diff options
Diffstat (limited to 'meta/recipes-support')
21 files changed, 113 insertions, 399 deletions
diff --git a/meta/recipes-support/bmap-tools/bmap-tools_3.4.bb b/meta/recipes-support/bmap-tools/bmap-tools_3.4.bb index 7454f9db75..70b6e91347 100644 --- a/meta/recipes-support/bmap-tools/bmap-tools_3.4.bb +++ b/meta/recipes-support/bmap-tools/bmap-tools_3.4.bb @@ -9,12 +9,12 @@ SECTION = "console/utils" LICENSE = "GPLv2" LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263" -SRC_URI = "git://github.com/01org/bmap-tools.git" +SRC_URI = "git://github.com/intel/bmap-tools.git" SRCREV = "9dad724104df265442226972a1e310813f9ffcba" S = "${WORKDIR}/git" -RDEPENDS_${PN} = "python-core python-compression python-mmap" +RDEPENDS_${PN} = "python3-core python3-compression python3-mmap python3-setuptools" inherit python3native inherit setuptools3 diff --git a/meta/recipes-support/boost/boost.inc b/meta/recipes-support/boost/boost.inc index f4ecc10a55..41fc90fb21 100644 --- a/meta/recipes-support/boost/boost.inc +++ b/meta/recipes-support/boost/boost.inc @@ -169,7 +169,7 @@ BJAM_OPTS = '${BOOST_PARALLEL_MAKE} -d+2 -q \ BJAM_OPTS_append_class-native = ' -sNO_BZIP2=1' # Adjust the build for x32 -BJAM_OPTS_append_linux-gnux32 = " abi=x32 address-model=64" +BJAM_OPTS_append_x86-x32 = " abi=x32 address-model=64" do_configure() { cp -f ${S}/boost/config/platform/linux.hpp ${S}/boost/config/platform/linux-gnueabi.hpp diff --git a/meta/recipes-support/ca-certificates/ca-certificates_20170717.bb b/meta/recipes-support/ca-certificates/ca-certificates_20170717.bb index 7d59fa6374..b92ece9663 100644 --- a/meta/recipes-support/ca-certificates/ca-certificates_20170717.bb +++ b/meta/recipes-support/ca-certificates/ca-certificates_20170717.bb @@ -16,7 +16,7 @@ PACKAGE_WRITE_DEPS += "openssl-native debianutils-native" SRCREV = "34b8e19e541b8af4076616b2e170c7a70cdaded0" -SRC_URI = "git://anonscm.debian.org/collab-maint/ca-certificates.git \ +SRC_URI = "git://salsa.debian.org/debian/ca-certificates.git;protocol=https \ file://0002-update-ca-certificates-use-SYSROOT.patch \ file://0001-update-ca-certificates-don-t-use-Debianisms-in-run-p.patch \ file://update-ca-certificates-support-Toybox.patch \ @@ -64,13 +64,14 @@ do_install_append_class-target () { ${D}${mandir}/man8/update-ca-certificates.8 } -pkg_postinst_${PN} () { +pkg_postinst_${PN}_class-target () { SYSROOT="$D" $D${sbindir}/update-ca-certificates } CONFFILES_${PN} += "${sysconfdir}/ca-certificates.conf" -# Postinsts don't seem to be run for nativesdk packages when populating SDKs. +# Rather than make a postinst script that works for both target and nativesdk, +# we just run update-ca-certificate from do_install() for nativesdk. CONFFILES_${PN}_append_class-nativesdk = " ${sysconfdir}/ssl/certs/ca-certificates.crt" do_install_append_class-nativesdk () { SYSROOT="${D}${SDKPATHNATIVE}" ${D}${sbindir}/update-ca-certificates diff --git a/meta/recipes-support/curl/curl/CVE-2017-1000099.patch b/meta/recipes-support/curl/curl/CVE-2017-1000099.patch deleted file mode 100644 index 96ff1b064b..0000000000 --- a/meta/recipes-support/curl/curl/CVE-2017-1000099.patch +++ /dev/null @@ -1,41 +0,0 @@ -From c9332fa5e84f24da300b42b1a931ade929d3e27d Mon Sep 17 00:00:00 2001 -From: Even Rouault <even.rouault@spatialys.com> -Date: Tue, 1 Aug 2017 17:17:06 +0200 -Subject: [PATCH] file: output the correct buffer to the user - -Regression brought by 7c312f84ea930d8 (April 2017) - -CVE: CVE-2017-1000099 - -Bug: https://curl.haxx.se/docs/adv_20170809C.html - -Credit to OSS-Fuzz for the discovery - -Upstream-Status: Backport -https://github.com/curl/curl/commit/c9332fa5e84f24da300b42b1a931ade929d3e27d - -Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com> ---- - lib/file.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/lib/file.c b/lib/file.c -index bd426eac2..666cbe75b 100644 ---- a/lib/file.c -+++ b/lib/file.c -@@ -499,11 +499,11 @@ static CURLcode file_do(struct connectdata *conn, bool *done) - Curl_month[tm->tm_mon], - tm->tm_year + 1900, - tm->tm_hour, - tm->tm_min, - tm->tm_sec); -- result = Curl_client_write(conn, CLIENTWRITE_BOTH, buf, 0); -+ result = Curl_client_write(conn, CLIENTWRITE_BOTH, header, 0); - if(!result) - /* set the file size to make it available post transfer */ - Curl_pgrsSetDownloadSize(data, expected_size); - return result; - } --- -2.13.3 - diff --git a/meta/recipes-support/curl/curl/CVE-2017-1000100.patch b/meta/recipes-support/curl/curl/CVE-2017-1000100.patch deleted file mode 100644 index f74f1dd896..0000000000 --- a/meta/recipes-support/curl/curl/CVE-2017-1000100.patch +++ /dev/null @@ -1,51 +0,0 @@ -From 358b2b131ad6c095696f20dcfa62b8305263f898 Mon Sep 17 00:00:00 2001 -From: Daniel Stenberg <daniel@haxx.se> -Date: Tue, 1 Aug 2017 17:16:46 +0200 -Subject: [PATCH] tftp: reject file name lengths that don't fit - -... and thereby avoid telling send() to send off more bytes than the -size of the buffer! - -CVE: CVE-2017-1000100 - -Bug: https://curl.haxx.se/docs/adv_20170809B.html -Reported-by: Even Rouault - -Credit to OSS-Fuzz for the discovery - -Upstream-Status: Backport -https://github.com/curl/curl/commit/358b2b131ad6c095696f20dcfa62b8305263f898 - -Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com> ---- - lib/tftp.c | 7 ++++++- - 1 file changed, 6 insertions(+), 1 deletion(-) - -diff --git a/lib/tftp.c b/lib/tftp.c -index 02bd842..f6f4bce 100644 ---- a/lib/tftp.c -+++ b/lib/tftp.c -@@ -5,7 +5,7 @@ - * | (__| |_| | _ <| |___ - * \___|\___/|_| \_\_____| - * -- * Copyright (C) 1998 - 2016, Daniel Stenberg, <daniel@haxx.se>, et al. -+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <daniel@haxx.se>, et al. - * - * This software is licensed as described in the file COPYING, which - * you should have received as part of this distribution. The terms -@@ -491,6 +491,11 @@ static CURLcode tftp_send_first(tftp_state_data_t *state, tftp_event_t event) - if(result) - return result; - -+ if(strlen(filename) > (state->blksize - strlen(mode) - 4)) { -+ failf(data, "TFTP file name too long\n"); -+ return CURLE_TFTP_ILLEGAL; /* too long file name field */ -+ } -+ - snprintf((char *)state->spacket.data+2, - state->blksize, - "%s%c%s%c", filename, '\0', mode, '\0'); --- -1.7.9.5 - diff --git a/meta/recipes-support/curl/curl/CVE-2017-1000101.patch b/meta/recipes-support/curl/curl/CVE-2017-1000101.patch deleted file mode 100644 index c300fff00c..0000000000 --- a/meta/recipes-support/curl/curl/CVE-2017-1000101.patch +++ /dev/null @@ -1,99 +0,0 @@ -From 453e7a7a03a2cec749abd3878a48e728c515cca7 Mon Sep 17 00:00:00 2001 -From: Daniel Stenberg <daniel@haxx.se> -Date: Tue, 1 Aug 2017 17:16:07 +0200 -Subject: [PATCH] glob: do not continue parsing after a strtoul() overflow - range - -Added test 1289 to verify. - -CVE: CVE-2017-1000101 - -Bug: https://curl.haxx.se/docs/adv_20170809A.html -Reported-by: Brian Carpenter - -Upstream-Status: Backport -https://github.com/curl/curl/commit/453e7a7a03a2cec749abd3878a48e728c515cca7 - -Rebase the tests/data/Makefile.inc changes for curl 7.54.1. - -Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com> ---- - src/tool_urlglob.c | 5 ++++- - tests/data/Makefile.inc | 2 +- - tests/data/test1289 | 35 +++++++++++++++++++++++++++++++++++ - 3 files changed, 40 insertions(+), 2 deletions(-) - create mode 100644 tests/data/test1289 - -diff --git a/src/tool_urlglob.c b/src/tool_urlglob.c -index 6b1ece0..d56dcd9 100644 ---- a/src/tool_urlglob.c -+++ b/src/tool_urlglob.c -@@ -273,7 +273,10 @@ static CURLcode glob_range(URLGlob *glob, char **patternp, - } - errno = 0; - max_n = strtoul(pattern, &endp, 10); -- if(errno || (*endp == ':')) { -+ if(errno) -+ /* overflow */ -+ endp = NULL; -+ else if(*endp == ':') { - pattern = endp+1; - errno = 0; - step_n = strtoul(pattern, &endp, 10); -diff --git a/tests/data/Makefile.inc b/tests/data/Makefile.inc -index 155320a..7adbee6 100644 ---- a/tests/data/Makefile.inc -+++ b/tests/data/Makefile.inc -@@ -132,7 +132,7 @@ test1252 test1253 test1254 test1255 test1256 test1257 test1258 test1259 \ - test1260 test1261 test1262 \ - \ - test1280 test1281 test1282 test1283 test1284 test1285 test1286 test1287 \ --test1288 \ -+test1288 test1289 \ - \ - test1300 test1301 test1302 test1303 test1304 test1305 test1306 test1307 \ - test1308 test1309 test1310 test1311 test1312 test1313 test1314 test1315 \ -diff --git a/tests/data/test1289 b/tests/data/test1289 -new file mode 100644 -index 0000000..d679cc0 ---- /dev/null -+++ b/tests/data/test1289 -@@ -0,0 +1,35 @@ -+<testcase> -+<info> -+<keywords> -+HTTP -+HTTP GET -+globbing -+</keywords> -+</info> -+ -+# -+# Server-side -+<reply> -+</reply> -+ -+# Client-side -+<client> -+<server> -+http -+</server> -+<name> -+globbing with overflow and bad syntxx -+</name> -+<command> -+http://ur%20[0-60000000000000000000 -+</command> -+</client> -+ -+# Verify data after the test has been "shot" -+<verify> -+# curl: (3) [globbing] bad range in column -+<errorcode> -+3 -+</errorcode> -+</verify> -+</testcase> --- -2.11.0 - diff --git a/meta/recipes-support/curl/curl/CVE-2017-1000254.patch b/meta/recipes-support/curl/curl/CVE-2017-1000254.patch deleted file mode 100644 index 2b0798b929..0000000000 --- a/meta/recipes-support/curl/curl/CVE-2017-1000254.patch +++ /dev/null @@ -1,138 +0,0 @@ -From 1b2eba6f9745c064f7283e0ada8f46df9d9d6e42 Mon Sep 17 00:00:00 2001 -From: Li Zhou <li.zhou@windriver.com> -Date: Mon, 23 Oct 2017 00:26:50 -0700 -Subject: [PATCH] FTP: zero terminate the entry path even on bad input - -... a single double quote could leave the entry path buffer without a zero -terminating byte. CVE-2017-1000254 - -Test 1152 added to verify. - -Reported-by: Max Dymond -Bug: https://curl.haxx.se/docs/adv_20171004.html - -Upstream-Status: Backport -CVE: CVE-2017-1000254 -Signed-off-by: Li Zhou <li.zhou@windriver.com> ---- - lib/ftp.c | 7 ++++-- - tests/data/Makefile.inc | 2 ++ - tests/data/test1152 | 61 +++++++++++++++++++++++++++++++++++++++++++++++++ - 3 files changed, 68 insertions(+), 2 deletions(-) - create mode 100644 tests/data/test1152 - -diff --git a/lib/ftp.c b/lib/ftp.c -index 5edec37..493dbf9 100644 ---- a/lib/ftp.c -+++ b/lib/ftp.c -@@ -2826,6 +2826,7 @@ static CURLcode ftp_statemach_act(struct connectdata *conn) - const size_t buf_size = data->set.buffer_size; - char *dir; - char *store; -+ bool entry_extracted = FALSE; - - dir = malloc(nread + 1); - if(!dir) -@@ -2857,7 +2858,7 @@ static CURLcode ftp_statemach_act(struct connectdata *conn) - } - else { - /* end of path */ -- *store = '\0'; /* zero terminate */ -+ entry_extracted = TRUE; - break; /* get out of this loop */ - } - } -@@ -2866,7 +2867,9 @@ static CURLcode ftp_statemach_act(struct connectdata *conn) - store++; - ptr++; - } -- -+ *store = '\0'; /* zero terminate */ -+ } -+ if(entry_extracted) { - /* If the path name does not look like an absolute path (i.e.: it - does not start with a '/'), we probably need some server-dependent - adjustments. For example, this is the case when connecting to -diff --git a/tests/data/Makefile.inc b/tests/data/Makefile.inc -index 7adbee6..5284654 100644 ---- a/tests/data/Makefile.inc -+++ b/tests/data/Makefile.inc -@@ -121,6 +121,8 @@ test1120 test1121 test1122 test1123 test1124 test1125 test1126 test1127 \ - test1128 test1129 test1130 test1131 test1132 test1133 test1134 test1135 \ - test1136 test1137 test1138 test1139 test1140 test1141 test1142 test1143 \ - test1144 test1145 test1146 \ -+test1152 \ -+\ - test1200 test1201 test1202 test1203 test1204 test1205 test1206 test1207 \ - test1208 test1209 test1210 test1211 test1212 test1213 test1214 test1215 \ - test1216 test1217 test1218 test1219 \ -diff --git a/tests/data/test1152 b/tests/data/test1152 -new file mode 100644 -index 0000000..aa8c0a7 ---- /dev/null -+++ b/tests/data/test1152 -@@ -0,0 +1,61 @@ -+<testcase> -+<info> -+<keywords> -+FTP -+PASV -+LIST -+</keywords> -+</info> -+# -+# Server-side -+<reply> -+<servercmd> -+REPLY PWD 257 "just one -+</servercmd> -+ -+# When doing LIST, we get the default list output hard-coded in the test -+# FTP server -+<data mode="text"> -+total 20 -+drwxr-xr-x 8 98 98 512 Oct 22 13:06 . -+drwxr-xr-x 8 98 98 512 Oct 22 13:06 .. -+drwxr-xr-x 2 98 98 512 May 2 1996 curl-releases -+-r--r--r-- 1 0 1 35 Jul 16 1996 README -+lrwxrwxrwx 1 0 1 7 Dec 9 1999 bin -> usr/bin -+dr-xr-xr-x 2 0 1 512 Oct 1 1997 dev -+drwxrwxrwx 2 98 98 512 May 29 16:04 download.html -+dr-xr-xr-x 2 0 1 512 Nov 30 1995 etc -+drwxrwxrwx 2 98 1 512 Oct 30 14:33 pub -+dr-xr-xr-x 5 0 1 512 Oct 1 1997 usr -+</data> -+</reply> -+ -+# -+# Client-side -+<client> -+<server> -+ftp -+</server> -+ <name> -+FTP with uneven quote in PWD response -+ </name> -+ <command> -+ftp://%HOSTIP:%FTPPORT/test-1152/ -+</command> -+</client> -+ -+# -+# Verify data after the test has been "shot" -+<verify> -+<protocol> -+USER anonymous -+PASS ftp@example.com -+PWD -+CWD test-1152 -+EPSV -+TYPE A -+LIST -+QUIT -+</protocol> -+</verify> -+</testcase> --- -2.11.0 - diff --git a/meta/recipes-support/curl/curl/reproducible-mkhelp.patch b/meta/recipes-support/curl/curl/reproducible-mkhelp.patch deleted file mode 100644 index 268bbebf09..0000000000 --- a/meta/recipes-support/curl/curl/reproducible-mkhelp.patch +++ /dev/null @@ -1,32 +0,0 @@ -From 1fe92fd3dd64c7228f6ff41e3fc16c4f2392471a Mon Sep 17 00:00:00 2001 -From: Juro Bystricky <juro.bystricky@intel.com> -Date: Fri, 27 Oct 2017 08:28:25 -0700 -Subject: mkhelp.pl: support reproducible build - -Do not generate line with the current date, such as: - -* Generation time: Tue Oct-24 18:01:41 2017 - -This will improve reproducibility. The generated string is only -part of a comment, so there should be no adverse consequences. - -Upstream-Status: Submitted [ https://github.com/curl/curl/pull/2026 ] - -Signed-off-by: Juro Bystricky <juro.bystricky@intel.com> - -diff --git a/src/mkhelp.pl b/src/mkhelp.pl -index 270daa2..757f024 100755 ---- a/src/mkhelp.pl -+++ b/src/mkhelp.pl -@@ -102,11 +102,9 @@ while(<READ>) { - } - close(READ); - --$now = localtime; - print <<HEAD - /* - * NEVER EVER edit this manually, fix the mkhelp.pl script instead! -- * Generation time: $now - */ - #ifdef USE_MANUAL - #include "tool_hugehelp.h" diff --git a/meta/recipes-support/curl/curl_7.54.1.bb b/meta/recipes-support/curl/curl_7.58.0.bb index 58f05316fe..d2d0180268 100644 --- a/meta/recipes-support/curl/curl_7.54.1.bb +++ b/meta/recipes-support/curl/curl_7.58.0.bb @@ -7,23 +7,16 @@ LIC_FILES_CHKSUM = "file://COPYING;beginline=8;md5=3a34942f4ae3fbf1a303160714e66 SRC_URI = "http://curl.haxx.se/download/curl-${PV}.tar.bz2 \ file://0001-replace-krb5-config-with-pkg-config.patch \ - file://CVE-2017-1000099.patch \ - file://CVE-2017-1000100.patch \ - file://CVE-2017-1000101.patch \ - file://CVE-2017-1000254.patch \ " -SRC_URI_append_class-target = " \ - file://reproducible-mkhelp.patch \ -" # curl likes to set -g0 in CFLAGS, so we stop it # from mucking around with debug options # SRC_URI += " file://configure_ac.patch" -SRC_URI[md5sum] = "6b6eb722f512e7a24855ff084f54fe55" -SRC_URI[sha256sum] = "fdfc4df2d001ee0c44ec071186e770046249263c491fcae48df0e1a3ca8f25a0" +SRC_URI[md5sum] = "fa049f9f90c1ae473a2a7bcfa14de976" +SRC_URI[sha256sum] = "1cb081f97807c01e3ed747b6e1c9fee7a01cb10048f1cd0b5f56cfe0209de731" CVE_PRODUCT = "libcurl" inherit autotools pkgconfig binconfig multilib_header @@ -41,7 +34,7 @@ PACKAGECONFIG[imap] = "--enable-imap,--disable-imap," PACKAGECONFIG[ipv6] = "--enable-ipv6,--disable-ipv6," PACKAGECONFIG[ldap] = "--enable-ldap,--disable-ldap," PACKAGECONFIG[ldaps] = "--enable-ldaps,--disable-ldaps," -PACKAGECONFIG[libidn] = "--with-libidn,--without-libidn,libidn" +PACKAGECONFIG[libidn] = "--with-libidn2,--without-libidn2,libidn2" PACKAGECONFIG[libssh2] = "--with-libssh2,--without-libssh2,libssh2" PACKAGECONFIG[pop3] = "--enable-pop3,--disable-pop3," PACKAGECONFIG[proxy] = "--enable-proxy,--disable-proxy," @@ -64,9 +57,6 @@ EXTRA_OECONF = " \ --without-libpsl \ " -do_install_append() { - oe_multilib_header curl/curlbuild.h -} do_install_append_class-target() { # cleanup buildpaths from curl-config diff --git a/meta/recipes-support/gnome-desktop-testing/gnome-desktop-testing/update-output-syntax.patch b/meta/recipes-support/gnome-desktop-testing/gnome-desktop-testing/update-output-syntax.patch index 5a178e2ef1..19c524b0ac 100644 --- a/meta/recipes-support/gnome-desktop-testing/gnome-desktop-testing/update-output-syntax.patch +++ b/meta/recipes-support/gnome-desktop-testing/gnome-desktop-testing/update-output-syntax.patch @@ -3,7 +3,7 @@ The terms `FAIL` instead of `FAILED` and `SKIP` instead of `SKIPPED` match what Automake does Upstream-Status: Accepted -[ https://git.gnome.org/browse/gnome-desktop-testing/commit/?id=048850731a640532ef55a61df7357fcc6d2ad501 ] +[ https://gitlab.gnome.org/GNOME/gnome-desktop-testing/commit/048850731a640532ef55a61df7357fcc6d2ad501 ] Signed-off-by: Maxin B. John <maxin.john@intel.com> --- diff --git a/meta/recipes-support/libmpc/libmpc_1.0.3.bb b/meta/recipes-support/libmpc/libmpc_1.0.3.bb index 4f1f5242fb..58813244ef 100644 --- a/meta/recipes-support/libmpc/libmpc_1.0.3.bb +++ b/meta/recipes-support/libmpc/libmpc_1.0.3.bb @@ -3,7 +3,7 @@ require libmpc.inc DEPENDS = "gmp mpfr" LIC_FILES_CHKSUM = "file://COPYING.LESSER;md5=e6a600fd5e1d9cbde2d983680233ad02" -SRC_URI = "http://www.multiprecision.org/mpc/download/mpc-${PV}.tar.gz" +SRC_URI = "https://ftp.gnu.org/gnu/mpc/mpc-${PV}.tar.gz" SRC_URI[md5sum] = "d6a1d5f8ddea3abd2cc3e98f58352d26" SRC_URI[sha256sum] = "617decc6ea09889fb08ede330917a00b16809b8db88c29c31bfbb49cbf88ecc3" diff --git a/meta/recipes-support/libnl/libnl/lib-check-for-integer-overflow-in-nlmsg_reserve.patch b/meta/recipes-support/libnl/libnl/lib-check-for-integer-overflow-in-nlmsg_reserve.patch new file mode 100644 index 0000000000..594dd0616a --- /dev/null +++ b/meta/recipes-support/libnl/libnl/lib-check-for-integer-overflow-in-nlmsg_reserve.patch @@ -0,0 +1,43 @@ +From 3e18948f17148e6a3c4255bdeaaf01ef6081ceeb Mon Sep 17 00:00:00 2001 +From: Thomas Haller <thaller@redhat.com> +Date: Mon, 6 Feb 2017 22:23:52 +0100 +Subject: [PATCH] lib: check for integer-overflow in nlmsg_reserve() + +In general, libnl functions are not robust against calling with +invalid arguments. Thus, never call libnl functions with invalid +arguments. In case of nlmsg_reserve() this means never provide +a @len argument that causes overflow. + +Still, add an additional safeguard to avoid exploiting such bugs. + +Assume that @pad is a trusted, small integer. +Assume that n->nm_size is a valid number of allocated bytes (and thus +much smaller then SIZE_T_MAX). +Assume, that @len may be set to an untrusted value. Then the patch +avoids an integer overflow resulting in reserving too few bytes. + +Upstream-Status: Backport [https://github.com/thom311/libnl/commit/3e18948f17148e6a3c4255bdeaaf01ef6081ceeb] +CVE: CVE-2017-0553 + +Signed-off-by: Andre McCurdy <armccurdy@gmail.com> +--- + lib/msg.c | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/lib/msg.c b/lib/msg.c +index 9af3f3a..3e27d4e 100644 +--- a/lib/msg.c ++++ b/lib/msg.c +@@ -411,6 +411,9 @@ void *nlmsg_reserve(struct nl_msg *n, size_t len, int pad) + size_t nlmsg_len = n->nm_nlh->nlmsg_len; + size_t tlen; + ++ if (len > n->nm_size) ++ return NULL; ++ + tlen = pad ? ((len + (pad - 1)) & ~(pad - 1)) : len; + + if ((tlen + nlmsg_len) > n->nm_size) +-- +1.9.1 + diff --git a/meta/recipes-support/libnl/libnl_3.2.29.bb b/meta/recipes-support/libnl/libnl_3.2.29.bb index 7d4839ba50..4ce80e871b 100644 --- a/meta/recipes-support/libnl/libnl_3.2.29.bb +++ b/meta/recipes-support/libnl/libnl_3.2.29.bb @@ -12,7 +12,9 @@ DEPENDS = "flex-native bison-native" SRC_URI = "https://github.com/thom311/${BPN}/releases/download/${BPN}${@d.getVar('PV').replace('.','_')}/${BP}.tar.gz \ file://fix-pktloc_syntax_h-race.patch \ file://fix-pc-file.patch \ + file://lib-check-for-integer-overflow-in-nlmsg_reserve.patch \ " + UPSTREAM_CHECK_URI = "https://github.com/thom311/${BPN}/releases" SRC_URI[md5sum] = "a8ba62a5c4f883f4e493a46d1f3733fe" diff --git a/meta/recipes-support/libpcre/libpcre_8.41.bb b/meta/recipes-support/libpcre/libpcre_8.41.bb index 0eaed1808a..0187c08f50 100644 --- a/meta/recipes-support/libpcre/libpcre_8.41.bb +++ b/meta/recipes-support/libpcre/libpcre_8.41.bb @@ -80,4 +80,8 @@ do_install_ptest() { for i in RunTest RunGrepTest test-driver; \ do cp ${S}/$i $t; \ done + # Skip the fr_FR locale test. If the locale fr_FR is found, it is tested. + # If not found, the test is skipped. The test program assumes fr_FR is non-UTF-8 + # locale so the test fails if fr_FR is UTF-8 locale. + sed -i -e 's:do3=yes:do3=no:g' ${D}${PTEST_PATH}/RunTest } diff --git a/meta/recipes-support/libunwind/libunwind.inc b/meta/recipes-support/libunwind/libunwind.inc index fc33786b9e..b9c532d3ad 100644 --- a/meta/recipes-support/libunwind/libunwind.inc +++ b/meta/recipes-support/libunwind/libunwind.inc @@ -5,14 +5,19 @@ LICENSE = "MIT" LIC_FILES_CHKSUM = "file://COPYING;beginline=3;md5=3fced11d6df719b47505837a51c16ae5" DEPENDS += "libatomic-ops" -inherit autotools +inherit autotools multilib_header PACKAGECONFIG ??= "" PACKAGECONFIG[lzma] = "--enable-minidebuginfo,--disable-minidebuginfo,xz" +PACKAGECONFIG[latexdocs] = "--enable-documentation, --disable-documentation, latex2man-native" EXTRA_OECONF_arm = "--enable-debug-frame" EXTRA_OECONF_aarch64 = "--enable-debug-frame" SECURITY_LDFLAGS_append_libc-musl = " -lssp_nonshared -lssp" +do_install_append () { + oe_multilib_header libunwind.h +} + BBCLASSEXTEND = "native" diff --git a/meta/recipes-support/libxslt/libxslt_1.1.29.bb b/meta/recipes-support/libxslt/libxslt_1.1.29.bb index d27c706602..5b11bc2287 100644 --- a/meta/recipes-support/libxslt/libxslt_1.1.29.bb +++ b/meta/recipes-support/libxslt/libxslt_1.1.29.bb @@ -8,7 +8,7 @@ LIC_FILES_CHKSUM = "file://Copyright;md5=0cd9a07afbeb24026c9b03aecfeba458" SECTION = "libs" DEPENDS = "libxml2" -SRC_URI = "ftp://xmlsoft.org/libxslt/libxslt-${PV}.tar.gz \ +SRC_URI = "http://xmlsoft.org/sources/libxslt-${PV}.tar.gz \ file://pkgconfig_fix.patch \ file://0001-Use-pkg-config-to-find-gcrypt-and-libxml2.patch \ file://0001-Link-libraries-with-libm.patch \ diff --git a/meta/recipes-support/lz4/lz4_1.7.4.bb b/meta/recipes-support/lz4/lz4_1.7.4.bb index 1e98c1bd4d..86a1ab9ab9 100644 --- a/meta/recipes-support/lz4/lz4_1.7.4.bb +++ b/meta/recipes-support/lz4/lz4_1.7.4.bb @@ -14,21 +14,14 @@ SRC_URI = "git://github.com/lz4/lz4.git \ file://0001-tests-Makefile-don-t-use-LIBDIR-as-variable.patch \ file://run-ptest \ " +UPSTREAM_CHECK_GITTAGREGEX = "v(?P<pver>.*)" S = "${WORKDIR}/git" -inherit ptest -EXTRA_OEMAKE = "PREFIX=${prefix} CC='${CC}' DESTDIR=${D} LIBDIR=${libdir} INCLUDEDIR=${includedir}" +EXTRA_OEMAKE = "PREFIX=${prefix} CC='${CC}' DESTDIR=${D} LIBDIR=${libdir} INCLUDEDIR=${includedir}" do_install() { oe_runmake install } -do_install_ptest () { - install -d ${D}${PTEST_PATH}/testsuite - cp -rf ${S}/* ${D}${PTEST_PATH}/testsuite -} - -RDEPENDS_${PN}-ptest += "make python3" - BBCLASSEXTEND = "native nativesdk" diff --git a/meta/recipes-support/mpfr/mpfr_3.1.5.bb b/meta/recipes-support/mpfr/mpfr_3.1.5.bb index 2d59c4a1be..1b56f2c066 100644 --- a/meta/recipes-support/mpfr/mpfr_3.1.5.bb +++ b/meta/recipes-support/mpfr/mpfr_3.1.5.bb @@ -5,7 +5,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=d32239bcb673463ab874e80d47fae504 \ file://COPYING.LESSER;md5=6a6a8e020838b23406c81b19c1d46df6" DEPENDS = "gmp" -SRC_URI = "http://www.mpfr.org/mpfr-${PV}/mpfr-${PV}.tar.xz \ +SRC_URI = "https://ftp.gnu.org/gnu/${BPN}/mpfr-${PV}.tar.xz \ file://long-long-thumb.patch \ " SRC_URI[md5sum] = "c4ac246cf9795a4491e7766002cd528f" diff --git a/meta/recipes-support/p11-kit/p11-kit/0001-LINGUAS-drop-the-languages-for-which-upstream-does-n.patch b/meta/recipes-support/p11-kit/p11-kit/0001-LINGUAS-drop-the-languages-for-which-upstream-does-n.patch new file mode 100644 index 0000000000..2fda9dfbb8 --- /dev/null +++ b/meta/recipes-support/p11-kit/p11-kit/0001-LINGUAS-drop-the-languages-for-which-upstream-does-n.patch @@ -0,0 +1,32 @@ +From c3aa4aae5e9f4adafd9e10d9466f1bc481e0aae6 Mon Sep 17 00:00:00 2001 +From: Alexander Kanavin <alex.kanavin@gmail.com> +Date: Wed, 31 Jan 2018 16:47:44 +0200 +Subject: [PATCH] LINGUAS: drop the languages for which upstream does not + supply .po files + +Regenerating them proved to be too painful. +Upstream has been notified: https://github.com/p11-glue/p11-kit/issues/127 + +Upstream-Status: Inappropriate [missing upstream distribution files] +Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> +--- + po/LINGUAS | 2 -- + 1 file changed, 2 deletions(-) + +diff --git a/po/LINGUAS b/po/LINGUAS +index 1fc4d53..e9cc5a7 100644 +--- a/po/LINGUAS ++++ b/po/LINGUAS +@@ -11,9 +11,7 @@ cy + da + de + el +-en@boldquot + en_GB +-en@quot + eo + es + es_CL +-- +2.15.1 + diff --git a/meta/recipes-support/p11-kit/p11-kit_0.22.1.bb b/meta/recipes-support/p11-kit/p11-kit_0.22.1.bb index 38fa09bf9a..57798f4020 100644 --- a/meta/recipes-support/p11-kit/p11-kit_0.22.1.bb +++ b/meta/recipes-support/p11-kit/p11-kit_0.22.1.bb @@ -2,14 +2,19 @@ SUMMARY = "Provides a way to load and enumerate PKCS#11 modules" LICENSE = "BSD" LIC_FILES_CHKSUM = "file://COPYING;md5=02933887f609807fbb57aa4237d14a50" -inherit autotools gettext pkgconfig upstream-version-is-even gtk-doc +inherit autotools gettext pkgconfig gtk-doc DEPENDS = "libtasn1 libffi" -SRC_URI = "http://p11-glue.freedesktop.org/releases/${BP}.tar.gz" -SRC_URI[md5sum] = "4e9bea1106628ffb820bdad24a819fac" -SRC_URI[sha256sum] = "ef3a339fcf6aa0e32c8c23f79ba7191e57312be2bda8b24e6d121c2670539a5c" +SRC_URI = "git://github.com/p11-glue/p11-kit \ + file://0001-LINGUAS-drop-the-languages-for-which-upstream-does-n.patch \ + " +SRCREV = "bfb3bd47aa48983f5349479bca598403097ff81c" +S = "${WORKDIR}/git" +# exclude odd minor versions, which are development releases +UPSTREAM_CHECK_GITTAGREGEX = "(?P<pver>\d+\.(\d*[02468])+(\.\d+)+)" +AUTOTOOLS_AUXDIR = "${S}/build/litter" EXTRA_OECONF = "--without-trust-paths" # This recipe does not use the standard gtk-doc m4 macros, and so the ./configure flags diff --git a/meta/recipes-support/popt/popt_1.16.bb b/meta/recipes-support/popt/popt_1.16.bb index 478288f9bf..377d108449 100644 --- a/meta/recipes-support/popt/popt_1.16.bb +++ b/meta/recipes-support/popt/popt_1.16.bb @@ -8,7 +8,7 @@ PR = "r3" DEPENDS = "virtual/libiconv" -SRC_URI = "http://rpm5.org/files/popt/popt-${PV}.tar.gz \ +SRC_URI = "https://fossies.org/linux/misc/popt-${PV}.tar.gz \ file://pkgconfig_fix.patch \ file://popt_fix_for_automake-1.12.patch \ file://disable_tests.patch \ |