Re: [oe] [meta-oe][PATCH] fftw: Allow an empty package for fftw.
On Fri, Oct 21, 2016 at 4:05 PM, Philip Balisterwrote: > On 10/21/2016 01:08 PM, Khem Raj wrote: >> >>> On Oct 21, 2016, at 5:14 AM, Philip Balister wrote: >>> >>> The fftw-dev package RDEPENDS on the fftw package. Let the recipe create an >>> empty one to satisfy this requirement. >>> >>> Signed-off-by: Philip Balister >>> --- >>> meta-oe/recipes-support/fftw/fftw_3.3.4.bb | 2 ++ >>> 1 file changed, 2 insertions(+) >>> >>> diff --git a/meta-oe/recipes-support/fftw/fftw_3.3.4.bb >>> b/meta-oe/recipes-support/fftw/fftw_3.3.4.bb >>> index 0faaea1..0bb6cc2 100644 >>> --- a/meta-oe/recipes-support/fftw/fftw_3.3.4.bb >>> +++ b/meta-oe/recipes-support/fftw/fftw_3.3.4.bb >>> @@ -69,4 +69,6 @@ FILES_fftwl-wisdom = "${bindir}/fftwl-wisdom" >>> FILES_fftwf-wisdom = "${bindir}/fftwf-wisdom" >>> FILES_fftw-wisdom-to-conf = "${bindir}/fftw-wisdom-to-conf" >>> >>> +ALLOW_EMPTY_${PN}= “1" >> >> as Martin said >> >> RDEPENDS_${PN}-dev = “” >> >> should be done. > > It also RDEPENDS on libfftw libfftwf and libfftwl. > > Is there a way to remove just one entry in the RDEPENDS line? Need to > think through exactly what is going on. > uncoupling it like this will be take care of that too. -- ___ Openembedded-devel mailing list Openembedded-devel@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-devel
Re: [oe] [meta-qt5 PATCH] qmake5_paths.bbclass: Fix fonts installation path
That looks like the correct path to use, but how does this fix the problem? OE_QMAKE_PATH_QT_FONTS doesn't seem to used anywhere in meta-qt5 any more and probably should have been removed together with the font packaging bits. -samuli On 20.10.2016 19:53, Otavio Salvador wrote: Hello folks, On Thu, Oct 20, 2016 at 2:46 PM, Otavio Salvadorwrote: As Qt internal fonts (qtbase-fonts) are not included anymore, we need to rely on system fonts to work. All major distributions, as well as all recipes on OE-Core and Meta-OE, use ${datadir}/fonts as path so we adapt the value for use for Qt use as well. Signed-off-by: Otavio Salvador Please take a look at this. This fixes a customer which were trying to use morty with Qt Virtual Keyboard. -- ___ Openembedded-devel mailing list Openembedded-devel@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-devel
Re: [oe] [meta-oe][PATCH] fftw: Allow an empty package for fftw.
On 10/21/2016 01:08 PM, Khem Raj wrote: > >> On Oct 21, 2016, at 5:14 AM, Philip Balisterwrote: >> >> The fftw-dev package RDEPENDS on the fftw package. Let the recipe create an >> empty one to satisfy this requirement. >> >> Signed-off-by: Philip Balister >> --- >> meta-oe/recipes-support/fftw/fftw_3.3.4.bb | 2 ++ >> 1 file changed, 2 insertions(+) >> >> diff --git a/meta-oe/recipes-support/fftw/fftw_3.3.4.bb >> b/meta-oe/recipes-support/fftw/fftw_3.3.4.bb >> index 0faaea1..0bb6cc2 100644 >> --- a/meta-oe/recipes-support/fftw/fftw_3.3.4.bb >> +++ b/meta-oe/recipes-support/fftw/fftw_3.3.4.bb >> @@ -69,4 +69,6 @@ FILES_fftwl-wisdom = "${bindir}/fftwl-wisdom" >> FILES_fftwf-wisdom = "${bindir}/fftwf-wisdom" >> FILES_fftw-wisdom-to-conf = "${bindir}/fftw-wisdom-to-conf" >> >> +ALLOW_EMPTY_${PN}= “1" > > as Martin said > > RDEPENDS_${PN}-dev = “” > > should be done. It also RDEPENDS on libfftw libfftwf and libfftwl. Is there a way to remove just one entry in the RDEPENDS line? Need to think through exactly what is going on. Philip > >> + >> BBCLASSEXTEND = "native" >> -- >> 2.5.5 >> >> -- >> ___ >> Openembedded-devel mailing list >> Openembedded-devel@lists.openembedded.org >> http://lists.openembedded.org/mailman/listinfo/openembedded-devel > > > -- ___ Openembedded-devel mailing list Openembedded-devel@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-devel
Re: [oe] [meta-oe][PATCH] android-tools: fix native build
> On Oct 21, 2016, at 12:10 AM, Koen Kooiwrote: > > +# Find libbsd headers during native builds > +CC_append_class-native = " -I${STAGING_INCDIR}" > +CC_append_class-nativesdk = " -I${STAGING_INCDIR}" > + is CC the only option to be tweaked ? can it be done via CFLAGS or BUILD_CFLAGS and BUILDSDK_CFLAGS signature.asc Description: Message signed with OpenPGP using GPGMail -- ___ Openembedded-devel mailing list Openembedded-devel@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-devel
Re: [oe] [meta-oe][PATCH] fftw: Allow an empty package for fftw.
> On Oct 21, 2016, at 5:14 AM, Philip Balisterwrote: > > The fftw-dev package RDEPENDS on the fftw package. Let the recipe create an > empty one to satisfy this requirement. > > Signed-off-by: Philip Balister > --- > meta-oe/recipes-support/fftw/fftw_3.3.4.bb | 2 ++ > 1 file changed, 2 insertions(+) > > diff --git a/meta-oe/recipes-support/fftw/fftw_3.3.4.bb > b/meta-oe/recipes-support/fftw/fftw_3.3.4.bb > index 0faaea1..0bb6cc2 100644 > --- a/meta-oe/recipes-support/fftw/fftw_3.3.4.bb > +++ b/meta-oe/recipes-support/fftw/fftw_3.3.4.bb > @@ -69,4 +69,6 @@ FILES_fftwl-wisdom = "${bindir}/fftwl-wisdom" > FILES_fftwf-wisdom = "${bindir}/fftwf-wisdom" > FILES_fftw-wisdom-to-conf = "${bindir}/fftw-wisdom-to-conf" > > +ALLOW_EMPTY_${PN}= “1" as Martin said RDEPENDS_${PN}-dev = “” should be done. > + > BBCLASSEXTEND = "native" > -- > 2.5.5 > > -- > ___ > Openembedded-devel mailing list > Openembedded-devel@lists.openembedded.org > http://lists.openembedded.org/mailman/listinfo/openembedded-devel signature.asc Description: Message signed with OpenPGP using GPGMail -- ___ Openembedded-devel mailing list Openembedded-devel@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-devel
Re: [oe] [yocto] Attention all: patches for upstream source will be applied with stricter criteria for context
> On Oct 21, 2016, at 5:55 AM, Alexander Kanavin >wrote: > > Hello all, > > while updating gnutls to a newer version I came across a rather serious > issue: the way we patch source code is very lenient about the context for the > lines to be changed. Basically, it's enough for one line before and after the > changed line to match, because patch command's default setting for 'fuzz > factor' allows it. If these lines happen to be whitespace or braces, then > there's nothing to prevent the patch from being applied incorrectly. > > Here's a particularly nasty example of this happening completely silently > (compile step works fine too), with security implications: > https://bugzilla.yoctoproject.org/show_bug.cgi?id=10450 > > I think this absolutely needs to be fixed. The downside is that this will > break a lot of patches across all layers - after setting the fuzz to zero in > oe-core we have 87 recipes that fail to be patched. Maxin and I are currently > going through them one by one and getting them fixed. perhaps a list of the recipes, with steps to configure fuzz factor on wiki would enable other folks to fix them especially the recipe maintainers should care. > > Regards, > Alex > -- > ___ > yocto mailing list > yo...@yoctoproject.org > https://lists.yoctoproject.org/listinfo/yocto signature.asc Description: Message signed with OpenPGP using GPGMail -- ___ Openembedded-devel mailing list Openembedded-devel@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-devel
Re: [oe] [meta-oe][PATCH] fftw: Allow an empty package for fftw.
On Fri, Oct 21, 2016 at 08:14:16AM -0400, Philip Balister wrote: > The fftw-dev package RDEPENDS on the fftw package. Let the recipe create an > empty one to satisfy this requirement. Then remove RDEPENDS from fftw-dev package instead of installing completely useless empty package. > Signed-off-by: Philip Balister> --- > meta-oe/recipes-support/fftw/fftw_3.3.4.bb | 2 ++ > 1 file changed, 2 insertions(+) > > diff --git a/meta-oe/recipes-support/fftw/fftw_3.3.4.bb > b/meta-oe/recipes-support/fftw/fftw_3.3.4.bb > index 0faaea1..0bb6cc2 100644 > --- a/meta-oe/recipes-support/fftw/fftw_3.3.4.bb > +++ b/meta-oe/recipes-support/fftw/fftw_3.3.4.bb > @@ -69,4 +69,6 @@ FILES_fftwl-wisdom = "${bindir}/fftwl-wisdom" > FILES_fftwf-wisdom = "${bindir}/fftwf-wisdom" > FILES_fftw-wisdom-to-conf = "${bindir}/fftw-wisdom-to-conf" > > +ALLOW_EMPTY_${PN}= "1" > + > BBCLASSEXTEND = "native" > -- > 2.5.5 > > -- > ___ > Openembedded-devel mailing list > Openembedded-devel@lists.openembedded.org > http://lists.openembedded.org/mailman/listinfo/openembedded-devel -- Martin 'JaMa' Jansa jabber: martin.ja...@gmail.com signature.asc Description: Digital signature -- ___ Openembedded-devel mailing list Openembedded-devel@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-devel
Re: [oe] [PATCH] gd: Security Advisory CVE-2016-7568
On Fri, Oct 21, 2016 at 04:19:14PM +0800, Dengke Du wrote: > Backport patch to fix CVE-2016-7568 from gd upstream: > > > https://github.com/libgd/libgd/commit/2806adfdc27a94d333199345394d7c302952b95f > Doesn't apply, always rebase on latest master before sending (gd was last updated months ago). OE @ ~/meta-openembedded $ pwam 133109 2016-10-21 18:39:13 URL:https://patchwork.openembedded.org/patch/133109/mbox/ [2947] -> "pw-am-133109.patch" [1] Applying: gd: Security Advisory CVE-2016-7568 .git/rebase-apply/patch:37: space before tab in indent. quality = 80; .git/rebase-apply/patch:38: space before tab in indent. } .git/rebase-apply/patch:39: trailing whitespace. .git/rebase-apply/patch:48: space before tab in indent. argb = (uint8_t *)gdMalloc(gdImageSX(im) * 4 * gdImageSY(im)); .git/rebase-apply/patch:49: space before tab in indent. if (!argb) { error: patch failed: meta-oe/recipes-support/gd/gd_2.2.3.bb:15 error: meta-oe/recipes-support/gd/gd_2.2.3.bb: patch does not apply Patch failed at 0001 gd: Security Advisory CVE-2016-7568 The copy of the patch that failed is found in: .git/rebase-apply/patch When you have resolved this problem, run "git am --continue". If you prefer to skip this patch, run "git am --skip" instead. To restore the original branch and stop patching, run "git am --abort". OE @ ~/meta-openembedded $ patch -p1 < pw-am-133109.patch patching file meta-oe/recipes-support/gd/gd/0001-Fix-integer-overflow-in-gdImageWebpCtx.patch patching file meta-oe/recipes-support/gd/gd_2.2.3.bb Hunk #1 FAILED at 15. 1 out of 1 hunk FAILED -- saving rejects to file meta-oe/recipes-support/gd/gd_2.2.3.bb.rej OE @ ~/meta-openembedded $ cat meta-oe/recipes-support/gd/gd_2.2.3.bb.rej --- meta-oe/recipes-support/gd/gd_2.2.3.bb +++ meta-oe/recipes-support/gd/gd_2.2.3.bb @@ -15,6 +15,7 @@ DEPENDS = "freetype libpng jpeg zlib tiff" SRC_URI = "git://github.com/libgd/libgd.git;branch=GD-2.2 \ file://fix-gcc-unused-functions.patch \ file://disable-jpeg_read-test.patch \ + file://0001-Fix-integer-overflow-in-gdImageWebpCtx.patch \ " SRCREV = "46ceef5970bf3a847ff61d1bdde7501d66c11d0c" OE @ ~/meta-openembedded $ git log meta-oe/recipes-support/gd/gd_2.2.3.bb commit 289217bbc3c5c53f486ab5615a6d6196e3c12cf2 Author: Martin JansaDate: Thu Aug 18 18:53:48 2016 +0200 meta-oe: fix indentation * remove tabs which sneaked in since last cleanup * meta-oe layers are using consistent indentation with 4 spaces, see http://www.openembedded.org/wiki/Styleguide Signed-off-by: Martin Jansa > Signed-off-by: Dengke Du > --- > ...01-Fix-integer-overflow-in-gdImageWebpCtx.patch | 41 > ++ > meta-oe/recipes-support/gd/gd_2.2.3.bb | 1 + > 2 files changed, 42 insertions(+) > create mode 100644 > meta-oe/recipes-support/gd/gd/0001-Fix-integer-overflow-in-gdImageWebpCtx.patch > > diff --git > a/meta-oe/recipes-support/gd/gd/0001-Fix-integer-overflow-in-gdImageWebpCtx.patch > > b/meta-oe/recipes-support/gd/gd/0001-Fix-integer-overflow-in-gdImageWebpCtx.patch > new file mode 100644 > index 000..9967e23 > --- /dev/null > +++ > b/meta-oe/recipes-support/gd/gd/0001-Fix-integer-overflow-in-gdImageWebpCtx.patch > @@ -0,0 +1,41 @@ > +From 2806adfdc27a94d333199345394d7c302952b95f Mon Sep 17 00:00:00 2001 > +From: trylab > +Date: Tue, 6 Sep 2016 18:35:32 +0800 > +Subject: [PATCH] Fix integer overflow in gdImageWebpCtx > + > +Integer overflow can be happened in expression gdImageSX(im) * 4 * > +gdImageSY(im). It could lead to heap buffer overflow in the following > +code. This issue has been reported to the PHP Bug Tracking System. The > +proof-of-concept file will be supplied some days later. This issue was > +discovered by Ke Liu of Tencent's Xuanwu LAB. > + > +Upstream-Status: Backport > + > +CVE-2016-7568 > + > +--- > + src/gd_webp.c | 8 > + 1 file changed, 8 insertions(+) > + > +diff --git a/src/gd_webp.c b/src/gd_webp.c > +index 8eb4dee..9886399 100644 > +--- a/src/gd_webp.c > b/src/gd_webp.c > +@@ -199,6 +199,14 @@ BGD_DECLARE(void) gdImageWebpCtx (gdImagePtr im, > gdIOCtx * outfile, int quality) > + quality = 80; > + } > + > ++if (overflow2(gdImageSX(im), 4)) { > ++return; > ++} > ++ > ++if (overflow2(gdImageSX(im) * 4, gdImageSY(im))) { > ++return; > ++} > ++ > + argb = (uint8_t *)gdMalloc(gdImageSX(im) * 4 * gdImageSY(im)); > + if (!argb) { > + return; > +-- > +2.9.3 > + > diff --git a/meta-oe/recipes-support/gd/gd_2.2.3.bb > b/meta-oe/recipes-support/gd/gd_2.2.3.bb > index 9655e9c..f7d4f44 100644 > --- a/meta-oe/recipes-support/gd/gd_2.2.3.bb > +++ b/meta-oe/recipes-support/gd/gd_2.2.3.bb > @@ -15,6 +15,7 @@ DEPENDS = "freetype libpng jpeg zlib tiff" >
[oe] Attention all: patches for upstream source will be applied with stricter criteria for context
Hello all, while updating gnutls to a newer version I came across a rather serious issue: the way we patch source code is very lenient about the context for the lines to be changed. Basically, it's enough for one line before and after the changed line to match, because patch command's default setting for 'fuzz factor' allows it. If these lines happen to be whitespace or braces, then there's nothing to prevent the patch from being applied incorrectly. Here's a particularly nasty example of this happening completely silently (compile step works fine too), with security implications: https://bugzilla.yoctoproject.org/show_bug.cgi?id=10450 I think this absolutely needs to be fixed. The downside is that this will break a lot of patches across all layers - after setting the fuzz to zero in oe-core we have 87 recipes that fail to be patched. Maxin and I are currently going through them one by one and getting them fixed. Regards, Alex -- ___ Openembedded-devel mailing list Openembedded-devel@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-devel
[oe] [meta-oe][PATCH] fftw: Allow an empty package for fftw.
The fftw-dev package RDEPENDS on the fftw package. Let the recipe create an empty one to satisfy this requirement. Signed-off-by: Philip Balister--- meta-oe/recipes-support/fftw/fftw_3.3.4.bb | 2 ++ 1 file changed, 2 insertions(+) diff --git a/meta-oe/recipes-support/fftw/fftw_3.3.4.bb b/meta-oe/recipes-support/fftw/fftw_3.3.4.bb index 0faaea1..0bb6cc2 100644 --- a/meta-oe/recipes-support/fftw/fftw_3.3.4.bb +++ b/meta-oe/recipes-support/fftw/fftw_3.3.4.bb @@ -69,4 +69,6 @@ FILES_fftwl-wisdom = "${bindir}/fftwl-wisdom" FILES_fftwf-wisdom = "${bindir}/fftwf-wisdom" FILES_fftw-wisdom-to-conf = "${bindir}/fftw-wisdom-to-conf" +ALLOW_EMPTY_${PN}= "1" + BBCLASSEXTEND = "native" -- 2.5.5 -- ___ Openembedded-devel mailing list Openembedded-devel@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-devel
Re: [oe] [meta-qt5 PATCH] qmake5_paths.bbclass: Fix fonts installation path
On Fri, Oct 21, 2016 at 4:47 AM, Samuli Piippowrote: > That looks like the correct path to use, but how does this fix the problem? > OE_QMAKE_PATH_QT_FONTS doesn't seem to used anywhere in meta-qt5 any more > and probably should have been removed together with the font packaging bits. It did not fix it, indeed. We had a left over from a test so it hided the issue. We are checking it now. -- Otavio Salvador O.S. Systems http://www.ossystems.com.brhttp://code.ossystems.com.br Mobile: +55 (53) 9981-7854Mobile: +1 (347) 903-9750 -- ___ Openembedded-devel mailing list Openembedded-devel@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-devel
[oe] [meta-oe][PATCH] glmark2: Enabling c++ 11 features
When build with gcc5, Failed with below errors: | ../src/image-reader.cpp: In member function 'bool PNGReader::init(const string&)': | ../src/image-reader.cpp:123:16: error: 'unique_ptr' in namespace 'std' does not name a template type This change explicitly enables c++11 features, as code using them. Signed-off-by: Amarnath Valluri--- meta-oe/recipes-benchmark/glmark2/glmark2_git.bb | 3 +++ 1 file changed, 3 insertions(+) diff --git a/meta-oe/recipes-benchmark/glmark2/glmark2_git.bb b/meta-oe/recipes-benchmark/glmark2/glmark2_git.bb index 396ae70..a2558a7 100644 --- a/meta-oe/recipes-benchmark/glmark2/glmark2_git.bb +++ b/meta-oe/recipes-benchmark/glmark2/glmark2_git.bb @@ -28,6 +28,9 @@ PACKAGECONFIG ?= "${@bb.utils.contains('DISTRO_FEATURES', 'x11 opengl', 'x11-gl ${@bb.utils.contains('DISTRO_FEATURES', 'wayland opengl', 'wayland-gl wayland-gles2', '', d)} \ drm-gl drm-gles2" +# Enable C++11 features +CXXFLAGS += "-std=c++11" + PACKAGECONFIG[x11-gl] = ",,virtual/libgl virtual/libx11" PACKAGECONFIG[x11-gles2] = ",,virtual/libgles2 virtual/libx11" PACKAGECONFIG[drm-gl] = ",,virtual/libgl libdrm" -- 2.7.4 - Intel Finland Oy Registered Address: PL 281, 00181 Helsinki Business Identity Code: 0357606 - 4 Domiciled in Helsinki This e-mail and any attachments may contain confidential material for the sole use of the intended recipient(s). Any review or distribution by others is strictly prohibited. If you are not the intended recipient, please contact the sender and delete all copies. -- ___ Openembedded-devel mailing list Openembedded-devel@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-devel
[oe] [meta-networking][PATCH] c-ares: fix metadata
We should set SUMMARY instead of DESCRIPTION. Signed-off-by: André Draszik--- meta-networking/recipes-support/c-ares/c-ares_1.12.0.bb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta-networking/recipes-support/c-ares/c-ares_1.12.0.bb b/meta-networking/recipes-support/c-ares/c-ares_1.12.0.bb index da8e096..4e28d6a 100644 --- a/meta-networking/recipes-support/c-ares/c-ares_1.12.0.bb +++ b/meta-networking/recipes-support/c-ares/c-ares_1.12.0.bb @@ -1,6 +1,6 @@ # Copyright (c) 2012-2014 LG Electronics, Inc. -DESCRIPTION = "c-ares is a C library that resolves names asynchronously." +SUMMARY = "c-ares is a C library that resolves names asynchronously." HOMEPAGE = "http://daniel.haxx.se/projects/c-ares/; SECTION = "libs" LICENSE = "MIT" -- 2.9.3 -- ___ Openembedded-devel mailing list Openembedded-devel@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-devel
Re: [oe] [meta-networking][morty][PATCH] c-ares: fix CVE-2016-5180
This is just the backport for morty for the CVE... Shouldn't have to wait for master. Otherwise, I submitted a version update for master (which also includes this fix), if that's what you mean. So could indeed use that on morty, too. At least for me, updating to 1.12.0 didn't break other code... Up to you :-) Cheers, Andre' On Thu, 2016-10-20 at 16:38 -0700, akuster808 wrote: > On 10/20/16 3:33 PM, André Draszik wrote: > > Backport patch to fix CVE-2016-5180 from c-ares upstream: > > https://c-ares.haxx.se/adv_20160929.html > > awesome. Once this hits master I will pull it over. > > Thanks, > Armin > > > > Signed-off-by: André Draszik> > --- > > .../c-ares/c-ares/CVE-2016-5180.patch | 166 > > + > > .../recipes-support/c-ares/c-ares_1.11.0.bb| 1 + > > 2 files changed, 167 insertions(+) > > create mode 100644 meta-networking/recipes-support/c-ares/c-ares/CVE- > > 2016-5180.patch > > > > diff --git a/meta-networking/recipes-support/c-ares/c-ares/CVE-2016- > > 5180.patch b/meta-networking/recipes-support/c-ares/c-ares/CVE-2016- > > 5180.patch > > new file mode 100644 > > index 000..0b4fbb4 > > --- /dev/null > > +++ b/meta-networking/recipes-support/c-ares/c-ares/CVE-2016-5180.patch > > @@ -0,0 +1,166 @@ > > +From 115fe381c75147352d7a8d21aa3ffb85ca367219 Mon Sep 17 00:00:00 2001 > > +From: Daniel Stenberg > > +Date: Fri, 23 Sep 2016 14:44:11 +0200 > > +Subject: [PATCH] ares_create_query: avoid single-byte buffer overwrite > > + > > +... when the name ends with an escaped dot. > > + > > +CVE-2016-5180 > > + > > +Bug: https://c-ares.haxx.se/adv_20160929.html > > +--- > > +Upstream-Status: Backport [https://c-ares.haxx.se/adv_20160929.html] > > +CVE: CVE-2016-5180 > > +Signed-off-by: André Draszik > > + ares_create_query.c | 84 +-- > > -- > > + 1 file changed, 39 insertions(+), 45 deletions(-) > > + > > +diff --git a/ares_create_query.c b/ares_create_query.c > > +index a34dda7..7f4c52d 100644 > > +--- a/ares_create_query.c > > b/ares_create_query.c > > +@@ -83,61 +83,35 @@ > > + * label. The list is terminated by a label of length zero (which can > > + * be thought of as the root domain). > > + */ > > + > > + int ares_create_query(const char *name, int dnsclass, int type, > > +- unsigned short id, int rd, unsigned char **buf, > > +- int *buflen, int max_udp_size) > > ++ unsigned short id, int rd, unsigned char **bufp, > > ++ int *buflenp, int max_udp_size) > > + { > > +- int len; > > ++ size_t len; > > + unsigned char *q; > > + const char *p; > > ++ size_t buflen; > > ++ unsigned char *buf; > > + > > + /* Set our results early, in case we bail out early with an error. > > */ > > +- *buflen = 0; > > +- *buf = NULL; > > ++ *buflenp = 0; > > ++ *bufp = NULL; > > + > > +- /* Compute the length of the encoded name so we can check buflen. > > +- * Start counting at 1 for the zero-length label at the end. */ > > +- len = 1; > > +- for (p = name; *p; p++) > > +-{ > > +- if (*p == '\\' && *(p + 1) != 0) > > +-p++; > > +- len++; > > +-} > > +- /* If there are n periods in the name, there are n + 1 labels, and > > +- * thus n + 1 length fields, unless the name is empty or ends with a > > +- * period. So add 1 unless name is empty or ends with a period. > > ++ /* Allocate a memory area for the maximum size this packet might > > need. +2 > > ++ * is for the length byte and zero termination if no dots or > > ecscaping is > > ++ * used. > > +*/ > > +- if (*name && *(p - 1) != '.') > > +-len++; > > +- > > +- /* Immediately reject names that are longer than the maximum of 255 > > +- * bytes that's specified in RFC 1035 ("To simplify implementations, > > +- * the total length of a domain name (i.e., label octets and label > > +- * length octets) is restricted to 255 octets or less."). We aren't > > +- * doing this just to be a stickler about RFCs. For names that are > > +- * too long, 'dnscache' closes its TCP connection to us immediately > > +- * (when using TCP) and ignores the request when using UDP, and > > +- * BIND's named returns ServFail (TCP or UDP). Sending a request > > +- * that we know will cause 'dnscache' to close the TCP connection is > > +- * painful, since that makes any other outstanding requests on that > > +- * connection fail. And sending a UDP request that we know > > +- * 'dnscache' will ignore is bad because resources will be tied up > > +- * until we time-out the request. > > +- */ > > +- if (len > MAXCDNAME) > > +-return ARES_EBADNAME; > > +- > > +- *buflen = len + HFIXEDSZ + QFIXEDSZ + (max_udp_size ? EDNSFIXEDSZ : > > 0); > > +- *buf = ares_malloc(*buflen); > > +- if (!*buf) > > +- return ARES_ENOMEM; > > ++ len = strlen(name) + 2 + HFIXEDSZ +
Re: [oe] [meta-networking][PATCH] c-ares: update 1.11.0 -> 1.12.0
On Fri, 2016-10-21 at 15:23 +0800, Kang Kai wrote: > On 2016年10月21日 05:16, André Draszik wrote: > > Highlight: > > - fix CVE-2016-5180 > > > > Other changes, from https://c-ares.haxx.se/changelog.html > > > > c-ares version 1.12.0 - Sep 29 2016 > > Changes: > > api: add ARES_OPT_NOROTATE optmask value > > > > Bug fixes: > > CVE-2016-5180: ares_create_query single byte out of buffer write > > configure: acknowledge --disable-tests [1] > > man pages: fix typos detected by Lintian > > test: add missing #includes for dns-proto.cc > > test: avoid in6addr_* constants > > test: Build with MinGW on AppVeyor > > Makefile.m32: add support for extra flags > > Makefile.m32: add support for CROSSPREFIX > > configure: check if tests can get built before enabled > > ares_library_cleanup: reset ares_realloc too > > ahost.c: add cast to fix C++ compile > > test: Only pass unused args to GoogleTest > > build: commonize MSVC version detection > > msvc_ver.inc: support Visual Studio 2015 Update 1, 2, 3 > > test: for AF_UNSPEC, return CNAME only for , but valid A record > > ares_getnameinfo: explicitly clear struct servent before use > > test: Update fuzzing function prototype > > init: fix nsort initialization > > test: add fuzzing check script to tests > > web: http => https > > read_tcp_data: remove superfluous NULL check > > LICENSE.md: add a stand-alone license file > > SECURITY.md: suggested "security process" for the project > > ares_init_options: only propagate init failures from options [2] > > headers: remove checks for and defines of variable sizes > > test: fix gMock to work with gcc >= 6.x [3] > > > > Signed-off-by: André Draszik> > --- > > .../recipes-support/c-ares/{c-ares_1.11.0.bb => c- > > ares_1.12.0.bb} | 4 ++-- > > 1 file changed, 2 insertions(+), 2 deletions(-) > > rename meta-networking/recipes-support/c-ares/{c-ares_1.11.0.bb => c- > > ares_1.12.0.bb} (76%) > > > > diff --git a/meta-networking/recipes-support/c-ares/c-ares_1.11.0.bb > > b/meta-networking/recipes-support/c-ares/c-ares_1.12.0.bb > > similarity index 76% > > rename from meta-networking/recipes-support/c-ares/c-ares_1.11.0.bb > > rename to meta-networking/recipes-support/c-ares/c-ares_1.12.0.bb > > index c98be7d..8b63972 100644 > > --- a/meta-networking/recipes-support/c-ares/c-ares_1.11.0.bb > > +++ b/meta-networking/recipes-support/c-ares/c-ares_1.12.0.bb > > @@ -9,7 +9,7 @@ LIC_FILES_CHKSUM = "file://ares_init.c;beginline=1;endli > > ne=3;md5=53f5ecf4c22c37c > > A stand-alone license file is added. It is better to update > LIC_FILES_CHKSUM. You're right. Thanks. Sent v2 Cheers, Andre' > > --Kai > > > SRC_URI = "http://c-ares.haxx.se/download/${BP}.tar.gz \ > > file://0001-configure.ac-don-t-override-passed-cflags.patch > > \ > > " > > -SRC_URI[md5sum] = "d5c6d522cfc54bb6f215a0b7912d46be" > > -SRC_URI[sha256sum] = > > "b3612e6617d9682928a1d50c1040de4db6519f977f0b25d40cf1b632900b3efd" > > +SRC_URI[md5sum] = "2ca44be1715cd2c5666a165d35788424" > > +SRC_URI[sha256sum] = > > "8692f9403cdcdf936130e045c84021665118ee9bfea905d1a76f04d4e6f365fb" > > > > inherit autotools pkgconfig > > -- ___ Openembedded-devel mailing list Openembedded-devel@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-devel
[oe] [meta-networking][PATCH v2] c-ares: update 1.11.0 -> 1.12.0
Highlight: - fix CVE-2016-5180 Other changes, from https://c-ares.haxx.se/changelog.html c-ares version 1.12.0 - Sep 29 2016 Changes: api: add ARES_OPT_NOROTATE optmask value Bug fixes: CVE-2016-5180: ares_create_query single byte out of buffer write configure: acknowledge --disable-tests [1] man pages: fix typos detected by Lintian test: add missing #includes for dns-proto.cc test: avoid in6addr_* constants test: Build with MinGW on AppVeyor Makefile.m32: add support for extra flags Makefile.m32: add support for CROSSPREFIX configure: check if tests can get built before enabled ares_library_cleanup: reset ares_realloc too ahost.c: add cast to fix C++ compile test: Only pass unused args to GoogleTest build: commonize MSVC version detection msvc_ver.inc: support Visual Studio 2015 Update 1, 2, 3 test: for AF_UNSPEC, return CNAME only for , but valid A record ares_getnameinfo: explicitly clear struct servent before use test: Update fuzzing function prototype init: fix nsort initialization test: add fuzzing check script to tests web: http => https read_tcp_data: remove superfluous NULL check LICENSE.md: add a stand-alone license file SECURITY.md: suggested "security process" for the project ares_init_options: only propagate init failures from options [2] headers: remove checks for and defines of variable sizes test: fix gMock to work with gcc >= 6.x [3] Signed-off-by: André Draszik--- .../recipes-support/c-ares/{c-ares_1.11.0.bb => c-ares_1.12.0.bb} | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) rename meta-networking/recipes-support/c-ares/{c-ares_1.11.0.bb => c-ares_1.12.0.bb} (60%) diff --git a/meta-networking/recipes-support/c-ares/c-ares_1.11.0.bb b/meta-networking/recipes-support/c-ares/c-ares_1.12.0.bb similarity index 60% rename from meta-networking/recipes-support/c-ares/c-ares_1.11.0.bb rename to meta-networking/recipes-support/c-ares/c-ares_1.12.0.bb index c98be7d..da8e096 100644 --- a/meta-networking/recipes-support/c-ares/c-ares_1.11.0.bb +++ b/meta-networking/recipes-support/c-ares/c-ares_1.12.0.bb @@ -4,12 +4,12 @@ DESCRIPTION = "c-ares is a C library that resolves names asynchronously." HOMEPAGE = "http://daniel.haxx.se/projects/c-ares/; SECTION = "libs" LICENSE = "MIT" -LIC_FILES_CHKSUM = "file://ares_init.c;beginline=1;endline=3;md5=53f5ecf4c22c37cf1ddd1ef8f8eccce0" +LIC_FILES_CHKSUM = "file://LICENSE.md;md5=f4b026880834eb01c035c5e5cb47ccac" SRC_URI = "http://c-ares.haxx.se/download/${BP}.tar.gz \ file://0001-configure.ac-don-t-override-passed-cflags.patch \ " -SRC_URI[md5sum] = "d5c6d522cfc54bb6f215a0b7912d46be" -SRC_URI[sha256sum] = "b3612e6617d9682928a1d50c1040de4db6519f977f0b25d40cf1b632900b3efd" +SRC_URI[md5sum] = "2ca44be1715cd2c5666a165d35788424" +SRC_URI[sha256sum] = "8692f9403cdcdf936130e045c84021665118ee9bfea905d1a76f04d4e6f365fb" inherit autotools pkgconfig -- 2.9.3 -- ___ Openembedded-devel mailing list Openembedded-devel@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-devel
[oe] [PATCH] gd: Security Advisory CVE-2016-7568
Backport patch to fix CVE-2016-7568 from gd upstream: https://github.com/libgd/libgd/commit/2806adfdc27a94d333199345394d7c302952b95f Signed-off-by: Dengke Du--- ...01-Fix-integer-overflow-in-gdImageWebpCtx.patch | 41 ++ meta-oe/recipes-support/gd/gd_2.2.3.bb | 1 + 2 files changed, 42 insertions(+) create mode 100644 meta-oe/recipes-support/gd/gd/0001-Fix-integer-overflow-in-gdImageWebpCtx.patch diff --git a/meta-oe/recipes-support/gd/gd/0001-Fix-integer-overflow-in-gdImageWebpCtx.patch b/meta-oe/recipes-support/gd/gd/0001-Fix-integer-overflow-in-gdImageWebpCtx.patch new file mode 100644 index 000..9967e23 --- /dev/null +++ b/meta-oe/recipes-support/gd/gd/0001-Fix-integer-overflow-in-gdImageWebpCtx.patch @@ -0,0 +1,41 @@ +From 2806adfdc27a94d333199345394d7c302952b95f Mon Sep 17 00:00:00 2001 +From: trylab +Date: Tue, 6 Sep 2016 18:35:32 +0800 +Subject: [PATCH] Fix integer overflow in gdImageWebpCtx + +Integer overflow can be happened in expression gdImageSX(im) * 4 * +gdImageSY(im). It could lead to heap buffer overflow in the following +code. This issue has been reported to the PHP Bug Tracking System. The +proof-of-concept file will be supplied some days later. This issue was +discovered by Ke Liu of Tencent's Xuanwu LAB. + +Upstream-Status: Backport + +CVE-2016-7568 + +--- + src/gd_webp.c | 8 + 1 file changed, 8 insertions(+) + +diff --git a/src/gd_webp.c b/src/gd_webp.c +index 8eb4dee..9886399 100644 +--- a/src/gd_webp.c b/src/gd_webp.c +@@ -199,6 +199,14 @@ BGD_DECLARE(void) gdImageWebpCtx (gdImagePtr im, gdIOCtx * outfile, int quality) + quality = 80; + } + ++ if (overflow2(gdImageSX(im), 4)) { ++ return; ++ } ++ ++ if (overflow2(gdImageSX(im) * 4, gdImageSY(im))) { ++ return; ++ } ++ + argb = (uint8_t *)gdMalloc(gdImageSX(im) * 4 * gdImageSY(im)); + if (!argb) { + return; +-- +2.9.3 + diff --git a/meta-oe/recipes-support/gd/gd_2.2.3.bb b/meta-oe/recipes-support/gd/gd_2.2.3.bb index 9655e9c..f7d4f44 100644 --- a/meta-oe/recipes-support/gd/gd_2.2.3.bb +++ b/meta-oe/recipes-support/gd/gd_2.2.3.bb @@ -15,6 +15,7 @@ DEPENDS = "freetype libpng jpeg zlib tiff" SRC_URI = "git://github.com/libgd/libgd.git;branch=GD-2.2 \ file://fix-gcc-unused-functions.patch \ file://disable-jpeg_read-test.patch \ + file://0001-Fix-integer-overflow-in-gdImageWebpCtx.patch \ " SRCREV = "46ceef5970bf3a847ff61d1bdde7501d66c11d0c" -- 2.7.4 -- ___ Openembedded-devel mailing list Openembedded-devel@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-devel
Re: [oe] [meta-networking][PATCH] c-ares: update 1.11.0 -> 1.12.0
On 2016年10月21日 05:16, André Draszik wrote: Highlight: - fix CVE-2016-5180 Other changes, from https://c-ares.haxx.se/changelog.html c-ares version 1.12.0 - Sep 29 2016 Changes: api: add ARES_OPT_NOROTATE optmask value Bug fixes: CVE-2016-5180: ares_create_query single byte out of buffer write configure: acknowledge --disable-tests [1] man pages: fix typos detected by Lintian test: add missing #includes for dns-proto.cc test: avoid in6addr_* constants test: Build with MinGW on AppVeyor Makefile.m32: add support for extra flags Makefile.m32: add support for CROSSPREFIX configure: check if tests can get built before enabled ares_library_cleanup: reset ares_realloc too ahost.c: add cast to fix C++ compile test: Only pass unused args to GoogleTest build: commonize MSVC version detection msvc_ver.inc: support Visual Studio 2015 Update 1, 2, 3 test: for AF_UNSPEC, return CNAME only for , but valid A record ares_getnameinfo: explicitly clear struct servent before use test: Update fuzzing function prototype init: fix nsort initialization test: add fuzzing check script to tests web: http => https read_tcp_data: remove superfluous NULL check LICENSE.md: add a stand-alone license file SECURITY.md: suggested "security process" for the project ares_init_options: only propagate init failures from options [2] headers: remove checks for and defines of variable sizes test: fix gMock to work with gcc >= 6.x [3] Signed-off-by: André Draszik--- .../recipes-support/c-ares/{c-ares_1.11.0.bb => c-ares_1.12.0.bb} | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) rename meta-networking/recipes-support/c-ares/{c-ares_1.11.0.bb => c-ares_1.12.0.bb} (76%) diff --git a/meta-networking/recipes-support/c-ares/c-ares_1.11.0.bb b/meta-networking/recipes-support/c-ares/c-ares_1.12.0.bb similarity index 76% rename from meta-networking/recipes-support/c-ares/c-ares_1.11.0.bb rename to meta-networking/recipes-support/c-ares/c-ares_1.12.0.bb index c98be7d..8b63972 100644 --- a/meta-networking/recipes-support/c-ares/c-ares_1.11.0.bb +++ b/meta-networking/recipes-support/c-ares/c-ares_1.12.0.bb @@ -9,7 +9,7 @@ LIC_FILES_CHKSUM = "file://ares_init.c;beginline=1;endline=3;md5=53f5ecf4c22c37c A stand-alone license file is added. It is better to update LIC_FILES_CHKSUM. --Kai SRC_URI = "http://c-ares.haxx.se/download/${BP}.tar.gz \ file://0001-configure.ac-don-t-override-passed-cflags.patch \ " -SRC_URI[md5sum] = "d5c6d522cfc54bb6f215a0b7912d46be" -SRC_URI[sha256sum] = "b3612e6617d9682928a1d50c1040de4db6519f977f0b25d40cf1b632900b3efd" +SRC_URI[md5sum] = "2ca44be1715cd2c5666a165d35788424" +SRC_URI[sha256sum] = "8692f9403cdcdf936130e045c84021665118ee9bfea905d1a76f04d4e6f365fb" inherit autotools pkgconfig -- Regards, Neil | Kai Kang -- ___ Openembedded-devel mailing list Openembedded-devel@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-devel
Re: [oe] [meta-networking][PATCH] c-ares: 1.11.0 -> 1.12.0
On 2016年10月21日 14:46, kai.k...@windriver.com wrote: From: Kai KangUpgrade c-ares from 1.11.0 to 1.12.0. * update LIC_FILES_CHKSUM that a stand-alone license file is added Didn't see André Draszik's patch to upgrade c-ares. So please ignore it. --Kai * CVE-2016-5180 is fixed in 1.12.0 Signed-off-by: Kai Kang --- .../recipes-support/c-ares/{c-ares_1.11.0.bb => c-ares_1.12.0.bb} | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) rename meta-networking/recipes-support/c-ares/{c-ares_1.11.0.bb => c-ares_1.12.0.bb} (60%) diff --git a/meta-networking/recipes-support/c-ares/c-ares_1.11.0.bb b/meta-networking/recipes-support/c-ares/c-ares_1.12.0.bb similarity index 60% rename from meta-networking/recipes-support/c-ares/c-ares_1.11.0.bb rename to meta-networking/recipes-support/c-ares/c-ares_1.12.0.bb index c98be7d..da8e096 100644 --- a/meta-networking/recipes-support/c-ares/c-ares_1.11.0.bb +++ b/meta-networking/recipes-support/c-ares/c-ares_1.12.0.bb @@ -4,12 +4,12 @@ DESCRIPTION = "c-ares is a C library that resolves names asynchronously." HOMEPAGE = "http://daniel.haxx.se/projects/c-ares/; SECTION = "libs" LICENSE = "MIT" -LIC_FILES_CHKSUM = "file://ares_init.c;beginline=1;endline=3;md5=53f5ecf4c22c37cf1ddd1ef8f8eccce0" +LIC_FILES_CHKSUM = "file://LICENSE.md;md5=f4b026880834eb01c035c5e5cb47ccac" SRC_URI = "http://c-ares.haxx.se/download/${BP}.tar.gz \ file://0001-configure.ac-don-t-override-passed-cflags.patch \ " -SRC_URI[md5sum] = "d5c6d522cfc54bb6f215a0b7912d46be" -SRC_URI[sha256sum] = "b3612e6617d9682928a1d50c1040de4db6519f977f0b25d40cf1b632900b3efd" +SRC_URI[md5sum] = "2ca44be1715cd2c5666a165d35788424" +SRC_URI[sha256sum] = "8692f9403cdcdf936130e045c84021665118ee9bfea905d1a76f04d4e6f365fb" inherit autotools pkgconfig -- Regards, Neil | Kai Kang -- ___ Openembedded-devel mailing list Openembedded-devel@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-devel
[oe] [meta-oe][PATCH] android-tools: fix native build
* Find libbsd headers when building natively * Disable tools that needs sys/capability.h when building natively * Enhance do_install to work when some tools are disabled Signed-off-by: Koen Kooi--- .../android-tools/android-tools_5.1.1.r37.bb | 59 +++--- 1 file changed, 40 insertions(+), 19 deletions(-) diff --git a/meta-oe/recipes-devtools/android-tools/android-tools_5.1.1.r37.bb b/meta-oe/recipes-devtools/android-tools/android-tools_5.1.1.r37.bb index 2dbddf1..1769b6a 100644 --- a/meta-oe/recipes-devtools/android-tools/android-tools_5.1.1.r37.bb +++ b/meta-oe/recipes-devtools/android-tools/android-tools_5.1.1.r37.bb @@ -65,6 +65,16 @@ do_unpack_extra() { addtask unpack_extra after do_unpack before do_patch +# Find libbsd headers during native builds +CC_append_class-native = " -I${STAGING_INCDIR}" +CC_append_class-nativesdk = " -I${STAGING_INCDIR}" + +TOOLS = "adb fastboot ext4_utils mkbootimg adbd" + +# Adb needs sys/capability.h, which is not available for native* +TOOLS_class-native = "fastboot ext4_utils mkbootimg" +TOOLS_class-nativesdk = "fastboot ext4_utils mkbootimg" + do_compile() { # Setting both variables below causing our makefiles to not work with # implicit make rules @@ -91,31 +101,42 @@ do_compile() { ;; esac -tools="adb fastboot ext4_utils mkbootimg adbd" -for tool in ${tools}; do +for tool in ${TOOLS}; do mkdir -p ${B}/${tool} oe_runmake -f ${B}/${tool}.mk -C ${B}/${tool} done } do_install() { -install -D -p -m0755 ${S}/system/core/libsparse/simg_dump.py ${D}${bindir}/simg_dump -install -D -p -m0755 ${S}/system/extras/ext4_utils/mkuserimg.sh ${D}${bindir}/mkuserimg - -install -m0755 ${B}/ext4_utils/ext2simg ${D}${bindir} -install -m0755 ${B}/ext4_utils/ext4fixup ${D}${bindir} -install -m0755 ${B}/ext4_utils/img2simg ${D}${bindir} -install -m0755 ${B}/ext4_utils/make_ext4fs ${D}${bindir} -install -m0755 ${B}/ext4_utils/simg2img ${D}${bindir} -install -m0755 ${B}/ext4_utils/simg2simg ${D}${bindir} - -install -m0755 ${B}/adb/adb ${D}${bindir} -install -m0755 ${B}/adbd/adbd ${D}${bindir} -install -m0755 ${B}/fastboot/fastboot ${D}${bindir} -install -m0755 ${B}/mkbootimg/mkbootimg ${D}${bindir} - -install -D -p -m0644 ${WORKDIR}/android-tools-adbd.service \ - ${D}${systemd_unitdir}/system/android-tools-adbd.service +if [ grep -q "ext4_utils" "${TOOLS}" ] ; then +install -D -p -m0755 ${S}/system/core/libsparse/simg_dump.py ${D}${bindir}/simg_dump +install -D -p -m0755 ${S}/system/extras/ext4_utils/mkuserimg.sh ${D}${bindir}/mkuserimg + +install -m0755 ${B}/ext4_utils/ext2simg ${D}${bindir} +install -m0755 ${B}/ext4_utils/ext4fixup ${D}${bindir} +install -m0755 ${B}/ext4_utils/img2simg ${D}${bindir} +install -m0755 ${B}/ext4_utils/make_ext4fs ${D}${bindir} +install -m0755 ${B}/ext4_utils/simg2img ${D}${bindir} +install -m0755 ${B}/ext4_utils/simg2simg ${D}${bindir} +fi + +if [ grep -q "adb " "${TOOLS}" ] ; then +install -m0755 ${B}/adb/adb ${D}${bindir}i +fi + +if [ grep -q "adbd" "${TOOLS}" ] ; then +install -m0755 ${B}/adbd/adbd ${D}${bindir} +install -D -p -m0644 ${WORKDIR}/android-tools-adbd.service \ + ${D}${systemd_unitdir}/system/android-tools-adbd.service +fi + +if [ grep -q "fastboot" "${TOOLS}" ] ; then +install -m0755 ${B}/fastboot/fastboot ${D}${bindir} +fi + +if [ grep -q "mkbootimg" "${TOOLS}" ] ; then + install -m0755 ${B}/mkbootimg/mkbootimg ${D}${bindir} +fi } PACKAGES += "${PN}-fstools" -- 2.4.11 -- ___ Openembedded-devel mailing list Openembedded-devel@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-devel
[oe] [meta-networking][PATCH] c-ares: 1.11.0 -> 1.12.0
From: Kai KangUpgrade c-ares from 1.11.0 to 1.12.0. * update LIC_FILES_CHKSUM that a stand-alone license file is added * CVE-2016-5180 is fixed in 1.12.0 Signed-off-by: Kai Kang --- .../recipes-support/c-ares/{c-ares_1.11.0.bb => c-ares_1.12.0.bb} | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) rename meta-networking/recipes-support/c-ares/{c-ares_1.11.0.bb => c-ares_1.12.0.bb} (60%) diff --git a/meta-networking/recipes-support/c-ares/c-ares_1.11.0.bb b/meta-networking/recipes-support/c-ares/c-ares_1.12.0.bb similarity index 60% rename from meta-networking/recipes-support/c-ares/c-ares_1.11.0.bb rename to meta-networking/recipes-support/c-ares/c-ares_1.12.0.bb index c98be7d..da8e096 100644 --- a/meta-networking/recipes-support/c-ares/c-ares_1.11.0.bb +++ b/meta-networking/recipes-support/c-ares/c-ares_1.12.0.bb @@ -4,12 +4,12 @@ DESCRIPTION = "c-ares is a C library that resolves names asynchronously." HOMEPAGE = "http://daniel.haxx.se/projects/c-ares/; SECTION = "libs" LICENSE = "MIT" -LIC_FILES_CHKSUM = "file://ares_init.c;beginline=1;endline=3;md5=53f5ecf4c22c37cf1ddd1ef8f8eccce0" +LIC_FILES_CHKSUM = "file://LICENSE.md;md5=f4b026880834eb01c035c5e5cb47ccac" SRC_URI = "http://c-ares.haxx.se/download/${BP}.tar.gz \ file://0001-configure.ac-don-t-override-passed-cflags.patch \ " -SRC_URI[md5sum] = "d5c6d522cfc54bb6f215a0b7912d46be" -SRC_URI[sha256sum] = "b3612e6617d9682928a1d50c1040de4db6519f977f0b25d40cf1b632900b3efd" +SRC_URI[md5sum] = "2ca44be1715cd2c5666a165d35788424" +SRC_URI[sha256sum] = "8692f9403cdcdf936130e045c84021665118ee9bfea905d1a76f04d4e6f365fb" inherit autotools pkgconfig -- 2.10.1 -- ___ Openembedded-devel mailing list Openembedded-devel@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-devel
[oe] [meta-systemd][PATCH] dhcp_%.bbappend: fix replaces original key warning
Use ${PN} rather than dhcp to keep align with oe-core to fix: WARNING: oe-core/meta/recipes-connectivity/dhcp/dhcp_4.3.4.bb: Variable key SYSTEMD_AUTO_ENABLE_${PN}-client (enable) replaces original key SYSTEMD_AUTO_ENABLE_dhcp-client (disable). WARNING: oe-core/meta/recipes-connectivity/dhcp/dhcp_4.3.4.bb: Variable key SYSTEMD_SERVICE_${PN}-client (dhclient.service) replaces original key SYSTEMD_SERVICE_dhcp-client (dhclient.service). Signed-off-by: Robert Yang--- meta-systemd/oe-core/recipes-connectivity/dhcp/dhcp_%.bbappend | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/meta-systemd/oe-core/recipes-connectivity/dhcp/dhcp_%.bbappend b/meta-systemd/oe-core/recipes-connectivity/dhcp/dhcp_%.bbappend index 94d7bd6..9c7d93f 100644 --- a/meta-systemd/oe-core/recipes-connectivity/dhcp/dhcp_%.bbappend +++ b/meta-systemd/oe-core/recipes-connectivity/dhcp/dhcp_%.bbappend @@ -2,8 +2,8 @@ FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}:" SYSTEMD_PACKAGES += "dhcp-client" -SYSTEMD_SERVICE_dhcp-client = "dhclient.service" -SYSTEMD_AUTO_ENABLE_dhcp-client = "disable" +SYSTEMD_SERVICE_${PN}-client = "dhclient.service" +SYSTEMD_AUTO_ENABLE_${PN}-client = "disable" FILES_${PN}-client += "${systemd_unitdir}/system/dhclient.service" RPROVIDES_dhcp-server += "dhcp-server-systemd" -- 2.9.0 -- ___ Openembedded-devel mailing list Openembedded-devel@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-devel