staging/pepe2k/tools/zlib, branch v21.02.4

zlib: backport security fix for a reproducible crash in compressor

2022-03-24T08:40:12Z

Tavis has just reported, that he was recently trying to track down a reproducible crash in a compressor. Believe it or not, it really was a bug in zlib-1.2.11 when compressing (not decompressing!) certain inputs. Tavis has reported it upstream, but it turns out the issue has been public since 2018, but the patch never made it into a release. As far as he knows, nobody ever assigned it a CVE. Suggested-by: Tavis Ormandy References: https://www.openwall.com/lists/oss-security/2022/03/24/1 Signed-off-by: Petr Štetiar (cherry picked from commit b3aa2909a79aeff20d594160b207a89dc807c033) (cherry picked from commit 3965dda0fa70dc9408f1a2e55a3ddefde78bd50e)

tools: zlib: do not hardcode the install prefix in zlib.pc

2018-05-24T15:07:10Z

Our pkg-config wrapper relies on the ability to redefine the $prefix and $exec_prefix variables in order to construct proper search paths relative to the build environment. Patch the .pc file template to construct libdir, sharedlibdir and includedir relative to the ${prefix} variable so that it can be overridden as needed. This also fixes the libxml2/host build issue raised at https://github.com/openwrt/packages/issues/6073 - it was caused by libxml2's configure picking up a wrong host search path through zlib.pc, letting it include the wrong endian.h, causing spurious member redeclaration errors in system headers. Signed-off-by: Jo-Philipp Wich

tools/zlib: move zlib build to tools

2018-04-28T13:28:59Z

This allows us to link the other tools against our libz and we do not need the system zlib any more. Only the static linked library is copied to the staging directory so we have a statically linked library on all systems and not only on Linux. This also adds the new dependencies of the packages which are depending on zlib. Signed-off-by: Hauke Mehrtens Tested-by: Koen Vandeputte