESS )
|
||||
- && ( out->parsedURLs[URLcount].hostport.text.size !=
|
||||
+ && ( out->parsedURLs[URLcount2].hostport.text.size !=
|
||||
0 ) ) {
|
||||
- URLcount++;
|
||||
+ URLcount2++;
|
||||
+ if (URLcount2 >= URLcount)
|
||||
+ /*
|
||||
+ * break early here in case there is a bogus URL that
|
||||
+ * was skipped above. This prevents to access
|
||||
+ * out->parsedURLs[URLcount] which is beyond the
|
||||
+ * allocation.
|
||||
+ */
|
||||
+ break;
|
||||
} else {
|
||||
if( return_code == UPNP_E_OUTOF_MEMORY ) {
|
||||
free( out->URLs );
|
||||
--
|
||||
2.10.2
|
||||
|
||||
@@ -11,5 +11,7 @@ LIBUPNP_CONF_ENV = ac_cv_lib_compat_ftime=no
|
||||
LIBUPNP_INSTALL_STAGING = YES
|
||||
LIBUPNP_LICENSE = BSD-3c
|
||||
LIBUPNP_LICENSE_FILES = LICENSE
|
||||
# configure.ac patched by 0001-Don-t-allow-unhandled-POSTs-to-write-to-the-filesyst.patch
|
||||
LIBUPNP_AUTORECONF = YES
|
||||
|
||||
$(eval $(autotools-package))
|
||||
|
||||
@@ -1,2 +1,2 @@
|
||||
# Locally calculated
|
||||
sha256 98411811ded1e8028f5aed708dd7d8ec0ae63ce24c2991a0241a989b7d09d84e links-2.12.tar.bz2
|
||||
sha256 f70d0678ef1c5550953bdc27b12e72d5de86e53b05dd59b0fc7f07c507f244b8 links-2.14.tar.bz2
|
||||
|
||||
@@ -4,7 +4,7 @@
|
||||
#
|
||||
################################################################################
|
||||
|
||||
LINKS_VERSION = 2.12
|
||||
LINKS_VERSION = 2.14
|
||||
LINKS_SOURCE = links-$(LINKS_VERSION).tar.bz2
|
||||
LINKS_SITE = http://links.twibright.com/download
|
||||
LINKS_DEPENDENCIES = host-pkgconf
|
||||
|
||||
@@ -1,2 +1,2 @@
|
||||
# From https://mmonit.com/monit/dist/monit-5.17.tar.gz.sha256:
|
||||
sha256 2fbcdea79ae39228791a0aaa685ebbf650f2b58d086eaf77a33226e972cb216e monit-5.17.tar.gz
|
||||
# From https://mmonit.com/monit/dist/monit-5.20.0.tar.gz.sha256:
|
||||
sha256 ebac395ec50c1ae64d568db1260bc049d0e0e624c00e79d7b1b9a59c2679b98d monit-5.20.0.tar.gz
|
||||
|
||||
@@ -4,7 +4,7 @@
|
||||
#
|
||||
################################################################################
|
||||
|
||||
MONIT_VERSION = 5.17
|
||||
MONIT_VERSION = 5.20.0
|
||||
MONIT_SITE = http://mmonit.com/monit/dist
|
||||
MONIT_LICENSE = AGPLv3 with OpenSSL exception
|
||||
MONIT_LICENSE_FILES = COPYING
|
||||
@@ -27,4 +27,11 @@ else
|
||||
MONIT_CONF_OPTS += --without-ssl
|
||||
endif
|
||||
|
||||
ifeq ($(BR2_PACKAGE_ZLIB),y)
|
||||
MONIT_CONF_OPTS += --with-zlib
|
||||
MONIT_DEPENDENCIES += zlib
|
||||
else
|
||||
MONIT_CONF_OPTS += --without-zlib
|
||||
endif
|
||||
|
||||
$(eval $(autotools-package))
|
||||
|
||||
@@ -43,8 +43,8 @@ config BR2_PACKAGE_NODEJS_V8_ARCH_SUPPORTS
|
||||
|
||||
config BR2_PACKAGE_NODEJS_VERSION_STRING
|
||||
string
|
||||
default "6.7.0" if BR2_PACKAGE_NODEJS_V8_ARCH_SUPPORTS
|
||||
default "0.10.47"
|
||||
default "6.9.1" if BR2_PACKAGE_NODEJS_V8_ARCH_SUPPORTS
|
||||
default "0.10.48"
|
||||
|
||||
config BR2_PACKAGE_NODEJS_NPM
|
||||
bool "NPM for the target"
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
# From upstream URL: http://nodejs.org/dist/v0.10.47/SHASUMS256.txt
|
||||
sha256 335bdf4db702885a8acaf2c9f241c70cabd62497361da81aca65c8e8a8e7ff09 node-v0.10.47.tar.xz
|
||||
# From upstream URL: http://nodejs.org/dist/v0.10.48/SHASUMS256.txt
|
||||
sha256 365a93d9acc076a0d93f087d269f376abeebccad599a9dab72f2f6ed96c8ae6e node-v0.10.48.tar.xz
|
||||
|
||||
# From upstream URL: http://nodejs.org/dist/v6.7.0/SHASUMS256.txt
|
||||
sha256 ceb028324aab1ee8c7ea6a62026f036f3ea71f5ef5212593d0f833f999dd3be5 node-v6.7.0.tar.xz
|
||||
# From upstream URL: http://nodejs.org/dist/v6.9.1/SHASUMS256.txt
|
||||
sha256 0bdd8d1305777cc8cd206129ea494d6c6ce56001868dd80147aff531d6df0729 node-v6.9.1.tar.xz
|
||||
|
||||
@@ -1,31 +0,0 @@
|
||||
From ec165c392ca54317dbe3064a8c200de6531e89ad Mon Sep 17 00:00:00 2001
|
||||
From: "markus@openbsd.org" <markus@openbsd.org>
|
||||
Date: Mon, 10 Oct 2016 19:28:48 +0000
|
||||
Subject: [PATCH] upstream commit
|
||||
|
||||
Unregister the KEXINIT handler after message has been
|
||||
received. Otherwise an unauthenticated peer can repeat the KEXINIT and cause
|
||||
allocation of up to 128MB -- until the connection is closed. Reported by
|
||||
shilei-c at 360.cn
|
||||
|
||||
Upstream-ID: 43649ae12a27ef94290db16d1a98294588b75c05
|
||||
|
||||
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
|
||||
---
|
||||
Patch status: upstream
|
||||
|
||||
kex.c | 3 ++-
|
||||
1 file changed, 2 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/kex.c b/kex.c
|
||||
index 3f97f8c..6a94bc5 100644
|
||||
--- a/kex.c
|
||||
+++ b/kex.c
|
||||
@@ -481,6 +481,7 @@ kex_input_kexinit(int type, u_int32_t seq, void *ctxt)
|
||||
if (kex == NULL)
|
||||
return SSH_ERR_INVALID_ARGUMENT;
|
||||
|
||||
+ ssh_dispatch_set(ssh, SSH2_MSG_KEXINIT, NULL);
|
||||
ptr = sshpkt_ptr(ssh, &dlen);
|
||||
if ((r = sshbuf_put(kex->peer, ptr, dlen)) != 0)
|
||||
return r;
|
||||
@@ -1,3 +1,3 @@
|
||||
# Locally calculated after checking pgp signature
|
||||
# Also from http://www.openssh.com/txt/release-7.3
|
||||
sha256 3ffb989a6dcaa69594c3b550d4855a5a2e1718ccdde7f5e36387b424220fbecc openssh-7.3p1.tar.gz
|
||||
# Also from http://www.openssh.com/txt/release-7.4
|
||||
sha256 1b1fc4a14e2024293181924ed24872e6f2e06293f3e8926a376b8aec481f19d1 openssh-7.4p1.tar.gz
|
||||
|
||||
@@ -4,7 +4,7 @@
|
||||
#
|
||||
################################################################################
|
||||
|
||||
OPENSSH_VERSION = 7.3p1
|
||||
OPENSSH_VERSION = 7.4p1
|
||||
OPENSSH_SITE = http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable
|
||||
OPENSSH_LICENSE = BSD-3c BSD-2c Public Domain
|
||||
OPENSSH_LICENSE_FILES = LICENCE
|
||||
|
||||
@@ -1,2 +1,2 @@
|
||||
# From http://php.net/downloads.php
|
||||
sha256 f3d6c49e1c242e5995dec15e503fde996c327eb86cd7ec45c690e93c971b83ff php-7.0.12.tar.xz
|
||||
sha256 0f1dff6392a1cc2ed126b9695f580a2ed77eb09d2c23b41cabfb41e6f27a8c89 php-7.0.14.tar.xz
|
||||
|
||||
@@ -4,7 +4,7 @@
|
||||
#
|
||||
################################################################################
|
||||
|
||||
PHP_VERSION = 7.0.12
|
||||
PHP_VERSION = 7.0.14
|
||||
PHP_SITE = http://www.php.net/distributions
|
||||
PHP_SOURCE = php-$(PHP_VERSION).tar.xz
|
||||
PHP_INSTALL_STAGING = YES
|
||||
|
||||
@@ -1,3 +1,3 @@
|
||||
# md5 from https://pypi.python.org/pypi/bottle/json, sha256 locally computed
|
||||
md5 f5850258a86224a791171e8ecbb66d99 bottle-0.12.9.tar.gz
|
||||
sha256 fe0a24b59385596d02df7ae7845fe7d7135eea73799d03348aeb9f3771500051 bottle-0.12.9.tar.gz
|
||||
md5 6c38912f4755ba71d852fbe320bdd61c bottle-0.12.11.tar.gz
|
||||
sha256 a1958f9725042a9809ebe33d7eadf90d1d563a8bdd6ce5f01849bff7e941a731 bottle-0.12.11.tar.gz
|
||||
|
||||
@@ -4,11 +4,11 @@
|
||||
#
|
||||
################################################################################
|
||||
|
||||
PYTHON_BOTTLE_VERSION = 0.12.9
|
||||
PYTHON_BOTTLE_VERSION = 0.12.11
|
||||
PYTHON_BOTTLE_SOURCE = bottle-$(PYTHON_BOTTLE_VERSION).tar.gz
|
||||
PYTHON_BOTTLE_SITE = http://pypi.python.org/packages/source/b/bottle
|
||||
PYTHON_BOTTLE_SITE = https://pypi.python.org/packages/a1/f6/0db23aeeb40c9a7c5d226b1f70ce63822c567178eee5b623bca3e0cc3bef
|
||||
PYTHON_BOTTLE_LICENSE = MIT
|
||||
# README.rst refers to the file "LICENSE" but it's not included
|
||||
PYTHON_BOTTLE_SETUP_TYPE = distutils
|
||||
PYTHON_BOTTLE_SETUP_TYPE = setuptools
|
||||
|
||||
$(eval $(python-package))
|
||||
|
||||
@@ -58,9 +58,9 @@ Index: b/Makefile.pre.in
|
||||
-rm -f python*-gdb.py
|
||||
- -rm -f pybuilddir.txt
|
||||
+ -rm -f pybuilddir.txt pysysconfigdatadir.txt
|
||||
find $(srcdir)/[a-zA-Z]* '(' -name '*.fdc' -o -name '*~' \
|
||||
-o -name '[@,#]*' -o -name '*.old' \
|
||||
-o -name '*.orig' -o -name '*.rej' \
|
||||
# Issue #28258: set LC_ALL to avoid issues with Estonian locale.
|
||||
# Expansion is performed here by shell (spawned by make) itself before
|
||||
# arguments are passed to find. So LC_ALL=C must be set as a separate
|
||||
Index: b/configure.ac
|
||||
===================================================================
|
||||
--- a/configure.ac
|
||||
|
||||
@@ -61,7 +61,7 @@ Index: b/Makefile.pre.in
|
||||
@@ -410,7 +410,7 @@
|
||||
|
||||
# Default target
|
||||
all: build_all
|
||||
all: @DEF_MAKE_ALL_RULE@
|
||||
-build_all: $(BUILDPYTHON) oldsharedmods sharedmods gdbhooks
|
||||
+build_all: $(BUILDPYTHON) oldsharedmods sharedmods gdbhooks python-config
|
||||
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
# From https://www.python.org/downloads/release/python-2712/
|
||||
md5 57dffcee9cee8bb2ab5f82af1d8e9a69 Python-2.7.12.tar.xz
|
||||
# From https://www.python.org/downloads/release/python-2713/
|
||||
md5 53b43534153bb2a0363f08bae8b9d990 Python-2.7.13.tar.xz
|
||||
# Locally calculated
|
||||
sha256 d7837121dd5652a05fef807c361909d255d173280c4e1a4ded94d73d80a1f978 Python-2.7.12.tar.xz
|
||||
sha256 35d543986882f78261f97787fd3e06274bfa6df29fac9b4a94f73930ff98f731 Python-2.7.13.tar.xz
|
||||
|
||||
@@ -5,7 +5,7 @@
|
||||
################################################################################
|
||||
|
||||
PYTHON_VERSION_MAJOR = 2.7
|
||||
PYTHON_VERSION = $(PYTHON_VERSION_MAJOR).12
|
||||
PYTHON_VERSION = $(PYTHON_VERSION_MAJOR).13
|
||||
PYTHON_SOURCE = Python-$(PYTHON_VERSION).tar.xz
|
||||
PYTHON_SITE = http://python.org/ftp/python/$(PYTHON_VERSION)
|
||||
PYTHON_LICENSE = Python software foundation license v2, others
|
||||
|
||||
@@ -1,2 +1,2 @@
|
||||
# Locally calculated
|
||||
sha256 a69d6612e4a421640242ca66c4dbb0e4c20281e77dc24970a332770814d45c7c samba-4.4.7.tar.gz
|
||||
sha256 0e54de8a22b77f9712578029639331b51f818b70e194766c98475a5b99470fbf samba-4.4.8.tar.gz
|
||||
|
||||
@@ -4,7 +4,7 @@
|
||||
#
|
||||
################################################################################
|
||||
|
||||
SAMBA4_VERSION = 4.4.7
|
||||
SAMBA4_VERSION = 4.4.8
|
||||
SAMBA4_SITE = http://ftp.samba.org/pub/samba/stable
|
||||
SAMBA4_SOURCE = samba-$(SAMBA4_VERSION).tar.gz
|
||||
SAMBA4_INSTALL_STAGING = YES
|
||||
|
||||
@@ -1,3 +1,3 @@
|
||||
# From http://www.squid-cache.org/Versions/v3/3.5/squid-3.5.22.tar.xz.asc
|
||||
md5 afb82d2748c06c95815c171463b4aa14 squid-3.5.22.tar.xz
|
||||
sha1 73e9199dd9d2a7f107f78d03454830713a4a571d squid-3.5.22.tar.xz
|
||||
# From http://www.squid-cache.org/Versions/v3/3.5/squid-3.5.23.tar.xz.asc
|
||||
md5 9b68f689e3d9578932b9c6a4041037c2 squid-3.5.23.tar.xz
|
||||
sha1 33e43869d5eeb0fdfd1d625e6d6edee0617b2b22 squid-3.5.23.tar.xz
|
||||
|
||||
@@ -5,7 +5,7 @@
|
||||
################################################################################
|
||||
|
||||
SQUID_VERSION_MAJOR = 3.5
|
||||
SQUID_VERSION = $(SQUID_VERSION_MAJOR).22
|
||||
SQUID_VERSION = $(SQUID_VERSION_MAJOR).23
|
||||
SQUID_SOURCE = squid-$(SQUID_VERSION).tar.xz
|
||||
SQUID_SITE = http://www.squid-cache.org/Versions/v3/$(SQUID_VERSION_MAJOR)
|
||||
SQUID_LICENSE = GPLv2+
|
||||
|
||||
@@ -61,7 +61,7 @@ define VIM_INSTALL_RUNTIME_CMDS
|
||||
endef
|
||||
|
||||
define VIM_REMOVE_DOCS
|
||||
find $(TARGET_DIR)/usr/share/vim -type f -name "*.txt" -delete
|
||||
$(RM) -rf $(TARGET_DIR)/usr/share/vim/vim*/doc/
|
||||
endef
|
||||
|
||||
# Avoid oopses with vipw/vigr, lack of $EDITOR and 'vi' command expectation
|
||||
|
||||
@@ -1,2 +1,2 @@
|
||||
# From: https://www.wireshark.org/download/src/all-versions/SIGNATURES-2.2.2.txt
|
||||
sha256 f9acef5e9a9021a400b4244fafc06969f41ec594ec57fd7f0ff63bafca0055b3 wireshark-2.2.2.tar.bz2
|
||||
# From: https://www.wireshark.org/download/src/all-versions/SIGNATURES-2.2.3.txt
|
||||
sha256 97bac89e88892054a5848a9f7e0c36aa399a2008900829b078e29cab0ddd593b wireshark-2.2.3.tar.bz2
|
||||
|
||||
@@ -4,7 +4,7 @@
|
||||
#
|
||||
################################################################################
|
||||
|
||||
WIRESHARK_VERSION = 2.2.2
|
||||
WIRESHARK_VERSION = 2.2.3
|
||||
WIRESHARK_SOURCE = wireshark-$(WIRESHARK_VERSION).tar.bz2
|
||||
WIRESHARK_SITE = https://www.wireshark.org/download/src/all-versions
|
||||
WIRESHARK_LICENSE = wireshark license
|
||||
|
||||
@@ -48,6 +48,7 @@ config BR2_PACKAGE_XSERVER_XORG_SERVER
|
||||
select BR2_PACKAGE_XPROTO_XPROTO
|
||||
select BR2_PACKAGE_XUTIL_UTIL_MACROS
|
||||
select BR2_PACKAGE_XKEYBOARD_CONFIG
|
||||
select BR2_PACKAGE_XPROTO_DRI2PROTO if BR2_PACKAGE_SYSTEMD
|
||||
help
|
||||
X.Org X server
|
||||
|
||||
|
||||
@@ -73,7 +73,9 @@ ifeq ($(BR2_PACKAGE_SYSTEMD),y)
|
||||
XSERVER_XORG_SERVER_CONF_OPTS += \
|
||||
--with-systemd-daemon \
|
||||
--enable-systemd-logind
|
||||
XSERVER_XORG_SERVER_DEPENDENCIES += systemd
|
||||
XSERVER_XORG_SERVER_DEPENDENCIES += \
|
||||
systemd \
|
||||
xproto_dri2proto
|
||||
else
|
||||
XSERVER_XORG_SERVER_CONF_OPTS += \
|
||||
--without-systemd-daemon \
|
||||
|
||||
Reference in New Issue
Block a user