All of lore.kernel.org
 help / color / mirror / Atom feed
* [Buildroot] [PATCH] freetype: security bump to version 2.5.3
@ 2014-04-22 17:12 Gustavo Zacarias
  2014-04-22 21:30 ` Thomas Petazzoni
  0 siblings, 1 reply; 2+ messages in thread
From: Gustavo Zacarias @ 2014-04-22 17:12 UTC (permalink / raw)
  To: buildroot

Fixes CVE-2014-2240.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
---
 package/freetype/freetype.mk | 14 +++++++++++++-
 1 file changed, 13 insertions(+), 1 deletion(-)

diff --git a/package/freetype/freetype.mk b/package/freetype/freetype.mk
index 31f8204..2f8d497 100644
--- a/package/freetype/freetype.mk
+++ b/package/freetype/freetype.mk
@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-FREETYPE_VERSION = 2.5.2
+FREETYPE_VERSION = 2.5.3
 FREETYPE_SOURCE = freetype-$(FREETYPE_VERSION).tar.bz2
 FREETYPE_SITE = http://downloads.sourceforge.net/project/freetype/freetype2/$(FREETYPE_VERSION)
 FREETYPE_INSTALL_STAGING = YES
@@ -17,6 +17,18 @@ FREETYPE_CONFIG_SCRIPTS = freetype-config
 HOST_FREETYPE_DEPENDENCIES = host-pkgconf
 HOST_FREETYPE_CONF_OPT = --without-zlib --without-bzip2 --without-png
 
+# Regen required because the tarball ships with an experimental ltmain.sh
+# that can't be patched by our infra.
+# autogen.sh is because autotools stuff lives in other directories and
+# even AUTORECONF with _OPT doesn't do it properly.
+# POST_PATCH is because we still need to patch libtool after the regen.
+define FREETYPE_RUN_AUTOGEN
+	cd $(@D) && PATH=$(BR_PATH) ./autogen.sh
+endef
+FREETYPE_POST_PATCH_HOOKS += FREETYPE_RUN_AUTOGEN
+FREETYPE_DEPENDENCIES += host-automake host-autoconf host-libtool
+HOST_FREETYPE_DEPENDENCIES += host-automake host-autoconf host-libtool
+
 ifeq ($(BR2_PACKAGE_ZLIB),y)
 FREETYPE_DEPENDENCIES += zlib
 FREETYPE_CONF_OPT += --with-zlib
-- 
1.8.3.2

^ permalink raw reply related	[flat|nested] 2+ messages in thread
* [Buildroot] [PATCH] freetype: security bump to version 2.5.3
  2014-04-22 17:12 [Buildroot] [PATCH] freetype: security bump to version 2.5.3 Gustavo Zacarias
@ 2014-04-22 21:30 ` Thomas Petazzoni
  0 siblings, 0 replies; 2+ messages in thread
From: Thomas Petazzoni @ 2014-04-22 21:30 UTC (permalink / raw)
  To: buildroot

Dear Gustavo Zacarias,

On Tue, 22 Apr 2014 14:12:40 -0300, Gustavo Zacarias wrote:
> Fixes CVE-2014-2240.
> 
> Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
> ---
>  package/freetype/freetype.mk | 14 +++++++++++++-
>  1 file changed, 13 insertions(+), 1 deletion(-)

Applied, thanks.

Thomas
-- 
Thomas Petazzoni, CTO, Free Electrons
Embedded Linux, Kernel and Android engineering
http://free-electrons.com

^ permalink raw reply	[flat|nested] 2+ messages in thread
end of thread, other threads:[~2014-04-22 21:30 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2014-04-22 17:12 [Buildroot] [PATCH] freetype: security bump to version 2.5.3 Gustavo Zacarias
2014-04-22 21:30 ` Thomas Petazzoni

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.