| Commit message (Collapse) | Author | Age |
|---|
| |
|
|
|
|
| |
Fixes CVE-2020-22218
Signed-off-by: Rosen Penev <rosenp@gmail.com>
|
| |
|
|
|
|
|
| |
Release Notes:
https://www.libssh2.org/changes.html
Signed-off-by: Nick Hainke <vincent@systemli.org>
|
| |
|
|
|
|
| |
Ninja was merged to base and therefore we can now use normal cmake.mk
Signed-off-by: Rosen Penev <rosenp@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
faster to compile.
A small selection of packages was tested going from:
Executed in 696.30 secs fish external
usr time 82.98 mins 395.00 micros 82.98 mins
sys time 9.02 mins 0.00 micros 9.02 mins
to:
Executed in 592.20 secs fish external
usr time 84.84 mins 361.00 micros 84.84 mins
sys time 8.85 mins 57.00 micros 8.85 mins
Tested by running make -j 12 and wiping staging/build_dir/target_x
Signed-off-by: Rosen Penev <rosenp@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
All packages in the tree that depend on libssh2 _and_ have their own
dependency on a TLS library, depend on OpenSSL by default. It makes
sense for the libssh2 package to default to OpenSSL as well. This way it
does not pull in a second TLS library.
Also, the OpenSSL dependency is changed to
"+!LIBSSH2_MBEDTLS:libopenssl", which fixes build issues in case libssh2
is not selected but built anyway.
And last, Config.in file is removed and its content added to the
Makefile instead.
Closes #12108
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Removed PKG_FIXUP. It has no meaning with CMake.
Replaced PKG_INSTALL with CMAKE_INSTALL. Consequentially, removed
InstallDev section.
Added ABI_VERSION to force package rebuilds when it increases.
Added PKG_BUILD_PARALLEL for faster compilation.
Fixed license tag.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
|
| |
|
|
|
|
| |
Speeds up build and fixes OpenSSL support.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
Changes:
Fix CVE-2019-13115
Remove old patches
Switch to cmake
Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
|
| |\
| |
| | |
libssh2: Add PKG_CPE_ID for proper CVE tracking
|
| | |
| |
| |
| | |
Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
|
| |/
|
|
| |
Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- CVE-2019-3855
Possible integer overflow in transport read allows out-of-bounds write
- CVE-2019-3856
Possible integer overflow in keyboard interactive handling allows
out-of-bounds write
- CVE-2019-3857
Possible integer overflow leading to zero-byte allocation and out-of-bounds
write
- CVE-2019-3858
Possible zero-byte allocation leading to an out-of-bounds read
- CVE-2019-3859
Out-of-bounds reads with specially crafted payloads due to unchecked use of
`_libssh2_packet_require` and `_libssh2_packet_requirev`
- CVE-2019-3860
Out-of-bounds reads with specially crafted SFTP packets
- CVE-2019-3861
Out-of-bounds reads with specially crafted SSH packets
- CVE-2019-3862
Out-of-bounds memory comparison
- CVE-2019-3863
Integer overflow in user authenicate keyboard interactive allows
out-of-bounds writes
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
|
| |
|
|
| |
Signed-off-by: Rosen Penev <rosenp@gmail.com>
|
| |
|
|
|
|
|
|
| |
Recently added symbols CONFIG_LIBSSH2_MBEDTLS and CONFIG_LIBSSH2_OPENSSL
require a rerun of ./configure when their selection changes. So add them
to PKG_CONFIG_DEPENDS accordingly.
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
|
| |
|
|
|
|
| |
Use $(INSTALL_DATA) for headers and pkgconfig file.
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
|
| |
|
|
|
|
|
|
|
| |
libssh2 already makes sure that the compiler emits position-independent
code. Adding $(FPIC) makes no difference. In addition the libssh2 build
system puts its own flag behind the CFLAGS, overriding whatever was set
before.
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
|
| |
|
|
|
|
|
| |
This adds a choice to menuselect so people can select if they would like
to compile libssh2 against mbedtls (default) or openssl.
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Bump version to 1.8.0
- Switch from openssl crypto backend to mbedtls (the package is a lot
smaller size-wise compared to openssl and libgcrypt)
- mbedtls support was added in 1.8.0 release. Unfortunately the detection
doesn't work out of the box, so a patch is needed that fixes an m4
script. For that reason autoreconf must be run.
- Add --with-libz-prefix as without it zlib is not detected (currently
there is the zlib dependency but libssh2 never actually links to it).
- Add --disable-silent-rules to get verbose build output.
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
|
| |
|
|
|
|
|
|
|
|
| |
fix Makefile chmod (644)
replace MD5SUM with HASH
add PKG_MIRROR_HASH when PKG_SOURCE_PROTO:=git
(PKG_SOURCE_PROTO:=svn tarballs are not reproducible for now)
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
|
| |
|
|
| |
Signed-off-by: Hsing-Wang Liao <kuoruan@gmail.com>
|
| |
|
|
| |
Signed-off-by: Jiri Slachta <slachta@cesnet.cz>
|
| |
|
|
| |
Signed-off-by: Jiri Slachta <slachta@cesnet.cz>
|
| |
|
|
| |
Signed-off-by: Jiri Slachta <slachta@cesnet.cz>
|
|
|
Signed-off-by: Jiri Slachta <slachta@cesnet.cz>
|