Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | zlib: backport security fix for a reproducible crash in compressor | Petr Štetiar | 2022-03-24 | 1 | -0/+343 |
| | | | | | | | | | | | | | | | Tavis has just reported, that he was recently trying to track down a reproducible crash in a compressor. Believe it or not, it really was a bug in zlib-1.2.11 when compressing (not decompressing!) certain inputs. Tavis has reported it upstream, but it turns out the issue has been public since 2018, but the patch never made it into a release. As far as he knows, nobody ever assigned it a CVE. Suggested-by: Tavis Ormandy <taviso@gmail.com> References: https://www.openwall.com/lists/oss-security/2022/03/24/1 Signed-off-by: Petr Štetiar <ynezz@true.cz> (cherry picked from commit b3aa2909a79aeff20d594160b207a89dc807c033) | ||||
* | tools: zlib: do not hardcode the install prefix in zlib.pc | Jo-Philipp Wich | 2018-05-24 | 1 | -0/+14 |
Our pkg-config wrapper relies on the ability to redefine the $prefix and $exec_prefix variables in order to construct proper search paths relative to the build environment. Patch the .pc file template to construct libdir, sharedlibdir and includedir relative to the ${prefix} variable so that it can be overridden as needed. This also fixes the libxml2/host build issue raised at https://github.com/openwrt/packages/issues/6073 - it was caused by libxml2's configure picking up a wrong host search path through zlib.pc, letting it include the wrong endian.h, causing spurious member redeclaration errors in system headers. Signed-off-by: Jo-Philipp Wich <jo@mein.io> |