From: Scott Garman <scott.a.garman@intel.com>
To: Saul Wold <sgw@linux.intel.com>
Cc: Koen Kooi <koen@dominion.thruhere.net>,
"openembedded-core@lists.openembedded.org"
<openembedded-core@lists.openembedded.org>
Subject: Re: [PATCH 02/33] cdrtools: upgrade to v3.00
Date: Fri, 22 Apr 2011 03:00:38 -0700 [thread overview]
Message-ID: <4DB151C6.1040605@intel.com> (raw)
In-Reply-To: <5ef17f7591a3e53a8e21bf529d117b906fe611bb.1303453279.git.sgw@linux.intel.com>
On 04/22/2011 12:24 AM, Saul Wold wrote:
> From: Scott Garman<scott.a.garman@intel.com>
>
> * Addresses CVE-2003-0655
> * Fixes [YOCTO #976]
>
> Note that the license has changed to the CDDL for most utilities.
>
> Note the following discussion of distribution issues with mixing GPL
> and CDDL licenses:
>
> http://lwn.net/Articles/195167/
>
> This should not impact us at this is a -native recipe only.
>
> Recipe changes derived from OpenEmbedded.
>
> Signed-off-by: Scott Garman<scott.a.garman@intel.com>
Please skip this patch - the CDDL is a weird license and may pose
problems for us to distribute its sstate-cache.
The problem reported in the CVE is in a particular utility within
cdrtools that we don't need, so I'm going to resolve the security
advisory by not packaging that file, and stick with the GPL version we
were previously using.
Sorry for the confusion.
Scott
--
Scott Garman
Embedded Linux Engineer - Yocto Project
Intel Open Source Technology Center
next prev parent reply other threads:[~2011-04-22 10:04 UTC|newest]
Thread overview: 47+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-04-22 7:24 [PATCH 00/33] Consolidated Pull request for OE-Core & Poky/master Saul Wold
2011-04-22 7:24 ` [PATCH 01/33] slang: Fix host contamination issue Saul Wold
2011-04-22 7:24 ` [PATCH 02/33] cdrtools: upgrade to v3.00 Saul Wold
2011-04-22 10:00 ` Scott Garman [this message]
2011-04-22 10:57 ` Koen Kooi
2011-04-22 7:24 ` [PATCH 03/33] tasks: Upgrade to 0.19 (from 0.18) Saul Wold
2011-04-22 7:24 ` [PATCH 04/33] avahi: Upgrade to 0.6.30 (from 0.6.28) Saul Wold
2011-04-22 7:24 ` [PATCH 06/33] libgpg-error: Upgrade to 1.10 (from 1.9) Saul Wold
2011-04-22 7:24 ` [PATCH 05/33] consolekit: Upgrade to 0.4.4 (from 0.4.3) Saul Wold
2011-04-22 7:24 ` [PATCH 07/33] jpeg: Upgrade to 8c (from 8b) Saul Wold
2011-04-22 7:24 ` [PATCH 08/33] modutils-initscripts: fix wrong order of module loading happening in udev Saul Wold
2011-04-22 7:24 ` [PATCH 09/33] Control over when package init scripts are run Saul Wold
2011-04-22 7:24 ` [PATCH 10/33] qemu: disable sdl for target build Saul Wold
2011-04-22 7:24 ` [PATCH 11/33] libxfixes: upgrade from 4.0.5 to the latest version 5.0 Saul Wold
2011-04-22 7:24 ` [PATCH 12/33] util-macros: upgrade from 1.11.0 to 1.13.0 Saul Wold
2011-04-22 15:27 ` Cui, Dexuan
2011-04-22 7:24 ` [PATCH 13/33] preferred-xorg-versions.inc: update libxfixes, util-macros, xorg-cf-files Saul Wold
2011-04-22 7:24 ` [PATCH 14/33] mdadm: upgrade from 3.1.4 to the latest version 3.2.1 Saul Wold
2011-04-22 7:24 ` [PATCH 15/33] liburcu: upgrade from 0.5.2 to 0.5.4 Saul Wold
2011-04-22 7:24 ` [PATCH 16/33] lttng-ust: upgrade from 0.11 to the latest version 0.12 Saul Wold
2011-04-22 7:24 ` [PATCH 17/33] task-poky-tools.bb, task-sdk-gmae.inc: enable lttng-ust for ARM Saul Wold
2011-04-22 7:24 ` [PATCH 18/33] lttng-viewer: upgrade from 0.12.36 to the latest version 0.12.38 Saul Wold
2011-04-22 7:24 ` [PATCH 19/33] distro_tracking_fields.inc: update the info for the following recipes Saul Wold
2011-04-22 7:24 ` [PATCH 20/33] gcc: Add recipes for 4.6.0 Saul Wold
2011-04-22 7:24 ` [PATCH 21/33] puzzles: Upgrade to svn r9151 (from r9084) Saul Wold
2011-04-22 7:24 ` [PATCH 22/33] linux-tools.inc: turn off newt and dwarf for perf Saul Wold
2011-04-22 7:24 ` [PATCH 23/33] ofono: add bluze to DEPENDS list Saul Wold
2011-04-22 16:53 ` Khem Raj
2011-04-22 7:24 ` [PATCH 24/33] pcmciautils: Upgrade 017 -> 018 Saul Wold
2011-04-22 16:54 ` Khem Raj
2011-04-22 7:24 ` [PATCH 25/33] mpfr: upgrade from 3.0.0 to 3.0.1 Saul Wold
2011-04-22 7:24 ` [PATCH 26/33] python-gst: upgrade from 0.10.19 to 0.10.21 Saul Wold
2011-04-22 7:24 ` [PATCH 27/33] git: upgrade from 1.7.3.4 to 1.7.4.3 Saul Wold
2011-04-22 7:24 ` [PATCH 28/33] python-pycairo: fix installation path of __init__.py Saul Wold
2011-04-22 17:16 ` Khem Raj
2011-04-22 17:25 ` Koen Kooi
2011-04-22 17:27 ` Khem Raj
2011-04-22 17:32 ` Graeme Gregory
2011-04-22 23:51 ` Khem Raj
2011-04-22 22:28 ` Kamble, Nitin A
2011-04-22 23:53 ` Khem Raj
2011-04-23 10:44 ` Michael 'Mickey' Lauer
2011-04-22 7:25 ` [PATCH 29/33] perl-5.12.2: use of PERLHOSTLIB var fix Saul Wold
2011-04-22 7:25 ` [PATCH 30/33] cpan.bbclass: export PERLHOSTLIB for perl modules Saul Wold
2011-04-22 7:25 ` [PATCH 31/33] libxml-parser-perl: upgrade from 2.36 to 2.40 Saul Wold
2011-04-22 7:25 ` [PATCH 32/33] distro_tracking: recipe information update Saul Wold
2011-04-22 7:25 ` [PATCH 33/33] qemu-helper-nativesdk: Update LIC_FILE_CHKSUM for renamed helper Saul Wold
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4DB151C6.1040605@intel.com \
--to=scott.a.garman@intel.com \
--cc=koen@dominion.thruhere.net \
--cc=openembedded-core@lists.openembedded.org \
--cc=sgw@linux.intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox