diff options
Diffstat (limited to 'meta/recipes-extended/tar')
-rw-r--r-- | meta/recipes-extended/tar/tar-1.17/avoid_heap_overflow.patch | 22 | ||||
-rw-r--r-- | meta/recipes-extended/tar/tar-1.17/gcc43build.patch | 37 | ||||
-rw-r--r-- | meta/recipes-extended/tar/tar-1.17/m4extensions.patch | 30 | ||||
-rw-r--r-- | meta/recipes-extended/tar/tar/remove-gets.patch | 22 | ||||
-rw-r--r-- | meta/recipes-extended/tar/tar_1.17.bb | 14 | ||||
-rw-r--r-- | meta/recipes-extended/tar/tar_1.28.bb | 12 | ||||
-rw-r--r-- | meta/recipes-extended/tar/tar_1.34.bb (renamed from meta/recipes-extended/tar/tar.inc) | 34 |
7 files changed, 25 insertions, 146 deletions
diff --git a/meta/recipes-extended/tar/tar-1.17/avoid_heap_overflow.patch b/meta/recipes-extended/tar/tar-1.17/avoid_heap_overflow.patch deleted file mode 100644 index da2ae3cb0f..0000000000 --- a/meta/recipes-extended/tar/tar-1.17/avoid_heap_overflow.patch +++ /dev/null @@ -1,22 +0,0 @@ -Upstream-Status: Inappropriate [bugfix: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0624] - -This patch avoids heap overflow reported by : -http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0624 - -This is a clean patch for the GPLv2 tar recipe. - -Nitin A Kamble <nitin.a.kamble@intel.com> 2011/04/25 - -Index: tar-1.17/lib/rtapelib.c -=================================================================== ---- tar-1.17.orig/lib/rtapelib.c -+++ tar-1.17/lib/rtapelib.c -@@ -570,7 +570,7 @@ rmt_read__ (int handle, char *buffer, si - - sprintf (command_buffer, "R%lu\n", (unsigned long) length); - if (do_command (handle, command_buffer) == -1 -- || (status = get_status (handle)) == SAFE_READ_ERROR) -+ || ((status = get_status (handle)) == SAFE_READ_ERROR) || (status > length)) - return SAFE_READ_ERROR; - - for (counter = 0; counter < status; counter += rlen, buffer += rlen) diff --git a/meta/recipes-extended/tar/tar-1.17/gcc43build.patch b/meta/recipes-extended/tar/tar-1.17/gcc43build.patch deleted file mode 100644 index f8059a0a89..0000000000 --- a/meta/recipes-extended/tar/tar-1.17/gcc43build.patch +++ /dev/null @@ -1,37 +0,0 @@ -Upstream-Status: Inappropriate [licensing] - -# Fix errors when built with gcc 4.3 -# Patch taken from Debian bug #452096 - -diff -urN tar-1.17.orig/lib/argp-fmtstream.h tar-1.17/lib/argp-fmtstream.h ---- tar-1.17.orig/lib/argp-fmtstream.h 2006-01-11 12:24:05.000000000 -0800 -+++ tar-1.17/lib/argp-fmtstream.h 2010-07-22 22:36:12.000000000 -0700 -@@ -198,7 +198,11 @@ - #endif - - #ifndef ARGP_FS_EI --#define ARGP_FS_EI extern inline -+ #if defined __GNUC_STDC_INLINE__ -+ #define ARGP_FS_EI extern inline __attribute__((__gnu_inline__)) -+ #else -+ #define ARGP_FS_EI extern inline -+ #endif - #endif - - ARGP_FS_EI size_t -diff -urN tar-1.17.orig/lib/argp.h tar-1.17/lib/argp.h ---- tar-1.17.orig/lib/argp.h 2007-03-30 00:09:11.000000000 -0700 -+++ tar-1.17/lib/argp.h 2010-07-22 22:38:44.000000000 -0700 -@@ -580,7 +580,11 @@ - # endif - - # ifndef ARGP_EI --# define ARGP_EI extern __inline__ -+# if defined __GNUC_STDC_INLINE__ -+# define ARGP_EI extern __inline__ __attribute__((__gnu_inline__)) -+# else -+# define ARGP_EI extern __inline__ -+# endif - # endif - - ARGP_EI void diff --git a/meta/recipes-extended/tar/tar-1.17/m4extensions.patch b/meta/recipes-extended/tar/tar-1.17/m4extensions.patch deleted file mode 100644 index 30534c29ce..0000000000 --- a/meta/recipes-extended/tar/tar-1.17/m4extensions.patch +++ /dev/null @@ -1,30 +0,0 @@ -Upstream-Status: Inappropriate [licensing] - -# Define AC_USE_SYSTEM_EXTENSIONS only if it was previously undefined. -# This is needed to configure correctly with newer versions of autoconf. - ---- tar-1.17/m4/extensions.m4.orig 2010-07-22 22:21:35.000000000 -0700 -+++ tar-1.17/m4/extensions.m4 2010-07-22 22:23:41.000000000 -0700 -@@ -1,4 +1,4 @@ --# serial 4 -*- Autoconf -*- -+# serial 5 -*- Autoconf -*- - # Enable extensions on systems that normally disable them. - - # Copyright (C) 2003, 2006 Free Software Foundation, Inc. -@@ -16,6 +16,7 @@ - # ------------------------ - # Enable extensions on systems that normally disable them, - # typically due to standards-conformance issues. -+m4_ifdef([AC_USE_SYSTEM_EXTENSIONS], [], [ - AC_DEFUN([AC_USE_SYSTEM_EXTENSIONS], - [ - AC_BEFORE([$0], [AC_COMPILE_IFELSE]) -@@ -48,7 +49,7 @@ - AC_DEFINE([__EXTENSIONS__]) - AC_DEFINE([_POSIX_PTHREAD_SEMANTICS]) - AC_DEFINE([_TANDEM_SOURCE]) --]) -+])]) - - # gl_USE_SYSTEM_EXTENSIONS - # ------------------------ diff --git a/meta/recipes-extended/tar/tar/remove-gets.patch b/meta/recipes-extended/tar/tar/remove-gets.patch deleted file mode 100644 index 0b8be39eed..0000000000 --- a/meta/recipes-extended/tar/tar/remove-gets.patch +++ /dev/null @@ -1,22 +0,0 @@ -ISO C11 removes the specification of gets() from the C language, eglibc 2.16+ removed it - -Signed-off-by: Khem Raj <raj.khem@gmail.com> - -Upstream-Status: Pending -Index: tar-1.27/gnu/stdio.in.h -=================================================================== ---- tar-1.27.orig/gnu/stdio.in.h 2013-06-29 08:54:26.000000000 +0300 -+++ tar-1.27/gnu/stdio.in.h 2013-10-16 15:22:46.977204737 +0300 -@@ -710,10 +710,12 @@ - /* It is very rare that the developer ever has full control of stdin, - so any use of gets warrants an unconditional warning; besides, C11 - removed it. */ -+#if defined gets - #undef gets - #if HAVE_RAW_DECL_GETS - _GL_WARN_ON_USE (gets, "gets is a security hole - use fgets instead"); - #endif -+#endif - - - #if @GNULIB_OBSTACK_PRINTF@ || @GNULIB_OBSTACK_PRINTF_POSIX@ diff --git a/meta/recipes-extended/tar/tar_1.17.bb b/meta/recipes-extended/tar/tar_1.17.bb deleted file mode 100644 index b9ca2063df..0000000000 --- a/meta/recipes-extended/tar/tar_1.17.bb +++ /dev/null @@ -1,14 +0,0 @@ -require tar.inc - -LICENSE = "GPLv2" -LIC_FILES_CHKSUM = "file://COPYING;md5=59530bdf33659b29e73d4adb9f9f6552" - -PR = "r3" - -SRC_URI += "file://m4extensions.patch \ - file://gcc43build.patch \ - file://avoid_heap_overflow.patch \ - " - -SRC_URI[md5sum] = "c6c4f1c075dbf0f75c29737faa58f290" -SRC_URI[sha256sum] = "19f9021dda51a16295e4706e80870e71f87107675e51c176a491eba0fc4ca492" diff --git a/meta/recipes-extended/tar/tar_1.28.bb b/meta/recipes-extended/tar/tar_1.28.bb deleted file mode 100644 index 8816000399..0000000000 --- a/meta/recipes-extended/tar/tar_1.28.bb +++ /dev/null @@ -1,12 +0,0 @@ -require tar.inc - -PACKAGECONFIG ??= "" -PACKAGECONFIG[acl] = "--with-posix-acls, --without-posix-acls, acl," - -LICENSE = "GPLv3" -LIC_FILES_CHKSUM = "file://COPYING;md5=d32239bcb673463ab874e80d47fae504" - -SRC_URI += "file://remove-gets.patch \ - " -SRC_URI[md5sum] = "8f32b2bc1ed7ddf4cf4e4a39711341b0" -SRC_URI[sha256sum] = "60e4bfe0602fef34cd908d91cf638e17eeb09394d7b98c2487217dc4d3147562" diff --git a/meta/recipes-extended/tar/tar.inc b/meta/recipes-extended/tar/tar_1.34.bb index 93e4da114b..7307cd57a2 100644 --- a/meta/recipes-extended/tar/tar.inc +++ b/meta/recipes-extended/tar/tar_1.34.bb @@ -3,12 +3,24 @@ DESCRIPTION = "GNU tar saves many files together into a single tape \ or disk archive, and can restore individual files from the archive." HOMEPAGE = "http://www.gnu.org/software/tar/" SECTION = "base" +LICENSE = "GPL-3.0-only" +LIC_FILES_CHKSUM = "file://COPYING;md5=d32239bcb673463ab874e80d47fae504" SRC_URI = "${GNU_MIRROR}/tar/tar-${PV}.tar.bz2" +SRC_URI[sha256sum] = "b44cc67f8a1f6b0250b7c860e952b37e8ed932a90bd9b1862a511079255646ff" + inherit autotools gettext texinfo -EXTRA_OECONF += "DEFAULT_RMT_DIR=${base_sbindir}" +PACKAGECONFIG ??= "" +PACKAGECONFIG:append:class-target = " ${@bb.utils.filter('DISTRO_FEATURES', 'acl', d)}" + +PACKAGECONFIG[acl] = "--with-posix-acls,--without-posix-acls,acl" +PACKAGECONFIG[selinux] = "--with-selinux,--without-selinux,libselinux" + +EXTRA_OECONF += "DEFAULT_RMT_DIR=${sbindir}" + +CACHED_CONFIGUREVARS += "tar_cv_path_RSH=no" # Let aclocal use the relative path for the m4 file rather than the # absolute since tar has a lot of m4 files, otherwise there might @@ -21,7 +33,7 @@ do_install () { ln -s tar ${D}${bindir}/gtar } -do_install_append_class-target() { +do_install:append:class-target() { if [ "${base_bindir}" != "${bindir}" ]; then install -d ${D}${base_bindir} mv ${D}${bindir}/tar ${D}${base_bindir}/tar @@ -32,21 +44,25 @@ do_install_append_class-target() { PACKAGES =+ "${PN}-rmt" -FILES_${PN}-rmt = "${base_sbindir}/rmt*" +FILES:${PN}-rmt = "${sbindir}/rmt*" inherit update-alternatives ALTERNATIVE_PRIORITY = "100" -ALTERNATIVE_${PN} = "tar" -ALTERNATIVE_${PN}-rmt = "rmt" -ALTERNATIVE_${PN}_class-nativesdk = "" -ALTERNATIVE_${PN}-rmt_class-nativesdk = "" +ALTERNATIVE:${PN} = "tar" +ALTERNATIVE:${PN}-rmt = "rmt" +ALTERNATIVE:${PN}:class-nativesdk = "" +ALTERNATIVE:${PN}-rmt:class-nativesdk = "" ALTERNATIVE_LINK_NAME[tar] = "${base_bindir}/tar" -ALTERNATIVE_LINK_NAME[rmt] = "${base_sbindir}/rmt" +ALTERNATIVE_LINK_NAME[rmt] = "${sbindir}/rmt" -PROVIDES_append_class-native = " tar-replacement-native" +PROVIDES:append:class-native = " tar-replacement-native" NATIVE_PACKAGE_PATH_SUFFIX = "/${PN}" BBCLASSEXTEND = "native nativesdk" + +# Avoid false positives from CVEs in node-tar package +# For example CVE-2021-{32803,32804,37701,37712,37713} +CVE_PRODUCT = "gnu:tar" |