libpcre: Security fixes and package update.

this is related to [Yocto # 9008] 8.38: The following security fixes are included: CVE-2015-3210 pcre: heap buffer overflow in pcre_compile2() compile_regex() CVE-2015-3217 pcre: stack overflow in match() CVE-2015-5073 CVE-2015-8388 pcre: Buffer overflow caused by certain patterns with an unmatched closing parenthesis CVE-2015-8380 pcre: Heap-based buffer overflow in pcre_exec CVE-2015-8381 pcre: Heap Overflow in compile_regex() CVE-2015-8383 pcre: Buffer overflow caused by repeated conditional group CVE-2015-8384 pcre: Buffer overflow caused by recursive back reference by name within certain group CVE-2015-8385 pcre: Buffer overflow caused by forward reference by name to certain group CVE-2015-8386 pcre: Buffer overflow caused by lookbehind assertion CVE-2015-8387 pcre: Integer overflow in subroutine calls CVE-2015-8389 pcre: Infinite recursion in JIT compiler when processing certain patterns CVE-2015-8390 pcre: Reading from uninitialized memory when processing certain patterns CVE-2015-8392 pcre: Buffer overflow caused by certain patterns with duplicated named groups CVE-2015-8393 pcre: Information leak when running pcgrep -q on crafted binary CVE-2015-8394 pcre: Integer overflow caused by missing check for certain conditions CVE-2015-8395 pcre: Buffer overflow caused by certain references CVE-2016-1283 pcre: Heap buffer overflow in pcre_compile2 causes DoS 8.37: The following security fixes are included: CVE-2014-8964 pcre: incorrect handling of zero-repeat assertion conditions CVE-2015-2325 pcre: heap buffer overflow in compile_branch() CVE-2015-2326 pcre: heap buffer overflow in pcre_compile2() LICENSE file changed do to Copyright date updates. (From OE-Core rev: 3bbd53035fb62793f1e44b24b18eb275bd860ed1) Signed-off-by: Armin Kuster <akuster@mvista.com> Jethro and master don't require this patch as they have newer libpcre which contains these fixes. Signed-off-by: Joshua Lock <joshua.g.lock@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
author: Armin Kuster <akuster@mvista.com> 2016-02-11 18:41:18 -0800
committer: Richard Purdie <richard.purdie@linuxfoundation.org> 2016-02-16 15:16:55 +0000
commit: b213ada9a738448d920a9c1786ee0d85b378284f (patch)
tree: 43e1965ed9a2a4990fa75eb01512424298f0e14d /meta
parent: 2f1fc8c89905bcda7614ae4c7a34c995e8ca8a33 (diff)
download: poky-b213ada9a738448d920a9c1786ee0d85b378284f.tar.gz
1 files changed, 3 insertions, 4 deletions
diff --git a/meta/recipes-support/libpcre/libpcre_8.36.bb b/meta/recipes-support/libpcre/libpcre_8.38.bb
index a4b7f6d985..6ef5d70a8a 100644
--- a/meta/recipes-support/libpcre/libpcre_8.36.bb
+++ b/meta/recipes-support/libpcre/libpcre_8.38.bb
@@ -6,16 +6,15 @@ SUMMARY = "Perl Compatible Regular Expressions"
 HOMEPAGE = "http://www.pcre.org"
 SECTION = "devel"
 LICENSE = "BSD"
-LIC_FILES_CHKSUM = "file://LICENCE;md5=ded617e975f28e15952dc68b84a7ac1a"
+LIC_FILES_CHKSUM = "file://LICENCE;md5=7e4937814aee14758c1c95b59c80c44d"
 SRC_URI = "${SOURCEFORGE_MIRROR}/project/pcre/pcre/${PV}/pcre-${PV}.tar.bz2 \
           file://pcre-cross.patch \
           file://fix-pcre-name-collision.patch \
           file://run-ptest \
           file://Makefile \
 "
+SRC_URI[md5sum] = "00aabbfe56d5a48b270f999b508c5ad2"
-SRC_URI[md5sum] = "b767bc9af0c20bc9c1fe403b0d41ad97"
+SRC_URI[sha256sum] = "b9e02d36e23024d6c02a2e5b25204b3a4fa6ade43e0a5f869f254f49535079df"
-SRC_URI[sha256sum] = "ef833457de0c40e82f573e34528f43a751ff20257ad0e86d272ed5637eb845bb"
 S = "${WORKDIR}/pcre-${PV}"
author	Armin Kuster <akuster@mvista.com>	2016-02-11 18:41:18 -0800
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2016-02-16 15:16:55 +0000
commit	b213ada9a738448d920a9c1786ee0d85b378284f (patch)
tree	43e1965ed9a2a4990fa75eb01512424298f0e14d /meta
parent	2f1fc8c89905bcda7614ae4c7a34c995e8ca8a33 (diff)
download	poky-b213ada9a738448d920a9c1786ee0d85b378284f.tar.gz

diff --git a/meta/recipes-support/libpcre/libpcre_8.36.bb b/meta/recipes-support/libpcre/libpcre_8.38.bb index a4b7f6d985..6ef5d70a8a 100644 --- a/meta/recipes-support/libpcre/libpcre_8.36.bb +++ b/meta/recipes-support/libpcre/libpcre_8.38.bb
@@ -6,16 +6,15 @@ SUMMARY = "Perl Compatible Regular Expressions"
6	HOMEPAGE = "http://www.pcre.org"	6	HOMEPAGE = "http://www.pcre.org"
7	SECTION = "devel"	7	SECTION = "devel"
8	LICENSE = "BSD"	8	LICENSE = "BSD"
9	LIC_FILES_CHKSUM = "file://LICENCE;md5=ded617e975f28e15952dc68b84a7ac1a"	9	LIC_FILES_CHKSUM = "file://LICENCE;md5=7e4937814aee14758c1c95b59c80c44d"
10	SRC_URI = "${SOURCEFORGE_MIRROR}/project/pcre/pcre/${PV}/pcre-${PV}.tar.bz2 \	10	SRC_URI = "${SOURCEFORGE_MIRROR}/project/pcre/pcre/${PV}/pcre-${PV}.tar.bz2 \
11	file://pcre-cross.patch \	11	file://pcre-cross.patch \
12	file://fix-pcre-name-collision.patch \	12	file://fix-pcre-name-collision.patch \
13	file://run-ptest \	13	file://run-ptest \
14	file://Makefile \	14	file://Makefile \
15	"	15	"
16		16	SRC_URI[md5sum] = "00aabbfe56d5a48b270f999b508c5ad2"
17	SRC_URI[md5sum] = "b767bc9af0c20bc9c1fe403b0d41ad97"	17	SRC_URI[sha256sum] = "b9e02d36e23024d6c02a2e5b25204b3a4fa6ade43e0a5f869f254f49535079df"
18	SRC_URI[sha256sum] = "ef833457de0c40e82f573e34528f43a751ff20257ad0e86d272ed5637eb845bb"
19		18
20	S = "${WORKDIR}/pcre-${PV}"	19	S = "${WORKDIR}/pcre-${PV}"
21		20