diff options
Diffstat (limited to 'yocto-poky/meta/recipes-devtools/dpkg')
| -rw-r--r-- | yocto-poky/meta/recipes-devtools/dpkg/dpkg.inc | 2 | ||||
| -rw-r--r-- | yocto-poky/meta/recipes-devtools/dpkg/dpkg/0001-When-running-do_package_write_deb-we-have-trees-of-h.patch | 52 | ||||
| -rw-r--r-- | yocto-poky/meta/recipes-devtools/dpkg/dpkg/0006-add-musleabi-to-known-target-tripets.patch | 42 | ||||
| -rw-r--r-- | yocto-poky/meta/recipes-devtools/dpkg/dpkg/CVE-2015-0860.patch | 52 | ||||
| -rw-r--r-- | yocto-poky/meta/recipes-devtools/dpkg/dpkg_1.18.4.bb (renamed from yocto-poky/meta/recipes-devtools/dpkg/dpkg_1.18.2.bb) | 8 |
5 files changed, 77 insertions, 79 deletions
diff --git a/yocto-poky/meta/recipes-devtools/dpkg/dpkg.inc b/yocto-poky/meta/recipes-devtools/dpkg/dpkg.inc index 6eec2cde9..3d9e7e305 100644 --- a/yocto-poky/meta/recipes-devtools/dpkg/dpkg.inc +++ b/yocto-poky/meta/recipes-devtools/dpkg/dpkg.inc @@ -34,7 +34,7 @@ EXTRA_OECONF = "\ --without-selinux \ " -EXTRA_OECONF_append_class-target = " TAR=tar" +EXTRA_OECONF += "TAR=tar" do_configure () { echo >> ${S}/m4/compiler.m4 diff --git a/yocto-poky/meta/recipes-devtools/dpkg/dpkg/0001-When-running-do_package_write_deb-we-have-trees-of-h.patch b/yocto-poky/meta/recipes-devtools/dpkg/dpkg/0001-When-running-do_package_write_deb-we-have-trees-of-h.patch index 6967ef498..49ef853ff 100644 --- a/yocto-poky/meta/recipes-devtools/dpkg/dpkg/0001-When-running-do_package_write_deb-we-have-trees-of-h.patch +++ b/yocto-poky/meta/recipes-devtools/dpkg/dpkg/0001-When-running-do_package_write_deb-we-have-trees-of-h.patch @@ -1,7 +1,7 @@ -From d14ffd786993da60ca84c4812da8a6594a8c764e Mon Sep 17 00:00:00 2001 +From e391bdba238d1371fc5b67cdae08b06eb5ada5c2 Mon Sep 17 00:00:00 2001 From: Alexander Kanavin <alex.kanavin@gmail.com> Date: Wed, 26 Aug 2015 15:48:13 +0300 -Subject: [PATCH 1/5] When running do_package_write_deb, we have trees of +Subject: [PATCH] When running do_package_write_deb, we have trees of hardlinked files such as the dbg source files in ${PN}-dbg. If something makes another copy of one of those files (or deletes one), the number of links a file has changes and tar can notice this, e.g.: @@ -19,23 +19,43 @@ place to avoid that kind of issue). Upstream-Status: Inappropriate RP 2015/3/27 --- - dpkg-deb/build.c | 11 ++++++++--- - 1 file changed, 8 insertions(+), 3 deletions(-) + dpkg-deb/build.c | 12 ++++++++---- + 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/dpkg-deb/build.c b/dpkg-deb/build.c -index ea3d861..1589927 100644 +index 2ddeec6..af363f0 100644 --- a/dpkg-deb/build.c +++ b/dpkg-deb/build.c -@@ -458,7 +458,7 @@ do_build(const char *const *argv) +@@ -452,7 +452,7 @@ static void + tarball_pack(const char *dir, filenames_feed_func *tar_filenames_feeder, + struct compress_params *tar_compress_params, int fd_out) + { +- int pipe_filenames[2], pipe_tarball[2]; ++ int pipe_filenames[2], pipe_tarball[2], rc; + pid_t pid_tar, pid_comp; + + /* Fork off a tar. We will feed it a list of filenames on stdin later. */ +@@ -493,7 +493,9 @@ tarball_pack(const char *dir, filenames_feed_func *tar_filenames_feeder, + /* All done, clean up wait for tar and <compress> to finish their job. */ + close(pipe_filenames[1]); + subproc_reap(pid_comp, _("<compress> from tar -cf"), 0); +- subproc_reap(pid_tar, "tar -cf", 0); ++ rc = subproc_reap(pid_tar, "tar -cf", SUBPROC_RETERROR); ++ if (rc && rc != 1) ++ ohshite(_("subprocess %s returned error exit status %d"), "tar -cf", rc); + } + + /** +@@ -509,7 +511,7 @@ do_build(const char *const *argv) char *debar; char *tfbuf; int arfd; -- int p1[2], p2[2], gzfd; -+ int p1[2], p2[2], gzfd, rc; +- int p1[2], gzfd; ++ int p1[2], gzfd, rc; pid_t c1, c2; /* Decode our arguments. */ -@@ -538,7 +538,9 @@ do_build(const char *const *argv) +@@ -590,7 +592,9 @@ do_build(const char *const *argv) } close(p1[0]); subproc_reap(c2, _("<compress> from tar -cf"), 0); @@ -46,18 +66,6 @@ index ea3d861..1589927 100644 if (lseek(gzfd, 0, SEEK_SET)) ohshite(_("failed to rewind temporary file (%s)"), _("control member")); -@@ -626,7 +628,10 @@ do_build(const char *const *argv) - /* All done, clean up wait for tar and <compress> to finish their job. */ - close(p1[1]); - subproc_reap(c2, _("<compress> from tar -cf"), 0); -- subproc_reap(c1, "tar -cf", 0); -+ rc = subproc_reap(c1, "tar -cf", SUBPROC_RETERROR); -+ if (rc && rc != 1) -+ ohshite(_("subprocess %s returned error exit status %d"), "tar -cf", rc); -+ - /* Okay, we have data.tar as well now, add it to the ar wrapper. */ - if (deb_format.major == 2) { - char datamember[16 + 1]; -- -2.1.4 +2.7.0 diff --git a/yocto-poky/meta/recipes-devtools/dpkg/dpkg/0006-add-musleabi-to-known-target-tripets.patch b/yocto-poky/meta/recipes-devtools/dpkg/dpkg/0006-add-musleabi-to-known-target-tripets.patch new file mode 100644 index 000000000..a6b00880c --- /dev/null +++ b/yocto-poky/meta/recipes-devtools/dpkg/dpkg/0006-add-musleabi-to-known-target-tripets.patch @@ -0,0 +1,42 @@ +From f8910022dc3ec622272f168cd0022dbdf6dff93a Mon Sep 17 00:00:00 2001 +From: Khem Raj <raj.khem@gmail.com> +Date: Wed, 30 Dec 2015 23:05:41 +0000 +Subject: [PATCH] add musleabi to known target tripets + +helps compiling dpkg for musl/arm-softfloat + +Signed-off-by: Khem Raj <raj.khem@gmail.com> +--- +Upstream-Status: Pending + + ostable | 1 + + triplettable | 1 + + 2 files changed, 2 insertions(+) + +diff --git a/ostable b/ostable +index 3bb6819..d0ffdc7 100644 +--- a/ostable ++++ b/ostable +@@ -15,6 +15,7 @@ + uclibceabi-linux linux-uclibceabi linux[^-]*-uclibceabi + uclibc-linux linux-uclibc linux[^-]*-uclibc + musleabihf-linux linux-musleabihf linux[^-]*-musleabihf ++musleabi-linux linux-musleabi linux[^-]*-musleabi + musl-linux linux-musl linux[^-]*-musl + gnueabihf-linux linux-gnueabihf linux[^-]*-gnueabihf + gnueabi-linux linux-gnueabi linux[^-]*-gnueabi +diff --git a/triplettable b/triplettable +index 1213584..70d24c1 100644 +--- a/triplettable ++++ b/triplettable +@@ -6,6 +6,7 @@ + uclibceabi-linux-arm uclibc-linux-armel + uclibc-linux-<cpu> uclibc-linux-<cpu> + musleabihf-linux-arm musl-linux-armhf ++musleabi-linux-arm musl-linux-armel + musl-linux-<cpu> musl-linux-<cpu> + gnueabihf-linux-arm armhf + gnueabi-linux-arm armel +-- +2.6.4 + diff --git a/yocto-poky/meta/recipes-devtools/dpkg/dpkg/CVE-2015-0860.patch b/yocto-poky/meta/recipes-devtools/dpkg/dpkg/CVE-2015-0860.patch deleted file mode 100644 index 1f259d34d..000000000 --- a/yocto-poky/meta/recipes-devtools/dpkg/dpkg/CVE-2015-0860.patch +++ /dev/null @@ -1,52 +0,0 @@ -From f1aac7d933819569bf6f347c3c0d5a64a90bbce0 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Hanno=20B=C3=B6ck?= <hanno@hboeck.de> -Date: Thu, 19 Nov 2015 20:03:10 +0100 -Subject: [PATCH] dpkg-deb: Fix off-by-one write access on ctrllenbuf variable - -This affects old format .deb packages. - -Fixes: CVE-2015-0860 -Warned-by: afl -Signed-off-by: Guillem Jover <guillem@debian.org> - -Upstream-Status: Backport - -https://anonscm.debian.org/cgit/dpkg/dpkg.git/commit/?h=wheezy&id=f1aac7d933819569bf6f347c3c0d5a64a90bbce0 - -CVE: CVE-2015-0860 - -hand merge Changelog - -Signed-off-by: Armin Kuster <akuster@mvista.com> - ---- - debian/changelog | 3 +++ - dpkg-deb/extract.c | 2 +- - 2 files changed, 4 insertions(+), 1 deletion(-) - -Index: dpkg-1.18.2/dpkg-deb/extract.c -=================================================================== ---- dpkg-1.18.2.orig/dpkg-deb/extract.c -+++ dpkg-1.18.2/dpkg-deb/extract.c -@@ -247,7 +247,7 @@ extracthalf(const char *debar, const cha - if (errstr) - ohshit(_("archive has invalid format version: %s"), errstr); - -- r = read_line(arfd, ctrllenbuf, 1, sizeof(ctrllenbuf)); -+ r = read_line(arfd, ctrllenbuf, 1, sizeof(ctrllenbuf) - 1); - if (r < 0) - read_fail(r, debar, _("archive control member size")); - if (sscanf(ctrllenbuf, "%jd%c%d", &ctrllennum, &nlc, &dummy) != 2 || -Index: dpkg-1.18.2/ChangeLog -=================================================================== ---- dpkg-1.18.2.orig/ChangeLog -+++ dpkg-1.18.2/ChangeLog -@@ -1,3 +1,8 @@ -+[ Guillem Jover ] -+ * Fix an off-by-one write access in dpkg-deb when parsing the old format -+ .deb control member size. Thanks to Hanno Böck <hanno@hboeck.de>. -+ Fixes CVE-2015-0860. -+ - commit 5459d330c73cdcfd1327bc93c0ebddc2da4a3a3a (HEAD -> master, tag: 1.18.2) - Author: Guillem Jover <guillem@debian.org> - Date: Mon Aug 3 15:41:05 2015 +0200 diff --git a/yocto-poky/meta/recipes-devtools/dpkg/dpkg_1.18.2.bb b/yocto-poky/meta/recipes-devtools/dpkg/dpkg_1.18.4.bb index 2fc096db4..7876944d6 100644 --- a/yocto-poky/meta/recipes-devtools/dpkg/dpkg_1.18.2.bb +++ b/yocto-poky/meta/recipes-devtools/dpkg/dpkg_1.18.4.bb @@ -1,20 +1,20 @@ require dpkg.inc LIC_FILES_CHKSUM = "file://COPYING;md5=751419260aa954499f7abaabaa882bbe" +SRC_URI_append_class-native =" file://glibc2.5-sync_file_range.patch " SRC_URI += "file://noman.patch \ file://remove-tar-no-timestamp.patch \ file://fix-abs-redefine.patch \ file://arch_pm.patch \ file://dpkg-configure.service \ - file://glibc2.5-sync_file_range.patch \ file://add_armeb_triplet_entry.patch \ file://0002-Adapt-to-linux-wrs-kernel-version-which-has-characte.patch \ file://0003-Our-pre-postinsts-expect-D-to-be-set-when-running-in.patch \ file://0004-The-lutimes-function-doesn-t-work-properly-for-all-s.patch \ file://0005-dpkg-compiler.m4-remove-Wvla.patch \ - file://CVE-2015-0860.patch \ + file://0006-add-musleabi-to-known-target-tripets.patch \ " -SRC_URI[md5sum] = "63b9d869081ec49adeef6c5ff62d6576" -SRC_URI[sha256sum] = "11484f2a73d027d696e720a60380db71978bb5c06cd88fe30c291e069ac457a4" +SRC_URI[md5sum] = "e95b513c89693f6ec3ab53b6b1c3defd" +SRC_URI[sha256sum] = "fe89243868888ce715bf45861f26264f767d4e4dbd0d6f1a26ce60bbbbf106da" |
