This is effectively updating to a development snapshot, would it be better to backport just the CVE fix like was just sent for dunfell?
Alex On Tue, 31 May 2022 at 16:16, Davide Gardenal <[email protected]> wrote: > > CVE: CVE-2022-29458 > > Signed-off-by: Davide Gardenal <[email protected]> > --- > meta/recipes-core/ncurses/ncurses.inc | 2 +- > .../ncurses/{ncurses_6.3.bb => ncurses_6.3+20220423.bb} | 4 ++-- > 2 files changed, 3 insertions(+), 3 deletions(-) > rename meta/recipes-core/ncurses/{ncurses_6.3.bb => ncurses_6.3+20220423.bb} > (77%) > > diff --git a/meta/recipes-core/ncurses/ncurses.inc > b/meta/recipes-core/ncurses/ncurses.inc > index 7a7c7dd227..1abcfae1fe 100644 > --- a/meta/recipes-core/ncurses/ncurses.inc > +++ b/meta/recipes-core/ncurses/ncurses.inc > @@ -2,7 +2,7 @@ SUMMARY = "The New Curses library" > DESCRIPTION = "SVr4 and XSI-Curses compatible curses library and terminfo > tools including tic, infocmp, captoinfo. Supports color, multiple highlights, > forms-drawing characters, and automatic recognition of keypad and > function-key sequences. Extensions include resizable windows and mouse > support on both xterm and Linux console using the gpm library." > HOMEPAGE = "http://www.gnu.org/software/ncurses/ncurses.html"; > LICENSE = "MIT" > -LIC_FILES_CHKSUM = > "file://COPYING;md5=9529289636145d1bf093c96af067695a;endline=27" > +LIC_FILES_CHKSUM = > "file://COPYING;md5=c5a4600fdef86384c41ca33ecc70a4b8;endline=27" > SECTION = "libs" > DEPENDS = "ncurses-native" > DEPENDS:class-native = "" > diff --git a/meta/recipes-core/ncurses/ncurses_6.3.bb > b/meta/recipes-core/ncurses/ncurses_6.3+20220423.bb > similarity index 77% > rename from meta/recipes-core/ncurses/ncurses_6.3.bb > rename to meta/recipes-core/ncurses/ncurses_6.3+20220423.bb > index f0256dad22..f67a3f5bf4 100644 > --- a/meta/recipes-core/ncurses/ncurses_6.3.bb > +++ b/meta/recipes-core/ncurses/ncurses_6.3+20220423.bb > @@ -5,10 +5,10 @@ SRC_URI += "file://0001-tic-hang.patch \ > > file://0003-gen-pkgconfig.in-Do-not-include-LDFLAGS-in-generated.patch \ > " > # commit id corresponds to the revision in package version > -SRCREV = "51d0fd9cc3edb975f04224f29f777f8f448e8ced" > +SRCREV = "a0bc708bc6954b5d3c0a38d92b683c3ec3135260" > S = "${WORKDIR}/git" > EXTRA_OECONF += "--with-abi-version=5" > UPSTREAM_CHECK_GITTAGREGEX = "(?P<pver>\d+(\.\d+)+)$" > > # This is needed when using patchlevel versions like 6.1+20181013 > -#CVE_VERSION = > "${@d.getVar("PV").split('+')[0]}.${@d.getVar("PV").split('+')[1]}" > +CVE_VERSION = > "${@d.getVar("PV").split('+')[0]}.${@d.getVar("PV").split('+')[1]}" > -- > 2.32.0 > > > >
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#166357): https://lists.openembedded.org/g/openembedded-core/message/166357 Mute This Topic: https://lists.openembedded.org/mt/91451965/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
