diff options
Diffstat (limited to 'meta/recipes-extended/unzip/unzip_6.0.bb')
| -rw-r--r-- | meta/recipes-extended/unzip/unzip_6.0.bb | 24 |
1 files changed, 20 insertions, 4 deletions
diff --git a/meta/recipes-extended/unzip/unzip_6.0.bb b/meta/recipes-extended/unzip/unzip_6.0.bb index 4a0a713a61..c1ea0a9a2c 100644 --- a/meta/recipes-extended/unzip/unzip_6.0.bb +++ b/meta/recipes-extended/unzip/unzip_6.0.bb @@ -6,25 +6,41 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=94caec5a51ef55ef711ee4e8b1c69e29" PE = "1" PR = "r5" -SRC_URI = "ftp://ftp.info-zip.org/pub/infozip/src/unzip60.tgz \ +SRC_URI = "${SOURCEFORGE_MIRROR}/infozip/UnZip%206.x%20%28latest%29/UnZip%206.0/unzip60.tar.gz \ file://avoid-strip.patch \ file://define-ldflags.patch \ file://06-unzip60-alt-iconv-utf8_CVE-2015-1315.patch \ - file://unzip-6.0_overflow3.diff \ + file://cve-2014-9636.patch \ file://09-cve-2014-8139-crc-overflow.patch \ file://10-cve-2014-8140-test-compr-eb.patch \ file://11-cve-2014-8141-getzip64data.patch \ + file://CVE-2015-7696.patch \ + file://CVE-2015-7697.patch \ + file://fix-security-format.patch \ + file://18-cve-2014-9913-unzip-buffer-overflow.patch \ + file://19-cve-2016-9844-zipinfo-buffer-overflow.patch \ + file://symlink.patch \ + file://0001-unzip-fix-CVE-2018-1000035.patch \ + file://CVE-2018-18384.patch \ + file://CVE-2019-13232_p1.patch \ + file://CVE-2019-13232_p2.patch \ + file://CVE-2019-13232_p3.patch \ " +UPSTREAM_VERSION_UNKNOWN = "1" SRC_URI[md5sum] = "62b490407489521db863b523a7f86375" SRC_URI[sha256sum] = "036d96991646d0449ed0aa952e4fbe21b476ce994abc276e49d30e686708bd37" + +# exclude version 5.5.2 which triggers a false positive +UPSTREAM_CHECK_REGEX = "unzip(?P<pver>(?!552).+)\.tgz" + S = "${WORKDIR}/unzip60" # Makefile uses CF_NOOPT instead of CFLAGS. We lifted the values from # Makefile and add CFLAGS. Optimization will be overriden by unzip # configure to be -O3. # -EXTRA_OEMAKE += "STRIP=true LF2='' \ +EXTRA_OEMAKE = "-e MAKEFLAGS= STRIP=true LF2='' \ 'CF_NOOPT=-I. -Ibzip2 -DUNIX ${CFLAGS}'" export LD = "${CC}" @@ -48,4 +64,4 @@ ALTERNATIVE_PRIORITY = "100" ALTERNATIVE_${PN} = "unzip" ALTERNATIVE_LINK_NAME[unzip] = "${bindir}/unzip" -BBCLASSEXTEND = "native" +BBCLASSEXTEND = "native nativesdk" |