summaryrefslogtreecommitdiffstats
path: root/meta/recipes-extended/libarchive/libarchive_3.1.2.bb
Commit message (Collapse)AuthorAgeFilesLines
* libarchive: Set xattrs after setting timesDmitry Rozhkov2016-03-021-0/+1
| | | | | | | | | | | | | With Integrity Measurement Architecture (IMA) enabled in Linux kernel the security.ima extended attribute gets overwritten when setting times on a file with a futimens() call. So it's safer to set xattrs after times. (From OE-Core rev: 9bef9e0a9904beeaea1417f9b66089e7555beb26) Signed-off-by: Dmitry Rozhkov <dmitry.rozhkov@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libarchive-native: Disable libxml2 supportRichard Purdie2016-02-011-1/+2
| | | | | | | | | | For libarchive-native, we don't really need libxml2 support. Adding this means we need libxml2-native which means we need python-native and makes the dependency chains pretty heavy. The target case is unaffected. (From OE-Core rev: 9b3ad50b2239484fddfc918c8c1819e1ffdb634c) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libarchive: Add bsdtar and bsdcpio packagesDmitry Rozhkov2016-01-181-1/+17
| | | | | | | | | | | | | | | Some products might need to use a tar replacement that 1. supports xattrs and 2. has more permissive license than GNU tar. And the bsdtar binary produced from libarchive meets these requirements. (From OE-Core rev: ebf68926139ae5374c4d2669930d7f3817ad8f5a) Signed-off-by: Dmitry Rozhkov <dmitry.rozhkov@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libarchive: rename patch to reflect CVERoss Burton2015-11-161-1/+1
| | | | | | | | | | This patch is a CVE fix, so rename it to help CVE detection tools identify it as such. (From OE-Core rev: 3fd05ce1f709cbbd8fdeb1dbfdffbd39922eca6e) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libarchive: fix out of tree buildsRoss Burton2015-05-071-1/+2
| | | | | | | (From OE-Core rev: 4201e432e4034907efeaebfea6509e821a9ba3c5) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libarchive: Security Advisory - libarchive - CVE-2015-2304Li Zhou2015-04-281-0/+1
| | | | | | | | | | | | | libarchive: Updated libarchive packages fix security vulnerability Alexander Cherepanov discovered that bsdcpio, an implementation of the "cpio" program part of the libarchive project, is susceptible to a directory traversal vulnerability via absolute paths. (From OE-Core rev: e64a961e9c5e94e643896e4b68b85bd5b4c27470) Signed-off-by: Li Zhou <li.zhou@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libarchive: add PACKAGECONFIG for nettleMartin Jansa2014-08-111-0/+1
| | | | | | | | | | | * fixes following floating dependencies: libarchive/libarchive/latest lost dependency on nettle libarchive/libarchive-bin/latest lost dependency on libxml2 nettle (From OE-Core rev: a4dd641f54f12d454ba9c6db624b94df63f7d220) Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libarchive: avoid dependency on e2fsprogsPaul Eggleton2014-06-061-0/+11
| | | | | | | | | | | | | | | | | | | libarchive's configure script looks for ext2fs/ext2_fs.h in order to use some defines for file attributes support if present (but doesn't link to any additional libraries.) There is no configure option to disable this, and if e2fsprogs is rebuilding between do_configure and do_compile you can currently get a failure. Because it doesn't need anything else from e2fsprogs, and e2fsprogs isn't currently buildable for nativesdk anyway, copy the headers in from e2fsprogs-native which we're likely to have built already (and add it to DEPENDS just to be sure we have.) Fixes [YOCTO #6268]. (From OE-Core rev: ad754e46ad477acfbe7543187a5c38bc333b8612) Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* recipes: Add missing pkgconfig class inheritsRichard Purdie2014-06-031-1/+1
| | | | | | | | | These recipes all use pkg-config in some way but were missing dependencies on the tool, this patch adds them. (From OE-Core rev: 2543b14dd0ca13005be0df027543431fc8e882ae) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libarchive: Use pkg-config for libxml2 dependencyRichard Purdie2014-05-281-0/+1
| | | | | | (From OE-Core rev: fe277bf0a61d5d7787dba699ee1ed4d979ba5cff) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* Globally replace 'base_contains' calls with 'bb.utils.contains'Otavio Salvador2014-04-251-3/+3
| | | | | | | | | | | The base_contains is kept as a compatibility method and we ought to not use it in OE-Core so we can remove it from base metadata in future. (From OE-Core rev: d83b16dbf0862be387f84228710cb165c6d2b03b) Signed-off-by: Otavio Salvador <otavio@ossystems.com.br> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libarchive: Add PACKAGECONFIG for lzoPaul Barker2014-04-041-0/+1
| | | | | | | | | | | | | This ensures that the dependency on lzo is deterministic rather than floating. The configure option to libarchive refers to this library as 'lzo2' but it is just called 'lzo' in OpenEmbedded. (From OE-Core rev: 09d729a21a2404095279c717c88ac494e2e716d6) Signed-off-by: Paul Barker <paul@paulbarker.me.uk> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libarchive: fix CVE-2013-0211Baogen Shang2014-03-301-0/+1
| | | | | | | | | | | | | | | | | CVE description: Integer signedness error in the archive_write_zip_data function in archive_write_set_format_zip.c in libarchive 3.1.2 and earlier, when running on 64-bit machines, allows context-dependent attackers to cause a denial of service (crash) via unspecified vectors, which triggers an improper conversion between unsigned and signed types, leading to a buffer overflow. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0211 (From OE-Core rev: 355a8086637b859a469e1f2dc717b4ccec00b970) Signed-off-by: Baogen Shang <baogen.shang@windriver.com> Signed-off-by: Jeff Polk <jeff.polk@windriver.com> Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* autotools-brokensep: Mark recipes with broken separate build dir supportRichard Purdie2014-02-281-1/+1
| | | | | | | | | | | | This patch goes through the OE-Core recipes and marks those which use autotools but don't support a separate build directory (${S} != ${B}). A new class, autotools-brokensep is used for this purpose. This doesn't introduce any change in behaviour in its own right. (From OE-Core rev: 006b8a7808a58713af16c326dc37d07765334b12) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libarchive: Upgrade to v3.1.2Paul Barker2014-01-101-0/+36
All patches against libarchive in oe-core appear to be merged into the latest release. The license checksum has changed because a couple of referenced files have been renamed but there is no change to the license terms themselves. (From OE-Core rev: f3fd24badd189bbb083dba9397598e1566d1e4be) Signed-off-by: Paul Barker <paul@paulbarker.me.uk> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2024-07-03 23:08:20 +0000