From 8fc32ee149727c2c20c8fa26ef2620f31c0e6e96 Mon Sep 17 00:00:00 2001 From: Richard Purdie Date: Mon, 28 Feb 2022 11:38:39 +0800 Subject: libgcrypt: Upgrade 1.9.3 -> 1.9.4 Includes a fix for CVE-2021-40528. (From OE-Core rev: 24664297abd3844902fa40c21e4e975d89f40383) (From OE-Core rev: 11b20e30251f11d5a35be548be51c937565260f8) Signed-off-by: Richard Purdie Signed-off-by: Lee Chee Yang Signed-off-by: Anuj Mittal Signed-off-by: Richard Purdie --- meta/recipes-support/libgcrypt/libgcrypt_1.9.3.bb | 61 ----------------------- meta/recipes-support/libgcrypt/libgcrypt_1.9.4.bb | 61 +++++++++++++++++++++++ 2 files changed, 61 insertions(+), 61 deletions(-) delete mode 100644 meta/recipes-support/libgcrypt/libgcrypt_1.9.3.bb create mode 100644 meta/recipes-support/libgcrypt/libgcrypt_1.9.4.bb diff --git a/meta/recipes-support/libgcrypt/libgcrypt_1.9.3.bb b/meta/recipes-support/libgcrypt/libgcrypt_1.9.3.bb deleted file mode 100644 index fd3d8e09f2..0000000000 --- a/meta/recipes-support/libgcrypt/libgcrypt_1.9.3.bb +++ /dev/null @@ -1,61 +0,0 @@ -SUMMARY = "General purpose cryptographic library based on the code from GnuPG" -DESCRIPTION = "A cryptography library developed as a separated module of GnuPG. \ -It can also be used independently of GnuPG, but depends on its error-reporting \ -library Libgpg-error." -HOMEPAGE = "http://directory.fsf.org/project/libgcrypt/" -BUGTRACKER = "https://bugs.g10code.com/gnupg/index" -SECTION = "libs" - -# helper program gcryptrnd and getrandom are under GPL, rest LGPL -LICENSE = "GPLv2+ & LGPLv2.1+ & GPLv3+" -LICENSE_${PN} = "LGPLv2.1+" -LICENSE_${PN}-dev = "GPLv2+ & LGPLv2.1+" -LICENSE_dumpsexp-dev = "GPLv3+" - -LIC_FILES_CHKSUM = "file://COPYING;md5=94d55d512a9ba36caa9b7df079bae19f \ - file://COPYING.LIB;md5=bbb461211a33b134d42ed5ee802b37ff \ - file://LICENSES;md5=42fa35a25e138166cc40588387f9159d \ - " - -DEPENDS = "libgpg-error" - -UPSTREAM_CHECK_URI = "https://gnupg.org/download/index.html" -SRC_URI = "${GNUPG_MIRROR}/libgcrypt/libgcrypt-${PV}.tar.bz2 \ - file://0001-libgcrypt-fix-m4-file-for-oe-core.patch \ - file://0003-tests-bench-slope.c-workaround-ICE-failure-on-mips-w.patch \ - file://0002-libgcrypt-fix-building-error-with-O2-in-sysroot-path.patch \ - file://0004-tests-Makefile.am-fix-undefined-reference-to-pthread.patch \ - file://0001-Makefile.am-add-a-missing-space.patch \ - " -SRC_URI[sha256sum] = "97ebe4f94e2f7e35b752194ce15a0f3c66324e0ff6af26659bbfb5ff2ec328fd" - -# Below whitelisted CVEs are disputed and not affecting crypto libraries for any distro. -CVE_CHECK_WHITELIST += "CVE-2018-12433 CVE-2018-12438" - -BINCONFIG = "${bindir}/libgcrypt-config" - -inherit autotools texinfo binconfig-disabled pkgconfig - -EXTRA_OECONF = "--disable-asm" -EXTRA_OEMAKE_class-target = "LIBTOOLFLAGS='--tag=CC'" - -PACKAGECONFIG ??= "capabilities" -PACKAGECONFIG[capabilities] = "--with-capabilities,--without-capabilities,libcap" - -do_configure_prepend () { - # Else this could be used in preference to the one in aclocal-copy - rm -f ${S}/m4/gpg-error.m4 -} - -# libgcrypt.pc is added locally and thus installed here -do_install_append() { - install -d ${D}/${libdir}/pkgconfig - install -m 0644 ${B}/src/libgcrypt.pc ${D}/${libdir}/pkgconfig/ -} - -PACKAGES =+ "dumpsexp-dev" - -FILES_${PN}-dev += "${bindir}/hmac256" -FILES_dumpsexp-dev += "${bindir}/dumpsexp" - -BBCLASSEXTEND = "native nativesdk" diff --git a/meta/recipes-support/libgcrypt/libgcrypt_1.9.4.bb b/meta/recipes-support/libgcrypt/libgcrypt_1.9.4.bb new file mode 100644 index 0000000000..c212d02651 --- /dev/null +++ b/meta/recipes-support/libgcrypt/libgcrypt_1.9.4.bb @@ -0,0 +1,61 @@ +SUMMARY = "General purpose cryptographic library based on the code from GnuPG" +DESCRIPTION = "A cryptography library developed as a separated module of GnuPG. \ +It can also be used independently of GnuPG, but depends on its error-reporting \ +library Libgpg-error." +HOMEPAGE = "http://directory.fsf.org/project/libgcrypt/" +BUGTRACKER = "https://bugs.g10code.com/gnupg/index" +SECTION = "libs" + +# helper program gcryptrnd and getrandom are under GPL, rest LGPL +LICENSE = "GPLv2+ & LGPLv2.1+ & GPLv3+" +LICENSE_${PN} = "LGPLv2.1+" +LICENSE_${PN}-dev = "GPLv2+ & LGPLv2.1+" +LICENSE_dumpsexp-dev = "GPLv3+" + +LIC_FILES_CHKSUM = "file://COPYING;md5=94d55d512a9ba36caa9b7df079bae19f \ + file://COPYING.LIB;md5=bbb461211a33b134d42ed5ee802b37ff \ + file://LICENSES;md5=42fa35a25e138166cc40588387f9159d \ + " + +DEPENDS = "libgpg-error" + +UPSTREAM_CHECK_URI = "https://gnupg.org/download/index.html" +SRC_URI = "${GNUPG_MIRROR}/libgcrypt/libgcrypt-${PV}.tar.bz2 \ + file://0001-libgcrypt-fix-m4-file-for-oe-core.patch \ + file://0003-tests-bench-slope.c-workaround-ICE-failure-on-mips-w.patch \ + file://0002-libgcrypt-fix-building-error-with-O2-in-sysroot-path.patch \ + file://0004-tests-Makefile.am-fix-undefined-reference-to-pthread.patch \ + file://0001-Makefile.am-add-a-missing-space.patch \ + " +SRC_URI[sha256sum] = "ea849c83a72454e3ed4267697e8ca03390aee972ab421e7df69dfe42b65caaf7" + +# Below whitelisted CVEs are disputed and not affecting crypto libraries for any distro. +CVE_CHECK_WHITELIST += "CVE-2018-12433 CVE-2018-12438" + +BINCONFIG = "${bindir}/libgcrypt-config" + +inherit autotools texinfo binconfig-disabled pkgconfig + +EXTRA_OECONF = "--disable-asm" +EXTRA_OEMAKE_class-target = "LIBTOOLFLAGS='--tag=CC'" + +PACKAGECONFIG ??= "capabilities" +PACKAGECONFIG[capabilities] = "--with-capabilities,--without-capabilities,libcap" + +do_configure_prepend () { + # Else this could be used in preference to the one in aclocal-copy + rm -f ${S}/m4/gpg-error.m4 +} + +# libgcrypt.pc is added locally and thus installed here +do_install_append() { + install -d ${D}/${libdir}/pkgconfig + install -m 0644 ${B}/src/libgcrypt.pc ${D}/${libdir}/pkgconfig/ +} + +PACKAGES =+ "dumpsexp-dev" + +FILES_${PN}-dev += "${bindir}/hmac256" +FILES_dumpsexp-dev += "${bindir}/dumpsexp" + +BBCLASSEXTEND = "native nativesdk" -- cgit v1.2.3-54-g00ecf