mailarchive of the ptxdist mailing list
 help / color / mirror / Atom feed
* [ptxdist] [PATCH] openssl: version bump 1.0.0k -> 1.0.1e
@ 2014-01-17 13:49 ` Bruno Thomsen
  2014-01-17 14:09   ` Jürgen Beisert
  0 siblings, 1 reply; 9+ messages in thread
From: Bruno Thomsen @ 2014-01-17 13:49 UTC (permalink / raw)
  To: ptxdist; +Cc: Bruno Thomsen

Updating openssl to 1.0.1e improves TLS 1.x support in lighttpd.

Signed-off-by: Bruno Thomsen <bth@kamstrup.dk>
---
 rules/openssl.make |    4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/rules/openssl.make b/rules/openssl.make
index 35e9aa5..eaeb95a 100644
--- a/rules/openssl.make
+++ b/rules/openssl.make
@@ -18,8 +18,8 @@ PACKAGES-$(PTXCONF_OPENSSL) += openssl
 #
 # Paths and names
 #
-OPENSSL_VERSION	:= 1.0.0k
-OPENSSL_MD5	:= 99af9b319f928da5ea3e860311b396ef
+OPENSSL_VERSION	:= 1.0.1e
+OPENSSL_MD5	:= 66bf6f10f060d561929de96f9dfe5b8c
 OPENSSL		:= openssl-$(OPENSSL_VERSION)
 OPENSSL_SUFFIX	:= tar.gz
 OPENSSL_URL	:= http://www.openssl.org/source/$(OPENSSL).$(OPENSSL_SUFFIX)
-- 
1.7.9.5


-- 
ptxdist mailing list
ptxdist@pengutronix.de

^ permalink raw reply	[flat|nested] 9+ messages in thread

* Re: [ptxdist] [PATCH] openssl: version bump 1.0.0k -> 1.0.1e
  2014-01-17 13:49 ` [ptxdist] [PATCH] openssl: version bump 1.0.0k -> 1.0.1e Bruno Thomsen
@ 2014-01-17 14:09   ` Jürgen Beisert
  2014-01-17 15:18     ` Bruno Thomsen
  0 siblings, 1 reply; 9+ messages in thread
From: Jürgen Beisert @ 2014-01-17 14:09 UTC (permalink / raw)
  To: ptxdist; +Cc: Bruno Thomsen

Hi Bruno,

On Friday 17 January 2014 14:49:58 Bruno Thomsen wrote:
> Updating openssl to 1.0.1e improves TLS 1.x support in lighttpd.
>
> Signed-off-by: Bruno Thomsen <bth@kamstrup.dk>
> ---
>  rules/openssl.make |    4 ++--
>  1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/rules/openssl.make b/rules/openssl.make
> index 35e9aa5..eaeb95a 100644
> --- a/rules/openssl.make
> +++ b/rules/openssl.make
> @@ -18,8 +18,8 @@ PACKAGES-$(PTXCONF_OPENSSL) += openssl
>  #
>  # Paths and names
>  #
> -OPENSSL_VERSION	:= 1.0.0k
> -OPENSSL_MD5	:= 99af9b319f928da5ea3e860311b396ef
> +OPENSSL_VERSION	:= 1.0.1e
> +OPENSSL_MD5	:= 66bf6f10f060d561929de96f9dfe5b8c
>  OPENSSL		:= openssl-$(OPENSSL_VERSION)
>  OPENSSL_SUFFIX	:= tar.gz
>  OPENSSL_URL	:= http://www.openssl.org/source/$(OPENSSL).$(OPENSSL_SUFFIX)

PTXdist comes with various patches for openssl-1.0.0k. Did you check if they 
are obsolete when updating to release 1.0.1e? If yes, you should remove them 
with your patch as well.

Regards,
Juergen

-- 
Pengutronix e.K.                              | Juergen Beisert             |
Linux Solutions for Science and Industry      | http://www.pengutronix.de/  |

-- 
ptxdist mailing list
ptxdist@pengutronix.de

^ permalink raw reply	[flat|nested] 9+ messages in thread

* Re: [ptxdist] [PATCH] openssl: version bump 1.0.0k -> 1.0.1e
  2014-01-17 14:09   ` Jürgen Beisert
@ 2014-01-17 15:18     ` Bruno Thomsen
  2014-01-20 10:45       ` Michael Olbrich
  0 siblings, 1 reply; 9+ messages in thread
From: Bruno Thomsen @ 2014-01-17 15:18 UTC (permalink / raw)
  To: ptxdist

Hi Juergen,

> PTXdist comes with various patches for openssl-1.0.0k. Did you check if they are obsolete when updating to release 1.0.1e? If yes, you should remove them with your patch as well.

Ups, I was using the openssl-1.0.0h patch series when testing 1.0.1e.
I will try to rebase/cleanup/test patch series and resubmit a patch.


Venlig hilsen / Best regards

Kamstrup A/S <http://www.kamstrup.dk> 
Bruno Thomsen
Development engineer
Technology

Kamstrup A/S
Industrivej 28
DK-8660 Skanderborg
Tel:	 +45 89 93 10 00	 
Fax:	 +45 89 93 10 01	 
Dir:	 +45 89 93 13 94	 
E-mail:	 bth@kamstrup.dk	 
Web:	 www.kamstrup.dk

-- 
ptxdist mailing list
ptxdist@pengutronix.de

^ permalink raw reply	[flat|nested] 9+ messages in thread

* Re: [ptxdist] [PATCH] openssl: version bump 1.0.0k -> 1.0.1e
  2014-01-17 15:18     ` Bruno Thomsen
@ 2014-01-20 10:45       ` Michael Olbrich
  2014-01-23 16:53         ` Michael Olbrich
  0 siblings, 1 reply; 9+ messages in thread
From: Michael Olbrich @ 2014-01-20 10:45 UTC (permalink / raw)
  To: ptxdist

Hi,

On Fri, Jan 17, 2014 at 03:18:43PM +0000, Bruno Thomsen wrote:
> > PTXdist comes with various patches for openssl-1.0.0k. Did you check if they are obsolete when updating to release 1.0.1e? If yes, you should remove them with your patch as well.
> 
> Ups, I was using the openssl-1.0.0h patch series when testing 1.0.1e.
> I will try to rebase/cleanup/test patch series and resubmit a patch.

Let me handle that, I have a script here to import the latest patches from
debian.

Michael

-- 
Pengutronix e.K.                           |                             |
Industrial Linux Solutions                 | http://www.pengutronix.de/  |
Peiner Str. 6-8, 31137 Hildesheim, Germany | Phone: +49-5121-206917-0    |
Amtsgericht Hildesheim, HRA 2686           | Fax:   +49-5121-206917-5555 |

-- 
ptxdist mailing list
ptxdist@pengutronix.de

^ permalink raw reply	[flat|nested] 9+ messages in thread

* [ptxdist] [PATCH 0/2] php: version bump 5.3.10 -> 5.4.24
@ 2014-01-21 15:34 ` Bruno Thomsen
  2014-01-21 15:34   ` [ptxdist] [PATCH 1/2] Fix compiling of PHP with sqlite3 support on ptxdist 2012.04.0 Bruno Thomsen
  2014-01-21 15:34   ` [ptxdist] [PATCH 2/2] php: version bump 5.3.10 -> 5.4.24 Bruno Thomsen
  0 siblings, 2 replies; 9+ messages in thread
From: Bruno Thomsen @ 2014-01-21 15:34 UTC (permalink / raw)
  To: ptxdist; +Cc: Bruno Thomsen

Hi

Updated PHP due to many security flaws in 5.3.10.

Tested on Freescale i.MX28 with ptxdist 2012.04.0.
I'm unsure if newer versions of ptxdist still require the first patch, if not just discard it.

Bruno Thomsen (2):
  Fix compiling of PHP with sqlite3 support on ptxdist 2012.04.0.
  php: version bump 5.3.10 -> 5.4.24

 ...make-it-possible-to-force-cross-compiling.patch |   35 --------------------
 patches/php-5.3.10/series                          |    4 ---
 rules/php5.make                                    |    7 ++--
 3 files changed, 5 insertions(+), 41 deletions(-)
 delete mode 100644 patches/php-5.3.10/0001-HACK-make-it-possible-to-force-cross-compiling.patch
 delete mode 100644 patches/php-5.3.10/series

-- 
1.7.9.5


-- 
ptxdist mailing list
ptxdist@pengutronix.de

^ permalink raw reply	[flat|nested] 9+ messages in thread

* [ptxdist] [PATCH 1/2] Fix compiling of PHP with sqlite3 support on ptxdist 2012.04.0.
  2014-01-21 15:34 ` [ptxdist] [PATCH 0/2] php: version bump 5.3.10 -> 5.4.24 Bruno Thomsen
@ 2014-01-21 15:34   ` Bruno Thomsen
  2014-01-21 15:34   ` [ptxdist] [PATCH 2/2] php: version bump 5.3.10 -> 5.4.24 Bruno Thomsen
  1 sibling, 0 replies; 9+ messages in thread
From: Bruno Thomsen @ 2014-01-21 15:34 UTC (permalink / raw)
  To: ptxdist; +Cc: Bruno Thomsen


Signed-off-by: Bruno Thomsen <bth@kamstrup.dk>
---
 rules/php5.make |    3 +++
 1 file changed, 3 insertions(+)

diff --git a/rules/php5.make b/rules/php5.make
index b24cd33..f66a664 100644
--- a/rules/php5.make
+++ b/rules/php5.make
@@ -250,6 +250,9 @@ endif
 
 ifdef PTXCONF_PHP5_EXT_SQLITE3
 PHP5_AUTOCONF += --with-sqlite3=$(PTXDIST_SYSROOT_TARGET)/usr --with-pdo-sqlite
+# broken config system: sqlite3 (local copy) uses it
+# but it is only linked to if used by external dependencies
+PHP5_CONF_ENV += PHP_LDFLAGS=-ldl
 else
 PHP5_AUTOCONF += --without-sqlite3 --without-pdo-sqlite
 endif
-- 
1.7.9.5


-- 
ptxdist mailing list
ptxdist@pengutronix.de

^ permalink raw reply	[flat|nested] 9+ messages in thread

* [ptxdist] [PATCH 2/2] php: version bump 5.3.10 -> 5.4.24
  2014-01-21 15:34 ` [ptxdist] [PATCH 0/2] php: version bump 5.3.10 -> 5.4.24 Bruno Thomsen
  2014-01-21 15:34   ` [ptxdist] [PATCH 1/2] Fix compiling of PHP with sqlite3 support on ptxdist 2012.04.0 Bruno Thomsen
@ 2014-01-21 15:34   ` Bruno Thomsen
  2014-01-23 16:31     ` Michael Olbrich
  1 sibling, 1 reply; 9+ messages in thread
From: Bruno Thomsen @ 2014-01-21 15:34 UTC (permalink / raw)
  To: ptxdist; +Cc: Bruno Thomsen

Fixes a lot of security flaws and bugs.

Changelog:
http://www.php.net/ChangeLog-5.php#5.4.24

Old HACK patch removed since it cannot be applied on configure script.

Signed-off-by: Bruno Thomsen <bth@kamstrup.dk>
---
 ...make-it-possible-to-force-cross-compiling.patch |   35 --------------------
 patches/php-5.3.10/series                          |    4 ---
 rules/php5.make                                    |    4 +--
 3 files changed, 2 insertions(+), 41 deletions(-)
 delete mode 100644 patches/php-5.3.10/0001-HACK-make-it-possible-to-force-cross-compiling.patch
 delete mode 100644 patches/php-5.3.10/series

diff --git a/patches/php-5.3.10/0001-HACK-make-it-possible-to-force-cross-compiling.patch b/patches/php-5.3.10/0001-HACK-make-it-possible-to-force-cross-compiling.patch
deleted file mode 100644
index 931f9b0..0000000
--- a/patches/php-5.3.10/0001-HACK-make-it-possible-to-force-cross-compiling.patch
+++ /dev/null
@@ -1,35 +0,0 @@
-From: Michael Olbrich <m.olbrich@pengutronix.de>
-Date: Sat, 27 Oct 2012 11:37:38 +0200
-Subject: [PATCH] HACK: make it possible to force cross-compiling
-
-configure checks for cross-compiling by running a simple program.
-This returns the wrong result when build and host architecture are
-the same.
-This patch makes it possible to force cross-compiling. It hacks
-configure because it cannot be regenerated.
-
-Signed-off-by: Michael Olbrich <m.olbrich@pengutronix.de>
----
- configure |    2 ++
- 1 file changed, 2 insertions(+)
-
-diff --git a/configure b/configure
-index 0900d02..ca0dec0 100755
---- a/configure
-+++ b/configure
-@@ -2377,6 +2377,7 @@ ac_compile='${CC-cc} -c $CFLAGS $CPPFLAGS conftest.$ac_ext 1>&5'
- ac_link='${CC-cc} -o conftest${ac_exeext} $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS 1>&5'
- cross_compiling=$ac_cv_prog_cc_cross
- 
-+if test -z "$ac_cv_prog_cc_cross"; then
- cat > conftest.$ac_ext << EOF
- 
- #line 2383 "configure"
-@@ -2398,6 +2399,7 @@ else
-   ac_cv_prog_cc_works=no
- fi
- rm -fr conftest*
-+fi
- ac_ext=c
- # CFLAGS is not in ac_cpp because -g, -O, etc. are not valid cpp options.
- ac_cpp='$CPP $CPPFLAGS'
diff --git a/patches/php-5.3.10/series b/patches/php-5.3.10/series
deleted file mode 100644
index bad412b..0000000
--- a/patches/php-5.3.10/series
+++ /dev/null
@@ -1,4 +0,0 @@
-# generated by git-ptx-patches
-#tag:base --start-number 1
-0001-HACK-make-it-possible-to-force-cross-compiling.patch
-# 92e34182fd5e0535892f282141ab5993  - git-ptx-patches magic
diff --git a/rules/php5.make b/rules/php5.make
index f66a664..3e0f4de 100644
--- a/rules/php5.make
+++ b/rules/php5.make
@@ -17,8 +17,8 @@ PACKAGES-$(PTXCONF_PHP5) += php5
 #
 # Paths and names
 #
-PHP5_VERSION	:= 5.3.10
-PHP5_MD5	:= 816259e5ca7d0a7e943e56a3bb32b17f
+PHP5_VERSION	:= 5.4.24
+PHP5_MD5	:= acef880cc808b85e216897ee88187ee1
 PHP5		:= php-$(PHP5_VERSION)
 PHP5_SUFFIX	:= tar.bz2
 PHP5_SOURCE	:= $(SRCDIR)/$(PHP5).$(PHP5_SUFFIX)
-- 
1.7.9.5


-- 
ptxdist mailing list
ptxdist@pengutronix.de

^ permalink raw reply	[flat|nested] 9+ messages in thread

* Re: [ptxdist] [PATCH 2/2] php: version bump 5.3.10 -> 5.4.24
  2014-01-21 15:34   ` [ptxdist] [PATCH 2/2] php: version bump 5.3.10 -> 5.4.24 Bruno Thomsen
@ 2014-01-23 16:31     ` Michael Olbrich
  0 siblings, 0 replies; 9+ messages in thread
From: Michael Olbrich @ 2014-01-23 16:31 UTC (permalink / raw)
  To: ptxdist

On Tue, Jan 21, 2014 at 04:34:05PM +0100, Bruno Thomsen wrote:
> Fixes a lot of security flaws and bugs.
> 
> Changelog:
> http://www.php.net/ChangeLog-5.php#5.4.24
> 
> Old HACK patch removed since it cannot be applied on configure script.

"cannot be applied" is a bad reason. The correct one in this case is "is no
longer needed".

Also, I get "configure: error: unrecognized options: --with-curl-wrappers"
when I try to build it with everything enabled.

Michael

> Signed-off-by: Bruno Thomsen <bth@kamstrup.dk>
> ---
>  ...make-it-possible-to-force-cross-compiling.patch |   35 --------------------
>  patches/php-5.3.10/series                          |    4 ---
>  rules/php5.make                                    |    4 +--
>  3 files changed, 2 insertions(+), 41 deletions(-)
>  delete mode 100644 patches/php-5.3.10/0001-HACK-make-it-possible-to-force-cross-compiling.patch
>  delete mode 100644 patches/php-5.3.10/series
> 
> diff --git a/patches/php-5.3.10/0001-HACK-make-it-possible-to-force-cross-compiling.patch b/patches/php-5.3.10/0001-HACK-make-it-possible-to-force-cross-compiling.patch
> deleted file mode 100644
> index 931f9b0..0000000
> --- a/patches/php-5.3.10/0001-HACK-make-it-possible-to-force-cross-compiling.patch
> +++ /dev/null
> @@ -1,35 +0,0 @@
> -From: Michael Olbrich <m.olbrich@pengutronix.de>
> -Date: Sat, 27 Oct 2012 11:37:38 +0200
> -Subject: [PATCH] HACK: make it possible to force cross-compiling
> -
> -configure checks for cross-compiling by running a simple program.
> -This returns the wrong result when build and host architecture are
> -the same.
> -This patch makes it possible to force cross-compiling. It hacks
> -configure because it cannot be regenerated.
> -
> -Signed-off-by: Michael Olbrich <m.olbrich@pengutronix.de>
> ----
> - configure |    2 ++
> - 1 file changed, 2 insertions(+)
> -
> -diff --git a/configure b/configure
> -index 0900d02..ca0dec0 100755
> ---- a/configure
> -+++ b/configure
> -@@ -2377,6 +2377,7 @@ ac_compile='${CC-cc} -c $CFLAGS $CPPFLAGS conftest.$ac_ext 1>&5'
> - ac_link='${CC-cc} -o conftest${ac_exeext} $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS 1>&5'
> - cross_compiling=$ac_cv_prog_cc_cross
> - 
> -+if test -z "$ac_cv_prog_cc_cross"; then
> - cat > conftest.$ac_ext << EOF
> - 
> - #line 2383 "configure"
> -@@ -2398,6 +2399,7 @@ else
> -   ac_cv_prog_cc_works=no
> - fi
> - rm -fr conftest*
> -+fi
> - ac_ext=c
> - # CFLAGS is not in ac_cpp because -g, -O, etc. are not valid cpp options.
> - ac_cpp='$CPP $CPPFLAGS'
> diff --git a/patches/php-5.3.10/series b/patches/php-5.3.10/series
> deleted file mode 100644
> index bad412b..0000000
> --- a/patches/php-5.3.10/series
> +++ /dev/null
> @@ -1,4 +0,0 @@
> -# generated by git-ptx-patches
> -#tag:base --start-number 1
> -0001-HACK-make-it-possible-to-force-cross-compiling.patch
> -# 92e34182fd5e0535892f282141ab5993  - git-ptx-patches magic
> diff --git a/rules/php5.make b/rules/php5.make
> index f66a664..3e0f4de 100644
> --- a/rules/php5.make
> +++ b/rules/php5.make
> @@ -17,8 +17,8 @@ PACKAGES-$(PTXCONF_PHP5) += php5
>  #
>  # Paths and names
>  #
> -PHP5_VERSION	:= 5.3.10
> -PHP5_MD5	:= 816259e5ca7d0a7e943e56a3bb32b17f
> +PHP5_VERSION	:= 5.4.24
> +PHP5_MD5	:= acef880cc808b85e216897ee88187ee1
>  PHP5		:= php-$(PHP5_VERSION)
>  PHP5_SUFFIX	:= tar.bz2
>  PHP5_SOURCE	:= $(SRCDIR)/$(PHP5).$(PHP5_SUFFIX)
> -- 
> 1.7.9.5
> 
> 
> -- 
> ptxdist mailing list
> ptxdist@pengutronix.de
> 

-- 
Pengutronix e.K.                           |                             |
Industrial Linux Solutions                 | http://www.pengutronix.de/  |
Peiner Str. 6-8, 31137 Hildesheim, Germany | Phone: +49-5121-206917-0    |
Amtsgericht Hildesheim, HRA 2686           | Fax:   +49-5121-206917-5555 |

-- 
ptxdist mailing list
ptxdist@pengutronix.de

^ permalink raw reply	[flat|nested] 9+ messages in thread

* Re: [ptxdist] [PATCH] openssl: version bump 1.0.0k -> 1.0.1e
  2014-01-20 10:45       ` Michael Olbrich
@ 2014-01-23 16:53         ` Michael Olbrich
  0 siblings, 0 replies; 9+ messages in thread
From: Michael Olbrich @ 2014-01-23 16:53 UTC (permalink / raw)
  To: ptxdist

On Mon, Jan 20, 2014 at 11:45:20AM +0100, Michael Olbrich wrote:
> Hi,
> 
> On Fri, Jan 17, 2014 at 03:18:43PM +0000, Bruno Thomsen wrote:
> > > PTXdist comes with various patches for openssl-1.0.0k. Did you check if they are obsolete when updating to release 1.0.1e? If yes, you should remove them with your patch as well.
> > 
> > Ups, I was using the openssl-1.0.0h patch series when testing 1.0.1e.
> > I will try to rebase/cleanup/test patch series and resubmit a patch.
> 
> Let me handle that, I have a script here to import the latest patches from
> debian.

We now have 1.0.1f

Michael

-- 
Pengutronix e.K.                           |                             |
Industrial Linux Solutions                 | http://www.pengutronix.de/  |
Peiner Str. 6-8, 31137 Hildesheim, Germany | Phone: +49-5121-206917-0    |
Amtsgericht Hildesheim, HRA 2686           | Fax:   +49-5121-206917-5555 |

-- 
ptxdist mailing list
ptxdist@pengutronix.de

^ permalink raw reply	[flat|nested] 9+ messages in thread

end of thread, other threads:[~2014-01-23 16:53 UTC | newest]

Thread overview: 9+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
     [not found] <bth@kamstrup.dk>
2014-01-17 13:49 ` [ptxdist] [PATCH] openssl: version bump 1.0.0k -> 1.0.1e Bruno Thomsen
2014-01-17 14:09   ` Jürgen Beisert
2014-01-17 15:18     ` Bruno Thomsen
2014-01-20 10:45       ` Michael Olbrich
2014-01-23 16:53         ` Michael Olbrich
2014-01-21 15:34 ` [ptxdist] [PATCH 0/2] php: version bump 5.3.10 -> 5.4.24 Bruno Thomsen
2014-01-21 15:34   ` [ptxdist] [PATCH 1/2] Fix compiling of PHP with sqlite3 support on ptxdist 2012.04.0 Bruno Thomsen
2014-01-21 15:34   ` [ptxdist] [PATCH 2/2] php: version bump 5.3.10 -> 5.4.24 Bruno Thomsen
2014-01-23 16:31     ` Michael Olbrich

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox