date:20170807

[ptxdist] [PATCH v2] wget: version bump 1.11.4 -> 1.19.1

2017-08-07 Thread Denis OSTERLAND

From: Denis OSTERLAND 

Add configure commandline options.

Signed-off-by: Denis Osterland 
---
 patches/wget-1.19.1/CVE-2017-6508.patch | 31 +++
 patches/wget-1.19.1/series  |  1 +
 rules/wget.make | 23 +++
 3 files changed, 51 insertions(+), 4 deletions(-)
 create mode 100644 patches/wget-1.19.1/CVE-2017-6508.patch
 create mode 100644 patches/wget-1.19.1/series

diff --git a/patches/wget-1.19.1/CVE-2017-6508.patch 
b/patches/wget-1.19.1/CVE-2017-6508.patch
new file mode 100644
index 000..bb2f63f
--- /dev/null
+++ b/patches/wget-1.19.1/CVE-2017-6508.patch
@@ -0,0 +1,31 @@
+From: Tim Rühsen 
+Date: Mon Mar 6 10:04:22 2017 +0100
+Subject: Fix CRLF injection in Wget host part
+
+* src/url.c (url_parse): Reject control characters in host part of URL
+
+Reported-by: Orange Tsai
+
+commit 4d729e322fae359a1aefaafec1144764a54e8ad4
+diff --git a/src/url.c b/src/url.c
+index 8f8ff0b8..7d36b27d 100644
+--- a/src/url.c
 b/src/url.c
+@@ -925,6 +925,17 @@ url_parse (const char *url, int *error, struct iri *iri, 
bool percent_encode)
+   url_unescape (u->host);
+   host_modified = true;
+ 
++  /* check for invalid control characters in host name */
++  for (p = u->host; *p; p++)
++{
++  if (c_iscntrl(*p))
++{
++  url_free(u);
++  error_code = PE_INVALID_HOST_NAME;
++  goto error;
++}
++}
++
+   /* Apply IDNA regardless of iri->utf8_encode status */
+   if (opt.enable_iri && iri)
+ {
diff --git a/patches/wget-1.19.1/series b/patches/wget-1.19.1/series
new file mode 100644
index 000..f58bfe3
--- /dev/null
+++ b/patches/wget-1.19.1/series
@@ -0,0 +1 @@
+CVE-2017-6508.patch
diff --git a/rules/wget.make b/rules/wget.make
index a315e01..0c54bc4 100644
--- a/rules/wget.make
+++ b/rules/wget.make
@@ -16,8 +16,8 @@ PACKAGES-$(PTXCONF_WGET) += wget
 #
 # Paths and names
 #
-WGET_VERSION   := 1.11.4
-WGET_MD5   := 69e8a7296c0e12c53bd9ffd786462e87
+WGET_VERSION   := 1.19.1
+WGET_MD5   := 87cea36b7161fd43e3fd51a4e8b89689
 WGET   := wget-$(WGET_VERSION)
 WGET_SUFFIX:= tar.gz
 WGET_URL   := $(call ptx/mirror, GNU, wget/$(WGET).$(WGET_SUFFIX))
@@ -40,8 +40,23 @@ WGET_ENV := \
 WGET_AUTOCONF := \
$(CROSS_AUTOCONF_USR) \
$(GLOBAL_IPV6_OPTION) \
-   --without-socks \
-   --without-ssl
+   --disable-iri \
+   --disable-pcre \
+   --disable-xattr \
+   --enable-assert \
+   --enable-threads=posix \
+   --disable-valgrind-tests \
+   --with-cares \
+   --with-included-libunistring \
+   --with-libidn=/usr \
+   --with-metalink \
+   --without-openssl \
+   --without-included-regex \
+   --without-libpsl \
+   --without-libuuid \
+   --without-ssl \
+   --without-zlib
+
 
 # 
 # Target-Install
-- 
2.7.4


Diehl AKO Stiftung & Co. KG, Pfannerstraße 75-83, 88239 Wangen im Allgäu
Bereichsvorstand: Dipl.-Ing. Michael Siedentop (Sprecher), Josef Fellner 
(Mitglied)
Sitz der Gesellschaft: Wangen i.A. – Registergericht: Amtsgericht Ulm HRA 
620609 – Persönlich haftende Gesellschafterin: Diehl Verwaltungs-Stiftung – 
Sitz: Nürnberg – Registergericht: Amtsgericht Nürnberg HRA 11756 –
Vorstand: Dr.-Ing. E.h. Thomas Diehl (†) (Vorsitzender), Herr 
Dipl.-Wirtsch.-Ing. Wolfgang Weggen (stellvertretender Vorsitzender), 
Dipl.-Kfm. Claus Günther, Dipl.-Kfm. Frank Gutzeit, Dr.-Ing. Heinrich Schunk, 
Dr.-Ing. Michael Siedentop , Dipl.-Kfm. Dr.-Ing. Martin Sommer, Dipl.-Ing. (FH) 
Rainer von Borstel, Vorsitzender des Aufsichtsrates: Dr. Klaus Maier
___
Der Inhalt der vorstehenden E-Mail ist nicht rechtlich bindend. Diese E-Mail 
enthaelt vertrauliche und/oder rechtlich geschuetzte Informationen.
Informieren Sie uns bitte, wenn Sie diese E-Mail faelschlicherweise erhalten 
haben. Bitte loeschen Sie in diesem Fall die Nachricht. Jede unerlaubte Form 
der Reproduktion, Bekanntgabe, Aenderung, Verteilung und/oder Publikation 
dieser E-Mail ist strengstens untersagt.
The contents of the above mentioned e-mail is not legally binding. This e-mail 
contains confidential and/or legally protected information. Please inform us if 
you have received this e-mail by mistake and delete it in such a case. Each 
unauthorized reproduction, disclosure, alteration, distribution and/or 
publication of this e-mail is strictly prohibited.
___
ptxdist mailing list
ptxdist@pengutronix.de

[ptxdist] [PATCH v2] libssh2: version bump 1.2.4 -> 1.8.0.

2017-08-07 Thread Denis OSTERLAND

From: Denis OSTERLAND 

Add configure command-line options.

Signed-off-by: Denis Osterland 
---
 rules/libssh2.make | 22 ++
 1 file changed, 18 insertions(+), 4 deletions(-)

diff --git a/rules/libssh2.make b/rules/libssh2.make
index d683c67..dcf0fdd 100644
--- a/rules/libssh2.make
+++ b/rules/libssh2.make
@@ -16,8 +16,8 @@ PACKAGES-$(PTXCONF_LIBSSH2) += libssh2
 #
 # Paths and names
 #
-LIBSSH2_VERSION:= 1.2.4
-LIBSSH2_MD5:= 4d65a66d5f232e5bb1d05b311e43d46d
+LIBSSH2_VERSION:= 1.8.0
+LIBSSH2_MD5:= 3d1147cae66e2959ea5441b183de1b1c
 LIBSSH2:= libssh2-$(LIBSSH2_VERSION)
 LIBSSH2_SUFFIX := tar.gz
 LIBSSH2_URL:= http://www.libssh2.org/download/$(LIBSSH2).$(LIBSSH2_SUFFIX)
@@ -36,9 +36,23 @@ LIBSSH2_ENV  := $(CROSS_ENV)
 #
 LIBSSH2_AUTOCONF := \
$(CROSS_AUTOCONF_USR) \
-   --with-libz-prefix=$(SYSROOT)/usr \
+   --disable-clear-memory \
+   --disable-gex-new \
+   --disable-largefile \
+   --disable-rpath \
+   --enable-crypt-none \
+   --enable-debug \
+   --enable-examples-build \
+   --enable-hidden-symbols \
+   --enable-mac-none \
--with-libssl-prefix=$(SYSROOT)/usr \
-   --with-openssl
+   --with-libz \
+   --with-libz-prefix=$(SYSROOT)/usr \
+   --with-openssl \
+   --without-libgcrypt \
+   --without-mbedtls \
+   --without-wincng
+
 
 # 
 # Target-Install
-- 
2.7.4


Diehl AKO Stiftung & Co. KG, Pfannerstraße 75-83, 88239 Wangen im Allgäu
Bereichsvorstand: Dipl.-Ing. Michael Siedentop (Sprecher), Josef Fellner 
(Mitglied)
Sitz der Gesellschaft: Wangen i.A. – Registergericht: Amtsgericht Ulm HRA 
620609 – Persönlich haftende Gesellschafterin: Diehl Verwaltungs-Stiftung – 
Sitz: Nürnberg – Registergericht: Amtsgericht Nürnberg HRA 11756 –
Vorstand: Dr.-Ing. E.h. Thomas Diehl (†) (Vorsitzender), Herr 
Dipl.-Wirtsch.-Ing. Wolfgang Weggen (stellvertretender Vorsitzender), 
Dipl.-Kfm. Claus Günther, Dipl.-Kfm. Frank Gutzeit, Dr.-Ing. Heinrich Schunk, 
Dr.-Ing. Michael Siedentop , Dipl.-Kfm. Dr.-Ing. Martin Sommer, Dipl.-Ing. (FH) 
Rainer von Borstel, Vorsitzender des Aufsichtsrates: Dr. Klaus Maier
___
Der Inhalt der vorstehenden E-Mail ist nicht rechtlich bindend. Diese E-Mail 
enthaelt vertrauliche und/oder rechtlich geschuetzte Informationen.
Informieren Sie uns bitte, wenn Sie diese E-Mail faelschlicherweise erhalten 
haben. Bitte loeschen Sie in diesem Fall die Nachricht. Jede unerlaubte Form 
der Reproduktion, Bekanntgabe, Aenderung, Verteilung und/oder Publikation 
dieser E-Mail ist strengstens untersagt.
The contents of the above mentioned e-mail is not legally binding. This e-mail 
contains confidential and/or legally protected information. Please inform us if 
you have received this e-mail by mistake and delete it in such a case. Each 
unauthorized reproduction, disclosure, alteration, distribution and/or 
publication of this e-mail is strictly prohibited.

___
ptxdist mailing list
ptxdist@pengutronix.de

Re: [ptxdist] [PATCH] wget: version bump to 1.19.1

2017-08-07 Thread Michael Olbrich

On Mon, Aug 07, 2017 at 07:59:53AM +, Denis OSTERLAND wrote:
> Am Montag, den 07.08.2017, 09:46 +0200 schrieb Michael Olbrich:
> > On Mon, Aug 07, 2017 at 05:59:17AM +, Denis OSTERLAND wrote:
> > > 
> > > Signed-off-by: Denis Osterland 
> > This patch does not apply.
> On my PC mbox received from ptxdist mailing-list applies to 
> 22c4eb289f151c4aba96a7906a57fb811392bfb3.
> Do you have some additional info why?

I think it's some encoding issue. I'm not sure what's wrong but I found a
way to apply it, so don't worry about it.

About the patch itself: The configure options changed. Update those as
well. See my other review for hints how to do that and ask here if you are
unsure.

Michael

> osterlad@cwpc1435:~/buildbox/ptxdist/ptxdist-master$ git describe 
> ptxdist-2017.07.0-11-g22c4eb2
> osterlad@cwpc1435:~/buildbox/ptxdist/ptxdist-master$ git am 
> ~/tmp/\[ptxdist\]_\[PATCH\]_wget\:_version_bump_to_1.19.1.mbox
> Applying: wget: version bump to 1.19.1
> .git/rebase-apply/patch:31: trailing whitespace.
>  
> warning: 1 line adds whitespace errors.
> osterlad@cwpc1435:~/buildbox/ptxdist/ptxdist-master$ git describe 
> ptxdist-2017.07.0-12-gbb44dc0
> > 
> > Michael
> > 
> > > 
> > > ---
> > >  patches/wget-1.19.1/CVE-2017-6508.patch | 31 
> > > +++
> > >  patches/wget-1.19.1/series  |  1 +
> > >  rules/wget.make |  5 ++---
> > >  3 files changed, 34 insertions(+), 3 deletions(-)
> > >  create mode 100644 patches/wget-1.19.1/CVE-2017-6508.patch
> > >  create mode 100644 patches/wget-1.19.1/series
> > > 
> > > diff --git a/patches/wget-1.19.1/CVE-2017-6508.patch 
> > > b/patches/wget-1.19.1/CVE-2017-6508.patch
> > > new file mode 100644
> > > index 000..bb2f63f
> > > --- /dev/null
> > > +++ b/patches/wget-1.19.1/CVE-2017-6508.patch
> > > @@ -0,0 +1,31 @@
> > > +From: Tim Rühsen 
> > > +Date: Mon Mar 6 10:04:22 2017 +0100
> > > +Subject: Fix CRLF injection in Wget host part
> > > +
> > > +* src/url.c (url_parse): Reject control characters in host part of URL
> > > +
> > > +Reported-by: Orange Tsai
> > > +
> > > +commit 4d729e322fae359a1aefaafec1144764a54e8ad4
> > > +diff --git a/src/url.c b/src/url.c
> > > +index 8f8ff0b8..7d36b27d 100644
> > > +--- a/src/url.c
> > >  b/src/url.c
> > > +@@ -925,6 +925,17 @@ url_parse (const char *url, int *error, struct iri 
> > > *iri, bool percent_encode)
> > > +   url_unescape (u->host);
> > > +   host_modified = true;
> > > + 
> > > ++  /* check for invalid control characters in host name */
> > > ++  for (p = u->host; *p; p++)
> > > ++{
> > > ++  if (c_iscntrl(*p))
> > > ++{
> > > ++  url_free(u);
> > > ++  error_code = PE_INVALID_HOST_NAME;
> > > ++  goto error;
> > > ++}
> > > ++}
> > > ++
> > > +   /* Apply IDNA regardless of iri->utf8_encode status */
> > > +   if (opt.enable_iri && iri)
> > > + {
> > > diff --git a/patches/wget-1.19.1/series b/patches/wget-1.19.1/series
> > > new file mode 100644
> > > index 000..f58bfe3
> > > --- /dev/null
> > > +++ b/patches/wget-1.19.1/series
> > > @@ -0,0 +1 @@
> > > +CVE-2017-6508.patch
> > > diff --git a/rules/wget.make b/rules/wget.make
> > > index a315e01..d4d3494 100644
> > > --- a/rules/wget.make
> > > +++ b/rules/wget.make
> > > @@ -16,8 +16,8 @@ PACKAGES-$(PTXCONF_WGET) += wget
> > >  #
> > >  # Paths and names
> > >  #
> > > -WGET_VERSION := 1.11.4
> > > -WGET_MD5 := 69e8a7296c0e12c53bd9ffd786462e87
> > > +WGET_VERSION := 1.19.1
> > > +WGET_MD5 := 87cea36b7161fd43e3fd51a4e8b89689
> > >  WGET := wget-$(WGET_VERSION)
> > >  WGET_SUFFIX  := tar.gz
> > >  WGET_URL := $(call ptx/mirror, GNU, wget/$(WGET).$(WGET_SUFFIX))
> > > @@ -40,7 +40,6 @@ WGET_ENV := \
> > >  WGET_AUTOCONF := \
> > >   $(CROSS_AUTOCONF_USR) \
> > >   $(GLOBAL_IPV6_OPTION) \
> > > - --without-socks \
> > >   --without-ssl
> > >  
> > >  # 
> > > 
> > > -- 
> > > 2.7.4

-- 
Pengutronix e.K.   | |
Industrial Linux Solutions | http://www.pengutronix.de/  |
Peiner Str. 6-8, 31137 Hildesheim, Germany | Phone: +49-5121-206917-0|
Amtsgericht Hildesheim, HRA 2686   | Fax:   +49-5121-206917- |

___
ptxdist mailing list
ptxdist@pengutronix.de

Re: [ptxdist] [PATCH] wget: version bump to 1.19.1

2017-08-07 Thread Denis OSTERLAND

Am Montag, den 07.08.2017, 09:46 +0200 schrieb Michael Olbrich:
> On Mon, Aug 07, 2017 at 05:59:17AM +, Denis OSTERLAND wrote:
> > 
> > Signed-off-by: Denis Osterland 
> This patch does not apply.
On my PC mbox received from ptxdist mailing-list applies to 
22c4eb289f151c4aba96a7906a57fb811392bfb3.
Do you have some additional info why?

osterlad@cwpc1435:~/buildbox/ptxdist/ptxdist-master$ git describe 
ptxdist-2017.07.0-11-g22c4eb2
osterlad@cwpc1435:~/buildbox/ptxdist/ptxdist-master$ git am 
~/tmp/\[ptxdist\]_\[PATCH\]_wget\:_version_bump_to_1.19.1.mbox
Applying: wget: version bump to 1.19.1
.git/rebase-apply/patch:31: trailing whitespace.
 
warning: 1 line adds whitespace errors.
osterlad@cwpc1435:~/buildbox/ptxdist/ptxdist-master$ git describe 
ptxdist-2017.07.0-12-gbb44dc0
> 
> Michael
> 
> > 
> > ---
> >  patches/wget-1.19.1/CVE-2017-6508.patch | 31 
> > +++
> >  patches/wget-1.19.1/series  |  1 +
> >  rules/wget.make |  5 ++---
> >  3 files changed, 34 insertions(+), 3 deletions(-)
> >  create mode 100644 patches/wget-1.19.1/CVE-2017-6508.patch
> >  create mode 100644 patches/wget-1.19.1/series
> > 
> > diff --git a/patches/wget-1.19.1/CVE-2017-6508.patch 
> > b/patches/wget-1.19.1/CVE-2017-6508.patch
> > new file mode 100644
> > index 000..bb2f63f
> > --- /dev/null
> > +++ b/patches/wget-1.19.1/CVE-2017-6508.patch
> > @@ -0,0 +1,31 @@
> > +From: Tim Rühsen 
> > +Date: Mon Mar 6 10:04:22 2017 +0100
> > +Subject: Fix CRLF injection in Wget host part
> > +
> > +* src/url.c (url_parse): Reject control characters in host part of URL
> > +
> > +Reported-by: Orange Tsai
> > +
> > +commit 4d729e322fae359a1aefaafec1144764a54e8ad4
> > +diff --git a/src/url.c b/src/url.c
> > +index 8f8ff0b8..7d36b27d 100644
> > +--- a/src/url.c
> >  b/src/url.c
> > +@@ -925,6 +925,17 @@ url_parse (const char *url, int *error, struct iri 
> > *iri, bool percent_encode)
> > +   url_unescape (u->host);
> > +   host_modified = true;
> > + 
> > ++  /* check for invalid control characters in host name */
> > ++  for (p = u->host; *p; p++)
> > ++{
> > ++  if (c_iscntrl(*p))
> > ++{
> > ++  url_free(u);
> > ++  error_code = PE_INVALID_HOST_NAME;
> > ++  goto error;
> > ++}
> > ++}
> > ++
> > +   /* Apply IDNA regardless of iri->utf8_encode status */
> > +   if (opt.enable_iri && iri)
> > + {
> > diff --git a/patches/wget-1.19.1/series b/patches/wget-1.19.1/series
> > new file mode 100644
> > index 000..f58bfe3
> > --- /dev/null
> > +++ b/patches/wget-1.19.1/series
> > @@ -0,0 +1 @@
> > +CVE-2017-6508.patch
> > diff --git a/rules/wget.make b/rules/wget.make
> > index a315e01..d4d3494 100644
> > --- a/rules/wget.make
> > +++ b/rules/wget.make
> > @@ -16,8 +16,8 @@ PACKAGES-$(PTXCONF_WGET) += wget
> >  #
> >  # Paths and names
> >  #
> > -WGET_VERSION   := 1.11.4
> > -WGET_MD5   := 69e8a7296c0e12c53bd9ffd786462e87
> > +WGET_VERSION   := 1.19.1
> > +WGET_MD5   := 87cea36b7161fd43e3fd51a4e8b89689
> >  WGET   := wget-$(WGET_VERSION)
> >  WGET_SUFFIX:= tar.gz
> >  WGET_URL   := $(call ptx/mirror, GNU, wget/$(WGET).$(WGET_SUFFIX))
> > @@ -40,7 +40,6 @@ WGET_ENV := \
> >  WGET_AUTOCONF := \
> >     $(CROSS_AUTOCONF_USR) \
> >     $(GLOBAL_IPV6_OPTION) \
> > -   --without-socks \
> >     --without-ssl
> >  
> >  # 
> > 
> > -- 
> > 2.7.4
> > 
> > 
> > Diehl AKO Stiftung & Co. KG, Pfannerstraße 75-83, 88239 Wangen im Allgäu
> > Bereichsvorstand: Dipl.-Ing. Michael Siedentop (Sprecher), Josef Fellner 
> > (Mitglied)
> > Sitz der Gesellschaft: Wangen i.A. – Registergericht: Amtsgericht Ulm HRA 
> > 620609 – Persönlich haftende Gesellschafterin: Diehl Verwaltungs-
> > Stiftung – Sitz: Nürnberg – Registergericht: Amtsgericht Nürnberg HRA 11756 
> > –
> > Vorstand: Dr.-Ing. E.h. Thomas Diehl (†) (Vorsitzender), Herr 
> > Dipl.-Wirtsch.-Ing. Wolfgang Weggen (stellvertretender Vorsitzender), 
> > Dipl.-Kfm.
> > Claus Günther, Dipl.-Kfm. Frank Gutzeit, Dr.-Ing. Heinrich Schunk, Dr.-Ing. 
> > Michael Siedentop , Dipl.-Kfm. Dr.-Ing. Martin Sommer, Dipl.-Ing. (FH)
> > Rainer von Borstel, Vorsitzender des Aufsichtsrates: Dr. Klaus Maier
> > ___
> > Der Inhalt der vorstehenden E-Mail ist nicht rechtlich bindend. Diese 
> > E-Mail enthaelt vertrauliche und/oder rechtlich geschuetzte Informationen.
> > Informieren Sie uns bitte, wenn Sie diese E-Mail faelschlicherweise 
> > erhalten haben. Bitte loeschen Sie in diesem Fall die Nachricht. Jede
> > unerlaubte Form der Reproduktion, Bekanntgabe, Aenderung, Verteilung 
> > und/oder Publikation dieser E-Mail ist strengstens untersagt.
> > The contents of the above mentioned e-mail

Re: [ptxdist] [PATCH] wget: version bump to 1.19.1

2017-08-07 Thread Michael Olbrich

On Mon, Aug 07, 2017 at 05:59:17AM +, Denis OSTERLAND wrote:
> Signed-off-by: Denis Osterland 

This patch does not apply.

Michael

> ---
>  patches/wget-1.19.1/CVE-2017-6508.patch | 31 +++
>  patches/wget-1.19.1/series  |  1 +
>  rules/wget.make |  5 ++---
>  3 files changed, 34 insertions(+), 3 deletions(-)
>  create mode 100644 patches/wget-1.19.1/CVE-2017-6508.patch
>  create mode 100644 patches/wget-1.19.1/series
> 
> diff --git a/patches/wget-1.19.1/CVE-2017-6508.patch 
> b/patches/wget-1.19.1/CVE-2017-6508.patch
> new file mode 100644
> index 000..bb2f63f
> --- /dev/null
> +++ b/patches/wget-1.19.1/CVE-2017-6508.patch
> @@ -0,0 +1,31 @@
> +From: Tim Rühsen 
> +Date: Mon Mar 6 10:04:22 2017 +0100
> +Subject: Fix CRLF injection in Wget host part
> +
> +* src/url.c (url_parse): Reject control characters in host part of URL
> +
> +Reported-by: Orange Tsai
> +
> +commit 4d729e322fae359a1aefaafec1144764a54e8ad4
> +diff --git a/src/url.c b/src/url.c
> +index 8f8ff0b8..7d36b27d 100644
> +--- a/src/url.c
>  b/src/url.c
> +@@ -925,6 +925,17 @@ url_parse (const char *url, int *error, struct iri 
> *iri, bool percent_encode)
> +   url_unescape (u->host);
> +   host_modified = true;
> + 
> ++  /* check for invalid control characters in host name */
> ++  for (p = u->host; *p; p++)
> ++{
> ++  if (c_iscntrl(*p))
> ++{
> ++  url_free(u);
> ++  error_code = PE_INVALID_HOST_NAME;
> ++  goto error;
> ++}
> ++}
> ++
> +   /* Apply IDNA regardless of iri->utf8_encode status */
> +   if (opt.enable_iri && iri)
> + {
> diff --git a/patches/wget-1.19.1/series b/patches/wget-1.19.1/series
> new file mode 100644
> index 000..f58bfe3
> --- /dev/null
> +++ b/patches/wget-1.19.1/series
> @@ -0,0 +1 @@
> +CVE-2017-6508.patch
> diff --git a/rules/wget.make b/rules/wget.make
> index a315e01..d4d3494 100644
> --- a/rules/wget.make
> +++ b/rules/wget.make
> @@ -16,8 +16,8 @@ PACKAGES-$(PTXCONF_WGET) += wget
>  #
>  # Paths and names
>  #
> -WGET_VERSION := 1.11.4
> -WGET_MD5 := 69e8a7296c0e12c53bd9ffd786462e87
> +WGET_VERSION := 1.19.1
> +WGET_MD5 := 87cea36b7161fd43e3fd51a4e8b89689
>  WGET := wget-$(WGET_VERSION)
>  WGET_SUFFIX  := tar.gz
>  WGET_URL := $(call ptx/mirror, GNU, wget/$(WGET).$(WGET_SUFFIX))
> @@ -40,7 +40,6 @@ WGET_ENV := \
>  WGET_AUTOCONF := \
>   $(CROSS_AUTOCONF_USR) \
>   $(GLOBAL_IPV6_OPTION) \
> - --without-socks \
>   --without-ssl
>  
>  # 
> 
> -- 
> 2.7.4
> 
> 
> Diehl AKO Stiftung & Co. KG, Pfannerstraße 75-83, 88239 Wangen im Allgäu
> Bereichsvorstand: Dipl.-Ing. Michael Siedentop (Sprecher), Josef Fellner 
> (Mitglied)
> Sitz der Gesellschaft: Wangen i.A. – Registergericht: Amtsgericht Ulm HRA 
> 620609 – Persönlich haftende Gesellschafterin: Diehl Verwaltungs-Stiftung – 
> Sitz: Nürnberg – Registergericht: Amtsgericht Nürnberg HRA 11756 –
> Vorstand: Dr.-Ing. E.h. Thomas Diehl (†) (Vorsitzender), Herr 
> Dipl.-Wirtsch.-Ing. Wolfgang Weggen (stellvertretender Vorsitzender), 
> Dipl.-Kfm. Claus Günther, Dipl.-Kfm. Frank Gutzeit, Dr.-Ing. Heinrich Schunk, 
> Dr.-Ing. Michael Siedentop , Dipl.-Kfm. Dr.-Ing. Martin Sommer, Dipl.-Ing. 
> (FH) Rainer von Borstel, Vorsitzender des Aufsichtsrates: Dr. Klaus Maier
> ___
> Der Inhalt der vorstehenden E-Mail ist nicht rechtlich bindend. Diese E-Mail 
> enthaelt vertrauliche und/oder rechtlich geschuetzte Informationen.
> Informieren Sie uns bitte, wenn Sie diese E-Mail faelschlicherweise erhalten 
> haben. Bitte loeschen Sie in diesem Fall die Nachricht. Jede unerlaubte Form 
> der Reproduktion, Bekanntgabe, Aenderung, Verteilung und/oder Publikation 
> dieser E-Mail ist strengstens untersagt.
> The contents of the above mentioned e-mail is not legally binding. This 
> e-mail contains confidential and/or legally protected information. Please 
> inform us if you have received this e-mail by mistake and delete it in such a 
> case. Each unauthorized reproduction, disclosure, alteration, distribution 
> and/or publication of this e-mail is strictly prohibited.
> ___
> ptxdist mailing list
> ptxdist@pengutronix.de

-- 
Pengutronix e.K.   | |
Industrial Linux Solutions | http://www.pengutronix.de/  |
Peiner Str. 6-8, 31137 Hildesheim, Germany | Phone: +49-5121-206917-0|
Amtsgericht Hildesheim, HRA 2686   | Fax:   +49-5121-206917- |

___
ptxdist mailing list
ptxdist@pengutronix.de

Re: [ptxdist] [PATCH] libssh2: version bump to 1.8.0

2017-08-07 Thread Michael Olbrich

Hi,

On Fri, Aug 04, 2017 at 11:34:25AM +, Denis OSTERLAND wrote:
> Signed-off-by: Denis Osterland 
> ---

The where some changes to the configure options and the rule wasn't that
great in that regard to begin with. Please update that as well.
Hint: I wrote scripts/configure_helper.py to help with this. It shows the
diff between what is used in the makefile and which options should be set.
It's not perfect but it's a good starting point.

Regards,
Michael

>  rules/libssh2.make | 4 ++--
>  1 file changed, 2 insertions(+), 2 deletions(-)
> 
> diff --git a/rules/libssh2.make b/rules/libssh2.make
> index d683c67..2cc29da 100644
> --- a/rules/libssh2.make
> +++ b/rules/libssh2.make
> @@ -16,8 +16,8 @@ PACKAGES-$(PTXCONF_LIBSSH2) += libssh2
>  #
>  # Paths and names
>  #
> -LIBSSH2_VERSION  := 1.2.4
> -LIBSSH2_MD5  := 4d65a66d5f232e5bb1d05b311e43d46d
> +LIBSSH2_VERSION  := 1.8.0
> +LIBSSH2_MD5  := 3d1147cae66e2959ea5441b183de1b1c
>  LIBSSH2  := libssh2-$(LIBSSH2_VERSION)
>  LIBSSH2_SUFFIX   := tar.gz
>  LIBSSH2_URL  := http://www.libssh2.org/download/$(LIBSSH2).$(LIBSSH2_SUFFIX)
> -- 
> 2.7.4
> 
> 
> Diehl AKO Stiftung & Co. KG, Pfannerstraße 75-83, 88239 Wangen im Allgäu
> Bereichsvorstand: Dipl.-Ing. Michael Siedentop (Sprecher), Josef Fellner 
> (Mitglied)
> Sitz der Gesellschaft: Wangen i.A. – Registergericht: Amtsgericht Ulm HRA 
> 620609 – Persönlich haftende Gesellschafterin: Diehl Verwaltungs-Stiftung – 
> Sitz: Nürnberg – Registergericht: Amtsgericht Nürnberg HRA 11756 –
> Vorstand: Dr.-Ing. E.h. Thomas Diehl (†) (Vorsitzender), Herr 
> Dipl.-Wirtsch.-Ing. Wolfgang Weggen (stellvertretender Vorsitzender), 
> Dipl.-Kfm. Claus Günther, Dipl.-Kfm. Frank Gutzeit, Dr.-Ing. Heinrich Schunk, 
> Dr.-Ing. Michael Siedentop , Dipl.-Kfm. Dr.-Ing. Martin Sommer, Dipl.-Ing. 
> (FH) Rainer von Borstel, Vorsitzender des Aufsichtsrates: Dr. Klaus Maier
> ___
> Der Inhalt der vorstehenden E-Mail ist nicht rechtlich bindend. Diese E-Mail 
> enthaelt vertrauliche und/oder rechtlich geschuetzte Informationen.
> Informieren Sie uns bitte, wenn Sie diese E-Mail faelschlicherweise erhalten 
> haben. Bitte loeschen Sie in diesem Fall die Nachricht. Jede unerlaubte Form 
> der Reproduktion, Bekanntgabe, Aenderung, Verteilung und/oder Publikation 
> dieser E-Mail ist strengstens untersagt.
> The contents of the above mentioned e-mail is not legally binding. This 
> e-mail contains confidential and/or legally protected information. Please 
> inform us if you have received this e-mail by mistake and delete it in such a 
> case. Each unauthorized reproduction, disclosure, alteration, distribution 
> and/or publication of this e-mail is strictly prohibited.
> 
> ___
> ptxdist mailing list
> ptxdist@pengutronix.de

-- 
Pengutronix e.K.   | |
Industrial Linux Solutions | http://www.pengutronix.de/  |
Peiner Str. 6-8, 31137 Hildesheim, Germany | Phone: +49-5121-206917-0|
Amtsgericht Hildesheim, HRA 2686   | Fax:   +49-5121-206917- |

___
ptxdist mailing list
ptxdist@pengutronix.de

Re: [ptxdist] [PATCH] libwebsockets: version bump to 1.7.9

2017-08-07 Thread Denis OSTERLAND

Hi Ian,

thanks for sharing your experience with Evolution.
Am Freitag, den 04.08.2017, 18:20 +0100 schrieb Ian Abbott:
> On 03/08/17 11:59, Denis OSTERLAND wrote:
> > 
> > Our Windows admins don´t open SMTP port on Exchange server and I found no 
> > way to connect git-send-email using MAPI.
> So they don't open the 'Mail submission agent' port (587) or the 'SMTPS' 
> port (unofficially 465) either?
Yes.
> 
> > 
> > Evolution seems to use unicode 0xA0 instead of ASCII 0x20 for ' ' and 
> > Windows line ending (CRLF).
> How does Evolution access your Exchange server?  Using evolution-ews or 
> evolution-mapi?  If you are using EWS, you might be able to set up a 
evolution-ews
> local 'DavMail' Gateway to access it using standard email protocols. See 
> http://davmail.sourceforge.net/ .  Then you could configure git 
> send-email to use the local DavMail gateway.
Thanks for that hint.
> 
> Our company used to have an Exchange server (with Email submission ports 
> open), but I set it up to send and receive outside emails via a Postfix 
> backend running on a Linux box, because I didn't want to expose the 
> Exchange server to the Internet directly.  Also, I didn't trust Exchange 
> enough to forward emails from 'git send-email' intact without breaking 
> them in some way, so I configured git to talk to the Postfix server 
> directly!
I run postfix in local only mode and configured it accept any messages, as 
posted here
https://askubuntu.com/questions/206766/local-only-sendmail-that-delivers-all-mail-to-a-directory
, and added local account to Evolution.
So receive e-mails I sent with git send-email in my local account
and I can drag-and-drop them to outbox and synchronize.
This seems to work.

I understand and agree your concerns about Exchange server to manipulate 
e-mails.
> 
> > 
> > 
> > I have tried to send it to my account and foreward it using Outlook Web 
> > App, but it fails too.
> > 
> > Seems like the only option is to use my private account, what I don´t want.
> > 
> > Best regards
> > Denis
Diehl AKO Stiftung & Co. KG, Pfannerstraße 75-83, 88239 Wangen im Allgäu
Bereichsvorstand: Dipl.-Ing. Michael Siedentop (Sprecher), Josef Fellner 
(Mitglied)
Sitz der Gesellschaft: Wangen i.A. – Registergericht: Amtsgericht Ulm HRA 
620609 – Persönlich haftende Gesellschafterin: Diehl Verwaltungs-Stiftung – 
Sitz: Nürnberg – Registergericht: Amtsgericht Nürnberg HRA 11756 –
Vorstand: Dr.-Ing. E.h. Thomas Diehl (†) (Vorsitzender), Herr 
Dipl.-Wirtsch.-Ing. Wolfgang Weggen (stellvertretender Vorsitzender), 
Dipl.-Kfm. Claus Günther, Dipl.-Kfm. Frank Gutzeit, Dr.-Ing. Heinrich Schunk, 
Dr.-Ing. Michael Siedentop , Dipl.-Kfm. Dr.-Ing. Martin Sommer, Dipl.-Ing. (FH) 
Rainer von Borstel, Vorsitzender des Aufsichtsrates: Dr. Klaus Maier
___
Der Inhalt der vorstehenden E-Mail ist nicht rechtlich bindend. Diese E-Mail 
enthaelt vertrauliche und/oder rechtlich geschuetzte Informationen.
Informieren Sie uns bitte, wenn Sie diese E-Mail faelschlicherweise erhalten 
haben. Bitte loeschen Sie in diesem Fall die Nachricht. Jede unerlaubte Form 
der Reproduktion, Bekanntgabe, Aenderung, Verteilung und/oder Publikation 
dieser E-Mail ist strengstens untersagt.
The contents of the above mentioned e-mail is not legally binding. This e-mail 
contains confidential and/or legally protected information. Please inform us if 
you have received this e-mail by mistake and delete it in such a case. Each 
unauthorized reproduction, disclosure, alteration, distribution and/or 
publication of this e-mail is strictly prohibited.
___
ptxdist mailing list
ptxdist@pengutronix.de

[ptxdist] [PATCH] wget: version bump to 1.19.1

2017-08-07 Thread Denis OSTERLAND

Signed-off-by: Denis Osterland 
---
 patches/wget-1.19.1/CVE-2017-6508.patch | 31 +++
 patches/wget-1.19.1/series  |  1 +
 rules/wget.make |  5 ++---
 3 files changed, 34 insertions(+), 3 deletions(-)
 create mode 100644 patches/wget-1.19.1/CVE-2017-6508.patch
 create mode 100644 patches/wget-1.19.1/series

diff --git a/patches/wget-1.19.1/CVE-2017-6508.patch 
b/patches/wget-1.19.1/CVE-2017-6508.patch
new file mode 100644
index 000..bb2f63f
--- /dev/null
+++ b/patches/wget-1.19.1/CVE-2017-6508.patch
@@ -0,0 +1,31 @@
+From: Tim Rühsen 
+Date: Mon Mar 6 10:04:22 2017 +0100
+Subject: Fix CRLF injection in Wget host part
+
+* src/url.c (url_parse): Reject control characters in host part of URL
+
+Reported-by: Orange Tsai
+
+commit 4d729e322fae359a1aefaafec1144764a54e8ad4
+diff --git a/src/url.c b/src/url.c
+index 8f8ff0b8..7d36b27d 100644
+--- a/src/url.c
 b/src/url.c
+@@ -925,6 +925,17 @@ url_parse (const char *url, int *error, struct iri *iri, 
bool percent_encode)
+   url_unescape (u->host);
+   host_modified = true;
+ 
++  /* check for invalid control characters in host name */
++  for (p = u->host; *p; p++)
++{
++  if (c_iscntrl(*p))
++{
++  url_free(u);
++  error_code = PE_INVALID_HOST_NAME;
++  goto error;
++}
++}
++
+   /* Apply IDNA regardless of iri->utf8_encode status */
+   if (opt.enable_iri && iri)
+ {
diff --git a/patches/wget-1.19.1/series b/patches/wget-1.19.1/series
new file mode 100644
index 000..f58bfe3
--- /dev/null
+++ b/patches/wget-1.19.1/series
@@ -0,0 +1 @@
+CVE-2017-6508.patch
diff --git a/rules/wget.make b/rules/wget.make
index a315e01..d4d3494 100644
--- a/rules/wget.make
+++ b/rules/wget.make
@@ -16,8 +16,8 @@ PACKAGES-$(PTXCONF_WGET) += wget
 #
 # Paths and names
 #
-WGET_VERSION   := 1.11.4
-WGET_MD5   := 69e8a7296c0e12c53bd9ffd786462e87
+WGET_VERSION   := 1.19.1
+WGET_MD5   := 87cea36b7161fd43e3fd51a4e8b89689
 WGET   := wget-$(WGET_VERSION)
 WGET_SUFFIX:= tar.gz
 WGET_URL   := $(call ptx/mirror, GNU, wget/$(WGET).$(WGET_SUFFIX))
@@ -40,7 +40,6 @@ WGET_ENV := \
 WGET_AUTOCONF := \
$(CROSS_AUTOCONF_USR) \
$(GLOBAL_IPV6_OPTION) \
-   --without-socks \
--without-ssl
 
 # 
-- 
2.7.4


Diehl AKO Stiftung & Co. KG, Pfannerstraße 75-83, 88239 Wangen im Allgäu
Bereichsvorstand: Dipl.-Ing. Michael Siedentop (Sprecher), Josef Fellner 
(Mitglied)
Sitz der Gesellschaft: Wangen i.A. – Registergericht: Amtsgericht Ulm HRA 
620609 – Persönlich haftende Gesellschafterin: Diehl Verwaltungs-Stiftung – 
Sitz: Nürnberg – Registergericht: Amtsgericht Nürnberg HRA 11756 –
Vorstand: Dr.-Ing. E.h. Thomas Diehl (†) (Vorsitzender), Herr 
Dipl.-Wirtsch.-Ing. Wolfgang Weggen (stellvertretender Vorsitzender), 
Dipl.-Kfm. Claus Günther, Dipl.-Kfm. Frank Gutzeit, Dr.-Ing. Heinrich Schunk, 
Dr.-Ing. Michael Siedentop , Dipl.-Kfm. Dr.-Ing. Martin Sommer, Dipl.-Ing. (FH) 
Rainer von Borstel, Vorsitzender des Aufsichtsrates: Dr. Klaus Maier
___
Der Inhalt der vorstehenden E-Mail ist nicht rechtlich bindend. Diese E-Mail 
enthaelt vertrauliche und/oder rechtlich geschuetzte Informationen.
Informieren Sie uns bitte, wenn Sie diese E-Mail faelschlicherweise erhalten 
haben. Bitte loeschen Sie in diesem Fall die Nachricht. Jede unerlaubte Form 
der Reproduktion, Bekanntgabe, Aenderung, Verteilung und/oder Publikation 
dieser E-Mail ist strengstens untersagt.
The contents of the above mentioned e-mail is not legally binding. This e-mail 
contains confidential and/or legally protected information. Please inform us if 
you have received this e-mail by mistake and delete it in such a case. Each 
unauthorized reproduction, disclosure, alteration, distribution and/or 
publication of this e-mail is strictly prohibited.
___
ptxdist mailing list
ptxdist@pengutronix.de

[ptxdist] [PATCH v2] wget: version bump 1.11.4 -> 1.19.1

[ptxdist] [PATCH v2] libssh2: version bump 1.2.4 -> 1.8.0.

Re: [ptxdist] [PATCH] wget: version bump to 1.19.1

Re: [ptxdist] [PATCH] wget: version bump to 1.19.1

Re: [ptxdist] [PATCH] wget: version bump to 1.19.1

Re: [ptxdist] [PATCH] libssh2: version bump to 1.8.0

Re: [ptxdist] [PATCH] libwebsockets: version bump to 1.7.9

[ptxdist] [PATCH] wget: version bump to 1.19.1

8 matches

Site Navigation

Mail list logo

Footer information