From b48eab79bf5a5af3d1ee6182cf76f15196f171ec Mon Sep 17 00:00:00 2001
From: Adrian Mangeac <Adrian.Mangeac@enea.com>
Date: Wed, 31 Jul 2019 08:38:07 +0200
Subject: Remove patches fixed in upstream

CVE-2016-6252
CVE-2018-13785

Change-Id: I4d016e267929d7df020ee86366a76b5723908705
Signed-off-by: Adrian Mangeac <Adrian.Mangeac@enea.com>
---
 recipes-extended/shadow/shadow/CVE-2016-6252.patch | 48 ----------------------
 recipes-extended/shadow/shadow_%.bbappend          |  5 ---
 .../libpng/libpng/CVE-2018-13785.patch             | 40 ------------------
 recipes-multimedia/libpng/libpng_%.bbappend        |  5 ---
 4 files changed, 98 deletions(-)
 delete mode 100644 recipes-extended/shadow/shadow/CVE-2016-6252.patch
 delete mode 100644 recipes-extended/shadow/shadow_%.bbappend
 delete mode 100644 recipes-multimedia/libpng/libpng/CVE-2018-13785.patch
 delete mode 100644 recipes-multimedia/libpng/libpng_%.bbappend

diff --git a/recipes-extended/shadow/shadow/CVE-2016-6252.patch b/recipes-extended/shadow/shadow/CVE-2016-6252.patch
deleted file mode 100644
index 6e05584..0000000
--- a/recipes-extended/shadow/shadow/CVE-2016-6252.patch
+++ /dev/null
@@ -1,48 +0,0 @@
-From 1d5a926cc2d6078d23a96222b1ef3e558724dad1 Mon Sep 17 00:00:00 2001
-From: Sebastian Krahmer <krahmer@suse.com>
-Date: Wed, 3 Aug 2016 11:51:07 -0500
-Subject: [PATCH] Simplify getulong
-
-Use strtoul to read an unsigned long, rather than reading
-a signed long long and casting it.
-
-https://bugzilla.suse.com/show_bug.cgi?id=979282
-
-CVE: CVE-2016-6252
-Upstream-Status: Backport [https://github.com/shadow-maint/shadow/commit/1d5a926cc2d6078d23a96222b1ef3e558724dad1]
-
-Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
----
- lib/getulong.c | 9 +++------
- 1 file changed, 3 insertions(+), 6 deletions(-)
-
-diff --git a/lib/getulong.c b/lib/getulong.c
-index 61579cae..08d2c1a8 100644
---- a/lib/getulong.c
-+++ b/lib/getulong.c
-@@ -44,22 +44,19 @@
-  */
- int getulong (const char *numstr, /*@out@*/unsigned long int *result)
- {
--	long long int val;
-+	unsigned long int val;
- 	char *endptr;
- 
- 	errno = 0;
--	val = strtoll (numstr, &endptr, 0);
-+	val = strtoul (numstr, &endptr, 0);
- 	if (    ('\0' == *numstr)
- 	     || ('\0' != *endptr)
- 	     || (ERANGE == errno)
--	     /*@+ignoresigns@*/
--	     || (val != (unsigned long int)val)
--	     /*@=ignoresigns@*/
- 	   ) {
- 		return 0;
- 	}
- 
--	*result = (unsigned long int)val;
-+	*result = val;
- 	return 1;
- }
- 
diff --git a/recipes-extended/shadow/shadow_%.bbappend b/recipes-extended/shadow/shadow_%.bbappend
deleted file mode 100644
index 4f04479..0000000
--- a/recipes-extended/shadow/shadow_%.bbappend
+++ /dev/null
@@ -1,5 +0,0 @@
-# look for files in the layer first
-FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}:"
-
-SRC_URI += "file://CVE-2016-6252.patch \
-           "
diff --git a/recipes-multimedia/libpng/libpng/CVE-2018-13785.patch b/recipes-multimedia/libpng/libpng/CVE-2018-13785.patch
deleted file mode 100644
index 0d8aaf8..0000000
--- a/recipes-multimedia/libpng/libpng/CVE-2018-13785.patch
+++ /dev/null
@@ -1,40 +0,0 @@
-From 8a05766cb74af05c04c53e6c9d60c13fc4d59bf2 Mon Sep 17 00:00:00 2001
-From: Cosmin Truta <ctruta@gmail.com>
-Date: Sun, 17 Jun 2018 22:56:29 -0400
-Subject: [PATCH] [libpng16] Fix the calculation of row_factor in
- png_check_chunk_length
-
-(Bug report by Thuan Pham, SourceForge issue #278)
-
-CVE: CVE-2018-13785
-Upstream-Status: Backport
-
-Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
----
- pngrutil.c | 9 ++++++---
- 1 file changed, 6 insertions(+), 3 deletions(-)
-
-diff --git a/pngrutil.c b/pngrutil.c
-index 95571b5..5ba995a 100644
---- a/pngrutil.c
-+++ b/pngrutil.c
-@@ -3167,10 +3167,13 @@ png_check_chunk_length(png_const_structrp png_ptr, const png_uint_32 length)
-    {
-       png_alloc_size_t idat_limit = PNG_UINT_31_MAX;
-       size_t row_factor =
--         (png_ptr->width * png_ptr->channels * (png_ptr->bit_depth > 8? 2: 1)
--          + 1 + (png_ptr->interlaced? 6: 0));
-+         (size_t)png_ptr->width
-+         * (size_t)png_ptr->channels
-+         * (png_ptr->bit_depth > 8? 2: 1)
-+         + 1
-+         + (png_ptr->interlaced? 6: 0);
-       if (png_ptr->height > PNG_UINT_32_MAX/row_factor)
--         idat_limit=PNG_UINT_31_MAX;
-+         idat_limit = PNG_UINT_31_MAX;
-       else
-          idat_limit = png_ptr->height * row_factor;
-       row_factor = row_factor > 32566? 32566 : row_factor;
--- 
-1.9.1
-
diff --git a/recipes-multimedia/libpng/libpng_%.bbappend b/recipes-multimedia/libpng/libpng_%.bbappend
deleted file mode 100644
index 948941d..0000000
--- a/recipes-multimedia/libpng/libpng_%.bbappend
+++ /dev/null
@@ -1,5 +0,0 @@
-# look for files in the layer first
-FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}:"
-
-SRC_URI += "file://CVE-2018-13785.patch \
-           "
-- 
cgit v1.2.3-54-g00ecf