Defaulting to -fPIC is a bad idea, especially for executables (here:
sqlite3-cli). In short, there are certain security implications as well
as overhead/performance penalties. Details see:
https://wiki.gentoo.org/wiki/Project:Hardened/Position_Independent_Code_internals
The configure script is able to detect the need for PIC and adds the
flag when needed anyway (when compiling the library).
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
This bumps libtiff's minor version from 9 to 10. In addition to the CVE
fixes that we already included this fixes:
CVE-2017-17095
CVE-2018-17101
CVE-2018-18557
The update is 100% backwards compatible, no symbol changes.
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
The only known user of this library is currently unable to get their
application to work with with the fixed 0.7.6 release of this library.
To prevent accidental use by unknown parties of a flawed library, mark
it as BROKEN.
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
(cherry picked from commit 14ad4cb976)
Makefile and package changes to support builds with both Python 2.x and Python 3.x versions.
Python versioning is automatically configured from lang/python repository xxx-version.mk files.
Signed-off-by: Ted Hess <thess@kitschensync.net>
libbsd gets picked up since it's no longer limited to glibc.
Patch identical to libtalloc one. Same codebase.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit 33dc529e00)
Use $(CP) instead of $(INSTALL) so that libtdb.so.1 is installed as
symlink, and not duplicated.
Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
(cherry picked from commit 75d9ab331d)
Backport Rosen's commit in master to 18.06 to address open CVEs. This
fixes:
CVE-2017-11613
CVE-2018-5784
CVE-2018-7456
CVE-2018-8905
CVE-2018-10963
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
This update includes fixes for the following CVEs:
- CVE-2018-1115
- CVE-2018-10925
- CVE-2018-10915
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
Commit dcd68100c23f980a7bbd1d7d9567a315ee584bdf fixed the zlib pkgconfig
file. But libxml2/host is stuck in the compile phase on the build bots.
Bumping the revision will force a clean build.
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
Bump to v1.35
Refresh patches.
Update Makefile to use new '--disable-doc' configure flag.
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Update to new upstream version. Needed to add a patch provided by upstream to compile with musl.
Signed-off-by: David Mora <iamperson347+public@gmail.com>
- Fixed package hyperlink
-> Now using the @SF macro to obtain the best mirror link
-> Added backup link in case Source Forge fails to provide the proper link
- Minor fix to package documentation
-> Help documentation was lacking the contract library info.
Signed-off-by: Carlos Miguel Ferreira <carlosmf.pt@gmail.com>
Switch to the @KERNEL alias
Use LTO optimization, reduces file size by ~20% (~10Kbyte)
With:
39K sbc_1.3-1_arm_cortex-a9_neon.ipk
Without:
51K sbc_1.3-1_arm_cortex-a9_neon.ipk
Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
This package update provides two new libraries
- Contract (compiled library) [1]: Contract programming for C++.
All contract programming features are supported: Subcontracting,
class invariants, postconditions (with old and return values),
preconditions, customizable actions on assertion failure (e.g.,
terminate or throw), optional compilation and checking of
assertions, etc, from Lorenzo Caminiti.
- HOF (header-only library) [2]:
Higher-order functions for C++, from Paul Fultz II.
More info can be found at the usual place [3].
[1]: https://www.boost.org/libs/contract
[2]: https://www.boost.org/libs/hof
[3]: https://www.boost.org/users/history/version_1_67_0.html
Signed-off-by: Carlos Miguel Ferreira <carlosmf.pt@gmail.com>
Peter Wagner