linux/poky.git/meta/recipes-devtools/dpkg, branch python3

dkpg: Use tar everywhere (not gtar)

2016-03-07T11:55:38+00:00

All our systems usually have tar, if we want the native sstate to work universally, we need to prefer this. This avoids a system with gtar causing dpkg-native to use it and it not being present on some systems. (From OE-Core rev: d683913119082f718af64f2d402bac67b660fca6) Signed-off-by: Richard Purdie

dpkg: Update to 1.18.4

2016-02-18T07:39:31+00:00

Update dpkg version to 1.18.4 . This adds nios2 architecture support among other fixes. One patch was updated so it would apply to 1.18.4. (From OE-Core rev: 27b265641d5c13040268ac70b70bfe84fb092763) Signed-off-by: Marek Vasut Cc: Alexander Kanavin Cc: Richard Purdie Cc: Ross Burton Signed-off-by: Richard Purdie

dpkg: fix CVE-2015-0860

2016-01-30T11:37:01+00:00

Backported and cherry picked upstream commit: https://anonscm.debian.org/cgit/dpkg/dpkg.git/commit/?h=wheezy&id=f1aac7d933819569bf6f347c3c0d5a64a90bbce0 (From OE-Core rev: 562310ac906ffc4a7f1be5fce6e2e8395724fcff) Signed-off-by: Catalin Enache Signed-off-by: Ross Burton Signed-off-by: Richard Purdie

dpkg: Add musleabi to known architectures

2016-01-24T09:40:28+00:00

Remove a glibc specific patch to be applied only for native version, this is a dpkg-native specific patch needed for Centos 5.8, this patch should be redone to be glibc independent for it to be applied to all types of dpkg recipes (From OE-Core rev: 610a9f102a83e1ffb9d7954e40df5f65d24d3a26) Signed-off-by: Khem Raj Signed-off-by: Richard Purdie

dpkg: update to 1.18.2

2015-09-01T10:44:03+00:00

check_snprintf.patch has been dropped, because it seems to fix a problem that doesn't anymore exist, and doesn't have any description of what the problem was and how was it fixed. tarfix.patch has been merged upstream. The rest of the patches have been rebased to the new upstream release (From OE-Core rev: c11b2be13a6d5e34f2baed4b8ee8ccd66438c1de) Signed-off-by: Alexander Kanavin Signed-off-by: Richard Purdie

dpkg: Fix for Fedora22 and new versions of tar

2015-07-13T12:47:28+00:00

They managed to 'break' tar. Again. Sorry, they fixed a regression which broke dpkg-deb. The addition of: http://git.savannah.gnu.org/cgit/tar.git/commit/?id=163e96a0e619a900eab6de827c7c5749ecc9d3f2 ("Bugfix: entries read from the -T file did not get proper matching_flag.") means that the no-recursion option gets lost. This leads to many files getting included multiple times, along with files which shouldn't be there. The commit message is horrendous. The patch actually makes the option positional (as documnted since 2003) and therefore doesn't affect the input from the -T option. Moving the --no-reursion option to earlier in the command avoids the bug. The bug was not present in tar 1.28 however it has been backported in at least Fedora 22 and heading into Fedora 21. Redhat reports of issue: https://bugzilla.redhat.com/show_bug.cgi?id=1230762 [tar] https://bugzilla.redhat.com/show_bug.cgi?id=1241508 [dpkg] Discussion of bug in upstream tar: http://www.mail-archive.com/bug-tar@gnu.org/msg04799.html [YOCTO #7988] (From OE-Core rev: 6be698b7270f73f40d38713ecf13f12aec0ced61) Signed-off-by: Richard Purdie

dpkg: fix typo in tar-error-code.patch, Upsteam -> Upstream

2015-07-07T12:33:25+00:00

(From OE-Core rev: 10cbfe5194e56c9c7538c55f4f5bf5057489d169) Signed-off-by: Andre McCurdy Signed-off-by: Richard Purdie

dpkg: upgrade to 1.17.25

2015-04-30T22:04:15+00:00

upgrade to fix two CVE defects: CVE-2014-8625 and CVE-2015-0840 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-8625 Multiple format string vulnerabilities in the parse_error_msg function in parsehelp.c in dpkg before 1.17.22 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in the (1) package or (2) architecture name. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0840 The dpkg-source command in Debian dpkg before 1.16.16 and 1.17.x before 1.17.25 allows remote attackers to bypass signature verification via a crafted Debian source control file (.dsc). (From OE-Core rev: 079445990f51f98c8d4f9397dec0ed91ca2490c3) Signed-off-by: Roy Li Signed-off-by: Richard Purdie

dpkg: add triplet entry to fix build error for armeb

2015-04-10T17:10:24+00:00

Cross-compling dpkg application for armeb fails with below error during configure task, (snip) configure:23141: checking dpkg cpu type configure:23148: result: armeb configure:23150: WARNING: armeb not found in cputable configure:23162: checking dpkg operating system type configure:23169: result: linux-gnueabi configure:23171: WARNING: linux-gnueabi not found in ostable configure:23183: checking dpkg architecture name configure:23189: error: cannot determine host dpkg architecture -- CUT -- Add the required combination of "gnueabi-linux-armeb" entry in triplet list. (From OE-Core rev: 63eb33bced1fc1e5451988fc5249ab362fb82615) Signed-off-by: Krishnanjanappa, Jagadeesh Signed-off-by: Richard Purdie

dpkg-native: Avoid 'file changed' errors from tar

2015-03-31T21:23:19+00:00

Hardlink count duing do_package_write_deb can change causing dpkg-deb failures. We don't care about this error case so avoid it by checking the tar exit code. [YOCTO #7529] (From OE-Core rev: 8ee36a5f2f9367550d28bf271afc53bca6ff3d5f) Signed-off-by: Richard Purdie