From 7b1fde3f65b674f5973800731c0c284f7d415248 Mon Sep 17 00:00:00 2001 From: Petter Mabäcker Date: Wed, 18 Nov 2015 12:54:25 +0100 Subject: readline: apply missing upstream patches MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Some readline-6.3 upstream patches was missing. Also ensure that the upstream patches are applied in the same way as in readline-5.2. Remove 'readline-dispatch-multikey.patch' and 'readline-cve-2014-2524.patch' since they are already included in upstream patches 'readline63-002' and 'readline63-003'. [YOCTO #8451] Signed-off-by: Petter Mabäcker Signed-off-by: Ross Burton --- .../readline-6.3/readline-cve-2014-2524.patch | 43 ---------------------- .../readline-6.3/readline-dispatch-multikey.patch | 32 ---------------- meta/recipes-core/readline/readline_6.3.bb | 31 ++++++++++++++-- 3 files changed, 27 insertions(+), 79 deletions(-) delete mode 100644 meta/recipes-core/readline/readline-6.3/readline-cve-2014-2524.patch delete mode 100644 meta/recipes-core/readline/readline-6.3/readline-dispatch-multikey.patch diff --git a/meta/recipes-core/readline/readline-6.3/readline-cve-2014-2524.patch b/meta/recipes-core/readline/readline-6.3/readline-cve-2014-2524.patch deleted file mode 100644 index 98a9d810b6..0000000000 --- a/meta/recipes-core/readline/readline-6.3/readline-cve-2014-2524.patch +++ /dev/null @@ -1,43 +0,0 @@ -readline: Security Advisory - readline - CVE-2014-2524 - -Upstream-Status: Backport - -Signed-off-by: Yue Tao - - READLINE PATCH REPORT - ===================== - -Readline-Release: 6.3 -Patch-ID: readline63-003 - -Bug-Reported-by: -Bug-Reference-ID: -Bug-Reference-URL: - -Bug-Description: - -There are debugging functions in the readline release that are theoretically -exploitable as security problems. They are not public functions, but have -global linkage. - -Patch (apply with `patch -p0'): - -*** ../readline-6.3/util.c 2013-09-02 13:36:12.000000000 -0400 ---- util.c 2014-03-20 10:25:53.000000000 -0400 -*************** -*** 477,480 **** ---- 479,483 ---- - } - -+ #if defined (DEBUG) - #if defined (USE_VARARGS) - static FILE *_rl_tracefp; -*************** -*** 539,542 **** ---- 542,546 ---- - } - #endif -+ #endif /* DEBUG */ - - - diff --git a/meta/recipes-core/readline/readline-6.3/readline-dispatch-multikey.patch b/meta/recipes-core/readline/readline-6.3/readline-dispatch-multikey.patch deleted file mode 100644 index 54d1ac6eb9..0000000000 --- a/meta/recipes-core/readline/readline-6.3/readline-dispatch-multikey.patch +++ /dev/null @@ -1,32 +0,0 @@ -From 8ef852a5be72c75e17f2510bea52455f809b56ce Mon Sep 17 00:00:00 2001 -From: Chet Ramey -Date: Fri, 28 Mar 2014 14:07:42 -0400 -Subject: [PATCH 04/10] Readline-6.3 patch 2 - -Fixes multi-key issue identified in this thread: -http://lists.gnu.org/archive/html/bug-readline/2014-03/msg00010.html - -Upstream-Status: Backport - -Signed-off-by: Saul Wold ---- - readline.c | 3 ++- - 1 files changed, 2 insertions(+), 1 deletions(-) - -diff --git a/readline.c b/readline.c -index eb4eae3..abb29a0 100644 ---- a/readline.c -+++ b/readline.c -@@ -744,7 +744,8 @@ _rl_dispatch_callback (cxt) - r = _rl_subseq_result (r, cxt->oldmap, cxt->okey, (cxt->flags & KSEQ_SUBSEQ)); - - RL_CHECK_SIGNALS (); -- if (r == 0) /* success! */ -+ /* We only treat values < 0 specially to simulate recursion. */ -+ if (r >= 0 || (r == -1 && (cxt->flags & KSEQ_SUBSEQ) == 0)) /* success! or failure! */ - { - _rl_keyseq_chain_dispose (); - RL_UNSETSTATE (RL_STATE_MULTIKEY); --- -1.8.3.1 - diff --git a/meta/recipes-core/readline/readline_6.3.bb b/meta/recipes-core/readline/readline_6.3.bb index dbb9f0a946..8ec7c4ada0 100644 --- a/meta/recipes-core/readline/readline_6.3.bb +++ b/meta/recipes-core/readline/readline_6.3.bb @@ -1,11 +1,34 @@ require readline.inc -SRC_URI += "file://configure-fix.patch \ +SRC_URI += "${GNU_MIRROR}/readline/readline-6.3-patches/readline63-001;name=patch1;apply=yes;striplevel=0 \ + ${GNU_MIRROR}/readline/readline-6.3-patches/readline63-002;name=patch2;apply=yes;striplevel=0 \ + ${GNU_MIRROR}/readline/readline-6.3-patches/readline63-003;name=patch3;apply=yes;striplevel=0 \ + ${GNU_MIRROR}/readline/readline-6.3-patches/readline63-004;name=patch4;apply=yes;striplevel=0 \ + ${GNU_MIRROR}/readline/readline-6.3-patches/readline63-005;name=patch5;apply=yes;striplevel=0 \ + ${GNU_MIRROR}/readline/readline-6.3-patches/readline63-006;name=patch6;apply=yes;striplevel=0 \ + ${GNU_MIRROR}/readline/readline-6.3-patches/readline63-007;name=patch7;apply=yes;striplevel=0 \ + ${GNU_MIRROR}/readline/readline-6.3-patches/readline63-008;name=patch8;apply=yes;striplevel=0 \ + file://configure-fix.patch \ file://config-dirent-symbols.patch \ - file://norpath.patch \ - file://readline-cve-2014-2524.patch;striplevel=0 \ - file://readline-dispatch-multikey.patch" + file://norpath.patch" SRC_URI[archive.md5sum] = "33c8fb279e981274f485fd91da77e94a" SRC_URI[archive.sha256sum] = "56ba6071b9462f980c5a72ab0023893b65ba6debb4eeb475d7a563dc65cafd43" +SRC_URI[patch1.md5sum] = "4343f5ea9b0f42447f102fb61576b398" +SRC_URI[patch1.sha256sum] = "1a79bbb6eaee750e0d6f7f3d059b30a45fc54e8e388a8e05e9c3ae598590146f" +SRC_URI[patch2.md5sum] = "700295212f7e2978577feaee584afddb" +SRC_URI[patch2.sha256sum] = "39e304c7a526888f9e112e733848215736fb7b9d540729b9e31f3347b7a1e0a5" +SRC_URI[patch3.md5sum] = "af4963862f5156fbf9111c2c6fa86ed7" +SRC_URI[patch3.sha256sum] = "ec41bdd8b00fd884e847708513df41d51b1243cecb680189e31b7173d01ca52f" +SRC_URI[patch4.md5sum] = "11f9def89803a5052db3ba72394ce14f" +SRC_URI[patch4.sha256sum] = "4547b906fb2570866c21887807de5dee19838a60a1afb66385b272155e4355cc" +SRC_URI[patch5.md5sum] = "93721c31cd225393f80cb3aadb165544" +SRC_URI[patch5.sha256sum] = "877788f9228d1a9907a4bcfe3d6dd0439c08d728949458b41208d9bf9060274b" +SRC_URI[patch6.md5sum] = "71dc6ecce66d1489b96595f55d142a52" +SRC_URI[patch6.sha256sum] = "5c237ab3c6c97c23cf52b2a118adc265b7fb411b57c93a5f7c221d50fafbe556" +SRC_URI[patch7.md5sum] = "062a08ed60679d3c4878710b3d595b65" +SRC_URI[patch7.sha256sum] = "4d79b5a2adec3c2e8114cbd3d63c1771f7c6cf64035368624903d257014f5bea" +SRC_URI[patch8.md5sum] = "ee1c04072154826870848d8b218d7b04" +SRC_URI[patch8.sha256sum] = "3bc093cf526ceac23eb80256b0ec87fa1735540d659742107b6284d635c43787" + -- cgit 1.2.3-korg