summaryrefslogtreecommitdiffstats
path: root/meta/recipes-devtools/patch
Commit message (Collapse)AuthorAgeFilesLines
* patch: fix CVE-2019-20633Scott Murray2021-01-012-0/+32
| | | | | | | | | | | | | | | * CVE detail: https://nvd.nist.gov/vuln/detail/CVE-2019-20633 * upstream tracking: https://savannah.gnu.org/bugs/index.php?56683 * Fixes potential for double free after incomplete fix for CVE-2018-6952 - src/pch.c (another_hunk): Avoid invalid memory access in context format diffs. (From OE-Core rev: be71dd2cc16a4c0d244a76a748f08ca0d9bfeba0) Signed-off-by: Scott Murray <scott.murray@konsulko.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* patch: Extend to native/nativesdk and depend uponRichard Purdie2020-02-061-0/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | There is a bug in patch 2.7.3 and earlier where index lines in patches can change file modes when they shouldn't: http://git.savannah.gnu.org/cgit/patch.git/patch/?id=82b800c9552a088a241457948219d25ce0a407a4 This leaks into debug sources in particular (e.g. tcp-wrappers where source files are read-only). Add the dependency to target recipes to avoid this problem until we can rely on 2.7.4 or later. We could try and remove all index lines from patch files but it will be a losing battle. We could try and identify all the recipes which change modes on files in patches but again, its a losing battle. Instead, compromise and have patch-native as a dependency for target recipes. We use patch-replacement-native since patch-native is in ASSUME_PROVIDED. Also add nativesdk-patch to buildtools-tarball. [YOCTO #13777] (From OE-Core rev: 5ed0840c93804488cd1c1aba6cb382b2434714a5) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* patch: the CVE-2019-13638 fix also handles CVE-2018-20969Ross Burton2019-11-051-2/+2
| | | | | | | (From OE-Core rev: 10c3af7ad8b7bb369c84c60a717bcd1358861187) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* patch: add CVE tags to patchesRoss Burton2019-09-062-0/+2
| | | | | | | | | | These patches improve CVE fixes but trip up patch status sanity checks, so add CVE tags to them. (From OE-Core rev: b30e060639d99849e27e5136c33c52d27e3288dc) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* patch: backport fixesAnuj Mittal2019-08-223-0/+175
| | | | | | | | | | | | | | The original fix for CVE-2018-1000156 was incomplete. Backport more fixes done later for a complete fix. Also see: https://savannah.gnu.org/bugs/index.php?53820 (From OE-Core rev: 9ea833b7d1655e042a513ea2225468c84f1c8bfb) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* patch: fix CVE-2019-13638Trevor Gamblin2019-08-132-0/+45
| | | | | | | (From OE-Core rev: b59b1222b3f73f982286222a583de09c661dc781) Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* patch: fix CVE-2019-13636Anuj Mittal2019-07-312-0/+114
| | | | | | | (From OE-Core rev: f201b9db5d148cb9fe03b78ca085493a27f7e24c) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* patch: fix CVE-2018-6952Hongxu Jia2018-08-232-0/+37
| | | | | | | (From OE-Core rev: 1314a6953aa647706107557faaba8574e307d2bd) Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* patch: fix CVE-2018-1000156Jackie Huang2018-04-133-0/+255
| | | | | | | | | | | | | | | | | | | * CVE detail: https://nvd.nist.gov/vuln/detail/CVE-2018-1000156 * upstream tracking: https://savannah.gnu.org/bugs/index.php?53566 * Fix arbitrary command execution in ed-style patches: - src/pch.c (do_ed_script): Write ed script to a temporary file instead of piping it to ed: this will cause ed to abort on invalid commands instead of rejecting them and carrying on. - tests/ed-style: New test case. - tests/Makefile.am (TESTS): Add test case. (From OE-Core rev: 6b6ae212837a07aaefd2b675b5b527fbce2a4270) Signed-off-by: Jackie Huang <jackie.huang@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* patch: fix CVE-2018-6951Jackie Huang2018-04-132-1/+38
| | | | | | | | | | | | | | | | * CVE detail: https://nvd.nist.gov/vuln/detail/CVE-2018-6951 * upstream tracking: http://savannah.gnu.org/bugs/?53132 * Fix segfault with mangled rename patch - src/pch.c (intuit_diff_type): Ensure that two filenames are specified for renames and copies (fix the existing check). (From OE-Core rev: cdf74e1c67698b2d44a7460ff7d365d6da7b7b96) Signed-off-by: Jackie Huang <jackie.huang@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* patch:2.7.5 -> 2.7.6Huang Qiyu2018-03-081-2/+2
| | | | | | | | | | Upgrade patch from 2.7.5 to 2.7.6. (From OE-Core rev: e5dcd58e5b2ef0b8e2bbe90e9bb1cede4e76bf75) Signed-off-by: Huang Qiyu <huangqy.fnst@cn.fujitsu.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* recipes: Move out stale GPLv2 versions to a seperate layeruninative-1.5Richard Purdie2017-03-075-10991/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | These are recipes where the upstream has moved to GPLv3 and these old versions are the last ones under the GPLv2 license. There are several reasons for making this move. There is a different quality of service with these recipes in that they don't get security fixes and upstream no longer care about them, in fact they're actively hostile against people using old versions. The recipes tend to need a different kind of maintenance to work with changes in the wider ecosystem and there needs to be isolation between changes made in the v3 versions and those in the v2 versions. There are probably better ways to handle a "non-GPLv3" system but right now having these in OE-Core makes them look like a first class citizen when I believe they have potential for a variety of undesireable issues. Moving them into a separate layer makes their different needs clearer, it also makes it clear how many of these there are. Some are probably not needed (e.g. mc), I also wonder whether some are useful (e.g. gmp) since most things that use them are GPLv3 only already. Someone could now more clearly see how to streamline the list of recipes here. I'm proposing we mmove to this separate layer for 2.3 with its future maintinership and testing to be determined in 2.4 and beyond. (From OE-Core rev: 19b7e950346fb1dde6505c45236eba6cd9b33b4b) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* recipes: Make use of the new bb.utils.filter() functionPeter Kjellerstedt2017-03-011-1/+1
| | | | | | | (From OE-Core rev: 0a1427bf9aeeda6bee2cc0af8da4ea5fd90aef6f) Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* meta: Fix Upstream-Status statementsRoss Burton2015-09-121-1/+1
| | | | | | | | | | Fix a variety of problems such as typos, bad punctuations, or incorrect Upstream-Status values. (From OE-Core rev: bd220fe6ce8c3a0805f13a14706d3130ea872604) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* recipes: Fix charset.alias for muslKhem Raj2015-04-212-1/+36
| | | | | | | | | | This is same gnulib fix replicated across needed recipes Change-Id: I756713407111a726eae98e26c9c1ff64981371c0 (From OE-Core rev: fbe6d2c12aa9f7956bc87efeb68cb64b26b60c7a) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* patch: 2.7.1 -> 2.7.5Robert Yang2015-04-083-204/+3
| | | | | | | | | | * Removed backport patch patch-CVE-2015-1196.patch * Add HOMEPAGE (From OE-Core rev: c35135d5b99e852bc3ae718281c33925630a4cfb) Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* patch: fix CVE-2015-1196Robert Yang2015-03-312-0/+201
| | | | | | | | | | | | | | | | A directory traversal flaw was reported in patch: References: http://www.openwall.com/lists/oss-security/2015/01/18/6 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775227 https://bugzilla.redhat.com/show_bug.cgi?id=1182154 [YOCTO #7182] (From OE-Core rev: 4c389880dc9c6221344f7aed221fe8356e8c2056) Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* patch 2.5.9: fix unknown-configure-optionRobert Yang2015-02-081-3/+0
| | | | | | | | | | | | | | Fixed: WARNING: QA Issue: patch: configure was passed unrecognised options: --disable-xattr [unknown-configure-option] The patch 2.5.9 doesn't support --disable-xattr, there are already PACKAGECONFIG and PACKAGECONFIG[attr] in patch_2.7.1.bb, so remove them from patch.inc to fix the problem. (From OE-Core rev: 7d10af1954aa4f27e3f32b7371a1f2454344bb5f) Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* Globally replace 'base_contains' calls with 'bb.utils.contains'Otavio Salvador2014-04-251-1/+1
| | | | | | | | | | | The base_contains is kept as a compatibility method and we ought to not use it in OE-Core so we can remove it from base metadata in future. (From OE-Core rev: d83b16dbf0862be387f84228710cb165c6d2b03b) Signed-off-by: Otavio Salvador <otavio@ossystems.com.br> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* recipes: Remove PR = r0 from all recipesRichard Purdie2013-10-301-1/+0
| | | | | | | | | | | | | Remove all PR = "r0" from all .bb files in oe-core. This was done with the command sed -e '/^PR.*=.*r0\"/d' recipes*/*/*.bb -i We've switching to the PR server, PR bumps are no longer needed and this saves people either accidentally bumping them or forgetting to remove the lines (r0 is the default anyway). (From OE-Core rev: 58ae94f1b06d0e6234413dbf9869bde85f154c85) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* patch: add PACKAGECONFIG for attrMartin Jansa2013-07-291-0/+3
| | | | | | | | | | | * it's autodetected from sysroot * add PACKAGECONFIG to make it deterministic (From OE-Core rev: 2eb394b6111a7df730e38604e8efe8bce5c1653a) Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* patch: use PACKAGECONFIG to ensure correct dependency for xattrSaul Wold2013-05-301-1/+3
| | | | | | | | | | This will enable or disable xattr with the correct dependency on attr as needed. (From OE-Core rev: dd219cb2608e5800dcd900117b37ad8cf9ac689a) Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* patch: diable xattr as defaultSaul Wold2013-05-241-0/+2
| | | | | | | | | | There is a optional dependency on xattr (and thus the attr package), disable it by default, to ensure it builds correctly. (From OE-Core rev: a7de32c8ad1405ed31b620fb99dfe0fe80ac23a9) Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* patch: update to upstream version 2.7.1Marko Lindqvist2012-12-192-11/+11
| | | | | | | | (From OE-Core rev: 1f51f2066c5a6f1cff50c4e78ee3ada3c5398d82) Signed-off-by: Marko Lindqvist <cazfi74@gmail.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* patch: drop global-reject-file patchMarko Lindqvist2012-12-192-192/+1
| | | | | | | | | | | | | | global-reject-file.diff was patch ported from Debian that Debian itself has dropped as upstream now has equivalent functionality. To update users of this functionality, replace "--global-reject-file=file" with simple "--reject-file=file" which no longer overwrites reject hunks from different files. (From OE-Core rev: 1c15ffab4d68e86f1ffcfd538e1d0ab77c21cb97) Signed-off-by: Marko Lindqvist <cazfi74@gmail.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* patch: cleanup update-alternatives deprecated codeSaul Wold2012-08-153-8/+3
| | | | | | | (From OE-Core rev: 6a76ad8a45b4e099703c051d759f687904442713) Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* patch: use BPN for alternativesMark Hatle2012-05-301-2/+2
| | | | | | | (From OE-Core rev: aa092530d3fdbfe6671ab6a05ecea2d71c4e11e4) Signed-off-by: Mark Hatle <mark.hatle@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* recipes: Delete patch=1, its default and replace pnum with striplevelKhem Raj2011-08-232-5/+5
| | | | | | | | | | Some place pnum=1 is used which is removed as well since striplevel=1 is default (From OE-Core rev: 4e108857e0d40105f7ecbc55e99bd6c367bb7386) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* Drop PRIORITY variableRichard Purdie2011-07-011-1/+0
| | | | | | | | | | | | | | | | As discussed on the mailing list, this variable isn't useful and if wanted would be better implemented by distros using pn-X overrides. This patch executes: find . -regex ".*\.\(bb\|inc\)$" | xargs sed -i '/^PRIORITY = ".*"$/d' against the tree removing the referenced. Thanks to Phil Blundell for the command. (From OE-Core rev: d122343362669c683acc4af295971a62cbc823fc) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* recipes: Fix the Upstream-Status formatNitin A Kamble2011-05-115-5/+5
| | | | | | | (From OE-Core rev: d7237140554ad076be12edf915d6d15206c9b8c7) Signed-off-by: Nitin A Kamble <nitin.a.kamble@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* patch: update upstream status for patchesNitin A Kamble2011-05-094-0/+8
| | | | | | | (From OE-Core rev: 66599b6cc6272f25840807b4e1164f4fe5af75ee) Signed-off-by: Nitin A Kamble <nitin.a.kamble@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* patch-2.6.1: update patch upstream statusNitin A Kamble2011-05-091-0/+2
| | | | | | | (From OE-Core rev: c929cf6a5437c1a15c6fe53c12a7c19112ebf9d4) Signed-off-by: Nitin A Kamble <nitin.a.kamble@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* patch: Fix SRC_URI[sha256]Saul Wold2010-12-211-1/+1
| | | | Signed-off-by: Saul Wold <sgw@linux.intel.com>
* patch-2.6.1: implement new patch recipe with latest upstreamNitin A Kamble2010-12-162-0/+200
| | | | | | | | | | | | | | | | | | | | | | | | | | | This commit patch recipe based on latest upstream code. This is GPLv3 code based. Hence the earlier patch-2.5.9 recipe is left intact for GPLv2 needs. Patches from 2.5.9 patch recipe are rebased to this new recipe except these exceptions: unified-reject-files.diff: dropped This patch implements this new parameter: " --unified-reject-files Create unified reject files." And upstream has implemented very similar parameter like this: " --reject-format=FORMAT Create 'context' or 'unified' rejects." Hence this patch is dropped for the 2.6.1 recipe. global-reject-file.diff: rebased This patch is rebased to the newer upstream codebase. install.patch: dropped Newer upstream code now includes code form this patch. debian.patch: dropped This huge (10k lines) patch was specific for 2.5.9 version of GPLv2 patch. Signed-off-by: Nitin A Kamble <nitin.a.kamble@intel.com>
* patch_2.5.9: clean up the recipeNitin A Kamble2010-12-167-27409/+6
| | | | | | | | | | | Earlier the recipe was using 2.5.4 tar ball and a patch for upgrading to 2.5.9. Replaces these with pointer to 2.5.9 tarball. Also noted that both 2.5.4 & 2.5.9 are GPLv2 sources. Updated checksums and license of the recipe Signed-off-by: Nitin A Kamble <nitin.a.kamble@intel.com>
* recipes-devtools: Add Summary informationMark Hatle2010-12-161-0/+1
| | | | | | Add Summary information and update Descripts as necessary. Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
* patch: Add LIC_FILES_CHKSUMSaul Wold2010-12-131-1/+3
| | | | Signed-off-by: Saul Wold <Saul.Wold@intel.com>
* SRC_URI Checksums AdditionalsSaul Wold2010-12-091-0/+3
| | | | Signed-off-by: Saul Wold <sgw@linux.intel.com>
* Major layout change to the packages directoryRichard Purdie2010-08-277-0/+38399
Having one monolithic packages directory makes it hard to find things and is generally overwhelming. This commit splits it into several logical sections roughly based on function, recipes.txt gives more information about the classifications used. The opportunity is also used to switch from "packages" to "recipes" as used in OpenEmbedded as the term "packages" can be confusing to people and has many different meanings. Not all recipes have been classified yet, this is just a first pass at separating things out. Some packages are moved to meta-extras as they're no longer actively used or maintained. Signed-off-by: Richard Purdie <rpurdie@linux.intel.com>