[Peter: adjust patch to also drop ldconfig call]
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes CVE-2014-4617: The do_uncompress function in g10/compress.c in
GnuPG 1.x before 1.4.17 and 2.x before 2.0.24 allows context-dependent
attackers to cause a denial of service (infinite loop) via malformed
compressed packets, as demonstrated by an a3 01 5b ff byte sequence.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes runtime issues when built with gcc 4.9
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
[Peter: note that readline is optional, drop trailing Config.in line]
Signed-off-by: Ryan Barnett <ryan.barnett@rockwellcollins.com>
CC: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
According to the documentation:
"Header: The file starts with a header. It contains the module name,
preferably in lowercase, enclosed between separators made of 80 hashes."
This patch makes the appropriate changes.
Signed-off-by: Jerzy Grzegorek <jerzy.grzegorek@trzebnica.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add a new patch to use pkg-config to detect openssl.
[Peter: fix minor typos in description]
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
- switch to BackPan in order to prevent build breakage
(like http://autobuild.buildroot.net/results/358/358f531f2db90b9bc3b1e4e2158c68d2bf6587fc/)
- add license file
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Tested-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes:
CVE-2014-0244 (Denial of service - CPU loop)
CVE-2014-3493 (Denial of service - Server crash/memory corruption)
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes:
CVE-2014-0244 (Denial of service - CPU loop)
CVE-2014-3493 (Denial of service - Server crash/memory corruption)
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
From the release notes:
- Add libtool versioning to the linker flags again. This was accidentially
removed in 0.4.20 but should not cause any problems on platforms other
than OS X (Sebastian Dröge)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit d3ccfa362b (avahi: run as avahi user/group instead of default)
changed avahi-autoipd to run as the avahi user, but forgot to update the
init script/systemd config to match.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Tarball no longer available in .gz format. From the release notes:
- Fix list corruption when splitting code memory chunks, causing crashes
when allocating a lot of code memory and trying to free it later
(Tim-Philipp Müller)
- Add some extra checks for the number of variables used in ORC code to
prevent overflows and crashes in the compiler (Vincent Penquerc'h)
- Various compiler warnings, coverity warnings and static code analysis
fixes (Sebastian Dröge)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This helper was called when none of the sources or license
files were saved.
Now we handle license files separately from the sources,
this is no longer the case: they are only called when the
sources are not saved.
Rename the handler and change the warning message accordingly.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Luca Ceresoli <luca@lucaceresoli.net>
Cc: Thomas De Schampheleire <patrickdepinguin@gmail.com>
Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Cc: Fabio Porcedda <fabio.porcedda@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>