aboutsummaryrefslogtreecommitdiffstats
path: root/meta
diff options
context:
space:
mode:
Diffstat (limited to 'meta')
-rw-r--r--meta/recipes-support/libyaml/files/libyaml-CVE-2014-9130.patch33
-rw-r--r--meta/recipes-support/libyaml/libyaml_0.1.7.bb (renamed from meta/recipes-support/libyaml/libyaml_0.1.6.bb)5
2 files changed, 2 insertions, 36 deletions
diff --git a/meta/recipes-support/libyaml/files/libyaml-CVE-2014-9130.patch b/meta/recipes-support/libyaml/files/libyaml-CVE-2014-9130.patch
deleted file mode 100644
index 61fa7e5692e..00000000000
--- a/meta/recipes-support/libyaml/files/libyaml-CVE-2014-9130.patch
+++ /dev/null
@@ -1,33 +0,0 @@
-# HG changeset patch
-# User Kirill Simonov <xi@resolvent.net>
-# Date 1417197312 21600
-# Node ID 2b9156756423e967cfd09a61d125d883fca6f4f2
-# Parent 053f53a381ff6adbbc93a31ab7fdee06a16c8a33
-Removed invalid simple key assertion (thank to Jonathan Gray).
-
-The patch comes from
-
-https://bitbucket.org/xi/libyaml/commits/2b9156756423e967cfd09a61d125d883fca6f4f2
-
-Upstream-Status: Backport
-CVE: CVE-2014-9130
-
-Signed-off-by: Yue Tao <yue.tao@windriver.com>
-
-diff -r 053f53a381ff -r 2b9156756423 src/scanner.c
---- a/src/scanner.c Wed Mar 26 13:55:54 2014 -0500
-+++ b/src/scanner.c Fri Nov 28 11:55:12 2014 -0600
-@@ -1106,13 +1106,6 @@
- && parser->indent == (ptrdiff_t)parser->mark.column);
-
- /*
-- * A simple key is required only when it is the first token in the current
-- * line. Therefore it is always allowed. But we add a check anyway.
-- */
--
-- assert(parser->simple_key_allowed || !required); /* Impossible. */
--
-- /*
- * If the current position may start a simple key, save it.
- */
-
diff --git a/meta/recipes-support/libyaml/libyaml_0.1.6.bb b/meta/recipes-support/libyaml/libyaml_0.1.7.bb
index b0155774d24..5c422ef119c 100644
--- a/meta/recipes-support/libyaml/libyaml_0.1.6.bb
+++ b/meta/recipes-support/libyaml/libyaml_0.1.7.bb
@@ -8,11 +8,10 @@ LICENSE = "MIT"
LIC_FILES_CHKSUM = "file://LICENSE;md5=6015f088759b10e0bc2bf64898d4ae17"
SRC_URI = "http://pyyaml.org/download/libyaml/yaml-${PV}.tar.gz \
- file://libyaml-CVE-2014-9130.patch \
"
-SRC_URI[md5sum] = "5fe00cda18ca5daeb43762b80c38e06e"
-SRC_URI[sha256sum] = "7da6971b4bd08a986dd2a61353bc422362bd0edcc67d7ebaac68c95f74182749"
+SRC_URI[md5sum] = "1abf45bd3a96374fa55ca63b32f9f2f9"
+SRC_URI[sha256sum] = "8088e457264a98ba451a90b8661fcb4f9d6f478f7265d48322a196cec2480729"
S = "${WORKDIR}/yaml-${PV}"
generated by cgit 1.2.3-korg (git 2.39.0) at 2024-11-10 17:50:26 +0000