summaryrefslogtreecommitdiffstats
path: root/meta/recipes-devtools/dpkg/dpkg
diff options
context:
space:
mode:
authorMarek Vasut <marex@denx.de>2016-02-17 01:29:02 +0100
committerRichard Purdie <richard.purdie@linuxfoundation.org>2016-02-18 07:39:22 +0000
commit27b265641d5c13040268ac70b70bfe84fb092763 (patch)
tree4cda8663e2a9a01dcd8c567fc347909bceb53413 /meta/recipes-devtools/dpkg/dpkg
parentb15496ac48748f50a258720c2f35e985faee39e9 (diff)
downloadopenembedded-core-contrib-27b265641d5c13040268ac70b70bfe84fb092763.tar.gz
dpkg: Update to 1.18.4
Update dpkg version to 1.18.4 . This adds nios2 architecture support among other fixes. One patch was updated so it would apply to 1.18.4. Signed-off-by: Marek Vasut <marex@denx.de> Cc: Alexander Kanavin <alexander.kanavin@linux.intel.com> Cc: Richard Purdie <richard.purdie@linuxfoundation.org> Cc: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-devtools/dpkg/dpkg')
-rw-r--r--meta/recipes-devtools/dpkg/dpkg/0001-When-running-do_package_write_deb-we-have-trees-of-h.patch52
-rw-r--r--meta/recipes-devtools/dpkg/dpkg/dpkg-CVE-2015-0860.patch35
2 files changed, 30 insertions, 57 deletions
diff --git a/meta/recipes-devtools/dpkg/dpkg/0001-When-running-do_package_write_deb-we-have-trees-of-h.patch b/meta/recipes-devtools/dpkg/dpkg/0001-When-running-do_package_write_deb-we-have-trees-of-h.patch
index 6967ef4980..49ef853ff2 100644
--- a/meta/recipes-devtools/dpkg/dpkg/0001-When-running-do_package_write_deb-we-have-trees-of-h.patch
+++ b/meta/recipes-devtools/dpkg/dpkg/0001-When-running-do_package_write_deb-we-have-trees-of-h.patch
@@ -1,7 +1,7 @@
-From d14ffd786993da60ca84c4812da8a6594a8c764e Mon Sep 17 00:00:00 2001
+From e391bdba238d1371fc5b67cdae08b06eb5ada5c2 Mon Sep 17 00:00:00 2001
From: Alexander Kanavin <alex.kanavin@gmail.com>
Date: Wed, 26 Aug 2015 15:48:13 +0300
-Subject: [PATCH 1/5] When running do_package_write_deb, we have trees of
+Subject: [PATCH] When running do_package_write_deb, we have trees of
hardlinked files such as the dbg source files in ${PN}-dbg. If something
makes another copy of one of those files (or deletes one), the number of
links a file has changes and tar can notice this, e.g.:
@@ -19,23 +19,43 @@ place to avoid that kind of issue).
Upstream-Status: Inappropriate
RP 2015/3/27
---
- dpkg-deb/build.c | 11 ++++++++---
- 1 file changed, 8 insertions(+), 3 deletions(-)
+ dpkg-deb/build.c | 12 ++++++++----
+ 1 file changed, 8 insertions(+), 4 deletions(-)
diff --git a/dpkg-deb/build.c b/dpkg-deb/build.c
-index ea3d861..1589927 100644
+index 2ddeec6..af363f0 100644
--- a/dpkg-deb/build.c
+++ b/dpkg-deb/build.c
-@@ -458,7 +458,7 @@ do_build(const char *const *argv)
+@@ -452,7 +452,7 @@ static void
+ tarball_pack(const char *dir, filenames_feed_func *tar_filenames_feeder,
+ struct compress_params *tar_compress_params, int fd_out)
+ {
+- int pipe_filenames[2], pipe_tarball[2];
++ int pipe_filenames[2], pipe_tarball[2], rc;
+ pid_t pid_tar, pid_comp;
+
+ /* Fork off a tar. We will feed it a list of filenames on stdin later. */
+@@ -493,7 +493,9 @@ tarball_pack(const char *dir, filenames_feed_func *tar_filenames_feeder,
+ /* All done, clean up wait for tar and <compress> to finish their job. */
+ close(pipe_filenames[1]);
+ subproc_reap(pid_comp, _("<compress> from tar -cf"), 0);
+- subproc_reap(pid_tar, "tar -cf", 0);
++ rc = subproc_reap(pid_tar, "tar -cf", SUBPROC_RETERROR);
++ if (rc && rc != 1)
++ ohshite(_("subprocess %s returned error exit status %d"), "tar -cf", rc);
+ }
+
+ /**
+@@ -509,7 +511,7 @@ do_build(const char *const *argv)
char *debar;
char *tfbuf;
int arfd;
-- int p1[2], p2[2], gzfd;
-+ int p1[2], p2[2], gzfd, rc;
+- int p1[2], gzfd;
++ int p1[2], gzfd, rc;
pid_t c1, c2;
/* Decode our arguments. */
-@@ -538,7 +538,9 @@ do_build(const char *const *argv)
+@@ -590,7 +592,9 @@ do_build(const char *const *argv)
}
close(p1[0]);
subproc_reap(c2, _("<compress> from tar -cf"), 0);
@@ -46,18 +66,6 @@ index ea3d861..1589927 100644
if (lseek(gzfd, 0, SEEK_SET))
ohshite(_("failed to rewind temporary file (%s)"), _("control member"));
-@@ -626,7 +628,10 @@ do_build(const char *const *argv)
- /* All done, clean up wait for tar and <compress> to finish their job. */
- close(p1[1]);
- subproc_reap(c2, _("<compress> from tar -cf"), 0);
-- subproc_reap(c1, "tar -cf", 0);
-+ rc = subproc_reap(c1, "tar -cf", SUBPROC_RETERROR);
-+ if (rc && rc != 1)
-+ ohshite(_("subprocess %s returned error exit status %d"), "tar -cf", rc);
-+
- /* Okay, we have data.tar as well now, add it to the ar wrapper. */
- if (deb_format.major == 2) {
- char datamember[16 + 1];
--
-2.1.4
+2.7.0
diff --git a/meta/recipes-devtools/dpkg/dpkg/dpkg-CVE-2015-0860.patch b/meta/recipes-devtools/dpkg/dpkg/dpkg-CVE-2015-0860.patch
deleted file mode 100644
index 2fd3c3bb90..0000000000
--- a/meta/recipes-devtools/dpkg/dpkg/dpkg-CVE-2015-0860.patch
+++ /dev/null
@@ -1,35 +0,0 @@
-From 708e60ea4e16afb1d85da60dd73cb374a987653d Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Hanno=20B=C3=B6ck?= <hanno@hboeck.de>
-Date: Thu, 19 Nov 2015 20:03:10 +0100
-Subject: [PATCH 1/1] dpkg-deb: Fix off-by-one write access on ctrllenbuf
- variable
-
-This affects old format .deb packages.
-
-CVE: CVE-2015-0860
-Warned-by: afl
-Signed-off-by: Guillem Jover <guillem@debian.org>
-
-Upstream-Status: Backport
-
-Signed-off-by: Catalin Enache <catalin.enache@windriver.com>
----
- dpkg-deb/extract.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/dpkg-deb/extract.c b/dpkg-deb/extract.c
-index 5a9587a..e39fb35 100644
---- a/dpkg-deb/extract.c
-+++ b/dpkg-deb/extract.c
-@@ -247,7 +247,7 @@ extracthalf(const char *debar, const char *dir,
- if (errstr)
- ohshit(_("archive has invalid format version: %s"), errstr);
-
-- r = read_line(arfd, ctrllenbuf, 1, sizeof(ctrllenbuf));
-+ r = read_line(arfd, ctrllenbuf, 1, sizeof(ctrllenbuf) - 1);
- if (r < 0)
- read_fail(r, debar, _("archive control member size"));
- if (sscanf(ctrllenbuf, "%jd%c%d", &ctrllennum, &nlc, &dummy) != 2 ||
---
-1.9.1
-