diff options
author | Patrick Williams <patrick@stwcx.xyz> | 2016-08-17 14:31:25 -0500 |
---|---|---|
committer | Patrick Williams <patrick@stwcx.xyz> | 2016-08-22 16:43:26 +0000 |
commit | 60f9d69e016b11c468c98ea75ba0a60c44afbbc4 (patch) | |
tree | ecb49581a9e41a37943c22cd9ef3f63451b20ee7 /import-layers/yocto-poky/meta/recipes-support/libxslt | |
parent | e18c61205e0234b03697129c20cc69c9b3940efc (diff) | |
download | talos-openbmc-60f9d69e016b11c468c98ea75ba0a60c44afbbc4.tar.gz talos-openbmc-60f9d69e016b11c468c98ea75ba0a60c44afbbc4.zip |
yocto-poky: Move to import-layers subdir
We are going to import additional layers, so create a subdir to
hold all of the layers that we import with git-subtree.
Change-Id: I6f732153a22be8ca663035c518837e3cc5ec0799
Signed-off-by: Patrick Williams <patrick@stwcx.xyz>
Diffstat (limited to 'import-layers/yocto-poky/meta/recipes-support/libxslt')
4 files changed, 226 insertions, 0 deletions
diff --git a/import-layers/yocto-poky/meta/recipes-support/libxslt/libxslt/CVE-2015-7995.patch b/import-layers/yocto-poky/meta/recipes-support/libxslt/libxslt/CVE-2015-7995.patch new file mode 100644 index 000000000..f4113efba --- /dev/null +++ b/import-layers/yocto-poky/meta/recipes-support/libxslt/libxslt/CVE-2015-7995.patch @@ -0,0 +1,34 @@ +From 7ca19df892ca22d9314e95d59ce2abdeff46b617 Mon Sep 17 00:00:00 2001 +From: Daniel Veillard <veillard@redhat.com> +Date: Thu, 29 Oct 2015 19:33:23 +0800 +Subject: Fix for type confusion in preprocessing attributes + +CVE-2015-7995 http://www.openwall.com/lists/oss-security/2015/10/27/10 +We need to check that the parent node is an element before dereferencing +its namespace + +Upstream-Status: Backport +CVE: CVE-2015-7995 + +https://git.gnome.org/browse/libxslt/commit/?id=7ca19df892ca22d9314e95d59ce2abdeff46b617 + +Signed-off-by: Armin Kuster <akuster@mvista.com> + +--- + libxslt/preproc.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +Index: libxslt-1.1.28/libxslt/preproc.c +=================================================================== +--- libxslt-1.1.28.orig/libxslt/preproc.c ++++ libxslt-1.1.28/libxslt/preproc.c +@@ -2245,7 +2245,8 @@ xsltStylePreCompute(xsltStylesheetPtr st + } else if (IS_XSLT_NAME(inst, "attribute")) { + xmlNodePtr parent = inst->parent; + +- if ((parent == NULL) || (parent->ns == NULL) || ++ if ((parent == NULL) || ++ (parent->type != XML_ELEMENT_NODE) || (parent->ns == NULL) || + ((parent->ns != inst->ns) && + (!xmlStrEqual(parent->ns->href, inst->ns->href))) || + (!xmlStrEqual(parent->name, BAD_CAST "attribute-set"))) { diff --git a/import-layers/yocto-poky/meta/recipes-support/libxslt/libxslt/pkgconfig.patch b/import-layers/yocto-poky/meta/recipes-support/libxslt/libxslt/pkgconfig.patch new file mode 100644 index 000000000..89d14c944 --- /dev/null +++ b/import-layers/yocto-poky/meta/recipes-support/libxslt/libxslt/pkgconfig.patch @@ -0,0 +1,118 @@ +Use pkg-config to find gcrypt and libxml2. + +Upstream-Status: Pending [libxml2 is upstreamable] + +RP 2014/5/22 + +Index: libxslt-1.1.28/configure.in +=================================================================== +--- libxslt-1.1.28.orig/configure.in 2014-05-13 16:46:02.278474967 +0000 ++++ libxslt-1.1.28/configure.in 2014-05-13 16:53:56.510472561 +0000 +@@ -376,6 +376,8 @@ + AC_SUBST(PYTHON_SUBDIR) + AC_SUBST(PYTHON_LIBS) + ++PKG_PROG_PKG_CONFIG ++ + AC_ARG_WITH(crypto, [ --with-crypto Add crypto support to exslt (on)]) + WITH_CRYPTO=0 + if test "$with_crypto" = "no" ; then +@@ -391,26 +393,13 @@ + WITH_CRYPTO=1 + ;; + *) +- AC_PATH_PROG(LIBGCRYPT_CONFIG, libgcrypt-config, no) +- if test "$LIBGCRYPT_CONFIG" != "no" ; then +- LIBGCRYPT_VERSION=`$LIBGCRYPT_CONFIG --version` +- if test VERSION_TO_NUMBER(echo $LIBGCRYPT_VERSION) -lt VERSION_TO_NUMBER(echo "1.1.42") +- then +- LIBGCRYPT_CFLAGS="" +- LIBGCRYPT_LIBS="" +- echo 'gcrypt library version < 1.1.42 - Crypto extensions will not be available.' +- else +- LIBGCRYPT_CFLAGS=`$LIBGCRYPT_CONFIG $libgcrypt_config_args --cflags` +- LIBGCRYPT_LIBS=`$LIBGCRYPT_CONFIG $libgcrypt_config_args --libs` +- AC_DEFINE(HAVE_GCRYPT, 1, [Define if gcrypt library is available.]) +- echo 'Crypto extensions will be available.' ++ PKG_CHECK_MODULES(LIBGCRYPT, [libgcrypt >= 1.1.42], [ ++ AC_DEFINE(HAVE_GCRYPT, 1, [Define if gcrypt library is available.]) ++ echo 'Crypto extensions will be available.' + WITH_CRYPTO=1 +- fi +- else +- LIBGCRYPT_CFLAGS="" +- LIBGCRYPT_LIBS="" +- echo 'Crypto extensions will not be available. Install libgcrypt and reconfigure to make available.' +- fi ++ ], [ ++ echo 'Crypto extensions will not be available. Install libgcrypt >= 1.1.42 and reconfigure to make available.' ++ ]) + esac + fi + AC_SUBST(WITH_CRYPTO) +@@ -471,24 +460,8 @@ + dnl some tweaking - David Härdeman 30/10/2001 + dnl + +-LIBXML_CONFIG_PREFIX="" + LIBXML_SRC="" + +-AC_ARG_WITH(libxml-prefix, +- [ --with-libxml-prefix=[PFX] Specify location of libxml config], +- LIBXML_CONFIG_PREFIX=$withval +-) +- +-AC_ARG_WITH(libxml-include-prefix, +- [ --with-libxml-include-prefix=[PFX] Specify location of libxml headers], +- LIBXML_CFLAGS="-I$withval" +-) +- +-AC_ARG_WITH(libxml-libs-prefix, +- [ --with-libxml-libs-prefix=[PFX] Specify location of libxml libs], +- LIBXML_LIBS="-L$withval" +-) +- + AC_ARG_WITH(libxml-src, + [ --with-libxml-src=[DIR] For libxml thats not installed yet (sets all three above)], + LIBXML_SRC="$withval" +@@ -551,28 +524,9 @@ + fi + fi + +-dnl +-dnl make sure xml2-config is executable, +-dnl test version and init our variables +-dnl +- +-if ${XML_CONFIG} --libs print > /dev/null 2>&1 +-then +- XMLVERS=`$XML_CONFIG --version` +- if test VERSION_TO_NUMBER(echo $XMLVERS) -ge VERSION_TO_NUMBER(echo $LIBXML_REQUIRED_VERSION) +- then +- AC_MSG_RESULT($XMLVERS found) +- else +- AC_MSG_ERROR(Version $XMLVERS found. You need at least libxml2 $LIBXML_REQUIRED_VERSION for this version of libxslt) +- fi +- LIBXML_LIBS="$LIBXML_LIBS `$XML_CONFIG --libs`" +- if test "x$LIBXML_SRC" = "x"; then +- LIBXML_CFLAGS="$LIBXML_CFLAGS `$XML_CONFIG --cflags`" +- fi +-else +- AC_MSG_ERROR([Could not find libxml2 anywhere, check ftp://xmlsoft.org/.]) +-fi +- ++PKG_CHECK_MODULES(LIBXML, [libxml-2.0 >= $LIBXML_REQUIRED_VERSION],, ++ [AC_MSG_ERROR([Could not find libxml-2.0 >= $LIBXML_REQUIRED_VERSION anywhere, check ftp://xmlsoft.org/.])] ++) + + AC_SUBST(CFLAGS) + AC_SUBST(CPPFLAGS) +@@ -597,7 +551,7 @@ + + if test "$with_plugins" = "yes" ; then + AC_MSG_CHECKING([libxml2 module support]) +- WITH_MODULES="`$XML_CONFIG --modules`" ++ WITH_MODULES="`$PKG_CONFIG --variable=modules libxml-2.0`" + if test "${WITH_MODULES}" = "1"; then + AC_MSG_RESULT(yes) + else diff --git a/import-layers/yocto-poky/meta/recipes-support/libxslt/libxslt/pkgconfig_fix.patch b/import-layers/yocto-poky/meta/recipes-support/libxslt/libxslt/pkgconfig_fix.patch new file mode 100644 index 000000000..16a801010 --- /dev/null +++ b/import-layers/yocto-poky/meta/recipes-support/libxslt/libxslt/pkgconfig_fix.patch @@ -0,0 +1,24 @@ +Upstream-Status: Inappropriate [configuration] + +Index: libxslt-1.1.27/libexslt.pc.in +=================================================================== +--- libxslt-1.1.27.orig/libexslt.pc.in ++++ libxslt-1.1.27/libexslt.pc.in +@@ -8,5 +8,5 @@ Name: libexslt + Version: @LIBEXSLT_VERSION@ + Description: EXSLT Extension library + Requires: libxml-2.0 +-Libs: @EXSLT_LIBDIR@ @EXSLT_LIBS@ ++Libs: -lexslt @EXSLT_LIBDIR@ @EXSLT_LIBS@ + Cflags: @EXSLT_INCLUDEDIR@ +Index: libxslt-1.1.27/libxslt.pc.in +=================================================================== +--- libxslt-1.1.27.orig/libxslt.pc.in ++++ libxslt-1.1.27/libxslt.pc.in +@@ -8,5 +8,5 @@ Name: libxslt + Version: @VERSION@ + Description: XSLT library version 2. + Requires: libxml-2.0 +-Libs: @XSLT_LIBDIR@ @XSLT_LIBS@ @EXTRA_LIBS@ ++Libs: -lxslt @XSLT_LIBDIR@ @XSLT_LIBS@ @EXTRA_LIBS@ + Cflags: @XSLT_INCLUDEDIR@ diff --git a/import-layers/yocto-poky/meta/recipes-support/libxslt/libxslt_1.1.28.bb b/import-layers/yocto-poky/meta/recipes-support/libxslt/libxslt_1.1.28.bb new file mode 100644 index 000000000..23ac599de --- /dev/null +++ b/import-layers/yocto-poky/meta/recipes-support/libxslt/libxslt_1.1.28.bb @@ -0,0 +1,50 @@ +SUMMARY = "GNOME XSLT library" +HOMEPAGE = "http://xmlsoft.org/XSLT/" +BUGTRACKER = "https://bugzilla.gnome.org/" + +LICENSE = "MIT" +LIC_FILES_CHKSUM = "file://Copyright;md5=0cd9a07afbeb24026c9b03aecfeba458" + +SECTION = "libs" +DEPENDS = "libxml2" + +SRC_URI = "ftp://xmlsoft.org/libxslt/libxslt-${PV}.tar.gz \ + file://pkgconfig_fix.patch \ + file://pkgconfig.patch \ + file://CVE-2015-7995.patch" + +SRC_URI[md5sum] = "9667bf6f9310b957254fdcf6596600b7" +SRC_URI[sha256sum] = "5fc7151a57b89c03d7b825df5a0fae0a8d5f05674c0e7cf2937ecec4d54a028c" + +UPSTREAM_CHECK_REGEX = "libxslt-(?P<pver>\d+(\.\d+)+)\.tar" + +S = "${WORKDIR}/libxslt-${PV}" + +BINCONFIG = "${bindir}/xslt-config" + +inherit autotools pkgconfig binconfig-disabled lib_package + +# We don't DEPEND on binutils for ansidecl.h so ensure we don't use the header +do_configure_prepend () { + sed -i -e 's/ansidecl.h//' ${S}/configure.in + + # The timestamps in the 1.1.28 tarball are messed up causing this file to + # appear out of date. Touch it so that we don't try to regenerate it. + touch ${S}/doc/xsltproc.1 +} + +EXTRA_OECONF = "--without-python --without-debug --without-mem-debug --without-crypto" +# older versions of this recipe had ${PN}-utils +RPROVIDES_${PN}-bin += "${PN}-utils" +RCONFLICTS_${PN}-bin += "${PN}-utils" +RREPLACES_${PN}-bin += "${PN}-utils" + + +do_install_append_class-native () { + create_wrapper ${D}/${bindir}/xsltproc XML_CATALOG_FILES=${sysconfdir}/xml/catalog.xml +} + +FILES_${PN} += "${libdir}/libxslt-plugins" +FILES_${PN}-dev += "${libdir}/xsltConf.sh" + +BBCLASSEXTEND = "native nativesdk" |