summaryrefslogtreecommitdiffstats
path: root/meta/recipes-devtools/apt/apt-0.9.9.4
diff options
context:
space:
mode:
Diffstat (limited to 'meta/recipes-devtools/apt/apt-0.9.9.4')
-rw-r--r--meta/recipes-devtools/apt/apt-0.9.9.4/apt-0.9.9.4-CVE-2014-0478.patch193
-rw-r--r--meta/recipes-devtools/apt/apt-0.9.9.4/disable-configure-in-makefile.patch18
-rw-r--r--meta/recipes-devtools/apt/apt-0.9.9.4/fix-gcc-4.6-null-not-defined.patch12
-rw-r--r--meta/recipes-devtools/apt/apt-0.9.9.4/makerace.patch23
-rw-r--r--meta/recipes-devtools/apt/apt-0.9.9.4/no-ko-translation.patch11
-rw-r--r--meta/recipes-devtools/apt/apt-0.9.9.4/no-nls-dpkg.patch26
-rw-r--r--meta/recipes-devtools/apt/apt-0.9.9.4/noconfigure.patch36
-rw-r--r--meta/recipes-devtools/apt/apt-0.9.9.4/nodoc.patch18
-rw-r--r--meta/recipes-devtools/apt/apt-0.9.9.4/truncate-filename.patch35
-rw-r--r--meta/recipes-devtools/apt/apt-0.9.9.4/use-host.patch15
10 files changed, 387 insertions, 0 deletions
diff --git a/meta/recipes-devtools/apt/apt-0.9.9.4/apt-0.9.9.4-CVE-2014-0478.patch b/meta/recipes-devtools/apt/apt-0.9.9.4/apt-0.9.9.4-CVE-2014-0478.patch
new file mode 100644
index 0000000000..79a6897572
--- /dev/null
+++ b/meta/recipes-devtools/apt/apt-0.9.9.4/apt-0.9.9.4-CVE-2014-0478.patch
@@ -0,0 +1,193 @@
1This patch comes from:
2https://bugs.debian.org/cgi-bin/bugreport.cgi?msg=73;filename=apt_0.9.7.9%2Bdeb7u2.debdiff;att=1;bug=749795
3
4Upstream-Status: Backport
5
6Signed-off-by: Wenlin Kang <wenlin.kang@windriver.com>
7Signed-off-by: Chong Lu <Chong.Lu@windriver.com>
8
9diff -uarN apt-0.9.9.4-org/cmdline/apt-get.cc apt-0.9.9.4/cmdline/apt-get.cc
10--- apt-0.9.9.4-org/cmdline/apt-get.cc 2014-08-29 15:37:42.587156134 +0800
11+++ apt-0.9.9.4/cmdline/apt-get.cc 2014-08-29 15:51:16.672334086 +0800
12@@ -1046,25 +1046,8 @@
13 return true;
14 }
15 /*}}}*/
16-// CheckAuth - check if each download comes form a trusted source /*{{{*/
17-// ---------------------------------------------------------------------
18-/* */
19-static bool CheckAuth(pkgAcquire& Fetcher)
20+static bool AuthPrompt(std::string UntrustedList, bool const PromptUser)
21 {
22- string UntrustedList;
23- for (pkgAcquire::ItemIterator I = Fetcher.ItemsBegin(); I < Fetcher.ItemsEnd(); ++I)
24- {
25- if (!(*I)->IsTrusted())
26- {
27- UntrustedList += string((*I)->ShortDesc()) + " ";
28- }
29- }
30-
31- if (UntrustedList == "")
32- {
33- return true;
34- }
35-
36 ShowList(c2out,_("WARNING: The following packages cannot be authenticated!"),UntrustedList,"");
37
38 if (_config->FindB("APT::Get::AllowUnauthenticated",false) == true)
39@@ -1073,6 +1056,9 @@
40 return true;
41 }
42
43+ if (PromptUser == false)
44+ return _error->Error(_("Some packages could not be authenticated"));
45+
46 if (_config->FindI("quiet",0) < 2
47 && _config->FindB("APT::Get::Assume-Yes",false) == false)
48 {
49@@ -1090,6 +1076,28 @@
50 return _error->Error(_("There are problems and -y was used without --force-yes"));
51 }
52 /*}}}*/
53+// CheckAuth - check if each download comes form a trusted source /*{{{*/
54+// ---------------------------------------------------------------------
55+/* */
56+static bool CheckAuth(pkgAcquire& Fetcher, bool PromptUser=true)
57+{
58+ string UntrustedList;
59+ for (pkgAcquire::ItemIterator I = Fetcher.ItemsBegin(); I < Fetcher.ItemsEnd(); ++I)
60+ {
61+ if (!(*I)->IsTrusted())
62+ {
63+ UntrustedList += string((*I)->ShortDesc()) + " ";
64+ }
65+ }
66+
67+ if (UntrustedList == "")
68+ {
69+ return true;
70+ }
71+
72+ return AuthPrompt(UntrustedList, PromptUser);
73+}
74+
75 // InstallPackages - Actually download and install the packages /*{{{*/
76 // ---------------------------------------------------------------------
77 /* This displays the informative messages describing what is going to
78@@ -2482,6 +2490,7 @@
79
80 // Load the requestd sources into the fetcher
81 unsigned J = 0;
82+ std::string UntrustedList;
83 for (const char **I = CmdL.FileList + 1; *I != 0; I++, J++)
84 {
85 string Src;
86@@ -2491,7 +2500,10 @@
87 delete[] Dsc;
88 return _error->Error(_("Unable to find a source package for %s"),Src.c_str());
89 }
90-
91+
92+ if (Last->Index().IsTrusted() == false)
93+ UntrustedList += Src + " ";
94+
95 string srec = Last->AsStr();
96 string::size_type pos = srec.find("\nVcs-");
97 while (pos != string::npos)
98@@ -2575,7 +2587,11 @@
99 Last->Index().SourceInfo(*Last,*I),Src);
100 }
101 }
102-
103+
104+ // check authentication status of the source as well
105+ if (UntrustedList != "" && !AuthPrompt(UntrustedList, false))
106+ return false;
107+
108 // Display statistics
109 unsigned long long FetchBytes = Fetcher.FetchNeeded();
110 unsigned long long FetchPBytes = Fetcher.PartialPresent();
111diff -uarN apt-0.9.9.4-org/test/integration/framework apt-0.9.9.4/test/integration/framework
112--- apt-0.9.9.4-org/test/integration/framework 2014-08-29 15:37:42.623156154 +0800
113+++ apt-0.9.9.4/test/integration/framework 2014-08-29 15:55:23.592197940 +0800
114@@ -151,7 +151,7 @@
115 mkdir rootdir aptarchive keys
116 cd rootdir
117 mkdir -p etc/apt/apt.conf.d etc/apt/sources.list.d etc/apt/trusted.gpg.d etc/apt/preferences.d
118- mkdir -p var/cache var/lib var/log
119+ mkdir -p var/cache var/lib var/log tmp
120 mkdir -p var/lib/dpkg/info var/lib/dpkg/updates var/lib/dpkg/triggers
121 touch var/lib/dpkg/available
122 mkdir -p usr/lib/apt
123@@ -910,3 +910,35 @@
124 local IGNORE
125 read IGNORE
126 }
127+
128+testsuccess() {
129+ if [ "$1" = '--nomsg' ]; then
130+ shift
131+ else
132+ msgtest 'Test for successful execution of' "$*"
133+ fi
134+ local OUTPUT="${TMPWORKINGDIRECTORY}/rootdir/tmp/testsuccess.output"
135+ if $@ >${OUTPUT} 2>&1; then
136+ msgpass
137+ else
138+ echo >&2
139+ cat >&2 $OUTPUT
140+ msgfail
141+ fi
142+}
143+
144+testfailure() {
145+ if [ "$1" = '--nomsg' ]; then
146+ shift
147+ else
148+ msgtest 'Test for failure in execution of' "$*"
149+ fi
150+ local OUTPUT="${TMPWORKINGDIRECTORY}/rootdir/tmp/testfailure.output"
151+ if $@ >${OUTPUT} 2>&1; then
152+ echo >&2
153+ cat >&2 $OUTPUT
154+ msgfail
155+ else
156+ msgpass
157+ fi
158+}
159diff -uarN apt-0.9.9.4-org/test/integration/test-apt-get-source-authenticated apt-0.9.9.4/test/integration/test-apt-get-source-authenticated
160--- apt-0.9.9.4-org/test/integration/test-apt-get-source-authenticated 1970-01-01 08:00:00.000000000 +0800
161+++ apt-0.9.9.4/test/integration/test-apt-get-source-authenticated 2014-08-29 15:58:06.137156796 +0800
162@@ -0,0 +1,31 @@
163+#!/bin/sh
164+#
165+# Regression test for debian bug #749795. Ensure that we fail with
166+# a error if apt-get source foo will download a source that comes
167+# from a unauthenticated repository
168+#
169+set -e
170+
171+TESTDIR=$(readlink -f $(dirname $0))
172+. $TESTDIR/framework
173+
174+setupenvironment
175+configarchitecture "i386"
176+
177+# a "normal" package with source and binary
178+buildsimplenativepackage 'foo' 'all' '2.0'
179+
180+setupaptarchive --no-update
181+
182+APTARCHIVE=$(readlink -f ./aptarchive)
183+rm -f $APTARCHIVE/dists/unstable/*Release*
184+
185+# update without authenticated InRelease file
186+testsuccess aptget update
187+
188+# this all should fail
189+testfailure aptget install -y foo
190+testfailure aptget source foo
191+
192+# allow overriding the warning
193+testsuccess aptget source --allow-unauthenticated foo
diff --git a/meta/recipes-devtools/apt/apt-0.9.9.4/disable-configure-in-makefile.patch b/meta/recipes-devtools/apt/apt-0.9.9.4/disable-configure-in-makefile.patch
new file mode 100644
index 0000000000..7c2f64e3e6
--- /dev/null
+++ b/meta/recipes-devtools/apt/apt-0.9.9.4/disable-configure-in-makefile.patch
@@ -0,0 +1,18 @@
1Disable configure at compilation stage
2
3Upstream-Status: Inappropriate [configuration]
4Signed-off-by: Constantin Musca <constantinx.musca@intel.com>
5
6Index: apt-0.9.7.7/Makefile
7===================================================================
8--- apt-0.9.7.7.orig/Makefile
9+++ apt-0.9.7.7/Makefile
10@@ -33,7 +33,7 @@ veryclean: clean
11 # The startup target builds the necessary configure scripts. It should
12 # be used after a CVS checkout.
13 CONVERTED=environment.mak include/config.h include/apti18n.h build/doc/Doxyfile makefile
14-include buildlib/configure.mak
15+#include buildlib/configure.mak
16 $(BUILDDIR)/include/config.h: buildlib/config.h.in
17 $(BUILDDIR)/include/apti18n.h: buildlib/apti18n.h.in
18 $(BUILDDIR)/environment.mak: buildlib/environment.mak.in
diff --git a/meta/recipes-devtools/apt/apt-0.9.9.4/fix-gcc-4.6-null-not-defined.patch b/meta/recipes-devtools/apt/apt-0.9.9.4/fix-gcc-4.6-null-not-defined.patch
new file mode 100644
index 0000000000..801ae6dddb
--- /dev/null
+++ b/meta/recipes-devtools/apt/apt-0.9.9.4/fix-gcc-4.6-null-not-defined.patch
@@ -0,0 +1,12 @@
1Upstream-Status: Pending
2
3--- a/apt-pkg/contrib/weakptr.h
4+++ b/apt-pkg/contrib/weakptr.h
5@@ -21,6 +21,7 @@
6 #ifndef WEAK_POINTER_H
7 #define WEAK_POINTER_H
8
9+#include <cstdlib>
10 #include <set>
11 /**
12 * Class for objects providing support for weak pointers.
diff --git a/meta/recipes-devtools/apt/apt-0.9.9.4/makerace.patch b/meta/recipes-devtools/apt/apt-0.9.9.4/makerace.patch
new file mode 100644
index 0000000000..46e3161b67
--- /dev/null
+++ b/meta/recipes-devtools/apt/apt-0.9.9.4/makerace.patch
@@ -0,0 +1,23 @@
1I was seeing various issues with parallel make, mainly due to to what was likely
2partially installed headers. If you change into the source directory and
3"NOISY=1 make ../obj/apt-pkg/sourcelist.opic" in apt-pkg, you'll see it
4doesn't have any dependencies on the headers being installed. This patch
5fixes that so things build correctly.
6
7RP 2012/3/19
8
9Upstream-Status: Pending
10
11Index: apt-0.9.9.4/buildlib/library.mak
12===================================================================
13--- apt-0.9.9.4.orig/buildlib/library.mak 2013-07-31 15:45:07.320440575 +0300
14+++ apt-0.9.9.4/buildlib/library.mak 2013-07-31 15:46:49.440440561 +0300
15@@ -61,7 +61,7 @@
16
17 # Compilation rules
18 vpath %.cc $(SUBDIRS)
19-$(OBJ)/%.opic: %.cc $(LIBRARYDEPENDS)
20+$(OBJ)/%.opic: %.cc $(LIBRARYDEPENDS) $($(LOCAL)-HEADERS)
21 echo Compiling $< to $@
22 $(CXX) -c $(INLINEDEPFLAG) $(CPPFLAGS) $(CXXFLAGS) $(PICFLAGS) -o $@ $<
23 $(DoDep)
diff --git a/meta/recipes-devtools/apt/apt-0.9.9.4/no-ko-translation.patch b/meta/recipes-devtools/apt/apt-0.9.9.4/no-ko-translation.patch
new file mode 100644
index 0000000000..7aa408f19e
--- /dev/null
+++ b/meta/recipes-devtools/apt/apt-0.9.9.4/no-ko-translation.patch
@@ -0,0 +1,11 @@
1Upstream-Status: Inappropriate [configuration]
2
3---
4 po/LINGUAS | 2 +-
5 1 file changed, 1 insertion(+), 1 deletion(-)
6
7--- a/po/LINGUAS
8+++ b/po/LINGUAS
9@@ -1 +1 @@
10-ar ast bg bs ca cs cy da de dz el es eu fi fr gl hu it ja km ko ku lt mr nb ne nl nn pl pt pt_BR ro ru sk sl sv th tl uk vi zh_CN zh_TW
11+ar ast bg bs ca cs cy da de dz el es eu fi fr gl hu it ja km ku lt mr nb ne nl nn pl pt pt_BR ro ru sk sl sv th tl uk vi zh_CN zh_TW
diff --git a/meta/recipes-devtools/apt/apt-0.9.9.4/no-nls-dpkg.patch b/meta/recipes-devtools/apt/apt-0.9.9.4/no-nls-dpkg.patch
new file mode 100644
index 0000000000..a0996d4d44
--- /dev/null
+++ b/meta/recipes-devtools/apt/apt-0.9.9.4/no-nls-dpkg.patch
@@ -0,0 +1,26 @@
1Upstream-Status: Pending
2
3--- a/apt-pkg/deb/dpkgpm.cc
4+++ b/apt-pkg/deb/dpkgpm.cc
5@@ -42,6 +42,12 @@
6 #include <apti18n.h>
7 /*}}}*/
8
9+#ifdef USE_NLS
10+#define _dpkg(x) dgettext("dpkg", x)
11+#else
12+#define _dpkg(x) x
13+#endif
14+
15 using namespace std;
16
17 namespace
18@@ -1279,7 +1285,7 @@ void pkgDPkgPM::WriteApportReport(const
19 }
20
21 // check if its not a follow up error
22- const char *needle = dgettext("dpkg", "dependency problems - leaving unconfigured");
23+ const char *needle = _dpkg("dependency problems - leaving unconfigured");
24 if(strstr(errormsg, needle) != NULL) {
25 std::clog << _("No apport report written because the error message indicates its a followup error from a previous failure.") << std::endl;
26 return;
diff --git a/meta/recipes-devtools/apt/apt-0.9.9.4/noconfigure.patch b/meta/recipes-devtools/apt/apt-0.9.9.4/noconfigure.patch
new file mode 100644
index 0000000000..712d5e7296
--- /dev/null
+++ b/meta/recipes-devtools/apt/apt-0.9.9.4/noconfigure.patch
@@ -0,0 +1,36 @@
1Upstream-Status: Inappropriate [configuration]
2Signed-off-by: Constantin Musca <constantinx.musca@intel.com>
3
4Index: apt-0.9.7.7/apt-pkg/packagemanager.cc
5===================================================================
6--- apt-0.9.7.7.orig/apt-pkg/packagemanager.cc
7+++ apt-0.9.7.7/apt-pkg/packagemanager.cc
8@@ -893,10 +893,12 @@ bool pkgPackageManager::SmartUnPack(PkgI
9 return false;
10
11 if (Immediate == true) {
12+#if 0
13 // Perform immedate configuration of the package.
14 if (SmartConfigure(Pkg, Depth + 1) == false)
15 _error->Warning(_("Could not perform immediate configuration on '%s'. "
16 "Please see man 5 apt.conf under APT::Immediate-Configure for details. (%d)"),Pkg.FullName().c_str(),2);
17+#endif
18 }
19
20 return true;
21@@ -986,6 +988,7 @@ pkgPackageManager::OrderResult pkgPackag
22 }
23 }
24
25+#if 0
26 // Final run through the configure phase
27 if (ConfigureAll() == false)
28 return Failed;
29@@ -1000,6 +1003,7 @@ pkgPackageManager::OrderResult pkgPackag
30 return Failed;
31 }
32 }
33+#endif
34
35 return Completed;
36 }
diff --git a/meta/recipes-devtools/apt/apt-0.9.9.4/nodoc.patch b/meta/recipes-devtools/apt/apt-0.9.9.4/nodoc.patch
new file mode 100644
index 0000000000..449e42df4a
--- /dev/null
+++ b/meta/recipes-devtools/apt/apt-0.9.9.4/nodoc.patch
@@ -0,0 +1,18 @@
1Disable documentation
2
3Upstream-Status: Inappropriate [configuration]
4Signed-off-by: Constantin Musca <constantinx.musca@intel.com>
5
6Index: apt-0.9.7.7/Makefile
7===================================================================
8--- apt-0.9.7.7.orig/Makefile
9+++ apt-0.9.7.7/Makefile
10@@ -17,7 +17,7 @@ all headers library clean veryclean bina
11 $(MAKE) -C cmdline $@
12 $(MAKE) -C ftparchive $@
13 $(MAKE) -C dselect $@
14- $(MAKE) -C doc $@
15+# $(MAKE) -C doc $@
16 $(MAKE) -C po $@
17 $(MAKE) -C test $@
18
diff --git a/meta/recipes-devtools/apt/apt-0.9.9.4/truncate-filename.patch b/meta/recipes-devtools/apt/apt-0.9.9.4/truncate-filename.patch
new file mode 100644
index 0000000000..db1c42b66c
--- /dev/null
+++ b/meta/recipes-devtools/apt/apt-0.9.9.4/truncate-filename.patch
@@ -0,0 +1,35 @@
1strutl.cc: the filename can't be longer than 255
2
3The URItoFileName translates the path into the filename, but the
4filename can't be longer than 255 according to
5/usr/include/linux/limits.h.
6
7Truncate it when it is longer than 240 (leave some spaces for
8".Packages" and "._Release" suffix)
9
10Upstream-Status: Pending
11Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
12---
13 apt-pkg/contrib/strutl.cc | 7 ++++++-
14 1 file changed, 6 insertions(+), 1 deletion(-)
15
16diff --git a/apt-pkg/contrib/strutl.cc b/apt-pkg/contrib/strutl.cc
17--- a/apt-pkg/contrib/strutl.cc
18+++ b/apt-pkg/contrib/strutl.cc
19@@ -399,7 +399,12 @@ string URItoFileName(const string &URI)
20 // "\x00-\x20{}|\\\\^\\[\\]<>\"\x7F-\xFF";
21 string NewURI = QuoteString(U,"\\|{}[]<>\"^~_=!@#$%^&*");
22 replace(NewURI.begin(),NewURI.end(),'/','_');
23- return NewURI;
24+
25+ // Truncate from the head when it is longer than 240
26+ if(NewURI.length() > 240)
27+ return NewURI.substr(NewURI.length() - 240, NewURI.length() - 1);
28+ else
29+ return NewURI;
30 }
31 /*}}}*/
32 // Base64Encode - Base64 Encoding routine for short strings /*{{{*/
33--
341.7.10.4
35
diff --git a/meta/recipes-devtools/apt/apt-0.9.9.4/use-host.patch b/meta/recipes-devtools/apt/apt-0.9.9.4/use-host.patch
new file mode 100644
index 0000000000..25caa3b0a5
--- /dev/null
+++ b/meta/recipes-devtools/apt/apt-0.9.9.4/use-host.patch
@@ -0,0 +1,15 @@
1Upstream-Status: Pending
2
3Index: apt-0.9.7.7/configure.in
4===================================================================
5--- apt-0.9.7.7.orig/configure.in
6+++ apt-0.9.7.7/configure.in
7@@ -112,7 +112,7 @@ dnl This is often the dpkg architecture
8 dnl First check against the full canonical canoncial-system-type in $target
9 dnl and if that fails, just look for the cpu
10 AC_MSG_CHECKING(debian architecture)
11-archset="`dpkg-architecture -qDEB_HOST_ARCH`"
12+archset="`echo $host_alias|cut -d'-' -f1`"
13 if test "x$archset" = "x"; then
14 AC_MSG_ERROR([failed: use --host= or output from dpkg-architecture])
15 fi