deepcrayon/buildroot
deepcrayon/buildroot
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity
23710 commits 35 branches 361 tags 133 MiB
Commit graph

9 commits

Author SHA1 Message Date
Gustavo Zacarias ddfce0448d jasper: add security fixes for CVE-2014-8157/8158 
Fixes:
CVE-2014-8157 - dec->numtiles off-by-one check in jpc_dec_process_sot()
CVE-2014-8158 - unrestricted stack memory use in jpc_qmfb.c

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
 2015-01-26 23:13:44 +01:00
Gustavo Zacarias b6e4e9de41 jasper: add patches to fix CVE-2014-8137 and CVE-2014-8138 
Fixes:
CVE-2014-8137 - double-free in jas_iccattrval_destroy()
CVE-2014-8138 - heap overflow in jp2_decode()

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
 2014-12-19 21:41:17 +01:00
Baruch Siach 421b4d0dde jasper: add a patch fixing CVE-2014-9029 
See http://www.ocert.org/advisories/ocert-2014-009.html for the details.

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
 2014-12-10 21:24:04 +01:00
Peter Korsgaard 324ccec90d jasper: autoreconf to fix rpath issue 
The old version of autotools used gets confused and ends up looking in
/usr/lib for libjpeg when host == target..

Fixes http://autobuild.buildroot.net/results/307/307cac65287420252a5bb64715d9a1edd90e72fa/

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
 2014-09-10 10:55:12 +02:00
Gustavo Zacarias 88f4a56080 Revert "packages: autoreconf non-vanilla libtool packages" 
Now that we've got a cleaner/fuzzier libtool 1.5 static patch we can
discard the temporary workaround.

This reverts commit e573f5d326.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
 2014-07-31 16:36:04 +02:00
Gustavo Zacarias e573f5d326 packages: autoreconf non-vanilla libtool packages 
Some packages no longer apply the libtool patch since commit
97703978ac because they use a non-vanilla
version of libtool 1.5.x

Fixes many failures like:
http://autobuild.buildroot.net/results/34e/34e4898e2bdc08e5d34e16e556384b3086b76467/
http://autobuild.buildroot.net/results/ecf/ecf4e7d6812f972d05c95203fb665235856c0817/
http://autobuild.buildroot.net/results/5d9/5d9a05fb70e8a65f2399c4f38375aeafb9686ea4/

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
 2014-07-31 08:26:33 +02:00
Jerzy Grzegorek 61e343970d jasper: fix license typo 
Signed-off-by: Jerzy Grzegorek <jerzy.grzegorek@trzebnica.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
 2014-01-30 09:57:15 +01:00
Peter Korsgaard 1eac073b3a jasper: fix file header comment 
Reported-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
 2014-01-13 09:20:36 +01:00
Maxime Hadjinlian 9f596dbdf5 jasper: new package 
JPEG-2000 decoder.
This package was originally found at : https://github.com/huceke/buildroot-rbp
By gimli <ebsi4711@gmail.com>

Signed-off-by: Maxime Hadjinlian <maxime.hadjinlian@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
 2014-01-12 19:23:45 +01:00