linux/poky.git/meta/recipes-devtools/flex, branch master-next2 Mirror of git.yoctoproject.org/poky https://git.enea.com/cgit/linux/poky.git/atom?h=master-next2 2019-07-18T11:16:19+00:00 flex: set CVE_PRODUCT to include vendor 2019-07-18T11:16:19+00:00 Ross Burton ross.burton@intel.com 2019-07-17T10:45:37+00:00 urn:sha1:7f5f884e555e9fc8afbbb1dd666026241f64789b There are many projects called Flex and they have CVEs, so also set the vendor to remove these false positives. (From OE-Core rev: 0598ccdcb31e16f1d1227197591b10ba441fcfe2) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> gettext/flex/m4/bzip2/gzip/parted/slang/attr: Add make to -ptest packages 2019-05-16T15:35:12+00:00 Richard Purdie richard.purdie@linuxfoundation.org 2019-05-16T11:45:01+00:00 urn:sha1:fd87837e367049fb58b2941dbf46a83729a7866a This solves ptest runtime errors where make was missing causing the ptests to fail. (From OE-Core rev: 2ade2c53388c92d36b8b30dae30670fd96ca4821) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> flex: create separate package for libfl 2018-03-08T18:39:32+00:00 Andre McCurdy armccurdy@gmail.com 2018-03-06T02:41:57+00:00 urn:sha1:3a7f48ebcbf201b1a22fa97804673e559701f321 Target binaries linked with libfl currently generate a runtime dependency on the entire flex package (and therefore m4 and bison too). Copy Debian's approach and create a separate package for libfl. (From OE-Core rev: 1bc6ad19d56498847dc95cce0ea371ba77eff143) Signed-off-by: Andre McCurdy <armccurdy@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> flex: refresh patches 2018-03-07T14:34:51+00:00 Ross Burton ross.burton@intel.com 2017-11-15T16:46:31+00:00 urn:sha1:0b60cf4cd7330e35abb61e8833981f7155594c1c The patch tool will apply patches by default with "fuzz", which is where if the hunk context isn't present but what is there is close enough, it will force the patch in. Whilst this is useful when there's just whitespace changes, when applied to source it is possible for a patch applied with fuzz to produce broken code which still compiles (see #10450). This is obviously bad. We'd like to eventually have do_patch() rejecting any fuzz on these grounds. For that to be realistic the existing patches with fuzz need to be rebased and reviewed. (From OE-Core rev: a17860995731ab1e327bf88953fa3ed4641b584e) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> flex_2.6.0.bb: remove build host references 2017-08-31T16:41:41+00:00 Juro Bystricky juro.bystricky@intel.com 2017-08-28T20:28:21+00:00 urn:sha1:176bbbf8127e0b4a2ed8df2f7b203849210d5282 Remove build host references from flex-ptest package. [YOCTO #11667] (From OE-Core rev: e395bc4ab6c4a819958a761ee24de96f31294139) Signed-off-by: Juro Bystricky <juro.bystricky@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Revert "flex: upgrade to 2.6.2" 2017-03-01T23:27:06+00:00 Trevor Woerner twoerner@gmail.com 2017-02-10T20:13:08+00:00 urn:sha1:2d238896de3dd946022eab4c447243bd33641a14 This reverts commit 3632abd01abb8dfff230e18f828af705da488f97. Multiple people have expressed issues with flex-2.6.2; personally I had problems compiling libsepol from meta-selinux (for libselinux). I tried upgrading to flex-2.6.3, but that caused binutils-cross_2.27 to fail. The simplest for now is to downgrade to flex-2.6.0. (From OE-Core rev: b45776bbdafa6f6afe815714ac329494ad57e644) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> flex: upgrade to 2.6.2 2017-01-16T18:05:12+00:00 Ross Burton ross.burton@intel.com 2017-01-09T15:28:10+00:00 urn:sha1:2bc83c8a3b87f29b62fe778ca1e8790604b72d5f Patches dropped as they are merged upstream: - CVE-2016-6354.patch - 0002-avoid-c-comments-in-c-code-fails-with-gcc-6.patch - do_not_create_pdf_doc.patch Apply a patch from github to simplify cross-compilation and not need a flex-native to bootstrap. (From OE-Core rev: 3632abd01abb8dfff230e18f828af705da488f97) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> flex: Backport buffer overflow fix 2016-10-11T07:27:27+00:00 Jussi Kukkonen jussi.kukkonen@intel.com 2016-10-10T08:30:03+00:00 urn:sha1:55a8fe7e49000ce32b9858b93595693cfca0ccba Fix a heap-based buffer overflow in yy_get_next_buffer() (CVE-2016-6354). (From OE-Core rev: 68d56306baa21e66756fb44c6c5680e725b1e3bc) Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> flex: Update upstream check uri 2016-10-11T07:27:26+00:00 Jussi Kukkonen jussi.kukkonen@intel.com 2016-10-10T08:30:02+00:00 urn:sha1:2109c620d42c099b633a4da4c2f0c0685b0a9b24 Flex has moved to github, update UPSTREAM_CHECK_URI. (From OE-Core rev: 591a5aecfe4a52dc3b9e11883334c604dd9fc957) Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> flex: fix gcc-6 failure 2016-09-03T22:45:52+00:00 Andreas Müller schnitzeltony@googlemail.com 2016-08-30T15:51:04+00:00 urn:sha1:bacb105e328b2d145cde9d6def08d51389121570 Gcc-6 does not allow c++ comments withing c-code. Files generated by flex can fail with: | error: C++ style comments are not allowed in ISO C90 | num_to_alloc = 1; // After all that talk, this was set to 1 anyways... (From OE-Core rev: 6336c5bafe617e775037d5243d4bb5e236e74679) Signed-off-by: Andreas Müller <schnitzeltony@googlemail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>