From: yzhu1 <[email protected]> When rpm makes header verification, rpm will send request to the extern server, this is a potential risk.
Signed-off-by: yzhu1 <[email protected]> --- .../rpm-macros.in-disable-external-key-server.patch | 21 +++++++++++++++++++++ meta/recipes-devtools/rpm/rpm_5.4.14.bb | 1 + 2 files changed, 22 insertions(+) create mode 100644 meta/recipes-devtools/rpm/rpm/rpm-macros.in-disable-external-key-server.patch diff --git a/meta/recipes-devtools/rpm/rpm/rpm-macros.in-disable-external-key-server.patch b/meta/recipes-devtools/rpm/rpm/rpm-macros.in-disable-external-key-server.patch new file mode 100644 index 0000000..206f258 --- /dev/null +++ b/meta/recipes-devtools/rpm/rpm/rpm-macros.in-disable-external-key-server.patch @@ -0,0 +1,21 @@ +disable external key server + +Upstream-Status: Pending + +When rpm makes header verification, rpm will send request to the +extern server, this is a potential risk. + +Signed-off-by: yzhu1 <[email protected]> +--- a/macros/macros.in ++++ b/macros/macros.in +@@ -546,8 +546,8 @@ $_arbitrary_tags_tests Foo:Bar + # Horowitz Key Protocol server configuration + # + #%_hkp_keyserver hkp://keys.n3npq.net +-%_hkp_keyserver hkp://pool.sks-keyservers.net +-%_hkp_keyserver_query %{_hkp_keyserver}/pks/lookup?op=get&search= ++#%_hkp_keyserver hkp://pool.sks-keyservers.net ++#%_hkp_keyserver_query %{_hkp_keyserver}/pks/lookup?op=get&search= + + + %_nssdb_path /etc/pki/nssdb diff --git a/meta/recipes-devtools/rpm/rpm_5.4.14.bb b/meta/recipes-devtools/rpm/rpm_5.4.14.bb index 75b1ae2..666a68e 100644 --- a/meta/recipes-devtools/rpm/rpm_5.4.14.bb +++ b/meta/recipes-devtools/rpm/rpm_5.4.14.bb @@ -92,6 +92,7 @@ SRC_URI = "http://www.rpm5.org/files/rpm/rpm-5.4/rpm-5.4.14-0.20131024.src.rpm;e file://rpm-realpath.patch \ file://0001-using-poptParseArgvString-to-parse-the-_gpg_check_pa.patch \ file://no-ldflags-in-pkgconfig.patch \ + file://rpm-macros.in-disable-external-key-server.patch \ " # Uncomment the following line to enable platform score debugging -- 1.9.1 -- _______________________________________________ Openembedded-core mailing list [email protected] http://lists.openembedded.org/mailman/listinfo/openembedded-core
