From fba37d2322e7aec6a0b68a49db23867cdb9a66e4 Mon Sep 17 00:00:00 2001
From: Gustavo Zacarias <gustavo@zacarias.com.ar>
Date: Wed, 1 Oct 2014 10:23:53 -0300
Subject: [PATCH] rsyslog: security bump to version 7.6.6

Fixes CVE-2014-3634 - potential abort when a message with PRI > 191 was
processed if the "pri-text" property was used in active templates, this
could be abused to a remote denial of service from permitted senders.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Tested-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
---
 .../rsyslog/rsyslog-0001-revert-strdup.patch  | 27 +++++++++++++++++++
 package/rsyslog/rsyslog.hash                  |  4 +--
 package/rsyslog/rsyslog.mk                    |  5 ++--
 3 files changed, 32 insertions(+), 4 deletions(-)
 create mode 100644 package/rsyslog/rsyslog-0001-revert-strdup.patch

diff --git a/package/rsyslog/rsyslog-0001-revert-strdup.patch b/package/rsyslog/rsyslog-0001-revert-strdup.patch
new file mode 100644
index 0000000000..5e820184d4
--- /dev/null
+++ b/package/rsyslog/rsyslog-0001-revert-strdup.patch
@@ -0,0 +1,27 @@
+Revert upstream 0403361ac57082dc47840d1f31832f1a0e319078
+It breaks the build when it's defined.
+
+Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
+
+diff -Nura rsyslog-7.6.6.orig/grammar/lexer.c rsyslog-7.6.6/grammar/lexer.c
+--- rsyslog-7.6.6.orig/grammar/lexer.c	2014-10-01 10:12:34.960082719 -0300
++++ rsyslog-7.6.6/grammar/lexer.c	2014-10-01 10:13:24.512769964 -0300
+@@ -1459,7 +1459,6 @@
+ #line 32 "lexer.l"
+ #include "config.h"
+ #include "parserif.h"
+-extern char *strdup(char*); /* somehow we do not get this from string.h... */
+ /*%option noyywrap nodefault case-insensitive */
+ /* avoid compiler warning: `yyunput' defined but not used */
+ #define YY_NO_INPUT 1
+diff -Nura rsyslog-7.6.6.orig/grammar/lexer.l rsyslog-7.6.6/grammar/lexer.l
+--- rsyslog-7.6.6.orig/grammar/lexer.l	2014-10-01 10:12:34.960082719 -0300
++++ rsyslog-7.6.6/grammar/lexer.l	2014-10-01 10:13:41.935363172 -0300
+@@ -31,7 +31,6 @@
+ %{
+ #include "config.h"
+ #include "parserif.h"
+-extern char *strdup(char*); /* somehow we do not get this from string.h... */
+ %}
+ 
+ %option noyywrap nodefault case-insensitive yylineno
diff --git a/package/rsyslog/rsyslog.hash b/package/rsyslog/rsyslog.hash
index b47932a836..afc75cc608 100644
--- a/package/rsyslog/rsyslog.hash
+++ b/package/rsyslog/rsyslog.hash
@@ -1,2 +1,2 @@
-# From http://www.rsyslog.com/downloads/download-other/
-sha256	45bca1c1ffca6b8260363617897c09baeaf350e8b92c51361d2770375cdf4b34	rsyslog-7.6.5.tar.gz
+# From http://www.rsyslog.com/downloads/download-v7-stable/
+sha256	c77ae0db6204c5bd670fa96c354ee5fe1c62c876bd84ec06ed429138c78885bb	rsyslog-7.6.6.tar.gz
diff --git a/package/rsyslog/rsyslog.mk b/package/rsyslog/rsyslog.mk
index 2ba4a9a52c..17fd13badd 100644
--- a/package/rsyslog/rsyslog.mk
+++ b/package/rsyslog/rsyslog.mk
@@ -4,14 +4,15 @@
 #
 ################################################################################
 
-RSYSLOG_VERSION = 7.6.5
+RSYSLOG_VERSION = 7.6.6
 RSYSLOG_SITE = http://rsyslog.com/files/download/rsyslog
 RSYSLOG_LICENSE = GPLv3 LGPLv3 Apache-2.0
 RSYSLOG_LICENSE_FILES = COPYING COPYING.LESSER COPYING.ASL20
 RSYSLOG_DEPENDENCIES = zlib libestr liblogging json-c host-pkgconf
 
 RSYSLOG_CONF_OPT = --disable-testbench \
-		   --enable-cached-man-pages
+		   --enable-cached-man-pages \
+		   --disable-generate-man-pages
 
 # Build after BusyBox
 ifeq ($(BR2_PACKAGE_BUSYBOX),y)
-- 
2.30.2