Commit Graph

16 Commits

Author SHA1 Message Date
Robert Marko
bab3ae2ee7 tools: prefer gz or bz2 tarballs
In the light of recent XZ events, and fundamental XZ issues lets work on
moving away from using XZ.

So, use gz compressed tarballs as sources whenever possible.

dwarves only offers bz2 compressed tarballs, so use those as size
difference is minor compared to XZ.

Signed-off-by: Robert Marko <robimarko@gmail.com>

dwarves
2024-04-06 11:24:18 +02:00
Thomas Weißschuh
0d375de10d tools/patch: apply patch for EACCES on xattr copy
When compiling OpenWRT on a compressed btrfs volume the build fails in
libtool.
The file `libltdl/config/ltmain.m4sh` from `libtool-2.4.2.tar.xz` is
missing write permissions, therefore patch falls back to copying the
file and patching that. During this patch tries to preserve all file
attribute on the new copy.
However the attribute `btrfs.compression` is privileged and btrfs return
EACCES.
While patch ignores multiple other error codes during the copy of xattr
copy it is not prepared for EACCES and aborts.

EACCES should be ignored the same way as the other errors.

Build log:
```
...
Applying ./patches/000-relocatable.patch using plaintext:
patching file libltdl/config/general.m4sh
patching file libtoolize.in
patching file libtoolize.m4sh
patching file libltdl/m4/libtool.m4

Applying ./patches/100-libdir-fixes.patch using plaintext:
patching file libltdl/config/ltmain.m4sh
File libltdl/config/ltmain.sh is read-only; trying to patch anyway
patching file libltdl/config/ltmain.sh
patch: setting attribute btrfs.compression for btrfs.compression: Permission denied
Patch failed!  Please fix ./patches/100-libdir-fixes.patch!
```

Link: https://lists.gnu.org/archive/html/bug-patch/2022-11/msg00000.html
Signed-off-by: Thomas Weißschuh <thomas@t-8ch.de>
2022-11-20 18:44:43 +01:00
Rosen Penev
a63805b25f
tools: add Host/Uninstall where possible
This cleans staging_dir when calling tool/x/clean.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2022-10-20 00:33:22 +02:00
Russell Senior
bcfd1d7685 tools/patch: apply upstream patch for cve-2019-13638
GNU patch through 2.7.6 is vulnerable to OS shell command injection that
can be exploited by opening a crafted patch file that contains an ed style

diff payload with shell metacharacters. The ed editor does not need to be
present on the vulnerable system. This is different from CVE-2018-1000156.

https://nvd.nist.gov/vuln/detail/CVE-2019-13638

Signed-off-by: Russell Senior <russell@personaltelco.net>
2019-08-13 10:00:10 +02:00
Russell Senior
995bcc5329 tools/patch: apply upstream patch for CVE-2019-13636
In GNU patch through 2.7.6, the following of symlinks is mishandled in
certain cases other than input files. This affects inp.c and util.c.

https://nvd.nist.gov/vuln/detail/CVE-2019-13636

Signed-off-by: Russell Senior <russell@personaltelco.net>
2019-07-30 10:16:16 +02:00
Rosen Penev
32fc41baab tools/patch: Add fedora patch for crashing git style patches
https://lists.gnu.org/archive/html/bug-patch/2018-10/msg00000.html

I assume a CVE number will be assigned soon.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2018-11-01 17:16:52 +01:00
Rosen Penev
a6bd9d0cb6 tools: patch: Add missing CVE-2018-6951 fix
uscan reports a new CVE now that PKG_CPE_ID was added.

Reordered patches by date.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
[re-title commit & refresh patches]
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2018-10-16 11:51:10 +01:00
Hauke Mehrtens
759f111f8d tools: patch: Fix build by not modifing Makefile.am
A new test case was adding in one of the patches fixing a problem, this
also included a change in the test/Makefile.am to add this test case.
The build system detected a change in the Makefile.am and wants to
regenerate the Makefile.in, but this fails because automake-1.15 is not
installed yet. As automake depends on patch being build first, make sure
we do not modify the Makefile.am.

This fixes build problem seen by the build bots.

Fixes: 4797dddfde ("patch: apply upstream cve fixes")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2018-10-14 16:47:15 +02:00
Russell Senior
4797dddfde patch: apply upstream cve fixes
Apply two upstream patches to address two CVEs:

 * CVE-2018-1000156
 * CVE-2018-6952

Add PKG_CPE_ID to Makefile.

Build tested on apm821xx and ar71xx.

Signed-off-by: Russell Senior <russell@personaltelco.net>
2018-10-14 13:36:09 +01:00
Russell Senior
89a0fed2a2 tools: update patch to v2.7.6
Removes a redundant patch with a fix already upstream.  Build tested on
apm821xx (PPC).

Signed-off-by: Russell Senior <russell@personaltelco.net>
2018-02-12 16:27:56 +08:00
Ryan Mounce
25c045763a tools: patch various gnu tools for macOS 10.13
These host tools compile but may crash at runtime when building on
macOS 10.13 (High Sierra). Backport upstream gnulib patch until new
releases of affected tools.

https://lists.gnu.org/archive/html/bug-gnulib/2017-07/msg00056.html
https://git.savannah.gnu.org/cgit/gnulib.git/commit/?id=c41f233c4c38e84023a16339782ee306f03e7f59

Signed-off-by: Ryan Mounce <ryan@mounce.com.au>
2017-08-23 18:56:33 +02:00
Felix Fietkau
720b99215d treewide: clean up download hashes
Replace *MD5SUM with *HASH, replace MD5 hashes with SHA256

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-16 22:39:22 +01:00
Felix Fietkau
a883639e92 tools/patch: enable parallel build
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 47049
2015-09-26 21:10:37 +00:00
Felix Fietkau
9402cb747e tools: drop circular dependency between patch and ccache, build patch without ccache (fixes #20132)
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 46434
2015-07-20 10:50:46 +00:00
Felix Fietkau
d9ddc95ce5 patch: bump GNU patch to 2.7.5
Bump GNU patch in tools from 2.7.1 to 2.7.5.
Change download URL to use @GNU alias.

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>

SVN-Revision: 44760
2015-03-15 05:07:10 +00:00
Felix Fietkau
1f77bfff96 build: BSD compile fixes
following patch allows to build images for Qemu ARM on
OpenBSD 5.2 amd64 and FreeBSD 9.1 amd64.

Mostly small pieces of code changes to get things right on the
specific platform.

Updated the README to describe better, which tools on the host
are required. Added some kind of prepare scripts to install needed
tools on BSD via packages.

Signed-off-by: Waldemar Brodkorb <mail@waldemar-brodkorb.de>

SVN-Revision: 35900
2013-03-07 17:32:29 +00:00