From 27b265641d5c13040268ac70b70bfe84fb092763 Mon Sep 17 00:00:00 2001 From: Marek Vasut Date: Wed, 17 Feb 2016 01:29:02 +0100 Subject: dpkg: Update to 1.18.4 Update dpkg version to 1.18.4 . This adds nios2 architecture support among other fixes. One patch was updated so it would apply to 1.18.4. Signed-off-by: Marek Vasut Cc: Alexander Kanavin Cc: Richard Purdie Cc: Ross Burton Signed-off-by: Richard Purdie --- ...g-do_package_write_deb-we-have-trees-of-h.patch | 52 +++++++++++++--------- .../dpkg/dpkg/dpkg-CVE-2015-0860.patch | 35 --------------- meta/recipes-devtools/dpkg/dpkg_1.18.2.bb | 21 --------- meta/recipes-devtools/dpkg/dpkg_1.18.4.bb | 20 +++++++++ 4 files changed, 50 insertions(+), 78 deletions(-) delete mode 100644 meta/recipes-devtools/dpkg/dpkg/dpkg-CVE-2015-0860.patch delete mode 100644 meta/recipes-devtools/dpkg/dpkg_1.18.2.bb create mode 100644 meta/recipes-devtools/dpkg/dpkg_1.18.4.bb (limited to 'meta') diff --git a/meta/recipes-devtools/dpkg/dpkg/0001-When-running-do_package_write_deb-we-have-trees-of-h.patch b/meta/recipes-devtools/dpkg/dpkg/0001-When-running-do_package_write_deb-we-have-trees-of-h.patch index 6967ef4980..49ef853ff2 100644 --- a/meta/recipes-devtools/dpkg/dpkg/0001-When-running-do_package_write_deb-we-have-trees-of-h.patch +++ b/meta/recipes-devtools/dpkg/dpkg/0001-When-running-do_package_write_deb-we-have-trees-of-h.patch @@ -1,7 +1,7 @@ -From d14ffd786993da60ca84c4812da8a6594a8c764e Mon Sep 17 00:00:00 2001 +From e391bdba238d1371fc5b67cdae08b06eb5ada5c2 Mon Sep 17 00:00:00 2001 From: Alexander Kanavin Date: Wed, 26 Aug 2015 15:48:13 +0300 -Subject: [PATCH 1/5] When running do_package_write_deb, we have trees of +Subject: [PATCH] When running do_package_write_deb, we have trees of hardlinked files such as the dbg source files in ${PN}-dbg. If something makes another copy of one of those files (or deletes one), the number of links a file has changes and tar can notice this, e.g.: @@ -19,23 +19,43 @@ place to avoid that kind of issue). Upstream-Status: Inappropriate RP 2015/3/27 --- - dpkg-deb/build.c | 11 ++++++++--- - 1 file changed, 8 insertions(+), 3 deletions(-) + dpkg-deb/build.c | 12 ++++++++---- + 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/dpkg-deb/build.c b/dpkg-deb/build.c -index ea3d861..1589927 100644 +index 2ddeec6..af363f0 100644 --- a/dpkg-deb/build.c +++ b/dpkg-deb/build.c -@@ -458,7 +458,7 @@ do_build(const char *const *argv) +@@ -452,7 +452,7 @@ static void + tarball_pack(const char *dir, filenames_feed_func *tar_filenames_feeder, + struct compress_params *tar_compress_params, int fd_out) + { +- int pipe_filenames[2], pipe_tarball[2]; ++ int pipe_filenames[2], pipe_tarball[2], rc; + pid_t pid_tar, pid_comp; + + /* Fork off a tar. We will feed it a list of filenames on stdin later. */ +@@ -493,7 +493,9 @@ tarball_pack(const char *dir, filenames_feed_func *tar_filenames_feeder, + /* All done, clean up wait for tar and to finish their job. */ + close(pipe_filenames[1]); + subproc_reap(pid_comp, _(" from tar -cf"), 0); +- subproc_reap(pid_tar, "tar -cf", 0); ++ rc = subproc_reap(pid_tar, "tar -cf", SUBPROC_RETERROR); ++ if (rc && rc != 1) ++ ohshite(_("subprocess %s returned error exit status %d"), "tar -cf", rc); + } + + /** +@@ -509,7 +511,7 @@ do_build(const char *const *argv) char *debar; char *tfbuf; int arfd; -- int p1[2], p2[2], gzfd; -+ int p1[2], p2[2], gzfd, rc; +- int p1[2], gzfd; ++ int p1[2], gzfd, rc; pid_t c1, c2; /* Decode our arguments. */ -@@ -538,7 +538,9 @@ do_build(const char *const *argv) +@@ -590,7 +592,9 @@ do_build(const char *const *argv) } close(p1[0]); subproc_reap(c2, _(" from tar -cf"), 0); @@ -46,18 +66,6 @@ index ea3d861..1589927 100644 if (lseek(gzfd, 0, SEEK_SET)) ohshite(_("failed to rewind temporary file (%s)"), _("control member")); -@@ -626,7 +628,10 @@ do_build(const char *const *argv) - /* All done, clean up wait for tar and to finish their job. */ - close(p1[1]); - subproc_reap(c2, _(" from tar -cf"), 0); -- subproc_reap(c1, "tar -cf", 0); -+ rc = subproc_reap(c1, "tar -cf", SUBPROC_RETERROR); -+ if (rc && rc != 1) -+ ohshite(_("subprocess %s returned error exit status %d"), "tar -cf", rc); -+ - /* Okay, we have data.tar as well now, add it to the ar wrapper. */ - if (deb_format.major == 2) { - char datamember[16 + 1]; -- -2.1.4 +2.7.0 diff --git a/meta/recipes-devtools/dpkg/dpkg/dpkg-CVE-2015-0860.patch b/meta/recipes-devtools/dpkg/dpkg/dpkg-CVE-2015-0860.patch deleted file mode 100644 index 2fd3c3bb90..0000000000 --- a/meta/recipes-devtools/dpkg/dpkg/dpkg-CVE-2015-0860.patch +++ /dev/null @@ -1,35 +0,0 @@ -From 708e60ea4e16afb1d85da60dd73cb374a987653d Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Hanno=20B=C3=B6ck?= -Date: Thu, 19 Nov 2015 20:03:10 +0100 -Subject: [PATCH 1/1] dpkg-deb: Fix off-by-one write access on ctrllenbuf - variable - -This affects old format .deb packages. - -CVE: CVE-2015-0860 -Warned-by: afl -Signed-off-by: Guillem Jover - -Upstream-Status: Backport - -Signed-off-by: Catalin Enache ---- - dpkg-deb/extract.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/dpkg-deb/extract.c b/dpkg-deb/extract.c -index 5a9587a..e39fb35 100644 ---- a/dpkg-deb/extract.c -+++ b/dpkg-deb/extract.c -@@ -247,7 +247,7 @@ extracthalf(const char *debar, const char *dir, - if (errstr) - ohshit(_("archive has invalid format version: %s"), errstr); - -- r = read_line(arfd, ctrllenbuf, 1, sizeof(ctrllenbuf)); -+ r = read_line(arfd, ctrllenbuf, 1, sizeof(ctrllenbuf) - 1); - if (r < 0) - read_fail(r, debar, _("archive control member size")); - if (sscanf(ctrllenbuf, "%jd%c%d", &ctrllennum, &nlc, &dummy) != 2 || --- -1.9.1 - diff --git a/meta/recipes-devtools/dpkg/dpkg_1.18.2.bb b/meta/recipes-devtools/dpkg/dpkg_1.18.2.bb deleted file mode 100644 index eab896c342..0000000000 --- a/meta/recipes-devtools/dpkg/dpkg_1.18.2.bb +++ /dev/null @@ -1,21 +0,0 @@ -require dpkg.inc -LIC_FILES_CHKSUM = "file://COPYING;md5=751419260aa954499f7abaabaa882bbe" - -SRC_URI_append_class-native =" file://glibc2.5-sync_file_range.patch " -SRC_URI += "file://noman.patch \ - file://remove-tar-no-timestamp.patch \ - file://fix-abs-redefine.patch \ - file://arch_pm.patch \ - file://dpkg-configure.service \ - file://add_armeb_triplet_entry.patch \ - file://0002-Adapt-to-linux-wrs-kernel-version-which-has-characte.patch \ - file://0003-Our-pre-postinsts-expect-D-to-be-set-when-running-in.patch \ - file://0004-The-lutimes-function-doesn-t-work-properly-for-all-s.patch \ - file://0005-dpkg-compiler.m4-remove-Wvla.patch \ - file://0006-add-musleabi-to-known-target-tripets.patch \ - file://dpkg-CVE-2015-0860.patch \ - " - -SRC_URI[md5sum] = "63b9d869081ec49adeef6c5ff62d6576" -SRC_URI[sha256sum] = "11484f2a73d027d696e720a60380db71978bb5c06cd88fe30c291e069ac457a4" - diff --git a/meta/recipes-devtools/dpkg/dpkg_1.18.4.bb b/meta/recipes-devtools/dpkg/dpkg_1.18.4.bb new file mode 100644 index 0000000000..7876944d6b --- /dev/null +++ b/meta/recipes-devtools/dpkg/dpkg_1.18.4.bb @@ -0,0 +1,20 @@ +require dpkg.inc +LIC_FILES_CHKSUM = "file://COPYING;md5=751419260aa954499f7abaabaa882bbe" + +SRC_URI_append_class-native =" file://glibc2.5-sync_file_range.patch " +SRC_URI += "file://noman.patch \ + file://remove-tar-no-timestamp.patch \ + file://fix-abs-redefine.patch \ + file://arch_pm.patch \ + file://dpkg-configure.service \ + file://add_armeb_triplet_entry.patch \ + file://0002-Adapt-to-linux-wrs-kernel-version-which-has-characte.patch \ + file://0003-Our-pre-postinsts-expect-D-to-be-set-when-running-in.patch \ + file://0004-The-lutimes-function-doesn-t-work-properly-for-all-s.patch \ + file://0005-dpkg-compiler.m4-remove-Wvla.patch \ + file://0006-add-musleabi-to-known-target-tripets.patch \ + " + +SRC_URI[md5sum] = "e95b513c89693f6ec3ab53b6b1c3defd" +SRC_URI[sha256sum] = "fe89243868888ce715bf45861f26264f767d4e4dbd0d6f1a26ce60bbbbf106da" + -- cgit 1.2.3-korg