diff options
3 files changed, 27 insertions, 79 deletions
diff --git a/meta/recipes-core/readline/readline-6.3/readline-cve-2014-2524.patch b/meta/recipes-core/readline/readline-6.3/readline-cve-2014-2524.patch deleted file mode 100644 index 98a9d810b6..0000000000 --- a/meta/recipes-core/readline/readline-6.3/readline-cve-2014-2524.patch +++ /dev/null | |||
@@ -1,43 +0,0 @@ | |||
1 | readline: Security Advisory - readline - CVE-2014-2524 | ||
2 | |||
3 | Upstream-Status: Backport | ||
4 | |||
5 | Signed-off-by: Yue Tao <yue.tao@windriver.com> | ||
6 | |||
7 | READLINE PATCH REPORT | ||
8 | ===================== | ||
9 | |||
10 | Readline-Release: 6.3 | ||
11 | Patch-ID: readline63-003 | ||
12 | |||
13 | Bug-Reported-by: | ||
14 | Bug-Reference-ID: | ||
15 | Bug-Reference-URL: | ||
16 | |||
17 | Bug-Description: | ||
18 | |||
19 | There are debugging functions in the readline release that are theoretically | ||
20 | exploitable as security problems. They are not public functions, but have | ||
21 | global linkage. | ||
22 | |||
23 | Patch (apply with `patch -p0'): | ||
24 | |||
25 | *** ../readline-6.3/util.c 2013-09-02 13:36:12.000000000 -0400 | ||
26 | --- util.c 2014-03-20 10:25:53.000000000 -0400 | ||
27 | *************** | ||
28 | *** 477,480 **** | ||
29 | --- 479,483 ---- | ||
30 | } | ||
31 | |||
32 | + #if defined (DEBUG) | ||
33 | #if defined (USE_VARARGS) | ||
34 | static FILE *_rl_tracefp; | ||
35 | *************** | ||
36 | *** 539,542 **** | ||
37 | --- 542,546 ---- | ||
38 | } | ||
39 | #endif | ||
40 | + #endif /* DEBUG */ | ||
41 | |||
42 | |||
43 | |||
diff --git a/meta/recipes-core/readline/readline-6.3/readline-dispatch-multikey.patch b/meta/recipes-core/readline/readline-6.3/readline-dispatch-multikey.patch deleted file mode 100644 index 54d1ac6eb9..0000000000 --- a/meta/recipes-core/readline/readline-6.3/readline-dispatch-multikey.patch +++ /dev/null | |||
@@ -1,32 +0,0 @@ | |||
1 | From 8ef852a5be72c75e17f2510bea52455f809b56ce Mon Sep 17 00:00:00 2001 | ||
2 | From: Chet Ramey <chet.ramey@case.edu> | ||
3 | Date: Fri, 28 Mar 2014 14:07:42 -0400 | ||
4 | Subject: [PATCH 04/10] Readline-6.3 patch 2 | ||
5 | |||
6 | Fixes multi-key issue identified in this thread: | ||
7 | http://lists.gnu.org/archive/html/bug-readline/2014-03/msg00010.html | ||
8 | |||
9 | Upstream-Status: Backport | ||
10 | |||
11 | Signed-off-by: Saul Wold <sgw@linux.intel.com> | ||
12 | --- | ||
13 | readline.c | 3 ++- | ||
14 | 1 files changed, 2 insertions(+), 1 deletions(-) | ||
15 | |||
16 | diff --git a/readline.c b/readline.c | ||
17 | index eb4eae3..abb29a0 100644 | ||
18 | --- a/readline.c | ||
19 | +++ b/readline.c | ||
20 | @@ -744,7 +744,8 @@ _rl_dispatch_callback (cxt) | ||
21 | r = _rl_subseq_result (r, cxt->oldmap, cxt->okey, (cxt->flags & KSEQ_SUBSEQ)); | ||
22 | |||
23 | RL_CHECK_SIGNALS (); | ||
24 | - if (r == 0) /* success! */ | ||
25 | + /* We only treat values < 0 specially to simulate recursion. */ | ||
26 | + if (r >= 0 || (r == -1 && (cxt->flags & KSEQ_SUBSEQ) == 0)) /* success! or failure! */ | ||
27 | { | ||
28 | _rl_keyseq_chain_dispose (); | ||
29 | RL_UNSETSTATE (RL_STATE_MULTIKEY); | ||
30 | -- | ||
31 | 1.8.3.1 | ||
32 | |||
diff --git a/meta/recipes-core/readline/readline_6.3.bb b/meta/recipes-core/readline/readline_6.3.bb index dbb9f0a946..8ec7c4ada0 100644 --- a/meta/recipes-core/readline/readline_6.3.bb +++ b/meta/recipes-core/readline/readline_6.3.bb | |||
@@ -1,11 +1,34 @@ | |||
1 | require readline.inc | 1 | require readline.inc |
2 | 2 | ||
3 | SRC_URI += "file://configure-fix.patch \ | 3 | SRC_URI += "${GNU_MIRROR}/readline/readline-6.3-patches/readline63-001;name=patch1;apply=yes;striplevel=0 \ |
4 | ${GNU_MIRROR}/readline/readline-6.3-patches/readline63-002;name=patch2;apply=yes;striplevel=0 \ | ||
5 | ${GNU_MIRROR}/readline/readline-6.3-patches/readline63-003;name=patch3;apply=yes;striplevel=0 \ | ||
6 | ${GNU_MIRROR}/readline/readline-6.3-patches/readline63-004;name=patch4;apply=yes;striplevel=0 \ | ||
7 | ${GNU_MIRROR}/readline/readline-6.3-patches/readline63-005;name=patch5;apply=yes;striplevel=0 \ | ||
8 | ${GNU_MIRROR}/readline/readline-6.3-patches/readline63-006;name=patch6;apply=yes;striplevel=0 \ | ||
9 | ${GNU_MIRROR}/readline/readline-6.3-patches/readline63-007;name=patch7;apply=yes;striplevel=0 \ | ||
10 | ${GNU_MIRROR}/readline/readline-6.3-patches/readline63-008;name=patch8;apply=yes;striplevel=0 \ | ||
11 | file://configure-fix.patch \ | ||
4 | file://config-dirent-symbols.patch \ | 12 | file://config-dirent-symbols.patch \ |
5 | file://norpath.patch \ | 13 | file://norpath.patch" |
6 | file://readline-cve-2014-2524.patch;striplevel=0 \ | ||
7 | file://readline-dispatch-multikey.patch" | ||
8 | 14 | ||
9 | SRC_URI[archive.md5sum] = "33c8fb279e981274f485fd91da77e94a" | 15 | SRC_URI[archive.md5sum] = "33c8fb279e981274f485fd91da77e94a" |
10 | SRC_URI[archive.sha256sum] = "56ba6071b9462f980c5a72ab0023893b65ba6debb4eeb475d7a563dc65cafd43" | 16 | SRC_URI[archive.sha256sum] = "56ba6071b9462f980c5a72ab0023893b65ba6debb4eeb475d7a563dc65cafd43" |
11 | 17 | ||
18 | SRC_URI[patch1.md5sum] = "4343f5ea9b0f42447f102fb61576b398" | ||
19 | SRC_URI[patch1.sha256sum] = "1a79bbb6eaee750e0d6f7f3d059b30a45fc54e8e388a8e05e9c3ae598590146f" | ||
20 | SRC_URI[patch2.md5sum] = "700295212f7e2978577feaee584afddb" | ||
21 | SRC_URI[patch2.sha256sum] = "39e304c7a526888f9e112e733848215736fb7b9d540729b9e31f3347b7a1e0a5" | ||
22 | SRC_URI[patch3.md5sum] = "af4963862f5156fbf9111c2c6fa86ed7" | ||
23 | SRC_URI[patch3.sha256sum] = "ec41bdd8b00fd884e847708513df41d51b1243cecb680189e31b7173d01ca52f" | ||
24 | SRC_URI[patch4.md5sum] = "11f9def89803a5052db3ba72394ce14f" | ||
25 | SRC_URI[patch4.sha256sum] = "4547b906fb2570866c21887807de5dee19838a60a1afb66385b272155e4355cc" | ||
26 | SRC_URI[patch5.md5sum] = "93721c31cd225393f80cb3aadb165544" | ||
27 | SRC_URI[patch5.sha256sum] = "877788f9228d1a9907a4bcfe3d6dd0439c08d728949458b41208d9bf9060274b" | ||
28 | SRC_URI[patch6.md5sum] = "71dc6ecce66d1489b96595f55d142a52" | ||
29 | SRC_URI[patch6.sha256sum] = "5c237ab3c6c97c23cf52b2a118adc265b7fb411b57c93a5f7c221d50fafbe556" | ||
30 | SRC_URI[patch7.md5sum] = "062a08ed60679d3c4878710b3d595b65" | ||
31 | SRC_URI[patch7.sha256sum] = "4d79b5a2adec3c2e8114cbd3d63c1771f7c6cf64035368624903d257014f5bea" | ||
32 | SRC_URI[patch8.md5sum] = "ee1c04072154826870848d8b218d7b04" | ||
33 | SRC_URI[patch8.sha256sum] = "3bc093cf526ceac23eb80256b0ec87fa1735540d659742107b6284d635c43787" | ||
34 | |||