On Github, a large number of projects name their tag
<some-prefix>-0.3-<some-suffix> (i.e release-3.0, poco-0.1-release,
etc.). In fact majority of the cased adressed in this commit concerns
prefixes.
In most packages, we encode those prefix/suffix in the <pkg>_VERSION
variable.
The problem with this approach is that when used in conjunction with
release-monitoring.org, it doesn't work very well, because
release-monitoring.org has the concept of "version prefix/suffix" and
using that they drop the prefix/suffix to really get the version. For
example on https://release-monitoring.org/project/5418/ the latest
release of "poco" is "1.8.1", not "poco-1.8.1-release".
Therefore, a number of packages in Buildroot have a version that
doesn't match with release-monitoring.org.
Since really the version number of 1.8.1, is makes sense to update our
packages to drop these prefixes/suffixes.
This commit addreses the case of github-fetched packages with
non-conventional prefixes/suffixes.
Note that these changes modify the name of the files stored in DL_DIR,
which means that this will force a re-download of those package source
code for all users, and requires a change to their .hash file.
Signed-off-by: Victor Huesca <victor.huesca@bootlin.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
With Microblaze Gcc version < 8.x the build hangs due to gcc bug
85180: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85180. The bug
shows up when building jasper with optimization but not when building
with -O0. To work around this, if BR2_TOOLCHAIN_HAS_GCC_BUG_85180=y,
we force using -O0.
Fixes:
http://autobuild.buildroot.net/results/5546087cdf684099525dc5824ed428cd0fd74283/
Signed-off-by: Giulio Benetti <giulio.benetti@micronovasrl.com>
[Thomas: tweak CFLAGS logic, improve commit log]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Add hash for license file and use SPDX short term identifier
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Changed _SITE to github, current version is not available from upstream
website.
Removed patches applied upstream:
0002-Fixed-bugs-due-to-uninitialized-data-in-the-JP2-deco.patch
e96fc4fdd5
0003-Added-a-check-in-the-JP2-encoder-to-ensure-that-the-.patch
58ba0365d9
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Remove 0001-Disable-C-compiler-check.patch since it's already included
in this release. Upstream commit:
4212e7e826
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Use upstream provided tarball.
Upstream switched to cmake.
libjpeg dependency is now optional.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
My local 'next' branch was not uptodate, so the previous merge was missing
the most recent changes.
Thanks to François Perrad for noticing.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This reverts commit 71d9b0c1f0.
Now that -mauto-litpools is in TARGET_ABI when building for xtensa, -O0
builds succeed, so this workaround is no longer needed.
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Fixed CVEs:
- CVE-2016-9387
- CVE-2016-9388
- CVE-2016-9389
- CVE-2016-9390
- CVE-2016-9391
- CVE-2016-9392
- CVE-2016-9393
- CVE-2016-9394
- CVE-2016-9395
- CVE-2016-9396
- CVE-2016-9397
- CVE-2016-9398
- CVE-2016-9399
- CVE-2016-9557
- CVE-2016-9560
Changes to jasper.mk:
- Switched site method to GitHub. 1.900.31 is not released as a tarball
in the official website.
- Autoreconf necessary since there isn't any configure script. We need
to generate it.
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes:
CVE-2016-8693: Double free vulnerability in mem_close
CVE-2016-8692: Divide by zero in jpc_dec_process_siz
CVE-2016-8691: Divide by zero in jpc_dec_process_siz
CVE-2016-8690: Null pointer dereference in bmp_getdata triggered by crafted
BMP image
CVE-2016-2089: matrix rows_ NULL pointer dereference in jas_matrix_clip()
CVE-2016-8886: memory allocation failure in jas_malloc
CVE-2016-8887: Null pointer dereference in jp2_colr_destroy
CVE-2016-8884, CVE-2016-8885: Null pointer dereference in bmp_getdata
(incomplete fix for CVE-2016-8690)
CVE-2016-8880: Heap buffer overflow in jpc_dec_cp_setfromcox()
CVE-2016-8881: Heap buffer overflow in jpc_getuint16()
CVE-2016-8882: Null pointer access in jpc_pi_destroy
CVE-2016-8883: Assert in jpc_dec_tiledecode()
Drop upstream patches.
Change SITE to the official download location, since the current one does not
have the updated version. Unfortunately, the official site only offers tar.gz.
Fix license. It is "based on the MIT license", but not exactly the same
(http://www.ece.uvic.ca/~frodo/jasper/; under "Legal Issues").
Drop autoreconf; the autotools version has been updated since commit
324ccec90d (jasper: autoreconf to fix rpath issue) that introduced it.
Cc: Maxime Hadjinlian <maxime.hadjinlian@gmail.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
xtensa gcc is not able to generate correct code when compiling with -O0
enabled by --enable-debug. Instead of disabling package build it with
--disable-debug.
Fixes:
http://autobuild.buildroot.net/results/5d17055027055ffd33fcd28b208130afb26343c9/
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This drops architecture-specific ABI flags, which may be important.
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Now that we've got a cleaner/fuzzier libtool 1.5 static patch we can
discard the temporary workaround.
This reverts commit e573f5d326.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
JPEG-2000 decoder.
This package was originally found at : https://github.com/huceke/buildroot-rbp
By gimli <ebsi4711@gmail.com>
Signed-off-by: Maxime Hadjinlian <maxime.hadjinlian@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
