packages/devel/patch, branch masterMirror of packages feedhttps://git.openwrt.org/feed/packages/atom?h=master2025-04-03T13:15:31Zpatch: update to v2.82025-04-03T13:15:31ZRussell Senior2025-04-02T12:57:34Zurn:sha1:f17c283cdad0a9d33dfc8caa8994fb36e66fbf52
Delete patches already upstream.
Signed-off-by: Russell Senior <russell@personaltelco.net>
patch: do not patch automake Makefile template2022-09-09T22:20:58ZMichael Pratt2022-08-25T15:03:33Zurn:sha1:d581399e6033ee0750c1b9ae27ee22aa95128cf4
We do not build the tests for this package,
so we can avoid needing autoreconf
when the host automake version doesn't match
the version this package was bootstrapped with
by not changing the .am file in this patch.
Signed-off-by: Michael Pratt <mcpratt@pm.me>
treewide: Run refresh on all packages2021-02-21T00:02:15ZIlya Lipnitskiy2021-02-21T00:02:15Zurn:sha1:5d8d4fbbcb5c5de9370711c19bb3510210989a98
The crude loop I wrote to come up with this changeset:
find -L package/feeds/packages/ -name patches | \
sed 's/patches$/refresh/' | sort | xargs make
Signed-off-by: Ilya Lipnitskiy <ilya.lipnitskiy@gmail.com>
treewide: Change .*GPL.*+ licenses to SPDX compatible identifier2019-09-10T05:45:15ZSven Eckelmann2019-09-02T13:15:08Zurn:sha1:bbb1ea7345f367ed675dcfe40e36ac32ddf8a2e1
The CONTRIBUTING.md requests an (or multiple) SPDX identifier for GPL
licenses. But a lot of packages did use a different, non-SPDX style with a
"+" at the end instead of "-or-later".
Signed-off-by: Sven Eckelmann <sven@narfation.org>
patch: rename CVE-2019-13638 patch to mollify uscan2019-09-01T22:56:23ZRussell Senior2019-09-01T22:50:25Zurn:sha1:604102a865d2f64de787f3b5967b4f38d15f76f1
Signed-off-by: Russell Senior <russell@personaltelco.net>
patch: apply upstream patch for CVE-2019-136382019-08-11T20:01:04ZRussell Senior2019-08-11T19:43:41Zurn:sha1:b82198ff479c4f425da96534f5049bc7d3808065
GNU patch through 2.7.6 is vulnerable to OS shell command injection that
can be exploited by opening a crafted patch file that contains an ed style
diff payload with shell metacharacters. The ed editor does not need to be
present on the vulnerable system. This is different from CVE-2018-1000156.
https://nvd.nist.gov/vuln/detail/CVE-2019-13638
Signed-off-by: Russell Senior <russell@personaltelco.net>
tools/patch: apply upstream patch for CVE-2019-136362019-07-29T20:14:58ZRussell Senior2019-07-29T20:14:19Zurn:sha1:c8142f1ac11f0c529992ca8766d38e225ac14418
In GNU patch through 2.7.6, the following of symlinks is mishandled in
certain cases other than input files. This affects inp.c and util.c.
https://nvd.nist.gov/vuln/detail/CVE-2019-13636
Signed-off-by: Russell Senior <russell@personaltelco.net>
patch: Add missing CVE-2018-6951 patch2018-10-18T07:41:32ZRosen Penev2018-10-15T17:04:50Zurn:sha1:394ff73e5390599545412d14d48e9185a927dc21
The last commit added PKG_CPE_ID and now uscan detects a CVE that I missed
Reordered patches by date
Signed-off-by: Rosen Penev <rosenp@gmail.com>
[tweaked commit message]
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
patch: Fix CVE-2018-6952 and CVE-2018-10001562018-10-12T21:27:25ZRosen Penev2018-10-10T20:06:03Zurn:sha1:6f0ff2550303083b51475c6481458bf9b1820936
Patches taken from official git repository.
Added PKG_CPE_ID for proper CVE tracking.
Added PKG_BUILD_PARALLEL for faster compilation.
Also adjusted Makefile to be more similar to other projects.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
patch: update to version 2.7.62018-02-13T10:29:27ZRussell Senior2018-02-12T08:39:29Zurn:sha1:47351ade2f0dbfc063565c2e96c0fac2d125b816
Signed-off-by: Russell Senior <russell@personaltelco.net>