Commit Graph

19 Commits

Author SHA1 Message Date
Gustavo Zacarias
2cfe4b7ce1 wireshark: security bump to version 1.10.8
Fixes CVE-2014-4020 (The frame metadissector could crash).

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2014-06-14 18:38:38 +02:00
Gustavo Zacarias
7263689a02 wireshark: security bump to version 1.10.7
Fixes CVE-2014-2907 / WNPA-SEC-2014-06.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2014-04-29 14:54:03 +02:00
Axel Lin
b8fe951179 wireshark: bump to version 1.10.6
The following vulnerabilities have been fixed.
     * [1]wnpa-sec-2014-01
       The NFS dissector could crash. Discovered by Moshe Kaplan.
       ([2]Bug 9672)
       Versions affected: 1.10.0 to 1.10.5, 1.8.0 to 1.8.12
       [3]CVE-2014-2281
     * [4]wnpa-sec-2014-02
       The M3UA dissector could crash. Discovered by Laurent
       Butti. ([5]Bug 9699)
       Versions affected: 1.10.0 to 1.10.5
       [6]CVE-2014-2282
     * [7]wnpa-sec-2014-03
       The RLC dissector could crash. ([8]Bug 9730)
       Versions affected: 1.10.0 to 1.10.5, 1.8.0 to 1.8.12
       [9]CVE-2014-2283
     * [10]wnpa-sec-2014-04
       The MPEG file parser could overflow a buffer. Discovered by
       Wesley Neelen. ([11]Bug 9843)
       Versions affected: 1.10.0 to 1.10.5, 1.8.0 to 1.8.12
       [12]CVE-2014-2299

Signed-off-by: Axel Lin <axel.lin@ingics.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2014-03-08 09:41:27 +01:00
Gustavo Zacarias
3bb18ae95e wireshark: bump to version 1.10.5
Fixes a couple of runtime regressions from the 1.10.4 security release.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2013-12-26 18:44:47 +01:00
Gustavo Zacarias
43f46fccba wireshark: security bump to version 1.10.4
Fixes CVE-2013-7112, CVE-2013-7113 and CVE-2013-7114.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2013-12-19 23:17:20 +01:00
Gustavo Zacarias
fd6b999fe5 wireshark: fix wrong CFLAGS_FOR_BUILD assumption
Tested valid CFLAGS can't be pushed into CFLAGS_FOR_BUILD, they're
different compilers.

Fixes:
http://autobuild.buildroot.net/results/2b1/2b1a0654b649618422d65edf370b82476ba84491/

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2013-12-04 22:02:36 +01:00
Axel Lin
6df5a40ecc wireshark: bump to version 1.10.3
The current stable release of Wireshark is 1.10.3. It supersedes all
previous releases.  So let's upgrade to 1.10.3.

Signed-off-by: Axel Lin <axel.lin@ingics.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2013-12-04 10:14:18 +01:00
Thomas De Schampheleire
2b468f1bd9 libglib2: needs MMU support
Fixes http://autobuild.buildroot.net/results/2e0/2e032c6e44e10f2912935715741c3680a19b9b51/

Signed-off-by: Thomas De Schampheleire <thomas.de.schampheleire@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2013-11-22 12:14:33 +01:00
Thomas De Schampheleire
be084204eb Config.in files: add missing dependencies to toolchain option comments
When a package A depends on config option B and toolchain option C, then
the comment that is given when C is not fulfilled should also depend on B.
For example:

config BR2_PACKAGE_A
	depends on BR2_B
	depends on BR2_LARGEFILE
	depends on BR2_WCHAR

comment "A needs a toolchain w/ largefile, wchar"
	depends on !BR2_LARGEFILE || !BR2_WCHAR

This comment should actually be:

comment "A needs a toolchain w/ largefile, wchar"
	depends on BR2_B
	depends on !BR2_LARGEFILE || !BR2_WCHAR

or if possible (typically when B is a package config option declared in that
same Config.in file):

if BR2_B

comment "A needs a toolchain w/ largefile, wchar"
	depends on !BR2_LARGEFILE || !BR2_WCHAR

[other config options depending on B]

endif

Otherwise, the comment would be visible even though the other dependencies
are not met.

This patch adds such missing dependencies, and changes existing such
dependencies from
  depends on BR2_BASE_DEP && !BR2_TOOLCHAIN_USES_GLIBC
to
  depends on BR2_BASE_DEP
  depends on !BR2_TOOLCHAIN_USES_GLIBC
so that (positive) base dependencies are separate from the (negative)
toolchain dependencies. This strategy makes it easier to write such comments
(because one can simply copy the base dependency from the actual package
config option), but also avoids complex and long boolean expressions.

Signed-off-by: Thomas De Schampheleire <thomas.de.schampheleire@gmail.com>
Acked-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
 (untested)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2013-11-10 23:59:57 +01:00
Gustavo Zacarias
2054018493 wireshark: security bump to version 1.8.11
Fixes CVE-2013-6336, CVE-2013-6337, CVE-2013-6338, CVE-2013-6339,
CVE-2013-6340, CVE-2013-4927, CVE-2013-4929, CVE-2013-4930,
CVE-2013-4931, CVE-2013-4932, CVE-2013-4933, CVE-2013-4934,
CVE-2013-4935, CVE-2013-5718, CVE-2013-5719, CVE-2013-5720,
CVE-2013-5721 and CVE-2013-5722.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2013-11-06 11:58:58 +01:00
Thomas De Schampheleire
66bb10b7b0 Config.in files: unify comments of toolchain option dependencies
This patch lines up the comments in Config.in files that clarify which
toolchain options the package depends on.

Signed-off-by: Thomas De Schampheleire <thomas.de.schampheleire@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2013-10-14 22:45:57 +02:00
Peter Korsgaard
be7f613b90 package: drop unneeded 'call' from {generic,autotools}-package invocation
Reported-by: Jerzy Grzegorek <jerzy.grzegorek@trzebnica.net>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2013-09-11 13:05:01 +02:00
Spenser Gilliland
51788521b7 libglib2: needs threads
This commit adds a dependency of the libglib2 package on thread
support in the toolchain, since upstream libglib2 doesn't build
without thread support. The commit is rather large as it involves
propagating the dependency on thread support to all reverse
dependencies of the libglib2 package.

[Thomas: squash all patches into one, make a few minor fixes, the most
important one being to not add comments about MMU requirement when a
package doesn't work on !MMU platforms.]

Signed-off-by: Spenser Gilliland <spenser@gillilanding.com>
2013-07-27 17:13:37 +02:00
Gustavo Zacarias
0df82bc193 wireshark: security bump to version 1.8.8
Fixes wnpa-sec-2013-32, wnpa-sec-2013-33, wnpa-sec-2013-34,
wnpa-sec-2013-35, wnpa-sec-2013-36, wnpa-sec-2013-37, wnpa-sec-2013-38,
wnpa-sec-2013-39, wnpa-sec-2013-40 and wnpa-sec-2013-41.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2013-06-10 14:09:35 +02:00
Alexandre Belloni
8dfd59d114 Normalize separator size to 80
Signed-off-by: Alexandre Belloni <alexandre.belloni@free-electrons.com>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2013-06-06 22:30:24 +02:00
Gustavo Zacarias
c17b0f0bda wireshark: security bump to version 1.8.7
Fixes CVE-2013-2486, CVE-2013-2487 and several wnpa-sec (wireshark)
advisories.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Acked-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2013-05-25 13:33:50 +02:00
Gustavo Zacarias
98d7bb16a6 wireshark: security bump to version 1.8.6
Fixes CVE-2013-2475, CVE-2013-2476, CVE-2013-2477, CVE-2013-2478,
CVE-2013-2479, CVE-2013-2480, CVE-2013-2481, CVE-2013-2482,
CVE-2013-2483, CVE-2013-2484, CVE-2013-2485, CVE-2013-2486,
CVE-2013-2487, and CVE-2013-2488.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2013-03-09 21:32:20 +01:00
Baruch Siach
6afbd13c2a wireshark: explicitly disable libsmi
wireshark's libsmi detection is not cross compile friendly. We don't have
libsmi in Buildroot yet anyway, so just disable support for it in wireshark.

Fixes
http://autobuild.buildroot.net/results/0daaa3dd74315ac901920e7daf89620ef4c088a0

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2013-03-04 12:23:40 +01:00
Baruch Siach
e3b3be6bb6 wireshark: new package
This is only the bare minimum needed to build the textual tshark utility.
Support for more options, including the wireshark GUI, can be added later.

[Peter: point includedir at staging to workaround host/target headers issue]
Cc: Stefan Fröberg <stefan.froberg@petroprogram.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Acked-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Tested-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2013-02-26 22:11:55 +01:00